A massively parallel computer (2048+ cores) with each core having suficient cache to eliminate most memory bottlenecks would give the same results as all that complexity- providing the software was written to fully support it.
It's not just memory access that is an issue for Intel, although that is the most severe one and not as easy as you make out to solve (memory from other processes and the kernel can be read using Meltdown). By exploiting the branch prediction and hyperthreading it is possible to infer secrets from other processes as well.
Don't all of the exploits ultimately come down to executing a speculative load, speculatively testing it, and then speculatively creating a result which alters timing which can be detected?
"Which is completely irrelevant if the code you run is properly sandboxed "
Nothing is properly sandboxes though. It's a spherical cow, an abstraction to explain to undergrads. There is no sandbox. If I run code on your box, I can own it- if not me, then someone with more resources.
My spherical cow checks access privileges before executing speculative loads. It is not my fault that Intel's spherical cows did not bother doing this and it is not my fault if the software writers are using the spherical cows incorrectly.
Those are whack-a-mole. Site isolation helps *reduce* the impact of Spectre attacks that happen to be done in JavaScript, in the same way that eating fruit reduces your risk from a heart attack . It doesn't do anything for the majority of Spectre-class attacks.
If site isolation involves separate CPU processes on a CPU which checks access control before speculative loads lke AMD does, then Spectre type attacks do not work. Without the speculative load and test, there is no access to the data.
Spectre attacks rely on brain dead JIT compilers which are executing code from difference sources all in the same task. Why is it the CPU's fault that a process can access its own data?
That fundamental issues won't be changed in the next ten years, if ever. They can either keep playing whack-a-mole with different hardware and microcode side-effects, or you can add a very simple (and slow) separate CPU for security-sensitive operations.
Or they could perform access control checks before speculated loads and enforce process isolation.
So there's nothing preventing the government from taxing your savings by declaring a negative interest rate or from bailing out banks using your money (a 'bail-in').
Or they could control the interest rate such that the inflation rate is always higher.
California has a huge need to build desalinization plants to bring in more fresh water. And, hmm, it has a surplus of electricity. What's stopping them?
What is stopping them is that they get a better investment for the money by buying the laws to take the water from someone else rather than make it.
"In some cases, utilities in California actually pay other utility companies to take the excess electricity off their hands."
Texas wind generators occasionally do the same thing. Since they receive a government mandated subsidy for the amount of power produced, when there is not enough demand, they still make money or at least lose less money if they pay someone to accept the power.
You could build a multi-megawatt toaster to accept the power during these times and get paid to burn electricity with it.
They aren't going to arrest 15000 people a day so there is no "cost in civil liberties involved to those falsely flagged" nor are they going to arrest 1000 people but it could help them quickly look at those 1000 people from a distance versus having to do the impossible job of trying to look at all 300k people.
Since they automated facial recognition, maybe they can automate arresting suspects. Or suspend drivers licenses, passports, bank accounts, etc. until they arrest themselves or pay the fine.
And that practice will be something for the ACLU to combat. But always assuming the worst possible use of new techniques and technologies is not helpful.
Based on their latest stance about defending the 1st amendment, only as long as the practice is being applied to people they approve of.
I think the whole idea of using face recognition is to cut the amount of work required by a detective to search through thousands of pictures. I'm sure the final step would be for a real person to verify the matches to see if there's false positives. The AI in this case would likely be setup to tend to produce false positives rather than outright missing matches because not being able to find anything is worrysome compared to finding a few false positives. You would hope the cops arn't crazy enough to start arresting people based entirely on the matching system and at least look at the profiles to confirm.
Law enforcement routinely ignores exculpatory evidence preventing it from being turned over to the defense. Why do any differently here?
No, it floats apparently. But they'd rather catch it then have to fish it out of the (saltwater) ocean.
I'm sure there's economic sense to it or they wouldn't try. $6mm isn't chump change to throw away on each mission and i'm guessing saltwater refurb costs > catchers mitt operation.
The lower launch cost from recovering the first stage makes the loss of the payload fairing a larger part of the launch costs so there is more incentive to recover it.
So, you think that this fiasco is not because of Apple management panicking and forcing a impossibly short timeframe on engineering, so best practices practices were tossed to the wind? See, everybody else who offers Intel's 8 core part puts it in a realistic enclosure. Apple management seemed to think they could wave a magic wand and change physics.
They might have been waiting for and relying on Intel's very late 10nm processors.
