This Week In Security: SSH, FTP, And Reptar

November 17, 2023 by Jonathan Bennett 3 Comments

It’s time to strap on our propeller beanies, because we’re going to talk crypto. The short version is that some SSH handshakes can expose enough information for a third party to obtain the host’s private signing key. That key is the one that confirms you are connecting to the SSH server you think you are, and if the key validation fails, you get a big warning:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!

The math that makes this warning work is public-private key cryptography. The problem we’re talking about today only shows up in RSA authentication. Specifically those that use the Chinese Remainder Theorem (CRT) to quickly calculate the modulos needed to generate the cryptographic signature. If something goes wrong during that calculation, you end up with a signature that is mathematically related to the secret key in a different way than intended. The important point is that knowing this extra value *significantly* weakens the security of the secret key.

This attack has been known for quite some time, but the research has been aimed at causing the calculation fault through power vaults or even memory attacks like Rowhammer. There has also been progress on using a lattice attack against captured handshakes, to make the attack practical with less known information. The real novel element of this week’s approach (pdf) is that it has been tested against SSH.

The paper’s authors performed weekly scans of the entire IPv4 public network space, capturing the handshake from any listening SSH server, and also had 5 years of historic data to draw from. And the results are mixed. There is a Cisco SSH server string that is extremely common in the dataset, and only once did one of these machines send a miscalculated handshake. Possibly a random ram bit flip to blame. And on the other hand, the string “SSH-2.0-Zyxel SSH server” had so many bad signatures, it suggests a device that *always* sends a miscalculated signature. Continue reading “This Week In Security: SSH, FTP, And Reptar” →

Underwater Kites Buoying The Prospect Of More Tidal Power Generation

November 15, 2023 by Maya Posch 7 Comments

Swedish start-up Minesto has been for years trying to float the idea of having underwater turbines that generate power for use on-shore. These would be anchored to the seafloor by a long tether and move around in figure-of-eight patterns like a kite, which would increase the flow over the turbine’s blades. After a few years of trials, its 1.2 MW Dragon 12 kite will now be installed off the coast of the Faroe Islands.

Previously, Minesto had installed its much smaller DG500 (0.5 MW) kite turbine at Holyhead Deep, in Wales, where a single unit has been tested at a depth of between 65 and 91 meters. So far, only this unit has seen continuous operation. As noted in the linked Tethys report, this one unit was not connected to the grid, and research on its environmental impact is still ongoing as of September 2022. The main concerns are how it might affect cetaceans (whales, dolphins, etc.), including potential collisions with these as well as diving birds who might end up diving in the midst of a swarm of kites moving about at fairly high speeds.

One of the proposed Minesto Dragon 12 kite array installation sites at the Faroe Islands. (Credit: Minesto)

Although by itself putting a turbine into the much stronger and energetic ocean currents – not to mention near-continuous – makes sense, the marine environment is a tough one to survive. The DG500 prototype has seen a few years of use, but this would be the first large-scale deployment of such a system and thus the first significant long-term durability test. The goal at the Faroe Islands is to install 120 MW of capacity, across four kite groups, joining the smaller Dragon 4 (0.4 MW) unit that was grid-connected in May of last year.

Depending on the results, including the economics, this technology could prove to be either much better and cheaper than off-shore wind turbines, or turn out to be saddled with fundamental flaws that has plagued previous attempts to make use of the strong currents and tides that make the world’s oceans and seas into one of Nature’s most impressive sights.

Balloon To Fly During Solar Eclipse

November 14, 2023 by Bryan Cockfield 9 Comments

The Great American Eclipse was a solar eclipse that passed nearly the entire continental United States back in 2017. While it might sound like a once-in-a-lifetime event to experience a total solar eclipse, the stars have aligned to bring another total solar eclipse to North America although with a slightly different path stretching from the west coast of Mexico and ending off the cost of Newfoundland in Canada. Plenty of people near the path of totality have already made plans to view the event, but [Stephen] and a team of volunteers have done a little bit of extra preparation and plan to launch a high-altitude balloon during the event.

