Posts by Charles 9 16605 publicly visible posts • joined 10 Jun 2009
" If it can only deliver gigabit throughput instead of 10 gigabit, well, you probably don't care when SCADA data rates are generally measured in kilobits."
Bit Kaspersky's forte is in telecommunications, where data rates in the tens if not hundreds of gigabits per second is becoming old hat. That demands a very tall order: a high-security, high-throughput device. And telecommunications is one of the stated industry goals of this OS.
"The blue screen of death used to be common with Windows 9x/NT/2000/XP, it is pretty rate these days."
You would think something exposed to the public like this would run an OS with a higher degree of reliability, or at least a better way to restart itself unattended.
But these same industrial systems are also expected to be tuned with higher precision. To get that higher precision, you need more readings at a time, which means lower latency. That's especially true in the field Kaspersky is most experienced: networking. If you plan to pass through multiple gigabits of data per second, you're talking a maximum lag time in the nanosecond. range. For turnarounds that quick, you MUST cut the processing time to the bare minimum, and that usually means getting close to the metal. Microkernels block this because they prevent close-to-metal access. Indeed, one caveat of seL4 is that the formal proof only applies if you disable DMA; guess what's one of the most common ways to reduce latency?
"Unless your brain stops working while you're playing, it means doubling the amount of heat your head must dissipate."
How is +10W double 20W (this adds up to 30W, a 50% increrase, vs. 40W)? Plus this is exposed to the outside so at least has other avenues to vent heat.
"If the heat can't get to your head due to an insulating air gap, and can't escape the device very well due to lack of moving air, then it will get hotter and hotter until it is so hot that even passive cooling, slow moving air and yes an insulating air gap between it and your (much cooler by comparison) head can be more easily crossed because of the larger temperature difference."
You forget the thermal insulating layer between the air, the CPU, and the housing, which will be even more difficult to penetrate since it will be designed for the purpose. And you're talking as if 10W, spread all around your head like a halo, is a big thing. It's already been mentioned the brain generates 20W on average already. Plus even if air is a poor thermal conductor, it's at least greater than zero.
But your headlamp concentrates that heat at one spot on your head. With a wraparound design like Hololens, they can spread out the heat generators so instead of one 10W hotspot, it's several 2-3W spots spread around your head; you're less likely to feel several smaller hotspots. Plus with smaller hotspots, it's easier to find ways to dissipate the heat through thermal conduits and so on.
Unfortunately, yes. Efficient code by its very nature leaves tells. The only way to remove the tells is to drop fake tells, which ruins your efficiency. It's one reason privacy-oriented networks perform so poorly; there's simply no way around it.
I'll give an analogue. How do you avoid being tracked if there's only one way in or out of your neighborhood (meaning disguises won't work)? The only way left is to use dupes to confuse your pursuers (that's what Harry Potter was forced to use in Deathly Hallows if you'll recall).
In other words, anonymity and attestation are directly at odds. Attestation is required to ensure people don't vote twice, yet this in and of itself is also proof you voted. In order to avoid vote tampering, you MUST have a means to verify your vote, and THAT provides a means for a third party to pressure you because they can construe a means to shoulder-surf your vote.
In other words, how can you be sure your vote counts without opening up the possibility of outside pressure on the votes?
"and an independent observer who have no incentive to collude."
There's ALWAYS an incentive to collude: bribery or blackmail are always available, so how can you be sure the "independent" observer really IS independent and not subverted behind your back?
Thing is, given the average human male's weight of 80kg, and given your average joint has about 5mg of THC in it, the math seems to indicate that THC will be the least of your worries when it comes to dying on joints. Now, the impurities and so on are another matter. Plus there's always the psychotropic X-factor (which is how many stoned people tend to get into trouble--not from the joint but from the things they were doing while high).
1. Depending on the location, radar may not be an option because it'll interfere with other radio operations. Also, these things are pretty small and usually made of plastic with a reduced radio reflection so may not trip most radar systems without raising the risk of false positives (think of the thing going off when nearby birds fly past).
