Sunday, August 28, 2016

How a computer adds

Addition is the basis of all arithmetic in a computer.  Subtraction is adding a negative number, multiplication is repeated addition, and division is a combination of the others.  Of course, a computer uses binary numbers (digits 0 and 1 rather than digits 0 through 9).  This video describes how a binary adder circuit can be built using dominoes -- mirroring what actually happens in a computer.  The result is an easy-to-grasp description of computer arithmetic:

Thursday, August 18, 2016

Lidar on a chip

Autonomous vehicles use laser range finders (lidar) to map their surroundings, often combined with radar.  Radar units are relatively small and inexpensive with no moving parts, but lidar has tended to be large and expensive (e.g. $70,000) with moving parts (something to break down).  They are the large, rotating objects on autonomous vehicle roofs.  MIT working with DARPA has shrunk lidar to a chip with no moving parts and a projected cost of $10 each -- a massive improvement:

Friday, August 12, 2016

Spoofing GPS

I am interested in malicious interference in vehicles and a related issue is the spoofing of sensors that are increasing in vehicles.  GPS mapping is common and has an article on how to spoof GPS.  The short version is that a signal is broadcast that overrides the true signal -- the hard part is to do it in a way that cannot be easily detected by the GPS receiver.  Doing so involves manipulating the pseudo-random noise code (PNC) that is contained in the true GPS signal whose purpose is to distinguish among the multiple GPS satellites used for positioning.

Quantum cryptographic communication

The word "quantum" gets attached to multiple, very different technologies related to cryptography leading to confusion. The main two to date are the quantum computer (which has the capability to crack the asymmetric cryptography that underpins the internet) and quantum key distribution (which uses quantum characteristics of photons to securely distribute a symmetric, cryptographic key over an optical fiber).  Now we have a third: quantum, cryptographically-secured communication.  Rather than simply sharing a key as in quantum key distribution, here an entangled photon is used a the key so an eavesdropper intercepting the key will disturb the key rendering the communication indecipherable to everyone, especially the eavesdropper. It is not an existing technology, but the target of recent NSF funding: 

Friday, August 5, 2016

ATM hack using new EMV cards

The new credit cards in the US now have the EMV chips that have been common elsewhere.  They make transactions more secure than the old mag-stripe cards which were easier to duplicate.  However, they are not perfect.  In this attack the point-of-sale (POS) terminal has a "shimmer" installed inside it which sits between the credit card and the POS hardware -- the classic "man-in-the-middle" attack. At some distant location is an ATM machine with an "out-of-order" sign on it.  The ATM has a smartphone that the "shimmer" communicates with to share the information that it is snooping while the credit card's EMV chip at the POS terminal is communicating with the banking system.  The "out-of-order" ATM has a device to emulate the EMV's communication as well as mechanical servos to push buttons.  Using the information from the "shimmer" a transaction is approved, the servos push buttons, and ATM throws out cash. The link ( includes a brief video of a demonstration.

Hotel door locks can be hacked.

It has been known that one brand of hotel lock, Onity, could be easily hacked by plugging into its power port that's on every lock (  At this year's Black Hat an upgraded attack can unlock all the doors in a hotel, including creating a maid's master card.  You scan one card to identify the fields and then brute force the relevant fields (  The solution is old-school: jamb a chair under the door knob or carry a door stop to jamb under the door.

Wednesday, August 3, 2016

How to Hack an Election

There is an interesting article in on a guy who claims to have hacked a number of Central and South American elections.  Basically it is "dirty tricks" using 21st century technology: accessing opponent's data and communication, setting up rumor campaigns on Twitter, etc.