Insecure Robots Pose Threat To Customer Safety, Finds Research Paper

IOActive security researchers Cesar Cerrudo and Lucas Apa published a paper in which they revealed that much of today’s robot technology can be hacked, which can put people’s lives at risk.

Rise Of Robots

As the artificial intelligence industry is booming, it’s also taking the robot industry along with it into mainstream markets. We’ve already seen vacuum robots, telepresence robots, and toy robots, but as robot technology becomes more advanced and robots themselves become smarter, we may want them around our houses to do other household tasks.

According to the IOActive paper, forecasts show that there will be investments of $188 billion in robotics by 2020. A good portion of that will likely be invested into factory robots as businesses try to take advantage of the cheaper labor that robots will offer for certain tasks. We’ll probably also see robots used as companions for the elderly, customer assistants in stores, healthcare attendants, and even as security guards or law enforcement agents.

Security Risks For Robots

As we’ve seen from the Internet of Things (IoT) world, security doesn’t seem to be the main priority for most manufacturers. This ends up causing many problems over long periods, but the problems don’t always affect the customers of those products. Often, the real targets of the attackers are internet services, which the attackers intend to bring down by taking over IoT devices.

Meanwhile, the owners of the IoT devices may be merely inconvenienced by devices that respond more slowly to commands. This creates a market issue wherein the vendors of the insecure IoT devices don’t have any incentive to improve the security of their products.

When smart things such as self-driving cars or robots are hacked, the consequences could be much more severe, and even life-threatening. That should make software security a much bigger priority for the manufacturers of these products, especially because the customers of these types of products can be the intended targets of the attackers. However, we’re not seeing much evidence that the vendors are taking these issues seriously so far.

Problems Found With Robot Security

The robot ecosystem includes the physical robot, its operating system, firmware, software, remote control applications, cloud services, and more. The ecosystem represents a large attack surface, which could give potential attackers plenty of opportunities to exploit.

The IOActive researchers tested the components that would be easier to access by potential attackers, such as the mobile applications, operating systems, firmware, and software of robots from multiple companies.

The team didn’t do an extensive security audit of the robots’ ecosystems, but its tests have already uncovered almost 50 flaws in robots from SoftBank Robotics, UBTECH Robotics, Robotis, Universal Robots, Rethink Robotics, and Asratec Corp. These companies sell business and industrial robots, but also home robots.  

The researchers found that most of the robots were using insecure communications over Internet, Bluetooth, and Wi-Fi. The robots were being updated or controlled over a cleartext channel or one that had weak encryption. And the robot companies weren’t even requiring a username and password to access the robot’s systems, which meant that anyone could control critical components of the robots remotely.

The team also found that the robots enabled insecure features by default that were hard to disable and easy to exploit by attackers. To make things worse, many of the robots used open source frameworks that were known to have multiple unpatched vulnerabilities, such as cleartext communication, authentication issues, and weak authorization schemes.

Consequences Of Hacked Robots

According to the IOActive researchers, a home robot could be exploited to spy or even hurt family members and pets with sudden unexpected movements. Even if the robots have limits on movement for safety reasons, those could be bypassed by attackers.

As home robots become “smarter” they could also be exploited to start fires by tampering with the electricity of the house, mix toxic liquids with foods and drinks, or use sharp objects to hurt pets. Robots integrated with home security systems could also be hacked to deactivate the alarms and cameras, for example, as well as unlock the doors for burglars.

Once a robot is hacked, it could be very difficult to recover it from the attacker, which means that thousands of dollars could be lost as an investment in these robots.


Hacked robots purchased by businesses could suffer similar consequences, but the attacks could be more tailor-made for the business environment. For instance, the robots could deliver incorrect orders, could use inappropriate language with customers, or could go offline, which could hurt the company’s revenues. The attackers controlling the robots could also steal credit card data or trade secrets and other sensitive information.

Industrial robots could be even more dangerous, as they are usually larger and can do more precise, potentially lethal, movements. Industrial robots also tend to be configured exactly the same way in large numbers and can all be controlled from a single location. That makes it easier for an attacker to take control over many of them at the same time.

