Starting Next Year, Brazil Wants To Track All Cars Electronically

New submitter juliohm writes "As of January, Brazil intends to put into action a new system that will track vehicles of all kinds via radio frequency chips. It will take a few years to accomplish, but authorities will eventually require all vehicles to have an electronic chip installed, which will match every car to its rightful owner. The chip will send the car's identification to antennas on highways and streets, soon to be spread all over the country. Eventually, it will be illegal to own a car without one. Besides real time monitoring of traffic conditions, authorities will be able to integrate all kinds of services, such as traffic tickets, licensing and annual taxes, automatic toll charge, and much more. Benefits also include more security, since the system will make it harder for thieves to run far away with stolen vehicles, much less leave the country with one."

wont stop thierves; crooks

[wierd_w]

The "must be tagged" law will not prevent theft, and will not prevent other criminal activities.

It does not prevent the criminals from disabling a tag, altering a tag, or replacing the tag.

What the tracking system ultimately tracks are the tags. Not the vehicles.

As such, removing the tags, and then transporting the vehicle under a different but "valid" tag would make an effective means of breaking this system.

The real benefit to law enforcement/government is *NOT* combating criminals, it is tracking law abidding citizens.

I would expect catch-22s like "we show your vehicle at the scene" in one case and "you can't prove that isn't a fake transponder being used to put you on the other side of the country" in another, with the difference being the desire of the prosecutor.

(Eg, "iron-clad, irrefutable!" When used to show guilt, and "suspect, clearly a technological fabrication!" When used to assert innocense.)

If anything, this masure will spawn a new form of criminal activity, buying, selling, and provisioning counterfiet/shady transponders.

Re:On the bright side...

[Githaron]

It would fail outside the major cities at least. The cops over there can't even keep people from hacking into the water and power system. I went to one place where there was a literal "wrong side of the tracks". On one side, everyone paid for their utilities. On the other side, water was spraying out of pipes duck taped into each other in all directions and extension cords were running under the tracks. I am curious, are you Brazilian? You spelled Brazil with an "s" instead of a "z" like Brazilians.

We already have this here in the US.

[Ungrounded Lightning]

The big brother society ... Marches on steady. Unstoppable and with an insatiable appetite for new technology

It also deploys very quietly these days. It's already up and running before people notice it's there.

We already HAVE four federally mandated car trackers on all passenger cars (along with most other vehicles) since 2007.

It's called a "Tire Pressure Monitoring System". It works by having (typically) a lithium-cell powered device in the valve stem on each wheel that transmits the tire pressure information along with a unique serial number (so your dashboard computer doesn't get confused by nearby cars). These can also be read by loops in the road.

Re:The big brother society

[wierd_w]

I would rather see us do what doctors in ancient greece did.

Make an oath not to willfully cause harm, and internally enforce it. Call it whatever, but we need some form of morality in our profession, and willfully creating code we KNOW to be malicious is clearly immoral, regardless of what moral compas you choose to employ.

Simple things, like "I will not create mass mailers for commercial uses", "I will not create personally identifiable tracking systems of any sort.", "I will not create nor enforce systems to hinder political speech of any kind.", "I will not willfully penetrate another computer system without permission, and will not create tools to do so either.", "I will not willingly install backdoors for spying, monitoring, or sabotage, for any agency, in any software or systems I create.", etc.

It doesn't need to be religious, like 'i will only make open code' or anything. Just things we can unilaterally agree are clear misuses of technology. Kinda like doctors refusing to create bioweapons. That kind of thing.

Re:The big brother society

[wierd_w]

As for purpose, that is more external. For that, we need a history lesson.

Hippocrates was not an ordinary physician. He was the lead physician at a well respected hospital/temple of apollo. He was greatly displeased that other doctors in other cities engaged in nefarious antics, and belived strongly that medicine should only be used to heal, and medical knowledge should never be used to cause injury or harm. He couldn't force the doctors in other cities to comply with that moral vision, and didn't really attempt to explicitly.

Instead, he made all of his students swear to an oath that is basicaly the granddaddy of viral licensing. It prohibited his students from delivering medical knowledge to any physician that wasn't an oath sworn one, in their tradition.

The external factor was that the citizenry held more trust in hippocratic doctors than doctors of other schools, because of the added and strongly enforced ethos of that school of medicinal practice. As such, over time, the hippocratic school simply stole all the customers and students.

Ok, history lesson over.

I am suggesting that a community be created with the express intent that technological knowledge should never be used to willfully harm people, with similar implicit and explicit restrictions as the hippocratic oath. We should protect information with very strong asymetric keys, and exchange information only with other members. Membership should be free, but be serious business. The idea is to foster trust with industry and the citizenry at large, by being a very highly sanitized specialist forum to discuss vulnerabilities and solutions to those vulnerabilities in a sanitized environment. Failure to comply with the restrictions of the community results in having your keypair banned for life, and having your real identity added to a (searchable) wall of shame. All exchanges in the community are always encrypted, and stored in the encrypted form. Community members authorize other members to read their posts by distributing public keys. Each message is to contain a cryptographically identifiable hash, such that decrypted messages can have a unique and positive identification of which public key did the decryption. Each member retains his/her private key. To an outsider viewing the forums, they will see only huge blocks of RSA style crypto streams in nested succession. A CA should fascilitate the assignment and revocation of keys.

This would allow community collaboration and exchanges on wild exploit discoveries in a more protected environment, and enable more controlled release of information with industries impacted, with the intent of proving and sustaining professional trust, making the community a preferential setting for such dicussion.

The idea is to passively win out over disreputable technology workers by concentrating information, and internally vetting members. Membership must always be free and easy to obtain. It should be difficult to RETAIN, except through strict adherence to the rules. Membership thus gives access to a potentially huge archive of very specific information, and a potentially valuable asset in security consultency.

It wouldn't hold any legal protection or authority. It would simply be a stongly enforced "club", with a strong code of conduct.

The reason for multiple keypair generation is to frustrate attempts at collecting and brute forcing the data, and just accepting the added complexity tradeoff.