Ah, so you're saying they would follow people sharing a picture of the "Secret Seal of the Anonymous Collective", and since they're the evil bad guys of the month, let's track them down too. Good point.
You're missing the purpose of the digest as it is being used by Google. They are not being given cryptographic hashes, and they are not trying to assure anyone of the integrity of the file. These hash digests are being used only as an index to perform comparisons without needing to keep the original files around. Think "java HashMap", not SHA-1.
When they find a matching value, Google doesn't try to do any other comparisons or investigations. They blindly zip up the file and log information, then turn it over to a qualified investigator. The investigator determines if it's a false positive, at which point the evidence is deleted, or if it warrants further investigation.
The courts won't convict you of having a file that hashes to a known bad number. They will convict you of having an actual image of child porn. The hash digests are just a way for ISPs and law enforcement to perform a comparison without needing the actual thing to compare against.
There's a lot more to this than just saying "child porn". Once an automated system discovers a file that matches a hash, they involve an investigator. The investigator first views the image in question, and if it's a false positive, discards it, case closed.
If the data in question is or could be child porn, they investigate further, obtaining logs from the parties involved, finding out who else this person communicates with, online forums they frequent, etc., and compares the images they've already recovered to other cases involving child pornography. They document every finding. Once they've built up a case, they present their evidence to a judge and request a warrant. During the exercise of the warrant, they'll try to monitor the suspect to determine the exact moment he is online, then execute the warrant without warning in hopes of catching the suspect in the act of viewing child porn, or at least of having the files decrypted at the time they execute it. They'll bring a "mouse wiggler", which is a USB stick that emulates a mouse moving up/left/down/right every few seconds in order to prevent the activation of any screen savers or auto-locking mechanisms. They use a UPS to keep the device powered up in order to bring it to the digital forensic investigator, who will take an image of the computer's memory and image all the writable storage they find. They may have only once chance to recover the encryption keys used by the suspect, and it's possible if they're still in memory. And they will confiscate every digital device in the suspect's home. The forensic investigator will then trawl through the drive image, looking at any image files. There are forensic investigation programs such as Encase and Autopsy that provide a quick way to display any files it can encounter. These programs include knowledge of the various file systems in common use, and can find images in ZIP files, images inside nested ZIP files, image files in the recycle bins, and any deleted files in unallocated disk space that they can still recover. They have specific capabilities of searching for many various things including cached IP addresses, browser histories, password managers, and pretty much any regexp the investigator can come up with. Perhaps there's a password reset message still lurking in the Trash mailbox. Or there might be record of an online payment to a co-conspirator. It's surprising how few people have good enough operational security to erase all their tracks.
Once they've found evidence, anything the investigator can do to help identify the scene of the crime and/or the identities of the parties involved is top priority. This might include obvious things like EXIF tags in the images, or a hotel room service menu in the corner of an image, or they may check out clothing, decor, monogrammed towels, etc. There have been cases where the child's face was distorted with a paint tool but was recovered by the investigator.
If any usable data comes of this, the police will contact child services to see if the victim(s) can be identified, located, and helped.
Investigating these is a really awful job, and it takes someone with an iron stomach to do it, but it comes with the occasional reward that you've helped put away someone who is involved in the rape and torture of little children, and sometimes even helped rescue a child from a horrific situation. I have a friend who's been doing it for over a decade, and I still don't know how he can go home and sleep some nights. Most of his co-workers burn out after just a year or two on the job, because it really is heart wrenching. Sickening as it can be at times, it is a truly necessary job.
No, because that would not be right. MD5 is a member of the family of hash algorithms, so all MD5s digests are hash algorithm digests, but not all digests are MD5 digests. The GP is requesting a list of hashes, but would prefer the subset of that list that consists only of MD5 hashes.
55% chance is not much better than flipping a coin
If there were only two captions to assess, you'd be correct. But there are 5000 to choose from, and even then the "right" answer is subjective, so 55% is a remarkably high figure.
The bottom line is pretty simple, actually: people almost universally like sweets. You take away their favorite soft drink or candy, and they're going to find a substitute.
