Cambridge CompSci here,
Dr. Anderson, apart from his academic work, is known to be a very powerful and influential scholar in Cambridge. He also orchestrated a campaign against university so that the scholars can own their intellectual property rather than the university and was very successful in his campaign. So it is no surprise that his response to such a phony request is glorious.
I'm not sure that's accurate. There are a bunch of rules etc about 'IP' in general. I've no doubt Ross was involved in the process but 'orchestrating a campaign' seems a bit grandiose.
Thank you, I stand corrected. I was aware of the copyright issues (where the University tried to say it was theirs) but knew less about the general IP 'land grab' that University undertook. More background is at the link below.
I'm an admirer of Ross Anderson but it seems, based on the reporting, the Garcia et al have got themselves into a slightly different situation - I don't think that the chip and PIN disclosures ever resulted in an actual injunction from an actual court, all the banks were doing there was essentially threatening the researchers involved and the academics as a whole. It's one thing to take on card issuers but you can't just write a letter like Dr Anderson's to the High Court and expect them to say, "well that's OK then". That's called contempt of court and it's a crime everywhere in the world.
Dr Anderson has reportedly been injuncted on other occasions[0] but those don't seem to relate to chip and PIN.
I think that the intrusion into academic freedom is lamentable but without any link to the case documents it's hard to say exactly on what basis the interim decision was made. In any event as it's only an interim injunction it may well be overturned at full trial.
My two cents is that the case for disclosure here, while instinctively convincing, is not as urgent as it has been with the vulnerabilities revealed in financial systems. In those cases, for example, banks were refusing to repay money stolen from individuals on the basis that the banks' systems were secure so it must have been the customers at fault. Dr Anderson and others were extremely convincing in showing that this was not necessarily the case. (I don't know if that has filtered through to the financial world at large - are people still being told there are no security holes?)
Perhaps it's just that I don't feel that bad about people having their Bentleys stolen but probably we can wait for trial here (assuming it's not just a strategy by the car manufacturers to bankrupt or intimidate the academics involved).
This thread perfectly demonstrates why injunctions on free speech are evil. We could be reading their paper now instead of contemplating what this piece of low-effort journalism could have possibly meant.
The rash of high tech car robberies, I think, used the OBD port to reprogram the car to recognize their fake key. Like a dealer would. So they didn't break the actual crypto, as is claimed here.
The software that is referenced here could be the software VW distributes to dealerships to reprogram the car when a customer lost their key. So thats certainly one possible way to find out how the crypto system works, by the interaction of the software with the car.
The article also mentions decaping the actual ICs that do the crypto. Thats a very time intensive way to find out how a crypto system works, but it may be the only one when you are dealing with fixed master keys and propietary algorithms. If the keys alluded to here are actually master keys, burned into every car, then they should certainly be published along with the other results, since they are an integral part of the system.
Suppressions of freedom of speech are evil, but not only because they prevent us gaining knowledge. It also punishes innocent activities to protect others against fourth parties - an obvious injustice.
"Finding in Volkswagen's favour, Mr Justice Birss said he recognised the importance of the right for academics to publish, but it would mean 'that car crime will be facilitated'."
If "crime would be facilitated" is to be the criterion of suppressing communications, there can be no digital security and no freedom of speech.
(Preferably to me first, but still.) If you've got them, then chances are I'm screwing up somewhere. I'd like to know so that I can do something about it.
If there's a good chance that the bad guys already have these and that the only way to force the banks to fix their vulnerabilities is to publish them, then yes.
Security by obscurity means hiding the algorithms, not the keys. In this example account numbers, etc. are the keys
Unfortunately, it is how most of the banking world right now works. It is quite easy to initiate transactions and create accounts knowing a few basic numbers about you - bank account numbers, name, date of birth, SSN number (I'm talking about the US of course), home address. And it is very hard to change or hide many of these numbers and data items. The system is very fragile right now, and the only reason why it works is that overwhelming majority of users aren't crooks and losses from the crooks are small enough to be covered without triggering move to a more resilient system.
So freedom of speech is only morally necessitated if it's deemed to be in the public interest? That sounds like you're setting a restriction on speech.
If something is in the public's interest, it generally makes sense to disclose it to the public.
For example, if a car manufacturer (or bank) makes public claims that their system is secure, yet they use 56-bit DES keys to encrypt data, then I think the public should know.
Your "account number" analogy was off because it's is generally not in the public interest to reveal a private citizen's account number.
However, if an account number (email address or ip address) was being used frequently to commit crime, say in an advance fee fraud, then it makes sense to blow the lid on the said account number. That's what I meant by "in the public interest".
