Monday 22 May 2017

Parasitic Robot Controls Turtle it’s Riding by Giving it Snacks


Developments in the Field of Robotics

Although in recent years,great development has taken place in the field of robotics; the usage of robots still tends to have some limitations. These comprises of their reduced capability of surviving rough routine functions together with the need of providing continuous energy source which does not seem to need recharging.

 Instead nature has shown increased flexibility and progress to the fluctuating situations over millions of years and this has motivated a team of researchers who have now utilised the concept of the flexibility and progress of nature together with robots. Latest experiments carried out by the team of researchers have portrayed that robots could be utilised for controlling turtles through strange parasitic relationship made between the two.

The provision of becoming overlords of the people, robots have now begun controlling turtles. Initially by getting the reptiles to associate a red light with food, the robots with shell-attached tend to dictate where the turtle seems to move in a tank, developing a somewhat strange parasitic relationship.Building their motion adequately strong for surviving the rigours of daily life is aconstantfightas the enigma of providing them with adequate energy to prevent long hours of recharging. This can be done with ease by nature.

Evolution Resulted in Unbelievable Variety of Effective Methods

Millions of years of evolution have resulted in an unbelievable variety of effective methods for animals to move and hence researchers at the Korea Advanced Institute of Science and Technology – KAIST, in Daejeon have set about connecting this factor. At first robots had been glued to the backs of five red-eared slider turtles wherein they comprised of a processor, a frame which tends to get stuck out in front of the head of the turtle holding five red LEDs spaced apart together with a food ejecting tube.

Then they had to ride their turtle across five checkpoints in a tank that had been filled with water.The turtles had first been conditioned to associate a lit-up LED with food. The turtles thereafter just guided it utilising the LEDs, feeding it with snacks as a reward for going in the correct direction.

With the use of this procedure, the five robot-turtle pairs had completed the course satisfactorily and each hurried up with training. Dae-Gun Kim at KAIST commented that there were plenty of other animals which could later on also be utilised in giving robots a ride and it would be possible to apply it to several animals like fish and birds as per the purpose of the task.

Harnessing Some of the Motion of Host of Animals

In the near future, Kim along with his colleagues also wanted to be capable of harnessing some of the motion of the host of animal in providing the robot with power. Nathan Lepora at the University of Bristol, UK had informed that these robots could be utilised for surveillance, exploration or any place where there could be a problem for humans or robot to reach on their own.

Earlier insects had been controlled utilising electrodes and radio antennas linked to their nervous systems and this identical approach could present methods for parasitic robots to control their hosts directly. Lepora had commented that there could be definite ethical consideration though if robots and animals were capable of teaming up to explore a disaster are, it could be really useful.

Saturday 20 May 2017

Our Next Volvo or Audi May Have an Android infotainment system

Volvo
Till now we had support for multiple Android devices via Bluetooth or direct plug-ins to the dashboard to enjoy the music or to do some navigation tricks from our smartphone. But things are changing at an alarming pace for the Android in the automobile which will help in unleashing a new era of Android support for better. Google has announced that upcoming range of automobiles from the Volvo and Audi will feature the Android in its full glory in the next generation infotainment systems. This is just one of small announcement made by the Goggle and more enthralling bit will appear at the upcoming Google I/O conference.

It is better than the Android Auto 


Google has launched the Android Auto in the past which made it easier for the automobile owners to access some of the vital phone functions from the behind the wheel. This system helped in bringing a simplified interface for the users to connect with their car without the need of physically attaching the phone to the console. The best thing about the Android Auto was that it helped in accessing a number of apps right on the interface which made driving a pleasant experience with the Android device.

Both the automobile manufactures namely Audi and Volvo are taking the Android experience to the next level by basing it into their infotainment system. It is worth noting that Audi has found some success with its MMI infotainment system in the recent past while Volvo’s Sensus Connect system is very much new. The decision of bringing the Android operating system into their infotainment shouldn’t mean that the manufacturers will pull the plug of their own homegrown infotainment systems. Instead they are aiming at making the buyers comfortable by offering an easy to use Android based interface in their vehicles.

Advantages of Android as the foundation


The greatest advantage of having the Android as the foundation of the infotainment in the Volvo and Audi is that it will help in accessing the vast library of Android applications. Google Play Store boasts of millions of apps in varied categories which is expanding at every given minute. Secondly it is tough to get developers to develop apps for any third party platform but having the Android foundation will ensure that developers populate the infotainment system with compatible apps quickly without much trouble. We are expecting to get more details on this foundation in the upcoming Google I/O.

One of the Volvo official has stated that having an Android foundation will mean that the company will be able to integrate the rich ecosystem of Android into their iconic Volvo user interface with ease and simplicity. There will be huge abundance of the popular apps which will help in bringing an integrated experience to the users which has never been seen before in an automobile. At the Google I/O both the automobile manufacturer will be giving demonstrations to give a wider perspective to the prospective consumers of its next generation infotainment.

Creators of the MP3 Declare it Dead

MP3

Rest in Peace MP3 as creators pulls the plug

We have enjoyed the music on our mobile and other portable music players with the help of widely used mp3 format. But the creators of the MP3 has declared its demise as the penultimate music format which means music will no longer be made in the mp3 format. This format was developed about two decades ago by a German research institute and they dropped the ownership of it. The institute named the Fraunhofer Institute of Integrated Circuits has stated that they had put forward a strong licensing program for the mp3 related patents but it has been terminated.

New advanced music format

Currently there are number of highly effective audio codecs boasting advanced features when compared to the old mp3 format. The current generation of the modern devices makes use of the advanced audio coding (AAC) and there is a definite move among the consumer electronics giants to place the MPEG-H as a new audio standard for some-time to come. This new audio format will offer an efficient storage option along with the immersive 3D audio experience to the users. Both of these formats are able to deliver more features along with the much needed higher audio quality at quite lower bitrates when it is compared to the mp3. It would come as surprise that the iTunes and Youtube are making use of the AAC as its main audio format for its service.

A number of tests has shown that AAC music format files does sound better than the old age format even at the same bitrate. Secondly AAC tends to be smaller in size even at the higher bitrate which means users will be able to get better quality music without wasting too much space on their file storage. The compatibility issue might be high for the AAC at the moment as it is only supported on very few mobile phones.

Age-format will still reign supreme

It should be noted that the developers had bid their farewell to the mp3 format but it will still be in wide usage on global scale as a number of people are still using the iPods and Mp3 based music players. It was developed during the 1980’s and gained huge popularity and support during the 90’s by emerging as the standard file type for the audio players, systems as well as the online music downloads. This format was developed accidently when developers were actually trying to find a smarter way of delivering music signal right over the telephone lines.

Later on this format was adopted for the distribution of the music using the compact discs and finally with the arrival of the Apple’s iPods it reached the heights of its popularity. The reason behind the wide popularity of this format was that it used to take just 10 percent of the storage space of the files. This format was also loved by the peer-to-peer sharing sites like Napster and the rise of the illegal downloads as well as digital piracy is also attributed to it.

Thursday 18 May 2017

SS7 Vulnerabilities

SS7 – Network of Telephony Signalling Procedures

Signalling System No. 7 – SS7 network is a set of telephony signalling procedures which had been invented in 1975. It has been utilised to set up and slash down several of the public switched telephone network PSTN telephone calls of the world.

Besides this it also tends to perform number translation, local number portability, prepaid billing, Short Message Service – SMS together with other mass market services. The SS7 networks is said to form one of the supports of the prevailing effective telecommunication industry.

In spite of all its importance of enabling telecommunication services, SS7 tends to integrates only nominal safety features. However since SS7 had been introduced in the past 35 years the telecommunication marketplace had altered radically and SS7 susceptibilities have now become more unprotected.

 Over the past few months, invaders have been utilising a flaw in Signalling System 7 in order to intercept two factor authentication codes which have been sent to online banking customer in an attempt to transfer funds. Suddeutsche Seitung, a German newspaper had reported that the invaders first tend to compromise the bank account of the customer utilising traditional bank fraud Trojans to steal passwords and log into accounts.

