Memory hack breaks laptop encryption

You might think that encrypted data on your laptop is safe from hackers, but you’d be wrong. Imagine this scenario: you’re at a café working on your next blockbusting sci-fi novel. You close the lid for a moment to pay the bill and when you return, the laptop has vanished. Oh well, it’s not too much money for a successful novelist. You’re also not concerned about someone stealing your novel because there’s a backup copy at home and the laptop has a password-protected account and disk encryption.

Disk encryption works by keeping a encryption ‘key’ in memory while the computer is in use. This key is linked to your account and Windows won’t give up your key to anyone else unless they have your account password. Unfortunately, there is a chink in the armour. It was previously thought that when the power is cut, all data in the computer’s DRAM (dynamic random access memory) automatically vanished. However, Professor Edward Felten and his team at Princeton University have discovered that data remains intact for a few minutes after the computer is turned off, and can last for hours if the memory is cooled. This opens up a new channel for attack:

  1. Steal a laptop that is running on sleep mode.
  2. Insert a flash drive containing a customized rogue operating system.
  3. Hard reboot the laptop. The rogue OS is loaded and it proceeds to grab your encryption key from memory.

With the encryption key, the attacker can now read all your files. Solution: don’t go to the café when hi-tech theives are about.

Watch the video to learn more:

Extreme Rollerblade: Buggy-Rollin

Watch this amazing video of Frenchman Jean-Yves Blondeau (nicknamed Rollerman) and his Buggy-Rollin suit. As he hurtles at incredible speed down luge runs and the streets of France, I can’t help thinking that Blondeau is an anime character come to life.

Stephen Wiltshire: artistic savant

Stephen Wiltshire, a young autistic man from London, has the phenomenal ability to accurately reproduce any scene shown to him. In this short film, he’s taken for a 45 minute helicopter trip of Rome, and then asked to draw a 5 1/2 yard (5 m) panoramic view of the city centre. The work takes him three days. Not once in this time does he get a second look at the city.

Incredibly, he works without any preliminary sketching. This is strongly reminiscent of Salieri’s description of Mozart’s manuscripts in the film Amadeus, “[…] they showed no corrections of any kind. Not one. He had simply written down music already finished in his head. Page after page of it as if he were just taking dictation. And music, finished as no music is ever finished. Displace one note and there would be diminishment. Displace one phrase and the structure would fall.”

Stephen’s art is an almost exact reproduction of what he’s seen. The church of St Peter’s, the narrow side-streets, and even the intricate Colosseum are perfectly captured.

Curb your Enthusiasm, season six

In my opinion, the funniest sitcom series this century. Larry David continues to write great material in the sixth season of Curb Your Enthusiasm. Curb isn’t to everyone’s taste — there’s a lot of swearing and Larry David makes free with stereotypes. What stops this show being offensive beyond belief is that he’s always sending up his own prejudices, or being over PC and have it backfire on him. A classic example from season four is when he and Richard Lewis are stopped by a blind man who needs help moving home. Larry wants to move on but Richard insists that they help, “How could you not help a blind man?” Larry: “How could you say ‘blind man’ in front of a blind man?”

Here’s the season six promo video:

Toyota unveils violin-playing robot

Toyota’s latest venture in robotics is an android capable of playing the violin. In the video below, we see this robot playing a few bars from Elgar’s Pomp and Circumstance. So, it has a long way to go before matching Yehudi Menuhin, but it’s still a remarkable feat for a “baby” robot.

The robot stands 152cm (5 ft) tall and has 17 joints in both of its hands and arms. The demonstration on 6th December 2007 wasn’t intended to showcase Toyota’s up-and-coming line of virtuoso violinist robots, but to demonstrate the dexterity now possible. Toyota plans to roll out these robots for assistance with domestic duties and nursing and medical care. As such, they will be known as “partner robots”.

