The only problem with that is if there’s a virus that virus software can’t detect/remove yet. May have to wait for an update from anti-virus software company.
Cookies are not the only way. Device fingerprinting uses various metadata to do the same thing, though without the perfection of cookies. It is good enough. Read about how this works here. device fingerprinting - Google Search
Also, I have seen remote access software used by cybercriminals loaded into the UEFI BIOS of more modern computers. This is something that used to be done by a nation-state attacker but now there are ready to go toolkits for sale on the dark web to make this much easier and they tend to focus on commonly used systems. I haven’t seen this but twice but it is scary stuff. You can completely replace the hard drive or SSD, reload the OS, and the bad guys can still gain remote access. I told the customers it might be possible to crash the BIOS and recover it, wiping it clean. I told them it might render the computer unusable and they just wanted to replace the entire thing, being concerned about the risk of something remaining that we cannot see.
I certainly hope these new technologically advanced cars have means of preventing such hack or recovering from such hacks without too much trouble or danger. Perhaps the systems need to be separated in some way or another. Here is just one example of what can happen. Police: Thieves use computers to start, steal Jeeps
it’s been about 15 posts since we last touched on cars. any way to get back on topic? thanks.
Never said it was. I was just commenting on your understanding of cookies. But you were talking about advertising. Device fingerprinting is much more invasive than sending you targeted ads. A lot more complicated too. Cookies are by far the easiest way to do targeted ads.
Again - that’s a completely different subject. If you want to get into a discussion on System security - I’ll be happy to accommodate. This software manager and architect in the telecom industry I’m very aware of system security. I’ve been designing and coding secure applications for decades.
They can if they want to. But they need to spend the time and money in the upfront design. You MUST design this from the start. Retrofitting security into an existing system is far more difficult. They don’t need general access like your or mine home system does. These are dedicated systems for dedicated tasks. This makes if far easier to secure. I’ve designed and built extremely secure systems that have been up and running for years and have NEVER been breached. We have one system up in running in the Middle East that easily gets attacked 1 million times a month and it’s never been breached.
I agree that retrofits after the fact are less ideal than when compared to something designed properly from the start. Often the “fixes” only mitigate the problem a bit or introduce other issues. We saw this with firmware and software patches for Intel and AMD CPUs to mitigate the meltdown/spectre type exploits.
The biggest issues I see are social engineering/phishing where people get tricked into giving the bad guys information or just open the door and let them right in. It would be like leaving a sign on your car door stating that that the door was unlocked and that there is a brand new Apple computer and designer handbag sitting there. People just make it so easy for the bad guys 90% or more of the time.
The device fingerprinting is one thing the browser I use obscures. There is no easy way to ID my browsing sessions when compared to using a browser like Chrome which is all about selling ads.
I really think the engine management systems and such should not be connected at all times. Maybe have a service connection that requires an appointment onsite to be flashed but not something connected to the internet via cellular. No, it wouldn’t be as convenient but would be more secure.
Then non-critical stuff like the navigation system can be flashed or updated over the air when new roads are added to maps, etc. Systems controlling throttle, steering, braking, etc. are all sealed/firewalled and only accessible via a service port at the dealer.