Submit | Sign Up | Sign In

Kill switches reducing smartphone thefts

in mobile on (#5YDS)
Smartphone thefts are down 40% in London, 22% in San Francisco and 16% in New York, while iPhone thefts are down even further, since the implementation of "kill switches," which allow owners to completely deactivate a phone that has been lost, making a stolen device worthless.

Major smartphone companies were reluctant. Gascón said he had met with Apple executives and been "rebuffed." Frankly, the carriers don't gain anything from this service, and actually add customers when someone signs up with them using a stolen phone. As for the phone companies, every stolen phone is a potential new sale. Companies would never want to admit that stolen phones are good for their bottom line, but they don't have any good excuse for why they wouldn't voluntarily implement something. They only said that a kill switch had serious risks, including vulnerability to hackers who could disable others' phones. Meanwhile, Australian phone carriers have been doing it successfully since 2003.

"The significant decrease in smartphone thefts since the implementation of kill-switch technology is no coincidence," New York Police Commissioner William Bratton said in the press release. "Restricting the marketability of stolen cell phones and electronic devices has a direct correlation to a reduction of associated crimes and violence." Soon, all smartphones in the United States will have these features, as a California law passed in August will require all smartphones sold in the state to include kill switch technology, effectively requiring manufacturers to include the feature on all smartphones.

Hybrid invasive super termites menacing Florida

in environment on (#5W95)
Scientists at the University of Florida have confirmed the Asian and Formosan subterranean termites — both formidable non-native species — are mating in south Florida. The offspring of these species thrive by combining the strongest qualities of their parents. The two species are considered particularly damaging and difficult to control, since they travel underground and burrow up through buildings. What sort of termite do they produce? The bad news is that based on lab results, the hybrid colonies appear to grow faster than those of either species that produced them.

“The combination of genes between the two species results in highly vigorous hybridized colonies that can develop twice as fast as the two parental species,” said Thomas Chouvenc, research assistant at the University of Florida’s Subterranean Termite laboratory. “The establishment of hybrid termite populations is expected to result in dramatically increased damage to structures in the near future.”

The annual cost of termite damage and control measures in the U.S. is estimated at $5 billion.

Consumer product containers with non-stick coating coming out this year

in science on (#5QV1)
An easier to squeeze mayonnaise bottle might be coming out this year, and easier to squeeze toothpaste could be here in 2017. This is thanks to a liquid-impregnated coating called LiquiGlide that can keep the inside of a container permanently wet and allow its contents to easily slide out. Elmers Products, Inc. is on board, too, and has already signed a contract with LiquiGlide to let you get every drop of glue out of the bottle. Follow the link for videos of the coating in action.

LiquiGlide is a liquid coating that binds much more strongly to textured surfaces than to liquids, so when it's painted onto the inside of a container, the liquid can flow freely over it without creating friction and viscosity. It was originally created in 2012 by a professor, Kripa Varanasi and his grad students at MIT. They've formed their own LiquiGlide company, and it's now getting some traction among consumer products. However, the original intent behind LiquiGlide was not to make it easier to have ketchup with your fries. Varanasi was thinking about industry applications like more efficient oil pumping. For now, the company has found success in consumer products, but it will continue pursuing industry application ideas too.

Boeing granted patent for force field

in hardware on (#5K30)
story imageThis month, Boeing was granted a patent for generating force fields that keep shockwaves from harming military vehicles. The Boeing Company's patent, "Method and system for shockwave attenuation via electromagnetic arc," was filed in May 2012.

"The idea is to harness electrical energy to stop or slow down the shockwaves created by explosions, which can do just as much damage as shrapnel." Boeing's plan would be to "marry a rapid explosion sensor with an arc generator to protect targets like military vehicles." Laser sources send out high-intensity laser pulses in the direction of the explosion. The laser pulses ionize the air to form a laser-induced plasma channel." The channel differs from the ambient air in density, temperature and composition. The result would be a buffer zone— different temperature, air density and other characteristics would reflect, refract, absorb and deflect at least a portion of the shockwave.

Large Text Support

in pipedot on (#5H27)
The latest set of site updates have reworked font sizes to make it easier to configure larger text rendering.

All font sizes on the site are now specified in relative units (em) and are now now scalable using the “text size” feature of your browser. Due to rounding errors, this change slightly increased many of previous the font sizes.

A user configurable “Large Text” checkbox was also added to your profile settings page, for those that want even larger text.

These text scaling options will not scale other elements of the page, such as images. Use the “Zoom” function of your browser to scale all elements on the page equally.

Chrome, Firefox, Internet Explorer, Safari, Flash Player: all hacked

in security on (#5G4H)
So much for browser security. Researchers who participated in the Pwn2Own hacking contest this week demonstrated remote code execution exploits against the top four browsers, and also hacked the widely used Adobe Reader and Flash Player plug-ins. The Pwn2Own contest takes place every year at the CanSecWest security conference in Vancouver, Canada, and is sponsored by Hewlett-Packard’s Zero Day Initiative program. The contest pits researchers against the latest 64-bit versions of the top four browsers in order to demonstrate Web-based attacks that can execute rogue code on underlying systems.

The final count for vulnerabilities exploited this year stands as follows: five flaws in the Windows OS, four in Internet Explorer 11, three each in Mozilla Firefox, Adobe Reader, and Flash Player, two in Apple Safari and one in Google Chrome. All bugs were reported to the affected vendors after the contest, as part of the competition’s rules.

Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation

Anonymous Coward
in security on (#5BPA)


We demonstrate the extraction of secret decryption keys from laptop computers, by nonintrusively measuring electromagnetic emanations for a few seconds from a distance of 50 cm. The attack can be executed using cheap and readily-available equipment: a consumer-grade radio receiver or a Software Defined Radio USB dongle. The setup is compact and can operate untethered; it can be easily concealed, e.g., inside pita bread. Common laptops, and popular implementations of RSA and ElGamal encryptions, are vulnerable to this attack, including those that implement the decryption using modern exponentiation algorithms such as sliding-window, or even its side-channel resistant variant, fixed-window (m-ary) exponentiation.

We successfully extracted keys from laptops of various models running GnuPG (popular open source encryption software, implementing the OpenPGP standard), within a few seconds. The attack sends a few carefully-crafted ciphertexts, and when these are decrypted by the target computer, they trigger the occurrence of specially-structured values inside the decryption software. These special values cause observable fluctuations in the electromagnetic field surrounding the laptop, in a way that depends on the pattern of key bits (specifically, the key-bits window in the exponentiation routine). The secret key can be deduced from these fluctuations, through signal processing and cryptanalysis."


Cryptology ePrint Archive: Report 2015/170

"Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation

Daniel Genkin and Lev Pachmanov and Itamar Pipman and Eran Tromer
Abstract: We present new side-channel attacks on RSA and ElGamal implementations that use the popular sliding-window or fixed-window (m-ary) modular exponentiation algorithms. The attacks can extract decryption keys using a very low measurement bandwidth (a frequency band of less than 100 kHz around a carrier under 2 MHz) even when attacking multi-GHz CPUs.

We demonstrate the attacks' feasibility by extracting keys from GnuPG, in a few seconds, using a nonintrusive measurement of electromagnetic emanations from laptop computers. The measurement equipment is cheap and compact, uses readily-available components (a Software Defined Radio USB dongle or a consumer-grade radio receiver), and can operate untethered while concealed, e.g., inside pita bread.

The attacks use a few non-adaptive chosen ciphertexts, crafted so that whenever the decryption routine encounters particular bit patterns in the secret key, intermediate values occur with a special structure that causes observable fluctuations in the electromagnetic field. Through suitable signal processing and cryptanalysis, the bit patterns and eventually the whole secret key are recovered.

Category / Keywords: side channel, electromagnetic analysis, RSA, ElGamal

Date: received 27 Feb 2015, last revised 3 Mar 2015

Contact author: tromer at cs tau ac il"


Handheld Wi-Fi 2-way radios

Anonymous Coward
in ask on (#57FF)
story imageAn AC just discovered hand held 2-way Wi-Fi radios and wants to know if anyone has any experience with them. Likely the most popular product is the ICOM IP100H. There have been a couple of basic radio enthusiast reviews, which outline the short-range from hand-held to AP, and higher price than conventional radios, but not much else.

Traditional license-free 2-way radios like FRS & MURS (in North America) while cheaper and with multi-mile range, only offer a small number of non-overlapping channels, and scrambling or other privacy features are strictly forbidden by the FCC. As shown in the illustration, the ideal use-case for Wi-Fi radios seems to be dense areas with obstacles, which already have several Wi-Fi APs deployed, such as high-rise building complexes.

Mars One is a massive scam

in space on (#549P)
story image“Mars One” is the hole-in-the-wall company getting mainstream press coverage for promoting unbelievable and non-doable plans to colonize Mars by 2025. Scientists and astronomers are saying that the plan is delusional, laughable, dangerous and a huge scam. Mars One has not developed any kind of space technology that will allow the outer space travel to occur. There were no proven contracts with other companies that provide space equipment. All the people behind Mars One are just a bunch of scammers.

Last February, Mars One producers announced the final 100 finalists to be among the first six humans to live on Mars. They falsified the claims that they received more than 200,000 applicants for the contest. Roche claims that only 2,761 individuals were interested. All finalists were supposedly to undergo a few weeks of interviews and testing, but it turns out that finalists were only interviewed for 10 minutes via Skype call. They were even asked to donate to Mars One any money they earn from guest appearances. An unbelievable statement because the project was said to have cost the company ‘billions of dollars’. Why would they need those small donations?

NASA to launch inflatable module for ISS

in space on (#4Z0X)
story imageNASA and Bigelow Aerospace are preparing to launch an expandable habitat module dubbed "BEAM" to the International Space Station later this year. The 13 foot by 10 foot inflatable capsule will provide astronauts aboard the space station an extra 565 cubic feet of volume (roughly equivalent to a family-sized camping tent) that the astronauts will use for a lounge and also as a testing facility in orbit.

By choosing fabrics over metal, the BEAM module is significantly cheaper to send into orbit than a typical capsule. Expandable habitats could be a new way to dramatically increase the amount of volume available to astronauts while also enhancing protection against radiation and physical debris. In order to stay inflated, the BEAM has several layers of high-tech fabrics, which will keep the trapped air in, and keep micrometeorites and other types of space debris from puncturing its walls. These walls have already undergone intensive testing to prove their durability. Bigelow has already released two of these ‘bubble capsules’ into orbit. The first was in 2006, and the second in 2007. Both are still intact in orbit, and the outer skin has endured for longer than experts expected.