Cybersecurity experts have been saying that the modern car should not be car with a computer in it, and their fears are shown through by the hackers who constantly try to hack the cars software, and doing other various things such as shutting off engines, tracking riders and also disabling brakes.
However, the issue of breaking the cars software and hacking into other components of the car is a crime, as should be expected. Under the Digital Millennium Copyright Act, a wider interpretation shows that it is illegal for you to touch and in some cases look at the car’s software.
Because of this, several car manufacturers and federal agencies have all promised some legal action against people who think of doing this. Security researchers who might be just interested with working on the software so that my can disclose the vulnerabilities to the car manufacturers are also included in the people who are not allowed to enter any cars software.
Kit Walsh, staff attorney at the Electronic Frontier Foundation said that the DMCA had given some of the companies’ legal way to stop showing some transparency on the way their devices worked. The result is that people who can help improve their systems have been left out and they can’t customize, improve and better the modern vehicles.
However, the federal has granted a petition to the car owners over the industry objections to give some legal protection so that they can work on their own cars at least. From Oct 28 onwards, car owners will now be able to look at the software as they now get protection from the exemption to Section 1201 of the DMCA.
Part of the exemptions allow for the full diagnosis, repair and the lawful modification of the vehicle function. Good faith security researcher is also part of the exemptions, as long as it does not interfere with any of the car’s functions such as entertainment and wireless communication systems.
The news is good though there are still some issues which need to be ironed. The exception will be temporary and the EFF and its various proponents have to renew the exemptions after every three years. Vehicle owners are also being asked to make the modifications to the cars themselves without any help from a third party so that anything that might lead to road accidents and rogue vehicles will be solely on the owner’s shoulders.
Unsurprisingly, most of the car makers came out against the new law, except for some which included Tesla. Tesla already has a bug bounty program for good faith hackers to uncover security flaws to the company which they would then have to disclose secretly.
For their trouble, the researchers can get up to $10,000 per bug. One example is that of the Lookout security firm team which managed to discover a bug which was in the Tesla Model S which gave hackers the chance to open windows, unlock doors and cut power which was going to the car, Tesla managed to release a software patch which the people received wirelessly.
Jason Hughes, a Tesla car owner also managed to hack his car, with the company initially shunning the move before Tesla CEO, Elon Musk, changes the decision and thanked Hughes for his effort.
The EFF will be continually involved with the move to repeal the DMCA. Walsh said that the federation wanted to sue the government for the violation of the First Amendment law because there was infringement of the fair use and also the security research. If the law can be changed the landscape would be changed, Walsh said.