Can't they just scroll through to find the one that matches. Although maybe far easier to go into the real world and just wait until you see a car like the one you want to clone.
24 posts • joined 14 Mar 2019
Tesco parking app hauled offline after exposing 10s of millions of Automatic Number Plate Recognition images
Re: Hash/UUID collision
The birthday problem for this sort of clashes is well studied.
If they did use 128 bit hashes, then the probability of a clash is very low even for billions of images.So I guess that either
1. They really do have billions of hashes, and were just (un)lucky here.
2. Somebody has worked out the algorithm used and manufactured a hash collision.
3. They are using far fewer than 128 bits.
4. This wasn't a hash attack.
Given the combination of account it happened with, and the image that ended up being used, I would tend towards this being something that was done deliberately.
Re: Review changes to 3rd party code
The problem is that people don't want to re-invent the wheel constantly. So reusing somebody else's code makes it simple to build things on top of other components.
The problem comes that people don't review what they are importing, the repositories have no quality control so act as dumping grounds, and then people blindly take updates.
Also people create pointless components that aren't worth using. For example the wonderful is-even:
Review changes to 3rd party code
Once again the blindly pulling of third party code causes problems.
The only way to stay secure is to specify a version, and audit all changes.
If building into your own code, then fix the versions, and check and changes.
WTF is Boeing on? Not just customer databases lying around on the web. 787 jetliner code, too, security bugs and all
Thank god he only had rudimentary tools
Boeing say “IOActive reviewed only one part of the 787 network using rudimentary tools, and had no access to the larger system or working environments"
I read "If he had reviewed more parts of the network, and had other tools, then he may have worked out how to jump between the network segments"
Backdoors won't weaken your encryption, wails FBI boss. And he's right. They won't – they'll fscking torpedo it
Block P2P comms
But maybe the next phase will be to stop people being able to communicate except with approved providers. Your ISP will be mandated to prevent you sending messages to anywhere else.
Then to finish it off, all providers will need to stop you uploading encrypted content as well. Imagine if people used some sort of encrypted message, sent over email. The horror.
Re: What is overflowing?
That makes it sound like they were trying to allocate individual header bits to different fields. So 28 bits only would give them 74 hours, but that wasn't enough, and 30 bits gave 300 which would never be needed, so they choose 29 bits.
I guess they then didn't write any test cases for overflow. I can imagine the problem is that they haven't wrapped the comparison operation correctly. So the newest data ends up looking very old.
What is overflowing?
Any ideas about what is overflowing? 149 hours of seconds doesn't seem to be that obvious a limit, but I guess they probably have rounded down a little to stop planes falling out of the sky.
I've seen issues similar to the Boeing one turn up in less critical places. Found my customers since in internal testing no system was left up for long enough.
AI can now animate the Mona Lisa's face or any other portrait you give it. We're not sure we're happy with this reality
Note that the client performs the same authentication procedure as the router. Therefore the side-channel methods also apply to the client. This means that observing the memory access patterns is far more of an issue on the client.
The downgrade attacks also are against the client, not the router. The attacker spoofs the access point, and tells the client that it doesn't support WPA3, so the client tries WPA2.
Basically that they were selling stuff at less than they could buy it for. So whilst impacting their profit and loss in a bad way, making their revenue apparently be growing.
Probably based on the reasoning that a startup isn't supposed to be making any profit in the early days, and is trying to gain market share.
OMG, think of the GDPR issues.
3000 contact details, clearly he wants to keep in touch with a lot of people. :-)
Although it isn't clear if this is just their email addresses, or other stuff. I'm sure they monitor all their emails anyway, so any poaching attempts to their work email would be pointless.
Re: Confusion due to lax use of terminology in RFC?
This comes down to the fact that ASN.1 is used in the certificate. The RFC uses an INTEGER type, which is signed. This means anything reading the certificate must treat this as a signed number. The size of the integer can be varied, and the RFC says up to 20 octets. Obviously you could take a 64 bit unsigned, and if the top bit was set, encode this as 9 octets, and if it was unset use fewer (right down to 1 for some very small serial numbers), but clearly they decided to use a signed value.
The IETF certificate on https://tools.ietf.org/html/rfc5280 uses 9 octets for exactly this reason, top octet is 0.