An easy one is the crystal radio. You're getting power from the transmitter. Make an array of crystal radios, on different frequencies, gang them together... hey, now you're getting a good deal of power!
The Earth's magnetic field wanders. Use that.
There are various gyroscopic-like things related to the Earth's orbit and rotation, particlarly having to do with things not being all planar. Use that.
You need to run the original software in an emulator, OS and all.
That emulator itself needs to be Open Source so that you can port it to future platforms. Otherwise, you'd be faced with running an emulator in an emulator in an emulator in an emulator in an emulator...
Keeping around multiple conversions certainly doesn't hurt. Converters vary in quality and the resulting conversions will themselves vary in future compatibility.
More accurately, they are afraid to use anything other than Microsoft Word.
First, they think it's too hard to learn something new.
Second, especially when you point out the learning curve on the new Microsoft Word, they think (rightly) that not being Microsoft users will hurt them if they go looking for new jobs. They want to keep their Microsoft skills up to date.
It's easy to support C99 without breaking the API. Everybody else did it.
Add some header files. Add support for new syntax. Add a compiler option to recognize new keywords, and recognize them with a double underscore prefix ("__") when that compiler option isn't used.
There. Done. No problem.
C99 is really nice. The thing most people love is the ability to declare variables pretty much anywhere. They no longer have to go at the top of a function. You don't have to use C++ to get this.
The next C++ standard aligns itself with C99. Will that be ignored? Maybe it breaks something? Microsoft finally did get it's ass in gear over the variable scope in a "for" loop, so I suppose there is hope. Still, they are damn lazy.
Over here in Linux land, we aren't just running a 64-bit OS. It's normal to have 100% 64-bit apps.
Some of us, running the less commercial Linux distributions, don't even bother to install the libraries needed by 32-bit apps. We're losing the ability to run 32-bit apps because we don't care about that old trash. It's cruft that would serve no purpose.
There is a C standard you know, and a C++ one too.
The last big C standard was in 1999, but Microsoft still only supports the 1989 standard. Ugh, 8 years have passed! Nonetheless, even the old standard provides data types that are appropriate.
For example, ptrdiff_t. It's a type that can hold the difference between two pointers.
For non-emergency stuff, I guess I could travel to areas with high demand for private healthcare. Those would be places with lots of rich people, like Beverly Hills.
Everywhere else, in small cities across the nation, nice healthcare would be a thing of the past.
"I should be able to drive drunk on my private property if I want, if I get injured it's my fault and if other people don't like it they should stay off my private road."
There, I fixed that for you. Your analogies are terrible. I'm not endangering anybody against their will. Actually, you want to endanger me against my will. People do get severely injured and even killed by vaccine reactions.
It really doesn't hurt you if I get the disease, as long as you are protected by your vaccine. Maybe I just want to prevent the extinction of yet another species, offering myself to protect it.:-) Whatever, it's none of your business.
You misread. Of course you can identify these current, existing, unmodified products. It's damn easy.
You're not producing a tool that can identify a malware VM in a reliable way. Your tool is completely unsuitable for including in something like a commercial malware detection tool. You'll get false positives on new (future) technology. (new non-malware VMs, and new Crusoe-like CPUs with the CPU itself looking like a VM) You'll get false negatives on "known" VMs that have been hacked.
As for producing a hardware-virtualized rootkit: done it (currently Intel-only), with a feature list that would make your skin crawl, and not making it public.:-) I'm surely not alone; virtualization is trivial with the new CPU features.
Ideally (not stuck with hardware designed for an office environment) you do this:
Air should flow from cold aisles to hot aisles by a simple pressure difference. Those little CPU fans generate heat and lots of noise. It's better to rely on airflow supplied by the building. This of course means that the cases have ductwork and aerodynamic heat sinks as required. I've seen it for a single rack; it's really nice to eliminate the individual CPU fans. Reliability goes up (no CPU fan failures) and noise goes down.
