Category Archives: Science

The relationship between the solar wind and the Earth (14-06-2025)

Preface: Auroras are a visible manifestation of geomagnetic storms. Geomagnetic storms are disturbances in Earth’s magnetosphere caused by the interaction of charged particles from the sun (the solar wind) with Earth’s magnetic field. Auroras typically appear in high latitudes, including northern North America and parts of Asia.

Background: The Sun’s corona and heliosphere, while constantly present, are often unseen. The corona, the Sun’s outermost atmosphere, is extremely hot and extends far into space. This hot gas is flung outwards by the Sun, forming the solar wind, which creates the heliosphere, a bubble surrounding our solar system. In June 2025, NASA’s PUNCH (Polarimeter to the Unseen Corona and Heliosphere) mission has been actively observing coronal mass ejections (CMEs). These observations, including detailed images from the Narrow Field Imager (NFI) and Wide Field Imagers, are providing new insights into the origins and paths of CMEs, helping scientists better understand and predict space weather.

Observation: Due to the high-speed flow of the coronal hole, NASA has issued a G2 (moderate) geomagnetic storm warning on June 14.

Ref: Geomagnetic storms, disturbances in Earth’s magnetic field caused by solar activity, can impact our planet in various ways, primarily affecting technology and infrastructure. While not directly harmful to humans due to our planet’s protective magnetic field and atmosphere, they can disrupt communication systems, navigation, and power grids.

Top Stories: Please see the link for details – https://www.livescience.com/space/the-sun/friday-the-13th-solar-storm-could-bring-auroras-to-18-us-states-this-weekend

The relationship between humans and water in the Old Testament (30-05-2025)

Preface: Humans need water to survive. Water is a basic need for life and an important component of the human body.

On the other hand, Massive floods have occurred multiple times in Earth’s history, some of which are significant geological events that have shaped the landscape and influenced the course of life on Earth. Examples include the Missoula Floods and the “refilling of the Mediterranean Sea” refers to the event when the Mediterranean Sea was restored to its current level after a period of near-desiccation, known as the Messinian Salinity Crisis. This event, known as the Zanclean flood, occurred approximately 5.3 million years ago.

人類生存需要水。水是生命的基本需求,也是人體的重要組成部分。另一方面,地球歷史上曾多次發生大規模洪水,其中一些是重大的地質事件,塑造了地形並影響了地球生命的進程。例如米蘇拉洪水,以及「地中海再注水」事件,指的是地中海在經歷了一段近乎乾涸的時期後恢復到當前水位的事件,這被稱為墨西拿鹽度危機。這場事件被稱為贊克林洪水,發生在大約530萬年前。

Will an asteroid or comet hit Earth (小行星或彗星會撞擊地球嗎)?

A crater at the edge of the Yucatán peninsula in Mexico was created by a massive asteroid that hit Earth 66 million years ago. The Chicxulub impactor, as it is called, was somewhere between 10 and 15 kilometres in diameter. As a result, the asteroid that killed the dinosaurs.

6600萬年前,一顆巨大的小行星撞擊地球,在墨西哥尤卡坦半島邊緣形成了一個隕石坑。這顆名為(Chicxulub impactor)希克蘇魯伯的小行星直徑約10至15公里。最終,這顆小行星導致了恐龍滅絕。

Was it God or an advanced civilization that drove Chicxulub to crash into the Yucatan Peninsula and cause the extinction of the dinosaurs? Or a natural phenomenon?

是上帝,還是某個先進文明,驅使希克蘇魯伯隕石撞擊尤卡坦半島,導致恐龍滅絕?又或者,這只是一種自然現象?

Involving an asteroid or comet hitting the Earth was happened in past.

過去曾發生過小行星或彗星撞擊地球的事件。

Meteor Hits Russia Feb 15, 2013

No know the reason why the Meteor exploded on sky. The witness stated that after the flash came the bang.

Regarding to the headline news in 2013, The meteorite exploded with a force around 30 times that of the atom bomb dropped on Hiroshima, or 500 kilotonnes of TNT. The shockwave knocked people off their feet and shattered windows in thousands of apartments. The Earth rang to the blast, with vibrations picked up by seismic sensors 4,000km away.

YouTube Videos Unlock Russian Meteor’s Secrets – 2013 | The New York Timeshttps://www.youtube.com/watch?v=yQHDzTH6Wtc

My wish: There have been many news reports recently predicting an earthquake in Japan this year (2025). I wonder if advanced civilization or God will help mankind survive this disaster.

