EMS Security

Post here if you require technical information regarding a GEMS product

Moderators:R!C0, JonMan, RickS

Post Reply
hwnd
New User
Posts:6
Joined:Tue Jun 10, 2008 7:40 pm
EMS Security

Post by hwnd » Tue Jun 10, 2008 7:43 pm

I've noticed a few boxes having "Security" in terms of protecting the Tuners hard work & time.

How does the security work? I wouldnt' think the ECU could encrypt the map but perhaps a single check inside the calibration for a password?

Thanks
-Jason

User avatar
RickS
GEMS Engineer
GEMS Engineer
Posts:547
Joined:Thu May 17, 2007 11:38 am

Re: EMS Security

Post by RickS » Wed Jun 11, 2008 11:45 am

Hi,

User's can set a password under the ECU menu in the GWv3 software (you must be connected to the ECU in order to do this). The password will be required in order to make changes to the saved calibration in the ECU. If the user does not have the password the ECU can still be used, by selecting clear password from the ECU menu, however the saved calibration will be erased and all values will be set to zero so as to protect the tuners work.

Hope this helps

Ed

hwnd
New User
Posts:6
Joined:Tue Jun 10, 2008 7:40 pm

Re: EMS Security

Post by hwnd » Mon Jun 16, 2008 6:04 am

Hi Ed, Thanks for the reply..

I'm looking for a bit more detailed information. From a programmers point of view - the password feature is a wonderful option to have but doesn't (currently) seem secure in terms of protection. So what I'm chasing is the details of how the protection works.

Since it would provide a ton of work on the ECU side to actually do any legit encryption (the CPU would be overloaded decrypting the calibration @ key-on and must be quick speeds). So I'm thinking the protection might work in two ways...

1) Does the calibration itself contain the "protection" while being stored on the ECU?
..in other words, would the protection follow the calibration say if I saved the map from the ECU to my desktop - would I need a password to view the calibration offline?

2) Does the ECU/hardware itself contain the "protection"?
A situation might be where I am switching ECU's and wanted to take my calibration with me, without knowing the password i'm sol BUT if I'm able to dump the EEPROM or something along those lines..

..What I'm driving at is trying to understand how the security works - if I supplied an incorrect password, the software wont be of any help to me, however, what if I'm working the GEMS software inside a debugger & provided an invalid password then simply `forced` the software to JMP (assembly term for jump) to the correction memory location to continue loading the calibration.

i'm wondering what role the Dongle plays in this whole scheme, etc.

hwnd
New User
Posts:6
Joined:Tue Jun 10, 2008 7:40 pm

Re: EMS Security

Post by hwnd » Mon Jun 16, 2008 6:19 am

What I forgot to make note of is which ECU I'm working with.

I'm currently working on an AEM/GEMS ECU. Software is GEMS with AEM ECU definition/gin files added.
Since AEM doesn't want to add or support the protection of our calibrations - I'm taking it upon myself to implement these features with the help of a successful Tuner.

My goal is to provide a method of protection for my ECU by either patching the AEM/GEMS software or other means (no financial gain).

R!C0
Site Admin
Site Admin
Posts:230
Joined:Thu May 10, 2007 1:21 pm

Re: EMS Security

Post by R!C0 » Mon Jun 16, 2008 10:55 am

Hi Jason,

The security for the ECU is handled by the ECU itself.

As for more detailed information, i'm afraid i can not give out details of how our security system works, as to preserve the integrity of this system, so it remains useful for the many others using it to protect their work. I realise what you are trying to achieve is entirely honorable but i hope you can understand our reasoning for this.

Also i suggest, that if not already done so, you should contact AEM and see if they are willing to add this feature.

Regards

Rico

hwnd
New User
Posts:6
Joined:Tue Jun 10, 2008 7:40 pm

Re: EMS Security

Post by hwnd » Tue Jun 17, 2008 10:49 am

AEM doesn't care to support this feature (they've made this know, publicly).

i've made advancements within my studies though I think it might be better to keep them to myself. Dongle is easy protection to bypass with a proper patch so I can't see why its even part of the `Security` but as a "GEMS Check" to get tabs on who is passwording the ECU's?

I do thank you very much for the responses so far and clearly understand your position. I respect that and will continue on my own. I dont have plans to sell or provide copies/source of my work - just patched binaries (bypassing Dongle check).

Assuming I am successful in enabling security on my own via GEMS software (AEM flavor) - could I run into any legal issues doing so?

