Team 548 Einstein Statement
 

Team 548 has released a statement regarding the events on Einstein.

You can read it here, along with FIRST's official response.

Please keep this civil!

-Nick

Re: Team 548 Einstein Statement
 

You need to work on your url skills, how civil was that?

Re: Team 548 Einstein Statement
 

The statement is here:

http://www.usfirst.org/sites/default..._statement.pdf

Re: Team 548 Einstein Statement
 

Seems like the first thread he posted was deleted, and the new one has the incorrect link. Original link is here.

Re: Team 548 Einstein Statement
 

For additional consideration, from Frank:

Blog Date:
Monday, August 20, 2012 - 09:38
Hello Teams,

Team 548 contacted me recently and asked if I would be willing to publish a statement from them regarding the events on Einstein on the FRC Blog. You can find their statement here. This statement represents, in part, their Steering Committee’s understanding of events that took place during the Einstein matches. To be clear, there are some differences between this understanding of events and the events as presented in the Einstein Report. FIRST continues to stand by its report. (My emphasis).

Re: Team 548 Einstein Statement
 

A dozen people can watch the same bank robbery and provide twelve different accounts of what happened (and likely twelve different descriptions of the burglar's appearance).

Re: Team 548 Einstein Statement
 

It gets you thinking, though, doesn't it? Was banning him from ever participating in FIRST again really the right thing to do?

Re: Team 548 Einstein Statement
 

(At least) one match was tampered with knowingly and purposefully. I'm sure whoever made the final decision regarding consequences did not take it the least bit lightly.

Re: Team 548 Einstein Statement
 

Unfortunately, creating an interruption is not the way to 'make a point'. Sorry, I'm not giving anyone a pass on this one. You're supposed to listen to staff and volunteers, and this person didn't.

Good on 548 for coming forward, although the major discrepancies between their statement and FIRST's report still leaves questions for me.

Re: Team 548 Einstein Statement
 

I dont remember ever reading that he got a lifetime ban from FIRST.

Re: Team 548 Einstein Statement
 

From http://www3.usfirst.org/node/2426

Re: Team 548 Einstein Statement
 

I think it's a good thing 548 came out and said this. I very much hope that they stay a respected team in our FIRST community and continue to be successful. In regards to the individual, what's been said has already been said and I don't need to go into that. Great job 548, you guys have done nothing wrong in this process, and have my respect for coming out about it.

Re: Team 548 Einstein Statement
 

There are some major discrepancies present here. While not to start another famous "CD-Massacre" the report and this letter do not match up. I applaud 548 for coming forth with this, it takes a lot of bravery to do that. However, the information they have been given and the conclusions they came to simply don't make sense when you stack them up against the report and individual accounts of that afternoon.

Still, kudos 548 for at least making the statement in the first place.

Now we can move on a little more.

-Nick

Re: Team 548 Einstein Statement
 

Assuming 548's account to be accurate, what would have happened if he hadn't made his point? The field personnel appear to have brushed him off originally. There may have never been an Einstein investigation, and we never would have known what happened. We also wouldn't have known that there was a vulnerability, and as such it may have been years before it was fixed.

Because the individual did this only after attempting to interact with the field personnel, I feel his actions were entirely warranted and correct.

Of course, this is all predicated on 548's version of events being correct. It seems believable to me, primarily because FIRST was so vague in this area.

Re: Team 548 Einstein Statement
 

So, intentionally attempting to alter the course of the finals (or any match via interference methods) is okay to you for the sake of protest?

Wow.

-Nick

Re: Team 548 Einstein Statement
 

It's a slippery slope.

Before passing judgment on this, I had to ask myself 'Had he been listened to, would things have played out differently?'

I'm not sure of the answer, and in turn not sure how I feel.

Re: Team 548 Einstein Statement
 

I think he was trying to say that the action of telling the field personnel about the issue was theright thing to do. Or that coming forward after the matches was the right thing to do.




PS: ^ look at this Lawrence guy.

Re: Team 548 Einstein Statement
 

No. That would not be okay with me. However, a brief (three second) interruption that does not influence match outcome is.

Re: Team 548 Einstein Statement
 

The intent is okay with me too, don't get me wrong. But proving it on the biggest stage possible? That's not cool with me.

Even a three second interruption interferes with the outcome of the match. For many teams, it takes them only that much time to shoot three baskets.

^ Look at this Koscielski guy, he can't even spell my name right.

Okay, before this thread crashes, lets go back to praising 548 for saying "we're sorry."

-Nick

Re: Team 548 Einstein Statement
 

I think Nick is saying what most of us are thinking.

This mentor did not tell his team the full story, in my opinion. And this statement makes him look even worse (to me) because none of the other accusations that many are thinking about are addressed. Maybe he said this was the reasoning and that it only happened on Einstein and was a method of protest to protect team 548's wins last season? Maybe he did this at other events to gain competitive advantage? Those are my beliefs, and I'd like to see this same person address those beliefs. Even if he confirms or denies this, I honestly think more than just the Einstein teams deserve an apology. Yes these are bold statements, but I am perfectly confident that I am not the only one with these beliefs.

Kudos to the rest of 548 for releasing this statement. A bit late, but that is understandable. Yes you still have the support of other teams in FIRST (at least mine).

Re: Team 548 Einstein Statement
 

548 shouldn't have had to apologize. Regardless of what one individual did, he acted alone and not as a member of the team; whether right or wrong, it wasn't the team's fault.

Re: Team 548 Einstein Statement
 

I think they had to say something, I mean a lot of people knew it was a 548 member for a long time. They had to dissociate with the mentor in question.

-Nick

Re: Team 548 Einstein Statement
 

No. No. No.
There are any number of things which could have been done after Einstein to fix this issue. Don't fall into the trap of "he spoke up and was ignored so he had to make his point." There are plenty of ways to get "unignored" (later on) without knowingly sabotaging an event.

The existence of this vulnerability could have been made known, and fixed, after the fact. Suspecting that someone else is exploiting it, is not a valid reason for exploiting it yourself.

Kudos to 548 for coming forward, I expect nothing less from such a well regarded team.
Their team leadership stepped forward. They communicated the facts they have, without editorializing. They apologized.

-John

Re: Team 548 Einstein Statement
 

What you do reflects upon your team. If someone on my team had done this, you better believe I'd be apologizing for that person's actions.

