Physics Department - Extern RSS Feeds

Flexoelectricity-driven toroidal polar topology in liquid-matter helielectrics

Nature Physics - Δευ, 18/03/2024 - 00:00

Nature Physics, Published online: 18 March 2024; doi:10.1038/s41567-024-02439-7

Exploring and exploiting electric dipole arrangements analogously to what is possible with magnetic spin textures is an emerging prospect. Now a spontaneous toroidal polar topology is observed in ferroelectric liquid crystals.

Accelerator Report: Beams are circulating in the LHC

Cern News - Πέμ, 14/03/2024 - 11:43
Accelerator Report: Beams are circulating in the LHC The LHC fixed display, just after both beams entered into circulation. The blue and red lines represent the number of protons in beams 1 and 2, respectively. The black line represents the energy of the beams. It is flat because the beams had not yet been accelerated at this point. (Image: CERN)

On 8 March, three days ahead of schedule, the first proton beam was injected into the LHC; 20 minutes later, the second beam was injected, circulating in the opposite direction.

Since the last Accelerator Report, the hardware tests and subsequent cold check-out were successfully completed, both ahead of schedule. Once the usual remaining wrinkles were ironed out, everything was ready to start the 2024 LHC beam commissioning. The single bunch low intensity probe beam, meticulously prepared in the injector chain in the past weeks, came knocking at the LHC's door.

Many of the LHC engineers in charge and system experts gathered in the CERN Control Centre (CCC) on 8 March, alongside members of the Management, to witness the process, eagerly waiting for the first beams to circulate again in the LHC.

The LHC Operations team started the injection and threading process for beam 2 (circulating counter clockwise): they injected the beam at LHC Point 8, just in front of the LHCb experiment, and let it circulate up to Point 7, where a set of collimators was fully closed to intercept it. The measurements performed by the beam position monitors indicated that the beam trajectory could be improved. This was quickly done using an automated beam steering tool that powers corrector magnets to smoothen the trajectories of the particles.

Confident in this correction, the Operations team opened up the collimators at Point 7 and closed the ones further along the ring at Point 6, before injecting the beam again. This process was repeated until the last collimators, at Point 1 (ATLAS experiment), were opened, leaving the way clear for the beam to make a second, third, fourth… and millionth turn.

Another small correction to adjust the orbit of the circulating particles was made before attention switched to beam 1, which ended up circulating in the machine less than 20 minutes after beam 2 and was welcomed by many happy faces in the CCC. The next step – accelerating both beams up to 6.8 TeV – was also accomplished during the weekend. Witnessing both beams in circulation is something of a relief for everyone involved, although the real beam commissioning work starts at that point.

For the 2024 run, it was decided to modify the optics of the accelerator and to replace them by reverse polarity optics (RP-optics). The objective is to mitigate the radiation suffered by some of the magnets of the inner triplet region on both sides of the ATLAS experiment. The inner triplet is a set of quadrupole magnets that focus the beam to very small dimensions at the centre of the experiments.

Some of the collision debris – particles produced by the collisions and travelling  parallel to the beams, outside the experiment – is intercepted by the magnets in the inner triplet regions, inducing radiation damage to their insulation. With different optics, the debris is deposited in other places in these magnets, so that the burden of the radiation damage is distributed more widely. This helps to extend the magnets' lifetimes, even with an increased number of collisions.

The commissioning and validation of the RP-optics are among the many beam commissioning steps that have to be taken in the coming weeks before beams enter into collision at 6.8 TeV, hopefully on 8 April. Depending on how work progresses, this milestone may shift forwards or backwards by a few days.

anschaef Thu, 03/14/2024 - 10:43 Byline Rende Steerenberg Publication Date Thu, 03/14/2024 - 10:39

Accelerator Report: Beams are circulating in the LHC

Cern News - Πέμ, 14/03/2024 - 11:43
Accelerator Report: Beams are circulating in the LHC The LHC fixed display, just after both beams entered into circulation. The blue and red lines represent the number of protons in beams 1 and 2, respectively. The black line represents the energy of the beams. It is flat because the beams had not yet been accelerated at this point. (Image: CERN)

On 8 March, three days ahead of schedule, the first proton beam was injected into the LHC; 20 minutes later, the second beam was injected, circulating in the opposite direction.

Since the last Accelerator Report, the hardware tests and subsequent cold check-out were successfully completed, both ahead of schedule. Once the usual remaining wrinkles were ironed out, everything was ready to start the 2024 LHC beam commissioning. The single bunch low intensity probe beam, meticulously prepared in the injector chain in the past weeks, came knocking at the LHC's door.

Many of the LHC engineers in charge and system experts gathered in the CERN Control Centre (CCC) on 8 March, alongside members of the Management, to witness the process, eagerly waiting for the first beams to circulate again in the LHC.

