A U.S. cybersecurity company has uncovered a malicious script on the website of the National Foreign Trade Council, a public policy and lobbying organization devoted to U.S. trade policy. And John Bambenek, threat intelligence manager for Fidelis Cybersecurity, whose team found the script, says he is “highly confident” the script was placed there by Chinese state-sponsored actors.
The script is a tool known as a Scanbox. It has, to date, been used only by groups widely known to be affiliated with the Chinese government. “There's no evidence that anybody else has commandeered or used [Scanbox],” Bambenek says.
The script provides information about a victim's operating system, IP address, and software programs, which attackers can later use in targeted phishing campaigns. For example, if attackers learn that someone is using a browser with known software holes, they may target that person with an exploit that the hackers know will work for the user’s particular version.
Fidelis believes this particular operation, which was observed between 27 February and 1 March, was conducted as espionage in preparation for Chinese president Xi Jinping's meeting with U.S. President Trump today and Friday. Bambenek believes the tool was being used to collect intelligence about trade policy rather than to steal trade secrets from U.S. companies.
Hidden within the National Foreign Trade Council’s site, the Scanbox script ran whenever a visitor navigated to a page with a registration form for an upcoming Board of Directors meeting. That means the script, which has been removed, likely targeted board members, many of whom are also from major U.S. companies.
Bambenek calls Scanbox “a fairly lightweight tool” that is primarily used for gathering information. Chinese groups have relied on it for reconnaissance since at least 2014. Once a victim closes the tab or browser in which Scanbox is operating, they are no longer affected.
Fidelis was alerted to the script when cybersecurity programs it had developed were automatically triggered by software that appeared to be Scanbox. Fidelis says it has shared the information about Scanbox with the Federal Bureau of Investigation.
Mike Buratowski, vice president of cybersecurity services with Fidelis, says nonprofits and think tanks are increasingly targeted by state-sponsored attackers because they have access to privileged information and are in touch with government agencies.
“The reality is that almost every government in the world has think tanks and policy organizations, and all of these are really the soft targets of government,” Bambenek says.
Last week, Samsung revealed its new smartphone, the Samsung Galaxy S8, which users can unlock with a quick glance. Since the big debut, we’ve learned that the iris scanner in the S8 comes from a little-known biometric security company in New Jersey called Princeton Identity.
CEO Mark Clifton says the company’s technology can produce an accurate scan in varying light conditions from arm’s length, even if the user isn’t standing completely still. Those features persuaded Samsung that iris scanners, which are already common in building security systems, were ready to be integrated into its popular line of smartphones.
“They became convinced that we were the real deal when we were able to show them iris recognition working outdoors in a sunny parking lot, when none of the other competitors could do that,” Clifton says.
Adding an iris scanner to a smartphone is a big decision, because it requires extra hardware and modifications to the body of the phone. Clifton estimates the total cost of adding this form of biometric security works out to be less than $5 per handset. That’s still a lot of money for an industry in which any manufacturer can build a smartphone, but few can do it profitably.
If you look closely at the S8, there are three dots and one long dash right above the screen. The middle dot is the selfie camera and the thin slit is the proximity sensor, neither of which play a role in iris scanning.
The dot on the far left, however, is an LED that produces near-infrared light. And the dot on the far right is a camera equipped with a special filter that blocks most visible light but allows infrared waves to pass through.
To produce a scan, the LED emits infrared waves that penetrate just below the surface layer of the iris (the colored part of the eye) and reflect back to the infrared camera. This camera can then produce a high-contrast scan of the iris based on those reflections of infrared light from the eye. The proprietary piece of Princeton’s technology is the pattern of the pulse, or strobe, of the LED that produces the infrared light, and the design of the filter that blocks out visible light and yields the high-contrast scan.
A user’s first scan captures about 250 points of reference from the iris, the part of the eye that includes a pair of muscles that dilate and constrict the pupil to let more or less light in. This compares favorably with the 20 to 70 points that a fingerprint sensor gathers. An iris scan may show the contours of muscles, the patterns of blood vessels, or other artifacts, such as strands or folds of tissue, within the iris.
