Rivian Forum – Rivian R1T & R1S News, Pricing & Order... banner
1 - 17 of 17 Posts

·
Registered
Joined
·
6 Posts
Discussion Starter · #1 ·
I read that R1S and R1T will NOT have Apple Carplay or equivalent Android system which I find quite disappointing. Seems they are using their own system including their own proprietary map software which is supposedly inferior to Google maps. As a group we should push them to include both Apple and Android as options.
 

·
Registered
Joined
·
498 Posts
Did you see this thread:
 

·
Registered
Joined
·
27 Posts
I’m already concerned about giving physical control over to a 7000 pound vehicle to a batch of hackable software. I would prefer that Apple write a portion of it rather than Amazon -given Amazons habit of exposing consumer information to anyone they sell services to or buy things from (what else are they slacking off on security wise?). Deal breaker? Maybe
 

·
Registered
Joined
·
229 Posts
I’m already concerned about giving physical control over to a 7000 pound vehicle to a batch of hackable software.
Have you considered looking for an EV that you're less "concerned" about? If I felt that way I personally would not have submitted a pre-order.

I would prefer that Apple write a portion of it rather than Amazon
Unless I missed a (leaked?) announcement, which is certainly possible, why do you think Amazon would write the software vs. Rivian or Apple? It's my understanding the only Amazon written software for the R1 would be the subset of the Alexia code base (and possibly any API code) that will be local to the R1 so Alexia commands can be executed without requiring any internet connectivity.
 

·
Registered
Joined
·
27 Posts
I am concerned with any software that is capable of affecting physical operation of a vehicle I own. Rivian is the first realistic option for a low emission truck (I say low because production of the vehicle and the electricity to charge it will create environmental impacts). I have been waiting for years to replace my Tundra with an electric or hybrid. I would prefer a Toyota product but they are probably a few more years out than the projected delivery date of my Rivian. Software which communicates with the internet is subject to hacking. The design of any software could include code allowing it to affect other parts of the software package in the vehicle. Amazon is a major client of Rivian and so may force them to incorporate some software into the Rivian OS. I distrust Amazon for a variety of reasons some of which are related to their sloppy security practices with customer information even as their top executives testified to the excellence of said security in front of congress.
 

·
Registered
Joined
·
498 Posts
Generally the Infotainment and vehicle control softwares are firewalled in modern vehicles. The thought of infected AA or CP somehow migrating through the firewall and wrestling control of the vehicle from the driver is pretty absurd. There are literally millions of vehicles on the road around the world with AA and CP installed and never even one incident of vehicle takeover reported.
 

·
Registered
Joined
·
1,251 Posts
Generally the Infotainment and vehicle control softwares are firewalled in modern vehicles. The thought of infected AA or CP somehow migrating through the firewall and wrestling control of the vehicle from the driver is pretty absurd. There are literally millions of vehicles on the road around the world with AA and CP installed and never even one incident of vehicle takeover reported.
“Firewall“ isn’t even the issue. CarPlay is just a “zoom call” to put it in more layman terms. Literally the phone broadcasts a video feed and the car just displays it — like watching YouTube or Netflix. Then there’s some apis so the car can tell the phone when/where someone touches the screen. It’s not like the phone could access anything else on the vehicle, anyway. thats just not how it works.
 

·
Registered
Joined
·
27 Posts

Oh and by the way there is someone at your back door -don’t get up- they have a key…
 

·
Registered
Joined
·
34 Posts
“Firewall“ isn’t even the issue. CarPlay is just a “zoom call” to put it in more layman terms. Literally the phone broadcasts a video feed and the car just displays it — like watching YouTube or Netflix. Then there’s some apis so the car can tell the phone when/where someone touches the screen. It’s not like the phone could access anything else on the vehicle, anyway. thats just not how it works.
Any kind of connectivity has a potential to be exploited. You could say that TPMS is just a system that reports pressure back to the car, A one-way communication, no big deal. But TPMS has been hacked to crash an ECU. If you can crash an ECU with a buffer overflow, you could also potentially run arbitrary code too.

