Friday, October 1, 2021

Method to Bypass MFA

We all get those phishing emails trying to trick us into going to a website with a login that looks legitimate. Such as a Microsoft 365 authentication page with a URL that looks close enough to be right and a very convincing web page. If you have MFA (Multi-Factor Authentication) then no problem! If you do manage to put in your email/username and password, because if a thief gets that information they still need to get the code from your phone.

So what if I was to just setup a proxy site that tricks you into inputting that information. What I mean is to trick you into inputting data into a form that passes that to a remote computer in real-time and then you get the code and put that in as well. Now I have access to your account and can change your password and even lock you out by changing the MFA method. Here are the steps. Note I have not attempted this proof of concept, this is theoretical but needs to be addressed as a possible way to bypass what we believe to be a very secure methodology.

Step 1: Create a fake login site, this is done all the time and instead of recording the username/email  address and password that gets passed back to another computer in real-time.

Step 2: If the account does not have MFA then no problem, your in. The attacker sets up MFA on your account and changes the password. Or they do what they do most of the time and just send out junk emails or steal data. BUT if you do have MFA then another screen pops up asking you to put in the authentication code you received to your cell phone or the time of use code from your authenticator app. You type that in and it gets sent immediately to the perpetrators computer where the authentication process is successful and they now have access to your account.

Step 3: You are provided an error page of some sort that there is an issue and you are none the wiser that you just gave someone else in the world access to your account. This can even redirect to an official Microsoft error page so that the URL is legit.

In addition a VPN proxy can be setup so that the perpetrators computer looks to be in the same area you are really located. Using geo-location based on your IP and then fake their IP to be in a similar area. So the log files will show that the authentication came from where you are or at least close. Thus causing an even bigger issue with tracking down what happened. How frustrating when your admin says it came from your location!


If you use an authenticator app that does not use a code but rather ask you to approve the login but you are asked for a code, that should be a tip off that there is something wrong.

Ultimately the better fix would be to start the authentication process from a known secure deceive such as your phone. The authenticator app could log you in on a computer by having you go to the Microsoft site and then scanning a QR code. That code then interacts with the authenticator app and authenticates you securely. This would not be able to pass through a proxy as the authentication is not actually taking place on your computer. If the QR code was on a illegitimate site it fail to work with the authenticator app itself.

Saturday, August 11, 2018

Capped Spend Reverse Discount

Just finished watching Ready Player One last night, it was a great movie and I very much enjoyed it. One of the primary premises of the story line is having to do with money; and in the virtual OASIS if you die and lose your "shit", in real life you actually can lose your "shit" and so many do.

In real life this problem already exist where the game is "free" but if you want to get very far you need to spend real money on coins and upgrades. Problem is a lot of the players already have an addictive personality and have trouble controlling their spending. That's where I started thinking about setting up a system that encourages spending still but at the same time encourages responsible spending.

Read though this whole idea first before you say to yourself or outloud how stupid it sounds.

The numbers in my examples are all arbitrary and are not based off of any real-world statistics, for this to be the most profitable the thresholds would have to be moved around. I am going to make up a fictitious game called "Mo Money" (nothing to do with Notorious B.I.G.) but you can imagine that if you wish.

Mo Money is a free download on the app store and lets you run around a city as a real estate investor and making your millions. You can also do in app purchases and get things going faster to buy coins so you can buy that virtual apartment building and start charging rent. You can play the game without spending any money but it takes a lot longer.

Now the company looks at the real-world money being spent and the average is $64 a month per player and the median is $31 a month per player. BUT there are a lot of players that spend nothing or less that a few dollars here and there. This might make up almost half the players. So how do you get those players to spend more money in Mo Money???

This is where the concept of a Capped Spend Reverse Discount (just made this up, might not be the best name) comes in.

  • A player selects a tier where they cannot spend more than a limit of money set in that tier.
  • A player can only move up tiers but not back down except once a year.
  • They must provide a form of payment that can auto-recharge like a credit card.
  • The account is fully funded up to the max at the beginning of each month.
  • There is a discount applied to each tier but the discount is greater for a lesser maximum balance.
Now this may not sound like the best way for a business model to make money. But remember you are trying to get players that don't spend money to spend some money and it all adds up really quickly.

Here are some sample tiers to give you a better idea.

Tier 1
$20 per month MAX
30% discount on all purchases

Tier 2
$40 per month MAX
20% discount on all purchases

Tier 3
$80 per month MAX
10% discount on all purchases

Tier 4
No MAX and no discounts but can purchase some items that discounted tiers cannot.

