The lack of registers on x86 shouldn't slow it down that much. Things that get accessed all the time (like PPC's registers) are going to stay in the on-chip cache where access is fast. Besides, when you write an emulator, you're doing a lot more than just writing something to translate an opcode for one processor into an opcode for another processor. There's a lot more to it than saying r12 = AX.
While I haven't seen the source, my guess is that Connectix just defines some chunk of memory for the x86 registers rather than trying to map them to a range of PPC registers. While it would be POSSIBLE for them to do this, it would be very messy to do in C or C++. You'd have to use special compiler options to keep the compiler from using those registers for other things, and your code would be littered with inline assembly. They could have written the whole thing in assembly language, but that's not too likely either. Realistically, they probably are just using a chunk of memory for the x86 registers and taking the 5% performance hit (or whatever the performance hit would be).
Not that I like spam or anything, but I wonder what percentage of snail mail is junk mail. I'm sure that over 40% of what goes into my mailbox is junk. In fact, just the offers for credit cards alone would be close to 40%. Yet for some reason, the junk mail doesn't bother me nearly as much as spam. I wonder why that is.
It seems to me like they're missing a bigger potential market here. There's probably a lot of parents who would pay a few bucks a month to get an organized report of the kinds of sites their kids are visiting. This is a lot better than using an inaccurate web filter to "protect" your kids from the web. If kids know their parents are going to find out what sites they're visiting, they probably aren't going to look at sites they shouldn't.
Well, there is one big security difference I can think of. Assuming you want to password protect your files, FTP authentication is sent as plaintext so anyone with a sniffer could recover the username and password. With HTTP, you have the option of digest authentication which only sends a MD5 hash of the username, password, and some other unique information.
Of course, since these days most networks use switches instead of hubs, one has to wonder how much of a security risk sniffers are anyway. I guess there's always the possibility of ARP poisoning or some rogue router between the source and destination, but honestly, how likely is that? I guess it just depends on how secure you need your data to be.
...The Colorado Junk E-Mail Law would require companies to pay an annual fee of up to $500 to access the registry.
In Missouri, companies would have free access to the list...
So let me get this straight. For $500 any spammer can get a huge lists of e-mail addresses from Colorado, and Missouri is going to give their list away for free. This might actually be effective if all spam was sent from Missouri and Colorado. But since laws like this can't be applied and enforced globally, the end result will be more spam for people who add their names to the list, not less.
Simple. Because right now they aren't allowed to set their own pricing. In the name of competition, the government is forcing the ILECs to lease their lines out below cost. Think about it. If you were a phone company, why would you invest tons of cash to install new lines if you knew you were going to be forced to lease them out to other companies at a loss? If you want the ILECs to spend cash on fiber to the home, you've got to make sure you give them a way to recoup the costs of the investment and turn a profit.
They don't spin backwards, but the track the main filesystem is written on starts at the outside edge of the disk (normal CD/DVDs are the other way around, for those who didn't know). There is a small track that is written the normal way on xbox DVDs. You can see that track if you throw the DVD in a PC, but the other track where the game is stored can't be read because the drive reaches the end of the small track and thinks that's it. There's nothing in normal DVD drive firmware that tells it to look at the outer edge of the disk for another track.
Of course, this doesn't mean you can't copy the games. It just means you've got to use the xbox's drive to do it since it has firmware that knows how to look for that track on the outer edge of the disk.
Here's how it works. Not all the data on the DVDs have signatures. Only executable code. Basically, there's a 256 byte field in the program header of executables that contain the signature. The kernel is designed so that when a program is loaded into memory, the signature is verified before control is passed to the application. If the kernel determines the executable doesn't have a valid signature, it won't allow the program to execute.
It's not possible to re-use a signature because any change in the code will change the signature. That's the whole point of a signature. Mod chips get around this by replacing the kernel (compressed in the bios) with a patched version of the kernel that skips the signature check. If we knew Microsoft's private key, we could sign our own software. This would allow people to install linux (or pirate games) without using a mod chip.