Updated Asia Quiz

After taking user feedback on board, I’ve decided to stick with only bona fide countries on the Asia quiz. This means that territories such as Hong Kong, Macau, the West Bank, and the Gaza strip have been removed from the updated version. I’ve omitted Egypt, but kept Cyprus, Russia, and the Caucasus states.

A note on nomenclature: I’ve chosen to go with the “popular” names of most countries. So I’m using Taiwan instead of the “Republic of China”, and East Timor instead of Timor-Leste. In particular, I’m using Burma instead of “Myanmar” as Burma is the name of choice for the pro-democracy movement.

So just what is a decibel (dB)? Probably not what you think.

Ask yourself this question: what exactly does a decibel measure? If you’re thinking “loudness of sound”, then you’re on the right track, but there’s more to it.

Any quantity can be measured on a decibel scale, but decibels are most useful when they describe an underlying quantity that varies over a vast range. Let’s take the example of “loudness”; this is formally measured by sound pressure. For example, the sound of a rifle being fired at a distance of 1m has a sound pressure of 200 Pa, whereas rustling leaves results in a sound pressure of 6 × 10-5 Pa (that’s 0.00006 Pa in decimal). We can hear both these sounds, though there is a factor difference of over a million in the measurement. However on the decibel scale, the rifle hits 140 dB and the leaves rustle at 10 dB, a much more manageable number range.

If you have some mathematical training, you’ll know that any large number range can be comfortably handled using logarithms. By definition, if 10a=b, then log b = a. Here are some examples:

\log\ 1000=3, \quad \log\ 10^9 =9, \quad \log\ 299 792 458 = 8.4768207.

To start with, you might begin by simply taking the logarithm of the underlying quantity. So let’s define “logbels” in this manner. For sound pressure as above, we’d have that

200\ \mathrm{Pa} = 2.30\  \mathrm{lB_{Pa}} \quad \text{ and } \quad 6 \times 10^{-5}\ \mathrm{Pa} = -4.22\  \mathrm{lB_{Pa}}.

Not a bad first attempt, but it suffers from two deficiencies. The first is that the logbel scale is dependent on the underlying units. For instance, if we’d chosen to measure sound pressure in pounds per square inch, we’d end up with different logbel units. The second problem is that the resulting numbers are difficult to interpret. Rustling leaves give minus 4.22 logbels.

A solution to both problems is to chose a reference measure and define decibels as the logarithm of the ratio of the underlying quantity with respect to the reference measure. Let’s revisit sound pressure. By convention, the underlying unit is Pascals squared, and the reference measure, X0, is chosen to be the auditory threshold at 2 kHz (that’s 2 × 10-5 Pa or 4 × 10-10 Pa2). Suppose we now measure the actual sound pressure and find it to be X Pa2. The decibel is then defined as

 X_{\mathrm{dB}} = 10 \log(X/X_0).

So with this new definition, the auditory threshold is 0 dB, placing the rustling leaves at 10 dB. An important property of logarithmic scales is that adding a constant to a number on the scale corresponds to multiplying the underlying quantity by a (different) constant. In the decibel scale, an increase of 3 dB corresponds to a doubling of the underlying quantity. The difference between leaves and a rifle is 130 dB, a factor difference of 2130/3. That’s about 243 ≈ (210)4 23 ≈ 8 × (103)4 = 8 × 1012. Remember, this is in squared units, so the ratio of the Pascal measurements is √(8 × 1012) ≈ 3 × 106, as before.

Wait a minute, didn’t I say that decibels weren’t just for sound? Well it should be clear from the formulation above that any quantity can be measured using a decibel scale, but decibels are most useful for measurements where human (or other) perception varies logarithmically with the underlying quantity. A common use for decibels is in measuring power in electrical circuits or of radio signals. Typically, the reference value will be a milliwatt, giving rise to the dBm (m for milliwatts). For example, if you have access to a wireless network, your wireless adapter may indicate received signal strength in dBm, here -50 dBm indicates an excellent signal, whereas -80 dBm is a poor signal.

