Comment by franga2000

Ok so what do you propose? Split the CAN bus into multiple, put security-critical parts on its own isolated network that you can't write to... Well now you've made the situation even worse for the owner than it currently is. Almost anything interesting on the bus can be considered security critical, so the owners would get access to nothing but boring telemetry....exactly what they get through the read-only gateway.

Proper security requires authentication and freedom-preserving authentication has to have owner-controlled credentials. That's the only way forward. Who cares where they run which bus. Encrypt/authenticate everything and give the owner a way to set their own key. Now we just need to figure out a way to make this a law...