Suramya's Blog : Welcome to my crazy life…

June 12, 2023

A DIY Robot for automating a Cold boot attack now exists

Filed under: Computer Hardware,Computer Security,My Thoughts,Tech Related — Suramya @ 11:58 PM

A Cold boot Attack has been around for a while (It was first demo’d in 2008) but it has been a fairly manual tricky operation till now. But now there is a new DIY Robot has been created that reduces the manual effort for this attack. Now you might be asking what on earth is a Cold Boot Attack? No, it is not referring to having to wear cold shoes in winter. It is actually a very interesting attack where the attacker freezes the RAM chips of a system while it is running and then shuts it down, after which they remove the RAM chip and put it in another device to read the data from it. Because the chip has been cooled significantly it retains the information even after the system is shutdown long enough for information to be extracted from it. The original cold boot attack involved freezing a laptop’s memory by inverting a can of compressed air to chill the computer’s DRAM to around -50°C so that it persists for several minutes, even after the system was powered down.

Ang Cui, founder and CEO of Red Balloon Security has created a process & robot to extract the chip from the system. The robot is a CNC machine which is has a FGPA (field-programmable gate array) connected to it. The robot chills the RAM chips one at a time, extracts them from the board and then inserts them into the FGPA that reads the contents of the chip allowing them to extract the data from it. To make it easier and allow them more time to remove the chip, the system monitors the electromagnetic emanation of the device which allows them to identify when the system is running CPU bound operations. Once they identify that, they can extract the chip when the system is using the CPU and not reading/writing to the RAM. This gives the robot a window of ~10 milliseconds to extract the chips instead of having to do it in nanoseconds.

Cui and colleagues demonstrated their robot on a Siemens SIMATIC S7-1500 PLC, from which they were able to recover the contents of encrypted firmware binaries. They also conducted a similarly successful attack on DDR3 DRAM in a CISCO IP Phone 8800 series to access the runtime ARM TrustZone memory.

They believe their technique is applicable to more sophisticated DDR4 and DDR5 if a more expensive (like, about $10,000) FPGA-based memory readout platform is used – a cost they expect will decline in time.

Cold boot attacks can be countered with physical memory encryption, Cui said.

This is not an attack the average user has to worry about but it is something that folks working on critical systems like banking servers, government systems, weapons etc need to be aware of and guard against. More details on the attack will be provided during a talk at the REcon reverse engineering conference in Canada titled “Ice Ice Baby: Coppin’ RAM With DIY Cryo-Mechanical Robot

Source: Hacker News: Robot can rip the data out of RAM chips

– Suramya

June 10, 2023

The World Book encyclopedia is still in print and I really wanted a copy

Filed under: My Thoughts — Suramya @ 11:59 PM

Back in the early 1990’s we made a big investment and bought a copy of the World Book Encyclopedia. From what I can remember it costed quite a bit but it was worth it. Most of my research for any paper or project I had to do in my school years was done using these as the starting point. (and the middle and the end for most of the research).We still have the encyclopedias at home in Delhi but they are not much used. I think Vir has used them a few times to find something but with the internet putting the latest research at your fingertips the physical books are not that used.

However, there are multiple advantages to having a physical copy of something. For example, we are not dependent on internet connectivity or even electricity to be able to look up something in a physical book. Plus there is just a different feel to having a physical book in your hand rather than a digital copy.

Found a post earlier this week where this journalist found out that the World Book Encyclopedia is still being actively published in physical form every year and I was actually tempted to go and buy the latest version just so that I have it at home. Then I saw the cost for full set and decided that nostalgia is all well and good but not worth spending $1,199. You can also subscribe to an online version of the encyclopedia for lot cheaper cost but I don’t think I am going to do that. I have access to enough other sources where this is not needed.

This reminded me that I do have a CD version of the Encarta Encyclopedia lying around somewhere, maybe I should install it and see if it still works on my new system…

Source: Arstechnica: I just bought the only physical encyclopedia still in print, and I regret nothing

– Suramya

June 9, 2023

Sound based Quantum Computers are now closer to reality due to breakthrough research

Filed under: Computer Hardware,Emerging Tech,Quantum Computing,Tech Related — Suramya @ 3:19 PM

We all know about the ongoing efforts to build a Quantum Computer by encoding information into quantum states of particles of light (photons), however there is a parallel effort ongoing that is trying to build Quantum Computers that are based on Sound instead of light. This effort being led by Andrew Cleland at the University of Chicago, just had a major breakthrough and created a device that is a key component in building a sound based Quantum Computer.