All of the information about those reference points is stored in a template in the phone’s “trust zone,” a specialized area of hardware where sensitive data is encrypted. When a user wants to unlock their phone, software compares the iris pattern in the latest scan to the pattern in the original template.
Many of the elements within the iris are shaped during early development as well as by genetics, so even identical twins would have unique templates. For people who wear glasses, Princeton recommends users take them off to do their original scan, but Clifton says the iris scanner should generally work even with their glasses on.
Dr. Kevin Miller, a corneal surgeon who performs artificial iris transplants at the UCLA Stein Eye Institute, points out that the muscle contours of the iris change considerably based on lighting conditions and pupil dilation. And there are other factors that could produce errors in an iris scan over the course of a person’s lifetime.
“What happens if you're scanning somebody with diabetes and they have a little hemorrhage in the eye? Now that hemorrhage shows up on the scan and it's not going to recognize them,” he says. “There's issues like that with all these biometric methods.”
A user can create a new scan of their iris at any time. And the template that’s stored in the trust zone is a digital representation of the contrast points on their iris, rather than an actual image of the iris. Storing the image itself would create another security problem because, unlike passwords or credit card numbers, a person’s iris pattern can’t be revoked or updated.
Clifton says with their technology, the chances of producing a false positive are about 1 in 1.1 million for a scan of a single eye and 1 in 1.4 trillion for a scan of both eyes. "You do approach DNA-level type of accuracies with a duel-eye recognition,” Clifton says.
The company says they’ve also incorporated “liveness detection” into the scanner so that the iris scanner can’t be fooled by a photograph—a common problem for facial recognition technology—though Clifton wouldn’t say much about how this feature works.
Samsung actually debuted Princeton’s iris scanners in the Galaxy Note7, which had a brief run of sales in 2016 before a mass recall. The only change to the technology for the S8 appears to be cosmetic—this time, Samsung implemented a full color live preview mode with two circles on the screen to help users position their eyes. The ill-fated Note7 preview was in black and white. “Hopefully this will go much smoother,” Clifton says.
Flexible, inkjet-printable memory cells could help pave the way for mass-produced printable electronics, researchers from Germany and Canada say.
The new memory cells combine the strengths of the two different kinds of memory technology that have long dominated the computer industry. One type, which includes hard disks and flash memory, is relatively slow at reading and writing data but is non-volatile, meaning that it saves its data even when it gets powered down. The other, random access memory (RAM), is fast but volatile, only maintaining its data while powered.
The new memory devices are a form of resistive RAM (ReRAM), which is both fast and non-volatile. All memory cells are switchable between on and off states that represent one bit of data, a zero or one. But for ReRAM devices, these states are defined by the resistance of the memory cell, says study lead author Bernard Huber, a physicist at the Munich University of Applied Sciences in Germany.
The scientists detailed their findings online in the 4 April edition of the journal Applied Physics Letters.
By printing sensor circuits on boring old disposable rubber gloves, researchers have converted them into handy, low-cost screening tools for chemical threats and toxic pollutants. That means someday, security agents might swipe their gloved fingertip on a bag and quickly get an alert for traces of nerve agents and explosives on their smartphone.
The glove sensors, printed with special stretchable conductive inks, can detect a class of phosphorus-based chemical compounds used as chemical weapons and pesticides. In addition to weapons screening, the new lab-on-a-glove could be useful for food safety and environmental inspections, says Joseph Wang, a nanoengineer at the University of California, San Diego who developed the device reported in the journal ACS Sensors.
The military today has portable test kits to detect nerve agent vapors and liquids, including VX, which is suspected to have been used to assassinate Kim Jong Nam, half-brother of North Korean leader Kim Jong Un, in Kuala Lumpur in February. Testing involves exposing test strips and reading them using portable instruments such as chromatographs or spectrometers. A wearable glove sensor would make it even easier and faster.
