Password protection (Rally Antilag anytime soon?)

[Matt Cramer]

The problem is "when engine is broken.... is broken...." then it does not matter who is responsible.
The objective is not to break the engine.....

If you eliminate the problem (damage engine), no discussion with proprietary of vehicle....

On the other hand, it would be far easier to implement a means to detect tampering that would thwart someone who can't be bothered to read normal instructions, than to achieve a total lockout. As others had noted, the password protected Motec and Haltech systems don't have a total lockout, either, so asking for a truly secure system would be to ask for something well beyond what is currently available in aftermarket ECUs.

And I should add that any decent tune encryption is going to be immune to normal cryptography attacks - if all you have is the tune file. Suppose I took an MSQ file and added the same integer from 0 to 15 to every value in the VE and spark table. That's a FOUR BIT encryption key. If it had been applied to a text message, it would be easy for a codebreaker to break it by hand, let alone a computer based attack. But when it's pure numbers that have no pattern, figuring out the key is going to be nearly impossible. However, if you are able to access the processor or a data log, that's another story...

[The Deviant]

The problem is "when engine is broken.... is broken...." then it does not matter who is responsible.
The objective is not to break the engine.....

If you eliminate the problem (damage engine), no discussion with proprietary of vehicle....

...or a better solution is to not offer a warranty like that. Problem solved.

Just to take the discussion farther: What if a "high performance tune" was done - one that required race fuel (110+ octane (R+M/2) to be run, and the user didn't run race gas, and instead decided to use 87 octane pump gas (R+M/2) (either by accident or on purpose)? Now they have holes in the pistons. Would that make sense to warrant, too? I mean, how would you prove the user was at fault, versus the tune?

Warranties should not be offered on things beyond your control.

[aut0m4tic1]

Lets first remember that you chose to work with a system where the source code and serial protocol are published for all to learn from. MS has evolved into a community. Some are electronics guys some racers, some weekend warriors, some college students and some professional tuners. There have been lots of accessory products and community developed/dreamed-up code, and we have all benefited from this. (MS is not the first standalone in my car, but it's certainly the last! )
The open nature of MS is what makes it great and also affordable. In my opinion, if you can't compete with the other brands with your current tuning skills, either put your focus on improving them or come up with or pay for your own security scheme.
The developers could work forever on a security scheme and then have to debug and support it with only a small gain on some end users part.
I just don't think it's worth it.

"Every time they come up with something foolproof, somebody comes up with a better fool"

Again just an opinion.

[jsmcortina]

For reference, tune comparison is easy right now. There's a serial command to request the CRC of each data page. TS already uses it.

So it would be fairly straightforward to create a prog that just interrogated the ECU and spat out the CRC of all of the tuning data pages - so you could see if it was the same.

James

[masterx81]

For reference, tune comparison is easy right now. There's a serial command to request the CRC of each data page. TS already uses it.

So it would be fairly straightforward to create a prog that just interrogated the ECU and spat out the CRC of all of the tuning data pages - so you could see if it was the same.

James

But if the original msq is restored?
I think that a "digital sign" is at least necessary. The problem is how to randomize the digital sign to know if the tune was overwritten or changed. Maybe reading all ad channels, plus the secL field, then do some math for get a 'digital sign' is enough? It's really difficult to reacreate the condition of every single ad channel.... Someone can still read the tune, but at least if there is a write, you can know it.
The digital sign will be stored also on the msq, for reference.
Is the mcu is read protected (not possible to read the flash via a programmer) i find really difficult to bypass this "checksum"

[jasaircraft]

we dont really offer a warranty for this type of things, as in almost any high performance discipline its kinda ridiculous to have warranties but, when bad things happen, owners and other people will ALWAYS blame what they dont really understand, in the case of cars its definatelly engine management systems... and then discussions take place etc etc.
We want to avoid that.

If a superhacker in the UK or in Japan manages to crack his way into ms tunes, then let him.. who cares, he will probably not publish it anyways and it will probably take some time till someone does it... besides if the guy is as smart ass to crack a tune he will probably know how to tune his engine, and we all know that if you know your stuff we dont really need anyone else's tunes.

