Suramya's Blog : Welcome to my crazy life…

September 5, 2023

Invalid Flight plan submission to UK National Air Traffic Services causes multi-day chaos

Filed under: My Thoughts,Tech Related — Suramya @ 6:50 PM

One of the cardinal rules in computers is to “never trust the input” or put another way: “Never trust user input”. If you ever wondered what would happen if this wasn’t followed here’s a real world example that happened late last month (28th Aug) where almost every flights to and from the UK were delayed or cancelled after their air traffic control systems went down.

An analysis of the crash found that a French airline had filed a flight path in the wrong format to the National Air Traffic Services (NATS) and instead of rejecting the plan because it was in an invalid format as it should have done the entire system went down hard. This is a basic programming principle and I am not sure why their testing didn’t catch this massive vulnerability. Basically, it looks like anyone with access to file a flight plan can crash the entire NATS just by submitting a flight plan in the wrong format.

Apparently it is expected behavior as per NATS chief executive Martin Rolfe, who said that both Primary AND Backup systems responded to the incorrect flight data by suspending automatic processing “to ensure that no incorrect safety-related information could be presented to an air traffic controller or impact the rest of the air traffic system”

Nats chief executive, Martin Rolfe, told BBC Radio 4’s Today programme: “It wasn’t an entire system failure. It was a piece of the system, an important piece of the system.

“But in those circumstances, if we receive an unusual piece of data that we don’t recognise, it is critically important that that information – which could be erroneous – is not passed to air traffic controllers.”

Mr Rolfe said Nats has “safety-critical systems” and “throwing data away needs to be very carefully considered”.

To me it is unbelievable that anyone thought that crashing both the Primary and Backup systems was preferable to throwing away an invalid flight plan.

Sources:

– Suramya

August 31, 2023

Using LLM’s to change writing style to hide author?

Filed under: Artificial Intelligence,My Thoughts,Tech Related — Suramya @ 12:17 PM

It is fairly well known that folks can identify a writer based on their writing style. In fact there is a whole field of work called Stylometry that analyses writings to try to attribute authorship of documents/writings. This is used in when new text/writings are found that are not attributed to any person or when agencies receive letters or there are articles posted on extremist sites.

In 1964, Frederick Mosteller and David Wallace published a three-year study of the distribution of common words in the Federalist Papers and showed that the writing style of Alexander Hamilton and James Madison differed in subtle ways. The researchers analyzed some disputed papers that both writers claimed to have written and based on their analysis of the respective writing styles of both authors were able to identify that the papers were likely to have come from Madison’s pen. Since then the technique has only improved, with AI and Machine learning algorithms coming into play researchers are able to identify the writing style from a post quickly and mostly accurately. Keep in mind that this is still more of an art than a science. However, it works well enough that people were able to identify the author of a book: “The Cuckoo’s Calling, by Robert Galbraith” as none other than JK Rowling.

Now, as we all know “With every action there is an equal and opposite reaction” and there has been a lot of work put into what is called Adversarial stylometry. Which is the practice of consciously changing the writing style when writing so remove the identifying characteristics that can be used to figure out who wrote the text. Historically, this was achieved by paraphrasing the text and by having another person edit & modify the content.

With the recent advances in LLM especially systems like ChatGPT it might be possible to use them to whitewash the text and remove enough identifying marks that the text becomes relatively more anonymous. I tried it out with the previous paragraph as the input and got the following as the result:

As commonly understood, the principle of “For every action, there is an opposing reaction” holds true. Considerable effort has been dedicated to a field known as Adversarial Stylometry. This involves intentionally altering one’s writing style to eliminate distinctive traits that could be employed to determine the authorship of a text. In the past, this was accomplished by rephrasing the content and enlisting the assistance of a third party to revise and adjust the material.

As you can see the output is significantly different in both words, tone and phrasing that it would it hard to attribute correctly. Do it a few times in a loop and after ensuring the original meaning is not lost you can use it and be relatively sure that it will be difficult to identify the author of the text.