So the casual gamers are mostly going to pick the Tier 1. Then if they find that $20 a month just is not enough to satisfy their thirst for renting out scummy apartments, they can move up to Tier 2. And so on until they are so addicted they just spend spend spend with no regard for discounts or limits BWAAAHAHAHAHHAA. When moving up a tier you must read and agree to terms and every once in a while the game will remind you that you should play responsibly.

Pros to the consumer:
  • Controlled spending, if you don't spend anything then you just have the $20 sitting in your account forever and if you ever stop playing you can close your account and get a full refund.
  • Discounts for beginners, so you can get playing faster without such a commitment up front. Also an advantage to catching up to those that have been playing longer.
  • By being "locked" to a tier except to move up it encourages your to think about how much money you are spending.
Pros to the game maker:
  • More monthly revenue all around.
  • Can advertise that you care about responsible playing and want to make sure your customers don't spend themselves stupid.
  • Players that did not spend anything may spend a few dollars here and there plus you have a minimum of $20 in possibly millions of accounts just sitting there!
  • Ability to have flash sales for those that are enrolled in the tiers. Such as 50% off of any single purchase once a month or something like that. Then you make the real cool things more that $41 so Tier 1 would never be able to get those cool things even at a 50% discount. They just have to move to the next tier to get those cooler items.
A few other notes thoughts, you could even have a "roll-over" tier where $10 a month is debited every month until your account hits a max of say $100 with a discount of 15%. You cannot add more than $10 every month and if you don't use it you lose it. So after $100 you still pay $10 a month but it does not build your account balance up any more. Kinda like a subscription.

This makes a lot of sense for gaming but can be applied elsewhere in an ongoing spending/subscription model.

Hope I was able to sell you on the idea of Capped Spend Reverse Discounts, lets see if someone ever uses this model.

Thursday, August 2, 2018

Block Chain Periodicals Archiving

Many of us older folks (some prefer "experienced") can remember when if you wanted to research anything you had to go to a library. There you could find books and periodicals on just about anything and as an example they had these things called microfiche. These microfiche readers would magnify a 105 x 148 mm piece of film that contained black and white text/images. As well there were many other forms of media to archive articles, books, and various documents.

The point I am trying to make in reminiscing, is these different medias could not be easily altered and would provide long term archival of information. Today most new information is published on a website and can easily be altered. The problems is for purposes of historical reference this is not a good thing.

I propose the following, that would create an international archive of publications in such a way where they could never be altered or at least it would be very difficult.

  • Have a purpose build "archival" engine scrape sites containing periodicals from all over the world in all languages.
  • Store each article/image/video in a compressed file and then generate a checksum and or digital signature for that compressed file.
  • A blockchain would then be used as an index for these compressed files along with their checksum and or digital signature to validate the authenticity of the file.
  • Versioning can be done as well with the blockchain index to link documents together that are from the same source/location when modified.
  • This archive could then be accessible by anyone throughout the world and be the primary archival index internationally.
  • Any entity that has the capacity and proper systems could replicate (mirror) the index in its entirety adding additional redundancy to the system.

Because of possible copyright issues with documents being copied there would need to be agreements between the originating sites and the archiving engine to allow for the archiving process to "scrape" their sites in full. Copyrights on periodicals are different than with, say a book. Since the point of a periodical is to be shared I do not believe the archival of them would be a problem. As long as the capturing of the documents includes the proper references to its original publisher.

Any paywalls would have to allow for the archiving engines to bypass them. As per agreements with sites that charge for content, a time delay would be set before releasing the documents publicly. We must respect that publishers have to make a living.

Sites that allow the archiving service to scrape their sites in full would have a seal identifying that they have the integrity to allow their works to be essentially "etched in stone" for the ages.

An archive would also encourage proper journalistic etiquette in properly documenting any corrections and or retractions.

Authentic historical documents are necessary for all of society. Unfortunately throughout the history of our world; many bad actors have altered these documents for malicious and subversive purposes.

I believe the world deserves historical truth to be preserved for all to see without censoring, unaltered, and in full context as it was originally published.

Sunday, July 29, 2018

A Better Way to Advertise

We are bombarded by advertisers on the Internet constantly. Everyone is trying to get you to see their products and services. Problem is that we have become numb to all this marketing and block most of it with ad-blocker (I do). I am a consumer and am interested in new products and services but the majority of the ads I am presented are just wasting my time.