It still confounds me that people don't understand the idea that these projects don't have unlimited time and budget to fix every issue imaginable before release.
They had plenty of time since the last MacBook Pro.
It was actually Intel's fault. They didn't change the TDP for the 6-core CPUs.
Fortunately, it didn't require a hardware rev. to fix...
I suspect Apple did the design around the promised performance of Intel's very late 10nm processors and finally got tired of waiting and had to make do with what is available.
A laptop is a relativel closed system. I guarantee you the CPU is thermally coupled to the chassis.
Coupling the heatpipe and heatsink assembly to the case on something as large as a laptop is quite hard to do with any kind of decent transfer coefficient. You cant use highly conductive thermal epoxy or not even the manufacturer can disassemble it, and the flex in such a large frame prevents use of thin film solutions like thermal paste or the foil/paste thermal pads used in high power density servers.
If you take a look at iFixIt's teardowns you'll see little to no coupling between the expensively produced metal case and the heatpipe assembly.
How do I make a claim for the guarantee you've offered? I would like my money back if possible. Please transfer 0 bitcoin to my wallet address.
One way it has been done in the past in high performance desktop replacement laptops is to use a very large area flat heap pipe to couple to the case. This is not an option for Apple due to their quest for thinness at any cost and they do not make desktop replacement laptops anyway.
If they coupled just the CPU and I assume GPU, it would create an uncomfortable hot spot.
Slashdot Mirror
A massively parallel computer (2048+ cores) with each core having suficient cache to eliminate most memory bottlenecks would give the same results as all that complexity- providing the software was written to fully support it.
But only at lower performance.
https://en.wikipedia.org/wiki/...
It's not just memory access that is an issue for Intel, although that is the most severe one and not as easy as you make out to solve (memory from other processes and the kernel can be read using Meltdown). By exploiting the branch prediction and hyperthreading it is possible to infer secrets from other processes as well.
Don't all of the exploits ultimately come down to executing a speculative load, speculatively testing it, and then speculatively creating a result which alters timing which can be detected?
"Which is completely irrelevant if the code you run is properly sandboxed "
Nothing is properly sandboxes though. It's a spherical cow, an abstraction to explain to undergrads. There is no sandbox. If I run code on your box, I can own it- if not me, then someone with more resources.
My spherical cow checks access privileges before executing speculative loads. It is not my fault that Intel's spherical cows did not bother doing this and it is not my fault if the software writers are using the spherical cows incorrectly.
Those are whack-a-mole. Site isolation helps *reduce* the impact of Spectre attacks that happen to be done in JavaScript, in the same way that eating fruit reduces your risk from a heart attack . It doesn't do anything for the majority of Spectre-class attacks.
If site isolation involves separate CPU processes on a CPU which checks access control before speculative loads lke AMD does, then Spectre type attacks do not work. Without the speculative load and test, there is no access to the data.
Spectre attacks rely on brain dead JIT compilers which are executing code from difference sources all in the same task. Why is it the CPU's fault that a process can access its own data?
That fundamental issues won't be changed in the next ten years, if ever. They can either keep playing whack-a-mole with different hardware and microcode side-effects, or you can add a very simple (and slow) separate CPU for security-sensitive operations.
Or they could perform access control checks before speculated loads and enforce process isolation.
10nm has been out for cell phones for years.
Intel's 14nm is more like their 10nm. Marketing now controls the advertised feature size for a process and it has little to do with reality.
So there's nothing preventing the government from taxing your savings by declaring a negative interest rate or from bailing out banks using your money (a 'bail-in').
Or they could control the interest rate such that the inflation rate is always higher.
California has a huge need to build desalinization plants to bring in more fresh water. And, hmm, it has a surplus of electricity. What's stopping them?
What is stopping them is that they get a better investment for the money by buying the laws to take the water from someone else rather than make it.
"In some cases, utilities in California actually pay other utility companies to take the excess electricity off their hands."
Texas wind generators occasionally do the same thing. Since they receive a government mandated subsidy for the amount of power produced, when there is not enough demand, they still make money or at least lose less money if they pay someone to accept the power.
You could build a multi-megawatt toaster to accept the power during these times and get paid to burn electricity with it.
Maybe Apple will finally stop selling computers with only 4GB or 8GB RAM.
That would conflict with making their laptops as thin as possible. More RAM means greater power draw and heat which limits thinness.
They aren't going to arrest 15000 people a day so there is no "cost in civil liberties involved to those falsely flagged" nor are they going to arrest 1000 people but it could help them quickly look at those 1000 people from a distance versus having to do the impossible job of trying to look at all 300k people.
