nav search
Data Center Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

* Posts by Michael Wojcik

5247 posts • joined 21 Dec 2007

Big bimmer bummer: Bavaria's BMW buggies battered by bad bugs

Michael Wojcik
Silver badge

Re: Thanks...

Still don't understand why car makers ever thought keyless entry, remote wireless diagnostics and all that infotainment stuff was ever a good idea

They help sell cars, which is the business car makers are in.

0
0
Michael Wojcik
Silver badge

Re: Are You Surprised

At times I think that I don't want anything more advanced than my current (2005) Accord

My current car is a 2015 Volvo, and after looking at my wife's 2018 Volvo, and what auto manufacturers are eagerly doing, I'm pretty sure I'll never buy another new car.

There are the huge fucking security holes - and the situation is quite a bit worse than what you'd get from the occasional article like this; and while people are working on improving the situation, it's going to be a long time, if ever before it's significantly better. Then there are the goddamned irritainment systems with their touchscreens, which I loathe; and on some of the vehicles I've driven (rentals and the like), they don't dim the backlighting on those screens along with the instrument panel, so at night you're trying to drive with this idiotic screen shining with the brightness of a thousand suns.

Then there are the driver-assist features, many of which are desperately annoying and others outright dangerous. No, I don't want "adaptive" cruise control; when I set the speed, that's the speed I want. Not whatever speed the moron ahead of me in the lane happens to be going. Blind spot warning is OK, and backup cameras are a good augmentation to actually turning your head, but I've yet to see a cruising-speed collision-avoidance system that didn't overreact when some numpty switches into my lane a little closer than is polite. Automatically slamming on my brakes does not improve the situation, since there's probably some moron tailgating me.

And they're too big. And the powertrains are ridiculously overpowered. I use my Volvo wagon to tow a trailer sometimes, and I've passed people while towing it up mountain passes. There's far more output from that engine than I can do anything useful with, and I'm not sanguine about everyone on the road having that sort of acceleration. And here in the US there are few choices if you want a manual transmission, though I can't blame the manufacturers for that - where people will buy manuals, they sell them.

In many ways contemporary cars are far better than those of twenty, even ten, years ago. They are notably safer. They are generally more comfortable. They do have useful features. Things like A/C are pretty much standard. But I find they have too many excruciatingly annoying misfeatures to justify buying new.

0
0

EmDrive? More like BS drive: Physics-defying space engine flunks out

Michael Wojcik
Silver badge

Re: The Germans don't watch youtube enough

It may consume fuel, but the ion drive wins every thrusting contest this way.

The problem isn't consuming "fuel" - a photon drive will also consume fuel, after all, if it's not powered entirely by something external such as solar panels or fusing interstellar hydrogen or unicorn magic.

The problem is consuming reaction mass, which may or may not be a waste product of consuming fuel. Based on the rest of your post I assume that's what you meant, but calling it "fuel" is inaccurate.

The article makes the same error.

People are excited about propellantless drives for the same reason they're excited about photon drives: no reaction mass to haul around and run out of (or have to replace from somewhere). A photon drive isn't propellantless, but its propellant has zero rest mass and can be whipped up from just energy inputs, solving the same problem.

Personally I would be extremely surprised to see a working propellantless drive; conservation of momentum has always been good to me, and I plan on sticking by it as long as I can.

1
0

Folks are shocked – shocked – that CIA-backed Amazon is selling face-recog tech to US snoops, cops

Michael Wojcik
Silver badge

Yes, no doubt

"Amazon requires that customers comply with the law and be responsible when they use AWS services" said an Amazon spokesman, before dissolving into helpless laughter.

Also, I must say I'm disappointed in the FBI. Those nice NCIS folks get a useful hit from facial recognition about 90% of the time, and within only a few minutes, too. That may be due to their semikeyboardist skills, though.

1
0

Within Arm's reach: Chip brains that'll make your 'smart' TV a bit smarter

Michael Wojcik
Silver badge

Re: Now you know why Zuck tapes up the front-facing cameras on his gadgets.

