> On my drive home I abruptly had absolutely no acceleration, the gear indicator on the dash started flashing, the power mode indicator disappeared, an alert said shift into park and press the brake + start button, and the check engine light and red wrench lights came on. I was still able to steer and brake with power steering and brakes for maybe 30 seconds before those went out too. After putting it into park and pressing the brake and start button it started back up and I could drive it normally for a little bit, but it happened two more times on my 1.5 mi drive home.
If that happened on the highway I could easily see people being killed.
On a reasonably well constructed car, loss of power steering at highway speeds is barely noticeable. Loss of power brakes is a different story. An inability to actually get all the way off the highway before running out of speed could also be quite dangerous, and a loss of power steering can indeed make it quite difficult to maneuver at low speeds.
I've lost power steering on my dad's F250 once. It was incredibly noticeable, since I had to crank the wheel like a ship from the age of sail in order to get onto the shoulder.
I guess you could argue that it wasn't a reasonably well constructed car.
Losing power steering would be no big deal. Anything that caused a sudden loss in forward velocity worries me.
There's construction on the Interstate highway in my area with lanes that have no "breakdown" space ("contraflow" lanes). I would be terrified to lose power in that lane. I would be worried about getting rear-ended and / or causing a pile-up.
Lost power steering at highway speeds in my '91 Corolla a couple of decades back. Didn't notice on the highway (belt just made a loud pang and I thought "What the heck was that?"), but as soon as I took an exit and had to turn at the light, I seriously had to muscle the wheel over. Good learning experience about what power steering offers.
My assumption is that the HN audience is not perfectly gaussian distribution of the population but probably not extremely far from it.
So can someone who owns a modern car please help me understand why you would buy a car that has the mere capability to be remotely shut off?
A vehicle is a personal safety device, that allows for independent travel away from bad things and towards safe things. That is one of the most critical aspects of a vehicle.
Assuming that one of the most critical times you might need a vehicle is fleeing oppression, having a remote switch off as a possible vector to impede your escape is an existential threat and basically makes one of the core reasons to have a vehicle moot.
My assumption is that most people are not thinking about their vehicle as one of the most critical tools for freedom.
Having traveled the world and lived in war zones, vehicles are life savers and it’s insane to me that anyone would allow a possibility for someone else, specifically corporations and governments with major power levers, to even have the ability to stop that remotely.
1. They don’t know that can happen. The salesman doesn’t point it out.
2. They figure all cars will be that way soon so why worry about it.
3. It’s never happened to anyone before so why worry about it.
4. We don’t know anyone who has ever had to flee from oppression in their car so why worry about it. And this is America, if that’s what we’re worried about we’ll stock up on ammo.
> So can someone who owns a modern car please help me understand why you would buy a car that has the mere capability to be remotely shut off?
In practice, getting t-boned at an intersection where I have the right of way is a much greater risk to me than my car getting shut off, so it makes sense to optimize for safety in the former case.
Like smart TVs, the only possible alternative is buying a 10 year old model on the secondhand market. Vehicles without these features have not been produced in a long time
You’ve got me thinking. I drive a Chinese made EV. If China ever had a nuclear war with the west they would definitely brick all of the cars they’ve sold us. Also it doesn’t have to be China that issues the command. Remote shutoff of cars is a great cyber warfare target.
> So can someone who owns a modern car please help me understand why you would buy a car that has the mere capability to be remotely shut off?
That’s not what is going on here. These cars are not being intentionally shut down remotely. Instead, a software update for some computerized components of the car was pushed down to the cars and installed with the owners permissions, but that update apparently has severe bugs that should have been caught by QA.
if you really mean help you understand why and that wasn't a rhetorical exageration, it's not hard to understand.
Most people have a variety of things they are looking for in a car they want to purchase, and other factors are more important to them than this one, which they figure probably won't happen anyway. There may be few options that aren't updateable over the air, and those options don't meet their other criteria -- if they even get that deep into considering it, which they probably don't, they just aren't really thinking about it. But even if they did. you don't have the option of buying your perfect fantasy car. I'd like to buy a car with manual mechanical controls instead of touch screen controls, but there aren't that many options for that either, and they may not meet my other needs.
Realistically I would be cycling out of my city because if there was anyone else except me running from oppression, we would be all caught in the same traffic jam.
I happen to live on the outskirts, but there are several choke points where it would be really easy to set up a barrier. Those choke points apply to cars mostly.
Lots of child comments mention fleeing oppression as being something outside the norm. A more relatable thing to flee for Americans might be hurricanes and wildfires-- both of which sizeable numbers of Americans have had to flee somewhat regularly.
Same reason people buy most things these days: convenience. Do you own a cell phone? It can be remotely updated (and even shut down by malicious actors), yet most people own one and don't think twice about it.
> So can someone who owns a modern car please help me understand why you would buy a car that has the mere capability to be remotely shut off?
Because afaik, all the modern cars have this as a 'feature', but there's lots of other nice features they have.
The best of both worlds right now is an earlier modern car where the 2g/3g modem can no longer connect to the outside world. Even better if you can pull the modem, but they're usually up behind a lot of trim.
> why you would buy a car that has the mere capability to be remotely shut off
One answer to this I would presume is: there are no other new cars for sale without this flaw.
Why there aren't regulations or forced options in the market without these functions (as well as with physical control knobs instead of touch surfaces) is a good question too. There is huge demand for cars without most of this nonsense, yet I don't see that demand being met.
I doubt anyone wants a car whose infotainment system can be improperly updated to cause catastrophic power and engine failure while driving, if given this information and a choice to avoid it.
Wouldn't it make sense to keep your prepper car in the garage (next to the welder) and low-mileage? Use the one with fancy electronics as a daily driver and hope the revolution doesn't happen during your commute.
I suspect it did happen on the highway for some people, that would explain the disabled Jeep sitting on the (minimal in construction zone) left shoulder of an expressway that I drove past yesterday. I just figured there'd been a fender bender in the already terrible construction traffic and the second vehicle hadn't moved on yet.
It did happen on the highway to my sister. She was in the middle lane but luckily had the space to get to the side. Managed to start it again and get off the highway where it did it again and wouldn’t start after that.
I think most “techies” know in their gut what causes this and where it’s heading - I remember doing PC repair post first dot com crash (first bankruptcy) and the amount of shit shovelled onto consumer PCs (every device manufacturer had its own weird set of drivers, drivers installers, app), every piece of software put something in there, let alone what MSFT started you out with. All of it trying to be “user friendly” whilst achieve it the opposite
We are going to see this play out in every device (car, fridge, TV) that is not locked down by the OEM (apple gets a lot of kudos and knocks for this)
Cars are going to be the front line of this war- it’s not a “right to repair” it’s “a right to have good defaults” and “no upselling opportunities” (I think of it as there are no commercial businesses anymore - just utilities who give clearly defined service that have clear APIs and endpoints.
Sadly I think the world will head towards a point where I will make a fortune selling Augmented vision glasses that remove the adverts reality …
It should be a "right to not have product forced on you." When I buy a device, whether it is a car, a refrigerator, or an application, I want that thing that I saw in the store, as it exists on the store shelf, including the features and capabilities. I do not expect that I am going to maintain some kind of ongoing relationship with the manufacturer where they get to modify my device at their whim over the air.
Manufacturers should feel free to offer updates. If the user feels the tradeoffs make sense, then they should be free to accept updates. But this business where the manufacturer thinks they are somehow entitled to mess around with a product you've already purchased from them has got to end. It's not their product anymore, it's yours.
> It should be a "right to not have product forced on you."
Even better, a "right to modify everything you own, in any way you like". Don't you like the micro-controller installed by the manufacturer? Buy another one, with the correct firmware programmed from scratch, and swap it off.
We are already well into a new era of software, in which software can be programmed by itself, especially Rust. What is missing is money transactions for software companies and their employees located everywhere in the world.
"Devices with no surprises". Retail shops in conjuction with electronics engineers put new controllers in everything and re-sell it. Open source software, auditable by anyone and modified at will.
Programs for every car, every refrigerator etc cannot be programmed by a company located in one place, not even 10 places. It has to be a truly global company.
In other words, I want your device, I don't want your closed source software.
Its the CFAA for you and me, but not for corporate thee.