The LHC Operations team started the injection and threading process for beam 2 (circulating counter clockwise): they injected the beam at LHC Point 8, just in front of the LHCb experiment, and let it circulate up to Point 7, where a set of collimators was fully closed to intercept it. The measurements performed by the beam position monitors indicated that the beam trajectory could be improved. This was quickly done using an automated beam steering tool that powers corrector magnets to smoothen the trajectories of the particles.

Confident in this correction, the Operations team opened up the collimators at Point 7 and closed the ones further along the ring at Point 6, before injecting the beam again. This process was repeated until the last collimators, at Point 1 (ATLAS experiment), were opened, leaving the way clear for the beam to make a second, third, fourth… and millionth turn.

Another small correction to adjust the orbit of the circulating particles was made before attention switched to beam 1, which ended up circulating in the machine less than 20 minutes after beam 2 and was welcomed by many happy faces in the CCC. The next step – accelerating both beams up to 6.8 TeV – was also accomplished during the weekend. Witnessing both beams in circulation is something of a relief for everyone involved, although the real beam commissioning work starts at that point.

For the 2024 run, it was decided to modify the optics of the accelerator and to replace them by reverse polarity optics (RP-optics). The objective is to mitigate the radiation suffered by some of the magnets of the inner triplet region on both sides of the ATLAS experiment. The inner triplet is a set of quadrupole magnets that focus the beam to very small dimensions at the centre of the experiments.

Some of the collision debris – particles produced by the collisions and travelling  parallel to the beams, outside the experiment – is intercepted by the magnets in the inner triplet regions, inducing radiation damage to their insulation. With different optics, the debris is deposited in other places in these magnets, so that the burden of the radiation damage is distributed more widely. This helps to extend the magnets' lifetimes, even with an increased number of collisions.

The commissioning and validation of the RP-optics are among the many beam commissioning steps that have to be taken in the coming weeks before beams enter into collision at 6.8 TeV, hopefully on 8 April. Depending on how work progresses, this milestone may shift forwards or backwards by a few days.

anschaef Thu, 03/14/2024 - 10:43 Byline Rende Steerenberg Publication Date Thu, 03/14/2024 - 10:39

Fruity blues

Nature Physics - Πέμ, 14/03/2024 - 00:00

Nature Physics, Published online: 14 March 2024; doi:10.1038/s41567-024-02450-y

Fruity blues

Batter quality

Nature Physics - Πέμ, 14/03/2024 - 00:00

Nature Physics, Published online: 14 March 2024; doi:10.1038/s41567-024-02449-5

Batter quality

The air temperature conundrum

Nature Physics - Πέμ, 14/03/2024 - 00:00

Nature Physics, Published online: 14 March 2024; doi:10.1038/s41567-024-02428-w

Measuring air temperature is far from a trivial task, as Andrea Merlone, Graziano Coppa and Chiara Musacchio explain.

Honesty is being put through the mill

Nature Physics - Πέμ, 14/03/2024 - 00:00

Nature Physics, Published online: 14 March 2024; doi:10.1038/s41567-024-02430-2

Honesty is being put through the mill

Computing in physics education

Nature Physics - Πέμ, 14/03/2024 - 00:00

Nature Physics, Published online: 14 March 2024; doi:10.1038/s41567-023-02371-2

Computing is central to the enterprise of physics but few undergraduate physics courses include it in their curricula. Here we discuss why and how to integrate computing into physics education.

Racial equity in physics education research

Nature Physics - Πέμ, 14/03/2024 - 00:00

Nature Physics, Published online: 14 March 2024; doi:10.1038/s41567-024-02424-0

Injustices and oppression are pervasive in society, including education. An intersectional, equity-oriented approach can help remove systemic obstacles and improve the experience of marginalized people in physics education through decolonial and critical race lenses.

Unlock the potential of a physics education

Nature Physics - Πέμ, 14/03/2024 - 00:00

Nature Physics, Published online: 14 March 2024; doi:10.1038/s41567-024-02458-4

This month in Nature Physics, we publish a Focus issue that highlights the importance of physics education research.

A physics curriculum for the modern world

Nature Physics - Πέμ, 14/03/2024 - 00:00

Nature Physics, Published online: 14 March 2024; doi:10.1038/s41567-023-02370-3

Increasingly, physics graduates take jobs outside academia. Active teaching approaches lead to deeper conceptual understanding and a more varied skill set and are therefore more likely to prepare students for successful careers.

Reducing emissions related to duty travel: everybody’s contribution counts

Cern News - Τετ, 13/03/2024 - 15:46
Reducing emissions related to duty travel: everybody’s contribution counts

In an era where the consequences of climate change loom ever larger, reducing carbon emissions is imperative. Among the various contributors to carbon emissions, duty travel – comprising conferences and other professional engagements – is an often-overlooked source.

Travel is embedded in CERN’s DNA, with worldwide collaborations that rely on exchanges between people from all around the globe. International exchange is a pillar of scientific progress at CERN and beyond, and is particularly important for early-career researchers and those from underrepresented geographic regions.

