共找到 20 条结果
Seller of the Sound Blaster Katana V2X doesn't consider the behavior a vulnerability
暂无摘要(点击查看详情)
暂无摘要(点击查看详情)
暂无摘要(点击查看详情)
暂无摘要(点击查看详情)
暂无摘要(点击查看详情)
暂无摘要(点击查看详情)
Recent agentic-robotics systems, from Code-asPolicies to modern vision-language-action (VLA) foundation models, presuppose that drivers, SDKs, or ROS-style primitives for the target hardware already exist. Writing those primitives is the dominant engineering cost of bringing up new hardware for agent control. We present Octopus Protocol, a system that collapses that cost to a single shell command. Given only raw OS access and a language-model API key, a coding agent executes a five-stage pipeline--PROBE, IDENTIFY, INTERFACE, SERVE, DEPLOY--to discover connected devices, infer their capabilities, generate a Model Context Protocol (MCP) server with typed tools, and deploy it as a live HTTP endpoint. A persistent daemon then monitors the system, heals broken code, and perceives physical state through the camera tools it generated for itself. Two architectural principles make this work: protocols are prompts, not code, and the coding agent is the runtime. We validate the system on three heterogeneous platforms (PC/WSL, Apple Silicon macOS, Raspberry Pi 4) and on a commercial 6-DOF robotic arm with USB camera feedback. One command onboards the hardware in ~10-15 minutes and exposes up t
Attackers willing to compromise computing systems can use malicious peripherals as an attack vector, threatening users that cannot verify the hardware's authenticity. To address this problem, our work uses the Security Protocol and Data Model to propose a UEFI system capable of authenticating PCIe and USB devices trying to connect with it. We also develop an open source proof-of-concept using emulation to evaluate and illustrate our proposal, which is capable of restricting the devices' connections to only those allowed, thus protecting the system against malicious peripherals. Then, using kernel virtualization features to evaluate the emulation, we collect the number of instructions and CPU cycles during boot. Our experiments reveal that, during firmware execution, the number of instructions and the number of CPU cycles increased respectively 13% and 8% on average. This processing overhead is acceptable in view of enhanced security. Institutions requiring high security levels can leverage our proof-of-concept to tailor their own system based on their own requirements.
In this paper, we present development of a portable cosmic muon tracker tailored for both on-site measurements of cosmic muon flux as well as for outreach activities. The tracker comprises of two 70 mm x 70 mm plastic scintillators, wavelength shifting (WLS) fibers, and Hamamatsu made Silicon Photomultipliers (SiPM) S13360-2050VE. The detector uses plastic scintillator panels optically coupled to WLS fibers, which transmit scintillation light to the SiPMs. SiPM signals are routed to an electronics board equipped with op-amp amplifiers and a peak-hold circuit connected to an ESP32 microcontroller module. When muons traverse through both scintillators the light emitted is collected by the SiPMs, and thus generating signals proportional to the incident light intensity. These signals are then amplified and the pulse peak is held for 500 us. A high speed discriminator is used to generate trigger logic signals. The peak analog voltage is digitized using the onboard ADC of the ESP32 when a coincident trigger occurs. The SiPMs are powered by a High Voltage bias supply module while an onboard BMP180 module measures temperature and pressure. For real-time event tagging, a GPS module is inter
The USB protocol has become a ubiquitous standard for connecting peripherals to computers, making its security a critical concern. A recent research study demonstrated the potential to exploit weaknesses in well-established protocols, such as PCIe, and created a side-channel for leaking sensitive information by leveraging congestion within shared interfaces. Drawing inspiration from that, this project introduces an innovative approach to USB side-channel attacks via congestion. We evaluated the susceptibility of USB devices and hubs to remote profiling and side-channel attacks, identified potential weaknesses within the USB standard, and highlighted the critical need for heightened security and privacy in USB technology. Our findings discover vulnerabilities within the USB standard, which are difficult to effectively mitigate and underscore the need for enhanced security measures to protect user privacy in an era increasingly dependent on USB-connected devices.
Understanding the relationship between pathological and healthy brain structures is fundamental to neuroimaging, connecting disease diagnosis and detection with modeling, prediction, and treatment planning. However, paired pathological-healthy data are extremely difficult to obtain, as they rely on pre- and post-treatment imaging, constrained by clinical outcomes and longitudinal data availability. Consequently, most existing brain image generation and editing methods focus on visual quality yet remain domain-specific, treating pathological and healthy image modeling independently. We introduce USB (Unified Synthetic Brain), the first end-to-end framework that unifies bidirectional generation and editing of pathological and healthy brain images. USB models the joint distribution of lesions and brain anatomy through a paired diffusion mechanism and achieves both pathological and healthy image generation. A consistency guidance algorithm further preserves anatomical consistency and lesion correspondence during bidirectional pathology-healthy editing. Extensive experiments on six public brain MRI datasets including healthy controls, stroke, and Alzheimer's patients, demonstrate USB's
Multi-channel analysers (MCAs) play a crucial role in spectral measurements, especially in the context of Silicon Photomultipliers (SiPMs) used for gamma spectroscopy. Most commercial MCAs, while highly accurate, remain cost-prohibitive for broader applications. This paper presents the design and implementation of a cost-effective MCA utilizing off-the-shelf components while achieving spectroscopy of gamma particles with reasonable resolution. The MCA board is built around the STM32G4 family microcontroller (MCU), which provides embedded analog components, timers, and high-resolution ADCs. This system is designed to reduce external component requirements, thereby decreasing costs and increasing system reliability. Experimental results demonstrate that the MCA can perform accurate real-time gamma radiation measurements with SiPM detectors. The device offers flexible connectivity options (USB, Ethernet, WiFi). The low-cost, accessible nature of the MCA opens up opportunities for educational and research applications in radiation detection.
The Model Context Protocol (MCP) has emerged as the de facto standard for connecting Large Language Models (LLMs) to external data and tools, effectively functioning as the "USB-C for Agentic AI." While this decoupling of context and execution solves critical interoperability challenges, it introduces a profound new threat landscape where the boundary between epistemic errors (hallucinations) and security breaches (unauthorized actions) dissolves. This Systematization of Knowledge (SoK) aims to provide a comprehensive taxonomy of risks in the MCP ecosystem, distinguishing between adversarial security threats (e.g., indirect prompt injection, tool poisoning) and epistemic safety hazards (e.g., alignment failures in distributed tool delegation). We analyze the structural vulnerabilities of MCP primitives, specifically Resources, Prompts, and Tools, and demonstrate how "context" can be weaponized to trigger unauthorized operations in multi-agent environments. Furthermore, we survey state-of-the-art defenses, ranging from cryptographic provenance (ETDI) to runtime intent verification, and conclude with a roadmap for securing the transition from conversational chatbots to autonomous age
The Model Context Protocol (MCP) has been proposed as a unifying standard for connecting large language models (LLMs) with external tools and resources, promising the same role for AI integration that HTTP and USB played for the Web and peripherals. Yet, despite rapid adoption and hype, its trajectory remains uncertain. Are MCP marketplaces truly growing, or merely inflated by placeholders and abandoned prototypes? Are servers secure and privacy-preserving, or do they expose users to systemic risks? And do clients converge on standardized protocols, or remain fragmented across competing designs? In this paper, we present the first large-scale empirical study of the MCP ecosystem. We design and implement MCPCrawler, a systematic measurement framework that collects and normalizes data from six major markets. Over a 14-day campaign, MCPCrawler aggregated 17,630 raw entries, of which 8,401 valid projects (8,060 servers and 341 clients) were analyzed. Our results reveal that more than half of listed projects are invalid or low-value, that servers face structural risks including dependency monocultures and uneven maintenance, and that clients exhibit a transitional phase in protocol and