Obviously, if LLM’s are going to be used to obfuscate text then other LLM’s will be created that try to de-obfuscate the text and the systems will keep getting more and more smarter.

– Suramya

August 29, 2023

Excel holding up the Global Financial System, now with Python support

Filed under: Computer Security,Computer Software,My Thoughts,Tech Related — Suramya @ 1:12 PM

It is both impressive and scary how much of the world’s financial systems is being run using Microsoft Excel. Folks have created formulars/macros/scripts/functions etc in Excel that allows them to generate data that is used to take major financial decisions with real world impact.

In one of my previous companies we actually had a full discussion on how to get an inventory of all the Excel code in use at the company and how to archive it so that we have backups and version control on them. Unfortunately, I left before much headway was made but I did learn enough about excel use to scare me. (Especially since I am not the biggest fan of Microsoft software 😉 )

Now you might ask why so many people are using excel when there are better tools available in the market and these companies have inhouse teams to create custom software for the analyst and I asked the exact same questions when I started. I think it is probably because the tool makes it easy for folks to come up with formulas and scripts that get their work done instead of having to wait for an external team to make the changes etc that they need.

Now, a few days ago Microsoft made a surprise announcement that going forward they are going to support running Python inside an Excel file. Yikes!! In order to use this functionality you will need to be part of the Microsoft 365 Insider program and then you can type Python code directly into cells using the new =PY() function, which then gets executed in the cloud. From what I have read, this will be enabled by default and needs to be disabled via a registry key.

Since its inception, Microsoft Excel has changed how people organize, analyze, and visualize their data, providing a basis for decision-making for the millions of people who use it each day. Today we’re announcing a significant evolution in the analytical capabilities available within Excel by releasing a Public Preview of Python in Excel. Python in Excel makes it possible to natively combine Python and Excel analytics within the same workbook – with no setup required. With Python in Excel, you can type Python directly into a cell, the Python calculations run in the Microsoft Cloud, and your results are returned to the worksheet, including plots and visualizations.

We already have issues with Excel Macros being used as vectors for malware & viruses, this just opens a whole new front in that war. Now, admins will have to worry about attackers using Python in Excel to infiltrate the organization or to send data outside the org. I can see how it is useful for people working with datasets and MS is adding this functionality to keep up with other tools such as Tableau etc which are more powerful but still I feel that this is a bad move.

Another problem that folks are going to face is that now your Excel sheets have Python programs inside them, how are we supposed to version the code, how is code review done? Basically this code should be going through the standard SDLC (Software Development Life Cycle) process but wouldn’t. We also need to ensure that all changes are reviewed and monitored to protect against insider attacks but the way the system is setup this is going to be extremely difficult (We have already seen that with Macros and Formulas etc).

Lets see how folks address this risk profile.

– Suramya

August 22, 2023

Getting my Pocket C.H.I.P. to finally work

Filed under: Knowledgebase,Linux/Unix Related,My Thoughts,Tech Related — Suramya @ 11:59 PM

Way back in 2016, I backed the Pocket C.H.I.P on Kickstarter opting to get 2 CHIP’s and one PocketChip. The C.H.I.P (or CHIP) was a single single-board computer costing $9 launched by Next Thing Co. It used open-source hardware running open-source software and was advertised as world’s first $9 computer as a direct competitor to the RaspberryPi . The device boasted the following configuration:

  • 1 GHz R8M/R8 (ARMv7)SoC processor
  • 512 MB DDR3 SDRAM
  • Built-in Wi-Fi 802.11b/g/n, Bluetooth 4.0
  • One USB host with type-A receptacle, one USB On-The-Go port
  • Composite video and stereo audio port via mini TRRS
  • Optional composite TRRS to RCA audio-video cable
  • Optional VGA adapter and HDMI adapter (I got both)
  • Up to 45 GPIO ports
  • Supports 1-Wire and I2C protocols, PWM output
  • Serial console and Ethernet via USB for quick headless operation
  • Power options include 5V via USB OTG, 5V via CHN pin, and by 3.7V battery
  • Onboard NAND storage, 4-8GB

The PocketChip was a handheld with a 4.3 inch 480×272 pixel resistive touchscreen, a clicky keyboard, GPIO headers on the top of the device, and GPIO soldering pads inside of the injection molded case powered by the CHIP processor. It looks clunky but is easier to connect to the device and setup using the PocketChip rather than doing it with just the CHIP.