I have a very hard time believing everything in 548's statement just because of this single sentence - "The actions of the individual were not intended to harm a team or alliance, nor intended to alter the outcome of the
matches on Einstein."

That's exactly what it did. Regardless of the intention, that's what happened. Teams were harmed, match outcomes were effected and the 2012 FRC season was damaged just to prove a point. There's a time and a place for this kind of thing, but not like this. Common sense - use it.

Re: Team 548 Einstein Statement
 

I am glad the they came out with this statement but there is way to much mitigating going on and it leaves a bad taste in my mouth.

I am hoping that its just because some lawyers told them to how to say it (after all it is a very litigious world) and not the teams true feelings.

Re: Team 548 Einstein Statement
 

Had he been listened to, I'm not sure the finals would actually take place, after they test his theory and likely at the time not know how to fix it. I mean, it probably took a lot of smart people A LOT of time to trace the actual cause of the FCA attacks to the field AP firmware.

-Nick

Re: Team 548 Einstein Statement
 

This is poorly written and a less than ideal admission of guilt.

Who is 'they'?

Re: Team 548 Einstein Statement
 

548's apology was exactly the correct thing to do.

This is the same "rule" that most organizations and companies have. If I were to talk onto a plane wearing a company shirt and start talking about something bad for the company, it reflects on the company. If I happen to encounter one of our customers and start having a discussion about our products, I'm required to file a report about the encounter.

In this case, an individual who could be identified as belonging to their team performed actions of which the community disproves. Whether or not the team made a public statement, enough people witnessed the incident to ensure that something would be said and spread via rumor. In such a situation, it would go directly against the team and many people would blame the team. By stepping forward as a team, publicly apologizing, and clearly stating that the individuals actions were not representative of the team, this team is performing the necessary PR to move past the incident.

All that said, I personally believe this was the act of an individual, and not something that was sanctioned by the team. I think it really helps to highlight the fact that poor choices can be made by anyone, even a 7-year veteran mentor of a well respected team. I hope this doesn't tarnish the team's reputation in years to come, and I really hope the immediate community they interact with at off season events, districts, and such maintains respect for this team through these difficult times.

Re: Team 548 Einstein Statement
 

While I don't like it either, the usually plural "they" is commonly accepted as a singular, gender-neutral pronoun.
I'm like you - I personally don't use it on principle, and I cringe when I see it, but it's not incorrect per se.
I don't know that it's poorly written - like SAM said, it reeks of lawyerspeak - and understandably so. This team has strong ties to its sponsors, as many do, and when people's livelihoods are at stake, you bet the lawyers are called in.

Re: Team 548 Einstein Statement
 

In this case, "they" refers to the individual who caused the interference. I could go into all the grammar, but in this case it's the best word if you want to keep anonymity for the person in question.

Re: Team 548 Einstein Statement
 

Presumably 548 was using "they" as a singular pronoun, to prevent revealing whether the individual was male or female.

Re: Team 548 Einstein Statement
 

I cannot disagree more. 548 did not have to release this statement at all - and I'm sure it was a difficult thing for them to write and distribute. But they chose to do it, because it was right, and that means it is time to put down the pitchforks and torches.

It takes balls to associate one's team or company with an incident like this. The team wrote and released this statement with the full knowledge that (fair or not) some people might look at them a little differently for a while (it's just human nature...and yes I am aware that a large portion of the FRC community already knew/thought they knew the team anyhow).

Hopefully now we can move forward.

Re: Team 548 Einstein Statement
 

Without locking down the entire field environment (i.e. banning personal laptops for driver's stations), how could FIRST prevent this type of issue in the future? This is more of an industry-directed question rather than a FIRST-directed question.

Re: Team 548 Einstein Statement
 

There are many ways to prevent this issue. The Einstein Report details FIRST's plans on how to secure the field.
Furthermore, it took twenty one years for someone to do this. I expect it to take just as long before the next incident.

Re: Team 548 Einstein Statement
 

Let's hope there is never another incident.

Re: Team 548 Einstein Statement
 

I'm going to agree with two of the posts in here just to clarify some points based on experience at one of my jobs (I help teach cyber security and ethics is a huge part of it).
This is absolutely correct, when you are doing security audits and penetration tests there are very specific rules of how you do things. And executing an attack during a very visible time is NOT one of those ways to do things.

(please note, all genders are generic)

THIS is the correct process, the person raised the issue at the time. It was not addressed. He should have documented his findings and sent them to FIRST. After giving FIRST a period of time to respond or fix the issue (think 6 months) he could have published a paper documenting his findings. At the end he should have included his original communication with FIRST and any steps they took or responses.


As it stands the person went from doing the right thing to being an attacker when they tried to "demonstrate" the vulnerability.

Re: Team 548 Einstein Statement
 

Correction -- it took only 3 years for it to happen on the field. The new control system started in 2009. Taking the report results and looking back, I believe one of my former students happened upon something similar in 2009 when he was figuring out how to wrap data into packets for use on a driver's station custom Java display. (For the record, he didn't tell us he found it and he graduated in '09. While his software was brilliant our robot had fundamental mechanical flaws that year). The problem I foresee is FIRST losing trustworthiness in any team that breaks a small rule on the field (namely, no cell phones for the guys who are the pit crew).

From an IT/IA perspective, the plans FIRST described in the report are vague at best, yet it's probably best that way. If we openly crowd-sourced amongst our intelligent community engineers to figure out how the FRC system could be vulnerable, then the companies working on securing the field would be better-equipped to understand what 0-day issues need to be addressed.

@Alec:
I too dislike putting my 6 vacation days, 100's of hours, and several dollars of support at the mercy of GP in such a competitive program. Yet at this point we should contribute to the solution rather than further highlighting the problem.

Re: Team 548 Einstein Statement
 

These are awfully harsh words. Remember that hindsight is 20/20. There will never be a day where nothing will have been overlooked, or every potential mistake will have been guaranteed against. FIRST is a volunteer organization, after all; they're doing the best they can. Although I agree with the general premise that blame isn't going to get anybody anywhere here.

Re: Team 548 Einstein Statement
 

Kudos to 548 for coming out and releasing a statement. I still love your team! ;)

Let's not rehash all of this again guys as we still don't know what happened. 548's report differs from FIRST's report but that doesn't tell us which one stands true at the end of the day. There were still other factors that played into this aside from the individuals action(s).