Yes, fortunately we still have electrical tape, or if the camera's also used to sense ambient light level, Vaseline.

Eventually we'll see more and more electronics manufactures attempting, and probably getting away with, shipping devices that don't work unless they can actually recognize the user. In the name of convenience and security, of course. But for a while it'll be simple enough to disable these unnecessary cameras, provided you can find them.

0
0
Michael Wojcik
Silver badge

Re: 1984

Sounds like it's going to be 30 years later than predicted by George Orwell

Pedantry o' the Week: Orwell chose the date arbitrarily, and only then under pressure from his editor. He requested the title always be written out in words ("Nineteen Eighty-Four"), as he felt that would discourage people from focusing on the date. Personally, I don't know that it helps, but in any case it wasn't meant as a prediction about any particular future date.

Also, as I noted in a comment to another recent article, our present culture far more resembles that of Huxley's Brave New World, or Bradbury's Fahrenheit 451,1 than it does Nineteen Eighty-Four. While there are plenty of totalitarian regimes still around, the Big Kids have long since learned that you get better returns from consent than from terror.

1Bradbury intended the focus of F 451 to be on the pervasive, immersive forms of entertainment and stimulation in the future he depicted, not on the book-burning stuff, which is meant merely as a vehicle for the protagonist's transformation. The Walls and Seashells are his main point.

0
0
Michael Wojcik
Silver badge

It's odd that people still watch the same video at the same time on one screen.

Yes. Or go to the theater. Or dine together. Or share any experience at all, really.

Wait, sorry, I thought you wrote "it's normal that...".

I know this is an alien concept for a segment of the population, but evidence suggests that a majority of human beings are social creatures who like to do things together, once in a while.

0
0
Michael Wojcik
Silver badge

If folks want personal robots

I don't.

how do expect them to see?

I'd rather they didn't.

There, sorted.

0
0

Microsoft, Google: We've found a fourth data-leaking Meltdown-Spectre CPU hole

Michael Wojcik
Silver badge

How does JavaScript read any memory that hasn't been previously initialized by the interpreter for its use?

It doesn't - at least not in any of the published Spectre attacks.

The original Spectre paper explains this, and there are other explanations online (and I've posted explanations in comments to Reg stories, as have some others, though you have to filter for accuracy).

That's the whole point of a side-channel attack. You don't have direct access, so you find a proxy that leaks information about what you want to see.

3
0
Michael Wojcik
Silver badge

Re: Old coder rant

For anyone with security in mind it absolutely is a design blunder

This is flat-out wrong, and I'll note that IT security is part of my day job. Your comment misunderstands side-channel information exposure, and it misunderstands design, and it misunderstands security.

4
0
Michael Wojcik
Silver badge

Re: Removing speculative execution

> 10x would not surprise me

I think that's optimistic, at least for x86/x64, and other CISCy architectures such as z. You might get away with only one order of magnitude hit on Power. ARM might do even better (i.e. less than an order of magnitude).

But x86? Those pipelines are deep. Kill spec-ex (for a general-purpose workload) and you'll be in a world of pain. And it's worth noting that even JITted managed languages tend to do even more branching than traditional procedural, compiled 3GLs did.

4
0
Michael Wojcik
Silver badge

why on earth we allow javascript and similar technologies to actually run code able to snoop on cache memory in the first place

Well, in the first place, we don't. If anyone does, that's a bug. And it has nothing to do with any Spectre variant. These are side channel vulnerabilities. They're not about "snooping"; they're about detecting state using the inevitable effects of a complex system.

(The sheer amount of misunderstanding about Spectre after these past four months is depressing. Not surprising, but depressing.)

4
0
Michael Wojcik
Silver badge

Re: Show some understanding, people

And, to some extent, I blame software developers like myself. We have got lazy.

This may be true, but it has absolutely nothing to do with the existence of Spectre-class vulnerabilities. The economic forces driving faster CPU designs would still be present if software were, say, three orders of magnitude less resource-hungry on average. People would just be running three orders of magnitude more work.

