Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Ford Test Drives New Consumer Firmware Updates

Ford Testing Firmware Update Program, Encourages Customers to Have a Unique USB for Each Ford They Own

This month, Ford is borrowing something from the software industry: updates. With a fleet of new cars using the sophisticated infotainment system they developed with Microsoft called SYNC, Ford has the need to update those vehicles—for both features and security reasons. But how do you update the software in thousands of cars?

Ford Testing Firmware Update Program, Encourages Customers to Have a Unique USB for Each Ford They Own

This month, Ford is borrowing something from the software industry: updates. With a fleet of new cars using the sophisticated infotainment system they developed with Microsoft called SYNC, Ford has the need to update those vehicles—for both features and security reasons. But how do you update the software in thousands of cars?

Updating Automotive FirmwareTraditionally, the automotive industry has resorted to automotive recalls. These are expensive, and a pain for the consumer. Scheduling an hour or so to go to the shop for what might only be a ten-minute update is not going to leave a good experience in the minds of consumers, especially if it becomes a quarterly or monthly event. So Ford is experimenting with having the consumer do it themselves through downloads.

According to a tweet from Chris Murphy of InformationWeek, Ford will be releasing thirty thousand USB sticks to Ford owners with the new SYNC infotainment system, although the update will also be available for online download. In addition to fixing a few bugs, the company is including a few new features in an effort to get consumers to adopt the update.

To get users used to the idea, Ford has a YouTube video extolling the efforts of its “technologists.” And that’s a good thing. As the video explains, the update requires a series of steps and will require about 30 minutes to install. InformationWeek has an analysis of the new features from last November. The video also reminds customers to keep their phone software updated as well.

Consumer Updates Ford SYNC in the Ford EdgeIn preparing to update your car, Ford encourages users to have a unique USB for each Ford they own, and to have the USB drive empty and not password protected. Once the drive is ready, you are advised to bring printed instructions out to the car. You will also need to have a full tank of gas, as you’ll need to keep the car and radio turned on throughout the update process. However, don’t plan on listening to your mobile phone or media device while you wait–SYNC will disconnect from these devices during the update.

What’s confusing (and Ford says as much) is that there’s a first “Installation Complete” message after about a minute–but, wait, there’s more. Leave the USB drive in and keep the car turned on as a second installation then begins and will last much longer. After about five to ten minutes, the update is finally complete. You’ll then need to pair your mobile device again, but the contact information and your files should still be in the SYNC system.

You will then need to take the USB drive back to your laptop or home computer to report that the update was successful so that Ford can advance you to the next update, should one become available. This last step might not be completed by most consumers who will move on to other things. It’ll be interesting to see how many downloads correspond to successful installations of the update.

As we move into the Internet of Things, updating our gadgets, large and small, will become routine. But for now, it’s going to be really cumbersome and a little weird. “Honey, I’m updating the car’s firmware now.” “Okay.” Also, imagine explaining the steps above to your elderly neighbor.

Play this forward a bit. Image taking Patch Tuesday to a logical extreme, where you walk around your house or office apply all the patches to all the gadgets you own.

Advertisement. Scroll to continue reading.

It’s hard not to criticize Ford a little bit. The process still has too many steps, including the follow up phase. But this does, however, beat the alternative: taking your car into the shop.

Related Content: Car Hacking – Researchers Highlight Emerging Security Risks in Automobiles

Related Content: Forget Carjacking, What about Carhacking?

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.