The approach would actually be much better on non-X86 systems, which usually give you more control of the cache.
On X86 (correct me if I'm wrong...) the only thing you can do is turn the cache on or off. That's it. No separate control of instruction or data cache, no way to lock cache lines in place, no way to say "this range of addresses doesn't use the cache".
On ARM and PowerPC, all of these cache control features have been standard for a decade or more.
This approach is working around the absence of these features on X86. Conventional wisdom is that cache control is only important on embedded systems, but this isn't true - if you're writing high performance code, you want to be able to tell the machine about how memory is used. Sometimes you don't want a memory access to go through the cache (e.g. if you're using a variable once). Sometimes you want to be certain that the cache will be used, as in this case. On X86, this can't be done.
What do logic and computability have to do with the physical Universe? They are mathematical concepts. There is no "Universe with different rules of logic"; that statement is nonsense.
It is 1985. Life is a constant struggle for survival. There is no fast food*, there are no sweets or snacks*, and there are only four television channels. Modems only work at 300 baud and home computers only have 16 colour displays, so the proles are forced to watch their porn on VHS tapes, played by machines that don't even support stereo sound. If they can't afford "a video", they'll have to buy it on the now-obsolete form of media known as "paper". Truly primitive times. It's a wonder we managed to keep our caves warm.
* except for almost all of the brands you see today
But then, the value of a network is related to the number of people on it.
You could pirate, say, Left4dead and then play it by yourself or with other pirates. But you can't take your pirated copy and play with everybody else; the legitimate network is closed to you. Your experience of the game is not as good, because there are fewer players. So there is a good reason to pay up: the game is better if you do!
As malloc is not required to clear the memory it returns, it not doing so does not make it buggy. If it was calloc, then yes, it would be buggy; but for malloc, the only requirement is that the returned memory chunk has the size given to malloc.
This is true; what I mean by "buggy" is that malloc isn't returning the area of memory that was recently freed, but rather progressing through the available memory space, hence obtaining different data each time. I'm implying that free isn't working, or maybe...
Hang on a minute, this whole thread is based on a very silly premise. It's time to stop talking:).
Ah, but do you not see? The only explanation must be that God's malloc is buggy. It must be picking up different data each time, otherwise there would be no point in the comparison. The function searches the memory until eventually it comes up with something that matches God's image, i.e. "vmunix".
We can deduce from this that God's computer not only has a buggy C library but also poor memory protection between kernel and user space. Things have certainly improved in the past 6000 years!
Update, a reply from Be. (I complained about this several hours ago.)
Dear FourthAge, Thank you for contacting us and please accept our apologies for any inconvenience caused. We expect an official statement on this case to be published as soon as possible. In the mean time we would appreciate your patience. Best regards, The Be* Team
I've already complained from their contacts page. Now I am wondering which ISP to move to. Obviously anyone with Phorm is right out (BT, for instance), as is anyone with a strict download cap. Any suggestions?
Like everyone else here, it's not that I want to look at child porn, but rather that I object on principle to censorship. I didn't realise I was helping to fund this sort of thing with my broadband subscription
Extreme example I know, but today it's "criminally obscene content" and "incitement to racial hatred", and tomorrow it's the British equivalents of "Tianamen Square" and "Democracy". If I have a choice, I'm not funding that.
Virtualisation is not free. But it's cheaper than adding a second CPU. And it's more secure than attempting to build the required support into a consumer OS. Hence it is a good solution for this problem. As a side effect, it allows the interfaces used for DRM to be opened, so that both free and non-free software can make use of them.
DRM is easy. On PC/Mac, DRM code contains lots of nasty things in order to detect tampering and prevent circumvention of restrictions, but this isn't necessary in the DRM code used on, say, the XBox 360 because the hardware provides the required services. Dedicated hardware or virtualisation make anti-tampering code unnecessary. This is good, because we don't want that sort of kludge in any part of our systems.