Yes, it was a rhetorical question meant to illustrate that there are some things for which it's not evil to publish. Another example would be the names and locations of victims of spousal abuse that are in refuges.
In any case, if you're being that pedantic, why didn't you notice that I actually asked revelation that question, and not DJN?
There are millions of people who are deeply, deeply unhappy every time information about birth control is published. Is that the standard we want free speech to be held to?
Um isn't this the explanation for the rash of high tech car robberies we've been witnessing ALREADY? This seems old news to the thieves. This is really just preventing the owners of the cars from reading in the paper that their car is freely stealable. It is regardless of weather the owners know it or now tho.
Shameful now they'll move to try and blame these guys when they probably botched the security in the first place.
Do you think it's good when every thief-kiddie gets an easy recipe to open most of the cars soon after some academics used some advanced high tech to analyze the physical structure of the chip and reverse engineer the circuits?
Leaving "bad guys" having to repeat the feat until they can use the weakness should buy some time for everybody.
The level of exploitability changes immensely if the codes are published, since it was far from trivial to get them: the capability to analyze the silicon chips is far from everywhere. Not giving codes buys some time to all the owners of all the cars, probably counting millions.
The problem is that unless you publish the vulnerability and prove to the public that it exists, the manufacturers have little incentive to spend money on a recall and the vulnerability continues to spread in the criminal community.
Publishing the vulnerability also allows other white hats to propose a possible work around that owners could implement before dealers have a permanent fix, e.g. physically removing part of the management interface from the vehicle, or just to know not to park such vehicles in high crime areas in unsecured parking lots because the car could be more easily stolen.
Whatever. My car (which is definitely not high end) has a key fob which has been known exploitable for years, and Toyota have done absolutely nothing at all in that time to recall, help or even inform me. Manufacturers don't give a damn. It's time they took this seriously.
Don't know what the most common attack is. I know that one way to get into some cars that are locked that way is to jam the fob so that when they try to lock it nothing happens.
One way to read this article is as a call for a chip slicing method for the masses.
It would seem quite a tractable problem for a keen hobbyist. Build a robot, something like a 3D printer in reverse, to alternately remove thin layers from a chip and image the newly exposed layer, until the chip is gone. Use a program to assemble the images into a 3D representation and extract the circuit.
In fact, such a project would be a relatively simple way to start gaining the knowledge required for the reverse process, of building a chip.
That actually sounds, for a change, like something that would benefit from centralization: I would imagine instead a mail-order service (like 23andme) where you could drop a chip in a tube and get a 3D model + estimated VHDL emailed to you.
It's not quite that consumer friendly, but there are companies that provide a service like this [1]. I gather it is not cheap. Does anyone know what the rough cost is?
The 3dbrew guys are looking for $2300USD (I think) to have some chips inside the Nintendo 3DS decapped.
Byuu published some wonderful articles (including some figures) on having the SNES coprocessors decapped so they could be successfully emulated for the first time in over a decade.
I looked into reverse engineering of silicon recently, so here are some resources drawn from my comments in a thread about Linux and Intel's PRNG:
* Degate, a somewhat automated "aid in reverse engineering of digital logic in integrated circuits" - http://www.degate.org/
* Silicon Zoo offers a tutorial / background info on this - http://siliconzoo.org/tutorial.html - and it mentions that Pentium I-era chips were "easily viewable" [1], probably with optical microscopes.
Excuse my inexperienced query, but wouldn't a high resolution MRI-esque device be much better for that task? It seems that physical deconstruction of something as intricate as an IC would be fraught with peril. I know there was a similar technique used on a frozen brain to obtain 1mm(?) slices, and I'm sure that's good for biology but my mental model of an IC is that the interesting and encased materials differ more sharply than in biology.
I'd guess MRI would lack the necessary spatial resolution, as the wavelength of the emitted radio waves would be larger than the typical feature size on a chip. For that matter, optical imaging might not be up to it either.
The physical deconstruction would be fraught with peril for the chip, which would end up as powder! I'm not sure what the best technique would be. Maybe a grinding wheel, if it could be controlled well enough? Maybe a flat plate with abrasive paste, or a diamond coated nail file? That would probably be easy to control, albeit time consuming. Laser ablation? Heat the chip to slowly and continuously evaporate it, whilst videoing the evaporation process?
One would have to conduct an experiment to see whether it is best to slice the packaged IC, or remove the encapsulation first. The encapsulation can be removed with nitric acid and acetone, or even a blast with a hot flame [1]. I'd guess it would be worth removing the encapsulation.