Sony was the first mass application of "lol nope, we sold a feature we decided to remove. Too bad". If our government cared about citizenry, this should have been a criminal and civil case both, under computer fraud and abuse act. But no criminal anything was done, and users go what, $20, 10 years after the fact?
If I did this, I'd be rotting in a jailcell for 20 years.
Yeah, when Fall Creators Update came out for Windows 10, it crippled styluses down to an 11th touch input --- I very nearly returned my then-new Samsung Galaxy Book 12 --- rolled back, and stayed on the previous version for _years_.
Currently using a Samsung Galaxy Book 3 Pro 360 --- have to keep the Settings app in the Task bar so I can toggle stylus behaviour depending on which app I run, and use Firefox w/ a specific setting to enable text selection/disable stylus scrolling (scrolling w/ touch feels far more natural).
I'm about at the point where I'm going to make a Cyberdeck using an rPi 5 and Wacom Movink or Wacom One display....
Problem with that is that if it's an online product then the manufacturer also _must_ provide updates to keep the device secure so that it continues to do whatever they sold you in the first place.
Also, adding features on its own is great, but obviously stuff like what happened here can't be allowed to happen, and those Samsung or LG smart fridges that became advertising boards is obviously also not acceptable...
Easy to call the bullshit out, hard to actually define the responsibilities of a manufacturer in a law.
Ok, this is a little off-topic. I have to say it somewhere.
Yeah, The crazy stuff is that when we are out of warranty, and they push an update... who's problem is it now? Who pays? My TV gets updates I don't necessarily want (I'll have to take that upon myself to get an external device for streaming services) and it's out of warranty. What happens when they push something that causes it to not function properly anymore? I didn't break it, they did. We know who pays: we do. I'm almost fearful of bringing anything online these days. I really don't want most things I own to be connected. I find it sad that we are being sold dishwashers, washing machines, refrigerators, guitar pedals, and just about anything and they somehow need the net. It's gross. We own nothing, we control nothing, and yet we're expected to pay for it when someone else decides they don't want to continue to support, or even offer, the thing you paid for.
No, this is not what causes this. Most ECU's have a BSP package and some drivers bought from vendors, then the tier1's build the whole thing to OEM specifications. OEM's then integrate the whole thing. Stuff starts to break when you put them together. Maybe a diag is slightly different or an ECU has slightly different timing, or one of the gateways doesn't like what a bootloader is doing, or you have some weird race conditions that fail at 1 out of 1000 cases.
At least if you open a "smart" fridge/dishwasher/washer/dryer/etc, it's basically the same old cost-optimized bare-bones design (maybe one or two extra sensors for special marketing bullet point features), and then all of the "smarts" is on a control board that could mostly just be replaced (ECM motors seem to be the exception to this, and even those are straightforward to design a circuit to drive).
Whereas the problem is that cars have had computers for a long time (eg ECU, ABS, entertainment), then those started getting connected together locally via CAN, then finally they added an Internet connection for surveillance and control. So the centralizing proprietary software tentacles go deep into the car in a way that's not easy to remove or replace.
There is the black box approach of disabling network interfaces, but I could even see that going away - cannot contact network -> car cannot be sure that warranty recalls have been done in a timely fashion -> disable itself after a month until you "take it to a dealer" (or reconnect the cell backhaul).
I think the end customer shares some of the blame for the current state of things. Cars have gotten worse and worse reliability wise since 2010. Yet sales only continue to increase. People don't own cars any more, they simply see them as a $500 a month payment and once they get too annoyed with it, they just go and get a different one. I don't know about other manufacturers, but with everything GMC, all dealer repair shops are independent. GM does not make any money off of those, therefore they are only interested in giving you another car and another payment plan. How many times of you heard someone trash talking a specific model? "That car was a POS! I took it back to the dealer and got a different one" Yea you sure showed them....
We are going to see this play out in every device (car, fridge, TV) that is not locked down by the OEM (apple gets a lot of kudos and knocks for this)
The problem in this case is because it is Locked down by the OEM. Owners are completely at the manufacturer's mercy, and don't have the option to add aftermarket software.
It's not quite that. It's features you never asked for being forced upon you by the market with hardly any uncompromised alternatives without these misfeatures.
I live in a city so I don't need a car, but if I had to buy one, "it should not have a network interface" would be my most important requirement. "It should not have a video display" would be a secondary one. If I had to buy a car with a network interface, I would do my best to neutralize it to make sure it stays 100% offline.
> Roslin: It tells people things like where the restroom is, and-
> Adama: It's an integrated computer network, and I will not have it aboard this ship.
> Roslin: I heard you're one of those people. You're actually afraid of computers.
> Adama: No, there are many computers on this ship. But they're not networked.
> Roslin: A computerized network would simply make it faster and easier for the teachers to be able to teach-
> Adama: Let me explain something to you. Many good men and women lost their lives aboard this ship because someone wanted a faster computer to make life easier. I'm sorry that I'm inconveniencing you or the teachers, but I will not allow a networked computerized system to be placed on this ship while I'm in command. Is that clear?
If it's not user recoverable at the time, and it renders the product as useless as a brick, then it seems like the most accurate word to use, from the customer perspective. Some people will prefer stricter semantics, sure. It was later still able to download and apply updates over the air to undo the problem, so it was a milder form of bricking.
I've had some pretty nasty brickings of devices, like overwriting the bootloader, that I've been able to recover from by getting it into some barely documented system on chip mode with a special cable, booting a new bootloader into RAM via the cable, and reflashing that way. One could go to the extreme and say any flash storage chip where all software bits are directly writable by a factory tool is technically unbrickable. But the customers won't see it that way.
I've "bricked" many automotive systems where they weren't truly unrecoverable, but doing so involved another team disassembling them. The parts were cheaper to throw out instead.
Being strict about the word "bricked" and limiting it to the truly unrecoverable situations just makes it nigh-on useless.
Very few things can make a modern system truly unrecoverable if one is willing to pour unreasonable resources into them. It's incredibly common to be in a situation where a system is unrecoverable by you though. There's no practical difference between these two except that one depends on the surrounding context.
There are a thousand ways to describe this without misusing and ruining a word like “bricked”.
Being strict about a word makes it more useful, not useless. A useless word is one with no identifiable meaning, one which requires copious clarifications, or one which invites confusion and debate instead of delivering meaning.
I actually think your first sentence is a spot on definition for 'bricked'. However, this specific scenario does not meet the criteria you've defined. Nobody is throwing out their car because it was only temporarily disabled. Another OTA update fixed it minutes later.
> A brick (or bricked device) is an electronic device, specially consumer electronics (such as a mobile device, game console, computer, etc.) that is no longer functional.
How about "catastrophic"? Or "total failure"? Or "we can't find the word to convey the severity"?
Anything else than words that already have existing meanings. With that motivation, they could have said "... update that exploded all ..." since it's a really severe situation, but obviously we/they should use words that has the right meaning instead.
I was driving 65 on the left lane of the highway when my car started slowing down. It started saying to put it into P and to push to start. The car was off and I couldn’t accelerate! I almost crashed trying to get onto the right lane shoulder. 4 lanes over before it completely stopped and caused a huge accident They are saying it’s something with an update jeep is doing and the cars are just stopping! There were 4 jeep wranglers on the side of the highway as I tried driving to the nearest dealership 25min. It turned off 3 times
Will Jeep reimburse me if I get a loaner while my car is at the dealership? My dealership doesn’t provide loaner vehicles
Jeep is horrible. I was gifted a 2007 Jeep Commander, which was Jeep's "answer" to the Hummer. This was in like 2017, so it was 10 years old at that point. Anyways, it wouldn't shift into 4x4 mode, and after some internet sleuthing I found out there was a (now second) firmware update the dealership could do to hopefully fix the issue. I don't remember the exact details, but basically there was a hardware flaw in the module controlling the transfer case, and when it failed the vehicle would go into neutral, which obviously could be quite dangerous depending on where you were parked / what you were doing.
Instead of fixing the actual hardware issue, they did a recall that was some sort of black magic with a firmware update to "fix" the issue. According to the internet, this fix temporarily worked, with pretty much all of them failing again, conveniently after the vehicle was out of warranty.
