Toyota’s Code Didn’t Meet Standards and Might Have Led To Death

We were initially skeptical of this article by [Aleksey Statsenko] as it read a bit conspiratorially. However, he proved the rule by citing his sources and we could easily check for ourselves and reach our own conclusions. There were fatal crashes in Toyota cars due to a sudden unexpected acceleration. The court thought that the code might be to blame, two engineers spent a long time looking at the code, and it did not meet common industry standards. Past that there’s not a definite public conclusion.

[Aleksey] has a tendency to imply that normal legal proceedings and recalls for design defects are a sign of a sinister and collaborative darker undercurrent in the world. However, this article does shine a light on an actual dark undercurrent. More and more things rely on software than ever before. Now, especially for safety critical code, there are some standards. NASA has one and in the pertinent case of cars, there is the Motor Industry Software Reliability Association C Standard (MISRA C). Are these standards any good? Are they realistic? If they are, can they even be met?

When two engineers sat down, rather dramatically in a secret hotel room, they looked through Toyota’s code and found that it didn’t even come close to meeting these standards. Toyota insisted that it met their internal standards, and further that the incidents were to be blamed on user error, not the car.

So the questions remain. If they didn’t meet the standard why didn’t Toyota get VW’d out of the market? Adherence to the MIRSA C standard entirely voluntary, but should common rules to ensure code quality be made mandatory? Is it a sign that people still don’t take software seriously? What does the future look like? Either way, browsing through [Aleksey]’s article and sources puts a fresh and very real perspective on the problem. When it’s NASA’s bajillion dollar firework exploding a satellite it’s one thing, when it’s a car any of us can own it becomes very real.

Parking violation leads to malware download

parking

It seems some enterprising individual in Grand Forks, North Dakota has been placing fake parking violations on cars. If the recipient visited the URL on the flyer, they would be told to install a toolbar to view pictures of their vehicle. That piece of malicious software would then attempt to install several more. The actual vehicle pictures were from Grand Forks, but we wouldn’t be surprised to see a similar attack happen in a much larger city.

GPL vs. Skype back in court


UPDATE: Skype has withdrawn their appeal and accepted the original judgment.

Tomorrow the High District Court of Munich will hear Skype argue against the validity of the GPL. Last June, the court issued an injunction against Skype for selling the SMC WSKP 100, a Linux-based WiFi VoIP phone. After the initial GPL violation, a flier with the URL for the source was added to the package. The GPL wasn’t provided and the court found this insufficient for fulfilling the requirements of the GPL. Skype is appealing and claims that the GPL as a whole violates anti-trust regulation. The case against Skype was brought by OpenMoko‘s original system architect, Harald Welte, as part of his work for gpl-violations.org.