If I had to pick a technique from above, I'd first try removing the encapsulation then using a diamond coated nail file.
Former IC failure analyst here. This sort of stuff is possible, absolutely. But it gets exponentially harder as chip geometries get smaller.
Getting through the package to the chip's top surface isn't too bad, because you can play rough with it until you get pretty close to the chip itself. So you have all sorts of fun options: wet chemistry, laser ablation, and physical milling being most common. Once you get up all in the chip's personal space, wet chemistry is probably the way to go, though nitric acid will wreak havoc on any copper elements, potentially including bond wires if they're not gold. Alternately, you can go at it with a specialized plasma tool.
Delayering the chip is time-consuming, but not prohibitively so. Your choice of wet chemistry, plasma toolsets, and physical grinding on a wheel (which works _shockingly_ well for what feels like a stone-age process). It can take a lot of practice to do this cleanly so you don't penetrate and damage a lower layer while working on an upper one, but it can be done.
The nasty bit, from the point of view of doing this outside a major megacorp, is probing and analyzing smaller geometries. As things get smaller, they get a lot more delicate. You can't just scratch through the insulative layer above metal lines with a big needle anymore, because the tip of that needle is significantly larger than multiple metal lines under it. Laser ablation can still work for mid-sized geometries, but with modern digital ICs it's all about focused ion beam tooling. That's a high-vacuum device that slowly and precisely mills and/or deposits metal with...well, an ion beam. You can get down way below the visible light range in terms of size and precision. Really cool stuff, but good luck finding one for under seven figures!
Once that's done, if your geometry is large enough to use an optical microscope, probe needles range in price from a few bucks a pop to well into the multi-hundred range. If it's too small, the next option is to get a scanning electron microscope with built-in microprobes. That's...not exactly hobbyist budget.
Doing this for an entire modern CPU-scale IC (instead of focusing on a target block) would take ages and ages and ages. I don't even want to think about it for too long. Months, at the least.
Like I said, possible...but expensive (both in engineer and tool time), hard, and time consuming. The thing is, it's time consuming because the bulk of the work of decapsulating, probing, deprocessing, and analyzing the ICs is done manually and iteratively. A TON of it could potentially be automated, but the motivation to automate all this has traditionally been pretty low because the tooling itself is so expensive that it's low-volume work.
I am surprised not to find a single response supporting restraint from publishing these codes. Is this community really that foolish? First, of course if there is a flaw, it should be studied and fixed inasmuch as possible. Reasonable people can debate whether it's appropriate to publish methods and flaws, though the free speech question is more murky here. However publishing the actual keys - as opposed to the methods - is madness.
Let's consider parallel situations not involving protecting rich peoples' luxury posessions, which seems to be clouding everyone's judgement here.
Some examples where an encryption key is discovered or reverse engineered, and a scientist wants to publish them:
- a key which can shut down every ventilator
- a key which can remotely control the throttle on high speed train
- a key which can explode a nuclear warhead
- the key to your bitcoin stash
- the google master ssl private certificate
There are an infinite number of such examples. I'm shocked and disappointed that the HN community finds publishing keys, as opposed to systematic flaws, acceptable.
Presumably the cognitive dissonance arises from a distaste for rich people. However even if this mostly results in mere car theft, it could also easily result in the innocent being harmed.
Free speech, even under the US first amendment, rather clearly does not apply to publishing private encryption keys, particularly ones that can cause grave harm.
Shame on the HN community.
What if the headline were:
Scientist banned from revealing codes used to control school bus brakes
You shouldn't be so quick to cast aspersions against the community, and when the vast majority of people agree with something, take a second to question why that might be. There is, in fact, a flaw. It's a very significant flaw, and has been studied, etc. for years (in the article it mentions, since 2009!). Volkswagen has done nothing to address the flaw in the past few years.
In many cases, without publishing the keys to make it PAINFULLY obvious to everyone that the vulnerability exists, large companies can spread disinformation and influence public perception that the vulnerability is minimal or doesn't really exist outside of a special case/etc.
In this case, VW is very obviously not planning on updating things, fixing the vulnerability, or addressing things. The vulnerability and the codes have been available on the internet for YEARS without a proper response from VW or a bulletin or other addressing of the issue (and obviously no 'fix' either).
This is one of the key points of the 'responsible disclosure' debate: many companies DONT CARE unless they have to, and will just sit on things indefinitely. With all this publicity, I bet VW addresses this pretty significant vulnerability sooner rather than never now.