CVE-2025-35003: Apache NuttX RTOS Bluetooth Stack (HCI and UART components) 27-5-2025

Preface: During the Dahe period of Emperor Wenzong of the Tang Dynasty (827-835 AD), there was a scholar named Zheng Renben(鄭仁本), his cousin and his friend Wang Xiucai(王秀才) wandering in Zhongyue Songshan Mountain(中嶽嵩山) and got lost in a deep valley. It was getting dark at this time, and the two were very scared. As they were walking around, they saw someone dressed in white snoring in the grass. They went up to him and asked, “I accidentally entered this path and got lost. Do you know the way to the official road?” The man raised his head, looked, and did not respond and continued to sleep. The two asked the man in white where he came from and called him again and again, so he sat up and said, “Come here.” The man in white introduced: “Do you know that the moon is made of seven treasures? The bright spots on the moon are the result of the sun shining on its convex parts. There are 82,000 people repairing the moon, and I am one of them, one of them…”

Background: The Bluetooth stack in Apache NuttX RTOS is used to enable Bluetooth communication in embedded systems, particularly for devices that require low-power wireless connectivity. This stack typically supports:

  • HCI (Host Controller Interface) over UART or USB
  • Bluetooth Classic and BLE (Bluetooth Low Energy) profiles
  • Device discovery, pairing, and data exchange

It is designed to be modular and lightweight, making it suitable for resource-constrained microcontrollers.

Vulnerability details: Improper Restriction of Operations within the Bounds of a Memory Buffer and Stack-based Buffer Overflow vulnerabilities were discovered in Apache NuttX RTOS Bluetooth Stack (HCI and UART components) that may result in system crash, denial of service, or arbitrary code execution, after receiving maliciously crafted packets.

Remedy: NuttX’s Bluetooth HCI/UART stack users are advised to upgrade to version 12.9.0, which fixes the identified implementation issues. This issue affects Apache NuttX: from 7.25 before 12.9.0.

Official announcement: Please see the link for details – https://www.tenable.com/cve/CVE-2025-35003

Power outage in Spain and Portugal on caused by rare atmospheric phenomenon. So called Induced atmospheric vibration. (1st May 2025)

Preface: MADRID/LISBON, April 28 (Reuters) – Power started returning to parts of the Iberian peninsula late on Monday after a huge outage brought most of Spain and Portugal to a standstill, grounding planes, halting public transport, and forcing hospitals to suspend routine operations.

Background: The recent widespread power outage in Spain, Portugal, and parts of southern France was indeed attributed to a rare atmospheric phenomenon. The initial reports suggested that “induced atmospheric vibration” might have been the cause. This term refers to oscillations in the power lines caused by extreme changes in temperature or air pressure, leading to synchronization failures in the electrical grid.

Technical focus: The term “induced atmospheric vibration” refers to oscillations in power lines caused by extreme atmospheric conditions, such as significant temperature changes or strong winds . These oscillations can affect the stability of the electrical grid.To simplify, imagine the power lines as giant coils. When the atmosphere changes rapidly, it can cause these coils to vibrate or oscillate. This vibration can lead to synchronization issues in the power grid, making it unstable and potentially causing outages.

Synchronization issues in the power grid often refer to the phase angle differences between the voltage waveforms of different parts of the grid. When the phase angles are not in sync, it means that the peaks and troughs of the voltage waveforms are not aligned, which can lead to instability in the grid.

In simpler terms, think of the power grid as a large orchestra. For the music (electricity) to flow smoothly, all the instruments (generators) need to play in harmony (synchronization). If one instrument is out of sync, it disrupts the harmony, causing issues.

The term “cos phi” (cosine of the phase angle) refers to the power factor, which is a measure of how effectively the electrical power is being used. When the phase angles are not aligned, the power factor deviates from its optimal value, leading to inefficiencies and potential disruptions

Headline News: Please refer to the link – https://www.reuters.com/world/europe/large-parts-spain-portugal-hit-by-power-outage-2025-04-28/

Similar to previously disclosed side-channel attacks. Manufacturer (AMD) response to researcher (30-03-2025)

Preface: On 24th Oct, 2024, Researchers from Azure® Research, Microsoft® have provided to AMD a paper titled “Principled Microarchitectural Isolation on Cloud CPUs.” In their paper, the researchers describe a potential side-channel vulnerability on AMD CPUs. AMD believes that existing mitigation recommendations for prime and probe side-channel attacks remain applicable to the presented vulnerability.

