Re:Why isn't this already out?
on
Next Generation X11
·
· Score: 2, Insightful
plug-in, plug-out all kinds of useless^H useful crap.
Screw you. Lack of proper X support for switching between my laptop's LCD and external DVI output is my biggest problem with Linux right now. WinXP does it with zero user intervention.
Device hotplugging and autoconfiguration is the number one hardware support priority for Linux on the desktop. (The Linux kernel is not all that hot on some types of hotplugging either, and userland support for what it can do is braindead in almost all distros.)
The controller likely reads the password from the platter on each power up and stores it in the on-chip cache or the SDRAM (the modern ATA drive controller has to be a full-featured processor). It most likely doesn't copy the password to the flash.
If it puts the password in the SDRAM and you try to yank the SDRAM write pin, the controller probably won't start at all. However, if you tap the memory bus, you might be able to issue your own command to erase the password in the RAM while the controller is running.
It doesn't have to be so easy if the OEM is really concerned about this.
The location of the password on the platter may be determined by a random seed stored in the drive's flash ROM. The password might not be recoverable from a hash stored on the platter (so that the only way to bypass is to directly erase all sectors you suspect of having the password, which the non-hacked controller will refuse to do for you). The hash may be split and stored half on the platter, half on the flash (or the password simply salted with a unique constant value on the controller's internal ROM before hashing), making the original password useless with a new controller board. The password might be stored not in plaintext bytes but in some more obscure format.
Many of these things can probably be overcome by tapping the buses and deducing things, but it might be extremely difficult.
And of course the OEM might have some test units with the protection disabled, I'm just saying it's probably extremely hard to obtain them (unless you're a national security organization in the country where they're located...)
Your reasoning is correct - that should be the easiest way. But I'm willing to bet the HDD manufacturers don't have a few of these laying around because if it became known that a particular HDD has password-bypassing controller boards available on the grey/black market, the corporations who use this feature as part of their security procedures would stop buying that manufacturer's drives.
If you have started the machine and logged in, it is assumed that you are actually in control of the machine and its environment. The proper way to protect a running machine is to lock the screen and the bootloader (so the only way to get local access to the disk is to power cycle and face the master password) and to have a secured network interface (which you can never be 100% sure about but you can get pretty close).
Of course, if you have a trojan installed or are being held hostage, these security principles don't work. The ATA password feature was designed to protect corporate data without the slowdown and incompatibilities possible when using software encryption.
Why on earth would you want to password "protect" a hard drive? How would that be any better than properly encrypting your files?
Speed.
Only very sophisticated organizations have the means to lift data off a password-protected hard drive. Encryption, while more durable in that regard, sacrifices speed with every access to the files in question.
Why? The dock could be a hole on top of the device that would hold the player vertically. Of course you couldn't stack them/put stuff on top of the unit with the player in the dock, but I don't see how that's an inconvenience.
Re:Info on what exactly SHA-1 is ...
on
SHA-1 Broken
·
· Score: 1
I think any properly designed crypto application would salt the document being signed before signing it, which would render this attack impossible.
I think there's a lot of misunderstanding going on where cryptographers talk about a "break" where the computational complexity for breaking an algorithm is somewhat reduced, but due to proper safeguards in the design and applications of the algorithm, it's not possible to exploit it. Then users unacquainted with the details claim that the algorithm is now useless and decide to switch to one algorithm in favor of another, in the process very possibly making themselves more vulnerable than they were in the first place.
Oh, I dunno, perhaps every single space-conscious datacenter user?
Anything thinner than 4u either won't have space for an off-board nic or won't need it if it has a riser and is not part of a fiber network. For 99% of server uses, the benefits of an off-board nic are dubious when a halfway modern mobo is installed.
See the little bars at the bottom, titled "Winchester 90nm" in the "power usage" link? I bought two of those recently. They run STONE COLD when idle and you can barely feel the warmth under load.
It's nice to know your CPU uses TEN TIMES LESS POWER when idle and at least three times less under load than an equivalently performing Intel, and is within 50% of the highest performance CPU on the market. AMD is going to beat Intel's desktop offerings silly with their new 90nm parts.
even on a 3 GHz machine that hour has only come down to 6 minutes...
