Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Comment And what about the EPA for automobile firmware? (Score 1) 143

Should I be allowed to modify[1] my (not even a VW!) car to increase my mileage/horsepower at the expense of polluting the air?

In fact, given the sorry state of automotive security shouldn't we require automtive firmware engineers to build a reliable code-integrity protection as a condition for meeting their emissions standards?

[1] No object to read-only access, excepting of course that the code is so awful that you'll surely find a security vulnerability leading to an exploit and then we are back to modification. That's hardly a reason not to allow read-only source access, only an observation on the fact that no one wrote this code for security.

Comment Open Source Firmware? Guess what happens next? (Score 1) 392

Everyone that wants a few extra horsepower or MPG will do the same exact thing that VW did. Or rather one or two enterprising combination gearhead-coders will do it and cheaply replicate it a million times over. This will end up being the worst possible option for emissions because it will be available for nearly every model. You don't even need to buy anything -- just pull into a gas station and pay some kid $20 to "unlock" your car. He'll probably charge you $20 to reset it before the smog test (every 2 years) and another $20 to set it back, but you'll make it back on gas. And this is way cheaper than most legitimate performance enhancing modifications.

[ Emissions testing? Well I'm sure the enterprising folks will have a very easy way to flash the right thing back on before pulling into the shop and then switch it back later. Well maybe the ECU keeps a history of versions -- oh wait, the entire thing is open source so I can just go modify the function that returns the history. OK, I'll have roving police officers querying firmware versions -- hahaha, the firmware can return any version it wants. OK, we'll have roving police officers downloading the entire firmware and analyze it -- besides being ridiculous, we can just modify the functionality that returns the firmware image to return a different one than the one loaded. There's no way to win this war. ]

Conceptually, there are 3 differents sorts of code Free-as-in-Speech that I can distinguish here:

(1) The right to inspect the code. Totally uncontroversial, I have no philosophical objection. Practically most automotive security is so bad that code inspection would very quickly yield vulnerabilities that lead to (2) or (3) but that's not a conceptual problem.

(2) The right to modify the code. Somewhat controversial, at least when the code implements functionality that is adverse to the individual but in the interests of the collective such as pollution control at the expense of performance/efficiency. This directly costs the individual more money in gas. This is a good test-case for the tension because most software freedom folks are also strongly in favor of environmental controls.

(3) The right to modify the code but also falsely attest to its authenticity. It's one thing to declare that your device is yours and can run whatever code you want (and see #2, this is not always ethically correct). That's distinct from the right to lie to an external observer and attest that you haven't modified it from the original. This becomes a major issue both in the context of governmental controls (especially easy when we believe they are legitimate, given that particular emissions causes additional deaths) but also in the context of corporate BYOD policies.

For an example, I support 100% everyone's right to modify your Android kernel and userspace. I also support 100% an IT department saying that access to internal corporate resources is restricted to some particular Android versions (whether they are AOSP-original or Cyanogen or home-roll). Access & ownership of those resources belongs to the company, they have the right to set policy on how they are accessed. One can enforce this as a matter of rules, but technologically one can also imagine a solution in which there is a trusted boot component that never restricts what the user can load, but at the same time will not attest to the authenticity of the software stack if the user has modified it. The application of this system to the automotive case is left as an example for the reader.

Comment Isn't that what we asked for? (Score 2) 229

I thought we said we wanted adblock because there were too many ads using (pick any/all):
      [ ] Tracking cookies
      [ ] Pop-ups
      [ ] Pop-unders
      [ ] Click-throughs
      [ ] Flash or other auto-play media
      [ ] Obtrusive (mid-article) placement
      [ ] Annoying (blinking!) styling
      [ ] Malware (usually flash based)

Of course companies do that because they have an incentive to do so. Now a company is saying -- hey, we'll give you an incentive to use unobtrusive ads -- they'll actually reach more people (including the much sought-after millennials who use adblockers the most). And we're upset that the incentive will align towards them?

I mean, if you point was to fuck the advertisers -- sure. But say that upfront, don't gripe about the method and then get all upset when someone tries to devise a scheme for reasonable ads.

Comment Re:Finally (Score 2) 178

Tough for the prosecutors but this is a flash of some sense.

Be careful what you wish for. Because if it becomes precedent that technologically-protected documents can't be subpoenaed than the first people to take advantage of this will be large corporations trying to cover their own asses. You know, something like "Oh, we can't give you the emails between the VW ECU engineers and their managers, they are PGP-encrypted (with a key that each employee spins on their first day) and we can't make them turn over the passwords for their key". Or, like in this case, insider traders.

I think there needs to be the right balance between the right not to self incriminate and the obligation to turn over material documents (including electronic) when properly subpoenaed and in a process designed to minimize disclosure of non-responsive documents. There has never been protection for non-testimonial disclosure of documents, samples and the like.