At the same time, CERN strives to be a role model for environmentally responsible research and, in this context, to minimise its carbon emissions wherever possible. Extensive professional travel, particularly by air, has an environmental impact. CERN’s third Environment Report shows that emissions arising from travel by personnel on the CERN payroll amounted to 151 tCO2e and 827 tCO2e in 2021 and 2022 respectively, a marked reduction compared with the 3330 tCO2e reported in 2019, before the COVID-19 pandemic. Most emissions result from air travel, mainly from long-distance flights. Although they represent just a small fraction of CERN’s total emissions, acting on them is important as, whatever the scale, all actions contribute to minimising CERN’s environmental impact.

A dedicated working group was set up in 2022 to make recommendations on reducing duty-travel emissions without having a detrimental impact on CERN. The recommendations, approved by the Enlarged Directorate on 23 January 2024, recognise and integrate the crucial importance of international collaboration for the advancement of CERN’s mission and research, while encouraging everyone to collectively set an example by reducing duty-travel-related carbon emissions. The recommendations are now available in the Admin e-guide duty travel pages.

Two overarching principles apply:

  1. 1. Reducing (air) travel by considering whether virtual participation, if available, provides similar value. This will help reduce the number of trips undertaken and contribute to reducing overall emissions. In particular, single-day trips requiring air travel should be avoided if virtual participation is possible.
  2. 2. Encouraging the use of ground transportation (particularly the train) for distances up to 700 km and as transport options allow, taking into account time- and cost-efficiency.

The recommendations are accompanied by a simple decision tree to help travellers reflect before they book their trips. In addition, the new online booking tool Egencia offers several different features, including a CO2 calculator for flights. Finally, the recommendations also cover event guidelines to encourage organisers and participants to make mindful, environmentally conscious choices. These take into account the importance of in-person interactions for building and maintaining collaborations and networks, particularly for early-career professionals. They aim to ensure that effective virtual participation is possible in all events hosted by the Organization and to minimise the amount of travel required without compromising collaboration, operations, goals and opportunities for personnel.

ndinmore Wed, 03/13/2024 - 14:46 Byline HSE unit Publication Date Wed, 03/13/2024 - 14:38

Reducing emissions related to duty travel: everybody’s contribution counts

Cern News - Τετ, 13/03/2024 - 15:46
Reducing emissions related to duty travel: everybody’s contribution counts

In an era where the consequences of climate change loom ever larger, reducing carbon emissions is imperative. Among the various contributors to carbon emissions, duty travel – comprising conferences and other professional engagements – is an often-overlooked source.

Travel is embedded in CERN’s DNA, with worldwide collaborations that rely on exchanges between people from all around the globe. International exchange is a pillar of scientific progress at CERN and beyond, and is particularly important for early-career researchers and those from underrepresented geographic regions.

At the same time, CERN strives to be a role model for environmentally responsible research and, in this context, to minimise its carbon emissions wherever possible. Extensive professional travel, particularly by air, has an environmental impact. CERN’s third Environment Report shows that emissions arising from travel by personnel on the CERN payroll amounted to 151 tCO2e and 827 tCO2e in 2021 and 2022 respectively, a marked reduction compared with the 3330 tCO2e reported in 2019, before the COVID-19 pandemic. Most emissions result from air travel, mainly from long-distance flights. Although they represent just a small fraction of CERN’s total emissions, acting on them is important as, whatever the scale, all actions contribute to minimising CERN’s environmental impact.

A dedicated working group was set up in 2022 to make recommendations on reducing duty-travel emissions without having a detrimental impact on CERN. The recommendations, approved by the Enlarged Directorate on 23 January 2024, recognise and integrate the crucial importance of international collaboration for the advancement of CERN’s mission and research, while encouraging everyone to collectively set an example by reducing duty-travel-related carbon emissions. The recommendations are now available in the Admin e-guide duty travel pages.

Two overarching principles apply:

  1. 1. Reducing (air) travel by considering whether virtual participation, if available, provides similar value. This will help reduce the number of trips undertaken and contribute to reducing overall emissions. In particular, single-day trips requiring air travel should be avoided if virtual participation is possible.
  2. 2. Encouraging the use of ground transportation (particularly the train) for distances up to 700 km and as transport options allow, taking into account time- and cost-efficiency.

The recommendations are accompanied by a simple decision tree to help travellers reflect before they book their trips. In addition, the new online booking tool Egencia offers several different features, including a CO2 calculator for flights. Finally, the recommendations also cover event guidelines to encourage organisers and participants to make mindful, environmentally conscious choices. These take into account the importance of in-person interactions for building and maintaining collaborations and networks, particularly for early-career professionals. They aim to ensure that effective virtual participation is possible in all events hosted by the Organization and to minimise the amount of travel required without compromising collaboration, operations, goals and opportunities for personnel.

ndinmore Wed, 03/13/2024 - 14:46 Byline HSE unit Publication Date Wed, 03/13/2024 - 14:38

CERN community: celebrate spring at CERN with us

Cern News - Τετ, 13/03/2024 - 12:06
CERN community: celebrate spring at CERN with us

Blossom on the trees, longer days and a strange craving for egg-shaped chocolates tells us that spring is in the air.

