TRIC INDIA (Technology Revolutionaries & Innovators Club India) is an aggressive not-for-profit community with members having passion for technology. We establish a platform for sharing of knowledge in all the possible disciplines of engineering with the academicians, professionals, industrialists, researchers and students and to induce innovative thinking, with a genuine passion of spreading and upgrading the technological knowledge with a not-for-profit motto
Williams Hybrid Power partnering with Porsche recently showed off the Porsche 911 GT3 R Hybrid that features an electrical front axle drive with two electric motors onboard that supplement the 480-bhp, 4-liter capacity located in the rear of the race car. Instead of using regular batteries that are normally found in a hybrid vehicle, an electrical flywheel generator delivers energy to the twin motors.
The flywheel's rotor that is actually an electric motor spins at 40,000 rpm storing energy mechanically as rotation energy. Whenever the brakes are applied, the two motors reverse their function and charge the flywheel. As the braking action ceases and the gas is once again engaged, there is a powerful burst of energy (up to 120kW) that is available for 6 to 8 seconds.
There is no wasted heat from burning brakes, no wasted fuel by accelerating and much lower C02 emissions. Point made, the flywheel is nothing more than a mass rotating on an axis, a form of kinetic energy. In this particular scenario, the flywheel is used to store energy, taking the place of a chemical source found in a battery.
European researchers have taken the world a step closer to fictional wizard Harry Potter's invisibility cape after they made an object disappear using a three-dimensional "cloak," a study published in the US-based journal Science showed.
Scientists from Karlsruhe Institute of Technology in Germany and Imperial College London used the cloak, made using photonic crystals with a structure resembling piles of wood, to conceal a small bump on a gold surface, they wrote in Science.
"It's kind of like hiding a small object underneath a carpet -- except this time the carpet also disappears," they said.
"We put an object under a microscopic structure, a little like a reflective carpet," said Nicholas Stenger, one of the researchers who worked on the project.
"When we looked at it through a lens and did spectroscopy, no matter what angle we looked at the object from, we saw nothing. The bump became invisible," said Stenger.
Invisibility cloaks have already been developed but they only worked on two dimensions. In other words, the objects that were supposed to be made invisible were immediately visible from the third dimension, the study said.
The "cloak" invented by the European team is the first to work on three dimensions.
Backup generators are noisy and add pollutants to our air. They are also expensive and not very dependable when looking at long stretches of power outages. No wonder why some people think twice about spending $500 and upward to have a piece of equipment that collects dust most of the time.
A new company in Italy called Electro Power Systems SpA has been designing a useful alternative back up power that is clean and reliable since their inception in 2005. Last year, this unit called the ElectroSelf™ began receiving the praise that it deserved.
ElectroSelf™ is a self-contained and self-recharging fuel-cell system that runs solely on water. There are no batteries, no diesel fumes or any other type of expensive and inconvenient factors to contend with. ElectroSelf leverages the water that is produced by the fuel cell during a power outage to generate clean H2, feeding the fuel cell during the next unscheduled power shortage.
This unit can also be incorporated with a main power source in an on grid and placed anywhere in the world. For the prospect of selling power back to utility companies in very rural country, this potential is very possible. As a self-contained unit, the ElectroSelf is capable of operating in temperatures ranging between -20 degrees C to 45 degrees C, indoors or out. Forming a business from a community co-op can also become a reality within the proper realms.
Adriano Marconetto is founder and CEO of Electro Power Systems SpA and anticipates green networks such as his company have introduced to become increasingly attractive to alternative fuels already in place. The fact that ElectroSelf is 100% self-sufficient in creating its own hydrogen opens doors for other companies to search out more flexible and totally green designs in all aspects of fuel free energy.
Not only is this new design virtually maintenance free and guaranteed to return upfront costs but is also a very real option for disaster areas, areas of extreme temperatures and isolated regions. Operating costs are minimal because of the absence of moving parts and topping off with water once per year is the only regular requirement.
