I'm going to preface my comment with the fact that I'm more red team/pentesting and don't really deal with incident response, so my first comment was me going through what I would potentially look for/go after given that type of access.
Are you asking about in a business capacity, or personal capacity? For personal capacity, I would definitely go with the help from a friend. Preferably one in the security field, or even IT field - they likely work with someone that focuses on security that can fill in the blanks and provide sound advice.
Learning for yourself is probably the best option, though. Geek Squad is basically useless. Last I knew of, they just use a bootable CD or USB with antivirus, data recovery, and other basic diagnostic tools. There's a few out there that you can download, burn, and use for free. Scan your stuff, clean what you can, and use a live Linux disc to pull the critical data off and start fresh. Other professional consultations, for just a personal incident such as this, are going to be extremely expensive and really not worth the money, IMHO.
In a business capacity, you should probably definitely have at least have an infosec consultant for a small company, or a dedicated employee/department otherwise.
As the vanilla market opens in northeastern Madagascar this season, some local farmers will earn more money than ever before. With global vanilla prices now hovering around US$500 per kilogram—approximately the price of silver—a farmer’s crop could be worth tens to hundreds of thousands of dollars, in a country with an average income of less than two dollars a day.
Northeastern Madagascar is the center of the world’s vanilla production, generating nearly 80 percent of the global supply. The bean constitutes Madagascar’s largest export. Vanilla (Vanilla planifolia) is an orchid that grows like a vine. Thick and waxy, the vine is punctuated by occasional clusters of white flowers that, if pollinated, will each yield a long, green vanilla bean. The plant has been cultivated in Madagascar since the colonial period, during which time prices paid to vanilla producers were set by the French colonial regime. After the country’s independence in 1960, the new government of Madagascar took over, continuing to set low but predictable producer prices.
Beginning in the mid-1990s, at the insistence of global financial institutions, the Malagasy government deregulated local vanilla markets. (Malagasy is the term for the language and people of Madagascar.) Then in 2000, one of the largest cyclones in the region’s history devastated prime cropland; the resulting scarcity made vanilla prices soar into uncharted territory—about US$300 a kilogram. Rural villagers whose crops survived became rich virtually overnight. But rather than saving or investing the money, many villagers spent their earnings in what they refer to as “hot money” (vola mafana) sprees—buying copious luxuries, drinking heavily, or engaging in other types of profligate spending.
During the vanilla boom in 2000, hot money became a notorious feature of the social landscape in northeastern Madagascar. At the outskirts of town, you might have seen a chameleon traversing the bush with money glued to its back or a man joyously smashing mangoes along a dirt road. An elder neighbor may have tinkered aimlessly with his shiny new motorbike, having no intention of actually learning how to ride it. At the local market, someone dressed in fancy shoes might have stepped on your feet, teasing that he did not do it but rather “the vanilla” did. All across the region, farmers turned to seemingly bizarre ways of divesting themselves of their new wealth.
But less than five years after the 2000 boom, buyers turned to synthetic alternatives just as a wave of new growers joined the market, triggering a crash in the global price of vanilla by simultaneously lowering demand and increasing supply. Local prices dropped to as little as US$5 per kilogram, and vanilla farming once again became associated with meager returns. Farmers sold their motorbikes and mattresses, going back to sleeping on straw beds. Within the past few years, however, reduced supply due to more cyclones coupled with increasing global demand for natural vanilla have created yet another boom. Last year, prices reached up to US$600 per kilogram. No one knows how long this latest boom will last.
These photos show a panther chameleon from northeastern Madagascar (bottom) and a drawing of a panther chameleon made by a resident of Madagascar in an attempt to illustrate how some farmers pasted their money to chameleons during the vanilla boom in 2000 (top).Annah Zhu/George Zhu
I lived in Madagascar as a Peace Corps volunteer in 2010 and the beginning of 2011, and returned again in 2014 and 2015 as a doctoral student to do ethnographic fieldwork. Studying the ups and downs of the local export economy, I interviewed farmers and residents about how they dealt with the cyclical boom and bust. They recalled stories of the extravagant spending that transpired during the vanilla boom in 2000 and the subsequent uptick in the market in 2015. The stories I heard were often thirdhand: someone who saw someone covering a chameleon with cash or handing a fruit vendor a stack of bills after shamelessly smashing his mangoes. These stories were so pervasive that surely some of them were more legend or rumor than truth. Regardless, it was clear that during boom times fast spending was the norm. In fact, more than spending money, it seemed that many people were just trying to get rid of it.
These odd and lavish consumer practices might strike the Western observer as utterly bizarre. But I came to see that there is a certain logic to such profligate spending. Perhaps it is not so crazy after all.
The vanilla market is one of the few ways to make money in northeastern Madagascar. Farmers have been growing vanilla in the region since the mid-19th century, when the plant was introduced from Mexico by French colonists. Remarkably little has changed in vanilla production since that time. Vanilla is grown on small family plots throughout the countryside. With no natural pollinator, vanilla flowers must be pollinated by hand. In 1841, Edmond Albius, a 12-year-old slave from the nearby island of Réunion, invented the pollination technique that made the crop commercially viable. This simple yet labor-intensive procedure, using no more than a splinter to manually pollinate the flowers, is still used today.
Normally, vanilla growing is a rather mundane affair. Farmers awaken each morning to pollinate their crop, eager to not miss the brief half-day window of fertility offered by each flower in bloom. If pollination is successful, the pale white petals will wither and fall within a week, yielding a single green vanilla bean that requires nine months to mature. Farmers either sell the green vanilla at market or cure it themselves to get nearly four times the uncured price. Profits are used for minor purchases, or to pay school fees, and are typically spent within six months. The income supplements a largely subsistence livelihood based on rice cultivation.
During boom times, the vanilla market makes life almost surreal. Paper money inundates the region, transforming impoverished farmers into Malagasy “vanillionaires.” Traveling vanilla traders come to farmers’ huts and unload piles of cash on their beds. In seeing such unseemly sums of money, some farmers allegedly go mad. One farmer, I was told, repeatedly screamed at the large pile of money he had just been paid and then shouted at his entire village to come spend it. Another farmer denied the payment he was offered, exclaiming that the money was too much. Yet another allegedly boiled all of his earnings in a large metal pot, secretly eating it as a type of money soup. He was found, the story goes, dead the next day.
A sign at the airport in Antananarivo, the capital of Madagascar, indicates that transporting vanilla on the plane is prohibited.Brian Klein
Overnight wealth always comes at a price. In the time leading up to the market opening in the summer, northeastern Madagascar transforms into what looks like a crime scene. It is illegal to sell vanilla before the market officially opens. This is meant to control quality (early harvesting compromises the bean) and prevent theft. Theft, however, is rampant. Federal and local police patrol the roads, frisking those passing to check for vanilla or cash. Vigilante groups, taking the law into their own hands, do the same. Farmers sleep in their fields to protect their vanilla. Sometimes this works, sometimes not. Thieves may manage to steal a few beans, a vine, or even an entire crop. Residents in the region share photos on social media of farmers killed by machete while trying to protect their fields. They also post videos of thieves who have been caught and put on public display for their crimes. Beyond public shaming, mob killings of vanilla thieves are not uncommon. A once-quiet village may quickly become overwhelmed by angry villagers seeking the blood of a thief.
In addition to the vanilla beans, large stashes of cash are equally dangerous—and also impractical. For many farmers, it is hard to even imagine what their earnings might buy. For some, it buys a cow or a new roof. For others, there is nothing they need or even want that could possibly absorb such a windfall. The nearest banks are usually a day’s trek away. Holding on to their profit, or taking it to a bank, is an invitation to theft. Both the vanilla, and the cash it earns, can be a liability.
The vanilla market reveals with great clarity the disconnect between production and consumption that characterizes nearly all global markets, although perhaps not always so starkly. On the demand side, few consumers who are drawn to the delicate flavor of vanilla know that it is the fruit of a Malagasy farmer’s morning labor. They likely do not even know that vanilla was once a fruit (myself included, until one of my Malagasy co-workers pointed this out). Vanilla essence is easily synthesized in the laboratory for a fraction of the price of natural vanilla, and studies have shown that in blind taste tests consumers actually prefer synthetic vanilla to its natural alternative. Yet the consumer climate has created a demand for “authentic,” “natural,” and “organic” foods. Those who in all likelihood could not recognize a vanilla vine growing right next to them nonetheless require the flavor in their ice cream.
On the supply side, vanilla growers and curers in Madagascar have little knowledge of its ultimate use overseas, and they rarely use it themselves. To my great surprise, those I talked to in northeastern Madagascar consistently maintained that they were not certain what their vanilla ends up becoming. When I explained that vanilla is used as a flavor and fragrance, they nodded as though they had heard that before but did not entirely believe it. Rather than this mundane explanation, Malagasy producers have been known to speculate that vanilla is the vital ingredient in much more pivotal products, such as dynamite or tires. As ridiculous as these rumors might sound, they allow Malagasy producers to imagine their labor as contributing to essential global production processes rather than niche markets in taste and smell.
These Malagasy men are heating green vanilla beans in water that is just under boiling temperature to initiate the curing process.Annah Zhu
My friends and family back in the United States balk when I tell them about this paradox. How could a vanilla farmer not use the spice himself—or not even know that it is a spice? Likewise, Malagasy people chuckle when I tell them that foreigners who love vanilla really have no idea where it comes from. While both are amused by one another’s ignorance, there is of course a crucial difference: What is for the consumers an indulgence of the most inconsequential kind is for the producers the fundamental basis of their economic livelihood. Luxury consumer impulse at one end of the world sends paper money spitting out into the lives of rural communities at the other end, inaugurating a new generation of hot money spenders in the process.
As bizarre as Madagascar’s hot money spending seems, I have come to think of it as being in fact quite logical. Rather than “primitive” or misguided behavior, hot money spending can be understood as one of an infinite variety of ways to deal with the fleeting abundances occasionally offered by global capitalism. In certain respects, the rural farmer plastering money to chameleons at the side of the road might as well be a Malagasy Jeff Koons (the contemporary artist renowned for his sculptures of giant balloon dogs, one of which sold for nearly US$60 million) performing the excesses of capitalism through avant-garde art. From one vantage point, such practices can be dismissed as ludicrous. But from another, they might be said to honestly reflect the extreme dynamics of the new global economy, where money does not slowly accumulate over time but comes and goes in jarring leaps.
When cash is fleeting, unpredictable, and dangerous, it may be just as logical to treat it as ephemeral and meaningless as to treat it with seriousness and reverence. Extravagant spending deflates the power of money, reinstating autonomy in the face of uncertain times. As strange as it may seem to some, Madagascar’s vanilla-boom profligacy offers a sobering reflection on capitalist development in an era of global financial speculation—what some have aptly termed “casino capitalism.” Far from a system of rational economic progress, the new global economy more closely resembles a high-stakes game of fortunes won and lost. At one end, elite financiers roll the dice on speculative investments, while at the other end, Malagasy “vanillionaires” navigate the resulting booms and busts. Far from the world’s capitalist centers, rural Malagasy farmers must nonetheless ride the waves of today’s speculative economy.
Annah Zhu is a Ph.D. candidate in political ecology at the University of California, Berkeley, where she studies conservation and development in Madagascar from an ethnographic perspective.
Below is the list of all binaries in iOS 12.0 that use Swift. Note that these binaries might contain a single line of Swift code and are not necessarily entirely written in Swift. I used iOS 12.0 (16A366) for iPhone X.
Apple added some new features in iOS 12 and with no surprise the corresponding applications contain some Swift code. This is the case of the ContinuityCamera and Measure apps. Previous existing apps have been updated and some of them contain more Swift code: AppStore, Books, Music, News, SharingViewService and Stocks.
As we can see, Apple is slowly using Swift in more apps with each new iOS release, but the number of these apps is still really limited. Here is a chart showing the evolution of the number of binaries using Swift in iOS (without counting the Swift libraries):
If you believe this to be in error, please confirm below that you are not a robot by clicking "I'm not a robot"
below.
