As I recall, the Prius was never a problem in the computer systems. In every case I'm aware of, it was a mechanical fault -- the floor mat pushing on the accelerator. The result was an NTSB mandate that the brakes be able to stop and hold a car at full throttle.
In this case, we don't know what all was tried. But I'd assume the engineer(s) would at least try to power the car off. These are three systems; they're all controlled by one computer system. (abs is completely independent system. that's not really going to help here, unless you have a diag system attached... even then those programs are for bleeding air from the abs, not controlled braking.)
Sadly, even if the US had complex testing to get a license, you're only tested once, when you first get your license. Then again (written) at 65. People memorize enough of the handbook to pass the test, and then forget all of it. The driving test is even more of a joke. There's almost zero test of car operations and control -- stop/start, gear selection, and keep it between the lines. 3 point turn? I don't think they do that anymore. Parallel parking? no longer taught or tested. (not that I've seen any parallel parking in decades.)
No, but I'm not the NTSB. And manufacturers are quick to cover these sorts of things up -- as best they can.
I'd also like to point out, if the computer has stopped listening to user inputs, it stands to reason it wouldn't be listening to the many engine inputs either -- and that means the engine stops working (partially or totally) If this guy's story stands up (i.e. it's not user error), my money is on fault(s) in the aftermarket modifications.
Yes. I invite you to try it yourself. Run your car up to 60 and yank up on the brake. If you're lucky, you might have enough pavement to go into a flat spin without hitting anything. Otherwise, you hit something (or someone) and/or leave the pavement where your odds of rolling greatly increase -- i.e. into a ditch and then on your roof.
The e-brake actuates the rear brakes alone @ 100% -- in this case, with the engine still trying to pull the car forward. Depending on the vehicle, the normal foot brake sends no more than 50% of the force to the rear wheels. (60/40 is common on the things I'm aware of.) Most of the stopping power is in the larger front disc brakes. That's also where most cars have all the weight. (i.e. the engine.) Trying to stop a car from speed with only the tiny rear disc, or worse DRUM, brakes is a tall order. (yes, I'm shocked to see current year model cars rolling out with f'ing drum rear breaks.)
Controlled use of the hand-brake (if it is a hand mechanism vs. a pedal) is hard to do. It's even harder in a panic situation. Locking the rear wheels at 60+ would almost certainly end in a rolled car.
You are assuming the computer is obeying you. When it fails, it may not care what you're doing to the switch. And my car doesn't have a physical shifter to "put it in park" -- park is a button like everything else, and it activates automatically when the system is turned off.
(I like my race car technology... a big red it-kills-all-electrical-power disconnect switch.)
I've been there. Lexus (and I suspect Toyota too) know the battery in the fob is dead, and will not complain at all once the fob is moved away from the button's power coil. It's supposed to warn you before it gets too low.. but if you have a 2yo climbing on you and effectively standing on the buttons for an hour... I don't know what the car would do if the key were, say, thrown out the window going down the highway. (at $350 per fob, I'm not about to try it.)
Really? I've never even heard of a manual "by wire" transmission -- i.e. anything with a pedal, DSG (doesn't have a pedal) and "flappy paddle" doesn't count. Every one I've ever seen is direct cable or hydraulic linkage to the pedal. (well, until you talk about a transit bus)
You're assuming that slot actually has any meaning beyond a holder for the card. Under normal operations, removing it may do nothing. Once the car has become possessed, it may not care if the key even exists. The "start" button will do nothing with the car at speed; again, once possessed, it may not even listen to that button. The gear selector is also electronic, and thus may not obey the operator.
If you're VERY lucky, you might be in an area with run-away truck ramps. That'll GD stop the car. Otherwise, you'll have to start physically disconnecting things (read: pull fuses) -- and that's hard to do at speed on a highway. (and in some cars, impossible without opening th driver door.)
