View Single Post
  #55   Spotlight this post!  
Unread 13-07-2012, 19:40
techhelpbb's Avatar
techhelpbb techhelpbb is offline
Registered User
FRC #0011 (MORT - Team 11)
Team Role: Mentor
 
Join Date: Nov 2010
Rookie Year: 1997
Location: New Jersey
Posts: 1,624
techhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond reputetechhelpbb has a reputation beyond repute
Re: [FRC Blog] Einstein Report Released

The larger issue than who did this is how was the system allowed to get to the point that it was possible at all. Let's worry about all the other D.O.S. (denial of service) attacks we have yet to find.

Clearly changes need to be made. It took extraordinary effort on the part of too many people to resolve even these issues to this point.

It still goes back to the assumption that the system is above flaw and that assumption being incorrect. In this case the system has a security issue and an active exploiter. Take if from me: you can look for and fix security issues before they get exploited as best you can or you can wait until they cost you reputation, resources and opportunity. Had they even profiled the issue before hand they could have dramatically reduced the chaos after the fact (if you don't fix it at least acknowledge it exists at the remediation level).

FIRST needs to consider a secondary channel in their control system if they can't more fully profile something like the WiFi system they have now. It's the logical alternative to pumping all the data into a single publicly exposed communication system. FIRST did have the AirTight equipment on site but clearly that alone wasn't sufficient to keep a lid on this issue. Additionally the FIRST report oddly doesn't discuss that the AirTight hardware did not produce for them sufficient warning of this issue or whether they consider that something they need to pursue (it was the assumption that this additional monitoring was sufficient to keep intentional interference from happening at all).

I give FIRST credit for the heavy work they put into this. I'm just not convinced that this won't happen again if someone intends to deny service to the field. Nothing I've seen in the recommendations will stop it. I can think of 3 ways right now that if I wanted to render all the field robots dysfunctional I could and it would be nearly impossible for them to discover it. Even if the sudden failure was recognized as intentional disruption the cost in resources to weather such interference is unacceptably high. A better solution needs to be found for this.

Last edited by techhelpbb : 13-07-2012 at 19:53.
Reply With Quote