There is some advantage to grabbing outside air, using it once, and then venting it up a chiminey. Modern computers don't need to be all that cold; for the drives it is even bad to be really cold. (see Google results) Cooling the air is expensive. Of course, some places have extreme variation in outside air temperature that must be considered.
For the UPS, water towers sound nice, but I haven't done the math. It's like having your own hydropower station.
Of course VMWare is using VTX/SVM now. Qemu definitely does, at least on a Linux host. Other products do as well.
Virtualization goes beyond Joanna-style and VMWare-style uses. Think about DRM. Think about stopping people from cheating in online games. Now you may call this malware, but you won't get everybody to agree with you. These products can be really thin low-overhead VMs. They can let the OS punch right through to native hardware.
VTX/SVM makes things easy. Everybody and their dog will write a VM. You've written one, haven't you? (if not, get going!)
Back to the point though: detecting the mere existance of a VM is not enough. Qemu is currently easy to detect, but you can not know if it has been modified to be malware. Some yet-to-be-invented (or kept secret) VM can not be recognized by your software; at best you might be able to detect that a VM of unknown nature might be in use.
Don't forget Transmeta. If you found yourself running on an unrecognized CPU of that nature, what could you do?
The only equation swings further and further in favour of blades and virtualisation the more machines you're talking about. Low-end 1U servers really only make sense if you're buying a small number of them, or if virtualisation raises other problems (eg: Oracle Appserver is not supported for production use in virtualised environments). When you buy in bulk, you can get lower prices. That helps the 1U solution a lot. We don't pay list price.
We sometimes virtualize, usually 1-to-1 when we need to quickly change the OS we're using, but rarely a tad more. Rarely we run software on both host and guest, such as when doing client-server software testing. The big RAM sticks are too expensive to make serious virtualization practical. Virtual machines mean active swapping; our workload often keeps the disks busy even without swapping.
We've done 3 big buys, approximately: 40 machines over a year ago, 60 machines about a year ago, and 80 machines that should be arriving soon. All of these were 1U. This last time (and maybe the time before) we investigated the blades, and could only conclude that they were a rip-off.
I suppose the blades come with built-in staged power-on? We got staged power-on to avoid tripping circuit breakers.
I guess one of the things going against virtualization is that our workload is perfectly even across the machines. When we start a job, we farm it out to everything. We don't have near-idle machines ever. We might be CPU-bound, disk-bound (perhaps via swap) or even network-bound, but it's the same for every machine. I take it that this is not the case for you? You're renting out servers? Maybe you do web sites?
(BTW, if you have many thousands of near-idle servers then you ought to at least investigate IBM's big iron stuff - the virtualization there is really low overhead)
No vaccine: passive, death unlikely, no harm at all if I'm uninfected, no harm at all if I don't have sex WITH UNVACCINATED PEOPLE, any potential sex partner can choose the vaccine for themselves...
I mean gee, if it is so great, why don't my sex partners just get the vaccine? That'd work way better than me getting the vaccine, because they might have sex with other people too!
Even if I did want to have unprotected sex with a different person each day, it's my right to take the risk.
I can also choose to go hang-gliding, or would you ban that too? My life, my choice. Butt out.
Shall I run your life? I'd love to: No smoking anywhere, no alcohol ever, no usage of vehicles or sharp knives, floss your teeth after every meal, wear a helmet at all times, take your vitamins, no Sun exposure ever (even via windows), eat your broccoli and Brussels sprouts, no soda or coffee, drink 12 glasses of water every day, stay at least 20 feet away from staircases, monthly colonoscopy exam...
For myself, I prefer freedom. For you, there are certain things required for your own good. I can't have you making bad decisions.
We got nearly 2x that number. The limiting factor was incoming power, with the need to avoid tripping circuit breakers or upgrading the utility connection. Cooling was a very serious problem as well. Some of the possible electrical upgrades (which we avoided) made the computers look really cheap. We chose tiny low-power motherboards and minimal power supplies to solve the problem.
The switches and KVMs are pricy, yeah, along with managed power and racks. It's a minor issue compared to REALLY AWKWARD (you have no idea) building upgrades.
Dell blades are a horrible rip-off. Note that Dell only advertizes the per-blade cost. They avoid telling you the cost of the chassis. I don't recall, but US$35k sounds like what we got quoted for an empty chassis. (we pretty much had to pretend we'd already bought the blades to get that quote!) If you're thinking about Dell blades, I think you need to investigate a bit more.
We're not compute-bound or network-bound usually, though it can happen. Often we're disk-bound with low-value temporary files.
Being somebody else in the field, I have to call bullshit on that one. Sorry.
You can detect a VM. Well, you can if you ignore the issue of Crusoe-like processors and you have an external time reference.
You can not detect intent.
Suppose I hacked VMWare to be malicious. I can do this; it is but a bit of reverse engineering. Then what, you'd recognize that I had hacked VMWare to be malicious? Sure, would you like to sell me a bridge too?
Last year we installed many dozens of 1U boxes. At the time, low-power Xeon chips were the best deal. (considering space, performance, and especially heat output) The VIA chips were close.
A big box with virtual machines was completely hopeless in the competition.
Alaska is bigger than Hawaii. Canada is bigger than Mexico. With a bit of warming, we get more room! We can grow corn in the Northwest Territories and tropical fruit in New England. Greenland will be green land. The Northwest Passage opens up for shipping, allowing easy ship transport from the North Atlantic to the North Pacific.
Good deal, hmmm?
We need to research the best greenhouse gasses so we can really turn up the thermostat.
DefCon is way easier to attend. It's cheap and we need only 1 vacation day to attend. Blackhat costs an arm an a leg and, last I checked, was in the middle of the week.
Slashdot Mirror
An easy one is the crystal radio. You're getting power from the transmitter. Make an array of crystal radios, on different frequencies, gang them together... hey, now you're getting a good deal of power!
The Earth's magnetic field wanders. Use that.
There are various gyroscopic-like things related to the Earth's orbit and rotation, particlarly having to do with things not being all planar. Use that.
You need to run the original software in an emulator, OS and all.
That emulator itself needs to be Open Source so that you can port it to future platforms. Otherwise, you'd be faced with running an emulator in an emulator in an emulator in an emulator in an emulator...
Keeping around multiple conversions certainly doesn't hurt. Converters vary in quality and the resulting conversions will themselves vary in future compatibility.
More accurately, they are afraid to use anything other than Microsoft Word.
First, they think it's too hard to learn something new.
Second, especially when you point out the learning curve on the new Microsoft Word, they think (rightly) that not being Microsoft users will hurt them if they go looking for new jobs. They want to keep their Microsoft skills up to date.
It's easy to support C99 without breaking the API. Everybody else did it.
Add some header files. Add support for new syntax. Add a compiler option to recognize new keywords, and recognize them with a double underscore prefix ("__") when that compiler option isn't used.
There. Done. No problem.
C99 is really nice. The thing most people love is the ability to declare variables pretty much anywhere. They no longer have to go at the top of a function. You don't have to use C++ to get this.
The next C++ standard aligns itself with C99. Will that be ignored? Maybe it breaks something? Microsoft finally did get it's ass in gear over the variable scope in a "for" loop, so I suppose there is hope. Still, they are damn lazy.
but I thought Patrick was dying?
**duck**
Seriously though, anyone know?
Over here in Linux land, we aren't just running a 64-bit OS. It's normal to have 100% 64-bit apps.
Some of us, running the less commercial Linux distributions, don't even bother to install the libraries needed by 32-bit apps. We're losing the ability to run 32-bit apps because we don't care about that old trash. It's cruft that would serve no purpose.
There is a C standard you know, and a C++ one too.
The last big C standard was in 1999, but Microsoft still only supports the 1989 standard. Ugh, 8 years have passed! Nonetheless, even the old standard provides data types that are appropriate.
For example, ptrdiff_t. It's a type that can hold the difference between two pointers.
A disused lavatory would be clean, or perhaps dusty. Microsoft is more like an overused lavatory, being completely full of shit.
For non-emergency stuff, I guess I could travel to areas with high demand for private healthcare. Those would be places with lots of rich people, like Beverly Hills.
Everywhere else, in small cities across the nation, nice healthcare would be a thing of the past.
There, I fixed that for you. Your analogies are terrible. I'm not endangering anybody against their will. Actually, you want to endanger me against my will. People do get severely injured and even killed by vaccine reactions.
It really doesn't hurt you if I get the disease, as long as you are protected by your vaccine. Maybe I just want to prevent the extinction of yet another species, offering myself to protect it. :-) Whatever, it's none of your business.
You misread. Of course you can identify these current, existing, unmodified products. It's damn easy.
:-) I'm surely not alone; virtualization is trivial with the new CPU features.
You're not producing a tool that can identify a malware VM in a reliable way. Your tool is completely unsuitable for including in something like a commercial malware detection tool. You'll get false positives on new (future) technology. (new non-malware VMs, and new Crusoe-like CPUs with the CPU itself looking like a VM) You'll get false negatives on "known" VMs that have been hacked.
As for producing a hardware-virtualized rootkit: done it (currently Intel-only), with a feature list that would make your skin crawl, and not making it public.
If you want to take advantage of either, and especially if you want to take advantage of both, then yes the contracts should be public.
How else are we to know it isn't fraud?
Have your secret contract if you like... but don't come crying to the courthouse when the other party doesn't follow the contract.
Ideally (not stuck with hardware designed for an office environment) you do this:
Air should flow from cold aisles to hot aisles by a simple pressure difference. Those little CPU fans generate heat and lots of noise. It's better to rely on airflow supplied by the building. This of course means that the cases have ductwork and aerodynamic heat sinks as required. I've seen it for a single rack; it's really nice to eliminate the individual CPU fans. Reliability goes up (no CPU fan failures) and noise goes down.
There is some advantage to grabbing outside air, using it once, and then venting it up a chiminey. Modern computers don't need to be all that cold; for the drives it is even bad to be really cold. (see Google results) Cooling the air is expensive. Of course, some places have extreme variation in outside air temperature that must be considered.
For the UPS, water towers sound nice, but I haven't done the math. It's like having your own hydropower station.
Of course VMWare is using VTX/SVM now. Qemu definitely does, at least on a Linux host. Other products do as well.
Virtualization goes beyond Joanna-style and VMWare-style uses. Think about DRM. Think about stopping people from cheating in online games. Now you may call this malware, but you won't get everybody to agree with you. These products can be really thin low-overhead VMs. They can let the OS punch right through to native hardware.
VTX/SVM makes things easy. Everybody and their dog will write a VM. You've written one, haven't you? (if not, get going!)
Back to the point though: detecting the mere existance of a VM is not enough. Qemu is currently easy to detect, but you can not know if it has been modified to be malware. Some yet-to-be-invented (or kept secret) VM can not be recognized by your software; at best you might be able to detect that a VM of unknown nature might be in use.
Don't forget Transmeta. If you found yourself running on an unrecognized CPU of that nature, what could you do?
We sometimes virtualize, usually 1-to-1 when we need to quickly change the OS we're using, but rarely a tad more. Rarely we run software on both host and guest, such as when doing client-server software testing. The big RAM sticks are too expensive to make serious virtualization practical. Virtual machines mean active swapping; our workload often keeps the disks busy even without swapping.
We've done 3 big buys, approximately: 40 machines over a year ago, 60 machines about a year ago, and 80 machines that should be arriving soon. All of these were 1U. This last time (and maybe the time before) we investigated the blades, and could only conclude that they were a rip-off.
I suppose the blades come with built-in staged power-on? We got staged power-on to avoid tripping circuit breakers.