Anyways, there was a second firmware update, that I had done 10 years after the vehicle was made, that more or less actually "fixed" the issue. Apparently the issue (according to Jeep forums, so take with a grain of salt) was due to some traces being undersized on the PCB, so the fix was to drop the voltage and/or current being sent, and then more or less disabling the safety sensors that would complain about low voltage. After the second firmware update, it would shift into 4x4 about 1 out of 4 attempts (otherwise just failing with "couldn't shift into 4x4" on the screen), and that was the final thing that could be done.
It took Jeep about 4 or 5 years to issue that final firmware update, probably to try and avoid a class action lawsuit over 90% of the vehicles 4x4 system failing just outside of the warranty period!
This is why I don't want auto-updates in most of the things I own.
It's just a crutch for manufacturers to ship half-baked products, and an attack vector for the next generation of shitty engineers they hire to damage my property.
Jeep parts and frames and cabs are plentiful in the right circles, you can still build out a good wrangler (2.4 or 2.5 or 3L) for less money than a new car, and know your computer is planted firmly under the driver's seat and not connecting to anything.
The American Heritage Museum in Massachusetts is raffling off a 1944 Ford GPW jeep in fully restored condition. Pretty sure there are no computers in that one! But sorry, floor mounted Browning 50 cal machine gun is a replica.
> A wrangler using software just does not "compute" to me.
In the case of this Jeep bug causing engine shutoff and power failure, it was an update to the infotainment system! It's easy to compute that these infotainment systems run software; what's crazy is updates to them can cause catastrophic failure to powering the car and ability of the car to drive.
Cars have been using software since the 90s, hence 'electronic' fuel injection. Really the only thing different these days is stupid over the air updates that can brick shit. Otherwise you'd have to carry it into the dealer to get flashed or a new module put in.
> For anyone that incurred a towing cost or a diagnostic fee (or any other related expense), we will assist in reimbursing or canceling any fees. This will commence on Monday.
"we will assist" - a guarantee so lukewarm, you could put it in an icebox to keep your food fresh for a week.
My new Audi lets me turn off telemetry (at least it claims it does), but it complains every single time I turn the car on and makes me confirm two "no, I don't want to turn it back on" dialogs each time. It will also sometimes (I haven't figure out a pattern) tell my phone to auto-load the Audi app when I get in the car, for no useful reason, and then the app complains that it can't get the data it wants because I turned the data off. It's exceedingly obnoxious.
Mazda claims that they will disable telemetry via the TCU, but when I asked the dealership about it they looked at me like I was speaking a different language. I couldn’t get anyone who knew anything about it and ended up leaving. It’s insane to me that I have to go through hoops to OPT OUT of this stuff, and I had no choice to even opt in.
You might need to dig around for the codes, but with tools like OBDeleven, I've found that on my Audis most of the things that are like that can be turned off. I've done all sorts of things, from adding a gauge sweep (even though it's digital, I like the effect) to turning off the seatbelt warning (my partner unbuckles when we get in the cul-de-sac) to customizing the keyfob (in summer I can open the sunroof with a long press of one of the buttons), etc.
A very very minor contribution to my choice to buy a VW ID.4 is that a number of people reported that pulling the modem's (user-accessible) fuse is fine, and just disables remote connectivity as you'd expect.
(I haven't actually done that, but I abstractly like the option being available)
This is why I bought a fiesta. There is nearly no "smart" stuff in it. Everything is still mostly analog and very user friendly. Plus the ST is one of the most fun cars you can drive.
In my current car, if I disconnect the modem I lose the left front speaker and the microphone for the infotainment unit. Just noting for context, on this "I will just do XYZ theory."
Would you? I think that EU mandates a mobile connect for emergency services (eCall), but can you point out a legislation which forbits the owner to disable it in the vehicle they own?
They'll have to find you first, which (without a cell modem and GPS) would be an undertaking. The cell antenna "accidentally" falling off or the cable developing a fatigue break after the connector might be easier to explain. A Faraday bag comes to mind, as well.
Allowing owners to choose when to install updates would address many issues. Most updates are uneventful, but I’d prefer to install them when I’m at home in my driveway rather than while road-tripping in a rural area, 90 miles from the nearest dealer, or rushing to meet a nonrefundable hotel reservation.
Dumb question from someone who uses old cars without OTA, how can cars get OTA if you don't pay for any internet subscription? Can't you say I don't want to pay for any internet costs when buying the car? Also ensure you don't connect the car to wifi. Isn't that suffice?
If vehicles always still had to go back to the dealer for any type of recall, I would say that might have maintained a higher standard of what is supposed to pass for finished goods coming out of a factory.
The safety implications in this case really drive that home.
I'd like to laugh about this because it's one of the things I love about my 2010 Camaro which wound up in a fairly sweet spot of having the basic tech I want (Bluetooth to the radio) without a lot of the nanny stuff I don't, but I once upgraded the operating system with two USB keys containing a bunch of C# from a stranger on the Internet who said he worked at GM. You had to open the driver side door between the first and second USB keys to make the process work.
Yeah, 15 years and the biggest problem I have had so far is convincing the dealership I really don’t want the recall that removes the key from the fob after the tenth time I told them no.
The forum thread is more chilling. It seems they released a fix that they pushed silently. You can't verify if you installed the silent update yourself the support rep needs to use your vin in an internal tool to check if the fix is applied. "Park your car in an area with good cell coverage. Wait 10 minutes and do a reboot." After that I can try driving my car and hope the update went through?
Absolutely insane.
There's this video [1] linked in the Twitter post, showing how the problem manifests itself and with other (presumably also) Jeep 4xe owners commenting that they had experienced the exact same issue.
I’m a huge car guy (race spec Miata, have 7 cars, etc etc).
You will never EVER catch me in a car connected to the internet (this includes all the precious new EVs). Especially a Chrysler product. Look up how they were hacked in 2015…
In Time is a 2011 American science fiction action film written, co-produced, and directed by Andrew Niccol. Justin Timberlake and Amanda Seyfried star as inhabitants of a society that uses time from one's lifespan as its primary currency, with each individual possessing a clock on their arm that counts down how long they have to live.
Disturbing — this kind of progress sucks! I want reliable things that I own that are under my own control. We should all stop immediately buying this out-of-our-own-control stuff!
We were lucky!!!! This almost killed my wife and I the jeep just shut down while driving!!!!! No power no way to move this was and is life threatening now two days without the vehicle and we see it the manufacturer that almost caused our death.. F U what are they going to do for the customers we no longer have faith in this vehicle……….
There is absolutely no way an OTA update should be able to impact anything powertrain related, it should be limited to the infotainment system and accessories. PCM updates should require a hard connection to the vehicle's OBD port at the dealership/mechanic (or a home user with the appropriate software and cable). NHTSA should investigate this.
Tesla has been doing these OTA powertrain updates for over a decade. It's totally fine when you follow best practices and do good QA. Stellantis doesn't QA.
This reads like an OTA to the infotainment that messed up powertrain somehow. Plenty of manufacturers successfully OTA powertrain these days by using A/B flashing (the B flash programs while the car drives, next key cycle swaps to B and flashes A in background, next key cycle back to A, done).
My suspicion is that this was either a CAN saturation issue (ie - infotainment started sending a high priority message which could reach powertrain CAN) or a state management issue (ie - infotainment sent a “put modules to sleep” or “wake modules” message which was not handled correctly and caused one or more modules to transition to an invalid state for driving).
> My suspicion is that this was either a CAN saturation issue (ie - infotainment started sending a high priority message which could reach powertrain CAN) or a state management issue (ie - infotainment sent a “put modules to sleep” or “wake modules” message which was not handled correctly and caused one or more modules to transition to an invalid state for driving).
The fact that this possible proves the point: OTA updates are dangerous and should be banned.
This update was for the infotainment system. To your point, that system should somehow be air-gapped from affecting the engine and power. There's way too much coupling of all this software and electrical components.
I assume this is related to the new feature that lets you start the engine without being able to drive the car (it’s called “lock start” or something like that).
And the Wrangler is the only Stellantis brand that still has some value. Yet somehow, they’re finding a way to ruin even that.
I know my problem is not as bad, but it lines up. I have a 2020 Rubicon, non-4xe model, and as of this weekend, Carplay will no longer work. Works just fine in my other vehicle.
Maybe you lucked out and didn’t get the update before they killed it.
I hope they do a gradual rollout and they don’t push updates to the entire fleet at once (that would be irresponsible), but from the amount of people experiencing issues since Friday…
I’ve been thinking of buying/leasing a 4xe Wrangler since I rented one back in September for a couple of weeks and enjoyed it. However, stuff like this makes me concerned since I already know Jeep/stellantis have sub-par reliability compared to other car manufacturers.
