VW_Flash VS git-bug

I did find an older VW "emergency start" product that claims to only work with Bosch MED17 and MED9, and I suspect it's using a memory-access primitive (either UDS or CCP) to release the immobilizer.

It's trivial to disable an immobilizer in software by re-flashing the ECU, yes, but modern ECUs have two strong protections against this:

* Cryptographic signature checking against update/re-flash payloads (I've done extensive research on these on VW Continental ECUs - https://github.com/bri3d/VW_Flash )

and an even better and more obvious protection:

* The ECU application software won't descend into the re-flash software (Customer Bootloader) unless the immobilizer is free (a valid key is present).

This is a lot of what helps to reduce surface area from an "emergency start" style attack to an AKL attack - now that the Customer Bootloader won't start without the Immobilizer being unlocked, an attacker needs to remove the control unit to flash it with a Supplier Bootloader exploit ( https://github.com/bri3d/simos18_sboot ) or physical access (BDM/JTAG).

This year I don't anticipate having much free time, so I'm trying to engage more contributors in side projects,

* Automotive ECU tooling, https://github.com/bri3d/VW_Flash

* DJI FPV forward/reverse/all sorts engineering, https://github.com/fpv-wtf

I've been working a lot with various folks using Discord and contributions are gradually shifting from me towards others, which has been great to see. As the old adage goes, teaching a project is truly the final form of knowing one - much harder than hacking alone, but ultimately more fulfilling.

When I started my automotive ECU journey my goal was to demystify the "tuning" scene for a broader software engineering community, and I think I've generally been successful at this.

This week, as most weeks, I split my time outside of the day job and my other hobbies and obligations between Discord collaboration, Ghidra, and VSCode:

https://github.com/bri3d/VW_Flash - Flashing tools for select control modules in VW MQB and now PQ35 platform cars. This week I'm working on old stuff: a simpler exploit chain for older Simos ECUs, as well as tweaks to expand support to older DSG control units used in PQ35 platform vehicles.

https://github.com/fpv-wtf/msp-osd - I pushed a rearchitect of this on-screen-display overlay system for DJI FPV Goggles last week that seems to have sorted out a lot of issues - I switched from just passing through the OSD drawing messages from the Flight Controller to a system where the video transmitter maintains the OSD character buffer and sends a compressed representation of the screen state. This makes the system much more robust to packet loss in situations where the Flight Controller sends delta updates rather than frame-at-a-time.

I only really started publishing Open Source projects a year or two ago, and while they're pretty much my worst code by any objective measure, I've met some great people and really enjoy working on these. It's fun making things that achieve a goal without so much pressure of deadlines, stakeholders, and competing priorities.

VW_Flash: https://github.com/bri3d/VW_Flash/blob/master/docs/docs.md . Modern UDS control unit flashing: Preconditions RemoteRoutine, Programming Session, SA2 Seed/Key, Workshop Identifier, RequestDownload, TransferData, ExitTransfer, Checksum RemoteRoutine, rinse and repeat. Pretty much the same for any UDS control unit. Other manufacturers have some little tweaks to the Preconditions and Workshop Identifier, but conceptually this is how UDS flashing works overall. Also contains examples of modern control unit encryption (rolling cipher for Temic DQ250, crappy XOR for Simos8, AES for Simos12 and up and DQ381) and checksums (mostly CRC based, some header-defined, some not). Crash course in SBOOT/CBOOT/ASW/CAL layout of modern control units.

That's pretty cool! I wonder how properly they were really signed - there are _so many_ mistakes even in systems that at least don't use an example key off the Internet.

The most common ones I know of are:

* Out-of-bounds write issues allowing "signature was validated" flags to be overwritten in Flash memory, like https://github.com/jglim/UnsignedFlash

* State machine mistakes, like https://github.com/bri3d/VW_Flash/blob/master/docs/docs.md - allowing Flash to be written again after it was already written, without an erase first.

* Filesystem parsing mistakes, like those in a number of VW AG head units: https://github.com/jilleb/mib2-toolbox/issues/122

* The use of RSA with E=3 and inadequate padding validation, like https://words.filippo.io/bleichenbacher-06-signature-forgery... .

* Failure to understand the system boundaries, like in the second part of https://github.com/bri3d/simos18_sboot where "secret" data can be recovered by halting the system during a checksum process.

* Hardware fault injection issues, as used in https://fahrplan.events.ccc.de/congress/2015/Fahrplan/system... .

Fundamentally this is of course, a very hard problem, since in the "protect against firmware modification" case, the attacker has physical access. But, compared to the state of the art in mobile devices and game consoles, automotive stuff is still way behind.

Here is link number 1 - Previous text "My"

No, this EPS control module is remarkably primitive even by late 2000s standards and several generations behind today's state of the art.

More modern control modules with a bit more resource available to them will use AES as the symmetric encryption (although there are also fixed-key XOR schemes and custom stuff used like this: https://github.com/bri3d/VW_Flash/blob/master/lib/decryptdsg... ).

