Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Bug Software Transportation Businesses Communications Network Networking The Internet News Entertainment Hardware Technology

Many Lexus Navigation Systems Bricked By Over-The-Air Software Update (theverge.com) 110

An anonymous reader quotes a report from The Verge: An unknown number of Lexus automobiles have seen their infotainment and navigation head units broken by a bug in an over-the-air software update from Lexus. The glitch, which was confirmed by a Lexus spokesperson, was delivered in a routine software update. In affected cars, it can cause the dashboard screen to spontaneously reset itself and, as a result, both the radio and navigation system can be unusable. It affects cars equipped with Lexus' Enform system with navigation. Lexus social media channels have been flooded by frustrated owners, but the company has been unable to give any estimates for when the problem will be resolved. The company also couldn't say whether customers will see the problem fix itself with another software update or if they will need to head into dealers to get it fixed. Some users on Twitter have reported success with disconnecting their battery for a few moments to force a reset of the system.
This discussion has been archived. No new comments can be posted.

Many Lexus Navigation Systems Bricked By Over-The-Air Software Update

Comments Filter:
  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Wednesday June 08, 2016 @08:04AM (#52273933)
    Comment removed based on user account deletion
    • by Anonymous Coward

      Totally agree. If anything the head units are b0rked.

    • by sinij ( 911942 )
      Further nitpick - even if you could fix it with some degree of disassembly (e.g. removing CMOS chip) it is still considered bricking. Typically, bricking is related to software issues. As such, the question is - would disconnecting the car battery (hardware fix) disqualify this issue from getting categorized as bricking?
      • by Anonymous Coward

        Just because your car doesn't have a reset button (shudder) doesn't mean that disconnecting the battery to reboot the software is an hardware fix.

        • by sinij ( 911942 )
          Interesting point. So should cars have a reset button? Seems there is a clear case for one.
        • by Aaden42 ( 198257 ) on Wednesday June 08, 2016 @08:38AM (#52274151) Homepage
          Personally I draw the line at grease and/or needing tools. If I can't do it with my bare hands or get dirty in the process, it's become a hardware problem. If pulling the battery fixes it, that's not "bricked," but it's gone a bit beyond a software problem if I need a wrench and get sulfuric acid salts on my hands in the process.
        • by Khyber ( 864651 )

          "Just because your car doesn't have a reset button (shudder) doesn't mean that disconnecting the battery to reboot the software is an hardware fix."

          If you need to disconnect hardware to make software work, it's a fucking hardware fix for SHIT SOFTWARE CODE.

          EG. Lexus has no fucking clue what it's doing.

          • Lexus has no fucking clue what it's doing.

            They don't need a clue. They are selling cars. Next year's models will be more expensive to cover for this year's defects.

          • by BDF ( 1237922 )
            Shall we compare your net income with Lexus' net income? Seems they know a bit more than you do.
            • by Khyber ( 864651 )

              I own mines and other businesses and make a good deal of money. Money != correctness.

              Some other idiot tried that same bullshit in an argument about the passivation of titanium being entirely pointless. "They don't get paid to be wrong" he said.

              And then I proved them wrong by demonstrating that non-passivated titanium implants can cause implant rejection disease.

              I've been working with electronic hardware longer than Lexus itself has existed, three years longer in fact.

              I'm more qualified to diagnose this as a

      • by Mashiki ( 184564 ) <mashiki@gmail.cBALDWINom minus author> on Wednesday June 08, 2016 @08:53AM (#52274261) Homepage

        Well in this case disconnecting the battery can be hit or miss, depending on the vehicle. Disconnecting the battery is the equivalent of a hard reboot(in some cases), in others it's a soft reboot because it'll try to update/go previously recorded settings. In the very worst cases, it'll get stuck in an upgrade loop. Also some ECU's kick into a failsafe mode and go back to the previous non-updated version. Some will revert to the last known working state from sensors/active states from the other ECU's(transmission/ABS/etc) and go from there while recording the error(s). In other cases it'll operate with the last known settings and then start throwing a "service engine" or similar warning light after a little while. That's basically meant to get you as far as a dealership.

        Anyway in 90% of cases the entire ECU pack is sealed so it's not something you're going to be fixing with some disassembly. In the very assholish case, you have to replace all ECU's on the vehicle. Everything from the vehicle's center console, to transaxles/transmissions to specific engine computers or body computers(for airbags). So really you could put this down as it is a bricking, or it isn't a bricking all depending on what the auto manufacture has done.

