Connect with us


ESA’s contribution to NASA’s Orion on the return to Moon • The Register

Voice Of EU



Interview NASA has set late August as the launch window for its much-delayed Artemis I rocket. Already perched atop the booster is the first flight-ready European Service Module (ESM). Five more are in the pipeline.

Airbus industrial manager Siân Cleaver, whom The Register met at the Goodwood Festival of Speed’s Future Lab, has the task of managing the assembly of the spacecraft, which will provide propulsion, power, water, oxygen and nitrogen for the Orion capsule.

Looking for all the world like an evolution of the European Space Agency’s (ESA) International Space Station (ISS) ATV freighter, the ESM is not pressurized and measures approximately 4 meters in length, including the Orbital Maneuvering System Engine (OMSE), which protrudes from the base.

The OMSE will also look a little familiar: “We’ve taken those directly from old Space Shuttles”, Cleaver told us, which makes for a pleasing symmetry considering the mission.

The Space Shuttle Orbital Maneuvering System has Apollo Service Module heritage and while those used by the EMS won’t be returning to Earth, the technology is well proven.

Sadly, old Space Shuttle bits are a limited commodity. “We will fly those up to ESM-6,” said Cleaver, “beyond that we’re starting to think about using a new engine that’s developed on the basis of this one.”

At present Airbus is contracted to build six ESMs. The first is waiting for that first, uncrewed, launch. The second is already in Florida, awaiting integration with the next Artemis rocket and the third, which could well play host to the first astronauts to set foot on the Moon since the days of Apollo, is coming together in Bremen, Germany.

The first batch of ESMs have evolved as work has progressed. Lessons learned from ESM-1 filter down into ESM-2 and so on (and doubtless whatever is learned from that critical first test flight will also be stirred into the pot.) “There were a lot of changes between ESM-2 and ESM-3,” said Cleaver. “…ESM-3 was a slightly different size to ESM-1 and 2 because they were thinking of pushing a Gateway module up with it…”

The plans NASA and its international partners have for launching the modules for the Gateway, a space station destined for a near-rectilinear halo orbit (NRHO) around the Moon, have been somewhat fluid over the years. One plan had called for the European System Providing Refueling, Infrastructure and Telecommunications (ESPRIT) and Habitation and Logistics Outpost (HALO) to be launched on Artemis 3 but has since been ditched in favour of separate commercial launches.

Things are due to settle down somewhat after ESM-3, although the project management of such a spacecraft continues to be a challenge. “I have a spreadsheet,” said Cleaver, “that has all the different pieces of equipment and all the different subcontractors, and I track all of the delivery dates that way.”

“So it’s quite basic in that sense,” she laughed.

One challenge is the international aspect of the endeavor. “We’re working all across Europe,” she said, “and then we’re also working with US suppliers as well, who do things ever so slightly differently to how we’re used to doing them in Europe in terms of documentation and processes.

“So it’s really trying to make sure that everyone’s on the same page, everybody’s working the same way and everybody’s respecting each other’s deadlines.”

Cleaver is looking forward to the next batch of ESMs, which will move to more of a series production line compared to ESMs 1 to 3. Bidding is underway for ESMs 7 to 9 and the intention is that things should become cheaper and quicker as batches of spacecraft get ordered.

But there remain those crucial early flights, the first without a crew and the second (hopefully) with. “We’ve had to change everything in the ESM,” said Cleaver of the ATV comparison, “to make it completely safe for the crew.”

“With ESM-1, it’s a test: ‘Let’s try this, let’s try that.’ With ESM-2 you can’t do that – people’s lives are stake here.”

Hence Cleaver is not overly bothered about the ongoing delays with Artemis 1. “We can’t take any chances,” she said. “I think we’d rather be delayed than have catastrophic failures and errors that can result in the loss of the mission. It’s just not an option for us.”

“We have to make sure that it’s right, and it’s right first time, which is why it’s worth being conservative when talking about launch dates.”

And as for when breathing will be able resume on the ground after Artemis 1? “I think for the guys on the European Service Module team,” laughed Cleaver, “It will be when the Orion module has separated from the ESM right at the end of the mission.”

Or maybe a bit later, once all the data from ESM-1’s sensors has been confirmed as returned. After all, unlike the Space Shuttle from which its big engine is derived, the European Service Module will most definitely not be making a runway landing on Earth. ®

Source link


US offers $10m reward for info on five Conti ransomware members

Voice Of EU



Rewards for Justice shared a photo of someone it claims to be an associate of the ransomware gang and is offering a reward to identify him and four others.

The US Department of State is offering a $10m reward for any information on five malicious cyber actors who are believed to be high-ranking members of the Conti ransomware gang.

The US has been offering rewards for information on this ransomware gang since May, including a $5m reward for any intel that leads to the arrest of anyone conspiring or attempting to participate in a Conti attack.

Yesterday (11 August), the department’s Rewards for Justice programme shared an alleged photo of an associate of the ransomware gang. The department said on Twitter that it is “trying to put a name to the face” and believes the individual is the hacker known as “Target”.

Illustration showing an image of a man with four figures next to it. A reward offer for information on the Conti ransomware gang.

