Start Up No.1621: fusion joy redux, GM recalls its Bolt EVs, Razer hacks Windows, EMF for profit, unbeaten text scammers, and more


Samsung is taking an electronic revenge of looters of its TV sets in South Africa by blocking them. CC-licensed photo by TaylorHerring on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. No test card? I’m @charlesarthur on Twitter. Observations and links welcome.


Samsung South Africa activates TV Block function to render all TV sets useless that were looted and stolen in July • Teeveetee

Thinus Ferreira:

»

Samsung South Africa has announced that it has activated a TV Block Function on all Samsung TV sets stolen during the looting, violence and unrest in parts of KwaZulu-Natal and Gauteng during July that saw TV sets stolen from Samsung warehouses.

Samsung has activated TV Block on all Samsung television sets looted from its Cato Ridge distribution centre in KwaZulu-Natal since 11 July.

Samsung’s television block technology is already pre-loaded on all Samsung TV products and the company says that all sets taken unlawfully and stolen from Samsung warehouses are being blocked, rendering them useless.

TV Block is a remote, security solution that detects if Samsung TV units have been unduly activated, and ensures that the television sets can only be used by the rightful owners with a valid proof of purchase.

Samsung SA says that the aim of the technology is to mitigate against the creation of secondary markets linked to the sale of illegal goods, both in South Africa and beyond its borders.

“In keeping with our values to leverage the power of technology to resolve societal challenges, we will continuously develop and expand strategic products in our consumer electronics division with defence-grade security, purpose-built, with innovative and intuitive business tools designed for a new world,” says Mike Van Lier, director of consumer electronics at Samsung South Africa.

“This technology can have a positive impact at this time, and will also be of use to both the industry and customers in the future.”

The blocking comes into effect when the user of a stolen television connects to the internet in order to operate the television. Once connected, the serial number of the television is identified on the Samsung server and the blocking system is implemented, disabling all the television functions.

«

Pretty simple to circumvent, then: don’t go online. I’m waiting for a cryptography professor to tell us that this means the government could prevent individuals from watching TV, or could spy on individuals.
unique link to this extract


How a laser fusion experiment unleashed an energetic burst of optimism • The New York Times

Kenneth Chang:

»

Scientists have come tantalizingly close to reproducing the power of the sun — albeit only in a speck of hydrogen for a fraction of a second.

Researchers at Lawrence Livermore National Laboratory reported on Tuesday that by using 192 gigantic lasers to annihilate a pellet of hydrogen, they were able to ignite a burst of more than 10 quadrillion watts of fusion power — energy released when hydrogen atoms are fused into helium, the same process that occurs within stars.

Indeed, Mark Herrmann, Livermore’s deputy program director for fundamental weapons physics, compared the fusion reaction to the 170 quadrillion watts of sunshine that bathe Earth’s surface.

“This is about 10% of that,” Dr. Herrmann said. And all of the fusion energy emanated from a hot spot about as wide as a human hair, he said.

But the burst — essentially a miniature hydrogen bomb — lasted only 100 trillionths of a second.

Still, that spurred a burst of optimism for fusion scientists who have long hoped that fusion could someday provide a boundless, clean energy source for humanity.

“I’m very excited about this,” said Siegfried Glenzer, a scientist at the SLAC National Accelerator Laboratory in Menlo Park, Calif., and who had led the initial fusion experiments at the Livermore facility years ago but is not currently involved in the research.

«

I love the principle of fusion, and I’ve written about it a few times (and stood inside the torus at JET in Oxfordshire – not while it was running), and I’m just as excited – possibly more – as the next person about it, but stories like this are absolute classics of the genre. Incredibly short duration? Check. Incredibly complex array required? Check. Didn’t achieve “ignition” (self-sustaining output)? Check. Excited scientists? Check. It might as well be a story in The Onion; you could, if you wanted, read it as emanating from that august publication, and they wouldn’t have to change a word.
unique link to this extract


GM recalls every Chevy Bolt ever made, blames LG for faulty batteries • Ars Technica

Tim de Chant:

»

GM has announced that it is recalling every Chevrolet Bolt made to date, including new electric utility vehicle models, over concerns that a manufacturing defect in the cars’ LG-made batteries could cause a fire.