Unfortunately the company shutdown in 2018 due to various issues. However, I was one of the lucky backers to receive the devices but once I received them I put them in a drawer and kind of forgot about them as life got busy and interesting. Over the years I did try to power on the device a couple of times but never really looked into getting it to work, so they just collected dust in my desk (literally).

Over the past weekend I decided to try getting it to work so I did some searching and with a lot of trial and error finally managed to get things to work and boot into a working OS. 🙂 The main issue was that I was expecting it to work like the RaspberryPi where the OS was installed on an SD card but in this case the OS had to be flashed on to the onboard flash chip which was a bit more complicated process than installing to a SD card. I followed the instructions at NextThingCo Pocket C.H.I.P. Flashing Guide amongst other pages to get things to work. Here I will document some of the other things I had to do to get it to work. Please note that this was on a Debian setup, things might be a bit different for other OS’s

Install the Prerequisites

First we need to install the tools required by running the following command as root:

apt-get install git android-tools-fastboot sunxi-tools u-boot-tools

Download the CHIP SDK

Download the CHIP-SDK.zip from one of the following links:

Download and extract the CHIP Tools

Download CHIP-tools.zip from one of the following sites:

Download CHIP OS Images

Download the CHIP OS image from one of the following links:

Extract flash-collection.zip

When I tried extracting the contents of the zip file I got from the first link, I got an error that the file is not a Zip file. After a lot of searching I found out that you can run the following command to extract the file instead:

jar xfv flash-collection.zip

Since that seems unnecessarily complicated. I have extracted and re-compressed the file and shared it at the second link. You can extract it using the standard zip tools.

Fix fastboot

The version of fastboot in the Debian repositories is newer than the one used in the setup scripts and if you try to flash with the version installed then fails with the following error message:

..
..
== Cached UBI located ==
Image Name:   flash server
Created:      Sun Aug 20 19:29:14 2023
Image Type:   ARM Linux Script (uncompressed)
Data Size:    1784 Bytes = 1.74 KiB = 0.00 MiB
Load Address: 00000000
Entry Point:  00000000
Contents:
   Image 0: 1776 Bytes = 1.73 KiB = 0.00 MiB
waiting for fel...OK
waiting for fastboot...fastboot: invalid option -- 'i'
.fastboot: invalid option -- 'i'
.fastboot: invalid option -- 'i'
.fastboot: invalid option -- 'i'
.fastboot: invalid option -- 'i'
.fastboot: invalid option -- 'i'
.fastboot: invalid option -- 'i'
.fastboot: invalid option -- 'i'

The easiest fix for this is to rollback to a previous version of the software that supports the -i parameter. You can try to search and download the older version from Debian’s repositories, but I found it easier to download the software from platform-tools_r26.0.0-linux.zip (as I was too tired to go search for it in the archives)

Once you download the file and extract the contents, follow these steps to rollback to the previous version of fastboot:

  • Backup the existing binary for fastboot
    • mv /usr/lib/android-sdk/platform-tools/fastboot /usr/lib/android-sdk/platform-tools/fastboot_old
  • Copy the extracted file from the zip file to the correct location
    • mv platform-tools/fastboot /usr/lib/android-sdk/platform-tools/fastboot

Put the CHIP in FEL mode

The FEL mode allows the software to flash the CHIP with a new firmware. This can be done by putting a jumper wire between GND and FEL. It will look something like the following:


Connecting a jumper wire between GND and FEL to enter FEL Mode

Once you have entered the FEL mode, connect the CHIP to the computer using the microUSB port on the CHIP, not the fullsize USB port.