Since they automated facial recognition, maybe they can automate arresting suspects. Or suspend drivers licenses, passports, bank accounts, etc. until they arrest themselves or pay the fine.
Here's the thing about the cop. They are there under pressure to get a conviction, especially if the crime is public, and heinous.
They hope it is the correct person, but that doesn't always happen, and innocent people go to jail and get executed.
Here is a counterexample where they did not care if they got the correct person:
http://www.nydailynews.com/new...
And these cops just got caught.
Given how both fingerprints and DNA matching have been painted with the 100% accurate brush (unjustifiably), I expect facial recognition will be too.
Hilarity ensues.
It just has to be good enough for probable cause.
And that practice will be something for the ACLU to combat. But always assuming the worst possible use of new techniques and technologies is not helpful.
Based on their latest stance about defending the 1st amendment, only as long as the practice is being applied to people they approve of.
I think the whole idea of using face recognition is to cut the amount of work required by a detective to search through thousands of pictures. I'm sure the final step would be for a real person to verify the matches to see if there's false positives. The AI in this case would likely be setup to tend to produce false positives rather than outright missing matches because not being able to find anything is worrysome compared to finding a few false positives. You would hope the cops arn't crazy enough to start arresting people based entirely on the matching system and at least look at the profiles to confirm.
Law enforcement routinely ignores exculpatory evidence preventing it from being turned over to the defense. Why do any differently here?
...they just haven't been arrested yet. :D
And denied bail. And had their property seized through civil assets forfeiture.
Isn't a facial recognition match good enough for probable cause to arrest?
https://www.instagram.com/p/Bf...
No, it floats apparently. But they'd rather catch it then have to fish it out of the (saltwater) ocean.
I'm sure there's economic sense to it or they wouldn't try. $6mm isn't chump change to throw away on each mission and i'm guessing saltwater refurb costs > catchers mitt operation.
The lower launch cost from recovering the first stage makes the loss of the payload fairing a larger part of the launch costs so there is more incentive to recover it.
So some Martian accidentally pulled the plug out and all the water drained away.
This supports the Flat Mars theory.
There's a reason gun enthusiasts have started using pornhub instead of youtube ;).
That worked until Pornhub started kicking them off also for politically incorrect content.
I wonder how they can fix this issue without either lowering the performance or allowing the VRM to overheat thus killing them faster.
They could build a thicker laptop intended for the high performance desktop replacement market but that is just crazy talk.
QUOTE: "representatives said that the throttling was only exhibited under fairly specific, highly intense workloads"
Sure, exporting video from Adobe Premiere Pro. Clearly an unusual workload.
You are workloading it wrong.
So, you think that this fiasco is not because of Apple management panicking and forcing a impossibly short timeframe on engineering, so best practices practices were tossed to the wind? See, everybody else who offers Intel's 8 core part puts it in a realistic enclosure. Apple management seemed to think they could wave a magic wand and change physics.
They might have been waiting for and relying on Intel's very late 10nm processors.
It still confounds me that people don't understand the idea that these projects don't have unlimited time and budget to fix every issue imaginable before release.
They had plenty of time since the last MacBook Pro.
It was actually Intel's fault. They didn't change the TDP for the 6-core CPUs.
Fortunately, it didn't require a hardware rev. to fix...
I suspect Apple did the design around the promised performance of Intel's very late 10nm processors and finally got tired of waiting and had to make do with what is available.
A laptop is a relativel closed system. I guarantee you the CPU is thermally coupled to the chassis.
Coupling the heatpipe and heatsink assembly to the case on something as large as a laptop is quite hard to do with any kind of decent transfer coefficient. You cant use highly conductive thermal epoxy or not even the manufacturer can disassemble it, and the flex in such a large frame prevents use of thin film solutions like thermal paste or the foil/paste thermal pads used in high power density servers.
If you take a look at iFixIt's teardowns you'll see little to no coupling between the expensively produced metal case and the heatpipe assembly.
How do I make a claim for the guarantee you've offered? I would like my money back if possible. Please transfer 0 bitcoin to my wallet address.
One way it has been done in the past in high performance desktop replacement laptops is to use a very large area flat heap pipe to couple to the case. This is not an option for Apple due to their quest for thinness at any cost and they do not make desktop replacement laptops anyway.
If they coupled just the CPU and I assume GPU, it would create an uncomfortable hot spot.