R!C0
Site Admin
Site Admin
Posts:230
Joined:Thu May 10, 2007 1:21 pm

Re: EMS Security

Post by R!C0 » Tue Jun 17, 2008 11:20 am

The Dongle is security for the GEMS software GWv3, without it you can not connect to an ECU. It has nothing to do with passwording the ECU calibration, which as previously mentioned is handled by the GEMS ECU, a feature which the AEM ECUs do not have.

If you are bypassing the dongle you are essentially cracking a copywrited peice of software, which if you are doing i would ask you to halt immediatly as it is illegal, and withdraw any copies made publically available, or risk further action.

To state again i understand your intentions, but from what it sounds like you are already on dodgy legal ground.

hwnd
New User
Posts:6
Joined:Tue Jun 10, 2008 7:40 pm

Re: EMS Security

Post by hwnd » Tue Jun 17, 2008 6:30 pm

Well to be honest.. nothing has been `cracked`... as there isn't anything to crack. Short example is loading the few functions it takes to actually protect the calibrations. In other words, I've not needed to modify the actual binary from GEMS (or AEM) but only needed to know how it works.

I've hit this wall before and I can assure you it isn't illegal to run debuggers or kernel-mode drivers on my machine that allow me to view everything (in terms of processes, memory,etc) on my machine. What would be illegal is to modify the binaries themselves and hand 'em out for cost/charge, however, the GEMS software is already free isn't it?

all thats needed to bypass the Dongle for GEMS software is to call a few functions in specific order - so please excuse me as I may have used the term `patched` in my last post out of context.

Pete B
GEMS Engineer
GEMS Engineer
Posts:10
Joined:Tue Apr 22, 2008 9:56 am

Re: EMS Security

Post by Pete B » Wed Jun 18, 2008 10:02 am

hwnd wrote: I've hit this wall before and I can assure you it isn't illegal to run debuggers or kernel-mode drivers on my machine that allow me to view everything (in terms of processes, memory,etc) on my machine. What would be illegal is to modify the binaries themselves and hand 'em out for cost/charge, however, the GEMS software is already free isn't it?
GWv3 it isn't free if you want full functionality. You need to pay for a dongle in order to connect to the ECU, but it is possible to view calibrations offline without a dongle. AEMPro *is* free, but you can only connect to AEM ECUs with it.
hwnd wrote: all thats needed to bypass the Dongle for GEMS software is to call a few functions in specific order - so please excuse me as I may have used the term `patched` in my last post out of context.
In order to 'call a few functions in a specific order', you'd either need to run under a debugger every time you use the software, or you'd need to patch the software. The latter is illegal and the former is not really playing in the spirit of the rules. My wage comes from people paying for the software so really if you are subverting the dongle, you are stealing from me and from GEMS.


With respect to ECU security, this is a completely separate issue from the dongle. The dongle is to protect the software itself against copying.

ECU security is to protect the calibration data in the ECU from being downloaded. You cannot download the calibration data from the ECU without the correct password. We are not prepared to release any information on our proprietry security technology.

All I can tell you is that:
  • You can view a calibration stored offline without requiring a password.
  • The ECU itself manages the security. It will not allow you to download the calibration data from the PC regardless of any modifications you might make to the tuning software. Any requests for secure data will fail unless you have unlocked the ECU with the correct password.

hwnd
New User
Posts:6
Joined:Tue Jun 10, 2008 7:40 pm

Re: EMS Security

Post by hwnd » Wed Jun 18, 2008 8:54 pm

Seems like I've hit a nerve with my quest for Password Protection on the AEM ecu's. I have zero interest in the GEMS ecu and software (Omex too).

Let me re-state, there are zero public releases or patched copies of GEMS/AEM/Omex software floating around by my hands. Bypassing dongle was on a byproduct of my goal (password protection on AEM). Understand that no one is stealing from anyone here.. thats not the case. While i can understand GEMS point of view, I do not have intentions of creating a "bypass dongle" option for GEMS software. Hell I dont even own a GEMS ecu (directly.. just AEM);

I'll drop the subject as I seem to be causing a worry or two;

Pete B
GEMS Engineer
GEMS Engineer
Posts:10
Joined:Tue Apr 22, 2008 9:56 am

Re: EMS Security

Post by Pete B » Mon Jun 23, 2008 3:19 pm

OK, its fairly simple:

* The dongle has absolutely nothing to do with ECU security. Perhaps there has been a misunderstanding here.
* AEM Pro does not require a dongle.
* It is not possible to add a security option to AEM ECU's by modifying GW or AEM Pro. The security is implemented in the firmware.

Alternatively there are GEMS ECU's available that do have security.

Post Reply