People have been repairing their own cars for a century, and the world functioned just fine with it. This locking down is a recent phenomenon. Your car is not going to mow down people just because someone other than the dealer serviced it.
Sorry but still doesn't hold water. A user accepts risk modifying their vehicle. However, The burden of proof would be on the manufacturer to show that they modified something that had an impact on the automated systems. To my knowledge there's not a single case of an automated tractor or car due to end user modification related to the automated systems that's caused injury. So right now your argument is by and large hypothetical. John Deere and the right to repair will be the proving ground for a end user modifications of personal vehicles.
Which is another reason right to repair is so important, because carmakers can go out of business without all their cars ceasing to to exist. Someone finds an exploitable bug in a million cars after the only systems with the documentation and signing keys have been wiped and sold at auction, and what then?
It calls for the ability of the general public to be able to repair their vehicles, so that anyone with such a vehicle can fix such problems.
What alternative would you even propose? The only entity with the ability to feasibly fix the bug is defunct and bankrupt, leaving them both judgment proof and with no resources to develop a patch. The only people with the incentive to spend resources fixing it are the people who own the vehicles. So the owners need the ability to repair their vehicles.
Which you can solve by just doing that to begin with, requiring no separate legislation.
I’d propose something like the FDIC. Every car sold pays into an insurance fund that, if a company collapses, takes over to maintain access to software updates for the reasonable lifespan of the vehicles.
I don’t think people should be forced to self-manage software updates on multi-ton machinery.
> Every car sold pays into an insurance fund that, if a company collapses, takes over to maintain access to software updates for the reasonable lifespan of the vehicles.
That's still a third party. Where are they supposed to get parts or source code after the company fails? It could be a car company in Asia with no engineering team in your country. The reason they failed could be a natural disaster that wiped out their facility.
The ability to make repairs has to be in the hands of the public before something happens to them. And it has to be the public and not some government filing cabinet to demonstrate that whatever they provide actually allows it to be done.
A clear example would be that they rotate the signing keys without providing the new ones to anyone else. Third party mechanics would notice this immediately; government bureaucrats may not.
> I don’t think people should be forced to self-manage software updates on multi-ton machinery.
They're not forced to do it any more than they are now. They can have someone else do it for them -- anyone else, in fact.
The problem right now is that the one someone else is trying to keep a monopoly on being able to do it, which creates a single point of failure in the event that anything happens to them.
You could perform phone phreaking in the 1960s, but a million phones in a botnet provides different challenges even if both are technically just a compromised phone.
