Daily Archives: January 24, 2018

Engineers design artificial synapse for “brain-on-a-chip” hardware

Posted on by

engineers at MIT have designed an artificial synapse in such a way that they can precisely control the strength of an electric current flowing across it, similar to the way ions flow between neurons. The team has built a small chip with artificial synapses, made from silicon germanium. In simulations, the researchers found that the chip and its synapses could be used to recognize samples of handwriting, with 95 percent accuracy.
[…]
Most neuromorphic chip designs attempt to emulate the synaptic connection between neurons using two conductive layers separated by a “switching medium,” or synapse-like space. When a voltage is applied, ions should move in the switching medium to create conductive filaments, similarly to how the “weight” of a synapse changes.

But it’s been difficult to control the flow of ions in existing designs. Kim says that’s because most switching mediums, made of amorphous materials, have unlimited possible paths through which ions can travel — a bit like Pachinko, a mechanical arcade game that funnels small steel balls down through a series of pins and levers, which act to either divert or direct the balls out of the machine.

Like Pachinko, existing switching mediums contain multiple paths that make it difficult to predict where ions will make it through. Kim says that can create unwanted nonuniformity in a synapse’s performance.

“Once you apply some voltage to represent some data with your artificial neuron, you have to erase and be able to write it again in the exact same way,” Kim says. “But in an amorphous solid, when you write again, the ions go in different directions because there are lots of defects. This stream is changing, and it’s hard to control. That’s the biggest problem — nonuniformity of the artificial synapse.”

A perfect mismatch

Instead of using amorphous materials as an artificial synapse, Kim and his colleagues looked to single-crystalline silicon, a defect-free conducting material made from atoms arranged in a continuously ordered alignment. The team sought to create a precise, one-dimensional line defect, or dislocation, through the silicon, through which ions could predictably flow.

To do so, the researchers started with a wafer of silicon, resembling, at microscopic resolution, a chicken-wire pattern. They then grew a similar pattern of silicon germanium — a material also used commonly in transistors — on top of the silicon wafer. Silicon germanium’s lattice is slightly larger than that of silicon, and Kim found that together, the two perfectly mismatched materials can form a funnel-like dislocation, creating a single path through which ions can flow.

The researchers fabricated a neuromorphic chip consisting of artificial synapses made from silicon germanium, each synapse measuring about 25 nanometers across. They applied voltage to each synapse and found that all synapses exhibited more or less the same current, or flow of ions, with about a 4 percent variation between synapses — a much more uniform performance compared with synapses made from amorphous material.

They also tested a single synapse over multiple trials, applying the same voltage over 700 cycles, and found the synapse exhibited the same current, with just 1 percent variation from cycle to cycle.

Source: Engineers design artificial synapse for “brain-on-a-chip” hardware | MIT News

Easy to watch over your shoulder at your Tindering

Posted on by

Checkmarx researchers disclosed two flaws (CVE-2018-6017, CVE-2018-6018) and a proof of concept (see video below) for an app that could sit on the wireless network of, say, an airport or hotel and observe actions including profile views, swipes, and likes.

The first issue, CVE-2018-6017, results from the Tinder’s app’s use of insecure HTTP connections to access profile pictures. By observing traffic on a public Wi-Fi network (or some other snooping position on a network), a miscreant could see what profiles are being viewed and match them with the victim’s device. If a scumbag has compromised the network when the victim turns on the Tinder app, the victim’s profile information could also be intercepted and viewed.

The second flaw, CVE-2018-6018, is what allows the attacker to see specific actions like swipes and likes. Though the Tinder API uses HTTPS connections for traffic it handles, the specific actions each move their encrypted packets with a set length.

By checking packets for specific byte sizes (278 bytes for a left swipe to reject, 374 bytes for a right swipe to approve, and 581 bytes for a like), the attacker could combine the actions with the unsecured HTTP profile and photo traffic to work out who is swiping who.

The recommendation for users is simple enough: avoid public Wi-Fi networks wherever possible. Developers, meanwhile, should take steps to make sure all app traffic is secured.

Source: Swipe fright: Tinder hackers may know how desperate you really are • The Register

It’s 2018 and your Macs, iPhones can be pwned by playing evil music: lots of patches

Posted on by

Apple has released security patches for iOS and macOS that include, among other things, Meltdown and Spectre fixes. The new versions should be installed as soon as possible.
[…]
Less-hyped, but still serious, are vulnerabilities in the macOS kernel that include an exploitable race condition (CVE-2018-4092), a validation issue (CVE-2018-4093), and memory initialization bug (CVE-2018-4090) that could also allow restricted memory to be read.
[…]
Two other kernel flaws, CVE-2018-4097 and CVE-2018-4082, allow an app to run code as the kernel, thus hijacking the whole machine. The first is “a logic issue [..] addressed with improved validation,” discovered by Resecurity Inc, and the second “a memory corruption issue […] addressed through improved input validation” found and reported by Russ Cox of Google.