We are hardwired to like sweets - they indicate ripe fruit, etc. The problem is availability and dosage. In nature, sweets are rare and hard to come by, so we wouldn't get many in our diet. In the post industrial world, we can have all we want for almost no effort. Like someone addicted to heroin who craves that initial high again, we've increased our tolerances way beyond what is healthy. We can't expect to cut off everybody from candy today. Too many are already hopeless sugar addicts.
As parents, what we can do is at least shield our own offspring from these megadoses of sugars, and teach them a responsible diet, even if we can't follow it ourselves. It won't work for everyone, but some of us will have healthier children as a result.
As for Coca-Cola and this study? It's our responsibility to use it to teach people about corporate misbehavior, how a seemingly benign company can try to do things not in the public's best interests, and that all companies large and small should be watched like the foxes in the hen house they are.
You missed a few biggies. 11. Requiring mouse users to use invisible gestures to accomplish some tasks, and ignoring inherent usability differences between tablet users and desktop users. 12. The schizophrenic split between Metro and the desktop extended far beyond the two control panels. Every app remained different. 13. Whatever human interface guidelines were used for Metro were 'fail'. Metro apps still have no consistency in how you access settings or access other features. Mail hides the "sync" button behind a three... menu, when it was one of the most used features. Some apps have preferences in the up swipe app menu, others have them in the right swipe system menu.
And 10 is no picnic of usability, either. They've tried to unify Metro and Windows, but it's still awkward feeling. Some Metro apps are hard coded to expect the whole screen, not some reduced drawing area shortened by a task bar. The Metro division bar is capricious and untrustworthy. The start menu still covers the entire screen with a handful of tiles; the giant flat list of apps is still hiding and is still lacking folders, and search only helps if you remember the name of an app, not just the task it does. (Example: searching for 'home' does not identify "Grasshopper", a home automation app.) 10 may be more usable than 8, but it's still a whole shit-ton worse than Windows 7.
The problem is that while Metro may have been a good idea on its own, it was not a good idea to mix it with Windows. And Microsoft knew they wouldn't sell 10 copies of a Metro-only platform (but they tried anyway, unfortunately for the 8 people who bought RT) all because some idiot Monkey-Boy deluded himself into believing millions of people were just waiting for Microsoft to save the day with Windows Phone so they could throw away their awful iPhones.
'Unleaded' is the common name given to the lowest octane gasoline a station sells. Most stations in this country sell gas labeled 'Unleaded', 'Mid-Grade', or 'Premium', corresponding to 87, 91, and 93 octane (using the (R+M)/2 method), and none of which contain lead. A station has a storage tank of 87 octane and another tank of 93, and they sell 91 octane by pumping a 50:50 mix down the same hose.
Decades ago during the phase out of lead, stations simply called the low octane 'unleaded' to distinguish it from 'regular' gas, which was the commonly offered low-octane leaded gas. The name 'unleaded' has been in common use ever since.
"Putting unleaded in premium" in this context refers to the customer selecting premium at the pump, but tricking the software inside the pump to internally draw from from the 87 octane tank.
Maybe they meant the hackers 'pump up the volume', where they play Country-Rap crossover music so loud that you drive away before your tank is completely full.
He got people to buy into his vision, do his bidding, and make him a metric shit-ton of money. That's leadership. It doesn't matter if the vision was transformed through a reality distortion matrix or not; or if he was a micromanaging despot; or if he stole all the best ideas from others.
"Why won't sharks attack lawyers? Professional courtesy." "How do you stop a lawyer from drowning? Take your foot off his neck." "What do you have when you have a lawyer buried up to his neck in sand? Not enough sand." "The problem with lawyers is that the actions of 99% of them give the other 1% a bad name."
Thanks, you've been a wonderful audience. Tip your waiters, they work hard.
Aside from the illegality of jamming radio frequencies, drones can be programmed to guide themselves to and from a destination without requiring an operator to fly them via real-time radio control. Jamming would be a very expensive solution that would be completely irrelevant before it was even deployed.