Work will expand to fill available resources. Faced with a glut of cheap compute resources, companies would do more optimization, more speculative modeling, more whatever.

3
0
Michael Wojcik
Silver badge

Re: I'm confused..

I still don't see how this valuable secret data that is now in the cache can be accessed by a third party.

It can't. Or, at any rate, that's not what Spectre-class attacks are about.

Spectre-class attacks use speculative execution to alter the observable state of the system, then observe those state changes to infer what "secret" (not directly accessible) data was subject to their probes.

In variant 1, for example, the attacker mistrains the branch predictor so that it will reliably take a path that tries to load from an invalid address (having found a suitable gadget in memory). That causes a speculative load into cache. The results of that branch are thrown away, but the cache remains warm, and the attacker can then time some loads to see whether a given address was cached or not. That, in turn, tells the attacker about the address computed by the code on the mispredicted branch; and that leaks some information about whatever went into computing that address.

So the attacker gets the gadget code to read the "secret" memory (which it has access to) and use it in creating those addresses, gradually leaking information.

That's only one variant (and rather simplified). The original Spectre paper explains variants 1 and 2, and other side channels that might be exploitable, in some detail.

But the point is that the attack code never sees the secret data directly. It sees what effects the secret data has on rump post-spec-ex execution system state, when that secret data was misused to alter that state.

4
0
Michael Wojcik
Silver badge

Re: Its quite depressing really

There used to be people who understood these things.

There still are. This is not a problem of understanding. It's a problem of economics.

Things will change if and when a group of people representing a sufficient concentration of market power come to value particular security measures more highly than other attributes of whatever they're buying.

And that's how things have always worked. A Honeywell running Multics was a hell of a lot more secure, under many reasonable threat models, than an Apple II. That didn't stop people from buying an Apple II to do their financial analysis with - because security was not an overwhelming economic advantage.

2
0
Michael Wojcik
Silver badge

Re: Its quite depressing really

In this context encryption outside of the CPU doesn't really matter; the compromised processor is the thing that must touch decrypted data to, well, process it.

Not necessarily true - that is, if the data is being loaded prior to decryption (for example, if decryption is being done by the core being probed), then encryption in memory would prune the Spectre attack tree somewhat. It's not a perfect defense by any means, but it narrows the scope for usefully probing that particular data.

This is simply a specific case of the more general observation that a Spectre probe sequence will reveal much low-value data, possibly in addition to some high-value data. Encrypted data (which the attacker cannot economically decrypt) is low-value.

Of course, the attacker may be able to find the key by probing elsewhere. It's a very partial measure.

2
0
Michael Wojcik
Silver badge

Re: Its quite depressing really

And not only pop out in Intel chips.. but everything else out there too.

This is not at all surprising if you understand the basic concepts of information thermodynamics.

A system that dissipates energy, where that dissipation is not a completely unbiased random function, is leaking information. In other words, it has side channels.

If 1) any of those channels are detectable within the system, and 2) the system contains components with different security domains, then you have a potential violation of security boundaries.

1 & 2 are true of essentially all general-purpose computing, and much embedded (dedicated-purpose) computing, today. The Spectre class has focused specifically on the side channels created by speculative execution, but that's simply because there are a number of ways in which those channels are detectable from within the system.

Also, again, and contra Chris: These are not "blunders". They are deliberate design trade-offs. Arguably "oversights" is valid; those trade-offs were made based on incomplete risk analysis. But they were deliberate, and made to achieve the explicit goals of the project.

4
0

Three-hour outage renders Nest-equipped smart homes very dumb

Michael Wojcik
Silver badge

Re: Younger brother

What kind of magic does he think is possible?

Magic? What, your MUA doesn't support mime/electricity?

0
0

People like convenience more than privacy – so no, blockchain will not 'decentralise the web'

Michael Wojcik
Silver badge

Re: Historic revisionism

everyone knows there were no search engines before Google came around

To be fair, Matt didn't claim there weren't. He wrote "eventually". There were, indeed, books that listed popular websites, back when web-based search engines were few and far between - if memory serves, you could still find them after AltaVista came online.