Improving Robot Security

The IOActive researchers proposed the following improvements to the security of robots:

  • Security from Day One: Vendors must implement Secure Software Development Life Cycle (SSDLC) processes.  
  • Encryption: Vendors must properly encrypt robot communications and software updates.  Authentication and Authorization: Vendors must make sure that only authorized users have access to robot services and functionality.  
  • Factory Restore: Vendors must provide methods for restoring a robot to its factory default state.  Secure by Default: Vendors must ensure that a robot’s default configuration is secure.  
  • Secure the Supply Chain: Vendors should make sure that all of their technology providers implement cybersecurity best practices.  
  • Education: Vendors must invest in security education of everyone in the company, including management, which often decides whether a robot should have a certain feature or not
  • Vulnerability Disclosure: Vendors should make it easier for researchers to report security vulnerabilities
  • Security Audits: All robots must undergo an extensive security review before going into production

As robots are still not yet mainstream, the IOActive security researchers recommended that now is the best time to ensure they are secure, before they become a priority target for malicious attackers. It remains to be seen if the robot vendors will listen.

Go to Source

NZXT Offers Free AM4 Upgrade Kits For Kraken Series Coolers

AMD’s Ryzen 7 CPUs are now available, but how will you keep these 8-core workhorses cool? The new CPU architecture comes with a brand new AM4 socket, and with it comes new CPU mount measurements, which means your existing CPU cooler won’t fit without an upgrade. AMD also exacerbated the problem by neglecting to inform motherboard manufacturers of the reference height for the backplate’s screw holders. If your cooler relies on the factory backplate, you’ll likely need a new one.

Fortunately, you may not have to pay for that upgrade. If you have an AIO closed-loop water cooler from NZXT, all you have to do is ask for one, because the company is offering a free upgrade for its Kraken Series AIO coolers. The NZXT AM4 upgrade kit is compatible with the last generation Kraken X31, X41, X61, and current generation Kraken X42, X52, and X62 CPU coolers. NZXT said the AM4 kit supports AM2 and AM3 as well.

To request an upgrade it, you must submit a ticket to the company’s support team and choose “AM4 Bracket Support” as your department. NZXT requires a proof of purchase for the AM4 motherboard that you purchased. You also have to prove that you bought an NZXT Kraken cooler. Upon qualification, NZXT will ship the bracket within two business days. U.S. customers should receive the package within five business days, and Canadian customers should expect delivery within seven business days. International shipments can take as long as two weeks.

NZXT noted that the upgrade kits are free, and it won’t charge you for shipping, but you are responsible for VAT as well as import tax and duties.

You can request NZXT’s upgrade kit today. The first shipments will start March 15.

Go to Source

Fractal Designs Offers Free AM4 Upgrade Kits For Kelvin Series Coolers

Fractal Designs announced that owners of its Kelvin Series water cooling systems can now request a free AM4 upgrade kit to prepare for AMD Ryzen.

The Kelvin Series was introduced in December 2014 and updated in June 2015 with support for the 2011-v3 socket, a low pump speed cable, and a small groove in the bottom of their fittings meant to make it harder to accidentally remove a tube, among other changes. Fractal Designs offers three models in the series: the T12 has a single radiator, the S24 has two, and the S36 has three. The models also differ in size but are otherwise similar.

Fractal Designs said the Kelvin Series coolers already support the following sockets–Intel: 775, 1150, 1151, 1155, 1156, 1366, 2011, 2011-v3; AMD: AM2, AM2+, AM3, AM3+, FM1, FM2, FM2+ and, of course, they will also support the new AM4 socket once the upgrade kits have shipped.

Here’s what the company said about the AM4 upgrade kits in a press release:

Owners of the Kelvin T12, S24 and S36 choosing to update to the new AM4 socket processor from AMD will be able to apply online via our Support Ticket System. Kelvin users requesting an upgrade kit will be required to upload a copy of their AMD Ryzen CPU or AM4 supported motherboard receipt via “attach a file”.

Expect to see plenty of announcements of this sort in the coming weeks. Ryzen finally debuted today, and judging by the fact that at least some of the CPUs are once again sold out on Amazon and other retailers, many people are going to be scrambling to update their systems to support the new chips. You can learn more about how one member of the brand new Ryzen lineup–the constantly sold-out 1800X–performs in our review of the processor.

Kelvin Series owners can apply for an AM4 upgrade kit via the Fractal Designs website.

