Search This Blog

Wednesday, August 23, 2017

Elon Musk Reveals First Official Photo of SpaceX Space Suit

As reported by The Verge: Elon Musk has posted the official first photo of his SpaceX space suit on Instagram, teasing that more details will come in a few days. Musk says the suit actually works, and was tested to double vacuum pressure. The suit itself is very white and very spacey, and Musk acknowledges that it was “incredibly hard” to balance the suit’s look and its function.
Musk didn’t specify, but the SpaceX suits are meant to be worn by astronauts when riding inside the company’s Dragon Capsule. They’re pressure suits, so they’re not meant for spacewalks, but are worn by astronauts during transport in case the capsule depressurizes. The suits will be worn by NASA astronauts for the commercial crew program when SpaceX starts launching people to and from the International Space Station. In January, Boeing revealed its own spacesuit design that astronauts will wear on route to the ISS.
The reveal today is similar to photos of a SpaceX suit that surfaced years ago on reddit. The design is very elegant and feels right at home in a sci-fi flick, while simultaneously paying homage to the old school suits NASA astronauts wore to the moon. We compiled a list ofscience fiction spacesuits from worst to best, though in my opinion, this real SpaceX suit tops the list of best.

Tuesday, August 22, 2017

Hackers Are the Real Obstacle for Self-Driving Vehicles

As reported by MIT Technology Review: Before autonomous trucks and taxis hit the road, manufacturers will need to solve problems far more complex than collision avoidance and navigation (see “10 Breakthrough Technologies 2017: Self-Driving Trucks”).

These vehicles will have to anticipate and defend against a full spectrum of malicious attackers wielding both traditional cyberattacks and a new generation of attacks based on so-called adversarial machine learning (see “AI Fight Club Could Help Save Us from a Future of Super-Smart Cyberattacks”). As consensus grows that autonomous vehicles are just a few years away from being deployed in cities as robotic taxis, and on highways to ease the mind-numbing boredom of long-haul trucking, this risk of attack has been largely missing from the breathless coverage.

It reminds me of numerous articles promoting e-mail in the early 1990s, before the newfound world of electronic communications was awash in unwanted spam. Back then, the promise of machine learning was seen as a solution to the world’s spam problems. And indeed, today the problem of spam is largely solved—but it took decades for us to get here.

There have been no reports to date of hostile hackers targeting self-driving vehicles. Ironically, though, that’s a problem. There were no malicious attackers when the dot-com startups in the 1990s developed the first e-commerce platforms, either. After the first big round of e-commerce hacks, Bill Gates wrote a memo to Microsoft demanding that the company take security seriously. The result: today Windows is one of the most secure operating systems, and Microsoft spends more than a billion dollars annually on cybersecurity. Nevertheless, hackers keep finding problems with Windows operating systems, Web browsers, and applications.

Car companies are likely to go through a similar progression. After being widely embarrassed by their failure to consider security at all—the CAN bus, designed in the 1980s, has no concept of authentication—they now appear to be paying attention. When hackers demonstrated that vehicles on the roads were vulnerable to several specific security threats, automakers responded by recalling and upgrading the firmware of millions of cars. Last July, GM CEO Mary Barra said that protecting cars from a cybersecurity incident “is a matter of public safety.”

But the efforts being made to date may be missing the next security trend. The computer vision and collision avoidance systems under development for autonomous vehicles rely on complex machine-learning algorithms that are not well understood, even by the companies that rely on them (see “The Dark Secret at the Heart of AI”).

Last year researchers at CMU demonstrated that state-of-the-art face recognition algorithms could be defeated by wearing a pair of clear glasses with a funky pattern printed on their frames. Something about the pattern tipped the algorithm in just the right way, and it thought it saw what wasn’t there. “We showed that attackers can evade state-of-the-art face recognition algorithms that are based on neural networks for the purpose of impersonating a target person, or simply getting identified incorrectly,” lead researcher Mahmood Sharif wrote in an e-mail.

Also last year, researchers at the University of South Carolina, China’s Zhejiang University, and the Chinese security firm Qihoo 360 demonstrated that they could jam various sensors on a Tesla S, making objects invisible to its navigation system.

Many recent articles about autonomous driving downplay or even ignore the idea that there might be active, adaptive, and malicious adversaries trying to make the vehicles crash. In an interview with MIT Technology Review, the chair of the National Transportation Safety Board, Christopher Hart, said he was “very optimistic” that self-driving cars would cut the number of accidents on the nation’s roads. In discussing safety issues, Hart focused on the need to program vehicles to make ethical decisions—for example, when an 80,000-pound truck suddenly blocks a car’s way.