      • the delaer can fix it and do other updates for $150 + labor.

      • by BDF ( 1237922 )
        Bricking means that the SOFTWARE OR OPERATING SYSTEM of a device has been destroyed in such a manner that no interface remains that would allow a user to revert the change or reset the device to a factory image. If hardware must be replaced to resolve the issue, it is bricked. If software must be reloaded (and can be without hardware replacement), it is borked. Misusing the term bricked leaves one looking like either a liar or an idiot. The headline should be corrected.
    • "Bricked" is a very relative term.

      For a non-tech and non-mechanic user, this update bricks his infotainment system.

      At the garage, it is not bricked, they probably have a procedure for a full reset of the system.
    • If a reset of the system can fix the problem, it's not bricked. If a software update can fix it, it's also not bricked.

      I disagree. "Bricking" a Nexus is the thing that happens when its driver illegally parks in a handicap spot. Or so I'm told.

    • The company also couldn't say whether customers will see the problem fix itself with another software update or if they will need to head into dealers to get it fixed. Some users on Twitter have reported success with disconnecting their battery for a few moments to force a reset of the system.

      If a reset of the system can fix the problem, it's not bricked. If a software update can fix it, it's also not bricked.

      "Bricked" means it is completely unrepairable and useless as anything other than a brick.

      A couple of twitters users say it worked also doesn't mean it's a fix.

      This is actually just fine use of the word bricked. Right now users are shit-outta-luck until someone can come up with a fix, IF someone can come up with a fix.

  • by sinij ( 911942 ) on Wednesday June 08, 2016 @08:12AM (#52274005)
    Car manufacturers do not understand InfoSec and should not be networking cars. It is only matter of short time until someone reverse-engineers update mechanism, inevitably discovering that they did not implement code signing and integrity checking, craft malicious update and bricks (or worse) cars equipped with such functionality.

    More so, in 15 years your networked car could still be on the road. Even if 2015 best-practices are followed, by 2030 how resistant do you think such over-the-air update functionality going to be to, for example, quantum-capable attackers?
    • by Viol8 ( 599362 )

      This x10.

      Mod points for parent please.

      These idiots are just shifting Oooh-shiny systems that look good in the dealership to clueless idiots. Luckily its only the infotainment - if it had been the entire dashboard and or one or more critical systems then the car could have been undrivable.

      • Most manufacturers run all devices on a shared communications bus.

        An attack that applies to the infotainment system can reach the ECU, traction control, etc fairly easily.

        Autonomous cars are even scarier in this light because the terrain sensors and navigation unit will be exposed.

        I would hope they fix this before selling fully autonomous vehicles, but we have already gone decades with inertia winning over security.

      • Luckily its only the infotainment

        At least on some models it extends to the heating and cooling controls. My buddy's 2014 Lexus SUV was affected, and the A/C and fan controls were unavailable. Lexus said he could either disconnect/reconnect the battery or bring it in to the service dept. He chose the latter, and they "fixed it" in 45 minutes.

    • Car manufacturers do not understand InfoSec and should not be networking cars.

      That may be true, but it has nothing to do with the problem described in TFA. This was just a good old fashioned bug, not a security flaw. It was caused by poor coding and inadequate testing, not poor security.

      • by Anonymous Coward

        In my experience if the testing process fails to identify functionality bugs it's definitely missing security bugs.

        • In my experience if the testing process fails to identify functionality bugs it's definitely missing security bugs.

          In my experience, testing for functionality, and testing for security, require completely different test vectors, and the tests for each are done by different people.

          • by Viol8 ( 599362 )

            "and the tests for each are done by different people."

            Hahahaha. Yeah, sure, maybe in the text books!

      • If they don't do enough QA to catch a bricking bug, I can guarantee you they did not spend money developing a secure architecture either.

        Automotive systems security is a joke. In some cars, it is literally nonexistent. Most of them didn't even use code signing the last time I checked.

        On my vehicle in particular, anyone with physical access can plug into the ODBC connector and wipe the ECU. Not just reset---wipe. As in instabrick, call a tow truck.

        And my car has Bluetooth integration so phones can play calls

      • by BDF ( 1237922 )
        The article first says the device was bricked, but then clarifies that it only causes random reboots.

        Android sent an update a couple months back that did the same thing -- I don't recall anyone claiming it bricked millions of android phones....

        Yes, it sucked. But it clearly did not brick anything.

