Designfax weekly eMagazine

Subscribe Today!

Archives

View Archives

Partners

Manufacturing Center
Product Spotlight

Modern Applications News
Metalworking Ideas For
Today's Job Shops

Tooling and Production
Strategies for large
metalworking plants

Intro to reed switches, magnets, magnetic fields

This brief introductory video on the DigiKey site offers tips for engineers designing with reed switches. Dr. Stephen Day, Ph.D. from Coto Technology gives a solid overview on reed switches -- complete with real-world application examples -- and a detailed explanation of how they react to magnetic fields.
View the video.

Bi-color LEDs to light up your designs

Created with engineers and OEMs in mind, SpectraBright Series SMD RGB and Bi-Color LEDs from Visual Communi-cations Company (VCC) deliver efficiency, design flexibility, and control for devices in a range of industries, including mil-aero, automated guided vehicles, EV charging stations, industrial, telecom, IoT/smart home, and medical. These 50,000-hr bi-color and RGB options save money and space on the HMI, communicating two or three operating modes in a single component.
Learn more.

All about slip rings: How they work and their uses

Rotary Systems has put together a really nice basic primer on slip rings -- electrical collectors that carry a current from a stationary wire into a rotating device. Common uses are for power, proximity switches, strain gauges, video, and Ethernet signal transmission. This introduction also covers how to specify, assembly types, and interface requirements. Rotary Systems also manufactures rotary unions for fluid applications.
Read the overview.

Seifert thermoelectric coolers from AutomationDirect

Automation-Direct has added new high-quality and efficient stainless steel Seifert 340 BTU/H thermoelectric coolers with 120-V and 230-V power options. Thermoelectric coolers from Seifert use the Peltier Effect to create a temperature difference between the internal and ambient heat sinks, making internal air cooler while dissipating heat into the external environment. Fans assist the convective heat transfer from the heat sinks, which are optimized for maximum flow.
Learn more.

EMI shielding honeycomb air vent panel design

Learn from the engineering experts at Parker how honeycomb air vent panels are used to help cool electronics with airflow while maintaining electromagnetic interference (EMI) shielding. Topics include: design features, cell size and thickness, platings and coatings, and a stacked design called OMNI CELL construction. These vents can be incorporated into enclosures where EMI radiation and susceptibility is a concern or where heat dissipation is necessary. Lots of good info.
Read the Parker blog.

What is 3D-MID? Molded parts with integrated electronics from HARTING

3D-MID (three-dimensional mechatronic integrated devices) technology combines electronic and mechanical functionalities into a single, 3D component. It replaces the traditional printed circuit board and opens up many new opportunities. It takes injection-molded parts and uses laser-direct structuring to etch areas of conductor structures, which are filled with a copper plating process to create very precise electronic circuits. HARTING, the technology's developer, says it's "Like a PCB, but 3D." Tons of possibilities.
View the video.

Loss-free conversion of 3D/CAD data

CT CoreTech-nologie has further developed its state-of-the-art CAD converter 3D_Evolution and is now introducing native interfaces for reading Solidedge and writing Nx and Solidworks files. It supports a wide range of formats such as Catia, Nx, Creo, Solidworks, Solidedge, Inventor, Step, and Jt, facilitating smooth interoperability between different systems and collaboration for engineers and designers in development environments with different CAD systems.
Learn more.

Top 5 reasons for solder joint failure

Solder joint reliability is often a pain point in the design of an electronic system. According to Tyler Ferris at ANSYS, a wide variety of factors affect joint reliability, and any one of them can drastically reduce joint lifetime. Properly identifying and mitigating potential causes during the design and manufacturing process can prevent costly and difficult-to-solve problems later in a product lifecycle.
Read this informative ANSYS blog.

Advanced overtemp detection for EV battery packs

Littelfuse has introduced TTape, a ground-breaking over-temperature detection platform designed to transform the management of Li-ion battery systems. TTape helps vehicle systems monitor and manage premature cell aging effectively while reducing the risks associated with thermal runaway incidents. This solution is ideally suited for a wide range of applications, including automotive EV/HEVs, commercial vehicles, and energy storage systems.
Learn more.

Benchtop ionizer for hands-free static elimination

EXAIR's Varistat Benchtop Ionizer is the latest solution for neutralizing static on charged surfaces in industrial settings. Using ionizing technology, the Varistat provides a hands-free solution that requires no compressed air. Easily mounted on benchtops or machines, it is manually adjustable and perfect for processes needing comprehensive coverage such as part assembly, web cleaning, printing, and more.
Learn more.

LED light bars from AutomationDirect

Automation-Direct adds CCEA TRACK-ALPHA-PRO series LED light bars to expand their offering of industrial LED fixtures. Their rugged industrial-grade anodized aluminum construction makes TRACKALPHA-PRO ideal for use with medium to large-size industrial machine tools and for use in wet environments. These 120 VAC-rated, high-power LED lights provide intense, uniform lighting, with up to a 4,600-lumen output (100 lumens per watt). They come with a standard bracket mount that allows for angle adjustments. Optional TACLIP mounts (sold separately) provide for extra sturdy, vibration-resistant installations.
Learn more.

World's first metalens fisheye camera

2Pi Optics has begun commercial-ization of the first fisheye camera based on the company's proprietary metalens technology -- a breakthrough for electronics design engineers and product managers striving to miniaturize the tiny digital cameras used in advanced driver-assistance systems (ADAS), AR/VR, UAVs, robotics, and other industrial applications. This camera can operate at different wavelengths -- from visible, to near IR, to longer IR -- and is claimed to "outperform conventional refractive, wide-FOV optics in all areas: size, weight, performance, and cost."
Learn more.

