.net programming, computers and assorted technology rants

Computer Scientist Banned from Publishing Auto Security Hack


Courtesy ArsTechnica

Guy Frankland

A high court judge has ruled that a computer scientist cannot publish an academic paper over fears that it could lead to vehicle theft.

Flavio Garcia, from the University of Birmingham, has cracked the algorithm behind Megamos Crypto—a system used by several luxury car brands to verify the identity of keys used to start the ignition. He was intending to present his results at the Usenix Security Symposium.

But Volkswagen’s parent company, which owns the Porsche, Audi, Bentley and Lamborghini brands, asked the court to prevent the scientist from publishing his paper. It said that the information could "allow someone, especially a sophisticated criminal gang with the right tools, to break the security and steal a car."

The company asked the scientists to publish a redacted version of the paper without the crucial codes, but the researchers declined, claiming that the information is publicly available online.

Instead, they protested that "the public have a right to see weaknesses in security on which they rely exposed," adding that otherwise, "industry and criminals know security is weak but the public do not."

The judge, Colin Birss, ultimately sided with the car companies, despite saying he "recognized the importance of the right for academics to publish."

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s