-
(单词翻译:双击或拖选)
Today's cars have loads of computer smarts built in. Like the chips that allow you, with the push of a button to unlock your car. And as new cars move down the assembly line, automakers program those functions into the car.
"They produce one car and they program a cryptographic secret in it, in order to secure it against thieves." Timo Kasper, a cryptographer and engineer at the security and IT consulting company Kasper & Oswald. "Then comes the next car on the production line and they put the same secrets into the second car. And then comes the third car on the production line and they again put the same secrets into this car. And they repeat this process for millions of cars in the world. And now millions of cars in the world share the same cryptographic secret. Of course, this secret is not so well protected anymore, because it's in every of these million cars, and in every remote control. And this is of course a typical example of how to not do it."
And yet, he says that's exactly how the Volkswagen Group did do it, for many cars manufactured in the last 20 years. Kasper and his colleagues decoded1 that shared cryptographic secret by studying the design and operation of chips from VW Group cars and remotes. After hacking3 the hardware, they were easily able to eavesdrop4 on and decrypt unlocking signals, clone the remote control and unlock cars. They presented the details August 12th at the USENIX Security Symposium5, in Austin, Texas. [Flavio D. Garcia et al., Lock It and Still Lose It—on the (In)Security of Automotive Remote Keyless Entry Systems]
Kasper says VW is aware of the problem—and they're not alone. "This is not a VW bug6 but this is a red line, as we Germans say, through all the automotive industry." In fact, in the same study, they showed that another encryption system used by many other brands, including Ford7, Chevy, Nissan and Mitsubishi, has a weak cryptographic algorithm—which, again, allowed the team to break into more than a dozen cars.
Bottom line? It's easier to hack2 into cars than many drivers might have imagined. So if you want to avoid eavesdropping8, the researchers recommend simply ditching remote controls and cryptography, and just go back to the good old metal key.
—Christopher Intagliata
1 decoded | |
v.译(码),解(码)( decode的过去式和过去分词 );分析及译解电子信号 | |
参考例句: |
|
|
2 hack | |
n.劈,砍,出租马车;v.劈,砍,干咳 | |
参考例句: |
|
|
3 hacking | |
n.非法访问计算机系统和数据库的活动 | |
参考例句: |
|
|
4 eavesdrop | |
v.偷听,倾听 | |
参考例句: |
|
|
5 symposium | |
n.讨论会,专题报告会;专题论文集 | |
参考例句: |
|
|
6 bug | |
n.虫子;故障;窃听器;vt.纠缠;装窃听器 | |
参考例句: |
|
|
7 Ford | |
n.浅滩,水浅可涉处;v.涉水,涉过 | |
参考例句: |
|
|
8 eavesdropping | |
n. 偷听 | |
参考例句: |
|
|