I thought the same thing, and then went to lookup the specs for the car... it's a drive by wire, totally electronic system. The "start" button is only a suggestion; if the car is in motion, it'll do nothing at all. It might not have even honored the shifter to go to neutral. (again, not a mechanical link anymore)
Sounds to me like a cruise control gone mad. Foot off the pedals, the car should naturally slow down. Removing the key might work if it's not wireless. (my key is bluetooth. it'd have to be outside the car for it shutdown ("theft mode"))
For the record, the lexus HS I drive, I'm told, has a manual override in the brake system. The first half travel is electronic; if you continue pushing the pedal to the floor, you're pushing on the hydrolics. (and the e-brake is a steal cable to the rear calipers)
NC Law (and safety inspection) requires the e-brake to bring the car to a dead stop. (tested pulling into the bay, so sub-5mph) If it does not, the car will fail inspection. If you don't get it fixed, the DMV will revoke your tag -- and send people out to actually take it away from you.
Granted at 60mph, you're very likely to burn up the brakes, or lock the rear wheels (FWD)... and then things get really fun. (50/50 you'll lose control or blow one or both tires, *and* lose control)
And apple (and sun) used OpenFirmware for EONS before that -- prior to using intel crap. Linux EFI support is due to Itanium. UEFI was a waste of time reinventing a wheel (OF) that had been used for decades.
And you most certainly do NOT need UEFI to boot from a GPT disk. GPT already mandates a "legacy MBR". I boot non-UEFI systems from GPT disks (3+TB) every day. Sure, it takes a bit of hammering to get debian or redhat to set the system up that way, but it's not impossible.
When was the last time the console caused a panic? I've used linux for a very long time, and I cannot remember a system crashing due to the *console*. I've seen many instances of X crashing in ways requiring a reboot, and fbcon applications panicing the system. The age old linux console does exactly what it NEEDS to do; if you want fancy fonts, graphics, multi-head multi-seat mini-computer esq functions, you use something else. (X11 and fbcon)
Multi-head, multi-seat installations... I remember mini-computers. Today, it's cheaper to buy a little PC than all the systems and hardware to do multi-seat that's actually usable for anything more than IRC. VT520??? Show me one application in common use that needs a VT520 terminal. I can point out several TN3270 terminal apps (usually in banking, government, and point of sale), but no VT line graphics apps.
I love the guy's inventiveness, but it's a solution in search of a problem. It's like a RADIUS server written in BASH, or prime factoring with sed -- neat, but completely impractical.
blah blah... you know jack about my password(s), so you're left with trying passwords at (more or less) random. Probability tables can be used based on other people's passwords [an approximation of f], but you have no such probabilities on the composition of *my* passwords. Yes, dee-zero-GEE would be one of the dictionary permutations of any modern password cracker. WHAT THEY WON'T GUESS IS THE 13 PERIODS FOLLOWING IT. People like you LOVE to poo on people's passwords having seen the plaintext; the thing you assholes refuse to admit is that you would never have guessed it in several lifetimes. It's only a stupid password once you've seen it; that's true of many passwords.
ALL passwords are security through obscurity. The whole point of the password is that no one else knows what it is, or what it looks like. To that end, his password is perfectly secure... until a hacker knows it's mostly periods. That's not something any random hacker is going to know, or even try.
And where do I get this mythical "firmware update" for the NIC CHIP? I'm sure the chip has code in it, but I've never even heard of a utility from Intel to update the in-chip code in a nic. (it's called "microcode", not firmware)
Where can I find this list of "smarmy sites" to block? And who's maintaining this database IN REAL TIME? We've all been there. Block lists of this nature are never accurate or up to date, and every one I've ever known of has devolved into a political hit list -- sites get listed because someone doesn't like someone, or to "send a message", or "get their attention". (anti-spam lists fail like this too.)
Tor??? Are you f'ing serious? Do you know anything about Tor?
The "log-in" is the shield for safe harbour. It won't hold up in court, and your ISP won't give a single shit while pointing to the ToS and booting you to the curb.
People look for and prefer WiFi to cellular data for two very valid reasons... 1) their data plan is capped with ass-raping overage costs. And 2) the cell networks can be (and often are) slower than local WiFi connectivity. (for simple web and email, 100ms+ latency isn't a killer, but for any interactive connection, it's a pain.) [And 3) the wifi radio uses way less power than the 4g/LTE radio.]
Hello. You're ALREADY the man in the middle. You're foolish enough just connecting to some random, unencrypted, "open" wifi network. Security is entirely on the user at that point.
(encrypting the wifi with a key everyone knows -- "open" remember -- is simply useless.)
