Page 3 – Passionate about software and security.

Trojan Source: Raw-Bin Hood Pick Pocketing Source Code with Unicode Bidirectional Control Characters

Date: November 5, 2021
Author: Joseph Lee
Comments: 0 Comments
Categories: General, Information Technology, IT Security, Penetration Testing

A new type of vulnerability has been disclosed by researchers at Cambridge University in the UK where Unicode Bidirectional Control Characters are used to change the way text appears in the IDE or text editor compared to how the compiler will interpret and compile the source code into an executable. Proof of concept code has been released for virtually every language including C, C#, C++, Go, Java, Ruby, Python, JavaScript, Rust, and more. Here is a link to the original paper, a GitHub repository released by the authors that includes proof-of-concept code samples for virtually every popular language and the issued CVEs CVE-2021-42574 and CVE-2021-42694, both having severity score of 9.8 “Critical”. Unicode Bidirectional Control Characters are needed in Unicode because Unicode is meant as a super encoding standard which allows all languages (and even emojis) to be contained in a single encoding standard as opposed to say, ASCII which…

What Is An Axial Flux Motor And Why Is It Better?

Date: October 19, 2021
Author: Joseph Lee
Comments: 0 Comments
Categories: Electric Vehicles, Hardware

What is an Axial Flux Motor? To skip to the patent data click here. An axial flux motor is an electromagnet based motor technology that uses pulses of electromagnetic charge to create a rotating force . Axial flux motors are great because they avoid the use of a drive-train altogether. The problem with a drive-train is that it includes a drive-shaft, crankshaft, propeller shaft, and transmission (gearbox). These components connect together and when working use the kinetic pressure between themselves to transfer power as torque. However, the connections cause friction and this friction between components results in a loss of energy. If you look at the image of the gearbox below, you can see how complex and exact the contact surfaces are, but there is still energy loss at each of those contact points. A traditional automotive drive-train is inefficient due to the transfer of kinetic…

Precocious Patents? How Can Potentially Emerging Technology Be Identified Using Patent Indicators

Date: October 6, 2021
Author: Joseph Lee
Comments: 0 Comments
Categories: Business Management, Patents, Technology Forecasting

Various patent indicators, such as number of citations, technology-cycle-time (TCT), number of claims, renewal status have been used to measure the value of patents with respect to economic value through competitive advantage a company patent holding company gains by holding legal rights to sale of the described technology. Another use of patent indicators attempts to gain insight into the emerging innovation landscape or “technology lifecycle”. Analysis of knowledge stock demonstrated by a group of patents can forecast potential novel technologies which will hold advantages over existing ones. Forward Citations A patent’s forward citations are references to it received by a later filed patent as opposed to a backward citation which are references listed on a patent grant (or application) itself. The use of forward citations as a positive measure of a patents importance has been reviewed numerous times in academic literature. The more (forward) citations a firm’s patents receive, the…

CompTIA PenTest+ PT0-001 & PT0-002 Study Notes

Date: October 2, 2021
Author: Joseph Lee
Comments: 0 Comments
Categories: CompTIA Pentest+, Cybersecurity Introduction, IT Security, Penetration Testing, Pysical Penetration Testing

These study notes are provided for students of CompTIA Pentest+ exam. If you notice any problems with the notes, please let me know via email (joseph@ripplesoftware.ca). General Pentesting Engagement Scoping Information Gathering Vulnerability Scanning Exploitation Process Pentest Tools Exploit Specifics Post Exploit Communication Processes

Commercially Viable Nuclear Fusion Is Closer Than Ever

Date: September 23, 2021
Author: Joseph Lee
Comments: 0 Comments
Categories: Business Management, Hardware, Patents, R&D

Engineering 3D model of a TOKAMAK thermal nuclear fusion engine

The Goal of Reducing Climate Change The OECD advisory on climate change (Green Grown Studies) states that a multi-pronged approach is required to reduce, stop, or reverse climate change. The critical stages in the energy lifecycle that need to be addressed include: Energy generation Transportation Conversion Storage Consumption Smart-grid technology Smart-homes Smart Manufacturing Smart circuits and computer chips Of all the green / renewable sources of power, nuclear fusion has the biggest potential impact. Nuclear fusion is the holy grail of renewable green energy sources and has the potential to drastically reduce CO2 output by replacing other fossil fuels such as coal-fired electricity plants. Other potential sources of renewable power such as solar, wind, geothermal, and hydro offer benefits over non-renewable power such as coal, and oil and gas, but none have the potential to output as much clean energy as realizing commercial of nuclear fusion. However, a future global…

