www-malware-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

malware-cars.html proprietary.html proprietary-insecurity.html

From: Diff Report
Subject: malware-cars.html proprietary.html proprietary-insecurity.html
Date: Mon, 09 Jan 2023 00:01:17 -0500 
Modified:

    malware-cars.html
    proprietary.html
    proprietary-insecurity.html

diff -rNU2 malware-cars.html malware-cars.html
--- malware-cars.html   2022-12-14 05:02:28.099273019 +0000
+++ malware-cars.html   2023-01-09 05:01:16.175904284 +0000
@@ -60,4 +60,21 @@
 
 <ul class="blurbs">
+  <li id="M202211301">
+    <!--#set var="DATE" value='<small class="date-tag">2022-11</small>'
+    --><!--#echo encoding="none" var="DATE" -->
+    <p>Hackers discovered <a
+    href="https://samcurry.net/web-hackers-vs-the-auto-industry/";> dozens
+    of flaws in the security (in the usual narrow sense) of many brands
+    of automobiles</a>.</p>
+
+    <p>Security in the usual narrow sense means security against unknown
+    third parties. We are more concerned with security in the broader
+    sense&mdash;against the manufacturer as well as against unknown
+    third parties. It is clear that each of these vulnerabilities can
+    be exploited by the manufacturer too, and by any government that
+    can threaten the manufacturer enough to compel the manufacturer's
+    cooperation.</p>
+  </li>
+
   <li id="M202208220">
     <!--#set var="DATE" value='<small class="date-tag">2022-08</small>'
@@ -443,5 +460,5 @@
      Information document, www.gnu.org/prep/maintain. -->
 
-<p>Copyright &copy; 2017-2022 Free Software Foundation, Inc.</p>
+<p>Copyright &copy; 2017-2023 Free Software Foundation, Inc.</p>
 
 <p>This page is licensed under a <a rel="license"
@@ -453,5 +470,5 @@
 <p class="unprintable">Updated:
 <!-- timestamp start -->
-$Date: 2022/08/28 07:17:03 $
+$Date: 2023/01/08 17:55:29 $
 <!-- timestamp end -->
 </p>
diff -rNU2 proprietary.html proprietary.html
--- proprietary.html    2022-12-14 05:02:28.243273153 +0000
+++ proprietary.html    2023-01-09 05:01:16.215904288 +0000
@@ -226,4 +226,21 @@
 
