Story

Boeing granted patent for force field

by
in hardware on (#5K30)
story imageThis month, Boeing was granted a patent for generating force fields that keep shockwaves from harming military vehicles. The Boeing Company's patent, "Method and system for shockwave attenuation via electromagnetic arc," was filed in May 2012.

"The idea is to harness electrical energy to stop or slow down the shockwaves created by explosions, which can do just as much damage as shrapnel." Boeing's plan would be to "marry a rapid explosion sensor with an arc generator to protect targets like military vehicles." Laser sources send out high-intensity laser pulses in the direction of the explosion. The laser pulses ionize the air to form a laser-induced plasma channel." The channel differs from the ambient air in density, temperature and composition. The result would be a buffer zone- different temperature, air density and other characteristics would reflect, refract, absorb and deflect at least a portion of the shockwave.

Large Text Support

by
in pipedot on (#5H27)
The latest set of site updates have reworked font sizes to make it easier to configure larger text rendering.

All font sizes on the site are now specified in relative units (em) and are now now scalable using the "text size" feature of your browser. Due to rounding errors, this change slightly increased many of previous the font sizes.

A user configurable "Large Text" checkbox was also added to your profile settings page, for those that want even larger text.

These text scaling options will not scale other elements of the page, such as images. Use the "Zoom" function of your browser to scale all elements on the page equally.

Chrome, Firefox, Internet Explorer, Safari, Flash Player: all hacked

by
in security on (#5G4H)
So much for browser security. Researchers who participated in the Pwn2Own hacking contest this week demonstrated remote code execution exploits against the top four browsers, and also hacked the widely used Adobe Reader and Flash Player plug-ins. The Pwn2Own contest takes place every year at the CanSecWest security conference in Vancouver, Canada, and is sponsored by Hewlett-Packard's Zero Day Initiative program. The contest pits researchers against the latest 64-bit versions of the top four browsers in order to demonstrate Web-based attacks that can execute rogue code on underlying systems.

The final count for vulnerabilities exploited this year stands as follows: five flaws in the Windows OS, four in Internet Explorer 11, three each in Mozilla Firefox, Adobe Reader, and Flash Player, two in Apple Safari and one in Google Chrome. All bugs were reported to the affected vendors after the contest, as part of the competition's rules.

Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation

by
Anonymous Coward
in security on (#5BPA)
http://www.cs.tau.ac.il/~tromer/radioexp/

"Overview

We demonstrate the extraction of secret decryption keys from laptop computers, by nonintrusively measuring electromagnetic emanations for a few seconds from a distance of 50 cm. The attack can be executed using cheap and readily-available equipment: a consumer-grade radio receiver or a Software Defined Radio USB dongle. The setup is compact and can operate untethered; it can be easily concealed, e.g., inside pita bread. Common laptops, and popular implementations of RSA and ElGamal encryptions, are vulnerable to this attack, including those that implement the decryption using modern exponentiation algorithms such as sliding-window, or even its side-channel resistant variant, fixed-window (m-ary) exponentiation.

We successfully extracted keys from laptops of various models running GnuPG (popular open source encryption software, implementing the OpenPGP standard), within a few seconds. The attack sends a few carefully-crafted ciphertexts, and when these are decrypted by the target computer, they trigger the occurrence of specially-structured values inside the decryption software. These special values cause observable fluctuations in the electromagnetic field surrounding the laptop, in a way that depends on the pattern of key bits (specifically, the key-bits window in the exponentiation routine). The secret key can be deduced from these fluctuations, through signal processing and cryptanalysis."

#########################################

Cryptology ePrint Archive: Report 2015/170

http://eprint.iacr.org/2015/170

"Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation

Daniel Genkin and Lev Pachmanov and Itamar Pipman and Eran Tromer
Abstract: We present new side-channel attacks on RSA and ElGamal implementations that use the popular sliding-window or fixed-window (m-ary) modular exponentiation algorithms. The attacks can extract decryption keys using a very low measurement bandwidth (a frequency band of less than 100 kHz around a carrier under 2 MHz) even when attacking multi-GHz CPUs.

We demonstrate the attacks' feasibility by extracting keys from GnuPG, in a few seconds, using a nonintrusive measurement of electromagnetic emanations from laptop computers. The measurement equipment is cheap and compact, uses readily-available components (a Software Defined Radio USB dongle or a consumer-grade radio receiver), and can operate untethered while concealed, e.g., inside pita bread.

The attacks use a few non-adaptive chosen ciphertexts, crafted so that whenever the decryption routine encounters particular bit patterns in the secret key, intermediate values occur with a special structure that causes observable fluctuations in the electromagnetic field. Through suitable signal processing and cryptanalysis, the bit patterns and eventually the whole secret key are recovered.

