Data Theft still alive and well in F1

Post here all non technical related topics about Formula One. This includes race results, discussions, testing analysis etc. TV coverage and other personal questions should be in Off topic chat.
User avatar
dans79
267
Joined: 03 Mar 2013, 19:33
Location: USA

Re: Data Theft still alive and well in F1

Post

did some quick digging, and it looks like this is linked in profile.
https://www.linkedin.com/in/benjaminhoyle

Looks like he was an engine specialist, so it's slightly odd that he was looking some of this stuff up, as he probably has knowledge of it already.
197 104 103 7

User avatar
turbof1
Moderator
Joined: 19 Jul 2012, 21:36
Location: MountDoom CFD Matrix

Re: Data Theft still alive and well in F1

Post

Webber2011 wrote:Obviously they have some pretty damning evidence or it would not have gone this far.
The interesting thing will be did the boys in red play a part, and if so to what extent ?

Maybe the guy was just preparing to take some info with him, but if it can be proven that Ferrari already have the files they are in for a world of pain !
Unlikely Ferrari did not got some data. The guy uploaded some of it to an external website.
#AeroFrodo

User avatar
FoxHound
55
Joined: 23 Aug 2012, 16:50

Re: Data Theft still alive and well in F1

Post

Joe Saward seems to have a pretty good line on this...

He says that this chap informed Mercedes he was leaving in May 2014. Merc reassigned him to DTM duties, barring any access to F1 material in any capacity. That was as of May 2014.
It transpires Hoyle then retrieved data from HPP after the Hungarian GP of 2015.

This in itself is pretty damning for Mr Hoyle. But what was the motive?

The story goes further, stating that the data he stole was saved onto various devices. But what is most damning of all is that not only was he aware he was taking the data, he tried to cover up his tracks by filling up his disk in order to overwrite deleted material.


https://joesaward.wordpress.com/2015/12 ... s-claims/?
Hoyle informed Mercedes in May 2014 that he would be leaving when his contract expired at the end of 2015. As a result of this, he was reassigned to a different department at Mercedes in April this year, working on DTM activities. He was then denied all further access to F1 material and his access to F1 areas was similarly denied. Mercedes claims that Hoyle then gained access to and saved sensitive files that included a report from the 2015 Hungarian Grand Prix, plus mileage and damage data, in addition to files containing the code required to decrypt the data. Mercedes also says that Hoyle removed documents containing confidential F1 information “after employing expert forensic computer analysts” and searched for and saved information stored on HPP’s servers, including very detailed data about engine performance. Mercedes claims that this was saved on various different devices.

The company also claims that Hoyle took a series of measures to hide the data he had saved including filling up his disk in order to overwrite deleted material. Mercedes says that this is a defensive step and not in any way an attack on any other team.
JET set

R_GoWin
22
Joined: 21 Dec 2014, 10:51
Location: U.K.

Re: Data Theft still alive and well in F1

Post

To be honest - I'm not convinced that Mercedes AMG HPP has shown due diligence in protecting its data. As a minimum, access rights for material of such confidentiality (compressor performance, race data, dencryption codes etc.) should be on a user ID/ 'need to know' basis, controlled by the information owner/ program engineering manager/ line manager etc.

They have changed this guy's email, wiped out his laptop and moved his workstream to DTM, but he still has access rights to F1 program data?! C'mmon, in this day and age of internet security, surveillance and hacking - that's laughable.

User avatar
FoxHound
55
Joined: 23 Aug 2012, 16:50

Re: Data Theft still alive and well in F1

Post

R_GoWin wrote:To be honest - I'm not convinced that Mercedes AMG HPP has shown due diligence in protecting its data. As a minimum, access rights for material of such confidentiality (compressor performance, race data, dencryption codes etc.) should be on a user ID/ 'need to know' basis, controlled by the information owner/ program engineering manager/ line manager etc.

They have changed this guy's email, wiped out his laptop and moved his workstream to DTM, but he still has access rights to F1 program data?! C'mmon, in this day and age of internet security, surveillance and hacking - that's laughable.
How do we know that it wasn't a hack?

If he still had access with username etc, it would not require forensic computer specialists to ascertain the data had been been taken.

A bog standard server log would show the date, time, and files accessed as well as the type of media used to save the information, be that phone, laptop, pendrive or smart phone.
And that's just a small business with no real data protection issues running a 3rd party server.
JET set

User avatar
dans79
267
Joined: 03 Mar 2013, 19:33
Location: USA

Re: Data Theft still alive and well in F1

Post

R_GoWin wrote:To be honest - I'm not convinced that Mercedes AMG HPP has shown due diligence in protecting its data. As a minimum, access rights for material of such confidentiality (compressor performance, race data, dencryption codes etc.) should be on a user ID/ 'need to know' basis, controlled by the information owner/ program engineering manager/ line manager etc.
.
Did you miss the part where they gave him new hardware, a new email address, and a new login?
197 104 103 7

Webber2011
10
Joined: 25 Jan 2011, 01:01
Location: Australia NSW

Re: Data Theft still alive and well in F1

Post

turbof1 wrote: Unlikely Ferrari did not got some data. The guy uploaded some of it to an external website.
Assuming the guy was smart enough not to upload it to a Ferrari owned website, would it be hard to find out who accessed the site he did upload it to ?
Could anyone tell if someone from Ferrari had been there or could they cover their tracks easy enough ?

