New hacks siphon private cryptocurrency keys from airgapped wallets

Enlarge / Simplified figurative process of a Cryptocurrency transaction. (credit: Mikael Häggström / Wikimedia)

Researchers have defeated a key protection against cryptocurrency theft with a series of attacks that transmit private keys out of digital wallets that are physically separated from the Internet and other networks.

Like most of the other attacks developed by Ben-Gurion University professor Mordechai Guri and his colleagues, the currency wallet exploits start with the already significant assumption that a device has already been thoroughly compromised by malware. Still, the research is significant because it shows that even when devices are airgapped—meaning they aren’t connected to any other devices to prevent the leaking of highly sensitive data—attackers may still successfully exfiltrate the information. Past papers have defeated airgaps using a wide array of techniques, including electromagnetic emissions from USB devices, radio signals from a computer’s video card, infrared capabilities in surveillance cameras, and sounds produced by hard drives.

On Monday, Guri published a new paper that applies the same exfiltration techniques to “cold wallets,” which are not stored on devices connected to the Internet. The most effective techniques take only seconds to siphon a 256-bit Bitcoin key from a wallet running on an infected computer, even though the computer isn’t connected to any network. Guri said the possibility of stealing keys that protect millions or billions of dollars is likely to take the covert exfiltration techniques out of the nation-state hacking realm they currently inhabit and possibly bring them into the mainstream.

Read 7 remaining paragraphs | Comments

Source: Ars Technica – New hacks siphon private cryptocurrency keys from airgapped wallets

YouTube Networks Drop Thousands of Creators

Polygon is reporting that the future of multi-channel networks is in question, as thousands of creators are purged from Fullscreen, Ritual, BBTV, and more MCNs. Starting a few weeks ago, Fullscreen started dropping creators from their network, seemingly without cause, however now, in an an email, Fullscreen told one of its former creators that they had been dropped because of “a decision that comes from YouTube and is out of our control.”

Messages from Howard Pinsky, director of creator marketing at Fullscreen posted on a public Discord had this to say:

“YouTube is ‘forcing’ all networks to remove creators that are at risk of violating terms of service (copyright issues, misleading thumbnails, etc),” Pinsky said, according to a screenshot of that message. “This isn’t a decision from the networks, but one from YouTube. They’re really starting to clean up the platform. Fullscreen (and other networks) have zero say in this. This is a decision from YouTube. From what they explained to us, many channels that posed a risk of violating YouTube’s terms of service, even if no strikes were present, were released.”

While I’ve never understood the point of an MCN for 99% of creators, this is still yet another way YouTube is driving smaller channels off it’s platform. I’m still hoping that Pornhub comes out with a “Youhub” or something for people to migrate to. Thanks to @cageymaru for the story.


Source: [H]ardOCP – YouTube Networks Drop Thousands of Creators

Canada's Defense Department Is Funding a Quantum Radar System

Cutting-edge physics has driven military innovation for over a century, from Marie Curie’s x-ray machines of World War I to the quest for the atomic bomb during World War II. But these days, government defense departments are funding even more esoteric pursuits. We learned recently that the US Department of Defense is…

Read more…

Source: Gizmodo – Canada’s Defense Department Is Funding a Quantum Radar System

The latest Hyperloop feasibility study aims to connect Cleveland and Chicago

Read 6 remaining paragraphs | Comments

Source: Ars Technica – The latest Hyperloop feasibility study aims to connect Cleveland and Chicago

Google Accused of Showing 'Total Contempt' for Android Users' Privacy

On the heels of a terse privacy debate, Google may have found another thing to worry about: its attempt to rethink the traditional texting system. From a report: Joe Westby is Amnesty International’s Technology and Human Rights researcher. Recently, in response to Google’s launch of a new messaging service called “Chat”, Westby argued that Google, “shows total contempt for Android users’ privacy.” “With its baffling decision to launch a messaging service without end-to-end encryption, Google has shown utter contempt for the privacy of Android users and handed a precious gift to cybercriminals and government spies alike, allowing them easy access to the content of Android users’ communications. Following the revelations by CIA whistleblower Edward Snowden, end-to-end encryption has become recognized as an essential safeguard for protecting people’s privacy when using messaging apps. With this new Chat service, Google shows a staggering failure to respect the human rights of its customers,” Westby contended. Westby continued, saying: “In the wake of the recent Facebook data scandal, Google’s decision is not only dangerous but also out of step with current attitudes to data privacy.”

Read more of this story at Slashdot.

Source: Slashdot – Google Accused of Showing ‘Total Contempt’ for Android Users’ Privacy

Byton teases its second “experience-driven” vehicle

Byton wowed us at CES back in January with its first autonomous EV concept car, a smart SUV built for passenger comfort. At the Beijing Motor Show, the company teased its second vehicle concept, an electric sedan slated to go into series production i…

Source: Engadget – Byton teases its second “experience-driven” vehicle

Quick Reflexes: Forklift Operator Saves Falling Keg

This is a short video of a forklift operator springing into action to save a keg that falls from two pallets he’s lifting. Obviously, the keg is empty. You can tell it’s empty because it doesn’t rip his arm off or yank him out of the seat when he catches it. Still, I feel like this man deserves a beer. I deserve one even more though so get mine first. “What did you do?” I rescued a kitten. “Did you though?” Well technically I saved a lion from poachers but you know I don’t like to brag. “Is that so?” Check out my muscles!