Processing has improved very much beyond just the factor evident from the clock frequency. A much bigger chunk of the working set can now fit on the on-die cache, and many other things contribute to the speedup, so it's probably far less than 6 minutes. It's still a major delay, but less than that.
Actually what I think I meant was that if you are running something that needs to crunch numbers to do what it's doing but doesn't need to show pretty pictures with that, the GPU is not going to speed it up whatsoever. In which case the GPU doesn't matter, if the CPU isn't fast enough it's still not fast enough. Particularly if the app is not parallelizable.
The lates process shrink to 90nm really hurt, and required bunches of tricks to make it work.
All process shrinks in the history of IC production have required some sorts of tricks. The next two stages - 65 and 45 nm - are already in advanced development. They're not far from the limit dictated by molecule size - once the feature size starts spanning fewer than, say, 10 molecules things start to become impossible - but that just means ICs will have to start putting on more layers and new dissipation mechanisms (not necessarily on a single chip - chips stacked vertically with extremely short interconnects and some sort of cooling between the layers doesn't sound implausible to me), and/or lots of redundancy and error correction to compensate for functional defects arising from ridiculously small feature size.
when you shrink chips, they get hotter
No they don't. The heat just gets more concentrated, which means it's harder to dissipate it properly and there's more danger of malfunction due to local overheating.
it still consumes something like 53w doing nothing... there's absolutely no fix for that
Wrong. Throttle it and reduce the Vcc, and turn off idle units altogether. Leakage is a huge problem, but idle leakage is readily fixable.
There are lots of engineering problems where seemingly insurmountable physical limits are overcome by cleverly end-running them. Despite the emphasis on parallelism, the demand for single-threaded performance won't go away, and I think technologies will be found to make it increase.
Comparing it to Windows-based development, I spend 1/100th the time chasing down system problems that keep me from development work. Under Windows, it seems like I'm always fighting some stupid problem with dll hell or just the windowing system or underlying kernel breaking
In the many years of developing gigabytes of original material of dozens of different kinds on win2k/XP (typesetting, graphics, scientific computing, all kinds of coding in dozens of languages in hundreds of applications) I have never once encountered a dll problem. I have encountered problems with Windows running out of GDI handles which were attributable to a single application - iexplore, which I never use anymore. I have had about ten kernel stops, all due to slightly buggy third-party sound, wifi, or serial port device drivers (bugs that get uncovered after a month of work, a thousand sleep cycles, and a hundred dockings on a laptop). I have spent an order of magnitude more time configuring Linux systems than configuring Windows applications, and the latter are generally way more straightforward to set up and begin to use.
OS X has a much better UI and integrates Unix. On the other hand, Windows no longer has any of the disadvantages you describe.
Sorry, no source for that particular bit. (If there was open evidence, that might be good grounds for a lawsuit.) It was faith-based conjecture, guilty as charged. XP 64 has been in beta for long over a year now - I just find it improbable that this delay is in good faith.
Only if you set the SpeedStep setting in the BIOS to "maximum battery life" or some such. Mine ramps up perfectly well from 500 to 1700 MHz when crunching, whether plugged in or not.
I think they might respond by pulling legacy 16-bit support completely out of their chips (which I'm led to believe is costing them about 30% of their chips' "capacity" (as measured by power consumption and real estate) and replacing it with an emulator.
As for your new points, everyone (IBM, AMD, Intel, TSMC, UMC, and the rest of the cutting-edge IC world) is moving to larger wafers and 65 nm. The 90nm switch is complete and capacity is ramping up, the 65nm process is in late development, and the 45nm process is in early development at a whole lot of companies. Fabs have been switching to the bigger wafer sizes for some time, too. There is nothing magical about either of these things, and there is a massive industry, much bigger than Intel, developing these.
As for other, unspecified "magic", I am inclined to doubt Intel's potential to counter AMD's excellent R&D now that they have achieved a critical mass of sorts with K8, a solid strategic alliance with IBM, and are ramping up development on K9 and specialized K8 variants (all this despite Microsoft's foot-dragging with x86-64 Windows as requested by Intel). Intel is huge and P-M among others is a great technology, but unless they trot out something really impressive or find new performance reserves in their architectures, AMD stands to equate its market share with Intel's in the next few years.
Starting with Opteron, AMD and its partners are providing a range of solutions matching or exceeding Intel's in all sectors other than ULV notebook computing - from desktop replacement laptops to feature-laden desktop motherboards to 8-way enterprise servers to top-performance clusters.