Like I mentioned the ideal way is:
The option of password lock on the tune and on specific channel data (specified by the tuner)(motec has this options) without affecting the datalog option in the SD card.
The possibility to overwrite the whole thing with your own stuff if its locked (create your own base tune)former tuner will obviously notice password change or absence.

The way I see it there are no losses in that, only the lazy guys or the ones that don't know how to setup and tune will loose from not being able to copy other's efforts.

my 4 cents now lol...

[HidRo]

besides if the guy is as smart ass to crack a tune he will probably know how to tune his engine,

This made me laugh a bit. So it means that every super geek is a car tuner? And every car tuner is a super geek?

[jasaircraft]

besides if the guy is as smart ass to crack a tune he will probably know how to tune his engine,

This made me laugh a bit. So it means that every super geek is a car tuner? And every car tuner is a super geek?

Hahaha not necessarily but he's probably got the skills and brain for both things ;)

Tuning an ems system for Stephen Hawkins is probably as easy for him as the abc is for us lol.

[atomic6]

besides if the guy is as smart ass to crack a tune he will probably know how to tune his engine,

This made me laugh a bit. So it means that every super geek is a car tuner? And every car tuner is a super geek?

Hahaha not necessarily but he's probably got the skills and brain for both things ;)

Tuning an ems system for Stephen Hawkins is probably as easy for him as the abc is for us lol.

What you are missing is that even smart,capable people NEVER have enough time to get everything done......

Which becomes evident in your trivializing of the efforts involved in a project like this. Like, when you say "let someone crack it" and then elude that "cracker" not effecting your interests.(all that seems to matter to you)

That massive effort will become mute, when a crack ultimately becomes available. Then the few users of that "broken" feature can suck even more time away from actual, community supported, product development.

My 2 cents.....

[muythaibxr]

I only have one thing to say on this thread....

Our time is not "free." This is not an easy request to do since we didn't design with it in mind in the first place.

We'd have to redesign several components from the ground up to be properly secure, swap over to using those new components on all new hardware (some of those components are not user-upgradable either, so old hardware would not be able to use them).

IMHO passwords on tunes is more of a next generation hardware sort of feature. I don't think we will do it in the current generation.

If the main request is to be able to tell that a user changed a tune, there are many ways to do that now, and there are other ways we can modify the firmware to make it so it's very difficult to change the tune without you knowing.

Ken

[jasaircraft]

What you are missing is that even smart,capable people NEVER have enough time to get everything done......

Which becomes evident in your trivializing of the efforts involved in a project like this. Like, when you say "let someone crack it" and then elude that "cracker" not effecting your interests.(all that seems to matter to you)

That massive effort will become mute, when a crack ultimately becomes available. Then the few users of that "broken" feature can suck even more time away from actual, community supported, product development.

My 2 cents.....

So by your logic, why fight poverty since it will be there anyways... :/
Why put locks in car doors if they can be stolen anyways :/
Million examples...

[jsmcortina]

So by your logic, ...

Are you willing to fund development of this minority interest feature?

James

[The Deviant]

It seems there are basically two reasons people want the password:

a) Because they tune for profit, and don't want someone copying their "expensive tunez"
b) Because they tune for profit, and don't want someone messing with settings in their "expensive tunez" that would possibly 'break' things that they have warrantied
(* I'm sure there are more motivations, but these seem to be the common ones that are expressed in this thread and the other thread.)

The commonality is the "they tune for profit".

...and there is no problem with that, per se. My problem with this is (in addition to what DaveEFI said) that the people who are making this money on their "tunez" and such still only contribute the same amount a hobbyist does (i.e. purchasing the MS3 board, etc.) to the MS developers. I don't see these 'tunerz' asking for, or working towards a "commercial license", or permission (paid license?) to fork the code, so that they can pay to have the features added. Instead, they are just requesting developer resources to design features solely to enhance/protect their own bottom lines, while adding no benefit to the general MS community - and that just seems wrong. It might be different if they were giving a percentage of the profits back to the developers or something, but... ...yeah.

[jasaircraft]

So by your logic, ...

Are you willing to fund development of this minority interest feature?