Social media makes money mostly by selling your data and advertising. These companies need ongoing revenue to stay alive and can only keep afloat for so long without these revenues.

The advertising model has gotten much more complex and in some ways more intelligent, but they are still using the same old model that has been around since the beginning. That is to show you an advertisement based off of what they think you want.

So lets flip this around a bit shall we...

To explain my method of presenting the consumer with smart advertising I am going to make up a fictional family and friend chat program called "CrewChat".

Mom, Dad, and the two teenage Son and Daughter are all members of CrewChat and have invited some other family and a few friends into their group as well. CrewChat is using a new way to bring in revenue from its users. They have a choice for each member to pay an annual subscription of $20 for no advertisements OR a brand new method called "AdPick".

  • You choose from a list of advertisers that you like and are familiar with. You MUST do this otherwise you would have to pay the annual subscription.
  • Those advertisers will then show you ads for their products and services as well as specials that you would not be able to get anywhere else.
  • Some of the advertisements you see will be from competing products and services that are related to the the products and services you choose.
  • The longer you keep a particular product or service in your AdPicks the better discounts, specials, and coupons you will get.
  • There are a limited amount of slots so brand loyalty gets tested...
Here is how AdPick would work.
You choose Levi's, Verizon, Apple, and Starbucks as your preferred AdPicks. Now you will start seeing clothing advertisements, the latest in Smart Phones, Apple products, and all things coffee related. These are brands you already know about and like. Basically you are telling them you like their products/services and you want to spend money with them. Give me something special to keep me as a customer coming back again and again.

So you are chatting with your mom and see a 50% off coupon for any Grande drink at Starbucks that is good for the next 12 hours. Now you can share that with anyone inside the AdPicks program so other CrewChat users in this example.

Then later after you are hanging out at the Starbucks you are chatting with your best friend and up pops an ad for a new pair of designer jeans from May Company made by Tommy Hilfiger, now 40% off for the next 3 days. You love your Levi's and not really wanting to try something new. But you go ahead and share that special with your friend.

  • Ads that are relevant to your likes.
  • Does not waste as much of your time.
  • By these advertisers providing specials that are only available through the AdPick program it encourages more use of the CrewChat app as well as any other app that users the AdPick program.
  • Allows consumers to see new products and services that they are very likely to learn more about or try a competing product/service.
  • Can earn rewards by sharing ads with others as the original ad is targeted to you. So anyone that uses your code is essentially giving you credit. A company may then give you extra discounts on other items.
Bottom line is making advertising interactive and giving consumers a choice will be beneficial to everyone. Those that don't want to be bothered can just pay a subscription. Everyone is a winner!

Monday, April 23, 2018

Automating Food Service

With minimum wage increasing in many states across the country, service staff wages are increasing. This means that either food prices will go up or you will see less service staff. In reality both are going to happen and already are.

I have personally noticed that the speed and quality of food services has decreased in recent years to the point where I either don't want to eat out or expect a long wait for service and food.

When wages go up arbitrarily because of political pressure instead of free market driving the wages you will have many consequences.

First there will be higher prices, and if a business tries to control what they charged, they must cut costs. The biggest overhead for most employers especially in thes service sector are wages. So when your restaurant on a Friday night used to have 7 wait staff but now have 5, those wait staff have to work a LOT harder. Those wait staff may make more money but the amount of work is much higher than the pay raise. This will cause burn out and eventually the quality of the service will drop.

Higher prices will erase much of the wage increase. If prices go up 5 or 10 percent and your wage went up 5 or 10 percent. Will you do the math...

Entry level is too expensive and many people will not be able to get an entry level service job. If you have to pay a dishwasher $15 an hour where you used to pay them $8 or $10 an hour that is a huge difference. Plus they will not be more efficient, they will not do more dishes per house. Same dishwasher more overhead.

Wages need to increase organically with the market. If a waiter or waitress is willing to work for $7 an hour plus tips then let them. If a dishwasher is willing to work for $5 an hour, let them. If you can't get any cooks for less than $14 an hour then that is the market telling you that you must pay at least that much or you will not have any cooks.

FINALLY PEOPLE WILL BE REPLACED BY TECHNOLOGY! People have been replaced by technology since technology existed. Most people used to farm, percentage wise hardly anyone works on a farm anymore. What happened to all those jobs? Technology like combines, tractors, automated picking equipment, planting equipment, processing plants, and on and on. But employement is just as high if not higher today as there are different jobs to fill. As the service sector is continually automated those that used to fill those jobs will do something else. Including jobs that we can't even think of today. Like colonizing Mars?

