[Cryptography] VW/EPA tests as crypto protocols ?
John-Mark Gurney
jmg at funkthat.com
Sat Sep 26 13:05:33 EDT 2015
dj at deadhat.com wrote this message on Sat, Sep 26, 2015 at 06:59 -0000:
> > The VW wrongware is actually in class 3: It does the wrong things *almost
> > always*. It was able to stay hidden only as long as the wrong kind of
> > tests - tests appropriate to class 2 - were the only ones being applied.
> > The real lesson is: Class 2 testing *is only appropriate for detecting
> > random failures* (and not always even then, of course).
> >
>
> I'm keeping my skeptic's hat on. Until someone shows us the code, I have
> seen nothing that can reconcile the journalists claims with what I know
> about how the testing works. It's possible that the necessary testing
> simply was not done, otherwise it would have found what the researchers
> found. But I would be surprised if that's what happened. What did the
> researchers do different to the government tests? Nothing I suspect. The
They did do something different. Standard government testing has testing
stations plug into the OBD conntector to figrue out what the engine is
doing:
http://www.bar.ca.gov/Consumer/New_Smog_Check_Test.html
The researches didn't plug in, but instead put the sensor in the trunk,
and drove the car around, as opposed to being put on a dyno... It looks
like testing in some locals don't require the dyno:
http://www.check-smog.com/check-smog/post/2013/11/05/3-Types-of-California-Smog-Tests.aspx
> car doesn't know when there's a sensor inserted in the exhaust pipe. I
> seems like the government outsourced this testing to the researchers, so
> maybe it wasn't being done beforehand, or palms were being greased or
> incompetence led to the tests being invalid. An enterprising journalist
> might want to take a look as the normal government testing procedures and
> ask what differs from what the researchers published recently.
As others have pointed out, the measurement was attacked because it wasn't
a real world measure, just a simulated one...
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the cryptography
mailing list