Category Archives: AI and ML

AI and ML, Science

Drones are similar to radio-controlled aircraft, but GPS and (5G or 4G) empowerment are leading the way. (29th Jul 2023)

Leave a comment

Preface: Do you think Chinese meaning of intelligence and clever have similar meanings? if you ask me. Perhaps I would say that clever refers to the sensitivity of the ears and eyes. Intelligence is about your brain. Maybe you have other explanations. When you watch a sci-fi movie, the AI core sends out drones to detect and arrest people. Maybe the plot is not described in detail. Comprehensive artificial intelligence machine learning should include vision and hearing. The obvious thing about drones is the vision capabilities of AI.

Background: It seems indisputable that 5G networks can enhance the performance capabilities of drones. Perhaps, it cannot be compared with the RF capabilities of the military type. If you’re interested in the subject, you’ll notice that many manufacturers are capable of designing drones and producing them. The reason is that chip manufacturers can provide flight control chips. Many open source firmwares can be easily downloaded on Github. Throttle actuators and flight control surface actuators are also available on the electronics market. The most commonly used languages in avionics software engineering are C, C++, Ada, and Python. In the main definition of network security, the TCP/IP protocol stack is one of the important trigger factors for network attacks. 5G or RF communication is exchanged in the communication gateway. Therefore, the IP protocol will be implemented after the 5G or RF signal exchange in the gateway. So cybersecurity will never leave this technology.

Ref: STM32 F4, G4, F7 and H7 are the popular microcontroller for drone. The flight controller unit (FCU) major component is the microcontroller.

The FCU consists of a processor and an Inertial Measurement Unit with a high precision accelerometer and gyroscope, necessary for stable flight.

Is the development of science and technology in opposition to the natural environment?

Humans can send probes to Mars and create and form artificial intelligence on Earth. Drone can do the real time monitroing even in extreme dangerous zone. Today’s medical technology enhances our healthcare. But when we look at the climate today, the Antarctic icebergs are melting, causing disaster and rising sea levels. So far, the situation has not improved!

See if artificial intelligence can provide solutions for humans soon?

AI and ML

Understanding the AI strucrure will help you defend your facilities (10th July 2023)

Leave a comment

Preface: Python has 100s of pre-built libraries to implement various Machine Learning and Deep Learning algorithms.

Background: When the word “AI” not found, Python alive everywhere in IT world. Scientist use Python programming language assists their complicated mathematics calculations. Data scientist to analyze geospatial vector data to identify a specific location. Python language is flexi and powerful. But the fundamental design weakness is well known. As a result, you should protect your AI system structure attack by threat actors. For example:
– Some Python security vulnerabilities come from Python’s open-source libraries.
– Injection: Dependency injection is a common design pattern used in most modern programming language. As a matter of fact, such weakness remains an underutilized functionality in Python.
– Command injection which can be expose through misconfig software application. As a result, the possible attack will execute arbitrary command injection, XML external entity injection and server side template injection.


About best practices for Python security

  • Conducting a vulnerability scan weekly. This is the way let you identify and fix Python security vulnerability
  • You should sanitize external data before use.
  • Follow your Python version SDLC, DevSEC should aware of this matter.
    Additional: NVIDIA empower Artificial Intelligence competence. Staying alert with GPU vendor vulnerability management announcement.
AI and ML, Potential Risk of CVE

NVIDIA empower Artificial Intelligence competence. At the same time, vendor urge staying alert for product vulnerability (2nd Jul 2023)

Leave a comment

Preface: The A800 has a data transfer rate of 400GB/s and the A100 is 600GB/s, and as such complies with the 600GB/s or less.

Background: What is SMM? It turned out to be SM in the Fermi era and SMX in the Kepler era. If you enlarge the SMX core of Kepler, you will see more LD/ST access units than Fermi, which also means that
the number of execution threads processed by Kepler in a single cycle is higher than that of Fermi.
Streaming Multiprocessor composed of CUDA Core, PolyMorph Engine and other units.
Simply put, it is to fine-tune the number of CUDA Cores built in the SMM unit from 192 to 128. The SMM is divided into 4 small blocks,
and each block has an independent control logic (Control Logic). In the past, these control logics needed to be responsible for a large number of CUDA Cores. Through small blocks.

