Tag Archives: security

Who Wants Their Car to Be a Rolling Windows PC?

This story in the New York Times (h/t to BookofJoe for the lead) shouldn't have surprised me since I regularly have to re-boot the one late-model car I own, but with paragraphs like these it's hard not to be shocked:

The scientists say that they were able to remotely control braking and other functions, and that the car industry was running the risk of repeating the security mistakes of the PC industry.

“We demonstrate the ability to adversarially control a wide range of automotive functions and completely ignore driver input — including disabling the brakes, selectively braking individual wheels on demand, stopping the engine, and so on,” they wrote in the report, “Experimental Security Analysis of a Modern Automobile.”

We're so very hosed.

The Dangers of Living in a Chicken Little Society

Bruce Schneier explains why basing decisions solely on "worst case scenarios" is not a good thing.  

There's a certain blindness that comes from worst-case thinking. An extension of theprecautionary principle, it involves imagining the worst possible outcome and then acting as if it were a certainty. It substitutes imagination for thinking, speculation for risk analysis, and fear for reason. It fosters powerlessness and vulnerability and magnifies social paralysis. And it makes us more vulnerable to the effects of terrorism.

Worst-case thinking means generally bad decision making for several reasons. First, it's only half of the cost-benefit equation. Every decision has costs and benefits, risks and rewards. By speculating about what can possibly go wrong, and then acting as if that is likely to happen, worst-case thinking focuses only on the extreme but improbable risks and does a poor job at assessing outcomes.

h/t to Ed Cone for the link.