I know it means 32nd but every time I read āthirty secondā I think the video will last 30 seconds. This is made worse by the actual length of the video, I mean, this stuff really fascinates me but a hour+ long talk by hackers about the software in a car, that is really longā¦ Ok, I guess Iāll give it a go 
Is there a text version of this anywhere? An hour long video is far too long for something like this in my opinion, iām not that bored 
Iād rather have a condensed, edited version of around 30mins. I watched like the first 2 minutes and decided i just didnāt want to sit through the whole hour, even though i genuinely think that the talk is interesting.
While weāre making requests, please replace the teaser āThey also reveal that theyāve discovered other cars that use VWās techniques to cheat on testsā with a list of the cars they discovered.
Just finished. The teaser is 100% wrong - they didnāt identify any other cars that use the techniques. They did point out that BMW (back in 2000) used a similar cheat on a motorcycle (which as far as I know isnāt a car) - was caught right away (within a year) and it wasnāt a huge issue.
The talk itself is fascinating. In a nutshell:
- ECU of the car has 2 emissions modes that it uses - because the more complex and emissions efficient model doesnāt work in some operating ranges of the engine a simpler model is available to allow āsomeā emissions reduction.
- The two models are setup with a flag that essentially makes it impossible for the car to use the more complex model
- There is an additional check that watches the driving cycle and actually will use the complex model if it matches one of three driving curves (which match the testing methods)
- On a dyno watching the variables in real time you can see the amount of āad-blueā (urea) injected into the exhaust and the model the car is using - when following a testing cycle you can see large amounts of āad-blueā injected and as soon as you exit the cycle it switches models and almost none is added.
- Because of how cars operate itās possible that cars in different markets have different code and or variables that affect these operations - the test was done on a German market diesel.
There is also quite a bit of talk about the number of people involved, and the way VW handles development, attempting to show that there is no way this was a rogue engineer. A statement was made at one point that the company that supplied the software to VW (Bosch) indicated that they informed VW of itās illegality - however Iāll be honest the point was murky and I didnāt see anything to back that up.
Wait, I thought the DMCA made this exact kind of analysis a felony?
From the talk I donāt believe they ever de-encrypted anything - the security here is based on the software being on a proprietary chip. He did use an exploit to be able to copy the software off the flash - but depending on what he did it may or may not have violated the DMCA.
*edit DMCA - stupid acronym.
excellent presentation - very worthwhile - if you donāt have time for the whole thing, just watch the second guy (dark shirt) - heās a systematic and careful engineer, puzzling out these illogical parameters - the applause when he overlays the two graphs was thoroughly deserved - VW is so screwed
Be really careful when hacking the program. I used the console on my Volkswagen (with whatever-German-for-the-tilde-key is) and, instead of God Mode, accidentally enabled infinite emissions. Global Warming is my fault. My apologies.
Skip to the 35 minute markā¦ the 1st half is more about regulations, how engineering work, etc.
I was under the impression that the VWās affected in the US didnāt use urea injection. This was one of the main reasons this engine was being tested in the first placeā¦
The best CCC talks are infectious. One moment youāre minding your own business, and the next, youāre digging out your hexeditor, your disassembler, and your debugger and deciding that clauses such as
āYou must not reverse engineer, decompile, or disassemble the the Software.ā
are essentially meaningless.
Woohoo. Now I have a Python library that makes this program so much more useful.
Itās on youtube, which offers variable speed playback. Running talks at 125 or 150% is often helpful. 200% tends to be way too fast so no 30 min version for you.
āIllegalā doesnāt mean āimpossibleā, nor āshouldnāt be doneā.
I laughed at thisā¦
may I suggest the video speed controller extension? You can process language faster than people can speak it.
Iām not sure if thatās true but the DMCA only applies in America anyway.
Iām streaming the talks on a second monitor while working.
in Germany itās the UrhG, here probably 69e (decompilation is allowed to achieve interoperability) and 95e (breaking copy-protection is verboten [if I remember correctly a court said that CSS is an āeffective technological measures to protect a workā])
decompiling the firmware was not really done for interop reasons and using a HW 0-day is not really a copy-protection but lawyers are flexible and creative 
Second monitors are great for this sort of thing. Even though I have a iMac 5K, the extra bit of screen space is still useful as a place to dump data thatās of secondary importance.
