- cross-posted to:
- worldnews@lemmy.ml
- cross-posted to:
- worldnews@lemmy.ml
Biden Calls Chinese Electric Vehicles a Security Threat::The president ordered an investigation into auto technology that could track U.S. drivers, part of a broader effort to stop E.V. and other smart-car imports from China.
their operating systems could send sensitive information to Beijing
Cool. So let’s pass legislation that prevents any auto manufacturer from sending sensitive info to anyone unauthorized by the owner of the car. Just because you buy a car “assembled” in the US doesn’t mean that your data isn’t being harvested, stored improperly, and sold to all bidders.
Don’t stop at cars
China and America are not the same but the solution works against all actors: permit users to audit and change the code so dependencies on servers can be removed or replaced with ones of our choice. Without the source code to learn what it’s actually doing then all software is potentially a security threat, at best it’s just not yet guilty of being malware or having anti-features.
Why should every car owner have to also be a tech nerd or security specialist just to guarantee their car is safe to drive and own? They should be guaranteed safe before they are even sold.
Of course, consumers should have full control over the technology they buy, but it should be safe and secure before it is even sold in the first place. 
The only way to know it is safe is 3rd parties auditing it. The manufacture saying “trust me bro” ain’t it and a government audit that doesn’t show their work could be bullshit too. A single tech nerd or security specialist is in the same boat as the regular Joe - it’s a group effort. Non-techies can contribute in other ways (e.g. reporting bugs).
That’s why government agencies should be transparent and better funded
To be so transparent that we can actually verify the government’s findings means a 3rd party is doing the same job the government did. Anything less is the government saying “trust us”. [Edit to clarify what I meant] It’s cheaper for a bad company to pay for lobbyists or buyout a few politicians than to somehow buyout every 3rd party.