The Linkielist

Linking ideas with the world

The Linkielist

Don’t fly with your Explody MacBook!

Following an Apple notice that a “limited number” of 15-inch MacBook Pros may have faulty batteries that could potentially create a fire safety risk, multiple airlines have barred transporting Apple laptops in their checked luggage—in some cases, regardless of whether they fall under the recall.

Bloomberg reported Wednesday that Qantas Airways and Virgin Australia had joined the growing list of airlines enforcing policies around the MacBook Pros. In a statement by email, a spokesperson for Qantas told Gizmodo that “[u]ntil further notice, all 15 inch Apple MacBook Pros must be carried in cabin baggage and switched off for flight following a recall notice issued by Apple.”

Virgin Australia, meanwhile, said in a “Dangerous Goods” notice on its website that any MacBook model “must be placed in carry-on baggage only. No Apple MacBooks are permitted in checked in baggage until further notice.”

Apple in June announced a voluntary recall program for the affected models of 15-inch Retina display MacBook Pro, which it said were sold between September 2015 and February 2017. Apple said at the time it would fix affected models for free, adding that “[c]ustomer safety is always Apple’s top priority.”

Apple did not immediately return a request for comment about airline policies implemented in response to the recall.

Both Singapore Airlines and Thai Airways also recently instituted policies around the MacBook Pros. In a statement on its website over the weekend, Singapore Airlines said that passengers are prohibited from bringing affected models on its aircraft either in their carry-ons or in their checked luggage “until the battery has been verified as safe or replaced by the manufacturer.”

Bloomberg previously reported that airlines TUI Group Airlines, Thomas Cook Airlines, Air Italy, and Air Transat also introduced bans on the laptops. The cargo activity of all four is managed by Total Cargo Expertise, which reportedly said in an internal notice to its staff that the affected devices are “prohibited on board any of our mandate carriers.”

Both the Federal Aviation Administration and European Union Aviation Safety Agency said they had contacted airlines following Apple’s announcement regarding the recall. The FAA said that it alerted U.S. carriers to the issue in July.

Apple allows MacBook users to see if their devices are affected by inputting a serial number. While checking individual serial numbers for each and every device that comes through security checkpoints has the potential to slow service, banning all MacBooks either outright or in the cabin seems like a severe overreaction and, to be honest, a gigantic pain in the ass for customers.

Source: Airlines Are Banning MacBooks From Checked Luggage

I’d say removing macbooks from check in luggage and then looking if the serials are OK or not will take a stupid amount of time. Banning them from check in luggage makes perfect sense.

MIT Researchers Build Functional Carbon Nanotube Microprocessor

Scientists at MIT built a 16-bit microprocessor out of carbon nanotubes and even ran a program on it, a new paper reports.

Silicon-based computer processors seem to be approaching a limit to how small they can be scaled, so researchers are looking for other materials that might make for useful processors. It appears that transistors made from tubes of rolled-up, single-atom-thick sheets of carbon, called carbon nanotubes, could one day have more computational power while requiring less energy than silicon.

[…]

the MIT group, led by Gage Hills and Christian Lau, has now debuted a functional 16-bit processor called RV16X-NANO that uses carbon nanotubes, rather than silicon, for its transistors. The processor was constructed using the same industry-standard processes behind silicon chips—Shulaker explained that it’s basically just a silicon microprocessor with carbon nanotubes instead of silicon.

The processor works well enough to run HELLO WORLD, a program that simply outputs the phrase “HELLO WORLD” and is the first program that most coding students learn. Shulaker compared its performance to a processor you’d buy at hobby shop to control a small robot.

[…]

A small but notable fraction of carbon nanotubes act like conductors instead of semiconductors. Shulaker explained that study author Hills devised a technique called DREAM, where the circuits were specifically designed to work despite the presence of metallic nanotubes. And of course, the effort relied on the contribution of every member of the relatively small team. The researchers published their results in the journal Nature today.

[…]

Ultimately, the goal isn’t to erase the decades of progress made by silicon microchips—perhaps companies can integrate carbon nanotube pieces into existing architectures.

This is still a proof-of-concept. The team still hasn’t calculated the chip’s performance or whether it’s actually more energy efficient than silicon—the gains are based on projections. But Shulaker hopes that the team’s work will serve as a roadmap toward incorporating carbon nanotubes in computers for the future.

Source: MIT Researchers Build Functional Carbon Nanotube Microprocessor

MIT Researchers Design Robotic Thread that navigates Human Brains to clear clots

Robotics engineers at MIT have built a threadlike robot worm that can be magnetically steered to deftly navigate the extremely narrow and winding arterial pathways of the human brain. One day it could be used to quickly clear blockages and clots that contribute to strokes and aneurysms

[…]

Strokes are a leading cause of death and disability in the United States, but relieving blood vessel blockages within the first 90 minutes of treatment has been found to dramatically increase survival rates of patients. The process is a complicated one, however, requiring skilled surgeons to manually guide a thin wire through a patient’s arteries up into a damaged brain vessel followed by a catheter that can deliver treatments or simply retrieve a clot. Not only is there the potential for these wires to damage vessel linings as they inch through the body, but during the process, surgeons are exposed to excess radiation from a fluoroscope which guides them by generating x-ray images in real-time. There’s a lot of room for improvement.

Using their expertise in both water-based biocompatible hydrogels, and the use of magnets to manipulate simple machines, the MIT engineers created a robotic worm featuring a pliable nickel-titanium alloy core with memory shape characteristics so that when bent it returns to its original shape. The core was then coated in a rubbery paste that was embedded with magnetic particles, which was then wrapped in an outer coating of hydrogels allowing the robotic worm to glide through arteries and blood vessels without any friction that could potentially cause damage.

The robot was tested on a small obstacle course featuring a twisting path of small rings guided by a strong magnet that could be operated at enough distance to be placed outside a patient. The engineers also mocked up a life-size replica of a brain’s blood vessels and found that not only could the robot easily navigate that obstacle but that there was also the potential to upgrade it with additional tools like a delivery mechanism for clot reducing drugs. They even successfully replaced the worm’s metal core with an optical cable, so that once it reached its destination, it could deliver powerful laser pulses to help remove a blockage.