James

Hi james
I believe im already doing my share of funding by selling megasquirts to my clients, (i hope the people manufacturing and developing arent doing this for free) as well as other people around the world that maybe havent even seen this thread.
I believe a census to all people installing megasquirts hasnt been done to gather enough data to know which are or are not minorities, and who sells more or less ecus in a period of time.
I also believe minorities should at least be heard.
Just my opinion as Ive been doing this for a living for some 7 years by now...
I would also like MS to have the biggest share of the regional market, leaving the haltech and pandoo dealres behind. The guys dealing motecs are in a different market for severall reasons im trying to break into this market with MS too.
Best regards,
Jose

[juansh2385]

So by your logic, ...

Are you willing to fund development of this minority interest feature?

James

Hi james
I believe im already doing my share of funding by selling megasquirts to my clients, (i hope the people manufacturing and developing arent doing this for free) as well as other people around the world that maybe havent even seen this thread.
I believe a census to all people installing megasquirts hasnt been done to gather enough data to know which are or are not minorities, and who sells more or less ecus in a period of time.
I also believe minorities should at least be heard.
Just my opinion as Ive been doing this for a living for some 7 years by now...
I would also like MS to have the biggest share of the regional market, leaving the haltech and pandoo dealres behind. The guys dealing motecs are in a different market for severall reasons im trying to break into this market with MS too.
Best regards,
Jose

You are wrong if you think that you are already "doing your share of funding" just by selling ms. You shouldn't assume this kind of thing and if the main developers are telling you that it is a lot of work for doing this for free as they are saying, what gives you the right to Demand a feature that has been ask many time before and rejected.

You have no right to lock something that you sold, that's basically what you are asking and this was discuss before. If your worries are really for warranties it was already said that measures for notifying of tampering in the tune can be implemented and DO NOT REQUIRE A PASSWORD. I have heard a lot of reason but in the end the warranties are the only ones that i can more or less identify with and I am pretty sure that with a tampering meter or notifier if ever implemented will be enough for warranties void. I hope this does not offend people but Most tuners that know what they are doing don't care if any body sees their work(tunes) they know that that tune is for a specific engine and will not have the same result in other engines the same can be said for configurations etc that depends in how the ms ecu is wired in the car and the hardware that what use for the original installation.

Juan

[Matt Cramer]

If the main request is to be able to tell that a user changed a tune, there are many ways to do that now, and there are other ways we can modify the firmware to make it so it's very difficult to change the tune without you knowing.

Ken

I kind of like the signed tune / tampering detection idea, if it isn't too difficult to implement. It would meet the needs of several groups - resellers who offer a warranty and want to void it if the tune is changed, and racing sanctioning bodies who want to mandate a spec tune (or at least prevent people from engaging traction control and the like). It's not a must-have for me, but it would be useful.

One other comment on securing tunes - if the ECU has any way to edit the tune or upload the firmware, making it totally secure is a challenge even OEMs struggle with. Anyone remember when Nissan announced the ECU on the latest GTR was unhackable? Sure enough, about six months later, Cobb Tuning released an AccessPort tuner for it. I'm not sure if this was a massive case of hubris on Nissan's part, or if they were deliberately saying, "Ok, tuners, the race to hack our ECU is officially on!"

[masterx81]

I've already expressed my 2 cents:

I think that a "digital sign" is at least necessary. The problem is how to randomize the digital sign to know if the tune was overwritten or changed. Maybe reading all ad channels, plus the secL field, then do some math for get a 'digital sign' is enough? It's really difficult to reacreate the condition of every single ad channel.... Someone can still read the tune, but at least if there is a write, you can know it.
The digital sign will be stored also on the msq, for reference.
Is the mcu is read protected (not possible to read the flash via a programmer) i find really difficult to bypass this "checksum"

If the flash is programmed with 'read protect' flag (so the sign can't be changed with a programmer), and there are no serial/can commands to write the sign (only calculated inside the ecu), this will be quite 'temper proof'. Impossibile to replicate with precision all the ad channels.
I also think that this will be quite easy to implement in the firmware...

[jasaircraft]

You are wrong if you think that you are already "doing your share of funding" just by selling ms. You shouldn't assume this kind of thing and if the main developers are telling you that it is a lot of work for doing this for free as they are saying, what gives you the right to Demand a feature that has been ask many time before and rejected.