The early web was indeed indexed by hand, in a text file distributed by CERN and maintained by TBL. There was also the NCSA list. The first real general-purpose web search engine was Lycos.

If you want to carp about what Matt left out, a more interesting case is Yahoo!, which originally had a human-curated web directory based on a new encyclopediac information model. (That model was largely the work of Srinija Srinivasan, who's been written out of most of the histories of Yahoo!.) Ultimately that was unsustainable and first algorithmic indexing in general, and then the GWiki duopoly in particular, beat it into the dust. But it was a more distinct attempt than the mid-1990s horde of web crawlers.

nobody mention Archie

Archie indexed FTP servers. Veronica indexed gopher servers. WAIS indexed WAIS servers, which were based on Z50.39. None were web indexes.

1
0
Michael Wojcik
Silver badge

Re: Spot on

People want to do social things - it's the things they do, and the people they do it with, that they care about. Services, not providers.

Not even services. People value accomplishing tasks (and opportunities, which are just imagined future accomplishments). It's economic: a user wants to do something at a low perceived cost.

The "perceived" there is critical - this is about behavioral economics, not naive rational-actor economics.

"Convenience" is just shorthand for minimizing opportunity cost (I don't want this task to take much time or effort) and cognitive load (I don't want to have to learn how to do something). Of course there are also psychological rewards for paying opportunity costs and cognitive load; that's why people play games and perform other ergodic (deliberately difficult) tasks. So it's not just a simple matter of always taking the path of least resistance.

But on the whole people make a largely subconscious calculation of cost and reward, based on perceptions that are very influenced by emotion, social influences, and past behavior. Matt's thesis is correct (mirabile dictu), but not because of an essential convenience / privacy dichotomy: it's because most users don't have sufficient mental investment in privacy to justify additional opportunity and cognitive costs.

1
0
Michael Wojcik
Silver badge

Re: Spot on

Ultimately unless it's fully secure it's not secure.

Sophomoric bullshit.

No non-trivial system is ever "fully secure". The phrase is essentially meaningless. The security of a system is the probability that it will behave as intended (itself a nebulous concept) by authorized users (another one). That probability can be reduced by accident, faults in the system, and malice; for the last category, security reduces to the economics of attack.

So for any non-degenerate case security can only asymptotically approach 1, and in fact because of the difficulties of defining "intended behavior" and "authorized users" (many of which will not be human but other systems to which we've delegated various functions), the goal can't even be defined with decent precision.

And so talking about "fully secure" or "perfect security", etc, is nonsense. You're appealing to a concept that isn't even theoretically sound, much less realizable in practice.

And thus by your formulation nothing is secure at all, and any discussion of security is irrelevant.

Treating security as a binary is pointless. Don't do it.

1
0

UPnP joins the 'just turn it off on consumer devices, already' club

Michael Wojcik
Silver badge

Re: Now, home boxes, that's a different matter.

Caller: Please connect me to your supervisor before I FILE A FORMAL COMPLAINT AND SWITCH PROVIDERS!

Caller is welcome to do so. The formal complaint has no material effect, and you're already costing us more than you're worth. Ta!

And, of course, in the US, many consumers have only one viable choice of ISP.

0
0
Michael Wojcik
Silver badge

Re: Now, home boxes, that's a different matter.

So IOW, you want people to have a license to use the Internet, even if they start complaining to the help desks, tying them up.

Who else, exactly, is using this alleged ISP help desk?

And if the help desk is "tied up", either the ISP will address that situation, or market forces will correct it (i.e. people will switch), or people will put up with it - just as they do now. I don't find Helpocalypse a persuasive argument.

0
0
Michael Wojcik
Silver badge

Re: USB cables

I don't think I've ever seen one myself either.

I don't know why not. Best Buy sells them. Hell, my local supermarket sells them. They're right next to the other USB cables, and they say "charging only", and they're generally cheaper than the regular (data-carrying) cables. These days, they probably have some sort of security waffle on the packaging too.