The robot would not only make the post-stroke procedure faster and faster, but it would also reduce the exposure to radiation that surgeons often have to endure. And while it was tested using a manually operated magnet to steer it, eventually machines could be built to control the position of the magnet (MRI machines already surround patients in intense magnetic fields) with improved accuracy, which would in turn further improve and accelerate the robot’s journey through a patient’s body.

Source: MIT Researchers Designed this Robotic Worm to Burrow Into Human Brains

A bit unsure why the original article is so down on the concept and wants to frame it negatively, but oh well.

Irish Teen Wins 2019 Google Science Fair For Removing Microplastics From Water

An Irish teenager just won $50,000 for his project focusing on extracting micros-plastics from water.

Google launched the Google Science Fair in 2011 where students ages 13 through 18 can submit experiments and their results in front of a panel of judges. The winner receives $50,000. The competition is also sponsored by Lego, Virgin Galactic, National Geographic and Scientific American.

Fionn Ferreira, an 18-year-old from West Cork, Ireland won the competition for his methodology to remove microplastics from water.

Microplastics are defined as having a diameter of 5nm or less and are too small for filtering or screening during wastewater treatment. Microplastics are often included in soaps, shower gels, and facial scrubs for their ability to exfoliate the skin. Microplastics can also come off clothing during normal washing.

These microplastics then make their way into waterways and are virtually impossible to remove through filtration. Small fish are known to eat microplastics and as larger fish eat smaller fish these microplastics are concentrated into larger fish species that humans consume.

Ferreira used a combination of oil and magnetite powder to create a ferrofluid in the water containing microplastics. The microplastics combined with the ferrofluid which was then extracted.

After the microplastics bound to the ferrofluid, Ferreira used a magnet to remove the solution and leave only water.

After 1,000 tests, the method was 87% effective in removing microplastics of all sorts from water. The most effective microplastic removed was that from a washing machine with the hardest to remove being polypropylene plastics.

With the confirmation of the methodology, Ferreira hopes to scale the technology to be able to implement at wastewater treatment facilities.

This would prevent the microplastics from ever reaching waterways and the ocean. While reduction in the use of microplastics is the ideal scenario, this methodology presents a new opportunity to screen for microplastics before they are consumed as food by fish.

At 18 Ferreira has an impressive array of accomplishments. He is the curator at the Schull Planetarium, speaks 3 languages fluently, won 12 previous science fair competitions, plays the trumpet in an orchestra and has a minor planet named after him by MIT.

Source: Irish Teen Wins 2019 Google Science Fair For Removing Microplastics From Water

Electric Dump Truck Produces More Energy Than It Uses

Electric vehicles are everywhere now. It’s more than just Leafs, Teslas, and a wide variety of electric bikes. It’s also trains, busses, and in this case, gigantic dump trucks. This truck in particular is being put to work at a mine in Switzerland, and as a consequence of having an electric drivetrain is actually able to produce more power than it consumes. (Google Translate from Portugese)

This isn’t some impossible perpetual motion machine, either. The dump truck drives up a mountain with no load, and carries double the weight back down the mountain after getting loaded up with lime and marl to deliver to a cement plant. Since electric vehicles can recover energy through regenerative braking, rather than wasting that energy as heat in a traditional braking system, the extra weight on the way down actually delivers more energy to the batteries than the truck used on the way up the mountain.

The article claims that this is the largest electric vehicle in the world at 110 tons, and although we were not able to find anything larger except the occasional electric train, this is still an impressive feat of engineering that shows that electric vehicles have a lot more utility than novelties or simple passenger vehicles.

Source: Electric Dump Truck Produces More Energy Than It Uses | Hackaday

IBM open sources Adverserial Robustness 360 toolbox for AI

This is a library dedicated to adversarial machine learning. Its purpose is to allow rapid crafting and analysis of attacks and defense methods for machine learning models. ART provides an implementation for many state-of-the-art methods for attacking and defending classifiers.

Documentation for ART: https://adversarial-robustness-toolbox.readthedocs.io

https://github.com/IBM/adversarial-robustness-toolbox

IBM releases AI Fairness 360 tool open source

The AI Fairness 360 toolkit is an open-source library to help detect and remove bias in machine learning models. The AI Fairness 360 Python package includes a comprehensive set of metrics for datasets and models to test for biases, explanations for these metrics, and algorithms to mitigate bias in datasets and models.

The AI Fairness 360 interactive experience provides a gentle introduction to the concepts and capabilities. The tutorials and other notebooks offer a deeper, data scientist-oriented introduction. The complete API is also available.

Being a comprehensive set of capabilities, it may be confusing to figure out which metrics and algorithms are most appropriate for a given use case. To help, we have created some guidance material that can be consulted.

https://github.com/IBM/AIF360

IBM releases AI Explainability tools

The AI Explainability 360 toolkit is an open-source library that supports interpretability and explainability of datasets and machine learning models. The AI Explainability 360 Python package includes a comprehensive set of algorithms that cover different dimensions of explanations along with proxy explainability metrics.

The AI Explainability 360 interactive experience provides a gentle introduction to the concepts and capabilities by walking through an example use case for different consumer personas. The tutorials and example notebooks offer a deeper, data scientist-oriented introduction. The complete API is also available.

There is no single approach to explainability that works best. There are many ways to explain: data vs. model, directly interpretable vs. post hoc explanation, local vs. global, etc. It may therefore be confusing to figure out which algorithms are most appropriate for a given use case. To help, we have created some guidance material and a chart that can be consulted.

Github link

ITER is making a mini sun to power the earth

In southern France, 35 nations are collaborating to build the world’s largest tokamak, a magnetic fusion device that has been designed to prove the feasibility of fusion as a large-scale and carbon-free source of energy based on the same principle that powers our Sun and stars.
The experimental campaign that will be carried out at ITER is crucial to advancing fusion science and preparing the way for the fusion power plants of tomorrow.
ITER will be the first fusion device to produce net energy. ITER will be the first fusion device to maintain fusion for long periods of time. And ITER will be the first fusion device to test the integrated technologies, materials, and physics regimes necessary for the commercial production of fusion-based electricity.
Thousands of engineers and scientists have contributed to the design of ITER since the idea for an international joint experiment in fusion was first launched in 1985. The ITER Members—China, the European Union, India, Japan, Korea, Russia and the United States—are now engaged in a 35-year collaboration to build and operate the ITER experimental device, and together bring fusion to the point where a demonstration fusion reactor can be designed.
[…]
Three conditions must be fulfilled to achieve fusion in a laboratory: very high temperature (on the order of 150,000,000° Celsius); sufficient plasma particle density (to increase the likelihood that collisions do occur); and sufficient confinement time (to hold the plasma, which has a propensity to expand, within a defined volume).


