jm + firmware   8

How they did it: an analysis of emissions defeat devices in modern automobiles
Using CurveDiff, the team analysed 963 firmware images, for which analysis completed successfully for 924. 406 of the analysed images contained a defeat device, out of which 333 contained at least one active profile. In at least 268 images, the test detection affects the EGR. Firmware images released on Dec 3rd 2014 are used in VW Passat cars, and include the refinement to the defeat device to detect steering wheel angle that we discussed previously.
cars  driving  emissions  diesel  volkswagen  law  regulation  firmware  reverse-engineering 
4 weeks ago by jm
Why American Farmers Are Hacking Their Tractors With Ukrainian Firmware
DRM working as expected:
To avoid the draconian locks that John Deere puts on the tractors they buy, farmers throughout America's heartland have started hacking their equipment with firmware that's cracked in Eastern Europe and traded on invite-only, paid online forums. Tractor hacking is growing increasingly popular because John Deere and other manufacturers have made it impossible to perform "unauthorized" repair on farm equipment, which farmers see as an attack on their sovereignty and quite possibly an existential threat to their livelihood if their tractor breaks at an inopportune time.

(via etienneshrdlu)
hacking  farming  drm  john-deere  tractors  firmware  right-to-repair  repair 
march 2017 by jm
spoofing the samsung smart tv internet check
If this kind of bullshit -- a HTTP GET of an XML file from www.samsung.com -- is how the Samsung Smart TV firmware decides if the internet is working or not, I dread to think how crappy the rest of the code is. (At least in Netnote we performed a bunch of bigco-domain DNS lookups before giving up...)
smart-tv  samsung  fail  xml  http  internet  embedded-software  firmware  crap-code 
april 2014 by jm
Belkin managed to put their firmware update private key in the distribution
'The firmware updates are encrypted using GPG, which is intended to prevent this issue. Unfortunately, Belkin misuses the GPG asymmetric encryption functionality, forcing it to distribute the firmware-signing key within the WeMo firmware image. Most likely, Belkin intended to use the symmetric encryption with a signature and a shared public key ring. Attackers could leverage the current implementation to easily sign firmware images.'

Using GPG to sign your firmware updates: yay. Accidentally leaving the private key in the distribution: sad trombone.
fail  wemo  belkin  firmware  embedded-systems  security  updates  distribution  gpg  crypto  public-key  pki  home-automation  ioactive 
february 2014 by jm
Toyota's killer firmware: Bad design and its consequences
This is exactly what you do NOT want to read about embedded systems controlling acceleration in your car:

The Camry electronic throttle control system code was found to have 11,000 global variables. Barr described the code as “spaghetti.” Using the Cyclomatic Complexity metric, 67 functions were rated untestable (meaning they scored more than 50). The throttle angle function scored more than 100 (unmaintainable).
Toyota loosely followed the widely adopted MISRA-C coding rules but Barr’s group found 80,000 rule violations. Toyota's own internal standards make use of only 11 MISRA-C rules, and five of those were violated in the actual code. MISRA-C:1998, in effect when the code was originally written, has 93 required and 34 advisory rules. Toyota nailed six of them. Barr also discovered inadequate and untracked peer code reviews and the absence of any bug-tracking system at Toyota.


On top of this, there was no error-correcting RAM in use; stack-killing recursive code; a quoted 94% stack usage; risks of unintentional RTOS task shutdown; buffer overflows; unsafe casting; race conditions; unchecked error code return values; and a trivial watchdog timer check. Crappy, unsafe coding.
firmware  horror  embedded-systems  toyota  camry  safety  acceleration  misra-c  coding  code-verification  spaghetti-code  cyclomatic-complexity  realtime  rtos  c  code-reviews  bug-tracking  quality 
october 2013 by jm
TomatoUSB
'an alternative Linux-based firmware for powering Broadcom-based ethernet routers. It is a modification of the famous Tomato firmware, with additional built-in support for USB port, wireless-N mode support, support for several newer router models, and various enhancements. Tomato USB supports many Broadcom-based routers from Asus, Linksys, Buffalo, Netgear and other manufacturers.' Looks good -- I've been a Tomato fan for many years -- and jzawodny-approved
router  tomato  firmware  linux  routers  wireless  wifi  from delicious
march 2011 by jm
Amazon.com: ASUS RT-N16 Wireless-N Gigabit Router: Electronics: Reviews, Prices & more
tipped as the next generation of hackable router; 128MB RAM, 533MHz CPU, supports 802.11N and 1000Base-T, and runs Tomato firmware. pity I just bought another WRT54GL a couple of months back
hackable  devices  hardware  asus  rt-n16  tomato  firmware  open  802.11n  wifi  from delicious
october 2010 by jm

Copy this bookmark:



description:


tags: