Month: October 2014

Cyberwars: “Bigger than Heartbleed”

Shellshock-bash-header-664x374Just months after the Heartbleed bug made waves across the internet, a new security flaw has emerged which threatens to compromise everything from major servers to connected cameras. It is known as the Bash or Shellshock bug, a quarter-century old vulnerability that could put everything from major internet companies and small-scale web hosts to wi-fi connected devices at risk.

This  flaw allows malicious code execution within the bash shell – commonly accessed through Command Prompt on PC or Mac’s Terminal application – to take over an operating system and access confidential information. According to the open-source software company Red Hat, bash shells are run in the background of many programs, and the bug is triggered when extra code is added within the lines of Bash code.

heartbleed-iconBecause the bug interacts with a large percentage of software currently in use, and does in ways that are unexpected, Robert Graham – an internet security expert – claims that the Bash bug is bigger than Heartbleed. As he explained it:

We’ll never be able to catalogue all the software out there that is vulnerable to the Bash bug. While the known systems (like your Web server) are patched, unknown systems remain unpatched. We see that with the Heartbleed bug: six months later, hundreds of thousands of systems remain vulnerable.

According to a report filed by Ars Technica, the vulnerability could affect Unix and Linux devices, as well as hardware running Max OS X – particularly Mac OS X Mavericks (version 10.9.4). Graham warned that the Bash bug was also particularly dangerous for connected devices because their software is built using Bash scripts, which are less likely to be patched and more likely to expose the vulnerability to the outside world.

shellshock_bashAnd since the bug has existed for some two and a half decades, a great number of older devices will be vulnerable and need to be patched because of it. By contrast, The Heartbleed bug was introduced into OpenSSL more than two years ago, allowing random bits of memory to be retrieved from impacted servers. And according to security researcher Bruce Schneier, roughly half a million websites could be vulnerable.

For the time being, the administrative solution is to apply patches to your operating system. Tod Beardsley, an engineering manager at security firm Rapid7, claims that even though the vulnerability’s complexity is low, the level of danger it poses is severe. In addition, the wide range of devices affected by the bug make it essential that system administrators apply patches immediately.

cyber_virusAs Beardsley explained during an interview with CNET:

This vulnerability is potentially a very big deal. It’s rated a 10 for severity, meaning it has maximum impact, and ‘low’ for complexity of exploitation — meaning it’s pretty easy for attackers to use it… The affected software, Bash, is widely used so attackers can use this vulnerability to remotely execute a huge variety of devices and Web servers. Using this vulnerability, attackers can potentially take over the operating system, access confidential information, make changes etc. Anybody with systems using bash needs to deploy the patch immediately.

Attackers can potentially take over the operating system, access confidential information, and make changes. After conducting a scan of the internet to test for the vulnerability, Graham reported that the bug “can easily worm past firewalls and infect lots of systems” which he says would be “‘game over’ for large networks”. Similar to Beardsley, Graham said the problem needed immediate attention.

cyber-hackIn the meantime, Graham advised people to do the following:

Scan your network for things like Telnet, FTP, and old versions of Apache (masscan is extremely useful for this). Anything that responds is probably an old device needing a Bash patch. And, since most of them can’t be patched, you are likely screwed.

How lovely! But then again, these sorts of exploitable vulnerabilities are likely to continue to pop up until we rethink how the internet is run. As the Heartbleed bug demonstrated, the problem at the heart (no pun!) of it all is that vast swaths of the internet run on open-source software that is created by only a handful of people who are paid very little (and sometimes, not at all) for performing this lucrative job.

In addition, there is a terrible lack of oversight and protection when it comes to the internet’s infrastructure. Rather than problems being addressed in an open-source manner after they emerge, there needs to be a responsible body of committed and qualified individuals who have the ability to predict problems in advance, propose possible solutions, and come up with a set of minimum standards and regulations.

cryptographyEnsuring that it is international body would also be advisable. For as the Snowden leaks demonstrated, so much of the internet is controlled the United States. And as always, people need to maintain a degree of vigilance, and seek out information – which is being updated on a regular basis – on how they might address any possible vulnerabilities in their own software.

I can remember reading not long ago that the growing amount of cyber-attacks would soon cause people to suffer from “alert fatigue”. Well, those words are ringing in my ears, as it seems that a growing awareness of our internet’s flaws is likely to lead to “bug fatique” as well. Hopefully, it will also urge people to action and lead to some significant reforms in how the internet is structured and administered.

