If it’s anything like the code in passenger vehicles or airplanes, it is:
- spaghetti code that’s difficult or impossible to formally exercise fully in unit, comprehensive, or proof-centric testing
- delivered as compiled binaries for industrial-chip architectures by e.g. Renesas that have extremely hardened hardware and resilience
- annoying but feasible to reverse engineer in Ghidra
- designed to prioritize repairability over firmware signature enforcement
- has an undocumented but wire-sniffable protocol for firmware updates
So I am of a mind to take their statement at face value, because it’s vanishingly unlikely that the U.S. disallows field patching of a warplane due to lacking a crypto private key, much less bothers to spend money on crypto-attestation style locks. This is USgov military-industrial, not Bay Area marketer tech à la Google; competent security practices in deployed hardware are not likely to be the norm, especially not when every plane includes armed guards free of charge to the contract.
If I were a competent defense partner with the USgov, I would have already commissioned and complete a full decompilation, because duh. That the Dutch are saying this openly is charming but not particularly surprising. Presumably there’s a US backdoor in the IFF module, for instance, and while it’s fine to leave it in place, it’s better than fine to patch a warning alert in so that you know when it’s exercised. This is basic defense programming 101 stuff here, right? .. right?
Joker_vD|14 days ago
altairprime|14 days ago
- spaghetti code that’s difficult or impossible to formally exercise fully in unit, comprehensive, or proof-centric testing
- delivered as compiled binaries for industrial-chip architectures by e.g. Renesas that have extremely hardened hardware and resilience
- annoying but feasible to reverse engineer in Ghidra
- designed to prioritize repairability over firmware signature enforcement
- has an undocumented but wire-sniffable protocol for firmware updates
So I am of a mind to take their statement at face value, because it’s vanishingly unlikely that the U.S. disallows field patching of a warplane due to lacking a crypto private key, much less bothers to spend money on crypto-attestation style locks. This is USgov military-industrial, not Bay Area marketer tech à la Google; competent security practices in deployed hardware are not likely to be the norm, especially not when every plane includes armed guards free of charge to the contract.
If I were a competent defense partner with the USgov, I would have already commissioned and complete a full decompilation, because duh. That the Dutch are saying this openly is charming but not particularly surprising. Presumably there’s a US backdoor in the IFF module, for instance, and while it’s fine to leave it in place, it’s better than fine to patch a warning alert in so that you know when it’s exercised. This is basic defense programming 101 stuff here, right? .. right?
rolph|14 days ago
espionage, would be the name of that witch.
morkalork|14 days ago