Many big games hire actual economists to design and maintain a workable economy.
Which perhaps explains why game economies are crap?
Actually, I thought engineers naively applying math formulas to tune a game's economy explained that pretty well.:-)
Economies are driven by humans making both rational and irrational decisions about the prices of items; with each decision filtered through a unique lens of that buyer's perception of value at that instant. Economists study these activities at a high level, and produce equations that describe 98% of the behavior they see. But they also know that when those remaining 2% of people do something out of the ordinary that changes the game balance, the other 98% rush to copy them and use or abuse that feature. The entire economy quickly suffers as a result. Hiring an actual economist to monitor the game balance can help ensure the prices of items remains usable and fun for both new and experienced players.
Jobs was a great leader, not a great inventor. He inspired creative people to create better things than what existed at that time, and he insisted the human interface was the most important aspect. He refused to accept tiny improvements. And he knew immense profits lay at the end of that path.
And he pissed a lot of people off. Some people willingly accept a sociopathic tyrant, others are repulsed.
Many big games hire actual economists to design and maintain a workable economy. They tweak things much like the Fed tweaks interest rates, in an attempt to keep the game interesting, and to deal with the occasional bugs that cause rampant inflation.
Because then your compression function effectively becomes your encryption function. And it wasn't designed for security.
Keep in mind these are simple issues to identify and exploit. All these "what-if" scenarios have been played out repeatedly, which is why the standard response is always "use a proven secure algorithm, don't roll your own cryptographic solution." It's easier, less bug prone,and the security has been analyzed by more qualified people than you can afford. Any known weaknesses have already been identified and fixed.
What you've described has been known for centuries as a "book cipher". Benedict Arnold used one during the American Revolutionary War to protect his treasonous communication with England.
Anyway, there's a really fun way to beat this kind of encryption today. If Mallory can get Alice or Bob to send a copy of BLACK_SQUARE.BMP, it's literally game over. Imagine XORing your key against a bunch of binary zeros. The result is a big patch of the cleartext version of the data that is your key. Google will find that faster than you can.
I did this to a friend who had the same idea in a "you'll never guess my encryption" challenge. After getting him to download a copy of BLACK.GIF, I stared at the intercepted results for many seconds longer than I should have. It output a repeating string of something like SLASHDOTTODHSALS, so I said that's your key. He was arguing because his key was SLASHDOT, and his "algorithm" was to invert the letters of the key word and append a copy to the end of the key. My mind boggled because I was expecting encryption, not immediate success at recovering his key and data.
Now, let's say you're smart enough to avoid encrypting BLACK_SQUARE.BMP. I can still achieve most of the same results by predicting that your data stream will contain "Host:", "Content-Type:", "Accept: text/plain", "User-Agent:", "HTML", "BODY", and other such 'cribs' (I was all set up to apply this logic to the intercepted message from my friend mentioned above.) By matching fragments of my guesses with your message, I can look to see if I recover legible text. It only takes a surprisingly small amount of recovered text to be able to identify the source.
There is this piece of Cat 5 that isn't remotely hackable. Unless it's tapped, or if someone puts an inductor on it, or if they use TDR to estimate the length of the wire to figure out the distance between routers and discover where the Intrusion and Detection Systems are located.
Dress codes make a slight amount of sense when the company has a requirement that many employees must wear uniforms. It's not fair to say, "you people who stand in front of customers all day must wear a blue shirt, green tie, and khaki pants" but then say, "you people are in the main office, so you're exempt from dressing like a dork." Some of the line workers resent it. Management can then decide if they want to settle the matter by subjecting everyone to a dress code.
Of course HP doesn't require line workers to wear uniforms, so that's not the case here. This is just another stupid and capricious management decision by a company that's become famous over the last decade for having the most incompetent management of any (formerly) major corporation. HP's executives have been so bad it's easy to imagine an evil Michael Dell offered HP's board of directors one hundred million dollars -each- to sabotage HP into oblivion. (Hey, it makes a lot more sense than any other reason for imposing a dress code on engineers.)
