All posts in “Science”

The price of eclipse glasses have more than tripled on Amazon over the last 2 weeks d1ce 0768%2fthumb%2f00001

If you’re trying to be frugal and find a cheap deal on a pair of glasses for the solar eclipse, good luck. The price of the protective glasses continues to soar, even among concerns over sales of potentially useless glasses. 

On Amazon, which seems to be the marketplace of choice for eclipse shoppers, prices for glasses have more than tripled over the last two weeks for the website’s most popular protective glasses, according to Wikibuy. 

Wikibuy, which tracks prices through its Google Chrome extension and through a real time price tracker on its website, shared data with Mashable on the pricing of the 4-Pack Premium ISO and CE Certified Lunt Solar Kid Size Eclipse Viewing Glasses on Amazon, which Wikibuy said are its most popular. 

“From what our community has seen on Amazon, it appears that Amazon prices on eclipse glasses have more than tripled over the last two weeks,” Matt Gratt, Wikibuy’s Director of Growth, wrote in an email. “As always, consumers can find the true best prices on items by consulting price history tools and multiple stores around the internet.”

While the 4-Pack Premium ISO and CE Certified Lunt Solar Kid Size Eclipse Viewing Glasses are currently on backorder through Amazon Prime, one seller is selling them for a mere $249. (Yeah, price tag made us cringe too.) 

Eclipse glasses are also four of the top five product searches on Amazon and Wikibuy, Gratt said. Based on the company’s data, prices seemed to fluctuate, but remained pretty steady for awhile, but began to steadily climb since the beginning of August. 

And it’s not just Amazon — an analysis of pricing for packs of the glasses from third party retailers found that prices have more than doubled for new five and 10 packs since early August. 

The current price for a 10-pack of CE Certified Safe Solar Eclipse Glasses sold through a third party is $129.95, according to Camel Camel Camel, which tracks pricing of items on Amazon and through third party retailers. 

For a five pack of premium ISO and CE Certified Lunt Solar Eclipse Glasses from a third party vendor, the current price sits at $39.95.

But while the prices may not be ideal, if you’re planning on viewing the celestial event, you’ll need a pair of these glasses to view the eclipse without harming your eyes. A list of reliable vendors for eclipse glasses can be found here. Or you can check out this NASA video, which will show you how to view the eclipse without those fancy-shmancy glasses. 

Https%3a%2f%2fblueprint api uploaders%2fdistribution thumb%2fimage%2f81265%2f2cb02628 88bf 4518 a6d7 3eff911fc263

Malicous code written into DNA infects the computer that reads it

In a mind-boggling world first, a team of biologists and security researchers have successfully infected a computer with a malicious program coded into a strand of DNA.

It sounds like science fiction, but I assure you it’s quite real — although you probably don’t have to worry about this particular threat vector any time soon. That said, the possibilities suggested by this project are equally fascinating and terrifying to contemplate.

The multidisciplinary team at the University of Washington isn’t out to make outlandish headlines, although it’s certainly done that. They were concerned that the security infrastructure around DNA transcription and analysis was inadequate, having found elementary vulnerabilities in open-source software used in labs around the world. Given the nature of the data usually being handled, this could be a serious problem going forward.

Sure, they could demonstrate the weakness of the systems with the usual malware and remote access tools. That’s how any competent attacker would come at such a system. But the discriminating security professional prefers to stay ahead of the game.

“One of the big things we try to do in the computer security community is to avoid a situation where we say, ‘Oh shoot, adversaries are here and knocking on our door and we’re not prepared,’” said professor Tadayoshi Kohno, who has a history of pursuing unusual attack vectors for embedded and niche electronics like pacemakers.

From left, Lee Organick, Karl Koscher, and Peter Ney from the UW’s Molecular Information Systems Lab and the Security and Privacy Research Lab prepare the DNA exploit for sequencing

“As these molecular and electronic worlds get closer together, there are potential interactions that we haven’t really had to contemplate before,” added Luis Ceze, one co-author of the study.

Accordingly, they made the leap plenty of sci-fi writers have made in the past, and that we are currently exploring via tools like CRISPR: DNA is basically life’s file system. The analysis programs are reading a DNA strand’s bases (cytosine, thymine etc, the A, T, G, and C we all know) and turning them into binary data. Suppose those nucleotides were encoding binary data in the first place? After all, it’s been done before — right down the hall.