Thanks to Landon P, who’s thankful to know that keg lived to be filled with more delicious brewskis soon.

Source: Geekologie – Quick Reflexes: Forklift Operator Saves Falling Keg

Old Profiles Reappear Online Because 'Delete' Doesn't Mean What You Think It Means

Dating site went live in 1995—it’s ancient in terms of the world wide web. That’s a whole lot of time for users to forget they ever had a profile or what embarrassing content might be on it. Thanks to a glitch, you might get an unexpected reminder because an unconfirmed number of “deleted” profiles are…

Read more…

Source: Gizmodo – Old Profiles Reappear Online Because ‘Delete’ Doesn’t Mean What You Think It Means

Adobe Premiere makes it easier to edit Insta360 Pro footage

Insta360’s more affordable 8K VR camera was made available for pre-orders in 2017, with a major software update in December of that same year that kicked the high-end 360-degree camera’s image processing up a notch. The camera got a stamp of approval…

Source: Engadget – Adobe Premiere makes it easier to edit Insta360 Pro footage

How to Use Google's New Podcast Player

Google has never really had a great strategy for podcasts, leaving Android users to hunt for third-party apps to manage their subscriptions and play new episodes. (Apple’s standalone Podcasts app isn’t very good either, but at least it exists.) Now, it looks like the search giant finally has some semblance of a…

Read more…

Source: LifeHacker – How to Use Google’s New Podcast Player

AI Trained on Images from Cosmological Simulations Surprisingly Successful at Classifying Real Galaxies in Hubble Images

A machine learning method which has been widely used in face recognition and other image- and speech-recognition applications, has shown promise in helping astronomers analyze images of galaxies and understand how they form and evolve. From a report: In a new study, accepted for publication in Astrophysical Journal and available online [PDF], researchers used computer simulations of galaxy formation to train a deep learning algorithm, which then proved surprisingly good at analyzing images of galaxies from the Hubble Space Telescope. The researchers used output from the simulations to generate mock images of simulated galaxies as they would look in observations by the Hubble Space Telescope. The mock images were used to train the deep learning system to recognize three key phases of galaxy evolution previously identified in the simulations. The researchers then gave the system a large set of actual Hubble images to classify. The results showed a remarkable level of consistency in the neural network’s classifications of simulated and real galaxies. “We were not expecting it to be all that successful. I’m amazed at how powerful this is,” said coauthor Joel Primack, professor emeritus of physics and a member of the Santa Cruz Institute for Particle Physics (SCIPP) at UC Santa Cruz. “We know the simulations have limitations, so we don’t want to make too strong a claim. But we don’t think this is just a lucky fluke.”

Read more of this story at Slashdot.

Source: Slashdot – AI Trained on Images from Cosmological Simulations Surprisingly Successful at Classifying Real Galaxies in Hubble Images

Intel Lists New Atom Core: Tremont to Come After Goldmont Plus

Intel has recently updated its developer documentation for instruction set extensions, and in the process has disclosed information on both new instructions for and the codename of its next-generation low-power processor microarchitecture. Dubbed “Tremont”, the forthcoming processor core look to replace Goldmont Plus in the upcoming Atom, Celeron, and Pentium Silver-branded SoCs.

According to the Intel Architecture Instruction Set Extensions (ISE) and Future Features Programming Reference document, the Goldmont Plus microarchitecture will not be the end of the road for Intel’s low-cost/low-power cores. In the coming years it will be succeeded by the codenamed Tremont microarchitecture and its successors. On the manufacturing side of matters, nothing has officially been disclosed, but right now our suspicion is that processors based on the Tremont will be made using the company’s 10 nm process technology. To date we haven’t seen Intel use their enhanced “+” and “++” 14nm process technologies to make SoCs for entry-level and energy-efficient PCs – as the original 14nm provides better density – so it seems unlikely that Intel would start now.

A key question about the Tremont is what architecturaly improvements it will bring. While Intel’s document does specify the new instructions, it doesn’t offer any general architectural insight. Intel’s general trend thus far since Silvermont has been to gradually widen their out-of-order execution design, starting with two-way, moving to three-way (Goldmont), and then to a three-way front-end plus a four-way allocation and retirement backend. So it may be that we see Intel go this route, as they already have a number of tricks left in their bag from Core, and it meshes well with the high density aspects of their 10nm processes, which favors more complex processors.

As for the ISE improvements, Intel’s Tremont will feature CLWB, GFNI (SSE-based), ENCLV, and Split Lock Detection instruction set extensions, which are also set to arrive with Intel’s Ice Lake processors. Also set to arrive with Tremont will be CLDEMOTE, direct store, and user wait instructions (see details in the table below). Unlike the earlier instructions, these are unique to Tremont and are not scheduled to be supported by the Ice Lake (or other documented Intel’s cores).

