66 posts • joined 23 Jan 2015
35PB ? What about the Internet?
I know one company whose data is measured in a larger scale than that. There is no way that these guys are archiving anything beyond a thin slice of the net. This explains why I wasn't able to pull comments from an old website--they just never archived it.
The big issue
Blockchain is the BIG DEAL technology. Coin is a substantial use of the technology, which itself can enable many other things. These major fails of coin are slowing the exploration into blockchain.
Re: RE:What is the end goal of these ridiculous crypto-currencies anyway?
I first heard about crypto-currencies on the cypherpunks mailing list in the '90s. They confused the heck out of me then. Now, I think that they might be valuable as recompense for driving the blockchain. The blockchain is a really powerful technology, and once the adults get control of things, will be huge. Think about ecommerce around '95 vs today.
As for the intended end goal? As I recall from Tim May's .sig line, next after "digital cash" was "revolution". That is, he and others envisioned a future where social structures radically shift power away from central governments.
We shall see.
Re: People seem to think this is a unexpected consequence of YT's ad model.
> The only way to have a service like youtube kids be completely safe is for the content to be reviewed *by a human* before publishing.
Nope, sorry. The Silver Dove stuff most definitely was reviewed by a human. What you might think is acceptable for my children could be quite unrelated to what I think is acceptable.
You let your kid play on the information superhighway?
I had this conversation with a libertarian-leaning Catholic in 1994. The internet has NEVER been safe for children, and it cannot be made so. I'm not just talking about the gay nazi dating sites. I'm talking about things like SilverDove--"Sharing the love of Jesus Christ with Catholics". I kept my kids off the net for as long as I could. Eventually, I gave in and allowed access to a supposedly conservative kids writers site. I got to have "the talk" less than six months later. I suppose if I had believed my own warnings, I would have had the talk before letting her on.
Re: Starting Out
Huh. Checking back to see if I had missed any responses, and I really like this one. So I went for the upvote.
Re: Starting Out
You don't generally make press releases out of "hello world". More than that, the issue is that the approach is in the wrong direction. It's like someone learned the secret of turning it off and back on again and announced to the company that they were now a computer expert. Sure, they can solve a bunch of trivial problems this way, but the approach is so limited that it should not count for anything.
This is the real issue. Show me a neural net that derives a general rule for swapping two edge pairs, and from that how to twist two corners and I will be impressed. (This is what I did, by the way, as directed by the SciAm article.)
Until then, it looks to me like a fancied-up compression algorithm.
I'm sorry. Did I say it was "bad"? The industry as a whole is trying to figure this stuff out, and Google is naturally at the forefront of a lot of it & therefore making lots of mistakes. Mistakes that hopefully later entrants will be able to skip entirely.
The only thing I was trying to point out is that one of their earliest mistakes was to use the wrong people for the job of SRE. Again, this happened before they even understood that SRE was something that needed to be created, so it's not "bad" in the sense of "worse than other places", but merely "worse than someone whose not been there might expect".
Former Google SRE here. What folks don't understand is just how big Google really is. Google is figuring out how to do SRE as we speak. And they have so many applications that you cannot simply decree best practices throughout the stack.
The legacy system problem is significantly worse in Google SRE than in most places because the original work was done by sysadmins. These guys were and are smart and dedicated, but they had the skillset and mindset of sysadmins, not professional programmers. As such, a lot of the legacy software is unmaintainable, and requires deep or complete rewrites.
And the whole thing is just so big that you just cannot know where all the wtf's are lurking, let alone which ones are likely to bite you next.
So there will be major fails. What will be interesting to watch is what their incident rate looks like compared to AWS at similar points in maturity. I don't think they claim to be caught up already.
Types of infinity
It is a common error to conflate "the universe is infinite" with "there is an infinite amount of matter & energy in the universe" with "the average density of matter & energy over large enough scales is roughly equal infinitely many times". With "there are an infinite number of locally identical spaces in existence." A implies B implies C implies D.
To see what I mean, consider a universe where the total mass/energy out to a distance of 10 bly was X, but the total mass/energy from 10 bly - 20 bly was X/2, the total from 20 bly - 40 bly was X/4, etc. In this case, the majority of the universe is already in advanced heat death--no reason to expect infinite anything that matters to physics. So A > B.
My intuition says B > C strongly, but I'm having difficulty with a demonstration.
C > D is trickier, but you can see this by thinking about it in terms of entropy. You can have an infinite number of high-entropy states, which do not support life on "earth", and only a finite number of low-entropy states, which do.
To my knowledge, astrophysicists appear to talk in terms of the diameter of the universe being a single-digit multiple of the diameter of the observable universe. Which is a long, LONG ways from being infinite.
I just cannot get over the feeling that Etherium is lacking in adult supervision. According to comments I've seen, the first big bug was due to integer overflow. In 2017. THIS bug has this tremendous impact because people continued to trust the _same_ dev team to the point that they did not audit the code. When big G gave us Stagefright I and II just a couple of years ago.
I can almost get that these mistakes might happen in the first place. I cannot get at all that people don't respond aggressively to fix the major malfunction when they do.
It's not just the twats. There are people who are highly dedicated to causing mass mayhem. Suppose ISIS decided to focus on developing cyber jihadis? That "car" telling you what's going on around the corner? It isn't. And if you think that ISIS & friends will never be a problem, what about China & Russia? Putin has already attacked the Baltics, albeit without intent to kill anyone. We just had articles yesterday talking about how easily AIs can be tricked into misclassifying pictures. Put 2 + 2 together.
I stopped using cruise control almost immediately because I recognized this. Having grown up on the farm, I had logged thousands & thousands of hours on the tractor before I was doing highway driving with a car, so I was probably more sensitive to the loss of focus.
How exactly is this news? As mentioned, this vuln was published, and fixed years ago. I suspect these two academics are making noise to try to land a grant or something.
Yes and no--and mostly no. It is true than in WWII, we decrypted 95% of Japan's top-encrypted code and <30% of their less encrypted. But their top-encrypted system was not field-mobile. (Same issue in Europe, as I understand it.) You can only afford so much encryption--which is why AES does not use 8196 bit keys. Mobile hardware operates under a lot of hard constraints--encryption becomes something else you pay for.
Certainly, if any level of encryption carried the same cost as the highest, then I would encrypt my laundry list and rickroll. But it does not.
Re: Future Order under Future Orders
Not for average programmers?
The article misses the point here. So long as ETH can be readily converted to a major currency, there is real money at stake. While I encourage and any all to play with the language in sandboxes at the like, the fact that https://solidity.readthedocs.io/en/develop/frequently-asked-questions.html#what-does-the-following-strange-check-do-in-the-custom-token-contract is part of the faq scares me. What that check does is see if you are ready to write actual contracts. (If you have to ask the question, you are NOT ready--no guarantees the other way.)
No, serious crypto is beyond the reach of average programmers. That's why libraries are provided. If the libraries that are available are too hard, then more accessible ones can be created. But no amount of libraries can prevent the types of errors that happen when people lack the training in this stuff. This goes beyond RTFM. It's more like Take the Fine Class.
Additional anonymity = better for ANYONE who doesn't care to have their every financial transaction followed by everyone from Google to what ever LEA that happens to have a snooper installed somewhere on the planet.
Re: 2.5 million Ether is $2 ?
Gas != Ethereum. It is purchased WITH Ethereum, and its price can fluctuate. https://coinmarketcap.com/currencies/ethereum/ suggests (right now) that one ETH is worth about $300.
But $1/vote is awfully high for anything short of serious transactions--which is probably a good thing. Cutting the price by more than half is great, however. Note that as the value of ETH goes up, the cost of gas goes up as well, so increasing the popularity of the network will raise the costs of voting.
Re: That's why you should avoid turing complete languages when possible
Please stop referring to Etherium smart contracts as "Turning Complete". Contracts require gas, which must be bought in Eth, which costs real money to mine or to purchase.
