I'm assuming these things happen because the USB device drivers load microcode from the USB device?
No.
The tool referred to does "fuzzing". That means it talks the protocol, but tries a variety of minor corruptions to the packets it sends, to see if any of them exercise a bug in the drivers on the other end of the wire.
So any bugs found are in the driver and related to defective error-checking on incoming messages, not to hypothetical code loaded from the USB peripheral.
(Granted, if some driver DID do something as hazardous as loading and running, in kernel context, code from the peripheral, fuzzing THAT, introducing bugs into it, would be fair game.)
When I read the summary, I didn't understand the importance of a 25% improvement. It seemed trivial. Going from impossible to 25 minutes is big. Going from 25 minutes to 18 minutes is minor.
If I'm (speed) reading the postings correctly, (BIG caveat)...
what he did was:
* Look at the open postings, which didn't reveal the details of the attack or publish its code.
* Figure out (from this and his crypto-related math knowledge) enough to, independently, come up with both a variant attack (that ran faster) and an explanation that's accessible to people with just some background and access to wikipedia to fill in the blanks.
* and publish "here's what I did and here's how it works".
So the big deal is not the speed improvement, but (being able and choosing to) bringing the guts of the crack out to where it's accessible to people without connections to the crypto-community's internal deliberations.
Also: He may have found additional, or different, attacks (or pieces of them) than the original authors - and he fed that back to them and received acknowledgement that his input improved their code as well.
Try the library... It's a great place to get access to all sorts of scientific journals.
I was looking for just one recent article in Science recently.
I tried the libraries - all that I could reach without cutting work. (I work at a startup, with weird and extended hours, which eliminates, for example, those at Stanford U that are accessible to non-students).
Nobody had budgeted for the service, so the paper wasn't available.
If governments wrote tax-laws properly, they wouldn't be losing out on such tax, no matter what arrangement Apple tried to use.
And if pigs had wings they could fly.
Governments are run by people and concentrate power, which corrupts them.
They also operate on the "economy of negative values", which generates lots of unintended consequences as the people they're trying to loot, limit, or punish find ways to wiggle through loopholes.
Pirate TV Services Are Taking a Bite Out of Cable Company Revenue... TV piracy services are being used by about 6.5 percent of North American households with broadband access, potentially costing legitimate TV providers billions of dollars a year,...
Less than one in 15 North American households with broadband access subscribe to a TV piracy service.
FTFY
Of course that means there's a vast, untapped, market for TV piracy services. If everybody with cable or satellite TV service switched to a piracy service (and dropped their high-priced "legal TV package") that WOULD cost them billions.
"Quick: We've got to block the rollout of cheap broadband Internet! (Oh, wait. We already did that.)"
This is why the US needs to make voting compulsory and a federal obligation.
Voting is not about fairness. Voting is about stabilizing government. It works by figuring out how the civil war over the matter would come out, in a way that is convincing to the losers (so they won't be tempted to fight to reverse it).
If someone is to apathetic about a candidate selection or issue to be bothered to vote on it, they're damned sure too apathetic to take up arms to defend how the election came out.
So including their choice in the outcome, by forcing them to vote, weakens the effectiveness of the election as a convincing predictor of the failure of violent action to reverse the results, making such violent action more likely.
Doesn't work that way. Immigrants from large-family cultures have much smaller families when they're here.
Not so.
The migrants and sometimes the first generation of their offspring tend to have even larger families than in "the old country", as I described. Later generations MAY tend to smaller families - IF they assimilate. But ghettoization, public schools taught in non-English languages, social programs and their operators, identity politics, media-anointed "community leaders", and race-based urban gangs, all tend to maintain the old country culture (or a parody of it), including the birth rate.
By the way: My wife and I live in, and have been politically active in, a Silicon Valley city where more than half of the residents speak a non-English language at home. (That's predominantly Spanish, though there are a number of others.) We deal with this up-close-and-personal all the time.
If people with power and money REALLY THOUGHT anything like this sea level alarmism was true, you would absolutely see this priced into seafront real estate prices. But they just continue to climb.
We also WOULDN'T see pro-natalist policies.