Flashing the OS to CHIP

Once you have downloaded all the files and unziped them. Follow these steps to Flash the OS to CHIP.

  • Move the CHIP-tools directory to the CHIP-SDK directory
    • mv CHIP-tools CHIP-SDK/
  • Select the Image you want to install and move it into the CHIP-SDK directory. There are 8 Images to choose from, I tested with the testing-server-b543 and testing-pocketchip-b667 images as I have 2 CHIPS to play with. 🙂
  • The original instructions on the site ask you to run the ./setup_ubuntu1404.sh script located in the CHIP-SDK directory but it failed most commands on my system. I think that you should be able to proceed without running it but haven’t tried it.
  • Switch to the CHIP-tools directory
    • cd CHIP-SDK/CHIP-tools
  • Run the firmware upgrade script, replacing Path/To/Chip/Image with the location where you extracted the Image you want to install
    • ./chip-update-firmware.sh -L ../../flash-collection/testing-server-b543/

    If you have done everything correctly and nothing is broken, you will get an output similar to the following:

    suramya@StarKnight:~/Media/Downloads/CHIP/CHIP-SDK/CHIP-tools$ ./chip-update-firmware.sh -L ../testing-pocketchip-b667/
== Local directory '../testing-pocketchip-b667/' selected ==
== preparing images ==
== Local/cached probe files located ==
== Staging for NAND probe ==
Image Name:   detect NAND
Created:      Sun Aug 20 20:24:50 2023
Image Type:   ARM Linux Script (uncompressed)
Data Size:    97 Bytes = 0.09 KiB = 0.00 MiB
Load Address: 00000000
Entry Point:  00000000
Contents:
   Image 0: 89 Bytes = 0.09 KiB = 0.00 MiB
waiting for fel...OK
waiting for fel......OK
NAND detected:
nand_erasesize=400000
nand_oobsize=680
nand_writesize=4000
== Cached UBI located ==
Image Name:   flash server
Created:      Sun Aug 20 20:24:58 2023
Image Type:   ARM Linux Script (uncompressed)
Data Size:    1784 Bytes = 1.74 KiB = 0.00 MiB
Load Address: 00000000
Entry Point:  00000000
Contents:
   Image 0: 1776 Bytes = 1.73 KiB = 0.00 MiB
waiting for fel...OK
waiting for fastboot...................OK
target reported max download size of 33554432 bytes
sending sparse 'UBI' 1/23 (28672 KB)...
OKAY [  2.016s]
writing 'UBI' 1/23...
OKAY [  2.069s]
sending sparse 'UBI' 2/23 (28672 KB)...
OKAY [  2.007s]
writing 'UBI' 2/23...
OKAY [  5.484s]
..
..

sending sparse 'UBI' 22/23 (28672 KB)...
OKAY [  1.916s]
writing 'UBI' 22/23...
OKAY [  9.079s]
sending sparse 'UBI' 23/23 (16384 KB)...
OKAY [  1.105s]
writing 'UBI' 23/23...
OKAY [  4.981s]
finished. total time: 300.744s
resuming boot...
OKAY [  0.000s]
finished. total time: 0.000s


FLASH VERIFICATION COMPLETE.


   #  #  #
  #########
###       ###
  # {#}   #
###  '%######
  #       #
###       ###
  ########
   #  #  #


CHIP is ready to roll!

    If you see the message that “FLASH VERIFICATION COMPLETE.” and that “CHIP is ready to roll!”, then the OS installation has completed successfully. Now you can disconnect the CHIP from the computer and remove the jumper cable.

    Booting into CHIP

    If you have the PocketCHIP, then you can just power up the device by pressing on the power button for a second (pressing it for 10 seconds shuts it down forcefully). If you just have the CHIP, you will need to connect it to a monitor and connect a keyboard as well. (I used the PocketCHIP to configure everything and then used it separately).