A request for information by the Rewards for Justice programme. Image: US Department of State/Rewards for Justice

Conti, also known as Wizard Spider, has been linked to a group believed to be based near St Petersburg, Russia. The US has labelled it a “Russian government-linked ransomware-as-a-service (RaaS) group”.

The group’s malware is believed to be responsible for more than 1,000 ransomware operations targeting critical infrastructure around the world, from law enforcement agencies to emergency medical services and dispatch centres.

In May 2021, the Conti group was behind the HSE ransomware incident that saw more than 80pc of the IT infrastructure of healthcare services across Ireland impacted. It was said to be the most serious cyberattack ever to hit the State’s critical infrastructure.

The US Department of State previously said the Conti ransomware variant is the “costliest strain of ransomware” ever documented. The FBI estimates that, as of January 2022, there had been more than 1,000 victims of attacks associated with Conti ransomware, with victim payouts exceeding $150m.

When Russia began its invasion of Ukraine earlier this year, the Conti group declared its allegiance to the Russian government. Shortly after, a Ukrainian researcher took the cybersecurity world by storm after publishing more than 60,000 internal messages of the ransomware gang.

Raj Samani, chief scientist at cybersecurity firm Rapid7, said the latest reward offer is just “the tip of the iceberg as enforcement agencies make “considerable strides” through public-private collaboration to hold cybercriminals to account.

“Announcing a reward and revealing the details of Conti members sends a message to would-be criminals that cybercrime is anything but risk-free,” said Samani.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Source link

Continue Reading


Meditation app Calm sacks one-fifth of staff | Meditation

Voice Of EU



The US-based meditation app Calm has laid off 20% of its workforce, becoming the latest US tech startup to announce job cuts.

The firm’s boss, David Ko, said the company, which has now axed about 90 people from its 400-person staff, was “not immune” to the economic climate. “In building out our strategic and financial plan, we revisited the investment thesis behind every project and it became clear that we need to make changes,” he said in a memo to staff.

“I can assure you that this was not an easy decision, but it is especially difficult for a company like ours whose mission is focused on workplace mental health and wellness.”

The Calm app, founded in 2012, offers guided meditation and bedtime stories for people of all ages. It received a surge of downloads triggered by the 2020 Covid lockdowns. By the end of that year, the software company said the app had been downloaded more than 100 million times globally and had amassed over 4 million paying subscribers.

Investors valued the firm, which said it had been profitable since 2016, at $2bn.

In the memo, Ko went on: “We did not come to this decision lightly, but are confident that these changes will help us prioritize the future, focus on growth and become a more efficient organization.”

More than 500 startups have laid off staff this year, according to, a website that tracks such announcements.

Source link

Continue Reading


Let there be ambient light sensing, without data theft • The Register

Voice Of EU



Six years after web security and privacy concerns surfaced about ambient light sensors in mobile phones and notebooks, browser boffins have finally implemented defenses.

The W3C, everyone’s favorite web standards body, began formulating an Ambient Light Events API specification back in 2012 to define how web browsers should handle data and events from ambient light sensors (ALS). Section 4 of the draft spec, “Security and privacy considerations,” was blank. It was a more carefree time.

Come 2015, the spec evolved to include acknowledgement of the possibility that ALS might allow data correlation and device fingerprinting, to the detriment of people’s privacy. And it suggested that browser makers might consider event rate limiting as a potential mitigation.

By 2016, it became clear that allowing web code to interact with device light sensors entailed privacy and security risks beyond fingerprinting. Dr Lukasz Olejnik, an independent privacy researcher and consultant, explored the possibilities in a 2016 blog post.

Olejnik cited a number of ways in which ambient light sensor readings might be abused, including data leakage, profiling, behavioral analysis, and various forms of cross-device communication.

He described a few proof-of-concept attacks, devised with the help of security researcher Artur Janc, in a 2017 post and delved into more detail in a 2020 paper [PDF].

“The attack we devised was a side-channel leak, conceptually very simple, taking advantage of the optical properties of human skin and its reflective properties,” Olejnik explained in his paper.

“Skin reflectance only accounts for the 4-7 percent emitted light but modern display screens emit light with significant luminance. We exploited these facts of nature to craft an attack that reasoned about the website content via information encoded in the light level and conveyed via the user skin, back to the browsing context tracking the light sensor readings.”

It was this technique that enabled the proof-of-concept attacks like stealing web history through inferences made from CSS changes and stealing cross origin resources, such as images or the contents of iframes.

Snail-like speed

Browser vendors responded in various ways. In May 2018, with the release of Firefox 60, Mozilla moved access to the W3C proximity and ambient light APIs behind flags, and applied further limitations in subsequent Firefox releases.

Apple simply declined to implement the API in WebKit, along with a number of other capabilities. Both Apple and Mozilla currently oppose a proposal for a generic sensor API.

Google took what Olejnik described his paper as a “more nuanced” approach, limiting the precision of sensor data.

But those working on the W3C specification and on the browsers implementing the spec recognized that such privacy protections should be formalized, to increase the likelihood the API will be widely adopted and used.

So they voted to make the imprecision of ALS data normative (standard for browsers) and to require the camera access permission as part of the ALS spec.

Those changes finally landed in the ALS spec this week. As a result, Google and perhaps other browser makers may choose to make the ALS API available by default rather than hiding it behind a flag or ignoring it entirely. ®

Source link

Continue Reading


Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!