Also isn’t it Mazda’s fault for creating an API that anyone can access and get information from? Someone in Mazda IT is probably frantically looking for the email chain where he was told to “just make it public” so our outside analysts can use it.
Content providers already block access to content based on locale. It won’t be hard to have a flag in the API that turns off functionality based on the callers location.
And then they’ll get sued, when that leads to cars getting hacked. I don’t know if that’s gonna work out in the long run. Car companies are likely to band together to prevent this or make lawful exceptions for themselves in the space.
This will be over soon. When the EU’s Data Act comes into force, car manufacturers will be obliged to allow access to vehicle data.
Also isn’t it Mazda’s fault for creating an API that anyone can access and get information from? Someone in Mazda IT is probably frantically looking for the email chain where he was told to “just make it public” so our outside analysts can use it.
I think yes, assuming nobody grabbed an API key out of the Mazda app or something.
Quite often these integrations just take the authentication token or cookie during OAuth or the normal login process.
Actions like that would be impossible with WEI.
A huge project at my work got pushed back because a company we are working with decided to make the API public…
In Europe.
And if available in Europe, do you think that information will not appear elsewhere? Mazda is not going to create a separate API for them alone.
Content providers already block access to content based on locale. It won’t be hard to have a flag in the API that turns off functionality based on the callers location.
And then they’ll get sued, when that leads to cars getting hacked. I don’t know if that’s gonna work out in the long run. Car companies are likely to band together to prevent this or make lawful exceptions for themselves in the space.