A OTA update that makes the car undrivable is one thing. A bug that causes the power train shut off at highway speeds is unacceptable. Seems like multiple failures caused something like this to happen. Not only did they not QA an update properly, but the mere fact that a Infotainment/Telematics firmware update could kill the motor/engine while driving is crazy. In addition, the fact that they roll out an update like this on a Friday before a holiday weekend is also absurd.
There should be some sort of health check across all the car systems/ECUs before allowing the car to drive.
Stuff like this makes me more likely to look at Rivian instead (although they’ve had reliability issues too).
No attack suspected here. Nonetheless, it exposes an often under appreciated attack vector. It is scary how easy it will be for a motivated actor to cause chaos by just bricking stuff en masse.
In a past life I had a Wall of Shame of headlines on firmware update fails.
The lesson was you built firmware updates upfront and right into your development process so it became a non-event. You put in lots of tests, including automatic verification and rollback recovery. You made it so everyone was 100% comfortable pushing out updates, like every hour. It wasn't this big, scary release thing.
You did binary deltas so each update was small, and trickle download during down-time. You did A/B partitions, or if you had flash space, A/B/C updates (current firmware, new update, last known good one). Bricking devices and recalls are expensive and cause reputational damage. Adding OTA requires WiFi, BLE, or cell, which increases BOM cost and backend support. Trade-off is manual updates requiring dealership visits or on-site tech support calls with USB keys. It doesn't scale well. For consumer devices, it leads to lots of unpatched, out-of-date devices, increasing support costs and legal risk. OTA also lets you push out in stages and do blue-green deployment testing.
For security, you had on-device asymmetric encryption keys and signed each update, then rolled the keys so if someone reverse-engineered the firmware, it wouldn't be a total loss. Ideally add a TPM to the BOM with multiple key slots and a HW encryption engine. Anyone thinking about shipping unencrypted firmware, or baking symmetric encryption keys into firmware should be publicly flogged.
You also needed a data migration system so user-customizations aren't wiped out. My newish car, to this day, resets most user settings when it gets an OTA. No wonder people turn off automatic updates.
The really good systems also used realistic device simulators to measure impact before even pushing things out. And you definitely tested for communication failures and interruptions. Like, yoink out a power-line mid-update and then watch what happens after power is back on. Yes, it's costly and time-consuming, but consider the alternatives.
The ones that failed the most were when they spent months or years developing the basic system, then tacked on update at the end as part of deployment. Since firmware update wasn't as sexy as developing cool new tech, this was doled out to lower-tier devs who didn't know what they were doing. Also, doing it at the end of the project meant it was often the least-tested feature.
The other sin was waiting months before rolling out updates, so there were lots of changes packed into one update, which made a small failure have a huge blast radius.
These were all technical management failures. Designing a robust update system should be right up-front in the project plan, built by your best engineers, then including it in the CI/CD pipeline.
Just for context, the worst headline I had was for update failure in a line of hospital infant incubators.
Great insights into what goes one when developing firmware and updating it! I've never worked on that side of things so I was always curious what the development and testing process looked like.
Tried to buy from amazon.fr recently, had feeling like it is designed and developed by people never used online shopping. It's almost impossible to find products.
And if you try to set English language it simply cannot show list with products. Ridiculous for their billions.
some poor bastard owns a jeep, an amazon tv and samsung fridge and phone, and is stuck at home bieng force fed adds for jeeps on his tv fridge and phone
What kind of proof can be shown that'll be accepted by most people as proof of a bricked car after an automated software update? No matter what's shown, I can easily think of alternative explanations.
Asking for proof is not complaining. Back in my day, being able to request and see verification of claims was considered a benefit of communicating via internet.
This is chilling (from https://www.jlwranglerforums.com/forum/threads/2024-4xe-loss...):
> On my drive home I abruptly had absolutely no acceleration, the gear indicator on the dash started flashing, the power mode indicator disappeared, an alert said shift into park and press the brake + start button, and the check engine light and red wrench lights came on. I was still able to steer and brake with power steering and brakes for maybe 30 seconds before those went out too. After putting it into park and pressing the brake and start button it started back up and I could drive it normally for a little bit, but it happened two more times on my 1.5 mi drive home.
If that happened on the highway I could easily see people being killed.
On a reasonably well constructed car, loss of power steering at highway speeds is barely noticeable. Loss of power brakes is a different story. An inability to actually get all the way off the highway before running out of speed could also be quite dangerous, and a loss of power steering can indeed make it quite difficult to maneuver at low speeds.
If its drive-by-wire steering, then isn't loss of power steering the same as loss of all steering?
76 replies →
I've lost power steering on my dad's F250 once. It was incredibly noticeable, since I had to crank the wheel like a ship from the age of sail in order to get onto the shoulder.
I guess you could argue that it wasn't a reasonably well constructed car.
13 replies →
Losing power steering would be no big deal. Anything that caused a sudden loss in forward velocity worries me.
There's construction on the Interstate highway in my area with lanes that have no "breakdown" space ("contraflow" lanes). I would be terrified to lose power in that lane. I would be worried about getting rear-ended and / or causing a pile-up.
Loss of power steering is definitely noticeable. Especially when it comes to getting off the freeway.
Lost power steering at highway speeds in my '91 Corolla a couple of decades back. Didn't notice on the highway (belt just made a loud pang and I thought "What the heck was that?"), but as soon as I took an exit and had to turn at the light, I seriously had to muscle the wheel over. Good learning experience about what power steering offers.
My assumption is that the HN audience is not perfectly gaussian distribution of the population but probably not extremely far from it.
So can someone who owns a modern car please help me understand why you would buy a car that has the mere capability to be remotely shut off?
A vehicle is a personal safety device, that allows for independent travel away from bad things and towards safe things. That is one of the most critical aspects of a vehicle.
Assuming that one of the most critical times you might need a vehicle is fleeing oppression, having a remote switch off as a possible vector to impede your escape is an existential threat and basically makes one of the core reasons to have a vehicle moot.
My assumption is that most people are not thinking about their vehicle as one of the most critical tools for freedom.
Having traveled the world and lived in war zones, vehicles are life savers and it’s insane to me that anyone would allow a possibility for someone else, specifically corporations and governments with major power levers, to even have the ability to stop that remotely.
Given the increasing computerization of modern cars, how could you possibly verify that this wasn’t possible on *any* car you buy?
The only way I can think of is “don’t buy a car made within the last 25 years”
41 replies →
> Assuming that one of the most critical times you might need a vehicle is fleeing oppression
That's a hell of an assumption.
If we're talking about population distributions, I would argue that "having lived in war zones" puts you well outside the center of the curve.
It is extremely far from it in the US, I promise.
But direct answers:
1. They don’t know that can happen. The salesman doesn’t point it out.
2. They figure all cars will be that way soon so why worry about it.
3. It’s never happened to anyone before so why worry about it.
4. We don’t know anyone who has ever had to flee from oppression in their car so why worry about it. And this is America, if that’s what we’re worried about we’ll stock up on ammo.
Etc
> So can someone who owns a modern car please help me understand why you would buy a car that has the mere capability to be remotely shut off?
In practice, getting t-boned at an intersection where I have the right of way is a much greater risk to me than my car getting shut off, so it makes sense to optimize for safety in the former case.
Like smart TVs, the only possible alternative is buying a 10 year old model on the secondhand market. Vehicles without these features have not been produced in a long time
2 replies →
You’ve got me thinking. I drive a Chinese made EV. If China ever had a nuclear war with the west they would definitely brick all of the cars they’ve sold us. Also it doesn’t have to be China that issues the command. Remote shutoff of cars is a great cyber warfare target.
4 replies →
> So can someone who owns a modern car please help me understand why you would buy a car that has the mere capability to be remotely shut off?
That’s not what is going on here. These cars are not being intentionally shut down remotely. Instead, a software update for some computerized components of the car was pushed down to the cars and installed with the owners permissions, but that update apparently has severe bugs that should have been caught by QA.
2 replies →
if you really mean help you understand why and that wasn't a rhetorical exageration, it's not hard to understand.
