Open Source Physics

Science magazine has instituted the Science Prize for Online Resources in Education [SPORE], to recognize worthwhile efforts in science education.  Ars Technica reports that the current prize was awarded to the Open Source Physics [OSP] project, launched by a group of college professors.   The site offers simulation software for the physical sciences, as well as other educational materials, such as lesson plans.

The OSP Collection provides curriculum resources that engage students in physics, computation, and computer modeling. Computational physics and computer modeling provide students with new ways to understand, describe, explain, and predict physical phenomena.

The software is written in Java, so it is useable on multiple platforms (e.g., Linux, Windows, Mac OS X), and is distributed with source code under the GNU General Public License [GPL]; this means that you can modify the software to meet your requirements.  You can also distribute the modified version, provided that you do so under the GPL.  The OSP site has a wide variety of materials for various areas of physics, as well as a few applications for other sciences.

Better Batteries for the Grid

I’ve written here a number of times about the quest to develop new battery technology.  Of course, we would all like our laptops, cell phones, and other electronic gizmos to go longer on a single battery charge, and better batteries would also be welcome for electric vehicles.   But one of the biggest potential markets for new types of batteries is the electricity supply industry; batteries could be used to help smooth out supply and demand fluctuations for the “smart grid”, and would make integrating alternative sources, like solar and wind power, easier.  Usage in the power grid has some different requirements: weight, for example, is not so much of a concern as it would be for a mobile device, but high capacity, low cost, and long service life are very important.

Technology Review reports that a research group at Stanford University, led by Yi Cui, a professor of materials science and engineering, has developed a new electrode material that shows early promise for making a better grid battery.

Researchers at Stanford University have now demonstrated a high-efficiency new nanomaterial battery electrode that lasts for 40,000 charge cycles without significantly losing its charge-holding capacity.

The battery chemistry envisioned is similar to that of current lithium-ion batteries; it employs the transport of sodium and potassium ions between the battery’s electrodes.   Sodium and potassium are, relatively speaking, abundant and cheap.  The electrolyte will be a water based solution of, for example, potassium nitrate, rather than the organic-solvent-based electrolytes used in lithium-ion batteries; this also should reduce costs.

The new electrode itself is made from reasonably common materials.

The researchers start with the pigment Prussian Blue, an iron and cyanide compound. They replace half the iron with copper, and make crystalline nanoparticles of the resulting compound, which they coat on a cloth-like carbon substrate.

The research team says that the new electrode can retain 83 % of their capacity after 40,000 charge cycles.  By comparison, lithium-ion batteries last about 1,000 cycles, and lead-acid batteries a few hundred,

This research, interesting though it is, is just a first step.  The new electrode technology has so far been used only as a battery cathode; the team is working on modifying it for use as an anode, and on building a complete battery prototype.

Lax Security at NASDAQ ?

Back in February, I posted a note here about a security breach that had been discovered in some computer networks owned by NASDAQ (originally, the National Association of Security Dealers Automated Quotation system).    The NASDAQ Stock Market is the largest US trading platform for stocks not listed on the New York Stock Exchange [NYSE];  it is also the largest screen-based trading exchange in the US, listing 2800+ issues, and the largest in the world by trading volume.  A report in October suggested that the attackers had used access to the NASDAQ Directors’ Desk system, a sort of bulletin-board for senior corporate managements, as a launching point for attempts to obtain more specific confidential information.

Reuters has now reported that investigators probing the incident, including the FBI, have concluded that NASDAQ’s system security was not all that it should have been.

A federal investigation into last year’s cyber attack on Nasdaq OMX Group found surprisingly lax security practices that made the exchange operator an easy target for hackers, people with knowledge of the probe said.

The NASDAQ trading system was, apparently, sufficiently isolated to prevent the hackers from gaining access to it.  But the security of some of NASDAQ’s other systems was not up to the same standard.

The sources, however, said the investigators were surprised to find some computers with out-of-date software, misconfigured firewalls and uninstalled security patches that could have fixed known “bugs” that hackers could exploit. Versions of Microsoft Corp’s Windows 2003 Server operating system, for example, had not been properly updated.

NASDAQ is hardly the only company that has not always been entirely diligent about keeping its installations up to date with respect to security patches.   As a headline, Company XYZ had Unpatched Systems has about the same news value as Politician Caught Lying.   It is still troubling, though, that organizations like NASDAQ, who surely must realize that they are attractive targets, apparently cannot do a better job.

Disk Encryption: A Testimonial

From time to time, I’ve talked about looking after the security of data stored on portable devices (like laptops), and have suggested that disk encryption is one tool that can help with this.  (For example, one might use the free, open-source TrueCrypt software.)   Yet one sees investigators on TV shows like the various editions of CSI and NCIS cracking the encryption on the bad guy’s laptop in the time it takes to show a couple of commercials.

Fortunately, a report posted this week at the PhysOrg site provides reassurance that encryption really is effective, and that the TV shows are engaging in artistic license to a considerable degree.  Though I am sure that the authors did not intend their work to be a testimonial to the effectiveness of encryption technology, it serves fairly well.