As wages go up the ROI (return on investment) for automating a service job goes down. That robot burger flipper that costs $60,000 used to be too expensive when you only paid a person $20,000 a year. But at $30,000 a year the robot will be paid for in 2 years. And the robot is never late to work, does not need a break, never sick, and never complains. If your smart your new job will be to program and maintain those robots instead of complaining about them replacing you.

Now picture the future of food service...
You walk into your favorite restaurant and ask for a table for your family of 5. Instead of the typical 45 minute to an hour wait you get an answer of 16 minutes. This is because all the tables are tracked with an algorithm based on how many people there are at each table, what they are eating, and also how many alcoholic drinks they have had. Plus factor in how long it takes to clear a table and how many staff there are to work the tables; with historical data that 16 minute estimated wait time should be pretty close.

You sit down to wait and start deciding what you want to eat and drink from a tablet with a full menu. If you have any questions or have a special request, just press a button on the tablet for help or put in a note.

15 minutes later your table is ready (1 minute faster than expected! YEA!). The dedicated wait staff brings you to your table where your drinks are already showing up from the dedicated drink and table staff. Since everyone has already picked what they want to eat the kitchen has your orders and is preparing them as you sit down.

Back in the kitchen your orders are already being prepared based on how long each plate takes to make, slowest to fastest. Orders are shown on large screens with any special request in bright red so the kitchen staff does not miss them. Once a plate is completed it is set on the counter on top of a large display surface with your table number and a picture of each plate. The plates have RFIDs on the bottom of them and notify the staff when they are all ready as well as update your tablet that your order that it has been plated. When the dedicated drink and table staff comes by to pick up your order everything is ready to go at once and the customers get their food quickly.

Back at your table you already know that your food should be coming out in the next few minutes so you order another drink with a few presses on your tables tablet. Your drink shows up a few minutes later with the food.

The dedicated drink and table staff gets paid based on efficiency of bringing plates and drinks. There is no tipping in this restaurant, instead the staff is paid very well compared to a minimum wage job plus tips. Because the pay is based on efficiencies there is a lot of motivation for being quick and doing a great job. Customers can rate the friendliness of the staff as well by choosing their picture on the tables tablet and anonymously giving them ratings. These are all sent to the managers on staff in real-time. If they see complaints from a table they address the issue immediately.

During your meal drinks never run dry and any request or additional food is brought out quickly without having to wait for a staff member to come around. By the time everyone is finished with their meal the bill gets paid on the tables tablet quickly and easily. Each customer can pay individually or as a group with a credit card or cash.

In the end you have happy customers, happy staff that get paid better for doing a great job, and the restaurant is moving paying customers through quickly bringing in more revenue than ever before.

Sounds like a dream? Shouldn't be. All this technology exist and most customers today will have no problem with not ordering from a person in exchange for a faster and more pleasant experience. After all waiting is the worse part of eating out.

Wednesday, December 13, 2017

What 5G Networks Should Be Like

5G is the next generation of cellular networks and is already rolling out in test cities across America. I am not sure how cellular networks will look by 2020 when most of 5G is slated to be turned on but here are features I would like to see.

Every device is a cellular device:
This means that your TV, computer, phone, DVR, Chromecast, refrigerator, washer, dryer, and toaster will all have some soft of Internet capability with a 5G device. This is a lot of devices so IPv6 will obviously be used.
I even believe that home and possibly business wireless networks will eventually become unnecessary.

One standard worldwide:
Ok this one might not happen but it should! All 5G networks should be the same standard across the world and work on any providers network.

Backward compatible:
Should be backward compatible to at least 4G if not 3G networks.

I believe that the 5G radio itself should have a firewall with fully closed settings as a default then the manufacturer or user of the device will open what services need to go in and out. Each 5G provider should have a easy to use tool/service that will run a security check/probe against your 5G devices to look for known vulnerabilities.

Virtual Networking:
Imagine you have 30 or so 5G devices in your home. Now imagine linking all of them to the same virtual network that belongs to just your devices. You can be anywhere on your providers network and maybe even any provider's network and all your devices can talk to each other. This is not a far fetched idea and would have lots of benefits.
From a home user's perspective lets say you have security cameras all over your property, your rental property, your parents house, and even on your car. The physical location does not matter and you can securely access these cameras from your phone or tablet that is also connected to this secure virtual network.
For a business this is a huge plus! Right now there are MPLS networks through a single provider. VPNs between locations, and then there are servers and resources that are accessed through the public Internet. By setting up virtual networks all the business 5G devices could easily talk to each other with minimal configuration.