 <ul class="blurbs">
+  <li id="M202211301">
+    <!--#set var="DATE" value='<small class="date-tag">2022-11</small>'
+    --><!--#echo encoding="none" var="DATE" -->
+    <p>Hackers discovered <a
+    href="https://samcurry.net/web-hackers-vs-the-auto-industry/";> dozens
+    of flaws in the security (in the usual narrow sense) of many brands
+    of automobiles</a>.</p>
+
+    <p>Security in the usual narrow sense means security against unknown
+    third parties. We are more concerned with security in the broader
+    sense&mdash;against the manufacturer as well as against unknown
+    third parties. It is clear that each of these vulnerabilities can
+    be exploited by the manufacturer too, and by any government that
+    can threaten the manufacturer enough to compel the manufacturer's
+    cooperation.</p>
+  </li>
+
   <li id="M202211140">
     <!--#set var="DATE" value='<small class="date-tag">2022-11</small>'
@@ -282,75 +299,4 @@
     backdoor that was remotely used to unlock it.</p>
   </li>
-
-  <li id="M202209000">
-    <!--#set var="DATE" value='<small class="date-tag">2022-09</small>'
-    --><!--#echo encoding="none" var="DATE" -->
-    <p><a hreflang="ja"
-    href="https://ja.wikipedia.org/wiki/B-CAS";>B-CAS</a> <a
-    href="#m1">[1]</a> is the digital restrictions management (DRM) system
-    used by Japanese TV broadcasters, including state-run TV. It is sold
-    by the B-CAS company, which has a de-facto monopoly on it. Initially
-    intended for pay-TV, its use was extended to digital free-to-air
-    broadcasting as a means to enforce restrictions on copyrighted
-    works. The system encrypts works that permit free redistribution
-    just like other works, thus denying users their nominal rights.</p>
-
-    <p>On the client side, B-CAS is typically implemented by a card
-    that plugs into a compatible receiver, or alternatively by a tuner
-    card that plugs into a computer. Beside implementing drastic copying
-    and viewing restrictions, this system gives broadcasters full power
-    over users, through back doors among other means. For example:</p>
-
-    <ul>
-      <li>It can force messages to the user's TV screen, and the user
-      can't turn them off.</li>
-
-      <li>It can collect viewing information and share it with other
-      companies to take surveys. Until 2011, user registration was
-      required, so the viewing habits of each customer were recorded. We
-      don't know whether this personal information was deleted from the
-      company's servers after 2011.</li>
-
-      <li>Each card has an ID, which enables broadcasters to force
-      customer-specific updates via the back door normally used to update
-      the decryption key. Thus pay-TV broadcasters can disable decryption
-      of the broadcast wave if subscription fees are not paid on time.
-      This feature could also be used by any broadcaster (possibly
-      instructed by the government) to stop certain persons from watching
-      TV.</li>
-
-      <li>Since the software in receivers is nonfree, and tuner cards are
-      designed for either Windows or MacOS, it is impossible to legally
-      watch Japanese TV from the Free World.</li>
-
-      <li>As the export of B-CAS cards is illegal, people outside Japan
-      can't (officially) decrypt the satellite broadcast signal that may
-      spill over to their location. They are thus deprived of a valuable
-      source of information about what happens in Japan.</li>
-    </ul>
-
-    <p>These unacceptable restrictions led to a sort of cat-and-mouse
-    game, with some users doing their best to bypass the system, and
-    broadcasters trying to stop them without much success: cryptographic
-    keys were retrieved through the back door of the B-CAS card, illegal
-    cards were made and sold on the black market, as well as a tuner for
-    PC that disables the copy control signal.</p>
-
-    <p>While B-CAS cards are still in use with older equipment, modern
-    high definition TVs have an even nastier version of this DRM (called
-    ACAS) in a special chip that is built into the receiver. The chip
-    can update its own software from the company's servers, even when
-    the receiver is turned off (but still plugged into an outlet). This
-    feature could be abused to disable stored TV programs that the power
-    in place doesn't agree with, thus interfering with free speech.</p>
-
-    <p>Being part of the receiver, the ACAS chip is supposed to be
-    tamper-resistant. Time will tell&hellip;</p>
-
-    <p id="m1"><small>[1] We thank the free software supporter who
-    translated this article from Japanese, and shared his experience of
-    B-CAS with us. (Unfortunately, the article presents DRM as a good
-    thing.)</small></p>
-  </li>
 </ul>
 <p class="button right-align">
@@ -405,5 +351,5 @@
      Information document, www.gnu.org/prep/maintain. -->
 
-<p>Copyright &copy; 2013-2022 Free Software Foundation, Inc.</p>
+<p>Copyright &copy; 2013-2023 Free Software Foundation, Inc.</p>
 
 <p>This page is licensed under a <a rel="license"
@@ -415,5 +361,5 @@
 <p class="unprintable">Updated:
 <!-- timestamp start -->
-$Date: 2022/12/13 15:29:34 $
+$Date: 2023/01/08 17:55:29 $
 <!-- timestamp end -->
 </p>
diff -rNU2 proprietary-insecurity.html proprietary-insecurity.html
--- proprietary-insecurity.html 2022-12-14 05:02:28.251273160 +0000
+++ proprietary-insecurity.html 2023-01-09 05:01:16.219904288 +0000
@@ -114,4 +114,21 @@
 
 <ul class="blurbs">
+  <li id="M202211301">
+    <!--#set var="DATE" value='<small class="date-tag">2022-11</small>'
+    --><!--#echo encoding="none" var="DATE" -->
+    <p>Hackers discovered <a
+    href="https://samcurry.net/web-hackers-vs-the-auto-industry/";> dozens
+    of flaws in the security (in the usual narrow sense) of many brands
+    of automobiles</a>.</p>
+
+    <p>Security in the usual narrow sense means security against unknown
+    third parties. We are more concerned with security in the broader
+    sense&mdash;against the manufacturer as well as against unknown
+    third parties. It is clear that each of these vulnerabilities can
+    be exploited by the manufacturer too, and by any government that
+    can threaten the manufacturer enough to compel the manufacturer's
+    cooperation.</p>
+  </li>
+
   <li id="M202210140">
     <!--#set var="DATE" value='<small class="date-tag">2022-10</small>'
@@ -1321,5 +1338,5 @@
      Information document, www.gnu.org/prep/maintain. -->
 
-<p>Copyright &copy; 2013, 2015-2022 Free Software Foundation, Inc.</p>
+<p>Copyright &copy; 2013, 2015-2023 Free Software Foundation, Inc.</p>
 
 <p>This page is licensed under a <a rel="license"
@@ -1331,5 +1348,5 @@
 <p class="unprintable">Updated:
 <!-- timestamp start -->
-$Date: 2022/12/05 11:23:10 $
+$Date: 2023/01/08 17:55:29 $
 <!-- timestamp end -->
 </p>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]