For instance: importing large numbers low-income people from countries with cultures that encourage large families and giving them jobs and child support which enables them to have LARGER families and an income sufficient for all the kids to drive gas-guzzlers and otherwise consume more goods that are produced by carbon dioxide emitting processes and/or processes powered by carbon dioxide emitting utilities.
If the politicians REALLY believed the climate-change hype, they'd close the borders. Since they don't, it looks more like they think it's a convenient excuse to increase their power (by writing laws and regulations) and wealth (by rent-seeking schemes like carbon-credit exchanges).
Step 1: further consolidation of geographically-biased opinion news. Step 2: further cluster fuck of opinions (you think California being completely out of step with the country is something, wait until every state votes by 75%-25% margin).
Doesn't the last election show you that the mainstream media, which was solidly backing Clinton, is utterly impotent to sway elections in the way you describe?
Another day, another chip out of the rules and regulations that make us civil and decent to each other.
ORLY?
Seems to me that, before the regulation was put into place there was an era of competition, and after it there has been nothing but nearly monolithic consolidation.
Seems to me that, if the intent was actually to produce news competition or sweep back a tide of anticompetitive collusion and consolidation, it had either failed miserably or (like the "fairness doctrine") worked to the detriment of what it was supposed to accomplish.
In either case - useless or counter-productive - it should be eliminated.
Regardless, after the way the media, as a block, savaged Trump, I'd expect his guys to be looking for subtle ways to do them a bad turn. Changing rules to shake up their competitive environment (in a way that, as a bonus, looks like they're just going with their ideology and/or doing them a favor) would fit my expectations nicely.
(Continuing another hyper-sensitive-touchpad bogus post.)
But, seriously, it seems to me that reducing the cost of operation may also make it possible for others to enter the field. The rule was missing for a century or so, and there was some diversity. Yet, under it, there has been enormous consolidation. Maybe this is one of those good-sounding ideas that have unintended consequences that completely swamp and reverse their intended effect.
Regardless, after the way the media, as a block, savaged Trump, I'd expect his guys to be looking for subtle ways to do
Great, now four people are going to own the entire US media rather than six people.
If so, why does that matter? Five of them broadcast identical shit from one viewpoint, the fifth from another. Seems to me at least four of them are redundant.
Especially since the material they purvey smells so bad that their businesses are starting to fail. Maybe, with some more consolidation in a shakeout, one or more of them can survive. B-)
But, seriously, it seems to me that reducing the cost of operation may also make it possible for
you do realize that CNN and Fox News are channels and not networks right?
Yes - at least partially.
CNN, for instance, has also provided programming for broadcast stations. There is (or was? haven't checked lately) an AM outlet in San Jose CA that ran the audio from CNN as its programming.
And that also supports my point: They're both news channels and providers of content to some contracted broadcast (and other) outlets (which makes them "networks"). Think how much easier it would be to build what you'd recognize as a "network" by just buying up, or getting new licenses for, stations that cover the bulk of the population and just networking them.
If they'd just eliminate the rule that a single entity can't own broadcast stations in enough markets to have a potential audience of more than about a third of the population, it would be possible to buy up cheap or failing little UHF stations and create new networks.
THAT rule is essentially anti-competitive anti-upstart protection for the old networks, which are primarily contracted programming services for a collection of separately-owned stations and groups of stations. It's why you don't see a lot of new network upstarts, and things like CNN and Fox News only/initially happened on cable - despite a vast underserved viewership.
(In CNN's case it was people who wanted actual news reporting, after the major networks' news organizations decided the viewers really wanted news-like entertainment. In Fox News' case it was people who wanted to hear conservative viewpoints (conspicuous by their absence on mainstream media) once CNN had sold out to the left-leaning mainstream - first figuratively, then literally. There's been room for a new one since the lead-in to the 2012 presidential election, when Fox News went all-in for the neocon faction of the R side, abandoning the libertarian, paleo-conservatve, religious-right, and perhaps a few smaller, factions.)
Such an effort doesn't need to be restricted to just the rich, by the way. Imagine crowd-funded news networks. B-)
I wonder how the FBI scored prosecutions before mobile devices were invented?
Wiretaps, pen registers, trap-and-trace. Room bugs, directional microphones. Seizure of paper records. (Encryption is an issue there, too.) Informants, tips, infiltrators. Interrogation. Fingerprints and other physical evidence. VERY good P.R.