Re: Team 548 Einstein Statement
 

This is very much over critical of FIRST and the job they did with the FMS. Keep in mind, the bug was actually from a vendor-provided firmware update, not something FIRST developed on its own.

Companies fall victim to situations like this all the time. In FIRST's case, it results in a disrupted competition. For other companies, it results in stolen consumer credit card information, a hacked website that installs a virus or trojan on consumers computers, a defaced website in general, or any number of other "bad" things. No company is immune from outside attacks... why should FIRST be any different?

Re: Team 548 Einstein Statement
 

Remember, FIRST did not cause this. It was a bug in the newer Field AP firmware that created this security hole.

-Nick

Re: Team 548 Einstein Statement
 

Thank you, 548, for stepping up. Even though it wasn't the team's fault, it was the right thing to do, I believe.
It takes real guts to do that. I don't know if I could have done the same.
You didn't lose any of the respect I had for you. If anything, I now appreciate you more for coming forward, and I believe there are many others who feel the same way.

As for this discussion... I think it is too early to discuss this. All that could've been said about the field system was said when the report came out.
The things that can be said about the apology will now be all mixed up with emotions (namely anger from what I've seen in some comments). I think this discussion should be paused, and re-started in a week or so, so that everyone has a chance to think, relax, and digest.

Re: Team 548 Einstein Statement
 

Given this admission/apology, I do wonder how this may affect the status of 548's paid entry into the 2013 Championship.

Re: Team 548 Einstein Statement
 

I agree that I was a bit too harsh. FIRST has done great things with the cards they have been dealt. Unfortunately, there are limits to the reach of a volunteer organization, but when FIRST strives to be on the same level as sports organizations, they should expect the same scrutiny held to established "sports" by the general public.

Re: Team 548 Einstein Statement
 

Given that the mentor in question has been excluded from all future FIRST events, I would hope the paid admission to the 2013 Championship would continue to be extended to 548. This team was hurt just as much as the 11 other Einstein teams.

Re: Team 548 Einstein Statement
 

I think that 548's Steering Committee did a good job at responding to and handling the situation. Any mentor or student on a team is a representative of that team and officially associated with the team. This isn't just because you're wearing a team's t-shirt or branding, it's also because students and mentors officially register with a team through FIRST. If an individual on a team is involved in a negative situation, the leadership of the team is brought into the situation as well (ex-Football and Basketball players acting inappropriately).

Jon made a good point:

I'm glad that FRC 548 has come forward and publicly apologized for the actions of the individual. I hope this will help to diffuse any potential negativity that could occur at future events towards students and mentors on the team.

As for the individual, Jon and Andrew make great points:

Renee

Re: Team 548 Einstein Statement
 

I just wanted to thank 548 for taking the courageous step of publishing this piece. Having committed no fault of their own, they've admirably given our community further impetus to move past the individual's conduct and embrace the challenges and opportunities this situation has exposed in our future. We owe it to ourselves honor just that.


I am impressed with the general tone of this thread in this point. I hope our students --and adults -- can continue to learn from the commendable behavior of 548, all the Einstein teams, and everyone involved in the invetigation. (Certainly some in their echelons may still be recovering, but hopefully this helps the process on tragically affected teams.) I know I will work to develop and retain this culture change, and while I hope we can avoid or preempt such incidents in the future, I believe we'll be better equipped as a community if we must handle one again.

Re: Team 548 Einstein Statement
 

No, they were the only alliance NOT hurt.

Re: Team 548 Einstein Statement
 

Any team that participated on the einstein field played on a field that had become a tarnished playing ground. They may not have been interfered with directly, but being involved with Einstein must have been a heartbreaking experience. Can you imagine being on the field, not knowing if your robot was next to go down?

Re: Team 548 Einstein Statement
 

The actions of a single person does indeed reflect upon a team, but in this case it is very clear that this person acted alone. Certainly an error in judgment to take that action.

Team 548 is a class act all the way. Every family has its Black Sheep, so I do not put any blame on the team. So, their coming out and issuing an apology was above and beyond the call of duty.

Re: Team 548 Einstein Statement
 

Of course they weren't. Why would the mentor use his/her own team or alliance partners as the target for making a point? He/she wouldn't. Whether they knew it at the time or not, 548 received an advantage over the other teams, just for this alone.

Re: Team 548 Einstein Statement
 

People pushed & pushed for "the team" and/or "the person" to finally come forward, and I really hope that we can leave it at 548's statement. It may not be 100% what everyone dreamed of... but I don't think anything will ever make the situation right.

The team could and SHOULD only have issued their understanding of what happened, which means they are 100% reliant on what the mentor told them happened. Whether the mentor told them the entire truth or not, what are we so worried about? The person is banned, the vulnerability fixed, tons of more issues were found and tediously documented, so lets move on. People that are worried about "discrepancies" are you looking to call the team or the mentor a liar? What good does that do? Or are you legitimately interested to know if there was "a second attacker"? And if so, are we just on our next witch hunt?

I'm not sure people are fully understanding the team's statement. I pieced this together long before the team's statement, and I'm not sure people are getting it...

I'm going to stop dancing around the numbers/"vaguery"....
Translating into english... When 118 went down, the individual assumed someone else was using the attack they knew to be possible. They thought THEIR alliance was being attacked...
How frustrating would it be to think that your alliance was denied the opportunity to compete fairly because of a security hole? They thought 118 had been targeted and that they had lost a key part of their alliance to this attack. Just putting myself in the mentor's shoes I can see how heartbreaking and distraught I would feel. We have all said numerous times that the frustration with this whole thing is that so many of us feel that the Einstein teams never got a "fair shot" to see who really could have been the winner. In that exact moment, this mentor really just wanted a fair shot... perhaps an opportunity at a replay with the bug fixed, or attacker identified... but when the mentor was asked to leave and disregarded, the mentor had no idea what else to do.
548 acknowledges that this was a poor decision, and we can all see how it most definitely was the wrong way to go about it, but even I can acknowledge that being in the same exact situation, the thought would cross my mind. But I would hope even in the heat of the moment, I would make the right decision and let it go. But with how heated debates get here on CD, I would be willing to bet that probably 10% of the FIRST population may have done the exact same thing if they were put in the exact same circumstances and had the exact same knowledge. I'd like to say I hold us all to higher standards, but many of us crack under pressure and none of us has made the absolute right decision every single day of our lives.