Actually, their video doesn't show shit. An apparent DOS box running a few commands, followed by a "nc" connection to a random port that may or MAY NOT actually be to a compromised system. Until they say exactly what they've exploited (with code), it's just Marketing FUD.
They apparently count every bit that's signaled between the DSLAM and modem. That would include the ATM layer -- which would significantly increase the numbers. It's been bullshit from day one... they won't tell you what they're actually measuring (if anything); there's no way to dispute the numbers; and there's ZERO auditing or accountability to their system. AT&T: You've used what ever the f*** we say you've used.
(it's the same BS they've claimed in their wireless business as well. How many phones have been billed for usage when they weren't even powered on!)
Find me one NASCAR driver that understands the physics of what they're doing. Then find a physicist who can drive the car even half as well.
Bottom line... a good driver has to have lightning reflexes, and instincts for driving. (you have very little time to actually think about what you're doing.) You don't have to understand the how and why, just that it does.
(for the record, I'm more the physicist in the car. I think too much to be really good *and* fast; I can be fast, but dangerous, or slow and technically perfect.)
Unless you live in an area with no laws, I'm pretty sure there are very well defined rules (and LAWS) prohibiting apartments from having generators, and ESPECIALLY storing combustable fuels -- gasoline, propane, butane, hydrogen, etc. They are pretty serious fire risks. While they're designed not to explode, they still can, and even when they don't, they make a small fire a HUGE fire. Further adding to the no-no, apartments aren't readily equiped for alternate power connections, so you'd have drop cords running to anything ("everything") in the apartment adding to the fire hazard. I've seen a lot of houses burn due to improper generator connections and overloaded cords. (also a few electrocutions)
In my apartment in Raleigh, NC, the lease was very specific on that... NO gas bottles or tanks; NONE, not even a little 16oz brazing torch. (they were ok with a 2oz butane can -- soldering torch.) City fire code has prohibited "open flame" grills for many decades. (from memory... "no cooking with open flame within 6ft of any multi-family dwelling." that would be apartments, condos, and townhouses.)
Slashdot Mirror
The *intent* is what makes it illegal. Of course, 99.999% of law enforcement is not prepared to deal with this sort of modern crime.
Technically, it wasn't. Everyone having the same key (or nearly so) is a very different problem. A well constructed, unique key is quite secure.
As I recall, the Prius was never a problem in the computer systems. In every case I'm aware of, it was a mechanical fault -- the floor mat pushing on the accelerator. The result was an NTSB mandate that the brakes be able to stop and hold a car at full throttle.
In this case, we don't know what all was tried. But I'd assume the engineer(s) would at least try to power the car off. These are three systems; they're all controlled by one computer system. (abs is completely independent system. that's not really going to help here, unless you have a diag system attached... even then those programs are for bleeding air from the abs, not controlled braking.)
Sadly, even if the US had complex testing to get a license, you're only tested once, when you first get your license. Then again (written) at 65. People memorize enough of the handbook to pass the test, and then forget all of it. The driving test is even more of a joke. There's almost zero test of car operations and control -- stop/start, gear selection, and keep it between the lines. 3 point turn? I don't think they do that anymore. Parallel parking? no longer taught or tested. (not that I've seen any parallel parking in decades.)
No, but I'm not the NTSB. And manufacturers are quick to cover these sorts of things up -- as best they can.
I'd also like to point out, if the computer has stopped listening to user inputs, it stands to reason it wouldn't be listening to the many engine inputs either -- and that means the engine stops working (partially or totally) If this guy's story stands up (i.e. it's not user error), my money is on fault(s) in the aftermarket modifications.
Yes. I invite you to try it yourself. Run your car up to 60 and yank up on the brake. If you're lucky, you might have enough pavement to go into a flat spin without hitting anything. Otherwise, you hit something (or someone) and/or leave the pavement where your odds of rolling greatly increase -- i.e. into a ditch and then on your roof.
The e-brake actuates the rear brakes alone @ 100% -- in this case, with the engine still trying to pull the car forward. Depending on the vehicle, the normal foot brake sends no more than 50% of the force to the rear wheels. (60/40 is common on the things I'm aware of.) Most of the stopping power is in the larger front disc brakes. That's also where most cars have all the weight. (i.e. the engine.) Trying to stop a car from speed with only the tiny rear disc, or worse DRUM, brakes is a tall order. (yes, I'm shocked to see current year model cars rolling out with f'ing drum rear breaks.)
