11 | May | 2020 | The Linkielist

The giant hexagon-shaped storm raging atop Saturn’s North Pole is made out of frozen hydrocarbon ice suspended in seven hazy layers stacked on top of one another, according to a study published in Nature Communications on Friday.

The swirling six-sided wonder, which El Reg once dubbed the hexacane, has perplexed scientists since its discovery in the 1980s by NASA’s Voyager 1 and 2 spacecraft. The strange vortex has sides measuring about 14,500 kilometres long – more than the diameter of Earth – and remains intact despite winds that reach 400 kilometres per hour rippling through the ringed giant.

Now, a group of astronomers have analysed images taken from NASA’s Cassini probe to reveal the hexacane’s tower-like structure in more detail.

“The Cassini images have enabled us to discover that, just as if a sandwich had been formed, the hexagon has a multi-layered system of at least seven mists that extend from the summit of its clouds to an altitude of more than 300 km above them,” said Agustín Sánchez-Lavega, a physics professor at the University of Basque Country, Spain, who led the study. “Other cold worlds, such as Saturn’s satellite Titan or the dwarf planet Pluto, also have layers of hazes, but not in such numbers nor as regularly spaced out”.

A picture of the different layers in Saturn’s hexagonal storm
Click to enlarge … Image Credit: GCP/UPV/EHU/NASA/ESA

Each layer is estimated to be seven to 18 kilometres thick, and is made up of tiny micrometre-sized frozen hydrocarbon crystals, including propyne, propane, and diacetylene, and possibly acetylene and benzene at the top. Each particle is estimated to have a diameter of 0.07 to 1.4 micrometres. The layers appear hazy as the concentration of particles suspended in each one varies.

Source: There’s a world out there with a hexagon vortex over its pole packed with hydrocarbon ice crystals. That planet is Saturn • The Register

Thunderspy targets devices with a Thunderbolt port. If your computer has such a port, an attacker who gets brief physical access to it can read and copy all your data, even if your drive is encrypted and your computer is locked or set to sleep.

Thunderspy is stealth, meaning that you cannot find any traces of the attack. It does not require your involvement, i.e., there is no phishing link or malicious piece of hardware that the attacker tricks you into using. Thunderspy works even if you follow best security practices by locking or suspending your computer when leaving briefly, and if your system administrator has set up the device with Secure Boot, strong BIOS and operating system account passwords, and enabled full disk encryption. All the attacker needs is 5 minutes alone with the computer, a screwdriver, and some easily portable hardware.

We have found 7 vulnerabilities in Intel’s design and developed 9 realistic scenarios how these could be exploited by a malicious entity to get access to your system, past the defenses that Intel had set up for your protection.

We have developed a free and open-source tool, Spycheck, to determine if your system is vulnerable. If it is found to be vulnerable, Spycheck will guide you to recommendations on how to help protect your system.

[…]

These vulnerabilities lead to nine practical exploitation scenarios. In an evil maid threat model and varying Security Levels, we demonstrate the ability to create arbitrary Thunderbolt device identities, clone user-authorized Thunderbolt devices, and finally obtain PCIe connectivity to perform DMA attacks. In addition, we show unauthenticated overriding of Security Level configurations, including the ability to disable Thunderbolt security entirely, and restoring Thunderbolt connectivity if the system is restricted to exclusively passing through USB and/or DisplayPort. We conclude with demonstrating the ability to permanently disable Thunderbolt security and block all future firmware updates.

All Thunderbolt-equipped systems shipped between 2011-2020 are vulnerable. Some systems providing Kernel DMA Protection, shipping since 2019, are partially vulnerable. The Thunderspy vulnerabilities cannot be fixed in software, impact future standards such as USB 4 and Thunderbolt 4, and will require a silicon redesign. Users are therefore strongly encouraged to determine whether they are affected using Spycheck, a free and open-source tool we have developed that verifies whether their systems are vulnerable to Thunderspy. If it is found to be vulnerable, Spycheck will guide users to recommendations on how to help protect their system.

[…]

The Thunderspy vulnerabilities have been discovered and reported by Björn Ruytenberg. Please cite this work as:

Björn Ruytenberg. Breaking Thunderbolt Protocol Security: Vulnerability Report. 2020. https://thunderspy.io/assets/reports/breaking-thunderbolt-security-bjorn-ruytenberg-20200417.pdf

Source: Thunderspy – When Lightning Strikes Thrice: Breaking Thunderbolt 3 Security

M	T	W	T	F	S	S
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

The Linkielist

Linking ideas with the world

Daily Archives: May 11, 2020

Saturn has a hexagon vortex 18 layers thick the larger than the earth over its pole packed with hydrocarbon ice crystals.

5 minutes with a Thunderbolt machine leaves it completely open using Thunderspy – evil maids don’t need much knowledge