Go to Source

Hardware Requirements Revealed For 'Middle-earth: Shadow Of War'

It hasn’t even been a week since the reveal of Middle-earth: Shadow of War, but we now have minimum and recommended hardware specs for the game. However, it should be noted that it doesn’t seem complete.


For instance, there doesn’t seem to be a listing for an AMD CPU in either category. But there’s no need to fear, as you can always browse our CPU hierarchy chart to see which AMD processor is required to venture into Mordor once again.

Middle-earth: Shadow of War Minimum Recommended
CPU Intel Core i5-2550K (Sandy Briidge, 3.4 GHz) Intel Core i7-3770 (Ivy Bridge, 3.4 GHz)
GPU
  • Nvidia GeForce GTX 670
  • AMD Radeon HD 7950
  • Nvidia GeForce GTX 970
  • Nvidia GeForce GTX 1060
  • AMD Radeon R9 290X
  • AMD Radeon RX 480
RAM 8 GB 16 GB
Storage 60 GB 60 GB
OS Windows 7 SP1 (with platfrom update for Windows 7) Windows 10 (version 14393.102 or higher)
DirectX Version 11 11

If you’re ready to go with your current build, then you’ll just have to wait until next week for new content to come from the studio. The game’s announcement trailer teased that the first batch of gameplay footage comes on March 8. The release date is set for August 22.

Name Middle-earth: Shadow of War
Type Open-world, RPG, Action/Adventure
Developer Monolith Productions
Publisher Warner Bros. Interactive Entertainment
Platforms
  • PC
  • Xbox One
  • Project Scorpio
  • PlayStation 4
  • PlayStation 4 Pro
Where To Buy
Release Date August 22, 2017

Go to Source

AMD Ryzen Lineup Sold Out On Amazon (Again)

AMD Ryzen is going, going, gone from Amazon’s website. The company previously sold all its pre-order stock of the 1800X–which we reviewed–before restocking the processor. Now the 1800X is once again sold out on Amazon, and so are its companions, the 1700 and 1700X.

Other retailers have also failed to keep Ryzen in stock for its official launch today. Best Buy was supposed to stock the lineup but merely offers pre-built rigs made with the processors; Newegg still lists the 1800X as out of stock; and Fry’s says the entire Ryzen lineup is sold out. With the exception of Newegg, which said it expects to have more 1800X units around March 10, none have said when they expect to stock back up on the new CPUs.

Ryzen’s popularity comes as no surprise. AMD opened pre-orders on February 22, the same day it finally revealed more information about the lineup and its pricing, and the new chips quickly rose to the top of Amazon’s list of best-selling CPUs. (The top spots are mostly taken up by Intel now, though Amazon’s fluctuating stock of Ryzen probably limited the series’ ability to climb back up the rankings.) The hype train has gone full steam ahead.

Things hit a bump when we discovered that Ryzen motherboards could “pose a potential problem with some of the announced CPU cooling solutions” because of “the backplates designed to secure the heatsink on the processors.” We confirmed the issue in our review of the 1800X:

One of the hardware components that’s seen some changes is the AM4 motherboard’s backplate. It’s different in two very significant ways: The distance between the wholes has changed, and the threaded pins are longer. Even though AMD seems to have informed manufacturers of the first change, they apparently forgot about the second one.

We asked the manufacturers, and they confirmed that this is what happened. This means that if the original motherboard backplate’s used in conjunction with longer screws, then the cooler might not be held against the processor tightly enough.

The fix is simple–adding the necessary millimeter via thick ring washers or the proper nuts–but it’s something to be aware of as you think about how Ryzen might fit into your rig. Assuming, that is, that you’re able to buy the processor you want even though they all keep selling out left and right.

Go to Source

Huawei Watch 2 vs Apple Watch 2 comparison review

Huawei’s presence at MWC 2017 in Barcelona wasn’t difficult to notice with not only the launch of the colourful Huawei P10 and P10 Plus, but also the Huawei Watch 2 and Watch 2 Classic. Huawei’s new sports-focused smartwatch offers impressive fitness tracking abilities, but is it enough to take on the Apple Watch Series 2, which some consider to be the best smartwatch currently on the market? Here’s our Huawei Watch 2 vs Apple Watch Series 2 comparison review, where we discuss the pricing, design, features and software of the two smartwatches.