Good point. First, IANAAEE (I am not an automotive electrical engineer) so much of this is speculation, but not all of it. I do think small, hardware firewalls ("data diodes") could help prevent a lot of these problems. I also agree with you in that I don't think the direct access is necessary, but I think it might loop around in such a way that the holes end up being present anyway.
Consider: the crash message from the airbag sensors, which is on the high speed engine control bus (ECB) goes to the door locks. The door locks are on the low speed bus (security network), but bridge both networks. A data diode could stop messages from the door locks from flowing back to the high speed ECB. The door locks, ignition key, and immobilizer are all on the security network. The ignition key talks to the immobilizer. Finally, the immobilizer talks to the ECU, which is on the high speed ECB.
The security network is supposed to be isolated from the cabin comfort network (where the infotainment system, navigation system, and cell phone stuff are.) But the crash signal has to travel to the cell modem somehow, so another component has to allow messages from the ECB to the cabin bus. Plus, some of these cars have "remote start via cell phone", so something still has to enable messages from the cell modem to travel to the immobilizer. How do they get to the security network? (Bigger question: do the Chryslers even have a security network, or do all low speed messages share a common bus?)
If everything were perfect, the immobilizer would be the only potential spot for the bridge; and because the immobilizer's entire job is to prevent the engine from starting unless all the security is perfectly aligned, it seems like the natural place where the engineers would focus their security attention to isolate the low speed bus from the ECB. But obviously not everything's perfect.
It seems like they should have a set of dedicated data protection devices that would be similar in concept to a traffic signal's conflict monitor, somehow hard-wired with a rule that allows only whitelisted messages from the modem to go to the immobilizer.
Slashdot Mirror
Ah, so you're saying they would follow people sharing a picture of the "Secret Seal of the Anonymous Collective", and since they're the evil bad guys of the month, let's track them down too. Good point.
...precisely until the moment that Cisco decides it isn't free any more.
Dare I say "until they drop the hammer"? /ducks
You're missing the purpose of the digest as it is being used by Google. They are not being given cryptographic hashes, and they are not trying to assure anyone of the integrity of the file. These hash digests are being used only as an index to perform comparisons without needing to keep the original files around. Think "java HashMap", not SHA-1.
When they find a matching value, Google doesn't try to do any other comparisons or investigations. They blindly zip up the file and log information, then turn it over to a qualified investigator. The investigator determines if it's a false positive, at which point the evidence is deleted, or if it warrants further investigation.
The courts won't convict you of having a file that hashes to a known bad number. They will convict you of having an actual image of child porn. The hash digests are just a way for ISPs and law enforcement to perform a comparison without needing the actual thing to compare against.
There's a lot more to this than just saying "child porn". Once an automated system discovers a file that matches a hash, they involve an investigator. The investigator first views the image in question, and if it's a false positive, discards it, case closed.
If the data in question is or could be child porn, they investigate further, obtaining logs from the parties involved, finding out who else this person communicates with, online forums they frequent, etc., and compares the images they've already recovered to other cases involving child pornography. They document every finding. Once they've built up a case, they present their evidence to a judge and request a warrant. During the exercise of the warrant, they'll try to monitor the suspect to determine the exact moment he is online, then execute the warrant without warning in hopes of catching the suspect in the act of viewing child porn, or at least of having the files decrypted at the time they execute it. They'll bring a "mouse wiggler", which is a USB stick that emulates a mouse moving up/left/down/right every few seconds in order to prevent the activation of any screen savers or auto-locking mechanisms. They use a UPS to keep the device powered up in order to bring it to the digital forensic investigator, who will take an image of the computer's memory and image all the writable storage they find. They may have only once chance to recover the encryption keys used by the suspect, and it's possible if they're still in memory. And they will confiscate every digital device in the suspect's home. The forensic investigator will then trawl through the drive image, looking at any image files. There are forensic investigation programs such as Encase and Autopsy that provide a quick way to display any files it can encounter. These programs include knowledge of the various file systems in common use, and can find images in ZIP files, images inside nested ZIP files, image files in the recycle bins, and any deleted files in unallocated disk space that they can still recover. They have specific capabilities of searching for many various things including cached IP addresses, browser histories, password managers, and pretty much any regexp the investigator can come up with. Perhaps there's a password reset message still lurking in the Trash mailbox. Or there might be record of an online payment to a co-conspirator. It's surprising how few people have good enough operational security to erase all their tracks.
