What Apple can teach us about automotive software security


If you spend any amount of time talking to a user of a Mac, they’ll surely brag about how their computers don’t get viruses. While that’s not true, the Mac has fewer virus exploits than Windows.

Can that lack of apparent vulnerability teach us anything about car security, including autonomous driving software? Yes, it sure can.

Why is the Mac so much more secure? Technically, it’s not. It’s security through obscurity. While it might seem like a ton of people own Macs, worldwide the user share was just 6.1% in the last month of last year. The Mac operating system does run on a Unix-based system, which has some interesting approaches to security, the market share is the real reason for the security.

There’s just no financial motivation to write a virus or hack a system that isn’t used by a lot of people. Hacking Windows, which has many more users, is more lucrative. Many exploits require the user of the computer to do something to let the virus in, and it’s simply a matter of numbers on Windows. The money is there.

Now is there money in hacking the Mac? Sure. But until the Windows money runs out, don’t expect to see any big exploits.

Now how does this pertain to automotive?

It would make sense for the automakers to develop one standard for control software. I’m not talking about Android Auto or Apple Car Play, which don’t directly interface with the vehicle. I’m talking about efforts to bring a uniform platform, like Android, to the entire vehicle.

With each OEM currently developing their own software, there is some security through obscurity. The largest OEMs globally, like Nissan or Volkswagen, might fall victim to the most exploits, but nobody is going to try to hack Volvo’s self-driving software. It just wouldn’t make sense when there are bigger fish to fry.

When it comes to actual security, Windows is safer. It’s attacked every single day, and Microsoft is forced to respond. But because it’s hacked every single day, it’s also vulnerable to the latest breach.

When it comes to the automotive space, unless the company can keep up with the hacks daily, like Microsoft does with computers, they’re better off following the security through obscurity approach. Because being the most popular software and not responding to threats is a good way to go out of business.

Chad Kirchner
the authorChad Kirchner
In addition to Chad Kirchner's work here, he's a freelance automotive journalist for outlets around the world.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.