Norway: Chinese-made electric buses have major security flaw, can be remotely stopped and disabled by their manufacturer in China, Oslo operator says
The public transport operator in Norway’s capital said Tuesday that some electric buses from China have a serious flaw – software that could allow the manufacturer, or nefarious actors, to take control of the vehicle.
Oslo’s transport operator Ruter said they had tested two electric buses this summer – one built by China’s Yutong and the other by Dutch firm VDL.
The Chinese model featured a SIM card that allowed the manufacturer to remotely install software updates that made it vulnerable, whereas the Dutch model did not.
“We’ve found that everything that is connected poses a risk – and that includes buses,” Ruter director Bernt Reitan Jenssen told public broadcaster NRK.
“There is a risk that for example suppliers could take control, but also that other players could break into this value chain and influence the buses.”
Ruter said it was now developing a digital firewall to guard against the issue.
According to other reports, the Chinese manufacturer has access to each bus’s software updates, diagnostics, and battery control systems. “In theory, the bus could therefore be stopped or rendered unusable by the manufacturer,” the company said.
Ruter has reported its findings to Norway’s Ministry of Transport and Communications.
Arild Tjomsland, a special advisor at the University of South-Eastern Norway who helped conduct the tests, said: “The Chinese bus can be stopped, turned off, or receive updates that can destroy the technology that the bus needs to operate normally.”
[…]
Iveco makes ~50% of European buses. The next biggest is Mercades. Then MAN. They all do this. Weird how people came away from the article thinking this is a Chinese problem though.
@alcoholicorn@hexbear.net
And even if you are right, it makes a huge difference whether a European company does that or a malign foreign state-actor. For the same reasone, btw, China has been banning European and other non-Chinese companies from their domestic markets. For example, China’s ban of Nokia and Ericsson from its domestic networks was said to be over national security. Europe must do the same.
Yes, that’s what the article states.
Nonetheless all modern vehicle use computers that need updating. This is not a Chinese problem, it is a well known problem inherent to modern car tech. If the Dutch model’s computer is air gapped, it’s one of a kind.
And I agree, vehicules shouldn’t be connected to the Internet.
europe should just ban internet connected vehicles. entertainment system? fine if it can be easily disabled. anything else? hard no!
If Germany left the EU this might happen. But the BMW state wont ever let regulation of car manufacturers happen. Except maybe if it only targets “foreign” companies.
I don’t think this sort of regulation would require unanimity in the same way certain functions of the EU do.
you mentioned the wrong username, they are from mander
edit: but it also does not matter
That’s the same guy. (But, yes, it doesn’t matter.)
Please read the article before commenting.
The article does not mention the biggest bus manufacturers that do exactly the same. It does however recontextualize that lurid headline as remote updates are industry standard.
It’s because @Hotznplotzn@lemmy.sdf.org is a full time propaganda account, literally everything they post is either anti-china or anti-russia
.ml
“Ur from the bad place” and I’m 100% correct, cope
Is meme. Is funny.
Nope
I mean, yeah, but the point is right if you check out the other guy’s post history
Still funny. Hotzenplotz being bit biased is correct, though.
“You’re from bad place” isn’t a particularly strong argument fyi
But it is informative. Not all accounts from .ml are weirdly pro Russia or China, but if an account is weirdly pro Russia or pro China it’s probably from .ml.
No it isn’t, you don’t have an actual counter-argument so you gesture vaguely at a category you consider to be disqualifying
Maybe to people inside .ml it isn’t informative, but to people outside of .ml it really is.
For people outside of .ml it’s like hearing “just look the manager in the eye and give them a handshake. Then you’ll get the job!” This advice just comes off as weird and disconnected till you realize the person is a boomer. Then it clicks and you realize why they have such a bad take.
Like .ml not all boomers have weird takes but if you see a weirdly disconnected take on job hunting knowing the poster is a boomer is informative.
Same with weird pro Russia or pro china takes with .ml.
When people outside of .ml see takes like “Putin is waging a just, defensive, war against Ukraine!” The take is so bad as to be disconnected from reality, then you realize the poster is .ml and it snaps into place. Just like the boomer situation.
Again not all .ml have such bad takes, just like not all boomers have bad takes but when you see such a bad take knowing helps clarify things. It’s informative.
I hope this helps you understand even if you don’t agree.
Literally nobody thinks this lmao.
Like I said, you’ve got nothing
I’m not trying to argue with you. I’m letting you know why it’s informative to know when accounts are from .ml.
You are allowed to disagree.
Yes yes I know. I got nothing. But then again I’m not trying to argue with you.
In that case, it is.
You especially are a joke
Those are all European companies though.
Exactly. If they do anything weird (even by mistake) Norway can sue them into oblivion. Good luck doing that with a Chinese company.
So?
Because people take away what they want to believe.