Source: cnet.com, arstechnica.com, blog.erratasec.com, securityblog.redhat.com

The Future of Space: Smart, Stretchy, Skintight Spacesuits

biosuitSpacesuits have come a long way from their humble origins in the 1960s. But despite decades worth of innovation, the basic design remains the same – large, bulky, and limiting to the wearer’s range of movement. Hence why a number of researchers and scientists are looking to create suits that are snugger, more flexible, and more ergonomic. One such group hails from MIT, with a skin-tight design that’s sure to revolutionize the concept of spacesuits.

The team is led by Dava Newman, a professor of aeronautics and astronautics and engineering systems at MIT who previewed her Biosuit – playfully described by some as a “spidersuit” – at the TEDWomen event, held in San Fransisco in December of 2013. Referred to as a “second skin” suit, the design incorporates flexible, lightweight material that is lined with “tiny, muscle-like coils.”

mit-shrink-wrap-spacesuitSpeaking of the challenges of spacesuit design, and her team’s new concept for one, Dava Newman had the following to say in an interview with MIT news:

With conventional spacesuits, you’re essentially in a balloon of gas that’s providing you with the necessary one-third of an atmosphere [of pressure,] to keep you alive in the vacuum of space. We want to achieve that same pressurization, but through mechanical counterpressure — applying the pressure directly to the skin, thus avoiding the gas pressure altogether. We combine passive elastics with active materials.

Granted, Newman’s design is the first form-fitting spacesuit concept to see the light of day. Back in the 1960’s, NASA began experimenting with a suit that was modeled on human skin, the result of which was the Space Activity Suit (SAS). Instead of an air-filled envelope, the SAS used a skin-tight rubber leotard that clung to astronaut like spandex, pressing in to protect the wearer from the vacuum of space by means of counter pressure.

SAS_spacesuitFor breathing, the suit had an inflatable bladder on the chest and the astronaut wore a simple helmet with an airtight ring seal to keep in pressure. This setup made for a much lighter, more flexible suit that was mechanically far simpler because the breathing system and a porous skin that removed the need for complex cooling systems. The snag with the SAS was that materials in the days of Apollo were much too primitive to make the design practical.

Little progress was made until Dava Newman and her team from MIT combined modern fabrics, computer modelling, and engineering techniques to produce the Biosuit. Though a far more practical counter-pressure suit than its predecessor, it was still plagued by one major drawback – the skintight apparatus was very difficult to put on. Solutions were proposed, such as a machine that would weave a new suit about the wearer when needed, but these were deemed impractical.

mit-shrink-wrap-spacesuit-0The new approach incorporates coils formed out of tightly packed, small-diameter springs made of a shape-memory alloy (SMA) into the suit fabric. Memory alloys are metals that can be bent or deformed, but when heated, return to their original shape. In this case, the nickel-titanium coils are formed into a tourniquet-like cuff that incorporates a length of heating wire. When a current is applied, the coil cinches up to provide the proper counter pressure needed for the Biosuit to work.

Bradley Holschuh, a post-doctorate in Newman’s lab, originally came up with the idea of a coil design. In the past, the big hurdle to second-skin spacesuits was how to get astronauts to squeeze in and out of the pressured, skintight suit. Holschuh’s breakthrough was to deploy shape-memory alloy as a technological end-around. To train the alloy, Holschuh wound raw SMA fiber into extremely tight coils and heated them to 450º C (842º F) to fashion an original or “trained” shape.

mit-shrink-wrap-spacesuit-3 When the coil cooled to room temperature, it could be stretched out, but when heated to 60º C (140º F), it shrank back into its original shape in what the MIT team compared to a self-closing buckle. As spokespersons from MIT explained:

The researchers rigged an array of coils to an elastic cuff, attaching each coil to a small thread linked to the cuff. They then attached leads to the coils’ opposite ends and applied a voltage, generating heat. Between 60 and 160 C, the coils contracted, pulling the attached threads, and tightening the cuff.

In order to maintain it without continually heating the coils, however, the team needs to come up with some sort of a catch that will lock the coils in place rather than relying on a continuous supply of electricity and needlessly heating up the suit – yet it will still have to be easy to unfasten. Once Newman and her team find a solution to this problem, their suit could find other applications here on Earth.

