Jump to content
Create New...

Recommended Posts

Posted

William Maley

Staff Writer - CheersandGears.com

July 29, 2013

Three computer scientists who were going to publish a paper on how to circumvent the security system that verifies the identity of an ignition key have been stopped by the UK High Court.

Flavio Garcia, a computer science lecturer at the University of Birmingham and Baris Ege and Roel Verdult, two cryptography experts from Dutch university Stichting Katholieke were going to publish a paper at the Usenix Security Symposium in Washington DC next month. The paper was to outline how they were able to crack a system called Megamos Crypto, a system that allows a vehicle to check the identity of a ignition key.

However, Volkswagen filed an injection against the publication of this report due to four of its brands (Audi, Bentley, Lamborghini, and Porsche) using this system. Volkswagen told the court that the Megamos Crypto system was used in a number of its vehicles and other vehicles and that the publication could "allow someone, especially a sophisticated criminal gang with the right tools, to break the security and steal a car". Volkswagen goes onto say that they asked the scientists to publish a redacted version of their paper. They declined.

The scientists argued that "the public have a right to see weaknesses in security on which they rely exposed". Otherwise, the "industry and criminals know security is weak but the public do not". They also argued that the paper would not increase the theft of vehicles due to the process to crack the system is complicated and costing £50,000 (about $76,785) to do it.

Source: The Guardian

William Maley is a staff writer for Cheers & Gears. He can be reached at [email protected] or you can follow him on twitter at @realmudmonster.


View full article

Posted

VW is showing their stupidity, they should be working with these guys to fix the weak security issues and beef up making it even harder to break in. $76K is nothing for a criminal gang to spend if they can steal 6 cars a week and sell them on the black market.

These crypto specialist are showing them that they need to not sit on their laurels and get going to the next special thing to keep these cars safe. Sounds like VW has NOT done their QA testing that well and instead of working with these bright people to fix the issues and put out upgrades to the system they would rather keep it status quo and spend money in courts to fight change.

Idiot VW, this sounds like a bean counters way of thinking it is cheaper to do a legal filing than to pay these guys for their research and fix the real problem.

Join the conversation

You are posting as a guest. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...

Hey there, we noticed you're using an ad-blocker. We're a small site that is supported by ads or subscriptions. We rely on these to pay for server costs and vehicle reviews.  Please consider whitelisting us in your ad-blocker, or if you really like what you see, you can pick up one of our subscriptions for just $1.75 a month or $15 a year. It may not seem like a lot, but it goes a long way to help support real, honest content, that isn't generated by an AI bot.

See you out there.

Drew
Editor-in-Chief

Write what you are looking for and press enter or click the search icon to begin your search