Question for US Rules committee on AH capability within LX NAV computers?

Paul Remde wrote:
It would not be possible for anyone other than LXNAV to make changes
to those products.

Paul, that is wrong, did you read my reply to your first post here?

"Max Kellermann" wrote in message
...
Paul Remde wrote:
It would not be possible for anyone other than LXNAV to make changes
to those products.

Paul, that is wrong, did you read my reply to your first post here?

___________________

Hi Max, Please clarify. How could it be possible to mess with the LXNAV
LX8000, LX8080 and LX9000 firmware?

In your first reply I assumed that you were saying LX8000 when you meant
LK8000.

Paul Remde

Paul Remde wrote:
Hi Max, Please clarify. How could it be possible to mess with the LXNAV
LX8000, LX8080 and LX9000 firmware?

The LXNav products are just Linux PCs, and it is easy to install a
customized firmware.

The LXNav firmware update comes with a shell script that gets executed
on the LX8000 (autorun.sh), and that would be the easiest hook of all
to get custom code in.

Once you have your custom AH code in, you can easily run it as a Linux
daemon, overlaying its data on the Linux frame buffer (/dev/fb0).

To detect such a hack, you would need to inspect all of the LX8000's
memory, it would be as hard as detecting a computer virus or a
rootkit. In other words: practically impossible for a competition to
do.

(The same is true for any other flight computer, the LX8000 is just an
example, because my club has one and I know well how the firmware
works)

In your first reply I assumed that you were saying LX8000 when you meant
LK8000.

No. The LK8000 name was explicitly choosen to get mixed up with
LX8000, to benefit from its good name, but no I really meant LXNav
LX8000.

Max

I shouldn't really but want to see if any out there have seen this?

http://www.aviation.levil.com/AHRS_mini.htm

Looks a cool piece of kit. Pity I'm not into cloud flying otherwise this could be quite compelling.

Colin

p.s. I don't live in the US or contest fly

This should be mandatory in the US! Of course we won't fly into clouds
because we're all honest. The Rules Committee should OK this immediately
for the safety of all! Tax payers should gladly purchase these for all
glider pilots!

Uhhhh... Nevermind...



"Ventus_a" wrote in message
...

I shouldn't really but want to see if any out there have seen this?

http://www.aviation.levil.com/AHRS_mini.htm

Looks a cool piece of kit. Pity I'm not into cloud flying otherwise
this could be quite compelling.

Colin

-p.s.- I don't live in the US or contest fly




--
Ventus_a

At 06:42 09 April 2012, Max Kellermann wrote:
Paul Remde wrote:
Hi Max, Please clarify. How could it be possible to mess with the
LXNAV

LX8000, LX8080 and LX9000 firmware?

The LXNav products are just Linux PCs, and it is easy to install a
customized firmware.

The LXNav firmware update comes with a shell script that gets executed
on the LX8000 (autorun.sh), and that would be the easiest hook of all
to get custom code in.

Once you have your custom AH code in, you can easily run it as a Linux
daemon, overlaying its data on the Linux frame buffer (/dev/fb0).

To detect such a hack, you would need to inspect all of the LX8000's
memory, it would be as hard as detecting a computer virus or a
rootkit. In other words: practically impossible for a competition to
do.

(The same is true for any other flight computer, the LX8000 is just an
example, because my club has one and I know well how the firmware
works)

Seriously this identifies the problem with this sort of rule: it is
impossible to enforce. A rule that cannot be enforced, like a law that is
not enforced is seldom complied with even by "honest" people. Pandora is
out of the box, technology has overtaken the ability to detect the fitting
or use of such an instrument. The FAI is as out of touch with reality on
this as they are with flight recorders, hacking the code for IGC files is
now so simple that it is no longer secure and it matters not how long the
key is. (The private key is in every flight recorder produced so all you
have to so is break into the software to get it, who wants to try and
compute it from the public key?)
When making rules one of the primary considerations should be "can it be
enforced"? Far to often the answer is no but ignorant people still make the
rule.

On Apr 13, 5:50*pm, Don Johnstone wrote:
(The private key is in every flight recorder produced so all you
have to so is break into the software to get it, who wants to try and
compute it from the public key?)

The correct wording here would be that "A private key is in every
flight recorder produced so all you have to do is break into the
hardware to get it". Thank you for warning us, every badge or record
flight made by you or your mates in the future will require that the
flight recorder be sent to the IGC for inspection 8^)

Marc