It might be possible to exploit a bug in the kernel or third party software that would allow us to transfer program control to our unsigned code, but nobody's found one yet. Given Microsoft's track record, I'm sure such a bug exists and will be found soon. With $100,000 up for grabs, there's a heck of a lot of people looking for it.
I've seen several comments posted like this, so I thought I'd point out that this is NOT some off-the-shelf motherboard targeted at the consumer market. This motherboard is a reference design for people who are designing their own platform around their processor. When was the last time you got a full set of schematics with your motherboard (and no, I don't just mean the jumper settings)? If you're a laptop manufacturer, $995 is cheap for a working reference design you can modify a little bit to fit your specific needs.
Re:What desktop users want to know..
on
AMD's 64-bit Plot
·
· Score: 1
You may not need >4Gb of memory today, but you will probably want it sooner than you think. Back in the 80s, the barrier was 640K and that was more than enough memory to run a full-featured word processessor like Word Perfect. I doubt you could even run notepad in 640K now. Bloatware isn't going to end anytime soon. The 1GB of RAM I've got in my system is plenty for the software I run today, but in a year or two, I'm sure I'll be well over the 4GB barrier.
What the paper suggests is that if a router is getting way too many packets to a specific destination address, it will tell the routers upstream to throttle packets to that destination address (drop a certain percentage of them).
How does this really help a DOS attack? The idea behind a DOS attack is to flood a server with so many packets that the server can't keep up and ends up dropping most of the packets. This paper does not provide a solution to this problem. It simply shifts where the packets are being dropped... at a router upstream instead of at the server or router at the edge of the network. The only advantage here is that other servers hanging off the router that aren't being DOSed will be unaffected.
The suggested solution also opens up a potential security hole. If you gained access to a server, it might be possible to send a packet to routers upstream and tell them to throttle bandwidth. This could be a much more effecient way of doing a DOS attack. Now instead of multiple machines on fast connections, all you really need to DOS your favorite website is a 268 and a 300 baud modem.
File storage issues?? Maybe I'm missing something, but why not just create a unique link to a file and delete the link after 48 hours? Duplicating the entire file each time seems like overkill.
I've got one
on
Airborne Mouse
·
· Score: 5, Informative
I bought a gyration mouse and keyboard a few months ago, and they're great. Gyration has been making these for a while now, so I don't really know why it's news.
The mouse does take some getting used to if you're going to use it without a surface. Instead of using it like a normal mouse, it's designed to be held and pointed like a flashlight. Wherever the "flashlight" would shine on the screen, that's where the mouse goes. I must admit, this isn't really practical for most uses outside of things like presentations and such. The best part about these mice isn't the gyroscope feature, it's the wireless range. The model I purchaced is supposed to have a 25ft range, but in practice the real range is closer to 35ft. There's also a 50ft model that's significantly more expensive. These things are great for home theatre PCs. It's really difficult to find an RF wireless mouse and keyboard with a range greater than 6ft.
Sounds like a scam
on
See Ya .su
·
· Score: 3, Insightful
$15,000 is a big chunk of change just for adding an entry to a database. That makes me wonder who's pockets that $15,000 was lining. It doesn't cost $15,000 per registrant to maintain a few servers. It would be interesting to know if anyone is going to see a partial refund of their money when the domain is taken away.
I'd be pretty pissed if someone took away my $20 domain. I can't imagine what I'd do if someone took away a domain I just paid 15 grand for just because a few people in ICANN think.su should be obsolete.
We have rules like this for a reason. Judges already have the ability to express their opinions on a case, but they should do so in court where it will become a part of the public record. Holding press confrences or interviews during a trial subjects the judge to unnecessary exposure to media sources. In an ideal situation, we would want a judge to only hear evidence presented in a court room. Any responsible judge would try to avoid listening to any media coverage of a trial in order to ensure he can render an unbiased verdict. The types of questions asked in an interview could cause a judge to be swayed by the media's bias. Even if a judge isn't influenced by such questions, the fact that he could be casts some doubt on the fairness of the trial, especially when the judge gives hints about the eventual outcome before all the evidence has been presented.