Please make sure your browser supports JavaScript and cookies and
that you are not blocking them from loading. For more information you can review the Terms of Service and Cookie
Policy.
So, anyway, ESET just released that they found the first UEFI rootkit. You can read about it here… , but the short version is that they found an example of a modified version of Computrace/Lo Jack being used to attack a computer.
This is serious, and here are the main bits to know…
(1) Computrace/Lo Jack is a legitimate application that is factory installed into the firmware of nearly every laptop in the world, of all varieties. The idea is that if your laptop gets stolen, you can find it, and/or wipe it remotely. This is obviously good, and useful.
Close followers of my blogs, and posts, will know that I have pointed out that the Kaspersky guys, in 2014, showed how it could be compromised, and that it was therefore a potential problem, even though it is a legit app. This is not a slight against the excellent Lo Jack. All software has a weak underbelly, if you probe hard enough.
This is now proof that I was right.
(2) The perps are probably a Russian hacking group (military, KGB, FSB, or something similar), known by a bunch of names, but I call them Fancy Bear, for no particular reason other than it was the first name I knew them by, and it's a neat name. These are the same guys that (probably) broke into a factory in Taiwan in Feb 2018, and modified firmware in a bunch of computers, headed for the German government. If you are a suspicious soul, like me, you probably think this is not their only rodeo.
(3) The perps used a legitimate, and scary powerful tool called RWEverything. This is new to me, but the nub of the matter is that it is a legitimately signed driver that, seemingly, can read or write everything in firmware. This is obviously powerful, and cool, as long as it is used for good.
(4) So far, we have not found an exact match for the samples in their report in our collection, but we have _many_ variants of Lo Jack. They may be all innocent, or … maybe not. We are still looking and thinking.
(5) We still have six variants of the Lenovo rootkit, that no one detects (well, one product detects one variant, but that’s approaching zero from a stats perspective… one out of 360). This may/probably mean they are extinct, or ... maybe not…
(6) Interestingly, the modus operandi of the Lenovo rootkit and the modified Lo Jacks, are _remarkably_ similar. This might be pure coincidence… or … maybe something else.
Bottom line is that we have many variants of Computrace/Lo Jack that need to be examined, and many Lenovo rootkit variants that need to be examined.
And we have other things that look suspicious.
It would be really helpful to get more firmware samples, and it's geeky, but some How To instructions can be found here
All this, combined with what we have found about certificates being expired, or marked "Do not trust", or "Do not ship", which you can read about here suggests to me that we are on dangerous, shaky, and new, ground.
“So you think you know every country in the world?” my late friend and drumming partner Richard Feynman said with a twinkle in his eye, back in 1977.“Well, then, whatever happened to Tannu Tuva?”
I replied, “Surely you’re joking, Mr. Feynman—there is no such country!”
But there was: Feynman remembered Tuva as a purple splotch on the map just outside of Outer Mongolia. In the 1930s Tuva issued dozens of marvelous triangular- and diamond-shaped stamps that he collected as a boy. Then the country mysteriously disappeared.
His question turned into a quest—to learn everything we could about Tuva, and to get there ourselves. On the occasion of Google's 20th anniversary this month, I've been thinking about how different our search was then compared to today.
Back then our main source of information was libraries—local, university, even the Library of Congress. Much of the information was in Russian (Tuva had been absorbed into Stalin’s Soviet Union during World War II), so we recruited a linguistic wizard named Glen Cowan to help. (Today you can use Google Translate.) We scoured card catalogs, microfilm reels, cross-library listings—and books that literally needed the dust blown off—in hopes of finding a useful nugget of information. Each nugget, rare and unexpected, delivered a small delight of discovery, and kept our quest alive.
Search for “Tuva” today on Google and you’ll be showered with so many nuggets that you can’t possibly treasure them all.
Back then it took us months to find a single grainy black-and-white photograph of Tuva; search for “images Tuva” on Google today and you’ll find a hundred color photographs in a second.
Back then it took us a year to find a single hand-drawn map of Tuva’s exotically spelled capital; today, you can instantly see a detailed street map of Kyzyl based on satellite imagery, with current traffic conditions.
Because information about Tuva was so difficult to find in the pre-Internet era, our quest was full of twists—much like a Feynman diagram (go ahead, search!). One twist took us to Moscow, where Cowan and I discovered and then brought the largest archaeological and ethnographic exposition ever from the Soviet Union to the United States. It included spectacular items from Tuva, of course. We thought the Nomads exhibition would provide us the key to finally setting foot in Kyzyl; it actually was the key for a dozen Soviet academicians to visit the mysterious Disneyland. No matter: we learned the meaning of the Taoist saying, “The reward is in the journey.”
Undaunted, we spread our enthusiasm by sending out Xeroxed newsletters to our friends, encouraging them to pass them on and send back SASEs (self-addressed stamped envelopes) for future newsletters. We also set up a “Friends of Tuva hotline” (221-TUVA) to spread the latest information about the singing cowboys from Tuva riding in the 1993 Pasadena Tournament of Roses Parade. Each Tuvan cowboy could sing two notes simultaneously, something we could scarcely imagine when we read about it in books; today, YouTube has dozens of “Tuvan throatsinging” music videos, and the “Friends of Tuva” newsletters are online.
Sadly, Feynman died in 1988, just weeks before receiving the coveted formal invitation that would allow us to set foot in Tuva at last. But his memory lives on, here and in the land of his dreams. Today, you can find an article online about “Feynman Rock” in Tuva, carved to commemorate the centenary of Feynman’s birth in May this year. At a related event in Kyzyl, Cowan gave a talk in Russian about the work that won Feynman the Nobel Prize, while a simultaneous commemoration live-streamed into Kyzyl from Caltech.
We’re pleased to announce the delivery of Kubernetes 1.12, our third release of 2018!
Today’s release continues to focus on internal improvements and graduating features to stable in Kubernetes. This newest version graduates key features such as security and Azure. Notable additions in this release include two highly-anticipated features graduating to general availability: Kubelet TLS Bootstrap and Support for Azure Virtual Machine Scale Sets (VMSS).
These new features mean increased security, availability, resiliency, and ease of use to get production applications to market faster. The release also signifies the increasing maturation and sophistication of Kubernetes on the developer side.
Let’s dive into the key features of this release:
Introducing General Availability of Kubelet TLS Bootstrap
We’re excited to announce General Availability (GA) of Kubelet TLS Bootstrap. In Kubernetes 1.4, we introduced an API for requesting certificates from a cluster-level Certificate Authority (CA). The original intent of this API is to enable provisioning of TLS client certificates for kubelets. This feature allows for a kubelet to bootstrap itself into a TLS-secured cluster. Most importantly, it automates the provision and distribution of signed certificates.
Before, when a kubelet ran for the first time, it had to be given client credentials in an out-of-band process during cluster startup. The burden was on the operator to provision these credentials. Because this task was so onerous to manually execute and complex to automate, many operators deployed clusters with a single credential and single identity for all kubelets. These setups prevented deployment of node lockdown features like the Node authorizer and the NodeRestriction admission controller.
To alleviate this, SIG Auth introduced a way for kubelet to generate a private key and a CSR for submission to a cluster-level certificate signing process. The v1 (GA) designation indicates production hardening and readiness, and comes with the guarantee of long-term backwards compatibility.
Alongside this, Kubelet server certificate bootstrap and rotation is moving to beta. Currently, when a kubelet first starts, it generates a self-signed certificate/key pair that is used for accepting incoming TLS connections. This feature introduces a process for generating a key locally and then issuing a Certificate Signing Request to the cluster API server to get an associated certificate signed by the cluster’s root certificate authority. Also, as certificates approach expiration, the same mechanism will be used to request an updated certificate.
Support for Azure Virtual Machine Scale Sets (VMSS) and Cluster-Autoscaler is Now Stable
Azure Virtual Machine Scale Sets (VMSS) allow you to create and manage a homogenous VM pool that can automatically increase or decrease based on demand or a set schedule. This enables you to easily manage, scale, and load balance multiple VMs to provide high availability and application resiliency, ideal for large-scale applications that can run as Kubernetes workloads.
Configurable pod process namespace sharing is moving to beta, meaning users can configure containers within a pod to share a common PID namespace by setting an option in the PodSpec.
Taint node by condition is now in beta, meaning users have the ability to represent node conditions that block scheduling by using taints.
Arbitrary / Custom Metrics in the Horizontal Pod Autoscaler is moving to a second beta to test some additional feature enhancements. This reworked Horizontal Pod Autoscaler functionality includes support for custom metrics and status conditions.
Vertical Scaling of Pods is now in beta, which makes it possible to vary the resource limits on a pod over its lifetime. In particular, this is valuable for pets (i.e., pods that are very costly to destroy and re-create).
Encryption at rest via KMS is now in beta. This adds multiple encryption providers, including Google Cloud KMS, Azure Key Vault, AWS KMS, and Hashicorp Vault, that will encrypt data as it is stored to etcd.
If you’re interested in exploring these features more in depth, check back next week for our 5 Days of Kubernetes series where we’ll highlight detailed walkthroughs of the following features:
Day 1 - Kubelet TLS Bootstrap
Day 2 - Support for Azure Virtual Machine Scale Sets (VMSS) and Cluster-Autoscaler
Day 3 - Snapshots Functionality
Day 4 - RuntimeClass
Day 5 - Topology Resources
Release team
This release is made possible through the effort of hundreds of individuals who contributed both technical and non-technical content. Special thanks to the release team led by Tim Pepper, Orchestration & Containers Lead, at VMware Open Source Technology Center. The 36 individuals on the release team coordinate many aspects of the release, from documentation to testing, validation, and feature completeness.
As the Kubernetes community has grown, our release process represents an amazing demonstration of collaboration in open source software development. Kubernetes continues to gain new users at a rapid clip. This growth creates a positive feedback cycle where more contributors commit code creating a more vibrant ecosystem. Kubernetes has over 22,000 individual contributors to date and an active community of more than 45,000 people.
Project Velocity
The CNCF has continued refining DevStats, an ambitious project to visualize the myriad contributions that go into the project. K8s DevStats illustrates the breakdown of contributions from major company contributors, as well as an impressive set of preconfigured reports on everything from individual contributors to pull request lifecycle times. On average, 259 different companies and over 1,400 individuals contribute to Kubernetes each month. Check out DevStats to learn more about the overall velocity of the Kubernetes project and community.
User Highlights
Established, global organizations are using Kubernetes in production at massive scale. Recently published user stories from the community include:
Sling TV, a live TV streaming service, uses Kubernetes to enable their hybrid cloud strategy and deliver a high-quality service for their customers.
ING, a Dutch multinational banking and financial services corporation, moved to Kubernetes with the intent to eventually be able to go from idea to production within 48 hours.
Is Kubernetes helping your team? Share your story with the community.
Ecosystem Updates
CNCF recently released the findings of their bi-annual CNCF survey, finding that the use of cloud native technologies in production has grown over 200% within the last six months.
CNCF expanded its certification offerings to include a Certified Kubernetes Application Developer exam. The CKAD exam certifies an individual’s ability to design, build, configure, and expose cloud native applications for Kubernetes. More information can be found here.
CNCF added a new partner category, Kubernetes Training Partners (KTP). KTPs are a tier of vetted training providers who have deep experience in cloud native technology training. View partners and learn more here.
CNCF also offers online training that teaches the skills needed to create and configure a real-world Kubernetes cluster.
Kubernetes documentation now features user journeys: specific pathways for learning based on who readers are and what readers want to do. Learning Kubernetes is easier than ever for beginners, and more experienced users can find task journeys specific to cluster admins and application developers.
KubeCon
The world’s largest Kubernetes gathering, KubeCon + CloudNativeCon is coming to Shanghai from November 13-15, 2018 and Seattle from December 10-13, 2018. This conference will feature technical sessions, case studies, developer deep dives, salons and more! Register today!
Webinar
Join members of the Kubernetes 1.12 release team on November 6th at 10am PDT to learn about the major features in this release. Register here.
