Spectre is a red herring - there is no known way it can be exploited.
Google has exploited it. Look at Google Project Zero's write-up of these bugs. Spectre corresponds to "Variant 1 and Variant 2" in that blog post. You'll see that they successfuly exploit both, the second from a KVM guest.
It is true that Google cheat a little here, by using Linux's eBPF JIT engine (which, I hear, is normally disabled by default). From the blog post:
To be able to actually use this behavior for an attack, an attacker needs to be able to cause the execution of such a vulnerable code pattern in the targeted context with an out-of-bounds index. For this, the vulnerable code pattern must either be present in existing code, or there must be an interpreter or JIT engine that can be used to generate the vulnerable code pattern. So far, we have not actually identified any existing, exploitable instances of the vulnerable code pattern; the PoC for leaking kernel memory using variant 1 uses the eBPF interpreter or the eBPF JIT engine, which are built into the kernel and accessible to normal users.
Processors give the illusion of a sequence of instructions executed
one-by-one. However, in order to most efficiently use cpu resources,
modern superscalar processors actually begin executing many
instructions in parallel. In cases where instructions depend on the
result of previous instructions or checks which have not yet
completed, execution happens based on guesses about what the outcome
will be. If the guess is correct, execution has been sped up. If the
guess is incorrect, partially-executed instructions are cancelled and
architectural state changes (to registers, memory, and so on)
reverted; but the whole process is no slower than if no guess had been
made at all. This is sometimes called "speculative execution".
Unfortunately, although architectural state is rolled back, there are
other side effects, such as changes to TLB or cache state, which are
not rolled back. These side effects can subsequently be detected by
an attacker to determine information about what happened during the
speculative execution phase. If an attacker can cause speculative
execution to access sensitive memory areas, they may be able to infer
what that sensitive memory contained.
Furthermore, these guesses can often be 'poisoned', such that attacker
can cause logic to reliably 'guess' the way the attacker chooses.
This advisory discusses three ways to cause speculative execution to
access sensitive memory areas (named here according to the
discoverer's naming scheme):
SP1, "Bounds-check bypass": Poison the branch predictor, such that
operating system or hypervisor code is speculatively executed past
boundary and security checks. This would allow an attacker to, for
instance, cause speculative code in the normal hypercall / emulation
path to execute with wild array indexes.
SP2, "Branch Target Injection": Poison the branch predictor.
Well-abstracted code often involves calling function pointers via
indirect branches; reading these function pointers may involve a
(slow) memory access, so the CPU attempts to guess where indirect
branches will lead. Poisoning this enables an attacker to
speculatively branch to any code that exists in the hypervisor.
SP3, "Rogue Data Load": On some processors, certain pagetable
permission checks only happen when the instruction is retired;
effectively meaning that speculative execution is not subject to
pagetable permission checks. On such processors, an attacker can
speculatively execute arbitrary code in userspace with, effectively,
the highest privilege level.
AMD processors are not subject to the types of attacks that the kernel
page table isolation feature protects against. The AMD microarchitecture
does not allow memory references, including speculative references, that
access higher privileged data when running in a lesser privileged mode
when that access would result in a page fault.
BTB it is almost certainly this email, sent on 26 December, which led to the Meltdown vulnerability being made public, causing the disclosure timeline to be moved up.
It was obvious then and it's obvious now. There's a great deal of social expense surrounding bogus patents, infringement, and patent trolls.
The patent office makes money from granting patents. If, when a patent was overturned in court, the office had to pay back four times the patent fee, there'd be an incentive to grant patents less than 25% likely to be overturned.
Exposed within the repository are massive data sets belonging to Alteryx partner Experian, the consumer credit reporting agency, as well as the US Census Bureau, providing data sets from both Experian and the 2010 US Census.
So Alteryx got data from a credit bureau and screwed it up. This should at least open them up to a massive lawsuit from Experian for breach of contract.
A good friend of mine insists on being Republican and I ask why he says "I'm gonna change it from the inside".
Well in some areas of the country, the probability of a Democrat winning are close to zero. So the real election actually happens at the primary, when the Republican candidate is chosen. But because people don't think of these as the real election, or even an important one, it's an easy target for extremists to hijack -- and therefore, an important place for moderates to defend.
If in "red" districts, everyone voted for a moderate Republican in the primares, I think we'd be in a lot less of a mess.
I would have thought the same thing, but when I recently actually looked at rent vs mortgage in my area, mortgage did in fact turn out to be cheaper.
Remember that there's a barrier to entry to getting a mortgage. Lots of people are never going to be able to save up 25% for a downpayment to get the most preferential mortgage rates (which is what would be required to have decent mortgage payments). (Yet another way it's expensive to be poor.) Additionally, if you're living in a really transitional area, it may be more cost-effective to rent for 2-3 years than to buy, even if you could afford the downpayment.
Well it shouldn't be accepted as fact. Ideally the courts would instruct the jury to treat the software's output as similar to a human being saying, "This is my expert opinion." You can submit your own software's "opinion" as evidence as much as you can get your own expert human to testify on your behalf.
It is true that you can't cross-examine it; but ideally, that should make the software less reliable. If you had an expert who, upon cross-examination, always responded, "I don't know, it just seems that way", then he wouldn't have much credibility. Ideally, software that can't justify its "opinion" should be treated the same way.
I have said "ideally" here several times, recognizing that it may well be the case that this isn't how people actually think. But I think a more constructive response to this misplaced trust is to help inform courts and defense lawyers more clearly (who should in turn inform the juries).
A lot of expert witness testimony comes down to a judgement call -- "In your opinion, as someone who has been working in this field for 20 years, how confident are you that these signatures / bullet marks / fingerprints / DNA match?" That's the result of an algorithm that you can't examine either, and has at least as much opportunity for being corrupted by unconscious prejudice or outright bribery as a piece of software.
The more preconditions there are the more likely the issue wasn't organic.
That may sound plausible if you've never looked at security issues; but if you actually look at the bugs behind security issues in more depth, it becomes obvious that such "lots of conditions need to be met" is pretty natural.
In a well-reviewed and well-tested project (as Golang's math library certainly is), the "obvious stupid" bugs were caught and fixed in review or testing. So the kinds of bugs that manage to slip past this filter are the bugs that are about the quirky corner cases: An if() statement that checks for a highly unusual error condition but then does the wrong thing when it happens, or that does the right thing the unusual case A, or unusual case B, but doesn't do the right thing in the extremely rare case they happen at the same time. The bugs in these cases are usually very much the kind of "oops, forgot about that" mistake that you can totally see yourself making.
That's not proof, of course, that the bugs weren't put there on purpose; "underhanded" programming is a thing. It just means that the number of preconditions doesn't give you information one way or the other about whether it was intentional or not.
“All of our observations find a complete symmetry between matter and antimatter, which is why the universe should not actually exist,” says Christian Smorra, a physicist at CERN’s Baryon–Antibaryon Symmetry Experiment (BASE) collaboration. “An asymmetry must exist here somewhere but we simply do not understand where the difference is.”
One of the physicists from CERN actually said the words, "the universe should not actually exist", which is why so many of the headlines say exactly the same thing. I don't see anything dishonest about either what CERN or the media said.
Completely offtopic -- I was actually on-site at CERN last week and took a picture of myself outside the "Antimatter Factory" building, where they do the kind of research described in the article. Cool stuff.
It is a boring video though, not a good advert for the book. After 10 minutes I tried to hold down RUN STOP and hit RESTORE.
It is a bit unstructured (as one would expect from an informal chat after beers); but I think it's only boring if you're more interested in technical stuff than in business stuff. But basically, the short answer to why Commodore / Amiga failed (according to him) was poor, and sometimes deliberately malicious, business decisions. That's actually true for most businesses -- Microsoft wasn't bad technically, but they got where they were in the mid-90's in large part because of Bill Gates' ruthless business instincts.
If there's a lesson to be learned for geeks, it's that the business / strategic side of things matters at least as much as the technical side; and that if you want your project / company / technology to succeed, you need people that are good at both.