I don't think this person was doing it to intentionally harm an alliance or to prove their ultimate hacking skills... I think it was a sad, last ditch effort to get the attention of FIRST and get their alliance "a fair shot" at competing.

Lets let go of the details and all move on. The issue has been fixed, the team has come out into the open & apologized, and many other good things have resulted from all of this. So lets focus on moving forward.

Re: Team 548 Einstein Statement
 

Kudos to 548 for coming forward and releasing this information. Don't worry, we still love you guys, and if anything, respect you even more for doing a difficult task such as this.

Also, I would like to wholeheartedly thank (even though I may get some crap for this) the individual who caused all of this. What he/she did was a good thing at the wrong time, the worst time. However, I'm going through this with an optimistic viewpoint. From what I'm reading, this individual's best interest was to show the problem to the FTA before it became a larger issue (based on the claim the individual saw some other interference). The individual also came forward to FIRST and admitted to the crime committed, as well as cooperated with FIRST to identify and ultimately come closer to solving the problem.

How the individual effected Einstein was devastating to the students who worked hard to get there, but I believe it wasn't done with a cruel heart. From what I hear, this mentor was a fun and enthusiastic person geared towards inspiring and teaching today's youth, exactly what an ideal mentor would be like. Life banishment from the place where he can help and inspire students is probably one of the worst ideas ever. Maybe a temporary banishment (a few years or so) to let them think about what they've done. And then if Team 548 wants this mentor back, I think he/she should be allowed back, to continue inspiring and teaching students.

What the individual did is completely terrible, but is it something forgivable?

Re: Team 548 Einstein Statement
 

...but being involved with Einstein must have been heartbreaking experience. Please read the entire sentence ::rtm::

Re: Team 548 Einstein Statement
 

Because there were no other issues on Einstein outside of the intention act of interference?

Re: Team 548 Einstein Statement
 

Even though you seem to be aware of the weight of your words, I think this indictment of Team 548 is too harsh. Your conjectures bring into question the integrity of their entire team, which I don't think is warranted. Especially considering that they apologized to the community as a whole in one of the most public manners they could manage. I truly hope that there are not many "with these beliefs," as it would indicate to me that the community has lost faith in the integrity of its peers, regardless of their reputation.

Otherwise, Kim's statement accurately sums up my thoughts:

Re: Team 548 Einstein Statement
 

Disclaimer: The following is a hopeful opinion which is not proven. This disclaimer takes the place of all references to the fact that this is only one potential version of the situation, but deserves consideration nonetheless.

I can't really get mad about the "discrepancies" because I don't think the team statement is intended to be that deceitful. The series of events before the purposeful interference as we know them sound very emotionally stressful to the individual. High emotional stress inherently leads to poor judgement, and, in the long term, poor memory and recall. Even before he/she got busted, I'm willing to bet it would have been hard for him/her to recall the whole story. After the release of the Einstein Report, and the individual's subsequent ban for life, his/her story becomes shoddy at best. This is compounded by the possibility that the individual tried to convince him/herself that he/she isn't as guilty as he/she really is, leading to a real belief that is different from reality. By the time Steering Committee was told the story, it was probably far diverged from the truth.

On the other hand, the well-documented unreliability of witnesses probably means the Einstein Report's version isn't all true, either. Like so many things, two sides of the same story are neither the truth nor lies, and the reality lies somewhere in between them.

A couple other things:
1. There are plenty of ways to make a statement. The decision the individual made was THE WRONG WAY to do so. I'm not directing anything at you or disparaging your opinion, because you're largely correct. My comment is that voluntary manslaughter (provocation) isn't murder, but it's still not permissible. Being mad doesn't give you any and all rights you want, especially when you don't know the full story (and actually have it wrong).
I'm not comparing the magnitudes of each situation, just the framework. I'm also not calling the individual a murderer at all, I truly believe this was a good individual who made a bad choice.

2. Is it really one of the "worst ideas ever"? It's harsh, but you have to set a precedent and say "This is not acceptable in FIRST."

3. Not yet, it seems. But that doesn't mean it will never will be. After a while, everyone can look back differently.

Re: Team 548 Einstein Statement
 

I'm gonna have to totally disagree with this statement. The team should have only apologized and left it at that. No other information was necessary. There was no need to add to the discussion of what happened.

Re: Team 548 Einstein Statement
 

Yes it's forgivable if the person is honest and truly seeks forgiveness but it is not just about forgiveness. The penalty needs to be so harsh that no one ever considers doing something like this again.

Lifetime ban is not only appropriate it's necessary.

Re: Team 548 Einstein Statement
 

I did read it, the first time. :)

Re: Team 548 Einstein Statement
 

I simply don't believe the "protest" idea. The attacker could have indefinitely delayed the match by disconnecting a robot before the match itself started. This would have been an equally effective protest, but would not have risked affecting the outcome of the matches.

Re: Team 548 Einstein Statement
 

That is my opinion as well.

Based on multiple other reports, I'm going to give little weight to what the now-banned party says happened, and I'm not going to apologize for that. But I will accept Team 548's statement at face value, put it behind me, move forward, and strongly encourage everyone else to do the same.

Re: Team 548 Einstein Statement
 

Lack of grammar is not the only way something can be poorly written. It's poorly written because it is not explicitly clear who is being referred to. Not explicit enough for the circumstances.

It makes no sense why anyone should talk about forgiveness since no party here has sought it or made extremely explicitly clear who is at fault.

On a personal level, I find the use of words like 'unfortunately' in an apology to be less than genuine. Stating the intent of someone while simultaneously not specifying who that it is we are talking about is laughable. As is the double standard of an individual not representing a team at a competition, but we're all such loyal team players to preserving anonymity.

On a related note, genuine apologies are rare in our society, so it is with a complete lack of surprise that I find many cannot identify one or misidentify it. Ah, but I digress.

Re: Team 548 Einstein Statement
 

I seriously doubt the use of improper grammar is a big deal. Let us not forget that the party apologizing is not the party at fault. If I tell you the "individual" is John Smith* of Team 548, is that better on any level than if I say it was a member of Team 548? You answer that. If you think the apology is "less than genuine", take a line from Taylor, one he used on me regarding this very subject:

"I've found that being outraged on behalf of others is often a misuse of energy."

Whether you're mad at the Robostangs, the singular individual, FIRST, or life, lamenting about the state of the world's apology writing is not going to help.