Get Involved
The simplest way to get involved with Kubernetes is by joining one of the many Special Interest Groups (SIGs) that align with your interests. Have something you’d like to broadcast to the Kubernetes community? Share your voice at our weekly community meeting, and through the channels below.
Thank you for your continued feedback and support.
ESET researchers have shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe
UEFI rootkits are widely viewed as extremely dangerous tools for implementing cyberattacks, as they are hard to detect and able to survive security measures such as operating system reinstallation and even a hard disk replacement. Some UEFI rootkits have been presented as proofs of concept; some are known to be at the disposal of (at least some) governmental agencies. However, no UEFI rootkit has ever been detected in the wild – until we discovered a campaign by the Sednit APT group that successfully deployed a malicious UEFI module on a victim’s system.
The discovery of the first in-the-wild UEFI rootkit is notable for two reasons.
First, it shows that UEFI rootkits are a real threat, and not merely an attractive conference topic.
And second, it serves as a heads-up, especially to all those who might be in the crosshairs of Sednit. This APT group, also known as APT28, STRONTIUM, Sofacy and Fancy Bear, may be even more dangerous than previously thought.
Our analysis of the Sednit campaign that uses the UEFI rootkit was presented September 27 at the 2018 Microsoft BlueHat conference and is described in detail in our “LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group” white paper. In this blog post, we summarize our main findings.
The Sednit group has been operating since at least 2004, and has made headlines frequently in past years: it is believed to be behind major, high profile attacks. For instance, the US Department of Justice named the group as being responsible for the Democratic National Committee (DNC) hack just before the US 2016 elections. The group is also presumed to be behind the hacking of global television network TV5Monde, the World Anti-Doping Agency (WADA) email leak, and many others. This group has a diversified set of malware tools in its arsenal, several examples of which we have documented previously in our Sednit white paper from 2016.
Our investigation has determined that this malicious actor was successful at least once in writing a malicious UEFI module into a system’s SPI flash memory. This module is able to drop and execute malware on disk during the boot process. This persistence method is particularly invasive as it will not only survive an OS reinstall, but also a hard disk replacement. Moreover, cleaning a system’s UEFI firmware means re-flashing it, an operation not commonly done and certainly not by the typical user.
Our research has shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe.
LoJack becomes LoJax
In May 2018, an Arbor Networks blog post described several trojanized samples of Absolute Software’s LoJack small agent, rpcnetp.exe. These malicious samples communicated with a malicious C&C server instead of the legitimate Absolute Software server, because their hardcoded configuration settings had been altered. Some of the domains found in LoJax samples have been seen before: they were used in late 2017 as C&C domains for the notorious Sednit first-stage backdoor, SedUploader. Because of this campaign’s malicious usage of the LoJack small agent, we call this malware LoJax.
LoJack is anti-theft software. Earlier versions of this agent were known as Computrace. As its former name implies, once the service was activated, the computer would call back to its C&C server and its owner would be notified of its location if it had gone missing or been stolen. Computrace attracted attention from the security community, mostly because of its unusual persistence method. Since this software’s intent is to protect a system from theft, it is important that it resists OS re-installation or hard drive replacement. Thus, it is implemented as a UEFI/BIOS module, able to survive such events. This solution comes pre-installed in the firmware of a large number of laptops manufactured by various OEMs, waiting to be activated by their owners.
While researching LoJax, we found several interesting artifacts that led us to believe that these threat actors might have tried to mimic Computrace’s persistence method.
Patching SPI flash memory with malware
On systems that were targeted by the LoJax campaign, we found various tools that are able to access and patch UEFI/BIOS settings. All used a kernel driver, RwDrv.sys, to access the UEFI/BIOS settings. This kernel driver is bundled with RWEverything, a free utility available on the web that can be used to read information on almost all of a computer’s low-level settings, including PCI Express, Memory, PCI Option ROMs, etc. As this kernel driver belongs to legitimate software, it is signed with a valid code-signing certificate.
Three different types of tool were found alongside LoJax userland agents. The first one is a tool dumping information about low level system settings to a text file. Since bypassing a platform’s protection against illegitimate firmware updates is highly platform-dependent, gathering information about a system’s platform is crucial. The purpose of the second tool was to save an image of the system firmware to a file by reading the contents of the SPI flash memory where the UEFI/BIOS is located. The third tool’s purpose was to add a malicious UEFI module to the firmware image and write it back to the SPI flash memory, effectively installing the UEFI rootkit on the system. This patching tool uses different techniques either to abuse misconfigured platforms or to bypass platform SPI flash memory write protections. As illustrated in the next figure, if the platform allows write operations to the SPI flash memory, it will just go ahead and write to it. If not, it actually implements an exploit against a known vulnerability.
The UEFI rootkit added to the firmware image has a single role: dropping the userland malware onto the Windows operating system partition and make sure that it is executed at startup.
How to protect yourself?
Sednit’s UEFI rootkit is not properly signed, so the first security mechanism that could have blocked such an attack is Secure Boot. When Secure Boot is enabled, each and every firmware component that is loaded by the firmware needs to be properly signed, thus ensuring the integrity of the firmware. We strongly suggest that you enable it. This is the base defense against attacks targeting UEFI firmware and can be enabled at boot time through your system’s UEFI settings.
Updating system firmware should not be something trivial for a malicious actor to achieve. There are different protections provided by the platform to prevent unauthorized writes to system SPI flash memory. The tool described above is able to update the system’s firmware only if the SPI flash memory protections are vulnerable or misconfigured. Thus, you should make sure that you are using the latest available UEFI/BIOS available for your motherboard. Also, as the exploited vulnerability affects only older chipsets, make sure that critical systems have modern chipsets with the Platform Controller Hub (introduced with Intel Series 5 chipsets in 2008).
Unfortunately for the ambitious end user, updating a system’s firmware is not a trivial task. Thus, firmware security is mostly in the hands of UEFI/BIOS vendors. The security mechanisms provided by the platform need to be configured properly by the system firmware in order to actually protect it. Firmware must be built from the ground up with security in mind. Fortunately, more and more security researchers are looking at firmware security, thus contributing to improving this area and raising awareness among UEFI/BIOS vendors.
Remediation of a UEFI firmware-based compromise is a hard problem. There are no easy ways to automatically remove such a threat from a system. In the case we described above: in order to remove the rootkit, the SPI flash memory needs to be reflashed with a clean firmware image specific to the motherboard. This is a delicate operation that must be performed manually. It is definitely not a procedure that most computer owners are familiar with. The only alternative to reflashing the UEFI/BIOS is to replace the motherboard of the compromised system outright.
The links with the Sednit APT group
As mentioned above, some of the LoJax small agent C&C servers were used in the past by SedUploader, a first-stage backdoor routinely used by Sednit’s operators. Also, in cases of LoJax compromise, traces of other Sednit tools were never far away. In fact, systems targeted by LoJax usually also showed signs of these three examples of Sednit malware:
SedUploader, a first-stage backdoor
XAgent, Sednit’s flagship backdoor
Xtunnel, a network proxy tool that can relay any kind of network traffic between a C&C server on the Internet and an endpoint computer inside a local network
These facts allow us to attribute LoJax with high confidence to the Sednit group.
In conclusion
Through the years we’ve spent tracking of the Sednit group, we have released many reports on its activities, ranging from zero-day usage to custom malware it has developed, such as Zebrocy. However, the UEFI rootkit component described above is in a league of its own.
The LoJax campaign shows that high-value targets are prime candidates for the deployment of rare, even unique threats and such targets should always be on the lookout for signs of compromise. Also, one thing that this research taught us is that it is always important to dig as deep as you can go!
At least 700,000 Rohingya have fled violence in the country in the past 12 months.
The move by MPs in the House of Commons came a day after Prime Minister Justin Trudeau said that parliament was reconsidering whether Ms Suu Kyi still deserved the honour of citizenship.
But Mr Trudeau also said the move would not end the plight of hundreds of thousands of Rohingya people, a Muslim minority which is stateless in majority-Buddhist Myanmar.
In 2007 Canada granted honorary citizenship to Ms Suu Kyi, just one of six people to be so recognised.
Honorary citizenship has been conferred in Canada by a joint resolution of both houses of parliament. Canadian officials told Reuters it must be formally removed the same way.
"Now the machinery of government will actually chew over the details of what specifically is required to implement," he said.
Earlier this month, the House of Commons unanimously adopted a motion to recognise the crimes against the Rohingya as an act of genocide.
In 2015, Ms Suu Kyi became Myanmar State Counsellor, the de facto head of the country's civilian administration, following a democratic opening in Myanmar.
Since last year, at least 700,000 Rohingyas have fled Myanmar after the army launched a brutal crackdown in response to attacks by a Rohingya militant group.
Ms Suu Kyi has faced international pressure to condemn the army's alleged brutality. However, she has refused to do so.
The military still holds immense power in the country and controls three key ministries - home affairs, border affairs and defence.
The last time Ms Suu Kyi spoke to the BBC in April 2017, she said: "I think ethnic cleansing is too strong an expression to use for what is happening."
Top 10: JavaScript, Java, Python, Ruby, Php, C++, C#, C, Go reference
Others: Crystal, Rust, Swift, Mono, Elixir, Perl, R, Julia, D
This code performs a recursive fibonacci to the 46th position with the result of 2,971,215,073.
All tests are run on:
iMac (Retina 5K, 27-inch, Late 2015)
OS: macOS High Sierra 10.13.6
Processor: 3.2 GHz Intel Core i5
Memory: 16 GB 1867 MHz DDR3
Last benchmark was ran on September 25th, 2018
Natively compiled, statically typed
Language
Time, s
Compile
Run
Nim
4.622
nim cpp -d:release fib.nim
time ./fib
Crystal
5.687
crystal build --release fib.cr
time ./fib
C++
5.751
g++ -O3 -o fib fib.cpp
time ./fib
C
6.258
gcc -O3 -o fib fib.c
time ./fib
Rust
6.567
rustc -O fib.rs
time ./fib
D
6.993
ldc2 -O3 -release -flto=full -of=fib fib.d
time ./fib
Swift
10.307
swiftc -O -g fib.swift
time ./fib
Go
10.600
go build fib.go
time ./fib
NOTE: Swift and Go do not seem to use Tail Call Optimization so this may be why they are showing up as twice as slow.
Thank you Ammrage for pointing this out.
VM compiled bytecode, statically typed
Language
Time, s
Compile
Run
Java
7.447
javac Fib.java
time java Fib
C#
7.874
dotnet build -c Release -o ./bin
time dotnet ./bin/fib.dll
C# (Mono)
12.596
mcs fib.cs
time mono fib.exe
VM compiled before execution, mixed/dynamically typed
Language
Time, s
Run
Dart
10.467
time dart fib.dart
Julia
10.799
time julia fib.jl
Node
18.874
time node fib.js
Elixir
69.101
time elixir fib.exs
NOTE: These languages include compilation time which should be taken into consideration when comparing.
Interpreted, dynamically typed
Language
Time, s
Run
Ruby
195.601
time ruby fib.rb
Php
206.346
time php fib.php
Python
502.036
time python fib.py
Python3
758.681
time python3 fib.py
Perl
1133.131
time perl fib.pl
R
1796.495
time r -f fib.r
Optimized code that breaks the benchmark
The following code examples use techniques that break the benchmark. They do not perform the same internal tasks as the other examples
so are not a good apples to apples comparisons. It demonstrates that all benchmarks will have some caveat.
Language
Time, s
Compile
Run
Go (mem)
0.005*
go build -o fib fib-mem.go
time ./fib
Nim (mem)
0.006*
nim cpp -d:release fib_mem.nim
time ./fib_mem
C++ (constexpr)
0.086*
g++-8 -O3 -o fib fib-constexpr.cpp
time ./fib
Node (mem)
0.112*
time node fib-mem.js
NOTE:
The C++ (constexpr) is using a constexpr which optimizes the recursive call to a constant. It was provided by Ole Christian Eidheim.
The Go (mem) is using memoization. It was provided by Alexander F. Rødseth.
