NefMoto

I've been dialing in a few different files specific to certain 1.8t turbo configurations and as I've been able to give a couple people I trust files that they can use, and report information back to me in return without worry.

I really have no intention of making some tuning company or any of that, I would just like some Ideas and throw out some ideas for protection of software EULA nullification aka PIRACY.

I'll just give a numbered list of ideas and questions,

1. Is there a way I could name a file and have that name change if it's reflashed to another ECU? Potentially something instead of EXAMPLE NAME SW 1.8T it would read STOLEN SW CONTACT email or phone# ? I have no idea how I could possibly trigger this without some expensive encryption or mating hardware / SW...

2. Could I code it to a certain VIN or Cluster causing a possible Custom MIL / CEL reading like the above, STOLEN SOFTWARE / HARDWARE / DO NOT PASS INSPECTION / CONTACT XX?

3. What can I do to make the files I send out secure?

4. I would really like it to cause something insane like have the alarm go off, flashing lights, horn, car won't start, ECU reads UNAUTHORIZED USER CONTACT XX!

5. I am also interested in marking / branding my files. I'm more concerned of someone else using them for profit if I'm not. I have a certain person in mind who I already know wants my files and has tried bribing my test subjects for the .bin. I know I can put NO READ put my signature , logo, filename, whatever in the open space on immo-defeated ecus as well as change the regular ECU name, but is there a way of doing this that will completely destroy the file if this "brand" is changed? I would be using a description of the file, the persons name who received it, the date and then a number designation that only means something in my records.

Any ideas on this?

EDIT- another idea, a possible way of causing the car to perform in stock form or a soft limp?

If someone wants your file, they're going to get it. There is nothing that you can do about it.

What you're referring to could (some of it) be accomplished with custom code. That being said, you're going to have to link the file to something, and the eeprom is about your only option. That's easy enough to copy as well.

When you start adding malicious code into someone's ecu, you're opening up a whole new can of worms.

you can noread write in the file, but that's easy to manipulat
it's not a problem for profis

I think you are overestimating the value of your file at this point.

Why is that? Because I have 3 posts in Nefmote?  ::)

Not everyone gets on the forum to talk about what they're doing. Some of us just, DO.

Makes me think of the saying, those who can't do teach... those who can, DO.

I have a high knowledge of the mechanical aspect and I've learned quite a bit when it comes to tuning , so I'm able to put the two together. If my files weren't worth something I wouldn't have a company over my shoulder trying to pay my test subjects for my tune.

Your code will be running on a non-secure system you have no control over.
You can make it harder for people to reverse engineer what you've done to stop them or stop the casual hacker.

To prove it's your code you could hide a code in it by using varying versions of processor instructions that achieve the same outcome, I'm sure I saw some papers on this.

At this point, it's easy to believe you're special, if only because you simply don't know what you don't know. Maybe, if you're really lucky, you'll get the opportunity to talk to a real professional. It'll be an eye opening experience.

This is not to be taken as an insult. It's great that you're interested in learning, and hopefully someone here can benefit from your experience. I can tell you with certainty however that anyone with something worth the protection you're talking about wouldn't have to ask this question.

Quite frankly even if someone did take your protected theoretical tune, all they need to do is take the relevant maps and copy them over to a fresh map.. Plenty of software out there that will facilitate this X comparison... And then it's almost impossible to prove anything!

Sorry but trust me, it ain't worth the hassle.. Boot mode read will get you all the info you need.

IMHO concentrate on getting a credible name in tuning, it's offers far more "protection" than any hackable coding!

Have you seen the map it's competing against? Unbelievable ....

This is the most closed minded group of self proclaimed "smart people" I've ever seen...


If I ask a question about ideas in security, that means I don't know how to write a solid file?

Sorry, but designing a file for a specific platform, to perform a specific way has NOTHING to do with security.

So saying my file isn't good because I want to know security options is just dumb.

I don't need to speak to any of the tuners you call true professionals. My files are very good, The people using them have used the "best" tunes on the market and mine outperforms them in EVERY way imaginable.

I'm done with you fûcking nerds. I'll get back to getting my hand dirty, and seriously all the security needed is that the people I deal with know me and know I have no tolerance for stealing, bullshittîng me or any lies.

