New Password in a Heartbeat

Thursday, 26 September 2013

Pacemakers, insulin pumps, defibrillators and other implantable medical devices often have wireless capabilities that allow emergency workers to monitor patients. But these devices have a potential downside: They can be hacked.
    Researchers at Rice University have come up with a secure way to dramatically cut the risk that an implanted medical device (IMD) could be altered remotely without authorization.
Their technology would use the patient's own heartbeat as a kind of password that could only be accessed through touch.
Rice electrical and computer engineer Farinaz Koushanfar and graduate student Masoud Rostami will present Heart-to-Heart, an authentication system for IMDs, at the Association for Computing Machinery's Conference on Computer and Communications Security in Berlin in November. They developed the technology with Ari Juels, former chief scientist at RSA Laboratories, a security company in Cambridge, Mass.
IMDs generally lack the kind of password security found on a home Wi-Fi router because emergency medical technicians often need quick access to the information the devices store to save a life, Rostami said. But that leaves the IMDs open to attack.
"If you have a device inside your body, a person could walk by, push a button and violate your privacy, even give you a shock," he said. "He could make (an insulin pump) inject insulin or update the software of your pacemaker. But our proposed solution forces anybody who wants to read the device to touch you."
The system would require software in the IMD to talk to the "touch" device, called the programmer. When a medical technician touches the patient, the programmer would pick up an electrocardiogram (EKG) signature from the beating heart. The internal and external devices would compare minute details of the EKG and execute a "handshake." If signals gathered by both at the same instant match, they become the password that grants the external device access.
"The signal from your heartbeat is different every second, so the password is different each time," Rostami said. "You can't use it even a minute later."
He compared the EKG to a chart of a financial stock. "We're looking at the minutia," Rostami said. "If you zoom in on a stock, it ticks up and it ticks down every microsecond. Those fine details are the byproduct of a very complex system and they can't be predicted."
A human heartbeat is the same, he said. It seems steady, but on closer view every beat has unique characteristics that can be read and matched. "We treat your heart as if it were a random number generator," he said.
The system could potentially be used with the millions of IMDs already in use, Koushanfar said. "To our knowledge, this is the first fully secure solution that has small overhead and can work with legacy systems," she said. "Like any device that has wireless access, we can simply update the software."
Koushanfar noted the software would require very little of an IMD's precious power, unlike other suggested secure solutions that require computationally intensive -- and battery draining -- cryptography. "We're hopeful," she said. "We think everything here is a practical technology."
Implementation would require cooperation with device manufacturers who, Koushanfar said, hold their valuable, proprietary secrets very close to the chest, as well as approval by the Food and Drug Administration.
But the time to pursue IMD security is here, Rostami insisted. "People will have more implantable devices, not fewer," he said. "We already have devices for the heart and insulin pumps, and now researchers are talking about putting neuron stimulators inside the brain. We should make sure all these things are secure."

New Technology Protects Against Password Theft and Phishing Attacks

New technology launched today by Royal Holloway University, will help protect people from the cyber attack known as "phishing," believed to have affected 37.3 million of us last year, and from online password theft, which rose by 300% during 2012-13.
    Phishing involves cyber criminals creating fake websites that look like real ones and luring users into entering their login details, and sometimes personal and financial information. In recent months, the Syrian Electronic Army (SEA) has successfully launched phishing attacks against employees of the Financial Times to enable them to post material to its website, and mass attacks were launched within Iran using a fake Google email, shortly before the elections.
Scientists from Royal Holloway have devised a new system called Uni-IDM which will enable people to create electronic identity cards for each website they access. These are then securely stored, allowing owners to simply click on the card when they want to log back in, safe in the knowledge that the data will only be sent to the authentic website. A key feature of the technology is that it is able to recognise the increasing number of websites that offer more secure login systems and present people with a helpful and uniform way of using these.
"We have known for a long time that the username and password system is problematic and very insecure, proving a headache for even the largest websites. LinkedIn was hacked, and over six million stolen user passwords were then posted on a website used by Russian cyber criminals; Facebook admitted in 2011 that 600,000 of its user accounts were being compromised every single day," said Professor Chris Mitchell from Royal Holloway's Information Security Group.
"Despite this, username and password remains the dominant technology, and while large corporations have been able to employ more secure methods, attempts to provide homes with similar protection have been unsuccessful, except in a few cases such as online banking. The hope is that our technology will finally make it possible to provide more sophisticated technology to protect all internet users."
Uni-IDM is also expected to offer a solution for people who will need to access the growing number government services going online, such as tax and benefits claims. The system will provide a secure space for these new users, many of whom may have little experience using the internet.