The Node (mem) is another example using memoization. It was provided by YSTYLE-L.X.Y
The Nim (mem) version is provided by PMunch
Versions
go version go1.11 darwin/amd64
g++-8 (Homebrew GCC 8.2.0) 8.2.0
crystal Crystal 0.26.1 (2018-08-27) LLVM: 6.0.1
g++ Apple LLVM version 10.0.0 (clang-1000.11.45.2)
gcc Apple LLVM version 10.0.0 (clang-1000.11.45.2)
nim Nim Compiler Version 0.18.0 [MacOSX: amd64]
swiftc Apple Swift version 4.2 (swiftlang-1000.11.37.1 clang-1000.11.45.1)
rustc 1.29.0
javac 10.0.1
mcs Mono C# compiler version 5.12.0.226
dotnet 2.1.4
dart Dart VM version: 2.0.0 (Fri Aug 3 10:53:23 2018 +0200)
Unfortunately, our website is currently unavailable in most European countries. We are engaged on the issue and committed to looking at options that support our full range of digital offerings to the EU market. We continue to identify technical compliance solutions that will provide all readers with our award-winning journalism.
In a fenced enclosure amid the red-orange sand and sparse vegetation of remote New South Wales, newly released burrowing bettongs—small marsupials that look like a mix between a rat and a miniature kangaroo—used to spend their time blithely lounging around. They were so naive that they approached humans without hesitation and kept their heads down as they ate. “They showed absolutely zero vigilance behavior,” potentially making them easy meals for feral cats and other predators, says ecologist Rebecca West at the University of New South Wales.
A year later bettongs in the same community made a fast exit when humans—or cats—approached, and monitored their surroundings while eating. The difference? These tiny marsupials had been to predator boot camp.
This tough-love training is part of a new approach that incorporates predator-prey relationships into conservation efforts—including those aimed at rebuilding populations of native Australian mammals decimated by the cats, foxes and rabbits that European settlers introduced. Animals for such efforts come from isolated or captive populations, so they do not grow up learning to recognize predators or predatory behaviors. This so-called prey naivete makes them easy pickings when they are released into the wild, or even into semi-wild enclosures, in the case of the bettongs. Previous studies have found survival rates as low as 11 percent for captive-bred marsupials such as these when they are introduced into the wild.
West and her team are developing the bettong boot camps through a research project called Wild Deserts. It aims to train captive-bred bettongs and other once-abundant Australian mammals to fear predators by exposing them to feral cats in specially designed 20-square-kilometer enclosures, which are themselves within a 104-square-kilometer fenced-off section of Sturt National Park in the arid northwestern corner of New South Wales state.
The effort is not just a matter of Aussie fauna pride. Bettongs and other small animals play important roles in the ecosystem; as they dig their burrows they churn up the soil, redistributing key nutrients. Water and seeds gather in the holes they dig, which helps native plants germinate, and the burrows help provide shelter to other animals.
Captive-bred animals are already handicapped for survival in the wild because of their unfamiliarity with the environment and—especially in a place like Australia—because they have evolved over millennia to deal with indigenous predators, not ones imported within a century or two like feral cats. Previous attempts to teach captive-bred animals to avoid predators have been conducted in controlled settings, such as a lab. They involved, for example, exposing the animals to taxidermied cats and simulated attacks. But those simulations do not capture all the behaviors that might be involved with natural predator encounters. That leaves captive-bred animals unprepared, says Doug Armstrong, a conservation biologist at Massey University in New Zealand who chairs the Oceania reintroduction specialist group at the International Union for the Conservation of Nature.
In the wild, by contrast, bettongs and other mammals witness members of their community actually becoming a fox’s dinner—an experience that turns out to be a pretty valuable teaching tool. “You want a bettong to watch its mate get eaten by a cat and think, ‘Oh, geez, cats are scary,’” West says.
That’s where West’s enclosures come in. They provide a way to put the bettongs through these teaching moments in a setting that can be managed—yet is still more natural than a lab or predator-free fenced area. The work is building on a test of the concept described in the Journal of Applied Ecology last year, in which West and her co-researchers showed that captive-bred bettongs can learn survival skills. Two groups of bettongs were placed in separate 26-square-kilometer fenced enclosures. Feral cats were then added to one enclosure but not the second. Cats killed two bettongs in the first enclosure—and the researchers found that their fellows’ behavior became generally warier over the course of a year. The control group’s did not. Subsequent generations of the test group are also avoiding cats, which indicates parents are passing the relevant behaviors along to their offspring.
West is now scaling up from that initial trial to refine the boot camp method. She wants to figure out how long it takes for bettongs exposed to one predator to learn to avoid another in a new environment. She also hopes to determine how many cats, for example, they have to meet up with before they to learn to be suspicious of all cats. And finally, West wants to see if naive bettongs can learn from boot camp graduates.
Armstrong, who is not involved in the boot camp project, cautions that the very nature of such animal reintroductions means grappling with uncertainty. “Just imagine you’ve had a species absent from an area for some time, so you’ve never observed that species in that particular location—and that location has changed in a whole range of ways,” he says.West and her team have already come across some surprises, such as an exploding population of the threatened plains mouse in the partially protected setting of the boot camp enclosures. This could give cats another source of prey, and could alter the landscape with the large burrows and nests the mice build.
Perhaps the biggest key to Wild Deserts’ success—and to bringing back the bettongs and other other once-abundant native species—will be finding the right balance of predator and prey that will allow bettongs to thrive in the wild. That information can be used to guide invasive species eradication programs, including ones aimed at feral cats. Even with bettongs that have learned to avoid cats, a density of about 0.2 cats per square kilometer seems to be optimal for coexistence, West says. That number is at the low end of feral cat estimates in Australia at the moment, but it provides a goal at which cat eradication programs can aim. Finding ways for species to sustainably coexist, including teaching predator avoidance, is essential to bringing back Australia’s native animals, West believes. “That’s the only way,” she says, “if we’re really serious that we want to keep these species on the mainland, and to return them to the wider Australian landscape—and not just tiny pockets.”
Hundreds of mountain goats in Olympic National Park, WA have become so addicted to the salt found in human urine and sweat that they are an aggressive menace to national park visitors, charging at hikers and trampling vegetation. They have a taste for salt and minerals in human urine, and sweat on clothes and backpacks, according to officials.
The solution to this problem? Airlift 375 of the non-native grumpy animals to more remote areas closer to their natural habitat where they will be less of a nuisance. The goal of the relocation is to transport 100 goats by September 24, and the rest within the next 12-months. Authorities said they expected to shoot another 300 or so that cannot be caught.
The operation began last week, when crews equipped with tranquiliser darts and nets captured goats from ridges and rocks within the park before being airlifted to a staging area, driven to another part of the North Cascades, and then airlifted in crates before being released back into the wild.
Jesse Plumage, US Forest Service wildlife biologist, said: “Mountain goat relocation will allow these animals to reoccupy historical range areas in the Cascades and increase population viability.”
A mountain goat dangling from a helicopter CREDIT: JESSE MAJOR/THE PENINSULA DAILY NEWS VIA AP
Goats are often blamed for environmental damage, chomping and trampling their way through sensitive vegetation. They were introduced to this area in the 1920s, before the park was established and before sweaty walkers took to strolling the hills, and their numbers have grown steadily since
Park officials urged walkers not to urinate along trails, to avoid turning paths into “long, linear salt licks” and attracting goats.
In 2010, a 63-year-old walker bled to death after being gored by a 370-pound male mountain goat. It had followed within five or six feet of him for as much as a mile, according to rangers at the time.
The sun formed 4.5 billion years ago, but it’s got around 6 billion years more before its fuel runs out. It will then flare up, engulfing the inner planets. And the expanding universe will continue—perhaps forever—destined to become ever colder, ever emptier. To quote Woody Allen, eternity is very long, especially toward the end.
Any creatures witnessing the sun’s demise won’t be human—they’ll be as different from us as we are from a bug. Posthuman evolution—here on Earth and far beyond—could be as prolonged as the Darwinian evolution that has led to us—and even more wonderful. And evolution will speed up; it can happen via “intelligent design” on a technological timescale, operating far faster than natural selection and driven by advances in genetics and in artificial intelligence (AI). The long-term future probably lies with electronic rather than organic “life.”
collision course: The Milky Way and Andromeda galaxies are destined for a collision similar to the one between the NGC 2207 and IC 2163 galaxies, pictured here in a Hubble Space Telescope image.NASA
In cosmological terms (or indeed in a Darwinian time frame) a millennium is but an instant. So let us “fast forward” not for a few centuries, or even for a few millennia, but for an “astronomical” timescale millions of times longer than that. The “ecology” of stellar births and deaths in our galaxy will proceed gradually more slowly, until jolted by the “environmental shock” of an impact with the Andromeda Galaxy, maybe 4 billion years hence. The debris of our galaxy, Andromeda, and their smaller companions—which now make up what is called the Local Group—will thereafter aggregate into one amorphous swarm of stars.
But on the cosmic scale, gravitational attraction is overwhelmed by a mysterious force latent in empty space that pushes galaxies away from each other. Galaxies accelerate away and disappear over a horizon—rather like an inside-out version of what happens when something falls into a black hole. All that will be left in view, after 100 billion years, will be the dead and dying stars of our Local Group. But these could continue for trillions of years—time enough, perhaps, for the long-term trend for living systems to gain complexity and “negative entropy” to reach a culmination. All the atoms that were once in stars and gas could be transformed into structures as intricate as a living organism or a silicon chip—but on a cosmic scale. Against the darkening background, protons may decay, dark matter particles annihilate, occasional flashes when black holes evaporate—and then silence.
In 1979, Freeman Dyson published a now-classic article whose aim was “to establish numerical bounds within which the universe’s destiny must lie.”1 Even if all material were optimally converted into a computer or superintelligence, would there still be limits on how much information could be processed? Could an unbounded number of thoughts be thought? The answer depends on the cosmology. It takes less energy to carry out computations at low temperatures. For the universe we seem to be in, Dyson’s limit would be finite, but would be maximized if the “thinkers” stayed cool and thought slowly.
If the universe stretches far enough, everything could happen—somewhere far beyond our horizon there could even be a replica of Earth.
Our knowledge of space and time is incomplete. Einstein’s relativity (describing gravity and the cosmos) and the quantum principle (crucial for understanding the atomic scale) are the two pillars of 20th-century physics, but a theory that unifies them is unfinished business. Current ideas suggest that progress will depend on fully understanding what might seem the simplest entity of all—“mere” empty space (the vacuum) is the arena for everything that happens; it may have a rich texture, but on scales a trillion trillion times smaller than an atom. According to string theory, each “point” in ordinary space might, if viewed with this magnification, be revealed as a tightly folded origami in several extra dimensions. There are rival theories, but these invoke the same tiny scale.
The same fundamental laws apply throughout the entire domain we can survey with telescopes. Were that not so—were atoms “anarchic” in their behavior—we’d have made no progress in understanding the observable universe. But this observable domain may not be all of physical reality; some cosmologists speculate that “our” big bang wasn’t the only one—that physical reality is grand enough to encompass an entire “multiverse.”
We can only see a finite volume—a finite number of galaxies. That’s essentially because there’s a horizon, a shell around us, delineating the greatest distance from which light can reach us. But that shell has no more physical significance than the circle that delineates your horizon if you’re in the middle of the ocean. Even conservative astronomers are confident that the volume of spacetime within range of our telescopes—what astronomers have traditionally called “the universe”—is only a tiny fraction of the aftermath of the Big Bang. We’d expect far more galaxies located beyond the horizon, unobservable, each of which (along with any intelligences it hosts) will evolve rather like our own.
It’s a familiar idea that if enough monkeys were given enough time, they would write the works of Shakespeare (and indeed all other books, along with every conceivable string of gobbledygook). This statement is mathematically correct. But the number of “failures” that would precede eventual success is a number with about 10 million digits. Even the number of atoms in the visible universe has only 80 digits. If all the planets in our galaxy were crawling with monkeys, who had been typing ever since the first planets formed, then the best they would have done is typed a single sonnet (their output would include short coherent stretches from all the world’s literatures, but no single complete work). To produce a specific set of letters as long as a book is so immensely improbable that it wouldn’t have happened even once within the observable universe. When we throw dice we eventually get a long succession of sixes, but (unless they are biased) we wouldn’t expect to get more than 100 in a row even if we went on for a billion years.