Read next: Best smartwatch of 2017

Huawei Watch 2 vs Apple Watch 2 comparison review: UK pricing and availability

Before we delve too deep into how the Huawei Watch 2 and the Apple Watch Series 2 compare, let’s first discuss UK pricing and availability. The Apple Watch Series 2 was announced by Apple back in September 2016, and was made available to buy soon after. In terms of pricing, the cheapest Apple Watch Series 2 available costs £369 with a variety of models available, right up to the £1,249 ceramic Apple Watch Edition.

How does the Huawei Watch 2 compare? While there’s no clear UK price or release date just yet for the Huawei Watch 2, we can speculate on price based on the first-generation Watch and the European pricing, which has been confirmed.

The Huawei Watch 2 will cost €329 or €379 depending on whether you want 4G connectivity (we’ll come to that in more detail below), putting it around the £300-350 mark. This makes it more expensive than the Fashion-focused Huawei Watch, which was released in the UK with a £289 price tag back in 2015, although we expect that this has something to do with the weak GBP at the moment.

This puts the Huawei Watch 2 and Apple Watch Series 2 in line in terms of price: yes, there are more expensive variants of Apple Watch 2 available, but these only offer changes in material and not performance.

Read next: Best new smartwatches and fitness trackers coming in 2017

Huawei Watch 2 vs Apple Watch 2 comparison review: Design and build

The second-generation Apple Watch features a square 1.65in (or 1.5in if you opt for the smaller variant) display, although the material the body is made from will change depending on how much you want to pay. The cheapest Watch Series 2 features Series 7000 aluminium, while users will have to pay a minimum of £549 for a stainless steel body. The great thing about the Watch Series 2 is that it’s hugely customisable thanks to a wide range of straps, from sporty silicone straps to high-end stainless steel link bracelets and everything in between.

Meanwhile, the Huawei Watch 2 offers a slightly smaller 1.2in circular OLED display with a rather generic sports smartwatch look. It’s a bit of an odd decision when you consider that Huawei is usually heavily focused on design, as is seen with the recent release of the colourful Huawei P10. The look is fairly unassuming and is coupled with, in true sporty style, silicon watch straps available in either bright orange or black, although there will be no other options available at launch. Those looking for something a little more classy can opt for the Huawei Watch 2 Classic.

Now, the issue with the Huawei Watch 2 is that it comes in a single size – 45mm, which is pretty bulky. While this is fine for some, those blessed with thin wrists might feel that Huawei’s offering is a little too big for them and looks a bit out of place. The Apple Watch, on the other hand, offers a smaller 38mm variant for those with smaller wrists, accommodating to the needs of both men and women. The Apple Watch 2 is also thinner than Huawei’s offering, measuring in at 11.4mm and 12.6mm respectively.

There’s also a big difference in the way that you interact with the smartwatches. While both the Apple Watch Series 2 and Huawei Watch 2 both support touch input, Apple’s Watch Series 2 features the digital crown. The digital crown is a hat-tilt by Apple to the traditional watch that uses a crown to adjust the time, although Apple now uses it to zoom and scroll on the Apple Watch. It’s intuitive, and one of the best ways for users to interact with tiny displays.

The Huawei Watch 2 on the other hand features nothing of this sort. It has two buttons on the right-hand side – one for Google Assistant activation and one to access recently used apps – although there’s no intuitive way to scroll. Samsung and others have come up with various ways to get around this, like the Gear S2’s rotating bezel, but with no option available for Watch 2 users, you’ll have to get used to manually swiping around that 1.2in display.

Read next: Best fitness trackers of 2017

Huawei Watch 2 vs Apple Watch 2 comparison review: Features and spec

So, the Apple Watch Series 2 seems to have the upper design when it comes to design, but can it keep the crown when talking about the features and specs of the two smartwatches?

The Apple Watch Series 2 features Apple’s own S2 chipset which houses everything it needs within it. That includes the dual-core processor, Wi-Fi, Bluetooth, GPS, NFC, touch controllers and accelerometer, although Apple plays its cards tight to its chest when it comes to the specifics. What it does translate to is 50 percent higher performance than the first-generation Apple Watch, although that doesn’t really help us compare how it performs against the Huawei Watch 2.