Phonons are the fundamental quantum vibrations within materials, with individual phonons representing the collective motion of many trillions of atoms. The team built a chip that allows them to create single phonons on demand which are about a million times higher pitched than audible sound. They then passed it into a beam splitter which consists of 16 tiny, parallel aluminium strips designed so that any sound that hits them gets reflected and transmitted in equal parts. At supercooled temperatures they found that the Phonon entered a quantum superposition state where the whole particle was simultaneously in the state of being reflected and transmitted.

Cleland says that this is exactly what they hoped would happen because this process is a necessary step for running calculations on quantum computers that rely on particles of light. To make their chip even more like a sound-based quantum computer, the researchers also successfully recreated the way two particles of light are commonly made to “talk to each other” and how their behaviour is controlled during light-based computations.

Here, they simultaneously sent two phonons from opposite directions into the beam splitter and saw their respective superposition states influence each other. In the future, they will use this procedure to implement simple operations that make up computer programs.

Dirk Bouwmeester at the University of California, Santa Barbara, says that for particles of light, procedures like quantum teleportation or creating entanglement hinge on using beam splitters, and now they could be done with particles of sound as well. “It is truly spectacular that the team could replace photons with phonons,” he says.

There are a lot of interesting applications for this technology once it matures, for example it could be used to connect computer components that are hard to connect to each other. Using sound as the carrier instead of light opens up more possibilities. Their research has been published in the Science Journal (DOI: 10.1126/science.adg8715)

Source: NewScientist: Sound-based quantum computers could be built using chip-sized device

– Suramya

June 7, 2023

Proof of Concept setup demoing technology to beam solar power down to Earth successfully demoed

Filed under: Astronomy / Space,Emerging Tech,Science Related — Suramya @ 4:20 PM

The ability to beam power from space to earth has long been a staple of Science Fiction books and movies. On the surface it makes sense, space is huge and if we can setup solar panels in space to collect energy and get it to earth in a usable format then it is a win-win. No more having to deal with fossil fuels/nuclear reactors etc. Folks have been working on this for over 5 decades now and progress was slow as most people focused their efforts on other options such as improving land based solar panels, geothermal etc etc.

Now researchers from California Institute of Technology (Caltech) have successfully demonstrated MAPLE (Microwave Array for Power-transfer Low-orbit Experiment) which is an array of 32 flat antennas packed onto a surface slightly larger than a dinner plate. During the experiment the energy was transmitted to earth and successfully received by a receiver on the roof of the Gordon and Betty Moore Laboratory of Engineering and they were able to successfully target receivers about a foot away alternatively and transmit ~200 milliwatts of power to the receiver that powered a LED light.

Using constructive and destructive interference between individual transmitters, a bank of power transmitters is able to shift the focus and direction of the energy it beams out—without any moving parts. The transmitter array uses precise timing-control elements to dynamically focus the power selectively on the desired location using the coherent addition of electromagnetic waves. This enables the majority of the energy to be transmitted to the desired location and nowhere else.

MAPLE features two separate receiver arrays located about a foot away from the transmitter to receive the energy, convert it to direct current (DC) electricity, and use it to light up a pair of LEDs to demonstrate the full sequence of wireless energy transmission at a distance in space. MAPLE tested this in space by lighting up each LED individually and shifting back and forth between them. The experiment is not sealed, so it is subject to the harsh environment of space, including the wide temperature swings and solar radiation that will be faced one day by large-scale SSPP units.
..
..
MAPLE also includes a small window through which the array can beam the energy. This transmitted energy was detected by a receiver on the roof of the Gordon and Betty Moore Laboratory of Engineering on Caltech’s campus in Pasadena. The received signal appeared at the expected time and frequency, and had the right frequency shift as predicted based on its travel from orbit.

