proposals

Proposals for the Anti-Fraud Community Group. (by antifraudcg)
Add to my DEV experience Suggest topics
Source Code
Suggest alternative
Edit details
Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured

Proposals Alternatives

Similar projects and alternatives to proposals

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better proposals alternative or higher similarity.
Suggest an alternative to proposals

proposals reviews and mentions

Posts with mentions or reviews of proposals. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-08-03.
  • Hackers manage to unlock Tesla software-locked features
    4 projects | news.ycombinator.com | 3 Aug 2023
    This is the same attack (and same people who developed) faulTPM[1] that was previously discussed[2]. This article is the same people demonstrating that attack against Tesla vehicles. The paper[1] and previous discussion[2] address the underlying problems with AMD's Secure Processor (AMD-SP) that is embedded in their CPU SoCs and previously and more commonly known as Platform Security Processor (AMD-PSP).

    Unlike a web browser where W3C AntiFraudCG folk propose that websites would blacklist all impacted AMD-SP hardware and create massive amounts of e-waste[3], Tesla likely can't do much about this attack because Tesla (not users) would be responsible for a very expensive change of vehicle hardware.

    If it's not an easy-to-execute attack like faulTPM, there are more complex (but becoming more mainstream and cheaper) IC reverse engineering methods like polishing the die down to take photos of each metal layer and regenerating VHDL, FIB editing an operational IC to bypass tamper detection methods, etc[4].

    A security architect of the Xbox One presented a talk[5] a few years ago which provides some good background too. Largely the Xbox One has managed to avoid piracy because they made it economically not worth anyone's time to attack due to competitive pricing models versus high cost of attack. Similar to use of Denuvo for a month or two after release of a PC game, attackers aren't going to bother if their work amounts to nothing a month later.

    Hacking a Tesla to enable additional features is worth a lot of money, so the economics are quite different. It's also different economics for printer cartridges, "pay to enable more features or performance" network equipment, etc. The cost of IC reverse engineering / FIB editing attacks (or other future attack methods) will keep reducing. IC tamper detection features will get more complex. Perhaps attackers will even get an advantage once they can readily reverse engineer 3nm ICs and defenders can't do much other than implementing ever more complex and obfuscated IC tamper detection features and VHDL logic (kind of like a Denuvo situation in hardware).

    [1] https://arxiv.org/abs/2304.14717

    [2] https://news.ycombinator.com/item?id=35787195

    [3] https://github.com/antifraudcg/proposals/issues/19

    [4] https://www.youtube.com/watch?v=6390Zqca3Mg

    [5] https://www.youtube.com/watch?v=U7VwtOrwceo

Stats

Basic proposals repo stats
1
24
10.0
over 1 year ago

Popular Comparisons

  1. proposals VS torchdrive
  2. proposals VS fn.lc
  3. proposals VS openalpr

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com