CarPlay and Android Auto are a USB/Bluetooth connection to the Infotainment computer (which, in most EVs, are very closely married to the ECU of the vehicle, if not acting as the ECU itself). Those vectors can absolutely be probed for exploits just as any other kind of communication channel with the vehicle. Just because it was designed to be dumb, doesn’t mean someone can’t figure out a way to bypass the original intent and do bad things.

Of course, I’ve already given away the punchline in this case: The cars are ALREADY vulnerable to remote exploitation thanks to their LTE, WiFi, Bluetooth, and RF functionality. There’s a fairly large surface area to attack and see what happens. Adding CarPlay or Android Auto to the mix doesn’t really add risk to the situation.
 

·
Registered
Joined
·
1,251 Posts
Any kind of connectivity has a potential to be exploited. You could say that TPMS is just a system that reports pressure back to the car, A one-way communication, no big deal. But TPMS has been hacked to crash an ECU. If you can crash an ECU with a buffer overflow, you could also potentially run arbitrary code too.

CarPlay and Android Auto are a USB/Bluetooth connection to the Infotainment computer (which, in most EVs, are very closely married to the ECU of the vehicle, if not acting as the ECU itself). Those vectors can absolutely be probed for exploits just as any other kind of communication channel with the vehicle. Just because it was designed to be dumb, doesn’t mean someone can’t figure out a way to bypass the original intent and do bad things.

Of course, I’ve already given away the punchline in this case: The cars are ALREADY vulnerable to remote exploitation thanks to their LTE, WiFi, Bluetooth, and RF functionality. There’s a fairly large surface area to attack and see what happens. Adding CarPlay or Android Auto to the mix doesn’t really add risk to the situation.
Blind fearmongering.
 

·
Registered
Joined
·
34 Posts
Blind fearmongering.
No, just a very long career in cyber security and tech.

This isn’t something one should spend their time worrying about (unless you’re paid to, like me), but dismissing a two-way data connection as essentially a “Zoom call” between your phone and your car not only infantilizes the complexities of what’s happening in the car, but also infantilizes the complexities of what happens in a zoom call.

I’ll refer again to the last paragraph of my earlier post. This is much ado about nothing. Cars are already at risk due to their myriad communications protocols already present on the car itself, and that has nothing to do with CarPlay or Android Auto.
 

·
Registered
Joined
·
1,251 Posts
No, just a very long career in cyber security and tech.

This isn’t something one should spend their time worrying about (unless you’re paid to, like me), but dismissing a two-way data connection as essentially a “Zoom call” between your phone and your car not only infantilizes the complexities of what’s happening in the car, but also infantilizes the complexities of what happens in a zoom call.

I’ll refer again to the last paragraph of my earlier post. This is much ado about nothing. Cars are already at risk due to their myriad communications protocols already present on the car itself, and that has nothing to do with CarPlay or Android Auto.
more fearmongering.

the “zoom call“ analogy is appropriate. That is basically all CarPlay is.

i don’t know if you know anything, and therefore are intentionally shining people on, or if you‘re misinformed and doing it unintentionally…. But either way the end result is the same. It’s fear mongering and all I can do is roll my eyes.

bravo on the three contradictions in your own post, btw.
  1. Saying CarPlay isn’t similar to a zoom call (completely ignoring or not understanding how CarPlay works)
  2. zoom calls are “dangerous” (but you claim they aren’t similar??)
  3. admitting it‘s fear mongering (much ado about nothing)
 

·
Registered
Joined
·
9 Posts
Did you see this thread:
The absence of Carplay was disappointing, but not a deal breaker. Navigation is my principal use of Carplay and as I understand it the factory navigation includes plotting charging stations. That's the trade off, I guess.
 
1 - 17 of 17 Posts
Top