Bye NERDS. Guarantee 90% of you can't tune worth a damn, you come on here talk crap and spit theory. If you were so great you'd be a PROFESSIONAL

(http://global3.memecdn.com/go-fuck-yourself_o_923955.jpg)

First off, copy protection isn't "security"

What it is is a waste of time on this ancient platform.

If you really think it is worth the trouble, make a daughter card with an FPGA and a bunch of custom map encryption code.

Finally, nobody is claiming anything about their own ability or intelligence except yourself.

You're the biggest troll out there. It's hard to take anything you say seriously.

all that coming from the same guy that doesnt know what a usb cable is?
http://forums.vwvortex.com/showthread.php?6031466-USB-part-of-Maestro-cable-worn-out-check-this-out

Guys, guys.. Don't roast him too hard, he'll go back to work tomorrow and molest grandma's extra hard..

Wait.. That's TSA, The Department of Homeland Security has a vital mission: to secure the nation from the many threats we face.. Mexicans and Marijuana..

So in may of this year you weren't a tuner, but in just a little over 6 months you've learnt so much and figured so much out that your tunes are the bestest out there and you feel entitled to protecting them against copiers? Hahahaha! Pathetic at best...

I'm going to cut the guy a little slack here.

He's created a tune for a customer of said hybrid turbo manufacture that might actually work or at least be better than the none sense that was sold with the turbo at the time.. His 6months of learning can not be any worse than the sh*t that was sold to the customer!

on the topic..

everybody with decent knowledge of the me7 could locate and copy the maps needed in any tune.. as long as the ECU can read the flash and values, so can we.

you can make things a bit harder and offset maps.. like many "pro"s do.. but its still easy to locate and copy the maps.

another way would be to add multipliers/factors to the values in the maps themselves, by manipulating the code for how the ECU reads the map.. this would make the n00b copy-paste tuners scratch their heads.. since the values in the maps would be useless to them.. but still not protect against someone with knowledge in dissassembly.

another way would be to add custom code.. and add a checksum correlating to certain locations WITHIN the most used maps.. so it basically takes a certain row/segment in KFMIRL/KFMIOP/KFZW/2/LDRXN etc and calculates a checksum for this.. that can be hidded in any other used map.. and trigger a checksum error, or add to certain map-values to make the tune go bananas..

if any of the segments are changed, and the checksum missmatch..... no go.

Custom code with scrambled map areas  ;)

Waste of time.

The people who want to copy it, will just boot mode it and clone the EEPROM + FLASH = done.
The people who can tune do not need to look at your shit.
The people who want to look at what the tune does can simply log the car and they will see exactly what it is doing. There is no need for the file itself.

Any time someone is asking about "protection" on a forum you can be 99% sure they have no idea what they are doing.

I agree. By a large a huge waste of time and effort on all accounts.

LMFAO

Shame that post got deleted..

Some people just take everything personal.

Bottom line: at this late stage, no me7.1 file is worth protecting.

Anybody who thinks their special sauce is special enough to justify the huge amount of work to make their file marginally less easy to copy is clueless or delusional.

cement your 29fxxx chip to the ecu lid when you close it up, theres your security.  :P

I hear some people do that with BDM ports :)

Yep and then shoot yourself in the leg when you need to boot that ECU, because an OBD write crashed ;-)

I know you meant it ironically, but you never know who might think that this is a good idea  ::)

Hey you know, if you have such "L33t" ME7 tune i guess this is what you need to do,  ;D

Haha k0mpresd nice find!

+1 on basically everything else, everyone else said to you.  Your first post stinks of arrogance and is hilarious because you are dead serious, from there your true colors show.  If you are so good at tuning people will pay you for a custom tailored file for their car, even if it has a common setup. 

A file you made that is loose enough to be sorta ok enough, to seem better than a shit file does not make you the next Greg Branish, people can copy past that all day, so what.

You did nothing in any motronic file that someone else hasnt done before you, you need to get that through your head.  You think you are the only guy who tunes and spins wrenches?  LOL, get real man.

Then you want to say people here are nerds or not professionals (assumptions) huh, because they point out your flawed logic and delusions of grandeur?  Well you are the one asking them for help, moron!