Most people have a variety of things they are looking for in a car they want to purchase, and other factors are more important to them than this one, which they figure probably won't happen anyway. There may be few options that aren't updateable over the air, and those options don't meet their other criteria -- if they even get that deep into considering it, which they probably don't, they just aren't really thinking about it. But even if they did. you don't have the option of buying your perfect fantasy car. I'd like to buy a car with manual mechanical controls instead of touch screen controls, but there aren't that many options for that either, and they may not meet my other needs.
Realistically I would be cycling out of my city because if there was anyone else except me running from oppression, we would be all caught in the same traffic jam.
I happen to live on the outskirts, but there are several choke points where it would be really easy to set up a barrier. Those choke points apply to cars mostly.
1 reply →
Lots of child comments mention fleeing oppression as being something outside the norm. A more relatable thing to flee for Americans might be hurricanes and wildfires-- both of which sizeable numbers of Americans have had to flee somewhat regularly.
Same reason people buy most things these days: convenience. Do you own a cell phone? It can be remotely updated (and even shut down by malicious actors), yet most people own one and don't think twice about it.
> So can someone who owns a modern car please help me understand why you would buy a car that has the mere capability to be remotely shut off?
Because afaik, all the modern cars have this as a 'feature', but there's lots of other nice features they have.
The best of both worlds right now is an earlier modern car where the 2g/3g modem can no longer connect to the outside world. Even better if you can pull the modem, but they're usually up behind a lot of trim.
They generally just don’t think about or even know it’s a thing.
Most people push button, aim steering wheel, and voila.
2 replies →
> why you would buy a car that has the mere capability to be remotely shut off
One answer to this I would presume is: there are no other new cars for sale without this flaw.
Why there aren't regulations or forced options in the market without these functions (as well as with physical control knobs instead of touch surfaces) is a good question too. There is huge demand for cars without most of this nonsense, yet I don't see that demand being met.
I doubt anyone wants a car whose infotainment system can be improperly updated to cause catastrophic power and engine failure while driving, if given this information and a choice to avoid it.
3 replies →
You can usually remove the fuse that powers the 5G antenna. That will probably isolate your car from kill switch software updates.
Agreed that most people don’t think about this. I’m a preper and I hadn’t thought about this.
I'm buying a reliable and comfortable way to travel around the home town, not into warzone.
Yes, I want it to be connected to the app, to conveniently see fuel level, location, etc.
Wouldn't it make sense to keep your prepper car in the garage (next to the welder) and low-mileage? Use the one with fancy electronics as a daily driver and hope the revolution doesn't happen during your commute.
[dead]
This is the kind of intolerable fuck up that should land professional engineers in legal peril.
Does the NTSB or whoever have opinions on who gets to write code for safety critical systems and what obligations they have?
This is what MISRA C and AUTOSAR C++ is for. However I think those only apply to automotive components like the ECU, not the infotainment systems.
2 replies →
The “engineers” live in another country and are paid fifty cents an hour.
I suspect it did happen on the highway for some people, that would explain the disabled Jeep sitting on the (minimal in construction zone) left shoulder of an expressway that I drove past yesterday. I just figured there'd been a fender bender in the already terrible construction traffic and the second vehicle hadn't moved on yet.
If I owned a Jeep I'd be dumping it off at CarMax first thing Monday morning.
I’d keep it and consult my lawyer first.
[dead]
It did happen on the highway to my sister. She was in the middle lane but luckily had the space to get to the side. Managed to start it again and get off the highway where it did it again and wouldn’t start after that.
Very scary.
When car company cut corners and let junior developers do the vibe-updates...
So would do a flat tyre and myriad of other things. Is software supposed to be perfect?
I think most “techies” know in their gut what causes this and where it’s heading - I remember doing PC repair post first dot com crash (first bankruptcy) and the amount of shit shovelled onto consumer PCs (every device manufacturer had its own weird set of drivers, drivers installers, app), every piece of software put something in there, let alone what MSFT started you out with. All of it trying to be “user friendly” whilst achieve it the opposite
We are going to see this play out in every device (car, fridge, TV) that is not locked down by the OEM (apple gets a lot of kudos and knocks for this)
Cars are going to be the front line of this war- it’s not a “right to repair” it’s “a right to have good defaults” and “no upselling opportunities” (I think of it as there are no commercial businesses anymore - just utilities who give clearly defined service that have clear APIs and endpoints.
Sadly I think the world will head towards a point where I will make a fortune selling Augmented vision glasses that remove the adverts reality …
It should be a "right to not have product forced on you." When I buy a device, whether it is a car, a refrigerator, or an application, I want that thing that I saw in the store, as it exists on the store shelf, including the features and capabilities. I do not expect that I am going to maintain some kind of ongoing relationship with the manufacturer where they get to modify my device at their whim over the air.
Manufacturers should feel free to offer updates. If the user feels the tradeoffs make sense, then they should be free to accept updates. But this business where the manufacturer thinks they are somehow entitled to mess around with a product you've already purchased from them has got to end. It's not their product anymore, it's yours.
> It should be a "right to not have product forced on you."
Even better, a "right to modify everything you own, in any way you like". Don't you like the micro-controller installed by the manufacturer? Buy another one, with the correct firmware programmed from scratch, and swap it off.
We are already well into a new era of software, in which software can be programmed by itself, especially Rust. What is missing is money transactions for software companies and their employees located everywhere in the world.
"Devices with no surprises". Retail shops in conjuction with electronics engineers put new controllers in everything and re-sell it. Open source software, auditable by anyone and modified at will.
Programs for every car, every refrigerator etc cannot be programmed by a company located in one place, not even 10 places. It has to be a truly global company.
In other words, I want your device, I don't want your closed source software.
4 replies →
We've lost this game ages ago.
Its the CFAA for you and me, but not for corporate thee.
Sony was the first mass application of "lol nope, we sold a feature we decided to remove. Too bad". If our government cared about citizenry, this should have been a criminal and civil case both, under computer fraud and abuse act. But no criminal anything was done, and users go what, $20, 10 years after the fact?
If I did this, I'd be rotting in a jailcell for 20 years.
Yeah, when Fall Creators Update came out for Windows 10, it crippled styluses down to an 11th touch input --- I very nearly returned my then-new Samsung Galaxy Book 12 --- rolled back, and stayed on the previous version for _years_.
Currently using a Samsung Galaxy Book 3 Pro 360 --- have to keep the Settings app in the Task bar so I can toggle stylus behaviour depending on which app I run, and use Firefox w/ a specific setting to enable text selection/disable stylus scrolling (scrolling w/ touch feels far more natural).
I'm about at the point where I'm going to make a Cyberdeck using an rPi 5 and Wacom Movink or Wacom One display....
2 replies →
Problem with that is that if it's an online product then the manufacturer also _must_ provide updates to keep the device secure so that it continues to do whatever they sold you in the first place.
Also, adding features on its own is great, but obviously stuff like what happened here can't be allowed to happen, and those Samsung or LG smart fridges that became advertising boards is obviously also not acceptable...
Easy to call the bullshit out, hard to actually define the responsibilities of a manufacturer in a law.
2 replies →
Ok, this is a little off-topic. I have to say it somewhere.
Yeah, The crazy stuff is that when we are out of warranty, and they push an update... who's problem is it now? Who pays? My TV gets updates I don't necessarily want (I'll have to take that upon myself to get an external device for streaming services) and it's out of warranty. What happens when they push something that causes it to not function properly anymore? I didn't break it, they did. We know who pays: we do. I'm almost fearful of bringing anything online these days. I really don't want most things I own to be connected. I find it sad that we are being sold dishwashers, washing machines, refrigerators, guitar pedals, and just about anything and they somehow need the net. It's gross. We own nothing, we control nothing, and yet we're expected to pay for it when someone else decides they don't want to continue to support, or even offer, the thing you paid for.
No, this is not what causes this. Most ECU's have a BSP package and some drivers bought from vendors, then the tier1's build the whole thing to OEM specifications. OEM's then integrate the whole thing. Stuff starts to break when you put them together. Maybe a diag is slightly different or an ECU has slightly different timing, or one of the gateways doesn't like what a bootloader is doing, or you have some weird race conditions that fail at 1 out of 1000 cases.
At least if you open a "smart" fridge/dishwasher/washer/dryer/etc, it's basically the same old cost-optimized bare-bones design (maybe one or two extra sensors for special marketing bullet point features), and then all of the "smarts" is on a control board that could mostly just be replaced (ECM motors seem to be the exception to this, and even those are straightforward to design a circuit to drive).
