100 posts • joined 23 Jan 2015
Google's internal network carries more bandwidth than the public internet. Source: when I worked there.
It does seem odd
The usual pattern is for later entrants to learn from the failures of earlier ones. Of course the hype for Skylab was...hype, but it still looks really bad that this is an uncontrolled reentry. Yes, hauling fuel up there just to bring it back down would be expensive, but this could (and therefore should) have been a triump.
I recently had an opportunity to look into the budgeting process for our port authority. They use non-GAAP numbers. No accounting for deterioration of physical assets. No accounting for code compliance (which they weren't super keen on doing at all). Cash flow only. So no, don't assume anything about what the munis are doing to have their numbers low.
Every business wants to have a monopoly for itself and wide open competition for its supplies. That allows them maximum profit. The cable companies have taken over the ISP business because of their sweatheart deals with the munis. Strip them of that, and maybe I won't break out in derisive laughter if you mention "free market" in relationship to the ISPs.
Except for taxes. See the 1993 tax bill for an example. And someone's wife having her pay moved into 1992 to avoid it.
Not just flour. The dust that happens when you pile a lot of wheat (or sorghum) into a grain elevator also does well. There have been a number of explosions, with varying numbers of dead humans, throughout the US, especially in the Midwest. I don't seem to hear about them as much any more--which is hopeful.
Read the label
NOTICE: This processor NOT authorized for use with classified material.
Every processor every sold to the public by IBM, Intel or AMD for at least the last 30 years. Think about it.
Re: That defence does not stand to scrutiny
Not only no, but hell no. I was at AMD for several years. The bad blood between those two is really, really bad. But the reason no is not hate, it is intellectual property theft. There is no way for AMD to trust Intel not to steal from its designs. (Again, if the first-hand report I got was correct.)
Re: "missing bounds checks, and a specially crafted certificate can lead to a stack overflow.""
I graduated in 1996 in, erm, mathematics, not cs. I had to learn to be a programmer on the job. (I had been hacking away for 15 years prior, but hopefully you all know the difference.) In 1998, I saw some bios code. I was utterly appalled. It was the nastiest code I had ever seen. Fortunately (for me), I was only tasked with interpreting, not fixing the mess. Somehow, I doubt that these sidecar computers are much better...
ALWAYS check the packaging, folks. I'm pretty certain that EVERY Intel, AMD, and IBM chips ever sold to consumers contained in the packaging the following notice: "This chips is not certified for use with classified information". Usually in bold. The same is very close to the front of the architecture manuals. I would dig mine out for reference, but they are in boxes in a garage somewhere...
This is the importance of Intel's "works as designed" element in their press release. Hate on it all you want, this is not a "bug".
BTW, I've turned off the L1 cache and/or the L2 cache for some reason or the other in the past. If you think 5-30% performance degradation is bad...
Re: Which Intel CPU's
Out of order is not the same as speculative. You can do OoO for everything but branches and computed loads, and no instructions will be speculative. Better dig deeper into the specs.
Re: timing attacks
High-resolution clocks to user space have been a known source of side channel attacks for a long time. (decade???) Moreover, nanoseconds are synthetic unless your distances are measured in single-digit inches. If your code needs this stuff, it is either very specialized or wrong. If your desktop is running that many, you probably are running some garbage code. AFAIK, user space has been limited to 1ms because of this.
Amazingly, perhaps, it turns out that even a 1ms timer is probably sensitive enough to dig this stuff out--you just do the thing many times & watch the averages.
Getting this right will be HARD.
Re: OK, I'll bite
I spent 10 years in microprocessor validation--basically from the start of the speculative execution era. I've got some ideas about what might be done to mitigate this sort of thing in hardware. The obvious solution for Spectre would be to add some bits of the pointer to the head of the page table into the branch history table indices. Doing this, however, would require committing to an architectural feature which really, really is not something that you want to commit to.
The next thing to consider would be to add cache state to the speculative state that gets rolled back on a branch mispredict. You create an orphan pool for the caches, and pull those back. This would be quite expensive, depending on how completely you want to block such an attack. It is FAR from clear to me how such an orphan pool should be treated to avoid a variant of such an attack that takes the orphan pool into account.
If the papers are accurate, and modern CPUs really do have close to 200 instructions in flight, you would need at least 600 cache lines in your orphan buffers per level of cache--probably a lot more.
Re: Were you expecting us?
It's the spacial distortions by all the black holes that make the Kessel run so interesting. Really good pilots can thread the needle and do it in 14 parsecs. There is a legend, though about one guy...
Re: Dont for get supporting hardware..
