Slashdot Mirror


User: LordLimecat

LordLimecat's activity in the archive.

Stories
0
Comments
10,208
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,208

  1. Re:Those performance numbers are BS on Toward An FSF-Endorsable Embedded Processor · · Score: 2

    it's clear that you're used to the x86 world

    And there arent any processors AFAIK outside of the x86 / x64 world that can match Intel and AMD designs in raw performance-per-watt. Trying to claim otherwise is dishonest, and as parent mentioned if it were true the top supercomputers wouldnt be wasting their time on Intel and AMD parts.

  2. Re:Those performance numbers are BS on Toward An FSF-Endorsable Embedded Processor · · Score: 3, Insightful

    well, tell you what, rather than accusing, why don't you ask me to ask them

    Its not a matter of asking. If someone could match even a 2-gen old i7 design on 3 watts, they would have done so by now, undercut Intel, and made zillions. They cant, because Intel processors are really good and their R&D budget dwarfs the budget of most US states, not to mention they own their own fabs and are 1-2 generations ahead of literally everyone else in process scale.

    Even without deep technical knowledge, it doesnt pass the smell test.

  3. Re:No plans for LLVM on Multi-Server Microkernel OS Genode 12.11 Can Build Itself · · Score: 1

    Theres nothing wrong with artificial market segmentation. However, it IS the reason I went with AMD, since theres no reason to burn $300 for processor features that every AMD processor comes with.

  4. Re:No plans for LLVM on Multi-Server Microkernel OS Genode 12.11 Can Build Itself · · Score: 1

    For the record, I just built my home computer with 8 cores and 32GB of ram for around $450-500. For buying AMD I also get AES acceleration, ECC support, turbo clocking, all of the virtualization features, and a number of other features that simply arent available on Intel till you hit the i5/i7 level.

    If you can show me how I could get 8 cores or the equivalent for heavily nested virtualization labs (ESXi / HyperV on top of Workstation) on the intel platform, I would be interested; however everything I saw indicted that I was looking at about $200-400 more for "usually faster, but not necessarily on VMWare". Keep in mind that hyperthreading isnt the same as AMD's 8 cores, particularly when it comes to virtualization.

  5. Re:I Wonder? on Windows XP Drops Below 40% Market Share While Windows 8 Passes 1% · · Score: 1

    Then just start typing on your keyboard and a filtered list of apps will appear just like they did with Vista and 7's start menu.

    AFAICT that only shows metro stuff. For example, when i type "Windows update", it does not bring up windows update; likewise typing "notepad" brings up no results. I tried it as well with a freshly installed program (I think firefox?) and that did not appear either.

    To launch the non metro version of one of those progs I ended up browsing to program files, which is kind of obnoxious.

  6. Re:I Wonder? on Windows XP Drops Below 40% Market Share While Windows 8 Passes 1% · · Score: 1

    Its a huge pain to deal with Metro constantly lurking in the shadows, only to pounce on me when I least expect it.

    Incidentally, I still cant figure out where Im supposed to go to launch non-pinned non-metro apps. Hooray for useability!

  7. Re:How does this work? on Matthew Garrett Makes Available Secure Bootloader For Linux Distros · · Score: 1

    , you can examine exactly what you're booting and know that your system isn't lying to you.

    You could already do that by stopping the boot prior to loading the MBR code, for example with a bootable disk (Ubuntu, Windows Defender Offline).

  8. Re:How does this work? on Matthew Garrett Makes Available Secure Bootloader For Linux Distros · · Score: 4, Insightful

    Why couldnt the romanian hackers use the signed chainloader to load their code?

  9. Re:How does this work? on Matthew Garrett Makes Available Secure Bootloader For Linux Distros · · Score: 1

    All politics issues aside, it seems like a signed grub loader completely removes all benefits and problems with secure boot-- now a virus could use the signed chainloader to load its own code, and then load windows, which basically makes it as if secure boot didnt exist.

    Or am I missing something?

  10. Re:Looks like the school district on Virus Eats School District's Homework · · Score: 1

    the registry in Windows is a giant mess that regularly gets corrupted.

    [Citation needed]

    Generally those "registry not found issues" are caused by failing hard drives; it could just as easily be a missing fstab or partition table.

  11. Re:Looks like the school district on Virus Eats School District's Homework · · Score: 1

    The point is that driveby infections are every bit as possible on OSX and Linux as they are on Windows, which has been proven in real world situations.

  12. Re:Looks like the school district on Virus Eats School District's Homework · · Score: 1

    I think I would agree that if an OpenBSD laptop meeting the minimum requirements was entered into Pwn2Own, it would likely never get hacked (for one reason or another) :)

  13. Re:Looks like the school district on Virus Eats School District's Homework · · Score: 1

    SELinux isnt something that was built in "from the ground up"; it was tacked on by the NSA after the fact, and is absent from most consumer Linux distros. I will grant both that I dont know a whole lot about it (other than the high level "heres what it does") and also that its probably more granular than stock Windows, but thats not terribly relevant-- the topic was "ways stock Linux is more secure than stock Windows", and SELinux is very much NOT "stock".