This is a big step forward, but I still have major doubts about the feasibility of the project, at least in the current form. Here we are using microwaves to transmit the energy from space to earth, at the level of power we need to transmit the microwave beam will cook anything that crosses it, for example if a plane flies through the beam you can say goodbye to the passengers. Even if we decide that we will establish a no-fly zone around the area what is to stop birds etc from flying into the beam and getting fried. Another problem is that microwave beams generate heat as a side-effect and that can cause a major heating of the atmosphere and change the air-currents which can cause a massive environmental impact.

We also need to consider that in order to collect the solar energy at a scale where it would be useful and make financial sense we would need to setup massive solar-panels in space. This will case a huge problem for astronomers. We already have issues being caused by the Starlink Satellites, this will be the same but at a much larger scale.

However, that being said I see the potential and if we can ever get quantum entanglement or spooky action at a distance as Einstein called it working reliably and consistently then that could potentially be used to transmit the power to earth without frying everyone in the path.

Lets see what else the researchers come up with…

Source: Caltech.edu: In a First, Caltech’s Space Solar Power Demonstrator Wirelessly Transmits Power in Space
Science.org: Satellite beams solar power down to Earth, in first-of-a-kind demonstration

– Suramya

June 5, 2023

Map Directions can’t always be trusted

Filed under: Humor,My Thoughts — Suramya @ 5:49 PM

There are too many cases where someone followed Google Maps or Apple Maps blindly and ended up somewhere they weren’t supposed to. Before Google maps was available Map My India was the most up to date option available for maps in India. I remember one time me and Gaurang were on my way to visit friends and the map kept insisting that we take a left from the top of the flyover. This was before the time when algorithms would auto update the route if you missed the turn so it kept insisting that we take a U-Turn and turn from the top of the bridge. Ended up having to restart the session before it gave us an alternative route.


As I walk through the valley of the shadow of death, I remind myself that you can't always trust google maps.
As I walk through the valley of the shadow of death, I remind myself that you can’t always trust google maps.

Even with Google Maps you have to watch where it is trying to take you, I once was directed to take a road that was about six inches wider than my car, (It started a bit wider and narrowed as I drove into it) had to reverse back out of the way before I got stuck there. Apple maps is even ‘better’ in that Australian Police had to release an advisory back in 2012 warning people about its Potentially Life Threatening” Misdirection.

There is no system that is 100% up to date and accurate but it is expected that when you are you following directions, you use your own brain as well once in a while so you don’t end up in the middle of a desert, or drive into a lake or take a longer way to get where you are going.

– Suramya

May 29, 2023

There are Two kinds of people in the world…

Filed under: Humor,My Thoughts — Suramya @ 7:23 PM

There are Two kinds of people in the world…

There are Two kinds of people in the world... 1. Those that think EOD means 5:00pm 2. those that think EOD means 11:59pm
There are Two kinds of people in the world… 1. Those that think EOD means 5:00pm 2. those that think EOD means 11:59pm

Which one do you fall under? I actually fall under neither because for me EOD is when I sign off for the day which is usually about 1am-2am depending, as when I say EOD I mean my End of Day i.e. when I log off for the day/night.

– Suramya

May 22, 2023

How not to do Interview Screening: Take 1000

Filed under: Humor,My Thoughts — Suramya @ 9:05 PM

Interviewing people is hard and each of us has their own bag of tricks and filters we use to identify the correct candidate for the position. However, some of the ways that people use to filter out applicants just make you go ‘Wow!’ with a head shake. One such example is below:

The iPhone is so much better than any other phone it isn't funny. I now check for phone type in interviews and automatically disqualify the Android Users
The iPhone is so much better than any other phone it isn’t funny. I now check for phone type in interviews and automatically disqualify the Android Users

Using a phone preference as a filter is not the right way to filter out candidates, if this becomes the norm then folks will start filtering candidates on what music they like, what brands they wear or what car they drive. Unless you are working at apple rejecting people for using an Android phone (which for the record is way better then iPhone) is foolish. It is also extremely classist, it automatically filters out people who can’t afford to buy an expensive iPhone as the General cost range for an iPhone is between $500 – $1,500+ whereas an Android phone would range between $100-$1,750+. It also filters out people who care about compatibility of their phone with other users at their home as it is hard to connect an iPhone to an Android ecosystem.