Comment Re:Nail everyone? (Score 5, Interesting) 618

Yeah. I would not be too surprised if at some level in the organization this was sold as a debugging or trouble shooting measure, or some other benign reason was given for branching on detection of emissions tests.

Folks, you have to branch on emissions (and dyno) tests in the ECU solely because otherwise the safety side of things will bring everything to a halt. The most obvious reason (assume FWD) is that if the front wheels are going 65MPH and the rear wheels are going 0MPH, the traction control system is going to have a major freak out and say "HOLY CRAP WE ARE SKIDDING OUT OF CONTROL BRAKE FRONT UNTIL THE DIFFERENCE IS LESSENED". The procedure to enter dyno mode is not itself a secret.

So it's not a secret and it's not illegal for the ECU to detect and behave differently during the test, and everyone would know about this above-board feature. The secret-and-illegal part is modifying the behavior of things measured by the test while the test is running. That is a lot easier to keep secret and requires a lot less involvement from teams directly outside the module that is responsible for emissions.

[ Source: Tuner people that dyno fancy cars and have to solve these sort of issues. ]

Comment Re:Can someone explain? (Score 1) 320

Because the Air Force brass hates the Close Air Support (CAS) mission. It's partly a cultural thing - they want to fight wars where airpower is preeminent, where they take the starring role. They don't want to spend their time playing support to the Army/etc (despite the fact that it's been proven, time and again, that this is largely how you win wars - hitting infrastructure etc helps, but does not by itself win the war). They've been trying to kill off the A-10 for years, too, and only failing because the Army loves it, though they've managed to push it off to the Air National Guard.

No, Air Superiority does not itself win wars. But if there's a large-scale shooting war between real powers, failure to control the air will definitely prevent you from winning. In that light, I wouldn't say they hate the CAS job, only that they rank it as less mission-critical than establishing superiority in the air, or at the very least denying it to the enemy. That makes some sense -- it would be foolish to optimize the Air Force for CAS/low-intensity-warfare only to be vaporized by the Chinese or the Russians in an (admittedly unlikely) worst-case scenario -- it might be lower probability than Afghanistan but it's also much higher stakes.

That said, I think just about everyone can agree that (a) CAS should be elsewhere than the USAF and (b) The F35 sucks.

Comment Re:Hard to defend against you say? (Score 4, Informative) 246

The usual method of getting developers to install a backdoored version of an IDE is to make them think they are downloading the legit one. Infect their computers, MITM them. The NSA/GCHQ have many ways to do that, and few developers bother to check file signatures (do Apple even offer them?)

Not only does they offer signatures, but the infected version of xCode will be refused by default unless you modify the default Gatekeeper setting. This is all the more ridiculous because you don't even need to register to download the legit xCode directly from Apple. And of course it's protected in transit by SSL.

Not sure what your FUD is.

[ Yeah, maybe GCHQ is clever enough to infect xCode and still pass Gatekeeper. But this case shows you don't really have to be that smart -- just tell users "you must click here to run this software" and they'll do it, even if that means disabling security checks. ]

Comment Where you stand depends on where you sit ... (Score 2) 81

/. Monday: Microsoft and Apple are refusing to go along with government demands for data based on a court order. Conclusion: the government is repressive (or at least reactionary), those laws are unjust, and the companies resisting them are brave and noble. They have every right to challenge and resist those governments.

/. Friday: Companies that think they are peers of democratically elected governments are a form of unaccountable imperialism making decisions for people with no accountability. They have no right to challenge or supplant those governments.

Make up your damned minds people.

Comment Re:Hardware Access (Score 2) 170

Yeah, if you have hardware access to a device you own it. Nothing new to see.

That's actually not true on iOS where the unlock code actually forms part of the master key from which filesystem keys are derived. So hardware access without the unlock code nets you nothing. Of course, with a 4-digit code it's only a few days to try all 10000 of them, but users can a complex passcode with sufficient entropy to make brute force impractical.

Comment ... pending a vote of the board of trustees (Score 3, Insightful) 130

They ultimately decided to suspend the project, pending a vote of the library board of trustees on Sept. 15.

So a library manager made a decision, that decision generated some contention (for better or worse) and so the matter is submitted it to democratic decision making by the proper authority. If there's a story here, it's what and how the library board of trustees decides and who tries to influence that decision.

Heck, for all we know the board might enthusiastically endorse the project. But seriously /. couldn't wait those 4 days to find out the decision.

Comment Definitely ASN1 (Score 1) 429

The little-known (and much frustrating) language that defines the data interchange format for applications as widely-varied as X509 and LTE. Once you truly grok it (which is not intuitive at first) you appreciate the elegance and flexibility (plus zero-copy).

When you make your mark in the world, watch out for guys with erasers. -- The Wall Street Journal