Vulnerability details:
CVE‑2023‑25521: The NVIDIA DGX A100 and A800 systems contain a vulnerability in SBIOS, where improper validation of an input parameter
may lead to code execution, escalation of privileges, denial of service, information disclosure, and data tampering.
CVE-2023-25522: The NVIDIA DGX A100 and A800 systems contain a vulnerability in SBIOS, where information that is provided
in an unexpected format may cause improper validation of an input parameter, which may lead to denial of service, information disclosure, and data tampering.

Best practice: Disable all features in the UEFI and OS, that are not used. This reduces the attack surface.
Configure your system to only execute signed code and signed kernel modules, if possible.

Official announcement: For details, please refer to link – https://nvidia.custhelp.com/app/answers/detail/a_id/5461

AI and ML, Potential Risk of CVE

CVE-2023-22886: Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider (30th June 2023)

Leave a comment

Preface: Airflow is a platform to programmatically author, schedule, and monitor workflows. Specifically, it is used in Machine Learning to create pipelines.

Background: Apache Airflow™ is an open-source platform for developing, scheduling, and monitoring batch-oriented workflows. This open-source platform most suitable for pipelines that change slowly, are related to a specific time interval, or are pre-scheduled. It’s a popular solution that many data engineers rely on for building their data pipelines. Data pipelines work with ongoing data streams in real time. It’s been used to run SQL, machine learning models, and more.

Apache Airflow is a Python-based platform to programmatically author, schedule and monitor workflows. It is well-suited to machine learning for building pipelines, managing data and training models.

You can use Apache Airflow to schedule pipelines that extract data from multiple sources, and run Spark jobs or other data transformations. Machine learning model training.

Vulnerability details: Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider. Airflow JDBC Provider Connection’s [Connection URL] parameters had no restrictions, which made it possible to implement RCE attacks via different type JDBC drivers, obtain airflow server permission. This issue affects Apache Airflow JDBC Provider: before 4.0.0.

Recommendation: For security purposes, you should avoid building the connection URLs based on user input. For user name and password values, use the connection property collections. Restrict direct usage of driver params via extras for JDBC connection.

Remedy: To configure driver parameters (driver path and driver class), you can use the following methods:

  1. Supply them as constructor arguments when instantiating the hook.
  2. Set the “driver_path” and/or “driver_class” parameters in the “hook_params” dictionary when creating the hook using SQL operators.
  3. Set the “driver_path” and/or “driver_class” extra in the connection and correspondingly enable the “allow_driver_path_in_extra” and/or “allow_driver_class_in_extra” options in the “providers[.jdbc” section of the Airflow configuration.
  4. Patch the “JdbcHook.default_driver_path” and/or “JdbcHook.default_driver_class” values in the “local_settings[.]py” file.

Official announcement: For details, please refer to the link – https://github.com/advisories/GHSA-mm87-c3x2-6f89

AI and ML

Can you foresee how much AI and machine learning infrastructure there will be in the next few years? (28th June 2023)

Leave a comment

Preface: ChatGPT Memory uses the Redis vector database to store an embedded conversation history of past user-bot interactions.
The first interaction between the user and bot is critical to the user experience, said Microsoft.
There are 1482 Companies currently using OpenAI, it also include Adobe and Schneider Electric.

Background: ChatGPT, the full name of Chat Generation Pre-training Converter, is an artificial intelligence chat robot program developed by OpenAI, which will be launched in November 2022. The program uses large language models based on the GPT-3.5 and GPT-4 architectures and is trained with reinforcement learning.
OpenAI is a suite of artificial intelligence (AI) models designed for application developers. It enables users to create AI applications to understand natural-language semantics and generate natural text, translate natural language into programming code, create images from text captions, and classify images.

