After the Israeli attack using pagers I think this is no longer paranoid at all.

The same goes for Chinese built cloud connected hardware, especially if it is grid connected, contains heater elements or batteries. Inverters, solar panels, vehicles, 3D printers, the list is endless and all of these are either potential fire starters or ways to destabilize the grid. Used maliciously the potential for misery is pretty large. All this crap that wants to connect to the cloud from a country where your average citizen has very limited access to the internet should give you pause: if the Chinese government thinks these connections are A-ok then they must see some advantage, especially if all the services are supposedly free of charge.

I do not think it is paranoia. But we can have this from anywhere. American devices, EU devices; if I cannot analyse the firmware, ICs etc, what is going to guarantee these are not remotely exploitable. Even if Porsche never built such a thing on purpose, the car is connected so someone can break in, hack it and do stuff including possible overhead the battery so it ignites.

It does not have to be on purpose quality wise either: I had 2 spicy pillows in my life (and I have a lot of gadgets, including fully Chinese ones); a Samsung flagship phone and a macbook air. Both just unannounced got very hot and broke open: no fire but still... So I would say it is possible for a state actor to remotely hack, take over and ignite your Samsung and Macbook as apparently it can already almost happen without hackers.

What to do about it? Without just fully open sourcing hardware and software, I do not know. I mean that would not help a lot if no one reads it and finds the issues/vulnerabilities, but at least we stand a chance, vs now. Unplugging from internet is not really a thing, although, when it comes to cars and airplanes i would rather see it mandatory non connected.

it's not paranoia

chips with backdoors which would allow exactly something like that (or many other things) have been found more then once in recent years AFIK

through a fancy personal car stopping working is the least relevant target. Network backbone, smart phones, and other core infrastructure is a much more relevant target. And even for cars all the non-personal vehicles (e.g. ambulance, trucks, police ...) are much more relevant targets.

Certainly anything that downloads over the air updates. I'm not mad that our government turned down import of EVs from a country that became an adversary

Disabling them is one thing. Having them auto-drive to select locations and self-immolate is another entirely.

The reverse is clear for Chinese people. Do you remember when, in the early 2000s, the US sold a Boeing 767 intended for Chinese presidential use, and Chinese authorities later reported finding numerous hidden listening devices on board? There is a Chinese Wikipedia article about the incident [1], but no dedicated English one. More information in English can be found here [2].

[1] https://zh.wikipedia.org/zh-cn/%E6%B1%9F%E6%BE%A4%E6%B0%91%E...

[2] https://www.flightglobal.com/chinese-vip-jet-was-bugged/4121...

Sadly, the US is more likely to at war with Europe than China