However, if the universe stretches far enough, everything could happen—somewhere far beyond our horizon there could even be a replica of Earth. This requires space to be VERY big—described by a number not merely with a million digits but with 10 to the power of 100 digits: a one followed by 100 zeroes. Ten to the power of 100 is called a googol, and a number with a googol of zeros is a googolplex.
First of four?: The first Copernican revolution moved the Earth out of the center of the solar system. The second recognized that there are many planets in our galaxy, and the third that there are many galaxies in the observable universe. Proving that our universe is one among many would represent a fourth Copernican revolution.History of Science Collections, University of Oklahoma Libraries
Given enough space and time, all conceivable chains of events could be played out somewhere, though almost all of these would occur far out of range of any observations we could conceivably make. The combinatorial options could encompass replicas of ourselves, taking all possible choices. Whenever a choice has to be made, one of the replicas will take each option. You may feel that a choice you make is “determined.” But it may be a consolation that, somewhere far away (far beyond the horizon of our observations) you have an avatar who has made the opposite choice.
All this could be encompassed within the aftermath of “our” big bang, which could extend over a stupendous volume. But that’s not all. What we’ve traditionally called “the universe”—the aftermath of “our” big bang—may be just one island, just one patch of space and time, in a perhaps infinite archipelago. There may have been many big bangs, not just one. Each constituent of this “multiverse” could have cooled down differently, maybe ending up governed by different laws. Just as Earth is a very special planet among zillions of others, so—on a far grander scale—our big bang could have been a rather special one. In this hugely expanded cosmic perspective, the laws of Einstein and the quantum could be mere parochial bylaws governing our cosmic patch. So, not only could space and time be intricately “grainy” on a submicroscopic scale, but also, at the other extreme—on scales far larger than astronomers can probe—it may have a structure as intricate as the fauna of a rich ecosystem. Our current concept of physical reality could be as constricted, in relation to the whole, as the perspective of the Earth available to a plankton whose “universe” is a spoonful of water.
Could this be true? A challenge for 21st-century physics is to answer two questions. First, are there many “big bangs” rather than just one? Second—and this is even more interesting—if there are many, are they all governed by the same physics?
If we’re in a multiverse, it would imply a fourth and grandest Copernican revolution; we’ve had the Copernican revolution itself, then the realization that there are billions of planetary systems in our galaxy; then that there are billions of galaxies in our observable universe. But now that’s not all. The entire panorama that astronomers can observe could be a tiny part of the aftermath of “our” big bang, which is itself just one bang among a perhaps infinite ensemble.
Each “point” in ordinary space might be revealed as a tightly folded origami in several extra dimensions.
At first sight, the concept of parallel universes might seem too arcane to have any practical impact. But it may (in one of its variants) actually offer the prospect of an entirely new kind of computer: the quantum computer, which can transcend the limits of even the fastest digital processor by, in effect, sharing the computational burden among a near infinity of parallel universes.
Fifty years ago, we weren’t sure whether there had been a big bang. My Cambridge mentor Fred Hoyle, for instance, contested the concept, favoring a “steady state” cosmos that was eternal and unchanging. (He was never fully converted—in his later years he espoused a compromise idea that might be called a “steady bang.”) Now we have enough evidence, especially from measurements of the primordial background radiation and the relative abundances of hydrogen, helium, and deuterium created in the first three minutes, to delineate cosmic history back to the ultradense first nanosecond—and to do this with as much confidence as a geologist inferring the early history of Earth. So in 50 more years, it is not overoptimistic to hope that we may have a “unified” physical theory, corroborated by experiment and observation in the everyday world, that is broad enough to describe what happened in the first trillionth of a trillionth of a trillionth of a second—where the densities and energies were far higher than the range in which current theories apply. If that future theory were to predict multiple big bangs we should take that prediction seriously, even though it can’t be directly verified (just as we give credence to what Einstein’s theory tells us about the unobservable insides of black holes, because the theory has survived many tests in domains we can observe).
So we may, by the end of this century, be able to ask whether or not we live in a multiverse, and how much variety its constituent “universes” display. The answer to this question will determine how we should interpret the “biofriendly” universe in which we live (sharing it with any aliens with whom we might one day make contact).
The inside of every cell in our body is like a crowded city, filled with tracks, transports, libraries, factories, power plants, and garbage disposal units. The city’s workers are protein machines, which metabolize food, take out the garbage, or repair...READ MORE
My 1997 book, Before the Beginning speculated about a multiverse.2 Its arguments were partly motivated by the seemingly “biophilic” and fine-tuned character of our universe. This would occasion no surprise if physical reality embraced a whole ensemble of universes that “ring the changes” on the basic constants and laws. Most would be stillborn or sterile, but we would find ourselves in one of those where the laws permitted emergent complexity. This idea had been bolstered by the “cosmic inflation” theory of the 1980s, which offered new insights into how our entire observable universe could have “sprouted” from an event of microscopic size. It gained further serious attention when string theorists began to favor the possibility of many different vacuums—each an arena for microphysics governed by different laws.
I’ve ever since had a close-up view of this shift in opinion and the emergence of these (admittedly speculative) ideas. In 2001, I helped organize a conference on this theme. It took place in Cambridge, but not in the university. I hosted it at my home, a farmhouse on the edge of the city, in a converted barn that offered a somewhat austere location for our discussions. Some years later, we had a follow-up conference. This time the location was very different: a rather grand room in Trinity College, with a portrait of Newton (the college’s most famous alumnus) behind the podium.
The theorist Frank Wilczek (famous for his role, while still a student, in formulating what is called the “standard model” of particle physics) attended both meetings. When he spoke at the second, he contrasted the atmosphere at the two gatherings. He described physicists at the first meeting as ‘fringe’ voices in the wilderness who had for many years promoted strange arguments about conspiracies among fundamental constants and alternative universes. Their concerns and approaches seemed totally alien to the consensus vanguard of theoretical physics, which was busy successfully constructing a unique and mathematically perfect universe. But at the second meeting, he noted that “the vanguard had marched off to join the prophets in the wilderness.”
Some years later, I was on a panel at Stanford University where we were asked by the chairman, the astronomer Bob Kirshner: “On the scale, ‘would you bet your goldfish, your dog, or your life,’ how confident are you about the multiverse concept?” I said that I was nearly at the dog level. Andrei Linde, a Russian cosmologist who had spent 25 years promoting a theory of “eternal inflation” said he’d almost bet his life. Later, on being told this, the eminent theorist Steven Weinberg said he’d happily bet Martin Rees’s dog and Andrei Linde’s life.
Andrei Linde, my dog, and I will all be dead before this is settled. It’s not metaphysics. It’s highly speculative. But it’s exciting science. And it may be true.
Martin Rees is a British cosmologist and astrophysicist. He is also the Astronomer Royal.
SAN FRANCISCO — Opendoor, a start-up that flips homes, attracted attention in June when it announced it had raised $325 million from a long list of venture capitalists. The financing valued the four-year-old company at more than $2 billion.
That was only an appetizer. Three months later, Opendoor has more than doubled its cash pile. On Thursday, the company said it had gotten a $400 million investment from SoftBank’s Vision Fund. The valuation for Opendoor remains the same.
The so-called mega-round for Opendoor was not the Vision Fund’s only major real estate-related deal on Thursday. The firm also co-led a $400 million investment in the high-end brokerage Compass that valued the company at $4.4 billion.
The hauls are part of a race by investors to pour money into technology for real estate, or what Silicon Valley now calls proptech.
Having watched tech start-ups upend old-line industries like taxis and hotels, venture capitalists are casting about for the next area to be infused with software and data. Many have homed in on real estate as a big opportunity because parts of the industry — like pricing, mortgages and building management — have been slow to adopt software that could make business more efficient.
Last year, real estate tech start-ups raised $3.4 billion in funding, a fivefold increase from 2013, according to the start-up data provider CB Insights. One firm, Fifth Wall Ventures, is entirely dedicated to proptech.
“Tech is starting to make inroads to becoming adopted, and it’s opening the eyes of investors,” said Jeffrey Housenbold, a managing director at SoftBank’s Vision Fund.
Until recently, the biggest tech innovations to hit the residential real estate market have come from listing sites like Zillow and Redfin. But the start-ups in the new wave are tackling a wide range of areas — appraisals, building management, financing, co-working, co-living, building amenities and empty retail space.
The Vision Fund, one of the most aggressive investors in real estate tech start-ups, has written large checks to Katerra, a construction company; WeWork, an office rental company; Lemonade, a home insurance start-up; and Oyo Rooms, a hotel company in India.
Mr. Housenbold said SoftBank’s deep pockets — it has $98 billion in cash to spend — might be influencing the market.
“Given the vast amount of attention on the Vision Fund, people have become more curious,” he said.
Opendoor, one of the largest start-ups in the proptech category, gives the Vision Fund an entry into residential housing. The Silicon Valley company was founded in 2014 by the venture capitalist Keith Rabois and Eric Wu, who is Opendoor’s chief executive. With the money from SoftBank, it has raised more than $1 billion from investors including Khosla Ventures and GGV Capital.
Opendoor’s goal is to make moving as simple as the click of a button, according to Mr. Wu. While that remains a far-off reality, the company has simplified the process of selling a home. It uses a combination of data, software and a team of 50 human evaluators to assess a home’s value. If a customer accepts Opendoor’s value for their home, the company will buy the property, charging a 6.5 percent fee on average.
The company said it offers sellers certainty — many conventional home sales fall through — and flexible closing dates, helping them avoid paying double mortgages. It also eliminates the need for a real estate agent. Opendoor employs 100 licensed real estate agents to advise customers if they request it.
Opendoor buys only homes built in 1960 or later, worth $175,000 to $500,000 and not in need of major renovations or repairs. Operating in more than a dozen cities, mostly in the South, it bought $316 million of homes in August, up from around $100 million in January. After some light fixes, it sells the homes in an average of 90 days.
Before its latest cash infusion, Opendoor planned to expand into one new city a month. Now it plans to double that pace. The company said it expects to be in 22 cities in the United States by the end of the year.
Its growth has spawned competitors: OfferPad and Knock offer comparable services to Opendoor, and Zillow and Redfin, which are both publicly traded, have entered the house-flipping market as well.
“For a while, we were literally the only ones doing this because it’s complex,” Mr. Wu said. Size is an advantage, he said: More transactions mean more data to help Opendoor price its offers more accurately, as well as more buying power with local suppliers for renovations.
Mr. Wu said he believed that reducing the annoyances and costs of moving would entice more people to do it, which would increase the size of the market.
“There are a finite number of homes, but if people are moving with more frequency, that increases the liquidity of the supply in the system,” he said.
Opendoor’s business model has not been tested by a major dip in the housing market, causing some skepticism about whether it can work over the long term.
“The vast majority of investors who hear about it initially think it’s a bad idea,” said Stephen Kim, an analyst at Evercore ISI, a market research company. But the skepticism often fades as they realize Opendoor makes money by providing a service to home sellers, rather than on price appreciation, Mr. Kim said. Even if the company breaks even on a sale, the transaction fees are a meaningful business.
Jason Childs, Opendoor’s chief financial officer, said the company’s geographic diversity and 90-day average flips helped shield it from a potential housing market crash. In the housing crash a decade ago, the holders of long-duration assets were affected the worst, he said.
Opendoor’s Phoenix operations are already profitable, excluding the cost of its headquarters in San Francisco, and Dallas is “on the edge of profitability,” said Mr. Childs.
The company’s long-term success relies on its ability to accurately price homes. Half of the people who now get offers from Opendoor sell their home to the company. Opendoor did not provide data on how close its offers were to the ultimate sale price of the homes it did not buy.
