Granted they disclose that its a simplistic attack but what they do not explain is that it is neither practical nor is it complete... The attack is based on intercepting and modifying the voltage signals coming from the touchscreen (voltage,not data...) and cutting power to the LCD. This allows them to do the following:
1. read the (X,Y) position of a user touch event
2. send a false position report on to the voting machine
3. blank the screen,

The problem is what they are NOT doing... They are not reading the output to the LCD which means they have no way of knowing the context of the button presses. e.g. they know the user is pressing at position (X,Y) but they dont know what menu screen is currently being displayed... is it the login screen? the voting screen, which candidate race? To do this they need to be tapped into the VGA/DVI output data to the LCD and you can do that with $10 in components.. you probabaly cant do it for $100, and you certainly need a pretty decent coding/hardware design/reverse engineering skillset to succeed.

This is fearmongering that is masquerading as security research (and poor research at that..) If the goal was to impart the message that a physically unprotected machine is vulnerable to tampering then i guess they got that message across, but its not like we did not already know this...

Finally if you want to create a devastatingly sucessful undetectable hardware attack, you do not bother with i/o.. you use boundary scan and the JTAG/BDM port.

walfisz is not entirely correct about sony's abilities to combat piracy... Technically speaking if a console user chooses to *only* use their PS3 offline and not access PSN or any online content then yes it will be difficult to impossible for sony to employ countermeasuers. The problem is that most users *do* use PSN and do use their console online and this opens up some avenues for sony. The most likely countermeasure will be to run code snippets that detect changes to memory in the console. This will be done in conjunction to PSN access (e.g. to be authenticated for access to the PSN network, your console must run a piece of code that calculates an authenticfication hash of your consoles serial number and contents of memory.) if any memory is changed then the code will return an incorrect result and you will not be permitted to access the network or worse they will ban you from PSN. hackers will then introduce code that will "cloak" the changed areas to reflect proper results from an unmodified console and sony will then attempt to detect those changes as well. In the end it becomes a cat-and-mouse game that goes on and on which is exactly what happened for years in the SAT tv industry. The big difference is that sony will eventually be forced to start banning users from PSN simply for having hacked consoles and this will make console modification undesirable for many users. As far as the lawsuit being baseless these guys need to read up on the DMCA... its a lousy law that was poorly written but it *is* on the books and unfortunately liability is determined based on whether there is substantial non-infringing uses... since the reality is that most people have been and will be modding their consoles to play copied games, they will find anyone involved liable... The only realy question is whether sony is going to detect and go after end users with the $2-5K demand letters/lawsuits as the RIIAA/MPAA have done...

Didnt they already do this in a Gorrilaz video: http://www.youtube.com/watch?v=MypXWl_uBCU

Thats true: you can always get something cheap like this:

http://www.gridconnect.com/canusblight.html

Which is like $99 and it will work fine but you lose out on getting stuff like CAN monitors, API's and programming examples with the better adapters... Your best bet is to go with something like this:

http://www.gridconnect.com/usbcanin.html

which is a full featured adapter that you can actually do development and project work with.

agreed: this is not new considering this sort of work has been done for at least ten years now..in fact here is my pwn the instrument cluster shot (except i did this 5 years ago...) http://www.lotustalk.com/forums/f129/canbus-re-analysis-10866/#post172691 or this: http://www.youtube.com/user/catch9966#p/u/68/-7Xb0G4JS48 like i said, this is not news at all and there is no real need for security on the vehicle network with the exception of controlling engine/tranmission access (which allmodern networked vehicles have)...

all your tubez are belong to comcast...

Isreali file sharing proxy service here I come! :)

its actually not as difficult as you would think... The typical method is to set up a loop: allocate memory, write the code, de-allocate, glitch, and test to see if you still have access. This method worked exeedingly well for years on all sorts of secure processors. The only difference here is that everything runs faster so your timing needs to be better but even if you only have a 1 in 10000 shot of getting the timing right it only takes 10000 tries to be successful (well statistically)

It depends on what context the hack is used... Sony may have thought ahead and written and anti hacking API that simply needs to be enabled... They more than likely included the ability to perform hypervisor integrity checks with code triggered remotely (as in if/when connected to playstation network) and can start booting/banning people from playing online.