The Huawei Watch 2 features Qualcomm’s first wearable-focused chipset, the Snapdragon Wear 2100. The small processor offers gains in terms of both power and efficiency, and with a 2-3-day battery life compared to a single day on the Apple Watch Series 2, the benefits of Qualcomm’s chipset are clear. The biggest benefit of the Snapdragon Wear 2100? It allows for 4G connectivity, which the Huawei Watch 2 (not Classic) takes full advantage of.

The 4G nature of the Huawei Watch 2 means that it can be used when not tethered to a smartphone. You can use apps, go for workouts and even make and receive phone calls via the smartwatch without needing your phone nearby. In fact, the Huawei Watch 2 features a standalone app store for users to browse and install smartwatch apps without the need to use a smartphone.

The Apple Watch Series 2 can’t compete with this as, despite offering standalone app support, the Watch still requires an iPhone for a connection to the internet and thus, to function. There are rumours of a 4G-enabled Watch Series 3 coming in 2017 but it’s still unconfirmed.

As well as that, the Huawei Watch 2 matches almost everything that the Apple Watch Series 2 offers in terms of Wi-Fi, Bluetooth, GPS, a heart rate monitor and an accelerometer.

Both the Apple Watch Series 2 and Huawei Watch 2 have a focus on fitness tracking. The Apple Watch offers a ring-style system with goals for standing, exercise and general calorie goals, along with a dedicated exercise tracking app and heart rate tracking. The Exercise app offers a number of specific exercises to track, from running to rowing, along with the ability to track a general workout. It takes this information and syncs it with the Health app on the connected iPhone, which provides a holistic view of your health by combining data from several sources.

The Huawei Watch 2 offers something slightly more in-depth. The Watch 2 features real-time heart rate zone monitoring, allowing you to easily keep an eye on your heart rate during your workout. It features multi-stage workouts – from fat burn to cardio and more – along with the ability for users to create their own apps via the Huawei Wear app.

It’ll coach you during your exercise with feedback on distance, heart rate, speed, goal progression and more, then provide an in-depth post-workout breakdown. The summary will provide breakdowns for the various parts of your workout, along with stats on how you performed (comparable to older workouts to track progression) and even advice on how long you should wait before exercising again.

What about battery life? Apple claims the Watch Series 2 can provide a single day of use before it needs charging with its 273mAh battery, although we’ve managed to stretch that to two days when not using it often (but never when using it to track exercise). It features a Power Reserve mode that’ll boost that up to 72 hours, but provides nothing more than the time.

Huawei claims that the 420mAh Watch 2 battery can last two days on average, or three if you opt for the non-4G variant, or 11 hours of constant use (with all sensors on). Like the Apple Watch, the Huawei Watch 2 also offers a watch-only mode, although it lasts much longer at around 25 days, and it’ll charge from flat to full in an hour. Impressive stuff.

Huawei Watch 2 vs Apple Watch 2 comparison review: Software

The Huawei Watch 2 benefits from a number of new features thanks to Android Wear 2.0, the latest version of Google’s Android Wear software. It’s due to the updated software that Huawei can offer such advanced standalone support, and is arguably where it gains its edge over the Apple Watch 2. It’s also compatible with iOS and Android, although iOS support is rather basic. It offers Google Assistant integration that Google announced back in 2016, and is a direct rival to Apple’s personal assistant, Siri. To find out more about what Android Wear 2.0 offers, take a look at our explainer: Android Wear 2.0 release date and features

The Apple Watch Series 2 features Apple’s own watchOS 3. Some argue that due to Apple designing both the hardware and the software of its products that it creates a synergy between the two that can’t be offered by Android powered rivals that all share the same software. Apple’s Digital Crown integration is a great example of this, and while we agree with this in part, Android Wear 2.0 is a huge step forward for Android rivals.

watchOS 3 offers standalone support for third-party apps on the Watch, although not those that require an internet connection to function. Like with the Huawei Watch 2, the Apple Watch Series 2 offers access to a range of third-party apps, as well as the ability to create and send texts, and make/receive phone calls. The UI is a little complex to begin with, but once you’ve spent some time getting used to it, it’s a great way to use technology on a small screen. To find out more about what watchOS 3 offers, take a look at our sister site Macworld UK’s explainer: What’s new in watchOS 3

Read next: Apple Watch tips: watchOS 3 tips & secret features

Go to Source

Tobii’s Integrated VR HMD Eye Tracking: Hands-On

Tobii has made large strides in bringing its eye-tracking technology to VR HMDs. The company gave us our first look at its HMD integration in action at GDC, where Tobii showcased a fully integrated eye-tracking sensor in an HTC Vive.

