Advertisement



machdaddy

Active Member
Joined
Feb 8, 2020
Messages
27
Reaction score
15
Location
USA
Vehicles
2021 Ford Mustang Mach E Premium Ordered
Country flag
I'm glad Ford finally provided an update with this important feature that I feel should be part of the new norm for vehicles. Going to a dealership to do a service advisory software upgrade for the infotainment system on my 2016 Honda Civic took 2 hours. That's archaic.
 

timbop

Well-Known Member
First Name
Tim
Joined
Jan 3, 2020
Messages
917
Reaction score
898
Location
New Jersey
First Name
Tim
Vehicles
2015 Mustang Convertible, 2016 Dodge Durango
Occupation
Software Engineer
Country flag
I'm glad Ford finally provided an update with this important feature that I feel should be part of the new norm for vehicles. Going to a dealership to do a service advisory software upgrade for the infotainment system on my 2016 Honda Civic took 2 hours. That's archaic.
Just to play devil's advocate, having OTA opens up a giant security hole that dealer installed or "thumbdrive" updates do not.
 

machdaddy

Active Member
Joined
Feb 8, 2020
Messages
27
Reaction score
15
Location
USA
Vehicles
2021 Ford Mustang Mach E Premium Ordered
Country flag
Just to play devil's advocate, having OTA opens up a giant security hole that dealer installed or "thumbdrive" updates do not.
True but mitigate-able by way of md5/md6/sha cryptographic hashing validated through a ford update server comparing the official release hash check against the downloaded firmware residing in the car. This can be secondarily checked against an update table, or other validation techniques like flags baked into the firmware that Ford expects to see.
 

pbojanoski

Well-Known Member
First Name
Peter
Joined
Jan 4, 2020
Messages
398
Reaction score
441
Location
Pennsylvania
First Name
Peter
Vehicles
Jaguar I-Pace
Country flag
True but mitigate-able by way of md5/md6/sha cryptographic hashing validated through a ford update server comparing the official release hash check against the downloaded firmware residing in the car. This can be secondarily checked against an update table, or other validation techniques like flags baked into the firmware that Ford expects to see.
I'm sure Ford will keep it secure, just like I assume Tesla does. Obviously, there is never anything that can be deemed 100% secure. At that point, you have to ask yourself the likelihood of mass infiltration or why someone would go out of their way to single out you. I assume the chances of either of those happening is extremely small, but it's not zero, unfortunately.
 

Mach Dad

Active Member
First Name
Jeffrey
Joined
Jan 29, 2020
Messages
38
Reaction score
52
Location
Oxford, MI
First Name
Jeffrey
Vehicles
2010 Ford Fusion Hybrid, 2014 Ford Explorer
Occupation
Consultant
Country flag
Two things I take from this announcement.

The whole 2 min to download is just silly. Sure if the update is small it could take 2 mins. If its bigger it could take more time. I dont see anyone buying the car because of the 2 min claim.

The idea of OTA is great and I know Ford is really pushing this as a feature of the Mach E. In reality this could and should become standard for all their vehicles. Let's hope they embrace it product wide going forward. The only issue for ICE is you might need to have it running to have the appropriate systems available.
 

hybrid2bev

Well-Known Member
Joined
Dec 4, 2019
Messages
724
Reaction score
1,267
Location
USA
Vehicles
2017 C-Max Hybrid
Country flag
Two things I take from this announcement.

The whole 2 min to download is just silly. Sure if the update is small it could take 2 mins. If its bigger it could take more time. I dont see anyone buying the car because of the 2 min claim.
It’s two minutes to install the update not download.

“Updates can be activated in under two minutes”
 

timbop

Well-Known Member
First Name
Tim
Joined
Jan 3, 2020
Messages
917
Reaction score
898
Location
New Jersey
First Name
Tim
Vehicles
2015 Mustang Convertible, 2016 Dodge Durango
Occupation
Software Engineer
Country flag
True but mitigate-able by way of md5/md6/sha cryptographic hashing validated through a ford update server comparing the official release hash check against the downloaded firmware residing in the car. This can be secondarily checked against an update table, or other validation techniques like flags baked into the firmware that Ford expects to see.
All of which just make it harder to hack, and not impossible. Particularly if quantum computing continues to develop.
 

timbop

Well-Known Member
First Name
Tim
Joined
Jan 3, 2020
Messages
917
Reaction score
898
Location
New Jersey
First Name
Tim
Vehicles
2015 Mustang Convertible, 2016 Dodge Durango
Occupation
Software Engineer
Country flag
Two things I take from this announcement.

The whole 2 min to download is just silly. Sure if the update is small it could take 2 mins. If its bigger it could take more time. I dont see anyone buying the car because of the 2 min claim.