The thread the article mentions can be found here for those that are interested. There's links to pictures of the new Xbox motherboard too. Sounds like all that's needed is a few tweaks to the hacked BIOS image and everyone will be back in business. My bet is that any new protection will be defeated before the new units even appear in stores in North America. Sometimes I wonder why Microsoft even bothers.
Given the downturn in the telecom industry, are there really that many students eager to focus their area of study exclusively on 3G and 4G wireless? Then again, with a little luck, all the overcapacity might be burned off by the time they graduate, so maybe it's not such a bad idea after all.
In college I cooked some hot dogs by putting metal forks in each end of the hot dog and running 120V through it. Hot dogs have just enough conductivity so that this works well.
I've also cooked hot dogs using 1000W heat guns for heat-shrink tubing. Not as much fun as using 120V, but still very effective.
Itanium has a far better archetecture than current x86 designs because Intel is breaking compatibility with its old CISC instruction set. However, I doubt this processor line will ever become mainstream. It probably has a place in the server market, but there's a lot of people who aren't going to buy a processor that won't run x86 stuff at full speed. The Alpha taught us that lesson.
Alpha was a great processor design, far superior to all the x86 stuff. There was even a version of NT for it, but it never gained widespread acceptance.
AMD has the right idea. Extend the old CISC instruction set even if it is a bad design. People have too much money invested in software to throw it away for new "Itanium-optimized" versions (assuming they're available).
Regulating encryption will do nothing to stop criminals from using it. There is a TON of information on the internet about strong encryption. Anyone with basic programming skills and an understanding of mathematics should be able to implement any of the most popular encryption algorithms.
Even if you make transmitting encrypted communication illegal, it's not going to stop criminals. Hiding cyphertext is just too easy. For example, take a 16-bit wave file and use the least significant bit of each sample for your cyphertext. Assuming your cyphertext doesn't have any header data, it will be virtually undetectable. The only thing someone might notice is some very low level white noise in the background that could be attributed to anything.
Similar things can be done with jpegs, mpegs, and a host of other file formats. If government officials had a better understanding of the technology, they wouldn't waste our time with laws that only hurt law abiding citizens and do nothing to curtail crime.
I remember a bug in format.com that would let you make a disk unreadable. If you have access to an old dos machine, try putting a floppy in the drive and typing this:
format a:/select/u
The/select is an undocumented option that causes format to write unformatting information to the disk. The/u option means do an unconditional format without storing and unformatting information. If you use them both together, sector 0 gets overwritten with 0xF6 and you can't read the disk.
In college, this was fun to use at the end of the quarter back when everybody was finishing up their term papers (back in the days when people still used floppies.)
This sort of thing really shouldn't be much of a suprise at a company like Lucent. Since the telecom winter started, they've slashed half of their workforce, and have been closing facilities right and left. You can bet that any research project that wasn't getting results got cut. This puts a lot of pressure on the researchers, and some will inevitably be willing to falsefy data in order to keep their jobs.
I'd be skeptical of any research done by Lucent in the last year, or at any other company with such serious financial problems.
Re:Many programmers do this anyway.
on
Agile Modeling
·
· Score: 1
UML modeling seems like a good idea, but often I've found that the tools for it are lacking. My experience with Rational Rose has left a lot to be desired. Many of the useful features like code generation aren't nearly as useful when the generated code doesn't work well with your compiler. In addition, the lack of a good way to represent many common data structures like structs and unions often cause developers to insert things in the UML model that don't make much sense just for the sake of generating the code they want.
UML has a lot of potential, but in my experience, the tools for it still have a long way to go.