Depends. Is Cisco know for unhackable gear?
Re: x86/x32 Linux / Windows affected?
PPro is a 32-bit processor, and is affected by the bug.
Re: How does knowing where imply knowing what?
Sadly, the attack is not limited to this case. Specifically, OSes typically terminate processes that attempt to access memory they should not. Remember, "Illegal memory access, process has been terminated" from Winblows 95?
To avoid this fate, the attack code needs to ensure that the speculative fetch of protected memory never gets checked. They either need to branch around it, but in such a way that the branch prediction logic incorrectly predicts that the fetch will occur; or by deliberately triggering an exception. The former strikes me a REALLY tough to do reliably. Of course, you need to play some sort of game with the OS to get the return from the exception to be other than the code that will shut you down--I think that is doable.
Re: Non-cacheable data on x86-64 ?
Intel's particular vuln occurred because they effectively allowed kernel memory to be cached in user-translatable memory. This doesn't have anything to do with physical cacheability.
Re: What I don't understand
Because security exploits occur when someone thinks about something that the creator did not. Once the idea has comes, the first one with it has a good chance of being able to use it on multiple creations.
I spent 10 years doing microprocessor validation. This was my first idea. Then I realized that the OS never sees the instructions that fetch the cache line. <doh> Note that it might be easier for attack code to do a divide by zero to cause an exception than to outsmart the branch prediction hardware.
During my ten years, I did my share of fussin' & cussin' about designers just doing things wrong. But I'm also a mathematician. My brain is wired for this stuff, and it STILL took years & years of my professors pointing out where my errors were before they even began to think about letting me into the program.
This is a side-channel attack on the warmth of the cache. If you think you can, please detail how the hardware can prevent such an attack without substantially compromising performance. I've got some ideas, but after realizing that my OS fix would not work, I'm going to shut up about them for a while...
Re: " don't run untrusted code"
Don't try to apply for a job. Ever.
If that is it, then the SFLC were at best idiots. The SFC starts out in an adjacent space. Their potential to branch out into the SFLC space had to be obvious from the start. More likely, the SFLC set up the SFC with the trademark dispute as insurance against competition coming up down the road (as it has). Of course, the SFC folks should have seen this, and started with a name that gave them more space, but no one would try a stunt like this if it never worked...
Re: Their ideo of racism is probably different from yours...
Only if you insist that only the nationalist socialists are the only socialists that practices incremental tyranny. 25 million under Stalin--dead. 50 million under Mao--dead. One-third of the population under Pol Pot--dead. And from North Korea to Rwanda to Nicaragua to Venezuela socialists have continued tyranny by these methods.
It is only the speech of the impolite that needs protection.
Ever hear of the network effect?
I cannot believe how many times some ******* responded with "You don't like Twitter's actions? Start your own." Even worse is that they were never challenged. Google tried to take on Facebook. Failed. Microsoft tried to take on Google. Failed. No one making this argument is being honest.
Following the US Civil war, the majorities in many Southern states implemented aggressive social and even legal restrictions against blacks. "You don't like it? Leave." A lot did--Chicago, New York, Pittsburgh, Kansas City. Where can I go to regain the ability to speak like the rest of society should I be banned (or shadow-banned)?
Apparently, he has stepped down. It's a shame that such a head could be mislead by such a head.
Yes. El 'Reg should have pointed this out. I am certain that the scientist in question knew whom he was paraphrasing, and expected his audience to know as well.
Re: DNS scales ...
One dozen? You poor summer's child. Try turning on NoScript or uMatrix. Be prepared for a bout of depression.
Beer, 'cause you're gonna need one.
Re: Single precision?
As usual, It All Depends. The industry has become accustomed to using DP, so of course using SP for DP-designed algorithms is problematic. BUT, if you know what you are doing, you can get whatever level of precision you need, so long as you know what the hardware will do. It can be slow, of course. But suppose you have an algorithm that requires DP-level precision for some concentrated 1% of its work. Even if it costs 10x as much to achieve on SP-hardware, you still are way ahead as long as the remaining 99% only costs 60% as much to run on SP as on DP.
Personally, I would be shocked if these were fullly IEEE-754 compatible at all. Certain parts of that standard are EXTREMELY expensive to support. I advocated for IBM, Intel, and AMD to get together and repudiate IEEE-754 in the late nineties. Instead, we got the rise of graphics chips--which don't support IEEE-754. (I'm mostly talking about denormals here.)
Re: "At the moment, the only real solution is to use..."
Unfortunately, Mozilla has made some sort of deep change to Firefox's API, and this has made NoScript unusable. I'm finding uMatrix is getting me there.