Once they've found evidence, anything the investigator can do to help identify the scene of the crime and/or the identities of the parties involved is top priority. This might include obvious things like EXIF tags in the images, or a hotel room service menu in the corner of an image, or they may check out clothing, decor, monogrammed towels, etc. There have been cases where the child's face was distorted with a paint tool but was recovered by the investigator.
If any usable data comes of this, the police will contact child services to see if the victim(s) can be identified, located, and helped.
Investigating these is a really awful job, and it takes someone with an iron stomach to do it, but it comes with the occasional reward that you've helped put away someone who is involved in the rape and torture of little children, and sometimes even helped rescue a child from a horrific situation. I have a friend who's been doing it for over a decade, and I still don't know how he can go home and sleep some nights. Most of his co-workers burn out after just a year or two on the job, because it really is heart wrenching. Sickening as it can be at times, it is a truly necessary job.
a hash list already, better yet an MD5 list
Can a pedant come along
Of course.
and explain how MD5 is not a hash?
No, because that would not be right. MD5 is a member of the family of hash algorithms, so all MD5s digests are hash algorithm digests, but not all digests are MD5 digests. The GP is requesting a list of hashes, but would prefer the subset of that list that consists only of MD5 hashes.
55% chance is not much better than flipping a coin
If there were only two captions to assess, you'd be correct. But there are 5000 to choose from, and even then the "right" answer is subjective, so 55% is a remarkably high figure.
The bottom line is pretty simple, actually: people almost universally like sweets. You take away their favorite soft drink or candy, and they're going to find a substitute.
We are hardwired to like sweets - they indicate ripe fruit, etc. The problem is availability and dosage. In nature, sweets are rare and hard to come by, so we wouldn't get many in our diet. In the post industrial world, we can have all we want for almost no effort. Like someone addicted to heroin who craves that initial high again, we've increased our tolerances way beyond what is healthy. We can't expect to cut off everybody from candy today. Too many are already hopeless sugar addicts.
As parents, what we can do is at least shield our own offspring from these megadoses of sugars, and teach them a responsible diet, even if we can't follow it ourselves. It won't work for everyone, but some of us will have healthier children as a result.
As for Coca-Cola and this study? It's our responsibility to use it to teach people about corporate misbehavior, how a seemingly benign company can try to do things not in the public's best interests, and that all companies large and small should be watched like the foxes in the hen house they are.
You missed a few biggies. ... menu, when it was one of the most used features. Some apps have preferences in the up swipe app menu, others have them in the right swipe system menu.
11. Requiring mouse users to use invisible gestures to accomplish some tasks, and ignoring inherent usability differences between tablet users and desktop users.
12. The schizophrenic split between Metro and the desktop extended far beyond the two control panels. Every app remained different.
13. Whatever human interface guidelines were used for Metro were 'fail'. Metro apps still have no consistency in how you access settings or access other features. Mail hides the "sync" button behind a three
And 10 is no picnic of usability, either. They've tried to unify Metro and Windows, but it's still awkward feeling. Some Metro apps are hard coded to expect the whole screen, not some reduced drawing area shortened by a task bar. The Metro division bar is capricious and untrustworthy. The start menu still covers the entire screen with a handful of tiles; the giant flat list of apps is still hiding and is still lacking folders, and search only helps if you remember the name of an app, not just the task it does. (Example: searching for 'home' does not identify "Grasshopper", a home automation app.) 10 may be more usable than 8, but it's still a whole shit-ton worse than Windows 7.
