Snails, Sensors, And Smart Dust: The Michigan Micro Mote

October 4, 2021 by Robin Kearey 17 Comments

If you want to track a snail, you need a tiny instrumentation package. How do you create an entire data acquisition system, including sensors, memory, data processing and a power supply, small enough to fit onto a snail’s shell?

Throughout history, humans have upset many ecosystems around the world by introducing invasive species. Australia’s rabbits are a famous example, but perhaps less well-known are the Giant African land snails (Lissachatina fulica) that were introduced to South Pacific islands in the mid-20th century. Originally intended as a food source (escargot africain, anyone?), they quickly turned out to be horrible pests, devouring local plants and agricultural crops alike.

Not to be deterred, biologists introduced another snail, hoping to kill off the African ones: the Rosy Wolfsnail (Euglandina rosea), native to the Southeastern United States. This predatory snail did not show great interest in the African intruders however, and instead went on to decimate the indigenous snail population, driving dozens of local species into extinction.

A snail with a solar sensor attached to its shell — A Rosy Wolfsnail carrying a light sensing Micro Mote on its back. Source: Cindy S. Bick et al., 2021

One that managed to survive the onslaught is a small white snail called Partula hyalina. Confined to the edges of the tropical forests of Tahiti, biologists hypothesized that it was able to avoid the predators by hiding in sunny places which were too bright for E. rosea. The milky-white shells of P. hyalina supposedly protected them from overheating by reflecting more sunlight than the wolf snails’ orange-brown ones.

This sounds reasonable, but biologists need proof. So a team from the University of Michigan set up an experiment to measure the amount of solar radiation experienced by both snail types. They attached tiny light sensors to the wolf snails’ shells and then released them again. The sensors measured the amount of sunlight seen by the animals and logged this information during a full day. The snails were then caught again and the data retrieved, and the results proved the original hypothesis.

So much for science, but exactly how did they pull this off? Continue reading “Snails, Sensors, And Smart Dust: The Michigan Micro Mote” →

Flaw In AMD Platform Security Processor Affects Millions Of Computers

October 1, 2021 by Lewin Day 30 Comments

Another day, another vulnerability. This time, it’s AMD’s turn, with a broad swathe of its modern CPU lines falling victim to a dangerous driver vulnerability that could leave PCs open to all manner of attacks.

As reported by TechSpot, the flaw is in the driver for AMD Platform Security Processor (PSP), and could leave systems vulnerable by allowing attackers to steal encryption keys, passwords, or other data from memory. Today, we’ll take a look at what the role of the PSP is, and how this vulnerability can be used against affected machines.

Continue reading “Flaw In AMD Platform Security Processor Affects Millions Of Computers” →

This Week In Security: OpenOffice Vulnerable, IOS Vulnerable, Outlook… You Get The Idea

October 1, 2021 by Jonathan Bennett 13 Comments

We start this week with a good write-up by [Eugene Lim] on getting started on vulnerability hunting, and news of a problem in OpenOffice’s handling of DBase files. [Lim] decided to concentrate on a file format, and picked the venerable dbase format, .dbf. This database format was eventually used all over the place, and is still supported in Microsoft Office, Libreoffice, and OpenOffice. He put together a fuzzing approach using Peach Fuzzer, and found a handful of possible vulnerabilities in the file format, by testing a very simple file viewer that supported the format. He managed to achieve code execution in dbfview, but that wasn’t enough.

Armed with a vulnerability in one application, [Lim] turned his attention to OpenOffice. He knew exactly what he was looking for, and found vulnerable code right away. A buffer is allocated based on the specified data type, but data is copied into this buffer with a different length, also specified in the dbase file. Simple buffer overflow. Turning this into an actual RCE exploit took a bit of doing, but is possible. The disclosure didn’t include a full PoC, but will likely be reverse engineered shortly.

Normally we’d wrap by telling you to go get the update, but OpenOffice doesn’t have a stable release with this fix in it. There is a release candidate that does contain the fix, but every stable install of OpenOffice in the world is currently vulnerable to this RCE. The vulnerability report was sent way back on May 4th, over 90 days before full disclosure. And what about LibreOffice, the fork of OpenOffice? Surely it is also vulnerable? Nope. LibreOffice fixed this in routine code maintenance back in 2014. The truth of the matter is that when the two projects forked, the programmers who really understood the codebase went to LibreOffice, and OpenOffice has had a severe programmer shortage ever since. I’ve said it before: Use LibreOffice, OpenOffice is known to be unsafe. Continue reading “This Week In Security: OpenOffice Vulnerable, IOS Vulnerable, Outlook… You Get The Idea” →

Fourier Transforms (and More) Using Light

September 30, 2021 by Al Williams 16 Comments

Linear transforms — like a Fourier transform — are a key math tool in engineering and science. A team from UCLA recently published a paper describing how they used deep learning techniques to design an all-optical solution for arbitrary linear transforms. The technique doesn’t use any conventional processing elements and, instead, relies on diffractive surfaces. They also describe a “data free” design approach that does not rely on deep learning.