Whereas the problem is that cars have had computers for a long time (eg ECU, ABS, entertainment), then those started getting connected together locally via CAN, then finally they added an Internet connection for surveillance and control. So the centralizing proprietary software tentacles go deep into the car in a way that's not easy to remove or replace.
There is the black box approach of disabling network interfaces, but I could even see that going away - cannot contact network -> car cannot be sure that warranty recalls have been done in a timely fashion -> disable itself after a month until you "take it to a dealer" (or reconnect the cell backhaul).
Replacing the control board is going to cost $400. That’s most of the price of the device.
Requiring a control board swap to lose the “smarts” / lockdown isn’t really a good enough option.
I suppose the emergence of the GNU Washing Machine Control Software would be a wonderful thing, but are we there now?
1 reply →
I think the end customer shares some of the blame for the current state of things. Cars have gotten worse and worse reliability wise since 2010. Yet sales only continue to increase. People don't own cars any more, they simply see them as a $500 a month payment and once they get too annoyed with it, they just go and get a different one. I don't know about other manufacturers, but with everything GMC, all dealer repair shops are independent. GM does not make any money off of those, therefore they are only interested in giving you another car and another payment plan. How many times of you heard someone trash talking a specific model? "That car was a POS! I took it back to the dealer and got a different one" Yea you sure showed them....
We are going to see this play out in every device (car, fridge, TV) that is not locked down by the OEM (apple gets a lot of kudos and knocks for this)
The problem in this case is because it is Locked down by the OEM. Owners are completely at the manufacturer's mercy, and don't have the option to add aftermarket software.
It's not quite that. It's features you never asked for being forced upon you by the market with hardly any uncompromised alternatives without these misfeatures.
I live in a city so I don't need a car, but if I had to buy one, "it should not have a network interface" would be my most important requirement. "It should not have a video display" would be a secondary one. If I had to buy a car with a network interface, I would do my best to neutralize it to make sure it stays 100% offline.
> Roslin: It tells people things like where the restroom is, and-
> Adama: It's an integrated computer network, and I will not have it aboard this ship.
> Roslin: I heard you're one of those people. You're actually afraid of computers.
> Adama: No, there are many computers on this ship. But they're not networked.
> Roslin: A computerized network would simply make it faster and easier for the teachers to be able to teach-
> Adama: Let me explain something to you. Many good men and women lost their lives aboard this ship because someone wanted a faster computer to make life easier. I'm sorry that I'm inconveniencing you or the teachers, but I will not allow a networked computerized system to be placed on this ship while I'm in command. Is that clear?
> Roslin: Yes, sir.
> Adama: Thank you. 'Scuse me.
https://www.youtube.com/watch?v=OPKGbg16ulU
Basically me when talking about cars I'll buy.
I wish people would stop using the term “bricked” for fully recoverable failure conditions.
Jeep has already confirmed they’ve pushed out a fix. That is not bricked.
If it's not user recoverable at the time, and it renders the product as useless as a brick, then it seems like the most accurate word to use, from the customer perspective. Some people will prefer stricter semantics, sure. It was later still able to download and apply updates over the air to undo the problem, so it was a milder form of bricking.
I've had some pretty nasty brickings of devices, like overwriting the bootloader, that I've been able to recover from by getting it into some barely documented system on chip mode with a special cable, booting a new bootloader into RAM via the cable, and reflashing that way. One could go to the extreme and say any flash storage chip where all software bits are directly writable by a factory tool is technically unbrickable. But the customers won't see it that way.
I would love to read the essay that proves the word "bricked" has a highly specific technical meaning that excludes recoverable failure.
10 replies →
I've "bricked" many automotive systems where they weren't truly unrecoverable, but doing so involved another team disassembling them. The parts were cheaper to throw out instead.
Being strict about the word "bricked" and limiting it to the truly unrecoverable situations just makes it nigh-on useless.
Very few things can make a modern system truly unrecoverable if one is willing to pour unreasonable resources into them. It's incredibly common to be in a situation where a system is unrecoverable by you though. There's no practical difference between these two except that one depends on the surrounding context.
There are a thousand ways to describe this without misusing and ruining a word like “bricked”.
Being strict about a word makes it more useful, not useless. A useless word is one with no identifiable meaning, one which requires copious clarifications, or one which invites confusion and debate instead of delivering meaning.
I actually think your first sentence is a spot on definition for 'bricked'. However, this specific scenario does not meet the criteria you've defined. Nobody is throwing out their car because it was only temporarily disabled. Another OTA update fixed it minutes later.
1 reply →
I think the reasonable extent of "bricked" is: can you plug in a USB cord and use publicly available software to fix it? Or wireless equivalent.
1 reply →
Apparently for some people the update makes it worse.
https://www.jlwranglerforums.com/forum/threads/2024-4xe-loss...
Not even two weeks after going all-in on enterprise vibe coding including for "engineering workflows".
> [Stellantis'] determination to apply AI across every part of the enterprise
https://www.stellantis.com/en/news/press-releases/2025/octob...
Wikipedia says
> A brick (or bricked device) is an electronic device, specially consumer electronics (such as a mobile device, game console, computer, etc.) that is no longer functional.
These jeeps are no longer functional.
Speaking of terminology, though, "crashed" really takes on an ominous meaning. I am really glad not to write software for safety-critical systems.
I agree, but I can't think of another term that would convey the severity of this offending update.
How about "catastrophic"? Or "total failure"? Or "we can't find the word to convey the severity"?
Anything else than words that already have existing meanings. With that motivation, they could have said "... update that exploded all ..." since it's a really severe situation, but obviously we/they should use words that has the right meaning instead.
4 replies →
"Jeep pushed an update that made moving vehicles uncontrollable"
If we are allowed to move the goal posts anywhere we want then nothing is ever bricked unless it is smashed to a powder.
ffs. really? the clickbait headlines need to stop - I'm for full banishment of people who post them and the publications they came in on.
This owner shared the experience on YouTube: https://www.youtube.com/watch?v=neGY6JWhHiU
- Vehicle randomly stalls every couple of minutes requiring shutdown and restart
- Shifter doesn't switch out of Park
- Dashboard lights including check engine/drive to dealer etc
Dealer response: "That's normal, they all do that."
As a former owner of a Fiat, this is exactly the kind of stupidity I’d expect from ~FCA~ Stellantis.
(I lemon lawed mine. Got nearly all my money back!)
It's like somebody decided to take all the mediocre car brands and pool them together to create something worse than all its parts.
But at least now you can look at all the brands they own and run for the hills.
Reddit post from yesterday:
"Jeep 4xe shut off mid highway
I was driving 65 on the left lane of the highway when my car started slowing down. It started saying to put it into P and to push to start. The car was off and I couldn’t accelerate! I almost crashed trying to get onto the right lane shoulder. 4 lanes over before it completely stopped and caused a huge accident They are saying it’s something with an update jeep is doing and the cars are just stopping! There were 4 jeep wranglers on the side of the highway as I tried driving to the nearest dealership 25min. It turned off 3 times
Will Jeep reimburse me if I get a loaner while my car is at the dealership? My dealership doesn’t provide loaner vehicles
Does anyone know what’s going on?"
https://www.reddit.com/r/Jeep/comments/1o47064/jeep_4xe_shut...
Jeep is horrible. I was gifted a 2007 Jeep Commander, which was Jeep's "answer" to the Hummer. This was in like 2017, so it was 10 years old at that point. Anyways, it wouldn't shift into 4x4 mode, and after some internet sleuthing I found out there was a (now second) firmware update the dealership could do to hopefully fix the issue. I don't remember the exact details, but basically there was a hardware flaw in the module controlling the transfer case, and when it failed the vehicle would go into neutral, which obviously could be quite dangerous depending on where you were parked / what you were doing.
Instead of fixing the actual hardware issue, they did a recall that was some sort of black magic with a firmware update to "fix" the issue. According to the internet, this fix temporarily worked, with pretty much all of them failing again, conveniently after the vehicle was out of warranty.
