Suramya's Blog : Welcome to my crazy life…

April 25, 2022

Rainbow Algorithm (one of the candidates for post-quantum Cryptography) can be broken in under 53 hours

Filed under: Computer Security,Emerging Tech,My Thoughts,Quantum Computing,Tech Related — Suramya @ 11:59 PM

Quantum Computing has the potential to make the current encryption algorithms obsolete once it gets around to actually being implemented on a large scale. But the Cryptographic experts in charge of such things have been working on Post Quantum Cryptography over the past few years to offset this risk. After three rounds they had narrowed down the public-key encryption and key-establishment algorithms to Classic McEliece, CRYSTALS-KYBER, NTRU, and SABER and te finalists for digital signatures are CRYSTALS-DILITHIUM, FALCON, and Rainbow.

Unfortunately for the Rainbow algorithm, Ward Beullens at IBM Research Zurich in Switzerland managed to find the corresponding secret key for a given Rainbow public key in 53 hours using a standard laptop. This would allow anyone with a laptop to ‘prove’ they were someone else by producing the secret key for a given public key.

The Rainbow signature scheme [8], proposed by Ding and Schmidt in 2005, is one of the oldest and most studied signature schemes in multivariate cryptography. Rainbow is based on the (unbalanced) Oil and Vinegar signature scheme [16, 11], which, for properly chosen parameters, has withstood all cryptanalysis since 1999. In the last decade, there has been a renewed interest in multivariate cryptography, because it is believed to resist attacks from quantum adversaries. The goal of this paper is to improve the cryptanalysis of Rainbow, which is an important objective because Rainbow is currently one of three finalist signature
schemes in the NIST Post-Quantum Cryptography standardization project.

This obviously disqualifies the algorithm from being standardised as it has a known easily exploitable weakness. It goes on to prove that cryptography is not easy and the only way to ‘prove’ the strength of an algorithm is to let others test them for vulnerabilities. Or as Bruce Schneier put it in Schneier’s Law: ‘Anyone can create an algorithm that they themselves can’t break.’ , you need others to validate that claim.

Paper: Breaking Rainbow Takes a Weekend on a Laptop by Ward Beullens (PDF)
Source: New Scientist: Encryption meant to protect against quantum hackers is easily cracked

– Suramya

April 24, 2022

Smart-contract bug locks away $34 million highlighting major weakness in smart-contracts

Filed under: Computer Software,Emerging Tech,Tech Related — Suramya @ 9:57 PM

Over the years I have had many conversations with people about Blockchain and how it is supposed to solve all our problems, but for the most part I think Blockchain is overrated and doesn’t solve any problem that can’t be solved in an easier way using less resources. Then as if Blockchain’s were not enough someone went and created smart contracts which are basically programs stored on a blockchain that run when predetermined conditions are met. They typically are used to automate the execution of an agreement so that all participants can be immediately certain of the outcome, without any intermediary’s involvement or time loss. They can also automate a workflow, triggering the next action when conditions are met.IBM Smart-Contracts Def

The major issue with a blockchain contract is that the contract is immutable so if there is a bug in the program no one can modify it to fix the issue. When warned about this potential problem the proponents of the smart-contract pretty much handwaved the concerns away stating that the issue is not that big a deal and people were just opposing them because they dislike smart-contracts and are sticks in mud etc etc.

Unfortunately, this is no longer a theoretical issue as the developers of the AkuDreams contract found out over the weekend. Due to a bug in the contract code $34 million, or 11,539 eth, is permanently locked into the AkuDreams contract forever. It cannot be retrieved by individual users or by the dev team..

This shows how dangerous it is to have a program that can’t be modified because no matter what we do we can’t ensure that code written will be 100% bug free in all the cases. When there is a bug in regular software be can push out a patch to fix it, but that is not an option for smart-contracts and that as you can see becomes an expensive issue.

