Nijmegen university fights British ban on car hacking research

By

A British judge has imposed a ban in favour of car manufacturer Volkswagen who claims that the publication of research on car-starting codes for luxury cars would be detrimental to their business. Roel Verdult and Baris Ege of the Radboud Universiteit Nijmegen together with Flavio Garcia of the University of Birmingham wrote the publication ‘Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobiliser. Since Volkswagen and other car manufacturers don’t want all those codes out in the open, they went to court in the UK and won. Oddly enough, much of the information has apparently already been floating around the Internet since 2009 but nobody really noticed until now.

The Radboud Universiteit Nijmegen is not taking it lying down and is going to court to fight the ban. The university claims that the researchers’ aim was to improve security for everyone, not to give criminals a helping hand at hacking into high-end cars. They argued that “the public have a right to see weaknesses in security on which they rely exposed”. Otherwise, the “industry and criminals know security is weak but the public do not”.

It seems to me that basing a security algorithm on secrecy rather than complexity is asking for problems once someone cracks the code, and assuming that that will never happen is not smart. The researchers didn’t do anything illegal yet they got a gag order. Why not comprise with a ban for like 6 months to let the car manufacturers get their act together? And do the researchers really need to publish damaging details to make their point that the security is weak? Stay tuned.

(Links: www.theguardian.com, www.bright.nl, Photo: guusterbeek.nl)

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.