Today Samsung revealed its new Galaxy S8 and S8 Plus smartphones, which users can unlock through iris scanning and facial recognition technology. To do so, users simply hold their phone in front of their eyes or their entire face, as if they were snapping a selfie.
Biometric technology is now being integrated into more consumer devices and is increasingly seen as a critical next step to improve security. Indeed, Justin Denison, Samsung’s senior vice president for product strategy and marketing, referred to the S8’s iris-scanning abilities as the “most secure form of biometric security we’ve ever created.”
A facial recognition feature called “Face Unlock” was available on previous Samsung devices including the Galaxy S4, the Galaxy Nexus, and the Galaxy Note2. In those devices, it came with a warning that facial recognition is less secure than a passcode, and can be fooled by people who look like a user (or perhaps even by a photograph of the user). The company’s troubled Galaxy Note7 from 2016 also offered iris scanning, which is considered more secure than facial recognition.
In the S8 and S8 Plus, these biometric security features can be activated in addition to, or in place of, a PIN code. As is the case with most iris scanners, people who wear glasses may have to remove them in order for the technology to work. The familiar fingerprint scanner from previous generations has been relocated to the upper half of the S8’s back panel, in a spot where it’s more likely to scan an index finger than a thumb.
The new devices will go on sale in the U.S. on 21 April, though Samsung has not yet said how much they will cost. After its recall of the Note7, Samsung is counting on these phones to win back customers. In addition to biometric security, the S8 and S8 Plus also offer a new voice recognition service named Bixby and an edgeless curved display.
Both of the new phones feature an Infinity Display (a term the company trademarked just last month), which is a high-definition Super Active-Matrix Organic Light-Emitting Diode (AMOLED) screen with curved edges that cascade over the phone’s sides. Denison said this design gives the S8 and S8 Plus a higher screen-to-phone ratio than any of Samsung’s previous models. Their screens measure 5.8 inches and 6.2 inches for the S8 and S8 Plus, respectively (and that’s measured diagonally, not vertically).
With the Infinity Display, Samsung has aimed to have the slimmest possible bezels on the S8 and S8 Plus. The bezel is the plastic rim that typically runs around all four edges of a screen. “You can barely tell where the screen ends and the phone begins,” said Denison. “Where there used to be bezels, now there’s only screen."
The company is now calling its Infinity Displays “bezel-less,” which is still one step away from a totally “bezel-free” smartphone, in which the bezels above and below the screen would also be removed. Promoting ever-slimmer bezels is something of a trend among smartphone makers, as Chinese manufacturer Xiaomi has also shown this year in their new Mi Mix phone.
One way Samsung managed to reduce the size of its bezels was to eliminate the traditional home button and stretch the S8’s screen nearly to the phone’s bottom edge. The home button is no longer visible. Through “a combination of hardware and software,” Denison said the company was able to hide it beneath the display, where it can supposedly sense the pressure of a finger just as well as any home button that has come before it. In a quick review of the S8 following the press event, the invisible home button was just as easy to use as its more conspicuous predecessors.
On the services side, Samsung says its new voice recognition service on the S8 called Bixby offers greater contextual awareness than its competitors (ahem, Siri). For example, Bixby is integrated into the phone’s camera and can be instructed to search for a restaurant or shop for an item, that is within the camera’s field of view. By pressing a special button on the side of the phone, users can summon Bixby and speak to it in one of four languages: English, Spanish, Korean, or Chinese.
The 2017 Hackaday Prize launched earlier this week. And the general theme is similar to what it’s been since the contest’s beginnings in 2014: “Build something that matters.” But the organizers are especially keen this year to inspire folks to design things that could turn into bona fide products—and profitable businesses.
“A business plan is part of engineering these days,” says Mike Szczys, Hackaday’s managing editor, who explains that the 2017 contest will include a US $30,000 prize for Best Product. To win that, you’ll have to provide a detailed bill of materials for your gizmo, show that it can be readily manufactured, and provide a compelling business plan. The three working prototypes of your brainchild you submit by 24 July will also have to impress the hands-on judges, who will include a hardware engineer, a product engineer, and several Hackaday.com editors.
