Month: September 2016

Enlarge (credit: Stanford University)

In the wake of the meltdown of the Fukushima Daiichi nuclear reactors, Japan shut its entire nuclear fleet in order to develop more rigorous safety standards and inspect the remaining plants. As of now, plants are only beginning to come back online.

Given that Japan had recently relied on nuclear for over a quarter of its electricity, the expectation is that emissions would rise dramatically. But that hasn't turned out to be the case. While coal use has gone up, it hasn't risen by more than 10 percent. And a heavy dose of conservation has cut Japan's total electricity use to below where it was at the end of last decade.

(credit: US Energy Information Agency)

The data indicate that nuclear was playing a decreasing role in Japan's energy mix even prior to Fukushima, being displaced in part by natural gas and in part by petroleum. By 2012, however, nuclear was mostly gone. Conservation had already dropped Japan's electricity use below a PetaWatt-hour, and further efforts have turned the drop in electricity use into an ongoing trend.

(credit: Ron Amadeo)

It was a bad week for millions of Android phone users. Two critical vulnerabilities were disclosed but remain unpatched in a large percentage of devices, while, separately, malicious apps were downloaded as many as 2.5 million times from Google's official Play Marketplace.

The vulnerabilities, which are similar in severity to the Stagefright family of bugs disclosed last year, have been fixed in updates Google began distributing Tuesday. A large percentage of Android phones, however, aren't eligible to receive the fixes. Even those that do qualify don't receive them immediately (the patches are currently not available for either of the Nexus 5X devices in my household). That gives attackers crude blueprints for exploiting vulnerabilities that remain unpatched on millions of devices.

"Extremely serious bug"

The first vulnerability was disclosed by Mark Brand, a researcher with Google's Project Zero security team. Indexed as CVE 2016-3861, it allows attackers to execute malware or escalate local privileges on vulnerable phones. Brand warned that it's "an extremely serious bug" because it can be exploited in a large variety of ways. He also said CVE 2016-3861 wasn't particularly hard to detect, a finding that increases the chances that other researchers already knew about it. (In any event, Brand included exploit code with his disclosure.) Brand didn't say exactly which Android version introduced the code-execution vulnerability, but he indicated that it's present in at least several of the most recent releases.

(credit: Sven Schiffer)

Who hasn’t tried to salvage a mouthwatering morsel tragically lost to a germ-covered floor by blurting “FIVE-SECOND RULE!” before diving to the rescue? Even the most intelligent among us might be apt to cite the tenet with the fervor of an emergency responder. But let’s face it: the chances that some magical cut-off of five seconds will spare food from irreparable defiling was always far-fetched. Still, if you need hard-hitting evidence, researchers have now provided a comprehensive study that proves the rule is down for the count.

After analyzing several floor materials, food types, contamination methods, and resting times, researchers at Rutgers show conclusively that food can easily become contaminated in less than five seconds. In fact, contamination may take less than one second in some scenarios. In a small consolation, the researchers note that the general theory behind the debunked rule—that longer resting time on a contaminated surface will increase contamination—stands.

“Our data clearly showed that contact time does influence bacterial transfer, with more bacteria transferred at longer times,” food scientists Robyn Miranda and Donald Schaffner report in the journal Applied and Environmental Microbiology. However, they conclude “that other factors including the nature of the food and the surface are of equal or greater importance.” And in the end “some transfer takes place ‘instantaneously’ at times <1 s, disproving the ‘five second rule.’”

James Liang worked for Volkswagen's Wolfsburg plant while he developed diesel engines. (credit: Bruno Kussler Marques)

In a Detroit District Court today, 62-year-old engineer James Robert Liang pleaded guilty to conspiracy to defraud the government, commit wire fraud, and violate the Clean Air Act. Liang, currently a California resident, worked for Volkswagen’s diesel development department in Wolfsburg, Germany from 1983 to 2008.

Volkswagen Group has been beset by scandal since last September, when the Environmental Protection Agency (EPA) made public that VW had been including illegal software in diesel Volkswagens and Audis. The software detected when the cars were being tested in a lab so that they could pass emissions tests, but once the cars hit real-world conditions, the software circumvented the emissions control system to spew large amounts of nitrogen oxide (NO_x) into the atmosphere.

According to the plea agreement (PDF), in 2006 Liang and others began building the EA 189 diesel engine that has been the center of the controversy. When the engineers realized they couldn’t meet consumer expectations and US air quality standards at the same time, they began looking into using illegal software (often known in the auto industry as a “defeat device”). By 2008, Liang worked to “calibrate and refine the defeat device.” Later that year, he moved to the US to help with “certification, testing, and warranty issues” for the company’s new diesels.

Comcast's X1 TV system and apps. (credit: Comcast)

Comcast has accused the Federal Communications Commission of violating the law with its new proposal for helping consumers avoid renting set-top boxes.

The FCC ditched its original plan for boosting competition in the set-top box industry in order to adopt one supported by Comcast and other cable companies. The commission’s original plan would have forced cable companies to provide video and programming information to makers of third-party hardware or applications, letting the third parties create their own software and user interfaces through which cable customers could watch the channels they subscribe to.

Cable companies pitched an alternative plan in which TV providers would build their own applications for third-party devices, and FCC Chairman Tom Wheeler yesterday took the cable companies up on their offer. But the cable companies are still mad because the FCC made a few changes to the cable industry proposal instead of accepting it as is.

If you're buying a new Galaxy Note 7, look for the small black square and the big blue S. (credit: Samsung)

Samsung's latest flagship smartphone, the Galaxy Note 7, is prone to exploding. Once the flaw was discovered, Note 7 sales were halted, but that move only came after millions of devices were shipped to consumers and retail outlets. Samsung is now faced with recalling millions of potentially dangerous devices, and it's up to consumers to identify the potentially explosive devices from the non-explosive ones. Communicating this to every Note 7 customer is turning into a challenge, as a few days after the recall a Note 7 apparently burned down a customer's Jeep.

If you're shopping for a Galaxy Note 7, Samsung has announced a new bar code label for the box that will let you know your new device is not explosive. The new packaging is shown above, which Samsung says has "clear identifiers on the box; a small black square on the white bar code label along with a white sticker with a blue letter ‘S’."

That new packaging requires you to have the box handy, though. If you want to know if an unboxed Galaxy Note 7 has been repaired, things are a little more complicated. Samsung says that next Tuesday, September 13, the company will launch an online IMEI database that will let customers type in their device's unique ID and lookup if it has been fixed. On the Galaxy Note 7, the IMEI number is located on the bottom of the device next to the USB port. Customers can also call Samsung customer service to have their device identified.