Kill switches and remote control
July 4, 2008 – 5:05 pm by JohnBruce Schneier, the computer-security guru whom Brad at WendyMcElroy.com often links to, wrote a pretty chilling post on kill switches and remote control. This type of technology is an example of why government is not your only enemy, but its creation of the national-security state enables private companies and individuals to violate your rights more easily.
OnStar will soon include the ability for the police to shut off your engine remotely. Buses are getting the same capability, in case terrorists want to re-enact the movie Speed. …
Microsoft is doing some of the most creative thinking along these lines, with something it’s calling “Digital Manners Policies.” According to its patent application, DMP-enabled devices would accept broadcast “orders” limiting capabilities. Cellphones could be remotely set to vibrate mode in restaurants and concert halls, and be turned off on airplanes and in hospitals. Cameras could be prohibited from taking pictures in locker rooms and museums, and recording equipment could be disabled in theaters. Professors finally could prevent students from texting one another during class.
He then brings up many of the concerns anyone should have about such frightening technology and the desire to use it. However, he makes a puzzling mistake for someone who is (I presume) thought of so favorably by so many libertarians, and for someone who understands the dangers of such Orwellian technology so well, otherwise. He says,
How do we prevent this from being abused? …Do the police get “superuser” devices that cannot be limited, and do they get “supercontroller” devices that can limit anything? How do we ensure that only they get them, and what do we do when the devices inevitably fall into the wrong hands?
Obviously their hands are the wrong hands. The universal availability of “supercontroller” devices would make this type of technology almost completely worthless in everyday electronic devices, which seems to me would be a good thing. If state legislatures or the Congress make such devices legally available to government agents only, then we will know one huge reason that we become victims to this technology. It will be interesting to follow the development of these technologies and the legislation pertaining to them.
2 Responses to “Kill switches and remote control”
This promises yet another wasteful hackers-vs-would-be-controllers battle which will always be won by the hackers.
Phase one: Cut the wires or traces to the kill device, or fry it with a high-frequency discharge. This will be made illegal, and interlocks will be introduced such that such a simple attack is well nigh impossible.
Phase two: “Mod chip” type addons which integrate themselves lamprey-like onto the system and subvert it become available from black fabs in China and elsewhere. These will be made illegal, and distributors of the devices will face prison and fines.
Phase three: Reverse engineering and firmware cracking into the killswitch devices will enable installation of null, bypass, dummy or other code to defeat its function. Extra functions may even be found able to run in the processor/memory space thus liberated. These will be made illegal, and the government will mandate manufacturers to take more stringent security measures in hardware and software design. Hackers release first working Ubuntu distribution for Big-Brother-in-your-Car platforms.
Phase four: Chip-etching and electron microscope attacks against “secure” hardware enable discovery of design flaws, manufacturer backdoors, debug interfaces and other points of weakness. Exploitation devices and code take advantage of these, and are made illegal.
Phase five: As the hardware technology becomes tougher to crack and exploit, other avenues will be employed. In the connected future it will be an easy (though non-trivial) matter to play man-in-the-middle on a vehicle-wide killswitch network by sending periodic challenge/response authentication datagrams via p2p networks to black service providers who deliver a simulation of the supposedly cryptographically-secure “keep running unless these messages quit coming” deadman switch mechanism, either for profit, hobby or underground reputation cred motivations.
For info on how this last phase is currently playing out in the world of digital satellite television, google “gbox”, “newcamd” or “newcs”.
By Mike on Jul 4, 2008
Wow, that’s a really interesting and entirely realistic scenario.
By John on Jul 5, 2008