ElectroSelf™ was included in the Global Cleantech 100 of 2009 and at the GSMA's Mobile Innovation EMEA event in June 2009, ElectroSelf was awarded "Most Innovative Product Enabling a Greener World". This is a fascinating use of green energy by combining Hydrogen (H2) and Oxygen (O2) to create energy; hydrogen fuel by electrolysis of demineralised wastewater of the power generation phase.
Each day, innovators from around the world are creating alternative methods to aid our planet while allowing us to hold on to the luxuries that we have become accustomed to. Hydrogen fuel by electrolysis is just the first step to bigger and better energy creativity to come.
Thursday, March 11, 2010
Top Ten Wi-Fi Security Threats
Gone are the early days of Wi-Fi, when CSOs lost sleep over threats like WEP cracking and war driving. 802.11n products have matured to the point where many enterprises are investing in larger, faster WLANs to support mission-critical applications. And yet, pros know that security is never to be taken for granted. Here, we offer our Top Ten Wi-Fi Threats and explain why diligence is (still) required.
1. Data Interception: Today, it’s widely understood that data sent over Wi-Fi can be captured by eavesdroppers – easily, within a few hundred feet; even farther with directional antennas. Fortunately, all Wi-Fi CERTIFIED products now support AES-CCMP data encryption and integrity. Unfortunately, there are still legacy products that only speak TKIP, and many WLANs are configured to accept both AES and TKIP. But TKIP is vulnerable to message integrity check (MIC) attacks that allow a limited set of spoofed frames to be injected – for example, ARP. Although resulting risks are modest, the writing is on the wall: The time has come to retire TKIP and require AES-CCMP.
2. Denial of Service: WLANs are inherently vulnerable to DoS. Everyone shares the same unlicensed frequencies, making competition inevitable in populated areas. The good news: As enterprise WLANs migrate to 802.11n, they can use channels in the larger, less-crowded 5 GHz band, reducing “accidental DoS.” Moreover, contemporary access points (APs) can auto-adjust channels to circumvent interference. But that still leaves DoS attacks: Phony messages sent to disconnect users, consume AP resources, and keep channels busy. To neutralize common DoS attack methods like Deauth Floods, look for newer products that support 802.11w management frame protection.
3. Rogue APs: Business network penetration by unknown, unauthorized APs has long been a top worry. Fortunately, most enterprise WLANs now use legitimate APs to scan channels for possible rogues in their spare time. Unfortunately, verifying “true rogues” by tracing their wired network connectivity is a skill that ordinary WLAN gear has yet to perfect. Without accurate classification, automated rogue blocking is a risky proposition. To not just detect, but effectively mitigate rogue APs, deploy a Wireless IPS that can reliably differentiate between harmless neighbors, personal hotspots, and network-connected rogues that pose real danger, taking policy-based action to trace, block, and locate the latter.
4. Wireless Intruders: Wireless IPS products like Motorola AirDefense, AirMagnet, and AirTight can also detect malicious Wi-Fi clients operating in or near a business’ airspace. However, truly effective defense requires up-to-date, properly deployed WIPS sensors. In particular, 802.11a/b/g sensors must be updated to monitor new 5 GHz channels (including 40 MHz channels), parse 802.11n protocols, and look for new 802.11n attacks. Furthermore, because 802.11n clients can connect from farther away, WIPS sensor placement must be reviewed to satisfy both detection and prevention needs.
5.Misconfigured APs: Back when standalone APs were individually-managed, configuration errors posed a significant security threat. Today, most enterprise WLANs are centrally-managed, using coordinated updates and periodic audits to decrease TCO, improve reliability, and reduce risk. But 802.11n adds a slew of relatively complex config options, the consequences of which depend on (highly variable) Wi-Fi client capabilities. Prioritization and segmentation for multi-media further complicates configuration. The answer here: Combine sound, centralized management practices with 802.11n/WMM education and planning to reduce operator error.