I think the idea is, if it's something obvious like, "Where were you last night?" "I was visiting my parents in Devon." That might be something you were reasonably expected to mention. The problem is when you get to things you might not want to mention: "I was with my neighbor's wife", or "I was cooking crystal meth" (which is bad but not as bad as murdering someone). Are those things that you might "reasonbly be expected to mention"?
I would hope that if when arrested I said, "I'd like to speak to a lawyer first", and then gave a statement immediately afterwards, that if asked in court, "Why didn't you mention this when you were arrested?", a jury would buy "I'm from the US and that's what you do in the US: You never say anything until you talk to a lawyer." But it would certainly be better if that were the law.
Don't explain, don't offer reasons or excuses, just shut the hell up and get a lawyer.
That might be the best advice in the US, where they're not allowed to hold your silence against you. But in the UK, where Marcus is from, that's not necessarily the best advice; and they tell you when they're arresting you (paraphrasing), "You don't have to say anything now, but it if you don't, it may harm your case later if your defense depends on answers to the questions we're asking."
2) good people have to pay for everyone healthcare and uncaring people can keep their money.
You missed an important point: Even those uncaring people benefit from the people around them being healthy. Helping people not to die in the streets isn't just entertainment for good people that has no benefit whatsoever for uncaring people; it benefits uncaring people too. It is a non-excludable good, like national defense or clean air.
Well that particular rule wasn't so much about the poor; I meant other ones, like Deuteronomy 23:24-25, which says you can walk onto anyone's land and eat whatever crops you want, as long as you don't use a basket or tools. (Matthew 12:1 demonstrates Jesus' disciples taking advantage of this rule.)
I would think it would favor whoever had the land first. So established families formed from concentration of heirs would end up being the rich and powerful.
That's an interesting point. I'm a bit less interested in the actual effect than the intention behind it. When they first showed up in Israel, there was already hundreds of thousands of them (maybe close to a million? I forget), and there was a big to-do about dividing things up evenly; so at some point there were nearly a million people each with their own little plot. Secondly, normally women didn't inherit property, unless their father had no sons; so it was highly unusual to be able to 'combine' two estates by marriage. Finally, the tradition was that if you had N sons, you'd divide your property N+1 ways, and give two shares to the first son, and one share to everyone else.
So it seems to me like the "revert to the original owner" rule was part of a whole system designed to counteract the "concentration of ownership" effect and make sure all citizens had a "portion" of land they could call their own. But I could well be wrong. And in any case, I don't think there's any mention of this "revert to the original owner" event actually happening, so it may have been little more than good intentions.
It also strikes me as being strongly anti-foreigner, as they'd not be able to own property in the long run until they've been so thoroughly absorbed as to be indistinguishable.
That's certainly true. There were a lot of exhortations not to oppress "the foreigner among you", but I don't think they were apologetic about favoring citizens over immigrants.
The problem with accumulated wealth goes back to the first recorded Democracy and ideas recorded in Plato's "The Republic".
It goes further back than that. Way back when Moses set up the first nation of Israel, it was legally impossible to permanently sell land: every 50 years, there was a "reset" event that made all property go back to its original owners or their legal heirs. The effect was that you didn't really sell your land, so much as lease it to somebody for some period of time. The obvious purpose of this was specifically to prevent the accumulation of wealth in the hands of a small number of people.
Most conservatives would be pretty shocked if they knew the anti-rich and pro-poor provisions the Bible contains.
I found a bug in the website of a company I wanted to order tiles from; but because of the vagaries of the website, I wasn't actually sure it was a bug until I'd placed the order and had it delivered at a 90+% discount.
Normally their prices were placed in £ per square meter, but they sold individual "sample" tiles for a reduced price. In this case I'd ordered a number of sample tiles and then decided the one I wanted. Rather than go through the website and search for the name again, I went to the "My orders" section of the page and clicked the tile I had decided to order. Conveniently, they had a "Order more" button on that page, so I clicked it.
