Skynet Will Have Bobcats

There are so many autonomous devices nowadays that can run Skynet Inside(TM) that it’s hard to keep track. But one was still missing: the versatile Bobcat. When we say “Bobcat”, we mean track loader — it’s just one of those things that the name and the brand stoke together so strongly that it’s hard to actually recall the technical name. A company by the name of Built Robotics is betting on autonomous track loaders as being a big part of the future of construction.

The tractor can navigate, excavate, and carry a 1,000 pound load with 1 cm precision using its LIDAR, specially designed to work with high-vibration, high-impact environment of construction excavation. Additionally, the lasers also allow the robot to measure the amount of material it has scooped up. But the precision does not come from the LIDAR alone. To position the robot, Built Robotics uses augmented GPS, which combines an on-site base station and GPS satellites to produce accurate location data.

It is supposed to be completely autonomous: given a location and holes to dig, it can plan and execute the work. It resembles a self-driving car, but the challenges are actually quite different. Cars are mean to drive around and reach a destination without touching anything. Like the CEO of Built Robotics says:

“If a car is changing the environment around it, then something’s gone really wrong.”

Continue reading “Skynet Will Have Bobcats”

About That Giant Robot Battle Last Night

Two years ago we wrote about a giant robot battle between the USA and Japan. After two years in the making, MegaBots (team USA) and Suidobashi (team Japan) were finally ready for the first giant robot fight. If you are into battle bots, you probably did not miss the fight that happened around 7:00 pm PST. If you missed it, you can watch the whole thing here.

There were two duels. First it was Iron Glory (MkII) vs. Kuratas, and after that it was Eagle Prime (MkIII) vs. Kuratas.

Be warned, spoilers ahead.

Continue reading “About That Giant Robot Battle Last Night”

Practical Public Key Cryptography

Encryption is one of the pillars of modern-day communications. You have devices that use encryption all the time, even if you are not aware of it. There are so many applications and systems using it that it’s hard to begin enumerating them. Ranging from satellite television to your mobile phone, from smart power meters to your car keys, from your wireless router to your browser, and from your Visa to your Bitcoins — the list is endless.

One of the great breakthroughs in the history of encryption was the invention of public key cryptography or asymmetrical cryptography in the 70’s. For centuries traditional cryptography methods were used, where some secret key or scheme had to be agreed and shared between the sender and the receiver of an encrypted message.

Asymmetric cryptography changed that. Today you can send an encrypted message to anyone. This is accomplished by the use of a pair of keys: one public key and one private key. The key properties are such that when something is encrypted with the public key, only the private key can decrypt it and vice-versa. In practice, this is usually implemented based on mathematical problems that admit no efficient solution like certain integer factorization, discrete logarithm and elliptic curve relationships.

But the game changer is that the public key doesn’t have to be kept secret. This allows cryptography to be used for authentication — proving who someone is — as well as for encryption, without requiring you to have previously exchanged secrets. In this article, I’ll get into the details of how to set yourself up so that anyone in the world is able to send you an e-mail that only you can read.
Continue reading “Practical Public Key Cryptography”

Microsoft Bug Tracking Hacked

It seems that the database containing descriptions of critical and unfixed bugs and/or vulnerabilities in some of the most widely used software in the world, including the Windows operating system, was hacked back in 2013. This database is basically gold for any security researcher, regardless of the color of their hat. To know which programs fail and the preconditions for that to happen is half an exploit right there.

Microsoft discovered the database breach in early 2013 after the highly skilled hacking group Morpho a.k.a. Butterfly a.k.a. Wild Neutron broke into computers at a number of major tech companies, including Apple, Facebook, and Twitter. The group exploited a flaw in the Java programming language to penetrate employees’ Apple Macintosh computers and then use them as pivots into the company internal network.

Official sources say that the Microsoft bug database was poorly protected, with access possible via little more than a password. Four years later, we have official confirmation that it happened. To measure the breach impact, Microsoft started a study to correlate the potential flaws in their databases and subsequent attacks. The study found that the flaws in the stolen database were actually used in cyber attacks, but Microsoft argued the hackers could have obtained the information elsewhere, and that there’s “no evidence that the stolen information had been used in those breaches.”

There is really no way to know besides asking the actual hacking group, which will most likely not happen… unless they are HaD readers, in this case they can feel free to comment.