Intel is no longer "the game", and at the current pace, it won't be the dominant player in the game for much longer.
all this and lower power consumption (than P4) to boot. There should be some sweet notebooks and servers coming out over the next few months also, as the true low-power Athlon64s and Opterons roll out.
AMD has also been able to move to 90nm successfully, significantly cutting power as opposed to Intel's 90nm P4 (Prescott and successors). This has been resulting in CPUs which consume effectively half the power for the same 32-bit performance as the P4s. ULV 90nm K8 should be easily able to compete with P-M - Intel's only competitive consumer CPU at the moment. I can't wait to see the notebook platforms designed on that.
IBM Thinkpad T40 and X40 series kick Apple's ass in terms of battery life, expandability, number of IBM-supplied peripherals, legacy compatibility, size, noise level, CPU performance, video performance, and durability, primarily thanks to the Pentium M CPU and the 9.5mm drive bay.
Unfortunately, there's still no way of installing OS X on them.
Yes, I do own one. And while it's true that a lot of people at my university have bought powerbooks and ibooks fairly recently, I also see a ton of T40s.
There are no current solutions other than IM Smarter that would easily let someone at work automatically and securely read their IM chat logs that they had at home.
I must attest that David Weekly is essentially today's equivalent of Hiro Protagonist - the sportbike-riding, authority-defying, world-trotting, party-throwing l33t h4x0r in the unspoiled sense of the expression. He runs an incredibly useful community non-profit, he apparently quit his job to write this, and he recently took two weeks to educade kids in Ghana about technology.
While I wouldn't normally be likely to believe the words he's saying about protecting users' privacy on this service given the considerably sleazy EULA, I am definitely inclined to believe it when David is saying it. The slogan he puts in his.sig is not just hot air. He backs that up with actions.
I should also add that he's the coolest Stanfurd grad I've ever seen (I'm just about to finish my degree at Cal, you see, and am rather pleased with the spanking administered yesterday, even though I'm not normally a fan of football:)
Slashdot Mirror
plug-in, plug-out all kinds of useless^H useful crap.
Screw you. Lack of proper X support for switching between my laptop's LCD and external DVI output is my biggest problem with Linux right now. WinXP does it with zero user intervention.
Device hotplugging and autoconfiguration is the number one hardware support priority for Linux on the desktop. (The Linux kernel is not all that hot on some types of hotplugging either, and userland support for what it can do is braindead in almost all distros.)
The controller likely reads the password from the platter on each power up and stores it in the on-chip cache or the SDRAM (the modern ATA drive controller has to be a full-featured processor). It most likely doesn't copy the password to the flash.
If it puts the password in the SDRAM and you try to yank the SDRAM write pin, the controller probably won't start at all. However, if you tap the memory bus, you might be able to issue your own command to erase the password in the RAM while the controller is running.
It doesn't have to be so easy if the OEM is really concerned about this.
The location of the password on the platter may be determined by a random seed stored in the drive's flash ROM. The password might not be recoverable from a hash stored on the platter (so that the only way to bypass is to directly erase all sectors you suspect of having the password, which the non-hacked controller will refuse to do for you). The hash may be split and stored half on the platter, half on the flash (or the password simply salted with a unique constant value on the controller's internal ROM before hashing), making the original password useless with a new controller board. The password might be stored not in plaintext bytes but in some more obscure format.
Many of these things can probably be overcome by tapping the buses and deducing things, but it might be extremely difficult.
And of course the OEM might have some test units with the protection disabled, I'm just saying it's probably extremely hard to obtain them (unless you're a national security organization in the country where they're located...)
You can't. You still need to pass the password with the SECURITY ERASE UNIT command.
See the end of this document.
Your reasoning is correct - that should be the easiest way. But I'm willing to bet the HDD manufacturers don't have a few of these laying around because if it became known that a particular HDD has password-bypassing controller boards available on the grey/black market, the corporations who use this feature as part of their security procedures would stop buying that manufacturer's drives.
If you have started the machine and logged in, it is assumed that you are actually in control of the machine and its environment. The proper way to protect a running machine is to lock the screen and the bootloader (so the only way to get local access to the disk is to power cycle and face the master password) and to have a secured network interface (which you can never be 100% sure about but you can get pretty close).