Climate Change Patents

Date: September 20, 2021
Author: Joseph Lee
Comments: 0 Comments
Categories: Patents

Global Patent Activity for Climate Change Related Patents The Cooperative Patent Class (CPC) Scheme includes a class specifically dedicated to climate change inventions. This CPC patent class is Y/02. The earliest patents granted with the CPC class Y/02 are in 2013. The two charts below show there is little difference between overall patenting activity and patenting in the CPC class Y/02 with an almost identical group of countries and rate of activity in the top 12 for each set of data. See WIPO ST.3 to translate two-letter country codes. See WIPO ST.3 to translate two-letter country codes. [wpdatatable id=1] Transportation and Greenhouse Gas Capture Leads the Way Breaking down the overall climate change patenting activity in to sub-categories shows that transportation and reduction of greenhouse gas (GHG) are leading the way with the most patenting activity. Furthermore, a breakdown of climate change patents by transportation sub-classes shows that the road…

RSC Managed Small Business Website

Date: August 4, 2021
Author: Joseph Lee
Comments: 0 Comments
Categories: Business Management, IT Security

3 Major Reasons Why Your Small Business Needs a Website More credibility and professionalism – Websites provide a sense of credibility and further establishes your brand as a professional service. Without a website most people will not acknowledge your products or services simply because it cannot be found online. Having a website gives you the opportunity to build a long-lasting online relationship with your clients. Giving them the reassurance they need to trust your brand. Increase in customer reach – Online shopping has blown up over the years- everything from computers and cars to food and services can all be found online nowadays. This means, the number in online shoppers have increased and since the internet doesn’t have a closing time, sales are growing even after hours! Because you are able to access a website almost anywhere at anytime, the reach has become much wider, allowing your business to globally…

Fundamentals of Cyber-Security

Date: July 23, 2021
Author: Joseph Lee
Comments: 0 Comments
Categories: CompTIA Security+, IT Security

This short introduction to cyber-security covers fundamental concepts. These concepts are the basis for all other cyber-security topics. If you are studying for CompTIA Security+ SY0-501 Exam this a good first video to watch.

Review Of SolarWinds Impact And Brief Technical Summary

Date: June 12, 2021
Author: Joseph Lee
Comments: 0 Comments
Categories: Business Management, IT Security

General Details SolarWinds is a publicly traded company worth $5.4B dollars that developing IT infrastructure management software products for small and medium-sized enterprises. Two separate pieces of malware known as SUPERNOVA and SUNBURST worked against vulnerabilities in SolarWind’s product Orion. The malware known as SUNBURST potentially allows an attacker to compromise the server on which the Orion products run. The manner in which SUNBURST malware was used against its victims resulted in it being labelled a “supply chain attack,” a technique in which an adversary uses malware to disrupt a companies ability to produce or deliver it’s products to customers. Although the term “supply chain attack” a broad term without a universally agreed upon definition, theoretically, the intended target of a supply chain attack is not necessarily the company whose network was breached and disrupted. For example, if an attacker wanted to disrupt operations of a large retail target such…

Cyber-Security ETFs and Individual Stocks

Date: June 11, 2021
Author: Joseph Lee
Comments: 0 Comments
Categories: Business Management, IT Security, Stocks

In a previous article the impact of cyber-breach on stock prices and the value of cyber-insurance to corporations was reviewed. Ransomware and IT breaches are increasing, and the expectation is that more companies will turn to cyber-insurance, and also increase their IT security controls. Here is a list of cyber-security listed ETFs and a list of all the companies included in those ETFs with duplicates removed, along with a company description. CIBR – First Trust Nasdaq Cybersecurity ETF Includes 40 individual stocks comprising $3.58 billion in assets Includes other industries, such as aerospace and defense (FactSet) Concentrated with 10 largest making up 47% of market cap Two stars rating by Morningstar HACK – ETFMG Prime Cyber Security ETF Includes 59 individual stocks comprising $2.04 billion in assets Modified equal-weight scheme (not concentrated) with 10 largest making up 28.5% of the market cap HACK has “a unique, cybersecurity-focused take on the…

« 1 2 3 4 5 … 11 »