Do you disagree with free speech being used to publish de-css or the blu-ray decryption keys? If your security depends entirely on a single key being not discovered and re-used (because you have no way of changing it, for example), you really have a horrible security model. If you're selling that security to people, and it's really not effective at all for it's purpose, then how much different is that from false advertising or even fraud (given that you KNOW that it's not effective, or has already been easily subverted).
The argument you are making - that the keys are already available - is not being made elsewhere here and is probably untrue. If it were true, there would be no reason to ban this publication nor would it be anything other than folly.
Given that Volkswagen spent significant effort to block the publication, I have to presume you are just making shit up.
Even if what you say is true, the argument being made here on HN is that the keys should be published regardless of whether they are available already - which is, quite simply, ethically indefensible.
I'm not making the argument that the keys are available already - I'm making the argument that the vulnerability has been previously disclosed, and that VW has done nothing about it. In fact, they have discounted it.
It's easily ethically defensible - there is no moral imperative to keep the knowledge of something secret which may cause injury to others by being kept secret. In fact, just the opposite. VW is in an ethically indefensible position, as they are in the position of selling vehicles with systems marketed specifically as 'secure' that are, in fact, not secure at all; a fact which has been known to a smaller community (and VW) for over 4 years. THAT is ethically indefensible.
Sometimes, publishing details in a painfully easy to reproduce manner is the only way to get a company to FIX the problem, which is the point in all of this. For a great physical analog, see the 'pen and u-bolt lock' trick. It wasn't until a Youtube video appeared showing just how ridiculously easy that lock was to break that the company updated it's design and fixed things.
So your making the argument that enough time has elapsed in which the car maker could have fixed the problem. In other words, you are not making an argument supporting publishing freely and immediately. You are implicitly supporting restraint for at least as long as some subjectively determined time it should take for the manufacturer to fix the issue, and support publishing as a method to pressure the manufacturer. This is entirely different from supporting free speech at any cost.
You then go on to say there is no ethical imperative to withhold information that may harm others, which is both wrong and contrary to your prior implication - that publishing is ok after a window has passed for the issue to be resolved.
Way to go with the "think of the children" rhetoric. Who's to say that criminals and malicious governments alike don't already have these codes? Obviously the codes need to be disabled, so why not speed up the process?
Personally I feel that an outright ban is unacceptable, however a six month delay is reasonable.
In fact the scientist may have been sitting on this information for quite some time now, and Volkswagen et al have probably already been notified but they refuse to fix it (be it laziness/stupidity, it's outright negligence). My point is we don't know anything except that there's a vulnerability.
Car cyber-security has been in the news recently, and the reports indicate that cars represent a massive attack surface that is very poorly protected. Automobile manufacturers need a swift kick in the ass now more than ever.
Who's to say malicious people DON'T already have the codes? Clearly Volkswagen and the court believe they do not.
I agree that a perpetual ban is not acceptable in this case. Industry should have to fix the situation and the keys should not be predictable from this hardware.
I completely agree. The prevailing opinion on HN seems to be 'free speech at all costs'.
You do NOT need to publish the codes to allow others to replicate this research. Publishing the codes simply allows you to bypass spending the $50k to replicate this research and break into any car with little effort.
Ugh, that's literally a case of, "think of the children."
If what they did was illegal in the country they did it in, then they should be punished there - making it straightforward to extradite them back for trial would be reasonable (assuming it isn't already(. And if it isn't illegal there, well it ought to be.
It also sounds like it would be legal for them to marry a 17 year old (as it is in many states in the US) but pay that 17 year old for sex and 30 years in prison.
I am all for protecting children so I hope this doesn't come out wrong but there are way too many "think of the children" laws on the books (and it's only going to continue).
Similar to your example, in the state where I live (Indiana) it would be legal for me (a 34-year-old man) to have sex 10 times a day with a 16-year-old kid but it would be a felony punishable by years in prison if I took a naked picture of the same kid. (I don't have any desire to do either one, of course, I just think that's an illustrative example.)
I can't speak for the UK but in the USA our laws technically apply no matter where a citizen is. US law trumps foreign laws and you could be prosecuted when you return.
No, they don't. One of the canons of statutory construction is a presumption against extraterritorial application of laws. Congress has to intend for a law to apply beyond US borders, and it's assumed they don't without evidence to the contrary.
In some cases they have done this, such as in the PROTECT Act of 2003 which contains a prohibition on child sex tourism. But there is no general assumption that US law applies everywhere.
And for good reason. Otherwise the entire Foreign Corrupt Practices Act would be unenforceable, as the bribery takes place overseas. Similarly, one could evade US law on insider trading or criminal conspiracies simply by moving overseas. If there's a nexus with the US, you can be prosecuted here.