6.Ad Hocs and Soft APs: Wi-Fi laptops have long been able to establish peer-to-peer ad hoc connections that pose risk because they circumvent network security policies. Fortunately, ad hocs were so hard to configure that few bothered to use them. Unfortunately, that barrier is being lifted by “soft APs” in Windows 7 and new laptops with Intel and Atheros Wi-Fi cards. Those virtual APs can provide easy, automated direct connections to other users, bypassing network security and routing traffic onto the enterprise network. Measures used to deter Ad Hocs may also prove useful against unauthorized Soft APs, such as IT-managed client settings and WIPS.
7.Misbehaving Clients: Clients that form unauthorized Wi-Fi connections of any type, whether accidentally or intentionally, put themselves and corporate data at risk. Some enterprises use Group Policy Objects to configure authorized Wi-Fi connections and prevent end-user changes. Others use host-resident agents and/or WIPS to monitor Wi-Fi client activity and disconnect high-risk connections. However, many businesses (especially SMBs) still depend on end-users to connect only to known, authorized wireless APs. Given ubiquitous deployment, longer reach, and broader consumer electronics integration, accidental or inappropriate Wi-Fi connections have never been easier. If you haven’t already taken steps to stop Wi-Fi client misbehavior, start now.
8.Endpoint Attacks: Now that over-the-air encryption and network-edge security have improved, attackers have refocused their attention on Wi-Fi endpoints. Numerous exploits have been published to take advantage of buggy Wi-Fi drivers, using buffer overflows to execute arbitrary commands – sometimes at ring 0 (high-privilege kernel mode). Automated attack tools like Metasploit can now be used to launch Wi-Fi endpoint exploits with minimal effort. Although vendors do (usually) patch these bugs once discovered, Wi-Fi driver updates are not distributed automatically with OS updates. To protect your workforce, track Wi-Fi endpoint vulnerabilities (for example, using WiFiDEnum) and keep your Wi-Fi drivers up-to-date.
9.Evil Twin APs: Fraudulent APs can easily advertise the same network name (SSID) as a legitimate hotspot or business WLAN, causing nearby Wi-Fi clients to connect to them. Evil Twins are not new, but easier-to-use hacker tools have increased your risk of running into one. Tools like Karmetasploit can now listen to nearby clients, discover SSIDs they’re willing to connect to, and automatically start advertising those SSIDs. Once clients connect, DHCP and DNS are used to route client traffic through the Evil Twin, where local (phony) Web, mail, and file servers execute man-in-the-middle attacks. The only effective defense against Evil Twins is server authentication, from 802.1X server validation to application server certificate verification.
10.Wireless Phishing: In addition to the above man-in-the-middle application attacks, hackers continue to develop new methods to phish Wi-Fi users. For example, it’s possible to poison Wi-Fi client Web browser caches, so long as the attacker can get into the middle of a past Web session – such as by using an Evil Twin at an open hotspot. Once poisoned, clients can be redirected to phishing sites long after leaving the hotspot, even when connected to a wired enterprise network. One technique for mitigating this threat is to clear your browser’s cache upon exit. Another possibility is to route all hotspot traffic (even public) through a trusted (authenticated) VPN gateway.
In summary, the state of Wi-Fi security has significantly improved over the years. Today’s enterprise WLANs can be effectively hardened against intrusion and misuse. However, end-to-end security still cannot be assumed; just enabling Wi-Fi encryption will not make applications running over wireless networks “safe.” Wi-Fi technologies, products, and attacks will continue to emerge. Security admins still need to keep abreast of new threats, assess their business risk, and take appropriate action.
While end users may never even know that the application they're using is coming from the cloud, IT will be completely transformed, and the business as a whole will have an entirely new way of viewing, using and paying for technology.
For IT, cloud computing is as significant a development as the invention of the PC, or as the effect of the iPod on the music industry.
Think of it as utility computing on steroids or services sold by the drink.