In recent months, aided by the promise of cash from SoftBank, Opendoor has also expanded into the business of selling homes directly to customers, instead of going through brokers in the traditional way. It acquired Open Listings, a home shopping site, to offer a service it is calling a “trade-in,” where Opendoor handles the entire buying and selling process for a person or family. That service is now available in Dallas. It also began offering mortgage and title services to buyers.
But Mr. Wu does not foresee one thing going away completely: the job of the real estate agent. Rather, he expects an agent’s work to shift to more of an advisory role, instead of an administrative one.
“The thing that cannot be automated is this notion of advice — what neighborhood, what school district, how much you can afford,” he said. “It’s important to have someone who is an expert alongside you.”
Interested in All Things Tech? Get the Bits newsletter delivered to your inbox weekly for the latest from Silicon Valley and the technology industry.
A version of this article appears in print on , on Page B4 of the New York edition with the headline: Money Pours Into Tech As Real Estate Becomes The Next Hot Property. Order Reprints | Today’s Paper | Subscribe
Your Workers now have access to a low-latency key-value data store which lives inside our network all around the world!
For those who don’t know, Cloudflare Workers is a new type of compute platform, built on top of our global network of 152+ data centers around the world. It allows you to write serverless code which runs in the fabric of the Internet itself, allowing you to engage with your users faster than other platforms can even get a packet to where your code is running. It’s built on a new architecture which eliminates cold starts and dramatically reduces the memory overhead of keeping your code running when compared to a platform like Amazon Lambda.
As powerful as this is, compute is just one component of what you need to build an application, you also need the ability to store data. We evaluated many of the available open source data stores on the market, but ultimately nothing was designed for a world with quite as many distributed nodes as our network. Instead, we have begun releasing our own vision for distributed storage, beginning today.
The Workers KV is a highly distributed, eventually-consistent, key value store. It will allow you to store up to a billion keys and values, and read them with ultra low latency anywhere in the world. It makes it possible to build entire applications with the performance traditionally associated with static content cached by a CDN.
What can I do with Workers KV?
First and foremost, you can build the same types of applications you build today, but in a more fault tolerant and performant way. Reading values from Workers KV is designed to have the same reliability as reading static files, making it much less likely to become unavailable than a traditional database. It’s designed to have the same performance as reading a file cached within our network, close to your users, giving it the speed of serving a static file as well.
That said, we do have some applications which we commonly see as a good entry point into writing code on the network itself. These use-cases combine a serious need for speed with a clean separation from the legacy components of your application which are stuck in a central location (for now!).
Here are just a few of those examples:
API Gateway and Access Tokens
An API Gateway sits between your visitors and your API. It commonly handles tasks which would be redundant, time consuming, or slow to implement in each and every service in your system. This includes tasks like rate limiting, access token validation, and routing. They work together to deliver only authenticated requests directly to the appropriate components of your system. It’s also the perfect entry point to developing code which runs everywhere. When you use Cloudflare Workers as an API Gateway, your access tokens get validated at the Cloudflare data center closest to the customer before the request is securely forwarded to your origin.
In this example your authentication system will store a token when a user logs in. I'm using curl, but the backend code for your system is more likely to use whatever interface it has for making HTTPS requests. This request stores a blob of JSON identifying this token in a Worker KV namespace $NAMESPACE_ID with a key of $TOKEN_ID:
Your Worker code, which runs on every request, will check if the token the user provides matches one you have stored. A single line of code (TOKEN_STORE.get()) pulls the JSON stored above from the Worker KV
addEventListener('fetch', event => {
event.respondWith(handleRequest(event.request))
})
async function handleRequest(request) {
const token = request.headers.get('Authorization')
if (!token)
return new Response("An Authorization header is required", {status: 401})
const tokenInfo = await TOKEN_STORE.get(token, "json")
if (!tokenInfo)
return new Response("Invalid token", {status: 403})
if (Date.parse(tokenInfo.expires) < Date.now())
return new Response(“Token expired”, {status: 403})
request = new Request(request)
request.headers.set("User-Id", tokenInfo.userId)
return fetch(request)
}
A secure authentication system which adds virtually no latency at 1/7th the cost of Amazon API Gateway (with so much more flexibility and power)!
Dynamic Data
Traditionally you’ve had to decide between showing a super fast static site to your visitors, or being able to include dynamic data customizing your site for each visitor. That customization could be showing different products based on the customer’s profile, A/B testing site variants, or even including the customer’s current shopping cart and account information. Rather than waiting for this information to be served from a central database, it’s now possible to store it close to every visitor, delivering a custom page as quickly as you could a static resource.
For example, let’s say we have translations of our site stored as JSON in the KV store. We can dynamically insert this translation data as Javascript into the HTML of our site. In this example our site has a block which looks like this:
<html><head><script>
var TRANSLATION_DATA = TRANSLATION DATA HERE</script></head>
...
</html>
Our worker replaces that text with the content of our translations. You could alternatively use a Javascript templating engine or parse the content of the page to do something like Server-Side Includes.
Workers is a full programming environment, meaning this is just the beginning. We have customers rendering their entire React App inside Workers, fully bootstrapping the data required to render their site.
Configuration
The Workers KV store creates a powerful way to configure your running Workers without having to redeploy them. You might want to implement feature flags to enable or disable features at will, or to dynamically update the data your code uses to make decisions. Workers deploy in under 30 seconds, but it’s common to have more data than can easily fit in Worker code. For example, we have customers interested in using Workers KV to block messages from lost or stolen IoT devices before they ever reach their origin:
addEventListener('fetch', event => {
event.respondWith(handleRequest(event.request))
})
async function handleRequest(request) {
const deviceId = request.headers.get('device-id')
const bannedEntry = await BANNED_DEVICES.get(deviceId)
if (bannedEntry !== null){
return new Response("This device has been banned", {status: 403})
}
return fetch(request)
}
Cloud Functions
One thing we’re excited about when we think about the Workers KV store is the potential for building beyond web applications. There are many situations where developers are looking for an easy way to execute code without worrying about provisioning or maintaining infrastructure. One of the most common cases we see is joining systems together.
For example, one of our customers is planning on using Workers KV to connect their Point of Sale system with their Delivery Service’s API:
// The endpoint we have bound this to is polled periodically
addEventListener('fetch', event => {
event.respondWith(handleRequest(event.request))
})
async function handleRequest(request) {
const orderResp = await fetch(`https://api.pos-system.com/orders/active`, {
headers: {
'Authorization': 'POS_API_KEY'
}
})
const orders = await orderResp.json()
for (var i=0; i < orders.length; i++){
let order = orders[i]
const syncedData = await SYNCED_ORDERS.get(order.id, "json")
// If the order data is newer than the last data we sent to the delivery company,
// update it.
if (syncedData.modifiedAt < order.modifiedAt) {
await fetch(`https://api.delivery-system.com/orders/${ order.id }`, {
method: 'POST',
body: JSON.stringify(order),
headers: {
'Content-Type': 'application/json',
'Authorization': 'DELIVERY_API_KEY'
}
})
await SYNCED_ORDERS.put(order.id, JSON.stringify(order))
}
}
return new Response("👍")
}
Limits and Pricing
Workers KV is launching today in a limited beta. As we get feedback and operational experience we will be relaxing our storage limits and granting access to more users. While we may have more restrictive limits during beta, you can design your applications around the following characteristics:
Up to 1 billion keys per namespace
Keys of up to 2 kB
Values of up to 64 kB
Eventually consistent, global consistency within 10 seconds
100k+ reads per second per key
Up to one write per second per key
We worked hard to make the pricing of Workers KV easy to understand and affordable for virtually any use case. Your $5 monthly Workers compute minimum includes 1 GB of KV storage and up to 10 million KV reads. If you use less than the 10 million included Worker requests now, you can use KV without paying a single cent more.
Beyond the minimums, Workers KV is billed at $0.50 per GB-month of additional storage and $0.50 per million additional KV reads.
To get beta access sign up here, we can’t wait to see what you build!
The experiment is carried out with the magnetic nozzle rf plasma thruster having two open source exits on the left- and right-hand sides. The thruster comprises a 6.5-cm-inner-diameter 20-cm-long glass tube, two solenoids (axially centered at z = ±8.1 cm), and a rf antenna, the whole being attached to a pendulum thrust balance immersed in a 1 m diameter, 2 m long vacuum chamber. A schematic of the setup is shown in Fig. 2a. Argon gas is introduced from two gas inlets on the side wall of the source tube at z = ±5 cm with a total mass flow rate of 100 sccm, where the mass flow rates from the left and right inlets (CArL and CArR) are individually controlled by two mass flow controllers. Two solenoids located near the two open source exits provide a magnetic field and the field configuration can be changed via the dc solenoid currents (IBL, IBR) as shown by the calculated magnetic field in Fig. 2b. A shielded double-turn rf loop antenna36 is situated at the axial center of the source tube (defined as z = 0) and powered from a 13.56 MHz, 1 kW rf generator; the power is primarily coupled to the electrons that ionise the argon gas by electron impact producing a high density plasma. Axial forces are imparted to the mechanical and magnetic structures of the thruster via momentum transfer by the ions interacting with the radial wall37 and by the Lorentz force on the magnetic field due to the plasma-induced electric current23,24,38,39. The thrust force exerted on the thruster by the plasma is obtained by measuring the displacement induced by the plasma ejection19. A 45-cm-diameter pendulum target plate simulating the debris is suspended from a pivot located at z = 35.9 cm downstream from and to the right of the thruster, and the force exerted on the target plate is obtained from its measured displacement combined with a calibration coefficient relating the displacement to the force40. The direction of both the forces and the displacements is defined as positive for the rightward direction with the detailed procedures for calibration of the two force measurements described in the Method section. An ion saturation current from an axially-movable and radially-facing Langmuir probe, which is proportional to a plasma density, is measured in addition to taking an image from a vacuum view port on the chamber side wall using a digital camera (where it should be mentioned that the target plate is not set in the chamber when taking the Langmuir probe data).
Figure 2
(a) Schematic diagram of the experimental setup, together with the calculated magnetic field lines for the (IBL, IBR) = (8 A, 8 A) Left/Right solenoidal current case. (b) Calculated magnetic field profiles on axis for various combinations of (IBL, IBR). Both the thruster (attached to the pendulum thrust balance) and separated insulating target acting as space debris are immersed in a space simulation chamber. The displacements of the thrust balance and the target plate are simultaneously measured and calibrated into forces (a positive value corresponds to a displacement and force pointing to the right).
Laboratory demonstration of the debris removal concept
Figure 3a shows photographs taken via a vacuum view port on the chamber side wall for solenoid currents of (IBL, IBR) = (8 A, 0 A), (0 A, 8 A), and (8 A, 8 A), with the gas flow rates from the two gas inlets respectively set at 50 sccm yielding a total flow rate of 100 sccm. A brighter plasma plume is seen on the left and right sides for the (IBL, IBR) = (8 A, 0 A) and (0 A, 8 A) cases, respectively, while bi-directional plasma plumes are observed for the symmetric magnetic field configuration of the (IBL, IBR) = (8 A, 8 A) case. The displacement signals of the thrust balance and the target plate for these conditions are shown in Fig. 3b,c, respectively. For the (IBL, IBR) = (8 A, 0 A) and (0 A, 8 A) cases shown at the top and middle of Fig. 3b,c, the thruster moves toward the right and the left respectively, demonstrating that changing the magnetic field configuration engenders the deceleration and acceleration modes respectively, while the target is always pushed towards the right. For equal solenoid currents, (IBL, IBR) = (8 A, 8 A), a symmetric magnetic field configuration is produced; the target plate moves to the right while a zero displacement of the thruster is maintained (bottom panels of Fig. 3b,c). These results show that this bi-directional rf plasma thruster can provide the three operation modes necessary for space debris removal (imparting the force to the debris with a simultaneous zero net force on the thruster).