*I don't know if there is a member of Team 548 named John Smith, nor do I intend to accuse anyone on the team of being the anonymous individual.

Re: Team 548 Einstein Statement
 

My post was and is only directed at this one mentor. Not the entire team, I praised the rest of the team for their apology. I am not questioning the integrity of 548, I am continuing to question the integrity of this one mentor's words.

Re: Team 548 Einstein Statement
 

Sorry, I guess I misread/misunderstood the intent of your post then. The point about protecting Team 548's wins made me think you referring to more than just the individual.

Re: Team 548 Einstein Statement
 

I am a bit disappointed by this sentiment for two reasons. First, a lot of the data in the Einstein Report is inconclusive.

This statement, directly from the report, essentially states that the exact number of times the individual from 548 made his or her attack cannot be known, because the logs no longer exist. It is perfectly "plausible" that another individual repeated the same attack elsewhere in the dome, or some sort of other interference occurred.

Secondly, whether the individual made one attack or 100 attacks is a moot point. The individual's actions (regardless of intent) were malicious and he or she was punished accordingly. The job of the CD community is not to further scapegoat the individual for more attacks than he admitted to, as no proof exists. Instead, we should collectively be accepting of 548's generous apology (one they by no means had to provide) and we should all encourage FIRST to try and eliminate dead robots (due to control system failures) almost completely by 2014.

Re: Team 548 Einstein Statement
 

I for one am quit satisfied with team 548 statement. Team 548 is also a victim in all of this. Having a "mentor out of control" can tear the guts out of a team. You have scars inside and outside of the team that takes years to recover. It is time to let team 548 work thru this and end this thread.

Re: Team 548 Einstein Statement
 

If your car breaks, do you blame Delphi? Unless you are a huge car dork or work for an OEM, probably not. There are plenty of examples in modern industry where the supplier is the cause of an issue, but everyone still points the finger at the final assembler. Since it is your brand attached to the final product, you've got to ensure that you want your brand on it, even if you didn't build all the parts (and these days, no one builds all the parts).

This is absolutely a bridge too far. Ethics are important.

Re: Team 548 Einstein Statement
 

I want to echo this point. By the mentor's own admission, he used the attack, but why should we believe his admission of guilt isn't the full story from his perspective? Every single one of us has been looking for someone or something to blame for what happened on Einstein. The full report has brought up a multitude of points of failure during the finals, and its really not hard to believe the answer to all of this is not as simple as blaming this all on one mentor. As soon as news broke that there was an attack during play, all of the failures on the field were attributed to that. But things just aren't that simple, and we discovered how many root causes for all the different problems there really were. But I firmly believe we still know far too little to place all of the blame on this one attacker. With thousands of incredibly smart people in the dome, its entirely possible that someone else used this attack, whether or not their team was on einstein, and whether or not they were fully aware of their actions.

We've heard 2 sides of the story so far, and unless someone would like to point out something I missed that puts them in direct conflict, I think it's only fair to evaluate this based on what we know.

Everyone was feeling a lot of emotions at the moment, and the attack in response could have been from a moment of desperation. I'm not condoning what happened, but I am trying to understand it.

Re: Team 548 Einstein Statement
 

Malice is entirely dependent upon intent, I think 'destructive' might be closer to what you were looking for.

Re: Team 548 Einstein Statement
 

Two thoughts:

1. I can't imagine what next year will be like for the rookie members of 548. How does that conversation go?

2. I've yet to see a post from any of the directly affected Einstein teams in this thread (There is one on the first page from a Robonaut; it points to the article and offers no opinion on the subject). My first inclination is that they are coming together privately as teams to determine exactly how they feel about it; when they've grokked it in fullness, they'll make public statements as they see fit.



My second inclination is simply there's nothing left to say.

Re: Team 548 Einstein Statement
 

I'd like to start off by thanking the Robostangs for their statement. It takes a lot of guts to put yourself up in front of the Chief Delphi community. Your team still has as much respect from me as it did before.

One thing that no one has really thought of is the affects this has on the students that are part of that team. Regardless of what actually happened, how do you think they feel? I know that if one of my trusted mentors did something like this it'd take a long time for me to hold my head up high at a competition again.

Arguing about whether or not the individuals acts were in good taste is pointless, nothing we say or do now can change what happened on Einstein. The same go with whether or not 548's apology was written by lawyers. Does it matter in the grand scheme of things? It is, after all, still an apology to the community.

DISCLAIMER: This post is filled with my own thought's and opinions and does not necessarily reflect those of my team.

Re: Team 548 Einstein Statement
 

http://www.chiefdelphi.com/forums/sh...04&postcount=5

Bolded for emphasis.

Re: Team 548 Einstein Statement
 

No one ever notes a problem again?

No one ever clicks on a list of networks again and misses the button?

No one ever asks why documenting issues has to reach the public level?

No one is ever curious again?

No one ever considers using this particular ISM band again like this?

I would feel much more comfortable with harsh punishment if you couldn't trip over this.

Re: Team 548 Einstein Statement
 

The issue wasn't what you listed... the issue was the intentional interference with the game play. All the items you listed are something an individual can pursue, so long as they do so appropriately. Doing so during a match is not appropriate.

Re: Team 548 Einstein Statement
 

I also work with security and I agree.

Unfortunately the back story in this case seems to flow in a direction that you'd end up making the public report.

I and others I know have since submitted concerns and vulnerabilities to FIRST and frankly no one I know has received so much as a confirmation e-mail.

So what this will lead to is a pretty serious problem. FIRST has an investment in this control system for a while and that while definitely includes this upcoming year.

I know for a fact that these vulnerabilities remain and their mitigation procedure will not address them so long as the control system remains essentially as it is.

In 6 months if I publish my results publicly I can't with a straight face ever look at a hard to explain robot failure and not assume that I provided the core bit of knowledge that someone of less skill used to possibly cause that.

This is a very bad situation. It does not excuse the interloper at all. It may not have been apparent to the interloper they would face this additional level of inertia in handling the security issues.

There have been moments in my long involvement with FIRST that I felt I was utterly and sometimes quite wrongly ignored. Even that said I can think of a dozen ways in 1 minute that I can get my point across without using Einstein like that and compounding the existing issues with harm to every aspect of FIRST.

I appreciate curiosity but I appreciate the value of the scientific method to satisfy that curiosity. There was no careful control for this experiment and therefore it's not an experiment. What it really is a bunch of intelligent people chasing individual agendas not working *together* and in the process making the situation much worse.