The problem is that while Metro may have been a good idea on its own, it was not a good idea to mix it with Windows. And Microsoft knew they wouldn't sell 10 copies of a Metro-only platform (but they tried anyway, unfortunately for the 8 people who bought RT) all because some idiot Monkey-Boy deluded himself into believing millions of people were just waiting for Microsoft to save the day with Windows Phone so they could throw away their awful iPhones.
'Unleaded' is the common name given to the lowest octane gasoline a station sells. Most stations in this country sell gas labeled 'Unleaded', 'Mid-Grade', or 'Premium', corresponding to 87, 91, and 93 octane (using the (R+M)/2 method), and none of which contain lead. A station has a storage tank of 87 octane and another tank of 93, and they sell 91 octane by pumping a 50:50 mix down the same hose.
Decades ago during the phase out of lead, stations simply called the low octane 'unleaded' to distinguish it from 'regular' gas, which was the commonly offered low-octane leaded gas. The name 'unleaded' has been in common use ever since.
"Putting unleaded in premium" in this context refers to the customer selecting premium at the pump, but tricking the software inside the pump to internally draw from from the 87 octane tank.
So chill out. The text makes perfect sense.
Maybe they meant the hackers 'pump up the volume', where they play Country-Rap crossover music so loud that you drive away before your tank is completely full.
Certifi-gate III: Oh hell no!
He got people to buy into his vision, do his bidding, and make him a metric shit-ton of money. That's leadership. It doesn't matter if the vision was transformed through a reality distortion matrix or not; or if he was a micromanaging despot; or if he stole all the best ideas from others.
He spoke, many people followed == Leadership.
"Why won't sharks attack lawyers? Professional courtesy."
"How do you stop a lawyer from drowning? Take your foot off his neck."
"What do you have when you have a lawyer buried up to his neck in sand? Not enough sand."
"The problem with lawyers is that the actions of 99% of them give the other 1% a bad name."
Thanks, you've been a wonderful audience. Tip your waiters, they work hard.
Aside from the illegality of jamming radio frequencies, drones can be programmed to guide themselves to and from a destination without requiring an operator to fly them via real-time radio control. Jamming would be a very expensive solution that would be completely irrelevant before it was even deployed.
Many big games hire actual economists to design and maintain a workable economy.
Which perhaps explains why game economies are crap?
Actually, I thought engineers naively applying math formulas to tune a game's economy explained that pretty well. :-)
Economies are driven by humans making both rational and irrational decisions about the prices of items; with each decision filtered through a unique lens of that buyer's perception of value at that instant. Economists study these activities at a high level, and produce equations that describe 98% of the behavior they see. But they also know that when those remaining 2% of people do something out of the ordinary that changes the game balance, the other 98% rush to copy them and use or abuse that feature. The entire economy quickly suffers as a result. Hiring an actual economist to monitor the game balance can help ensure the prices of items remains usable and fun for both new and experienced players.
Jobs was a great leader, not a great inventor. He inspired creative people to create better things than what existed at that time, and he insisted the human interface was the most important aspect. He refused to accept tiny improvements. And he knew immense profits lay at the end of that path.
And he pissed a lot of people off. Some people willingly accept a sociopathic tyrant, others are repulsed.
Many big games hire actual economists to design and maintain a workable economy. They tweak things much like the Fed tweaks interest rates, in an attempt to keep the game interesting, and to deal with the occasional bugs that cause rampant inflation.
Because then your compression function effectively becomes your encryption function. And it wasn't designed for security.
Keep in mind these are simple issues to identify and exploit. All these "what-if" scenarios have been played out repeatedly, which is why the standard response is always "use a proven secure algorithm, don't roll your own cryptographic solution." It's easier, less bug prone,and the security has been analyzed by more qualified people than you can afford. Any known weaknesses have already been identified and fixed.
What you've described has been known for centuries as a "book cipher". Benedict Arnold used one during the American Revolutionary War to protect his treasonous communication with England.