Apple made the iPod a success by changing people's perception of music from a product to a service — a single song to download as needed, as opposed to a physical CD to buy in a store — and the cloud will have the same impact on IT. While end users may never even know that the application they're using is coming from the cloud, IT will be completely transformed, and the business as a whole will have an entirely new way of viewing, using and paying for technology.
"Companies that are smart are taking a look at the varied aspects of cloud and pushing certain applications up (into the cloud) and those that need unique distinguishing characteristics they push down (into the traditional data center environment)," says Doug Neal, co-author of the report Doing Business in the Cloud - Implications for Cost, Agility and Information, and research fellow with CSC's Leading Edge Forum Executive Programme. "IT has to realize that it's in kind of a precarious position. It can either accelerate this change and gain great glory or they can sit back in denial and just atrophy."
"The most important value the cloud brings is not lower costs," Neal's report states. "It is improved agility, not just for IT, but for the business as a whole."
That agility comes from the option to offload any aspect of a company's IT infrastructure to an outside provider, paying only for the services you need as you need them.
As an example, Neal says Eli Lilly used Amazon's EC2 cloud offering to add 50 servers in a matter of days rather than weeks to assist in the development of a new drug. When any delay in a pharmaceutical project can cost $150 per second or more, that's a huge difference.
What's more, when the 50 servers were up and running, Neal says, they quickly discovered they actually needed 250. "But this is Amazon, so they changed 50 to 250 and clicked 'Go,' and ran the whole shebang that day," he says.
And that's the power of the cloud: no provisioning, no waiting, just click, pay, and you're done.
"What the promise of the cloud is, in part, to begin to segment apps so that… for those few times a year I need extra capacity, I reach out to the cloud," Neal says. "So I pay with occasional opex for what [I] used to pay for with capex and, in the process, I could probably double, triple, quadruple the bang I get out of my data center."
It's a real wake-up call for IT, promising to remove the barriers between CPUs and the services that depend on them. Think of it like Moore's Law — every 18 months, you should be able to double the level of cloud-based services you can offer - or like a RAID for CPUs: a bunch of cheap servers that can be provisioned as needed to handle any load.
Even if a server or two fails, it doesn't matter: everything just fails over as needed to the next available processor, and all that matters is the delivery of the service itself. "Failure now becomes a routine way of operating and we just wire around it," Neal says. "Google has hard drives fail on a daily basis, Google has servers fail on a daily basis, and nobody cares."
It's like replacing fine china with paper plates. "Today's leading cloud computing vendors eschew high-end components and use large quantities of the cheapest hardware good enough to do the job," Neal's report states. "They assume some of this hardware will fail, so they use software that can adapt as necessary. This approach offers substantial savings in hardware costs, and even bigger ones with people."
Still, none of this means that you should close down your data center - the cloud is still relatively new, with many variables still waiting to be hammered out. Neal says it may be a decade or more before cloud-based business apps are the norm.
But in the meantime, like cell phones in the third world, the cloud will help many smaller companies access the types of services that used to be available only to the enterprise. "If you're a small or medium sized business, this is the answer to your prayers," Neal says.
The prime objective of India's nuclear energy programme is the development and use of nuclear energy for peaceful purposes such as power generation, applications in agriculture, medicine, industry, research and other areas.
India is today recognized as one of the most advanced countries in nuclear technology including production of source materials. The country is self-reliant and has mastered the expertise covering the complete nuclear cycle from exploration and mining to power generation and waste management. Accelerators and research and power reactors are now designed and built indigenously. The sophisticated variable energy cyclotron at Kolkata and a medium-energy heavy ion accelerator 'pelletron' set up recently at Mumbai are national research facilities in the frontier areas of science.
As part of its programme of peaceful uses of atomic energy, India has also embarked on a programme of nuclear power generation. Currently eight nuclear stations are producing eight billion kilowatt of electricity. Four more nuclear power stations are planned. The new nuclear reactors are designed in India. The peaceful nuclear programme also includes producing radioisotopes for use in agriculture, medicine, industry and research.