Source: $34M permanently locked into AkuDreams contract forever due to bad code

– Suramya

April 23, 2022

Molecular engines made of protein could power molecular machines

Filed under: Emerging Tech,My Thoughts — Suramya @ 11:48 PM

Nano-machines have long been staples of Sci-Fi stories where nanotech is used to cure illnesses , make new materials, kill people etc etc and in the recent years a lot of effort has been put in to make these machines real. Basically speaking, a nanomachine, also called a nanite, is a mechanical or electromechanical device whose dimensions are measured in nanometers (millionths of a millimeter, or units of 10 -9 meter). [What is Nanite] They are still in the R&D phase but a lot of progress is being made in the field.

Researchers at the University of Washington in Seattle have created the first building blocks of a molecular engine, namely the axles and rotors. The really cool part is that these are self assembling and use custom designed new proteins unlike any found in nature. The researchers used the advances in Deep learning software to predict what shape a given DNA sequence will fold into making it easier to find a code that makes the desired shape. This allows them to create custom shapes without having to modify existing molecules which can be quite hard.

The team made the machine parts by putting DNA coding for the custom proteins into E. coli bacteria, and then checked their structure using a method called cryogenic electron microscopy.

This showed that the axles assembled correctly inside the rotors, and also revealed the different configurations that would be expected if the axles were turning. But because cryogenic electron microscopy can only provide a series of stills rather than a moving picture, the team can’t say for sure if the axles are rotating.

If they are, it would only be a random back-and-forth movement driven by molecules knocking into each other, a phenomenon called Brownian motion. The team is now designing more components to drive the motion in one direction and create a rotary engine, says Baker.

The work is still in the preliminary stage and the team is designing more components to drive the motion in one direction and create a rotary engine to make sure that the movement seen in the current trials is not just due to Brownian motion. Once the technology is perfected it has a lot of use cases in fields such as BioMed to remove tumors, clean out arterial blocks, repair injuries and fields like material design where these machines can be used to create new materials which are stronger and lighter.

Source: Tiny axles and rotors made of protein could drive molecular machines
Paper: Computational design of mechanically coupled axle-rotor protein assemblies

– Suramya

April 22, 2022

Implications and Impact of Quantum Computing on Existing Cryptography

Filed under: Article Releases,Computer Security,Computer Software,Emerging Tech,My Thoughts,Quantum Computing,Tech Related — Suramya @ 11:59 PM

As all of you are aware the ability to break encryption of sensitive data like financial systems, private correspondence, government systems in a timely fashion is the holy grail of computer espionage. With the current technology it is unfeasible to break the encryption in a reasonable timeframe. If the target is using a 256-bit key an attacker will need to try a max of 2256 possible combinations to brute-force it. This means that even with the fastest supercomputer in the world will take millions of years to try all the combinations (Nohe, 2019). The number of combinations required to crack the encryption key increase exponentially, so a 2048-bit key has 22048 possible combinations and will take correspondingly longer time to crack. However, with the recent advances in Quantum computing the dream of breaking encryption in a timely manner is close to becoming reality in the near future.

Introduction to Quantum Computing

So, what is this Quantum computing and what makes it so special? Quantum computing is an emerging technology field that leverages quantum phenomena to perform computations. It has a great advantage over conventional computing due to the way it stores data and performs computations. In a traditional system information is stored in the form of bits, each of which can be either 0 or 1 at any given time. This makes a ‘bit’ the fundamental using of information in traditional computing. A Quantum computer on the other hand uses a ‘qubit’ as its fundamental unit and unlike the normal bit, a qubit can exist simultaneously as 0 and 1 — a phenomenon called superposition (Freiberger, 2017). This allows a quantum computer to act on all possible states of a qubit simultaneously, enabling it to perform massive operations in parallel using only a single processing unit. In fact, a theoretical projection has postulated that a Quantum Computer could break a 2048-bit RSA encryption in approximately 8 hours (Garisto, 2020).

In 1994 Peter W. Shor of AT&T deduced how to take advantage of entanglement and superposition to find the prime factors of an integer (Shor, 1994). He found that a quantum computer could, in principle, accomplish this task much faster than the best classical calculator ever could. He then proceeded to write an algorithm called Shor’s algorithm that could be used to crack the RSA encryption which prompted computer scientists to begin learning about quantum computing.

