from the and-then-we'll-welcome-you-to-obfuscated-code-contests dept.
Secret code is everywhere—in elevators, airplanes, medical devices. By refusing to publish the source code for software, companies make it impossible for third parties to inspect, even when that code has enormous effects on society and policy. Secret code risks security flaws that leave us vulnerable to hacks and data leaks. It can threaten privacy by gathering information about us without our knowledge. It may interfere with equal treatment under law if the government relies on it to determine our eligibility for benefits or whether to put us on a no-fly list. And secret code enables cheaters and hides mistakes, as with Volkswagen: The company admitted recently that it used covert software to cheat emissions tests for 11 million diesel cars spewing smog at 40 times the legal limit.
But as shocking as Volkswagen's fraud may be, it only heralds more of its kind. It's time to address one of the most urgent if overlooked tech transparency issues—secret code in the criminal justice system. Today, closed, proprietary software can put you in prison or even on death row. And in most U.S. jurisdictions you still wouldn't have the right to inspect it. In short, prosecutors have a Volkswagen problem.
Interesting article with implications for Open Source.
(Score: 3, Informative) by melikamp on Sunday October 18 2015, @12:45AM
(Score: 4, Insightful) by dmbasso on Sunday October 18 2015, @12:59AM
Yep, every time I read an article like this one I have the urge to say "RMS has been telling you this for ages!"
`echo $[0x853204FA81]|tr 0-9 ionbsdeaml`@gmail.com
(Score: 2) by Dunbal on Sunday October 18 2015, @02:42AM
It's not a fraud. The problem is a system that permits the programmers/publishers to hide behind EULA's and TOS'es so that they share absolutely no responsibility - let alone accountability - for the code. So when something goes wrong or some sneaky devious exploit/backdoor gets written, everyone jumps and blames the code instead of finding the programmers and figuratively burning them at the stake. Hold the creators of the code accountable for the RESULTS (or lack of them) and you'll save a lot of duplicated effort, wasted man hours reviewing code, etc.
(Score: 2, Informative) by Anonymous Coward on Sunday October 18 2015, @02:47AM
The problem is a system that permits the programmers/publishers to hide behind EULA's and TOS'es so that they share absolutely no responsibility - let alone accountability - for the code.
Wrong. The problem is that non-free proprietary software is being used in places where it is especially unacceptable (must not be allowed) to deny users their freedoms. It has no place in government or in education, for instance.
(Score: 2) by frojack on Sunday October 18 2015, @06:26AM
It has no place in government or in education, for instance.
And why does the word processor used to write a letter or a term paper have to be free (beer) and non proprietary? Seriously, what possible justification do you have to make such a demand? Who gives you standing?
What about the proprietary ball point pen? Is that also forbidden in your whacko world.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Sunday October 18 2015, @01:57PM
why should tax money be used to rent software that the renter can't have inspected? that's just stupid.
(Score: 0) by Anonymous Coward on Sunday October 18 2015, @02:55PM
I said nothing about zero cost. That's not a requirement in my eyes.
Why should the government--which is supposed to be of the people, by the people, and for the people--use taxpayer dollars to fund software that denies the users their freedoms? The government should be encouraging education and freedom, and should not be supporting things that destroy freedom, and with proprietary software, no freedom or education is allowed.
Since no education is allowed with proprietary software (can't run the code for any purpose, can't study the code, can't modify it, and/or can't share your changes to benefit the community), it's especially unsuitable for the education system. Schools should encourage people to be good, educated citizens, and they can't do that by encouraging or forcing people to use software that violates their freedoms and doesn't allow for education. Also, it gets them hooked on software that violates their freedoms, which does lasting damage.
If someone makes the personal decision to use proprietary software to write a term paper on their own computer, that is sad but they should be allowed to do it. But they had better make sure the format is compatible with the Free Software the school uses. Which is often another problem with proprietary software: It tries to lock people in.
Seriously, what possible justification do you have to make such a demand? Who gives you standing?
Freedom of speech, and the ability to try to influence my government to do the right thing.
(Score: 2) by frojack on Sunday October 18 2015, @07:08PM
with proprietary software, no freedom or education is allowed.
See, when you make asinine statements like that, people just stop reading.
You, sir, are an idiot.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Monday October 19 2015, @01:18AM
Proprietary software denies you your software freedoms. Do you disagree with this? You can't inspect proprietary software code, modify it, and then distribute your changes to benefit the community. Do you disagree with this?
