Google
 

Aardvark Daily

New Zealand's longest-running online daily news and commentary publication, now in its 24th year. The opinion pieces presented here are not purported to be fact but reasonable effort is made to ensure accuracy.

Content copyright © 1995 - 2019 to Bruce Simpson (aka Aardvark), the logo was kindly created for Aardvark Daily by the folks at aardvark.co.uk



Please visit the sponsor!
Please visit the sponsor!

Owch, that's gotta hurt!

26 January 2018

Anything that is done by man can be undone by man.

Well I think we all know that this saying is a bunch of baloney (just try unshooting someone in the head) but there are cases where it does apply -- such as encryption.

Hands up everyone who remembers how new-fangled (at the time) DVDs were supposed to protect the movies and TV shows that were on them by using a fancy encryption system?

That encryption system was supposed to be virtually uncrackable -- yet it didn't take too long before there was all manner of decryption software available that let you rip those disks to your hard-drive or transcode them into whatever format you wanted.

How can that be?

Wasn't this supposed to be "strong" encryption?

Well it doesn't matter how strong your encryption is, if you don't keep the keys safe, then it becomes next to useless -- as the creators of the DVD scheme soon found out to their cost.

Although the encryption system used for DVDs (CSS) was basically okay, human error meant that the much-sought-after decryption keys were able to be lifted from a DVD player in which they were very poorly concealed in firmware.

Game over!

Since then, those who rely on such key-based security and control systems to protect themselves against hacking have been pretty vigilant -- but even the most well-funded, successful companies are not immune and an interesting story appeared in The Register today.

It seems that, some time ago, DJI (you know, the drone people) accidentally flagged a code repository as "public" on GitHub, thus exposing their keys to the world.

Some clever developer(s) decided to create a fork of the official software (keys and all) so as to create their own version, thus giving them the power to bypass the geofencing and other restrictions that are normally imposed by the DJI code.

Of course flagging the repository as "public" was a bit of a mistake on DJI's part so they issued a DMCA takedown request in an attempt to have the new fork (and the keys) removed.

Bad luck DJI. As clearly outlined in The Register article, by making their repository public (even if it had only been for a short while), they effectively agreed to allow others to fork their code and continue to publish it (keys and all).

So sad (LOL).

Now I suspect that DJI will take further legal action by way of civil or criminal suit, alleging that although they did make the repository public, it was not their intention to do so and that GitHub's refusal to remove the forked code and keys represents significant damage to DJI.

This will be lots of fun!

I guess the moral to the story is that you should *always* read the fine print when using any service and that even the best DRM or encryption can fall victim to human error so should never be considered "foolproof".

Please visit the sponsor!
Please visit the sponsor!

Have your say in the Aardvark Forums.

PERMALINK to this column


Rank This Aardvark Page

 

Change Font

Sci-Tech headlines

 


Features:

Beware The Alternative Energy Scammers

The Great "Run Your Car On Water" Scam

 

Recent Columns

So handy, so cheap
Hands up all those who remember the clunky, old-fashioned, unreliable, expensive torches of yester-year?...

Another million-dollar idea?
Supermarkets have stopped giving away "free" single-use plastic bags...

The Snowflake Award for 2019 goes to...
Many groups of workers have representative bodies that lobby strongly for their rights and to protect their members...

YouTube bans ads on "controversial" videos
Some people stir up controversy, almost as if for fun...

Could outer space bring peace to earth?
Space exploration is heating up...

Is nuclear power the future?
If you've ever read any of those old Popular Science or Popular Mechanics magazines from the 1950s and 1960s, you'd be forgiven for thinking that by now (2019), the world would be almost totally nuclear powered...

Red tape run amok
Everyone knows about clipboard nazis...

Better than radio-waves
Radio transmissions are (IMHO) one of mankind's greatest achievements...

Google Chromecast - crap!
The wife wanted Netflix but our "generic" brand TV isn't smart enough on its own...

Beware the digital eviction
We are the masters of technology...

Is this butterfly a canary?
Back in "the olden days", men working in coal mines, deep below the surface of the planet, would take canaries with them as they dug deep into the earth's crust...