Of course there were also: mail intercepts, agents provacteur, entrapment, honey-traps, planted evidence, blackmail, "sink tests", bogus tests (e.g. bullet isotope analysis), torture, lying to suspects, perjury, false press releases, misuse of RICO,...
And the media - with both news and crime dramas which constantly misstated the rights of the accused - was a big help.
Elections aren't about being fair. They're about stabilizing the country.
They work by trying to figure out in advance how the civil war would come out, and being believable enough that the losers will think they'd also lose the civil war to revise the results.
The easiest way to be believable, of course, is to be transparently honest. Even being honest isn't enough if the process appears dishonest. Corrupt or controlled of press and interpersonal communication channels, which becomes known (or belief this is the case even if it is not) can be enough to pop the bubble of belief.
Elections can stand a little dishonesty. But massive corruption may convince the citizens that they're a fraud and a war to "overthrow the tyrants" might succeed. Then you get the violence.
Try thinking about it this way and then looking at current events in Venezuela, or Spain. (Or look at the aftermath of the US elections, when the press first had the left convinced they were winning, then went on make them think they had a big margin and were cheated.)
If Canada does something like what is described, and the winners of the next election gore enough oxen when they wield power afterwards, be prepared for such "unrest" there, as well.
You only need 1.21 gigawatts to travel back in time, buy Bitcoins at USD$0.008, become the most powerful company on the planet and simply buy out any and all competitors before they become a threat.
Don't buy too MANY of the Bitcoins. You might get back to now and find out that the market that drove their price up never developed and theyr're worth nothing.
What happens when Amazon or Google buy 1 GW of green power, does a coal plant gets shut down? No. What happen is that the typical home customer has its share of green power reduced from say, 4% to 3%. The production remains the same.
No.
What happens is, with a guaranteed customer with concentrated loads (and no need to cut a deal with a power distribution company to sell THEM the power), an investor builds renewable-energy plants near the Amazon or Google sites and starts selling them the power. So more generation DOES get built for the projects, and the consumers' mix is not impacted as you describe.
(In the short run such big projects may push the price of equipment up slightly, but in the long run they enable economy-of-scale manufacturing that brings the price down.)
Photovoltic panels, for instance, beat grid power once they cost less than a dollar per watt. Market price in 10-panel pallet loads was $0.33 last I looked, and even the domestic panel manufacturers who won the anti-dumping decision are only asking for a price floor of $0.78.
Buying a Gigawatt means buying the ability to draw up to a Gigawatt from a supplier. That might end up being anywhere from nothing to a Gigawatthour EVERY HOUR - 8,766 Gigawatt hours (about 8.8 Terrawatt hours) every year.
Is this [HL-60] the one that contaminated everything?/i?
I am not a biiochemist, but... That seems to be a human leukemia line.
Are you maybe thinking of HeLa - the very hardy immortalized cervical cancer cell line that was the first to be successfully grown in bulk?
I hear there was a model for the progression of cancer that had to be scrapped, because it was really the result of HeLa cells, escaped into laboratory environments, eventually contaminating virtually any cancer cell culture experiment and replacing the intended cells.
Or enjoy playing with them. Poison their data well. Create false information about yourself. Get creative and have exciting new hobbies. Have fun with it and explore the exiting world of being a product. [examples...]
Reminds me of the "defamation service" suggested by some people in the '80s. Idea was to hire a servince to spread lots of scandalous, but clearly false if examined closely, rumor about you, in order to discredit any other rumors about you later.
Problem is, that puts too high a bar on the rumor-hearers. If they DON'T go on to the discrediting stage, you've just trashed your own rep for no gain - and lots of potential loss.
Scandalous rumor (especially if true, but false can do it, too) can take down even a rich and powerful figure VERY fast. See Harvey Weinstein for an example of fast, JonBenet Ramsey's parents for an example of false.
Slashdot Mirror
I'm assuming these things happen because the USB device drivers load microcode from the USB device?
No.
The tool referred to does "fuzzing". That means it talks the protocol, but tries a variety of minor corruptions to the packets it sends, to see if any of them exercise a bug in the drivers on the other end of the wire.
So any bugs found are in the driver and related to defective error-checking on incoming messages, not to hypothetical code loaded from the USB peripheral.
