Le vendredi 07 novembre 2008 à 17:15 +0100, Johannes Wiedersich a écrit : > Josselin Mouette wrote: > > This reasoning, as any security-by-obscurity one, is completely flawed. > > As long as the firmware is distributed separately, you can modify it, > > whether it is open source or not. Not having the source never prevented > > people from making modifications. > > Even if it is no guarantee for prevention of modifications, it makes > those much more difficult. Or so you think. There are people who can read assembly and hex just as easily as I read C sources. It would probably take only a few days of testing for a hacker with the appropriate skills to remove firmware restrictions for reaching a frequency range, for example. > It is not a bug that certain _hardware_ has more capabilities than is > reasonable to offer the user to tweak. Even if a physical radio > transmitter (wifi, cell phone, radio,) is technically capable of > transmitting/receiving at many frequencies, it is usually not desirable > to have any average user actually _use_ it at any frequency they wish. > > I'm fully in favour of open source and people tweaking the code running > on their computers, but I'd have to stop leaving the house, if people > started to mess with the software controlling the breaks of their cars... Being in favor of open-sourcing firmwares (including those controlling critical security devices in cars) does not mean being in favor of letting anyone ship their own version. In such cases, there needs to be some appropriate process to validate the new versions and to enforce it legally. Just like you are not allowed to make any modification you like in your engine, you should not be allowed to make modifications in the car’s firmware. And just like modifying the engine without the original plans makes it more likely to fail, the same holds for a firmware you’d modify without source. > > Bullshit. You’ll have a hard time finding a court that will conclude > > that the manufacturer is liable instead of the person who has actually > > modified and distributed the firmware. Especially if the manufacturer > > disclaims clearly any responsibility for modifying it in the > > documentation. > > You'll have a hard time to prove that it was some modified firmware... > - that killed the person with the pace maker or > - that caused the accident by differently controlling the car's > electronics or > - that causes the connection problems in your flat (via neighbours > trying to increase the range of their wireless). Indeed. But you can still use a modified firmware, even without the source. If ill-intentioned people wanted to do it, this would already be quite feasible. > >> Such sensibel stuff must be protected... > > > > It will NEVER be protected by ideas as stupid as just keeping the source > > closed. > > Closed source might not indefinitely protect it. But open source in some > cases might outright jeopardize it. Sure. We all know how closing the source of DVD decoders and Wii firmwares prevented people from cracking them. If people have the motivation to ship modified versions, they *will* ship modified versions. Closing your eyes will not stop it from happening. To go back to the wifi transmitter example: the average hacker doesn’t care of being able to reach frequencies that are not standard for Wifi, except if he wants to see people dressed in black search in the surroundings. However, a spy may be interested in making such modifications to jam military frequencies, for example. Currently there is nothing preventing him to do so. If the firmware was open source, nothing of this would change. > Don't forget that there is good reason why even our beloved Debian > employs 'security by obscurity' before the DSA is out and patched > packages are available... I don’t see how this is related. > Again that's not to say that closed source guarantees security. But maybe > it helps in certain cases. This is what those keeping their sources closed wish. But there are no fairies to grant this wish. -- .''`. : :' : We are debian.org. Lower your prices, surrender your code. `. `' We will add your hardware and software distinctiveness to `- our own. Resistance is futile.
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=