And the "copyright infringement" definition of piracy has been in usage since 1603. Wikipedia has a nice little history of the use of the term. And in any case, what does anyone hope to prove by saying "it's not piracy because it's not robbery at sea?" What do you gain by saying that? It's not like the RIAA are going to string you up on the nearest dockside according to ancient maritime convention.
There is less need for such a scheme today because sequential addresses are not sent across the memory bus. Instead, burst mode is used. A burst is specified by sending a start address and a size. This is necessary because the memory bus latency may be hundreds of clock cycles; bursts are the only way to achieve reasonable bandwidth in such conditions.
So, whats left to do outside the black box, in the open source part of the box ? Not much. Drivers to handle network connection, storage device and User Interface.
Those drivers and the UI are the difficult and expensive bit! The DRM part is actually quite easy. It's a few device drivers, code to move data between them, and something to exchange keys with the server. Of course that could be implemented on top of Linux, but isolation is good, because this part has to be secured against the user. So it should be as small as possible, and protected from kernel bugs or exploits in other programs.
When you already have a CPU running linux to do all the black box stuff, you dont want to add cost by adding another CPU when you have one that can do that and is already running linux....
How about using virtualisation to separate Linux from the black box? Then you have one CPU, but you still have an open system. Use Linux to make the device cheap and user friendly, and use the hypervisor to separate the DRM black box from Linux.
The DRM in the Windows and Mac kernels is doomed due to its lack of isolation from kernel bugs, whether accidental or deliberately introduced. DRM will never work properly in home computers until it is handled in hardware or in a hypervisor, which is of course the solution currently implemented in games consoles. Hypervisor/hardware DRM is actually what we want, because the APIs used to access it can be safely opened for compatibility with free software. Stallman wouldn't approve, of course, but then his computer's CPU has been running non-free microcode for a decade now.
why exactly would a carrier be interested in provide its customers with the ability to run multiple OSs on their mobile devices. And it is far more complicated from a technical and licensing standpoint than on a generic PC.
Maybe because it makes licensing simpler!
Suppose you want your phone to run Linux, and you'd like the users to be able to install their own kernels and whatever other software they want, but you need to stop them messing with the GSM/3G stack in order to satisfy the FCC and the carrier. How do you do it? Answer: use virtualisation to split the software environment into two parts - "secure" and "open". Now your users get what they want (open software environment), and so do the carriers (some parts are still locked down).
This is cheaper than the other way to solve the problem (using two separate computers). It also uses less energy. Even if a company doesn't care about Linux, they might still want to run complex consumer applications on their phones, requiring strong separation of privileges that are hard to assure in a large consumer OS kernel. x86 Windows XP on a phone? With a CPU like Intel Atom, hypervisor-level security and "PC on a chip" hardware, why not?
There's enough reason to do this that all the mobile phone companies are involved with it in some way. Somebody mentioned a Xen version of this VMware system, and there's a port of L4 being made for this purpose as well.
And iTunes is the monster they created. "Hey, let's insist on DRM for all online music stores! Whatcouldpossiblygowrong?" The irony makes me feel all warm inside.
Most of the article seems to be sensible; improve the security of internal air force networks, etc. Can't argue with that. But here:
"You can control your own networks, rewrite your own laws," says Rick Wesson, CEO of the network security firm Support Intelligence. "You can't rewrite everybody else's."
Of course, the Air Force does have a way to rewrite the rules of the entire Internet, although it won't be free. They can get the US government to mandate a change for public networks in the US. That change might affect other countries, who would need to adopt the new standard in order to stay compatible.
A change that I'm expecting is the forced adoption of security certificates. Someday, all Internet traffic will be encrypted, and routers will not permit traffic unless it has been signed by a certificate that has, in turn, been approved by an authority. It's not hard to imagine that this would be proposed as a solution to stop crackers, pirates, paedophiles, spammers, and (of course) terrorists.
To some extent, it might even work! Spam would be harder, so would piracy. Certainly, the days of mass piracy on TPB would be over: online piracy would move to VPNs, which would have to be small, as large ones would be easily detected by traffic analysis. Spammers and crackers would need to steal valid certificates, which could be difficult, as users would most likely rely on their TPM to sign packets for them. The real disadvantage is that Internet users would not be anonymous, which has many unpleasant implications.
