trustleap driverless cars
TRANSCRIPT
Is technological progress doomed to serving
the needs of the darkest human corners?
Aug 22, 2015 | 2,781 views this week
The point of view of "The Economist"
In its “From horseless to driverless” article the pollution, space and safety advantages are
lengthly exposed – including the business opportunities for “driverless car fleet owners”.
An interesting ethical question is presented: who should have the choice of “minimizing
injuries to their own passengers” vs “minimizing arm overall”.
In this essay, I will try to focus on an entirely new class of systemic risks caused by these
emerging "connected" or "smart" industries (transportation, health, energy, etc.), and think
about what could constitute a viable solution for all players: regulators, vendors and users.
Remote Individuals at the Wheel
Plenty of reports indicate that today's cars (all recently manufactured cars are "connected")
© 2015 TWD Indus t r ies AG - A l l R igh ts Rese rved .© 2015 TWD Indus t r ies AG - A l l R igh ts Rese rved . Page Page 1/5
were remotely hacked by security researchers willing to demonstrate how easily people can
be killed without leaving a trail of evidence linking the victim(s) to the murderer(s).
In this picture, what would prevent jealous neighbors, business rivals or unhappy blackmail
crooks from crashing your car running at full-speed on the highway – with you inside?
Thanks to the systemic vulnerability of today's infrastructure, History would be
conveniently rewritten into the car black box, stating that the autopilot was deactivated and
followed by an(other) “irresponsible” driver decision: a switch to manual mode – the driver
being the only party to blame for this deadly accident.
That's a perfect crime leaving no smocking gun. Even surveillance cameras would confirm
the responsibilities of the crash: one more proof that an human was at the wheel as robots
are not able to do that kind of idiotic moves.
Remote Organizations at the Wheel
Let's change scale of the damage and consider the potential for larger conflicts of interests.
A “connected car fleet operator” could consider purposely crashing a competitor's fleet. Or
private/government contracts could be awarded to fleets that help resolving private/public
pension funds crises by taking care of elderly car users. Chronically sick car owners could
be promoted as priority crash targets for the sake of saving a national health-care system - or
the balance-sheet (and bonuses) of a private insurer.
Accordingly, Wall-Street would jump on the opportunity to place "options" on a car
manufacturer, insurer, or government's bonds.
It could be less grandiose: the inhabitants of a district could be randomly crashed to
facilitate the building of yet another pharaonic business complex, stadium or airport.
Going deeper in the mud, people not matching the desired standards (race, religion, political
views, financial power, etc.) could be sent back to their creator, earlier than initially
planned, to promote – or to eliminate – a single category of humans, locally, nationally, or
worldwide.
Is it mere science-fiction? Since Orwell wrote "1984" many of his technological and
sociological bets have become part of our everyday lives.
© 2015 TWD Indus t r ies AG - A l l R igh ts Rese rved .© 2015 TWD Indus t r ies AG - A l l R igh ts Rese rved . Page Page 2/5
Connected and driverless cars provide endless “management” opportunities for creative
people so this is only a matter of time before we see this happening.
Let's quote The Economist again, in its "The Internet of things (to be hacked)" article:
"To avoid lurid headlines about car crashing, insulin overdoses and houses burning, tech
firms will surely have to embrace higher [security] standards."
Is technological progress doomed to serving the
needs of the darkest human corners?
Once these capabilities in the hands of a few “Masters of the Universe”, what can be done
to detect (and prevent) such abuses from happening is not clear for most of us.
But an overwhelming majority of people will start to care when their neighbors will go
away in dust and flames.
Restoring the Trust
A few months after The Economist's alarming article, Academic Research (in Europe,
Commonwealth, and Asia) dedicated millions of euros of public funding to focus on “post-
quantum” encryption:
“Post-quantum cryptography for long-term security“ (reference: 645622)
Online banking, e-commerce, telemedicine, mobile communication, and cloudcomputing depend fundamentally on the security of the underlyingcryptographic algorithms. These systems are all broken as soon as largequantum computers are built. The EU and governments around the world areinvesting heavily in building quantum computers; society needs to beprepared for the consequences, including cryptanalytic attacksaccelerated by these computers. Long-term confidential documents such aspatient health-care records and state secrets have to guarantee securityfor many years, but information encrypted with today's standards andstored until quantum computers are available will then be as easy todecipher as Enigma-encrypted messages are today.