A Noble Cause

Tobii’s goal within the realm of VR is to bring the experience to new levels from the standpoint of both the developer and the gamer. Eye tracking can be leveraged to implement foveated rendering techniques (a trick Tobii showcased on a 2D monitor at CES), reducing the host PC platform’s workload. Reducing hardware requirements for VR applications is an effective way to bring the technology to an affordable mainstream level, and HMD eye-tracking integration is the first step of that venture. Although the eye-tracking technology can enable foveated rendering, the demo we saw didn’t use this feature.

Accurate eye tracking can also provide better 3D stereoscopic rendering by adjusting the image to appear correctly based on the user’s eye positions. This could prevent aliasing and artifacts caused when the HMD drifts on your face. We saw this in action with the integrated sensors in the Vive, and the image was crystal clear without hardly any adjustment to the face, even if the HMD was slightly askew.

The HMD eye-tracking integration that Tobii showed us featured the company’s proprietary EyeChip, a dedicated ASIC that reduces the workload of the host PC’s CPU by handling the sensor data on its own. It also reduces the peripheral’s power consumption, and the same EyeChip is found in the Tobii Eye Tracker 4C (the company’s latest generation product), which operates at a frequency of 90Hz. However, the sensors in this Tobii-integrated Vive are located behind the lenses, and they are able to track your eyes through them.

You Can’t Miss

Tobii’s demo software provided several use cases to improve the user experience with HMD eye-tracking integration. The most obvious benefit is natural targeting, which enables users to pick up, aim, or throw an object simply by looking at the desired target.

To see this feature in action, Tobii’s demo placed me in a field with some rocks at my feet and some bottles precariously placed on various surfaces in front of me. First, I picked up a rock and threw it without the eye tracking targeting enabled, and needless to say I couldn’t hit a thing despite my meticulous attempts at lining up my shot. Next, I grabbed a pink-illuminated rock that had the eye tracking enabled, and I couldn’t miss a single bottle so long as I looked at it.

Look Into My Eyes

Being able to track and display your eye movements on an avatar further increases the immersion of VR by adding the human element of expression. Basic eye contact is a social interaction that can convey so many different emotions and thoughts, and representing that in a VR environment is essential to creating authentic human interactions, either with other users or NPCs.

At one point, Tobii’s demo allowed me to look into a set of mirrors with an avatar, with one of them reflecting the animated character skin without the eye tracking enabled. The other mirror had eye tracking enabled, and my eye movements (including the direction of my gaze, blinking, and winking) were captured and applied to my avatar with impressive accuracy and virtually no latency.

Another location within the demo showcased NPC interactions that become possible with eye tracking. A pair of robots would divert their attention to me by turning and looking at me directly if I was looking at them, and again, the accuracy of my gaze was well-represented in the VR environment. Each robot had its own purpose (one gave me money and the other sold a variety of objects I could throw around, including rubber ducks, beach balls, and sand buckets). Again, eye tracking was critical to grabbing objects at a distance.

Develop Now, Play Later

Tobii revealed that it brought its integrated eye tracking solution to GDC to spark interest in the developer community. The company’s partnerships have gotten it this far, but more work is required to truly determine the limits of the current technology and its best practices of implementation. Although Tobii isn’t the first eye tracking sensor to make it to a mainstream HMD–SMI demoed its inexpensive eye tracking sensor and foveated rendering with an Oculus DK2 and GearVR early last year–it’s probably the first company to showcase a fully integrated sensor system in one of the two major PC-dependent retail version VR HMDs.

Tobii said it plans to feature its fully integrated eye-tracking sensors and EyeChip in the next generation of mainstream VR HMDs, implying that we would see them as early as the end of 2017 or early 2018. At present, we can say that Tobii’s eye tracking delivers on its goal of a more immersive experience, improved social interaction, and easy targeting. If developers come on board to create content for it, Tobii Eye Tracking (and eye tracking in general) could become a must-have feature on future HMDs. 

Go to Source