I'm not convinced about the credentials of their "security expert". Sounds like more of a "scare story expert". Quoting the article:
He said: 'We have to hope that there are not more of these out there. This is potentially the most serious data loss this country has seen in recent times... Not only would a fraudster be able to take personal details using the tools provided on the lost memory stick, but the extent of the information contained in the source code would allow a hacker to access the Government Gateway's payment systems and even divert tax money into private bank accounts.
I hope none of you are using Linux, because I have the source code, and that means I can hack your system and steal all your money.
Does the Mail have a gallery of these "experts" on standby to give a comment as required for the scare of the day... "Experts say that nobody knows how many paedophiles are molesting your children at this very moment!" "Experts say you could be knifecrimed by a chav today!" "Experts say that Russell Brand might be prank-calling your grandfather RIGHT NOW."
I agree with your general sentiment, that it is good to learn the game without spoilers, but due to the game's difficulty, I found this far too frustrating. The game does not forgive mistakes, and even in explore mode it is easy to get stuck.
I think I have a different philosophical approach to the game. I see it as a black box. Provided you don't open the box and change the rules, you can do anything you want with the information it provides and the moves you're allowed to make. Viewed like this, Nethack is a sort of remote debugging challenge in the form of an adventure game. To understand the state of the game running on the server, you can look at your own local copy, the source code, the spoilers, and everything the server has sent you - if you want. Which is even geekier than treating it as an RPG!
I never managed to complete Nethack until I found the spoilers, which include helpful advice about the best way to approach the game. The dungeons are random, but the structure of the game is not, and the same things will appear in approximately the same places (with different names). Once you have got to a certain depth, you've cracked the game and a win is almost certain.
Whether it is cheating to look at the spoilers is a philosophical question. Cheating is copying a save file or modifying the game - reading spoilers is no more cheating than looking at the source code.
How will Vista (and, indeed, Linux) manage memory across so many cores? The machine can't be SMP, because you can't maintain data cache coherence across more than about eight cores. So it has to have a completely new memory model. I wonder how this can be achieved without major changes to the kernel?
I hear that morphine is also used as a painkiller in Half Life 1 and 2! Apparently it allows the player to function normally even when injured. BAN THIS FILTH!
What is really needed is not so much "open source DRM" but rather (1) standard protocol for transferring digital rights from one person to another, and (2) an "intellectual property registry" to record who has which rights. Think OpenID, plus a list of content you've purchased.
Having "bought a licence" for some music or a movie, you should always be able to listen to it or watch it. But that's not guaranteed when the publisher is the one running the IP registry: we've seen several recent examples of publishers shutting down DRM services and leaving the customers high and dry. If information truly is property, then the IP registry needs to be managed by a trusted third party, independent of publishers and consumers. That way, your IP always retains its value, even as you upgrade your computer, reinstall your OS, accidentally lose files, and so on.
An IP registry doesn't necessarily have to involve DRM. In an ideal world, all files would be trivial to copy, but piracy would be pointless because unauthorised copies would be worth nothing: they wouldn't be recorded in the IP registry, so you'd have no "rights" to them. Maybe they are still worth something to you because you can still watch them on your PC, but everyone else can see that they've been stolen, using a simple check against the registry.
To conclude, I agree that IP rights are important, and I agree with the general sentiment that open rights management systems are needed. In this industry, almost all of us are content creators of some sort: it's in our interests to get paid! But I'd say that these don't necessarily have to involve DRM: the notion of a real distinction between an authorised and an unauthorised copy should be enough.
Slashdot Mirror
The approach would actually be much better on non-X86 systems, which usually give you more control of the cache.
On X86 (correct me if I'm wrong...) the only thing you can do is turn the cache on or off. That's it. No separate control of instruction or data cache, no way to lock cache lines in place, no way to say "this range of addresses doesn't use the cache".