Now, the price per square meter was £30, and the price of a single sample tile was £2.50. When I clicked "Order more", my basket showed a single number ("1") with a unit price of £2.50 -- but no description of what the unit was. I changed the count to 18 (the number of square meters I wanted) and clicked "Update price", and it was set to £45. But was I ordering 18 individual sample tiles for £45 (which would also have been a bug -- you're only supposed to be able to order one at a time), or 18 square meters of tiles? And anyway, surely some check at the other end would stop it if it really were a mistake, right?
Nope. Three days later a palate containing 18 square meters of tiles showed up -- £720 of goods for £45 + shipping.
I was at that point genuinely torn between wanting to DTRT and being afraid of this sort of reaction described in this article. I did write them an email, spinning the whole thing as an accident, and they simply asked me to pay the difference up to the actual price of the tiles, with a 15% discount.
Being well into adulthood rather than a teenager probably helped; as well (probably) as being an actual customer who was purchasing their product, rather than someone clearly identifying themselves as trying to break in to their systems.
Hope they got their website fixed -- the company overall is a good company, and I'd be sad to see them lose money because they were good at tiles and bad at javascript.
Also, there's plenty of software out there that is freer than the GPL license. For example, FreeBSD.
You probably know you're spreading misinformation here, but I'll respond just for the record. "Freedom" for some people to do some things necessarily implies removing freedom of other people to do other things. For a set of laws to be "more free" than another, it must protect the freedom of a larger number of people. A country which allows "honor killings", or permits discrimination based on race or sexual orientation, is significantly less free than a society which forbids those. By restricting the freedom of people who want to do honor killings, you increase the freedom of all the women who would have been intimidated into conformity.
"Software freedom" is about protecting what users of software can do. BSD licenses allow companies to add proprietary extensions and re-sell the software as proprietary, reducing the freedom of all of the people who use the modified software; the GPL requires all extensions to also be GPL'ed, protecting the freedom of the people who use the modified software. The end result is that by restricting the freedom of a few, it increases the freedom of the many.
I don't care what license you use in code that you write. But BSD licenses are absolutely less free than GPL licenses.
English is semi-tonal too. There are tons of words where the emphasis completely changes the meaning of the word -- sometimes just the part of speech (proGRESS = verb, PROgress = noun), but sometimes to a completely different meaning (duh-ZERT = tasty to eat, DEZ-ert = lots of sand). When someone speaks with no emphasis on their words -- or worse yet, with the wrong emphasis -- you have a hard time understanding what they're saying but you can generally make it out. Same thing with Mandarin.
You're right, that as long as Chinese insist on using Chinese characters it will never become a world language. But as a spoken language, Mandarin is a lot simpler than English; and if they ever go wholesale into pinyin-only, I think it has a decent shot of overtaking English as a trade language.
Which raises the age-old question: Has Qubes been written by competent developers?
What's really rich about that question is that if you read their advisory, the Qubes developers couldn't figure out how to exploit the vulnerability when handed a patch that changes the problematic behavior. If not spotting the issue without having it handed to them makes the Xen developers incompetent, what does that say about the Qubes developers?
The fact is, though, that the vulnerability is actually quite hard to spot. It's not surprising at all that experienced security researchers would fail to spot it even when given a pretty big clue; much less that the initial developers would fail to spot it.
After a recent debacle where Symantec apparently didn't get the proof-of-concept exploit sent to them by a security researcher because the mail filter automatically opened the document and crashed, I friend of mine joked that antivirus software was actually a tool to "automatically click on attachments for you".
Is the Rust language low level enough to know what the machine code will be produced from the language at a glance?
You apparently haven't looked at the output of C compilers recently. The output is less and less predictable from looking at the C code.
The biggest issue with C at the moment isn't actually bounds-checking (although that would be nice) -- it's the fact that it's a minefield of constructs which look perfectly sensible but are in fact "undefined", in which case the compiler is authorized to do absolutely anything it wants. For instance, the C standard explicitly states that all pointers point to valid memory, and that having a pointer that points into non-valid memory is "undefined". This means on super-high-performance loops the compiler can make simplifying assumptions to get 5% speed increases; but it also makes it very difficult to write security checks that the complier won't just optimize out without telling you.
