In theory. However, similar to DVDs, the decoder needs to be able to decode the signal. This means there must be a 'key' (be it an RSA key, secret algorithm, or whatever) in the device somewhere. Basically they are trying to achieve client-side security, which is just a myth. The only way to partially achieve this is to hide the key in silicon and hope the attackers don't find it, and when/if they do, change it. So as far as security is concerned, DirecTV is relying on secrecy - which is the only security possible in their situation. So it is fair enough they wouldnt want the details out in public.
We do this in Australia. Retailers still mark everything as 3.95 etc (we don't have 1c coins, only 5c) - but then round to the nearest 5c on the total bill, not on each item. Thus, you sometimes make 2c, sometimes lose it - depending on whether you buy an odd or even amount of goods, but everyone averages out equal overall.
Besides not getting the point of the article, yes speed does matter. Consider the number of searches Google does a day, multiply that by the amount of time it takes to do a search. I can't say for sure what the number is, but I would be safe to say its many many computer+man hours of wasted time. For an individiual it may not seem like much, but multiplied by the population of the internet, many times a day, you start to run into many wasted hours. If they can half the time it takes to do a search, they double the number of people they can serve, potentialy double the life of theyre hardware, doulbe the number of pages they can index, etc...
and can be used as server for remote clients in the same style as X11
Does this mean it is actually an X server? Will it display any X application (ie netscape etc) in text mode? When he says the same 'style' does he mean it is compatible with the X11 protocol, or just similar?
As cool as it might look, I cant imagine having a lava lamp on the front of your case is too practical - those things get verrry hot. If your anything like me, youd prefer to have it as bare bones as possible, concentrating more on temperature, in order to get the fan speeds down ( = less noise).
One of the problems with text files and advantages of the registry is per key access control lists. Plus the registry keeps a nice central location, optimised for access by all programs - with a structure desigined for multiple users etc.
Files are ok, I can see the advantages of doing a simple diff, but with the right tools, the registry makes a lot more sense. Being able to export all your application and system settings through a single interface is pretty good - its just a bit complicated for the average user.
Then what would be the point of keeping all those humans alive? The matrix is only there for the humans, so they wouldn't need it at all if they didn't need the humans.
(display interface) and a (graphics chip and its frame buffer)
You may be in full control of the code you execute, but whats to stop a malicous display interface displaying the number "0" when it should display the number "9".
I could then send you a message saying please transfer "9" credits to me - you would see, please transfer "0" credits to me, and might be inclined to do it (not a great example, but you see the reason for needing secure hardware as well).
yeah fair enough. Its too early in the morning and I just read it without putting enough thought into it. I guess it was just posted as headline news, even though they just talked about a few observations that everyone was already aware of.
From the title, you would think there is some technical flaw in palladium, but the article just goes on about some thing about not having control of your PC etc...
Im not saying there isnt a technical flaw, just/. spreads propaganda through misleading comments.
No, but there are other network providers that may not want to let you connect to them unless you support the protocol fully.
eg. There is no IETF police stopping DoS attacks, it is technically possible. But do one through a network and all your upstream providers wont be too happy and will want to disconnect you. Its only because it can be done anonymously that the problem exists.
No, I wasn't trolling. My point was, existing RNG are implemented using IO, which can only be done at ring 0. Hence, a driver plus common API etc would be required to use it in an application.
By having a ring 3 'user space' instruction, any application can use it. A pure ring 3 application is possible to be determinstic/finite because interfacing to anything arbritrary wasn't previously possible. All instructions other than IO were previously deterministic/finite (including memory access), and IO calls are privleged instructions. Now, there is a ring 3 instruction which doesn't exhibit this behaviour.
This is awesome, but I feel it kind of skews one of the great things about CPUs. Presently, the same piece of code, run a million times, will always produce the same outcome, and follow the same path of execution (providing it accesses no hardware - ie, no io instructions). With the addition of this instruction, you no longer have this fixed execution path.
Still, with IO this 'problem' exists anyway (although only at ring 0 -intel). It just makes it difficult for heuristic anti-virus progams, and debugging etc, when the path of execution can be arbitrary. Nonetheless, I think its a cool concept, and great its being done at ring 3.