The keys and even IV are usually fixed across a "model line" of ECUs, so once a decrypted flash memory can be extracted, this isn't much of a protection measure, but it's a lot better than XOR.

Then, in more modern control units, flash areas are also usually protected by both a checksum (usually some CRC permutation, although cute tweaks and random nonsense are common here too) and some form of digital signature.

I have been reverse engineering automotive ECUs for a while now - https://github.com/bri3d/VW_Flash . It's a nice change from my day job in enterprise engineering management, and I've met some fun people and taught several folks a lot of new concepts, which is always extremely rewarding.

My latest project has been reverse engineering the data-flash encryption in Simos18 ECUs. After some work, it oddly appears the encryption algorithm used is Mifare Hitag2. I'm hoping to be able to re-encrypt NVRAM channels soon, although the overall data flash "filesystem" / channel-system layout needs some more work before I am ready to release my findings.

3) For highly specialized applications, additional hardware is necessary. For example, on modern ECUs, often read/write access via diagnostic protocol is secured via encryption and signature validation, so to flash custom firmware requires a bypass of these measures. Sometimes this bypass can be via a vulnerability in the diagnostic protocol requiring no additional hardware, like on VW Simos18 , but other times the bypass requires manipulating the control unit beyond what the diagnostic port allows - custom serial protocol, specific sequences of GPIO manipulation, or PWM signals applied to specific pins.

Unfortunately github appears to be actively breaking the ability to use git-bug on large repositories (like nixpkgs):

https://github.com/MichaelMure/git-bug/issues/749#issuecomme...

True but getting less true by the day:

https://github.com/MichaelMure/git-bug

https://www.fossil-scm.org/home/doc/trunk/www/index.wiki

Only not having access to https://todo.sr.ht made me to recognize fully, that I don’t have any access to it. https://github.com/MichaelMure/git-bug suddenly looks much more interesting.

Neither do the issues support. But there is git-bug [0].

[0]: https://github.com/MichaelMure/git-bug

As a sort of spiritual successor to git-appraise, I've been working on git-bug[1] which support issues and will at some point support kanban and code review. There is a few notables improvements:

- CRDT-like reusable data structure [2][3] for true p2p workflow and easily create new entities (code review ...)

- bidirectional bridges to github, gitlab ... to ease the transition or just use git-bug as a complement of those platform

- CLI, terminal UI and web UI, for different taste and integrate into your tooling/workflow

[1]: https://github.com/MichaelMure/git-bug

[2]: https://github.com/MichaelMure/git-bug/blob/master/doc/model...

[3]: https://github.com/MichaelMure/git-bug/blob/master/entity/da...

> but that is for the development of the platform and network of Gitopia. For the end user the workflows remain almost the same for collaboration.

I have to disagree here. Accidental complexity in a system can have severe downstream impacts on end users, whether that be in the form of poor performance, unreliability, or just slow update cycles. It's not something you can paper over and completely hide from the user.

> Along with this the blockchain layer layer offers immutable, transparent and tamper proof versioning of code

Tamper-proof can be accomplished natively by signing [0]. receive.denyNonFastForwards and receive.denyDeletes[1] can be used to make a git repository immutable. Git commits are also already content-addressable. And transparency is achieved by just having the repo available for people to clone.

> along with the collaboration meta and augments the current collaboration flow

Could this augmentation not be accomplished by storing the collaboration information in the repo under a set of special-purpose branches? Like git-bug[2] or git-issue[3]? Coupled with GPG signatures and you've got your immutability, too!

> Along with this it enables us to provide a novel means to incentivize open-source contributions along with fostering a more decentralized approach for governance (even for projects), every token holder could have a say in the decision making, reducing the risk of undue influence by a single party, hence eliminating centralized control.

This one I'll grant you, but it's by far the least compelling aspect of the project to me. I don't think we're going to solve the centralization of GitHub by centralizing on a new plutocracy, I'd much rather see efforts towards full decentralization. There's nothing inherent to Git that requires that we all use the same set of servers.

[0] https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work

[1] https://git-scm.com/book/en/v2/Customizing-Git-Git-Configura...

[2] https://github.com/MichaelMure/git-bug

[3] https://github.com/dspinellis/git-issue

Regarding the issues, there are some projects like git-bug https://github.com/MichaelMure/git-bug trying to embed these sorts of meta-work into git.

Probably git-bug is closer to what Fossil does: It uses Git as a storage engine, and can coexist with your code in the same physical repository, but the issues don't actually show up as source files. Instead, each issue is a special branch (buried in refs so it won't clutter up git branch) that has zero common ancestry with anything else. So in theory you can poke at it with Git, but really, the Git under the hood is mostly an implementation detail, and as long as you interact with those files through the tool, it guarantees you won't have merge conflicts.

You might be interested by git-bug and https://github.com/MichaelMure/git-bug/blob/master/doc/model..., which seems to be exactly what you describe. (Disclaimer: author).