Introduction to Current Cryptography

Current security of cryptography relies on certain “hard” problems—calculations which are practically impossible to solve without the correct cryptographic key. Just as it is easy to break a glass jar but difficult to stick it back together there are certain calculations that are easy to perform but difficult to reverse. For example, we can easily multiply two numbers to get the result, however it is very hard to start with the result and work out which two numbers were multiplied to produce it. This becomes even more hard as the numbers get larger and this forms the basis of algorithms like the RSA (Rivest et al., 1978) that would take the best computers available billions of years to solve and all current IT security aspects are built on top of this basic foundation.

There are multiple ways of classifying cryptographic algorithms but in this paper, they will be classified based on the keys required for encryption and decryption. The main types of cryptographic algorithms are symmetric cryptography and asymmetric cryptography.

Symmetric Cryptography

Symmetric cryptography is a type of encryption that uses the same key for both encryption and decryption. This requires the sender and receiver to exchange the encryption key securely before encrypted data can be exchanged. This type of encryption is one of the oldest in the world and was used by Julius Caesar to protect his communications in Roman times (Singh, 2000). Caesar’s cipher, as it is known is a basic substitution cypher where a number is used to offset each alphabet in the message. For example, if the secret key is ‘4’ then each alphabet would be replaced with the 4th letter down from it, i.e. A would be replaced with E, B with F and so on. Once the sender and receiver agree on the encryption key to be used, they can start communicating. The receiver would take each character of the message and then go back 4 letters to arrive at the plain-text message. This is a very simple example, but modern cryptography is built on top of this principle.

Another example is from world war II during which the Germans were encrypting their transmissions using the Enigma device to prevent the Allies from decrypting their messages as they had in the first World War (Rijmenants, 2004). Each day both the receiver and sender would configure the gears and specific settings to a new value as defined by secret keys distributed in advance. This allowed them to transmit information in an encrypted format that was almost impossible for the allied forces to decrypt. Examples of symmetric encryption algorithms include Advanced Encryption Standard (AES), Data Encryption Standard (DES), and International Data Encryption Algorithm (IDEA).

Symmetric encryption algorithms are more efficient than asymmetric algorithms and are typically used for bulk encryption of data.

Asymmetric Cryptography

Unlike symmetric cryptography asymmetric cryptography uses two keys, one for encryption and a second key for decryption (Rouse et al., 2020). Asymmetric cryptography was created to address the problems of key distribution in symmetric encryption and is also known as public key cryptography. Modern public key cryptography was first described in 1976 by Stanford University professor Martin Hellman and graduate student Whitfield Diffie. (Diffie & Hellman, 1976)

Asymmetric encryption works with public and private keys where the public key is used to encrypt the data and the private key is used to decrypt the data (Rouse et al., 2020). Before sharing data, a user would generate a public-private keypair and they would then publish their public key on their website or in key management portals. Now, whoever wants to send private data to them would use their public key to encrypt the data before sending it. Once they receive the cipher-text they would use their private key to decrypt the data. If we want to add another layer of authentication to the communication, the sender would encrypt the data with their private key first and then do a second layer of encryption using the recipient’s public key. The recipient would first decrypt the message using their private key, then decrypt the result using the senders public key. This validates that the message was sent by the sender without being tampered. Public key cryptography algorithms in use today include RSA, Diffie-Hellman and Digital Signature Algorithm (DSA).

Quantum Computing vs Classical Computing

Current state of Quantum Computing

Since the early days of quantum computing we have been told that a functional quantum computer is just around the corner and the existing encryption systems will be broken soon. There has been significant investment in the field of Quantum computers in the past few years, with organizations like Google, IBM, Amazon, Intel and Microsoft dedicating a significant amount of their R&D budget to create a quantum computer. In addition, the European Union has launched a Quantum Technologies Flagship program to fund research on quantum technologies (Quantum Flagship Coordination and Support Action, 2018).

As of September 2020, the largest quantum computer is comprised of 65 qubits and IBM has published a roadmap promising a 1000 qbit quantum computer by 2023 (Cho, 2020). While this is an impressive milestone, we are still far away from a fully functional general use quantum computer. To give an idea of how far we still have to go Shor’s algorithm requires 72k3 quantum gates to be able to factor a k bits long number (Shor, 1994). This means in order to factor a 2048-bit number we would need a 72 * 20483 = 618,475,290,624 qubit computer which is still a long way off in the future.