    The boot up process can take a minute or two, and assuming everything went well you should see the standard boot messages on the screen. Once you get to the login prompt you can log in using the username ‘chip’ (without the quotes) and ‘chip’ (without the quotes) as the password. The root account password is also ‘chip’ (without the quotes).

    Connecting to WiFi and configuring the CHIP

    The first thing that you should do now is connect the device to a WiFi network so that you can SSH into it for ease of configuration. The second thing should be to change the default passwords 🙂

    The easiest way to configure WiFi is to use the nmcli tool. Run the following command as root to connect to the WiFi. More details on the command are available at How to Connect Wi-Fi from Linux Terminal Using Nmcli Command

    nmcli dev wifi connect <SSID of The Network to Connect With> password <password for the Wifi Network>

    Once the device is connected to the WiFi, get your IP address using the following command:

    ip address

    Then you can SSH into the device from any system using the IP address.

    CHIP is working!!!


    Running Debian 8 Testing


    Running the PocketCHIP customized version (Debian 8)

    Updating the OS to the latest version

    The system is running Debian 8 by default and you should upgrade it to the latest version. Unfortunately, I keep getting errors when I try to upgrade to the latest Debian version and haven’t yet fixed the problem. Basically, I think you need to update the /etc/apt/sources.list with the correct mirror details and then upgrade. Once I get some time to revisit the setup and resolve the issue I will post the fix on the blog as a followup post to this one.

    – Suramya

August 18, 2023

The Judge by GoblinTools is a great tool to tell how written text comes across qualitatively

Filed under: Artificial Intelligence,Interesting Sites,My Thoughts,Tech Related — Suramya @ 7:17 PM

Readers of this blog (and those who know me) know that I am usually quite skeptical of tools that claim to judge the emotional content of text or tell how the text comes across qualitatively. However, this new site called The Judge – Goblin Tools is quite impressive. As per James over on Mastodon, the tool was created to help neurodivergent folks communicate better with the normals avoiding misunderstanding, bad assumptions about intent, etc.

I tested it out with content from my blog and I have to say that it summarized the tone and content quite nicely. For example below is the summary it gave for my post on Celebrating India’s 76th Independence day!

Emotionally, this text comes across as proud, patriotic, and reflective. It begins by acknowledging and celebrating India’s 76th Independence Day, recognizing the significance of gaining freedom from British rule. It highlights the sacrifices, bloodshed, and tears endured by many individuals who fought for India’s freedom, emphasizing that not all their names are known and that this is a tragic aspect. The text expresses a sense of frustration with the tendency to focus solely on iconic figures like Gandhi and Nehru, disregarding the efforts of numerous other freedom fighters.

As the text looks towards the future, there is a strong emotional undertone of remembrance and gratitude towards those who paved the way for freedom. It cites famous slogans from freedom fighters, adding a sense of inspiration and reverence for their contribution. The passage acknowledges the importance of remembering the sacrifices made by past generations for the betterment of the nation.

There is a shift in emotion when it proudly proclaims India’s progress and achievements in various fields, such as technology, space exploration, and healthcare. It displays a sense of national pride and triumph over past perceptions that diminished India’s image. The text mentions India’s relief efforts during the COVID-19 pandemic and positions India as a nation capable of compassionate and humanitarian actions.

Moving forward, the text acknowledges areas that still require improvement, alluding to societal customs and mindsets. It expresses a desire for growth and change while also highlighting the need for self-reflection in other countries that criticize India, pointing out their own flaws and challenges.

The passage concludes with a message of unity and inclusivity, promoting the idea that humanity should transcend differences in caste, religion, nationality, sexuality, and age. It embraces the concept of a global family and emphasizes the values of humanity and national loyalty.