Figure 3
(a) Photographs taken by a digital camera via a vacuum viewport on the chamber side wall for the solenoid currents of (IBL, IBR) = (8 A, 0 A), (0 A, 8 A), and (8 A, 8 A). (b) The raw (gray thin lines) and filtered (red bold lines) displacement signals of the thruster attached to the thrust balance. (c) The displacement signals of the target plate. The positive and negative displacement in b and c corresponds to the rightward and leftward directions, respectively. (a) Shows that the plasma exhausted from the left- and right-hand open source exits are changed by the magnetic field configuration. The displacement signals in b show that the deceleration (rightward, F2 − F1 > 0) and acceleration (leftward, F2 − F1 < 0) forces are exerted to the thruster (satellite) for the (IBL, IBR) = (8 A, 0 A) and (0 A, 8 A) cases, respectively (Fig. 1a). The results for the (IBL, IBR) = (8 A, 8 A) case demonstrates that zero thrust force is exerted to the thruster (b) while imparting the force to the target (c).
In order to perform space debris removal in the space environment surrounding the Earth, the acceleration and deceleration of the thruster, the relative velocity with respect to the debris, and the force on the debris have to be precisely controlled by some external parameters. The control of the forces by the magnetic field configuration and the ratio of the propellant gas flow rates from the two inlets will be demonstrated in the next section.
Control of the forces by the magnetic field configuration
Figure 4 shows the measured forces on the target (Fig. 4a,b) and on the thruster (Fig. 4c,d) as a function of the currents supplied to the right and left solenoids (IBR and IBL); when the current through one solenoid is changed, the current in the other solenoid is maintained at 8 A. It can be seen that for equal solenoid currents of 8 A (the symmetric magnetic field configuration), the thruster experiences a zero net force while a force of ~8mN is brought to bear on the target.
Figure 4
Simultaneously measured force to (a,b) the target and (c,d) the thruster as functions of the right- and left-hand solenoid currents (IBR and IBL). Either of these two solenoid currents is maintained at 8 A when surveying the other one. The momentum flux ejection to the left- and right-hand sides of the thruster can be controlled by the magnetic field configuration, yielding the space debris removal mode (zero thrust and the finite force to the target), the acceleration mode (leftward force to the thruster), and the deceleration mode (rightward force to the thruster).
Interestingly, the force on the thruster can be changed, as seen in Fig. 4c,d, demonstrating that the bi-directional thruster is operational for both the modes of thruster acceleration (negative left directed force) and deceleration (positive right directed force). Between these three conditions, both the forces on the target and thruster continuously change when the solenoid currents are adjusted, resulting in a considerable degree of control of both forces. Additionally, the force to the target for (IBL, IBR) = (8 A, 8 A) case and the thrusts for (IBL, IBR) = (8 A, 0 A) and (0 A, 8 A) cases are very similar in the range of 8–10 mN; implying that the operation modes can be switched while maintaining both the effective utilization of the gas propellant and the rf power.
To understand the relation between the measured forces and the plasma behavior, measurement of the ion saturation current (proportional to the plasma density) is performed by two Langmuir probes mounted on an axially movable motor stage installed on the right side and on the fixed left side stage at z = −35.9 cm.
The ion saturation currents measured at z = ±35.9 cm are plotted in Fig. 5a as a function of the solenoid currents, showing that the density of the plasmas exhausted from the source to the left and right is continuously changed by the magnetic field configuration. In these cases, acceleration and deceleration forces on the thruster can be generated, while a zero net force to the thruster is maintained when the densities of the exhausted plasma to both sides are equal. Detailed axial measurements are performed for the three conditions of (IBL, IBR) = (8 A, 0 A), (8 A, 8 A), and (0 A, 8 A) as plotted in Fig. 5b. The maximum density region is found to be formed at the high magnetic field sides for the asymmetric field configuration, while a symmetric density profile is formed within the source tube for the equal solenoid currents case. Therefore, the symmetry of the axial density profile inside the source affects the plasma ejections to the left and right and consequently the forces exerted on the thruster and the target.
Figure 5
(a) Ion saturation currents measured by the Langmuir probes located at z = −35.9 cm (filled square) and +35.9 cm (open circles) as functions of the solenoid currents, where either of the two solenoid currents is maintained at 8 A. (b) Axial profiles of the ion saturation current for (IBL, IBR) = (8 A, 0 A) (open triangles), (8 A, 8 A) (filled circles), and (0 A, 8 A) (open squares), where the lines are added as visual guides. The plasma densities in the plumes exhausted to the left- and right-hand sides of the single propulsion device can be controlled by the magnetic field configuration, resulting from the change in the density profile inside the source tube. When the densities exhausted on both sides are balanced, the zero net thrust is maintained while imparting the force to the target. The solenoids are axially centered at z = ±8.1 cm (Fig. 2).
Control of the forces by the gas flow rates
It should be noted that previous analytical models, experiments, and simulations have shown that the spatial profile of the neutral density significantly affects the plasma density profile41 and the thrust force42,43. Here the measurements of the forces are performed for various ratios of the gas flow rates from the two gas inlets placed at z = ±5 cm, as plotted in Fig. 6, where the solenoid currents are chosen as (IBL, IBR) = (8 A, 8 A) providing a symmetric magnetic field configuration and the total gas flow rate CArL + CArR is maintained at 100 sccm. Setting equal gas flow rates from both the left and right gas inlets as (CArL, CArR) = (50 sccm, 50 sccm) results in a zero net thrust force to the thruster and a right directed force to the target, while left and right directed forces to the thruster can be obtained by changing the ratio of the gas flow rates. The measured ion saturation currents at z = ±35.9 cm and the axial profiles as a function of the gas flow rates in Fig. 7 show a similar scenario to that discussed with Fig. 5. The asymmetry of the density profile in the source affects the densities of the plasma plumes exhausted to the left and right. The positions of the maximum density in Fig. 7 are close to the gas inlets which have a high neutral density and consequently a higher rate of the ionisation process.
Figure 6
Simultaneously measured forces to (a) the target and (b) the thruster as functions of the gas flow rates from the left- and right-hand gas inlets (CArL, CArR), where the total gas flow rate is maintained at CArL + CArR = 100 sccm and the solenoid currents are set as (IBL, IBR) = (8 A, 8 A). The control of the momentum flux ejection to the left- and right-hand sides can also be obtained by changing the gas flow rates (using the inlets positioned at z = ±5 cm), yielding the space debris removal mode and the two acceleration/deceleration modes of the thruster/satellite.
Figure 7
(a) Ion saturation currents measured by the Langmuir probes located at z = −35.9 cm (filled square) and +35.9 cm (open circles) as functions of the gas flow rates, where the total gas flow rate is maintained at CArL + CArR = 100 sccm and the solenoid currents are set as (IBL, IBR) = (8 A, 8 A). (b) Axial profiles of the ion saturation current for (CArL, CArR) = (100 sccm, 0 sccm) (open triangles), (50 sccm, 50 sccm) (filled circles), and (0 sccm, 100 sccm) (open squares), where the lines are added as visual guides. The densities exhausted from the source can be controlled by the gas flow rates by inducing changes in density profile inside the source tube. The maximum density appears very close to the gas inlets due to the high neutral density there. For equal gas flow rates from the two gas inlets, the plasma densities at the left- and right-hand sides are balanced; the zero net thrust and the force to the target is simultaneously obtained as shown in Fig. 6.
I started my decade-long turn as an international blood smuggler in 2004 with a mundane task: packing. I gently stacked a dozen half-liter glass vials into two soft-sided picnic coolers. The bottles held the components of a syrupy mix, a powerful medicine made from the immune system particles collected from thousands of people. A nurse would infuse the syrup into my veins, a treatment to keep my immune system under control, to halt its potentially paralyzing attacks on my nerves.
First, I had to get all of this, plus my own needles, to China.
Shortly after learning I had a nerve disease that required these periodic infusions, I moved from the US to China, home to the world’s largest and deadliest blood plasma debacle. Early on, I learned a statistic that would guide me through nearly 15 years in China: at the time, an estimated 50% of medications sold in the country were counterfeit or compromised. This was only one symptom of a fractured system where blood was perhaps the most notoriously unsafe product of all.
The alarming data didn’t deter me from going. I was determined to work in China as a journalist. I wanted an adventure, and the country was endlessly fascinating. I was also probably in denial that my illness was chronic – that I would continue to fall sick for many years to come, perhaps even for the rest of my life.
That morning, with coolers in hand and supplies – tubing, needles, alcohol wipes – stashed in my suitcase, I boarded a series of flights to the other side of the world. On that first arrival one of China’s massive new airports, a gleaming futuristic behemoth of marble walkways, steel beams and glass ceilings, I braced for the unknown and carried the coolers through the long, crowded corridor to a customs inspection station.
On that day and many more to follow, there was never a physical inspection of my bags. In the years after liquids were banned on board, I hid the bottles inside clothing and soft coats in my checked luggage. There was no X-ray on arrival, no dogs sniffing out contraband.
At customs, I handed a neatly dressed agent two forms. One was a small square yellow entry card with my name, passport number and other personal details. The other was an entry declaration with a series of questions about my luggage.
It was there I made a quick decision that launched years of smuggling American blood parts into China. On the line, “I am bringing animals, animal and plant products, microbes, biological products, human tissues, blood and blood products,” I checked the box “no”. The agent stamped my passport and I entered the country.
The bottles, I reasoned, weren’t a danger. I wasn’t going to sell imported blood products in China or put other people in danger. The medication, a product made from blood particles and a proprietary mix of chemicals, was so outrageously expensive that when I had tried to ship it to China through proper channels the first two times, customs agents decided the declared value of $20,000 was so high it meant I was starting my own medical clinic and should be taxed several thousand dollars every time I imported the medication.
Bringing fragments of other people’s blood across borders became just something I did to make life manageable. I didn’t investigate the possible penalties, believing I could talk my way out of it if caught. After all, I had a prescription. Official documents went a long way. In those years, China had a wild west character that made it feel untamed and limitless, exactly the kind of place where you could walk into a hospital with vials of your own medication and pay the staff to infuse it into your veins.
China has more miles of borderland than any other country – and those borders, especially in the 2000s, were porous. Along the frontiers with Myanmar and Vietnam, I saw smugglers jump fences in broad daylight, carrying clothes, rice, cooking oil, booze, and even women to sell.
I was surrounded by smugglers, and I was one of them.
American blood was banned from China with reason. In the mid-1980s, just as the Aids crisis peaked and US scientists discovered the virus that caused the disease was borne by blood, American drug companies knowingly sold HIV-tainted blood products in Asia. Thousands of hemophiliacs were infected with HIV. China’s ban on foreign blood kept the pandemic at bay for a while, until the government’s insistence that Aids was a foreign disease helped create perfect conditions for a homegrown epidemic.
Only 20 years ago, China was laying the foundations of economic growth, expanding the gargantuan factories and workforces that would sweep it to global wealth and power. In the 1990s, entire villages began mobilizing around making single products. Soon, they had nicknames like “Bra Town”, “Jeans City” and “Christmas Village”.
In Henan province, the abundant raw material was human blood. Few places were poorer than farm country in Henan; Chinese urbanites today still joke about Henan the way New Yorkers might laugh at West Virginia.
In the early 1990s, government officials hatched a plan to develop a plasma economy, one that would pay farmers for their blood, then generate wealth (mostly for government officials) by using it to produce expensive biopharmaceuticals. The scheme would protect China from the perils of foreign blood and build upon a plentiful natural resource.
This bizarre plan came at exactly the moment farmers were looking for new ways to make money. China had unshackled capitalism, and if that meant selling their blood, that’s what they would do. The writer Yan Lianke, in his novel Dream of Ding Village, a fictionalized account of the plasma economy’s wreckage, describes entire villages thriving and then collapsing on their blood trade, an iron-rich scent hanging in the air.
The detail was no fiction: Yan told me he spent months researching the book and villagers described a ubiquitous smell of blood in the mid-1990s. It started as the scent of wealth; it became the odor of death.
In the years after Aids infiltrated the plasma economy, the disease killed tens of thousands in Henan and surrounding provinces. The true number of dead remains concealed by China’s government.