Challenges in Quantum Computing

There are multiple challenges in creating a quantum computer with a large number of qubits as listed below (Clarke, 2019):

  • Qubit quality or loss of coherence: The qubits being generated currently are useful only on a small scale, after a particular no of operations they start producing invalid results.
  • Error Correction at scale: Since the qubits generate errors at scale, we need algorithms that will compensate for the errors generated. This research is still in the nascent stage and requires significant effort before it will be ready for production use.
  • Qubit Control: We currently do not have the technical capability to control multiple qubits in a nanosecond time scale.
  • Temperature: The current hardware for quantum computers needs to be kept at extremely cold temperatures making commercial deployments difficult.
  • External interference: Quantum computes are extremely sensitive to interference. Research at MIT has found that ionizing radiation from environmental radioactive materials and cosmic rays can and does interfere with the integrity of quantum computers.

Cryptographic algorithms vulnerable to Quantum Computing

Symmetric encryption schemes impacted

According to NIST, most of the current symmetric cryptographic algorithms will be relatively safe against attacks by quantum computer provided a large key is used (Chen et al., 2016). However, this might change as more research is done and quantum computers come closer to reality.

Asymmetric encryption schemes impacted

Unlike symmetric encryption schemes most of the current public key encryption algorithms are highly vulnerable to quantum computers because they are based on the previously mentioned factorization problem and calculation of discrete logarithms and both of these problems can be solved by implementing Shor’s algorithm on a quantum computer with enough qubits. We do not currently have the capability to create a computer with the required number of qubits due to challenges such as loss of qubit coherence due to ionizing radiation (Vepsäläinen et al., 2020), but they are a solvable problem looking at the ongoing advances in the field and the significant effort being put in the field by companies such as IBM and others (Gambetta et al., 2020).

Post Quantum Cryptography

The goal of post-quantum cryptography is to develop cryptographic algorithms that are secure against quantum computers and can be easily integrated into existing protocols and networks.

Quantum proof algorithms

Due to the risk posed by quantum computers, the National Institute of Standards and Technology (NIST) has been examining new approaches to encryption and out of the initial 69 submissions received three years ago, the group has narrowed the field down to 15 finalists and has now begun the third round of public review of the algorithms (Moody et al., 2020) to help decide the core of the first post-quantum cryptography standard. They are expecting to end the round with one or two algorithms for encryption and key establishment, and one or two others for digital signatures (Moody et al., 2020).

Quantum Key Distribution

Quantum Key Distribution (QKD) uses the characteristics of quantum computing to implement a secure communication channel allowing users to exchange a random secret key that can then be used for symmetrical encryption (IDQ, 2020). QKD solves the problem of secure key exchange for symmetrical encryption algorithms and it has the capability to detect the presence of any third party attempting to eavesdrop on the key exchange. If there is an attempt by a third-party to eavesdrop on the exchange, they will create anomalies in the quantum superpositions and quantum entanglement which will alert the parties to the presence of an eavesdropper, at which point the key generation will be aborted (IDQ, 2020). The QKD is used to only produce and distribute an encryption key securely, not to transmit any data. Once the key is exchanged it can be used with any symmetric encryption algorithm to transmit data securely.

Conclusion

Development of a quantum computer may be 100 years off or may be invented in the next decade, but we can be sure that once they are invented, they will change the face of computing forever including the field of cryptography. However, we should not panic as this is not the end of the world as the work on quantum resistant algorithms is going much faster than the work on creating a quantum computer. The world’s top cryptographic experts have been working on Quantum safe encryption for the past three years and we are nearing the completion of the world’s first post-quantum cryptography standard (Moody et al., 2020). Even if the worst happens and it is not possible to create a quantum safe algorithm immediately, we still have the ability to encrypt and decrypt data using one-time pads until a safer alternative or a new technology is developed.