Overall, this text conveys a mixture of pride in India’s accomplishments, gratitude for the sacrifices made by freedom fighters, and a sense of reflection on the challenges that still exist. It aims to inspire unity, progress, and a commitment to the values that define the nation.

It did manage to capture the exact tone I was going for so that is quite nice. According to their About Us page, the site uses AI technologies in the backend including OpenAI’s models. They are planning to move to open source alternatives as and when they become available and reliable. Keeping that in mind, I would not recommend using this to analyze any text that has private or confidential information because it might be used to train OpenAI’s models. That being said I would be keeping an eye on this software and once they go to an opensource model and allow us to run a local instance of the tool I certainly wouldn’t mind using as part of my writing toolkit.

– Suramya

August 14, 2023

Little known HTML UI elements that work without JavaScript/CSS

Filed under: Interesting Sites,My Thoughts,Tech Related — Suramya @ 9:24 PM

The current iteration of the Internet is extremely GUI focused and if you don’t have Javascript enabled a lot of sites just stop working even though that shouldn’t be the case because they don’t really need Javascript (JS) to be rendered. Unfortunately, thanks to the profusion of JS Frameworks more and more sites are incorporating it to the point where it is just getting silly.

A simple site that would be a few hundred KB in the old HTML/CSS world is now multi MB in size. A few days ago I encountered a site that was downloading ~95MB every time it was loaded and all the site did was display a few thousand rows in a table. I figured that out because it was taking a few mins at high load for the site to load and I was shocked to see the amount of data being transferred for no good reason.

If you ask website developers they will tell you that JS is needed because it allows them to create fancy sites with interactive controls etc, but as I recently found out, this is not the case. HTML has a bunch of UI elements that most people don’t know about that allow us to create interactive sites or generate beautiful sites. The I’m betting on HTML site has examples of many such elements that I am going to start using in my sites going forward. Some of the examples I really liked from the site:

<datalist>: The HTML Data List element

Is that a typeahead I see? 🧐 Doesn’t seem to have built in validation, but the UI is there at least. Note that Safari requires option tags to be closed, or it just gives up. 😮‍💨


<details>: The Details disclosure element

A little dropdown thing for disclosoures and stuff. Can by styled quite aggressively.

PRIVACY DISCLOSURE

You are being watched.

There is a Dialog element as well, but it doesn’t work when embedded in a WP Blog post. Check out the site linked above to see it in action.

Well this is all for now. Will post more later.

– Suramya

June 28, 2023

Please stop shoving ChatGPT Integration into products that don’t need it

Filed under: Artificial Intelligence,Computer Software,My Thoughts,Tech Related — Suramya @ 11:50 AM

I am getting really tired of folks shoving ChatGPT integration into everything whether it makes sense or not. The latest silliness is an electric bike with ChatGPT integration. I understand the desire to integrate GPS/Maps etc in a bike, although personally I would rather use an independent device which would get updates more frequently than the built in GPS where the maps might get updated a few times a year. Unless the maps are getting downloaded live using 3G/4G/whatever. I even understand the desire to integrate voice recognition in the setup so that the user can talk to it. But why on earth do I want/need to have ChatGPT shoved in there?

Based on ChatGPT’s well known tendency to hallucinate there is a good probability that it might decide that you should take a path that is not safe or even dump you into the ocean because it hallucinated that it was the way to go. This is the same thing we saw with Blockchain a few years ago, everything was suddenly on the Blockchain whether it needed to be or not. The sad part is that these folks are going to make a ton of money because of the hype behind ChatGPT and then bail leaving the consumers with a sub-par bike that hallucinates.

