Remote Driving Controversial In UK, But It’s Already Here

The automotive industry is rushing towards autonomous vehicles as a futuristic ideal. They haven’t got the autonomous part sorted just yet. However, as part of this push, the technology to drive vehicles remotely via video link has become mature.

In the United Kingdom, there has been great controversy on whether this should be allowed, particularly for vehicles piloted by individuals outside the country’s borders. That came to a head with a Law Commission repot published earlier this year, but since then, innovative companies have continued to work on remote driving regardless. Let’s dive in to the current state of play.

Continue reading “Remote Driving Controversial In UK, But It’s Already Here”

When Does Car Hacking Become “Tampering”? The British Government Seeks Guidance

When a government decides to take a look at your particular field of experimentation, it’s never necessarily a cause for rejoicing, as British motor vehicle enthusiasts are finding out through a UK Government consultation. Titled “Future of transport regulatory review: modernising vehicle standards“, the document explains that it is part of the process of re-adopting under UK law areas which have previously been governed by the European Union. Of particular interest is the section “Tackling tampering”, which promises a new set of offences for “tampering with a system, part or component of a vehicle intended or adapted to be used on a road“.

They go into detail as to the nature of the offences, which seem to relate to the production of devices designed to negate the safety or environmental features of the car. They’re at pains to say that they have no wish to target the legitimate car modification world, for example in motorsport or restoration, but it’s easy to see how a car hacker might inadvertently fall foul of any new rules. It’s worried the enthusiasts enough that a petition has been launched on the UK parliamentary petition site, making the point that the existing yearly MOT roadworthiness test should fulfill the function of taking any illegal vehicles off the road.

We’re always wary when governments wander into our purview, and given where this is being written it’s fair to say that British governments have had their fair share of ill-considered laws in their time. But before we call doom upon the future of car hacking for Brits, it’s worth remarking that they don’t always make a mess in this arena. The rules for the Individual Vehicle Approval test for putting a home-built car on the road are far from a bureaucratic nightmare for example, instead being a relatively sensible primer in building a safe motor vehicle.

So we’d suggest not to panic just yet, but perhaps any British readers might like to respond appropriately to the consultation and the petition in the interests of nudging them in the right direction.

Thanks [Adam Quantrill] for the tip.

Brute-Forced Copyrighting: Liberating All The Melodies

Bluntly stated, music is in the end just applied physics. Harmony follows — depending on the genre — a more or less fixed set of rules, and there  are a limited amount of variation possible within the space of music itself. So there are technically only so many melodies possible, making it essentially a question of time until a songwriter or composer would come up with a certain sequence of notes without knowing that they’re not the first one to do so until the cease and desist letters start rolling in.

You might well argue that there is more to a song than just the melody — and you are absolutely right. However, current copyright laws and past court rulings may not care much about that. Aiming to point out these flaws in the laws, musician tech guy with a law degree [Damien Riehl] and musician software developer [Noah Rubin] got together to simply create every possible melody as MIDI files, releasing them under the Creative Commons Zero license. While their current list is limited to a few scales of fixed length, with the code available on GitHub, it’s really just a matter of brute-forcing literally every single possible melody.

Admittedly, such a list of melodies might not have too much practical use, but for [Damien] and [Noah] it’s anyway more about the legal and philosophical aspects: musicians shouldn’t worry about getting sued over a few overlapping notes. So while the list serves as a “safe set of melodies” they put in the public domain, their bigger goal is to mathematically point out the finite space of music that shouldn’t be copyrightable in the first place. And they definitely have a point — just imagine where music would be today if you could copyright and sue over chord progressions.
Continue reading “Brute-Forced Copyrighting: Liberating All The Melodies”

Morse Code Catches Google Swiping Lyrics

We think of Morse code in terms of dots and dashes, but really it’s a kind of binary code. Those symbols might as well be 0s and 1s or any other pair of characters. That attribute is exactly what led to a sting operation a music lyric site called Genius.com pulled on Google. At issue was a case of song lyrics that had allegedly been stolen by the search giant.

Song lyric sites — just like Google — depend on page views to make revenue. The problem is that in a Google search the lyrics appear on the search page, so there is no longer much incentive to continue to the song lyric site. That’s free enterprise for you, right? It is, but there was a problem. It appears that Google — or, according to Google, one of their partners — was simply copying Genius.com’s lyrics. How does Genius know the song lyrics were copied? According to news reports in the Wall Street Journal and other sources, they used Morse code.

Continue reading “Morse Code Catches Google Swiping Lyrics”

FAA Proposes Refined Drone Regulations

The wheels of government move slowly, far slower than the pace at which modern technology is evolving. So it’s not uncommon for laws and regulations to significantly lag behind the technology they’re aimed at reigning in. This can lead to something of a “Wild West” situation, which could either be seen as a good or bad thing depending on what side of the fence you’re on.

In the United States, it’s fair to say that we’ve officially moved past the “Wild West” stage when it comes to drone regulations. Which is not to say that remotely controlled (RC) aircraft were unregulated previously, but that the rules which governed them simply couldn’t keep up with the rapid evolution of the technology we’ve seen over the last few years. The previous FAA regulations for remotely operated aircraft were written in an era where RC flights were lower and slower, and long before remote video technology moved the operator out of the line of sight of their craft.