Re: Pay dirt
I stay away from game sites myself, but I suspect that they are poorly situated to make use of mining. Gamers tend to be fanatics about system performance. Mining directly degrades performance. Not a good match. As opposed to a site that publishes in depth articles.
There is a difference between the technical & political aspects of this. Mirroring systems in general have a fragility that serious businesses cannot afford, and from the technical side, this is nothing more than a move to a more robust system.
It all boils down to who you trust to control the information that you MUST have to operate. I don't care if it is DNS files, SSL certs, os ISOs, ruby gems, python eggs, or shopping lists. There are a lot of ways that the master records can be compromised, and if you cannot afford to have your mirror return bad data, then you have to buffer changes in such a way that you at least have the ability to roll back problematic changes more or less instantly.
It makes no more sense to me that a national government unconditionally trust the root zone files than having its currency printed offshore.
Technically, this is a big, fat 0.
Politically, it is another matter. Putin & co have been quite aggressive about their efforts to control information flow to their people. Being an ISP there must be quite interesting--they have certainly come to the attention of important people. How you feel that compares to the West is your business. Externally, this is very much about soft power--Putin attempting to increase his influence at the expense of the West. Hardly news. But not to be ignored, either.
As for the ITU--guys if you think the country governments are corrupt & dominated by big business, you REALLY ought to look at how messed up the UN & partners are. A lot of these countries don't view graft as a problem at all.
Re: Because you can't be arsed
The last Firefox update rendered noscript unusable. Also a couple websites unviewable.
Re: Yet Another startup "discovers" formal development process can be quit useful.
I see you noted the increase in computational power over the last 40 years. Did you also notice the increase in program size? What you are talking about is a human process involving tribal knowledge. Neither fully scales. What does scale are changes in what we are allowed to do in the first place. Tired of fails for zero-terminated strings? Use counted strings. Tired of fence post errors when enumeration collections? Use iterators specific to the collection. Memory leaks are much less of a problem with garbage collection. And so on.
Unfortunately, I don't see any of this built into the Etherium VM. This would be great comedy if the stakes were not so high.
Still beating this drum.
Blockchain is an incredible technology that is going to make huge changes. Eventually. But we've got this weird situation where we have entered the early phases of explosive hype growth while the technology is still very much in an exploratory phase. The folks using it now are not "early adopters"--there is nothing really to adopt just yet. They are speculators. The engineering work to figure out just what this technology can and should be made to do is really just beginning. But since the hype has overtaken things already, the serious workers are being swamped with the usual circus acts. I expect that it is going to take some major fails (as if what we've already seen does not count!) to get folks to understand just how hard this class of programming really is.
This explosive technology is currently in the hands of children.
Re: Change to code to require only majority of signatories?
Presumably, a fix along these lines is not available. In order for these contracts to be at all credible, they have to be resistant to certain classes of modifications. AFAIK, the entire point of a blockchain is that all future changes depend on prior ones--the only way to go back is to recompute every hash in the chain since the offender. In a case like this, where there is no dispute as to who should be the owner of the coins, there should be some constructive solutions that the community can support.
35PB ? What about the Internet?
I know one company whose data is measured in a larger scale than that. There is no way that these guys are archiving anything beyond a thin slice of the net. This explains why I wasn't able to pull comments from an old website--they just never archived it.
The big issue
Blockchain is the BIG DEAL technology. Coin is a substantial use of the technology, which itself can enable many other things. These major fails of coin are slowing the exploration into blockchain.
Re: RE:What is the end goal of these ridiculous crypto-currencies anyway?
I first heard about crypto-currencies on the cypherpunks mailing list in the '90s. They confused the heck out of me then. Now, I think that they might be valuable as recompense for driving the blockchain. The blockchain is a really powerful technology, and once the adults get control of things, will be huge. Think about ecommerce around '95 vs today.
As for the intended end goal? As I recall from Tim May's .sig line, next after "digital cash" was "revolution". That is, he and others envisioned a future where social structures radically shift power away from central governments.
We shall see.
Re: People seem to think this is a unexpected consequence of YT's ad model.
> The only way to have a service like youtube kids be completely safe is for the content to be reviewed *by a human* before publishing.
Nope, sorry. The Silver Dove stuff most definitely was reviewed by a human. What you might think is acceptable for my children could be quite unrelated to what I think is acceptable.
You let your kid play on the information superhighway?
