Google
 

Aardvark Daily

New Zealand's longest-running online daily news and commentary publication, now in its 24th year. The opinion pieces presented here are not purported to be fact but reasonable effort is made to ensure accuracy.

Content copyright © 1995 - 2018 to Bruce Simpson (aka Aardvark), the logo was kindly created for Aardvark Daily by the folks at aardvark.co.uk



Please visit the sponsor!
Please visit the sponsor!

Owch, that's gotta hurt!

26 January 2018

Anything that is done by man can be undone by man.

Well I think we all know that this saying is a bunch of baloney (just try unshooting someone in the head) but there are cases where it does apply -- such as encryption.

Hands up everyone who remembers how new-fangled (at the time) DVDs were supposed to protect the movies and TV shows that were on them by using a fancy encryption system?

That encryption system was supposed to be virtually uncrackable -- yet it didn't take too long before there was all manner of decryption software available that let you rip those disks to your hard-drive or transcode them into whatever format you wanted.

How can that be?

Wasn't this supposed to be "strong" encryption?

Well it doesn't matter how strong your encryption is, if you don't keep the keys safe, then it becomes next to useless -- as the creators of the DVD scheme soon found out to their cost.

Although the encryption system used for DVDs (CSS) was basically okay, human error meant that the much-sought-after decryption keys were able to be lifted from a DVD player in which they were very poorly concealed in firmware.

Game over!

Since then, those who rely on such key-based security and control systems to protect themselves against hacking have been pretty vigilant -- but even the most well-funded, successful companies are not immune and an interesting story appeared in The Register today.

It seems that, some time ago, DJI (you know, the drone people) accidentally flagged a code repository as "public" on GitHub, thus exposing their keys to the world.

Some clever developer(s) decided to create a fork of the official software (keys and all) so as to create their own version, thus giving them the power to bypass the geofencing and other restrictions that are normally imposed by the DJI code.

Of course flagging the repository as "public" was a bit of a mistake on DJI's part so they issued a DMCA takedown request in an attempt to have the new fork (and the keys) removed.

Bad luck DJI. As clearly outlined in The Register article, by making their repository public (even if it had only been for a short while), they effectively agreed to allow others to fork their code and continue to publish it (keys and all).

So sad (LOL).

Now I suspect that DJI will take further legal action by way of civil or criminal suit, alleging that although they did make the repository public, it was not their intention to do so and that GitHub's refusal to remove the forked code and keys represents significant damage to DJI.

This will be lots of fun!

I guess the moral to the story is that you should *always* read the fine print when using any service and that even the best DRM or encryption can fall victim to human error so should never be considered "foolproof".

Please visit the sponsor!
Please visit the sponsor!

Have your say in the Aardvark Forums.

PERMALINK to this column


Rank This Aardvark Page

 

Change Font

Sci-Tech headlines

 


Features:

Beware The Alternative Energy Scammers

The Great "Run Your Car On Water" Scam

 

Recent Columns

So much money wasted to ignorance
I have been keeping an eye on a number of different technologies around the world of the past decade or so and it makes my eyes water...

Entertainment, the future of mankind
Many years ago, humans lived a subsistence life...

Iceberg? What iceberg?
New Zealand has a relatively healthy, robust economy...

Jesus wept, Google again!
What, this is the third column in a row I'm writing about Google and (yet again), it's not good news...

Get out of the way Chrome!
I am a big boy now...

Google+ headed for the knackers yard
One of the worst things ever forced upon Internet users... that's how *I* would describe Google+...

A worrying trend
Hands up everyone who remembers HAM radio?...

Bloomberg goes all "fake news"?
There was a time, back in the 1990s, when Bloomberg was a respected and trusted source of news -- especially financial news...

The tech equivalent of clean needles?
Drug abuse is a big problem around the world. So big in fact, that the USA declared a war against drugs several decades ago...

Nothing to charge
Apparently we're headed for a battery shortage...

A forgotten password could cost you $5,000
You had better not forget the password for your phone or laptop if you're traveling in or out of New Zealand from this point forwards...