Seriously, what is it with people completely bending the rules of acronyms just to make something sound cute/cool. "The Real-time Operating system Nucleus" should be called "TROSN"
as the FP poster stated, this could mean FFW ads on regular TV, could get 5+ times as many ads in the allocated 5mins or whatever the break is.:)
However, I think the recall has something to do with recognising an ad that youve seen previously, and the FFW glimpse prods your memory back to that ad - hence achieving brand recognition, which is the overall goal. But just seeing the ad in FFW only, probably wouldnt get the desired effect, especially with no sound.
There aren't necessarily any logs - I don't know the technical details, but given that you gain Local system access, a) it is more than just user level stuff - the exploit may occur before the logs are written b) with local system access, you could remove the logs, which you may very well do if you want to keep the exploit hidden for longer.
Give these guys a break, 5 days is pretty damn good given the circumstances. MS do a lot of regression testing, which is much more professional, unlike Apache, who just expect you to be runnning the latest configuration.
But as the report says - its also applicable in situations where you don't actually have physical access - x-rays can travel through various materials, which may be blocking your otherwise 'physical access'. Thus, being able to compromise a system 'remotely' as it were, is of significance.
While I agree with all of that, there is one thing which finding ET may change. Peoples religous beliefs, and theyre thoughts on life etc. Knowing that we're not alone, and that the 'god' thing is basically just a cult gone wrong, could help to end many wars and conflicts. Then again, probably not.
For example, the 3D images are best viewed from 40 centimeters away, Sharp representatives said. Sitting closer or further away results in seeing two overlapping images
As with all other 3D attempts, doesn't this kind of defeat the purpose? You pretty much have to view the 3D model from a fixed point, so you may as well just render the image in 2D. How is viewing a "3D" image any better than a 2D representation of a 3D model when you can't rotate your head around the image?
Slashdot Mirror
Internet Options->Security->Custom level.
Tick disable rather than prompt for 'download signed activx controls'.
You could add gator to the restricted zone while your there.
In theory. However, similar to DVDs, the decoder needs to be able to decode the signal. This means there must be a 'key' (be it an RSA key, secret algorithm, or whatever) in the device somewhere. Basically they are trying to achieve client-side security, which is just a myth. The only way to partially achieve this is to hide the key in silicon and hope the attackers don't find it, and when/if they do, change it. So as far as security is concerned, DirecTV is relying on secrecy - which is the only security possible in their situation. So it is fair enough they wouldnt want the details out in public.
We do this in Australia. Retailers still mark everything as 3.95 etc (we don't have 1c coins, only 5c) - but then round to the nearest 5c on the total bill, not on each item. Thus, you sometimes make 2c, sometimes lose it - depending on whether you buy an odd or even amount of goods, but everyone averages out equal overall.
Besides not getting the point of the article, yes speed does matter. Consider the number of searches Google does a day, multiply that by the amount of time it takes to do a search. I can't say for sure what the number is, but I would be safe to say its many many computer+man hours of wasted time. For an individiual it may not seem like much, but multiplied by the population of the internet, many times a day, you start to run into many wasted hours. If they can half the time it takes to do a search, they double the number of people they can serve, potentialy double the life of theyre hardware, doulbe the number of pages they can index, etc...
and can be used as server for remote clients in the same style as X11
Does this mean it is actually an X server? Will it display any X application (ie netscape etc) in text mode? When he says the same 'style' does he mean it is compatible with the X11 protocol, or just similar?
LocoPalm
LocoMon
LocoConfig
LocoProg
Adapter
As cool as it might look, I cant imagine having a lava lamp on the front of your case is too practical - those things get verrry hot. If your anything like me, youd prefer to have it as bare bones as possible, concentrating more on temperature, in order to get the fan speeds down ( = less noise).
One of the problems with text files and advantages of the registry is per key access control lists. Plus the registry keeps a nice central location, optimised for access by all programs - with a structure desigined for multiple users etc.
Files are ok, I can see the advantages of doing a simple diff, but with the right tools, the registry makes a lot more sense. Being able to export all your application and system settings through a single interface is pretty good - its just a bit complicated for the average user.
