The fine researchers at Google have released the juicy details on EntrySign, the AMD Zen microcode issue we first covered about a month ago. And to give away the punchline: cryptography is hard. It’s hard in lots of ways, but the AMD problem here is all about keeping track of the guarantees provided by cryptographic primitives.
Continue reading “This Week In Security: Zen Jailbreak, Telegram Exploit, And VMware Hyperjack”
Saying farewell is hard, and in the case of the Voyager 1 & 2 spacecraft doubly so, seeing as how they have been with us for more than 47 years. From the highs of the 1970s and 1980s during their primary mission in our Solar System, to their journey into the unknown of Deep Space, every bit of information which their instruments record and send back is something unique that we could not obtain any other way. Yet with the shutting down of two more instruments, both spacecraft are now getting awfully close to the end of their extended missions.
Last February 25 the cosmic ray system (CRS) on Voyager 1 was disabled, with the Low Energy Charged Particle Instrument (LECP) on Voyager 2 to follow on March 24. With each spacecraft losing about 4 watts of available power per year from their RTGs, the next few instruments to be turned off are already known. Voyager 1’s LECP will be turned off next year, with that same year Voyager 2’s CRS also getting disabled.
This would leave both spacecraft with only their magnetometer (MAG) and plasma wave subsystem (PWS). These provide data on the local magnetic field and electron density, respectively, with at least one of these instruments on each spacecraft likely to remain active until the end of this decade, possibly into the next. With some luck both spacecraft will see their 50th birthday before humanity’s only presence in Deep Space falls silent.
Thanks to [Mark Stevens] for the tip.
As consumers worldwide slowly make the switch from internal combustion vehicles to lower-carbon equivalents, a few concerns have appeared about electric vehicles. Range anxiety is ebbing away as batteries become bigger and chargers become more frequent, but a few well-publicized incidents have raised worries over fire safety.
Lithium-ion batteries can ignite in the wrong circumstances, and when they do so they are extremely difficult to extinguish. Renault has a solution, and in a rare moment for the car industry, they are sharing it freely for all manufacturers to use.
The innovation in question is their Fireman Access Port, a standardized means for a fire crew to connect up their hoses directly to the battery pack and attack the fire at its source. An opening is covered by an adhesive disk designed to protect the cells, but breaks under a jet of high-pressure water. Thermal runaway can then be halted much more easily.
The licensing terms not only allow use of the access port itself, but also require any enhancements be shared with the rest of the community of automakers using the system. This was the part which caught our interest, because even if it doesn’t come from the same place as the licences we’re used to, it sounds a lot like open source to us.
Oddly, this is not the first time Renault have open-sourced their technology, in the past they’ve shared an entire car.
We used to say that fixing something was easier than bringing up a design for the first time. After all, the thing you are fixing, presumably, worked at one time or another. These days, that’s not always true as fixing modern gear can be quite a challenge. Watching [Ken’s] repair of an old 1955 Silvertone radio reminded us of a simpler time. You can watch the action on the video below.
If you’ve never had the pleasure of working on an AM radio, you should definitely try it. Some people would use an amplifier to find where the signal dies out. Others will inject a signal into the radio to find where it stops. A good strategy is to start at the volume control and decide if it is before or after that. Then split the apparently bad section roughly in half and test that portion—sort of a hardware binary search. Of course, your first step should probably be to verify power, but after that, the hunt is on.
If you think about military crypto machines, you probably think about the infamous Enigma machine. However, as [Christos T.] reminds us, there were many others and, in particular, the production of a “combined cipher” machine for the US and the UK to use for a variety of purposes.
The story opens in 1941 when ships from the United States and the United Kingdom were crossing the Atlantic together in convoys. The US wanted to use the M-138A and M-209 machines, but the British were unimpressed. They were interested in the M-134C, but it was too secret to share, so they reached a compromise.
Starting with a British Typex, a US Navy officer developed an attachment with additional rotors and converted the Typex into a CCM or Combined Cipher Machine. Two earlier verisons of the attachment worked with the M-134C. However the CSP 1800 (or CCM Mark III) was essentially the same unit made to attach to the Typex. Development cost about $6 million — a huge sum for the middle of last century.
The tale of the Microsoft Xbox Kinect is one of those sad situations where a great product was used in an application that turned out to be a bit of a flop and was discontinued because of it, despite its usefulness in other areas. This article from the Guardian is a quick read on how this handy depth camera has found other uses in somewhat niche areas, with not a computer game in sight.
It’s rather obvious that a camera that can generate a 3D depth map, in parallel with a 2D reference image, could have many applications beyond gaming, especially in the hands of us hackers. Potential uses include autonomous roving robots, 3D scanning, and complex user interfaces—there are endless possibilities. Artists producing interactive art exhibits would sit firmly in that last category, with the Kinect used in countless installations worldwide.
Apparently, the Kinect also has quite the following in ghost-hunting circles, which as many a dubious TV show would demonstrate, seem almost entirely filmed under IR light conditions. The Kinect’s IR-based structured light system is well-suited for these environments. Since its processing core runs a machine learning application specifically trained to track human figures, it’s no surprise that the device can pick up those invisible, pesky spirits hiding in the noise. Anyway, all of these applications depend on the used-market supply of Kinect devices, over a decade old, that can be found online and in car boot sales, which means one day, the Kinect really will die off, only to be replaced with specialist devices that cost orders of magnitude more to acquire.
In the unlikely event you’ve not encountered non-gaming applications for the Kinect, here’s an old project to scan an entire room to get you started. Just to be perverse, here’s a gaming application that Microsoft didn’t think of, and to round out, the bad news that Microsoft has really has abandoned the product.
We’ve seen several methods of repairing plastic gears. After all, a gear is usually the same all the way around, so it is very tempting to duplicate a good part to replace a damaged part. That’s exactly what [repairman 101] does in the video below. He uses hot glue to form a temporary mold and casts a resin replacement in place with a part of a common staple as a metal reinforcement.
The process starts with using a hobby tool to remove even more of the damaged gear, making a V-shaped slot to accept the repair. The next step is to create a mold. To do that, he takes a piece of plastic and uses hot glue to secure it near a good part of the gear. Then, he fills the area with more hot glue and carefully removes it.