There are other popular scales that are logarithmic in nature. Perhaps the best known is the “apparent magnitude” scale for measuring the brightness of stars. Our perception of brightness is logarithmic with respect to the received electromagnetic flux, leading to the following definition of apparent brightness:

m = -2.5 \log(F)+C,

where F is the flux and C is an appropriate constant. Note the negative sign in front of the logarithm. This means that smaller magnitudes correspond to brighter stars.

Mind-controlled games become a reality, despite concern from scientists

Imagine a future where you control computer games using only the power of your mind.

That future is not so far off, thanks to the efforts of Emotiv Systems and NeuroSky, two companies taking the medical technology of EEG and transforming it into a platform for mind-controlled gaming. However, some experts are wary that this might be a dangerous misapplication of a therapeutic tool.

As pictured below, their devices work by reading brain waves through a set of carefully positions electrodes. The intensity of the brain waves can then be used as a controlling variable in a game. In medicine, the idea has already been tested with quadriplegics, allowing them to operate switches and wheelchairs by mind-control.

Another medical application is in the treatment of mental disorders. Smart BrainGames has developed a racing game in which the user increases their speed by becoming calmer. However, this is solely intended for relaxation and “muscle re-education”, not for entertainment.

The crux of the scientific concern over mind-control games is based in the possibility that such games could lead to altered states outside the game scenario. An an example, it’s possible that a driver could remain excessively calm in real live, leading to slower reflexes on the road.

Speaking in Wired, Emotiv’s CEO Nam Do defended his technology, distancing it from the neurofeedback tools used for the treatment of mental disorders: “Emotiv’s technology is based on an entirely different fundamental concept, developed and researched extensively by our own team of scientists, which does not involve the use of conventional bio- or neurofeedback at all, so the concerns do not apply. There is no two-way interaction, and the technology does not require the user to train their brain to get into a predetermined state in any way.”

The technology:

Emotiv’s headset is very sophisticated, employing 18 electrodes and is able to detect emotional states, facial expressions such as smiles and winks, and even focussed thoughts, such as the will to move a particular object. They’ve also developed an API to allow Emotiv headsets to work with existing games. Nam Do envisions that this will immediately lead to its uptake on the Xbox 360 and the PS3, and that it could later be integrated into multiplayer worlds such as Second Life.

Neurosky goes to the other extreme and uses only one electrode, leading to a very cheap, $20 headset rather than Emotiv’s several hundred dollar price tag. Though less accurate, it may well be enough, at least according to Klaus-Robert Müller, a computer scientist at the Fraunhofer Institute in Berlin whose work suggests that one electrode is sufficient to produce useful data.

Command and Conquer 12th Anniversary

Command and Conquer was one of the truly iconic games of the mid 1990s. Initially developed in 1995 by the Las Vegas firm Westwood Studios, C&C went on to become the touchstone for real-time strategy games, claiming the throne jointly with Warcraft.

12 years on, C&C is a successful franchise, now run by EA Games. In celebration of the anniversary, EA Games is offering the original game free to download as CD images. Here are the files: GDI95.iso if you want to play as the good guys, and NOD95.iso if you want to play as the evil Brotherhood of NOD.

Their servers are taking a bit of a beating, so you might want to try a Google search for the filenames NOD95.iso and GDI95.iso.

For those of you who were too young to remember the game, it’s something like real-time chess. You are in control of an army, either the UN’s Global Defence Initiative or the shadowy terrorist organisation, the Brotherhood of NOD; your goal is to build up troops, vehicles, weaponry, and other structures, then use them in attacking your enemy. When your armies are well developed, the action becomes very fast and furious. None the less, the games can take a long time to complete — I distinctly remember four hour gaming sessions from my childhood!