That’s a lot to ask an aspiring garage tinkerer to pull together in a few months, but contestants aren’t restricted to submitting freshly minted ideas. Indeed, you could have been working on your concept—even selling commercial versions of the end product—for quite some time and still qualify. The criterion Hackaday will use is not how long the project has been around but how much money has been invested in it. If that figure is less than $2 million, the enterprise qualifies to compete for Hackaday’s Best Product prize in 2017.
Organizers didn’t offer this category in last year’s competition, although they had done so the year before. The 2015 competition drew fewer contestants for Best Product than desired, says Szczys, likely because already-existing products or projects were excluded.
Szczys hopes this year’s competition might inspire some folks who have already been working to develop and market a product to share with others the details of their entrepreneurial journeys. “Successful companies aren’t writing about the things that make them successful,” he says. The project documentation that Hackaday Prize contestants must provide could help to fill the gap.
And there are plenty of ways for you to compete even if your aspirations fall short of commercializing what you dream up. In addition to the aforementioned best-product prize, there will be a $50,000 grand prize, second- through fifth-place prizes that range from $20,000 to $5,000, and $1,000 prizes for the top 20 projects in each of five categories: “Design Your Concept,” “Internet of Useful Things,” “Wheels, Wings, and Walkers,” “Assistive Technologies,” and a catch-all called “Anything Goes.”
All in all, there will be $250,000 in cash prizes awarded to more than 100 entries by November, when Hackaday convenes its “superconference,” likely at the Pasadena design lab of SupplyFrame, its parent company. So gentlemen (and ladies), start your soldering irons, 3-D printers, and CNC machine tools. The game is afoot!
Opening around the world this weekend is Life, a “hard” science fiction movie set in the near future starring Jake Gyllenhaal, Ryan Reynolds, and Rebecca Ferguson. It opens when a sample return mission from Mars brings its payload back to a somewhat expanded International Space Station. A laboratory has been set up on the ISS to analyze the Martian samples in a bid to avoid any potential cross-contamination with terrestrial organisms [PDF]. Much to the joy of the crew, a dormant organism is found in the samples, proving that there is life beyond Earth. Very soon, however, things turn nasty and the crew starts pining for a return to cosmic loneliness.
Life was written by Rhett Reese and Paul Wernick, who came to prominence with last year’s unexpected smash hit Deadpool, which followed their earlier success with 2009’s Zombieland.IEEE Spectrum’s Stephen Cass talked with Reese and Wernick about how they used the real experiences of astronauts living and working in space to inform the plot of their latest movie and distinguish it from trapped-with-a-nasty-E.T. classics such as Alien or Pitch Black. (Very mild spoilers below. The conversation has been edited for concision and clarity.)
Accelerometers introduced smartphone users to many handy new features—recording the distance you walk and automatically rotating the view when we turn the phone sideways, to name just two you probably used today. Though these sensors are generally quite helpful and accurate, computer scientists from the University of Michigan have just found a way to scam them.
A research team figured out that they could fool accelerometers using sound waves—in particular, a single tone played at an accelerometer’s resonant frequency. With it, they can cause two signal processing components within the phone to generate a false report of the accelerometer’s behavior. The group is led by Kevin Fu of the University of Michigan and includes collaborators from the University of South Carolina.
Patrick McDaniel, a security researcher at Pennsylvania State University, says the security risk of the particular scheme devised by Fu’s group is low. But the broader problem is a big one in the industry: Devices and software programs tend to blindly trust any data gathered from built-in sensors.
On Tuesday, the Industrial Control Systems Cyber Emergency Response Team of the U.S. Department of Homeland Security issued a public alert about the findings.
The Michigan group’s work underscores the point that any device that relies on data from a sensor to make a critical decision can potentially be led astray by that sensor. Besides smartphones, accelerometers are also used to activate airbags in motor vehicles, and to measure the rate and depth of chest compressions during CPR.