        This is just an example of poor QA prior to release.
    • by ledow ( 319597 )

      Yep.

      I have a new car. But it's one that has none of this auto-update junk on it.

      Pretty much, update or compromise requires physical access to the internals of the car (game over already), or for the engine to be started (again, game over). There is no remote-start (was an option, removed), there is no over-the-air update (update via physical SD card placed in in-car slot when engine is first started with ignition keys), the attack surface is pretty damn low even for a high-tech car.

      Hell, the in-car entert

      • by MachineShedFred ( 621896 ) on Wednesday June 08, 2016 @09:53AM (#52274711) Journal

        You would be surprised what you can do with an OBD2 port. On the new F-chassis BMWs (2012+ depending on model) the in-car CANBUS system will measure resistance and voltage on certain pins, and if it sees what it expects, that port stops doing ODB2 and starts signalling ethernet and TCP/IP to talk to diagnostic software.

        They weren't stupid enough to do over-the-air updating, but you can build a cable or buy one for ~$30 to start poking around in the firmware, and even upload values to change how the car behaves in slight ways - turning off the govt. required nanny warnings that display for stupidly long times every time you start the car, increase the short-press on the turn signal stick from 3 blinks to 5, enable rolling up the windows and closing the sunroof if you hold the lock button on the keyfob, etc.

        • by Anonymous Coward

          And on a BMW i3 you can make the gas tank larger in the US (it is ~2.5 gal in ROW, in the US it is software limited to 1.9 gals to meet CARB requirements), turn on the generator manually instead of only at 6.5% remaining charge (again, a US CARB requirement), enable the AM radio (shipped disabled because BMW engineers decided there was too much electrical noise in the car and that dropped the quality below acceptable standards, so instead of fixing it they disabled it), and much more. All through an etherne

      • Sounds similar to my new car (Mazda 3). There's no remote-start (it's an add-on option that very few people bother with; it is keyless like any new car however), there's no over-the-air updates at all (you have to put the update on a USB thumb drive), and the only kind of network access is through your Bluetooth phone, and like you said, that doesn't even start until the engine is started by having your "key" within sensor range (i.e., inside the cabin). It's also only used for a few apps, such as the Pan

      • by Anonymous Coward

        As noted by others, the OBD port is a wide portal to the car. It *is* read/write, and has no real security in its specification. Since it's accessed pretty much every time the car is serviced (unless the oil change geek just uses the Vulcan Nerve Pinch combination needed to reset service reminders otherwise), and the laptops and other systems used for that ALSO have little or no security, the chances of any car less than 20-some years old (OBD2 started in the early-mid 1990s) not having malware already in i

    • What about data roaming where a 1-2 GB update can cost as much as an new car in data roaming fees?

    • by Khyber ( 864651 )

      "by 2030 how resistant do you think such over-the-air update functionality going to be to, for example, quantum-capable attackers?"

      If I'm still using wi-fi, quantum crackers aren't going to do shit because they're not entangled with my data stream because my data stream cannot be entangled, I utterly (likely) lack the hardware for such a thing to happen.

      Do you even understand the basics of Quantum computing?

      • by sinij ( 911942 )
        You are over-estimating your understanding of quantum computing. To simplify - quantum chips will replace your CPU, not network card.

        The issue is that Shor algorithm would effectively solve factorization problem, making any kind of signature-based code signing obsolete. Without breakthrough the solution would be megabytes-long signatures that would not be compatible with any of the existing implementations. This is just one problem based on what we know today, then there are 15 years of expected but unpr
  • by known_coward_69 ( 4151743 ) on Wednesday June 08, 2016 @08:31AM (#52274111)
    underneath the buzzwords and the snobby sales experience it's still a Toyota for a $10,000 premium over a regular Toyota but that is how they make your money, their money
    • by Anonymous Coward

      In the same way a cadillac is a more expensive chevy, and an Audi is a more expensive skoda. Besides, you say that like a luxury focused Toyota is a bad thing.

    • Yep $10000 well spent for comfort. It may still be a Toyota underneath and have a Toyota engine (that's a good thing), but there's a world of luxury available in the Lexus range that you couldn't buy with any money in Toyota's and I'll be dammed if those $10000 aren't worth it when you compare it to other luxury cars.

      • by Anonymous Coward

        Yep $10000 well spent for comfort.

        Or you could just spend the $30 on a doughnut shaped cushion if 'comfort' is a real problem with your medical condition.