A few years ago, a man who was raw material in the plasma economy described the process to me. Twenty years after the catastrophe, it was still a perilous thing for him to speak to a foreign journalist, especially in his hometown. I waited until December, when victims from Henan made their annual 450-mile train ride to Beijing for World Aids Day to protest outside the ministry of health. I sat in the backseat of a cab while the man stood outside my open door.
We talked while looking in opposite directions, pretending we weren’t speaking to each other. He was a farmer, the lowest rung of society, the people most often used as political props. When the plasma trade boomed, he could sell his cells for $8 a liter, once every two or three days. This was unheard of money in a time and place where a farmer might make a couple of hundred dollars a year after expenses. It was a mundane, easy way to earn cash – something none of the villagers had ever experienced.
He sold plasma for several years. Then in 1995 the blood stations shut down suddenly, with no explanation. By 1999, people in his village began falling ill and dying early, painful deaths, at an astounding rate. About a quarter of the 2,000 people in his village sold their plasma. In the process, they were exposed to used needles, dirty equipment and, in many cases, directly injected with the HIV virus as a side-effect of an out-of-control donation system. By the time I met him, more than 200 people in his village, a tenth of the population, had died from Aids.
At best guess, 1 million people were infected with HIV in the pay-for-plasma system. Were it not for two women, doctors of different generations, the death toll would have been much worse. One, Wang Shuping, discovered and exposed the debacle; the other Gao Yaojie, became a vocal, beloved public figure demanding it be addressed.
In 1999, when I first arrived in China to spend a year working and studying Mandarin, Gao and Wang blew open the Aids crisis in Henan. First Chinese media, then international journalists, published stories about the pay-for-plasma scheme gone horribly wrong. Victims began dying, leaving villages filled with widows and orphans. I read about it and, like everyone following the news, was repulsed that a government had infected its own citizens with a deadly virus.
Other countries weathered Aids catastrophes and plasma scandals, but China stands alone – operating a government-run plasma extraction program that infected and killed tens of thousands then covering it up.
Gao and Wang had little in common but geography. By the 1990s, Gao was retired, a gynecologist who still did some public education on sexually transmitted diseases. Wang was a young medical researcher, just starting her career in study of blood-borne viruses.
Wang grew up near Zhoukou, a gritty metropolis of 8 million and the 13th largest city in Henan province, which is to say, a total backwater by Chinese standards. In 1991, she was assigned to a health department in Zhoukou in an important new post: monitoring donors in the city’s first blood plasma extraction center.
Within a few weeks of the plasma center opening, 200 people a day lined up to donate their cells. The clinic, and dozens like it, rushed through donors like livestock, extracting plasma as quickly as possible to sell for profit.
Wang discovered hepatitis C in the plasma pool and braced for catastrophe should HIV breach the system. In 1995, she found it. A man who donated plasma at multiple blood stations tested positive for the virus that causes Aids.
By then, the Henan blood industry was churning, ramped up to such a level that technicians were reusing tubing and needles to save money, and chillingly, sharing between patients the centrifuges that spin blood into plasma and parts. In the rush to extract plasma, donors were often re-injected with other patients’ cells – the equivalent of a deadly biological bomb.
Wang sounded the alarm, first at home, later in Beijing. Government leaders knew the clinics were spreading a virus that was a death sentence, yet kept the plasma banks open for another three months. Then the government abruptly shut down the whole system – without telling donors they were exposed to HIV.
In this moment, Wang Shuping understood a drive for power and money overrode the safety of society’s most vulnerable. She continued working on the fringes of the system for several years, watching closely as Aids began to kill. At the same time, Gao Yaojie discovered Aids in a patient a few hundred miles away. Together the two women started a campaign – Wang behind the scenes with facts and information and Gao out front with a steely resolve and charisma – that shook China’s faith in its health system and government.
The skin on the back of both my hands is riddled with tiny white scars, a map stitched in needle marks made by nurses from Shanghai and Beijing to different US states. In those hundreds of sticks, I’ve never once watched the needle puncture its target; just feeling the sting is enough to make my brain twitch.
The needle, encased in the tiny plastic tube, slid through my skin, piercing a vein on the back of my hand, and I sucked in my breath. I’ve learned to keep the gasp silent, aware that if I startle the nurse she’ll take longer, struggle with the needle or, worse, shoot through the vein. I’ve had around 300 of these and I still gasp every time. It doesn’t hurt; it’s something more primal – an invasion in a place not meant to be touched by sharp metal and hard plastic.
After years of blood smuggling, I started having infusions in the US, but not because I got stopped at the Chinese border with potential contraband. The US healthcare system changed in recent years in such a way that insurance companies micromanage ongoing treatment of chronic conditions, so my infusions are now rationed out, every six weeks.
‘Farmers were looking for new ways to make money. China had unshackled capitalism, and if that meant selling their blood, that’s what they would do’
The procedure takes place in an office suite that doubles as an infusion clinic. There’s a TV bolted to one of the paper-thin walls, a metal sink and a cushy recliner I can sink into and almost fall asleep. I’ll be in the chair for five hours, bored and groggy, glancing impatiently at the plastic bag of thick, pale yellow liquid dripping, always too slowly, into my vein.
Unlike a lot of nurses who stabbed my veins across two continents, this one almost never misses. It’s a skill she refined in years of drawing blood out of veins and putting other things into them. She’s punctured my hands and arms more than 100 times, with this gift for finding a spot that isn’t already hardened from scar tissue.
She is a few years younger than I, a mother of two. Inside the crook of her arm, there is a deep crater, a barely closed hole. It reminds me of a long-ago reporting trip in China where I saw rescued moon bears that had been caged and placed with permanent open spigot drilled directly to their gall bladders to be milked of bile for traditional Chinese medicine that is neither traditional nor necessary. The bears never quite healed.
The nurse and I are two sides of the same story. She is a donor. I am a recipient. Twice a week, a technician draws blood to later extract her plasma, which is distilled and mixed into compounds and preparations, biopharmaceuticals that make up the $9bn American plasma economy, an industry so massive that the US now exports blood products to China.
She gets about $300 a month for her plasma twice a week, a number determined by a formula that targets people just on the edge of getting by, where a few hundred dollars makes a major difference. The pay scale in China 23 years ago was calculated much the same way; enough to make life easier, not enough to earn your way out of selling blood.
Over many days in that chair, I’ve spent hours thinking about the cells of other people entering my body. The cells keep my own immune system in check, but I wonder, do I take on other things from the thousands of donors whose particles I’ve melded seamlessly into my own? What does it mean to depend on the blood of other people, especially when most of the people who donate this substance do it for the money?
For decades, medical researchers have worked with blood and its parts to unearth lifesaving and life-extending treatments. In a pay-for-plasma system, innovation often leads to great exploitation and widening the gap between rich and poor.
Nowhere is this more visible than the Silicon Valley startup world, where a series of clinical trials now under way is investigating the use of young blood, specifically plasma, as an elixir for people 35 and over. It’s impossible to imagine the end result – paying young people for blood to keep the wealthy youthful – won’t widen the gap.
Today, plasma products are used with varying success for everything from recurrent miscarriages to immune disorders and rare childhood illnesses. American clinics collect more than 31,000 tons of plasma every year and blood products account for 1.6% of US exports.
The United States is one of a handful of countries that allow companies and hospitals to pay plasma donors. China is another. Whole blood donations – overseen in America by the Red Cross – are unpaid, but regulators have decided that profit-making biopharmaceutical companies can pay donors for the time it takes to give plasma.
More than half of these plasma centers, which collect 60% of the world’s plasma supply, reside in low-income US neighborhoods. You’ll find them in college towns, in former factory hubs, in cities where the economy lags. You won’t find them in wealthy suburbs or gentrified neighborhoods. Privately run plasma extraction centers set up shop in places where residents sell blood for gas money or college textbooks. They are sparse on the upper east coast, abundant in the rust belt and on the US-Mexico border. Though screening is tight and today’s heat treatment kills viruses, low-paid donation creates its own problems.
I can give you these statistics, but there’s another way I know there’s a socioeconomic divide when it comes to plasma donation in America. I grew up in a fairly broke household but my family is now solidly middle class. No one in my immediate family has ever donated plasma.
Apart from economic exploitation, the risk to long-term donors is unknown. The product insert that comes with my Baxter-branded Gammagard immunoglobin stretches several feet long and lists everything from blood clots to fever and chills as possible side-effects. For me, an infusion means feeling, at best, like I have the flu for a few days every six weeks. I don’t know what happens to people who give raw materials, so I watch my infusion nurse – the donor – as much as she watches me.
After scouring medical journals for evidence of what happens to the health of long-term plasma donors, I found Xi Chen, a professor in global health and economics at Yale University. He’s been monitoring the health of 6,000 plasma donors in China for the past 14 years. China’s plasma extraction centers still flourish in poorer parts of the country, where people are more likely to sell their blood. Xi describes how donors suffer from fatigue and often give up farm work. American donors, he speculates, have access to better nutrition and probably don’t suffer the same effects from giving plasma twice a week.
But there’s no evidence to tell us what happens to long-term American plasma donors. When he first published his research, several US biopharmaceutical companies contacted Xi. He never responded. The practice of drawing plasma to make medicine should be innocuous, but when it targets people living on the margins, people in need of cash, turning their cells into commodities, can it be?
This year, I travelled to Salt Lake City to finally meet Wang Shuping, the doctor who unearthed the crisis and rarely talks about it. I rounded the corner in a quiet neighborhood to Wang’s home late one evening, just as the shade from nearby Mount Olympus started to cool the valley.
We had emailed a few times over the years but never spoken. She is in her early 60s, nearly 30 years younger than Gao Yaojie, and fully immersed in American society. She speaks perfect English, is married to a midwesterner and works in a cancer research lab at the University of Utah.
When I arrived at her home, she had plans. We would take a drive to Park City, tour around downtown Salt Lake at the Mormon temple and a few other historic sites – and, she said, there was something else she wanted to show me.
Wang is perplexed by my interest in a decades-old medical scandal half a world away. As we chat late into the evening, she stops to ask if I’m tired. She noticed my left hand is trembling, something that happens when I don’t get enough sleep. Few people ask me about the tremor; Wang spotted it within a few hours.
The next morning, we drove to Park City. Along the way, we talk about China, American politics, and the blood trade. We stopped for beet salads at a local tavern, where two women at the next table discussed the difficulty of finding good nannies in South America. I wondered what people around us would think if they knew this cheerful woman across the table from me, dressed in white capri pants and rainbow-striped socks with articulated toes, discovered and exposed a health crisis that shook the highest reaches of the Chinese government. How is it that someone who took on the Chinese power structure so seamlessly fell into a quiet American life, leaving that blood-stained past two decades behind?
Over lunch it became clear Wang hasn’t forgotten. There’s something near her house she wanted to show me, she reminded me, in an unremarkable strip mall.
Just outside the entrance, a man sat in his open car, pressing a bandage into the crook of his arm as he smoked a cigarette, the aftermath of having his plasma extracted by white-coated technicians and hi-tech machinery just beyond the door.
In the car, we decided to ask a series of questions as though we might donate, in the hope they would let us see the equipment. She wanted to inspect the process, the machinery, the safety protocols. I was along for the ride, a reporter who will ask the questions, but also a patient seeing how my medication is made. I came to Utah to talk with Wang about what happened in China. Now she was leading me right back into the unknown, in my own backyard.
A fresh-faced technician in a white lab coat wouldn’t let us see the machinery, but described the process – the needle stick won’t hurt, there’s no contamination, he assured us, and the payment scheme outlined on a blackboard offers cash bonuses for first-timers. The more often someone returns, up to twice a week, the higher the pay. Wang nodded along as he explained extensive safety protocols. She had one question: “Which day of the week do you close?”
“We don’t,” he said brightly. “We’re open seven days a week.”
As we drove home, Wang said she wasn’t upset to find a plasma bank so close by. What troubles her is the brazen pursuit of profit in other people’s cells. She shakes her head, saying the center doesn’t even close one day a week, in a city where religion shutters many businesses on Sunday.
She’s seen this incessant rush to blood money before. It spiraled into catastrophe.