Slashdot Mirror
While I haven't seen the source, my guess is that Connectix just defines some chunk of memory for the x86 registers rather than trying to map them to a range of PPC registers. While it would be POSSIBLE for them to do this, it would be very messy to do in C or C++. You'd have to use special compiler options to keep the compiler from using those registers for other things, and your code would be littered with inline assembly. They could have written the whole thing in assembly language, but that's not too likely either. Realistically, they probably are just using a chunk of memory for the x86 registers and taking the 5% performance hit (or whatever the performance hit would be).
Not that I like spam or anything, but I wonder what percentage of snail mail is junk mail. I'm sure that over 40% of what goes into my mailbox is junk. In fact, just the offers for credit cards alone would be close to 40%. Yet for some reason, the junk mail doesn't bother me nearly as much as spam. I wonder why that is.
It seems to me like they're missing a bigger potential market here. There's probably a lot of parents who would pay a few bucks a month to get an organized report of the kinds of sites their kids are visiting. This is a lot better than using an inaccurate web filter to "protect" your kids from the web. If kids know their parents are going to find out what sites they're visiting, they probably aren't going to look at sites they shouldn't.
No way. There's too much prior art.
Of course, since these days most networks use switches instead of hubs, one has to wonder how much of a security risk sniffers are anyway. I guess there's always the possibility of ARP poisoning or some rogue router between the source and destination, but honestly, how likely is that? I guess it just depends on how secure you need your data to be.
So let me get this straight. For $500 any spammer can get a huge lists of e-mail addresses from Colorado, and Missouri is going to give their list away for free. This might actually be effective if all spam was sent from Missouri and Colorado. But since laws like this can't be applied and enforced globally, the end result will be more spam for people who add their names to the list, not less.
Simple. Because right now they aren't allowed to set their own pricing. In the name of competition, the government is forcing the ILECs to lease their lines out below cost. Think about it. If you were a phone company, why would you invest tons of cash to install new lines if you knew you were going to be forced to lease them out to other companies at a loss? If you want the ILECs to spend cash on fiber to the home, you've got to make sure you give them a way to recoup the costs of the investment and turn a profit.
Of course, this doesn't mean you can't copy the games. It just means you've got to use the xbox's drive to do it since it has firmware that knows how to look for that track on the outer edge of the disk.
It's not possible to re-use a signature because any change in the code will change the signature. That's the whole point of a signature. Mod chips get around this by replacing the kernel (compressed in the bios) with a patched version of the kernel that skips the signature check. If we knew Microsoft's private key, we could sign our own software. This would allow people to install linux (or pirate games) without using a mod chip.
It might be possible to exploit a bug in the kernel or third party software that would allow us to transfer program control to our unsigned code, but nobody's found one yet. Given Microsoft's track record, I'm sure such a bug exists and will be found soon. With $100,000 up for grabs, there's a heck of a lot of people looking for it.
I've seen several comments posted like this, so I thought I'd point out that this is NOT some off-the-shelf motherboard targeted at the consumer market. This motherboard is a reference design for people who are designing their own platform around their processor. When was the last time you got a full set of schematics with your motherboard (and no, I don't just mean the jumper settings)? If you're a laptop manufacturer, $995 is cheap for a working reference design you can modify a little bit to fit your specific needs.
You may not need >4Gb of memory today, but you will probably want it sooner than you think. Back in the 80s, the barrier was 640K and that was more than enough memory to run a full-featured word processessor like Word Perfect. I doubt you could even run notepad in 640K now. Bloatware isn't going to end anytime soon. The 1GB of RAM I've got in my system is plenty for the software I run today, but in a year or two, I'm sure I'll be well over the 4GB barrier.
How does this really help a DOS attack? The idea behind a DOS attack is to flood a server with so many packets that the server can't keep up and ends up dropping most of the packets. This paper does not provide a solution to this problem. It simply shifts where the packets are being dropped... at a router upstream instead of at the server or router at the edge of the network. The only advantage here is that other servers hanging off the router that aren't being DOSed will be unaffected.
