From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qk1-x735.google.com (mail-qk1-x735.google.com [IPv6:2607:f8b0:4864:20::735]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 96F853CB42 for ; Wed, 21 Nov 2018 16:06:20 -0500 (EST) Received: by mail-qk1-x735.google.com with SMTP id 131so5744346qkd.4 for ; Wed, 21 Nov 2018 13:06:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=2tr8EOuCgdcjP5L5utik2mOldLAFu0m9MLnBhwi7nJY=; b=eL/FbVyym6jq8eC0xqVKpsuteKYYiUhCs6K8jz4tTgaE/9wduwp4qJjrJAevR6WnWs 9o/3f4EzOTrH/qKIU18n7vz7VFTtYy7ITAKY5eGg469OnLzsQuHoW0rMqfehtuOsQJrh W9UM6Azu30bvlXqs176t51dd/kS4jD+z/BhYQYt0E+Q2TnhFJkEMZl1Xkvp/hdGPKYYX e24vGl44NpLCsVCSCSH/3mwc3La6jHHIYbChAcu3y2rNR14TFX1Fv2ehk/XO2Djw7sSw CafzMAY2WkVUrW43y8RRvbZd7yvYUjHsBoPTPuS1g0N7nSPuAlUJCmFjnFIv45siLnUP uPcw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=2tr8EOuCgdcjP5L5utik2mOldLAFu0m9MLnBhwi7nJY=; b=OjkR+R1MMnwdMD3gBZYSntLhdhYOjxTWdrNRiE0AMFZShVNaDE6qnB9yZSMyovgD51 ZpmbnZCUv8tP4hwIADnNVQZjQujWKcs+UseZmVHsX9slLqRtLNmtZJC91KQMYGjeG9mr KetJ2d2dA3tfTrY4/heV/RkKk2PpP0hu9yD0NlOtEVA3ngu8ONlvcgQhscMPhDANCR+h kTTUGewan3bgUM3x6Iooj4r9Tuyciz2kdEYnRxo/iPHT8W3iqY1DtBE5+DhKOnJ9atdf TMXAm9HgaG8JWulDpArk9l9ygBgWDf4WRPb7ATmfgTm4PgXTgqO7S0eQVsGTQXyoxYtH 1LJw== X-Gm-Message-State: AA+aEWYtock3TqmlTprnYsjht28Pjr1unNb3Uyd2k+oVfMq1PreEoO+n T6AuDw5c+emDHZcqrXVYrARmjlM+iP3q8xld+5Y= X-Google-Smtp-Source: AFSGD/UgmLWzML5K8peMBEqjMBv7/U8NT+wgmSrL2vuYtpsOtlOMBAqsH4ymJqN+sIAsHbl+oTDizMgMY0Tdl084Q5I= X-Received: by 2002:ae9:ee02:: with SMTP id i2mr7061642qkg.179.1542834380022; Wed, 21 Nov 2018 13:06:20 -0800 (PST) MIME-Version: 1.0 References: <1542820669.4117191@apps.rackspace.com> In-Reply-To: <1542820669.4117191@apps.rackspace.com> From: Dave Taht Date: Wed, 21 Nov 2018 13:06:06 -0800 Message-ID: To: dpreed@deepplum.com, Make-Wifi-fast Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: Re: [Make-wifi-fast] Car tire tracking X-BeenThere: make-wifi-fast@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2018 21:06:20 -0000 On Wed, Nov 21, 2018 at 9:17 AM David P. Reed wrote: > > Schneier wrote in 2008 that some TPMS's have unique identifiers in the ti= re pressure sensors, and that the government requires that they be register= ed! https://www.schneier.com/blog/archives/2008/04/tracking_vehicl.html > > > > He seems to be a reliable source, but I'm skeptical that the tires radiat= e bluetooth signals for a lot of reasons. However, that doesn't make it les= s troubling. > > > > Now I am motivated to develop a software receiver that can tell me my tir= e pressure sensor info. Good use for my new XTRX that just arrived, serendi= pitously, today. Pretty cool. Does it also already do LTE? > > > > Gotta find the specs of the radio system (hopefully NOT bluetooth) somewh= ere. If the gov't requires it to be a standard, it's probably open to the p= ublic. > > > > And then I can have fun hacking other people by sending fake tire pressur= es for their tires! Heh. > > > > RTL-SDR probably can handle receiving what I suspect is the actual coding= , though it's can't handl bluetooth frequency hopping. > > > > > > -----Original Message----- > From: "David P. Reed" > Sent: Wednesday, November 21, 2018 11:48am > To: "David P. Reed" > Cc: "David Lang" > Subject: Car tire tracking > > I think everyone who works in "wireless", especially mobile wireless, sho= uld become well aware of privacy concerns. > > > > Privacy isn't just about secrecy, but about how information gathered by s= ensors is used by others. Now that it's trivial to gather terabytes of pers= onally sensitive information and analyze it, we have to live in a Surveilla= nce Society whether we like it or not. My own thinking (admittedly anarchis= t-libertarian) is that Norms need to grow, because Laws can't. Engineers (t= he ones who design and maintain systems) have professional responsibilities= for the societal impacts of their systems. THey are not allowed to subcont= ract that to the people who specify or regulate their output. > > > > So if we know how to, or can invent a way to, maintain privacy better for= all (users and bystanders), we really must. > > The shareholders/owners of profit-maximizing companies won't, and the gov= ernment (even the elected one) won't. > > > > Which is why I am following up on tire pressure gauge unique addressabili= ty. Anonymous car presence detection is a whole 'nother thing. > > > > By the way, Dave, I'm sure you know that the WiFi MAC is the technology s= tandard of choice for inter-vehicle communications in the Transportation de= partments and ministries of the world. One thing to argue for is to require= MAC address randomization and periodic (every 10 minutes?) changes. > > > > Convoying in the Smart Car and Autonomous Car industries is an important = design goal. That requires some kind of "addressing" but it really should b= e non-unique, anonymizing. That follows the standard Principle of Least Pri= vilege in systems architecture, which every engineer of information and con= trol systems should have at front of mind for new designs. > > > > Fortunately, nearly all users of the 802.11 protocol assume that the MAC = address can dynamically change, and the hardware in the 802 standard device= s all seem to support it. > > IPv6 actually supports (and IETF best practices encourage) randomization = of the lower 64 bit half of the 128-bit address, with the upper 64 bits bei= ng the coarse grained routing mechanism, including subnetting. So one can i= ndeed randomize at the IPv6 level for privacy, given the design that allows= multiple v6 addresses per interface. You can have different "personae" in = IPv6. > > > > This good-privacy-in-the-design can get broken by thoughtless engineering= . > > > > That's why I spread the word. > > > > --=20 Dave T=C3=A4ht CTO, TekLibre, LLC http://www.teklibre.com Tel: 1-831-205-9740