Image converted using ifftoanyAs Holschuh explained, the applications for this technology go beyond the spacesuit, with applications ranging from the militarized to the medical. But for the moment, the intended purpose is keeping astronauts safe and comfortable:

You could [also] use this as a tourniquet system if someone is bleeding out on the battlefield. If your suit happens to have sensors, it could tourniquet you in the event of injury without you even having to think about it… An integrated suit is exciting to think about to enhance human performance. We’re trying to keep our astronauts alive, safe, and mobile, but these designs are not just for use in space.

Considering the ambitious plans NASA and other government and private space agencies have for the near-future – exploring Mars, mining asteroids, building a settlement on the Moon, etc. – a next-generation spacesuit would certainly come in handy. With new launch systems and space capsules being introduced for just this purpose, it only makes sense that the most basic pieces of equipment get a refit as well.

And be sure to check out this video of Dava Newman showing her Biosuit at the TEDWomen conference last year:


Sources: gizmag.com, motherboard.vice.com, newsoffice.mit.edu

The Future of Space: Building A Space Elevator!

space_elevator2Regularly scheduled trips to the Moon are one of many things science fiction promised us by the 21st century that did not immediately materialize. However, ideas are on the drawing board for making it happen in the coming decades. They include regular rocket trips, like those suggested by Golden Spike, but others have more ambitious plans. For example, there’s LiftPort – a company that hopes to build a space elevator straight to the Moon.

When he was working with NASA’s Institute for Advanced Concepts in the early 2000s, LiftPort President Michael Laine began exploring the idea of a mechanism that could get people and cargo to space while remaining tethered to Earth. And he is certainly not alone in exploring the potential, considering the potential cost-cutting measures it offers. The concept is pretty straightforward and well-explored within the realm of science fiction, at least in theory.

space_elevatorThe space elevator concept is similar to swinging a ball on a string, except it involves a tether anchored to the Earth that’s about 500 km long. The other end is in anchored in orbit, attached to a space station that keeps the tether taut. Anything that needs to be launched into space can simply be fired up the tether by a series of rocket-powered cars, which then dock with the station and then launched aboard a space-faring vessel.

Compared to using rockets to send everything into space, the cost using the elevator is far less (minus the one-time astronomical construction fee). And while the materials do not yet exist to construct 0ne, suggestions have been floated for a Lunar Elevator. Taking advantage of the Moon’s lower gravity, and using the Earth’s gravity well to stabilize the orbital anchor, this type of elevator could be built using existing materials.

space_elevator_lunar1One such person is Laine, who believes the capability exists to build an elevator that would reach from to the Moon to a distance of 238,000 km towards the Earth. Hence why, started two and a half years ago, he struck out to try and bring this idea to reality. The concept behind the Moon Elevator is still consistent with the ball on the string analogy, but it is a little more complicated because of the Moon’s slow orbit around the Earth.

The solution lies in Lagrangian points, which are places of gravitational equilibrium between two bodies. It’s here that the gravitational pull of both bodies are equal, and so they cancel each other out. Lagrangian point L1 is about 55,000 kilometers from the Moon, and that’s the one Laine hopes to take advantage of. After anchoring one end of the “string” on the Moon’s surface, it will extend to L1, then from L1 towards Earth.

lunar_space_elevatorAt the end of the string will be a counterweight made up of all the spent pieces of rocket that launched the initial mission to get the spike into the Moon. The counterweight will be in the right place for the Earth to pull on it gravitationally, but it will be anchored, through the Lagrange point, to the Moon. The force on both halves of the “string” will keep it taut. And that taut string will be a space elevator to the Moon.

What’s more, Laine claims that the Moon elevator can be built off-the-shelf, with readily available technology. A prototype could be built and deployed within a decade for as little as $800 million, he claims. It would be a small version exerting just a few pounds of force on the anchor on the Moon, but it would lay the groundwork for larger follow-up systems that could transport more cargo and eventually astronauts.

liftportTo demonstrate their concept, LiftPort is working on a proof-of-concept demonstration that will see a robot climb the tallest free­standing human structure in existence. This will consist of three large helium balloons held together on a tripod and a giant spool of Vectran fiber that is just an eighth of an inch think, but will be able to support 635 kilograms (1,400 pounds) and withstand strong winds.

Vectran is the same material was used by NASA to create the airbags that allowed the Spirit and Opportunity’s rovers to land on Mars. Since it gets stronger as it gets colder, it is ideal for this high altitude test, which will be LiftPort’s 15th experiment and the 20th robot to attempt an ascent. Laine doesn’t have a prospective date for when this test will happen, but insists it will take place once the company is ready.

