Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:potentially (Score 1) 158 158


Although there's lots of easier methods if you have access to the physical car.

(Just like breaking a bluetooth lock is possible, but it's also possible to use a normal untraceable chainsaw on the wall next to the door.)

(Also: Never attribute to malice that which is adequately explained by stupidity. I'm personally more worried about bugs in cars than security holes.)

Comment potentially (Score 4, Interesting) 158 158

"Because infotainment systems processed DAB data to display text and pictures on car dashboard screens, he said, an attacker could send code that would let them take over the system.

Once an infotainment system had been compromised, he said, an attacker could potentially use it as a way to control more critical systems, including steering and braking."

Well, yeah.

Normally it's not that easy. Sure, the car stereo sits on a can bus with nice information (ACC, backing signals to turn on the back camera, speed information so the volume can be automatically adjusted, etc). But it's not on the vital CAN bus (at least not on most cars).

But yes, it's an entrance point. So is the 3g/wifi receiver in the stereo, or the bluetooth connection to the handsfree that it can do.

But you would have to:

1. crack an entrance point to the stereo (any of the above)
2. control the stereo CAN transmitter (if it has one)
3. using that CAN to crack an entrance point to another system that talks to a vital CAN bus
4. control that system enough to transmit CAN on the vital bus
5. and then use this system to send bad messages to brakes or steering

and all cars use different firmware with different security holes and different CPUs.
But with enough research you could probably crack a specific vulnerable car model.

Cracking modern airplanes seems easier, actually.

Comment taxpayers or ... taxpayers! (Score 2) 204 204

So the risk instead would be spread out into a higher launch fee (taxpayers) and higher insurance fees for everyone (taxpayers).

The insurance would make the cost of the launch a lot higher, and NASA (taxpayers) would have to pay that.
Money doesn't grow in insurance companies either - they are re-insured and the cost is spread out to everyone.

But I guess it would look better for NASA?

(That said, I thought insurance was involved already. At least for individual projects blowing up?)

Comment Re:32*M*B? (Score 1) 227 227

How much is the current zigbee and zwave devices using?

TCP is a bother in itself - UDP and UDP-based protocols are much easier, since they don't require a buffer for the transport stream, you can just reuse the packet space to answer on so you only need one MTU of space (1.5k). TCP needs the buffer for resending, and to buffer data before sending. Much hungrier... but still, where 32kB is well enough. :)

If anything, I would like devices that comes with a nice amount of non-volatile RAM for logging and backup purposes. (Where nice amount would be something like 128k. I'm fine with that. I currently have an EEPROM with about 64 bytes for logging. I have to be a little bit too creative then...)

Comment slashdot and languages (Score 1) 336 336

Now slashdot is doing it again.

If you understand programming, you can pick up most of that within a few weeks. If a senior dev gets mad at you during those weeks, look for another job.

If you don't understand programming and know all that stuff, there's no way you will learn the libraries and software that specific company uses within a few weeks and a senior developer will get furious.

C++ is just another language. It's in no way harder than C, interlisp or Python.
Standard libraries are just some libraries. All languages have those.

Comment 32*M*B? (Score 4, Interesting) 227 227

I regularly work with devices having 32*K*B or RAM. That talks TCP/IP. (And much smaller than that, but they do very limited amount of networking, like CAN.)

And I remember running Linux on devices with a lot less than 32MB...

What's the challenge with 32MB? And how is that extreme in any way?

% APL is a natural extension of assembler language programming; ...and is best for educational purposes. -- A. Perlis