Category / Keywords: side channel, electromagnetic analysis, RSA, ElGamal

Date: received 27 Feb 2015, last revised 3 Mar 2015

Contact author: tromer at cs tau ac il"

#########################################
EOF

Handheld Wi-Fi 2-way radios

by
Anonymous Coward
in ask on (#57FF)
story imageAn AC just discovered hand held 2-way Wi-Fi radios and wants to know if anyone has any experience with them. Likely the most popular product is the ICOM IP100H. There have been a couple of basic radio enthusiast reviews, which outline the short-range from hand-held to AP, and higher price than conventional radios, but not much else.

Traditional license-free 2-way radios like FRS & MURS (in North America) while cheaper and with multi-mile range, only offer a small number of non-overlapping channels, and scrambling or other privacy features are strictly forbidden by the FCC. As shown in the illustration, the ideal use-case for Wi-Fi radios seems to be dense areas with obstacles, which already have several Wi-Fi APs deployed, such as high-rise building complexes.

Mars One is a massive scam

by
in space on (#549P)
story image"Mars One" is the hole-in-the-wall company getting mainstream press coverage for promoting unbelievable and non-doable plans to colonize Mars by 2025. Scientists and astronomers are saying that the plan is delusional, laughable, dangerous and a huge scam. Mars One has not developed any kind of space technology that will allow the outer space travel to occur. There were no proven contracts with other companies that provide space equipment. All the people behind Mars One are just a bunch of scammers.

Last February, Mars One producers announced the final 100 finalists to be among the first six humans to live on Mars. They falsified the claims that they received more than 200,000 applicants for the contest. Roche claims that only 2,761 individuals were interested. All finalists were supposedly to undergo a few weeks of interviews and testing, but it turns out that finalists were only interviewed for 10 minutes via Skype call. They were even asked to donate to Mars One any money they earn from guest appearances. An unbelievable statement because the project was said to have cost the company 'billions of dollars'. Why would they need those small donations?

NASA to launch inflatable module for ISS

by
in space on (#4Z0X)
story imageNASA and Bigelow Aerospace are preparing to launch an expandable habitat module dubbed "BEAM" to the International Space Station later this year. The 13 foot by 10 foot inflatable capsule will provide astronauts aboard the space station an extra 565 cubic feet of volume (roughly equivalent to a family-sized camping tent) that the astronauts will use for a lounge and also as a testing facility in orbit.

By choosing fabrics over metal, the BEAM module is significantly cheaper to send into orbit than a typical capsule. Expandable habitats could be a new way to dramatically increase the amount of volume available to astronauts while also enhancing protection against radiation and physical debris. In order to stay inflated, the BEAM has several layers of high-tech fabrics, which will keep the trapped air in, and keep micrometeorites and other types of space debris from puncturing its walls. These walls have already undergone intensive testing to prove their durability. Bigelow has already released two of these 'bubble capsules' into orbit. The first was in 2006, and the second in 2007. Both are still intact in orbit, and the outer skin has endured for longer than experts expected.

Google Code Shutting Down

by
in google on (#4TQX)
Google's project hosting service, Google Code, is the latest Google product to get the axe. Launched in 2006, the site hosted many FLOSS-type software projects and provided free downloads, source code management, an issue tracker, and wiki pages. Although new project creation is already disabled, the site will stay functional until August 2015 in order to give projects time to migrate to alternatives, such as GitHub and GitLab.

With so many high-profile Google services inexplicably closing, one has to wonder if relying on the continued availability of any Google services is a good idea. Of course, closures are not always exclusive to Google. Gitorious and Freecode are recent examples of other project development sites that have recently shut their doors.

Google Updates the Chromebook Pixel

by
in google on (#4R5M)
story imageGoogle's premium Chromebook Pixel, launched over 2 years ago, has finally been updated with new hardware internals. Although the new model looks nearly identical to the old model, with both models sharing the same physical size and weight, the insides have received a much needed refresh with a much faster processor and more memory. The port configuration is also updated to include 2 of the new USB Type-C connectors instead of the Mini Display Port and the power connector. An "LS" model (for "Ludicrous Speed") will also be available with even more RAM, SSD, and CPU performance.

For those wanting to run more than just a browser on your shiny new i7 with 16 GiB memory, remember you can still install a traditional Linux distro by activating the Developer Mode toggle. Or you can keep Chrome OS as the base and run Linux from a chroot with Crouton.

Apple's New MacBook

by
in apple on (#4KWB)
story imageToday, as reported by many outlets, Apple announced a new 12" MacBook. The main takeaways are:I am definitely a fan (pun intended) of quiet laptops with no moving parts that can still handle a full desktop OS. This is also one of the first retail devices with the new reversible USB connector that really can't get here fast enough.
...27282930313233343536...