Anyway, there's a really fun way to beat this kind of encryption today. If Mallory can get Alice or Bob to send a copy of BLACK_SQUARE.BMP, it's literally game over. Imagine XORing your key against a bunch of binary zeros. The result is a big patch of the cleartext version of the data that is your key. Google will find that faster than you can.
I did this to a friend who had the same idea in a "you'll never guess my encryption" challenge. After getting him to download a copy of BLACK.GIF, I stared at the intercepted results for many seconds longer than I should have. It output a repeating string of something like SLASHDOTTODHSALS, so I said that's your key. He was arguing because his key was SLASHDOT, and his "algorithm" was to invert the letters of the key word and append a copy to the end of the key. My mind boggled because I was expecting encryption, not immediate success at recovering his key and data.
Now, let's say you're smart enough to avoid encrypting BLACK_SQUARE.BMP. I can still achieve most of the same results by predicting that your data stream will contain "Host:", "Content-Type:", "Accept: text/plain", "User-Agent:", "HTML", "BODY", and other such 'cribs' (I was all set up to apply this logic to the intercepted message from my friend mentioned above.) By matching fragments of my guesses with your message, I can look to see if I recover legible text. It only takes a surprisingly small amount of recovered text to be able to identify the source.
"Satisfaction guaranteed, or we will refund the unused portion of your money."
Oh, wait. That's who over half the legislature is bought and paid for to represent.
There is this piece of Cat 5 that isn't remotely hackable. Unless it's tapped, or if someone puts an inductor on it, or if they use TDR to estimate the length of the wire to figure out the distance between routers and discover where the Intrusion and Detection Systems are located.
I meant to say it's seen as unfair by the line workers.
Dress codes make a slight amount of sense when the company has a requirement that many employees must wear uniforms. It's not fair to say, "you people who stand in front of customers all day must wear a blue shirt, green tie, and khaki pants" but then say, "you people are in the main office, so you're exempt from dressing like a dork." Some of the line workers resent it. Management can then decide if they want to settle the matter by subjecting everyone to a dress code.
Of course HP doesn't require line workers to wear uniforms, so that's not the case here. This is just another stupid and capricious management decision by a company that's become famous over the last decade for having the most incompetent management of any (formerly) major corporation. HP's executives have been so bad it's easy to imagine an evil Michael Dell offered HP's board of directors one hundred million dollars -each- to sabotage HP into oblivion. (Hey, it makes a lot more sense than any other reason for imposing a dress code on engineers.)
Good point. First, IANAAEE (I am not an automotive electrical engineer) so much of this is speculation, but not all of it. I do think small, hardware firewalls ("data diodes") could help prevent a lot of these problems. I also agree with you in that I don't think the direct access is necessary, but I think it might loop around in such a way that the holes end up being present anyway.
Consider: the crash message from the airbag sensors, which is on the high speed engine control bus (ECB) goes to the door locks. The door locks are on the low speed bus (security network), but bridge both networks. A data diode could stop messages from the door locks from flowing back to the high speed ECB. The door locks, ignition key, and immobilizer are all on the security network. The ignition key talks to the immobilizer. Finally, the immobilizer talks to the ECU, which is on the high speed ECB.
The security network is supposed to be isolated from the cabin comfort network (where the infotainment system, navigation system, and cell phone stuff are.) But the crash signal has to travel to the cell modem somehow, so another component has to allow messages from the ECB to the cabin bus. Plus, some of these cars have "remote start via cell phone", so something still has to enable messages from the cell modem to travel to the immobilizer. How do they get to the security network? (Bigger question: do the Chryslers even have a security network, or do all low speed messages share a common bus?)
If everything were perfect, the immobilizer would be the only potential spot for the bridge; and because the immobilizer's entire job is to prevent the engine from starting unless all the security is perfectly aligned, it seems like the natural place where the engineers would focus their security attention to isolate the low speed bus from the ECB. But obviously not everything's perfect.
It seems like they should have a set of dedicated data protection devices that would be similar in concept to a traffic signal's conflict monitor, somehow hard-wired with a rule that allows only whitelisted messages from the modem to go to the immobilizer.