Worse Einstein has become the distraction for who knows how many other possible interruptions that could have been caused accidentally or with intent. There's nothing in that report that closes that door, worse the lack of logs literally blows that door wide open.

Re: Team 548 Einstein Statement
 

Let's consider that.

The real fields are almost only available during competitions.

This leaves I suppose the initial practice matches before the actual competition venues.

One of the items I listed you could do quite utterly by mistake (I'm not saying this person didn't have intention to try it, I'm just saying we have no idea how many other people did that by mistake).

Re: Team 548 Einstein Statement
 

You could also approach the FTA and say, "I know you're busy, but could you leave the field up for a few minutes at the end of the day? I've got something that you need to know about." You could also try in the morning before matches.

Let's think about it this way: You have a practice day (well, if you aren't in the districts, you do--even then you have some practice time). Do it to your own team then, it doesn't affect anybody else then--just make sure your team knows you're doing it. Typically, there's about an hour before matches start on any given competition day (depending on opening ceremony start time in relation to pit opening time--don't try anything during the ceremony!). And there is often a couple hours at the end of the day, with the exception being the last day.

If you think that there is a problem with field vulnerability, or other system problems, Do Not Wait. Talk to the FTA during any of those "down" time periods--or ask in a shorter break, say between matches, if you can demonstrate the issue during them. If you are invited to demonstrate it, that's when you should do it--during lunch may also be an option. You can bet that if the vulnerability issue had been demonstrated to an FTA before Einstein, it would have been fixed or blocked before Einstein--it's one of those cases where "one guy knows, so we don't know how many others know".

Re: Team 548 Einstein Statement
 

I agree with this completely.

I disagree with this. The level of testing required to deal with the interloper's actions was/is really beyond what I believe is practical for field testing. Having now setup and broken down a field for this year's competition 2 times I can not see how sufficient time and resources would be available to scientifically and properly do anything more than trip over the solution.

Great if they trip over it. Not so great if they don't.

Additionally I can demonstrate additional issues right now. I know for a fact that several FIRST people know about them. Following only the reporting advice to e-mail the address on the report a person would literally be left in a vacuum. I have made it a point to make this harder to ignore because I expect that someone will do something about it. I'm growing ever more concerned that is not the case.

By September FIRST is hard at work generating the documents and written parameters for 2013 in their final form.
It's now August 21, 2012. So logistically when and where is this exploration going to get done?

Re: Team 548 Einstein Statement
 

I will open by sharing that I feel good about the way FIRST has conducted themselves throughout this process. I believe that FIRST and the volunteers who participated in the investigation have demonstrated FIRST's values of Gracious Professionalism and Coopertition.

FIRST has shown respect for all of the individuals involved and the FRC community in their transparency and communications of the process and outcomes. They have investigated, learned and put plans in place to correct and improve their hardware, systems and processes. They have maintained their integrity and sensitivity to the Einstein teams and the FRC community throughout the process.

What concerns me about some of the FRC community's response and the FIRST FRC Team 548 Einstein Statement is what it reveals about the FRC community's culture. I have read some comments in this thread suggesting that the interference of the Einstein matches was somehow excusable or justifiable. After reading the report, I come away with the sense that the document actually minimizes the egregiousness of the action.

Certainly folks may and should be forgiven for failures. However, that does not remove the consequences, nor does it restore trust.

GP means that we compete like crazy and at the same time play fair, maintain our integrity, while showing respect for our partners and opponents. I know that there have been times when I have not been a gracious professional. When I recognize it, I admit it, apologize, ask for forgiveness from the person I offended and resolve to do better. I see something like that in their statement and I hope that they do come out of this stronger and better.

But ... what does it say about our culture that this happened and that there are attempts to excuse, justify or minimize it? I would echo what someone said in a previous post, albeit perhaps in a different context. We still have a long way to go.

Re: Team 548 Einstein Statement
 

No one decides to bypass responsible disclosure (one method is mentioned earlier in Andrew's post) and takes it upon themselves to demonstrate vulnerabilities during competition matches again.

EDIT: whoops, there was a 6th page and at least two people already said relatively the same thing:o

Re: Team 548 Einstein Statement
 

Starting today it's been 30 days since I sent my first e-mail about this.
6 months is the end of January 2013.

If I follow through with the 6 month process as it stands now I'll be giving the next interloper the perfect window of opportunity for 2013 by publishing in late January. FIRST who might do nothing with the knowledge till then would have little time to react. Worse FIRST will have solidified all their purchases and shipped all the kits of parts.

Suffice it say I'm not thrilled with this. Worse even if I don't point it out then depending on a number of likely factors these exploits will be readily available to any interlopers that we don't know about if they've stumbled on them.

If that's not a house of cards I don't know what is.

So if I publish that information I risk FIRST responding by sanctioning me.
If I don't publish that information who knows if or when it'll get exploited.

For those who get the reference:
'The only way to win is not to play' and unfortunately I don't mean looking for security problem.

Re: Team 548 Einstein Statement
 

I think a lot of people want to believe FIRST is a utopia where everyone is good and would never do anything wrong simply because we are all participating in a great activity. As such, incidents where bad things happen can be trivialized because people will think "Oh, there must have been a misunderstanding here, so and so would never do anything to harm anyone", when in reality FIRST has bad apples just like any large community.

Re: Team 548 Einstein Statement
 

It doesn't have to be exactly 6 months. One might contact them and say "I will publish these findings on X date unless this is followed up with and another effective course of action is carried out". I don't think anyone here would be against one who did that, or support the powers that be for sanctioning such an individual. The point is that it is responsible disclosure.

Re: Team 548 Einstein Statement
 

I understand your point. However, the issue remains. FIRST, not just your robots, the entire contest is a problem too big for the time it's given.

August leaves 10 days.
September they build the documents and the rules.
October and November they setup the kits of parts.
December is anything that rolls over and of course countless holidays.
January, February and March is already too late.

So in reality I've disclosed them to FIRST now.
If I wait until after next season who knows what might happen.

If I levy that sort of consequence on FIRST what might they do?
Cause clearly other people have openly declared risk before that was not mitigated.

It's not just about shifting a few days. It's about the body politic.