Other noteworthy bugs include CVE-2018-4094, a bug in both Sierra and High Sierra discovered by five researchers at Yonsei University in Seoul, South Korea. The memory corruption bug allows remote code execution attacks simply by processing a maliciously crafted audio file.

The WebKit browser engine received three fixes for remote code execution flaws (CVE-2018-4088, CVE-2018-4089,CVE-2018-4096) that are also patched in Safari with version 11.0.3.

The QuartzCore component contained a remote code execution flaw (CVE-2018-4085) that can be exploited via web content, while Wi-Fi had a restricted memory access flaw (CVE-2018-4084), and a bug in the operating system’s process sandbox (CVE-2018-4091) could allow programs to get around access restrictions.
Meanwhile, on mobile…

For iOS devices, Apple has served up the 11.2.5 update. It includes a fix for the CVE-2018-4094 audio-file remote-code execution flaw as well as the three kernel memory leak bugs (CVE-2018-4090, CVE-2018-4092, CVE-2018-4093), and the QuartzCore, and WebKit flaws included in the macOS update.

Researcher Abraham “cheesecakeufo” Masri gets credit for CVE-2018-4100, a patched flaw in iOS that allows text messages to crash the iPhone, while Zimperium zLabs’ Rani Idan was credited for CVE-2018-4095 and CVE-2018-4087, a pair of arbitrary code execution flaws in Core Bluetooth.

Masri’s text-message bug, CVE-2018-4100, is also fixed in macOS’s LinkPresentation code to prevent weird text in webpages and messages from stalling desktop apps.

Many of the same iOS flaws are addressed for the Apple Watch in watchOS 4.2.2, and in the AppleTV with tvOS 11.2.5.

Source: It’s 2018 and your Macs, iPhones can be pwned by playing evil music • The Register

Bizzarely these are only now being patched?

YouTube’s Support for Musicians Comes With a non-disparagement contract. Wait, what? It’s legal to agree to this before you know what they will do to you?!

Posted on by

YouTube has asked musicians to agree not to disparage the streaming-video service in exchange for promotional support, according to people familiar with the matter, a way to quell persistent criticism by artists.

In recent months, YouTube has given a handful of musicians a couple hundred thousand dollars to produce videos and promoted their work on billboards, part of a larger campaign to improve the site’s relationship with the music industry.

Yet such support comes with a catch, with some musicians required to promise the won’t say negative things about YouTube, said the people, who asked not to be identified discussing private business transactions. Non-disparagement agreements are common in business, but YouTube’s biggest direct competitors in music don’t require them, the people said.

YouTube’s non-disparagement agreements go beyond a requirement not to criticize the video site, one of the people said, without going into detail. YouTube requires many partners to agree to such conditions, including creators who make original series for its paid service, the person said.

YouTube has taken extra precautions in recent deals due to an incident with director Morgan Spurlock. Spurlock caught YouTube off-guard when he admitted in December to sexual misconduct just three months after the company acquired the rights to release his latest film, a sequel to the Oscar-nominated documentary “Super Size Me.”

YouTube has more reason to worry about artists’ public comments than most companies. Songwriters and artists have assailed the site for what they view as meager revenue-sharing and poor protections against piracy. Dozens of musicians signed a petition in 2016 rebuking free music services and pushing for Congress to make YouTube more responsible for policing copyright violations.

Source: YouTube’s Support for Musicians Comes With a Catch – Bloomberg

Surely non-disparagement contracts can’t be considederd at all legal?

Skype, Signal, Slack, other apps inherit Electron vuln

Posted on by

Electron is a node.js and Chromium framework that lets developers use Web technologies (JavaScript, HTML and CSS) to build desktop apps. It’s widely-used: Skype, Slack, Signal, a Basecamp implementation and a desktop WordPress app all count themselves as adopters.

Slack users should update to version 3.0.3 or better, and the latest version of Skype for Windows is protected, Microsoft told Cyberscoop.

Electron has only published limited details of CVE-2018-1000006, but it affects Windows applications that use custom protocol handlers in the framework.

Here’s what the advisory has to say:

“Electron apps designed to run on Windows that register themselves as the default handler for a protocol, like myapp://, are vulnerable.

“Such apps can be affected regardless of how the protocol is registered, e.g. using native code, the Windows registry, or Electron’s app.setAsDefaultProtocolClient API.

A ray of sunshine to close: “macOS and Linux are not vulnerable to this issue”, Electron’s developers said.

Source: Skype, Signal, Slack, other apps inherit Electron vuln