“If you're trusting your sensor inputs and you have no way to validate those inputs, you're going to have problems,” McDaniel says.
The University of Michigan team tested 20 models of capacitive micro-electromechanical (MEMS) accelerometers from five manufacturers: Bosch, STMicroelectronics, InvenSense, Analog Devices, and Murata Manufacturing. (The model numbers are listed here.)
They found that 75 percent of the accelerometers could be fooled by an attack that allowed them to slightly alter the sensors’ signals for a brief moment, and 65 percent were vulnerable to a more severe attack that allowed the team to control their signals indefinitely.
Fu says he hopes the work—which he calls a proof of concept—will start a conversation in the industry: “We need to question, why do we trust our sensors?” he says.
Their trick was possible because sound waves impart a physical force to any object they encounter. The University of Michigan team essentially used the vibrations produced by sound waves to alter accelerometers’ records of what was happening to them.
An accelerometer contains a physical mass placed on springs. When a device moves, the mass does too. The movement causes the capacitance—the ability to store charge—to change in the springs, which can be interpreted as movement. By producing vibrations through sound waves that moved that mass in a particular way, the group launched a series of attacks on the unsuspecting sensors.
The group first had to identify the resonance, or preferred frequency, of each accelerometer. At the resonance frequency, each sound wave reinforces the action of the previous one on the mass—leading to a much larger signal than you’d get at other frequencies. To find the resonance of the accelerometers, the team played tones at progressive frequencies from 2 kilohertz to 30 kilohertz, until they found a frequency where the accelerometer produced an outsized reaction.
Next, the team subjected the sensors to two types of attacks using sound waves at the resonant frequency. The first, called output biasing, exploits a feature of the low pass filter, a signal processing component that filters out high frequency interference. This technique can be used to slightly alter readings produced by the accelerometer for several seconds.
The second, called output control, takes advantage of the phone’s amplifier, which typically handles the raw signal even before it reaches the low pass filter. This method can be used to take control of the accelerometer indefinitely and produce false signals.
To show that it was possible to spoof accelerometers with these techniques, the group used each method to spell out “WALNUT” in a chart of the sensors’ acceleration over time.
Next, they wanted to use sound waves to hack actual devices, so they reached for a Samsung Galaxy S5, which comes with an MPU-6500 accelerometer from InvenSense. They loaded a a music video with the accelerometer’s resonant frequency embedded in it, and remotely prompted the phone to play the video.
At the same time, they ran a game on the phone called Spy Toys that relies on the accelerometer to control a toy car. While the video played, the toy car accelerated or decelerated in accordance with the pulses of the signal they had embedded in the video.
In their final demo, they used an off-the-shelf speaker to play a tone that caused a FitBit to log 2,100 steps in just 40 minutes, earning them 21 reward points on a health tracking site (they declined to cash in their points, citing ethical concerns).
Though these scams are certainly possible, they are not subtle—the attacker must be within close range of the device they wish to target, and has to know the model and resonance of the accelerometer inside.
In the group’s own example, an attacker would have to stand behind the owner and blare an audio track to take control of the Spy Toys car, or somehow prompt the owner’s phone to start playing the resonance frequency—perhaps by sending them to a website that automatically plays the track once they arrive.
“It falls into that kind of cool, but not something that would keep me awake at night, type of vulnerability,” McDaniel says.
Still, to prevent any issues, Fu suggests accelerometer designers choose a resonance in the ultrasound range, which is more difficult to generate with off-the-shelf speakers. And encasing devices in foam is a good way to stop sound waves from reaching a device’s accelerometer, though not always practical.
Through the University of Michigan, the research team is also attempting to sell software programs to manufacturers that it says can prevent such attacks in products that are already on the market.
Just in case, McDaniel thinks entrepreneurs and consumers should be wary of turning too many decisions and responsibilities over to any devices that rely on sensor data, until the industry figures out how to better validate that data.
“If you're using that sensor input for a security critical decision, well then that's something we really need to worry about,” McDaniel says. “If we can't be sure they're trustable, we need to limit the kind of security decisions we're making off of them.”