New Multifunctional Topological Insulator Material With Combined Superconductivity

Most materials show one function, for example, a material can be a metal, a semiconductor, or an insulator. Metals such as copper are used as conducting wires with only low resistance and energy loss. Superconductors are metals which can conduct current even without any resistance, although only far below room temperature. Semiconductors, the foundation of current computer technology, show only low conduction of current, while insulators show no conductivity at all.

Physicists have recently been excited about a new exotic type of materials, so-called topological insulators. A topological insulator is insulating inside the bulk like a normal insulator, while on the surface it shows conductivity like a metal. When a topological insulator is interfaced with a superconductor, a mysterious particle called Majorana fermion emerges, which can be used to fabricate a quantum computer that can run much more quickly than any current computer. Searching for Majorana fermions based on a topological insulator-superconductor interface has thus become a hot race just very recently.
Computer-based materials design has demonstrated its power in scientific research, saving resources and also accelerating the search for new materials for specific purposes. By employing state-of-art materials design methods, Dr. Binghai Yan and his collaborators from the Max Planck Institute for Chemical Physics of Solids and Johannes Gutenberg University Mainz in Germany have recently predicted that the oxide compound BaBiO3combines two required properties, i.e., topological insulator and superconductivity. This material has been known for about thirty years as a high-temperature superconductor of Tc of nearly 30 Kelvin with p-type doping. Now it has been discovered to be also a topological insulator with n-type doping. A p-n junction type of simple device assisted by gating or electrolyte gating is proposed to realize Majorana fermions for quantum computation, which does not require a complex interface between two materials.
In addition to their options for use in quantum computers, topological insulators hold great potential applications in the emerging technology of spintronics and thermoelectrics for energy harvesting. One major obstacle for widespread application is the relatively small size of the bulk band gap, which is typically around 0.3 electron-volts (eV) for previously known topological insulator materials. Currently identified material exhibits a much larger energy-gap of 0.7 eV. Inside the energy-gap, metallic topological surface states exist with a Dirac-cone type of band structures.
The research leading to the recent publication in Nature Physicswas performed by a team of researchers from Dresden and Mainz around the theoretical physicist Dr. Binghai Yan and the experimental chemists Professor Martin Jansen and Professor Claudia Felser. "Now we are trying to synthesize n-type doped BaBiO3," said Jansen. "And we hope to be soon able to realize our idea."

