Designing devices to be remotely overridden is a bad idea
Bottom line: a device designed to be controlled and shut down against its owner's wishes is inherently less secure than a device that is designed to only do the stuff its owner asks of it. This is like the hoary cliche of the accidentally pressed self-destruct button on the spaceship in bad sf movies: wouldn't the spaceship be inherently safer if none of its intentional design outcomes included sudden, catastrophic explosion?
It's comparatively easy to make this work in closed specialized systems -- OnStar, airplane avionics, military hardware -- but much more difficult in open-ended systems. If you think Microsoft's vision could possibly be securely designed, all you have to do is look at the dismal effectiveness of the various copy-protection and digital-rights-management systems we've seen over the years. That's a similar capabilities-enforcement mechanism, albeit simpler than these more general systems.LinkAnd that's the key to understanding this system. Don't be fooled by the scare stories of wireless devices on airplanes and in hospitals, or visions of a world where no one is yammering loudly on their cellphones in posh restaurants. This is really about media companies wanting to exert their control further over your electronics. They not only want to prevent you from surreptitiously recording movies and concerts, they want your new television to enforce good "manners" on your computer, and not allow it to record any programs. They want your iPod to politely refuse to copy music a computer other than your own. They want to enforce their legislated definition of manners: to control what you do and when you do it, and to charge you repeatedly for the privilege whenever possible.
the latest
latest episodes
Schneier is always worth reading; but I find that I'm getting depressed lately by all the "security" blabber that's ultimately not about security at all but rather about someone else controlling ever more aspects of my life.
Hardly anyone in politics and few people in tech business seem to be willing to think of citizens as responsible grown-ups these days, and few citizens seem to feel how patronizing and disdainful they're treated.
Yeah, our local energy company is offering free web-enabled thermostats (http://www.txu.com/Press_Releases_8614.htm), but included in that is the energy company's ability to "cycle on and off" upir AC unit at peak times.
Allegedly you can override that yourself through a browser, or by calling them, but it seems like a sneaky foot-in-the-door/trojan horse thing.
Dunno. Will have to look at the contract very carefully.
This is just like that recent Doctor Who episode in which the emission control systems in all the cars in the world were actually Trojan Horse devices for the invading aliens.
GM is giving cops remote control of its cars? Good luck with those declining sales, guys.
On the other hand, I'd like my cellphone (for instance) to be location aware. I agree that it's a bad idea to have devices that can be completely overridden remotely, but I'd also like to be able to have my phone automatically mute when I go to the movies. I'd like to be able to turn off the feature, but that doesn't mean I'm not interested in having it. After all, lots of convenient things come at the expense of some security. It's a matter of balance. Also, I don't want it on buses. Or on my cars.
In the doctor who episode though, there was no reason to throw the baby out with the bathwater and not use the emissions free aspect of evil-onstar. That was just silly.
new technology deployed to stop the movie-plot threat of bus-hijackers ramming them into buildings can be used to shut down bus-engines.
or remotely take control of airplanes... oh, shhh.
You can watch "Star Trek: Wrath of Khan" for the movie-plot version of how remote control of your equipment will save the world. Kirk remotely disables Khan's hijacked Federation ship. Never mind that it only works because Khan doesn't know about the remote control himself. (and neither did the writers until they needed a way for Kirk to get out of an inescapable jam, but that's another matter)
Anyway, that's the dream version of it.
See Will Smith in "AI" for the nightmare version.
This would be a bad idea. What if a scenario like the movie Speed happens.
So... somebody just needs to design a "TV B Gone" for cars, obviously.
let them do what they want. It only becomes frightening when laws are passed against defeating these remote controls. Keep your phone in a faraday cage, defeat the event recorder in your car, disconnect remote switches, smash the RFIDs in your transit cards, use cash for everything, lie to the government at every turn no matter how petty, wear disguises in CCTV areas, use encryption for everything, make it all habitual.
People who live in jungles unthinkingly avoid poisonous plants, venomous insects, deadly snakes, fanged beasts, dangerous terrain and murderous weather changes. And they do it without effort and enjoy their lives.
Bruce is one of my favorites. His mind is working properly.
Designing devices to be remotely overridden is a bad idea
And yet, politicians keep pushing for "smart guns" that require authentication to operate...
Any chance we could push for smart politicians that only operate when they're actually elected?
Schneier is an articulate voice of wisdom. I'm curious to know if anyone can provide evidence of any politicians and planners actually listening to him? His only visible impact I can think of at the moment is that I believe he can be credited with popularizing the phrase "security theater" and that this phrase has become part of the blogosphere's vocabulary.
Something less chaotic and maybe more debatable is the use of anti-drunk technologies in cars that if it senses certain amount of alcohol the car won't turn on - but what happens if the driver is about to get mugged or some life-or-death event? not really what Microsoft is patenting but has
similar issues.
what we need is some movie plot horror story where the crazy person corners some people in their home, uses the remote disable to disable the person's cell phone completely, uses remote to disable home security, uses the remote to shut off the car so they can't escape, and so on, and have it be clear those remotes allowed an hour and a half of hannibal lector type scenes.
show how the technology could be abused and misused.
@GREGLONDON #16:
The hard part will be crafting the story in such a way that people see the poorly implemented remote disable technology as the "bad guy", rather than "another crazy hacker dude!" (By poorly implemented I mean "comes from the factory with remote disable disabled")
Otherwise we just get nastier laws against "unauthorized use of remote connection technology".
Which, of course, leads to some kid being put in jail for having the temerity to be trying to operate a toy R/C car that has the same frequency as the toy R/C car the local police chief is trying to use...
only the Amish will survive
Honest, officer! the rifle pried itself out of my warm, undead hands!
Do a remake of Lady In A Cage. Rich widow alone in a house. Ringleader of the intruders used to work for the power company, jokes to his buddies about what he learned working there and how easy it is. Have one of the systems failing for different reasons inherent in their design. Henchman asks "Was that you too?" Ringleader: "Nope, those crap out all the time."
@sterlinm #5
Your Cell phone can be location aware. I've seen software you can add to Symbian60 phones that use the cell tower identity information to change settings on your phone or send SMS when you reach a certain location.
Oooooooh, don't forget the remotely detonating cell phone in "Fifth Element"!
Woot!