Agricultural irrigation ensures that the water required for plant growth is delivered to the soil in a controlled manner. However, uncontrolled management can lead to water waste while reducing agricultural productivity. Drip irrigation systems, which have been one of the most efficient methods since the 1970s, are modernised with IoT and artificial intelligence in this study, aiming to both increase efficiency and prevent water waste. The developed system is designed to be applicable to different agricultural production areas and tested with a prototype consisting of 3 rows and 3 columns. The project will commence with the transmission of environmental data from the ESP32 microcontroller to a computer via USB connection, where it will be processed using an LSTM model to perform learning and prediction. The user will be able to control the system manually or delegate it to artificial intelligence through the Blynk application. The system includes ESP32 microcontroller, rain and soil moisture sensors, DHT11 temperature and humidity sensor, relays, solenoid valves and 12V power supply. The system aims to increase labour productivity and contribute to the conservation of water resourc
The CosmicWatch Desktop Muon Detector (v3X) is a compact, low-cost, and portable device designed for detecting ionizing radiation, including cosmic-ray muons. Building on previous iterations, the v3X introduces significant hardware and firmware improvements that enhance sensitivity, usability, and data acquisition capabilities. The detector integrates a plastic scintillator and silicon photomultiplier (SiPM), custom designed electronics for signal processing, onboard data storage, OLED display, environmental sensors, and USB connectivity. With a total component cost under \$100 and a build time suitable for high school students, the v3X is ideal for education, outreach, and introductory research applications in particle and astroparticle physics. This paper details the design, performance, and potential use cases of the v3X, supported by example measurements demonstrating its functionality.
Mobile smartphones compactly provide sensors such as cameras, IMUs, GNSS measurement units, and wireless and wired communication channels required for robotics projects. They are affordable, portable, and programmable, which makes them ideal for testing, data acquisition, controlling mobile robots, and many other robotic applications. A robotic system is proposed in this paper, consisting of an Android phone, a microcontroller board attached to the phone via USB, and a remote wireless controller station. In the data acquisition mode, the Android device can record a dataset of a diverse configuration of multiple cameras, IMUs, GNSS units, and external USB ADC channels in the rawest format used for, but not limited to, pose estimation and scene reconstruction applications. In robot control mode, the Android phone, a microcontroller board, and other peripherals constitute the mobile or stationary robotic system. This system is controlled using a remote server connected over Wi-Fi or Bluetooth. Experiments show that although the SLAM and AR applications can utilize the acquired data, the proposed system can pave the way for more advanced algorithms for processing these noisy and sporad
Write Once Read Many (WORM) properties for storage devices are desirable to ensure data immutability for applications such as secure logging, regulatory compliance, archival storage, and other types of backup systems. WORM devices guarantee that data, once written, cannot be altered or deleted. However, implementing secure and compatible WORM storage remains a challenge. Traditional solutions often rely on specialized hardware, which is either costly, closed, or inaccessible to the general public. Distributed approaches, while promising, introduce additional risks such as denial-of-service vulnerabilities and operational complexity. We introduce Socarrat, a novel, cost-effective, and local WORM storage solution that leverages a simple external USB device (specifically, a single-board computer running Linux with USB On-The-Go support). The resulting device can be connected via USB, appearing as an ordinary external disk formatted with an ext4 or exFAT file system, without requiring any specialized software or drivers. By isolating the WORM enforcement mechanism in a dedicated USB hardware module, Socarrat significantly reduces the attack surface and ensures that even privileged atta
Due to advances in observation and imaging technologies, modern astronomical satellites generate large volumes of data. This necessitates efficient onboard data processing and high-speed data downlink. Reflecting this trend is the VERTECS 6U Astronomical Nanosatellite. Designed for the observation of Extragalactic Background Light (EBL), this mission is expected to generate a substantial amount of image data, particularly within the confines of CubeSat capabilities. This paper introduces the VERTECS Camera Control Board (CCB), an open-source payload interface board leveraging Commercial Off-The-Shelf (COTS) components, with a Raspberry Pi Compute Module 4 at its core. The VERTECS CCB hardware and software have been designed from the ground up to serve as the sole interface between the VERTECS bus system and astronomical imaging payload, while providing compute capability not usually seen in nanosatellites of this class. Responsible for mission data processing, it will facilitate high-speed data transfer from the imaging payload via gigabit Ethernet, while also providing a high-bitrate serial connection to the payload X-band transmitter for mission data downlink. Additional interfac