Hacker News new | past | comments | ask | show | jobs | submit login

Those particular means are unjustified. What actually happened wasn't nearly as extreme as you're indicating, and given the previous behavior of auto manufacturers to security hole demonstrations in their cars, this sort of demonstration was viewed by the researchers as the next logical step.

I don't entirely agree with the methodology, but nobody was hurt, unlike what would would likely be the case should even less ethically-grounded "researchers" demonstrate similar capability - probably on a larger and more dangerous scale, mind you.




Nobody was hurt because they rolled the dice and got lucky. There was a non-zero probability of injury or death that was completely unjustified.


It was a gradual slowdown. That "non-zero" has enough zeroes after the decimal point for Japan to send the number to Hawaii and have another go at Pearl Harbor.

Worst-case scenario, somebody might've been rear-ended. Maybe a bit of whiplash. That's not great, either, but seeing as more-controlled tests by these researchers were outright ignored by auto manufacturers, your priorities have to be incredibly out of whack to villify the researchers over the auto manufacturers - who are willfully endangering hundreds of thousands, if not millions, of Americans every day - in this scenario.


Your estimates for both the "non-zero" probability of injury and the worst-case scenario are very far off from mine and from the those of the thread-starter, who appears to have some expertise in traffic considerations, and the dangers of semi trucks in particular. I wonder if your opinions about this would be different if you believed this was as dangerous as many of us believe it was, rather than merely having an extremely low probability danger of a harmless fender-bender.


My estimates come from some personal and professional experience (including being a former employee of a state highway patrol, mostly tasked with - among other things - processing traffic collision reports and dealing with phone calls from those involved; not a fun job, that was). Admittedly, probably not as much as a semi truck driver, but contrary to popular belief I'm not entirely inexperienced here :)

The reporter mentions that this was uphill. Semis generally have a hard time going uphill at an appreciable speed (as I know full well being stuck behind them regularly on the mountain pass highways that connect my town to the rest of the world; lines and lines of trucks at less than 45 MPH with their flashers on); more weight leads to a harder time fighting against gravity. The uphill slope should make it easier for the truck to slow down.

If the reporter had made an abrupt stop (i.e. if the researchers slammed his brakes or something), then yeah, I'd be more concerned. That wasn't the case, though. Rather, it was a gradual deceleration according to the article. Cars can actually coast quite a distance, even uphill, when they start at 70MPH; I know this firsthand from my own SUV running out of gas once on a busy interstate, and on an uphill no less. Even with the uphill, there was enough momentum for me to put on my flashers, merge right from the fast lane, and eventually coast into the next offramp a quarter-mile away. No shoulder, either.

Now, this isn't to say that it couldn't've been safer, nor do I disagree that more safety precautions should've been implemented. For one, the researchers could've - at the very least - told the reporter "hey, if our attack comes at a really bad time and you feel like you're about to die, turn the car off and on again and you'll regain control". However, even with the described scenario as-is, risk of life is quite slim. We're not talking about a driver slamming his brakes and going from 70 to 0 in seconds; we're talking about the equivalent of an engine stall, and thus a rather gradual slowdown - graudal enough for even semis, let alone smaller vehicles, to react to.

> I wonder if your opinions about this would be different

They probably would, yes. Slightly, though; ultimately, one injurious pileup is a drop in the bucket compared to the hundreds of thousands that might actually be prevented by demonstrating precisely why proper security measures on Internet-connected heavy machinery are worth taking seriously. Not that I think the possibility of the former should be dismissed (indeed, I agree that the researchers could've done things more safely while still getting the attention of auto makers), but said possibility needs to be weighed against the possibility of the latter, with the recognition that any demonstration - ideally a totally safe one, but even one with some degree of risk - is necessary to push auto manufacturers toward taking security seriously.


I feel like we might be in an Internet fight here but the line about Pearl Harbor is the best thing I've read all day, thanks for that.


No problem. :)

And I wouldn't call this a fight. Just an ethical debate. One that'll probably be a bit heated, of course, given the circumstances, but it's one that needs to be had.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: