Chip and Skim: cloning EMV cards with the pre-play attack

EMV, also known as "Chip and PIN", is the leading system for card payments worldwide. It is used throughout Europe and much of Asia, and is starting to be introduced in North America too. Payment cards contain a chip so they can execute an authentication protocol. This protocol requires point-of-sale (POS) terminals or ATMs to generate a nonce, called the unpredictable number, for each transaction to ensure it is fresh. We have discovered that some EMV implementers have merely used counters, timestamps or home-grown algorithms to supply this number. This exposes them to a "pre-play" attack which is indistinguishable from card cloning from the standpoint of the logs available to the card-issuing bank, and can be carried out even if it is impossible to clone a card physically (in the sense of extracting the key material and loading it into another card). Card cloning is the very type of fraud that EMV was supposed to prevent. We describe how we detected the vulnerability, a survey methodology we developed to chart the scope of the weakness, evidence from ATM and terminal experiments in the field, and our implementation of proof-of-concept attacks. We found flaws in widely-used ATMs from the largest manufacturers. We can now explain at least some of the increasing number of frauds in which victims are refused refunds by banks which claim that EMV cards cannot be cloned and that a customer involved in a dispute must therefore be mistaken or complicit. Pre-play attacks may also be carried out by malware in an ATM or POS terminal, or by a man-in-the-middle between the terminal and the acquirer. We explore the design and implementation mistakes that enabled the flaw to evade detection until now: shortcomings of the EMV specification, of the EMV kernel certification process, of implementation testing, formal analysis, or monitoring customer complaints. Finally we discuss countermeasures

Side-channel based intrusion detection for industrial control systems

Industrial Control Systems are under increased scrutiny. Their security is historically sub-par, and although measures are being taken by the manufacturers to remedy this, the large installed base of legacy systems cannot easily be updated with state-of-the-art security measures. We propose a system that uses electromagnetic side-channel measurements to detect behavioural changes of the software running on industrial control systems. To demonstrate the feasibility of this method, we show it is possible to profile and distinguish between even small changes in programs on Siemens S7-317 PLCs, using methods from cryptographic side-channel analysis.Comment: 12 pages, 7 figures. For associated code, see https://polvanaubel.com/research/em-ics/code

Polar Cremona Transformations and Monodromy of Polynomials

Consider the gradient map associated to any non-constant homogeneous polynomial f\in \C[x_0,...,x_n] of degree $d$, defined by \phi_f=grad(f): D(f)\to \CP^n, (x_0:...:x_n)\to (f_0(x):...:f_n(x)) where D(f)=\{x\in \CP^n; f(x)\neq 0\} is the principal open set associated to $f$ and $f_i=\frac{\partial f}{\partial x_i}$. This map corresponds to polar Cremona transformations. In Proposition \ref{p1} we give a new lower bound for the degree $d(f)$ of $\phi_f$ under the assumption that the projective hypersurface $V:f=0$ has only isolated singularities. When $d(f)=1$, Theorem \ref{t4} yields very strong conditions on the singularities of $V$.Comment: 8 page

Methyl 4-eth­oxy-2-methyl-2H-1,2-benzothia­zine-3-carboxyl­ate 1,1-dioxide

In the crystal structure of the title compound, C13H15NO5S, the mol­ecules exhibit weak S=O⋯H—C and C=O⋯H—C inter­molecular inter­actions and arrange themselves into centrosymmetric dimers by means of π–π inter­actions (ring centroids are separated by 3.619 Å, while the closest C⋯C contacts are 3.514 Å). 1,2-Benzothia­zines of this kind have a range of biological activities and are used as medicines in the treatment of inflammation and rheumatoid arthritis

Ethyl 5-amino-1-(4-chloro-2-nitro­phen­yl)-1H-pyrazole-4-carboxyl­ate

In the mol­ecule of the title compound, C12H11ClN4O4, the pyrazole ring is coplanar with the amino and ethoxy­carbonyl groups within 0.026 (2) and 0.105 (2) Å, respectively. The C 6 ring of the 4-chloro-2-nitro­phenyl group is twisted by 53.58 (4)° relative to the plane of the pyrazole ring. The planar structure of the pyrazole ring is stabilized by an intra­molecular N—H⋯O hydrogen bond between its substituents. Neighbouring mol­ecules are linked through inter­molecular N—H⋯N and N—H⋯O hydrogen bonds, giving rise to one-dimensional tapes along the b axis. Mol­ecules in the chain are linked to those of an adjacent chain through weak C—H⋯O inter­actions, forming a three-dimensional network