References

Chen, L., Jordan, S., Liu, Y.-K., Moody, D., Peralta, R., Perlner, R., & Smith-Tone, D. (2016). Report on Post-Quantum Cryptography. https://doi.org/10.6028/nist.ir.8105

Cho, A. (2020, September 15). IBM promises 1000-qubit quantum computer-a milestone-by 2023. Science. https://www.sciencemag.org/news/2020/09/ibm-promises-1000-qubit-quantum-computer-milestone-2023.

Clarke, J. (2019, March). An Optimist’s View of the Challenges to Quantum Computing. IEEE Spectrum: Technology, Engineering, and Science News. https://spectrum.ieee.org/tech-talk/computing/hardware/an-optimists-view-of-the-4-challenges-to-quantum-computing.

Diffie, W., & Hellman, M. (1976). New directions in cryptography. IEEE Transactions on Information Theory, 22(6), 644–654. https://doi.org/10.1109/tit.1976.1055638

Freiberger, M. (2017, October 1). How does quantum computing work? https://plus.maths.org/content/how-does-quantum-commuting-work.

Gambetta, J., Nazario, Z., & Chow, J. (2020, October 21). Charting the Course for the Future of Quantum Computing. IBM Research Blog. https://www.ibm.com/blogs/research/2020/08/quantum-research-centers/.

Garisto, D. (2020, May 4). Quantum computers won’t break encryption just yet. https://www.protocol.com/manuals/quantum-computing/quantum-computers-wont-break-encryption-yet.

IDQ. (2020, May 6). Quantum Key Distribution: QKD: Quantum Cryptography. ID Quantique. https://www.idquantique.com/quantum-safe-security/overview/quantum-key-distribution/.
Moody, D., Alagic, G., Apon, D. C., Cooper, D. A., Dang, Q. H., Kelsey, J. M., Yi-Kai, L., Miller, C., Peralta, R., Perlner R., Robinson A., Smith-Tone, D., & Alperin-Sheriff, J. (2020). Status report on the second round of the NIST post-quantum cryptography standardization process. https://doi.org/10.6028/nist.ir.8309

Nohe, P. (2019, May 2). What is 256-bit encryption? How long would it take to crack? https://www.thesslstore.com/blog/what-is-256-bit-encryption/.
Quantum Flagship Coordination and Support Action (2018, October). Quantum Technologies Flagship. https://ec.europa.eu/digital-single-market/en/quantum-technologies-flagship

Rijmenants, D. (2004). The German Enigma Cipher Machine. Enigma Machine. http://users.telenet.be/d.rijmenants/en/enigma.htm.

Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 120–126. https://doi.org/10.1145/359340.359342

Rouse, M., Brush, K., Rosencrance, L., & Cobb, M. (2020, March 20). What is Asymmetric Cryptography and How Does it Work? SearchSecurity. https://searchsecurity.techtarget.com/definition/asymmetric-cryptography.

Shor, P. w. (1994). Algorithms for quantum computation: discrete logarithms and factoring. Proceedings 35th Annual Symposium on Foundations of Computer Science, 124–134. https://doi.org/10.1109/sfcs.1994.365700

Singh, S. (2000). The code book: The science of secrecy from Egypt to Quantum Cryptography. Anchor Books.

Vepsäläinen, A. P., Karamlou, A. H., Orrell, J. L., Dogra, A. S., Loer, B., Vasconcelos, F., David, K. K., Melville A. J., Niedzielski B. M., Yoder J. L., Gustavsson, S., Formaggio J. A., VanDevender B. A., & Oliver, W. D. (2020). Impact of ionizing radiation on superconducting qubit coherence. Nature, 584(7822), 551–556. https://doi.org/10.1038/s41586-020-2619-8

Note: This was originally written as a paper for one of my classes at EC-Council University in Q4 2020, which is why the tone is a lot more formal than my regular posts.