Mobile Transaction Authentication Numbers 


They learned that the offenders carried out an attack from a network of foreign mobile network operator in mid-January wherein the attack redirected incoming SMS messages for selected German customers to the attackers Thereafter they utilised the SS7 susceptibility in order to redirect text messages comprising of one-time passwords to the device of the attacker instead of the customers.

Then they utilise mobile transaction authentication numbers - mTANs for the purpose of transferring money from the targeted accounts. The SS7 susceptibility is not new but had been discovered in 2014 by German researchers and reported by The Washington Post. The detection of the abuse of the SS7 vulnerability followed an open letter two U.S. congressmen had written to U.S.

Homeland Security Secretary John Kelly requesting for an update on the progress in dealing with SS7 security errors and why the agency had not been doing more regarding the same. Rep. Ted Lieu – D-Caliphs, one of the authors of the letter had a personal experience with the SS7 susceptibility.

Congressional Action 


The security researchers with the permission of Lieu were capable of stalking the congressman using only his cell phone number and an SS7 network. The researchers were capable of recording his phone calls as well as monitor his precise location in real time. The exploit of the cell phone of Lieu was featured on the television show 60 Minutes.

 In April 2016, following its airing, the FCC had stated an investigation in the SS7 vulnerability and a report from FCC was anticipated in March 2016 which is yet to appear. Lieu had issued a statement calling for congressional action on the matter in reply to the draining of bank accounts utilising the same SS7 weakness.

Lieu had mentioned that everyone’s account protected by text-based two factor authentication like bank accounts, were possibly in danger till the FCC together with the telecom industry tend to fix the SS7 security flaw.

The FCC together with the telecom industry is aware that hackers can acquire our text messages and phone conversations just by knowing our cell phone number. It is improper that the FCC and the telecom industry have not taken immediate action in the protection of our privacy and financial security.

Wednesday 17 May 2017

rpcbomb: remote rpcbind denial-of-service + patches

It is imperative to block the post immediately after being used. Sources have claimed that a payload of 60 bytes which is sent to a UDP socket via a rpcbind service which is capable of leading to a crash to its host by blocking the memory of the target user.

This rpcbind vulnerability is enough to crash your entire system, which will lead to further consequences like blocking your entire system, loss of all the primary data and files. The vulnerability can be avoided only by taking proper measures and being cautious enough in terms of blocking all the ports.

The rpcbomb exploit was manufactured by Guido Vranken, he is the person behind the discovery of vuln. He is a very tactful person and rumors are he wrote the matches for the system himself since he was unable to contact the maintainers to get the required actions for putting up the managing packages. This complaint against him is viral everywhere which has made him famous both positively and negatively by setting an example that if you are determined enough to get something, none can stop you from achieving it.

He with regard to this complaint has written Shodan which is responsible for converting rpcbind’s Port up for almost 1.8 million hosts. This port related to rpcbind vulnerability is also known as Port 111 subjected to the Internet. Some or even many are hosting mass like AWS, where a user generally configures a default Linux distribution and if you really intend to run rpcbind which binds all the RPC calls to their address by putting all the limitations of firewall Port 111 behind the world outside. The experts have suggested that the best way in which you can avoid this situation is by turning off the daemon, they say it is the easiest way of avoiding rpcbind vulnerability to block your port.

The patches present in the GitHub are said to be small enough through which the developers get a way to figure out whether they are nice and accurate or not. This also helps them to ensure that whether they aren’t malicious. Sources have even suggested that a rpcbind vulnerability requires only two lines for getting it fixed, while libtirpc requires 256 lines to get the thing patched and rectified. In this way, we can understand that how serious is the damage that has taken place.

Vranken has suggested that rpcbind vulnerability enables an attacker to attach itself to ample number of bytes i.e. almost up to 4 gigabytes per attack that too for the host of a remote bind and the memory is never released from the attack unless the entire system gets crashed or the administrator waits for a while or restarts the service again.

It is certain that an attacker can possibly go beyond the limits of only hosting the target. Vranken writes as per this situation since some software is always subjected to unpredictable downfalls when the system tends to run out of the memory.