[Cryptography] VW/EPA tests as crypto protocols ?
jmg at funkthat.com
Sat Sep 26 13:05:33 EDT 2015
dj at deadhat.com wrote this message on Sat, Sep 26, 2015 at 06:59 -0000:
> > The VW wrongware is actually in class 3: It does the wrong things *almost
> > always*. It was able to stay hidden only as long as the wrong kind of
> > tests - tests appropriate to class 2 - were the only ones being applied.
> > The real lesson is: Class 2 testing *is only appropriate for detecting
> > random failures* (and not always even then, of course).
> I'm keeping my skeptic's hat on. Until someone shows us the code, I have
> seen nothing that can reconcile the journalists claims with what I know
> about how the testing works. It's possible that the necessary testing
> simply was not done, otherwise it would have found what the researchers
> found. But I would be surprised if that's what happened. What did the
> researchers do different to the government tests? Nothing I suspect. The
They did do something different. Standard government testing has testing
stations plug into the OBD conntector to figrue out what the engine is
The researches didn't plug in, but instead put the sensor in the trunk,
and drove the car around, as opposed to being put on a dyno... It looks
like testing in some locals don't require the dyno:
> car doesn't know when there's a sensor inserted in the exhaust pipe. I
> seems like the government outsourced this testing to the researchers, so
> maybe it wasn't being done beforehand, or palms were being greased or
> incompetence led to the tests being invalid. An enterprising journalist
> might want to take a look as the normal government testing procedures and
> ask what differs from what the researchers published recently.
As others have pointed out, the measurement was attacked because it wasn't
a real world measure, just a simulated one...
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the cryptography