Gesellschaftliche Bedrohung von Rechts: Analyse der Beratungsanfragen an die Mobilen Beratungen gegen Rechtsextremismus NRW

Aus den aktuellen Beobachtungen eines wachsenden Rechtspopulismus und der Zunahme von rassistischen und demokratiefeindlichen sozialen Bewegungen in der BRD entstand das Forschungsinteresse, nach den Folgen und Erscheinungsformen von Rechtsextremismus und Rassismus im Alltag der Menschen sowie nach dem Engagement für den Erhalt demokratischer Räume in der Gesellschaft zu fragen. Ausgewertet wurden hierfür 970 Beratungsanfragen an die Mobilen Beratungen gegen Rechtsextremismus NRW aus den Jahren 2012 bis 2018. Die Mobilen Beratungen gegen Rechtsextremismus engagieren sich für belastbare demokratische Strukturen. Die Expertise befasst sich im Kern mit der Frage: Wer wendet sich aus welchen Gründen mit welchen Erwartungen an die Beratungsstellen? Die Studie zeigt auf, wie die Mobile Beratung gegen Rechtsextremismus mit Anliegen und Bedarfen adressiert wird. Ihre Arbeit, so zeigt sich, bewegt sich zwischen der Notwendigkeit von Krisenintervention, dem Bedarf an Wissensvermittlung und dem Anspruch auf Strukturveränderung sowie dem Aufbau belastbarer demokratischer Strukturen.From the current observation of a growing right-wing populism and the increase of racist and anti-democratic social movements in the FRG, the research interest arose to ask about the consequences and manifestations of right-wing extremism and racism in everyday life and the commitment to the preservation of democratic spaces in society. 970 consulting requests of the Mobile Consultation Against Right-Wing Extremism NRW from the years 2012 to 2018 were evaluated. The Mobile Consultations Against Right-Wing Extremism are committed to resilient democratic structures. The core of the expertise deals with the question: who addresses, for what reasons, with what expectations of the counseling centers? The expertise shows how the mobile counseling against right-wing extremism is addressed with issues and needs. Their work moves between the need for crisis intervention, the need for knowledge transfer and the claim to structural change and the development of resilient democratic structures

A Formal Security Analysis of the W3C Web Payment APIs: Attacks and Verification

Payment is an essential part of e-commerce. Merchants usually rely on third-parties, so-called payment processors, who take care of transferring the payment from the customer to the merchant. How a payment processor interacts with the customer and the merchant varies a lot. Each payment processor typically invents its own protocol that has to be integrated into the merchant’s application and provides the user with a new, potentially unknown and confusing user experience. Pushed by major companies, including Apple, Google, Mastercard, and Visa, the W3C is currently developing a new set of standards to unify the online checkout process and “streamline the user’s payment experience”. The main idea is to integrate payment as a native functionality into web browsers, referred to as the Web Payment APIs. While this new checkout process will indeed be simple and convenient from an end-user perspective, the technical realization requires rather significant changes to browsers. Many major browsers, such as Chrome, Firefox, Edge, Safari, and Opera, already implement these new standards, and many payment processors, such as Google Pay, Apple Pay, or Stripe, support the use of Web Payment APIs for payments. The ecosystem is constantly growing, meaning that the Web Payment APIs will likely be used by millions of people worldwide. So far, there has been no in-depth security analysis of these new standards. In this paper, we present the first such analysis of the Web Payment APIs standards, a rigorous formal analysis. It is based on the Web Infrastructure Model (WIM), the most comprehensive model of the web infrastructure to date, which, among others, we extend to integrate the new payment functionality into the generic browser model. Our analysis reveals two new critical vulnerabilities that allow a malicious merchant to over-charge an unsuspecting customer. We have verified our attacks using the Chrome implementation and reported these problems to the W3C as well as the Chrome developers, who have acknowledged these problems. Moreover, we propose fixes to the standard, which by now have been adopted by the W3C and Chrome, and prove that the fixed Web Payment APIs indeed satisfy strong security properties

Security Analysis of the Web Payment APIs

The Web Payment APIs are a set of specifications by the W3C Web Payments Working Group that aim to offer a set of new and improved checkout mechanisms for the web. Thousands of online shops provide customers with nearly endless possibilities of buying products. Although they differ in their products and customers, they all share the need for a checkout process to obtain customer information and a corresponding financial transaction. As these specifications strive to become the new standard for web payments, security is a crucial aspect. In this work, we created an extended version of the Web Infrastructure Model by expanding it with the APIs and functionalities described in the aforementioned specifications of the Web Payment APIs. Within the model, we performed a formal security analysis which led to the discovery of a possible attack and additional vulnerabilities. We offered mitigations against this attack and said vulnerabilities and showed that the resulting model satisfies the modeled security properties. By doing so, we show that the resulting model guarantees that payments can only be performed in an authorized manner and that the integrity of the financial transactions is ensured. After making the Chromium team aware of the found attack, they implemented our proposed mitigation approach and released a patch that was already distributed to millions of devices at the time of writing.Mit Hilfe der Web Payment APIs will die W3C Web Payments Working Group einen Standard etablieren der schnellere, einfachere und sicherere Bezahlvorgänge im Internet ermöglichen soll. Die in den Spezifikationen beschriebenen Schnittstellen und Erweiterungen ermöglichen es dem Browser als Vermittler zwischen dem Käufer, dem Verkäufer und dem Anbieter der Zahlungsmethode aufzutreten. Da Sicherheit ein sehr wichtiger Aspekt be Zahlungsvorgängen darstellt, untersuchte diese Arbeit die Sicherheitseigenschaften der Web Payment APIs. Dafür wurden innerhalb dieser Arbeit die Web Payment APIs in das Web Infrastructure Model integriert um dort formalisierte Sicherheitseigenschaften zu untersuchen. Bei dieser Untersuchung wurden eine Angriffsmöglichkeit und zwei mögliche Schwachstellen innerhalb der Spezifikationen gefunden. Innerhalb des Models zeigen wir auf, durch welche Änderungen diese Angriffsmöglichkeit und die Schwachstelle behoben werden können, sodass die spezifizierten Sicherheitseigenschaften erfüllt werden

Low temperature hydrothermal synthesis of battery grade lithium iron phosphate

Lithium ion transport through the cathode material LiFePO4 (LFP) occurs predominately along one-dimensional channels in the [010] direction. This drives interest in hydrothermal syntheses, which enable control over particle size and aspect ratio. However, typical hydrothermal syntheses are performed at high pressures and are energy intensive compared to solid-state reactions, making them less practical for commercial use. Here, we show that the use of high precursor concentrations enables us to achieve highly crystalline material at record low-temperatures via a hydrothermal route. We produce LFP platelets with thin [010] dimensions and low antisite defect concentrations that exhibit specific discharge capacities of 150 mA h g−1, comparable to material produced with higher temperature syntheses. An energy consumption analysis indicates that the energy required for our synthesis is 30% less than for typical hydrothermal syntheses and is comparable to solid-state reactions used today, highlighting the potential for low temperature hydrothermal synthesis routes in commercial battery material production.ISSN:2046-206

A Formal Security Analysis of the W3C Web Payment APIs : Attacks and Verification

