View Single Post
  #128   Spotlight this post!  
Unread 22-08-2012, 18:06
DampRobot's Avatar
DampRobot DampRobot is offline
Physics Major
AKA: Roger Romani
FRC #0100 (The Wildhats) and FRC#971 (Spartan Robotics)
Team Role: College Student
 
Join Date: Jan 2012
Rookie Year: 2010
Location: Stanford University
Posts: 1,277
DampRobot has a reputation beyond reputeDampRobot has a reputation beyond reputeDampRobot has a reputation beyond reputeDampRobot has a reputation beyond reputeDampRobot has a reputation beyond reputeDampRobot has a reputation beyond reputeDampRobot has a reputation beyond reputeDampRobot has a reputation beyond reputeDampRobot has a reputation beyond reputeDampRobot has a reputation beyond reputeDampRobot has a reputation beyond repute
Re: Team 548 Einstein Statement

Quote:
Originally Posted by techhelpbb View Post
Now what am I supposed to do to refute your commentary Eric? Show you this works publicly?
Then what? What's going to be the process then, demand I resign as a mentor, or go after the team I helped start?
Someone needed to say this (although perhaps a bit less vehemently). There needs to be an official route for security holes that simply does not exist now. I understand that the good folks at FRC have a ton on their plate already, but there is no incentive structure that exists to make sure these types of problems get reported and solved before they cause havoc at the world championships.

This is what I was getting at with my question about institutional knowledge. Either someone at FIRST knew about this hole, and there was an error in communications, or no one found out about this, because there was no reason for someone outside the small FRC team to go an official route.

I think there needs to be an official way to report bugs and to encourage people to report this type of exploit. An official FRC award for work in security, where as part of the submission process there would be a demonstration of the exploit discovered, would help these problems come out officially rather than being used maliciously. Instead of trying to fight "hackers" by ignorance and fear of persecution, give them a reason to strengthen the system, not destroy it.
__________________
The mind is not a vessel to be filled, but a fire to be lighted.

-Plutarch