You're the idiot here. An unprincipled idiot, to boot.
(Score: 0) by Anonymous Coward on Sunday October 18 2015, @05:43PM
And why does the word processor used to write a letter or a term paper have to be free
Because without you inspecting it (or having the ability to), you don't know whether that piece of software is *just* a word processor. For all you know, it could be ferrying your sensitive data to someone outside of your organization, say your competition.
Without you having the ability to inspect or modify it, you also don't have the ability to make it do what you want it to do. You can only allow it to do what its manufacturer wants it to do. You need it to do X because of your specific business process Y...? Well, tough luck, sucker!
(Score: 2) by frojack on Sunday October 18 2015, @07:23PM
Because without you inspecting it (or having the ability to), you don't know whether that piece of software is *just* a word processor. For all you know, it could be ferrying your sensitive data to someone outside of your organization, say your competition.
Without you having the ability to inspect or modify it, you also don't have the ability to make it do what you want it to do. You can only allow it to do what its manufacturer wants it to do. You need it to do X because of your specific business process Y...? Well, tough luck, sucker!
Explain how your un-connected computer is going to ferry your term paper to someone else. Or your letter to mom.
Explain just what sensitive data is likely to be found in your school term paper that would be ferried to somewhere else? Who would read that "sensitive" data?
The printed page is the proof your word processor worked.
No inspection necessary. Certainly no Modification of the word processor code necessary.
Yow write your paper, print it out, proof read it, rinse repeat, and turn it in.
And even if you used a completely open source word processor, for which you have personally read every single line of code, (thereby delaying your term paper by two years) you still have not even scratched the surface of the code encountered from concept to finished paper. Code in the library's catalog system, Wikipedia, routers, chips in your keyboard, chips in your printer, the code in the radio running your alarm clock telling you to get up, eat your corn flakes, harvested by computer controlled farm equipment, dried by computer controled silos, milled by computer controlled grist mills, mixed by computer controlled industrial continuous flow mixers, baked in computer controlled ovens, boxed and shipped by computer controlled packaging plants, stocked by computer controlled warehouses and grocery stores, purchased by computer controlled cash registeres, and finely, not 30 YEARS LATE after inspecting all that code along the way, modifying it to your liking (breaking most of it in the process), you take the computer enhanced bus to school, to hand in your paper, too late to graduate because you thought you had to read all that code.
You sir, are an idiot.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Monday October 19 2015, @01:36AM
Explain how your un-connected computer is going to ferry your term paper to someone else. Or your letter to mom.
Will your computer always be un-connected? That is certainly not the case with most people. Furthermore, even if you make it completely impossible for them to spy on you somehow, you are still denied your freedoms.
Explain just what sensitive data is likely to be found in your school term paper that would be ferried to somewhere else?
Who says that school term papers can't hold sensitive information? Who decides what information is sensitive? What is sensitive is subjective.
Then there is your name, your writing patterns (which they can analyze to identify you elsewhere), and whatever is in the term paper, depending on what the subject is. They could use this information to more easily identify you elsewhere or discover your interests. Maybe the software is also spying on you in other ways, and not just on the information in the term paper. There are probably other things that very clever and malicious people could analyze to violate your privacy. Just because you find some information innocuous doesn't mean it can't be used against you.
The printed page is the proof your word processor worked.
It might be broken in a number of ways that made it much more difficult to do the job. You're completely dependent on your masters to fix these issues. The only option available to you if you don't like that is to not use the software, which I highly suggest.
And even if you used a completely open source word processor, for which you have personally read every single line of code
Why do you personally have to read every single line of code? Non sequitur.
Who says you can't have someone else do an audit? Or do you think that free software advocates make the claim that everything must be inspected by the individual, and that they do not trust anyone? The good thing about free software is that you have *choices*. You can choose who you trust. Hire someone you trust to audit the code, or modify the software. You can also do it yourself, but no one has time to do that for every bit of software. Maybe someone else hired someone you trust to modify or audit the code. Other people are also looking at the code. There are many possibilities, and you have none of these with non-free proprietary software.
I hope this isn't going to end up being another variation of the Nirvana fallacy. Just because something isn't perfect (i.e. just because free software can't absolutely guarantee privacy and security) doesn't mean it's not better.
You sir, are an idiot.
