Staff Writer - CheersandGears.com
July 29, 2013
Three computer scientists who were going to publish a paper on how to circumvent the security system that verifies the identity of an ignition key have been stopped by the UK High Court.
Flavio Garcia, a computer science lecturer at the University of Birmingham and Baris Ege and Roel Verdult, two cryptography experts from Dutch university Stichting Katholieke were going to publish a paper at the Usenix Security Symposium in Washington DC next month. The paper was to outline how they were able to crack a system called Megamos Crypto, a system that allows a vehicle to check the identity of a ignition key.
However, Volkswagen filed an injection against the publication of this report due to four of its brands (Audi, Bentley, Lamborghini, and Porsche) using this system. Volkswagen told the court that the Megamos Crypto system was used in a number of its vehicles and other vehicles and that the publication could "allow someone, especially a sophisticated criminal gang with the right tools, to break the security and steal a car". Volkswagen goes onto say that they asked the scientists to publish a redacted version of their paper. They declined.
The scientists argued that "the public have a right to see weaknesses in security on which they rely exposed". Otherwise, the "industry and criminals know security is weak but the public do not". They also argued that the paper would not increase the theft of vehicles due to the process to crack the system is complicated and costing £50,000 (about $76,785) to do it.
Source: The Guardian