Electric buses from the Chinese company Yutong could be remotely disabled via remote control capabilities found in the bus software, diagnostics module, and battery and power control systems.
Similar backdoor control capabilities, usually at least officially frowned upon in Western tech companies, weren’t found in buses bought from Dutch company VDL.
There’s a difference between consensual OTA updates (meaning the bus company would manually need to confirm the update) and non-consensual OTA updates (meaning it is done regardless of the bus company’s wishes).
The Chinese buses are capable of the latter which is a gigantic security vulnerability. You do not want any operating system anywhere to update itself without consent.
Looks like that was discussed in the article.
No I think floofloof meant that the article doesn’t point out that Tesla and John Deere products have that same feature.
Common John Deere L
I looked up the top 5 bus manufacturers in Europe, accounting for a combined 80-90% of new buses.
All of them use OTA updates.
The author picks a very unusual bus without telling the reader to make the reader believe this is a chinese problem and not standard practice in 2025.
There’s a difference between consensual OTA updates (meaning the bus company would manually need to confirm the update) and non-consensual OTA updates (meaning it is done regardless of the bus company’s wishes).
The Chinese buses are capable of the latter which is a gigantic security vulnerability. You do not want any operating system anywhere to update itself without consent.
Does Iveco(41%) or any other manufacturer with a meaningful market share do that?