    But it also probably came from the fact that in Windows - even the Windows NT line - security was an after thought,

    Lets be real here: Security was an afterthought everywhere. Windows' history may be particularly bad here, but noone (other than some of those crazier BSD guys) can really claim to have security "from the ground up". Im not clear why you think security was an afterthought in the NT line, either-- XP had everyone admin by default, but this was mostly because 90% of software vendors are incompetent at running without admin privileges, something that continues to persist even into Win7 days. You certainly could run as a standard user in XP and get a great deal of protection, however.

    That said, Linux/Unix also have the ability to use ACLs. But most don't as they are inferior to other technogies that are available. So they only get used when integrating with Windows sytems.

    I understand that you can get a bit more granular with extended ACLs, but that theyre not always supported and still not quite as granular as NTFS ACLs. I wasnt aware that there were other technologies available for that sort of thing, what were you referring to (sincerely curious)?

    MS only focuses on user-experience in so much as it drives a business purchase decision; not because it makes a better user-experience.

    I mean, they kind of ARE in the software biz to make money, so yes their focus is on generating sales most efficiently. But I worded it as I did because I cant for the life of me figure out how Windows8 drives business purchasing decisions-- Microsoft does seem to care about home user experience to try to chase down this tablet market.

    And the FOSS world is coming around on the user-experience area - especially KDE; but it takes time and resources, which are typically lacking.

    That may be, but "user experience" isnt generally the first and primary objective, flexibility appears to be.

  14. Re:Looks like the school district on Virus Eats School District's Homework · · Score: 1

    Its nice to know that there are others out there who can use Linux without thinking the security world revolves around it. Maybe theres hope for slashdot yet.

  15. Re:Looks like the school district on Virus Eats School District's Homework · · Score: 1, Interesting

    Dunno, but in linux system daemons run under all sorts of users. eg apache, smmsp, daemon.

    Your examples are bad. The windows equivalents also run under non-system accounts. IIS has its own account that it uses to run under. Most services that you install aftermarket generally recommend that you install under a separate user account-- although, as in Linux, you have the option of being unwise and running with root privileges.

    Windows was a free for all desktop OS thats been upgraded piecemeal over the years and it shows.

    Windows NT and above were built from the ground up for privilege separation. I could just as easily remark that ACLs and Mandatory Access Control were bolted onto Linux after the fact; AFAIK you cannot for example grant "create folder" access in Ext3/4 without granting delete folder, create file, delete file, and change permission rights as well-- at least not without using something "bolted on after the fact"

  16. Re:Looks like the school district on Virus Eats School District's Homework · · Score: 0

    For starters, to be clear by "tightly integrated" you mean "Windows ships with IE dlls in Programfiles", right? And are you telling me you can remove Safari from OSX?

    Unless Im mistaken, your driver "processes" in OSX run with kernel privileges. I would be interested to know however whether processes like dhcpd on OSX are running in user mode, and why on earth you think that would be a good idea security wise. Generally on WIndows we like to reserve the right to change IP addresses to administrator only, for example.

    SetUID is, unless im mistaken, seen as a BAD security idea-- you generally dont want a normal user launching a program that runs with root, and Windows already has a method of stripping privileges from a process. Wikipedia for example notes why it is NOT a security improvement to use SetUID.

    I dont really think any of these are terribly good examples.

  17. Re:Because that's a strawman premise. on Virus Eats School District's Homework · · Score: 1

    Everything you said ignores that the most common virus vectors dont care what OS you are using; if you have a plugin installed, you are technically vulnerable regardless of platform. It is true that if you use OSX you will likely simply get overlooked as its easier to simply target the larger Windows market share. However, last time I checked this is known as "security by obscurity", and is generally ridiculed as false security-- though it may in some sense "protect you", it isnt really doing anything to stop someone who wants to take you down, it just makes them less likely to pick you to target in the first place.

  18. Re:laptops not desktops so you need a managed wifi on Virus Eats School District's Homework · · Score: 1

    Just about every consumer grade AP supports MAC filtering. User has virus (detected by the IDS)? Blacklist his MAC. Hey look, crisis averted.

    Most also support WPA enterprise, which provides for per-user authentication. User detected with virus? Remove his account from RADIUS. Oh hey look, he can no longer auth to the network.

    There are a million ways this could have been averted, if there had been a focus on security. I wont deny that its certainly easier to simply blame the operating system for the bad practices, however.

  19. Re:Looks like the school district on Virus Eats School District's Homework · · Score: 4, Interesting

    Windows however does not have privileged separation from the ground up

    What do you suppose UAC is? And what do you mean "from the ground up"-- NT "from the ground up" has notions of users and different privilege levels that possibly eclipses the Unix world in scope and granularity.