I had this conversation with a libertarian-leaning Catholic in 1994. The internet has NEVER been safe for children, and it cannot be made so. I'm not just talking about the gay nazi dating sites. I'm talking about things like SilverDove--"Sharing the love of Jesus Christ with Catholics". I kept my kids off the net for as long as I could. Eventually, I gave in and allowed access to a supposedly conservative kids writers site. I got to have "the talk" less than six months later. I suppose if I had believed my own warnings, I would have had the talk before letting her on.
Re: Starting Out
Huh. Checking back to see if I had missed any responses, and I really like this one. So I went for the upvote.
I'm sorry. Did I say it was "bad"? The industry as a whole is trying to figure this stuff out, and Google is naturally at the forefront of a lot of it & therefore making lots of mistakes. Mistakes that hopefully later entrants will be able to skip entirely.
The only thing I was trying to point out is that one of their earliest mistakes was to use the wrong people for the job of SRE. Again, this happened before they even understood that SRE was something that needed to be created, so it's not "bad" in the sense of "worse than other places", but merely "worse than someone whose not been there might expect".
Former Google SRE here. What folks don't understand is just how big Google really is. Google is figuring out how to do SRE as we speak. And they have so many applications that you cannot simply decree best practices throughout the stack.
The legacy system problem is significantly worse in Google SRE than in most places because the original work was done by sysadmins. These guys were and are smart and dedicated, but they had the skillset and mindset of sysadmins, not professional programmers. As such, a lot of the legacy software is unmaintainable, and requires deep or complete rewrites.
And the whole thing is just so big that you just cannot know where all the wtf's are lurking, let alone which ones are likely to bite you next.
So there will be major fails. What will be interesting to watch is what their incident rate looks like compared to AWS at similar points in maturity. I don't think they claim to be caught up already.
Types of infinity
It is a common error to conflate "the universe is infinite" with "there is an infinite amount of matter & energy in the universe" with "the average density of matter & energy over large enough scales is roughly equal infinitely many times". With "there are an infinite number of locally identical spaces in existence." A implies B implies C implies D.
To see what I mean, consider a universe where the total mass/energy out to a distance of 10 bly was X, but the total mass/energy from 10 bly - 20 bly was X/2, the total from 20 bly - 40 bly was X/4, etc. In this case, the majority of the universe is already in advanced heat death--no reason to expect infinite anything that matters to physics. So A > B.
My intuition says B > C strongly, but I'm having difficulty with a demonstration.
C > D is trickier, but you can see this by thinking about it in terms of entropy. You can have an infinite number of high-entropy states, which do not support life on "earth", and only a finite number of low-entropy states, which do.
To my knowledge, astrophysicists appear to talk in terms of the diameter of the universe being a single-digit multiple of the diameter of the observable universe. Which is a long, LONG ways from being infinite.
I just cannot get over the feeling that Etherium is lacking in adult supervision. According to comments I've seen, the first big bug was due to integer overflow. In 2017. THIS bug has this tremendous impact because people continued to trust the _same_ dev team to the point that they did not audit the code. When big G gave us Stagefright I and II just a couple of years ago.
I can almost get that these mistakes might happen in the first place. I cannot get at all that people don't respond aggressively to fix the major malfunction when they do.
It's not just the twats. There are people who are highly dedicated to causing mass mayhem. Suppose ISIS decided to focus on developing cyber jihadis? That "car" telling you what's going on around the corner? It isn't. And if you think that ISIS & friends will never be a problem, what about China & Russia? Putin has already attacked the Baltics, albeit without intent to kill anyone. We just had articles yesterday talking about how easily AIs can be tricked into misclassifying pictures. Put 2 + 2 together.
I stopped using cruise control almost immediately because I recognized this. Having grown up on the farm, I had logged thousands & thousands of hours on the tractor before I was doing highway driving with a car, so I was probably more sensitive to the loss of focus.
How exactly is this news? As mentioned, this vuln was published, and fixed years ago. I suspect these two academics are making noise to try to land a grant or something.
Yes and no--and mostly no. It is true than in WWII, we decrypted 95% of Japan's top-encrypted code and <30% of their less encrypted. But their top-encrypted system was not field-mobile. (Same issue in Europe, as I understand it.) You can only afford so much encryption--which is why AES does not use 8196 bit keys. Mobile hardware operates under a lot of hard constraints--encryption becomes something else you pay for.
Certainly, if any level of encryption carried the same cost as the highest, then I would encrypt my laundry list and rickroll. But it does not.
Re: Future Order under Future Orders
Re: That's why you should avoid turing complete languages when possible
Please stop referring to Etherium smart contracts as "Turning Complete". Contracts require gas, which must be bought in Eth, which costs real money to mine or to purchase.