A tiny company based in Barcelona is promoting a new technology that it hopes can revolutionize smartphone antennas—by removing them altogether.
The job of any smartphone antenna is to radiate a radio-frequency signal generated by the phone’s transmitter out to the nearest cellular base station or Wi-Fi router. Now, Fractus Antennas wants to replace that antenna with a much smaller component called an antenna booster—a tiny lightweight cube made of a metal frame and FR-4 epoxy, the same material used in printed circuit boards.
The company says it can use this booster, along with some modifications to the smartphone’s circuitry, to radiate RF signals exclusively from a device’s ground plane—with no dedicated antenna to speak of. According to the company, this approach can deliver performance comparable to today’s smartphone antennas, at a lower cost for manufacturers.
During this year’s Mobile World Congress, the smartphone industry’s largest trade show, Carles Puente, Fractus Antennas’ cofounder and vice-president for innovation, quietly wandered the exhibit halls and handed out samples of this antenna booster from his satchel to any smartphone maker who might be able to use it.
Back at his office near Barcelona, Puente compared it to a few antennas found in smartphones over the past decade. He pulled several devices from storage that were left over from the time his first company, Fractus, which also specializes in antennas, sued 10 manufacturers for patent infringement. He and his staff broke open more than 600 smartphones to build their case, so they’ve seen more than their share of internal antennas.
To explain how the booster technology from his new company, Fractus Antennas, works, he first showed me antennas from a 2008 Blackberry Pearl and a Pantech C740 from the same year. With the casing removed, it was easy to see that both models had what looked like a tangle of metallic lines toward the top of the device. Those squiggly patterns were mounted to plastic structures that gave the antennas a shape designed to help them radiate energy most effectively.
Puente told me these antennas are all inspired by fractals, a type of design in which similar patterns repeat themselves at various sizes. Fractals are naturally found in broccoli stalks and tree branches. With a fractal-based design, smartphone manufacturers can use all or just part of an antenna to provide service across many frequency bands.
For example, one of the longest wavelengths that smartphones must support is for the 698-megahertz frequency, where waves measure 430 millimeters long. And because the size of a radio wave corresponds to the size of the antenna needed to transmit it, longer wavelengths require larger antennas.
A typical smartphone antenna might only be 40- to 60-mm long, so transmitting waves that long requires the antenna’s entire surface. Since smartphones must also provide service across five or six other frequencies, smaller chunks of the same antenna are used to transmit those shorter wavelengths.
Fractus Antennas is a spinoff of Puente’s first company, which patented the use of fractal-based antennas in smartphones (and eventually filed that 2009 lawsuit for patent infringement). For many years, those were the dominant type of antenna found in smartphones.
More recently, manufacturers have moved away from fractal-based antennas and simply placed a metal band along the top of the smartphone to serve as an antenna. But one drawback of these metal bands is that they can’t easily support multiple frequencies at the same time on their own.
Manufacturers must add another part—an active tuner—to generate signals at the frequencies required for carriers around the globe. Still, this tuner is best at providing service at either one band or another, rather than over multiple bands at once.
Meanwhile, the industry is moving toward interband carrier aggregation, in which a device combines spectrum from several frequency bands to build a channel with more bandwidth than would otherwise be available. If metal band antennas can’t simultaneously provide service across bands, they may not be very useful as carrier aggregation becomes more popular.
This is where Fractus Antennas’ new, “antenna-less” smartphone technology comes in. Instead of relying on a dedicated antenna to radiate an RF signal, a handset would radiate the signal directly from the ground plane, which is the copper layer that underlies the phone’s printed circuit board. To do this, the phone’s manufacturer would replace the antenna with Fractus’smXTEND Antenna Booster, a small device roughly one-tenth the size of a traditional antenna.
It works like this: Once the transmitter generates a signal, it travels through the matching network, which is a part of the smartphone that acts like a tuner to support service at various frequencies. From there, it travels to both the booster and the ground plane. The booster is a passive device that does not radiate at all. Rather, it temporarily stores the signal it receives and repeatedly bounces it over to the ground plane, which radiates it out.