On ARM and PowerPC, all of these cache control features have been standard for a decade or more.
This approach is working around the absence of these features on X86. Conventional wisdom is that cache control is only important on embedded systems, but this isn't true - if you're writing high performance code, you want to be able to tell the machine about how memory is used. Sometimes you don't want a memory access to go through the cache (e.g. if you're using a variable once). Sometimes you want to be certain that the cache will be used, as in this case. On X86, this can't be done.
What do logic and computability have to do with the physical Universe? They are mathematical concepts. There is no "Universe with different rules of logic"; that statement is nonsense.
25 years ago?
It is 1985. Life is a constant struggle for survival. There is no fast food*, there are no sweets or snacks*, and there are only four television channels. Modems only work at 300 baud and home computers only have 16 colour displays, so the proles are forced to watch their porn on VHS tapes, played by machines that don't even support stereo sound. If they can't afford "a video", they'll have to buy it on the now-obsolete form of media known as "paper". Truly primitive times. It's a wonder we managed to keep our caves warm.
* except for almost all of the brands you see today
I'm playing the Versus mode, it is really good. I don't care about the achievements for exactly the reason you mentioned.
But then, the value of a network is related to the number of people on it.
You could pirate, say, Left4dead and then play it by yourself or with other pirates. But you can't take your pirated copy and play with everybody else; the legitimate network is closed to you. Your experience of the game is not as good, because there are fewer players. So there is a good reason to pay up: the game is better if you do!
I think that ISPs should be required to notify us when pages are censored. This is a "you've been censored" page from Demon; but there's nothing equivalent from Be, Virgin, Sky and the rest.
As malloc is not required to clear the memory it returns, it not doing so does not make it buggy. If it was calloc, then yes, it would be buggy; but for malloc, the only requirement is that the returned memory chunk has the size given to malloc.
This is true; what I mean by "buggy" is that malloc isn't returning the area of memory that was recently freed, but rather progressing through the available memory space, hence obtaining different data each time. I'm implying that free isn't working, or maybe...
Hang on a minute, this whole thread is based on a very silly premise. It's time to stop talking :).
Ah, but do you not see? The only explanation must be that God's malloc is buggy. It must be picking up different data each time, otherwise there would be no point in the comparison. The function searches the memory until eventually it comes up with something that matches God's image, i.e. "vmunix".
We can deduce from this that God's computer not only has a buggy C library but also poor memory protection between kernel and user space. Things have certainly improved in the past 6000 years!
Update, a reply from Be. (I complained about this several hours ago.)
Dear FourthAge, Thank you for contacting us and please accept our apologies for any inconvenience caused. We expect an official statement on this case to be published as soon as possible. In the mean time we would appreciate your patience. Best regards, The Be* Team
I've already complained from their contacts page. Now I am wondering which ISP to move to. Obviously anyone with Phorm is right out (BT, for instance), as is anyone with a strict download cap. Any suggestions?
Like everyone else here, it's not that I want to look at child porn, but rather that I object on principle to censorship. I didn't realise I was helping to fund this sort of thing with my broadband subscription
Extreme example I know, but today it's "criminally obscene content" and "incitement to racial hatred", and tomorrow it's the British equivalents of "Tianamen Square" and "Democracy". If I have a choice, I'm not funding that.
I'm right, here is why:
Virtualisation is not free. But it's cheaper than adding a second CPU. And it's more secure than attempting to build the required support into a consumer OS. Hence it is a good solution for this problem. As a side effect, it allows the interfaces used for DRM to be opened, so that both free and non-free software can make use of them.
DRM is easy. On PC/Mac, DRM code contains lots of nasty things in order to detect tampering and prevent circumvention of restrictions, but this isn't necessary in the DRM code used on, say, the XBox 360 because the hardware provides the required services. Dedicated hardware or virtualisation make anti-tampering code unnecessary. This is good, because we don't want that sort of kludge in any part of our systems.