FastAPI is a Python web framework based on the Starlette microframework. With deep support for asyncio, FastAPI is indeed very fast.
FastAPI also distinguishes itself with features like automatic OpenAPI (OAS) documentation for your API, easy-to-use data validation tools, and more.
Integrating OpenAI APIs into FastAPI applications to facilitate calling them using the Swagger UI.
FastAPI is a modern Python web framework for building APIs quickly and efficiently. By leveraging FastAPI’s features and integrating OpenAI’s APIs,
developers can build applications with powerful AI capabilities such as language translation, sentiment analysis, text summarization, question-answering, and more.

How to install OpenAI in python
Step 1: Sign up for an OpenAI API key: You will visit the link to register for an account and if you already have an active account using Chat-Gpt 3, you can use the same account to sign in.
If you are a Linux user, have a good try.
How to Install OpenAI on Linux?
Step 2 : upgrade pip and install the openai library.
python3 -m pip install –upgrade pip
python3 -m pip install –upgrade openai

….
For details, please refer to the official linkhttps://openai.com/

AI and ML, IoT, Potential Risk of CVE

About CVE-2023-3220 An issue was discovered in the Linux kernel through 6.1-rc8 (20th June 2023)

Leave a comment

Preface: AI Engines are built from the ground up to be software programmable and hardware adaptable. There are two distinct design flows for any developer to unleash the performance of these compute engines with the ability to compile in minutes and rapidly explore different microarchitectures.
As of today, current technology are capable On-device intelligence powered by the AI Engine. Our dreams come true, the 3rd generation AI Engine enables on-device intelligence and simplifies how pictures and videos are taken.

Background: The Qualcomm Robotics RB3 development kit includes the purpose-built robotics-focused DragonBoard™ 845c development board, based on the Qualcomm® SDA845 processor and compliant with the 96Boards open hardware specification to support a broad range of mezzanine-board expansions.
The development board supports Linux and Robotics Operating System (ROS), while also including support for the Qualcomm® Neural Processing software development kit (SDK) for advanced on-device AI, the Qualcomm ® Computer Vision Suite, the Qualcomm ® Hexagon DSP SDK, and AWS RoboMaker.

Vulnerability details: An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc[.]c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference.

Ref: The kzalloc() function is the same as kmalloc().
Difference: Cleared to zero after memory allocation is successful. After each use of kzalloc(), there must be a corresponding memory release function kfree().

Official announcement: For details, please refer to the link – https://nvd.nist.gov/vuln/detail/CVE-2023-3220

AI and ML, Application Development, Potential Risk of CVE

CVE-2023-29403: Are you falling into this Go runtime design weakness? (9th June 2023)

Leave a comment

Preface: Go is garbage collected instead of manual memory management which is not suitable for a kernel.
Golang is useful for carrying out programming for scalable servers and large software systems. The Golang programming language was built to fill in the gaps of C++ and Java that Google came across while working with its servers and distributed systems.

Background: Go does have an extensive library, called the runtime, that is part of every Go program. The runtime library implements garbage collection, concurrency, stack management, and other critical features of the Go language.
The Go scheduler is part of the Go runtime, and the Go runtime is built into your application. This means the Go scheduler runs in user space, above the kernel.
For Go to “call the kernel directly” can exploit so-called ABI of the H/W and OS combo. For example: On linux, making a syscall requires filling a set of CPU registers with certain values, doing some other arrangements and then issuing the SYSENTER CPU instruction.
The 64-bit x86 Linux ABI supports the following entry points:

  • SYSCALL from 64-bit code;
  • interrupt 0x80 from 32- and 64-bit code;
  • SYSENTER from 32-bit code.

Vulnerability details: On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers.

Official announcement: For details, please refer to the link- https://pkg.go.dev/vuln/GO-2023-1840

AI and ML, Application Development, Potential Risk of CVE

About CVE-2023-33962 – JStachio fails to escape single quotes in HTML (31st May 2023)

Leave a comment

Preface: About 20 years ago, people know java is unsafe. Perhaps of technology trend, so whatever the design appyling java language. The flexibility and easy to use will let people contempt about awareness of cyber security. While Java is considered relatively safe because it is a server side language, there are still multiple ways to attack and access secure code you’d like to remain private.