Study Shows Over 200 Mobile Apps Related to Dermatology

            A surge of mobile apps related to dermatology has allowed scores of smart phone users to track and diagnose a wide range of skin diseases but doctors are urging caution, according to a study published today in the Journal of the American Medical Association.
                  "There are 229 dermatological applications out there and most are free," said Robert Dellavalle, MD, PhD, MSPH, senior author of the study and Associate Professor of Dermatology at the University of Colorado School of Medicine. "Yet this is an area of buyer beware because there are no regulations and no guarantees that these apps are providing accurate medical information."
The study found mobile applications for monitoring psoriasis, connecting people with patient organizations, diagnosing melanoma, dispensing sun screen advice, dermatology education and skin medications.
Self-surveillance/diagnosis apps vary widely in capabilities. Some allow patients to document lesions, upload and receive dermatologist or algorithm-based feedback about the malignancy potential of lesions, follow diagnosis algorithms and log personal treatment regimens.
Others are focused on a single malady like acne, rosacea, psoriasis or eczema. Patients and doctors can interface on apps and one lets users get pathology results from their phone. Another, Dr. Mole, allows users to photograph a mole and monitor its changes over time to determine if it's cancerous.
The 10 most reviewed apps included:
    1. Ultraviolet-UV Index
    2. VisualDx
    3. SPF
    4. iSore
    5. SpotMole
    6. Pocket Derm
    7. Skin Scan
    8. Doctor Mole
    9. What's My Rash?
    10. Skin Conditions
The U.S. Food and Drug Administration announced Monday that it would only regulate the small number of apps that act like medical instruments, those that perform ultrasounds or other procedures.
Dellavalle, Chief of Dermatology at the Denver Veterans Affairs Medical Center, said the rise in medical apps in general and dermatology in particular offers the chance to expand care into rural and underserved populations.
They may also help mitigate the shortage of dermatologists nationwide. Still, he urged people to use common sense.
"There is a huge expansion of medical apps across all disciplines now. This will require some caution by users but it also opens up new opportunities," he said. "I think most apps are generally safe right now, but I would not rely solely on them. I would cross-reference them with other apps, other people and with your doctor."

Glitch sends Google Hangouts and GTalk chats to wrong people

Google's Hangouts/GTalk messaging system was hit by a glitch that saw messages being incorrectly delivered to unintended recipients.
Several users found that after around 4 p.m. Sydney time, messages sent over Google Hangouts and GTalk were sent erroneously to the wrong recipients.
There appeared to be no pattern to who was receiving the messages by mistake, or who the glitch was affecting.
ZDNet confirmed first-hand that the glitch was present within Google Apps for Business accounts, including those that have not yet switched over to Google's new Hangouts platform. Messages appeared to be visible on the mobile version of Hangouts. There was no indication that the messages were being received by a third party.
Google only recently issued an update to the mobile version of Hangouts, upgrading it to version 1.1.2.
When contacted earlier for comment, a Google spokesperson told ZDNet: "We're investigating reports of an issue with Google Talk. We're sorry for the inconvenience. For further updates please refer to the Apps Status Dashboard." 
Since that time, Google has updated that dashboard with a more promising note: "The issue has been resolved and all services are gradually returning to normal."
This story originally appeared at ZDNet under the headline "Google Hangouts/GTalk glitch sends chats to wrong recipients." It has been modified somewhat in this version

Apple had a map mishap? Nokia must mock it

You can get giddy when thousands of people retweet one of your clever (or even not so clever) quips.
The tweeters at @Nokia_UK were no doubt renegotiating their compensation packages after a September 10 tweet mocking Apple's colorful iPhone 5C received more than 40,000 retweets.
They surely couldn't wait for another chance to sling rocks at the Apple Goliath.
Thankfully on Wednesday, a report emerged that Apple maps had led drivers onto a taxiway at Fairbanks International Airport in Alaska.
"What joy," thought Nokia's tweeters in the UK. "We must mock this. Anyone have any ideas?"
I wonder how many seconds it took before someone suggested: "I know, let's tweet: 'There's an app for that."

Google Street View in the Large Hadron Collider is a smash

Perhaps Google Street View should be renamed "Google Anything View." Google's wandering cameras have now made their way into CERN's Large Hadron Collider, the atom-smashing wonder located under the Franco-Swiss border.
Since it wasn't feasible to send a Google Street View car into the Large Hadron Collider facility, a specially equipped trike was employed instead. The Street View explorations are now available online for the public to peruse. You can follow along through the tunnels of the particle collider and pretend you're on the staff at CERN.
CERN issued a notice to employees to go about business as usual when the Street View team showed up, and to not display any banners or signs. Employees visible in the Street View images have all had their faces blurred out for privacy.
You can easily get lost in the details of this Street View, panning around, checking out the signs and equipment. There's a helium-release point caution sign, an emergency-stop button, and tons of mysterious bits of hardware and scientific graffiti on the walls and tubes in the tunnel.
The control rooms are a fascinating stop as well. The ALICE experiment, a project dedicating to finding answers about the beginning of the universe, has a busy control room full of workstations and scientists. It's a fascinating tour through one the biggest and boldest science projects ever created.