Re: Team 548 Einstein Statement
 

You took the number 6 months entirely too seriously. I quite literally pulled that number out of thin air just to let people know that 2 weeks is NOT an appropriate period of time. Obviously publishing just before another round of competitions might not be good. But I was assuming that if a person is intelligent enough to discover the vulnerability and be wise enough to know how to go about exposing it they would have SOME common sense. I guess that's asking too much from people though.

Re: Team 548 Einstein Statement
 

I think the 548 statement was the right thing to do, they should be proud of what they did.

I would also like to point out that I see FIRST as a "sport". Back in high school I was on the varsity football team and there was some "cheating" going on there too. But I would like to say that I have seen more backstabbing in FRC than I did in football. People are people and that will never change, if you have a person who is willing to talk behind your back, then they will do it in FRC too. I had some team-mates who are my friends do this to me and it really hindered the way people see me, and still do to this day. But I am working hard to fix it still almost 3 years later.

Re: Team 548 Einstein Statement
 

Common sense is anything but. After all so many wish so many others had it.

This is a situation in which you have on one hand a vulnerability and a certain set of skills, resources and knowledge to outline it.

The other you have an organization pushed to the limits exposed to that vulnerability and perhaps not inclined to deal with it.

There's no reason...literally at all...to expect that I or any other researcher have the ability to influence FIRST corporate. That's the point.

The implied threat of exposure is a weak threat with FIRST because FIRST is a corporation with hundreds of thousands of kids impacted by it. You're not just costing their corporate bottom line or reputation. As all of these similar topic represent you're messing with the kids and it's not one step removed like disclosing some banking data.

Unfortunately this matters. There are too many disclosures I'm aware of and the costs on the other side of that big stick are too great.

Re: Team 548 Einstein Statement
 

In my experience the notion that FIRT doesn't listen to people is incorrect.

The notion that one is threatening FIRST with disclosure is incorrect as well. FIRST should want to fix this issue (if they aren't there are other issues that are completely irrelevant to the discussion) and by letting them know you plan on publishing the findings at a later date you are simply being courteous and giving them a chance to fix the issue before it becomes public. No threats implied at all.

Re: Team 548 Einstein Statement
 

No one I know that has so far commented has gotten so much as an auto response (a courtesy).

In 17 years my experience calling the FIRST switch board is dismal.

Asking questions in the actual Q&A forum has often been criticized above and beyond this point (to the point I know people who intentionally avoid it).

My experience obviously differs from your own.

You might consider it not a threat to make such a disclosure with lots of time to resolve it, but under the current circumstances I see nothing, at all, that prevents FIRST from viewing your eventual disclosure as an open challenge to their authority.

Right on topic the last person that pointed out something was asked to leave.
One could argue that it would have been subsequently followed up.

However, no where in any discussion that I have seen (or the reports) did it indicate what the process for that follow up was or was ever outlined to the reporting party.

So I bring this back full circle. There are disclosures of issues I am aware of. What is the process by which these courtesies are reciprocated? I posed that same question weeks ago as well.

Re: Team 548 Einstein Statement
 

One perspective that I think has not been brought up, that I think deserves attention is the competition rules. [T14] states:

"If a team needs clarification on a ruling or score, a pre-college student from that team should address the Head Referee after a field reset has been signaled. An team signals their desire to speak with the Head Referee by standing in the red or blue Question Box which will be placed on the floor at each end of the scoring table. Depending on timing, the Head Referee may postpone any requested discussion until the end of the subsequent Match."

While that does not mention the FTA, it is the closest thing I could find to how an official interaction is made concerning the results of a match. I'm not saying this would have affected how staff reacted but I'd like to point out that, from my interpretation of that rule, the proper way for the mentor to bring this up at the field is not at all. If (s)he wanted, (s)he could have revealed this vulnerability to a team member, the team member would have stood in the question box and voiced these concerns with to the Head Referee, who would (hopefully) confer with the technical staff present, and things could have played out differently. I'm not saying they necessarily would have, but we do have rules about who engages field staff, it clearly indicates that only pre-college students may do so, and I know, when I'm volunteering on the field, I would rather talk to a student than a mentor.

Re: Team 548 Einstein Statement
 

I've been watching this thread with much interest lately, and a few interesting points that (I believe) have not been addressed are still fresh in my mind.

First, aren't we forgetting the second person who brought down communications? The story that is corroborated both by the 548 mentor and the official report implies that there was a second attacker, who interestingly attacked the wifi network only after the 548 mentor did his three second demo attack. Most people appear to be assuming that the 548 mentor did all of the wifi atacks, which just doesn't appear to add up. Why did the second attacker act? Did they believe something similar to the first attacker, that they were being attacked? Or did they simply have a malicious intent?

Second, was there institutional knowledge of this security hole? It appears that at least two (and probably more, if this thread is any indicator) FRC members knew of this specific hole. Did no one on the official FRC team know of this? This seems unlikely to me, but depending on the extent of the knowledge of this hole, it certainly could be true. If so, why didn't they attempt to patch it? If not, does this point to an institutional problem in a lack of focus on security? In either case, more needs to be done to recognize and address future security holes.

Third, why did we never learn about this hole at Einstein, where it's relativity unlikely that two separate people coincidentally used this technique to bring down a match. Were there smaller incidents at regionals and division championships that simply did not get noticed until Einstein? Were people with knowledge of this quite until then, or simply unnoticed? And why did a thread never appear on CD with information about this? Surely, unless there was malicious intent, any loyal FIRSTer would rather report this than use it in a match. Were malicious (or simply very quite) people the only ones who ever knew or suspected a exploit of this type?

Hopefully, my questions were constructive and not offensive. I'm just a little surprised that I've never seen them asked or answered yet.

Re: Team 548 Einstein Statement
 

You are forgetting one thing: T14 ONLY addresses Ref interaction! So your interpretation is that the head ref is the only person on the field that questions can be asked of. Have you or any member of your drive team asked a field resetter anything? How about discussing why your robot isn't connecting with the FTA or FTAA? I'm so sorry, but by your interpretation, you just did something illegal. Move along, you can't discuss that with that person.

Now, would it have been helpful to send a message by that route? Maybe--but that involves a) finding a student who isn't trying to fix something and b) having said student wait until they could get the head ref's attention. Then the head ref has to decide that it's important enough to call the FTA or FTAA away from whatever he's doing (probably trying to fix the problem with 118, in the case of 548's matches), oh and did I mention that by now it's second-or third-hand informationsuspicion (which, if you're paying attention, you may have figured out that that's roughly equivalent to a rumor). In other words, chances are fairly high that going that route you'll either be ignored, or if you do get through, the FTA will want to talk to the originator (in this case, the mentor), and we're right back where we started.