You, sir, are repeating corporate propaganda.
(Score: 3, Insightful) by anubi on Sunday October 18 2015, @12:56AM
Ever since the dawn of computerization, "the computer did it" has been a socially acceptable and plausible deniability mechanism for avoiding responsibility.
In the same vein that a child can get away with things an adult would be nailed for.
I feel its time the parents start taking responsibility for the acts of their children.
In the case of proprietary software, all liability of the acts of said software should be the responsibility of the rightsholder. If he is going to profit from others deliberately planned and enforced ignorance of what his thing really does, then he should also bear the burden of what it did.
In the case of public open source software, the user is responsible. It was open. He should have known what it is or have other trusted people vet the software for him. This is akin to trying to find someone accountable for drowning from jumping in a lake. He knew the risks.
Now if he jumped into a big black hole and was assured by "the rightsholder" that someone was there to catch him on the bottom, and there wasn't, then I feel the "rightsholder" is also solely responsible for all the misfortune the paying customer has for trusting the "rightsholder" to deliver.
While we are going so gung-ho over "rights", I feel its past high time we also consider assigning responsibilities along with those rights.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2) by Whoever on Sunday October 18 2015, @01:04AM
Indeed. [youtube.com]
(Score: 2) by frojack on Sunday October 18 2015, @04:04AM
You have to ask yourself just how often this actually occurs, where there is actual stonewalling on allowing code inspection?
I submit, that it probably doesn't happen all that often with application specific software, such as court records systems, or such. Medical industry? Probably a bigger likely hood, but probably not for medical devices.
Personally, having developed software under contract for a state government, I've been asked for source code for audit. Delivered it without a single quibble. It was work for hire, after all. I even helped the plaintiff's expert find the exact portion of of the code that handled the feature they were contesting. We worked through the code together, proved it was correct, ran dozens of actual cases through the code and manual calculations.
I've also sent proprietary source code to customer for audit with a simple Non Disclosure Agreement. They had a court case they were involved in, and when they needed to introduce it in evidence, I was asked to release them from the NDA. I did. No questions asked. I even wrote a description of that program for them. (That software was part of a sales system, it computed bulk discounts.)
Most software companies don't want to get dragged into a court case ie they can possibly help it. Most are not going to refuse a Judge.
I suspect the case is overblown here.
There are probably some companies that have something to hide, a bad bug that killed someone, and they dob't want to disclose it. But I've never heard of such. The amount of code in the world that is actually in a position to hurt someone is pretty small, perhaps mostly located in vehicles.
No, you are mistaken. I've always had this sig.
(Score: 2, Insightful) by anubi on Sunday October 18 2015, @04:51AM
Malfunction of some code may hurt someone. That's when business-grade software prone to botnet-launched viral scripts does not make the cut. One would use something like Micrium's U/COS or the like for life critical applications where someone is apt to actually get sued for a malfunction.
Volkswagen's fraud hardly even shows on my personal radar. It was mickeymouse coding to cater to mickeymouse laws. No one's safety was in jeopardy. From all I could tel, they just did what they had do do to pass spec. No, its not "right", but how about regulations that may not be practically attainable? They did what they were forced to do. I cannot hold much of a grudge against them for that. The most they did was deception... something Americans also know as "salesmanship". Used-car dealers are generally far better at pulling off fast ones on their customer.
The biggest beef I have is software that won't keep a secret. ( The second beef I have is annoy-ware where authors use the computer and DRM "rights" to enforce annoyances and unwanted stuff on me ).
Its like having someone over for lunch, he goes through my house, and lists the contents to several unsavory characters who paid him on the side to do this. Then I get targeted break-ins. And its all because I let the wrong guy take a peek inside my house.
In the digital world, lack of privacy is only fodder for spearphishing fraud. You get an email from someone you are doing business with, or at least that is what you are led to believe by the carefully crafted headers on the thing. Maybe its your retirement account. Maybe its your healthcare provider. Or maybe your bank. And they attach a document in the typical way businesses do these days.
Now, a lot of us that have had experiences clearing our machines of nasty malware, view an attached document a lot like picking up a soiled condom. These things have only "business-grade" trustworthiness and should be opened in a virtual sandboxed environment. By having detailed information on your personal contacts, the phisher is far more likely to offer you one of these documents you take seriously enough to open in the raw, using the trust you used to have in the business who you think sent it to you.
