Flavio Garcia, a security researcher from the University of Birmingham has been ordered not to deliver an important paper at the Usenix Security conference by an English court. Garcia, along with colleagues from a Dutch university, had authored a paper showing the security failings of the keyless entry systems used by a variety of luxury cars. Volkswagon asked an English court for an injunction censoring his work -- which demonstrated their incompetence and the risk they'd exposed their customers to -- and Mr Justice Birss agreed.
Garcia and his colleagues from the Stichting Katholieke Universiteit, Baris Ege and Roel Verdult, said they were "responsible, legitimate academics doing responsible, legitimate academic work" and their aim was to improve security for everyone, not to give criminals a helping hand at hacking into high-end cars that can cost their owners £250,000.
They argued that "the public have a right to see weaknesses in security on which they rely exposed". Otherwise, the "industry and criminals know security is weak but the public do not".
It emerged in court that their complex mathematical investigation examined the software behind the code. It has been available on the internet since 2009.
The scientists said it had probably used a technique called "chip slicing" which involves analysing a chip under a microscope and taking it to pieces and inferring the algorithm from the arrangement of the microscopic transistors on the chip itself – a process that costs around £50,000. The judgment was handed down three weeks ago without attracting any publicity, but has now become part of a wider discussion about car manufacturers' responsibilities relating to car security.
Scientist banned from revealing codes used to start luxury cars [Lisa O'Carroll/The Guardian]
(Image: The Fragile, a Creative Commons Attribution Share-Alike (2.0) image from meetthewretched's photostream)
The new data-sharing rules enacted by the Obama administration will allow the NSA to lawfully share the unredacted, full take of its surveillance databases with sixteen other US government agencies — meaning that, for example, Trump’s door-to-door deportation squads could use that data to figure out who’s doors to break down, and his Muslim surveillance […]
Kamala Harris was just sworn in as a senator from California, but her last gig was as California’s Attorney General, and in that role, she decided not to prosecute Trump Treasury Secretary pick Steve Mnuchin, whom her office had identified as presiding over “widespread misconduct” in foreclosing on Californians — that is, stealing their houses.
Update: They’ve backed down because Trump warned them it would be a distraction from taking away healthcare and giving tax cuts to rich people. The independent Office of Congressional Ethics — created in 2008 after three Congressmen were jailed for corruption — has been stripped of its powers by the House GOP, who held an […]
With countless applications for modern life, artificial intelligence (AI) is one of the most in-demand fields of study in tech. Beyond modelling human decision making processes and learning abilities, AI can be used to analyze massive volumes of data and create complex interactive systems.This Machine Learning & AI for Business Bundle made mastering these concepts possible for […]
Computer hacking isn’t just something happening to the DNC. Major software companies need white-hat hackers to ensure the security of their products and users, and I came across a Computer Hacker Professional Certification Package that conveniently teaches those advanced IT techniques online.This course package will prepare you for various computer security certification exams with over 60 hours […]
One of the best ways to progress a career in project management is through earning recognized certifications. These certifications carry significant clout and don’t require expensive tuition or student loans. This Ultimate Project Management Certification Bundle is a great example of an affordable way to get ahead. It includes training for 9 certifications including PMP, […]