Plus it tells me that you are more concerned about arbitrary markers of evaluation than actually relevant criteria. Personally, I think that if the person interviewing me is using something like this as a filtering mechanism then I am better off getting rejected as who know what insane criteria they might come up with for performance evaluation once you join and start working with them.

I do have a lot of thoughts on interview processes and how some companies do screening but that is a post for another time.

– Suramya

May 19, 2023

KeePass exploit helps retrieve cleartext master password – Fix ETA July 2023

Filed under: Computer Security,My Thoughts,Tech Related — Suramya @ 8:06 PM

Security is hard to do and no matter how careful you are while coding every software will have bugs in it and some of these bugs have major security implications. Keepass which is a very popular password manager is vulnerable to extracting the master password from the application’s memory, allowing attackers who compromise a device to retrieve the password even with the database is locked. The bug is being tracked as CVE-2023-32784.

The issue was discovered by a security researcher known as ‘vdohney’ who has unfortunately also published PoC code that exploits the vulnerability called the “KeePass Master Password Dumper” on GitHub.

KeePass Master Password Dumper is a simple proof-of-concept tool used to dump the master password from KeePass’s memory. Apart from the first password character, it is mostly able to recover the password in plaintext. No code execution on the target system is required, just a memory dump. It doesn’t matter where the memory comes from – can be the process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), various crash dumps or RAM dump of the entire system. It doesn’t matter whether or not the workspace is locked. It is also possible to dump the password from RAM after KeePass is no longer running, although the chance of that working goes down with the time it’s been since then.

Tested with KeePass 2.53.1 on Windows (English) and KeePass 2.47 on Debian (keepass2 package). PoC might have issues with different encodings (languages), but that’s not confirmed as of now (see issue #3). Should work for the macOS version as well. Unfortunately, enabling the Enter master key on secure desktop option doesn’t help in preventing the attack.

The attack does require either physical access to the system or the system would need to be infected with Malware that give an attacker remote access with the ability to perform thread dumps. They can also extract the password from the process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys) or RAM dump of the entire system.

The fix for the problem is in the works and the initial testing looks promising. Personally I think that the security researcher should have waited to release the PoC code till the fix is available but to each their own I guess.

Source: Bleepingcomputer.com: KeePass exploit helps retrieve cleartext master password, fix coming soon

May 18, 2023

Lost in Translation: Movie Synopsis edition

Filed under: Humor — Suramya @ 10:52 PM

This screenshot of the synopsis for ‘Alien’ popped up in my feed earlier and I couldn’t stop laughing.

“Space ship people get up from sleeping coffin and have eat. Computer woman find strange noisings on planet and astronauts go to seeing. Astronauts find big elephant man who dead then find too many egg/

Astronaut is possess by egg demon and new egg demon is come when eat bad noodle. Seven friends and cat all try to find egg demon before ship go home but is hard working.

Who will life to escaping? Who is bad milk blood robot? Scream not working because space make deaf.”

This reminds me of “All your base are belong to us” which was another masterpiece of bad translation.

– Suramya

May 17, 2023

Request to advertise ‘Men’s Beauty’ topics on Linuxgazette.net

Filed under: Humor,Linux/Unix Related — Suramya @ 7:18 PM

As some of you might know, I host a mirror for Linuxgazette.net and this usually results in an email every couple of months for changes to the existing articles and requests to advertise. I recently received an email requesting information about linuxgazette.net for advertising. Now there are a few problems with this, firstly I don’t host linuxgazette.net I just host a mirror of the site. Second problem was the content/topic they want to advertise on the site:

Beards seem to have become popular again, but do you think they will stick? Time will tell, but personally, I wouldn’t mind seeing more men with a cleanly shaven face 😍

I’m getting in touch today because I have some clients looking for advertising opportunities that are related to Men’s Beauty (Should I call it Men’s “Beauty”). After I stumbled across linuxgazette.net I figured I’d reach out and see if you ever work with brands, or have a media kit available.

I mean historically Linux admins do have a reputation of keeping big beards but this is ridiculous. Of course I know that this mail was probably sent out by an automated bot but it did make me laugh .

– Suramya

« Newer PostsOlder Posts »

Powered by WordPress