At extreme temperatures, electrons are separated from nuclei and a gas becomes a plasma—often referred to as the fourth state of matter. Fusion plasmas provide the environment in which light elements can fuse and yield energy.


In a tokamak device, powerful magnetic fields are used to confine and control the plasma.

[…]

The tokamak is an experimental machine designed to harness the energy of fusion. Inside a tokamak, the energy produced through the fusion of atoms is absorbed as heat in the walls of the vessel. Just like a conventional power plant, a fusion power plant will use this heat to produce steam and then electricity by way of turbines and generators.

The heart of a tokamak is its doughnut-shaped vacuum chamber. Inside, under the influence of extreme heat and pressure, gaseous hydrogen fuel becomes a plasma—the very environment in which hydrogen atoms can be brought to fuse and yield energy. (You can read more on this particular state of matter here.) The charged particles of the plasma can be shaped and controlled by the massive magnetic coils placed around the vessel; physicists use this important property to confine the hot plasma away from the vessel walls. The term “tokamak” comes to us from a Russian acronym that stands for “toroidal chamber with magnetic coils.”

First developed by Soviet research in the late 1960s, the tokamak has been adopted around the world as the most promising configuration of magnetic fusion device. ITER will be the world’s largest tokamak—twice the size of the largest machine currently in operation, with ten times the plasma chamber volume.

[…]
Taken together, the ITER Members represent three continents, over 40 languages, half of the world’s population and 85 percent of global gross domestic product. In the offices of the ITER Organization and those of the seven Domestic Agencies, in laboratories and in industry, literally thousands of people are working toward the success of ITER.
[…]
ITER’s First Plasma is scheduled for December 2025.


That will be the first time the machine is powered on, and the first act of ITER’s multi-decade operational program.


On a cleared, 42-hectare site in the south of France, building has been underway since 2010. The ground support structure and the seismic foundations of the ITER Tokamak are in place and work is underway on the Tokamak Complex—a suite of three buildings that will house the fusion experiments. Auxiliary plant buildings such as the ITER cryoplant, the radio frequency heating building, and facilities for cooling water, power conversion, and power supply are taking shape all around the central construction site.

[…]

ITER Timeline


2005
Decision to site the project in France
2006
Signature of the ITER Agreement
2007
Formal creation of the ITER Organization
2007-2009
Land clearing and levelling
2010-2014
Ground support structure and seismic foundations for the Tokamak
2012
Nuclear licensing milestone: ITER becomes a Basic Nuclear Installation under French law

2014-2021
Construction of the Tokamak Building (access for assembly activities in 2019)
2010-2021
Construction of the ITER plant and auxiliary buildings for First Plasma
2008-2021
Manufacturing of principal First Plasma components
2015-2023
Largest components are transported along the ITER Itinerary

2020-2025
Main assembly phase I
2022
Torus completion
2024
Cryostat closure
2024-2025
Integrated commissioning phase (commissioning by system starts several years earlier)
Dec 2025
First Plasma
2026
Begin installation of in-vessel components
2035
Deuterium-Tritium Operation begins

Throughout the ITER construction phase, the Council will closely monitor the performance of the ITER Organization and the Domestic Agencies through a series of high-level project milestones. See the Milestones page for a series of incremental milestones on the way to First Plasma.

Source: What is ITER?

From the FAQ: The EU seems to be paying $17bn (and is responsible for almost half the project costs). There is around $1bn in deactivation and decomissioning costs, making the total around $35bn – as far as they can figure out. That’s a staggering science project!

Lenovo Solution Centre can turn users into Admins – Lenovo changes end of life for LSC until before the last release in response.

Not only has a vulnerability been found in Lenovo Solution Centre (LSC), but the laptop maker fiddled with end-of-life dates to make it seem less important – and is now telling the world it EOL’d the vulnerable monitoring software before its final version was released.

The LSC privilege-escalation vuln (CVE-2019-6177) was found by Pen Test Partners (PTP), which said it has existed in the code since it first began shipping in 2011. It was bundled with the vast majority of the Chinese manufacturer’s laptops and other devices, and requires Windows to run. If you removed the app, or blew it away with a Linux install, say, you’re safe right now.

[…]

he solution? Uninstall Lenovo Solution Centre, and if you’re really keen you can install Lenovo Vantage and/or Lenovo Diagnostics to retain the same branded functionality, albeit without the priv-esc part.

All straightforward. However, it went a bit awry when PTP reported the vuln to Lenovo. “We noticed they had changed the end-of-life date to make it look like it went end of life even before the last version was released,” they told us.

Screenshots of the end-of-life dates – initially 30 November 2018, and then suddenly April 2018 after the bug was disclosed – can be seen on the PTP blog. The last official release of the software is dated October 2018, so Lenovo appears to have moved the EOL date back to April of that year for some reason.

Source: Security gone in 600 seconds: Make-me-admin hole found in Lenovo Windows laptop crapware. Delete it now • The Register

Why do tech companies file so many weird patents?

There are lots of reasons to patent something. The most obvious one is that you’ve come up with a brilliant invention, and you want to protect your idea so that nobody can steal it from you. But that’s just the tip of the patent strategy iceberg. It turns out there is a whole host of strategies that lead to “zany” or “weird” patent filings, and understanding them offers a window not just into the labyrinthine world of the U.S. Patent and Trademark Office and its potential failings, but also into how companies think about the future. And while it might be fun to gawk at, say, Motorola patenting a lie-detecting throat tattoo, it’s also important to see through the eye-catching headlines and to the bigger issue here: Patents can be weapons and signals. They can spur innovation, as well as crush it.

Let’s start with the anatomy of a patent. Patents have many elements—the abstract, a summary, a background section, illustrations, and a section called “claims.” It’s crucial to know that the thing that matters most in a patent isn’t the abstract, or the title, or the illustrations. It’s the claims, where the patent filer has to list all the new, innovative things that her patent does and why she in fact deserves government protection for her idea. It’s the claims that matter over everything else.

[…]

For a long time, companies didn’t really worry about the PR that patents might generate. Mostly because nobody was looking. But now, journalists are using patents as a window into a company’s psyche, and not always in a way that makes these companies look good.