This. CRCs are perfectly valid checks in many situations. The only real question is if the corner of the world where SHA-1 continues to make sense is worth the effort.
Re: It's rather fitting
Smart contracts run on a finite amount of gas, and are therefore not Turing complete. And by finite, I mean "must be bought with Eth, which costs real money".
Nested virtualization is a stopgap. When you are talking containers, it quickly becomes apparent that they need to be nested. Given the low overhead, this is not an issue. But that 10% or more overhead for nested virtualization.... Basically, it gives you time to figure out how to move to containers.
AIR from the discussions regarding the first observation, 30 solar masses is about the limit for "primordial" black holes. These were formed directly from hydrogen clouds, and have not had any substantial mass gains since.
Re: "But do logicians even know this?"
We know that there are true statements that cannot be proven. IMHO, this is in the class of problems which might, just might, actually be unprovable. So yes, either P == NP, or P != NP, but we might also get a proof that we cannot prove P == NP (or not) with standard set theory. Oddly enough, the latter might be provable with standard set theory....
Re: Oh well, Every failure is a dress rehersal for success. *
I've not gone anywhere near the problem myself, but intuitively, the proof almost has to be nonconstructive. A constructive proof would mean that given any validation algorithm, you construct an algorithm of proof with the same (or better) O(n) characteristic.
Huh. I'm finding the opposite. Most placing saying devops seem to want a sysadmin that knows chef. As a SW guy, I view devops as creating sw tools based around the expertise of the sysadmin. By population, I expect to see more dev than ops. But those ops guys are the ones whose brains have the data that we are pushing into code.
Ansible considered harmful?
What I don't get about Ansible is that they encode Turing-complete logic in a system that REALLY does not want to support testing. ???
Huh. Three C-level resignations & a 25% stock drop. This might just be enough to get folks to take security seriously.
Re: Share Price
There are 3 out there. And this does not affect their customers. Think about it.
Of course, the other problem is that if you are talking to an IoT potential employer, and you bring up security concerns, they "decide to look for additional candidates". This is worse than the Corvair.
What I don't get is why the big players are using off-the-shelf solutions at all. Experian uses Struts? Why? At least make the bad guys research your specific software.
I know--that would cost money.
I've been up close & personal with the process in Texas. I assume most other states are similar. The scantron ballots (fill in a bubble, just like in school) are by far the most secure system. The only way for electronic balloting to come close would be for the machine to print out a paper ballot that was then reviewed by the voter. This is still not as good, because most voters would not check the printed ballot very closely.
Why the transition? Nasty politics. Election officials don't like the election judges. Someone's brother-in-law is a consultant for a company. Someone's brother-in-law knows how to hack the machines. Uggh.
Justice delayed... That fine should go to the AMD shareholders at the time of the offence. Then another one to the consumers for the fact that Intel's monopoly is now effectively unconstrained.
Optional security is optional?
I really don't get that this is a bug. More like an IQ test.
Former Google SRE here--not on GCP.
Cloud operations has never been about more servers = more stability. Or even ==. Cloud operations give you the ability to improve stability, but this requires that the entire stack be engineered to operate in this fashion.
1) Datacenters can be taken down for routine or emergency service. This can be at the power or water distribution level (although I only observed it at the power level). If you are not in multiple regions, you are NOT HA. If you are in multiple data centers, but they are on the same maintenance schedule, you are NOT HA.
2) OS & firmware upgrades on the underlying hardware, both routine and emergency, happen. If you cannot handle 5% of your servers being down (in addition to a couple of datacenters are down), you are NOT HA.
3) Changes happen. Tracing problems back in a stack as tall as exists at a cloud is not easy, because the entire point of separating the layers is that coordination is not required.
4) I'm not sure that AWS qualifies as having a mature offering. Google never claimed that they would be mature out of the gate. There are major differences in providing external services to internal, and Google appears to have been honest that it is going to take time to match AWS's maturity. The monthly fails during 2016 were certainly undesirable, but I don't even know if I would consider them embarrassing _at the time_. Now would be embarrassing. But we're not seeing that failure rate.