Payment is an essential part of e-commerce. Merchants usually rely on third-parties, so-called payment processors, who take care of transferring the payment from the customer to the merchant. How a payment processor interacts with the customer and the merchant varies a lot. Each payment processor typically invents its own protocol that has to be integrated into the merchant’s application and provides the user with a new, potentially unknown and confusing user experience.Pushed by major companies, including Apple, Google, Master-card, and Visa, the W3C is currently developing a new set of standards to unify the online checkout process and “streamline the user’s payment experience”. The main idea is to integrate payment as a native functionality into web browsers, referred to as the Web Payment APIs. While this new checkout process will indeed be simple and convenient from an end-user perspective, the technical realization requires rather significant changes to browsers.Many major browsers, such as Chrome, Firefox, Edge, Safari, and Opera, already implement these new standards, and many payment processors, such as Google Pay, Apple Pay, or Stripe, support the use of Web Payment APIs for payments. The ecosystem is constantly growing, meaning that the Web Payment APIs will likely be used by millions of people worldwide.So far, there has been no in-depth security analysis of these new standards. In this paper, we present the first such analysis of the Web Payment APIs standards, a rigorous formal analysis. It is based on the Web Infrastructure Model (WIM), the most comprehensive model of the web infrastructure to date, which, among others, we extend to integrate the new payment functionality into the generic browser model.Our analysis reveals two new critical vulnerabilities that allow a malicious merchant to over-charge an unsuspecting customer. We have verified our attacks using the Chrome implementation and reported these problems to the W3C as well as the Chrome developers, who have acknowledged these problems. Moreover, we propose fixes to the standard, which by now have been adopted by the W3C and Chrome, and prove that the fixed Web Payment APIs indeed satisfy strong security properties

Surface phonons of lithium ion battery active materials

Surfaces of active materials are understood to play an important role in the performance and lifetime of lithium-ion batteries, but they remain poorly characterized and therefore cannot yet be systematically designed. Here, we combine inelastic neutron scattering and ab initio simulations to demonstrate that the structure of the surface of active materials differs from the interior of the particle. We use LiFePO4 (LFP) as a model system, and we find that carbon coating influences the Li–O bonding on the (010) LFP surface relative to the bulk. Our results highlight how coatings can be used to systematically engineer the vibrations of atoms at the surface of battery active materials, and thereby impact lithium ion transport, charge transfer, and surface reactivity.ISSN:2398-490

Deep learning-based segmentation of lithium-ion battery microstructures enhanced by artificially generated electrodes

Accurate 3D representations of lithium-ion battery electrodes, in which the active particles, binder and pore phases are distinguished and labeled, can assist in understanding and ultimately improving battery performance. Here, we demonstrate a methodology for using deep-learning tools to achieve reliable segmentations of volumetric images of electrodes on which standard segmentation approaches fail due to insufficient contrast. We implement the 3D U-Net architecture for segmentation, and, to overcome the limitations of training data obtained experimentally through imaging, we show how synthetic learning data, consisting of realistic artificial electrode structures and their tomographic reconstructions, can be generated and used to enhance network performance. We apply our method to segment x-ray tomographic microscopy images of graphite-silicon composite electrodes and show it is accurate across standard metrics. We then apply it to obtain a statistically meaningful analysis of the microstructural evolution of the carbon-black and binder domain during battery operation.ISSN:2041-172

3D Electrochemical-Mechanical Battery Simulation Tool: Implementation with Full Cell Simulations and Verification with Operando X-ray Tomography

Most commercially used electrode materials contract and expand upon cycling. This change in volume influences the microstructure of the cell stack, which in turn impacts a range of performance parameters. Since direct observation of these microstructural changes with operando experiments is challenging and time intensive, a simulation tool that takes a real or artificially generated 3D microstructure and captures the volumetric changes in a cell during cycling would be valuable to enable rapid understanding of the impact of material choice, electrode and cell design, and operating conditions on the microstructural changes and identification of sources of mechanically-driven cell aging. Here, we report the development and verification of such a 3D electrochemical-mechanical tool, and provide an example use-case. We validate the tool by simulating the microstructural evolution of a graphite anode and a Li(Ni,Mn,Co)O2 cathode during cycling and comparing the results to X-ray tomography datasets of these electrodes taken during cycling. As an example use case for such a simulation tool, we explore how different volumetric expansion behaviors of the cathode material impact strain in the cell stack, illustrating how the material selection and its operation impact the mechanical behavior inside a cell.ISSN:0013-4651ISSN:1945-711