The 10th gen Civic ran from 2016-2022 with the same infotainment setup. So it's a 2016 car with 2012 software. That's very reasonable.
And the benefit to that is that it's easy to hack since there's an RCE in the old browser. So you can jailbreak your own car. (It doesn't have a cellular data connection so it's not a security risk)
Addressing "(It doesn't have a cellular data connection so it's not a security risk)" - I wouldn't say it's not a security risk. Check out the Bluetooth docs in the repo for example. Cellular data is only one interface out of many others (Bluetooth, Wi-Fi, CAN, XM radio, HD radio). Jailbreaking anything isn't without its risks.
Further, I agree that it's reasonable to ship a 2016 car with 2012 software. But I've seen no evidence that these headunits have gotten security updates within that timeframe. Think of it like a smartphone. I can make do with a phone that's a few years old, but I have an expectation that it will receive timely security updates. In the case of the Honda headunits, they run Android. They should receive Android security patches (I'll admit there's certainly complexity there, Google has long struggled with the tradeoff between device security and AOSP ubiquity). There's nothing wrong with using an older version of Android or an LTS kernel, but it should still receive security patches.
Consider Stagefright bugs. As I understand it, although it was published in 2015, it affected several earlier Android versions, including 4.2.2. See: https://en.wikipedia.org/wiki/Stagefright_(bug). As far as I know, my car was never patched against Stagefright bugs. All it takes is a bug in one library (such as for HD radio image processing) and a well-published Android for something like this to be a big problem.
It's complicated; I like jailbreaking. I also think Honda should ship higher-quality software with better security policies and update guarantees
Awww nostalgia hits... some very very long time ago I was working on software tested on KitKat. It's better not to mention it during interviews otherwise will be dismissed as a dinosaur.
Nexus 4 was a great phone. Honestly I don't remember it being particularly slower than my more recent phones, since most of what I do is browse the web, listen to music, and watch YouTube videos.
I bet on today's web it would feel quite slow though, because everything is terrible.
I have serious doubt there were any tablets shipping with Android 4 that used a resistive screen. At least not any that didn't come from some no-name manufacturer for eighty bucks.
I have the same system in my 2017 Civic. It's definitely a capacitive touchscreen. Essentially just a Android tablet from 2012, and it's responsive enough.
Being hackable considered a "bug": if someone founds a way to tweak the infotainment, they will "update" it in no time to block such tweaks. They all pretend to have their own apps, yet they never do. Just in case, block users from creating their own and sharing them. E.g. https://mazdatweaks.com/
Or, as for the Subaru Starlink head-unit, even if it is so buggy and crashes all the time, once the car is out the dealer's door, there is nothing the consumer can do.
Even class actions don't mean they would be recalled or even fixed. They did offer a discount on a new car.
TLDR; Kia rant: Yea it's bizarre to me how recalls aren't more widespread. The fiasco with Kia cars getting broken into is my favorite recent example. Teenagers break into random stranger's Kias and go on joyrides. Then local news channels and police sensationalize Kia car break-ins or villify bored teenagers. It seems like very few people actually demand recalls by Kia. A car that can be unlocked in the span of a TikTok video is a dangerous car; it's a public safety issue. I'm mostly ignorant of the recall process, but it seems like they should be more widespread than they are
The 10th gen Civic ran from 2016-2022 with the same infotainment setup. So it's a 2016 car with 2012 software. That's very reasonable.
And the benefit to that is that it's easy to hack since there's an RCE in the old browser. So you can jailbreak your own car. (It doesn't have a cellular data connection so it's not a security risk)
Addressing "(It doesn't have a cellular data connection so it's not a security risk)" - I wouldn't say it's not a security risk. Check out the Bluetooth docs in the repo for example. Cellular data is only one interface out of many others (Bluetooth, Wi-Fi, CAN, XM radio, HD radio). Jailbreaking anything isn't without its risks.
Further, I agree that it's reasonable to ship a 2016 car with 2012 software. But I've seen no evidence that these headunits have gotten security updates within that timeframe. Think of it like a smartphone. I can make do with a phone that's a few years old, but I have an expectation that it will receive timely security updates. In the case of the Honda headunits, they run Android. They should receive Android security patches (I'll admit there's certainly complexity there, Google has long struggled with the tradeoff between device security and AOSP ubiquity). There's nothing wrong with using an older version of Android or an LTS kernel, but it should still receive security patches.
Last year, some Mazda cars were accidentally bricked by a radio station broadcast omitting file extensions: https://arstechnica.com/cars/2022/02/radio-station-snafu-in-.... That was an accident, not the work of a malicious actor.
Consider Stagefright bugs. As I understand it, although it was published in 2015, it affected several earlier Android versions, including 4.2.2. See: https://en.wikipedia.org/wiki/Stagefright_(bug). As far as I know, my car was never patched against Stagefright bugs. All it takes is a bug in one library (such as for HD radio image processing) and a well-published Android for something like this to be a big problem.
It's complicated; I like jailbreaking. I also think Honda should ship higher-quality software with better security policies and update guarantees
I wonder the year of its touchscreen. 5 years old car? Almost brand new. 5 years old touchscreen and software? It's going to be painful.
I have a 2017 Civic, and based on the info in the OP, it's the same as the 2021 models, and yes, it's severely dated.
Though it's Android 4.4, which gives me some nostalgia from my Nexus 4 and the Holo era of Android
Awww nostalgia hits... some very very long time ago I was working on software tested on KitKat. It's better not to mention it during interviews otherwise will be dismissed as a dinosaur.
5 replies →
Nexus 4 was a great phone. Honestly I don't remember it being particularly slower than my more recent phones, since most of what I do is browse the web, listen to music, and watch YouTube videos.
I bet on today's web it would feel quite slow though, because everything is terrible.
1 reply →
Probably a resistive type like on really old tablets running Android 4!
I have serious doubt there were any tablets shipping with Android 4 that used a resistive screen. At least not any that didn't come from some no-name manufacturer for eighty bucks.
2 replies →
I have the same system in my 2017 Civic. It's definitely a capacitive touchscreen. Essentially just a Android tablet from 2012, and it's responsive enough.
Par for the course in automotive. Once something works, it is not getting modified unless bugs appear.
Being hackable considered a "bug": if someone founds a way to tweak the infotainment, they will "update" it in no time to block such tweaks. They all pretend to have their own apps, yet they never do. Just in case, block users from creating their own and sharing them. E.g. https://mazdatweaks.com/
Or, as for the Subaru Starlink head-unit, even if it is so buggy and crashes all the time, once the car is out the dealer's door, there is nothing the consumer can do.
Even class actions don't mean they would be recalled or even fixed. They did offer a discount on a new car.
TLDR; Kia rant: Yea it's bizarre to me how recalls aren't more widespread. The fiasco with Kia cars getting broken into is my favorite recent example. Teenagers break into random stranger's Kias and go on joyrides. Then local news channels and police sensationalize Kia car break-ins or villify bored teenagers. It seems like very few people actually demand recalls by Kia. A car that can be unlocked in the span of a TikTok video is a dangerous car; it's a public safety issue. I'm mostly ignorant of the recall process, but it seems like they should be more widespread than they are
1 reply →
that's automotive engineering for you lol. aviation is similar
[flagged]