Source: Urtopia Unveils the World’s First Smart E-Bike with ChatGPT Integration at EUROBIKE 2023

– Suramya

June 27, 2023

Thoughts on Meta joining the Fediverse (Mastodon)

Filed under: My Thoughts,Tech Related — Suramya @ 4:29 PM

The past few weeks have been interesting over at Mastodon where some of the community has been screaming and loosing their minds about the possibility of Meta becoming part of the Fediverse. Bloonface summarized my feelings about it perfectly in the following Toot:


Let’s just say the blunt truth here: It’s not going to be Meta or Project 92 or whatever that kills fedi, it’s the fact that every time anyone suggests a way in which normal people can use it in the same way that normal people use social networks, the entire network shits the bed and starts screaming about keeping the outsiders out. But then also the same people heap judgment on people for still using Twitter when Twitter actually gives them what they want

People have reason not to trust Meta because of their behavior in the past, and we have extreme examples where Opensource protocols were subverted (XAMPP) and the opensource clients killed off. However, we also have the example of AOL which was a closed garden opening up their network and users to the Internet which introduced a ton of people to the Open Internet and while there were initial hiccups and adjustments required in the long run it was good for the internet to ingest the closed garden into an open network.

One of the biggest reasons for people sticking with Facebook/Whatsapp/whatever is the cost of switching and the Network effect. Basically, what that means is that people use a social network/site because their friends are already using it and it is difficult to get them to switch. I have tried getting my family and friends to switch to Signal from Whatsapp but since most folks are on Whatsapp it becomes a chicken and egg problem. We can’t move there because all the friends are here. Having Meta become a part of the Fediverse would allow me to move to a new network/server and still be able to connect with my friends / relatives on FaceBook. This interoperability lowers the switching costs allowing users the freedom to change servers without loosing the userbase/network they have build up on the old system/

Cory Doctorow has written a fantastic article about Facebook’s war on switching costs that goes into detail on how reducing the switching costs and increasing interoperability is a good idea.

Unfortunately, there are folks who think that only the chosen few should be allowed to use ‘their’ networks and are screaming their heads off about something that is not even a formal discussion yet. Meta has had a few exploratory calls with Mastodon server admins and that’s it. No one has ‘betrayed’ the users or sold out or whatever. I can’t remember how many folks have been referencing that post about ‘Geeks, MOPs, and sociopaths in subculture evolution’ that I wrote about a while ago (not linking to the original post because I don’t what to increase its visibility). It is the same standard whining for a certain part of the user group that always tries to gatekeep everything and it is annoying.

I would love to have everyone move to Mastodon so that I don’t have to log into Twitter to catch up with folks. Currently not everyone is on Mastodon which means that either I stop following their work or I log into Twitter to read what they are doing till they migrate. If Twitter federates then I wouldn’t have to do that, I could read their posts from the comfort of my own server. Same thing with Facebook, I don’t log in much there but that means that I miss a lot of updates from family who still use it actively.

However, the advantage of having an open federated network is that even if some of the admins have a hissy fit and block the Meta (or any other servers) nothing is preventing their users from deciding to move their accounts to a more sensibly managed server as they are not locked in.

– Suramya

June 20, 2023

It is now possible to track someone using SMS Receipt Messages

Filed under: Computer Security,Interesting Sites,My Thoughts,Tech Related — Suramya @ 6:04 PM

With modern technology it is getting more and more easy to track someone. There are many apps, devices etc that allow a target to be tracked in near realtime by someone. This can be done using an App on your phone, find my phone functionality, family phone track etc etc. As someone who is worried about getting tracked they can disable GPS, get a new dumb phone that doesn’t support GPS etc which can mitigate the threat to a large extent. Unfortunately, now there is a new attack surface that allows an attacker to approximately locate a target with up to 96% accuracy.

Researchers have figured out how to deduce the location of an SMS recipient by analyzing timing measurements from typical receiver location. Basically they measure the time elapsed between sending a SMS and the receipt of the Delivery report and then use a ML model to predict the location area where the target could be located. The other advantage of this attack is that it doesn’t require any specialized equipment or access to restricted systems but can be executed via a simple smartphone.