Slashdot Mirror
They were able to read the entirety of host RAM from inside a KVM VM.
You seem to have a very strange definition of "security risk".
Google has exploited it. Look at Google Project Zero's write-up of these bugs. Spectre corresponds to "Variant 1 and Variant 2" in that blog post. You'll see that they successfuly exploit both, the second from a KVM guest.
It is true that Google cheat a little here, by using Linux's eBPF JIT engine (which, I hear, is normally disabled by default). From the blog post:
There's a pretty good summary in the XenProject Security Advisory:
The "some processors" for SP3 means Intel.
AMD seem to think they're not affected by Meltdown:
BTB it is almost certainly this email, sent on 26 December, which led to the Meltdown vulnerability being made public, causing the disclosure timeline to be moved up.
The patent office makes money from granting patents. If, when a patent was overturned in court, the office had to pay back four times the patent fee, there'd be an incentive to grant patents less than 25% likely to be overturned.
From the first paragraph of TFA:
So Alteryx got data from a credit bureau and screwed it up. This should at least open them up to a massive lawsuit from Experian for breach of contract.
Well in some areas of the country, the probability of a Democrat winning are close to zero. So the real election actually happens at the primary, when the Republican candidate is chosen. But because people don't think of these as the real election, or even an important one, it's an easy target for extremists to hijack -- and therefore, an important place for moderates to defend.
If in "red" districts, everyone voted for a moderate Republican in the primares, I think we'd be in a lot less of a mess.
I would have thought the same thing, but when I recently actually looked at rent vs mortgage in my area, mortgage did in fact turn out to be cheaper.
Remember that there's a barrier to entry to getting a mortgage. Lots of people are never going to be able to save up 25% for a downpayment to get the most preferential mortgage rates (which is what would be required to have decent mortgage payments). (Yet another way it's expensive to be poor.) Additionally, if you're living in a really transitional area, it may be more cost-effective to rent for 2-3 years than to buy, even if you could afford the downpayment.
Well it shouldn't be accepted as fact. Ideally the courts would instruct the jury to treat the software's output as similar to a human being saying, "This is my expert opinion." You can submit your own software's "opinion" as evidence as much as you can get your own expert human to testify on your behalf.
It is true that you can't cross-examine it; but ideally, that should make the software less reliable. If you had an expert who, upon cross-examination, always responded, "I don't know, it just seems that way", then he wouldn't have much credibility. Ideally, software that can't justify its "opinion" should be treated the same way.
I have said "ideally" here several times, recognizing that it may well be the case that this isn't how people actually think. But I think a more constructive response to this misplaced trust is to help inform courts and defense lawyers more clearly (who should in turn inform the juries).
A lot of expert witness testimony comes down to a judgement call -- "In your opinion, as someone who has been working in this field for 20 years, how confident are you that these signatures / bullet marks / fingerprints / DNA match?" That's the result of an algorithm that you can't examine either, and has at least as much opportunity for being corrupted by unconscious prejudice or outright bribery as a piece of software.
That may sound plausible if you've never looked at security issues; but if you actually look at the bugs behind security issues in more depth, it becomes obvious that such "lots of conditions need to be met" is pretty natural.
In a well-reviewed and well-tested project (as Golang's math library certainly is), the "obvious stupid" bugs were caught and fixed in review or testing. So the kinds of bugs that manage to slip past this filter are the bugs that are about the quirky corner cases: An if() statement that checks for a highly unusual error condition but then does the wrong thing when it happens, or that does the right thing the unusual case A, or unusual case B, but doesn't do the right thing in the extremely rare case they happen at the same time. The bugs in these cases are usually very much the kind of "oops, forgot about that" mistake that you can totally see yourself making.
That's not proof, of course, that the bugs weren't put there on purpose; "underhanded" programming is a thing. It just means that the number of preconditions doesn't give you information one way or the other about whether it was intentional or not.
One of the physicists from CERN actually said the words, "the universe should not actually exist", which is why so many of the headlines say exactly the same thing. I don't see anything dishonest about either what CERN or the media said.
