Where does Enterprise put the onus for not controlling a rental car you've returned?
On the customer.
Where does Ford put the onus for not controlling a rental car you've returned?
On the customer.
Seems like this is one burner phone, an airport Enterprise and one case of loose morals away from being expensive.
If you want to steal a ford rental car (... or most police cars) you can buy a copy of the fleet key cheap. Tracking it is a new security issue, and if the engine can be turned off by the app while it's being driven that's bad independently of whether you should have access to the app, but Ford making it easy to steal fleet cars isn't new.
Related note: I ran a VIN on Carfax about a year and a half ago. Carfax wanted to charge me money if it was someone else's car, but it was free if I said it was mine. Ever since I've gotten notifications whenever it gets its tires rotated or its oil changed. Just now, Carfax let me know that its registration is due. Never once did I have to provide proof of ownership.
You'd think some verification would just be automatic. At least for email addresses. I receive emails from an Australian bank. I used to get emails meant for a very active church member in Alabama (Marcia's recovered now you'll be glad to hear.) Also email alerts (raised by a car's management system sensors) about a Jeep someone in Texas bought a couple of years ago. Whoever it is constantly runs their left tyres underinflated but o far it hasn't reported anything in the serious category.
I'm at a loss as to why Ford doesn't simply go into the code and embargo all VINs sold to fleets. You wouldn't even need to patch the app; it's clearly communicating with the vehicle over middleware that is mediated by Ford. And sure - that's a bummer for when Enterprise refreshes their fleet. But attach a $20 processing fee a bill of sale and a title and you'd think Ford would be willing to update the VIN.
As someone who chats in the halls with people working on some data sharing stuff with Ford right now, I can guarantee that Ford has nothing to do with this: it's a service provided by a third party. And that service is probably a patch-together of three other services, that the service provider has little understanding of, and has not vetted. And all of the systems are about to fall over in a tech heap on the floor of some AWS data center somewhere. Nobody in vehicle manufacturing does the thing they claim to do: They have cobbled together three services from somewhere else, added a premium, and sold it on to the OEM. It's a very tall house of cards. The good news, is that consolidation is happening. The layers are being acquired by bigger players, and integrated together. My company is a big part of this with a bunch of the OEMs now, who want NOTHING to do with data sharing, the cloud, or vehicle tracking, and just want to hand that whole stack over to one provider.... and we are in a good place to become The One.
I know what you're trying to say? And I appreciate it from the standpoint of an interested party providing context on a catastrophe that may not be fully understood by observers? But it still fucking pisses me off, and it pisses me off for reasons we've been over before. FORD SELLS CARS. They are the ultimate authority and ultimate responsibility over everything that goes into those cars. It's like Mary Barra and Delphi arguing over which one of them killed 124 people with faulty ignition switches. None of those people bought shit from Delphi. Or the argument that Sony wasn't fully responsible for putting rootkits on people's computers because Sony is in the music business not the data security business. If you got a product out there, where your distributor chain is the ultimate marketer and supporter of that product, every subassembly that goes into that product is your responsibility. Yeah - Mary Barra can pick a fight with Delphi as to whether or not they met spec but at the end of the day, the switch is in a GM vehicle, not a Delphi vehicle. For sure - the software making this possible is three or four pieces of maladapted garbage smooshed together on AWS somewhere by a handful of Slovenian coders working for $6 an hour. But the app says "Ford" on it. And for too long, the tech industry has been quick to dismiss concerns of data security and safety by pointing at subcontractors early and often. It's like Amazon and their murderfleets. under-specify the contract and its misinterpretations are obviously not Amazon's fault, right? And really? My main beef is that the tech industry never says stop destroying lives with your shitty software. The tech industry always says the good news is we can provide better solutions at a reasonable price that will make the world better for everyone if only you pretty please hire us, Ford, sincerely and with many smooches, The Tech Industry. The people best positioned to call bullshit on the shoddiness never do because they want to be in the good graces of the perpetrator when it comes time to rebid the contract. If me, a cranky sonofabitch with no connections to IoT or logistics, can point to a solution without cracking open a google then nobody can make excuses for the software to launch like this.As someone who chats in the halls with people working on some data sharing stuff with Ford right now, I can guarantee that Ford has nothing to do with this: it's a service provided by a third party.
We are very much on the same page. There is literally nothing my company does that cannot be done better with $50 of hardware from Amazon, and four AWS devs working reasonable hours for 6 months, couldn't do. And for some reason, huge OEMs value our product and 'expertise' at hundreds of millions of dollars. The entire corporate tech house of cards is ridiculous.