The suggested solution also opens up a potential security hole. If you gained access to a server, it might be possible to send a packet to routers upstream and tell them to throttle bandwidth. This could be a much more effecient way of doing a DOS attack. Now instead of multiple machines on fast connections, all you really need to DOS your favorite website is a 268 and a 300 baud modem.
File storage issues?? Maybe I'm missing something, but why not just create a unique link to a file and delete the link after 48 hours? Duplicating the entire file each time seems like overkill.
The mouse does take some getting used to if you're going to use it without a surface. Instead of using it like a normal mouse, it's designed to be held and pointed like a flashlight. Wherever the "flashlight" would shine on the screen, that's where the mouse goes. I must admit, this isn't really practical for most uses outside of things like presentations and such. The best part about these mice isn't the gyroscope feature, it's the wireless range. The model I purchaced is supposed to have a 25ft range, but in practice the real range is closer to 35ft. There's also a 50ft model that's significantly more expensive. These things are great for home theatre PCs. It's really difficult to find an RF wireless mouse and keyboard with a range greater than 6ft.
I'd be pretty pissed if someone took away my $20 domain. I can't imagine what I'd do if someone took away a domain I just paid 15 grand for just because a few people in ICANN think .su should be obsolete.
We have rules like this for a reason. Judges already have the ability to express their opinions on a case, but they should do so in court where it will become a part of the public record. Holding press confrences or interviews during a trial subjects the judge to unnecessary exposure to media sources. In an ideal situation, we would want a judge to only hear evidence presented in a court room. Any responsible judge would try to avoid listening to any media coverage of a trial in order to ensure he can render an unbiased verdict. The types of questions asked in an interview could cause a judge to be swayed by the media's bias. Even if a judge isn't influenced by such questions, the fact that he could be casts some doubt on the fairness of the trial, especially when the judge gives hints about the eventual outcome before all the evidence has been presented.
I wonder how they feel about the bandwidth eaten up by a good old fashioned slashdotting.
The thread the article mentions can be found here for those that are interested. There's links to pictures of the new Xbox motherboard too. Sounds like all that's needed is a few tweaks to the hacked BIOS image and everyone will be back in business. My bet is that any new protection will be defeated before the new units even appear in stores in North America. Sometimes I wonder why Microsoft even bothers.
I've also cooked hot dogs using 1000W heat guns for heat-shrink tubing. Not as much fun as using 120V, but still very effective.
AMD has the right idea. Extend the old CISC instruction set even if it is a bad design. People have too much money invested in software to throw it away for new "Itanium-optimized" versions (assuming they're available).
Even if you make transmitting encrypted communication illegal, it's not going to stop criminals. Hiding cyphertext is just too easy. For example, take a 16-bit wave file and use the least significant bit of each sample for your cyphertext. Assuming your cyphertext doesn't have any header data, it will be virtually undetectable. The only thing someone might notice is some very low level white noise in the background that could be attributed to anything.
Similar things can be done with jpegs, mpegs, and a host of other file formats. If government officials had a better understanding of the technology, they wouldn't waste our time with laws that only hurt law abiding citizens and do nothing to curtail crime.
format a: /select /u
The /select is an undocumented option that causes format to write unformatting information to the disk. The /u option means do an unconditional format without storing and unformatting information. If you use them both together, sector 0 gets overwritten with 0xF6 and you can't read the disk.
In college, this was fun to use at the end of the quarter back when everybody was finishing up their term papers (back in the days when people still used floppies.)
I'd be skeptical of any research done by Lucent in the last year, or at any other company with such serious financial problems.
UML modeling seems like a good idea, but often I've found that the tools for it are lacking. My experience with Rational Rose has left a lot to be desired. Many of the useful features like code generation aren't nearly as useful when the generated code doesn't work well with your compiler. In addition, the lack of a good way to represent many common data structures like structs and unions often cause developers to insert things in the UML model that don't make much sense just for the sake of generating the code they want. UML has a lot of potential, but in my experience, the tools for it still have a long way to go.