There is obvious appeal to using light to compute transforms. The computation occurs at the speed of light and in a highly parallel fashion. The final system will have multiple diffractive surfaces to compute the final result.

Continue reading “Fourier Transforms (and More) Using Light” →

NASA Sets Eyes On Deep Space With Admin Shuffle

September 30, 2021 by Tom Nardi 17 Comments

Since the Apollo 17 crew returned from the Moon in 1972, human spaceflight has been limited to low Earth orbit (LEO). Whether they were aboard Skylab, Mir, the Space Shuttle, a Soyuz capsule, or the International Space Station, no crew has traveled more than 600 kilometers (372 miles) or so from the Earth’s surface in nearly 50 years. Representatives of the world’s space organizations would say they have been using Earth orbit as a testing ground for the technology that will be needed for more distant missions, but those critical of our seemingly stagnated progress into the solar system would say we’ve simply been stuck.

Many have argued that the International Space Station has consumed an inordinate amount of NASA’s time and budget, making it all but impossible for the agency to formulate concrete plans for crewed missions beyond Earth orbit. The Orion and SLS programs are years behind schedule, and the flagship deep space excursions that would have utilized them, such as the much-touted Asteroid Redirect Mission, never materialized. The cracks are even starting to form in the Artemis program, which appears increasingly unlikely to meet its original goal of returning astronauts to the Moon’s surface by 2024.

But with the recent announcement that NASA will be splitting the current Human Exploration and Operations Mission Directorate into two distinct groups, the agency may finally have the administrative capacity it needs to juggle their existing LEO interests and deep space aspirations. With construction of the ISS essentially complete, and the commercial spaceflight market finally coming together, the reorganization will allow NASA to start shifting the focus of their efforts to more distant frontiers such as the Moon and Mars.

Continue reading “NASA Sets Eyes On Deep Space With Admin Shuffle” →

A Coolant Leak The Likely Culprit For Aussie Tesla Battery Bank Fire

September 28, 2021 by Jenny List 36 Comments

Followers of alternative energy technology will remember how earlier in the year a battery container at Tesla’s Megapack Australian battery grid storage plant caught fire. Lithium ion batteries are not the easiest to extinguish once aflame, but fortunately the fire was contained to only two of the many battery containers on the site.

The regulator Energy Safe Victoria have completed their investigation into the incident, and concluded that it was caused by a coolant leak in a container which caused an electrical component failure that led to the fire. It seems that the container was in a service mode at the time so its protection systems weren’t active, and that also its alarm system was not being monitored. They have required that cooling systems should henceforth be pressure tested and inspected for leaks, and that alarm procedures should be changed for the site.

When a new technology such as large-scale battery storage is brought on-line, it is inevitable that their teething troubles will include catastrophic failures such as this one. The key comes in how those involved handle them, and for that we must give Tesla and the site’s operators credit for their co-operation with the regulators. The site’s modular design and the work of the firefighters in cooling the surrounding packs ensured that a far worse outcome was averted. Given these new procedures, it’s hoped that future installations will be safer still.

You can read our original coverage of the fire here, if you’re interested in more information.

[Main image source: CFA]

Commonwealth Fusion’s 20 Tesla Magnet: A Bright SPARC Towards Fusion’s Future

September 27, 2021 by Maya Posch 62 Comments

After decades of nuclear fusion power being always ten years away, suddenly we are looking at a handful of endeavours striving to be the first to Q > 1, the moment when a nuclear fusion reactor will produce more power than is required to drive the fusion process in the first place. At this point the Joint European Torus (JET) reactor holds the world record with a Q of 0.67.

At the same time, a large international group is busily constructing the massive ITER tokamak test reactor in France, although it won’t begin fusion experiments until the mid-2030s. The idea is that ITER will provide the data required to construct the first DEMO reactors that might see viable commercial fusion as early as the 2040s, optimistically.

And then there’s Commonwealth Fusion Systems (CFS), a fusion energy startup. Where CFS differs is that they don’t seek to go big, but instead try to make a tokamak system that’s affordable, compact and robust. With their recent demonstration of a 20 Tesla (T) high-temperature superconducting (HTS) rare-earth barium copper oxide (ReBCO) magnet field coil, they made a big leap towards their demonstration reactor: SPARC.

A Story of Tokamaks

CFS didn’t appear out of nowhere. Their roots lie in the nuclear fusion research performed since the 1960s at MIT, when a scientist called Bruno Coppi was working on the Alcator A (Alto Campo Toro being Italian for High Field Torus) tokamak, which saw first plasma in 1972. After a brief period with a B-revision of Alcator, the Alcator C was constructed with a big power supply upgrade. Continue reading “Commonwealth Fusion’s 20 Tesla Magnet: A Bright SPARC Towards Fusion’s Future” →