Why anyone would want to hack a self-driving car, knowing that it could result in a death? One reason is that widespread deployment of autonomous vehicles is going to result in a lot of unemployed people, and some of them are going to be angry.

In August 2016, Ford CEO Mark Fields said that he planned to have fully autonomous vehicles operating as urban taxis by 2021. Google, Nissan, and others planned to have similar autonomous cars on the roads as soon as 2020. Those automated taxis or delivery vehicles could be vulnerable to being maliciously dazzled with a high-power laser pointer by an out-of-work Teamster, a former Uber driver who still has car payments to make, or just a pack of bored teenagers.

Asked about its plans for addressing the threat of adversarial machine learning, Sarah Abboud, a spokesperson for Uber, responded: “Our team of security experts are constantly exploring new defenses for the future of autonomous vehicles, including data integrity and abuse detection. However, as autonomous technology evolves, so does the threat model, which means some of today’s security issues will likely differ from those addressed in a truly autonomous environment.”

It will take only a few accidents to stop the deployment of driverless vehicles. This probably won’t hamper advanced autopilot systems, but it’s likely to be a considerable deterrent for the deployment of vehicles that are fully autonomous.

IBM Forges Blockchain Collaboration With Nestlé & Walmart For Food Transportation Safety

As reported by Forbes: A group of leading retailers and food companies including Nestlé, Walmart and Unilever have signalled their commitment to “strengthen consumer confidence” in the foods they purchase by announcing a major blockchain collaboration with IBM. The consortium will work with ‘Big Blue’ to identify the “most urgent areas” across the global food supply chain that could benefit from the blockchain.
Highlighting matters, every year one-in-10 people fall ill (c.600 million) globally and around 420,000 die as a result of contaminated food, according to global estimates of foodborne diseases from the World Health Organization (WHO). These diseases were cited as being caused by diseases caused by 31 agents - bacteria, chemicals, viruses, parasites and toxins.
The findings contained in a WHO report titled ‘Estimates of the global burden of foodborne diseases’ (December 2015), were the most comprehensive published at the time and found that almost 30% of all deaths from foodborne diseases are in children under the age of five years (c.125,000).
Many of the critical issues impacting food safety such as contamination, food-borne illness, waste and the economic burden of recalls rest though on a lack of access to information and traceability.
Given that today nobody currently oversees the entire supply chain and traceability is undertaken only in a linear fashion, this is where the blockchain is being pitched as playing a pivotal role.
By using blockchain, when a problem arises, the potential is to quickly identify what the source of contamination is since one can see across the whole ecosystem and where all the potential points of contamination could be - using the data to pinpoint the source. As such it is “ideally suited” according to IBM to address these challenges because it establishes a trusted environment for all transactions.
It can indeed take weeks to identify the precise point of contamination, causing further illness, lost revenue and wasted product.
Take, for example, the recent incidence of salmonella infections linked to imported Maradol papayas, which required over two months to identify the farm source of contamination according to the Centers for Disease Control and Prevention. Among a number of people who were hospitalized between May 17 and July 21 this year, one death was reported from New York City.
Concurrently with news of its consortium with ten leading retail and food companies, which besides Nestlé and Walmart includes DoleDriscoll’sGolden State FoodsKrogerMcCormick and CompanyMcLane CompanyNestléTyson FoodsUnilever - Big Blue also announced the introduction of the “first fully integrated, enterprise-ready” IBM Blockchain platform to accelerate adoption and new academic and developer initiatives to advance Blockchain skills.
The International Business Machines Corp. ( IBM) logo is displayed in front of the company's offices in New York, U.S. (Photographer: Craig Warga/Bloomberg).
In an effort to expand the blockchain ecosystem across academia and the start-up community, IBM is working with select universities including Fordham University, University of Arkansas, University at Buffalo and University of British Columbia to fund research grants, develop customized curricula and host workshops and hackathons.
Global Food Supply Chain
The food supply chain is depicted generally as being composed by three main levels: (1) Agricultural production; (2) Industrial processing; and, (3) Wholesale or retail distribution. However, with closer examination it becomes more complex, involving a series of other stages and links that add value to the chain - either in the form of goods or services inputs - such as the seed provider – and ending with the final consumer.
All participants in the global food supply chain - from the growers to suppliers and processors and right through distributors to retailers, regulators and consumers - can through this latest IBM initiative gain “permissioned access” to known and trusted information regarding the origin and state of food for their transactions.
In so doing it enables food providers and other members of the ecosystem to use a blockchain network to trace contaminated product to its source in a short amount of time and stem the spread of illnesses.
The consortium development involving Big Blue comes a month after Ambrosus, claimed to be the world’s first ‘trusted’ blockchain-based ecosystem for the food supply chain launched and unveiled a token sale for Amber scheduled for this September.
Co-founded by Swiss-based CEO Angel Versetti and CTO Dr Stefan Meyer last year, Ambrosus combines high-tech sensors, blockchain technology (built on the Ethereum Blockchain) and smart contracts.
Development of the Ambrosus ecosystem and a system of interconnected quality assurance sensors is touted as being able to “reliably record the entire history of food from farm to fork” according to the company. The project’s efforts have been officially endorsed by EIT Food and Swiss Quality and Safety Association.
Ambrosus’ CEO Versetti noted this July that at present the global system of food production and distribution “does not adequately serve the needs of our society” with “little trust amongst consumers, poor living standards for farmers, malpractice within supply chain networks or by large manufacturers and regular major food scandals.” So there’s work to be done.