Of course, if you have a trojan installed or are being held hostage, these security principles don't work. The ATA password feature was designed to protect corporate data without the slowdown and incompatibilities possible when using software encryption.
Why on earth would you want to password "protect" a hard drive? How would that be any better than properly encrypting your files?
Speed.
Only very sophisticated organizations have the means to lift data off a password-protected hard drive. Encryption, while more durable in that regard, sacrifices speed with every access to the files in question.
Why? The dock could be a hole on top of the device that would hold the player vertically. Of course you couldn't stack them/put stuff on top of the unit with the player in the dock, but I don't see how that's an inconvenience.
I think any properly designed crypto application would salt the document being signed before signing it, which would render this attack impossible.
I think there's a lot of misunderstanding going on where cryptographers talk about a "break" where the computational complexity for breaking an algorithm is somewhat reduced, but due to proper safeguards in the design and applications of the algorithm, it's not possible to exploit it. Then users unacquainted with the details claim that the algorithm is now useless and decide to switch to one algorithm in favor of another, in the process very possibly making themselves more vulnerable than they were in the first place.
Oh, I dunno, perhaps every single space-conscious datacenter user?
Anything thinner than 4u either won't have space for an off-board nic or won't need it if it has a riser and is not part of a fiber network. For 99% of server uses, the benefits of an off-board nic are dubious when a halfway modern mobo is installed.
See the little bars at the bottom, titled "Winchester 90nm" in the "power usage" link? I bought two of those recently. They run STONE COLD when idle and you can barely feel the warmth under load.
It's nice to know your CPU uses TEN TIMES LESS POWER when idle and at least three times less under load than an equivalently performing Intel, and is within 50% of the highest performance CPU on the market. AMD is going to beat Intel's desktop offerings silly with their new 90nm parts.
even on a 3 GHz machine that hour has only come down to 6 minutes...
Processing has improved very much beyond just the factor evident from the clock frequency. A much bigger chunk of the working set can now fit on the on-die cache, and many other things contribute to the speedup, so it's probably far less than 6 minutes. It's still a major delay, but less than that.
Actually what I think I meant was that if you are running something that needs to crunch numbers to do what it's doing but doesn't need to show pretty pictures with that, the GPU is not going to speed it up whatsoever. In which case the GPU doesn't matter, if the CPU isn't fast enough it's still not fast enough. Particularly if the app is not parallelizable.
The lates process shrink to 90nm really hurt, and required bunches of tricks to make it work.
... there's absolutely no fix for that
All process shrinks in the history of IC production have required some sorts of tricks. The next two stages - 65 and 45 nm - are already in advanced development. They're not far from the limit dictated by molecule size - once the feature size starts spanning fewer than, say, 10 molecules things start to become impossible - but that just means ICs will have to start putting on more layers and new dissipation mechanisms (not necessarily on a single chip - chips stacked vertically with extremely short interconnects and some sort of cooling between the layers doesn't sound implausible to me), and/or lots of redundancy and error correction to compensate for functional defects arising from ridiculously small feature size.
when you shrink chips, they get hotter
No they don't. The heat just gets more concentrated, which means it's harder to dissipate it properly and there's more danger of malfunction due to local overheating.
it still consumes something like 53w doing nothing
Wrong. Throttle it and reduce the Vcc, and turn off idle units altogether. Leakage is a huge problem, but idle leakage is readily fixable.
There are lots of engineering problems where seemingly insurmountable physical limits are overcome by cleverly end-running them. Despite the emphasis on parallelism, the demand for single-threaded performance won't go away, and I think technologies will be found to make it increase.
Not entirely correct. The CPU is a general-purpose processor. The GPU is not.
Comparing it to Windows-based development, I spend 1/100th the time chasing down system problems that keep me from development work. Under Windows, it seems like I'm always fighting some stupid problem with dll hell or just the windowing system or underlying kernel breaking
In the many years of developing gigabytes of original material of dozens of different kinds on win2k/XP (typesetting, graphics, scientific computing, all kinds of coding in dozens of languages in hundreds of applications) I have never once encountered a dll problem. I have encountered problems with Windows running out of GDI handles which were attributable to a single application - iexplore, which I never use anymore. I have had about ten kernel stops, all due to slightly buggy third-party sound, wifi, or serial port device drivers (bugs that get uncovered after a month of work, a thousand sleep cycles, and a hundred dockings on a laptop). I have spent an order of magnitude more time configuring Linux systems than configuring Windows applications, and the latter are generally way more straightforward to set up and begin to use.