So why patent something that could get you raked across the internet coals? In many cases, when a company files for a patent, it has no idea whether it’s actually going to use the invention. Often, patents are filed as early as possible in an idea’s life span. Which means that at the moment of filing, nobody really knows where a field might go or what the market might be for something. So companies will patent as many ideas as they can at the early stages and then pick and choose which ones actually make sense for their business as time goes by.

[…]

In some situations, companies file for patents to blanket the field—like dogs peeing on every bush just in case. Many patents are defensive, a way to keep your competitors from developing something more than a way to make sure you can develop that thing. Will Amazon ever make a delivery blimp? Probably not, but now none of its competitors can. (Amazon seems to be a leader in these patent oddities. Its portfolio also includes a flying warehouse, self-destructing drones, an underwater warehouse, and a drone tunnel.

[…]

David Stein, a patent attorney, says that he sees this at companies he works with. He tells me that once he was in a meeting with inventors about something they wanted to patent, and he asked one of his standard questions to help him prepare the patent: What products will this invention go into? “And they said, ‘Oh, it won’t.’ ” The team that had invented this thing had been disbanded, and the company had moved to a different solution. But they had gone far enough with the patent application that they might as well keep going, if only to use the patent in the future to keep their competitors from gaining an advantage. (It’s almost impossible to know how many patents wind up being “useful” to a company or turn up in actual products.)

As long as you have a budget for it (and patents aren’t cheap—filing for one can easily cost more than $10,000 all told), there’s an incentive for companies to amass as many as they can. Any reporter can tell you that companies love to boast about the number of patents they have, as if it’s some kind of quantitative measure of brilliance. (This makes about as much sense as boasting about how many lines of code you’ve written—it doesn’t really matter how much you’ve got, it matters if it actually works.) “The number of patents a company is filing has more to do with the patent budget than with the amount they’re actually investing in research,” says Lisa Larrimore Ouellette, a professor at Stanford Law School

[…]

This patent arm wrestling doesn’t just provide low-hanging fruit to reporters. It also affects business dealings. Let’s say you have two companies that want to make some kind of business deal, Charles Duan, a patent expert at the R Street Institute, says. One of their key negotiation points might be patents. If two giant companies want to cut a deal that involves their patent portfolios, nobody is going to go through and analyze every one of those patents to make sure they’re actually useful or original, Duan says, since analyzing a single patent thoroughly can cost thousands of dollars in legal fees. So instead of actually figuring out who has the more valuable patents, “the [company] with more patents ends up getting more. I’m not sure there’s honestly much more to it.”

Several people I spoke with for this story described patent strategy as “an arms race” in which businesses all want to amass as many patents as they can to protect themselves and bolster their position in these negotiations. “There’s not that many companies that are willing to engage in unilateral disarmament,”

[…]

While disarmament might be unlikely, many companies have chosen not to engage in the patent warfare at all. In fact, companies often don’t patent technologies they’re most interested in. A patent necessarily lays out how your product works, information that not all companies want to divulge. “We have essentially no patents in SpaceX,” Elon Musk told Chris Anderson at Wired. “Our primary long-term competition is in China. If we published patents, it would be farcical, because the Chinese would just use them as a recipe book.”

[…]

In most cases, once the inventors and engineers hand over their ideas and answer some questions, it’s the lawyer’s job to build those things out into an actual patent. And here is where a lot of the weirdness actually enters the picture, because the lawyer essentially has to get creative. “You dress up science fiction with words like ‘means for processing’ or ‘data storage device,’ ” says Mullin.

Even the actual language of the patents themselves can be misleading. It turns you actually can write fan fiction about your own invention in a patent. Patent applications can include what are called “prophetic examples,” which are descriptions of how the patent might work and how you might test it. Those prophetic examples can be as specific as you want, despite being completely fictional. Patents can legally describe a “46-year-old woman” who never existed and say that her “blood pressure is reduced within three hours” when that never actually happened. The only rule about prophetic examples is that they cannot be written in the past tense. Which means that when you’re reading a patent, the examples written in the present tense could be real or completely made up. There’s no way to know.

If this sounds confusing, it is, and not just to journalists trying to wade through these documents. Ouellette, who published a paper in Science about this problem recently, admitted that even she wouldn’t necessarily be able to tell whether experiments described in a patent had actually been conducted.

Some people might argue that these kinds of speculative patents are harmless fun, the result of a Kafkaesque kaleidoscope of capitalism, competition, and bureaucracy. But it’s worth thinking about how they can be misused, says Mullin. Companies that are issued vague patents can go after smaller entities and try to extract money from them. “It’s like beating your competitor over the head with a piece of science fiction you wrote,” he says.

Plus, everyday people can be misled about just how much to trust a company based on its patents. One study found that out of 100 patents cited in scientific articles or books that used only prophetic examples (in other words, had no actual data or evidence in them), 99 were inaccurately described as having been based on real data.

[…]

Stein says that recently he’s had companies bail on patents because they might be perceived as creepy. In fact, in one case, Stein says that the company even refiled a patent to avoid a PR headache.* As distrust of technology corporations mounts, the way we read patents has changed. “Everybody involved in the patent process is a technologist. … We don’t tend to step back and think, this could be perceived as something else by people who don’t trust us.” But people are increasingly unwilling to give massive tech companies the benefit of the doubt. This is why Google’s patent for a “Gaze tracking system” got pushback—do you really want Google to know exactly what you look at and for how long?

[…]

there is still real value in reading the patents that companies apply for—not because doing so will necessarily tell you what they’re actually going to make, but because they tell you what problems the company is trying to solve. “They’re indicative of what’s on the engineer’s mind,” says Duan. “They’re not going to make the cage, but it does tell you that they’re worried about worker safety.” Spotify probably won’t make its automatic parking finder, so you don’t have to pause your music in a parking garage while you hunt for a spot. But it does want to figure out how to reduce interruptions in your music consumption. So go forth and read patents. Just remember that they’re often equal parts real invention and sci-fi.

Source: Why do tech companies file so many weird patents?

That science fiction concepts can be patented is new for me. So you can whack companies around with patents that you thought of but didn’t implement. Sounds like a really good idea. Not.