He added: “Blockchain can protect the integrity and verifiability of sensor data, while smart contracts can enable automatic governance of food supply chains and manage commercial relationships between the different actors within them.”
Food Safety Pilot Projects
For its part, IBM has already completed multiple pilots specific to food safety in order to successfully demonstrate the ways in which blockchain can positively impact global food traceability.
Insights from those projects, in addition to input from the 10 retail and food groups in the latest consortium as well as others, will be used by IBM to identify and “prioritize the key areas” where blockchain can further benefit food ecosystems. This, it is said, will help “ensure problems can be addressed with surgical precision when they arise.”
Among specific pilot projects undertaken, a collaboration between IBM, Walmart and Tsinghua University was announced in October 2016 to improve the way food is tracked, transported and sold to consumers in China and are creating a new model for food traceability. By using blockchain technology to build transparency and efficiency in supply chain record-keeping, this work aims to help ensure food safety for Chinese consumers.
Tsinghua University brings its expertise in transaction security and authentication technology to the table, while Walmart is a global leader in supply chain, logistics and food safety. Early trials in China and the US are understood to have shown how blockchain technology digitally tracks food products from pork and mango suppliers to store shelves and ultimately to consumers.
Product information (e.g. farm origination details, batch numbers, factory and processing data, expiration dates and shipping detail) is digitally connected to food items and entered into the blockchain at every step of the process. Each piece of information serves to provide critical data points that could potentially reveal food safety issues with the product.
In another example, Walmart, which is regarded as having one of the best food traceability systems in the industry, completed a test using traditional methods to trace the origin of mangoes, which took them six days, 18 hours and 26 minutes to trace a package of mangoes to the exact farm of origin. By using blockchain, it took just 2.2 seconds.
Abstact image of digital retail store image with person holding smart phone with U.S. dollar bill and digital binary code. (Image: Shutterstock).
New IBM Blockchain Platform
Beyond food supply chain applications, blockchains are now being used to transform processes and streamline transactions for everything from flowers, real estate and banking, to education, government and health care. In fact hardly a day passes without an industry or sector being considered ripe for blockchain application.
To accelerate this adoption, IBM is introducing the first fully integrated, enterprise-grade production blockchain platform on the IBM Cloud, as well as consulting services. This will allow more organizations to swiftly activate their own business networks and access the vital capabilities needed to successfully develop, operate, govern and secure these networks.
Running in the IBM Cloud, it is said to offer “unique protection” from insider credential abuse, protection from malware, and hardware encryption key protection, with the IBM blockchain platform providing the “highest-level tamper resistant” FIPS140-2 level 4 protection for encryption keys.
For developers, they can create standard business language in JavaScript and the APIs help keep development work at the business level, rather than being highly technical and making it possible for most any programmer to be a blockchain developer.
The platform is described as being designed to address both business and technical requirements, and incorporates insights gained as IBM has worked with over 400 organizations since February 2016 on blockchain projects across industries including financial services, supply chain and logistics, retail, government and health care.
And, while the platform offers all participating members some control, it prevents any one member from having exclusive control through a new class of democratic governance tools.
Tested and piloted extensively, the platform is held up addressing a wide range of “enterprise pain points” around security, performance, collaboration and privacy that IBM maintained no other blockchain platform delivers currently today.
It includes innovation developed through open source collaboration in the Hyperledger community (of which IBM was an early member), including the newest Hyperledger Fabric version 1.0 framework and Hyperledger Composer incubation project.
The Integrated platform allows multiple parties to jointly develop, govern, operate and secure blockchain networks to help enterprises accelerate blockchain adoption.
Marie Wieck, IBM General Manager, Blockchain, commenting in the wake of the latest developments said: “Unlike any technology before it, blockchain is transforming the way like-minded organizations come together, enabling a new level of trust based on a single view of the truth.”
She added: “IBM’s platform further unleashes the vast potential of this exciting technology, making it faster for organizations of all sizes and in all industries to embrace blockchain and improve the way business gets done.”
Blockchain Advances
In addition to food safety, IBM is advancing other blockchain supply chain initiatives using the IBM Blockchain Platform for an automated billing and invoicing system.
Initial work to use blockchain for invoicing for instance is underway starting with Lenovo, which will provide an audit-ready solution with full traceability of billing and operational data, and help speed on-boarding time for new vendors and new contract requirements.
To complement the new platform, IBM Global Business Services offers blockchain services, which bring industry expertise from its 1,600 blockchain consultants who have helped clients deploy and integrate active networks and help realize optimal value. 
In terms of resulting efficiencies brought about by such deployments, clients have been able to reduce back office processes “by up to 30% and cycle time of accounts receivable by 50%”, thereby unlocking millions of dollars in cost savings and market capital. The IBM Blockchain Platform provides a range of pricing options, which start at $0.50 per hour.
Going forward the companies involved in the latest global food supply chain collaboration with IBM will help identify the benefits or shared value that resonates for everyone in the network and make sure it is a solution everyone can use - from the farmer in the field to the packer in the packing house to the retailer. And, ensure it meets the industry’s needs for security and scalability.
Despite IBM being canvassed on the financial details of its latest collaborations none were disclosed.