@DampRobot: I didn't pick up the implication of a second person involved in the official report. I got that only from 548's account. Also, a 3 second attack like that one would result in needing to reconnect the wifi, which can take a little bit of time, regardless of if there's another attacker or not. I think a lot of the questions you have are going to be very difficult to answer without putting people under suspicion of cheating or of total ignorance, either of which I'm reluctant to do.

Re: Team 548 Einstein Statement
 

While you bring up good points, are you underestimating how difficult this was to purposefully discover and/or how lucky you'd have to be to find it? I honestly don't know, but as I understand it the Cisco firmware with the hole only implemented in Week 4, and even then only manifest in one of the D-Link revisions. While FIRST tested the new firmware thoroughly for the issue it was meant to address, it's not so surprising they didn't test for FCA (page 7). Conceding (as the wireless experts did) that it's not an obvious issue to test for, I'd be somewhat surprised if FIRST officials managed to trip on it in the intervening weeks. Granted, this definitely isn't my area of expertise.

I missed any implication of a second person in the Report. Where are you referring?

I certainly don't take T14 to be the only allowable interaction (having talked to enough FTAs in my day), but it is the only guaranteed interaction. While I've never done it on Einstein, I head refs--even busy ones--seem listen to polite students in the box. I think you'd be hard-pressed to find a ref that wouldn't listen twice to "I know what's wrong; please let me show you how anyone in the stadium can shut down any robot on this field". As I understand it, the demonstration is rather quick (pull up the network list and show you can send a client authorization). If so, the student could show this directly to the ref for added clout.

I know what's done is done, but hopefully an earnest examination will help anyone thinking of doing something like this in the future. No matter how helpless you feel thinking someone else is targeting your team, there are always other ways. In fact, you can't count on anyone even listening to you, much less getting a replay, if you try to interfere yourself. (Not that this is the key reason against interference.)

Re: Team 548 Einstein Statement
 

There was no evidence of a second attack. The original attacker suspected that other failures (for known and documented reasons) were being caused by the attack method that had been discovered. As to the three second attack, please read the report again! Once a device had attempted to communicate with a robot, the disruption could last the entire match. The attacker could easily move on to another robot(s) after the first disruption.
Also note, the robot remained connected to the field and in those cases where the team was using video from the robot, all status and video continued to be displayed at the driver's station. The robot was connected, just the command link from driver's station to robot was interrupted.
There was no knowledge of this weakness prior to the mentor coming forward and explaining what had actually taken place after the Champs. The mentor was observed on Einstein doing something suspicious with a phone. Anyone repeatedly punching a phone within feet of Einstein while a match is going on is suspect because they are not observing the match at hand. However, the problems did not take on the typical signs of a DOS attack. Had anyone been knowledgeable of the hole (or if the problem had been communicated to the engineering staff), a simple revert to previous firmware, a change in wireless access points on the robot or a combination of the above would have simply fixed the issue. Those changes could easily be made during other closing ceremonies.

If others knew or suspected an issue at other events, they did not come forward with that info. The Einstein Investigation had a clear set of goals and that was to determine what caused so many failures on the Einstein Field. We were not tasked with investigation outside of Einstein and the twelve robots involved in that part of the competition.

To be absolutely clear, there are many people on or near the field during events. Some of these are non-technical volunteers and some have been tech volunteers in the past and some are volunteers who are also on teams competing on the field. Approaching one of those volunteers and expecting the same response as a field expert to a technical issue like this is a bad use of time. At every event there is a crew of volunteers whose directive is to make every robot play, that is the Robot Inspectors. During Champs finals, (all divisions and Einstein) there are inspectors assigned to the field to assist teams with problems and work with the head referee and FTA. There were two experienced division LRIs on Einstein, one on each side of the field during the matches and in the pit area assisting teams between matches. If you have a problem and cannot get resolution, please check in with an inspector or LRI. We want everyone to play, as often as they wish, within the rules of the competition.

You wouldn't necessarily have to know the cause of the issue to happen upon the exploit. With the growing number of applications that can control any number of robots with a smartphone, it's really not surprising that between week 4 and Einstein someone whipped out a phone and thought, "What if I connect in during a match?"

It's the "1000 monkeys with 1000 typewriters" postulate at work, and I think it would be wise of FIRST to challenge all teams to try and find these exploits and notify FIRST as they appear. Crowd-source the troubleshooting of these systems, and allow teams to have active feedback throughout the season. It would solve a lot of problems. And I agree with the idea that FIRST should have some kind of pre-written response to let teams know that emails are at least going through.

Re: Team 548 Einstein Statement
 

That's a great idea in theory. In practice, however, FIRST would be completely overwhelmed with nonsense results from uncontrolled situations that bear little or no relevance to a competition field setup.

Simply put: the problem with the "1,000 monkeys with 1,000 typewriters" postulate in reality is filtering out the 99%+ gibberish content they've created.

Re: Team 548 Einstein Statement
 

To "happen upon the exploit" requires specific hardware. If someone had tried to connect without using one of the exceedingly few handheld devices capable of 5 GHz WiFi, nothing would have happened. That's a good enough reason for me to accept the idea that nobody but the admitted culprit knew about the problem.

Re: Team 548 Einstein Statement
 

The simple way to find the non-gibberish is request a proof of concept either in video or in front of field personnel.

This would be easier to accomplish with more open documentation about the field (so it can be more readily replicated) and more access to fields (itself not a trivial request).

Of course all of that is useless without clear lines of communications and process.

Also there are probably more devices than one might realize at any one event that can use 5GHz because they are not line of sight to the field. Consider all the driver's station laptops in the pits. I'll assume that no one on the field with a 5GHz laptop has time to be doing anything but what is expected of them.

With Windows Vista and above it would be very simple to craft a background script running as system that would exploit the failed connect attempt hole totally hidden from all but the most experienced eyes even on a driver's station on the field (in effect malware for the field). This wouldn't seem out of place at all because of the driver station software reliance on Windows. Also if someone had a COTS computing device on the robot a similar tactic with wider OS selection would be possible. I am comfortable making this statement because this particular vulnerability is much easier to remedy than others I am aware of.