Complex quantum teleportation achieved for the first time

Researchers from the Austrian Academy of Sciences and the University of Vienna have experimentally demonstrated what was previously only a theoretical possibility. Together with quantum physicists from the University of Science and Technology of China, they have succeeded in teleporting complex high-dimensional quantum states. The research teams report this international first in the journal Physical Review Letters.

In their study, the researchers teleported the of one photon (light particle) to another distant one. Previously, only two-level states (“qubits”) had been transmitted, i.e., information with values “0” or “1”. However, the scientists succeeded in teleporting a three-level state, a so-called “qutrit”. In , unlike in classical computer science, “0” and “1” are not an ‘either/or’ – both simultaneously, or anything in between, is also possible. The Austrian-Chinese team has now demonstrated this in practice with a third possibility “2”.

[…]

The quantum state to be teleported is encoded in the possible paths a photon can take. One can picture these paths as three optical fibers. Most interestingly, in quantum physics a single photon can also be located in all three optical fibers at the same time. To teleport this three-dimensional quantum state, the researchers used a new experimental method. The core of quantum teleportation is the so-called Bell measurement. It is based on a multiport beam splitter, which directs photons through several inputs and outputs and connects all optical fibers together. In addition, the scientists used auxiliary photons—these are also sent into the multiple beam splitter and can interfere with the other photons.

Through clever selection of certain interference patterns, the quantum information can be transferred to another photon far from the input photon, without the two ever physically interacting. The experimental concept is not limited to three dimensions, but can in principle be extended to any number of dimensions, as Erhard emphasizes.

Higher information capacities for quantum computers

With this, the international research team has also made an important step towards practical applications such as a future quantum internet, since high-dimensional quantum systems can transport larger amounts of information than qubits. “This result could help to connect quantum computers with information capacities beyond qubits”, says Anton Zeilinger, quantum physicist at the Austrian Academy of Sciences and the University of Vienna, about the innovative potential of the new method.

[…]

In future work, the will focus on how to extend the newly gained knowledge to enable teleportation of the entire quantum state of a single or atom.

Source: Complex quantum teleportation achieved for the first time

Quantum radar has been demonstrated for  – MIT Technology Review

thanks to the work of Shabir Barzanjeh at the Institute of Science and Technology Austria and a few colleagues. This team has used entangled microwaves to create the world’s first quantum radar. Their device, which can detect objects at a distance using only a few photons, raises the prospect of stealthy radar systems that emit little detectable electromagnetic radiation.

The device is simple in essence. The researchers create pairs of entangled microwave photons using a superconducting device called a Josephson parametric converter. They beam the first photon, called the signal photon, toward the object of interest and listen for the reflection.

Quantum radar

In the meantime, they store the second photon, called the idler photon. When the reflection arrives, it interferes with this idler photon, creating a signature that reveals how far the signal photon has traveled. Voila—quantum radar!

This technique has some important advantages over conventional radar. Ordinary radar works in a similar way but fails at low power levels that involve small numbers of microwave photons. That’s because hot objects in the environment emit microwaves of their own.

In a room temperature environment, this amounts to a background of around 1,000 microwave photons at any instant, and these overwhelm the returning echo. This is why radar systems use powerful transmitters.

Entangled photons overcome this problem. The signal and idler photons are so similar that it is easy to filter out the effects of other photons. So it becomes straightforward to detect the signal photon when it returns.

Of course, entanglement is a fragile property of the quantum world, and the process of reflection destroys it.  Nevertheless, the correlation between the signal and idler photons is still strong enough to distinguish them from background noise.

[…]

A big advantage is the low levels of electromagnetic radiation required. “Our experiment shows the potential as a non-invasive scanning method for biomedical applications, e.g., for imaging of human tissues or non-destructive rotational spectroscopy of proteins,” say Barzanjeh and co.

Then there is the obvious application as a stealthy radar that is difficult for adversaries to detect over background noise. The researchers say it could be useful for short-range low-power radar for security applications in closed and populated environments.

Source: Quantum radar has been demonstrated for the first time – MIT Technology Review

Russia’s floating nuclear plant sails to its destination

Russia’s first floating nuclear power plant sailed Friday to its destination on the nation’s Arctic coast, a project that environmentalists have criticized as unsafe.

The Akademik Lomonosov is a 140-meter (459-foot) long towed platform that carries two 35-megawatt nuclear reactors. On Friday, it set out from the Arctic port of Murmansk on the Kola Peninsula on a three-week journey to Pevek on the Chukotka Peninsula more than 4,900 kilometers (about 2,650 nautical miles) east.

Its purpose is to provide power for the area, replacing the Bilibino nuclear power plant on Chukotka that is being decommissioned.

The Russian project is the first floating nuclear power plant since the U.S. MH-1A, a much smaller reactor that supplied the Panama Canal with power from 1968-1975.

Environmentalists have criticized the project as inherently dangerous and a threat to the pristine Arctic region. Russia’s state nuclear corporation Rosatom has dismissed those concerns, insisting that the floating nuclear plant is safe to operate.

Rosatom director, Alexei Likhachev, said his corporation hopes to sell floating reactors to foreign markets. Russian officials have previously mentioned Indonesia and Sudan among potential export customers.

Source: Russia’s floating nuclear plant sails to its destination

Scientists bioprint living tissue in a matter of seconds

Scientists at EPFL and University Medical Center Utrecht have developed an optical system that can bioprint complex, highly viable living tissue in “just a few seconds.” It would represent a breakthrough compared to the clunky, layer-based processes of today.

The approach, volumetric bioprinting, forms tissue by projecting a laser down a spinning tube containing hydrogel full of stem cells. You can shape the resulting tissue simply by focusing the laser’s energy on specific locations to solidify them, creating a useful 3D shape within seconds. After that, it’s a matter of introducing endothelial cells to add vessels to the tissue.

The resulting tissues are currently just a few inches across. That’s still enough to be “clinically useful,” EPFL said, and has already been used to print heart-like valves, a complex femur part and a meniscus. It can create interlocking structures, too.

While this definitely isn’t ready for real-world use, the applications are fairly self-evident. EPFL imagines a new wave of “personalized, functional” organs produced at “unprecedented speed.” This could be helpful for implants and repairs, and might greatly reduce the temptation to use animal testing — you’d just need to produce organs to simulate effects. This might be as much an ethics breakthrough as it is a technical one.