And the "copyright infringement" definition of piracy has been in usage since 1603. Wikipedia has a nice little history of the use of the term. And in any case, what does anyone hope to prove by saying "it's not piracy because it's not robbery at sea?" What do you gain by saying that? It's not like the RIAA are going to string you up on the nearest dockside according to ancient maritime convention.
There is less need for such a scheme today because sequential addresses are not sent across the memory bus. Instead, burst mode is used. A burst is specified by sending a start address and a size. This is necessary because the memory bus latency may be hundreds of clock cycles; bursts are the only way to achieve reasonable bandwidth in such conditions.
So, whats left to do outside the black box, in the open source part of the box ? Not much. Drivers to handle network connection, storage device and User Interface.
Those drivers and the UI are the difficult and expensive bit! The DRM part is actually quite easy. It's a few device drivers, code to move data between them, and something to exchange keys with the server. Of course that could be implemented on top of Linux, but isolation is good, because this part has to be secured against the user. So it should be as small as possible, and protected from kernel bugs or exploits in other programs.
When you already have a CPU running linux to do all the black box stuff, you dont want to add cost by adding another CPU when you have one that can do that and is already running linux....
How about using virtualisation to separate Linux from the black box? Then you have one CPU, but you still have an open system. Use Linux to make the device cheap and user friendly, and use the hypervisor to separate the DRM black box from Linux.
The DRM in the Windows and Mac kernels is doomed due to its lack of isolation from kernel bugs, whether accidental or deliberately introduced. DRM will never work properly in home computers until it is handled in hardware or in a hypervisor, which is of course the solution currently implemented in games consoles. Hypervisor/hardware DRM is actually what we want, because the APIs used to access it can be safely opened for compatibility with free software. Stallman wouldn't approve, of course, but then his computer's CPU has been running non-free microcode for a decade now.
We put our faith in Blast Hardcheese.
Seconded. Since I already see a mention of "Prince of Space" above, I suggest:
Which might actually have been a pretty good sci-fi film if it had made the slightest bit of sense.
Worst. Superhero. Ever.
why exactly would a carrier be interested in provide its customers with the ability to run multiple OSs on their mobile devices. And it is far more complicated from a technical and licensing standpoint than on a generic PC.
Maybe because it makes licensing simpler!
Suppose you want your phone to run Linux, and you'd like the users to be able to install their own kernels and whatever other software they want, but you need to stop them messing with the GSM/3G stack in order to satisfy the FCC and the carrier. How do you do it? Answer: use virtualisation to split the software environment into two parts - "secure" and "open". Now your users get what they want (open software environment), and so do the carriers (some parts are still locked down).
This is cheaper than the other way to solve the problem (using two separate computers). It also uses less energy. Even if a company doesn't care about Linux, they might still want to run complex consumer applications on their phones, requiring strong separation of privileges that are hard to assure in a large consumer OS kernel. x86 Windows XP on a phone? With a CPU like Intel Atom, hypervisor-level security and "PC on a chip" hardware, why not?
There's enough reason to do this that all the mobile phone companies are involved with it in some way. Somebody mentioned a Xen version of this VMware system, and there's a port of L4 being made for this purpose as well.
And iTunes is the monster they created. "Hey, let's insist on DRM for all online music stores! Whatcouldpossiblygowrong?" The irony makes me feel all warm inside.
Most of the article seems to be sensible; improve the security of internal air force networks, etc. Can't argue with that. But here:
"You can control your own networks, rewrite your own laws," says Rick Wesson, CEO of the network security firm Support Intelligence. "You can't rewrite everybody else's."
Of course, the Air Force does have a way to rewrite the rules of the entire Internet, although it won't be free. They can get the US government to mandate a change for public networks in the US. That change might affect other countries, who would need to adopt the new standard in order to stay compatible.
A change that I'm expecting is the forced adoption of security certificates. Someday, all Internet traffic will be encrypted, and routers will not permit traffic unless it has been signed by a certificate that has, in turn, been approved by an authority. It's not hard to imagine that this would be proposed as a solution to stop crackers, pirates, paedophiles, spammers, and (of course) terrorists.