Completely offtopic -- I was actually on-site at CERN last week and took a picture of myself outside the "Antimatter Factory" building, where they do the kind of research described in the article. Cool stuff.
It is a bit unstructured (as one would expect from an informal chat after beers); but I think it's only boring if you're more interested in technical stuff than in business stuff. But basically, the short answer to why Commodore / Amiga failed (according to him) was poor, and sometimes deliberately malicious, business decisions. That's actually true for most businesses -- Microsoft wasn't bad technically, but they got where they were in the mid-90's in large part because of Bill Gates' ruthless business instincts.
If there's a lesson to be learned for geeks, it's that the business / strategic side of things matters at least as much as the technical side; and that if you want your project / company / technology to succeed, you need people that are good at both.
I think the idea is, if it's something obvious like, "Where were you last night?" "I was visiting my parents in Devon." That might be something you were reasonably expected to mention. The problem is when you get to things you might not want to mention: "I was with my neighbor's wife", or "I was cooking crystal meth" (which is bad but not as bad as murdering someone). Are those things that you might "reasonbly be expected to mention"?
I would hope that if when arrested I said, "I'd like to speak to a lawyer first", and then gave a statement immediately afterwards, that if asked in court, "Why didn't you mention this when you were arrested?", a jury would buy "I'm from the US and that's what you do in the US: You never say anything until you talk to a lawyer." But it would certainly be better if that were the law.
That might be the best advice in the US, where they're not allowed to hold your silence against you. But in the UK, where Marcus is from, that's not necessarily the best advice; and they tell you when they're arresting you (paraphrasing), "You don't have to say anything now, but it if you don't, it may harm your case later if your defense depends on answers to the questions we're asking."
You missed an important point: Even those uncaring people benefit from the people around them being healthy. Helping people not to die in the streets isn't just entertainment for good people that has no benefit whatsoever for uncaring people; it benefits uncaring people too. It is a non-excludable good, like national defense or clean air.
Well that particular rule wasn't so much about the poor; I meant other ones, like Deuteronomy 23:24-25, which says you can walk onto anyone's land and eat whatever crops you want, as long as you don't use a basket or tools. (Matthew 12:1 demonstrates Jesus' disciples taking advantage of this rule.)
That's an interesting point. I'm a bit less interested in the actual effect than the intention behind it. When they first showed up in Israel, there was already hundreds of thousands of them (maybe close to a million? I forget), and there was a big to-do about dividing things up evenly; so at some point there were nearly a million people each with their own little plot. Secondly, normally women didn't inherit property, unless their father had no sons; so it was highly unusual to be able to 'combine' two estates by marriage. Finally, the tradition was that if you had N sons, you'd divide your property N+1 ways, and give two shares to the first son, and one share to everyone else.
So it seems to me like the "revert to the original owner" rule was part of a whole system designed to counteract the "concentration of ownership" effect and make sure all citizens had a "portion" of land they could call their own. But I could well be wrong. And in any case, I don't think there's any mention of this "revert to the original owner" event actually happening, so it may have been little more than good intentions.
That's certainly true. There were a lot of exhortations not to oppress "the foreigner among you", but I don't think they were apologetic about favoring citizens over immigrants.
It goes further back than that. Way back when Moses set up the first nation of Israel, it was legally impossible to permanently sell land: every 50 years, there was a "reset" event that made all property go back to its original owners or their legal heirs. The effect was that you didn't really sell your land, so much as lease it to somebody for some period of time. The obvious purpose of this was specifically to prevent the accumulation of wealth in the hands of a small number of people.
Most conservatives would be pretty shocked if they knew the anti-rich and pro-poor provisions the Bible contains.
I found a bug in the website of a company I wanted to order tiles from; but because of the vagaries of the website, I wasn't actually sure it was a bug until I'd placed the order and had it delivered at a 90+% discount.
Normally their prices were placed in £ per square meter, but they sold individual "sample" tiles for a reduced price. In this case I'd ordered a number of sample tiles and then decided the one I wanted. Rather than go through the website and search for the name again, I went to the "My orders" section of the page and clicked the tile I had decided to order. Conveniently, they had a "Order more" button on that page, so I clicked it.