Friday, August 18, 2017

Russia May Be Testing Its GPS Spoofing Capabilities Around The Black Sea

A consensus is building that Russia has been experimenting with the ability to override Global Positioning System signals with fake ones that can severely disrupt and confuse the geolocation abilities of GPS users. For now this phenomenon has mainly affected ships traversing the Black Sea, but during a time of conflict it could impact a wide spectrum of combat systems including drones, missiles, smart bombs, as well as surface combatants and land warfare units. Even manned aircraft may not be immune to such electronic warfare tactics.

This all started on June 22nd when a ship near the Russian port of Novorossiysk reported a major miscalculation with their high-end GPS installation. New Scientist states:
"On 22 June, the US Maritime Administration filed a seemingly bland incident report. The master of a ship off the Russian port of Novorossiysk had discovered his GPS put him in the wrong spot – more than 32 kilometers inland, at Gelendzhik Airport.
After checking the navigation equipment was working properly, the captain contacted other nearby ships. Their AIS traces – signals from the automatic identification system used to track vessels – placed them all at the same airport. At least 20 ships were affected.
While the incident is not yet confirmed, experts think this is the first documented use of GPS misdirection – a spoofing attack that has long been warned of but never been seen in the wild." has a more thorough account of the incident you can read here. The commander of the ship that reported the strange occurrence documented it thoroughly.
Russia's large port at Novorossiysk sits at the northern end of the tense Black Sea region, near the Kerch Strait and across from the Russian-held Crimea.  Novorossiysk is a major port for (the) Russia Black Sea Fleet.
As New Scientist points out, GPS spoofing seems to be something Russia has been playing with in a major way before this anomaly occurred in the northern Black Sea region. Reports that GPS users around Moscow, and especially near the Kremlin, have had similar issues, with the peculiar GPS behavior being discovered in a most unusual way:
"Over the past year, GPS spoofing has been causing chaos for the receivers on phone apps in central Moscow to misbehave. The scale of the problem did not become apparent until people began trying to play Pokemon Go. The fake signal, which seems to center on the Kremlin, relocates anyone nearby to Vnukovo Airport, 32 km away. This is probably for defensive reasons; many NATO guided bombs, missiles and drones rely on GPS navigation, and successful spoofing would make it impossible for them to hit their targets." elaborates further on Russia's affinity for GPS denial tactics:
"With more than 250,000 cell towers in Russia equipped with GPS jamming devices as a defense against attack by U.S. missiles, the country has advanced capabilities to disrupt GPS. There have been press reports of Russian GPS jamming in both Moscow and the Ukraine. In fact Russia has boasted that its capabilities “make aircraft carriers useless,” and the U.S. Director of National Intelligence recently issued a report that stated that Russia and others were focusing on improving their capability to jam U.S. satellite systems, according to the RNT Foundation."
GPS jamming, or the loss of GPS altogether, has long been a major concern of the US military. One highly publicized yet at the same time shadowy drill led to warnings that GPS blackouts and disruptions would emanate from the Mojave Desert and reach hundreds of miles in every direction. Other elaborate testing and systems development programs have increased in frequency and scope regarding operating in GPS denied environments. This includes a cocktail of new technologies that can offer similar geolocation capabilities to GPS without the need for a constellation of satellites above. 
Still, wide-area GPS jamming or outages are easy to detect, but spoofing GPS signals is a much more insidious threat, especially if spoofing effects are localized in nature. New Scientist states:
"...It can now be done with commercial hardware and software downloaded from the Internet. Nor does it require much power. Satellite signals are very weak – about 20 watts from 20,000 miles away – so a one-watt transmitter on a hilltop, plane or drone is enough to spoof everything out to the horizon."