Here comes the mad science

Here’s how they did it. All you really need to know about the transcription application is that it reads the raw data coming from the transcription process and sorts through it, looking for patterns and converting the base sequences it finds into binary code.

“The conversion from ASCII As, Ts, Gs, and Cs into a stream of bits is done in a fixed-size buffer that assumes a reasonable maximum read length,” explained co-author Karl Koscher in response to my requests for more technical information.

That makes it ripe for a basic buffer overflow attack, in which programs execute arbitrary code because it falls outside expected parameters. (They cheated a little by introducing a particular vulnerability into the software themselves, but they also point out that similar ones are present elsewhere, just not as conveniently for purposes of demonstration.)

After developing a way to include executable code in the base sequence, they set about making the exploit itself. Ironically, it’s inaccurate to call it a virus, although it’s closer to a “real” virus than perhaps any malicious code ever written.

“The exploit was 176 bases long,” Koscher wrote. “The compression program translates each base into two bits, which are packed together, resulting in a 44 byte exploit when translated.”

Given that there are 4 bases, it would make sense to have each represent a binary pair. Koscher confirmed this was the case. (If you’re curious, as I was: A=00, C=01, G=10, T=11.)

“Most of these bytes are used to encode an ASCII shell command,” he continued. “Four bytes are used to make the conversion function return to the system() function in the C standard library, which executes shell commands, and four more bytes were used to tell system() where the command is in memory.”

Essentially the code in the DNA escapes the program as soon as it is converted from ACGTs to 00011011s, and executes some commands in the system — a sufficient demonstration of the existence of the threat vector. And there’s plenty of room for more code if you wanted to do more than break out of the app.

At 176 bases, the DNA strand comprising the exploit is “by almost any biological standard, very small,” said Lee Organick, a research scientist who worked on the project.

Biopunk future confirmed

In pursuance of every science journalist’s prime directive, which is to take interesting news and turn it into an existential threat to humanity, I had more questions for the team.

“CONCEIVABLY,” I asked, in all caps to emphasize that we were entering speculative territory, “could such a payload be delivered via, for example, a doctored blood sample or even directly from a person’s body? One can imagine a person whose DNA is essentially deadly to poorly secured computers.”

Irresponsibly, Organick stoked the fires of my fearmongering.

“A doctored biological sample could indeed be used as a vector for malicious DNA to get processed downstream after sequencing and be executed,” he wrote.

“However, getting the malicious DNA strand from a doctored sample into the sequencer is very difficult with many technical challenges,” he continued. “Even if you were successfully able to get it into the sequencer for sequencing, it might not be in any usable shape (it might be too fragmented to be read usefully, for example).”

It’s not quite the biopunk apocalypse I envisioned, but the researchers do want people thinking along these lines at least as potential avenues of attack.

“We do want scientists thinking about this so they can hold the DNA analysis software they write to the appropriate security standards so that this never makes sense to become a potential attack vector in the first place,” said Organick.

“I would treat any input as untrusted and potentially able to compromise these applications,” added Koscher. “It would be wise to run these applications with some sort of isolation (in containers, VMs, etc.) to contain the damage an exploit could do. Many of these applications are also run as publicly-available cloud services, and I would make isolating these instances a high priority.”

The likelihood of an attack like this actually being pulled off is minuscule, but it’s a symbolic milestone in the increasing overlap between the digital and the biological.

The researchers will present their findings and process (PDF) next week at the USENIX Security conference in Vancouver.

Featured Image: Dennis Wise / UW

Internet of Bees device tracks hive health

As we all know, the bee population is declining at an alarming rate, and while the causes are many, the solutions are few. At the very least, beekeepers need to keep an extra-close eye on their hives — which can be difficult when there are a few thousand of them. A Canadian researcher is working on a monitoring system that listens to the buzz and passes on word if things are going south.

Oldooz Pooyanfar, a graduate student at Simon Fraser University, created the device to improve data collection and hopefully lead to some insight into colony collapse disorder, the mysterious affliction that has claimed many a hive.

It uses microphones and temperature and humidity sensors, and will eventually include accelerometers; you mount it inside the hive and it gives you a drone’s-eye view of the colony’s activity.

“With this monitoring system, we are collecting data in real time on what the bees are ‘saying’ about foraging, or if they’re swarming, or if the queen bee is present,” Pooyanfar said in a news release.