The challenge is to find solutions guaranteeing end-to-end securityregardless of improvements in attacker hardware or computationalcapabilities.
Technische Universiteit Eindhoven (NL), Bundesdruckerei GmbH (DE),Danmarks Tekkniske Universitet (DK), INRIA (FR), Katholieke UniversiteitLeuven (BE), NXP Semiconductors Belgium NV (BE), Ruhr-Universitaet Bochum(DE), Stichting Katholieke Universiteit (NL), Technische UniversitaetDarmstadt (DE), Univerisity of Haifa (IL), Academia Sinica (TW).
© 2015 TWD Indus t r ies AG - A l l R igh ts Rese rved .© 2015 TWD Indus t r ies AG - A l l R igh ts Rese rved . Page Page 3/5
It sounds like a good fit as these algorithms aim to be stronger than their ancestors (AES,
DH, RSA, etc.).
But today's connected cars, tomorrow's driverless cars, consumers and vendors will have to
wait, as the Academic R&D on post-quantum encryption plans to deliver mere
recommendations for “horizon 2020”... which will then have to be tested and verified by
other security researcher... as these works are not cryptographically provably-unbreakable.
Consequences on the Critical Infrastructure
How serious is the threat of Quantum Computers? According to this R&D project:
“information encrypted with today's standards and stored until quantum computers are
available will then be as easy to decipher as [1920] Enigma-encrypted messages are
today.”
This demonstrates the obsolescence of any security based on “computational hardness”, the
only “truth” taught in Universities today – and the need for provably-secure designs.
Restoring the trust, worldwide, is clearly not only for connected cars
In June 2015, Germany installed US “Patriot” missiles on the Turkish-Syrian frontier, in
cooperation to the US and Italy. The Spiegel reported that these missiles have been remotely
hacked by unidentified people.
Then, the heads of these missiles have been removed and sent back to the USA for an
upgrade.
If military systems are not resilient enough to these new threats, the common critical
infrastructure (finance, energy, transports, water, IT, telecoms, pharma, government) is
certainly even more exposed to uncontrolled risks, like the US NASDAQ stolen and taken-
down by hackers since 2011.
Provably-Secure, Right Now!
TWD Industries AG has already delivered a commercial communication "post-quantum"
solution and is therefore more advanced than the International R&D consortium is expected
to deliver recommendations “around 2020”.
© 2015 TWD Indus t r ies AG - A l l R igh ts Rese rved .© 2015 TWD Indus t r ies AG - A l l R igh ts Rese rved . Page Page 1/5
To reach a wider market (limited today by the deployment of network appliances), TWD has
launched a new R&D project with a Swiss University to deliver low-cost, low-consumption,
high-performance microchips suitable for the looming "IoT" (Internet of Things) wave of 50
billion connected objects.
Academic collaboration, critical infrastructure partners and investors will let pioneers
establish themselves as world leaders in this market – with the accompanying economic
growth and international reputation gain long-waited in a disillusioned "post-Snowden"
world.
Switzerland has a long background of neutrality, and hosts international organizations and
conferences – on the top of being a business-friendly place. Yet another reason for many
partners to participate to this initiative.
TWD, a 17-year old company, is leveraging its own IP (Intellectual Property) rights... in a
world where larger companies prefer to let Academics do the hard and costly research for
them. Leadership does not wait, it opens the way for others: everyone is invited, competitors
included!
Nevertheless, some vendors waiting for other Academia players to deliver will doubtlessly
describe this essay as mere self-promotion.
Tell that to the lucky owners of new cars – 100% of which are described as “vulnerable”, to
the users of pace-makers and insulin pumps... or to the airline customers – which planes'
have remote-control capabilities since 9/11.
As Victor Hugo said, "Nothing is harder to stop than an idea whose time has come".
Tags: Hacking, Infrastructure Security, IoT
© 2015 TWD Indus t r ies AG - A l l R igh ts Rese rved .© 2015 TWD Indus t r ies AG - A l l R igh ts Rese rved . Page Page 2/5