Controlled use of the hand-brake (if it is a hand mechanism vs. a pedal) is hard to do. It's even harder in a panic situation. Locking the rear wheels at 60+ would almost certainly end in a rolled car.
You are assuming the computer is obeying you. When it fails, it may not care what you're doing to the switch. And my car doesn't have a physical shifter to "put it in park" -- park is a button like everything else, and it activates automatically when the system is turned off.
(I like my race car technology... a big red it-kills-all-electrical-power disconnect switch.)
I've been there. Lexus (and I suspect Toyota too) know the battery in the fob is dead, and will not complain at all once the fob is moved away from the button's power coil. It's supposed to warn you before it gets too low.. but if you have a 2yo climbing on you and effectively standing on the buttons for an hour... I don't know what the car would do if the key were, say, thrown out the window going down the highway. (at $350 per fob, I'm not about to try it.)
Really? I've never even heard of a manual "by wire" transmission -- i.e. anything with a pedal, DSG (doesn't have a pedal) and "flappy paddle" doesn't count. Every one I've ever seen is direct cable or hydraulic linkage to the pedal. (well, until you talk about a transit bus)
You're assuming that slot actually has any meaning beyond a holder for the card. Under normal operations, removing it may do nothing. Once the car has become possessed, it may not care if the key even exists. The "start" button will do nothing with the car at speed; again, once possessed, it may not even listen to that button. The gear selector is also electronic, and thus may not obey the operator.
If you're VERY lucky, you might be in an area with run-away truck ramps. That'll GD stop the car. Otherwise, you'll have to start physically disconnecting things (read: pull fuses) -- and that's hard to do at speed on a highway. (and in some cars, impossible without opening th driver door.)
I thought the same thing, and then went to lookup the specs for the car... it's a drive by wire, totally electronic system. The "start" button is only a suggestion; if the car is in motion, it'll do nothing at all. It might not have even honored the shifter to go to neutral. (again, not a mechanical link anymore)
Sounds to me like a cruise control gone mad. Foot off the pedals, the car should naturally slow down. Removing the key might work if it's not wireless. (my key is bluetooth. it'd have to be outside the car for it shutdown ("theft mode"))
For the record, the lexus HS I drive, I'm told, has a manual override in the brake system. The first half travel is electronic; if you continue pushing the pedal to the floor, you're pushing on the hydrolics. (and the e-brake is a steal cable to the rear calipers)
NC Law (and safety inspection) requires the e-brake to bring the car to a dead stop. (tested pulling into the bay, so sub-5mph) If it does not, the car will fail inspection. If you don't get it fixed, the DMV will revoke your tag -- and send people out to actually take it away from you.
Granted at 60mph, you're very likely to burn up the brakes, or lock the rear wheels (FWD)... and then things get really fun. (50/50 you'll lose control or blow one or both tires, *and* lose control)
And apple (and sun) used OpenFirmware for EONS before that -- prior to using intel crap. Linux EFI support is due to Itanium. UEFI was a waste of time reinventing a wheel (OF) that had been used for decades.
And you most certainly do NOT need UEFI to boot from a GPT disk. GPT already mandates a "legacy MBR". I boot non-UEFI systems from GPT disks (3+TB) every day. Sure, it takes a bit of hammering to get debian or redhat to set the system up that way, but it's not impossible.
When was the last time the console caused a panic? I've used linux for a very long time, and I cannot remember a system crashing due to the *console*. I've seen many instances of X crashing in ways requiring a reboot, and fbcon applications panicing the system. The age old linux console does exactly what it NEEDS to do; if you want fancy fonts, graphics, multi-head multi-seat mini-computer esq functions, you use something else. (X11 and fbcon)
Multi-head, multi-seat installations... I remember mini-computers. Today, it's cheaper to buy a little PC than all the systems and hardware to do multi-seat that's actually usable for anything more than IRC. VT520??? Show me one application in common use that needs a VT520 terminal. I can point out several TN3270 terminal apps (usually in banking, government, and point of sale), but no VT line graphics apps.