To celebrate, we’re launching a photography competition for the CERN community. Send us your best photos of “spring at CERN”. Our favourite photo will win a CAGI Chocopass, kindly offered by the CAGI cultural kiosk at CERN. This Chocopass lets you spend a day exploring Geneva and tasting from a range of chocolate shops.

How to enter:

  • You must have a CERN email address to take part in this competition.
  • Send your photo to bulletin-editors@cern.ch by Sunday 24 March at 11:59 p.m. CET.
  • You can send a maximum of three photos per person.
  • By sending your photo, you agree to it being added to a CC-BY photo collection in the CERN Document Server, where you will be credited.
  • The photos may be used by CERN online for this competition and in the future.
  • The winner will be announced in the next CERN Bulletin.

We are grateful to the International Geneva Welcome Centre (CAGI) for offering a Chocopass for the winning prize. The CAGI cultural kiosk is located in CERN’s main building and is open from Monday to Friday from 8:30 a.m. to 11:00 a.m. and from 11:30 a.m. to 2:30 p.m. It offers numerous discounts for local activities and events both in Switzerland and in France. Find out more here: https://www.cagi.ch/en/cultural-kiosk-agenda/

katebrad Wed, 03/13/2024 - 11:06 Byline Internal Communication Publication Date Wed, 03/13/2024 - 11:24

CERN community: celebrate spring at CERN with us

Cern News - Τετ, 13/03/2024 - 12:06
CERN community: celebrate spring at CERN with us

Blossom on the trees, longer days and a strange craving for egg-shaped chocolates tells us that spring is in the air.

To celebrate, we’re launching a photography competition for the CERN community. Send us your best photos of “spring at CERN”. Our favourite photo will win a CAGI Chocopass, kindly offered by the CAGI cultural kiosk at CERN. This Chocopass lets you spend a day exploring Geneva and tasting from a range of chocolate shops.

How to enter:

  • You must have a CERN email address to take part in this competition.
  • Send your photo to bulletin-editors@cern.ch by Sunday 24 March at 11:59 p.m. CET.
  • You can send a maximum of three photos per person.
  • By sending your photo, you agree to it being added to a CC-BY photo collection in the CERN Document Server, where you will be credited.
  • The photos may be used by CERN online for this competition and in the future.
  • The winner will be announced in the next CERN Bulletin.

We are grateful to the International Geneva Welcome Centre (CAGI) for offering a Chocopass for the winning prize. The CAGI cultural kiosk is located in CERN’s main building and is open from Monday to Friday from 8:30 a.m. to 11:00 a.m. and from 11:30 a.m. to 2:30 p.m. It offers numerous discounts for local activities and events both in Switzerland and in France. Find out more here: https://www.cagi.ch/en/cultural-kiosk-agenda/

katebrad Wed, 03/13/2024 - 11:06 Byline Internal Communication Publication Date Wed, 03/13/2024 - 11:24

Manipulation of chiral interface states in a moiré quantum anomalous Hall insulator

Nature Physics - Τετ, 13/03/2024 - 00:00

Nature Physics, Published online: 13 March 2024; doi:10.1038/s41567-024-02444-w

The local electronic structure of interface states between topologically distinct domains is imaged and controlled, allowing visualization of the interplay between strong interactions and non-trivial topology.

You see an empty field? We see an “Open Sky Laboratory”!

Cern News - Τρί, 12/03/2024 - 12:33
You see an empty field? We see an “Open Sky Laboratory”!

The Future Circular Collider (FCC) Feasibility Study is developing a concept for a new research infrastructure to host the next generation of higher-performance particle colliders with the aim of extending the research currently being conducted at the LHC, once the HL-LHC reaches its conclusion, beyond 2040.

In 2021–2022, the EU-funded FCC Innovation Study* launched an international challenge-based competition called “Mining the Future”, which invited scientists and companies to propose innovative yet technically feasible solutions to turn the material excavated during the construction of FCC underground structures into a usable resource. The reuse potential of the excavation material is one of the factors that will contribute to the acceptability and cost efficiency of the FCC project.

The proposed solutions are now being integrated into a unique design and evaluated in the field, and will reach maturity by 2030. The objectives of the evaluations are twofold. Firstly, to establish how to conduct the online identification, sorting and pre-treatment of the materials during the excavation process. Secondly, to prepare different reuse pathways to sort and pre-treat materials, including transforming sterile rock – a soft and heterogeneous sedimentary rock called molasse – into fertile soil for agriculture, forestry and renaturation applications, in line with the principles of a circular economy. The quality-assured creation of fertile soil is a lengthy process spanning several years and has been chosen as the first large-scale experiment with field tests at an “Open Sky Laboratory”.