By destroying trust in your business relationships, the "bad guys" have succeeded.
What you did by going over the code with your customer is proper. Now, instead of just you being responsible, its others who have seen and understood the code as well. If it were certified by an agency, they too are in on the clusterfuck should the software malfunction. If you had ducked behind "mine! mine! mine! I will not reveal! I claim my rights!, then I also feel along with that you also get full unmitigated responsibility for all malfunctions as well. Especially DRM locks. As far as I am concerned, the very same party that has the power to sue if that lock is broken is the same party that should be held accountable for the software's behaviour. Not necessarily the coder - we all know how that game is played. The coder has to do what he is told to do.
If we allow terrorists to destroy trust between ourselves, the terrorists have won.
And its all because our own machines can't be trusted to keep a secret.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 5, Informative) by CirclesInSand on Sunday October 18 2015, @12:58AM
Similar article: [arstechnica.com]
Defense attorneys have routinely asked, and have been denied, access to examine the software's 170,000 lines of source code in a bid to challenge the authenticity of its conclusions.
...
[Cybergenetics] discloses its "underlying mathematical model" to enable others to understand its genotype modeling mechanism.
170,000 lines of code just to implement a mathematical model? Bullshit. This isn't airplane wing design, they aren't using supercomputers to model complex optimized code for optimization of fluid dynamics problems. It's just some probability formulas and maybe a database lookup.
170,000 lines of code isn't a mathematical model, it is story telling. What the hell are you doing that can't be done in a few hundred (if even that many) lines of Haskell? And who actually believes that any of this code is bug free?
170,000 lines of unaudited code being used to put people in jail for capital crimes, or even executed. I thought the unchallengable DUI fake-science was bad, but after reading this article, I've had my perception of bad legal policy completely moved.
(Score: 2) by gman003 on Sunday October 18 2015, @05:25AM
Presentation logic, probably.
On the software product I work on, when we hit our first release, the VP of marketing asked us for a lines-of-code count. I think it was about 200K, because that counted all of the HTML/CSS/JS for the presentation layer (and one of the developers had the weird habit of double-spacing his code - literally every other line was empty).
Our actual business logic is probably about 70KSLOC, mostly because of all the different systems we tie into, and some rather redundant architecture. It could probably be brought down to 30KSLOC if we could rearchitect some of that away, and remove the deprecated stuff.
(Score: 2) by frojack on Sunday October 18 2015, @06:39AM
Oh come on, you've been around long enough to know that a line code has no specific meaning.
Lines of assembler can number in the hundreds compared to the equivalent lines of a high level language.
Its meaningless, why are you getting all bent out of shape about a silly number?
No, you are mistaken. I've always had this sig.
(Score: 2) by CirclesInSand on Sunday October 18 2015, @02:00PM
If it really is low level code (ASM or C/C++), then it isn't reliable enough for convictions. If someone said "hey I've solved this math problem, it took 170k lines of code", would you really believe them?
(Score: 2) by frojack on Sunday October 18 2015, @07:05PM
No, because math problems are seldom solved by code, whereas code problems are often solved by math.
Like I said, the mythical Line of Code is totally meaningless. Does it include comments? Does it include library members, headers, etc included by reference? Does it include library routines supplied by the compiler or OS environment?
http://c2.com/cgi/wiki?LinesOfCode [c2.com]
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Sunday October 18 2015, @01:19AM
We had the source code, we knew the hackers were out there trying to take advantage and yet the bugs were hidden in plain sight for years and years. Multiple bugs, and nobody would be surprised if there are still some in there that are being exploited right now. And this isn't a huge piece of code.
Just because the source is free and open doesn't mean it's safe.
(Score: 0) by Anonymous Coward on Sunday October 18 2015, @01:25AM
They weren't even hidden in plain sight, they were reported to OpenSSL and on their bug tracker and just ignored. There's no difference between OSS and CSS. It's all in people's minds. You can examine closed source programs with a debugger and disassembler and find stuff that would be obfuscated at source level this way (in both cases).
(Score: 0) by Anonymous Coward on Sunday October 18 2015, @01:33AM
There's no difference between OSS and CSS.
Open source is irrelevant. What matters is free software. The real issue with proprietary software is that it denies users their freedoms. This includes being completely dependent on whoever develops the software, which is a recipe for disaster.
You can examine closed source programs with a debugger and disassembler and find stuff that would be obfuscated at source level this way (in both cases).