I love the guy's inventiveness, but it's a solution in search of a problem. It's like a RADIUS server written in BASH, or prime factoring with sed -- neat, but completely impractical.
blah blah... you know jack about my password(s), so you're left with trying passwords at (more or less) random. Probability tables can be used based on other people's passwords [an approximation of f], but you have no such probabilities on the composition of *my* passwords. Yes, dee-zero-GEE would be one of the dictionary permutations of any modern password cracker. WHAT THEY WON'T GUESS IS THE 13 PERIODS FOLLOWING IT. People like you LOVE to poo on people's passwords having seen the plaintext; the thing you assholes refuse to admit is that you would never have guessed it in several lifetimes. It's only a stupid password once you've seen it; that's true of many passwords.
ALL passwords are security through obscurity. The whole point of the password is that no one else knows what it is, or what it looks like. To that end, his password is perfectly secure... until a hacker knows it's mostly periods. That's not something any random hacker is going to know, or even try.
And where do I get this mythical "firmware update" for the NIC CHIP? I'm sure the chip has code in it, but I've never even heard of a utility from Intel to update the in-chip code in a nic. (it's called "microcode", not firmware)
Really?
Where can I find this list of "smarmy sites" to block? And who's maintaining this database IN REAL TIME? We've all been there. Block lists of this nature are never accurate or up to date, and every one I've ever known of has devolved into a political hit list -- sites get listed because someone doesn't like someone, or to "send a message", or "get their attention". (anti-spam lists fail like this too.)
Tor??? Are you f'ing serious? Do you know anything about Tor?
The "log-in" is the shield for safe harbour. It won't hold up in court, and your ISP won't give a single shit while pointing to the ToS and booting you to the curb.
People look for and prefer WiFi to cellular data for two very valid reasons... 1) their data plan is capped with ass-raping overage costs. And 2) the cell networks can be (and often are) slower than local WiFi connectivity. (for simple web and email, 100ms+ latency isn't a killer, but for any interactive connection, it's a pain.) [And 3) the wifi radio uses way less power than the 4g/LTE radio.]
Hello. You're ALREADY the man in the middle. You're foolish enough just connecting to some random, unencrypted, "open" wifi network. Security is entirely on the user at that point.
(encrypting the wifi with a key everyone knows -- "open" remember -- is simply useless.)
*cough*VMware vCenter*cough*
You haven't seen it because you haven't been looking for it. It's there, but few people ever notice what's being installed behind that setup.exe.
Actually, their video doesn't show shit. An apparent DOS box running a few commands, followed by a "nc" connection to a random port that may or MAY NOT actually be to a compromised system. Until they say exactly what they've exploited (with code), it's just Marketing FUD.
They apparently count every bit that's signaled between the DSLAM and modem. That would include the ATM layer -- which would significantly increase the numbers. It's been bullshit from day one... they won't tell you what they're actually measuring (if anything); there's no way to dispute the numbers; and there's ZERO auditing or accountability to their system. AT&T: You've used what ever the f*** we say you've used.
(it's the same BS they've claimed in their wireless business as well. How many phones have been billed for usage when they weren't even powered on!)
Find me one NASCAR driver that understands the physics of what they're doing. Then find a physicist who can drive the car even half as well.
Bottom line... a good driver has to have lightning reflexes, and instincts for driving. (you have very little time to actually think about what you're doing.) You don't have to understand the how and why, just that it does.
(for the record, I'm more the physicist in the car. I think too much to be really good *and* fast; I can be fast, but dangerous, or slow and technically perfect.)
Unless you live in an area with no laws, I'm pretty sure there are very well defined rules (and LAWS) prohibiting apartments from having generators, and ESPECIALLY storing combustable fuels -- gasoline, propane, butane, hydrogen, etc. They are pretty serious fire risks. While they're designed not to explode, they still can, and even when they don't, they make a small fire a HUGE fire. Further adding to the no-no, apartments aren't readily equiped for alternate power connections, so you'd have drop cords running to anything ("everything") in the apartment adding to the fire hazard. I've seen a lot of houses burn due to improper generator connections and overloaded cords. (also a few electrocutions)
In my apartment in Raleigh, NC, the lease was very specific on that... NO gas bottles or tanks; NONE, not even a little 16oz brazing torch. (they were ok with a 2oz butane can -- soldering torch.) City fire code has prohibited "open flame" grills for many decades. (from memory... "no cooking with open flame within 6ft of any multi-family dwelling." that would be apartments, condos, and townhouses.)