I guess one of the things going against virtualization is that our workload is perfectly even across the machines. When we start a job, we farm it out to everything. We don't have near-idle machines ever. We might be CPU-bound, disk-bound (perhaps via swap) or even network-bound, but it's the same for every machine. I take it that this is not the case for you? You're renting out servers? Maybe you do web sites?
(BTW, if you have many thousands of near-idle servers then you ought to at least investigate IBM's big iron stuff - the virtualization there is really low overhead)
Shooting: active, death can be made certain
No vaccine: passive, death unlikely, no harm at all if I'm uninfected, no harm at all if I don't have sex WITH UNVACCINATED PEOPLE, any potential sex partner can choose the vaccine for themselves...
I mean gee, if it is so great, why don't my sex partners just get the vaccine? That'd work way better than me getting the vaccine, because they might have sex with other people too!
Even if I did want to have unprotected sex with a different person each day, it's my right to take the risk.
I can also choose to go hang-gliding, or would you ban that too? My life, my choice. Butt out.
Shall I run your life? I'd love to: No smoking anywhere, no alcohol ever, no usage of vehicles or sharp knives, floss your teeth after every meal, wear a helmet at all times, take your vitamins, no Sun exposure ever (even via windows), eat your broccoli and Brussels sprouts, no soda or coffee, drink 12 glasses of water every day, stay at least 20 feet away from staircases, monthly colonoscopy exam...
For myself, I prefer freedom. For you, there are certain things required for your own good. I can't have you making bad decisions.
We got nearly 2x that number. The limiting factor was incoming power, with the need to avoid tripping circuit breakers or upgrading the utility connection. Cooling was a very serious problem as well. Some of the possible electrical upgrades (which we avoided) made the computers look really cheap. We chose tiny low-power motherboards and minimal power supplies to solve the problem.
The switches and KVMs are pricy, yeah, along with managed power and racks. It's a minor issue compared to REALLY AWKWARD (you have no idea) building upgrades.
Dell blades are a horrible rip-off. Note that Dell only advertizes the per-blade cost. They avoid telling you the cost of the chassis. I don't recall, but US$35k sounds like what we got quoted for an empty chassis. (we pretty much had to pretend we'd already bought the blades to get that quote!) If you're thinking about Dell blades, I think you need to investigate a bit more.
We're not compute-bound or network-bound usually, though it can happen. Often we're disk-bound with low-value temporary files.
Being somebody else in the field, I have to call bullshit on that one. Sorry.
You can detect a VM. Well, you can if you ignore the issue of Crusoe-like processors and you have an external time reference.
You can not detect intent.
Suppose I hacked VMWare to be malicious. I can do this; it is but a bit of reverse engineering. Then what, you'd recognize that I had hacked VMWare to be malicious? Sure, would you like to sell me a bridge too?
Last year we installed many dozens of 1U boxes. At the time, low-power Xeon chips were the best deal. (considering space, performance, and especially heat output) The VIA chips were close.
A big box with virtual machines was completely hopeless in the competition.
Sheep, I could understand. It's not right, but hey, I understand. I've seen your British women. Really though, penguins???? That's really demented.
Alaska is bigger than Hawaii. Canada is bigger than Mexico. With a bit of warming, we get more room! We can grow corn in the Northwest Territories and tropical fruit in New England. Greenland will be green land. The Northwest Passage opens up for shipping, allowing easy ship transport from the North Atlantic to the North Pacific.
Good deal, hmmm?
We need to research the best greenhouse gasses so we can really turn up the thermostat.
Nobody is demanding that the vaccine be banned.
We just don't want the government demanding that weird concoctions be injected into our bodies.
Is that so bad?
During the time of your treatment, numerous almost-cancer cells get to be cancer cells.
You're not going to keep taking this drug, are you? Take it once, it wears off... that's not a lot of time for nasty things to grow.
DefCon is way easier to attend. It's cheap and we need only 1 vacation day to attend. Blackhat costs an arm an a leg and, last I checked, was in the middle of the week.