There is a systemic bias against conservativism and especially libertarianism in social media. And it has nothing to do with the 100-to-1 donation imbalance by middle- & upper-management.
Conservatives & libertarians have a standard response to material which annoys them. They tend to walk away. Maybe they don't return to the site. Maybe they block. Maybe they scan passed. Democrats & socialists tend to want to eliminate the material. So they mark "offensive". They report "abuse". They make sure all of their friends know about it, too.
So even if the systems to identify problematic content are mechanically neutral, the systemic differences in behaviour are going to create severe imbalances.
Throw in the fact that the left is now comfortable with assaulting people they don't like on the streets & we appear to be living in interesting times in America.
I did microprocessor validation at AMD & IBM. Verifying that the Si matches the gates matches the design is a solved problem. You can use formal methods down to the gates. And when the Si comes back, you actually cut some of them up if necessary. But in general, you don't. Cycle accurate simulators are required for serious designs, and you can compare results. This can be quite difficult on a full CPU, but on a boot processor--I expect that making this step easy is one of the design criteria.
And Lenin. And Ho Chi Minh. And Mao. And Pol Pot. And everywhere that Socialists solidify their power. Not just Nationalist Socialists.
Re: The more i read about America...
And...now we see why these leaders want to block folks.
Official communication or not, being blocked does not prevent you from receiving the communication any more than being left off a mailing list keeps you from seeing the mail. Far less, in fact, as I am sure that the commenters here know. Anyone can set up a lurker account that follows & never posts. It's only when you think that you are so special and clever that you should be able to interfere with the attempt of an elected official to communicate to the public that you will be banned.
I really, REALLY don't see how this goes anywhere.
Would it make sense to arrest him right before BlackHat or after? If you do it before, the arrest becomes a major topic of conversation at the conference. And there's already a serious long spoon relationship there.
Do you try him in the US or Britain? I seriously doubt that the FBI would proceed without a significant back-channel discussion with their equivalents. That depends on several things. Where are the witnesses? Which legal environment is better (for the prosecution)? Which team has evidence that they can disclose without compromising important secrets? Of course, if the real goal is simply to roll the guy, then certainly he can expect a warm reception when he returns home.
You only receive a public defender if you convince a judge that you lack the means to hire your own attorney. (Source: I've seen judges make that determination.) Unless they froze his bank accounts, that won't be an issue. And if they DID, there will be a gofundme that will do just fine.
I certainly agree that it is entirely possible that this is some sort of petulant behavior on behalf of one of our TLAs, or someone well-connected to them. OTOH, this case is going to have the attention of the entire security research industry. Thirty years ago, the five eyes probably could have blown this off. Not any more.
My wild speculation? If he strongly protests his innocence, then there will be a very large group of highly experienced and talented people looking to demonstrate that innocence by figuring out who the actual author is. And whoever succeeds gets a significant career boost. And makes the FBI look like chumps. The FBI knows this.
I expect that the FBI really believes that they have him. It's one thing to have a technically adversarial relationship with the security community. It's another to go to war.
The default model for docker image use is in practice fatally flawed from a security standpoint. There is simply no way to credibly confirm that all of these images are properly secured. If you want to take someone's build file, examine it, and build your own image, which you host yourself, great. Anything else is just running a script from the internet as root on all of your machines.
I love Docker as a technology. But it has to be in a securable environment.
For folks on the other side of the pond, conservatives have been calling CNN the "Clinton News Network" since the Clintons were a thing. I find it really weird that people from the land of the Sun and Mirror would fail to recognize the long-run blatant partisanship of CNN. CNN has every right to publish pretty much whatever--but when they try to claim objectivity while doing so, that it a problem.
What I find fascinating is the subcontext. Everyone knows that WWF & friends are completely staged. The gif could have easily been claiming that the very public antipathy of our president and CNN was staged for the benefit of both.
That this article completely failed to note that the threat of DOXing might lead to further criminal charges, and that THIS might be an issue as well is interesting, too.