The glitch attack is a pretty powerful attack in that the proof-of-concept he worked out is most of what is needed for a mod chip. Now all that is needed is to find the least expensive microcontroller to deliver the glitch pulse. He uses 40 nS but it may well turn out that even a larger (wider) pulse works which then means a standard 3 dollar 10 Mhz microcontroller can be used to control the glitch. connect the glitch modchip to any line that is controllable under the hypervisor and you have the ability to turn it on and off and you can now build an automated package. The only problem is that you will start by running some software that allows you to place arbitrary code even under the control of the hypervisor... So you install the modchip, load the approved linux distro, run the special exploit program and you now have complete read/write control, which in turn reloads a full uncontrolled linux distro (or any other unsigned code). of course the hypervisor dump may well lead to an implementation flaw that allows access without a modchip being needed which is even better. Its all just cat and mouse from here...

keep in mind that before the signal is sampled it needs to be low-pass filtered at the nyquist frequency. so everything above that frequency is attenuated as much as possible.obviously you cannot eliminate the problem of aliasing altogether but the practical goal is to eliminate it from occuring within the band you are sampling (e.g. 20-22Khz for audio). I agree with you that digital audio could use better sampling overall if for no other reason to deal with the granularity problems. they did a pretty good job with cd audio and it came pretty close to being indistinguishable... there are actually alot of listeners that have a very difficult or even impossible time telling the difference now in a true A/B setup. Often the issue is that an "audiophile" will make comparisons that are not direct: e.g. a standard high end CD player against a high end phono/preamp combo and the phono sounds obviously better. The problem is that there is no proof that the digital component was inferior.. it could be that the phono/preamp colored the sound in a more pleasing manner, or that the cd engineer made changes during mastering.. we just dont know because nobody likes doing an exact A/B comparison of digital/analog format and it ends up as sort of anecdotal evidence that we all hear about... The new digital workstations used for professional mastering are all either 24 or 32 bits and when i listen to tracks being played back on those systems that are sampled even at 24bit/96khz they sound nothing short of amazing. It would be fun to do a richard clark type A/B monetary bet: the audiophile can use their own reference system; you take a master recording of a record album playing at the preamp output at 24bits and then do A/B playback with the reference levels set the same. I would bet that it would be impossible for anybody to be able to tell the difference...

aliasing doesnt have anything to do with sampling (e.g. quantization errors) either in frequency or amplitude). aliasing is simply an unwanted side effect of not having enough sampling resolution. That being said yes there is always going to be quantization errors but that is irrelevant: what is important is what level of difference the human ear can hear and while red book audio is not perfect is comes pretty close. At 24 bits the differences are exceedingly small. Finally the one thing that i never hear the analog audiophile types talk about (keep in mind i have nothing against it: if you prefer analog good for you) is that the same quantization errors that apply to digital audio also apply to analog: e.g. if you consider a 5 volt audio signal found in any audio setup (even the really nice ones) and look at any signal based on the same quantization as cd audio: 16 bits is 5/65536 or 76 microvolts. Now look at any piece of high end audiophile equipment with a scope that can resolve to microvolts and you will see noise in the signal at the same amplitudes typically introduced by the environment but also simply as a result of the environmental changes on the various circuits... Analog noise eixsts to and it is typically on the same order of amplitude as digital. With the move to 24 bit audio the quantization noise for 1 bit is 5.9 nV which is insanely low.. AFAIK there is no high end analog audio equipment that is even close in mitigating noise at those levels.

aliasing doesnt have anything to do with sampling (e.g. quantization errors) either in frequency or amplitude). aliasing is simply an unwanted side effect of not having enough sampling resolution. That being said yes there is always going to be quantization errors but that is irrelevant: what is important is what level of difference the human ear can hear and while red book audio is not perfect is comes pretty close. At 24 bits the differences are exceedingly small. Finally the one thing that i never hear the analog audiophile types talk about (keep in mind i have nothing against it: if you prefer analog good for you) is that the same quantization errors that apply to digital audio also apply to analog: e.g. if you consider a 5 volt audio signal found in any audio setup (even the really nice ones) and look at any signal based on the same quantization as cd audio: 16 bits is 5/65536 or 76 microvolts. Now look at any piece of high end audiophile equipment with a scope that can resolve to microvolts and you will see noise in the signal at the same amplitudes typically introduced by the environment but also simply as a result of the environmental changes on the various circuits... Analog noise eixsts to and it is typically on the same order of amplitude as digital. With the move to 24 bit audio the quantization noise for 1 bit is 5.9 nV which is insanely low.. AFAIK there is no high end analog equipment that is even close in mitigating noise at those levels.