The Bolt was first recalled in November after five cars that hadn’t been in crashes caught fire. After investigating the problem further, Chevy recalled a second batch in July. The problem was traced to two manufacturing defects that could occur simultaneously. The defects—a torn anode tab and folded separator—created conditions that could lead to a short in affected cells. So far, the company has identified 10 fires that involve faulty batteries, according to an AP report. 

This third and latest recall includes 73,000 Bolts made from 2019–2022, the current model year and brings the total recall to nearly 142,000 cars, with over 100,000 having been sold in the US. GM estimates that the initial recalls will cost $800m, and it expects the new one to add $1bn to the total. GM said it will be seeking reimbursement from LG.

To fix the problem, the automaker will replace the vehicles’ batteries, a costly and laborious procedure that will take some time.

«

For comparison, Tesla (which only makes EVs) has sold a total of 1.4m units since it started selling them in 2012. GM has been making EVs in one way or another since 1996.
unique link to this extract


You can gain admin privileges to any Windows machine by plugging in a Razer mouse • Lifehacker

Jake Peterson:

»

Usually, different “user rights” are a good thing for Windows. It protects your system from people who would abuse those privileges, either nefariously or not. When you have admin—or SYSTEM—privileges, you are in total control over Windows, so it can be dangerous to give that power to just anyone.

The idea that plugging in the right mouse could give you total control over a computer sounds more unrealistic than a TV hacker, but it’s true. When you plug in one of these Razer peripherals, Windows will automatically download Razer Synapse, the software that controls certain settings for your mouse or keyboard. Said Razer software has SYSTEM privileges, since it launches from a Windows process with SYSTEM privileges.

But that’s not where the vulnerability comes into play. Once you install the software, Windows’ setup wizard asks which folder you’d like to save it to. When you choose a new location for the folder, you’ll see a “Choose a Folder” prompt. Press Shift and right-click on that, and you can choose “Open PowerShell window here,” which will open a new PowerShell window.

Because this PowerShell window was launched from a process with SYSTEM privileges, the PowerShell window itself now has SYSTEM privileges. In effect, you’ve turned yourself into an admin on the machine, able to perform any command you can think of in the PowerShell window.

This vulnerability was first brought to light on Twitter by user jonhat, who tried contacting Razer about it first, to no avail. Razer did eventually follow up, confirming a patch is in the works. Until that patch is available, however, the company is inadvertently selling tools that make it easy to hack millions of computers.

«

unique link to this extract


Electromagnetic interference for fun and profit • Hackaday

Jenny List:

»

There was an urban legend back in the days of mechanical electricity meters, that there were “lucky” appliances that once plugged in would make the meter go backwards. It probably has its origin in the interaction between a strongly capacitive load and the inductance of the coils in the meter but remains largely apocryphal for the average home user. That’s not to say that a meter can’t be fooled into doing strange things though, as a team at the University of Twente have demonstrated by sending some more modern meters running backwards. How have they performed this miracle? Electromagnetic interference from a dimmer switch.

Reading the paper (PDF link) it becomes apparent that this behavior is the result of the dimmer switch having the ability to move the phase of the current pulse with respect to the voltage cycle. AC dimmers are old hat in 2021, but for those unfamiliar with their operation they work by switching themselves on only for a portion of the mains cycle. The cycle time is varied by the dimming control. Thus the time between the mains zero-crossing point and their turn-on point is equivalent to a phase shift of the current waveform. Since electricity meters depend heavily upon this phase relationship, their performance can be tuned. Perhaps European stores will now brace themselves for a run on dimmer switches.