So you say if I went to Amsterdam, where smoking marijuana is legal, and did smoke it there, and went back to the US, they could arrest me for drug possession because drug possession is illegal in the US and I possessed it while being in Amsterdam? Doesn't make much sense.
When I get off a plane, the first thing I do is check if the country I'm deplaning in has prior restraint and mandatory Internet censorship. If it does, I know I'm in the third world.
I think it is the opposite - if it doesn't have censorship it can be considered third world country. Because poor countries can not afford firewalls and people reading blogs and comments.
I don't get it. Why not publish the method used the crack it without the codes? That's the important research here, and what should be public to further crypto knowledge.
From the article it does sound like Volkswagen asked them to redact the codes and they said no, whether they asked for further redactions is unclear. If it was a simple case of asking them not to publish the unlock codes and they said no, that sounds a bit odd, you don't need the codes to show there's a flaw in the system.
>If it was a simple case of asking them not to publish the unlock codes and they said no, that sounds a bit odd, you don't need the codes to show there's a flaw in the system.
It's not odd when you consider the need of researchers to allow other researchers to reproduce their results for peer review.
In other words not providing the codes would increase the cost of replicating the experiment by $50,000 for each team of researchers who chooses to replicate it. Is that really what you want scientists spending their research funding on?
> The point is, you're not actually replicating it if you don't follow all the stages of the experiment.
Disassembling the chip isn't part of the experiment, it's a precursor. You don't have to build your own particle accelerator just to replicate a subsequent experiment that was originally conceived based on data from the large hadron collider.
I don't understand the part about the info being available on the net for years already. I'm sure the reporters garbled that since they probably have zero domain knowledge, but it sure implied that anyone with criminal intent probably already has what they need to unlock those cars.
Ok, so that stuff about putting the chips under a microscope probably meant they were just extracting the secret keys. Suggesting that there is just a small number of master keys across the entire line of cars instead of a unique set of keys for each car.
Most crypto bugs seem to end up being a case where any useful description of the vulnerability is sufficient for a competent attacker to reproduce the problem. In other words, if it came down to just the "codes" (i.e., secret keys) making the difference of whether or not the system was secure in general, then the crypto would probably be strong.
I'd be interested to know if this is another case of a software vendor "inventing their own crypto" and making a hash of it.
Maybe it will open some eyes in industry that you need to hire experts for that sort of thing, or at least demand external expert auditing of the software.
Nobody else seems to have noted that this is an interim injunction, not a permanent ban. It seems like legal enforcement of responsible disclosure to me, giving manufacturers an opportunity to fix the problem.
I don't see a problem with this per se, in cases where there would be severe harm (like significant crime) without such a ban, provided that the ban is time limited to the minimum time required to fix the problem in the wild.
This means, IMHO, that the injunction should come with a requirement that the manufacturer fix vulnerable systems quickly, even if that costs them quite a bit.
If this is done, then I don't see this as a bad thing. "The manufacturer's security is so bad that they had to get a court order to stop people from explaining how while they fixed it" is a pretty good incentive, I think.
More interesting than the specific codes would be to understand the security of the algorithm used. For example, if the secret code in the Megamos system is changed but the algorithm is not is it susceptible to reverse engineering from listening to the challenge/response when the key is activated.
Not sure, but I suspect that the Guardian article should have said "code" not "codes". I.e. I think perhaps the ban was on including the algorithm in the scientific paper.
Uhm, due to the value of these cars I think that "sophisticated criminal gang" could think about kidnapping one of these scientists and force them to reveal their research.. :/
These guys could make a lot of money selling the info directly to people who would make use of it to steal cars on mass.
Would the high court prefer that, or a legitimate academic publication that allows us all to learn the lessons from this vulnerability?
I should add of course, that in the spirit of responsible disclosure, that this should only be done after the car manufacturers have had adequate time to fix the problem.
Remember when the AACS crypto key was leaked a few years back and everyone was getting cease & desist letters? People began taking it down, Digg was scrubbed, no one paid any attention to it whatsoever. It totally worked and every one forgot about the key, 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 and went about their business as usual.
Now that the cat (or at least the fact that the cat exists) is out of the bag, I wonder how long before owners of stolen autos start suing automakers for negligence and false advertising that led to their cars being stolen?
http://www.lightbluetouchpaper.org/
They ran into a similar situation with the banks and answered with one of the best academic slap downs I have ever read.
http://www.cl.cam.ac.uk/~rja14/Papers/ukca.pdf