Now for a bit of a history lesson. Westwood Studios created the first modern real-time strategy game in 1992 when it released Dune II. Based on Frank Herbert’s novel Dune, the game involved the mining of ‘Spice’ (effectively used as a currency in the game) by vehicles called Spice harvesters. Spice is used to buy troops and to build on your territory. C&C offers a very similar vision. Spice is replaced with a mysterious extraterrestrial crystal called Tiberium. With both games, the gameplay is much the same: harvest Tiberium, fortify your base, create a powerful army, and finally destroy your opponent’s base.

Finally, if you dowload the ISOs from a source other than the EA Games website, you still need the following instructions to properly carry out the installation on a Windows XP machine:

INSTALLING AND RUNNING C&C GOLD ON WINDOWS XP

Follow the instructions below to install and play C&C GOLD

Preparing to Install

  1. Insert either C&C disc into your CD drive
  2. Open My Computer and explore the CD
  3. Right click either the install.exe or setup.exe
  4. select PROPERTIES
  5. Select the COMPATIBILITY tab
  6. Check the check box for “Run this program in compatibility mode for”
  7. Select WINDOWS 95 from the drop down menu
  8. Click APPLY then OK
  9. Double click the .exe file you just modified to launch it

Installing the Game

  1. When you’re prompted to update DirectX, uncheck the check box so you won’t install it. It is extremely important not to install this DirectX update
  2. Follow the on-screen instructions to complete the installation

Note: Installing Westwood Chat is not required, it can be canceled if you desire

Installing the Patch

  1. Download the patch file.
  2. Unzip the files and copy thipx32.dll into the install directory of the game (default path is c:\WESTWOOD\C&C95). You may overwrite the old version of the .dll file

Preparing to Run the Game

  1. Go to the install directory of the game (default path is c:\WESTWOOD\C&C95)
  2. Right click C&C95.exe
  3. Select PROPERTIES
  4. Select the COMPATIBILITY tab
  5. Check the check box for “Run this program in compatibility mode for”
  6. Select Windows 95 from the drop down menu
  7. Check the check box for “Disable visual themes”
  8. Check the check box for “Turn off advanced text services for the program”
  9. click APPLY then OK

Playing the Game

  1. Select Start > All Programs > Westwood > Command & Conquer 95 > Command & Conquer Windows 95 Edition. Or double click C&C95.exe located in the install directory (default path is c:\WESTWOOD\C&C95)

Additional Setup — Playing as non-Admin

If, like me, you don’t like to play games whilst logged in with an Administrator account, then you need to make a few simple changes to be able to play C&C. The simplest approach is to navigate to the install directory (by default C:\Westwood\C&C95) as an Administrator and make sure that your ordinary user account has Write access to the directory (as well as Read & Execute, List Folder Contents, and Read). To do this, right-click on the C&C95 folder, select Properties > Security. Choose Add from the dialog box and type in your username. Return to the previous dialog, select your username from the list, then click the appropriate checkboxes.

Another alternative (and the one I use) is to create a Gamer group using the management console, add my ordinary account to the Gamer group, then carry out the above process but for the Gamer group rather than for my own account.

N.B. Make sure you set Compatibility mode for each account you want to run the game under, as described above.

100 Monks

Hints and solutions available here.

In Normandy, there is monastery of 100 Trappist monks. They are highly logical and can determine the answer to any solvable mathematical problem. The monks also keep strictly to the rule of St Benedict. To discourage vanity, they have no mirrors or any other reflective surfaces. They remain completely silent and all times and indeed do not communicate with each other in any way at all. However, they always take meals together each day at breakfast.

On a routine medical visit, the local doctor informed them one afternoon that at least one of the monks had contracted a rare and fatal disease. All affected monks displayed the characteristic symptom of a red dot on their forehead. He told them that the illness had already passed the contagious stage so that no new monks would be affected. Most bizzarely, the disease works directly on the brain and kills those infected during the night on the day they realise that they are ill.

The Puzzle: Everything is fine until the morning of the 13th day after the announcement, when some of the monks do not turn up for breakfast (for they are dead). How many monks died?