Customer Control:
You should be able to control each of your devices bandwidth, usage as well as security settings at any time from a user friendly console.

Lots of Services:
Just think how many services ISPs could offer with the 5G and even 4G capabilities. Like content filtering, Intrusion detection, Anti-Virus, advanced firewalls, caching, data compression, and so much more.

Cost is key!
In order for 5G to really get to its full potential the price is going to have to be economical. If you want your fridge to be online a consumer is not going to pay very much but a few dollars and then for usage per device seems reasonable.
Billing by usage instead of speed makes more sense to me. Should be full speed all the time or at least what the network can handle. Devices and users that use a small amount of data will pay less that those that use a lot of data.
Pricing per GB now is too expensive. It should be more like a dollar a GB not the $10 to $20 it is now.

Zero Cost Bandwidth:
This is already done. If a company like Netflix wants to pay to subsidize a user's bandwidth for their streaming then they should be allowed to do that. Since an ISP is there to make money they don't care where the money comes from. I know what many of you are thinking. What about a small company that wants to compete with NetFlix or Youtube. Think of this from the ISP side. Streaming video uses a LOT of bandwidth and is the most expensive data to push through a network. Someone has to pay for all that bandwidth, sorry but that is just how business works.

Bottom line is 5G has a lot of potential with 10 to 100 times throughput, much higher density and lower latency than 4G networks. If the Verizon, T-Mobile, and AT&T's play their cards right they may quickly put terrestrial based ISPs out of business.

Thursday, November 2, 2017

Focused Sirens

How many of us have been woken up by sirens in the night that are miles away and have nothing to do with where you are. Instead of blasting the high pitch sound everywhere it should be more directional.

I believe some ways of doing this would be to:
- Control the shape of the siren horn
- Control the pitch based on distance and atmospheric conditions
- Control the volume

A camera/radar/lidar system can be used to look at distances in front of the emergency vehicle as well as where intersections are and turns ahead. When approaching an intersection the siren can increase the width of the horn/cone as well as volume and pitch.

Volume as well as the focus of the siren can also be increased for vehicles that are not paying attention or may have their radio too loud to notice the siren.

In addition a second siren could be installed to have a dual pitch with one being more focused in front of the emergency vehicle for even more power to alert vehicles in the direct path of the siren.

The concept is to still alert vehicles and pedestrians in the path of the emergency vehicles while minimizing sound pollution in the area. Especially at night when it is generally quiet and atmospheric conditions allow sound to travel further.

So much more sleep for people while still safely alerting those that an emergency vehicle is trying to get through.

Friday, August 25, 2017

Consolidated Billing

Netflix, Amazon, Hulu, HBO Go, and so many more. So many have cut the cord but what about all these new bills. $12 a month, $10, $15, $20 now all of a sudden you are paying almost as much and you can't just simply select a channel or pay a single bill. FRAGMENTED!

Eventually Google TV, Apple TV, or someone will aggregate all these services together and make is super easy to browse through them but there is still the billing. Even if you set up an automatic payment with a credit card you still a lot more services to pay for individually.

How about a consolidated billing service. Here is how that might work.

You go to your favorite consolidated billing service provider and for this example let's call them

You set up an account on and then place checkboxes next to the services you want. So you select Cox, Amazon, Hulu, DirecTV, and Netflix.
Next you put in your billing information and your done. Within hours or even faster all these services will be set up under your email address and a password setup across all the accounts.

Now you can pay one bill, if your payment info changes you can change it in one place.

So why would these companies even want to associate with a service like this?
- All billing and billing customer service issues are resolved by
- The services would be paid on time all the time
- Contracts would be dealt with from the side
- Payment issues are resolved from the side
- If it is as easy as checking a box then more users are more likely to use a service

Why would a customer want to use this?
- A discount can be provided for signing up for multiple services
- Easy single checkbox to sign up
- All in one place account management as well as password resets
- One place to contact for all billing issues

Then to cover costs takes a few percent from the transactions just for being a "broker" to everything.

Could even consolidate basic support to remove burden of simple account issues, password resets, notification of service outages, etc.