Then what would be the point of keeping all those humans alive? The matrix is only there for the humans, so they wouldn't need it at all if they didn't need the humans.
(display interface) and a (graphics chip and its frame buffer)
You may be in full control of the code you execute, but whats to stop a malicous display interface displaying the number "0" when it should display the number "9".
I could then send you a message saying please transfer "9" credits to me - you would see, please transfer "0" credits to me, and might be inclined to do it (not a great example, but you see the reason for needing secure hardware as well).
yeah fair enough. Its too early in the morning and I just read it without putting enough thought into it. I guess it was just posted as headline news, even though they just talked about a few observations that everyone was already aware of.
From the title, you would think there is some technical flaw in palladium, but the article just goes on about some thing about not having control of your PC etc...
/. spreads propaganda through misleading comments.
Im not saying there isnt a technical flaw, just
Yes, but the existing IPv6 networks do support it.
No, but there are other network providers that may not want to let you connect to them unless you support the protocol fully.
eg. There is no IETF police stopping DoS attacks, it is technically possible. But do one through a network and all your upstream providers wont be too happy and will want to disconnect you. Its only because it can be done anonymously that the problem exists.
No, I wasn't trolling. My point was, existing RNG are implemented using IO, which can only be done at ring 0. Hence, a driver plus common API etc would be required to use it in an application.
By having a ring 3 'user space' instruction, any application can use it. A pure ring 3 application is possible to be determinstic/finite because interfacing to anything arbritrary wasn't previously possible. All instructions other than IO were previously deterministic/finite (including memory access), and IO calls are privleged instructions. Now, there is a ring 3 instruction which doesn't exhibit this behaviour.
note - by 'finite state machine' - I think I meant 'deterministic' or something :) not great with terminolgy, but at least I know what I mean.
This is awesome, but I feel it kind of skews one of the great things about CPUs. Presently, the same piece of code, run a million times, will always produce the same outcome, and follow the same path of execution (providing it accesses no hardware - ie, no io instructions). With the addition of this instruction, you no longer have this fixed execution path.
Still, with IO this 'problem' exists anyway (although only at ring 0 -intel). It just makes it difficult for heuristic anti-virus progams, and debugging etc, when the path of execution can be arbitrary. Nonetheless, I think its a cool concept, and great its being done at ring 3.
If it wasn't under attack before, it sure as hell will be now :P
Seriously, what is it with people completely bending the rules of acronyms just to make something sound cute/cool. "The Real-time Operating system Nucleus" should be called "TROSN"
as the FP poster stated, this could mean FFW ads on regular TV, could get 5+ times as many ads in the allocated 5mins or whatever the break is. :)
However, I think the recall has something to do with recognising an ad that youve seen previously, and the FFW glimpse prods your memory back to that ad - hence achieving brand recognition, which is the overall goal. But just seeing the ad in FFW only, probably wouldnt get the desired effect, especially with no sound.
There aren't necessarily any logs - I don't know the technical details, but given that you gain Local system access, a) it is more than just user level stuff - the exploit may occur before the logs are written b) with local system access, you could remove the logs, which you may very well do if you want to keep the exploit hidden for longer.
Give these guys a break, 5 days is pretty damn good given the circumstances. MS do a lot of regression testing, which is much more professional, unlike Apache, who just expect you to be runnning the latest configuration.
But as the report says - its also applicable in situations where you don't actually have physical access - x-rays can travel through various materials, which may be blocking your otherwise 'physical access'. Thus, being able to compromise a system 'remotely' as it were, is of significance.
While I agree with all of that, there is one thing which finding ET may change. Peoples religous beliefs, and theyre thoughts on life etc. Knowing that we're not alone, and that the 'god' thing is basically just a cult gone wrong, could help to end many wars and conflicts. Then again, probably not.
For example, the 3D images are best viewed from 40 centimeters away, Sharp representatives said. Sitting closer or further away results in seeing two overlapping images As with all other 3D attempts, doesn't this kind of defeat the purpose? You pretty much have to view the 3D model from a fixed point, so you may as well just render the image in 2D. How is viewing a "3D" image any better than a 2D representation of a 3D model when you can't rotate your head around the image?
Theres a niche, but probably lucrative market for these things if they know where to look.