Day: March 8, 2024

Team members Madeleine Laitz, left, and lead author Dane deQuilettes stand in front of a tidy lab bench equipped with oscilloscopes and computers. Laitz has a snazzy yellow jacket that pops compared to the neutrals and blues of the rest of the picture.

More Progress On Perovskite Solar Cells

March 8, 2024 by 20 Comments

Perovskites hold enormous promise for generating solar energy, with the potential to provide lighter and cheaper cells than those made from silicon. Unfortunately, the material breaks down too rapidly to be practical for most applications. But thanks to some recent research, we now have a better understanding of the nanoscale changes that happen during this breakdown, and how to combat it.

The research is focused on the topic of passivation, which seeks to increase the useful lifespan of perovskites by studying the surface interface where they meet other materials. Most of the perovskite material is a perfect latticework of atoms, but this structure is broken at the surface. This atomically “jagged” interface introduces losses which only get worse over time. Currently, the best way to address this issue is to essentially seal the surface with a very thin layer of hexylammonium bromide.

While this technique significantly simplified the passivation process when it was discovered, the effect had yet to be adequately characterized to further advance the field. According to lead author, [Dane deQuilettes], “This is the first paper that demonstrates how to systematically control and engineer surface fields in perovskites.”

Prefer to roll your own cells? How about a DIY dye sensitized cell or this thermionic converter model?

This Week In Security: Blame The Feds, Emergency Patches, And The DMA

March 8, 2024 by No comments

The temptation to “take the money and run” was apparently too much for the leadership of the AlphV ransomware crime ring. You may have heard of this group as being behind the breach of Change Healthcare, and causing payment problems for nearly the entire US Healthcare system. And that hack seems to be key to what’s happened this week.

It’s known that a $22 million payment made it through the bitcoin maze to the AlphV wallet on the 1st. It’s believed that this is a payment from Change Healthcare to recover ransomed files. An important detail here is that AlphV is a ransomware-as-a-service provider, and the actual hacking is done by “affiliates”, who use that service, and AlphV handles the infrastructure, maintaining the actual malware, and serving as a payment processor. That last one is key here.

A couple days after that big payment landed in the AlphV account, a seizure notice went up on the AlphV TOR site, claiming that it had been taken down by the FBI and associated agencies. There was something a bit odd about it, though. See, the FBI did seize the AlphV Tor site back in December. The seizure notice this time was an exact copy, as if someone had just done a “save page as”, and posted the copy.

There is precedent for a ransomware group to close up shop and disappear after hitting a big score. The disruption AlphV enabled in the US health care system painted a big target on them, and it didn’t take a tactical genius to realize it might be good to lay low for a while. Pocketing the entire $22 million ransom probably didn’t hurt either. The particularly nasty part is that the affiliate that actually pulled off the attack still claims to have four terabytes of sensitive data, and no incentive to not release it online. It’s not even entirely clear that Change Healthcare actually received a decryption key for their data. You do not want to deal with these people.

Continue reading “This Week In Security: Blame The Feds, Emergency Patches, And The DMA”

Extracting SecOC Keys From A 2021 Toyota RAV4 Prime

March 8, 2024 by 7 Comments

With the recently introduced SecOC (Secure Onboard Communication) standard, car manufacturers seek to make the CAN bus networks that form the backbone of modern day cars more secure. This standard adds a MAC (message authentication code) to the CAN messages, which can be used to validate that these messages come from a genuine part of the car, and not from a car thief or some third-party peripheral.

To check that it isn’t possible to circumvent SecOC, [Willem Melching] and [Greg Hogan] got their hands on the power steering (EPS) unit of a Toyota RAV4 Prime, as one of the first cars to implement this new security standard.

The 2021 Toyota RAV4 Prime's power steering unit on the examination bench. (Credit: Willem Melching)
The 2021 Toyota RAV4 Prime’s power steering unit on the examination bench. (Credit: Willem Melching)

As noted by [Willem], the ultimate goal is to be able to run the open source driver assistance system openpilot on these SecOC-enabled cars, which would require either breaking SecOC, or following the official method of ‘rekeying’ the SecOC gateway.

After dumping the firmware of the EPS Renesas RH850/P1M-E MCU via a voltage fault injection, the AES-based encryption routines were identified, but no easy exploits found in the main application. This left the bootloader as the next target.

Ultimately they managed to reverse-engineer the bootloader to determine how the update procedure works, which enabled them to upload shellcode. This script then enabled them to extract the SecOC keys from RAM and send these over the CAN bus. With these keys the path is thus opened to allow any device to generate CAN messages with valid SecOC MACs, effectively breaking encryption. Naturally, there are many caveats with this discovery.

Continue reading “Extracting SecOC Keys From A 2021 Toyota RAV4 Prime”

Beverage Coaster Indicates Ideal Drinking Temperature

March 8, 2024 by 9 Comments

When temperatures plummet, there’s nothing like a hot beverage to keep you warmed up inside. [Palingenesis] aka [Tim] sure does fancy a nice cuppa, but only within a certain temperature range is it ideal to drink. In an attempt to signal when the time is just right, he created various iterations of a hot beverage coaster.

To be clear, this is a plywood sandwich that does not keep the beverage warm, though that would be an interesting addition to the project. Rather, it indicates when the beverage’s temperature is just right using LEDs. When it’s too hot, the red LEDs are lit. The green LEDs flash while it’s just right, and once [Tim]’s tea has gone cold, the blue LEDs take center stage.

The brains of the operation is an STM8S103F module, aka the Blue Pill, which is paired with a DS18B20 temperature sensor. [Tim]’s original coaster has one in a TO-92 package embedded in the top layer, but ultimately he went with the probe version as it reads a truer temperature by virtue of being directly in the liquid. Be sure to check out the video after the break which covers planning the original version.

If you do want to keep you drink warm, here’s an ESP8266-based solution. If you’re more into looks, check out this blinkencoaster.

Continue reading “Beverage Coaster Indicates Ideal Drinking Temperature”