To address the spike in not only the capability of RC aircraft but their popularity, the Federal Aviation Administration was finally given the authority to oversee what are officially known as Unmanned Aerial Systems (UAS) with the repeal of Section 336 in the FAA Reauthorization Act of 2018. Section 336, known as the “Special Rule for Model Aircraft” was previously put in place to ensure the FAA’s authority was limited to “real” aircraft, and that small hobby RC aircraft would not be subject to the same scrutiny as their full-size counterparts. With Section 336 gone, one could interpret the new FAA directives as holding manned and unmanned aircraft and their operators to the same standards; an unreasonable position that many in the hobby strongly rejected.

At the time, the FAA argued that the repealing Section 336 would allow them to create new UAS regulations from a position of strength. In other words, start with harsh limits and regulations, and begin to whittle them down until a balance is found that everyone is happy with. U.S. Secretary of Transportation Elaine L. Chao has revealed the first of these refined rules are being worked on, and while they aren’t yet official, it seems like the FAA is keeping to their word of trying to find a reasonable middle ground for hobby fliers.

Continue reading “FAA Proposes Refined Drone Regulations”

France Proposes Software Security Liability For Manufacturers, Open Source As Support Ends

It sometimes seems as though barely a week can go by without yet another major software-related hardware vulnerability story. As manufacturers grapple with the demands of no longer building simple appliances but instead supplying them containing software that may expose itself to the world over the Internet, we see devices shipped with insecure firmware and little care for its support or updating after the sale.

The French government have a proposal to address this problem that may be of interest to our community, to make manufacturers liable for the security of a product while it is on the market, and with the possibility of requiring its software to be made open-source at end-of-life. In the first instance it can only be a good thing for device security to be put at the top of a manufacturer’s agenda, and in the second the ready availability of source code would present reverse engineers with a bonanza.

It’s worth making the point that this is a strategy document, what it contains are only proposals and not laws. As a 166 page French-language PDF it’s a long read for any Francophones among you and contains many other aspects of the French take on cybersecurity. But it’s important, because it shows the likely direction that France intends to take on this issue within the EU. At an EU level this could then represent a globally significant move that would affect products sold far and wide.

What do we expect to happen in reality though? It would be nice to think that security holes in consumer devices would be neutralised overnight and then we’d have source code for a load of devices, but we’d reluctantly have to say we’ll believe it when we see it. It is more likely that manufacturers will fight it tooth and nail, and given some recent stories about devices being bricked by software updates at the end of support we could even see many of them willingly consigning their products to the e-waste bins rather than complying. We’d love to be proven wrong, but perhaps we’re too used to such stories. Either way this will be an interesting story to watch, and we’ll keep you posted.

Merci beaucoup [Sebastien] for the invaluable French-language help.

French flag: Wox-globe-trotter [Public domain].

Crowdfunding Is Now A Contract Between Company And Backer

Kickstarter is not a store. Indiegogo is not a store. Crowdfunding is not buying something — you’re merely donating some money, and you might get a reward for your pledge. Caveat emptor doesn’t apply, because there is no buyer, and no one can figure out what the correct Latin translation for ‘backer’ is. These are the realities that have kept Indiegogo and Kickstarter in business, have caused much distress in people who think otherwise, and have been the source of so, so many crowdfunding follies.

Now, finally, crowdfunding is being legally recognized as a store. The Register reports a court in England has ruled against Retro Computers Ltd and said it had formed a contract of sale with crowdfunding backer Rob Morton. For one person, at least, for one of their pledges, Indiegogo is a store.

The crowdfunding campaign in question is the Retro Computers’ Sinclair ZX Spectrum Vega Plus, a small device not unlike the Commodore 64 direct to TV joysticks. The Spectrum Vega simply plugs into your TV, reads an SD card, and plays old ‘speccy games. Clive Sinclair, the genius who brought us the Spectrum, strange flat CRTs, and a host of other inventions, was involved in this campaign. In the years since the campaign ended, there have been numerous updates and Retro Computers still says they intend to deliver the device. Morton, apparently fed up with the delays, brought a suit against Retro Computers for the grand sum of £584: £85 for the Spectrum pledge, £5 for shipping, and the remainder for travel expenses and lost wages for the court date.

District Judge Clarke of Luton County Court heard the case and ruled against Retro Computers, finding there was a contract of sale between Morton and Retro Computers Ltd.. Evidence included a number of copies of Morton’s order, a document the judge pointed out as saying ‘this order’ and not ‘this pledge’. Additionally, the judge found the fine print on Indiegogo does not negate a contract of sale; there was still an implied agreement between Morton and Retro Computers, and Retro Computers had breached the contract by not delivering a Spectrum.

It should go without saying that this finding does not apply to every project on Indiegogo, it does not apply to Kickstarter, and nor does it apply to every crowdfunding campaign. This does not even apply to all backers of the Spectrum Vega Plus. Still, there are hundreds of thousands of backers for crowdfunding projects that haven’t received what they paid for, and if nothing else this story gives just a little bit of satisfaction to anyone that’s still waiting on an undelivered product.