Sunday, September 25, 2016

Secure Software

We have known for a long time that formal verification was possible in small pieces of code — that is, provably correct code (no bugs).  Well, embedded systems tend to have small code.  As a result, DARPA is finding success from a security standpoint in formally verified code.  The scenario is a formally verified helicopter delivery drone that attackers were unable to compromise even after providing exceptional access.  The article is nice because it explains the success and challenges.  It is entirely possible that embedded security such as vehicle security will be formal verification. https://www.wired.com/



Friday, September 23, 2016

Exoskeleton

Here is a different take on an exoskeleton from the Swiss Federal Institute of Technology in Zurich Switzerland: https://www.ethz.ch/  They wrap an exoskeleton around limbs with limited functionality and control them using a patient's own brain.  The example used here wraps the exoskeleton around the back of a hand allowing the hand to do the grasping assisted by the robot.

Wednesday, September 21, 2016

Tera-bit Internet

Nokia claims it will demonstrate tera-bit internet (http://www.zdnet.com/).  That would be 1,000 times faster than Google fiber and 10 times faster (or more) than the current internet backbone.  One thing to note is that the fiber itself isn't changing.  A strand of fiber is basically as pure as possible so the changes come at the ends where you put (and take) signals on the fiber.  In this case, they are tuning multiple wavelengths to be more efficient so they can carry more information.

Scanning + Computing reads ancient burned Biblical scroll

The video in this article (http://gizmodo.com/) describes how scans are processed in software to extract readable text from a piece of charcoal that was once a Biblical scroll.  They first determined the layers that represented the rolled up scroll.  Because the ink was denser than the scroll skin the ink showed up as brighter pixels on the layers revealing characters.

The text was Leviticus -- now the oldest version found.  Leviticus has such gems as "love your neighbor as yourself," but also "don't wear clothing made of two kinds of material" and many other things not to do.  It also has a darker side when it was used to justify slavery.

Monday, September 19, 2016

Hacking a secured iPhone

In the aftermath of the San Bernadino shootings last year the FBI was unable to hack past the security of an iPhone and demanded that Apple break their own security.  A security firm stepped forward and used a hardware attack to circumvent entry.  How did they do it?  Here is a high level description of what security researchers did -- likely similar to what the security firm did: http://www.bbc.com/

The problem is that after too many failed attempts to enter a passcode the phone will permanently shut down.  The challenge is to remove the attempt limit so all possible passcodes can be tried -- the passcode on that phone was only 4 numbers (new phones require 6 which is considerably more guesses).  The trick was to find the memory chip that stored the count and replace it with a new chip with a zeroed count before the limit was reached (much harder to do than it sounds).  It is a laborious process, but it can be done.

Saturday, September 17, 2016

Comparing an iPhone to the "first" supercomputer

I just got an iPhone 7 (switched from Android) so phone computing power is on my mind.

Linpack is a set of linear algebra routines used frequently in scientific computing for decades so it provides a way to compare new computers to very old ones.  

The Cray-1 supercomputer of 1979, sometimes referred to as the "first" supercomputer. It cost $9 million in 1979 dollars ($26 million today), had 1 MegaByte of memory, weighed 5.5 tons, and required 115 KWatts of power.  It ran the linpack benchmark at 3.4 Mflops (million floating point operations per second).  The iPhone 6+ ran linpack at 180 Mflops on similar data -- the phone actually runs faster on larger matrices.  So the iPhone 6 is roughly 60 times faster.  And it fits in your pocket.

The Cray-1 was a milestone for weather prediction because it was the first computer that could do a 24-hour weather prediction in less than 24 hours (only a little less so it still wasn't useful at first).

Wednesday, September 14, 2016

ATM Skimmer

An ATM skimmer is a device that thieves attach to an ATM machine to read ("skim") the magnetic stripe on the ATM card.  Usually they are installed on the outside of the ATM machine and a wary eye can spot them.  A new "periscope" skimmer has been found in the wild that is installed inside the ATM -- it requires the thief to have a key to open the ATM for installation. See http://krebsonsecurity.com/ for details.  What can you do to defend yourself?  The skimmer cannot read the PIN you type in -- that is usually read with a tiny camera.  The defense is simple: use one hand to cover the PIN pad while you enter the PIN with the other hand.  Secondarily, be wary of ATM machines that are not owned by a bank -- try to use bank ATMs built into a wall.