Day: June 21, 2024

This Week In Security: Chat Control, Vulnerability Extortion, And Emoji Malware

June 21, 2024 by 13 Comments

Way back in 2020, I actually read the proposed US legislation known as EARN IT, and with some controversy, concluded that much of the criticism of that bill was inaccurate. Well what’s old is new again, except this time it’s the European Union that’s wrestling with how to police online Child Sexual Abuse Material (CSAM). And from what I can tell of reading the actual legislation (pdf), this time it really is that bad.

The legislation lays out two primary goals, both of them problematic. The first is detection, or what some are calling “upload moderation”. The technical details are completely omitted here, simply stating that services “… take reasonable measures to mitigate the risk of their services being misused for such abuse …” The implication here is that providers would do some sort of automated scanning to detect illicit text or visuals, but exactly what constitutes “reasonable measures” is left unspecified.

The second goal is the detection order. It’s worth pointing out that interpersonal communication services are explicitly mentioned as required to implement these goals. From the bill:

Providers of hosting services and providers of interpersonal communications services that have received a detection order shall execute it by installing and operating technologies approved by the Commission to detect the dissemination of known or new child sexual abuse material or the solicitation of children…

This bill is careful not to prohibit end-to-end encryption, nor require that such encryption be backdoored. Instead, it requires that the apps themselves be backdoored, to spy on users before encryption happens. No wonder Meredith Whittaker has promised to pull the Signal app out of the EU if it becomes law. As this scanning is done prior to encryption, it’s technically not breaking end-to-end encryption.

You may wonder why that’s such a big deal. Why is it a non-negotiable for the Signal app to not look for CSAM in messages prior to encryption? For starters, it’s a violation of user trust and an intentional weakening of the security of the Signal system. But maybe most importantly, it puts a mechanism in place that will undoubtedly prove too tempting for future governments. If Signal can be forced into looking for CSAM in the EU, why not anti-government speech in China?

Continue reading “This Week In Security: Chat Control, Vulnerability Extortion, And Emoji Malware”

Nine men of various ages and ethnicities stand in a very clean laboratory space. A number of large white cabinets with displays are on the left behind some white boards and there are wireless charging coils on a dark tablecloth in the foreground. In the back of the lab is a white Porsche Taycan.

Polyphase Wireless EV Fast Charging Moves Forward

June 21, 2024 by 80 Comments

While EV charging isn’t that tedious with a cable, for quick trips, being able to just park and have your car automatically charge would be more convenient. Researchers from Oak Ridge National Lab (ORNL) and VW have moved high-speed wireless EV charging one step closer to reality.

We’ve seen fast wireless EV chargers before, but what sets this system apart is the coil size (~0.2 m2 vs 2.0 m2) and the fact it was demonstrated on a functioning EV where previous attempts have been on the bench. According to the researchers, this was the first wireless transfer to a light duty vehicle at 270 kW. Industry standards currently only cover systems up to 20 kW.

The system uses a pair of polyphase electromagnetic coupling coils about 50 cm (19″) wide to transfer the power over a gap of approximately 13 cm (5″). Efficiency is stated at 95%, and that 270 kW would get most EVs capable of those charge rates a 50% bump in charge over ten minutes (assuming you’re in the lower part of your battery capacity where full speeds are available).

We’ve seen some in-road prototypes of wireless charging as well as some other interesting en route chargers like pantographs and slot car roads. We’ve got you covered if you’re wondering what the deal is with all those different plugs that EVs have too.

Continue reading “Polyphase Wireless EV Fast Charging Moves Forward”

Is That A Large Smartwatch? Or A Tiny Cray?

June 21, 2024 by 6 Comments

While we aren’t typically put off by a large wristwatch, we were taken a bit aback by [Chris Fenton]’s latest timepiece — if you can call it that. It’s actually a 1/25th-scale Cray C90 worn as a wristwatch. The whole thing started with [Chris] trying to build a Cray in Verilog. He started with a Cray-1 but then moved to a Cray X-MP, which is essentially a Cray-1 with two extra address bits. Then he expanded it to 32 bits, which makes it a Cray Y-MP/C90/J90 core. As he puts it, “If you wanted something practical, go read someone else’s blog.”

The watch emulates a Cray C916 and uses a round OLED display on the top. While the move from 22 to 32 address bits sounds outdated, keep in mind the Cray addresses 64-bit words exclusively, so we’re talking access to 32 gigabytes of memory. The hardware consists of an off-the-shelf FPGA board and a Teensy microcontroller to handle mundane tasks like driving the OLED display and booting the main CPU. Interestingly, the actual Cray 1A used Data General computers for a similar task.

Of course, any supercomputer needs a super program, so [Chris] uses the screen to display a full simulation of Jupiter and 63 of its moons. The Cray excels at programs like this because of its vector processing abilities. The whole program is 127 words long and sustains 40 MFLOPs. Of course, that means to read the current time, you need to know where Jupiter’s moons are at all times so you can match it with the display. He did warn us this would not be practical.

While the Cray wouldn’t qualify as a supercomputer today, we love learning about what was state-of-the-art not that long ago. Cray was named, of course, after [Seymour Cray] who had earlier designed the Univac 1103, several iconic CDC computers, and the Cray computers, of course.