[embedded content]

Ultimately, with enough of these things going and contributing data to a central pool in real time, a neural network would be trained to watch for problems. That’s part of Pooyanfar’s thesis work (in progress).

Right now the device is built from off-the-shelf parts, so it’s a bit bulky and expensive, but it’s hoped that a custom-manufactured sensor package could get the cost down. She’s working with local beekeepers to develop the hardware and software, and says there’s been quite a bit of interest.

Pooyanfar’s ongoing work is funded by the Mitacs Accelerate program.

Featured Image: Simon Fraser University

Solar cell lenses give these shades a charge

Over the years I’ve seen concepts of solar-powered sunglasses come and go, but the dream of for some reason wearing solar panels on my face has remained elusive — until today. Genius engineers at Karlsruhe Institute of Technology have successfully made a pair of shades with organic solar cell lenses — and you don’t even have to stare directly at the sun for them to work.

The lenses have been cut like ordinary glass or plastic to fit in a commercial frame, and are similarly light and transparent. Organic solar cells aren’t particularly efficient, but they are flexible and versatile, able to be put in situations where a rigid, opaque cell isn’t an option.

“The Solar Glasses we developed are an example of how organic solar cells may be employed in applications that would not be feasible with conventional photovoltaics,” said Dominik Landerer, a PhD student at KIT who worked on the project, in a news release from the school.

Each arm of the sunglasses houses a custom PCB that converts the current and uses it to run, in this case, two small displays that show temperature and brightness. Not sure why you’d need a display to tell you how bright it is out there, but hey, it’s a research project.

After supplying the displays, the cells generate about 200 milliwatts of excess power. That’s not going to do much for your phone, but it will run or trickle charge a low-power device like a step counter, wireless transmitter or small speaker. They work in dimmer light, too, like that of a home or office. In this case there isn’t even a battery in the assembly — it’s all accomplished with the energy collected in real time.

The researchers envision more interesting applications as the technology and manufacturing methods mature. They’ve published their methods in the journal Energy Technology.

Featured Image: KIT

The Envirobot robo-eel slithers along the shore for science

The next time you’re swimming in Lake Geneva, don’t be surprised when you feel something eel-like and yet artificial touch your leg. That would be Envirobot, the latest biomimetic creation from Swiss researchers that autonomously swims around bodies of water and tests them for toxins and other factors.

It’s from l’École polytechnique fédérale de Lausanne, which also produced the salamander-like Pleurobot and some convincing imitation reptiles for a BBC nature documentary. But while Pleurobot was about studying animal locomotion and the others were for surreptitiously monitoring wildlife, Envirobot is meant to be a tool for ecologists and other scientists.

The 4-foot creature, or device, whatever you want to call it, is made up of many small segments, each with a specialized purpose but sharing the ability to flex in concert with each other, creating a serpentine motion that propels it through the water.

The head, naturally, is the control center, housing the gear the robot needs to get around — camera, computer and so on. The segments are where the magic happens, though. Inside each cavity are sensors of various kinds: electrical, chemical and biological.





Electric sensors can track the salinity of the water, and chemical ones obviously can test for acidity or certain elements. The biological sensors are different, though: they’re filled with living organisms or tissues — fish cells, microfauna, etc. — which react in predictable ways to, say, the presence of insecticides or other toxins. (You can see a sensor cavity in the gallery above.)

Envirobot can follow waypoints or swim in a pattern, or it can use feedback from its sensor modules to act on its own, following a salt or toxin gradient in order to find its source. Humans have to transport it over land and deploy it, of course, but once in the water it’s quite autonomous. That makes it an efficient data gatherer, much better than a monitoring buoy or station.

“There are many advantages to using swimming robots,” explained EPFL’s Auke Ijspeert, head of the Biorobotics Laboratory that produced Envirobot, in a news release. “They can take measurements and send us data in real time — much faster than if we had measurement stations set up around the lake. And compared with conventional propeller-driven underwater robots, they are less likely to get stuck in algae or branches as they move around. What’s more, they produce less of a wake, so they don’t disperse pollutants as much.”

[embedded content]

Ideally, you would take one or more of these guys, set them loose in some body of water and a couple of hours later get a detailed map of all kinds of factors. Many a biologist, ecologist or civil engineer would like things to be as easy as that.

So far the team has tested the bot in Lake Geneva, for benign substances like salt, and in the lab, for toxins they wouldn’t want to release into the environment.

Featured Image: EPFL