To some extent, it might even work! Spam would be harder, so would piracy. Certainly, the days of mass piracy on TPB would be over: online piracy would move to VPNs, which would have to be small, as large ones would be easily detected by traffic analysis. Spammers and crackers would need to steal valid certificates, which could be difficult, as users would most likely rely on their TPM to sign packets for them. The real disadvantage is that Internet users would not be anonymous, which has many unpleasant implications.
I'm not convinced about the credentials of their "security expert". Sounds like more of a "scare story expert". Quoting the article:
He said: 'We have to hope that there are not more of these out there. This is potentially the most serious data loss this country has seen in recent times... Not only would a fraudster be able to take personal details using the tools provided on the lost memory stick, but the extent of the information contained in the source code would allow a hacker to access the Government Gateway's payment systems and even divert tax money into private bank accounts.
I hope none of you are using Linux, because I have the source code, and that means I can hack your system and steal all your money.
Does the Mail have a gallery of these "experts" on standby to give a comment as required for the scare of the day... "Experts say that nobody knows how many paedophiles are molesting your children at this very moment!" "Experts say you could be knifecrimed by a chav today!" "Experts say that Russell Brand might be prank-calling your grandfather RIGHT NOW."
I agree with your general sentiment, that it is good to learn the game without spoilers, but due to the game's difficulty, I found this far too frustrating. The game does not forgive mistakes, and even in explore mode it is easy to get stuck.
I think I have a different philosophical approach to the game. I see it as a black box. Provided you don't open the box and change the rules, you can do anything you want with the information it provides and the moves you're allowed to make. Viewed like this, Nethack is a sort of remote debugging challenge in the form of an adventure game. To understand the state of the game running on the server, you can look at your own local copy, the source code, the spoilers, and everything the server has sent you - if you want. Which is even geekier than treating it as an RPG!
I never managed to complete Nethack until I found the spoilers, which include helpful advice about the best way to approach the game. The dungeons are random, but the structure of the game is not, and the same things will appear in approximately the same places (with different names). Once you have got to a certain depth, you've cracked the game and a win is almost certain.
Whether it is cheating to look at the spoilers is a philosophical question. Cheating is copying a save file or modifying the game - reading spoilers is no more cheating than looking at the source code.
How will Vista (and, indeed, Linux) manage memory across so many cores? The machine can't be SMP, because you can't maintain data cache coherence across more than about eight cores. So it has to have a completely new memory model. I wonder how this can be achieved without major changes to the kernel?
"Major fracture detected. Morphine administered."
I hear that morphine is also used as a painkiller in Half Life 1 and 2! Apparently it allows the player to function normally even when injured. BAN THIS FILTH!
What is really needed is not so much "open source DRM" but rather (1) standard protocol for transferring digital rights from one person to another, and (2) an "intellectual property registry" to record who has which rights. Think OpenID, plus a list of content you've purchased.
Having "bought a licence" for some music or a movie, you should always be able to listen to it or watch it. But that's not guaranteed when the publisher is the one running the IP registry: we've seen several recent examples of publishers shutting down DRM services and leaving the customers high and dry. If information truly is property, then the IP registry needs to be managed by a trusted third party, independent of publishers and consumers. That way, your IP always retains its value, even as you upgrade your computer, reinstall your OS, accidentally lose files, and so on.
An IP registry doesn't necessarily have to involve DRM. In an ideal world, all files would be trivial to copy, but piracy would be pointless because unauthorised copies would be worth nothing: they wouldn't be recorded in the IP registry, so you'd have no "rights" to them. Maybe they are still worth something to you because you can still watch them on your PC, but everyone else can see that they've been stolen, using a simple check against the registry.
To conclude, I agree that IP rights are important, and I agree with the general sentiment that open rights management systems are needed. In this industry, almost all of us are content creators of some sort: it's in our interests to get paid! But I'd say that these don't necessarily have to involve DRM: the notion of a real distinction between an authorised and an unauthorised copy should be enough.