Quote:
Originally Posted by Siri
While you bring up good points, are you underestimating how difficult this was to purposefully discover and/or how lucky you'd have to be to find it? I honestly don't know, but as I understand it the Cisco firmware with the hole only implemented in Week 4, and even then only manifest in one of the D-Link revisions. While FIRST tested the new firmware thoroughly for the issue it was meant to address, it's not so surprising they didn't test for FCA (page 7). Conceding (as the wireless experts did) that it's not an obvious issue to test for, I'd be somewhat surprised if FIRST officials managed to trip on it in the intervening weeks. Granted, this definitely isn't my area of expertise.
|
You wouldn't necessarily have to know the cause of the issue to happen upon the exploit. With the growing number of applications that can control any number of robots with a smartphone, it's really not surprising that between week 4 and Einstein someone whipped out a phone and thought, "What if I connect in during a match?"
It's the "1000 monkeys with 1000 typewriters" postulate at work, and I think it would be wise of FIRST to challenge all teams to try and find these exploits and notify FIRST as they appear. Crowd-source the troubleshooting of these systems, and allow teams to have active feedback throughout the season. It would solve a lot of problems. And I agree with the idea that FIRST should have some kind of pre-written response to let teams know that emails are at least going through.