Comment Diff (Score 1) 357
So he identified the vulnerability by diffing the patch against the original? Seems like a pretty obvious investigative step, as in it's one of the first things you'd want to look at if GM isn't telling you what they changed in the ignition switch. Diffing software security patches to identify vulnerable code is standard practice. I guess the GM thing is maybe interesting since it's mechanical hardware, though investigators in things like fraudulent aircraft parts have been diffing hardware for years.