This can work for just about any recurring service that you pay for including
- Cellular services
- TV/Cable/Satalite
- Internet providers
- Utilities/Electric/Water/Gas

Thursday, August 24, 2017

Keep the lock, replace the tumbler

There are lots of electronic door locks available today but they all have the same problem. They are much larger than a typical mechanical lock and must have a power source.

There are two parts to an electronic lock. The key and the motor to open the bolt or lock itself. The key is typically a RFID badge, numeric code, fingerprint, etc. Then once the user is authenticated the lock has a motor that will open the bolt or unlatch the mechanism to allow the door to be opened.

Because of this there must be a battery for power and most of the time the entire door handle assembly replaced with something much larger. This is sometimes difficult and also more unsightly.

I propose a hybrid of an electronic lock that fits into the same small space as a mechanical lock while still maintaining the same dimensions of a circular tumbler assembly that fits in most door locks/knobs today. It can even continue to use the same old fashion key as a backup.

Simply have a key with an RFID chip on it that is a flat blade like a normal key but smooth on both sides and is a narrower width than a normal key. A normal key would line up the pins to allow the tumbler to be turned thus unlocking the door. The RFID key would also engage a mechanism that uses a very small amount of power that would allow the tumbler to turn regardless of the pins positions and allow the key to then turn and unlock the door.

The power can be from the key itself being inserted like a magnetic generator. If the lock needs extra power the key can be inserted and removed multiple times like a generator moving back and forth. This is used in many non-battery emergency flashlights.

The electronic locks can be programmed with a master key or a fob of some sort that will use a NFC type of setup from a smartphone. If there is an issue a normal key can still be used to open the tumbler providing access.

The unlocking of the bolt itself requires most of the power but since you are turning a physical key that part is done by the user. Thus eliminating a larger lock being needed to house a motor and gear assembly.

Friday, March 17, 2017

Autonomous Vehicles Laws

They are here and eventually everyone will have one and many, many, many laws are sure to follow. Driver-less cars or "Autonomous Vehicles" in my opinion will make the world a safer and better place.

How many people ride a horse or a buggy to work. The correct answer would be very few. But when cars or the "horseless carriages" were new I am sure many people thought to themselves they would never get in one. Here we are over a century later and now the automobile is going to drive us around. I'm good with that once they get the bugs worked out.

But fast forward a few decades or maybe even sooner and as with all technology the laws will play catch up with autonomous vehicles. Here are a few that I think we are going to have and really need to have.

- No one can drive on the highways manually. Meaning eventually once the technology is sound driving without the aid of the computer will be illegal as it will basically be dangerous.

- Software updates will be required as a part of annual inspection. Similar to smog laws. Also critical security patches will be automatic and required in order to be on public roads.

- Drivers license tests will consist of what to do in a computer malfunction and how to operate the computer systems. No more parallel parking or traffic merging.

- My guess is controlling a fully autonomous vehicle while impaired (drunk, high, tired) is still going to be illegal as you are responsible for any malfunction as well as telling the vehicle where to go.

- In the case of an accident all autonomous vehicles will require highly precise "black boxes" for data tracking and telemetry as well as computer debugging. This way the insurance companies can find out who or what is at fault. The entire insurance system may change as it will be insuring computer code instead of people.

- All Autonomous vehicles in proximity to each other must have basic communications with each other in order to make better and quicker decisions to avoid collisions.

- Hacking or otherwise modifying the autonomous code will be a criminal offense.

- Emergency vehicles can communicate with all surrounding vehicles to clear a path. All autonomous vehicles must obey these emergency vehicles as long as it is safe to move out of the way.

- Personal vehicles can be placed in an emergency mode in case a passenger or the driver needs emergency assistance. For example if someone is having a heart attack the driver/person in control (can call them a pilot) can initiate an emergency request to the nearest hospital. Their vehicle would then have priority through traffic and be allowed to go beyond typical speed limits within reason. To prevent abuse of this system a report with law enforcement would be required after each use. Inappropriate use of the emergency mode would be fined with possible suspension of the operators license.

Beyond the laws there will be special trips and vacations where you can actually drive a car or truck for recreational purposes. Like offloading or racing.

Finally security is going to be a major issue and is already a concern. There has to be "air-gap" in place between critical systems and say a wireless hot-spot in the car or the infotainment system. As other vehicles communicate with each other they must follow a strict set of rules and be truthful and accurate in their information. Bad data from other vehicles can cause collisions.