– Suramya

April 21, 2022

It is possible to plant Undetectable Backdoors in Machine Learning Models

Filed under: Computer Security,Computer Software,Emerging Tech,My Thoughts,Tech Related — Suramya @ 2:23 AM

Machine learning (ML) is the big thing and ML algorithms are slowly creeping into all aspects of our life such as unlocking your phone using facial recognition, evaluating the eligibility for a loan, surveillance, what ads you see when surfing the web, what search results you get when searching for stuff etc etc. The problem is that ML algorithms are not infallible they depend on the training data used, confirmational bias etc. At the very least they enforce the existing bias for example, if a company only hires men 25-45 for a role then the ML data set will take this as the input and all future candidates will be evaluated against this criteria because the system thinks that this is what a success looks like. The algorithms themselves are getting more and more complicated and it is almost impossible to review and validate the findings. Due to this decisions are being made by machines that can’t be audited easily. Plus it doesn’t help that most ML models are proprietary and the companies refuse to let outsiders examine them due to Trade secrets and proprietary information used in them.

Another problem is that these ML models is adversarial perturbations where attackers make minor changes to the image/data going in to get a specific response/output. There are a lot of examples of this in the past few years and some of them are listed below (Thanks to Cory Doctorow for consolidating them in one place)

These all take advantage of flaws in the ML model that can be exploited using minor changes in the input data. However, there is another major exploit surface available which is incredibly hard to protect against: Backdoors in the ML models by creating a model that will accept a particular entry/key to produce a specific output. The ‘best’ part is that it is almost impossible to detect if this has been done because the model will function exactly the same as an un-tampered model and will only show the abnormal behavior for the specific key which would have been randomly generated by the creator during the training. If done well then the modifications will be undetectable for most tests.

A team for MIT and IAS has written a paper on it (“Planting Undetectable Backdoors in Machine Learning Models“) where they go into details of how this can be done and the potential impact. Unfortunately, they have not been able to come up with a feasible defense against this attack as of this time. Hopefully that will change as others start focusing on this problem and how to solve it.

Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier behaves normally, but in reality, the learner maintains a mechanism for changing the classification of any input, with only a slight perturbation. Importantly, without the appropriate “backdoor key”, the mechanism is hidden and cannot be detected by any computationally-bounded observer. We demonstrate two frameworks for planting undetectable backdoors, with incomparable guarantees.

First, we show how to plant a backdoor in any model, using digital signature schemes. The construction guarantees that given black-box access to the original model and the backdoored version, it is computationally infeasible to find even a single input where they differ. This property implies that the backdoored model has generalization error comparable with the original model. Second, we demonstrate how to insert undetectable backdoors in models trained using the Random Fourier Features (RFF) learning paradigm or in Random ReLU networks. In this construction, undetectability holds against powerful white-box distinguishers: given a complete description of the network and the training data, no efficient distinguisher can guess whether the model is “clean” or contains a backdoor.

Our construction of undetectable backdoors also sheds light on the related issue of robustness to adversarial examples. In particular, our construction can produce a classifier that is indistinguishable from an “adversarially robust” classifier, but where every input has an adversarial example! In summary, the existence of undetectable backdoors represent a significant theoretical roadblock to certifying adversarial robustness.

The paper is still waiting for the peer-review to complete but the concept and methods they describe seem solid so this is a problem we will have to solve sooner rather than later considering the speed with which ML models are impacting our life.

Source: Schneier on Security: Undetectable Backdoors in Machine-Learning Models

– Suramya

April 20, 2022

Improving Photosynthesis efficiency by resurrecting ancient enzymes in Modern Plants

Filed under: Science Related — Suramya @ 1:23 AM

Climate change is something that is going to impact us in a major way specially in our ability to produce food as the plants and animals we have right now are not really suited for an environment that is a lot hotter and has more pollutants & CO2 in the atmosphere. Scientists have been exploring modifying the plants to enable them to thrive in the new environment and increase their food productivity (since the world population is growing at a massive rate) and Maureen Hanson & Myat Lin from the Cornell University have made a breakthrough in the effort to improve the efficiency of Photosynthesis in plants.

They developed a computational technique to predict favorable gene sequences to make Rubisco that fixes atmospheric CO2 into organic compounds. Using the evolutionary history the process predicted how the genes would have been 20-30 million years ago. These were then tested using an experimental system developed in Hanson’s lab (Nature Plants Paper) that employs E. coli bacteria to test the efficacy of the different versions Rubisco. Using this method allowed the researchers to evaluate the findings a lot faster than the traditional method which would have taken months to verify instead of days.