The plot of land located near LHC Point 5 (CMS, Cessy, France) destined for the Open Sky Laboratory. (Image: CERN)

The Open Sky Laboratory, a plot of about 10 000 m2 located near LHC Point 5 (CMS, Cessy, France – see image), has been made available and will be prepared in collaboration with CERN’s SCE and EN departments. Molasse extracted during the HL-LHC excavations will be transported to this field to be used in the tests. Initial laboratory analyses will be performed off site to identify the most suitable mix of molasse and other materials. These will be followed by field tests in the Open Sky Laboratory’s controlled environment (monitoring of the field, weather and plant growth conditions), using scientific protocols developed by a collaboration of universities working in this domain.

In keeping with CERN’s long-standing tradition, this project relies on an open collaboration with academia and industry. Currently, the collaboration includes university and research experts in agronomy, pedogenesis and geology and industrial partners in soil engineering and phytoremediation, soil treatment techniques and monitoring and supervisory control systems.

A socioeconomic assessment of reuse cases for the transformed soil will be performed in order to evaluate the potential economic benefits for FCC construction and the potential advantages for the entire construction sector in Europe.

*Grant agreement 951754

anschaef Tue, 03/12/2024 - 11:33 Byline Luisa Ulrici Publication Date Thu, 03/14/2024 - 09:30

You see an empty field? We see an “Open Sky Laboratory”!

Cern News - Τρί, 12/03/2024 - 12:33
You see an empty field? We see an “Open Sky Laboratory”!

The Future Circular Collider (FCC) Feasibility Study is developing a concept for a new research infrastructure to host the next generation of higher-performance particle colliders with the aim of extending the research currently being conducted at the LHC, once the HL-LHC reaches its conclusion, beyond 2040.

In 2021–2022, the EU-funded FCC Innovation Study* launched an international challenge-based competition called “Mining the Future”, which invited scientists and companies to propose innovative yet technically feasible solutions to turn the material excavated during the construction of FCC underground structures into a usable resource. The reuse potential of the excavation material is one of the factors that will contribute to the acceptability and cost efficiency of the FCC project.

The proposed solutions are now being integrated into a unique design and evaluated in the field, and will reach maturity by 2030. The objectives of the evaluations are twofold. Firstly, to establish how to conduct the online identification, sorting and pre-treatment of the materials during the excavation process. Secondly, to prepare different reuse pathways to sort and pre-treat materials, including transforming sterile rock – a soft and heterogeneous sedimentary rock called molasse – into fertile soil for agriculture, forestry and renaturation applications, in line with the principles of a circular economy. The quality-assured creation of fertile soil is a lengthy process spanning several years and has been chosen as the first large-scale experiment with field tests at an “Open Sky Laboratory”.

The plot of land located near LHC Point 5 (CMS, Cessy, France) destined for the Open Sky Laboratory. (Image: CERN)

The Open Sky Laboratory, a plot of about 10 000 m2 located near LHC Point 5 (CMS, Cessy, France – see image), has been made available and will be prepared in collaboration with CERN’s SCE and EN departments. Molasse extracted during the HL-LHC excavations will be transported to this field to be used in the tests. Initial laboratory analyses will be performed off site to identify the most suitable mix of molasse and other materials. These will be followed by field tests in the Open Sky Laboratory’s controlled environment (monitoring of the field, weather and plant growth conditions), using scientific protocols developed by a collaboration of universities working in this domain.

In keeping with CERN’s long-standing tradition, this project relies on an open collaboration with academia and industry. Currently, the collaboration includes university and research experts in agronomy, pedogenesis and geology and industrial partners in soil engineering and phytoremediation, soil treatment techniques and monitoring and supervisory control systems.

A socioeconomic assessment of reuse cases for the transformed soil will be performed in order to evaluate the potential economic benefits for FCC construction and the potential advantages for the entire construction sector in Europe.

*Grant agreement 951754

anschaef Tue, 03/12/2024 - 11:33 Byline Luisa Ulrici Publication Date Thu, 03/14/2024 - 09:30

Computer Security: Bingo walk-through

Cern News - Τρί, 12/03/2024 - 12:13
Computer Security: Bingo walk-through

Once more, bravo to all those who participated in the Bull**** Bingo in the last but one Bulletin issue and sent us their solution. The Hawaiian pizza was quickly gone. But some people were wondering why their responses were not correct… Good point, so let’s walk through that Bingo:

  • 1A “There is no malware for Apple devices” ─ was a slogan of the past, as the big market share was with Microsoft Windows. But that has changed. And owners of a MacBook are perceived as being richer, so the spoils are larger...;
  • 1B “Software from the Google Play Store is harmless” ─ actually, anyone can push any application to the Google Play Store. It is not curated or validated so it has become a dump for malware, too. The Apple store is better in that respect, as Apple keeps it tightly controlled (to make money) and only admits applications that follow their policies (which doesn’t mean that there are no problems either);
  • 1C “Security is everyone’s responsibility” ─ indeed! Given the academic environment at CERN, its openness and the freedom you have to benefit from any (legal) computing resource, it is impossible for the Computer Security team to shoulder the responsibility for your digital assets. We have to count on you to keep those secure, and we are happy to help you do so;
  • 1D “SSH on port 2222/tcp is more secure” ─ nope. This is called security-through-obscurity as SSH normally runs on port 22/tcp. Changing that might only deter the lightweight attackers and, thus, keep the noise level down. The experts run reconnaissance tools like “nmap”, which find SSH regardless of which port you use;
  • 1E “Spam and malware filtering is 100% effective” ─ we wish! But in CERN’s environment, with the openness to use the CERN email address for personal matters, with the multitude of languages spoken and written at CERN, and with the large academic community sending emails back and forth, for many emails it is hard to tell whether they are spam or not. We try our best, but, admittedly, there is room for improvement;
  • 2A “2FA is a big step forward for account protection” ─ it is! With two-factor authentication it is no longer enough to remotely steal your password (e.g. via a so-called phishing attack). The attacker would also need to have physical access to your smartphone or hardware token, and most attackers are not close by. In addition, you would quickly notice the theft of your smartphone or keys, no?
  • 2B “Emails from “@cern.ch” are legitimate” ─ emails can be easily spoofed. That means that an email is not necessarily sent from a “cern.ch” mail service but from another one (e.g. gmail.com). This is called “spoofing” and is the reason why so many emails are currently quarantined in our mail appliances, because the sender is consciously or accidentally spoofing email addresses;
  • 2C “I'm personally not a target as I'm not interesting to attackers” ─ don’t be so humble. You are interesting (!) even if you might not be the one working on that very confidential, top-secret or highly visible stuff. You might just be the entry point. The personal assistant used to attack the boss. The colleague to trick your peers. The patient zero to infect and compromise others…
  • 2D “Back-ups cannot be altered” ─ as long as they remain connected and remotely reachable and are not immutable, most back-ups can be altered. CERN takes special care to ensure that back-ups are secure, but if you leave your external hard-disk connected to your laptop, it is for some malware only another folder to subject to ransomware encryption
  • 2E “I have nothing to hide” ─ don’t you? Can I get your credit card PIN? Install a camera in your place? Access the “deleted photos” folder on your smartphone?
  • 3A “I would never fall for phishing” ─ said many other people before. We usually catch out 10% of CERN accountholders with our annual phishing campaigns;
  • 3B “Only the link behind a text/QR code reveals its truth” ─ yessss! What is displayed can be anything (for readability or for obfuscation). Only once you hover your mouse over the link or check the text displayed right before taking the QR photo, is the real destination revealed.
  • 3C “CERN’s technical network is secure” ─ it is secured. But given its complexity, its automatic interaction with CERN’s Data Centres and the need for experts and operators to remotely connect to the technical network, it is far from being perfectly secure. There is still some margin for improvement!
  • 3D “A password written on a post-it is a good idea” ─ if you want to give the cleaning personnel or visitors access to your computer. And you shouldn’t!
  • 3E “QR codes always link to legit sites” ─ nope. There is no guarantee of that (see 3B above);
  • 4A “A (free) VPN service protects me” ─  but remember, if you're not paying for the product, there's a very high chance that you​ are​ the product. There is no guarantee regarding anonymity or privacy with a free VPN, and the provider is free to share your data with third parties as they see fit or to (ab)use your network bandwidth for other purposes. This is why, for example ”Hola! VPN” is forbidden at CERN. Paid VPNs are better, but still protect only your communication, they do not protect against the content you access. In the end, it is a question of whom you trust more, your ISP (and thus indirectly the country/jurisdiction under which that ISP operates) or your VPN provider (and the country where they/their servers are
    located);
  • 4B “Password protection on my laptop protects its data” ─ actually, that password protects interactive access to your laptop. But if you don’t take extra precautions to encrypt your hard disk with Bitlocker (Windows) or Filevault (MacOS), your laptop is for an attacker just another unprotected storage system like a USB stick;
  • 4C “My browser’s password manager is secure” ─ that depends very much on the kind and on which version you run. In the past, passwords were even stored in plain text in some browsers. Hence, if you can’t remember your passwords, a stand-alone password manager might be the better choice;
  • 4D “CERN is not interesting to attackers” ─ was never a true statement. The Chaos Computer Club infiltrated CERN in 1986; at the beginning of the millennium we fought “Phalanx”, “Windigo” and “ebury” in our data centres and on the WLCG; and today CERN is targeted by ransomware attacks like anyone else ;
  • 4E “CERN’s anti-malware software is free for you to download” ─ yes, it is! For the protection of your devices at CERN and at home, and for the wider protection of CERN;
  • 5A “Using “https” means the website is secure” ─ the “s” in “https” indicates that the communication is protected by encryption and, hence, from eavesdropping. But this doesn't imply the trustworthiness of the website behind;
  • 5B “CERN’s outer perimeter firewall keeps all threats away” ─ if that were true, we wouldn’t have this article here. While that firewall blocks a large fraction of malicious and unwanted traffic, it is not watertight and requires other “defence-in-depth” layers to catch all threats;
  • 5C “Cloud services cannot be hacked” ─ actually, cloud service providers are in the same boat as everyone else and, in addition, are big targets with lots of revenue to be made. Indeed, there have been reports in the past of a multitude of successful attacks on large cloud service providers like Okta, Microsoft, LastPass, etc.;
  • 5D “Encryption is easy; key management is complicated” ─ true! There are a multitude of good encryption mechanisms on the market. It gets tricky, however, to ensure that the decryption keys are properly and securely stored. If they get lost, so is your encrypted data. And it gets even more tricky if several people, each with their own decryption key, need to access the data;
  • 5E “WiFi is always secure” ─ WiFi is just a communication method, here via the air. It does not say anything about access protection or encrypted communication. If you want a secure WiFi, ensure that the communication is subject to “WPA3” and, even better, always use encrypted protocols: SSH or HTTPS (see 5A above).