«

The paper has the much better title of “How to Earn Money with an EMI Problem: Static Energy Meters Running Backwards”. It’s tricky to make happen, though they seem to prove it with digital meters.
unique link to this extract


Invisible Universe is building the Pixar of the internet • Fast Company

Nicole Laporte:

»

Last week, Realqaiqai, the Instagram handle for Qai Qai (pronounced “kway kway”), the doll turned social media star belonging to Olympia Ohanian, the 3-year-old daughter of tennis star Serena Williams and Reddit cofounder Alexis Ohanian, posted two, side-by-side images summarizing the doll’s evolution. “How it started” was the headline over a photo a brown-skinned baby doll wearing a purple tutu. Next to it was another line, “How it’s going,” above an animated Qai Qai with a decidedly sassy look on her face, striking a pose and flashing the peace sign. The post received nearly 20,000 likes. 

«

Wait a moment. Rewind. A nonexistent “doll” that exists only on social media… OK, continue.

»

…Now the plan is to take the more fully rounded character and expand her into an animated franchise that doesn’t just exist online, but in TV shows, movies, books, and more.

This notion of birthing characters on social media alongside influencers like Williams—who have massive followings to plug into—and then moving those characters into more traditional lanes, is the core mission of Invisible, which is striving to become “the Pixar of the Internet,” says CEO Tricia Biggio. A former senior VP of unscripted television at MGM. “We want to launch indelible character IP in a world where people are actually spending more and more of their time.”

«

“Indelible character IP”. It’s a new generation’s Barbie, isn’t it.
unique link to this extract


The delusions of the UK hydrogen strategy • Carbon Commentary

Chris Goodall looks at the weird assumptions built into the UK’s forecasts for how much hydrogen will contribute to greening the future economy:

»

the UK strategy paper talks of ‘small projects expected to be ready to build in the early 2020s’ using renewable electricity but ‘large scale projects expected from mid 2020s’ for those employing natural gas and carbon capture. In other words, renewable electrolysis is still a toy. Even by 2050, the typical project seems to be expected to use a 10 MW electrolyser, when everybody else is talking of schemes today of one hundred times this scale.

Nowhere else in the world expects hydrogen to be cheaper to make using natural gas with carbon capture than electrolysis by mid-century. The UK government numbers are truly staggering.

 But, of course, there’s no reference that I could find in the UK strategy paper to any data or opinions from abroad.  That’s despite many major economies publishing their own policies over the last year. 

 All one can say is this: if green hydrogen made in the UK does cost £71/MWh in 2050, there’s absolutely no point in trying to build an industry here. It will be vastly cheaper to import the gas from Spain or Portugal by pipeline or Chile by liquid hydrogen carrier. The whole UK strategy will come to nothing, using a lot of taxpayers’ cash in the next four decades.

«

If you electrolyse water with renewable energy you effectively get free hydrogen. But the UK government seems to want to favour capturing it from fossil fuels – a far worse solution. (Yes yes capital costs for renewables. But you also get those from fracking.)
unique link to this extract


Apple already scans iCloud Mail for CSAM, but not iCloud Photos • 9to5Mac

Ben Lovejoy:

»

Apple confirmed to me that it has been scanning outgoing and incoming iCloud Mail for CSAM attachments since 2019. Email is not encrypted, so scanning attachments as mail passes through Apple servers would be a trivial task.

Apple also indicated that it was doing some limited scanning of other data, but would not tell me what that was, except to suggest that it was on a tiny scale. It did tell me that the “other data” does not include iCloud backups.

Although [Apple anti-fraud chief Eric] Friedman’s statement [that Apple has “the greatest platform for distributing child porn”] sounds definitive – like it’s based on hard data – it’s now looking likely that it wasn’t. It’s our understanding that the total number of reports Apple makes to CSAM each year is measured in the hundreds, meaning that email scanning would not provide any kind of evidence of a large-scale problem on Apple servers.

The explanation probably lays in the fact that other cloud services were scanning photos for CSAM, and Apple wasn’t. If other services were disabling accounts for uploading CSAM, and iCloud Photos wasn’t (because the company wasn’t scanning there), then the logical inference would be that more CSAM exists on Apple’s platform than anywhere else. Friedman was probably doing nothing more than reaching that conclusion.