2. Programmatic one-way drone flights will leave no radio signature. And if the transmitter is on a mobile base, or multistatic, it'll be hard to pinpoint.
3. A coordinated effort can distract the guards (say start a fight) while the payload is dropped off and secreted away.
PS. To the guy who suggested a truck-mounted trebuchet, something that big will be hard to erect, take down, and/or disguise in a hurry (the moment you launched, odds are someone will notice you and jot your plate). Also, the net can be very flexible and made of strong cords that give some, allowing it to absorb impacts and render it resistant to blunt-force penetration (the whole rig would give first before it broke), leaving direct cutting or going over, both of which have countermeasures against one-shots while a drone can perform a sustained effort.
PCI and PCI Express are not fixed buses. You have to POLL them to learn what they house. Universal Serial Bus has to be polled. So does 1394 IINM. Unlike with most ARM configurations (fixed memory map), the system doesn't know what's in the system at the initial bootup, and the configuration change at runtime (like with USB and 1394 which can hotplug).
No, because if I can control a process's logging, I can do this, too (note, in this example ONE process wrote this):
[ rogue ] Something innocuous happened
[ fake process ] Something fake happened
How do you keep a rogue process from making a fake tag when the process can match any tagging the logging system uses?
"syslog tells you - both process name and PID. So your mythical pwned process could put whatever it likes on the line after that - but only the truly clueless would not notice that the very beginning of each line tells you exactly where the message came form."
The fake process newlines its log and creates a fake tag that ticks all the marks. And the log has to be able to newline in case of structured text output like a hex dump.
"Bollocks. I really hope you do not work with computers."
Bollocks on the bollocks. If you say a log can be reliably kept with nothing but ASCII, explain how you can say a coin landed edge when all you have to work with is a single bit: 1 or 0? Language can hit limits. Just as some things simply cannot be expressed in a yes or no, so some things cannot be reliably said in just ASCII. That's why there's such a thing as necessary complexity.
How do you know which process REALLY said what if all you have to work with is ASCII, which the pwned process is fully capable of using as well, meaning there's no way to distinguish a well-disguised fake log output pretending to be another process from the actual process. The range of your output is too limited to properly distinguish between them. Anything you can try to use within the ASCII range to safeguard them, the rogue process can mimic. It's a rogue edge case, just like you have no way to say a coin flip landed edge (the LITERAL edge case) if all you have to work with is 0 (heads) and 1 (tails). See where I'm going with this? Properly safeguarding the log from rogue output requires something beyond ASCII. It's a necessary complexity.
"if someone already owns the box to the extent that they can fake text log entries, they can surely fake binary log entries.."
Not if they only control ONE process (which they're using to post fake log messages using text formatting tricks). The thing with gatekeeping is that it's a lot harder to fake it since the gatekeeper knows which process is emitting which message. And the ONLY way to enforce this is to use a more-complicated logging format that allows for discrimination. You simply CANNOT do this correctly with a text-based log; it's too simple for that. To put it in perspective. If all you have to work with is a single bit (1 or 0), how do you correctly inform when a coin flip lands edge?
"Users who want modern fripperies like an OS that will assume that because you plugged that USB stick in, maybe you'd like to access it, already use Windows or OSX (or more likely, don't own a traditional computer at all)."
And that attitude is why people will never be temtped away from Windows, no matter how much you want them to for security reasons or whatnow. Make up your minds.
"Depends in which country you live in. Anyway, if your money in a bank are in local currency, it won't save you from hyperinflation or sudden devaluation. They will lose value exactly like money in a can."
Not if it's invested in a bank with a different currency.
"In the end, I think it's just Capitalism at work. The healthiest companies survive, those that cannot identify threats and define mitigations fail. Isn't that what Capitalism is all about ?"
Trouble is, capitalism doesn't take collateral damage into consideration, and that tends to have very innocent victims.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
