> "Since the Arbiter showed no ability to compare the settings to internal > clock settings, it suffered permanent damage when it was exposed to the > exploit." > > Permanent damage? As in components failed? No, I think a factory reset > would restore it to function.
You've apparently missed some of the details in the article; they specifically discussed this point. On many of these devices the corruption was to permanent storage. One GPS receiver had a permanent "divide-by-zero" bug, even after reboots, because the corrupt satellite elements were stored permanently. It's possible that there is no way to update the firmware at this point, because the device does not stay running long enough. (I've "bricked" one or two pieces of embedded hardware this way myself over the years ;). It would not surprise me if a hard "factory reset" would not erase the satellite orbital elements, since they're so important to correct GPS operation. Another GPS receiver stored the GPS Week Rollover count in permanent storage, with no way to reset it. Force this device to perform a week rollover, and it is useless unless you leave it switched off for 20 years. Sure these devices are still "repairable", but the expertise required means, at the very least, ship it back to the factory... So few programmers write code with malicious activity in mind. Even dedicated security software developers have a hard time thinking about every possible threat! And couple that with the pressure to "ship now"... -- Harald _______________________________________________ time-nuts mailing list -- time-nuts@febo.com To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.