    Why do you think Chrome has robust sandboxing on Windows, but not on other platforms? As I recall, the reason the Chrome team gave was that, quite simply, Windows had better supported mechanisms for stripping privileges from processes (I believe they mentioned there was a way to do the sandboxing, but it used a little-used method that was not recommended on Linux).

    Im not a Linux guru; Ill admit that. But Im not aware of a bog-standard Linux or Mac install having the ability to set permissions and privileges on specific processes completely aside from the context that launched them; or being able to set permissions on specific entries in a particular plist file (the equivalent of per-key permissions in the windows registry). As I recall, Windows also has more robust ASLR-- or at least did for many years-- than Linux or Mac, earlier support for DEP, and more granular ACLs on its default filesystem.

    I really dont want to get into a "this OS is better than that" argument, because different philosophies went into each, and each has its strength. OSX focuses heavily on user experience. Linux focuses heavily on modularity, flexibility, and extreme hackability. Windows tends to focus on business and end-user experience, but without as much focus on OSX; there is also, however, a very big focus on security given all the bad press Windows has had over the years. It has very much undergone trial by fire, and to some extent that makes me less inclined to just say "go OSX; it has 0 track record with thwarting viruses, but Im sure it will be fine". Most big viruses I see either tend to be on XP holdouts, or else tend to be removable in a few minutes due in large part to UAC.

  20. Re:Looks like the school district on Virus Eats School District's Homework · · Score: 2

    As I recall, ever since Pwn2Own started, every single year with perhaps one exception the fully patched OSX box running safari was the first to fall.

    There may be many reasons that Macs tend not to have a perception of "virus prone", but "theyre more secure" isnt one.

  21. Re:Looks like the school district on Virus Eats School District's Homework · · Score: 0

    Can you please explain in what regard the security on OSX or Linux (a standard desktop distro) are superior to Windows 7 / 8?

  22. Re:Looks like the school district on Virus Eats School District's Homework · · Score: 2

    Are you sure that wasnt a popup crafted to look like a non-browser window? That is a very common method of enticing people to click on them, and to run the files it downloads.

    Alternatively, perhaps you should visit the Mozilla Plugin Check:
    https://www.mozilla.org/en-US/plugincheck/

    If you truly got a driveby virus, your plugins are out of date, or your browser is. For the record, this is easily possible on Linux and OSX as well (and has been demonstraded before, and each year at Pwn2Own).

  23. Re:Looks like the school district on Virus Eats School District's Homework · · Score: 0

    Its been about 3-4 years since a PoC cross-platform PDF exploit was released demonstrating arbitrary code execution across all major platforms (Linux, Windows, Mac-- each launching its respective platform's calc program). These days almost every single exploit that hits a windows box uses a cross platform plugin.

    Has it occurred to you that the reason you dont hear more stories about Flashback-style viruses on Mac is threefold:
    1) Viruses these days are extremely sophisticated at hiding themselves;
    2) Windows, with the history it has, has a number of highly sophisticated tools at detecting them; and
    3) Macs do not, and it is thus likely that any such infections would be completely unnoticed?

  24. Re:Looks like the school district on Virus Eats School District's Homework · · Score: 2, Insightful

    The premise-- that Macs somehow are immune to viruses-- is utterly ridiculous. Was everyone sleeping when each of the last several years' Pwn2Owns resulted in OSX falling first (I think that this year they did better)? Was everyone sleeping when Flashback hit and everyone was astonished that OSX has bugs just like every other computer program on the planet?

    If they had a rampant virus despite having antivirus and filters, then I know several things: They were granting admin privileges to the users and / or their AV utterly sucks (what kernel-mode antivirus gets thwarted by userland viruses?); they dont have a functional update system; and their network controls are inadequate.

    I would note that, even if the premise were correct ("Macs dont ever have malicious programs"), this incident would demonstrate that the infrastructure simply wasnt there-- if youre giving very young, possibly irresponsible kids network access with semi-controlled devices, it behooves their IT department to make sure one clever and devious kid cant bring everything down. This demonstrates that they havent thought that through. I recall when my college got hit by Blaster, the IT staff started blocking MAC addresses that were infected. This was about 10 years ago; theres no excuse for not having similar capabilities now, not when there are so many low-cost managed switches out there.

  25. Re:what?? on Hello, I'm a Mac. And I'm a $248 Win8 PC. · · Score: 1

    Im going to bet you reboot your desktop linux system to install new kernels, and to test new bootloader installations.

    Im also going to bet that you dont have the ability to selectively apply patches using the default package manager. For better or worse, Windows does updates quite differently which allows programs to keep just working regardless of what updates are done to the system. It has downsides, but I rather like that a random apt-get upgrade wont break my music player or vmware client.