Short Message Service (SMS) remains one of the most popular communication channels since its introduction in 2G cellular networks. In this paper, we demonstrate that merely receiving silent SMS messages regularly opens a stealthy side-channel that allows other regular network users to infer the whereabouts of the SMS recipient. The core idea is that receiving an SMS inevitably generates Delivery Reports whose reception bestows a timing attack vector at the sender. We conducted experiments across various countries, operators, and devices to show that an attacker can deduce the location of an SMS recipient by analyzing timing measurements from typical receiver locations. Our results show that, after training an ML model, the SMS sender can accurately determine multiple locations of the recipient. For example, our model achieves up to 96% accuracy for locations across different countries, and 86% for two locations within Belgium. Due to the way cellular networks are designed, it is difficult to prevent Delivery Reports from being returned to the originator making it challenging to thwart this covert attack without making fundamental changes to the network architecture.

The biggest problem with this method is that it doesn’t depend on any software or anything that needs to be installed on the target phone. You just need a phone that supports SMS, which is pretty much all phones in the market. There is an option to disable delivery reports which would mitigate the threat to an extent but is an opt-out setup rather than an opt-in. One way to reduce this vector would be for manufacturers to disable the delivery report by default and folks who need it can enable it from settings instead of the other way round which is the case right now.

Source: HackerNews: Freaky Leaky SMS: Extracting user locations by analyzing SMS timings
Full Paper: Freaky Leaky SMS: Extracting User Locations by Analyzing SMS Timings

– Suramya

June 12, 2023

A DIY Robot for automating a Cold boot attack now exists

Filed under: Computer Hardware,Computer Security,My Thoughts,Tech Related — Suramya @ 11:58 PM

A Cold boot Attack has been around for a while (It was first demo’d in 2008) but it has been a fairly manual tricky operation till now. But now there is a new DIY Robot has been created that reduces the manual effort for this attack. Now you might be asking what on earth is a Cold Boot Attack? No, it is not referring to having to wear cold shoes in winter. It is actually a very interesting attack where the attacker freezes the RAM chips of a system while it is running and then shuts it down, after which they remove the RAM chip and put it in another device to read the data from it. Because the chip has been cooled significantly it retains the information even after the system is shutdown long enough for information to be extracted from it. The original cold boot attack involved freezing a laptop’s memory by inverting a can of compressed air to chill the computer’s DRAM to around -50°C so that it persists for several minutes, even after the system was powered down.

Ang Cui, founder and CEO of Red Balloon Security has created a process & robot to extract the chip from the system. The robot is a CNC machine which is has a FGPA (field-programmable gate array) connected to it. The robot chills the RAM chips one at a time, extracts them from the board and then inserts them into the FGPA that reads the contents of the chip allowing them to extract the data from it. To make it easier and allow them more time to remove the chip, the system monitors the electromagnetic emanation of the device which allows them to identify when the system is running CPU bound operations. Once they identify that, they can extract the chip when the system is using the CPU and not reading/writing to the RAM. This gives the robot a window of ~10 milliseconds to extract the chips instead of having to do it in nanoseconds.

Cui and colleagues demonstrated their robot on a Siemens SIMATIC S7-1500 PLC, from which they were able to recover the contents of encrypted firmware binaries. They also conducted a similarly successful attack on DDR3 DRAM in a CISCO IP Phone 8800 series to access the runtime ARM TrustZone memory.

They believe their technique is applicable to more sophisticated DDR4 and DDR5 if a more expensive (like, about $10,000) FPGA-based memory readout platform is used – a cost they expect will decline in time.

Cold boot attacks can be countered with physical memory encryption, Cui said.

This is not an attack the average user has to worry about but it is something that folks working on critical systems like banking servers, government systems, weapons etc need to be aware of and guard against. More details on the attack will be provided during a talk at the REcon reverse engineering conference in Canada titled “Ice Ice Baby: Coppin’ RAM With DIY Cryo-Mechanical Robot

Source: Hacker News: Robot can rip the data out of RAM chips

– Suramya

« Newer PostsOlder Posts »

Powered by WordPress