OS X has a much better UI and integrates Unix. On the other hand, Windows no longer has any of the disadvantages you describe.
Sorry, no source for that particular bit. (If there was open evidence, that might be good grounds for a lawsuit.) It was faith-based conjecture, guilty as charged. XP 64 has been in beta for long over a year now - I just find it improbable that this delay is in good faith.
Only if you set the SpeedStep setting in the BIOS to "maximum battery life" or some such. Mine ramps up perfectly well from 500 to 1700 MHz when crunching, whether plugged in or not.
This, of course:
I think they might respond by pulling legacy 16-bit support completely out of their chips (which I'm led to believe is costing them about 30% of their chips' "capacity" (as measured by power consumption and real estate) and replacing it with an emulator.
As for your new points, everyone (IBM, AMD, Intel, TSMC, UMC, and the rest of the cutting-edge IC world) is moving to larger wafers and 65 nm. The 90nm switch is complete and capacity is ramping up, the 65nm process is in late development, and the 45nm process is in early development at a whole lot of companies. Fabs have been switching to the bigger wafer sizes for some time, too. There is nothing magical about either of these things, and there is a massive industry, much bigger than Intel, developing these.
As for other, unspecified "magic", I am inclined to doubt Intel's potential to counter AMD's excellent R&D now that they have achieved a critical mass of sorts with K8, a solid strategic alliance with IBM, and are ramping up development on K9 and specialized K8 variants (all this despite Microsoft's foot-dragging with x86-64 Windows as requested by Intel). Intel is huge and P-M among others is a great technology, but unless they trot out something really impressive or find new performance reserves in their architectures, AMD stands to equate its market share with Intel's in the next few years.
Starting with Opteron, AMD and its partners are providing a range of solutions matching or exceeding Intel's in all sectors other than ULV notebook computing - from desktop replacement laptops to feature-laden desktop motherboards to 8-way enterprise servers to top-performance clusters.
Intel is no longer "the game", and at the current pace, it won't be the dominant player in the game for much longer.
all this and lower power consumption (than P4) to boot. There should be some sweet notebooks and servers coming out over the next few months also, as the true low-power Athlon64s and Opterons roll out.
AMD has also been able to move to 90nm successfully, significantly cutting power as opposed to Intel's 90nm P4 (Prescott and successors). This has been resulting in CPUs which consume effectively half the power for the same 32-bit performance as the P4s. ULV 90nm K8 should be easily able to compete with P-M - Intel's only competitive consumer CPU at the moment. I can't wait to see the notebook platforms designed on that.
I think you might be talking out of your ass.
Care to cite a source?
IBM Thinkpad T40 and X40 series kick Apple's ass in terms of battery life, expandability, number of IBM-supplied peripherals, legacy compatibility, size, noise level, CPU performance, video performance, and durability, primarily thanks to the Pentium M CPU and the 9.5mm drive bay.
Unfortunately, there's still no way of installing OS X on them.
Yes, I do own one. And while it's true that a lot of people at my university have bought powerbooks and ibooks fairly recently, I also see a ton of T40s.
There are no current solutions other than IM Smarter that would easily let someone at work automatically and securely read their IM chat logs that they had at home.
:)
Actually, there are. They're called laptops
There's also ssh...
I must attest that David Weekly is essentially today's equivalent of Hiro Protagonist - the sportbike-riding, authority-defying, world-trotting, party-throwing l33t h4x0r in the unspoiled sense of the expression. He runs an incredibly useful community non-profit, he apparently quit his job to write this, and he recently took two weeks to educade kids in Ghana about technology.
.sig is not just hot air. He backs that up with actions.
:)
While I wouldn't normally be likely to believe the words he's saying about protecting users' privacy on this service given the considerably sleazy EULA, I am definitely inclined to believe it when David is saying it. The slogan he puts in his
I should also add that he's the coolest Stanfurd grad I've ever seen (I'm just about to finish my degree at Cal, you see, and am rather pleased with the spanking administered yesterday, even though I'm not normally a fan of football