0
0
Michael Wojcik
Silver badge

Re: Now, home boxes, that's a different matter.

So what do you propose as the alternative for people who wouldn't know a port if it pwned them?

Learn or do without.

Please stop endorsing learned helplessness. For all of human existence, people have demonstrated the capacity to learn how to use things they have good reason (including entertainment) to use.

0
0
Michael Wojcik
Silver badge

Re: another lesson

if game developers are relying on P2P I'd say it is required if that is what you want to do, play the game

Yup. And opening the door in mid-flight is required if what you want to do is go skydiving.

That's not really a great reason to have all planes open their doors in mid-flight by default.

Nor is it a great reason to sell routers with UPandGetHacked enabled. Yes, quite a few people want to play multiplayer games that require it. Fine. Let them learn how to turn it on. Consider it part of the game.

0
0

US judge to Facebook: Nope, facial recognition lawsuit has to go to jury

Michael Wojcik
Silver badge

Re: Interesting

I cannot believe it will. It has to be recognizing something, and there are relatively few things it can be recognizing than facial geometry.

I agree - and further I'd argue that it doesn't matter, since whatever it's recognizing (i.e. however its generated model maps inputs to classes) is functionally equivalent to facial geometry.

But this is likely to be an important decision for the legal status of black-box machine learning, even at the state level. Precedent is limited but if the judgement looks well-reasoned other judges will take notice.

0
0

Boffins build a 2D 'quantum walk' that's not a computer, but could still blow them away

Michael Wojcik
Silver badge

Re: What sort of problem *is* this machine designed to solve?

And solvable with simulated annealing a la Rumelhart/McClelland/PDP

Yeah. And if your problem is too large and rough for simulated annealing to give you a good-enough answer in reasonable time, you can always step up to quantum annealing a la D-Wave. I'm not a D-Wave trufan, but there are certainly applications where annealing is more suitable than trying to go with more exotic approaches, and it's not inconceivable that some real-world examples would be outside the envelope of practical conventional simulated annealing (though that envelope grows quickly) but within the QA one.

In any case, offhand I don't think I've seen anything that claims QW helps with TSP variants like this. Unless something's been proven since I last checked, NP-Complete isn't in BQP, so while quantum algorithms may provide poly-time speedups in some cases, they don't change the complexity class.

1
0
Michael Wojcik
Silver badge

Re: What sort of problem *is* this machine designed to solve?

what sort of problem *is* this machine designed to solve?

Yeah, it's pretty hard to find out what a quantum-walk machine might do. Unless, I guess, you have access to some sort of world-wide linked-up-thing of information, say.

Or, if you want to Sticki with the Wiki, like 99% of the web-using populace, try this.

Quantum-walk algorithms that are strictly faster than classical-computer algorithms have been known since at least 2002. (Hey, I think I know one of the authors of that one. Cool.)

That 2002 paper talks about oracular problems: You have a function that's a black box - you can't find out anything about it, but you can provide inputs and observe outputs. The problem is to determine some property of that function with as few input-output exchanges as possible. Quantum walk can do that strictly faster than any conventional algorithm (where "faster" is in terms of complexity, not wall clock time, since obviously we haven't specified how fast a QW or conventional computer we're talking about).

Later papers mostly seem to be about various kinds of search problems, set and group problems, graph problems - that sort of thing.

Some of these are just polynomial improvements. For the triangle problem, for example, conventional can do it in O(N1.4), while QW apparently gets that down to O(N1.297), according to the Always-Reliable source. Obviously you need a fairly big graph before that makes much of a difference,1 even assuming your QW is as fast as your conventional machine (and no, it won't be). But for some other problems QW might be useful in practice.

Seriously, I am amazed at the lengths people will go to say "I couldn't be bothered to look this up, but I sure will spend some time letting you know that!".

1Well, if my back-o'-the-envelope scratchings are right, it actually saves you about 25% of the queries for a million-node graph. So if your QW machine is really close in speed to your conventional one, it might be worthwhile. But then I'm not sure why you're trying to solve the Triangle Problem in the first place. What do you have against triangles, huh?