Source: Scientists bioprint living tissue in a matter of seconds

Uber And Lyft Take A Lot More From Drivers Than They Say

Ultimately, the rider paid $65 for the half-hour trip, according to a receipt viewed by Jalopnik. But Dave made only $15 (the fares have been rounded to anonymize the transaction).

Uber kept the rest, meaning the multibillion-dollar corporation kept more than 75 percent of the fare, more than triple the average so-called “take-rate” it claims in financial reports with the Securities and Exchange Commission.

Had he known in advance how much he would have been paid for the ride relative to what the rider paid, Dave said he never would have accepted the fare.

“This is robbery,” Dave told Jalopnik over email. “This business is out of control.”

Dave is far from alone in his frustrations. Uber and Lyft have slashed driver pay in recent years and now take a larger portion of each fare, far larger than the companies publicly report, based on data collected by Jalopnik. And the new Surge or Prime Time pricing structure widely adopted by both companies undermines a key legal argument both companies make to classify drivers as independent contractors.

Jalopnik asked drivers to send us fare receipts showing a breakdown of how much the rider paid for the trip, how much of that fare Uber or Lyft kept, and what the driver earned.

In total, we received 14,756 fares. These came from two sources: the web form where drivers could submit fares individually, and via email where some drivers sent us all their fares from a given time period.

Of all the fares Jalopnik examined, Uber kept 35 percent of the revenue, while Lyft kept 38 percent. These numbers are roughly in line with a previous study by Lawrence Mishel at the Economic Policy Institute which concluded Uber’s take rate to be roughly one-third, or 33 percent.

Of the drivers who emailed us breakdowns for all of their fares in a given time period—ranging from a few months to more than a year—Uber kept, on average, 29.6 percent. Lyft pocketed 34.5 percent.

Those take rates are 10.6 percent and 8.5 percent higher than Uber and Lyft’s publicly reported figures, respectively.

Graphic: Jim Cooke — G/O Media

In regulatory filings, Uber has reported its so-called “take-rate” is actually going down, from 21.7 percent in 2018 to 19 percent in the second quarter of 2019 (Uber declined to offer U.S.-only figures for a more direct comparison to Jalopnik’s findings).

Source: Uber And Lyft Take A Lot More From Drivers Than They Say

Johnson & Johnson Ordered to Pay $572 Million in Landmark Opioid Trial

A judge in Oklahoma on Monday ruled that Johnson & Johnson had intentionally played down the dangers and oversold the benefits of opioids, and ordered it to pay the state $572 million in the first trial of a drug manufacturer for the destruction wrought by prescription painkillers.

The amount fell far short of the $17 billion judgment that Oklahoma had sought to pay for addiction treatment, drug courts and other services it said it would need over the next 20 years to repair the damage done by the opioid epidemic.

Still, the decision, by Judge Thad Balkman of Cleveland County District Court, heartened lawyers representing states and cities — plaintiffs in many of the more than 2,000 opioid lawsuits pending across the country — who are pursuing a legal strategy similar to Oklahoma’s. His finding that Johnson & Johnson had breached the state’s “public nuisance” law was a significant aspect of his order.

Judge Balkman was harsh in his assessment of a company that has built its reputation as a responsible and family-friendly maker of soap, baby powder and Band-Aids.

In his ruling, he wrote that Johnson & Johnson had promulgated “false, misleading, and dangerous marketing campaigns” that had “caused exponentially increasing rates of addiction, overdose deaths” and babies born exposed to opioids.

Source: Johnson & Johnson Ordered to Pay $572 Million in Landmark Opioid Trial – The New York Times

London Transport asked people to write down their Oyster passwords – but don’t worry

London-dwelling Alfie Fresta wanted a National Rail travelcard discount added to his London Oyster card so the discount would work automatically with his pay-as-you-go smartcard.

He was startled when London Overground staff at New Cross Gate station handed him a paper form with a box on it asking for his online Oyster account password.

“I was in utter disbelief,” Fresta told El Reg, having just read about Oyster online accounts being breached by credential-stuffing crooks. “Having worked on a number of web apps, I know storing passwords in clear text is, for lack of a better word, a ginormous no-no.”

Oyster plain text password form from Arriva Rail London, which operates London Overground

The Arriva Rail London form handed to Fresta. ARL is the outsourced operator for TfL’s London Overground services. Click to enlarge

Just to check that this wasn’t a local misunderstanding by station staff, Fresta checked it out at other stations – and was again asked to write down his password in plain text for staff to read.

TfL did not deny that this is its standard procedure for staff adding discounts to Oyster cards, but insisted in a statement to The Register that it doesn’t store those passwords and lets customers take the completed form away afterwards.

A spokeswoman told us: “Customers can add discounts to their Oyster cards at all station ticket machines and our staff are on hand to support them with this process. If a customer prefers to do this via a ticket office rather than a machine, then a password is temporarily provided to the ticket office staff via a form.

“The password is always entered in the presence of the customer and the form is returned to them to ensure it can be disposed of securely. Customers are advised to change the password on first login, if setting up an online Oyster account. We recognise that where possible this process could be improved and work is under way to identify options.”

Fresta was not impressed with TfL’s customer service, telling us he wasn’t given “any explanation as to how the information [would] be handled or why”.

Source: Yes, TfL asked people to write down their Oyster passwords – but don’t worry, they didn’t inhale • The Register

That’s insane!

Indonesia unveils site of new capital on Borneo island

The capital of the world’s fourth most populous country, on the island of Java, is now home to 10 million people and is prone to floods, traffic gridlock and faces the risk of earthquakes.

The as-yet unnamed new capital will straddle the regions of North Penajam Paser and Kutai Kartanegara in Indonesia’s province of East Kalimantan on Borneo, President Joko Widodo told a news conference.

“It is a strategic location at the center of Indonesia, close to growing urban areas,” Widodo said at the presidential palace in Jakarta, adding that planning must start immediately if relocation is to begin in 2024.

The site of the new capital, 2,000 km (1,250 miles) northeast of Jakarta, is one of the regions least prone to the natural disasters that regularly hit the archipelago of 17,000 islands.

There are also economic and political reasons for moving the capital from Java, which Widodo said was home to 54% of Indonesia’s 260 million people and generated 58% of its gross domestic product.

But environmentalists fear the move will hasten the destruction of forests that are home to orangutans, sun bears and long-nosed monkeys, as well as increasing pollution already on the rise from coal mining and palm oil industries.