«

That Apple has been increasingly concerned about this is evident from the emails. The CSAM scanning is its attempt to split the difference between necessary privacy and what it sees as necessary intrusion.
unique link to this extract


Why phone scams are so difficult to tackle • BBC News

Mary-Ann Russon:

»

Matthew Gribben, a cyber security expert, says that criminals are able to make it look like their phone call or text is coming from the real telephone number of a bank or delivery firm, due to continuing vulnerabilities in the UK (and other countries’) telephone network systems.

“There’s no way for the current UK phone network to guarantee 100% that the presentation number it is being told is the actual originating number – it has to take your word for it,” says Mr Gribben, who is a former consultant to GCHQ, the UK government intelligence agency.

The core of the problem is a telephone identification protocol called SS7, which dates back to 1975. It is a little complicated, but bear with us.

SS7 tells the telephone network what number a user is calling or texting from, known as the “presentation number”. This is crucial so that calls can be connected from one to another. The problem is that fraudsters can steal a presentation number, and then link it to their own number.
The issue affects both landlines and mobile phones, with SS7 still central to the 2G and 3G parts of mobile phone networks that continue to carry our voice calls and text messages – even if you have a 5G-enabled handset.

One theory is that the vulnerabilities of SS7 cannot be fixed because the telecoms firms need to give national security agencies access to their networks, but Mr Gribben says GCHQ (Britain’s intelligence agency) can monitor communications without using SS7 loopholes.

The problem, he says, is that SS7 is still used in telecoms networks globally. And it needs to be replaced rather than patched up.

“SS7 was developed assuming there would always be legitimate activity [and] goodwill around the use of it,” explains Katia Gonzalez, head of fraud prevention and security at BICS, a Brussels-based telecoms firm that connects and protects mobile phone networks.

“There’s too much legacy technology [reliant upon it] that we can’t move away from – we’re going to have these SS7 2G/3G networks for at least another 10 years.”

«

“We’ll stop smishing scams in 10 years” isn’t the greatest line, is it.
unique link to this extract


Don’t overthink it: Elon Musk’s Tesla Bot is a joke • The Verge

James Vincent:

»

Do you believe him? Should you believe him? I won’t answer that for you, but I want to restate the facts. Elon Musk got up on stage last night and promised that Tesla, a company whose driver assist software is unable to reliably avoid parked ambulances, would soon build a fully functioning humanoid robot. Musk said that the machine would be able to follow human instructions intuitively, responding correctly to commands like “please go to a store and get me the following groceries.” He outlined these scenarios and then said: “Yeah, I think we can do that.” This was minutes after he’d ushered away the best demo of the Tesla Bot available: a dancer in a spandex suit. If nothing else, you have to admire the chutzpah.

To put Musk’s claims in context, remember that Boston Dynamics, a company which makes Atlas, the most advanced bipedal robot in the world, has never described its machines as anything but R&D. Atlas, says Boston Dynamics, is simply a way to push the cutting edge of robotics: it’s not even close to commercial deployment. In recent videos of the machine, the company showed how difficult building a bipedal robot is and how often Atlas trips and falls. It’s also worth noting that Boston Dynamics has been working on Atlas and its bipedal predecessors for more than a decade. Musk thinks he can leapfrog their work in a year.

Carl Berry, a lecturer in robotics engineering at the UK’s University of Central Lancashire, put things to me in less uncertain terms: “[Calling it] horse shit sounds generous, frankly. I’m not saying that he shouldn’t be doing research like this, but it’s the usual overblown hype.” Berry stressed that deploying robotics and AI in manufacturing usually required making the simplest machine possible: not the most complex.

«

Why does Musk feel compelled to do stuff like this? Is he just a narcissist who hates not having the spotlight? But in that case why has he fired his press office at Tesla, who could otherwise dream up all sorts of stuff?
unique link to this extract


Errata, corrigenda and ai no corrida: yesterday’s article in the New Yorker “Have you already had a breathrough Covid infection?” was not written by Condé Nast, but by Dhruv Khullar. (Thanks Walt for the pointer.)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.