Plants and photosynthetic organisms have a remarkably inefficient enzyme named Rubisco that fixes atmospheric CO2 into organic compounds. Understanding how Rubisco has evolved in response to past climate change is important for attempts to adjust plants to future conditions. In this study, we developed a computational workflow to assemble de novo both large and small subunits of Rubisco enzymes from transcriptomics data. Next, we predicted sequences for ancestral Rubiscos of the (nightshade) family Solanaceae and characterized their kinetics after coexpressing them in Escherichia coli. Predicted ancestors of C3 Rubiscos were identified that have superior kinetics and excellent potential to help plants adapt to anthropogenic climate change. Our findings also advance understanding of the evolution of Rubisco’s catalytic traits.

Their findings which have been published in Science Advances show that the ancient Rubisco enzymes predicted showed real promise for being more efficient. The next step is to replace the genes in existing tobacco plants with their ancient counterparts and then measure how the photosynthesis efficiency changes in the modified plant. If things look good then we can start testing against food crops such as tomatoes, soybeans and rice.

But that is going to take time as these things can’t be rushed and we need to ensure there are no harmful side effects of this change. That being said, it is a great breakthrough and I am going to be watching this space for more advances.

Paper: Improving the efficiency of Rubisco by resurrecting its ancestors in the family Solanaceae
Article: Scientists resurrect ancient enzymes to improve photosynthesis

– Suramya

April 19, 2022

Please stop taking such photos unless you have a death wish.

Filed under: My Thoughts — Suramya @ 12:04 AM

The following image popped up in my feed earlier today and I am dumbfounded by what people feel is ok to do to get a perfect (Instagram?) picture.


Answer: Common sense and a working brain

This looks like it is an active road, as you can see cars in the background and there are cars driving towards them. They are lying down on a zebra crossing, in the rain which will make it difficult for drivers to stop the car quickly. Plus since no one expects idiots to be lying down on the road there is a good chance that someone who is not paying attention or is momentarily distracted can run them over and in this pose it is almost impossible for these two to get out of the way fast if a car is about to run them down.

I have taken a few sitting on the road photos over the years, but we ensured that the roads were empty and we could see for a fair distance so that we could get out of the way if there was oncoming traffic.

Come on folks, is taking a great pic really worth dying for? Or do you want to be remembered as the idiots who got run over when taking an Instagram pic? Please stop this idiotic behavior.

– Suramya

April 18, 2022

Oracle releases a ‘free’ version of Oracle Solaris 11.4 for opensource developers and non-production personal use

Filed under: Linux/Unix Related,My Thoughts — Suramya @ 2:59 AM

Last month Oracle released a ‘free’ version of Oracle Solaris 11.4 for opensource developers and non-production personal use. The key point to note is that this doesn’t mean that there is a free/opensource version of the OS now available because unlike the Open Solaris project (that was released in 2008 but was discontinued) this build is a similar to a beta release and contains pre-release builds of a particular SRU (which I think means a release version). To me it sounds like they want the opensource community to perform free testing for their releases while getting some positive publicity.

I don’t think I will be trying it out because I don’t really trust Oracle. They are notorious for their bad takes and really aggressive enforcement of their IP rights. Plus their history with opensource projects has been bumpy and you never know when they will change their mind and go in a different direction.

My first experience with Unix/Linux was SunOS 4.1 followed by Solaris 5. I even had a Sparc machine at one point but it got lost during one of the many moves I made over the years. I loved the OS and since I couldn’t run it on my machines I started using Linux which was a great alternative. When OpenSolaris was released I received installation CDs to try it out, unfortunately life got in the way and I never really tested it out (other than the initial install). It was disappointing when the project went defunct & shutdown. I took a look at the OpenSolaris Wikipage and it looks like none of the derivative projects that were supposed to take over really went anywhere. So that sucks.

I don’t think that Unix does anything that Linux can’t do and even then if you want to run Unix on your machines I would recommend you go for FreeBSD instead of this ‘free’ version.