Complicated? Maybe. But that’s why we keep you regularly updated in our Bulletin articles. So, once again, CONGRATULATIONS to those who got five right answers. And THANK YOU to you all for helping to keep CERN secure!

_______

Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, check our website or contact us at Computer.Security@cern.ch.

anschaef Tue, 03/12/2024 - 11:13 Byline Computer Security team Publication Date Tue, 03/12/2024 - 11:07

Computer Security: Bingo walk-through

Cern News - Τρί, 12/03/2024 - 12:13
Computer Security: Bingo walk-through

Once more, bravo to all those who participated in the Bull**** Bingo in the last but one Bulletin issue and sent us their solution. The Hawaiian pizza was quickly gone. But some people were wondering why their responses were not correct… Good point, so let’s walk through that Bingo:

  • 1A “There is no malware for Apple devices” ─ was a slogan of the past, as the big market share was with Microsoft Windows. But that has changed. And owners of a MacBook are perceived as being richer, so the spoils are larger...;
  • 1B “Software from the Google Play Store is harmless” ─ actually, anyone can push any application to the Google Play Store. It is not curated or validated so it has become a dump for malware, too. The Apple store is better in that respect, as Apple keeps it tightly controlled (to make money) and only admits applications that follow their policies (which doesn’t mean that there are no problems either);
  • 1C “Security is everyone’s responsibility” ─ indeed! Given the academic environment at CERN, its openness and the freedom you have to benefit from any (legal) computing resource, it is impossible for the Computer Security team to shoulder the responsibility for your digital assets. We have to count on you to keep those secure, and we are happy to help you do so;
  • 1D “SSH on port 2222/tcp is more secure” ─ nope. This is called security-through-obscurity as SSH normally runs on port 22/tcp. Changing that might only deter the lightweight attackers and, thus, keep the noise level down. The experts run reconnaissance tools like “nmap”, which find SSH regardless of which port you use;
  • 1E “Spam and malware filtering is 100% effective” ─ we wish! But in CERN’s environment, with the openness to use the CERN email address for personal matters, with the multitude of languages spoken and written at CERN, and with the large academic community sending emails back and forth, for many emails it is hard to tell whether they are spam or not. We try our best, but, admittedly, there is room for improvement;
  • 2A “2FA is a big step forward for account protection” ─ it is! With two-factor authentication it is no longer enough to remotely steal your password (e.g. via a so-called phishing attack). The attacker would also need to have physical access to your smartphone or hardware token, and most attackers are not close by. In addition, you would quickly notice the theft of your smartphone or keys, no?
  • 2B “Emails from “@cern.ch” are legitimate” ─ emails can be easily spoofed. That means that an email is not necessarily sent from a “cern.ch” mail service but from another one (e.g. gmail.com). This is called “spoofing” and is the reason why so many emails are currently quarantined in our mail appliances, because the sender is consciously or accidentally spoofing email addresses;
  • 2C “I'm personally not a target as I'm not interesting to attackers” ─ don’t be so humble. You are interesting (!) even if you might not be the one working on that very confidential, top-secret or highly visible stuff. You might just be the entry point. The personal assistant used to attack the boss. The colleague to trick your peers. The patient zero to infect and compromise others…
  • 2D “Back-ups cannot be altered” ─ as long as they remain connected and remotely reachable and are not immutable, most back-ups can be altered. CERN takes special care to ensure that back-ups are secure, but if you leave your external hard-disk connected to your laptop, it is for some malware only another folder to subject to ransomware encryption
  • 2E “I have nothing to hide” ─ don’t you? Can I get your credit card PIN? Install a camera in your place? Access the “deleted photos” folder on your smartphone?
  • 3A “I would never fall for phishing” ─ said many other people before. We usually catch out 10% of CERN accountholders with our annual phishing campaigns;
  • 3B “Only the link behind a text/QR code reveals its truth” ─ yessss! What is displayed can be anything (for readability or for obfuscation). Only once you hover your mouse over the link or check the text displayed right before taking the QR photo, is the real destination revealed.
