13 posts • joined 11 Oct 2014
Re: For those who happen to know where a cash machine running a 15-year-old C3 might be found
Sonicwall 2040. Still running.
Artificial intelligence... or advanced imitation? How DeepMind used YouTube vids to train game-beating Atari bot
It looks they just copy the actions of a player making the best moves, and compare the result with the "average" player: the reward is based on a comparaison to the frame of the best move at the same time for the same game.
A real "learning" would consist in training on a variety of games but performing on a different dataset ( different games ). For me it looks like they just overfit on a specific game.
This is a new way of programming. Developpers of sendmail did not bother about anything but relaying emails.
for images too
There is a serie a "déception challenges" on kaggle like this one:
You have to modify an image so that a human won't notice the difference but certain classifiers will be fooled.
But deep learning is not the only victim. For ages english people ask me about the kind of "messages" i am looking for or to repeat some Peter Sellers lines..
Re: Easy to mitigate
Not0etya used afmin logins. Not vulnerabilities.
It was installed by sysadmins. It did not use internet access.
None of your procedures would help. Not a bit.
1/ lvextend , resize2fs
2/ vg is full
2a/ physical server: replace first raid1 disk with a bigger one. Wait for sync. Replace 2nd drive. Create new array. Pvcreate vgextend go To 1/
2b/ virtual server: virsh attach. . Pvcreate.vgextend.go To 1/. Or shutdown ,take snapshot. Create bigger volume. Swap disk in vm. Boot. Fdisk. Pvresize. Go To 1/
3/ fix the crap and/or provision more storage.
4/ by the way: check backups are still working
The median for example
Re: A simpler solution?
Won't protect you from key longer, camera + microphone hijacked, unencrypted memory access, graphic card, unencrypted network communications, USB storage access... no, running a vm on a compromised hypervisor is not a good idea.
Re: So how will this work?
Yes but we don't have the details of how it will work.
They say : "enabling HTTPS for your site will be as easy as installing a small piece of certificate management software on the server" .
If this means that a daemon runs on your server, generates private key + csr and send it to a CA, it is very likely that the "management software" will be exploited, sooner or later.
Let's assume it updates itself automatically - a "best practice" nowadays - it will be out of the control of the admin of the server.
You can argue this is already the case with many components on the client and server side, so maybe one more will not make a huge difference. But from the paranoid point of view you can't accept it as really secure solution.
Re: A major obstacle to encrypting everything
No, TLS is a requirement for SNI support, but it is not enough by itself. There are clients which support TLS but not SNI.
Re: Sni limitations.
I manage several sites with audience in europe, us and latin america, ie8 / winxp traffic is still something can you can hardly discard because "they should upgrade".
I suppose it would be even much more the case if we had customers in China. And I would like very much to have customers in China, and I would certainly not prevent them to pay for content because their browser is not sni capable.
SNI is not supported by ie 8 / win xp ( which supports tls ). It can make up significant percentage of your audience
So if you have a merchant site for example, this is not always something acceptable. Note that you can use a single certificate with multiple alternate subjects, but it is not practical for mutualised hosting.
If these certificates are not signed by an authority already installed in more than 98% of Web clients, the whole thing is pointless.
Re: ...or what it might look like.
I have one. I like it, even with win8, the weird keyboard and the impossibility to replace the battery.
Unlike an android tablet it's a real pc and it's lighter than most laptops, with a great screen and a good battery life.
The main issues are the price and the locked container. no drive / memory / battery swap. Maybe they will fix it on the 4th generation.