1
0

Ex-CIA man fingered as prime suspect in Vault 7 spy tool manuals leak

Michael Wojcik
Silver badge

Re: consent is not involved in the definition

the definition of 'pornography'

A definition of pornography. Regardless of the provenance of that definition, it does not have authority over the language, much less the users of that language.

0
0

Mike Lynch's British court showdown v HPE pushed back to 2019

Michael Wojcik
Silver badge

His lawyer, one John Keker, lamented after his client was found guilty: “It is a shame that the United States Department of Justice lent its support to HP’s campaign to blame others for its own catastrophic failings.”

He has kinda got you there HP.

I'd say there seems to be plenty of blame to go around. HP's catastrophic failings don't excuse misrepresentation by Hussain. Keker's complaint is irrelevant.

0
0
Michael Wojcik
Silver badge

Re: Caveat Emptor

Some non-techie folks take a different view. Here's one such.

No, the blog post at that link is talking about a different CFO - Hussain. The "then CFO" in the post you quoted is Lesjak, per the Reg story that TonyJ subsequently linked.

So: HP CFO Lesjak objected to the deal, and was forced out for her troubles. Autonomy CFO Hussain was not investigated by UK authorities (that's the thrust of the piece you linked) but has recently been convicted by US ones.

As far as I know, Sushovan Hussain never worked for HP (though I haven't found anything online to confirm that definitively). In any case, he certainly wasn't "within HP" prior to the acquisition, so the blog post you referred to isn't relevant to the claim you were responding to.

0
0

It's 2018, and a webpage can still pwn your Windows PC – and apps can escape Hyper-V

Michael Wojcik
Silver badge

the monthly patch, which has probably been released [many] weeks before the earliest practical weaponised exploit is written

It's good to know that wild optimism still exists in the world of IT.

It's depressing to see that it's being applied to IT security.

0
0
Michael Wojcik
Silver badge

CVE-2018-8170

The actual text of the CVE says "Windows kernel image". Nothing about "image processing". Technical details are still hard to come by, but I think the image-processing idea is a misapprehension by Chris.

So if you want a trivial remote compromise out of this batch you'll have to use CVE-2018-8174, I'm afraid.

0
0

Windows app makers told to think different – you're Microsoft 365 developers, now

Michael Wojcik
Silver badge

Shibboleth o' the day

Microsoft shined the spotlight

Ugh. Can we have our dominant irregular form back, please?

0
0
Michael Wojcik
Silver badge

Re: That video...

using Outlook on the desktop searching O365 Exchange back-end simply does not work reliably

Outlook search has never worked reliably - not when searching the server, not when searching offline folders, not when searching personal folders. I run "advanced" Outlook search frequently, and it often comes up with matches outside the search scope, while missing matches in it. On the other hand, it's also mind-bogglingly slow.

If Outlook saved messages in mbox format (dumb as mbox is1), or any other sensible format readable by text-processing utilities, I could find-xargs-grep2 a hell of a lot faster and more accurately than using the god-awful Outlook search mechanism.

1I know, I know. The mbox format dates back to BSD Mail and was used because prior to the frag filesystem, BSD wasted a lot of then-precious disk space if you had a lot of small files. It also didn't deal particularly well with directories that contained a lot of links. Thus mbox and its concatenation of lots of messages into a single flat file. Why MUAs like Thunderbird continue to use it, rather than putting messages in separate files, is a mystery, though.

2Cygwin, if you're wondering. I now have a Win10 machine (alas), but it's easier to keep running Cygwin than mess about with Microsoft's Linux integration. Back in the days before Cygwin, I used Windows Services for Unix (with a brief flirtation with AT&T's U/WIN), and Cygwin was an improvement. Maybe Microsoft have gotten better at this, but they'd need to be a lot better before I'm willing to incur the opportunity costs of switching from Cygwin.