(Granted, if some driver DID do something as hazardous as loading and running, in kernel context, code from the peripheral, fuzzing THAT, introducing bugs into it, would be fair game.)
When I read the summary, I didn't understand the importance of a 25% improvement. It seemed trivial. Going from impossible to 25 minutes is big. Going from 25 minutes to 18 minutes is minor.
If I'm (speed) reading the postings correctly, (BIG caveat) ...
what he did was:
* Look at the open postings, which didn't reveal the details of the attack or publish its code.
* Figure out (from this and his crypto-related math knowledge) enough to, independently, come up with both a variant attack (that ran faster) and an explanation that's accessible to people with just some background and access to wikipedia to fill in the blanks.
* and publish "here's what I did and here's how it works".
So the big deal is not the speed improvement, but (being able and choosing to) bringing the guts of the crack out to where it's accessible to people without connections to the crypto-community's internal deliberations.
Also: He may have found additional, or different, attacks (or pieces of them) than the original authors - and he fed that back to them and received acknowledgement that his input improved their code as well.
That strategy has been around for a long time in many forms, and has a name:
"Let's you and him fight."
Try the library ... It's a great place to get access to all sorts of scientific journals.
I was looking for just one recent article in Science recently.
I tried the libraries - all that I could reach without cutting work. (I work at a startup, with weird and extended hours, which eliminates, for example, those at Stanford U that are accessible to non-students).
Nobody had budgeted for the service, so the paper wasn't available.
If governments wrote tax-laws properly, they wouldn't be losing out on such tax, no matter what arrangement Apple tried to use.
And if pigs had wings they could fly.
Governments are run by people and concentrate power, which corrupts them.
They also operate on the "economy of negative values", which generates lots of unintended consequences as the people they're trying to loot, limit, or punish find ways to wiggle through loopholes.
Pirate TV Services Are Taking a Bite Out of Cable Company Revenue ... TV piracy services are being used by about 6.5 percent of North American households with broadband access, potentially costing legitimate TV providers billions of dollars a year, ...
Less than one in 15 North American households with broadband access subscribe to a TV piracy service.
FTFY
Of course that means there's a vast, untapped, market for TV piracy services. If everybody with cable or satellite TV service switched to a piracy service (and dropped their high-priced "legal TV package") that WOULD cost them billions.
"Quick: We've got to block the rollout of cheap broadband Internet! (Oh, wait. We already did that.)"
This is why the US needs to make voting compulsory and a federal obligation.
Voting is not about fairness. Voting is about stabilizing government. It works by figuring out how the civil war over the matter would come out, in a way that is convincing to the losers (so they won't be tempted to fight to reverse it).
If someone is to apathetic about a candidate selection or issue to be bothered to vote on it, they're damned sure too apathetic to take up arms to defend how the election came out.
So including their choice in the outcome, by forcing them to vote, weakens the effectiveness of the election as a convincing predictor of the failure of violent action to reverse the results, making such violent action more likely.
Doesn't work that way. Immigrants from large-family cultures have much smaller families when they're here.
Not so.
The migrants and sometimes the first generation of their offspring tend to have even larger families than in "the old country", as I described. Later generations MAY tend to smaller families - IF they assimilate. But ghettoization, public schools taught in non-English languages, social programs and their operators, identity politics, media-anointed "community leaders", and race-based urban gangs, all tend to maintain the old country culture (or a parody of it), including the birth rate.
By the way: My wife and I live in, and have been politically active in, a Silicon Valley city where more than half of the residents speak a non-English language at home. (That's predominantly Spanish, though there are a number of others.) We deal with this up-close-and-personal all the time.
If people with power and money REALLY THOUGHT anything like this sea level alarmism was true, you would absolutely see this priced into seafront real estate prices. But they just continue to climb.
We also WOULDN'T see pro-natalist policies.
For instance: importing large numbers low-income people from countries with cultures that encourage large families and giving them jobs and child support which enables them to have LARGER families and an income sufficient for all the kids to drive gas-guzzlers and otherwise consume more goods that are produced by carbon dioxide emitting processes and/or processes powered by carbon dioxide emitting utilities.
