- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis (PDF) — research uses audio from CPU to break GnuPG’s implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away.
- Bitcoin, Magic Thinking, and Political Ideology (Alex Payne) — In other words: Bitcoin represents more of the same short-sighted hypercapitalism that got us into this mess, minus the accountability. No wonder that many of the same culprits are diving eagerly into the mining pool.
- Why I Want Bitcoin to Die in a Fire (Charlie Stross) — Like all currency systems, Bitcoin comes with an implicit political agenda attached. Decisions we take about how to manage money, taxation, and the economy have consequences: by its consequences you may judge a finance system. Our current global system is pretty crap, but I submit that Bitcoin is worst. With a list of reasons why Bitcoin is bad, like Stolen electricity will drive out honest mining. (So the greatest benefits accrue to the most ruthless criminals.)
- iSeeYou: Disabling the MacBook Webcam Indicator LED — your computer is made up of many computers, each of which can be a threat. This enables video to be captured without any visual indication to the user and can be accomplished entirely in user space by an unprivileged (non-root) application. The same technique that allows us to disable the LED, namely reprogramming the firmware that runs on the iSight, enables a virtual machine escape whereby malware running inside a virtual machine reprograms the camera to act as a USB Human Interface Device (HID) keyboard which executes code in the host operating system. We build two proofs-of-concept: (1) an OS X application, iSeeYou, which demonstrates capturing video with the LED disabled; and (2) a virtual machine escape that launches Terminal.app and runs shell commands. (via Washington Post)
ENTRIES TAGGED "embedded devices"
Audio Key Extraction, Die Bitcoin, Keep Dying Bitcoin, Firmware Hacks
2013 Mispredicted, 2013 Accurately Predicted, RJ45 Computer, and Leakless Comms
- Cyberpunk 2013 — a roleplaying game shows a Gibsonian view of 2013 from 1988. (via Ben Hammersley)
- The Future Computer Utility — 1967 prediction of the current state. There are several reasons why some form of regulation may be required. Consider one of the more dramatic ones, that of privacy and freedom from tampering. Highly sensitive personal and important business information will be stored in many of the contemplated systems. Information will be exchanged over easy-to-tap telephone lines. At best, nothing more than trust—or, at best, a lack of technical sophistication—stands in the way of a would-be eavesdropper. All data flow over the lines of the commercial telephone system. Hanky-panky by an imaginative computer designer, operator, technician, communications worker, or programmer could have disastrous consequences. As time-shared computers come into wider use, and hold more sensitive information, these problems can only increase. Today we lack the mechanisms to insure adequate safeguards. Because of the difficulty in rebuilding complex systems to incorporate safeguards at a later date, it appears desirable to anticipate these problems. (via New Yorker)
- Lantronix XPort Pro Lx6 — a secure embedded device server supporting IPv6, that barely larger than an RJ45 connector. The device runs Linux or the company’s Evolution OS, and is destined to be used in wired industrial IoT / M2M applications.
- Pond — interesting post-NSA experiment in forward secure, asynchronous messaging for the discerning. Pond messages are asynchronous, but are not a record; they expire automatically a week after they are received. Pond seeks to prevent leaking traffic information against everyone except a global passive attacker. (via Morgan Mayhem)
America's tech schizophrenia, why Apple fans don't like Android, and the terrifying importance of embedded systems.
This week on O'Reilly: Doug Hill used Steve Jobs and Ted Kaczynski to examine America's love/hate relationship with technology, Mike Loukides criticized mobile carriers for messing with Android's UI, and engineer Elecia White shared her enthusiasm for embedded systems.
Embedded systems engineer Elecia White on race cars, smart dust, and learning on the fly.
Author and embedded systems engineer Elecia White discusses the state of embedded systems and what lies ahead (hint: distributed intelligence and microdots).
Ted Ladd on "micro experiences" and wearable computers.
WIMM Labs believes that wearable technology and at-a-glance moments — things like looking at a thermometer and checking the clock — can create powerful combinations.
Recording Glasses, Food Hacks, Visualizing Documents, Human Computation
- HD Video Recording Glasses (Kickstarter) — as Bryce says, “wearable computing is on the rise. As the price for enabling components drops, always on connectivity in our pockets and purses increases, and access to low cost manufacturing resources and know-how rises we’ll see innovation continue to push into these most personal forms of computing.” (via Bryce Roberts)
- Sketching in Food (Chris Heathcote) — a set of taste tests to demonstrate that we’ve been food hacking for a very long time. We started with two chemical coated strips – sodium benzoate, a preservative used in lots of food that a significant percentage of people can taste (interestingly in different ways, sweet, sour and bitter). Secondly was a chemical known as PTC that about 70% of people perceive as bitter, and a smaller number perceiving as really really horribly bitter. This was to show that taste is genetic, and different people perceive the same food differently. He includes pointers to sources for the materials in the taste test.
- Investigating Millions of Documents by Visualizing Clusters — recording of talk about our recent work at the AP with the Iraq and Afghanistan war logs.
- Managing Crowdsourced Human Computation (Slideshare) — half a six-hour tutorial at WWW2011 on crowdsourcing and human computation. See also the author’s comments. (via Matt Biddulph)
The web had its day. Mobile is already peaking. So what's next?
Those evangelizing the revolutionary qualities of "the next big thing" (whatever it may be) would do well to revisit past "big things." Truth is, computing goes in cycles.