Now, the price per square meter was £30, and the price of a single sample tile was £2.50. When I clicked "Order more", my basket showed a single number ("1") with a unit price of £2.50 -- but no description of what the unit was. I changed the count to 18 (the number of square meters I wanted) and clicked "Update price", and it was set to £45. But was I ordering 18 individual sample tiles for £45 (which would also have been a bug -- you're only supposed to be able to order one at a time), or 18 square meters of tiles? And anyway, surely some check at the other end would stop it if it really were a mistake, right?
Nope. Three days later a palate containing 18 square meters of tiles showed up -- £720 of goods for £45 + shipping.
I was at that point genuinely torn between wanting to DTRT and being afraid of this sort of reaction described in this article. I did write them an email, spinning the whole thing as an accident, and they simply asked me to pay the difference up to the actual price of the tiles, with a 15% discount.
Being well into adulthood rather than a teenager probably helped; as well (probably) as being an actual customer who was purchasing their product, rather than someone clearly identifying themselves as trying to break in to their systems.
Hope they got their website fixed -- the company overall is a good company, and I'd be sad to see them lose money because they were good at tiles and bad at javascript.
You probably know you're spreading misinformation here, but I'll respond just for the record. "Freedom" for some people to do some things necessarily implies removing freedom of other people to do other things. For a set of laws to be "more free" than another, it must protect the freedom of a larger number of people. A country which allows "honor killings", or permits discrimination based on race or sexual orientation, is significantly less free than a society which forbids those. By restricting the freedom of people who want to do honor killings, you increase the freedom of all the women who would have been intimidated into conformity.
"Software freedom" is about protecting what users of software can do. BSD licenses allow companies to add proprietary extensions and re-sell the software as proprietary, reducing the freedom of all of the people who use the modified software; the GPL requires all extensions to also be GPL'ed, protecting the freedom of the people who use the modified software. The end result is that by restricting the freedom of a few, it increases the freedom of the many.
I don't care what license you use in code that you write. But BSD licenses are absolutely less free than GPL licenses.
English is semi-tonal too. There are tons of words where the emphasis completely changes the meaning of the word -- sometimes just the part of speech (proGRESS = verb, PROgress = noun), but sometimes to a completely different meaning (duh-ZERT = tasty to eat, DEZ-ert = lots of sand). When someone speaks with no emphasis on their words -- or worse yet, with the wrong emphasis -- you have a hard time understanding what they're saying but you can generally make it out. Same thing with Mandarin.
You're right, that as long as Chinese insist on using Chinese characters it will never become a world language. But as a spoken language, Mandarin is a lot simpler than English; and if they ever go wholesale into pinyin-only, I think it has a decent shot of overtaking English as a trade language.
The first link is a description of XSA-148, which was published last October, not XSA-182.
What's really rich about that question is that if you read their advisory, the Qubes developers couldn't figure out how to exploit the vulnerability when handed a patch that changes the problematic behavior. If not spotting the issue without having it handed to them makes the Xen developers incompetent, what does that say about the Qubes developers?
The fact is, though, that the vulnerability is actually quite hard to spot. It's not surprising at all that experienced security researchers would fail to spot it even when given a pretty big clue; much less that the initial developers would fail to spot it.
After a recent debacle where Symantec apparently didn't get the proof-of-concept exploit sent to them by a security researcher because the mail filter automatically opened the document and crashed, I friend of mine joked that antivirus software was actually a tool to "automatically click on attachments for you".
You apparently haven't looked at the output of C compilers recently. The output is less and less predictable from looking at the C code.
The biggest issue with C at the moment isn't actually bounds-checking (although that would be nice) -- it's the fact that it's a minefield of constructs which look perfectly sensible but are in fact "undefined", in which case the compiler is authorized to do absolutely anything it wants. For instance, the C standard explicitly states that all pointers point to valid memory, and that having a pointer that points into non-valid memory is "undefined". This means on super-high-performance loops the compiler can make simplifying assumptions to get 5% speed increases; but it also makes it very difficult to write security checks that the complier won't just optimize out without telling you.