New Instruction Set Extensions of Goldmont Plus and Tremont CPUs
  Instruction Purpose Description
Goldmont Plus PTWRITE

Write Data to a Processor Trace Packet

Debugging Unclear.

User-Mode Instruction Prevention

Security Prevents execution of certain instructions if the Current Privilege Level (CPL) is greater than 0. If these instructions were executed while in CPL > 0, user space applications could have access to system-wide settings such as the global and local descriptor tables, the task register and the interrupt descriptor table.

Read Processor ID

General Quickly reads processor ID to discover its feature set and apply optimizations/use specific code path if possible.
Tremont CLWB

Cache Line

Write Back

Performance Writes back modified data of a cache line similar to CLFLUSHOPT, but avoids invalidating the line from the cache (and instead transitions the line to non-modified state). CLWB attempts to minimize the compulsory cache miss if the same data is accessed temporally after the line is flushed if the same data is accessed temporally after the line is flushed.
GFNI (SSE) Security SSE-based acceleration of Galois Field Affine Transformation alghorithms.
ENCLV Security Further enhancement of SGX version 1 capabilities.
CLDEMOTE Performance Enables CPU to demote a cache line with a specific adress from the nearest cache to a more distant cache without writing back to memory. Speeds up access to this line by other cores within a CPU.
Direct stores: MOVDIRI, MOVDIR64B Performance  
User wait: TPAUSE, UMONITOR, UMWAIT Power Direct CPU to enter certain stages before an event happens.
Split Lock Detection    
Source: Intel Architecture Instruction Set Extensions and Future Features Programming Reference (pages 12 and 13)

The fact that Intel is readying its “Future Tremont and later” microarchitectures reveals that even after the company withdrew from smartphone SoCs, it sees plenty of applications that could use its low-power/low-cost Atom cores. There is sitll a notable market for budget PCs as well as embedded and semi-embeded markets for items like IoT edge devices, all of which Intel intends to continue serving with the line of smaller, cheaper cores. Meanwhile, consistent ILP and performance improvements as well as introduction of new ISEs to these microarchitectures show that Intel wants these cores to offer competitive performance to other low-cost processors, while still maintaining near feature set parity to Intel’s high-performance cores.

Related Reading

Sources: Intel, WikiChip

Source: AnandTech – Intel Lists New Atom Core: Tremont to Come After Goldmont Plus

If You Love to Travel, You Need These Apps 

In addition to the stress of packing, the stress of making sure you have every electronic device securely stowed somewhere, the stress of remembering every cable you’ll need to keep your devices charged during your trip, and the stress of making sure your pets are fed and your plants are watered, there’s also the…

Read more…

Source: LifeHacker – If You Love to Travel, You Need These Apps 

Philips Momentum 43-inch Monitor Shines With 4K DisplayHDR 1000 And AMD FreeSync

Philips Momentum 43-inch Monitor Shines With 4K DisplayHDR 1000 And AMD FreeSync
Philips is cranking out a truly high-end display in the form of the Momentum 43-inch gaming monitor. Besides its rather mammoth (for a gaming display) screen size, the Momentum is notable for its support for the DisplayHDR 1000 standard.
Up until now, the VESA standards organization has recognized DisplayHDR 400 and DisplayHDR 600 certified

Source: Hot Hardware – Philips Momentum 43-inch Monitor Shines With 4K DisplayHDR 1000 And AMD FreeSync

The “unpatchable” exploit that makes every current Nintendo Switch hackable

Enlarge / The “proof of concept” payload for today’s exploit shows crucial protected information from the now-exposed Nintendo Switch bootROM. (credit: Kate Temkin / ReSwitched)

A newly published “exploit chain” for Nvidia Tegra X1-based systems seems to describe an apparently unpatchable method for running arbitrary code on all currently available Nintendo Switch consoles. Hardware hacker Katherine Temkin and the hacking team at ReSwitched released an extensive outline of what they’re calling the Fusée Gelée coldboot vulnerability earlier today, alongside a proof-of-concept payload that can be used on the Switch.

“Fusée Gelée isn’t a perfect, ‘holy grail’ exploit—though in some cases it can be pretty damned close,” Temkin writes in an accompanying FAQ.

The exploit, as outlined, makes use of a vulnerability inherent in the Tegra X1’s USB recovery mode, circumventing the lock-out operations that would usually protect the chip’s crucial bootROM. By sending a bad “length” argument to an improperly coded USB control procedure at the right point, the user can force the system to “request up to 65,535 bytes per control request.” That data easily overflows a crucial direct memory access (DMA) buffer in the bootROM, in turn allowing data to be copied into the protected application stack and giving the attacker the ability to run arbitrary code.

Read 12 remaining paragraphs | Comments

Source: Ars Technica – The “unpatchable” exploit that makes every current Nintendo Switch hackable

Despite bigger ambitions, Google is still an ad business

As we already know, Google’s parent company Alphabet makes the bulk of its money from ads. We also learned in quarters past that revenue from its non-Google projects, which it calls “Other Bets,” have been growing at a slow, steady rate. From the com…

Source: Engadget – Despite bigger ambitions, Google is still an ad business