Anyways, there was a second firmware update, that I had done 10 years after the vehicle was made, that more or less actually "fixed" the issue. Apparently the issue (according to Jeep forums, so take with a grain of salt) was due to some traces being undersized on the PCB, so the fix was to drop the voltage and/or current being sent, and then more or less disabling the safety sensors that would complain about low voltage. After the second firmware update, it would shift into 4x4 about 1 out of 4 attempts (otherwise just failing with "couldn't shift into 4x4" on the screen), and that was the final thing that could be done.
It took Jeep about 4 or 5 years to issue that final firmware update, probably to try and avoid a class action lawsuit over 90% of the vehicles 4x4 system failing just outside of the warranty period!
This is why I don't want auto-updates in most of the things I own.
It's just a crutch for manufacturers to ship half-baked products, and an attack vector for the next generation of shitty engineers they hire to damage my property.
A wrangler using software just does not "compute" to me. But I guess this is our new world.
I drove a CJ for many years until it rusted out from under me and the engine seized, but I thought it was great, I went everywhere with it.
I would like to have a wrangler but it is too expensive, too many bells and whistles and to large, I would never get one.
Now I an driving an 18 year auto and hope to keep it going for another 18 :)
Jeep parts and frames and cabs are plentiful in the right circles, you can still build out a good wrangler (2.4 or 2.5 or 3L) for less money than a new car, and know your computer is planted firmly under the driver's seat and not connecting to anything.
This reminds me if Radar mailing a jeep home a piece at a time.
1 reply →
Ugh.
This is a rabbit hole that beckons.
The American Heritage Museum in Massachusetts is raffling off a 1944 Ford GPW jeep in fully restored condition. Pretty sure there are no computers in that one! But sorry, floor mounted Browning 50 cal machine gun is a replica.
https://www.tapkat.org/american-heritage-museum/lkaKb5?promo...
> A wrangler using software just does not "compute" to me.
In the case of this Jeep bug causing engine shutoff and power failure, it was an update to the infotainment system! It's easy to compute that these infotainment systems run software; what's crazy is updates to them can cause catastrophic failure to powering the car and ability of the car to drive.
Well, in fairness, it's informational and entertaining to everybody who doesn't have one of the cars.
Cars have been using software since the 90s, hence 'electronic' fuel injection. Really the only thing different these days is stupid over the air updates that can brick shit. Otherwise you'd have to carry it into the dealer to get flashed or a new module put in.
It's an EV hybrid. It needs software to not explode.
Looks like it's been acknowledged/fixed:
https://www.4xeforums.com/threads/wrangler-4xe-ota-update-10...
> For anyone that incurred a towing cost or a diagnostic fee (or any other related expense), we will assist in reimbursing or canceling any fees. This will commence on Monday.
"we will assist" - a guarantee so lukewarm, you could put it in an icebox to keep your food fresh for a week.
If I ever buy a newer car, first thing I plan to do is find and remove or disconnect the modem.
My new Audi lets me turn off telemetry (at least it claims it does), but it complains every single time I turn the car on and makes me confirm two "no, I don't want to turn it back on" dialogs each time. It will also sometimes (I haven't figure out a pattern) tell my phone to auto-load the Audi app when I get in the car, for no useful reason, and then the app complains that it can't get the data it wants because I turned the data off. It's exceedingly obnoxious.
Mazda claims that they will disable telemetry via the TCU, but when I asked the dealership about it they looked at me like I was speaking a different language. I couldn’t get anyone who knew anything about it and ended up leaving. It’s insane to me that I have to go through hoops to OPT OUT of this stuff, and I had no choice to even opt in.
See if it has a dedicated modem fuse and isn't smart enough to nag when that is pulled.
You might need to dig around for the codes, but with tools like OBDeleven, I've found that on my Audis most of the things that are like that can be turned off. I've done all sorts of things, from adding a gauge sweep (even though it's digital, I like the effect) to turning off the seatbelt warning (my partner unbuckles when we get in the cul-de-sac) to customizing the keyfob (in summer I can open the sunroof with a long press of one of the buttons), etc.
A very very minor contribution to my choice to buy a VW ID.4 is that a number of people reported that pulling the modem's (user-accessible) fuse is fine, and just disables remote connectivity as you'd expect.
(I haven't actually done that, but I abstractly like the option being available)
This is why I bought a fiesta. There is nearly no "smart" stuff in it. Everything is still mostly analog and very user friendly. Plus the ST is one of the most fun cars you can drive.
RIP Fiesta model. Too amazing for your own good.
Believe me that there's at least two dozen computers doing their thing in your "mostly analog" Fiesta.
Consumers tend to heavily underestimate the point in time from which cars started absolutely relying on modern electronics.
3 replies →
In my current car, if I disconnect the modem I lose the left front speaker and the microphone for the infotainment unit. Just noting for context, on this "I will just do XYZ theory."
Is it a Subaru? If so, I seem to remember a bypass harness you can buy.
You would be breaking the law in Europe.
Would you? I think that EU mandates a mobile connect for emergency services (eCall), but can you point out a legislation which forbits the owner to disable it in the vehicle they own?
5 replies →
They'll have to find you first, which (without a cell modem and GPS) would be an undertaking. The cell antenna "accidentally" falling off or the cable developing a fatigue break after the connector might be easier to explain. A Faraday bag comes to mind, as well.
Immediately the check engine light would come on and it would automatically pull over if you tried to drive it, I'd guess.
Allowing owners to choose when to install updates would address many issues. Most updates are uneventful, but I’d prefer to install them when I’m at home in my driveway rather than while road-tripping in a rural area, 90 miles from the nearest dealer, or rushing to meet a nonrefundable hotel reservation.
It's important to understand this update caused power failure and engine shutoff while driving!
Updates need to be illegal while a vehicle while in use. It should only be allowed while parked and after prompting the user to OK the update.
Right. This bricked cars in middle of deadly situations.
It used to be that when you get an update, software would get better. New functionality (remember Windows Service Packs?).
Now when there is an update they either change the UI (for certain people to remain relevant), or they add more ads.
Dumb question from someone who uses old cars without OTA, how can cars get OTA if you don't pay for any internet subscription? Can't you say I don't want to pay for any internet costs when buying the car? Also ensure you don't connect the car to wifi. Isn't that suffice?
A couple more rubber duckies on the dash should sort that right out
If vehicles always still had to go back to the dealer for any type of recall, I would say that might have maintained a higher standard of what is supposed to pass for finished goods coming out of a factory.
The safety implications in this case really drive that home.
I'd like to laugh about this because it's one of the things I love about my 2010 Camaro which wound up in a fairly sweet spot of having the basic tech I want (Bluetooth to the radio) without a lot of the nanny stuff I don't, but I once upgraded the operating system with two USB keys containing a bunch of C# from a stranger on the Internet who said he worked at GM. You had to open the driver side door between the first and second USB keys to make the process work.
My 6th gen camaro SS hasn't really given me trouble - GM didn't really force anything in any gen camaros IIRC.
Yeah, 15 years and the biggest problem I have had so far is convincing the dealership I really don’t want the recall that removes the key from the fob after the tenth time I told them no.
The forum thread is more chilling. It seems they released a fix that they pushed silently. You can't verify if you installed the silent update yourself the support rep needs to use your vin in an internal tool to check if the fix is applied. "Park your car in an area with good cell coverage. Wait 10 minutes and do a reboot." After that I can try driving my car and hope the update went through? Absolutely insane.
Never heard of this guy. Would be nice to have some reliable validation this is true...
There's this video [1] linked in the Twitter post, showing how the problem manifests itself and with other (presumably also) Jeep 4xe owners commenting that they had experienced the exact same issue.
[1] https://www.youtube.com/watch?v=neGY6JWhHiU
He's clearly a real person and reliable, because the thread is inundated with all sorts of . . . people pushing weird agendas.
I’m a huge car guy (race spec Miata, have 7 cars, etc etc).
You will never EVER catch me in a car connected to the internet (this includes all the precious new EVs). Especially a Chrysler product. Look up how they were hacked in 2015…
This bug is just an early release of a future feature.
https://youtu.be/T1Rpo8BRwYg
In Time is a 2011 American science fiction action film written, co-produced, and directed by Andrew Niccol. Justin Timberlake and Amanda Seyfried star as inhabitants of a society that uses time from one's lifespan as its primary currency, with each individual possessing a clock on their arm that counts down how long they have to live.
Disturbing — this kind of progress sucks! I want reliable things that I own that are under my own control. We should all stop immediately buying this out-of-our-own-control stuff!