Thanks to HackaDay: Solaris Might Be Free If You Want It for the initial link.

– Suramya

April 17, 2022

Air Quality in Delhi/NCR sucks

Filed under: My Thoughts — Suramya @ 10:32 AM

People complain about the air quality in Delhi/NCR a lot (and I am one of them). The Delhi government tries to blame it all on the annual burning of crops in Punjab but that is just an excuse as that happens once a year and the quality is bad through out the year. A few years ago I was in at our place in Noida and I walked out of my room & looked at the living room and found the view to be hazy. At first I thought that this was due to me not wearing my glasses but then realized that it was smog inside our house. I immediately searched for and installed my old air purifier (from our days in the US) and within a short time the haziness was gone.

Recently I bought the PHILIPS High Efficiency Air Purifier AC2887/20 for my house in Bangalore and when I saw how effective it is, I got the same thing for the parents to use in Delhi as well. The one I have in Bangalore ran 24/7 while there was construction going on inside our house (we had the bathrooms renovated) and I had no issues/allergic reactions due to the work being done. Without the purifier I would have been on a constant diet of Allegra the entire day with splitting headaches. You can imagine the amount of dust being generated due to the work but the purifier took it all in stride and I cleaned the external filter once because I thought I should (no alerts to clean came on) after the construction was done.

My father started using the purifier about a month ago (finally!) when the pollen season started and his allergies kicked in. It ran in his room mostly at the night and sometimes during the day as well. Earlier this week after he had been using it for about a month, he pinged me to ask for a particular error code being displayed on the purifier meant, so I found the manual for the device and looked it up. The error code (F0) meant that the external filter needed to be cleaned for the device to work at peak efficiency.

I ran it with construction going on in the other room and the filter never got so bad that the device had to ask me to clean it. Delhi/Noida air quality on the other hand is so bad that they had to clean it within a month of using it normally. Now tell me that the air quality in NCR is not bad! Plus there is no burning’s happening right now or Diwali so you can’t blame it on that either. No wonder Delhi was rated the most polluted capital city in the world.


Delhi Air Pollution: Real-time Air Quality Index (AQI) (Source: aqicn.org)

There needs to be an active urgent effort by the Government to reduce the pollution level, similar to what was done in the early 2000’s when the air quality had improved for a brief time after all the public transports were moved to CNG.

Till then I am going to ensure that the purifier is constantly running at home in Delhi. I don’t do it in the Bangalore house regularly but I do run a purifier in the car to reduce my exposure.

– Suramya

April 16, 2022

Debian Project leader talks about How Debian is doing on the mailing list

Filed under: Linux/Unix Related — Suramya @ 5:28 AM

I use Debian as my primary OS and have been doing so since 2002 onwards. I switched from Redhat to Debian because RH8 was an attempt to make the OS easier for new users which meant that a lot of functionality was no longer exposed to the user without having to jump through hoops and I just didn’t like the new look and feel anymore. After looking at the available options I switched to Debian 3.0 that had released earlier that year. It worked great for the most part for me and I have been using it since. I did explore Mint and Ubuntu for a bit in the middle but have mostly been using Debian for my home systems. (Work wise most companies I have been with have been on RHEL, CentOS and Fedora).

After running for such a long time and with the constant changes over the past few years, it is obvious to wonder how the Debian project is doing and recently Jonathan Carter who is the current Debian Project Leader sent an email giving a high level overview of the current status, what went well, the current challenges and future scope. It is an interesting read and you should check it out here: Question to all candidates: how is Debian doing?.

Some of the points I found interesting are listed below:

  • The project has managed to release every 2 years since 2005
  • The finances are also really good, with over $1m in available funds
  • Debian gained secureboot support
  • The debian.social project
  • Consumer computing products are going to continue being more locked down and this is causing problems with the installers

There are more points but as Jonathan put it “I think Debian is doing ok. It’s not doing great, but it is ok. “. For me it works as I want it & how I want it so I am happy with it and it is good to know that the project is stable and will continue to be around for a while.

– Suramya

« Newer PostsOlder Posts »

Powered by WordPress