Unless Toyota has been working towards a fix for years and this is also a personal priority of toyota CEO Koji Sato I don't think anything will change to help current toyota owners more than metal bracket bandaids. There are many barriers. People can't get their second key fob owed to them for their pandemic purchased toyotas. Why would toyota do anything expensive proactively for current customers they already have our money. People would have to threaten to not buy more toyotas until they fix security.
The "Calculus of Negligence", it's explained in the movie Fight Club by Tyler Durden when he talks about the "car recall formula". What's the measurable cost to toyota of a few stolen cars? Negligible. Car theft cost are borne by car owners and insurers.
Things need to get crazy to the level of Kia Hyundai car thefts with usb cables to become a factor in the car recall formula.
Security is not usually a feature a salesman can sell. Security is something too complicated to explain. First you have to convince them it's a problem, then you can sell it to them. But to convince them customers their is a security problem you have to advertise that your product is first defective.
Therefore security issues aren't something talked about in consumer products.
When it comes time for the Toyota boss to tell his engineers to do something will the boss direct resources to fix security or build new features? The sales guy can sell more cars if he has a new feature like adaptive cruse control, bigger cup holders, more horsepower, etc., so the boss always makes engineers make new blinky light features.
CAN-BUS firewalls sold by third parties are actually a barrier to fix because they are encumbered by patents and patent trolls. These third party canbus firewalls are also bandaids adding another layer of cruft on top of the existing crap without fixing the underlying problem.
CAN-BUS mostly lacks security so anything that physically connects to so long as it knows what signals to send can say stuff like I'm a hello I'm a headlight or hello I'm a gas pedal or im a bluetooth speaker. Theres no source of security to authenticate that you are who you say you are. Also there's no authorization that restricts any module attached to the can bus to send commands like key is detected, or start engine, press gas pedal and accelerate. That's how the "jbl emergency start" hack tool exploits the canbus to unlocks those cars.
Lots of inexpensive tools for the DIY enthusiast to hack the canbus if you don't want to spend thousands of dollars for the pre-made tool.
CAN stands for Controller Area Network.This article will cover all about CAN BUS from Introduction to CAN BUS, and why do we use CAN BUS protocol and CAN BUS vs OBD2.
www.seeedstudio.com
Even if toyota had designs adding secured devices and a new new secure car network protocol that replaces the unsecured CAN-BUS, it's a break the supply chain world change logistically with the old and newer cars not being compatible causing burdens for toyota and its suppliers.
Maybe lobby your government to pass yet another nanny law to force auto Toyota to do something about security. The government passed seat belt laws nobody wanted and emissions requirements nobody wanted for sale of new vehicles, so the government could requiring security that toyota doesn't want