We were lucky!!!! This almost killed my wife and I the jeep just shut down while driving!!!!! No power no way to move this was and is life threatening now two days without the vehicle and we see it the manufacturer that almost caused our death.. F U what are they going to do for the customers we no longer have faith in this vehicle……….
There is absolutely no way an OTA update should be able to impact anything powertrain related, it should be limited to the infotainment system and accessories. PCM updates should require a hard connection to the vehicle's OBD port at the dealership/mechanic (or a home user with the appropriate software and cable). NHTSA should investigate this.
Tesla has been doing these OTA powertrain updates for over a decade. It's totally fine when you follow best practices and do good QA. Stellantis doesn't QA.
Why would my powertrain need an update? What new laws of physics relating to torque and gear reduction have been discovered since my car was produced?
1 reply →
This reads like an OTA to the infotainment that messed up powertrain somehow. Plenty of manufacturers successfully OTA powertrain these days by using A/B flashing (the B flash programs while the car drives, next key cycle swaps to B and flashes A in background, next key cycle back to A, done).
My suspicion is that this was either a CAN saturation issue (ie - infotainment started sending a high priority message which could reach powertrain CAN) or a state management issue (ie - infotainment sent a “put modules to sleep” or “wake modules” message which was not handled correctly and caused one or more modules to transition to an invalid state for driving).
> My suspicion is that this was either a CAN saturation issue (ie - infotainment started sending a high priority message which could reach powertrain CAN) or a state management issue (ie - infotainment sent a “put modules to sleep” or “wake modules” message which was not handled correctly and caused one or more modules to transition to an invalid state for driving).
The fact that this possible proves the point: OTA updates are dangerous and should be banned.
4 replies →
This update was for the infotainment system. To your point, that system should somehow be air-gapped from affecting the engine and power. There's way too much coupling of all this software and electrical components.
Uh how would you change vehicle performance settings?
4 replies →
Why? Requiring physical updates just makes pushing fixes harder.
Obviously no vehicle should be updated while in operation and all patches should be signed.
I think that's the crux of it.
Obviously, "software update while traveling at highway speeds" is just rolling too many drama dice.
OTA is fine. Ideally parked, or minimally A/B on the firmware, new version only run on next startup.
2 replies →
Why? If the system only updates with user consent, what is the difference between ota and taking the car to a dogshit dealership?
I assume this is related to the new feature that lets you start the engine without being able to drive the car (it’s called “lock start” or something like that).
And the Wrangler is the only Stellantis brand that still has some value. Yet somehow, they’re finding a way to ruin even that.
I’m holding out with a very old petrol car which I would really like to upgrade. But this all seems like hell.
I’d love an electric car - but I want a dumb one that can’t call home and never gets updates. Just this pedal go fast. This pedal go slow.
Fiat mode enabled.
Flash It Again, Tony
Feeble Italian Attempt at Technology
What happened with Jeep is why Linus gets so upset about some submitted changes.
I know my problem is not as bad, but it lines up. I have a 2020 Rubicon, non-4xe model, and as of this weekend, Carplay will no longer work. Works just fine in my other vehicle.
As an aside to the discussions of the implications of how OTAs work / how they’re tested / etc:
I saw this post while sitting in a 2024 4xe which was not bricked, so it doesn’t appear to be all of them.
Maybe you lucked out and didn’t get the update before they killed it.
I hope they do a gradual rollout and they don’t push updates to the entire fleet at once (that would be irresponsible), but from the amount of people experiencing issues since Friday…
I’ve been thinking of buying/leasing a 4xe Wrangler since I rented one back in September for a couple of weeks and enjoyed it. However, stuff like this makes me concerned since I already know Jeep/stellantis have sub-par reliability compared to other car manufacturers.
A OTA update that makes the car undrivable is one thing. A bug that causes the power train shut off at highway speeds is unacceptable. Seems like multiple failures caused something like this to happen. Not only did they not QA an update properly, but the mere fact that a Infotainment/Telematics firmware update could kill the motor/engine while driving is crazy. In addition, the fact that they roll out an update like this on a Friday before a holiday weekend is also absurd.
There should be some sort of health check across all the car systems/ECUs before allowing the car to drive.
Stuff like this makes me more likely to look at Rivian instead (although they’ve had reliability issues too).
Modern cars "computers on wheels" are dreadful.
Is it possible to disconnect the power from the radios used for "over the air" nonsense? Then at least they would be stable.
No attack suspected here. Nonetheless, it exposes an often under appreciated attack vector. It is scary how easy it will be for a motivated actor to cause chaos by just bricking stuff en masse.
In a past life I had a Wall of Shame of headlines on firmware update fails.
The lesson was you built firmware updates upfront and right into your development process so it became a non-event. You put in lots of tests, including automatic verification and rollback recovery. You made it so everyone was 100% comfortable pushing out updates, like every hour. It wasn't this big, scary release thing.
You did binary deltas so each update was small, and trickle download during down-time. You did A/B partitions, or if you had flash space, A/B/C updates (current firmware, new update, last known good one). Bricking devices and recalls are expensive and cause reputational damage. Adding OTA requires WiFi, BLE, or cell, which increases BOM cost and backend support. Trade-off is manual updates requiring dealership visits or on-site tech support calls with USB keys. It doesn't scale well. For consumer devices, it leads to lots of unpatched, out-of-date devices, increasing support costs and legal risk. OTA also lets you push out in stages and do blue-green deployment testing.
For security, you had on-device asymmetric encryption keys and signed each update, then rolled the keys so if someone reverse-engineered the firmware, it wouldn't be a total loss. Ideally add a TPM to the BOM with multiple key slots and a HW encryption engine. Anyone thinking about shipping unencrypted firmware, or baking symmetric encryption keys into firmware should be publicly flogged.
You also needed a data migration system so user-customizations aren't wiped out. My newish car, to this day, resets most user settings when it gets an OTA. No wonder people turn off automatic updates.
The really good systems also used realistic device simulators to measure impact before even pushing things out. And you definitely tested for communication failures and interruptions. Like, yoink out a power-line mid-update and then watch what happens after power is back on. Yes, it's costly and time-consuming, but consider the alternatives.
The ones that failed the most were when they spent months or years developing the basic system, then tacked on update at the end as part of deployment. Since firmware update wasn't as sexy as developing cool new tech, this was doled out to lower-tier devs who didn't know what they were doing. Also, doing it at the end of the project meant it was often the least-tested feature.
The other sin was waiting months before rolling out updates, so there were lots of changes packed into one update, which made a small failure have a huge blast radius.
These were all technical management failures. Designing a robust update system should be right up-front in the project plan, built by your best engineers, then including it in the CI/CD pipeline.
Just for context, the worst headline I had was for update failure in a line of hospital infant incubators.
Great insights into what goes one when developing firmware and updating it! I've never worked on that side of things so I was always curious what the development and testing process looked like.
I think the biggest problem with cars these days is that the software has been written by people who have never driven a car.
what makes you make this very broad and general statement which is most likely untrue
Tried to buy from amazon.fr recently, had feeling like it is designed and developed by people never used online shopping. It's almost impossible to find products.
And if you try to set English language it simply cannot show list with products. Ridiculous for their billions.
insane take. these are the same problems that all other modern software has.
Which are because the developers themselves don't use the software.
some poor bastard owns a jeep, an amazon tv and samsung fridge and phone, and is stuck at home bieng force fed adds for jeeps on his tv fridge and phone
Im yet to comprehend why a car needs a software update.
To streamline sales and minimize production costs.
so Jeep have adopted agentic AI?
Imagine if Microsoft started making cars...
This is the enshittification of cars.
Wth
[flagged]
A quick google search gave me https://www.4xeforums.com/threads/wrangler-4xe-ota-update-10...
This should be the URL for TFA, not some random Twitter post.
yes, following the several links and reading led to confirmation by dozens of sources.
You cannot see replies to the linked tweet without an account.
The Twitter OP cannot put links into his main tweet because the algorithm will downrank him.
Isn't it just great?
What kind of proof can be shown that'll be accepted by most people as proof of a bricked car after an automated software update? No matter what's shown, I can easily think of alternative explanations.
[flagged]
Asking for proof is not complaining. Back in my day, being able to request and see verification of claims was considered a benefit of communicating via internet.
3 replies →
designers are known to gaslight the end user, so
1 reply →