LiftPort1Regardless, when the test is conducted, it will be the subject of a new documentary by Ben Harrison. Having learned about Liftport back in 2012 when he stumbled across their Kickstarter campaign, Harrison donated to the project and did a brief film segment about it for Engadget. Since that time, he has been filming Liftport’s ongoing story as part of a proposed documentary.

Much like Laine, Harrison and his team are looking for public support via Kickstarter so they can finish the documentary, which is entitled “Shoot the Moon”. Check out their Kickstarter page if feel like contributing. As of the time of writing, they have managed to raise a total of $14,343 of their $37,000 goal. And be sure to check out the promotional videos for the Liftport Group and Harrison’s documentary below:

Lunar Space Elevator Infrastructure Overview:


Shoot the Moon – Teaser Trailer:


Sources: motherboard.vice.com, lunarelevator.com

The Future is Here: The Soft Robotic Exosuit

aliens_powerloaderRobotic exoskeletons have come a long way, and are even breaking the mold. When one utters the term, it tends to conjure up images of a heavy suit with a metal frame that bestows the wearer super-human strength – as exemplified by Daewoo’s robot worker suits. And whereas those are certainly making an impact, there is a burgeoning market for flexible exoskeletons that would assist with everyday living.

Researchers at Harvard’s Wyss Institute for Biologically Inspired Engineering have developed just such a device, a flexible fabric exoskeleton that earned them a $2.9 million grant by DARPA to continue developing the technology. Unlike the traditional exoskeleton concept, Harvard’s so-called “Soft Exosuit” is not designed to give the wearer vastly increase lifting capacity.

Exosuit-640x353Instead, the Soft Exosuit works with the musculature to reduce injuries, improve stamina, and enhance balance even for those with weakened muscles. In some ways, this approach to wearable robotics is the opposite of past exoskeletons. Rather than the human working within the abilities and constraints of the exoskeleton, the exoskeleton works with the natural movements of the human wearer.

The big challenge of this concept is designing a wearable machine that doesn’t get in the way. In order to address this, the Wyss Institute researchers went beyond the usual network of fabric straps that hold the suit in place around the user’s limbs. In addition, they carefully studied the way people walk and determined which muscles would benefit from the added forces offered by the Exosuit.

softexosuitWith a better understanding of the biomechanics involved, the team decided to go with a network of cables to transmit forces to the joints. Batteries and motors are mounted at the waist to avoid having any rigid components interfering with natural joint movement. This allows the wearer the freedom to move without having to manually control how the forces are applied.

Basically, the wearer does not have to push on a joystick, pull against restraints, or stick to a certain pace when walking with the Exosuit. The machine is supposed to work with the wearer, not the other way around. The designers integrated a network of strain sensors throughout the straps that transmit data back to the on-board microcomputer to interpret and apply supportive force with the cables.

Warrior_Web_Boston_Dynamics_sentDARPA is funding this project as part of the Warrior Web program, which seeks to reduce musculoskeletal injuries for military personnel. However, Harvard expects this technology to be useful in civilian applications as well. Anyone who needs to walk for long periods of time at work could benefit from the Soft Exosuit, which is less expensive and more comfortable that conventional exosuits; and with a little rescaling, could even be worn under clothing.

But the greatest impact of the Soft Exosuit is likely to be for those who suffer from a physical impairment and/or injuries. Someone that has trouble standing or walking could possibly attain normal mobility with the aid of this wearable robot. And people working their way through physiotherapy would find it very useful in assisting them with restoring their muscles and joints to their usual strength.

exosuit_cyberdyneHALThe team plans to collaborate with clinical partners to create a version of the exosuit for just this purpose. What the Wyss Institute has demonstrated so far has just been the general proof-of-concept for the Soft Exosuit. In time, and with further refinements, we could see all sorts of versions becoming available – from the militarized to the medical, from mobility assistance for seniors, to even astronauts looking to prevent atrophy.