0
0

Red Hat smitten by secure enclaves 'cos some sysadmins are evil

Michael Wojcik
Silver badge

Re: Totally agree with first two posters...

Is it time to start thinking about applying fuzzing to the secure enclave yet? That may be the only way to find the seams in that code.

It's not like people haven't already found problems with, say, Intel's SGX. Or with other secure enclave implementations.

0
0

Fresh fright of data-spilling Spectre CPU design flaws haunt Intel

Michael Wojcik
Silver badge

Re: RISC-V

No announced RISC-V silicon is susceptible

Correct. But there's nothing stopping anyone from making a RISC-V CPU that does spec-ex. RISC-V does not prevent Spectre; not using spec-ex prevents Spectre. And you can make a processor for any ISA that doesn't do spec-ex.

There are non-spec-ex ARM CPUs (eg Cortex-M1). If you can find an Intel Atom made before 2013, you'll have a non-spec-ex x86 CPU. You could fab your own non-spec-ex MIPS CPU. Grab some Z80 cores for old-fashioned 8-bt non-spec-ex fun, and so on.

There's nothing special about RISC-V in this regard. It's simply a historical accident that no one's made a spec-ex RISC-V CPU.

0
0
Michael Wojcik
Silver badge

Re: Bifrication of compute resourses

All of the spec-x side channels that I am aware of have to do with cache flushing, for a suitably broad definition of "cache".

The original Spectre paper suggested some others, such as ALU contention. Whether those leak information at a rate fast enough to be useful to an attacker remains to be demonstrated, as far as I know.

Sorry about not being clear wrt TCE. I'm specifically ruling out consumer processing, or any environment wherein bad applications might be run, such as anything AAS.

Ah, OK. Thanks for the clarification. Agreed, if the system doesn't run code in different privilege domains, then you don't have to worry about intra-system side channels. (You might still have to worry about side-channel leakage outside the system, but that usually requires physical proximity, at least for a sensor to pick up the leaked information.)

2
0
Michael Wojcik
Silver badge

Re: Bifrication of compute resourses

basically require that you double the amount of silicone

Whoa, now. No need to go all Bulgarian on us.

in trusted computing environments, all of that can be skipped

Citation, please. What sort of TCE are you referring to? None of the ones I'm familiar with are guaranteed to block all side-channel information leakage.

You're correct that discarding spec-ex and blinding side channels are both likely to be prohibitively expensive, and the many people crying for "Spectre fixes" clearly don't understand the problem. But by the same token, holding up any technology or architecture as the solution is suspect. There aren't any silver bullets.

3
0
Michael Wojcik
Silver badge

Re: VMs and Cloud Services

As a question: is current Big Iron immune to any or all of this?

What Big Iron are you thinking of? IBM's z CPUs have speculative execution, and so almost certainly have Spectre-class vulnerabilities.1

To be honest, much of the security of zOS comes from better operational security: more monitoring, more restrictions on outside access, etc. In particular, it's obviously very helpful for security that random users aren't installing software on zOS, running browsers on it, and so forth. The security facilities in zOS (mainly SAF plus RACF, ACF, or Top Secret) are nice, but they're not a silver bullet.

Mainframe hackers like Phillip Young and Dominic White have shown just how very vulnerable many zOS installations are in practice. People leave APF-authorized libraries wide open; they put sensitive data in hidden 3270 fields; they use well-known credentials.

1Meltdown is a subset of Spectre, where the information leakage crosses a privilege boundary and not just a process-isolation one. Meltdown-class attacks have primarily been demonstrated for Intel CPUs, but some others (e.g. some ARM cores, though I think those designs are not yet in production) have been shown to be potentially vulnerable as well. In any case, Spectre is the real story; Meltdown is just a particularly enticing subplot.

1
0
Michael Wojcik
Silver badge

Re: "Protecting..customers’ data..ensuring the security of our products are critical priorities"

Personally speaking, things like RISC-V can't come soon enough.

RISC-V has its advantages, but immunity to Spectre-class attacks is not one of them.

