That's a good point. But, I see no practical way to enforce that the source code that has been published is actually the same as that running on the car. Not without prohibitively slowing the pace of development.

> the investigators could have quickly gone from "this looks wrong" to "hey, check out this really sketchy source code!"

I really don't think this is true. Not quickly. The investigators would have be a big team of expensive code audit experts to achieve this. And, even then, if the authors wanted to, they could easily obfuscate the code to the point of making it effectively unfindable.

Apple can't even guarantee that the apps it's auditing for inclusion on the app store are malware free. And that's Apple. And apps are relatively simple compared with the codebase for a modern automobile.

The real way to fix this is just to have better and harder-to-defeat testing procedures.

I was going to say that you could dump the code from a random vehicle and compare the hashes. But I suppose that would require having the entire toolchain to go from source to shipped code.

>>Not quickly.

Perhaps I should've said "more quickly." You've got a point that it's difficult to verify that code doesn't do anything bad. However, it's relatively easy to start from the notion that it's doing one particular bad thing and then find the code that does it, which would've been the case here.