[via Reuters]

Bad RSA Library Leaves Millions Of Keys Vulnerable

So, erm… good news everyone! A vulnerability has been found in a software library responsible for generating RSA key pairs used in hardware chips manufactured by Infineon Technologies AG. The vulnerability, dubbed ROCA, allows for an attacker, via a Coppersmith’s attack, to compute the private key starting with nothing more than the public key, which pretty much defeats the purpose of asymmetric encryption altogether.

Affected hardware includes cryptographic smart cards, security tokens, and other secure hardware chips produced by Infineon Technologies AG. The library with the vulnerability is also integrated in authentication, signature, and encryption tokens of other vendors and chips used for Trusted Boot of operating systems. Major vendors including Microsoft, Google, HP, Lenovo, and Fujitsu already released software updates and guidelines for mitigation.

The researchers found and analysed vulnerable keys in various domains including electronic citizen documents (750,000 Estonian identity cards), authentication tokens, trusted boot devices, software package signing, TLS/HTTPS keys and PGP. The currently confirmed number of vulnerable keys found is about 760,000 but could be up to two to three orders of magnitude higher.

Devices dating back to at least 2012 are affected, despite being NIST FIPS 140-2 and CC EAL 5+ certified.. The vulnerable chips were not necessarily sold directly by Infineon Technologies AG, as the chips can be embedded inside devices of other manufacturers.

Continue reading “Bad RSA Library Leaves Millions Of Keys Vulnerable”

Homemade 6 GHz Radar, V3

The third version of [Henrik Forstén] 6 GHz frequency-modulated continuous wave (FMCW) radar is online and looks pretty awesome. A FMCW radar is a type of radar that works by transmitting a chirp which frequency changes linearly with time. Simple continuous wave (CW) radar devices without frequency modulation cannot determine target range because they lack the timing mark necessary for accurately time the transmit and receive cycle in order to convert this information to range. Having a transmission signal modulated in frequency allows for the radar to have both a very high accuracy of range and also to measure simultaneously the target range and its relative velocity.

Like the previous versions, [Henrik] designed a four-layer pcb board and used his own reflow oven to solder all the ~350 components. This process, by itself, is a huge accomplishment. The board, much bigger than the previous versions, now include digital signal processing via FPGA.

[Henrik’s] radar odyssey actually started back in 2014, where his first version of the radar was detailed and shared in his blog. A year later he managed to solve some of the issues he had, design a new board with significant improvements and published it again. As the very impressive version three is out, we wonder what version four will look like.

In the video of [Henrik] riding a bicycle in a circle in front of the radar, we can see the static light posts and trees while he, seen as a small blob, roams around:

Continue reading “Homemade 6 GHz Radar, V3”

Screwdriving

Screwdriving! It’s like wardriving but instead of discovering WiFi networks, the aim is to discover Bluetooth Low Energy (BLE)  devices of a special kind: adult toys. Yes, everything’s going to be connected, even vibrators. Welcome to the 21st century.

Security researcher [Alex Lomas] recently found that a lot of BLE-enabled adult toys are completely vulnerable to malicious attacks. In fact, they are basically wide open to anyone by design.

“Adult toys lend themselves to being great testbeds for IoT research: they’re BLE, they’re relatively cheap, they’re accessible and have companion apps for the full spectrum of testing.”

Yes… great test beds… Erm, anyway, [Alex Lomas] found that there is no PIN nor password protection, or the PIN is static and generic (0000 / 1234) on every Bluetooth adult toy analysed. Manufacturers don’t want to go through the hassle, presumably because sex toys lack displays that would enable a classic Bluetooth pairing, with random PIN and so on. While this might be a valid point, almost all electronic appliances have an “ON/OFF” button for input and some LED (or even vibration in these cases) that allow some form of output. It could be done, and it’s not like vibrators are the only minimalistic appliances out there in the IoT world.

Although BLE security is crippled by design (PDF), it is possible to add security on top of flawed protocols. The average web-browser does it all the time. The communications don’t have to be clear-text where you can literally see “Vibrate:10” flying around in packets. Encryption could be implemented on top of the BLE link between the app and the device, for instance. Understandably, security in some devices is not absolutely critical. That being said, the security bar doesn’t have to be lowered to zero — it’s not safe for work or play.

[via Arstechnica]