User avatar
dans79
267
Joined: 03 Mar 2013, 19:33
Location: USA

Re: Data Theft still alive and well in F1

Post

Webber2011 wrote:
turbof1 wrote: Unlikely Ferrari did not got some data. The guy uploaded some of it to an external website.
Assuming the guy was smart enough not to upload it to a Ferrari owned website, would it be hard to find out who accessed the site he did upload it to ?
Could anyone tell if someone from Ferrari had been there or could they cover their tracks easy enough ?
It is possible, but not in all cases. going into detail, would be well outside the scope of this topic though, and would probably make everyone's eyes glaze over anyway! :mrgreen:
197 104 103 7

Moose
52
Joined: 03 Oct 2014, 19:41

Re: Data Theft still alive and well in F1

Post

Facts Only wrote:This is the interesting bit that hasn't really been picked up on:

The data is said to include files containing the code required to decrypt raw race data files

Mercedes (I assume) and other teams must transmitting encrypted data from the car to the pits and back to Brixworth during every session. If Ferrari had the encryption code they would be able to intercept and see all of Mercedes car data live as well. Power, Fuel Consumption, Downforce, Drag, Suspension movements aand everything else would all be compromised.

If it ever turns out that Ferrari had requested the code then this will be very very serious.
The source code to the decryption tool is not sufficient to decrypt the data from all future races. You already have all the necessary code to decrypt my communications with my bank, or with Amazon when I send my credit card number.

What you don't have is the key pair that's being used for the session. Unless Mercedes have some other weakness (a predictable key generation system for example), then the source code to the decryption tool would be useless.

LookBackTime
472
Joined: 19 Feb 2013, 20:33

Re: Data Theft still alive and well in F1

Post

Webber2011 wrote:
turbof1 wrote: Unlikely Ferrari did not got some data. The guy uploaded some of it to an external website.
Assuming the guy was smart enough not to upload it to a Ferrari owned website, would it be hard to find out who accessed the site he did upload it to ?
Could anyone tell if someone from Ferrari had been there or could they cover their tracks easy enough ?
Yes, it is possible. That will be really stupid from Ferrari side :)

User avatar
turbof1
Moderator
Joined: 19 Jul 2012, 21:36
Location: MountDoom CFD Matrix

Re: Data Theft still alive and well in F1

Post

You can only track the IP adress for a physical location. It's not a stretch to go inside an internet cafe, any university with open door policy or even just buy a laptop with cash money and go to a place with public wifi (and afterwards destroy the laptop or atleast its internet hardware), and download the data on an usb stick. Untrackable.
#AeroFrodo

giantfan10
27
Joined: 27 Nov 2014, 18:05
Location: USA

Re: Data Theft still alive and well in F1

Post

The employee is pretty much toast as far as stealing data... good luck to mercedes in their attempt to incriminate Ferrari.... they would have to prove that Ferrari made their current employee commit this theft for their gain....even if Ferrari has the data their easy defense is we didnt know he stole it and have no idea how he aquired it

User avatar
FoxHound
55
Joined: 23 Aug 2012, 16:50

Re: Data Theft still alive and well in F1

Post

turbof1 wrote:You can only track the IP adress for a physical location. It's not a stretch to go inside an internet cafe, any university with open door policy or even just buy a laptop with cash money and go to a place with public wifi (and afterwards destroy the laptop or atleast its internet hardware), and download the data on an usb stick. Untrackable.
Assuming that, there would still be trails left. If it was uploaded onto the internet, you can be sure it will be traceable via some form of storage device signature.
Where it would become murky is if he use a proxy server in a cafe.

But even this would incriminate him, as there would be a record to show he used a proxy server. What reasonable excuse would you have to use a proxy server in an internet cafe/public wifi location?

And if they can't find the device, because it has been destroyed...this too would be incriminating. And from Sawards story, there were several devices involved here.
JET set

User avatar
dans79
267
Joined: 03 Mar 2013, 19:33
Location: USA

Re: Data Theft still alive and well in F1

Post

giantfan10 wrote:even if Ferrari has the data their easy defense is we didnt know he stole it and have no idea how he aquired it
No one would believe something like that.
197 104 103 7

wesley123
204
Joined: 23 Feb 2008, 17:55

Re: Data Theft still alive and well in F1

Post

In regards of what it means for Ferrari;

It's important to note that Mercedes HPP is taking legal action against Hoyle, not Ferrari with Hoyle as the main suspect. So what that means for Ferrari? probably nothing at all. They probably won't have him in their team, that's all.

Another important thing to notice is that the charge is theft, not espionage.
"Bite my shiny metal ass" - Bender