Background: The Spring Framework is an application framework and inversion of control container for the Java platform. The framework’s core features can be used by any Java application, but there are extensions for building web applications on top of the Java EE platform.
Mustache is a logicless template engine and it is helpful for creating dynamic content like HTML and configuration files.
If your models are type based and not just Map then JStachio is good choice.

Ref:End-users only use JVM and JRE to execute the application program. JRE identifies all the helpful class libraries needed for execution, while JVM is a subclass of JRE that decodes the bytecode into machine language and other minor tasks. Each JVM server can have a maximum of 256 threads to run Java applications.

Vulnerability details: Prior to version 1.0.1, JStachio fails to escape single quotes ' in HTML, allowing an attacker to inject malicious code. This vulnerability can be exploited by an attacker to execute arbitrary JavaScript code in the context of other users visiting pages that use this template engine. This can lead to various consequences, including session hijacking, defacement of web pages, theft of sensitive information, or even the propagation of malware.

Solution: Version 1.0.1 contains a patch for this issue.

Workaround: To mitigate this vulnerability, the template engine should properly escape special characters, including single quotes. Common practice is to escape ' as &#39. As a workaround, users can avoid this issue by using only double quotes " for HTML attributes.

Official announcement: For details, please refer to the link – https://nvd.nist.gov/vuln/detail/CVE-2023-33962

AI and ML, Cell Phone (iPhone, Android, windows mobile), Potential Risk of CVE

CVE-2023-32067 – c-ares is vulnerable to denial of service (30th May 2023)

Leave a comment

Preface: c-ares is a C language implementation of asynchronous request DNS. When using c-ares, you usually only need to reference the ares.h header file, and the related header files of the library are included.

Background: For some asynchronous DNS requests, Node[.]js uses a C library called c-ares.
So called Async DNS – This feature bypasses the normal operating system mechanisms for resolving domain names and uses the browser directly. In this mode, DNS requests will communicate directly own DNS servers and some third party providers.

Vulnerability details: c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1.

According to the technical aspect of UDP packet with a length of 0 matter. Do you have below queries?
Writing a datagram of length 0 is acceptable. In the case of UDP, this results in an IP datagram containing an IP header (normally 20 bytes for IPv4 and 40 bytes for IPv6), an 8-byte UDP header, and no data. This also means that a return value of 0 from recvfrom is acceptable for a datagram protocol: It does not mean that the peer has closed the connection, as does a return value of 0 from read on a TCP socket. Since UDP is connectionless, there is no such thing as closing a UDP connection.

Official announcement: For details, please refer to the link – https://nvd.nist.gov/vuln/detail/CVE-2023-32067

AI and ML, Application Development, Potential Risk of CVE

About CVE-2023-33252 – Similar concern for cyber security today, it also apply to future digital world Artificial intelligence zone. (22nd May 2023)

Leave a comment

Preface: Foreseeing the continuous development of artificial intelligence, use blockchain technology for network communication is a must.
A blockchain is a distributed database or ledger shared among nodes in a computer network. They are known for their key role in maintaining a secure and decentralized record of transactions in cryptocurrency systems, but they are not limited to the use of cryptocurrencies.

Background: IDEN3 is NOT an ICO (Initial Coin Offerings). It has no token at all. It is an open source permissionless identity layer built on top of Ethereum that we expect many projects will be able to use as a foundational layer for their own identity solution.
What are Initial Coin Offerings? ICOs are another form of cryptocurrency that businesses use in order to raise capital. Through ICO trading platforms, investors receive unique cryptocurrency “tokens” in exchange for their monetary investment in the business.

Ref: Circom is a compiler written in Rust for compiling circuits written in the circom language. The compiler outputs the representation of the circuit as constraints and everything needed to compute different ZK proofs.

Vulnerability details: iden3 snarkjs through 0.6.11 allows double spending because there is no validation that the publicSignals length is less than the field modulus.

References:
https://github.com/iden3/snarkjs/commits/master/src/groth16_verify.js
https://github.com/iden3/snarkjs/tags