“The move will have an environmental impact,” said Greenpeace senior forest campaigner Jasmine Puteri. “Jakarta has suffered so many failures from pollution, water crisis, and flooding. We don’t want these problems in the new capital.”

FOREST CITY

Officials say they want the new capital to be “a smart city in the forest” and have set aside 180,000 hectares (445,000 acres) of government land.

Widodo said moving the administrative center would cost just under $33 billion, of which the state would fund 19%, with the rest coming from public-private partnerships and private investment. The price tag includes new government offices and homes for about 1.5 million civil servants.

Source: Indonesia unveils site of new capital on Borneo island – Reuters

PowerShell 7 ups the telemetry but… hey… is that an off switch?

Microsoft emitted a fresh preview of command-line darling PowerShell 7 last night, highlighting some additional slurping – and how to shut it off.

PowerShell 7 Preview 3, which is built on .NET Core 3.0 Preview 8, is the latest step on the way to final release at the end of 2019 and a potential replacement for the venerable PowerShell 5.1.

The first preview dropped back in May and the gang has made solid progress since. This time around, the team has opted to switch on all experimental features of the command-line shell by default in order to get more feedback on whether those features are worth the extra effort to gain “stable” status.

[…]

there are a number of useful features, some targeted squarely at Windows (stripping away reasons to stay with PowerShell 7’s more Windows-focused ancestors) and others that simply make life easy for script fans. The ability to stick a -Parallel parameter to ForEach-Object in order to execute scriptblocks in parallel is a good example, as is a -ThrottleLimit parameter to keep the thread usage under control.

Preview 3 and Telemetry

However, it’s not all good news. Lee, with impressive openness, highlighted the extra telemetry PowerShell would be capturing with this release. Microsoft’s Sydney Smith provided further details and, perhaps more importantly for some users, explained how to turn the slurping off.

New data points being collected include counts of application types such as Cmdlets and Functions, hosted sessions and PowerShell starts by type (API vs Console).

[…]

for the benefit of those who get twitchy about the slurping of data, Smith highlighted the POWERSHELL_TELEMETRY_OPTOUT environment variable, which can be set to the true, yes or 1 to stop PowerShell squirting anything back at Redmond’s servers.

Source: Latest sneak peek at PowerShell 7 ups the telemetry but… hey… is that an off switch? • The Register

Here’s a top tip: Don’t trust the new guy – block web domains less than a month old. They are bound to be dodgy

IT admins could go a long way towards protecting their users from malware and other dodgy stuff on the internet if they ban access to any web domain less than a month old.

This advice comes from Unit 42, the security branch of networking house Palo Alto Networks. To be exact, the recommendation is that any domain created in the past 32 days ought to be blocked. This comes after the gang studied newly-registered domains – NRDs for short – and found that more than 70 per cent fell under the classification of “suspicious,” “not safe for work,” or “malicious.”

“While this may be deemed a bit aggressive by some due to potential false-positives, the risk from threats via NRDs is much greater,” noted Unit 42’s Zhanhao Chen, Jun Javier Wang, and Kelvin Kwan. “At the bare minimum, if access to NRDs are allowed, then alerts should be set up for additional visibility.”

According to Unit 42’s study of new domains created on 1,530 different top level domains (TLDs) from March to May of this year, just 8.4 per cent of NRDs could be confirmed as hosting only benign pages. 2.32 per cent were confirmed not safe for work, while 1.27 per cent of the domains were classified as malicious, meaning they were found to host malware, phishing, or botnet, command and control tools.

The solid majority of the domains, 69.73 per cent to be exact, fell under the label of “suspicious,” meaning the domains appear to have been parked, had insufficient content to be verified as legit, or were considered “questionable,” or “high risk,” but not flat-out malicious. 18.2 per cent were classified as just “other,” rather unhelpfully.

In other words, just under three quarters of new domains are used for sites that vary from completely empty, to shady at best, to verified as attack sites.

Source: Here’s a top tip: Don’t trust the new guy – block web domains less than a month old. They are bound to be dodgy • The Register

Microsoft Contractors Listened to Xbox Owners (mainly kids) in Their Homes – since 2013

Contractors working for Microsoft have listened to audio of Xbox users speaking in their homes in order to improve the console’s voice command features, Motherboard has learned. The audio was supposed to be captured following a voice command like “Xbox” or “Hey Cortana,” but contractors said that recordings were sometimes triggered and recorded by mistake.

The news is the latest in a string of revelations that show contractors working on behalf of Microsoft listen to audio captured by several of its products. Motherboard previously reported that human contractors were listening to some Skype calls as well as audio recorded by Cortana, Microsoft’s Siri-like virtual assistant.

“Xbox commands came up first as a bit of an outlier and then became about half of what we did before becoming most of what we did,” one former contractor who worked on behalf of Microsoft told Motherboard. Motherboard granted multiple sources in this story anonymity as they had signed non-disclosure agreements.

The former contractor said they worked on Xbox audio data from 2014 to 2015, before Cortana was implemented into the console in 2016. When it launched in November 2013, the Xbox One had the capability to be controlled via voice commands with the Kinect system.

[…]

The former contractor said most of the voices they heard were of children.

“The Xbox stuff was actually a bit of a welcome respite, honestly. It was frequently the same games. Same DLCs. Same types of commands,” they added. “‘Xbox give me all the games for free’ or ‘Xbox download [newest Minecraft skins pack]’ or whatever,” they added. The former contractor was paid $10 an hour for their work, according to an employment document shared with Motherboard.

“Occasionally I heard ‘Xbox, tell Solas to heal,’ or something similar, which would be a command for Dragon Age: Inquisition,” the former contractor said, referring to hearing audio of in-game commands.

And that listening continued as the Xbox moved from using Kinect for voice commands over to Cortana. A current contractor provided a document that describes how workers should work with different types of Cortana audio, including commands given to control an Xbox.

Source: Microsoft Contractors Listened to Xbox Owners in Their Homes – VICE

All these guys are using this kind of voice data to improve their AI, so there’s nothing really particularly sinister in that (although they could probably turn on targeted microphones if they want and listen to YOU) but the fact that they lied about it, withheld the information from us and didn’t even mention it in their privacy statements, don’t allow you to opt out – THAT’s a problem.

