Encryption in space can be tricky. Even if you do everything right, a cosmic ray might come along and flip a bit, sabotaging the whole secure protocol. So if you can’t radiation-harden the computer, what can you do? European Space Agency researchers are testing solutions right now in an experiment running on board the ISS. Cosmic radiation flipping bits may sound like a rare occurrence, and in a way it is. But satellites and spacecraft are out there for a long time and it it only takes one such incident to potentially scuttle a whole mission. What can you do if you’re locked out of your own satellite? At that point it’s pretty much space junk. Just wait for it to burn up. Larger, more expensive missions like GPS satellites and interplanetary craft use that are carefully proofed against cosmic rays and other things that go bump in the endless night out there. But these bespoke solutions are expensive and often bulky and heavy; if you’re trying to minimize costs and space to launch a constellation or student project, hardening isn’t always an option. “We’re testing two related approaches to the encryption problem for non rad-hardened systems,” . To keep costs down and hardware recognizable, the team is using a Raspberry Pi Zero board, one of the simplest and lowest-cost full-fledged computers you can buy these days. It’s mostly unmodified, just coated to meet ISS safety requirements. It’s the heart of the Cryptography International Commercial Experiments Cube, or Cryptographic ICE Cube, or CryptIC. The first option they’re pursuing is a relatively traditional software one: hard-coded backup keys. If a bit gets flipped and the current encryption key is no longer valid, they can switch to one of those. “This needs to be done in a secure and reliable way, to restore the secure link very quickly,” said Armborst. It relies on “a secondary fall-back base key, which is wired into the hardware so it cannot be compromised. However, this hardware solution can only be done for a limited number of keys, reducing flexibility.” If you’re expecting one failure per year and a five year mission, you could put 20 keys and be done with it. But for longer missions or higher exposures, you might want something more robust. That’s the other option, an “experimental hardware reconfiguration approach.” “A number of microprocessor cores are inside CryptIC as customizable, field-programmable gate arrays, rather than fixed computer chips,” Armborst explained. “These cores are redundant copies of the same functionality. Accordingly, if one core fails then another can step in, while the faulty core reloads its configuration, thereby repairing itself.” In other words, the encryption software would be running in parallel with itself and one part would be ready to take over and serve as a template for repairs should another core fail due to radiation interference. A CERN-developed radiation dosimeter is flying inside the enclosure as well, measuring the exposure the device has over the next year of operation. And a set of flash memory units are sitting inside to see which is the most reliable in orbital conditions. Like many experiments on the ISS, this one has many purposes. The encryption tests are set to begin shortly and we’ll know how the two methods fared next summer.
iOS 12, latest mobile software for iPhone and iPad, is . The new software packs in a bunch of you’ve probably already heard about. Here’s what you need to do to take advantage of the new settings and lock down your device. 1. Turn on USB Restricted Mode to make hacking more difficult This difficult-to-find new feature prevents any accessories from connecting to your device — like USB cables and headphones — when your iPhone or iPad has been locked for more than an hour. That prevents police and hackers alike from using tools to passcode and get your data. Go to Settings > Touch ID & Passcode and type in your passcode. Then, scroll down and ensure that USB Accessories are not permitted on the lock screen, so make sure the setting is Off. (On an iPhone X, check your Face ID settings instead.) 2. Make sure automatic iOS updates are turned on Every time your iPhone or iPad updates, it comes with a slew of security patches to prevent crashes or data theft. Yet, how often do you update your phone? Most don’t bother unless it’s a major update. Now, iOS 12 will update your device behind the scenes, saving you downtime. Just make sure you switch it on. Go to Settings > General > Software Update and turn on automatic updates. 3. Set a stronger device passcode iOS has gotten better in recent years with passcodes. For years, it was a four-digit code by default, and now it’s six-digits. That makes it far more difficult to run through every combination — known as brute-forcing. But did you know that you can set a number-only code of any length? Eight-digits, twelve — even more — and it keeps the number keypad on the lock screen so you don’t have to fiddle around with the keyboard. Go to Settings > Touch ID & Passcode and enter your passcode. Then, go to Change password and, from the options, set a Custom Numeric Code. 4. Now, switch on two-factor authentication Two-factor is one of the best ways to keep your account safe. If someone steals your password, they still need your phone to break into your account. For years, two-factor has been cumbersome and annoying. Now, iOS 12 has a new feature that auto-fills the code, so it takes the frustration step out of the equation — so you have no excuse. You may be asked to switch on two-factor when you set up your phone. You can also go to Settings and tap your name, then go to Password & Security. Just tap Turn on Two-Factor Authentication and follow the prompts. 5. While you’re here… change your reused passwords iOS 12’s password manager has a new feature: password auditing. If it finds you’ve used the same password on multiple sites, it will warn you and advise you to change those passwords. It prevents password reuse attacks (known as ““) that hackers use to break into multiple sites and services using the same username and password. Go to Settings > Passwords & Accounts > Website & App Passwords and enter your passcode. You’ll see a small warning symbol next to each account that recognizes a reused password. One tap of the Change Password on Website button and you’re done.