Comment by leonidasrup
2 hours ago
It looks like the software development at Volkswagen is done by mixed bag of different deparments with different quality.
On one hand you have: Linux at Volkswagen
"Software development without Linux is no longer possible within automotive environment. Therefore Volkswagen Group IT created and maintains a Linux distribution for our developers. This short talk will highlight our starting goal to integrate into the existing environment, highlight our integration problems and solutions with contributing to upstream. Furthermore we will show where Linux desktop need to improve in future iteration to be a good fitting replacement for other systems."
https://media.ccc.de/v/4486-linux-at-volkswagen
On the other hand you have insecure implementation of telemetry: Wir wissen wo dein Auto steht
"Bewegungsdaten von 800.000 E-Autos sowie Kontaktinformationen zu den Besitzern standen ungeschützt im Netz. Sichtbar war, wer wann zu Hause parkt, beim BND oder vor dem Bordell.
Welche Folgen hat es, wenn VW massenhaft Fahrzeug-, Bewegungs- und Diagnosedaten sammelt und den Schlüssel unter die Fußmatte legt?"
https://media.ccc.de/v/38c3-wir-wissen-wo-dein-auto-steht-vo...
I’ve spent time doing software at VW and a few of its subsidiaries, and this matches my experience.
Compliance is everything, and SAFe (Scaled Agile) is deployed as a blunt instrument.
Management treats software exactly like hardware production lines—everything is just an "engineering process" that can be optimized on a spreadsheet.
The underlying assumption is that individual engineering talent is just an interchangeable commodity. Once you view developers as replaceable cogs, outsourcing the entire infrastructure to the lowest bidder in India becomes the logical conclusion.
It’s a textbook case of process-over-people driving institutional tech debt.