Background: A two-bit saturating up-down counter is a type of counter used in computer architecture, particularly in branch prediction mechanisms. Here’s a brief overview:

  • Two-bit: The counter uses two bits, allowing it to represent four states (00, 01, 10, 11).
  • Up-down: The counter can increment (count up) or decrement (count down) based on the input signal.
  • Saturating: The counter does not wrap around when it reaches its maximum (11) or minimum (00) value. Instead, it stays at these values if further increments or decrements are attempted.
How It Works:
  1. States: The counter has four states: 00, 01, 10, and 11.
  2. Incrementing: If the counter is at 11 and receives an increment signal, it remains at 11. Similarly, if it is at 00 and receives a decrement signal, it stays at 00.
  3. Usage: These counters are often used in branch prediction to keep track of the history of branch outcomes and make predictions based on this history.

Ref: The pattern history table (PHT) branch architecture is an example of an architecture using two-bit saturating up-down counters. It contains a table of two-bit counters used to predict the direction for conditional branches.

About Branch History Leak:

Researchers from The Harbin Institute of Technology have shared with AMD a paper titled “Branch History LeakeR: Leveraging Branch History to Construct a New Side Channel-Theory and Practice” that demonstrates a side channel attack using the Global History Register (GHR).  The GHR is used to assist in conditional branch prediction. The researchers note that the GHR is shared between different security domains and may retain data after a security domain switch.  After a return to the user-space, the researchers were able to infer the direction of recently executed conditional branches.

Official announcement: Please refer to the link for details – https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7026.html

CVE-2025-29909: CryptoLib’s design weakness (19-03-2025)

Preface: Human being life average 80 year old. Explorering space is a long time travel. So, it only relies on machine.

Even though exploring machine can relies on solar energy. In space there is a lot of uncertainty. For example, the  shock of meteorite. Furthemore, the spacecraft operates in a unique environment, the spacecraft’s power system must also be able to operate in zero gravity and vacuum conditions, and be able to withstand large amounts of radiation (most electronic equipment will not operate in such an environment). On our earth also have gravity seems not want human being leave our earth. Believed it or not, this is our destiny.

Background: CryptoLib is indeed used in space technology! It provides a C-based software implementation of the CCSDS Space Data Link Security Protocol (SDLS) and SDLS Extended Procedures (SDLS-EP) to secure communications between spacecraft flight software and ground stations. This library supports various encryption libraries and protocols, including Telecommand (TC), Telemetry (TM), and Advanced Orbiting Systems (AOS).

CryptoLib is designed to support smaller missions with stringent size, weight, and power constraints, making it a valuable tool for secure satellite communications.

Vulnerability details: CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol – Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in CryptoLib’s `Crypto_TC_ApplySecurity()` allows an attacker to craft a malicious TC frame that causes out-of-bounds memory writes. This can result in denial of service (DoS) or, under certain conditions, remote code execution (RCE). Any application or system that relies on CryptoLib for Telecommand (TC) processing and does not strictly validate incoming TC frames is at risk. This includes satellite ground stations or mission control software where attackers can inject malformed frames.

Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-29909

Python , have ever you though? (25-02-2025)

Preface: Maintaining a satellite’s orbit involves a combination of precise calculations and regular adjustments. Here are the key factors:

  1. Velocity and Gravity: A satellite stays in orbit by balancing its velocity (speed in a straight line) with the gravitational pull of the Earth. The satellite must travel fast enough to counteract the pull of gravity, which keeps it in a stable orbit.
  2. Orbital Station-Keeping: This involves small adjustments using thrusters to correct any deviations in the satellite’s path. These maneuvers ensure the satellite remains in its designated orbit.
  3. Fuel Management: Satellites carry a limited amount of fuel for these adjustments. Efficient fuel management is crucial for prolonging the satellite’s operational life.
  4. Monitoring and Control: Ground stations continuously monitor satellites and send commands to perform necessary adjustments. This helps in maintaining the satellite’s orbit and addressing any potential issues.

Background: The PyEphem module provides highly precise data on the planets and our solar system. This module leverages an extremely robust C library that allows you to pinpoint planets, perform interplanetary calculations and discover more data than you’ll ever know what to do with.

Best practice: If you’re using PyEphem, it’s a good idea to keep your Python environment and libraries up to date and to check the module’s GitHub repository for any reported issues or updates.