The unmanned balloon will primarily be carrying a solar telescope with the required systems onboard to stream its images live during its flight. The balloon will make its way to the stratosphere, hopefully above any clouds that are common in New Brunswick during the early spring, flying up to 30,000 meters before returning its payload safely to Earth. The telescope will return magnified images of the solar eclipse live to viewers on the ground and has been in development for over two years at this point. The team believes it to be the first time a non-governmental organization has imaged an eclipse by balloon.

For those who have never experienced a total solar eclipse before, it’s definitely something worth traveling for if you’re not already in its path. For this one, Canadians will need to find themselves in the Maritimes or Newfoundland or head south to the eastern half of the United States with the Americans, while anyone in Mexico needs to be in the central part of the mainland. Eclipses happen in places other than North America too, and are generally rare enough that you’ll hear about a total eclipse well in advance. There’s more to eclipses than watching the moon’s shadow pass by, though. NASA expects changes in the ionosphere and is asking ham radio operators for help for the 2024 eclipse.

Molybdenene whiskers. (Credit: Sahu et al., 2023)

Introducing Molybdenene As Graphene’s New Dirac Matter Companion

November 12, 2023 by Maya Posch 9 Comments

Amidst all the (well-deserved) hype around graphene, it’s important to remember that its properties are not unique to carbon. More atoms can be coaxed into stable 2-dimensional configuration, with molybdenene previously theoretically possible. This is now demonstrated by Tumesh Kumar Sahu and colleagues in a recent Nature Nanotechnology article, through the manufacturing of a 2D molybdenum-based material which they showed to be indeed molybdenene. Essentially, this is a 2D lattice of molybdenum atoms, a configuration in which it qualifies as Dirac matter, just like graphene. For those of us unfamiliar with Dirac materials, this gentle introduction by Jérôme Cayssol in Comptes Rendus Physique might be of use.

Manufacturing process of molybdenene. (Credit: Sahu et al., 2023)

In order to create molybdenene, the researchers started with molybdenum disulfide (MoS₂), which using a microwave-assisted field underwent electrochemical transformation into whiskers that when examined turned out to consist out of monolayers of Mo. The sulfur atoms were separated using a graphene sheet. As is typical, molybdenene sheets were exfoliated using Scotch tape, in a process reminiscent of the early days of graphene research.

Much like graphene and other Dirac materials, molybdenene has many potential uses as a catalyst, as cantilever in scanning electron microscope (SEM) tips, and more. If the past decades of research into graphene has demonstrated anything, it is that what once seemed more of a novelty, suddenly turned out to have endless potential in fields nobody had considered previously. One of these being as coatings for hard disk platters, for example, which has become feasible due to increasingly more efficient ways to produce graphene in large quantities.

Human AI Pin marketing picture. (Credting: Humane)

The AI Pin: A Smart Body Camera That Wants To Compete With Smartphones

November 11, 2023 by Maya Posch 21 Comments

Seeking to shake up the smartphone market, Humane introduced its ‘AI Pin’, which at first glance looks like someone put a very stylish body camera on their chest. There’s no display, only the 13 MP camera and some other optics visible above what turns out to be a touch panel, which is its main gesture-based input method, while it’s affixed to one’s clothing using either a magnet on the other side of the fabric, a wireless powerbank or a clip. Inside the unit you find a Qualcomm octa-core processor with 4 GB of RAM and 32 GB of eMMC storage, running a custom Android-based ‘Cosmos’ OS.

The AI Pin home screen, demonstrating why hand palms are poor projection surfaces. (Credit: Humane)

There is also a monochrome (teal) 720p laser projector built-in that provides something of a screen experience, albeit with the expectation that you use your hand (or presumably any other suitable surface) to render it visible. From the PR video it is quite clear that visibility of the projection is highly variable, with much of the text often not remotely legible, or only after some squinting. The hand-based gestures to control the UI (tilting to indicate a direction, touching thumb & index finger together to confirm) are somewhat of a novelty, though this may get tiresome after a day.