Advanced guidance and navigation systems, like those found on aircraft and in most GPS-guided weapons, use inertial navigation with embedded GPS. System software loaded onto the INS/GPS guidance system uses algorithms to detect discrepancies among various steams of information. This way the system can place less priority on one stream of information, say from a malfunctioning ring-laser gyro or GPS receiver, than others. Or it can discount that steam entirely if it starts straying far from the consensus of the others. This way a navigation system that suddenly loses a component due to failure or has one of its data streams deviate for other reasons won't simply stop working. 
For instance, if the GPS telemetry suddenly leaps miles away, the navigation system may "vote out" the GPS information entirely. The system will be less accurate overall because of it, but it will still function. As an example, take a Joint Direct Attack Munition, the most common guided bomb used by the USAF, which uses GPS and INS navigation. If the system suddenly loses GPS connectivity during its attack sequence, INS will take over, but the bomb will be substantially less accurate than it would have been with both GPS and INS working together as a team. 
JDAM has a tailkit with moving fins, a GPS antenna and a GPS/INS autopilot.
But spoofing isn't as simple as telling a GPS receiver it is somewhere totally different than where it really is. By broadcasting false GPS data that slowly changes over time, navigational systems with GPS and INS may not "throw out" the GPS data so soon, or at all for that matter. Over time this could result in vehicles going far off course or even running into shores, mountains or even other vehicles without warning. Some say this is how the Iranians brought down the RQ-170 Sentinel drone in a relatively intact state in late November 2011, although this remains highly debatable.
As for what emitter or platform that may have caused the disruption, we don't know for sure. But it is interesting to note that a Tu-214SR strategic communications relay aircraft was deployed to Crimea shortly before the incident took place, and has been flying regular circles over the northern Black Sea ever since. It's possible the aircraft is capable of rebroadcasting fake GPS signals aside from its primary duties, or at least is experimenting with the capability in region.  
As you can see, this new form of electronic warfare is powerful and potentially quite deadly. The big question is how or when would Russia use it as a weapon? It seems that it fits well into Moscow's hybrid warfare playbook, as it could disrupt the navigation of unfriendly forces and even impact their ability to target Russian forces. It could also disrupt commerce and air travel all while the hostile emitter stays safely in Russian territory. 
On a peer state warfare level, such as in a conflict against NATO, this technology could not only protect Russian forces from kinetic attacks by weapons that use GPS, but it could also disrupt any allied operations that relies heavily on GPS for navigation today. Even logistics to support such an operation could also be negatively affected. 
Basically, the US military, and much of the world's transportation and commerce, runs on GPS. If anything else this incident in the Black Sea is a stark reminder of why the Pentagon needs to wean itself off this dependency as soon as possible. This possible event also doesn't take into account other avenues of attack a foreign power has to disrupt the GPS network, which includes cyber-intrusion or even attacking GPS satellites directly. Anti-satellite capabilities have become far more exotic, hard to detect, and more numerous than they once were. And even electronic warfare targeting GPS satellites doesn't have to be terrestrial in origin. Jamming tactics can be deployed in space between orbiting objects. 
Among all this uncertainty, one thing is for sure—during a major conflict, GPS will be a prime strategic target. Considering the technology to disrupt or spoof its signals is becoming ever more accessible, non-state actors will likely take advantage of it too for nefarious purposes. For instance, just think of this tactic's implications when it comes to a concept like self-driving cars. 
With all this in mind, preparing for a world where GPS connectivity is not guaranteed may not be convenient, but it may be entirely necessary.