Sample matching by inferred agonal stress in gene expression analyses of the brain

<p>Abstract</p> <p>Background</p> <p>Gene expression patterns in the brain are strongly influenced by the severity and duration of physiological stress at the time of death. This agonal effect, if not well controlled, can lead to spurious findings and diminished statistical power in case-control comparisons. While some recent studies match samples by tissue pH and clinically recorded agonal conditions, we found that these indicators were sometimes at odds with observed stress-related gene expression patterns, and that matching by these criteria still sometimes results in identifying case-control differences that are primarily driven by residual agonal effects. This problem is analogous to the one encountered in genetic association studies, where self-reported race and ethnicity are often imprecise proxies for an individual's actual genetic ancestry.</p> <p>Results</p> <p>We developed an Agonal Stress Rating (ASR) system that evaluates each sample's degree of stress based on gene expression data, and used ASRs in <it>post hoc </it>sample matching or covariate analysis. While gene expression patterns are generally correlated across different brain regions, we found strong region-region differences in empirical ASRs in many subjects that likely reflect inter-individual variabilities in local structure or function, resulting in region-specific vulnerability to agonal stress.</p> <p>Conclusion</p> <p>Variation of agonal stress across different brain regions differs between individuals, revealing a new level of complexity for gene expression studies of brain tissues. The Agonal Stress Ratings quantitatively assess each sample's extent of regulatory response to agonal stress, and allow a strong control of this important confounder.</p

Computing the everyday: social media as data platforms

We conceive social media platforms as sociotechnical entities that variously shape user platform involvement and participation. Such shaping develops along three fundamental data operations that we subsume under the terms of encoding, aggregation, and computation. Encoding entails the engineering of user platform participation along narrow and standardized activity types (e.g., tagging, liking, sharing, following). This heavily scripted platform participation serves as the basis for the procurement of discrete and calculable data tokens that are possible to aggregate and, subsequently, compute in a variety of ways. We expose these operations by investigating a social media platform for shopping. We contribute to the current debate on social media and digital platforms by describing social media as posttransactional spaces that are predominantly concerned with charting and profiling the online predispositions, habits, and opinions of their user base. Such an orientation sets social media platforms apart from other forms of mediating online interaction. In social media, we claim, platform participation is driven toward an endless online conversation that delivers the data footprint through which a computed sociality is made the source of value creation and monetization

Expression of Foot-and-Mouth Disease Virus Capsid Proteins in Silkworm-Baculovirus Expression System and Its Utilization as a Subunit Vaccine

Background: Foot-and-mouth disease (FMD) is a highly contagious disease of livestock that causes severe economic loss in susceptible cloven-hoofed animals. Although the traditional inactivated vaccine has been proved effective, it may lead to a new outbreak of FMD because of either incomplete inactivation of FMDV or the escape of live virus from vaccine production workshop. Thus, it is urgent to develop a novel FMDV vaccine that is safer, more effective and more economical than traditional vaccines. Methodology and Principal Findings: A recombinant silkworm baculovirus Bm-P12A3C which contained the intact P1-2A and 3C protease coding regions of FMDV Asia 1/HNK/CHA/05 was developed. Indirect immunofluorescence test and sandwich-ELISA were used to verify that Bm-P12A3C could express the target cassette. Expression products from silkworm were diluted to 30 folds and used as antigen to immunize cattle. Specific antibody was induced in all vaccinated animals. After challenge with virulent homologous virus, four of the five animals were completely protected, and clinical symptoms were alleviated and delayed in the remaining one. Furthermore, a PD50 (50 % bovine protective dose) test was performed to assess the bovine potency of the subunit vaccine. The result showed the subunit vaccine could achieve 6.34 PD50 per dose

Gene Expression Studies in Major Depression

The dramatic technical advances in methods to measure gene expression on a genome-wide level thus far have not been paralleled by breakthrough discoveries in psychiatric disorders—including major depression (MD)—using these hypothesis-free approaches. In this review, we first describe the methodologic advances made in gene expression analysis, from quantitative polymerase chain reaction to next-generation sequencing. We then discuss issues in gene expression experiments specific to MD, ranging from the choice of target tissues to the characterization of the case group. We provide a synopsis of the gene expression studies published thus far for MD, with a focus on studies using mRNA microarray methods. Finally, we discuss possible new strategies for the gene expression studies in MD that circumvent some of the addressed issues