      • yeah, ok i know people with a Lexus RX and it's nothing more than a Camry/Avalon station wagon that's higher off the ground. my in laws have a late model one and the Nav system sucks compared to smartphones. the seats aren't that much better than my Honda. it's nothing more than an upsell and a way to get money out of old people who want to think they accomplished something and treat themselves
        • my in laws have a late model one and the Nav system sucks compared to smartphones

          You could spend $300000 on the best of luxury and this would still be the case. It's a sad state in the car industry. About the only wiggle room you have these days is things like interior finish, automation (climate control vs ability to set temperature), features integrated into the crap dash, etc.

          In this regard low end Lexuses are much like high end Toyotas. That said some of the higher end sedans have no Toyota equal. My neighbour has an ES and my girlfriend's parents an Avalon from the same vintage. As

          • i've checked them out and seems Lexus and Acura give you a passenger electronic seat as well as seat memory settings for different people. and a different engine program for more power all for that $10,000 premium i have a honda CR-V and can't tell the difference between it and the Acura RSX
          • But if someone forced my hand, give me a Lexus over a BMW any day, you get much more bang for your buck.

            But do you have the Lexus attitude? Gotta have the Lexus attitude.

    • Yeah, I'd hate to have all that reliability of a Toyota with extra comfort and a service plan that takes care of everything except fuel and tires.

      • it's $30 for an oil change for my Honda CR-V. WTF is there to service on a $50,000 car that's supposed to have top notch reliability and no major service requirements until 100,000 miles? it's like when best buy tries to sell you that awesome TV and then the warranty because the TV is now so bad it will break all the time
        • You do know that proper service is more than just changing the oil and filter right? How much do brakes cost? Radiator flush and fill? Brake fluid flush and fill? Transmission service? Differential service if it's all wheel drive? Tire rotation and re-balance? Alignment?

          There isn't a car manufactured that "has no major service requirements until 100,000 miles". Maybe that's the interval for the timing belt, but you aren't going to go 100k without having to do all of the things I've listed above.

  • by account_deleted ( 4530225 ) on Wednesday June 08, 2016 @08:53AM (#52274257)
    Comment removed based on user account deletion
  • ...who video their displays WHILE THEY'RE DRIVING.

  • What about cars auto staring in the garage to run updates / re change battery's (hybrids).

    Let's some acts like the laptop bios updates and says must have engine on to reduce risk of a battery failing / some systems are only on with key on mode and there is some kind of anti battery drain system that may kick in with out the engine on?

    • by mink ( 266117 )

      They cant autostart AFAIK. Starting them still requires you to push the power button. The keyfob is required to be within 15-20 feet (from my experiance with a 2010 Prius rental) and unless you want the care stolen no one leaves it in the car lose.

      • What about in your home with the keys in a cup near the car but inside?

      • by Cramer ( 69040 )

        Actually, it can. In later models, it's part of the Lexus Enform system. That "power button" is just a simple momentary contact that tells the computer to "go". The computer (part of it) is always running to see that button press. You aren't turning a large, high current racecar kill switch. That said, they won't autostart to "charge the batteries", mostly because the charge monitors are on when the car is "off".

        (If that were the case, my totalled HS would've been starting itself every few hours to recharge

  • I told you so (Score:2, Insightful)

    I pointed out this very flaw in a comment not too long ago:

    https://slashdot.org/comments.... [slashdot.org]

    Why anyone would let an unknown person send random software to a vehicle I bought and own any time they want without me knowing it is simply begging for this type of situation.

    People are upset about Microsoft forcing updates on them, they should be equally upset at car manufacturers or anyone else who does the same thing.

    But I'm sure there will be hypocritical excuses for why this is acceptable despite large portion

  • To the internet of Things, valued customer! How may we randomly bitch up your system today?"

    Get ready for it people, and buy AV software for your cars.

  • What they need to do, is open the right door while holding the brake pedal down as they re-apply power to the vehicle.
    Once it powers on, they open the trunk to enter recovery mode where they can flash the infotainment system back to it's stock kernel! Fixed!
  • "Service Department, have you tried disconnecting and reconnecting the battery?"
  • Automatic Updates on any sort of mission critical system is a bad idea. Over the Air automatic updates are even worse.

    How bad does the situation have to get before people will start to build in proper security starting from the design stage. Every industry using electronics in their products needs to hire a bunch of paranoid security engineers and give them veto power over everyone else.

Don't tell me how hard you work. Tell me how much you get done. -- James J. Ling

Working...