You have no right to lock something that you sold, that's basically what you are asking and this was discuss before. If your worries are really for warranties it was already said that measures for notifying of tampering in the tune can be implemented and DO NOT REQUIRE A PASSWORD. I have heard a lot of reason but in the end the warranties are the only ones that i can more or less identify with and I am pretty sure that with a tampering meter or notifier if ever implemented will be enough for warranties void. I hope this does not offend people but Most tuners that know what they are doing don't care if any body sees their work(tunes) they know that that tune is for a specific engine and will not have the same result in other engines the same can be said for configurations etc that depends in how the ms ecu is wired in the car and the hardware that what use for the original installation.

Juan

Hola Juan, please dont put words on my mouth, I havent made a demand, but a suggestion
( obviously you cant really demand something if youre not directly hiring a person or staff)
, and if it is just too expensive to implement, well then just leave it there, this is just what I believe is a good suggestion, an evolution, an improvement in mind, nothing more.

Go ask the Pandoo ecu "real tuner" why he was dumb enough to leave the ecu open with the consequence of me having to fix it later...
Ive seen tuners wanabes try to setup ecus just to be able to start an engine and giving up at the end... why because they havent done their research homework or at least ask others that know more.
Did you copy your homework when you where in school? or did you actually do it?
If you actually did your homework and a classmate copied it and got better grade than you, did you think it was fair? hahah dont think so.

But as mentioned before the main reason is so that people that dont know squat about tuning and setup dont fiddle and mess up with the ecu for their own sake.

my 2 dollars by now haha

[juansh2385]

Juan[/quote]
Hola Juan, please dont put words on my mouth, I havent made a demand, but a suggestion
( obviously you cant really demand something if youre not directly hiring a person or staff)
, and if it is just too expensive to implement, well then just leave it there, this is just what I believe is a good suggestion, an evolution, an improvement in mind, nothing more.

Go ask the Pandoo ecu "real tuner" why he was dumb enough to leave the ecu open with the consequence of me having to fix it later...
Ive seen tuners wanabes try to setup ecus just to be able to start an engine and giving up at the end... why because they havent done their research homework or at least ask others that know more.
Did you copy your homework when you where in school? or did you actually do it?
If you actually did your homework and a classmate copied it and got better grade than you, did you think it was fair? hahah dont think so.

But as mentioned before the main reason is so that people that dont know squat about tuning and setup dont fiddle and mess up with the ecu for their own sake.

my 2 dollars by now haha[/quote]

This is point less and you analogy makes no sense if a classmate copied my homework he would have the same grade than me unless he improved it.
Did you code the decoder that you use in ms? No you didn't the code that you use was possible because the developer spent their time and the community share their data of the set-ups and a lot of testing.

any ways I am not going to loose more time on this topic.
Juan

[jasaircraft]

Juan

Hola Juan, please dont put words on my mouth, I havent made a demand, but a suggestion
( obviously you cant really demand something if youre not directly hiring a person or staff)
, and if it is just too expensive to implement, well then just leave it there, this is just what I believe is a good suggestion, an evolution, an improvement in mind, nothing more.

Go ask the Pandoo ecu "real tuner" why he was dumb enough to leave the ecu open with the consequence of me having to fix it later...
Ive seen tuners wanabes try to setup ecus just to be able to start an engine and giving up at the end... why because they havent done their research homework or at least ask others that know more.
Did you copy your homework when you where in school? or did you actually do it?
If you actually did your homework and a classmate copied it and got better grade than you, did you think it was fair? hahah dont think so.

But as mentioned before the main reason is so that people that dont know squat about tuning and setup dont fiddle and mess up with the ecu for their own sake.

my 2 dollars by now haha[/quote]

This is point less and you analogy makes no sense if a classmate copied my homework he would have the same grade than me unless he improved it.
Did you code the decoder that you use in ms? No you didn't the code that you use was possible because the developer spent their time and the community share their data of the set-ups and a lot of testing.


any ways I am not going to loose more time on this topic.
Juan[/quote]
I didnt writte the haltech code either but can still have this feature and do suggestions too. I cant loose my time on this either as im megsquirting a second subaru at the moment.