Connect with us

Gadgets

Gates-backed Lumotive upends lidar conventions using metamaterials – TechCrunch

Published

on

Pretty much every self-driving car on the road, not to mention many a robot and drone, uses lidar to sense its surroundings. But useful as lidar is, it also involves physical compromises that limit its capabilities. Lumotive is a new company with funding from Bill Gates and Intellectual Ventures that uses metamaterials to exceed those limits, perhaps setting a new standard for the industry.

The company is just now coming out of stealth, but it’s been in the works for a long time. I actually met with them back in 2017 when the project was very hush-hush and operating under a different name at IV’s startup incubator. If the terms “metamaterials” and “Intellectual Ventures” tickle something in your brain, it’s because the company has spawned several startups that use intellectual property developed there, building on the work of materials scientist David Smith.

Metamaterials are essentially specially engineered surfaces with microscopic structures — in this case, tunable antennas — embedded in them, working as a single device.

Echodyne is another company that used metamaterials to great effect, shrinking radar arrays to pocket size by engineering a radar transceiver that’s essentially 2D and can have its beam steered electronically rather than mechanically.

The principle works for pretty much any wavelength of electromagnetic radiation — i.e. you could use X-rays instead of radio waves — but until now no one has made it work with visible light. That’s Lumotive’s advance, and the reason it works so well.

Flash, 2D and 1D lidar

Lidar basically works by bouncing light off the environment and measuring how and when it returns; this can be accomplished in several ways.

Flash lidar basically sends out a pulse that illuminates the whole scene with near-infrared light (905 nanometers, most likely) at once. This provides a quick measurement of the whole scene, but limited distance as the power of the light being emitted is limited.

2D or raster scan lidar takes an NIR laser and plays it over the scene incredibly quickly, left to right, down a bit, then does it again, again and again… scores or hundreds of times. Focusing the power into a beam gives these systems excellent range, but similar to a CRT TV with an electron beam tracing out the image, it takes rather a long time to complete the whole scene. Turnaround time is naturally of major importance in driving situations.

1D or line scan lidar strikes a balance between the two, using a vertical line of laser light that only has to go from one side to the other to complete the scene. This sacrifices some range and resolution but significantly improves responsiveness.

Lumotive offered the following diagram, which helps visualize the systems, although obviously “suitability” and “too short” and “too slow” are somewhat subjective:

The main problem with the latter two is that they rely on a mechanical platform to actually move the laser emitter or mirror from place to place. It works fine for the most part, but there are inherent limitations. For instance, it’s difficult to stop, slow or reverse a beam that’s being moved by a high-speed mechanism. If your 2D lidar system sweeps over something that could be worth further inspection, it has to go through the rest of its motions before coming back to it… over and over.

This is the primary advantage offered by a metamaterial system over existing ones: electronic beam steering. In Echodyne’s case the radar could quickly sweep over its whole range like normal, and upon detecting an object could immediately switch over and focus 90 percent of its cycles tracking it in higher spatial and temporal resolution. The same thing is now possible with lidar.

Imagine a deer jumping out around a blind curve. Every millisecond counts because the earlier a self-driving system knows the situation, the more options it has to accommodate it. All other things being equal, an electronically steered lidar system would detect the deer at the same time as the mechanically steered ones, or perhaps a bit sooner; upon noticing this movement, it could not just make more time for evaluating it on the next “pass,” but a microsecond later be backing up the beam and specifically targeting just the deer with the majority of its resolution.

Just for illustration. The beam isn’t some big red thing that comes out.

Targeted illumination would also improve the estimation of direction and speed, further improving the driving system’s knowledge and options — meanwhile, the beam can still dedicate a portion of its cycles to watching the road, requiring no complicated mechanical hijinks to do so. Meanwhile, it has an enormous aperture, allowing high sensitivity.

In terms of specs, it depends on many things, but if the beam is just sweeping normally across its 120×25 degree field of view, the standard unit will have about a 20Hz frame rate, with a 1000×256 resolution. That’s comparable to competitors, but keep in mind that the advantage is in the ability to change that field of view and frame rate on the fly. In the example of the deer, it may maintain a 20Hz refresh for the scene at large but concentrate more beam time on a 5×5 degree area, giving it a much faster rate.

Meta doesn’t mean mega-expensive

Naturally one would assume that such a system would be considerably more expensive than existing ones. Pricing is still a ways out — Lumotive just wanted to show that its tech exists for now — but this is far from exotic tech.

CG render of a lidar metamaterial chip.The team told me in an interview that their engineering process was tricky specifically because they designed it for fabrication using existing methods. It’s silicon-based, meaning it can use cheap and ubiquitous 905nm lasers rather than the rarer 1550nm, and its fabrication isn’t much more complex than making an ordinary display panel.

CTO and co-founder Gleb Akselrod explained: “Essentially it’s a reflective semiconductor chip, and on the surface we fabricate these tiny antennas to manipulate the light. It’s made using a standard semiconductor process, then we add liquid crystal, then the coating. It’s a lot like an LCD.”

An additional bonus of the metamaterial basis is that it works the same regardless of the size or shape of the chip. While an inch-wide rectangular chip is best for automotive purposes, Akselrod said, they could just as easily make one a quarter the size for robots that don’t need the wider field of view, or a larger or custom-shape one for a specialty vehicle or aircraft.

The details, as I said, are still being worked out. Lumotive has been working on this for years and decided it was time to just get the basic information out there. “We spend an inordinate amount of time explaining the technology to investors,” noted CEO and co-founder Bill Colleran. He, it should be noted, is a veteran innovator in this field, having headed Impinj most recently, and before that was at Broadcom, but is perhaps is best known for being CEO of Innovent when it created the first CMOS Bluetooth chip.

Right now the company is seeking investment after running on a 2017 seed round funded by Bill Gates and IV, which (as with other metamaterial-based startups it has spun out) is granting Lumotive an exclusive license to the tech. There are partnerships and other things in the offing, but the company wasn’t ready to talk about them; the product is currently in prototype but very showable form for the inevitable meetings with automotive and tech firms.

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Gadgets

Feds list the top 30 most-exploited vulnerabilities. Many are years old

Published

on

Government officials in the US, UK, and Australia are urging public- and private-sector organizations to secure their networks by ensuring firewalls, VPNs, and other network-perimeter devices are patched against the most widespread exploits.

In a joint advisory published Wednesday, the US FBI and CISA (Cybersecurity and Infrastructure Security Agency), the Australian Cyber Security Center, and the UK’s National Cyber Security Center listed the top 30 or so most-exploited vulnerabilities. The vulnerabilities reside in a host of devices or software marketed by the likes of Citrix, Pulse Secure, Microsoft, and Fortinet.

“Cyber actors continue to exploit publicly known—and often dated—software vulnerabilities against broad target sets, including public and private sector organizations worldwide,” the advisory stated. “However, entities worldwide can mitigate the vulnerabilities listed in this report by applying the available patches to their systems and implementing a centralized patch management system.”

What, me patch?

Four of the most-targeted vulnerabilities last year resided in VPNs, cloud-based services, and other devices that allow people to remotely access employer networks. Despite the explosion in work-from-home employees driven by the COVID-19 pandemic, many VPN gateway devices remained unpatched during 2020.

Discovery dates of the top 4 vulnerabilities ranged from 2018 to 2020, an indication of how common it is for many organizations using the affected devices to withhold applying security patches. The security flaws include CVE-2019-19781, a remote code-execution bug in Citrix’s application delivery controller (which customers use to perform load balancing of inbound application traffic); CVE 2019-11510, which allows attackers to remotely read sensitive files stored by the Pulse Secure Pulse Connect Secure VPN; CVE 2018-13379, a path-traversal weakness in VPNs made by Fortinet; and CVE 2020-5902, a code-execution vulnerability in the BIG-IP advanced delivery controller made by F5.

The top 12 flaws are:

Vendor CVE Type
Citrix CVE-2019-19781 arbitrary code execution
Pulse CVE 2019-11510 arbitrary file reading
Fortinet CVE 2018-13379 path traversal
F5- Big IP CVE 2020-5902 remote code execution (RCE)
MobileIron CVE 2020-15505 RCE
Microsoft CVE-2017-11882 RCE
Atlassian CVE-2019-11580 RCE
Drupal CVE-2018-7600 RCE
Telerik CVE 2019-18935 RCE
Microsoft CVE-2019-0604 RCE
Microsoft CVE-2020-0787 elevation of privilege
Netlogon CVE-2020-1472 elevation of privilege

Breaching the gate

The vulnerabilities—all of which have received patches from vendors—have provided the opening vector from an untold number of serious intrusions. For instance, according to an advisory the US government issued in April, hackers working for the Russian government routinely exploited CVE-2018-13379, CVE-2019-11510, and CVE-2019-19781.

That same month, word emerged that a different set of hackers was also exploiting CVE-2018-13379. In one case, the hackers allowed ransomware operators to seize control of two production facilities belonging to a European manufacturer.

Wednesday’s advisory went on to say:

CISA, ACSC, the NCSC, and FBI assess that public and private organizations worldwide remain vulnerable to compromise from the exploitation of these CVEs. Malicious cyber actors will most likely continue to use older known vulnerabilities, such as CVE-2017-11882 affecting Microsoft Office, as long as they remain effective and systems remain unpatched. Adversaries’ use of known vulnerabilities complicates attribution, reduces costs, and minimizes risk because they are not investing in developing a zero-day exploit for their exclusive use, which they risk losing if it becomes known.

The officials also listed 13 vulnerabilities discovered this year that are also being exploited in large numbers. The vulnerabilities are:

  • Microsoft Exchange: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE2021-27065
  • Pulse Secure: CVE-2021-22893, CVE-2021-22894, CVE-2021-22899, and CVE-2021-22900
  • Accellion: CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104
  • VMware: CVE-2021-21985

The advisory provides technical details for each vulnerability, mitigation guidance, and indicators of compromise to help organizations determine if they’re vulnerable or have been hacked. The advisory also provides guidance for locking down systems.

Continue Reading

Gadgets

Apple, AMD, and Intel shift priorities as chip shortages continue

Published

on

Enlarge / Sure, it’s cheaply produced clip art… but it’s also a disturbingly accurate picture of the current state of supply and demand in the semiconductor product market.

2021’s infamous chip shortages aren’t only affecting automakers. In a post-earnings conference call Tuesday, Apple CEO Tim Cook said, “We’ll do everything we can to mitigate whatever circumstances we’re dealt”—a statement that likely means the company will ration its chip supplies, prioritizing the most profitable and in-demand items such as iPhones and AirPods, at the expense of less profitable and lower-demand items.

CFRA analyst Angelo Zino told Reuters that Cook’s somewhat cryptic statement “largely reflects the timing of new product releases”—specifically, new iPhone releases in September. Counterpoint Research Director Jeff Fieldhack speculates from the flip side of the same coin, saying the company will likely direct supply chain “pain” to its least lucrative products. “Assuming Apple prioritizes the iPhone 12 family, it probably affects iPads, Macs, and older iPhones more,” Fieldhack said.

Processor manufacturer AMD has also been carefully managing its supply chain in response to pandemic-induced shortages. With flagship products that finally outperform rival Intel’s, AMD is focusing on the more profitable high end of the market while leaving the economy segment—until a few years ago, its strongest performer—to Intel. “We’re focusing on the most strategic segments of the PC market,” CEO Lisa Su told investors on a conference call.

Apple and AMD are two of semiconductor foundry TSMC’s largest customers—but the problem isn’t limited to TSMC. Intel, which operates its own foundries, acknowledges supply problems of its own. Intel CEO Pat Gelsinger told the BBC that shortages will get worse in the second half of 2021—and that it will be “a year or two” before supplies return to normal.

Gelsinger played up the importance of building new foundries, as Intel is currently doing in Arizona. But he warns that the foundries will take time to get up to speed and begin alleviating shortages—predicting “a year to two years until we’re back to some reasonable supply-demand balance.” This news arrives on the heels of a delay Intel announced this week for its forthcoming 7 nm process, now not expected until 2022.

