Google
 

Aardvark Daily

New Zealand's longest-running online daily news and commentary publication, now in its 24th year. The opinion pieces presented here are not purported to be fact but reasonable effort is made to ensure accuracy.

Content copyright © 1995 - 2018 to Bruce Simpson (aka Aardvark), the logo was kindly created for Aardvark Daily by the folks at aardvark.co.uk



Please visit the sponsor!
Please visit the sponsor!

Owch, that's gotta hurt!

26 January 2018

Anything that is done by man can be undone by man.

Well I think we all know that this saying is a bunch of baloney (just try unshooting someone in the head) but there are cases where it does apply -- such as encryption.

Hands up everyone who remembers how new-fangled (at the time) DVDs were supposed to protect the movies and TV shows that were on them by using a fancy encryption system?

That encryption system was supposed to be virtually uncrackable -- yet it didn't take too long before there was all manner of decryption software available that let you rip those disks to your hard-drive or transcode them into whatever format you wanted.

How can that be?

Wasn't this supposed to be "strong" encryption?

Well it doesn't matter how strong your encryption is, if you don't keep the keys safe, then it becomes next to useless -- as the creators of the DVD scheme soon found out to their cost.

Although the encryption system used for DVDs (CSS) was basically okay, human error meant that the much-sought-after decryption keys were able to be lifted from a DVD player in which they were very poorly concealed in firmware.

Game over!

Since then, those who rely on such key-based security and control systems to protect themselves against hacking have been pretty vigilant -- but even the most well-funded, successful companies are not immune and an interesting story appeared in The Register today.

It seems that, some time ago, DJI (you know, the drone people) accidentally flagged a code repository as "public" on GitHub, thus exposing their keys to the world.

Some clever developer(s) decided to create a fork of the official software (keys and all) so as to create their own version, thus giving them the power to bypass the geofencing and other restrictions that are normally imposed by the DJI code.

Of course flagging the repository as "public" was a bit of a mistake on DJI's part so they issued a DMCA takedown request in an attempt to have the new fork (and the keys) removed.

Bad luck DJI. As clearly outlined in The Register article, by making their repository public (even if it had only been for a short while), they effectively agreed to allow others to fork their code and continue to publish it (keys and all).

So sad (LOL).

Now I suspect that DJI will take further legal action by way of civil or criminal suit, alleging that although they did make the repository public, it was not their intention to do so and that GitHub's refusal to remove the forked code and keys represents significant damage to DJI.

This will be lots of fun!

I guess the moral to the story is that you should *always* read the fine print when using any service and that even the best DRM or encryption can fall victim to human error so should never be considered "foolproof".

Please visit the sponsor!
Please visit the sponsor!

Have your say in the Aardvark Forums.

PERMALINK to this column


Rank This Aardvark Page

 

Change Font

Sci-Tech headlines

 


Features:

Beware The Alternative Energy Scammers

The Great "Run Your Car On Water" Scam

 

Recent Columns

Time, the ultimate creator
No, I haven't been smoking the wacky-baccy or indulging in mind-altering substances (beyond a glass of wine with my dinner) but you might think so after reading today's column...

Peak smartphone?
There was a time when many of us upgraded our PCs every couple of years because the technology was moving at such a fast pace that you'd see a significant improvement in power and performance with each new machine...

BBC resorts to clickbait
Sigh... clickbait and fake news are the stock and trade of the mainstream media these days and it appears that even the (once) almighty BBC are engaged...

A *billion* dollar idea
As I mentioned in my last column, Google has now equipped its Chrome browser with the ability to defeat the worst in aggressive advertising formats on the Web...

Chrome anti-competitive?
Google's Chrome browser now has a feature that will reportedly stop 97 percent of all those really annoying ads from interrupting your browsing experience...

What ever happened to fuel cells?
Electric vehicles are set to become the next big thing...

Can you sense the frustration?
When the current CEO of the South Waikato District Council took up his position several years ago, I invited him to my studio-workshop to discuss how I could help promote the district he now managed...

Is now a good time to wait?
I ran a CPU benchmark on my video rendering machine last night and was gobsmacked at how much slower it is than "state of the art" silicon...

Beyond a joke
Yes, today's column is another of those boring gripes about CAA and drones...

Plastic, a bigger threat than climate change?
A regular reader sent me an email the other day containing a link to a worrying report that everyone should read...

Babies versus boosters, no contest
Yesterday was a fantastic day for any geek, space enthusiast or anyone who has the heart and imagination of a little boy...