That's far less useful than having free software which respects all of your freedoms. Then you have the source code and you can still debug.
(Score: 0) by Anonymous Coward on Sunday October 18 2015, @01:28AM
Your 'counterexample' is irrelevant. Saying that free software is more secure is not the same as saying that free software is perfectly secure. So pointing out that there are occasionally bad exploits is utterly meaningless unless you are under the delusion that non-free proprietary software doesn't have these problems to an even greater extent. With proprietary software, you don't even have the freedom to inspect the code or hire some independent third party to audit it, let alone modify it and share your changes. You're completely dependent on your masters (probably a corporation), and if you don't like those masters or you don't want masters, too bad.
(Score: 0) by Anonymous Coward on Sunday October 18 2015, @01:36AM
I have no doubt that closed source has bugs at least as bad as OpenSSL, but it does have one advantage.
Security by obscurity.
Of course, that won't protect it from the likes of the NSA, or perhaps, the Chinese or Russian governments, but it probably does help against the credit card-stealing botnets, i.e. criminals motivated first and foremost by $$$.
(Score: 0) by Anonymous Coward on Sunday October 18 2015, @01:42AM
I have no doubt that closed source has bugs at least as bad as OpenSSL, but it does have one advantage.
Security by obscurity.
That's not actually an advantage, but a disadvantage. It requires that users be completely dependent on the ones who develop the software (often companies who don't care about you or your security at all), and you have no freedoms whatsoever.
We have seen tons of non-free proprietary software (not "closed source") where this insecurity by obscurity is ruthlessly exploited.
(Score: 1, Insightful) by Anonymous Coward on Sunday October 18 2015, @05:14AM
Your argument is a nirvana fallacy. Open source is not a perfect solution, but that doesn't mean it's not a superior solution.
(Score: 3, Interesting) by Anonymous Coward on Sunday October 18 2015, @04:15AM
This is one reason the Trans-Pacific Partnership is very bad. Governments are prohibited from demanding source-code on safety critical automotive, medical and military equipment.
14. Electronic Commerce
In the Electronic Commerce chapter, TPP Parties commit to ensuring free flow of the global information and data that drive the Internet and the digital economy, subject to legitimate public policy objectives such as personal information protection. The 12 Parties also agree not to require that TPP companies build data centers to store data as a condition for operating in a TPP market, and, in addition, that source code of software is not required to be transferred or accessed. The chapter prohibits the imposition of customs duties on electronic transmissions, and prevents TPP Parties from favoring national producers or suppliers of such products through discriminatory measures or outright blocking. ...
- Summary of the Trans-Pacific Partnership Agreement [ustr.gov]
(Emphasis mine)
(Score: 0) by Anonymous Coward on Sunday October 18 2015, @08:14AM
Legal code is a term people use every day. There is an idea that what if laws on the books could literally be computer code. It's a fascinating idea but no doubt would lead to a horrible black and white dystopia. Yet it's something that just might happen.
https://en.wikipedia.org/wiki/Computational_law#Algorithmic_Law [wikipedia.org]
if $PERP == ("stinking rich") || $PERP == ("very influential") then $VERDICT == ("not guilty")
(Score: 0) by Anonymous Coward on Sunday October 18 2015, @10:04AM
Ok, Volkswagen was the first to get caught. But were they the first? Who did it first and others had to follow suit in order to survive?
It isn't a Volkswagen problem. It is an industry problem and unrealistic emissions goals. It isn't time to destroy car-making companies because the impossible cannot be done. It is time to rethink emissions standards and if they are achievable with reasonable expectation and are they even technically possible.
If the standards ask for perpetual motion machines to be put in all cars, it isn't the car-company's fault that they have to cheat.
(Score: 3, Interesting) by Grishnakh on Sunday October 18 2015, @12:38PM
I can't speak to European emissions laws, but in the US, it's not a problem to meet emissions laws. Every gasoline-powered car sold does it, and there's no indication they have to resort to tricks.
The problem is that diesel emissions laws are unrealistic. However, there's a couple of schools of thought on this:
1) These laws are unrealistic intentionally, because they don't want anyone to meet them and sell diesel cars in America. Diesel cars are all made by foreign companies; domestic companies only sell diesel *trucks*. And of course the standards are *far* more lax for trucks than for cars. So there's every indication that these laws are designed for protectionism.