iPhone, iPad owners complain of motion sickness due to iOS 7

At least some of the 200 million people that have downloaded iOS 7 to this point aren't so pleased with what they've found.
Apple's iPhone and iPad owners have been taking to the company's forums over the past week to complain about iOS 7's new parallax and zoom features. Many of the folks in the forum said that they've experienced motion sickness, vertigo, nausea, and headaches due to the motion on-screen.
"The zoom animations everywhere on the new iOS 7 are literally making me nauseous and giving me a headache," one forum poster wrote last week. "It's exactly how I used to get car sick if I tried to read in the car."
Several posters reported similar issues over the past week, and some said that they've tried calling Apple about the problem, but were told that only some of the features can be turned off. Some users report resorting to downgrading from iOS 7 to iOS 6.
iOS 7's design was built completely from the ground up. The operating system's color scheme is simpler and a new parallax feature allows users to feel as though they're head on with the display even as it's being tilted in different directions. The new operating system, which was conceived by the company's design guru Jonathan Ive, also has new zoom functions to access applications.
Although zoom functions will likely remain in place with no ability to modify them, the parallax option can be mitigated from the Accessibility menu in iOS 7. Upon choosing "reduce motion," users should be able to turn off the parallax function.
CNET has contacted Apple for comment on the forum complaints. We will update this story when we have more information.

'You want gold iPhone? I get you gold iPhone,' says Conan's Raffi

Can't find the golden iPhone? Don't worry. Raffi can get you a deal, at least if you're willing to go along with a sketch aired Wednesday night on Conan O'Brien's late-night talk show.
Fans of Coco first met iPhone salesman Raffi Jaharian a couple of weeks ago after Apple launched its two new iPhones. Sporting gold chains and gold rings and touting gold as "best, best, best," Raffi claimed that he was the man behind the gold iPhone.
In the latest sketch, Raffi is back and is now offering deals to i
Phone customers eager to buy the hot-selling golden version. While a (faux) Apple exec says that more gold iPhones will be available in a few weeks, Raffi promises to deliver in a few days.
"You want iPhone gold? I get you iPhone gold," Raffi says. "Gold is best. iPhone gold faster, bigger, louder, quieter, smaller, sexier, wetter, taller. It's just best."
Another phony Apple exec advises people to just place their iPhone orders at a local Apple store and the phone will be shipped as soon as it's available. But Raffi has a different deal up his sleeve.
"Raffi got you. Here's what you do," says Raffi. "Go to your local Apple store. Not in front, but in back. Don't talk to Geniuses. Talk to one of my nephews. They all wear gold tanktops and gold sneakers. On eBay, they charge you triple. But for you, you only pay double."
And to counter the suggestion that customers go to Apple's online site to get an iPhone, Raffi has a slightly different Web site in mind -- 

A new company out of the UK has designs on becoming the Netflix for children.
Named Hopster, the company plans to launch an ad-free television and learning application for iOS in November, its founder and former Viacom executive Nick Walters revealed to All Things Digital on Thursday. The service, which will be designed for kids between the ages of 2 and 6, will launch in the UK, but could make its way to other countries at some point.
According to Walters, his service will launch with 800 episodes of popular kids shows, like "Babar" and "Paddington Bear." It'll also feature kid-friendly games. He told All Things Digital that Hopster has so far raised a little over $1 million, and will charge customers between $8 and $10 per month to access the service. At its onset, the service will be available exclusively as an iOS app.



Search in Tech&soft

Most Reading