Common, folks. This dump occurs just over ninety days after the theft was announced. How often has m$ managed a patch that fast? And for no-longer-supported OSes? If there is a fix in the next month, we will KNOW that the NSA has been working with m$ on this...
Re: No, it's not settled
I don't know if I'm giving you too much credit, but you are very much conflating issues here. 1) The security of the people as a whole against bad actors who use e2ee in the commission of their crimes, and 2) the security of the people as a whole as they use e2ee to protect themselves against bad actors wanting to snoop on, or interfere with, their online communications.
To clarify your use of Zimmerman's metaphor, the envelope exists to prevent people from reading the letter who should not. It also servers as a guarantor that the letter really is coming from whom it says.
In particular, MITM attacks on financial transactions rely on strong encryption. With weak encryption, they entire online marketplace (to include online banking) becomes intractable. E2EE is not required for this only because we assume that the people at the ISPs are good actors who have not been compromised in any way. This has always been a dubious assumption, and is becoming moreso with time.
Moreover, if you have strong crypto, then e2ee is straightforward to implement. And it does NOT particularly stand out, because many streams are of already encrypted data. This last move in the US to explicitly allow ISP commercialization of our online activity driving more of this.
Finally, the issue with the key under the doormat is, well, key. If some form of backdoor were implemented, its existence would be known for months or even years before implementation. The details, including the master keys, then become target #1 for every cracking operation on the planet. Most notably foreign intelligence services. Is there ANYONE that would make a bet that the system would remain intact for five years?
We're the cable company. We don't have to care.
I was doing fine until you got the the part about the ISP caring what you think. These companies are well & truly hated by the consumers, and for good cause. Sure sign that this is not a free market...
Haven't really had the pain of using C++ yet, so I took a look at C. I'm not particularly up on that either, but I found some hair-raising stuff in the integers section, to wit: "INT30-C-EX2: Checks for wraparound can be omitted when it can be determined at compile time that wraparound will not occur. As such, the following operations on unsigned integers require no validation:
Subtracting any variable from its type's maximum; for example, any unsigned int may safely be subtracted from UINT_MAX.
Now admittedly, this is in the subsection on unsigned ints, but to leave something like this just hanging there is begging for someone to get it wrong.
It gets better. (worse)
"INT30-C-EX3. The left-shift operator takes two operands of integer type. Unsigned left shift << can exhibit modulo behavior (wrapping). This exception is provided because of common usage, because this behavior is usually expected by the programmer, and because the behavior is well defined. For examples of usage of the left-shift operator, see INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand."
NO IT IS NOT! (Of course, they are contradicting themselves here.)
I've not been confirming this recently, but 15 years ago, both X86 & PPC processors had a very odd behaviour regarding regarding overshifting. They were (are) intended to support MP computations, but unless you have been told, or have done the experiments, you do NOT know the actual behaviour of these operations. What I do know is that I blew the minds of some folks who had just taken a Scala class by demonstrating the behaviour.
The integers are a strange and chaotic set. Integer registers are for the damned and the insane. That CERT would issue rules without making VERY clear just how dangerous the very things it is discussing are is...disturbing.
Re: Good advice but
BS. I spent eight years in asm because that was the only language that could handle the problem I was addressing. Going back up to C was astoundingly painful from a performance standpoint. MP computations without the carry bit? Here--let's just throw away half of our register size & reduce speed by a factor of four. Check for integer overflow? Let's see... Nope, that won't work. Naw, that won't either. Good thing I spent a lot of time working with registers--I would hate to think what would happen if someone without such experience tried this!
For absolutely critical performance, you want access to the parts of the instruction set that C denies you.
Biggest is safe? Hah!
By your logic, the Iranian centrifuges should have been fine. And we DO have at least one nation-state targeting ICSs--as was mentioned happened in Ukraine. In the event of serious hostilities, expect really bad things to be attempted.
Google runs hard lines to its datacenters because its internal network might go down. These things are not optional, and, if done right, can move the decimal point around quite a bit.