BTW SONOS is also involved in this…

Moscow’s blockchain voting system cracked a month before election, will be fixed due to responsible disclosure, open source and bug bounties

A French security researcher has found a critical vulnerability in the blockchain-based voting system Russian officials plan to use next month for the 2019 Moscow City Duma election.

Pierrick Gaudry, an academic at Lorraine University and a researcher for INRIA, the French research institute for digital sciences, found that he could compute the voting system’s private keys based on its public keys. This private keys are used together with the public keys to encrypt user votes cast in the election.

Gaudry blamed the issue on Russian officials using a variant of the ElGamal encryption scheme that used encryption key sizes that were too small to be secure. This meant that modern computers could break the encryption scheme within minutes.

“It can be broken in about 20 minutes using a standard personal computer, and using only free software that is publicly available,” Gaudry said in a report published earlier this month.

“Once these [private keys] are known, any encrypted data can be decrypted as quickly as they are created,” he added.

What an attacker can do with these encryption keys is currently unknown, since the voting system’s protocols weren’t yet available in English, so Gaudry couldn’t investigate further.

“Without having read the protocol, it is hard to tell precisely the consequences, because, although we believe that this weak encryption scheme is used to encrypt the ballots, it is unclear how easy it is for an attacker to have the correspondence between the ballots and the voters,” the French researcher said.

“In the worst case scenario, the votes of all the voters using this system would be revealed to anyone as soon as they cast their vote.”

[…]

The French academic was able to test Moscow’s upcoming blockchain-based voting system because officials published its source code on GitHub in July, and asked security researchers to take their best shots.

Following Gaudry’s discovery, the Moscow Department of Information Technology promised to fix the reported issue — the use of a weak private key.

“We absolutely agree that 256×3 private key length is not secure enough,” a spokesperson said in an online response. “This implementation was used only in a trial period. In few days the key’s length will be changed to 1024.”

[…]

However, a public key of a length of 1024 bits may not be enough, according to Gaudry, who believes officials should use one of at least 2048 bits instead.

[…]

There is a good side to this,” he added. “The fact that Moscow allowed others to look at the code, research it and then help them secure it.”

Furthermore, Moscow officials also approved a monetary reward for Gaudry, who according to Russian news site Meduza, stands to make one million Russian ruble, which is just over $15,000.

According to a previous report from July, Gaudry’s reward is near the top prize the Moscow local government promised bug hunters when it put the code on GitHub, which was 1.5 million Russian ruble ($22,500).

“The US system COULD learn a lot from Mother Russia on this one,” Roberts said, referring to the plethora of growing pains the US has been going through recently while trying to secure its electronic voting machines.

These growing pains mostly come from voting machine vendors, who are refusing to engage with the cyber-security community, something the Moscow government had no problem doing.

This closed-source nature around electronic voting machines and election systems used in the US is the reason why Microsoft recently announced plans to open-source on GitHub a new technology for securing electronic voting machines.

Source: Moscow’s blockchain voting system cracked a month before election | ZDNet

Google, Apple, Mozilla end Kazakhstan internet by blocking root CA

On Wednesday, Google, Apple, and Mozilla said their web browsers will block the Kazakhstan root Certificate Authority (CA) certificate – following reports that ISPs in the country have required customers to install a government-issued certificate that enables online spying.

According to the University of Michigan’s Censored Planet project, the country’s snoops “recently began using a fake root CA to perform a man-in-the-middle (MitM) attack against HTTPS connections to websites including Facebook, Twitter, and Google.”

A root CA certificate can, to put it simply, be abused to intercept and access otherwise protected communication between internet users and websites.

The Censored Planet report indicates that researchers first detected data interception on July 17, a practice that has continued intermittently since then (though discussions of Kazakhstan’s possible abuse of root CA certificates date back several years).

The interception does not appear to be widespread – it’s said to affect only 459 (7 per cent) of the country’s 6,736 HTTPS servers. But it affects 37 domains, largely social media and communications services linked to Google, Facebook, and Twitter domains, among others.

Kazakhstan has a population of 18m and 76 per cent internet penetration, according to advocacy group Freedom House, which rates it 62 on a scale of 100 for lack of internet freedom – 100 means no internet access.

Two weeks ago, the government of Kazakhstan said it had discontinued its internet surveillance scheme, initially justified as a way to improve cybersecurity, after lawyers in the country criticized the move.

In notifications to Kazakhstani telecom customers, mobile operators maintained that the government-mandated security certificate represented a lawful demand. Yet, in a statement on August 6, the National Security Committee of the Republic of Kazakhstan said the certificate requirement was just a test, and a successful one at that. And the committee provided instructions for removing the certificate from Android, iOS and Windows devices.

In 2015, Kazakhstan tried to get its root CA certificate into Mozilla trusted root store program but was rebuffed, and then tried to get its citizens to install the cert themselves until thwarted by legal action.

“As far as we know, the installation of the certificate is not legally required in Kazakhstan at this time,” a Mozilla spokesperson said in an email to The Register.

Source: Finally. Thanks so much, nerds. Google, Apple, Mozilla end government* internet spying for good • The Register

Bug-hunter finds local privilege escalation in Steam. Valve refuses to acknowledge and so he’s dropped it on the internet.

The way Kravets tells is (Valve did not respond to a request for comment), the whole saga started earlier this month when he went to report a separate elevation of privilege flaw in Steam Client, the software gamers use to purchase and run games from the games service.

Valve declined to recognize and pay out for the bug, which they said required local access and the ability to drop files on the target machine in order to run and was therefore not really a vulnerability.

“I received a lot of feedback. But Valve didn’t say a single word, HackerOne sent a huge letter and, mostly, kept silence,” Kravets wrote. “Eventually things escalated with Valve and I got banned by them on HackerOne — I can no longer participate in their vulnerability rejection program (the rest of H1 is still available though).”

Now, some two weeks later, Kravets has discovered and disclosed a second elevation of privilege flaw. Like the first, this vulnerability this flaw (a DLL loading vulnerability) would require the attacker to have access to the target’s machine and the ability to write files locally.

Source: Disgruntled bug-hunter drops Steam zero-day to get back at Valve for refusing him a bounty • The Register

The Register then says something pretty stupid:

While neither flaw would be considered a ‘critical’ risk as they each require the attacker to already have access to the target machine (if that’s the case you’re already in serious trouble, so what’s another flaw)

It’s an escalation flaw, which means that as a normal user you can run things administrators are only supposed to run. That’s a problem.