A joint U.S./UK research team has found that common encryption techniques are so good that law enforcement, from local to highly resourceful federal agencies, are unable to get at data on a computer hard disk that could be used to prove the guilt of people using the computer to perpetuate crimes.

The research, published in the journal Digital Investigation [abstract], indicates that the problem for law enforcement is made worse by inappropriate or sloppy forensic techniques.  For example, if computer equipment is seized pursuant to a search warrant, it is common practice to transport the machine to another location to analyze the information it contains.  But turning the system off may cause passwords or encryption keys held in memory to be lost; in some cases it may actually trigger data destruction.

The practice of shutting down an evidential computer is not an acceptable technique when dealing with FDE or even volume encryption because it may result in all data on the device being rendered inaccessible for forensic examination.

The authors discuss some possible changes in forensic practice to increase the chances of getting either unencrypted data, or encryption keys.  However, cracking the encryption itself is quite difficult.

The unfortunate bottom line though, is that the authors openly admit that once the drive is encrypted, there is little to nothing to be done, which a lot of criminals are surely going to be really pleased to hear.

If experience is any guide, this may prompt calls for some sort of legal “fix” to prevent criminals from getting away with it.  As with other security technologies, encryption has unsavory uses as well as good ones.  We do not prohibit the sale of safes just because someone might use one to lock up his evil secrets.

Extreme Tech  also has a short article on this research.

Smart Meter Interference

I’ve written here before about the growing interest in the use of “smart” electricity meters, often visualized as part of a larger “smart grid” initiative.  There are good reasons to pursue this technology: it can enable the power distribution grid to respond more nimbly to changes in the supply and demand for electricity, and help manage demand by introducing variable electricity rates.   But there are also some concerns about the proposed smart grid.  The GAO has identified several areas of security risk. and there is a risk that variable rates might actually decrease the stability of the system ,if implemented incorrectly, by inducing large fluctuations in demand more quickly than the power generators can adjust.

A recent deployment of smart meters to utility customers in New England has illustrated another potential problem area with these devices, according to an article at Security Week.

About 200 customers of the Central Maine Power Company recently noticed something odd after the utility installed smart meters in their homes: in some cases other wireless devices stopped working, or behaved erratically.

These meters use wireless communications in the 2.4 GHz frequency band, an unlicensed bit of spectrum that is also used by WiFi networks, security systems, garage door openers, and baby monitors.   As anyone who has installed a home WiFi network is likely to know, occasional interference and “dead spots” do occur.  Usually, these can be resolved by moving some of the equipment, or by changing the frequency “channel” on which the device operates.  Moving one’s electric meter or garage, however, is not always a practical option, and some devices are preset to a single channel.

(As the article points out, a similar sort of problem is occurring in many hospitals and other medical facilities, stemming from interference between electronic monitors and other equipment.)

As someone who has spent a few hours now and then pulling network cables, I do understand the appeal of wireless connections.  Apart from the convenience of wireless, the hope is that someday, your energy-intensive appliances (say, a clothes dryer) will be able to communicate with the smart meter in order to run at off-peak times when electricity rates are low.  I just hope someone will think this all through a little more carefully than they seem to have done so far.

 

Android on a Stick

Various versions of Google’s Android mobile operating system have had the code names “Gingerbread”, “Honeycomb”, and “Ice Cream Sandwich”.   So it is perhaps not that surprising that a new incarnation of the system is called “Cotton Candy” — and it even comes on a stick.  A USB stick, that is.  There has been considerable speculation about whether Google might make Android available on a wider range of devices, and this might be a first step.

According to an article at Wired‘s “Gadget Lab”  blog, the new device, which is about 8 cm long and 2.5 cm wide, has been introduced by FXI Technologies.

FXI essentially built an ultra-lean computer inside a small USB stick. Stick it into any device that supports USB storage, and Cotton Candy will register as a USB drive. From there, you can run the Android OS in a secure environment inside your desktop, courtesy of a Windows/OSX/Linux-compatible virtualization client embedded in the device.

The device, which runs Android 2.3 (Gingerbread), has a tiny slot for a Micro SD memory card, and an HDMI connector, allowing it to connect to a television set.  Its fundamental processing capabilities are far from feeble.

Under its Hot Wheels-sized hood, the device sports a 1.2GHz ARM Cortex A9-based processor (the same basic processor architecture you’ll find in the fastest chips from Apple and Nvidia), as well as ARM’s quad-core Mali GPU and 1GB of RAM.

Google, as always. is interested in getting its products in front of as many people as possible, in order to drive increased advertising sales (which is of course its core business).   The Cotton Candy device is a bit of an odd duck; it doesn’t meet enough of Google’s requirements to be an “official” Android device.  FXI has indicated that it intends to market the device primarily to developers and makers of other gadgets.  The device is expected to be available in mid-2012, and to cost less than $200.