  • 3C “CERN’s technical network is secure” ─ it is secured. But given its complexity, its automatic interaction with CERN’s Data Centres and the need for experts and operators to remotely connect to the technical network, it is far from being perfectly secure. There is still some margin for improvement!
  • 3D “A password written on a post-it is a good idea” ─ if you want to give the cleaning personnel or visitors access to your computer. And you shouldn’t!
  • 3E “QR codes always link to legit sites” ─ nope. There is no guarantee of that (see 3B above);
  • 4A “A (free) VPN service protects me” ─  but remember, if you're not paying for the product, there's a very high chance that you​ are​ the product. There is no guarantee regarding anonymity or privacy with a free VPN, and the provider is free to share your data with third parties as they see fit or to (ab)use your network bandwidth for other purposes. This is why, for example ”Hola! VPN” is forbidden at CERN. Paid VPNs are better, but still protect only your communication, they do not protect against the content you access. In the end, it is a question of whom you trust more, your ISP (and thus indirectly the country/jurisdiction under which that ISP operates) or your VPN provider (and the country where they/their servers are
    located);
  • 4B “Password protection on my laptop protects its data” ─ actually, that password protects interactive access to your laptop. But if you don’t take extra precautions to encrypt your hard disk with Bitlocker (Windows) or Filevault (MacOS), your laptop is for an attacker just another unprotected storage system like a USB stick;
  • 4C “My browser’s password manager is secure” ─ that depends very much on the kind and on which version you run. In the past, passwords were even stored in plain text in some browsers. Hence, if you can’t remember your passwords, a stand-alone password manager might be the better choice;
  • 4D “CERN is not interesting to attackers” ─ was never a true statement. The Chaos Computer Club infiltrated CERN in 1986; at the beginning of the millennium we fought “Phalanx”, “Windigo” and “ebury” in our data centres and on the WLCG; and today CERN is targeted by ransomware attacks like anyone else ;
  • 4E “CERN’s anti-malware software is free for you to download” ─ yes, it is! For the protection of your devices at CERN and at home, and for the wider protection of CERN;
  • 5A “Using “https” means the website is secure” ─ the “s” in “https” indicates that the communication is protected by encryption and, hence, from eavesdropping. But this doesn't imply the trustworthiness of the website behind;
  • 5B “CERN’s outer perimeter firewall keeps all threats away” ─ if that were true, we wouldn’t have this article here. While that firewall blocks a large fraction of malicious and unwanted traffic, it is not watertight and requires other “defence-in-depth” layers to catch all threats;
  • 5C “Cloud services cannot be hacked” ─ actually, cloud service providers are in the same boat as everyone else and, in addition, are big targets with lots of revenue to be made. Indeed, there have been reports in the past of a multitude of successful attacks on large cloud service providers like Okta, Microsoft, LastPass, etc.;
  • 5D “Encryption is easy; key management is complicated” ─ true! There are a multitude of good encryption mechanisms on the market. It gets tricky, however, to ensure that the decryption keys are properly and securely stored. If they get lost, so is your encrypted data. And it gets even more tricky if several people, each with their own decryption key, need to access the data;
  • 5E “WiFi is always secure” ─ WiFi is just a communication method, here via the air. It does not say anything about access protection or encrypted communication. If you want a secure WiFi, ensure that the communication is subject to “WPA3” and, even better, always use encrypted protocols: SSH or HTTPS (see 5A above).

Complicated? Maybe. But that’s why we keep you regularly updated in our Bulletin articles. So, once again, CONGRATULATIONS to those who got five right answers. And THANK YOU to you all for helping to keep CERN secure!

_______

Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, check our website or contact us at Computer.Security@cern.ch.

anschaef Tue, 03/12/2024 - 11:13 Byline Computer Security team Publication Date Tue, 03/12/2024 - 11:07

Σελίδες

Subscribe to Τμήμα Φυσικής συλλέκτης - Physics Department - Extern RSS Feeds

Πανεπιστήμιο Κρήτης - Τμήμα Φυσικής - Πανεπιστημιούπολη Βουτών - TK 70013 Βασιλικά Βουτών, Ελλάδα
τηλ: +30 2810 394300 - email: chair@physics.uoc.gr