The idea of OTA is great and I know Ford is really pushing this as a feature of the Mach E. In reality this could and should become standard for all their vehicles. Let's hope they embrace it product wide going forward. The only issue for ICE is you might need to have it running to have the appropriate systems available.
Right, but as Hybrid2bev said the download os saved "off to the side" while the car is running. It won't be until later when the car is turned on (or some other "safe" state) that the new software can be activated; until then you will continue to drive down the road on the old software. Current supposition is that it follows a partitioning scheme wherein the current software is in one partition and the next version is downloaded into another. To activate, a pointer is merely flipped at startup to the new partition and that is the software that boots. A failsafe mechanism is in place if the new software doesn't successfully load/start, then the pointer is flipped back automatically to prevent the car from "bricking".
 

machdaddy

Active Member
Joined
Feb 8, 2020
Messages
27
Reaction score
15
Location
USA
Vehicles
2021 Ford Mustang Mach E Premium Ordered
Country flag
Right, but as Hybrid2bev said the download os saved "off to the side" while the car is running. It won't be until later when the car is turned on (or some other "safe" state) that the new software can be activated; until then you will continue to drive down the road on the old software. Current supposition is that it follows a partitioning scheme wherein the current software is in one partition and the next version is downloaded into another. To activate, a pointer is merely flipped at startup to the new partition and that is the software that boots. A failsafe mechanism is in place if the new software doesn't successfully load/start, then the pointer is flipped back automatically to prevent the car from "bricking".
This is precisely correct, at least how computer motherboards with dual BIOS image storage (like gaming motherboards) and network routers/switches work. I would say that there should be a factory default firmware image in the Programmable Read Only Memory (PROM) and then two partitions in the flash storage. The first for the current firmware image and the second for the upgrade image to be utilized on next boot. That way, the car can never be "bricked".

About your comment about quantum computing, I would be much more worried about quantum computing breaking the certificate authorities chain of trust (by fake certificate impersonation or MITM attack) that we rely on for secure banking, trade and communications far more than my car firmware. We have much bigger problems if we get to that point. 😵
 

ab13

Well-Known Member
Joined
Feb 17, 2020
Messages
123
Reaction score
90
Location
California
Vehicles
Rav4 Hybrid
Country flag
I'm sure Ford will keep it secure, just like I assume Tesla does. Obviously, there is never anything that can be deemed 100% secure. At that point, you have to ask yourself the likelihood of mass infiltration or why someone would go out of their way to single out you. I assume the chances of either of those happening is extremely small, but it's not zero, unfortunately.

Tesla has been hacked more than once. Lucky for them it was not Blackhat hackers.

https://www.usatoday.com/story/tech/2017/07/28/chinese-group-hacks-tesla-second-year-row/518430001/
 

zhackwyatt

Well-Known Member
Joined
Dec 18, 2019
Messages
420
Reaction score
523
Location
Arizona
Vehicles
'13 C-Max
Country flag
True but mitigate-able by way of md5/md6/sha cryptographic hashing validated through a ford update server comparing the official release hash check against the downloaded firmware residing in the car. This can be secondarily checked against an update table, or other validation techniques like flags baked into the firmware that Ford expects to see.
Technically you wouldn't use a hash, you would use a digital signature (which makes use of a hash).

The updates, or ability to update, are not the security problem. It's the active network connection that is the problem. Even if they didn't offer the update ability, the connection will still be there for maps, charger status, telemetry, etc. You can't make anything 100% secure, but you can do due diligence and design the system in a secure manner/architecture.
 

ChasingCoral

Well-Known Member
First Name
Mark
Joined
Feb 3, 2020
Messages
1,528
Reaction score
1,659
Location
Maryland
First Name
Mark
Vehicles
Mach-E FE reserved, Nissan Leaf, Toyota Tacoma
Country flag
There's no street view. What you lose without premium connectivity is the aerial/satellite overlay and, as noted, media streaming and traffic visualizations. However, navigation still uses traffic information for routing.

I don't intend to subscribe to the premium package when my trial period is over, since I don't use any of those things.
Based on the In-Dealership Training manual, it looks like the full navigation features are only good for 3-years without subscription. You may lose real-time traffic and other advanced info after that:

Voice-Activated Touchscreen Navigation System
  • - Three years of service
  • - EV Trip Planner
  • - Live Traffic
  • - Predictive Destinations and Route Guidance
 

hharold

Member
Joined
May 13, 2020
Messages
9
Reaction score
6
Location
Netherlands
Vehicles
Mercedes
Country flag
Will it be possible to connect the MME to the home wi-fi when parked at home?
Or will all the OTA updates be done via some kind of onboard SIM card?
 



 








Top