In some ways, Intel may actually benefit long-term from the pandemic-related supply chain shortages. Although Intel is falling behind rivals AMD and Apple in both performance and power efficiency, the market can only move so far in the absence of supply.

With all vendors selling essentially every processor they can build, Intel’s long-standing ability to produce 80 percent of the world’s x86 desktop CPUs and 90 percent of x86 data center CPUs cements its place in the market—for now—despite ceding performance crowns to its rivals.

Continue Reading

Gadgets

Here’s what that Google Drive “security update” message means

Published

on

“A security update will be applied to Drive,” Google’s weird new email reads. A whole bunch of us on the Ars Technica staff got blasted with this last night. If you visit drive.google.com, you’ll also see a message saying, “On September 13, 2021, a security update will be applied to some of your files.” You can even see a list of the affected files, which have all gotten an unspecified “security update.” So what is this all about?

Google is changing the way content sharing works on Drive. Drive files have two sharing options: a single-person allow list (where you share a Google Doc with specific Google accounts) and a “get link” option (where anyone with the link can access the file). The “get link” option works the same way as unlisted YouTube videos—it’s not really private but, theoretically, not quite public, either, since the link needs to be publicized somewhere. The secret sharing links are really just security through obscurity, and it turns out the links are actually guessable.

Along with Drive, Google is also changing the way unlisted YouTube links work, and the YouTube support page actually describes this change better than Drive does:

In 2017, we rolled out an update to the system that generates new YouTube Unlisted links, which included security enhancements that make the links for your Unlisted videos even harder for someone to discover if you haven’t shared the link with them.

Google knew about the problem of guessable secret links for a while and changed the way link generation works back in 2017 (presumably for Drive, too?). Of course, that doesn’t affect links you’ve shared in the past, and soon Google is going to require your old links to change, which can break them. Google’s new link scheme adds a “resourcekey” to the end of any shared Drive links, making them harder to guess. So a link that used to look like “https://drive.google.com/file/d/0BxI1YpjkbX0OZ0prTHYyQ1U2djQ/” will now look like “https://drive.google.com/file/d/0BxI1YpjkbX0OZ0prTHYyQ1U2djQ/view?resourcekey=0-OsOHHiQFk1QEw6vIyh8v_w.” The resource key makes it harder to guess.

If you head to drive.google.com/drive/update-drives in a browser, you should be able to see a list of your impacted files, and if you mouse over them you’ll see a button on the right to remove or apply the security update. “Applied” means the resourcekey will be required after September 13, 2021, and will (mostly) break the old link, while “removed” means the resourcekey isn’t required and any links out there should keep working.

Google's "impacted files" interface. Feel free to add or remove that security update.

Google’s “impacted files” interface. Feel free to add or remove that security update.

YouTube already went through this process earlier in the month, with all unlisted links before 2017 going dead, unless the owners of the videos are still active on YouTube and opted out. Drive is doing this with a bit more finesse than YouTube, though. Thanks to account-based sharing, anyone who accessed your unlisted Drive links in the past will still be granted access to them, even if you upgrade the security. No new people will be able to access the old, upgraded link, though. This way, if you have a stable community that uses an unlisted file, it should mostly be able to keep on trucking. Any new members, however, will be locked out and will need to request access. If you don’t want this, at any point the owner of the file can hit the “share” button and change the settings to generate a new link or turn off the link altogether.

Not letting third parties create a list of all your unlisted files is a good thing, but don’t confuse this link change with any actual security. You should never share anything over the “unlisted” or “get link” features on YouTube, Drive, or Google Photos if you actually want it to be private. Secret links are just security through obscurity, and even with Google’s upgrades, they should not be considered secure or undiscoverable. This arrangement is totally fine for casual documents, but always assume that anyone in the world can read an “unlisted” file. If you’re OK with that, fine. But if not, use Google’s actually private account-based sharing options.

Continue Reading

Trending