CVE-2024-41009: bpf – Fix overrunning reservations in ringbuf (17th July 2024)

Preface: Consumer and producer counters are put into separate pages to allow each position to be mapped with different permissions. This prevents a user-space application from modifying the position and ruining in-kernel tracking. The permissions of the pages depend on who is producing samples: user-space or the kernel. Starting from Linux 5.8, BPF provides a new BPF data structure (BPF map): BPF ring buffer (ringbuf). It is a multi-producer, single-consumer (MPSC) queue and can be safely shared across multiple CPUs simultaneously.

Background: The first core skill point is “BPF Hooks”, that is, where in the kernel can BPF programs be loaded. There are nearly 10 types of hooks in the current Linux kernel, as shown below:

kernel functions (kprobes)

userspace functions (uprobes)

system calls

fentry/fexit

Tracepoints

network devices (tc/xdp)

network routes

TCP congestion algorithms

sockets (data level)

Vulnerability details: For example, consider the creation of a BPF_MAP_TYPE_RINGBUF map with size of 0x4000. Next, the consumer_pos is modified to 0x3000 /before/ a call to bpf_ringbuf_reserve() is made. This will allocate a chunk A, which is in [0x0,0x3008], and the BPF program is able to edit [0x8,0x3008]. Now, lets allocate a chunk B with size 0x3000. This will succeed because consumer_pos was edited ahead of time to pass the `new_prod_pos – cons_pos > rb->mask` check. Chunk B will be in range [0x3008,0x6010], and the BPF program is able to edit [0x3010,0x6010]. Due to the ring buffer memory layout mentioned earlier, the ranges [0x0,0x4000] and [0x4000,0x8000] point to the same data pages. This means that chunk B at [0x4000,0x4008] is chunk A’s header. bpf_ringbuf_submit() / bpf_ringbuf_discard() use the header’s pg_off to then locate the bpf_ringbuf itself via bpf_ringbuf_restore_from_rec(). Once chunk B modified chunk A’s header, then bpf_ringbuf_commit() refers to the wrong page and could cause a crash.  

Official announcement: Please refer to the official announcement for details – https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=47416c852f2a04d348ea66ee451cbdcf8119f225

CVE-2024-0102:  About NVIDIA® CUDA® Toolkit. If you remember, a similar incident happened in April of this year. Believe this is a weakness of similar designs. (11 July 2024)

Preface: OpenAI revealed that the project cost $100 million, took 100 days, and used 25,000 NVIDIA A100 GPUs. Each server equipped with these GPUs uses approximately 6.5 kW, so an estimated 50 GWh of energy is consumed during training.

Background: Parallel processing is a method in computing of running two or more processors (CPUs) to handle separate parts of an overall task. Breaking up different parts of a task among multiple processors will help reduce the amount of time to run a program. GPUs render images more quickly than a CPU because of its parallel processing architecture, which allows it to perform multiple calculations across streams of data simultaneously. The CPU is the brain of the operation, responsible for giving instructions to the rest of the system, including the GPU(s).

NVIDIA CUDA provides a simple C/C++ based interface. The CUDA compiler leverages parallelism built into the CUDA programming model as it compiles your program into code.
CUDA is a parallel computing platform and programming interface model created by Nvidia for the development of software which is used by parallel processors. It serves as an alternative to running simulations on traditional CPUs.

Vulnerability details: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.

Official announcement: Please refer to the vendor announcement for details – https://nvidia.custhelp.com/app/answers/detail/a_id/5548

To be new or it was former: Rowhammer Attacks on AMD Zen-Based Platforms. So called ZenHammer (25-03-2024)

Preface: It is possible to trigger Rowhammer bit flips on DDR4 devices on AMD Zen 2 and Zen 3 systems despite deployed TRR mitigations, said researchers at ETH Zurich.

Background: When high-energy charged particles pass through the crystal lattice of a silicon wafer, their charges can interfere with the electrons within the lattice itself and provide energy. If the lattice is moved closer together within the wafer, this disturbed electron trajectory can create a temporary highly conductive path that did not exist before. The effect of this trace is similar to running a very thin wire across the wafer in random directions. If the particle’s path crosses a feature within the die, such as a floating MOSFET gate or an NMOS DRAM cell, the result may be a flipped bit.

Vulnerability details: On February 26, 2024, AMD received new research related to an industry-wide DRAM issue documented in “ZENHAMMER: Rowhammering Attacks on AMD Zen-based Platforms” from researchers at ETH Zurich. The research demonstrates performing Rowhammer attacks on DDR4 and DDR5 memory using AMD “Zen” platforms. Given the history around Rowhammer, the researchers do not consider these rowhammering attacks to be a new issue.

Mitigation: Please see the following official announcement for details – https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7021.html