And as always, technology that is initially designed to assist and address mobility issues is likely to give way to enhancement and augmentation. It’s therefore not hard to imagine a future where soft robotic exosuits are produced for every possible use, including recreation and transhumanism. Hell, it may even be foreseeable that an endoskeleton will be possible in the not-too-distant future, something implantable that can do the same job but be permanent…

Cool and scary! And be sure to check out this video from the Wyss Institute being tested:

 

 


Source: extremetech.com, wyss.harvard.edu, darpa.mil

500,000 Hits!

fireworks1This morning, I became aware that this blog, storiesbywilliams, has just reached another milestone. Yes, after three and a half years, this humble site has reached half a million hits. And as usual, I’d like to include a few other pertinent numbers to help put this all in perspective. For example, since this blog went public, it has reached the following:

  • 500,180 hits (as of writing this)
  • 7041 Comments
  • 2089 Followers
  • 1834 Posts

Once again, I can only say thank you to all those folks who have helped make this possible. You know who you are 😉 And just for once, I thought I might let be things brief and poignant. So thanks and congrats all around, and onto the next thing!

The Future of Computing: Towards a Quantum Internet

quantun_internetFor decades, the dream of quantum computing – a system that makes direct use of quantum-mechanical phenomena, such as superposition and entanglement, to perform operations on data- has been just that. Much the same is true of principles that expand on this concept, such as quantum encryption and a quantum internet. But thanks to ongoing studies and experiments by researchers and scientists, that dream may be closer to fruition than ever.

This time the progress comes from a research team out of Professor Nicolas Gisin lab’s in the physics department at the University of Geneva. The team achieved the teleportation of the quantum state of a photon – this time, the photon’s polarization – to a crystal-encased photon more than 25 kilometers (15.5 miles) away. The distance breaks the previous record of 6 kilometers (3.7 miles) set 10 years ago by the same team using the same method.

quantum_crystalThis is the latest in a series of experiments the group, led by physicist Félix Bussières, have conducted over the last decade in an effort to better understand quantum data transfer. In this particular experiment, the researchers stored one photon in a crystal, essentially creating a solid-state memory bank. They sent another photon of a different wavelength 25 km away through optical fiber, whereupon they had it interact with a third photon.

Because the first two photons were entangled – a quantum property whereby particles can speak to each other across an infinite distance – the interaction sent the data to the photo stored in the memory bank, where the team was able to retrieve it. Or as the team explained, using pool balls as an anology:

It is a bit like a game of billiards, with a third photon hitting the first which obliterates both of them. Scientists measure this collision. But the information contained in the third photon is not destroyed – on the contrary it finds its way to the crystal which also contains the second entangled photon.

quantum-entanglement3This is all in keeping with the concept of quantum teleportation – the moving of quantum data from one location to another without having to travel the distance between them. That means that the speed at which data moves isn’t necessarily limited by the constraints of space and time. In that sense, it’s easier to think of this kind of teleporting not as a “beam me up” scenario, but as a kind of instantaneous awareness between two points.

While this may not sound as exciting as Ursula K. Le Guin’s Ansible communicator, the Alcubierre warp drive, or the “Star Trek”-style transporter, it opens up startling possibilities. For instance, in addition to bringing us closer to hard drives that can store quantum bits (aka. qubits), this is a major step in the direction of a quantum internet and encryption- where information is sent around the world instantaneously and is extremely secure.

quantum-teleportation-star-trails-canary-islands-1-640x353This also opens doors for space exploration, where astronauts in space, rovers on Mars, and satellites in deep space will be able to communicate instantly with facilities here on Earth. For non-quantum physicists, the novel aspect of this experiment is that the team achieved teleportation of data across the kind of optic fiber that forms the basis of modern-day telecommunications, which means no major overhaul will be needed to make quantum internet a reality.

As physicists continue to push the boundaries of our understanding about the quantum world, we’re getting closer to translating these kinds of advancements in market applications. Already, quantum computing and quantum encryption are making inroads into the sectors of banking security, medical research and other areas in need of huge computing muscle and super-fast information transfer.

^With the rise of a potential quantum Internet on the horizon, we could see the next jump in communication happen over the next couple of decades. So while we’re a long way off from trying to pry quantum teleportation and entanglement from the grip of the theoretical realm, scientists are making headway, if only a handful of kilometers at a time. But every bit helps, seeing as how routing stations and satellites can connect these distances into a worldwide network.

In fact, research conducted by other labs have not only confirmed that quantum teleportation can reach up to 143 km (89 miles) in distance, but that greater and greater properties can be beamed. This distance is especially crucial since it happens to be close to what lies between the Earth and a satellite in Low-Earth Orbit (LEO). In short, we humans could construct a quantum internet using optic cables or satellites, mirroring the state of telecommunications today.

And when that happens, get ready for an explosion in learning, processing and information, the likes of which has not been seen since the creation of the printing press or the first internet revolution!

Sources: cnet.com, technologyreview.com, nature.com