Sunday, January 30, 2005

Well that didn't take long

(Via WorldNet Daily)

WARNING: GEEK ALERT!

Cryptographers unlock code of 'thiefproof' car key

Matthew Green starts his 2005 Ford Escape with a duplicate key he had made at Lowe's. Nothing unusual about that, except that the automobile industry has spent millions of dollars to keep him from being able to do it.

It took some bright grad students at John Hopkins 3 months to defeat the auto industry's newest "thiefproof" key.

And before the universal reply to such hacks, which is to claim that they had oodles and oodles of specialized equipment...

The researchers used several thousand dollars of off-the-shelf computer equipment to crack the code, and had to fill a back seat of Green's SUV with computers and other equipment to successfully imitate a key. But the cost of equipment could be brought down to several hundred dollars, Rubin said, and Adam Stubblefield, one of the Hopkins graduate students, said, "We think the entire attack could be done with a device the size of an iPod."

Several thousand dollars? Face it, for professional car thieves, that's simply a cost of doing business. All it will take is for organized crime, which has the money to pay for design and manufacturing (and who probably knows who can do this work and how to motivate them to do it), and those little iPod-size devices will start showing up. Maybe they could call it the iSteal?

I wonder how much fun these will be for places like Walmart, who are hopping on the RFID device bandwagon with all their might. Just reprogram the little RFID tag on that new DVD to $9.98 from $19.98--what a deal! It might not even have to be that fancy--it burns out the existing RFID tag and sends out something different at the checkout. How about a big screen TV for $199.99? One might call that a steal...

And the enterprising Hopkins students have tried something similar with the Exxon Speedpass gas payment system. It worked.

As you might expect, Texas Instruments, who makes the system, pooh-poohs the idea that any of this is a problem. Speaking to the Speedpass exploit, Tony Sabetti of TI states that any improvements to the system are

... a solution to a problem that doesn't exist.

As my wife says, "Famous Last Words". Someone really needs to start reading RISKS Digest on the subject of "security through obscurity".

Helpful hint--it rarely works.

Iraqi election a disaster

At least if you're a member of the boot-licking Liberal Left Mainstream Media:

CNN: Iraqis vote amid violence

Insurgents carried out more than a dozen attacks across the country on Sunday, killing at least 25 people and wounding 71 others.

Yep, that's pretty bad, considering that al-Zarquawi had promised over 400 such attacks.

MSNBC: Against violent backdrop, Iraqis turn out to vote

Optimism about the vote was tempered by low turnout among Sunni Muslims, which could undermine the new government and worsen tensions among the country’s ethnic, religious and cultural groups.

Early reports are showing a 72% voter turnout. The best the US has ever managed (as far as I can find) is 63%, and that was without people being threatened with beheading if they voted. I'm sorry, but if the Sunnis don't want to vote, well, that an exercise of their new-found freedom. A stupid exercise, but an exercise nonetheless.

The one that truly shocks me is this Reuters report: Defiant Iraqis Vote in Their Millions Despite Bombs

This one is worth quoting at some length...

Some came on crutches, others walked for miles then struggled to read the ballot, but across most of Iraq millions turned out to vote Sunday, defying insurgent threats of a bloodbath.

Suicide bombs and mortars killed at least 33 people, but Iraqis still came out in force for the first multi-party poll in 50 years. While in some areas turnout was scant, in most places, including violent Sunni Arab regions, it exceeded expectations.

Many cheered with joy at their first chance to cast a free vote, while others shared chocolates with fellow voters.

Even in Falluja, the Sunni city west of Baghdad that was a militant stronghold until a U.S. assault in November, a steady stream of people turned out, confounding expectations. Lines of veiled women clutching their papers waited in line to vote.

A positive story, and from the European press, no less. Like I said, I'm shocked.

But then, back to the standard drumbeat.

From The New Zealand Herald: Iraq votes: Bloody road to freedom

We have two paragraphs about two men voting (probably for the first time in their lives), then we get down to business...

Yet neither man is without misgivings. The euphoria shown by Iraqi exiles as they voted in foreign countries is absent in Iraq.

Although the election is the closest Iraq has come to a free and fair poll, its shortcomings are impossible to ignore

Despite how hard they may try, the simple fact is this: Despite the efforts of the terrorists, despite the constant media "more bad news from Iraq" drumbeat, despite what some of our elected jackasses in Congress spew forth, despite everything, the people of Iraq have made an electoral choice for the first time in 50+ years. This is a historic time for them. No matter what they have decided (and we don't know yet, the ballots not having been counted), they have made their own choice--and that's the important thing.
At the same time, we should remember the price that has been paid, by our military and the Iraqis themselves, to reach this point. I hope the new government of Iraq makes the most of what has been purchased.

Another bombing in Spain

A bomb exploded Sunday in a Mediterranean resort hotel in southeast Spain after a telephone warning from the Basque separatist group ETA, Interior Ministry officials said.

You know, I've said it before, I've said it again, and I'm going to keep hammering the point until people get the message--negotiating with, or caving into terrorists has never and will never work. If you don't want to be attacked, you must make them too afraid of what you'll do in retaliation.