If the politicians REALLY believed the climate-change hype, they'd close the borders. Since they don't, it looks more like they think it's a convenient excuse to increase their power (by writing laws and regulations) and wealth (by rent-seeking schemes like carbon-credit exchanges).
Step 1: further consolidation of geographically-biased opinion news.
Step 2: further cluster fuck of opinions (you think California being completely out of step with the country is something, wait until every state votes by 75%-25% margin).
Doesn't the last election show you that the mainstream media, which was solidly backing Clinton, is utterly impotent to sway elections in the way you describe?
Back in the early 2000s the same thing happened to radio, and basically 90% of all radio got bought up by Clear Channel. Same will now happen with TV
Profitable right-wing talk TV. Replacing unprofitable left-wing lock-step propaganda. And all owned by Mitt Romney.
Interesting concept.
Another day, another chip out of the rules and regulations that make us civil and decent to each other.
ORLY?
Seems to me that, before the regulation was put into place there was an era of competition, and after it there has been nothing but nearly monolithic consolidation.
Seems to me that, if the intent was actually to produce news competition or sweep back a tide of anticompetitive collusion and consolidation, it had either failed miserably or (like the "fairness doctrine") worked to the detriment of what it was supposed to accomplish.
In either case - useless or counter-productive - it should be eliminated.
(and there it goes again)
Regardless, after the way the media, as a block, savaged Trump, I'd expect his guys to be looking for subtle ways to do them a bad turn. Changing rules to shake up their competitive environment (in a way that, as a bonus, looks like they're just going with their ideology and/or doing them a favor) would fit my expectations nicely.
(Continuing another hyper-sensitive-touchpad bogus post.)
But, seriously, it seems to me that reducing the cost of operation may also make it possible for others to enter the field. The rule was missing for a century or so, and there was some diversity. Yet, under it, there has been enormous consolidation. Maybe this is one of those good-sounding ideas that have unintended consequences that completely swamp and reverse their intended effect.
Regardless, after the way the media, as a block, savaged Trump, I'd expect his guys to be looking for subtle ways to do
Great, now four people are going to own the entire US media rather than six people.
If so, why does that matter? Five of them broadcast identical shit from one viewpoint, the fifth from another. Seems to me at least four of them are redundant.
Especially since the material they purvey smells so bad that their businesses are starting to fail. Maybe, with some more consolidation in a shakeout, one or more of them can survive. B-)
But, seriously, it seems to me that reducing the cost of operation may also make it possible for
you do realize that CNN and Fox News are channels and not networks right?
Yes - at least partially.
CNN, for instance, has also provided programming for broadcast stations. There is (or was? haven't checked lately) an AM outlet in San Jose CA that ran the audio from CNN as its programming.
And that also supports my point: They're both news channels and providers of content to some contracted broadcast (and other) outlets (which makes them "networks"). Think how much easier it would be to build what you'd recognize as a "network" by just buying up, or getting new licenses for, stations that cover the bulk of the population and just networking them.
If they'd just eliminate the rule that a single entity can't own broadcast stations in enough markets to have a potential audience of more than about a third of the population, it would be possible to buy up cheap or failing little UHF stations and create new networks.
THAT rule is essentially anti-competitive anti-upstart protection for the old networks, which are primarily contracted programming services for a collection of separately-owned stations and groups of stations. It's why you don't see a lot of new network upstarts, and things like CNN and Fox News only/initially happened on cable - despite a vast underserved viewership.
(In CNN's case it was people who wanted actual news reporting, after the major networks' news organizations decided the viewers really wanted news-like entertainment. In Fox News' case it was people who wanted to hear conservative viewpoints (conspicuous by their absence on mainstream media) once CNN had sold out to the left-leaning mainstream - first figuratively, then literally. There's been room for a new one since the lead-in to the 2012 presidential election, when Fox News went all-in for the neocon faction of the R side, abandoning the libertarian, paleo-conservatve, religious-right, and perhaps a few smaller, factions.)
Such an effort doesn't need to be restricted to just the rich, by the way. Imagine crowd-funded news networks. B-)
I wonder how the FBI scored prosecutions before mobile devices were invented?
Wiretaps, pen registers, trap-and-trace.
Room bugs, directional microphones.
Seizure of paper records. (Encryption is an issue there, too.)
Informants, tips, infiltrators.
