Archive for January 2018

Divers Found The World’s Largest Underwater Cave, And It’s Full of Maya Secrets

After 10 months of intensive exploration, scientists in Mexico have discovered the world’s largest flooded cave system – and it’s truly an underwater wonderland.

Spanning an incredible 347 kilometres (216 miles) of subterranean caverns, this branching, sunken labyrinth isn’t just a natural spectacle – it’s also an important archaeological find that could reveal lost secrets of the ancient Maya civilisation.

“This immense cave represents the most important submerged archaeological site in the world,” says underwater archaeologist Guillermo de Anda from Mexico’s National Institute of Anthropology and History.

“It has more than a hundred archaeological contexts, among which are evidence of the first settlers of America, as well as extinct fauna and, of course, the Maya culture.”

De Anda heads up the Great Maya Aquifer Project (GAM), a research effort which for decades has explored underwater caves in the Mexican state of Quintana Roo, located on the Caribbean coastline of the Yucatán Peninsula.

The region hosts a stunning 358 submerged cave systems, representing some 1,400 kilometres (870 miles) of flooded freshwater tunnels hidden under the surface.

read here: http://www.sciencealert.com/world-s-largest-flooded-cave-discovered-under-mexico-yucatan-sac-actun

How a 22-Year-Old Discovered the Worst Chip Flaws in History

In 2013, a teenager named Jann Horn attended a reception in Berlin hosted by Chancellor Angela Merkel. He and 64 other young Germans had done well in a government-run competition designed to encourage students to pursue scientific research.

In Horn’s case, it worked. Last summer, as a 22-year-old Google cybersecurity researcher, he was first to report the biggest chip vulnerabilities ever discovered. The industry is still reeling from his findings, and processors will be designed differently from now on. That’s made him a reluctant celebrity, evidenced by the rousing reception and eager questions he received at an industry conference in Zurich last week.

Interviews with Horn and people who know him show how a combination of dogged determination and a powerful mind helped him stumble upon features and flaws that have been around for over a decade but had gone undetected, leaving most personal computers, internet servers and smartphones exposed to potential hacking.

Other researchers who found the same security holes months after Horn are amazed he worked alone. “We were several teams, and we had clues where to start. He was working from scratch,” said Daniel Gruss, part of a team at Graz University of Technology in Austria that later uncovered what are now known as Meltdown and Spectre.

Horn wasn’t looking to discover a major vulnerability in the world’s computer chips when, in late April, he began reading Intel Corp. processor manuals that are thousands of pages long. He said he simply wanted to make sure the computer hardware could handle a particularly intensive bit of number-crunching code he’d created.

But Zurich-based Horn works at Project Zero, an elite unit of Alphabet Inc.’s Google, made up of cybersleuths who hunt for “zero day” vulnerabilities, unintended design flaws that can be exploited by hackers to break into computer systems.

So he started looking closely at how chips handle speculative execution — a speed-enhancing technique where the processor tries to guess what part of code it will be required to execute next and starts performing those steps ahead of time — and fetching the required data. Horn said the manuals stated that if the processor guessed wrong, the data from those misguided forays would still be stored in the chip’s memory. Horn realized that, once there, the information might be exposed by a clever hacker.

“At this point, I realized that the code pattern we were working on might potentially leak secret data,” Horn said in emailed responses to Bloomberg questions. “I then realized that this could — at least in theory — affect more than just the code snippet we were working on.”

That started what he called a “gradual process” of further investigation that led to the vulnerabilities. Horn said he was aware of other research, including from Gruss and the team at Graz, on how tiny differences in the time it takes a processor to retrieve information could let attackers learn where information is stored.

Horn discussed this with another young researcher at Google in Zurich, Felix Wilhelm, who pointed Horn to similar research he and others had done. This led Horn to what he called “a big aha moment.” The techniques Wilhelm and others were testing could be “inverted” to force the processor to run new speculative executions that it wouldn’t ordinarily try. This would trick the chip into retrieving specific data that could be accessed by hackers.

read full-article: https://www.bloomberg.com/news/articles/2018-01-17/how-a-22-year-old-discovered-the-worst-chip-flaws-in-history