Orbex offers two fiber optic rotary joint solutions

Orbex Group announces its 700 Series of fiber optic rotary joint (FORJ) assemblies, supporting either single or multi-mode operation ideal for high-speed digital transmission over long distances. Wavelengths available are 1,310 or 1,550 nm. Applications include marine cable reels, wind turbines, robotics, and high-def video transmission. Both options feature an outer diameter of 7 mm for installation in tight spaces. Construction includes a stainless steel housing.
Learn more.

Mini tunnel magneto-resistance effect sensors

Littelfuse has released its highly anticipated 54100 and 54140 mini Tunnel Magneto-Resistance (TMR) effect sensors, offering unmatched sensitivity and power efficiency. The key differentiator is their remarkable sensitivity and 100x improvement in power efficiency compared to Hall Effect sensors. They are well suited for applications in position and limit sensing, RPM measurement, brushless DC motor commutation, and more in various markets including appliances, home and building automation, and the industrial sectors.
Learn more.

Panasonic solar and EV components available from Newark

Newark has added Panasonic Industry's solar inverters and EV charging system components to their power portfolio. These best-in-class products help designers meet the growing global demand for sustainable and renewable energy mobility systems. Offerings include film capacitors, power inductors, anti-surge thick film chip resistors, graphite thermal interface materials, power relays, capacitors, and wireless modules.
Learn more.

Network security: Researchers find vulnerability in two-factor authentication

Two-factor authentication is a computer security measure used by major online service providers to protect the identify of users in the event of a password loss. The process is familiar: When a password is forgotten, the site sends an SMS text message to the user's mobile phone, providing a verification code that must be entered to reset the password. Two-factor authentication may also be triggered if a user signs on from an unrecognized computer IP address.

Security experts have long endorsed two-factor authentication as an effective safeguard against password attacks. Most methods of compromising this verification process are complex, requiring the malicious actor to be in control of both channels -- the one generating the one-time passcode and the channel through which the user completes the verification.

But what if two-factor authentication could be cracked not by computer engineering but by social engineering?

Nasir Memon, Professor of Computer Science and Engineering at the New York University Tandon School of Engineering, along with doctoral students Hossein Siadati and Toan Nguyen, tested the premise that users may be tricked into sharing their verification code with a malicious party using a much simpler tactic: asking them.

Memon and his team constructed a scenario in which a hacker, armed only with the target's mobile phone number, attempts to log into a user's account and claims to forget the password, triggering a verification SMS text. The true user, unaware of hacker's attempt, is likely to ignore the SMS message.

But what if the hacker follows up directly with a second SMS requesting that the user forward the verification code to confirm that the phone is linked to the online account?

The researchers found that users are as likely to fall for the ruse as they are for a traditional phishing scam. In a pilot test of 20 mobile phone users, 25 percent forwarded the verification code to an attacker upon request. The researchers termed this a Verification Code Forwarding Attack, and published their results at the PasswordsCon 2015, an international conference on password security at the University of Cambridge in December 2015. (Read the full paper).

The researchers followed the test with personal interviews to better understand how users perceived the attack. Were they suspicious? If so, what raised their suspicion? The researchers probed to find out what motivated them to forward the verification code. In this small sampling, most targets were not aware that the two-factor authentication process could be compromised, nor did they notice that the two SMS messages came from different sources -- in this case, one from Google and one from the researchers pretending to be hackers. Others explained that they often check their email from public computers in libraries or labs, so requests to verify their identity are common.

Memon and his team acknowledge that while their pilot test was small, the high rate of success lends credence to the Verification Code Forwarding Attack as a method worthy of further study. "Because this kind of attack doesn't require victims to click phishing links or enter sensitive information, like an account or Social Security number, it's easy to understand how it could be very effective," said Memon. "Users are only being asked to forward a random string of numbers that have no real meaning."

Further, he explained that SMS poses particular challenges with confirming the source of messages. "It's not like email, in which you can carefully examine an address to see if it is real. Even sophisticated users don't always know how to source an SMS message, and even if they do, this kind of attack takes advantage of the fact that the target has no context for the message -- it appears out of nowhere."

The researchers took the study one step further, surveying 100 email account holders who use two-factor authentication. The survey, conducted on Amazon Mechanical Turk, queried users about their beliefs regarding the security of two-factor authentication, as well as whether they had ever received an unsolicited verification request. The researchers also asked what respondents would do if a major email provider, Google, requested that they forward a verification code.

The results showed that more than 30 percent of those surveyed were unaware that two-factor authentication could be compromised, and more than 60 percent said that they do not routinely verify the source of SMS verification requests. Finally, a full 20 percent reported that they would forward a verification code if Google requested it -- about the same percentage as those who fell for the scam in the pilot test.

Memon and his colleagues believe online businesses and service providers may be able to ward off some attacks with simple changes to the two-factor authentication process. First, they suggest appending each SMS text to include a warning about forwarding verification codes. They also note that standardizing the phone numbers that each provider or business uses to send verification requests may help users readily source these SMS messages and feel assured of their authenticity.

Memon pointed out that human decisions prove a much harder process to change than any computer system. "There's trust by association, and as long as there's the sense that a message is coming from an email provider or another trusted site, the hackers will stay in business," he said.

Memon heads the Department of Computer Science and Engineering at NYU Tandon, where he founded one of the nation's first cybersecurity master's degree programs.

Source: NYU Tandon

Published February 2016

Rate this article