Already, today’s smartphones use the ground plane to radiate a portion of the signal that smartphones produce. To prevent interference, their circuit boards incorporate shields to protect elements that may be vulnerable. However, the Fractus Antennas concept takes this to the next level by using the ground plane to produce all of the radiation that is broadcast to the cell tower or Wi-Fi router. “Instead of having an antenna that radiates inside the phone, the phone itself is radiating,” Puente says.
The antenna booster does require a slightly more complicated matching network than usual. Puente says the matching network of a phone with an antenna booster would include six or seven components rather than the one or two found in a smartphone today—and the network must be redesigned for each model.
Fractus Antennas is now selling several versions of its antenna booster, which can support cellular communications across 12 frequency bands (from 698 MHz to 2690 MHz) and can also be adapted for Wi-Fi and Bluetooth. The company launched in 2015, and its first sales came in 2016.
So far, Fractus Antennas has sold hundreds of thousands of units to a dozen clients who are using them to track fleets of trucks and outfit sensors for smart metering, among other things. Right now, it costs Fractus Antennas about US $1 to produce each unit, but Puente expects they could reduce that cost considerably by producing higher volumes.
The company is not claiming that the booster improves performance; in the company’s tests, it has shown its performance to be similar to that of today’s smartphones. Puente believes its main selling point will be the money that smartphone makers can save by never having to design and manufacture their own antennas again.
If manufacturers sign on, Puente predicts that it may be 2018 before Fractus Antennas’ technology is available in a smartphone. That, he says, is thanks to the devices’ long development cycles. The 15-person company is an underdog in the industry that generates annual revenues of more than US $400 billion worldwide. But as Puente learned from his first company, a few strong patents can take a company far.
File this under “fun to think about”: Researchers at the University of Vienna have shown how ultraprecise measurements of time can bend the surrounding space and make time in the region run slower.
The basic theory is surprisingly simple, a combination of Einstein’s mass-energy equivalence and Heisenberg’s uncertainty principle. In short, increasing the precision in the time measurement increases the uncertainty in the energy at that point. Since energy and mass are interchangeable, this is the same as creating a virtual mass. As the uncertainty in the time measurement falls, the “mass” increases. And as the mass increases, so does its gravity. The result is a regional gravitational time dilation—the effect that causes clocks on Earth to run slower than clocks on Global Positioning System satellites, for example.
To be sure, the effect cannot be produced or detected with today’s tools. In their paper in the Proceedings of the National Academy of Sciences, the Vienna researchers—Esteban Castro Ruiz, Flaminia Giacomini, and Časlav Brukner of the university’s Vienna Center for Quantum Science and Technology—measure the time dilation effect in “decoherence time”: The greater the warping of space-time, the smaller the decoherence time. Today’s best atomic clocks are accurate to within about 3 x 10-18 (a dimensionless number, 3 parts in 10 quintillion). Measurements to this level of accuracy produce a “mass” equal to about one ten-millionth of proton. At a distance of one or two nuclear diameters, the decoherence time is on the order of the lifetime of the universe. It’s nothing to worry about in the real world.
Clock accuracy is increasing rapidly, however, and the pace of improvement is accelerating as optical clocks and optical-lattice clocks come online. The precision of optical-lattice clocks, in particular, has increased by about four orders of magnitude in the past decade. If clock accuracy climbs to about 10-27 (less than 15 years at the current rate of improvement), the mass uncertainty grows to about 7 x 1011 electronvolts (some 350 times the mass of the proton) producing a decoherence time on the order of two minutes at a distance of 10-10 meters. At this scale, the effect might become detectable.
"Our findings suggest that we need to re-examine our ideas about the nature of time when both quantum mechanics and general relativity are taken into account", said Castro in the university’s statement on the work.
IEEE Spectrum’s general technology blog, featuring news, analysis, and opinions about engineering, consumer electronics, and technology and society, from the editorial staff and freelance contributors.