An article by [Ron Amadeo] over at Ars Technica also takes a look at the device, where the lack of an app ecosystem is pointed out, as well as the need for a mandatory internet connection (via T-Mobile). Presumably this always-on ‘feature’ is where the ‘AI’ part comes in, as the device has some voice assistant functionality, which seems to rely heavily on remote servers. As a result, this ends up being a quirky device with no third-party app support for a price tag of $700 + the $25/month for online service. Not to mention that people may look a bit odd at you walking around with a body camera-like thing on your chest that you keep rubbing and holding your hand in front of.

To be fair, it’s not often that we see something more quaint in this space come out than Google Glass, now many years ago.

This Week In Security: Find My Keylogger, Zephyr, And Active Exploitation

November 10, 2023 by Jonathan Bennett 7 Comments

Keyloggers. Such a simple concept — you secretly record all the characters typed on a keyboard, and sort through it later for interesting data. That keyboard sniffer could be done in software, but a really sneaky approach is to implement the keylogger in hardware. Hardware keyloggers present a unique problem. How do you get the data back to whoever’s listening? One creative solution is to use Apple’s “Find My” tracking system. And if that link won’t let you read the story, a creative solution for that issue is to load the page with javascript disabled.

This is based on earlier work from [Fabian Bräunlein], dubbed “Send My”. As an aside, this is the worst naming paradigm, and Apple should feel bad for it. At the heart of this cleverness is the fact that Apple used the standard Bluetooth Low Energy (BLE) radio protocol, and any BLE device can act like an Apple AirTag. Bits can be encoded into the reported public key of the fake AirTag, and the receiving side can do a lookup for the possible keys.

A fake AirTag keylogger manages to transfer 26 characters per second over the “Find My” system, enough to keep up with even the fastest of typists, given that no keyboard is in use all the time. Apple has rolled out anti-tracking protections, and the rolling key used to transmit data also happens to completely defeat those protections. Continue reading “This Week In Security: Find My Keylogger, Zephyr, And Active Exploitation” →

Rendering of 6-unit NuScale VOYGR SMR plant.

Utah NuScale Nuclear Plant Project Canceled Due To Lack Of Interest From Utilities

November 10, 2023 by Maya Posch 59 Comments

Intended to be the first 6-unit deployment of NuScale’s 77 MW VOYGR small modular reactors (SMRs), the Carbon Free Power Project (CFPP) in Utah was scheduled to begin construction by 2025 on the grounds of the Idaho National Laboratory (INL), yet it has now been canceled by NuScale (press release) after not finding enough utilities interested in purchasing power from the nuclear plant. This led NuScale and UAMPS (Utah Associated Municipal Power Systems) to back out of the CFPP project.

To be clear, it seems this decision neither reflects on SMRs as a whole, nor NuScale’s prospects. Currently NuScale still has a number of projects which it is involved in, including the use of its SMR technology with the Polish copper and silver producer KGHM Polska Miedź SA. Demand for SMRs is also being flooded with various designs by both established and start-up companies, with TerraPower’s Natrium reactor seeing additional demand, including at the Kemmerer site in Wyoming.

Meanwhile, the European Commission is establishing an SMR Industrial Alliance, and countries like Norway are looking to build their first nuclear plants using SMRs, which includes Danish Seaborg’s molten salt reactor. In the end it should be clear that whether a singular infrastructure project works out economically or not depends on many factors. This can also be seen with e.g. wind farm projects, where Danish Ørsted canceled two large US offshore wind projects, Swedish Vattenfall abandoned its new British offshore wind project due to rising costs and Siemens Energy is having to borrow billions of Euros to patch up financial holes in its Spanish wind turbine unit.

Continue reading “Utah NuScale Nuclear Plant Project Canceled Due To Lack Of Interest From Utilities” →