2) Everything I've read indicates that it just isn't really possible to burn diesel cleanly with low NOx emissions and also get good fuel economy and performance; it's one or the other. I'm also reading that there's a lot of problems with NOx pollution and smog in European cities because so many passenger cars there are diesel. So maybe relaxing emissions standards *isn't* the answer, and we should just stick with gasoline which doesn't have these problems.
(Score: 0) by Anonymous Coward on Sunday October 18 2015, @01:36PM
I presumed the reader knew this was about diesel, so dropped the "diesel" part.
Some people prefer diesel cars. I do. So anything that hurts diesel car manufacturers hurts my interests. I would like a variety of diesel cars to choose from. The US being a large market can and does affect car companies.
(Score: 2) by Grishnakh on Sunday October 18 2015, @08:03PM
If you can't have a diesel car without creating a lot of smog (compared to a comparable gas engine), then what right do you have to a diesel car? You don't have an absolute right to pollute the air.
(Score: 1) by pipedwho on Monday October 19 2015, @03:10AM
True, the air pollution issue needs to be addressed. But, on the flip side, diesel engines are more fuel efficient (ie. less CO2) than petrol engines. So they are trading off one pollutant for another. Meanwhile, you have 'trucks' (including SUVs that fall under 'truck' classification) pouring out much higher noxious emissions than the a passenger car.
All this is really doing, is pushing the case for hybrid, and eventually fully electric vehicles.
(Score: 2) by darkfeline on Sunday October 18 2015, @07:17PM
>Everything I've read indicates that it just isn't really possible to burn diesel cleanly with low NOx emissions and also get good fuel economy and performance
That's not protectionism then, is it? Nothing, or at the very least emission requirements don't stop foreign companies from selling gasoline cars in the US.
Join the SDF Public Access UNIX System today!
(Score: 2) by Grishnakh on Sunday October 18 2015, @08:14PM
I guess it can be argued both ways. (If someone sees any errors in my facts, please jump in.)
On the one hand, we do have diesel passenger vehicles here in the US, but they're all big giant pickups. And the US has long had a nasty habit of treating big gas-guzzling passenger vehicles differently than cars, because they're supposedly "work vehicles", when they're plainly not, as proven by all the soccer moms driving them around and people using them to commute to jobs where these vehicles aren't actually used for anything besides transporting a single person sans cargo. So it seems like pickups are exempt from the emissions rules that affect cars, and that can be argued to be protectionist, because American car companies don't make diesel cars while foreign companies (esp. European ones) do.
(We also see this preferential treatment with SUVs and tint laws, where big SUVs can have black-out tint but doing that in your small car will get you a ticket.)
On the other hand, in reality not many of the soccer mom and dumbass commuters actually drive *diesel* pickups (unlike gas pickups and SUVs), so they're probably not affecting our air quality much (unlike semis), so US regulation here could be argued to be mostly fine, and the fact that American cities seem to have lower smog than European cities seems to support this; do we really want to have *more* pollution in our cities? I don't. Diesel vehicles do cost more than comparable gas-powered vehicles; the premium on VWs was $5k for the TDI engine when I was looking at them a few years ago, so that already keeps a lot of buyers away from them in the US, unlike Europe where fuel economy is more important and engine size seems to be taxed heavily (unlike the US where there's no taxes on cars aside from regular sales tax on the overall price). So maybe keeping the emissions standards stringent is the answer, even if that kills the passenger diesel car market entirely, though I think the standards should be toughened on pickups to be fair. It's not like there aren't alternatives: today's gas engines are excellent and have really improved in fuel economy in the last 5-10 years.
(Score: 1) by Rich26189 on Monday October 19 2015, @02:26PM
Well, yes it is protectionism, in a way, for the trucking and rail transportation industries, industries that heavily use/rely on diesel. Adding a large number of private diesel vehicles here in the US would drive up the demand for diesel fuel and thus the cost.
I questions this idea efficiency of diesel vs gasoline, it's true but only for MPG. I think it's more correct to say the 'greater efficiency' is in the quantity of fuel a vehicle can carry. I am not a PetroChemEng but my, admittedly simple, understanding is that it take more raw crude to make a gallon of diesel that to make a gallon of gas. There's only so much energy in a barrel of crude. Cracking it into diesel or gas just converts that energy into others (liquid) forms. If there are any PetroChemEng out there please correct my understanding if it's wrong.