Of course, it's possible that someone will eventually ship a general-purpose machine which 1) uses RISC-V cores that do not have spec-ex; 2) is suitable for your purposes, including in its performance; and 3) isn't prohibitively expensive (economics of scale still apply, after all). But getting the performance most users (personal and commercial) want without spec-ex is not going to be easy - pipeline stalls are hard to overcome.

2
0

Heir to SMS finally excites carriers, by making Google grovel

Michael Wojcik
Silver badge

Does it come on a bun?

Business messaging emerged as the secret sauce for RCS, in a world where SMS is an all-you-can-eat commodity, O'Byrne said.

Let me see if I understand this. Something I can eat in unlimited quantities is bad. Something covered in sauce (well, secret sauce) is good. At least if that sauce is made out of "business messaging", which I think is just a blend of hollandaise and idiotic jargon. What if there's an unlimited buffet of sauce-covered foods?

The real mystery, though, is that you continued to listen to O'Byrne after he said that. I'd've left.

2
0

The Sun will blow up into a huge, glowing bubble of gas during its death

Michael Wojcik
Silver badge

Re: Star-lifting

It might also get a touch warm, although I guess you could do it at night

Stand in Mercury's shadow and use a really long spoon.

4
0

Google Pay heads for the desktop... and, we fear, an inevitable flop

Michael Wojcik
Silver badge

"I WOULD CAPS LOCK THIS, BUT I AM ALREADY AT MAXIMUM CAPS LOCK."

(Alas, a bit of searching failed to find the original, so that's from memory. Apologies for any errors in the quotation.)

1
0
Michael Wojcik
Silver badge

it's so much easier than pulling out your wallet

It may well be easier for you than pulling out your wallet. For me, it wouldn't be; for one thing, my wallet doesn't require unlocking.

Not everyone is you.

(For the record, I didn't downvote your post. I'm just pointing out that it's suspect to claim something is better for other people.)

3
0

Blame everything on 'computer error' – no one will contradict you

Michael Wojcik
Silver badge

Re: Best photo tagline!

I am honestly worried about the future sometimes. I might be a spring chicken at 30 laps around the sun, but today's youth....

Learned helplessness.

At my first (and, I think, only) job involving a cash register,1 the machine in question was an old mechanical model which could add and ring up the total. It did not compute change (or multiply, or know the price of anything, etc), so we counted out change by hand. It was an ice cream shop in a mall, so on weekends around the holidays it got very busy indeed, and we all got very fast at counting change.

That was many years ago, but I can still usually figure my change before someone using a modern register reads the total and decides what to give me back. It's always pleasant when I run into a cashier who's as fast as I am. There's one shop I frequent where most of the staff can; I don't know if it's just practice or if they're actually trained in it.

In any case, my point is that having the register tell the cashier how much change is due is unhelpful. Counting up change manually from the sale amount seems to be faster and more accurate than counting out an amount given by the machine. I suspect register vendors and merchants did not do much usability testing.

1Similar to a till, but with more syllables.

0
0

FTC Commissioner refuses to budge until Trump fulfills promises

Michael Wojcik
Silver badge

Re: Doesn't this raise more of a question....

Oh, I don't know. Whenever I'm in a room with a lot of Delta employees, I'm usually ready to get out of it as soon as possible. Maybe Wilson felt the same way.

4
0
Michael Wojcik
Silver badge

Re: More proof

And up for a Nobel Peace Prize

Along with 215 other people, and 114 organizations. Lots of people can nominate someone for the NPP, so lots get nominated.

Admittedly, the committee's decisions on awarding the prize have often been questionable (the terms of the prize are a factor here, since it largely prevents getting any historical perspective on individual recipients), but being nominated doesn't mean much of anything. Just that you have a fan somewhere among the rather large body of potential nominators.

6
0
Michael Wojcik
Silver badge

So she won't step down until she's appointed as a judge?

She won't step down before the end of her term. Which, I believe, ends in September. We're talking about the difference of a few months.

4
0

The Register - Independent news and views for the tech community. Part of Situation Publishing