US regulators grant DMCA exemption legalizing vehicle software tinkering

Every three years, the Librarian of Congress issues new rules on Digital Millennium Copyright Act exemptions. Acting Librarian David Mao, in an order (PDF) released Tuesday, authorized the public to tinker with software in vehicles for "good faith security research" and for "lawful modification."

The decision comes in the wake of the Volkswagen scandal, in which the German automaker baked bogus code into its software that enabled the automaker's diesel vehicles to reduce pollutants below acceptable levels during emissions tests.

"I am glad they granted these exemptions," Sherwin Siy, said vice president for legal affairs for Public Knowledge in Washington, DC. "I am not glad it was necessary for them to do so in the first place."

Read 7 remaining paragraphs | Comments

Chester Nez, last of the original Navajo code talkers, dies at 93

US Marine Corps Cpl. Chester Nez receives an American flag from Pfc. Tiffany Boyd, at Code Talker Hall, Marine Corps Base Quantico, VA, April 4, 2014. The flag was flown over the Marine Corps War Memorial, on the first day of spring, in honor of Cpl. Nez's attendance at the Platoon 382 Hall rededication. Cpl. Nez was the last of the original 29 Navajo Code Talkers of World War II.

On Wednesday Chester Nez, one of the 29 original Navajo code talkers who worked for the US during WWII sending secret messages in their native language, died in his home in Albuquerque, New Mexico. Nez was 93, and his death was confirmed by Judy Avila, who helped him write his memoirs, according to The Los Angeles Times.

Nez was one of the first code talkers recruited for the job in 1942, while the US was seeing its codes broken over and over again by Japanese code breakers. According to AZCentral, he was in tenth grade when he was recruited by US Marines, who came to his boarding school in Arizona looking for native Navajo speakers.

Navajo has a complex grammar, and at the time there were few, if any, written records of the language. CNN notes that Nez and his peers were forbidden to speak Navajo growing up—until, of course, they were needed to devise a code based on the language. The 29 Navajo men attended boot camp at Camp Pendelton in California and there devised a dictionary with special words for military terms that did not exist in Navajo. They then memorized that dictionary, as the Naval History and Heritage Command recounts:

Read 4 remaining paragraphs | Comments

Free T-shirts? It’s not a scam, it’s #decodeme again!

Editor’s note: The puzzle code below relies on a peccadillo of Python which makes it version and compiler specific, amongst other things. This means you’ll probably get the wrong results. We do know, however, that the code works on Duck’s Mac, so we’re going to shift to a “cloud model” for solving it. Email Duck the code and the input data (if any) you want to use. If you’re on the right track, he’ll run it “in the cloud” and send you the results. If not, he’ll give you a hint or two to point you in the right direction.

It’s May, and that means it’s time for Australia’s biggest security conference, AusCERT2011, which takes place at the Royal Pines Resort on Queensland’s Gold Coast. The conference runs from Sunday 15 May 2011 to Wednesday 18 May 2011.

Once again, the Sophos stand is going to be the place to hang out.

We’ve produced another puzzle T-shirt in our acclaimed DecoDeme geek fashion range. The puzzle is just hard enough to take a bit of solving, but not so hard that it will distract you from the conference or the evening cocktail parties.

So if you’re attending the event, be sure to come by the stand and pick up your free T-shirt. (Don’t forget to wear it while you’re at the conference!)

You can have a T-shirt even if you don’t intend to solve the puzzle. But we suggest you do – and we’ll be giving out hints on the stand to help you along – because that will put you in line to win a cool 1/16th scale remote-controlled tank.

Solve the puzzle, attend my talk (just before afternoon tea on Monday in the Purple room), and you could walk out with the tank.

In fact, you could win two tanks. We’re also running a prize draw for a second tank. Winning the puzzle prize is clearly the more glamorous option, and will give you several minutes of fame amongst a modestly-adoring crowd of a modest size, but you may as well enter the prize draw as well. Think of it as backup.

If you’re planning to have a go at the puzzle, the source code of the T-shirt is given below to save you typing it in from the image above. (We’ve been a bit sneaky by making the text on the shirt itself very slightly different. We do want to see you on our stand, after all.)

But if you write code to solve this “pre-release” version, you should be able to re-use it to solve the puzzle on the shirt within seconds. So it’s worth putting in a little early research.

And don’t forget, you can ask for hints at the conference. You can also follow me on Twitter(@duckblog) and watch out for clues with the hashtag #decodeme.

Oh. One more thing. We’ve got a bunch of funky-looking Naked Security T-shirts on the stand. But you’ll only know to ask for one if you’ve read this article.

%~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~%
|                                      |
|     import-random!def-shrubbery(     |
|    ni):!-p='ewigsacgtwdbdzaco'!-k    |
|  =dict([[i,chr(97+i)]-for-i-in-rang  |
|  e(26)])!-ra                 ndom.s  |
|  eed(ni)!-                   random  |
|  .shuffle   (k)!-k=dict([[v,i]-for-i |
| ,v-in-k.i    tems()])!-c=''!-for-i-i |
|  n-range(l                 en(p)):-c |
|   +=chr(97+                k[p[i]])! |
|   -return-'http://sophos.    com/an  |
|    z/'+c+'.html'!#-Key-i     s-a-fo  |
|     ur-le                    tter-   |
|        wor                 d-fro     |
|           m-a--Monty--Python--       |
|             sketch!print(shr         |
|                ubbery(key            |
|                  --))--              |
|                                      |
%~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~%