Interrogation.
Fingerprints and other physical evidence.
VERY good P.R.
Of course there were also: mail intercepts, agents provacteur, entrapment, honey-traps, planted evidence, blackmail, "sink tests", bogus tests (e.g. bullet isotope analysis), torture, lying to suspects, perjury, false press releases, misuse of RICO, ...
And the media - with both news and crime dramas which constantly misstated the rights of the accused - was a big help.
,i>All I can say is we are hosed.
Even more hosed than it looks now.
Elections aren't about being fair. They're about stabilizing the country.
They work by trying to figure out in advance how the civil war would come out, and being believable enough that the losers will think they'd also lose the civil war to revise the results.
The easiest way to be believable, of course, is to be transparently honest. Even being honest isn't enough if the process appears dishonest. Corrupt or controlled of press and interpersonal communication channels, which becomes known (or belief this is the case even if it is not) can be enough to pop the bubble of belief.
Elections can stand a little dishonesty. But massive corruption may convince the citizens that they're a fraud and a war to "overthrow the tyrants" might succeed. Then you get the violence.
Try thinking about it this way and then looking at current events in Venezuela, or Spain. (Or look at the aftermath of the US elections, when the press first had the left convinced they were winning, then went on make them think they had a big margin and were cheated.)
If Canada does something like what is described, and the winners of the next election gore enough oxen when they wield power afterwards, be prepared for such "unrest" there, as well.
You only need 1.21 gigawatts to travel back in time, buy Bitcoins at USD$0.008, become the most powerful company on the planet and simply buy out any and all competitors before they become a threat.
Don't buy too MANY of the Bitcoins. You might get back to now and find out that the market that drove their price up never developed and theyr're worth nothing.
What happens when Amazon or Google buy 1 GW of green power, does a coal plant gets shut down? No. What happen is that the typical home customer has its share of green power reduced from say, 4% to 3%. The production remains the same.
No.
What happens is, with a guaranteed customer with concentrated loads (and no need to cut a deal with a power distribution company to sell THEM the power), an investor builds renewable-energy plants near the Amazon or Google sites and starts selling them the power. So more generation DOES get built for the projects, and the consumers' mix is not impacted as you describe.
(In the short run such big projects may push the price of equipment up slightly, but in the long run they enable economy-of-scale manufacturing that brings the price down.)
Photovoltic panels, for instance, beat grid power once they cost less than a dollar per watt. Market price in 10-panel pallet loads was $0.33 last I looked, and even the domestic panel manufacturers who won the anti-dumping decision are only asking for a price floor of $0.78.
Gigawatts? or Gigawatt HOURS?
It makes a big difference.
Buying a Gigawatt means buying the ability to draw up to a Gigawatt from a supplier. That might end up being anywhere from nothing to a Gigawatthour EVERY HOUR - 8,766 Gigawatt hours (about 8.8 Terrawatt hours) every year.
4. Other scientist recreate the process that proved or disproves the theory
4.5. Other scientists buy cells from the same misidentified cell line to use in their "repeatability" study. ...
6. Rinse and repeat.
Is this [HL-60] the one that contaminated everything? /i?
I am not a biiochemist, but... That seems to be a human leukemia line.
Are you maybe thinking of HeLa - the very hardy immortalized cervical cancer cell line that was the first to be successfully grown in bulk?
I hear there was a model for the progression of cancer that had to be scrapped, because it was really the result of HeLa cells, escaped into laboratory environments, eventually contaminating virtually any cancer cell culture experiment and replacing the intended cells.
Or enjoy playing with them. Poison their data well. Create false information about yourself. Get creative and have exciting new hobbies. Have fun with it and explore the exiting world of being a product. [examples...]
Reminds me of the "defamation service" suggested by some people in the '80s. Idea was to hire a servince to spread lots of scandalous, but clearly false if examined closely, rumor about you, in order to discredit any other rumors about you later.
Problem is, that puts too high a bar on the rumor-hearers. If they DON'T go on to the discrediting stage, you've just trashed your own rep for no gain - and lots of potential loss.
Scandalous rumor (especially if true, but false can do it, too) can take down even a rich and powerful figure VERY fast. See Harvey Weinstein for an example of fast, JonBenet Ramsey's parents for an example of false.