Slashdot Mirror


User: phantomfive

phantomfive's activity in the archive.

Stories
0
Comments
31,362
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 31,362

  1. Re:Not surprising at all under the circumstances on Nope, No Intel Chip Recall After Spectre and Meltdown, CEO Says (cnet.com) · · Score: 1

    I'd be shocked if they lost a huge portion of the market. There are a lot of PHBs out there who think Intel is the only option.

    In addition, they probably are the only ones who can handle the volume for all the CPU manufacturers.

  2. You will see it, and you are all that matters!

  3. #$&^*$# that's what happens when you have two clipboards. Here it is.

  4. There should be a way to mathematically prove a section of code is secure.

    "Secure" is poorly defined, so you would need to define it in a mathematical way. Beyond that, you've hit on one of the major areas of computer science research since the 70s: how to you prove code correctness? We can prove some kinds of code correct, but complexity again is a huge barrier.

  5. It seems the more immediately dangerous exploit (for normal users, anyway. AWS surely has a different viewpoint about what is dangerous) isn't against kernel space, it's an exploit that lets Javascript jump out of its VM: that is, a process attacks itself.

  6. Can’t the kernel just hide the password handling and crypto stuff in a separate address space and use the regular method for the boring stuff?

    As soon as you start using these tricky approaches, security gets really hard. For an analogy, look at crypto: in theory you can make it secure, but in practice adding nice little (seemingly insignificant) features suddenly changes the attack surface in a way that makes side-channel attacks possible. Bruce Schneier thus says if you want security, you need to make it as absolutely simple as possible.

    Another example: consider the mechanism of "root" and "userland." In concept, it is clear, but in practice the attack surface is so complex (deciding at each point, does this let userland access root?), that privilege escalation exploits are endemic. Even the openBSD team that is obsessive with security hasn't found a way to stop them.

    So your approach would be roughly the same: now everyone has to ask, "does this data need to be stored in the 'safe' space or not?" Besides being a huge rewrite, people would constantly find ways to exploit things you thought were safe, but actually weren't (or as is sometimes the case, A by itself is fine, but in conjunction with B and C it is vulnerable).

  7. Re:Someone said once... on How Climate Change Deniers Rise To the Top in Google Searches (nytimes.com) · · Score: 1

    First I want to point out that you are the first person here to actually link to the study. Well done! I like you so much I don't even want to argue. But we ought to discuss something, otherwise the whole thing is for naught.

    The paper you linked to says that although model resolution has increased (basically, computing power), the range of projected temperature change has not narrowed. I don't disagree with that.

    The IPCC report is merely a compilation (albeit a useful one) based on studies that have been published. Since AR5, a number of new studies have come out that the IPCC report was not able to take advantage of (because they didn't exist). This one showing that the models overestimate, for example, and this one trying to explain the overestimation are enough to give you an example.

    So now it is on you. How do you integrate those two studies I linked to into your worldview?

  8. Yeah, and?

    And Intel sucks. What more do you want me to say?
    After this and the empty password fiasco, you shouldn't waste your keystrokes defending them. Trying to defend a corporation is a waste of effort anyway.

  9. Re:Press the panic button on Intel Responds To Alleged Chip Flaw, Claims Effects Won't Significantly Impact Average Users (hothardware.com) · · Score: 5, Informative

    Yeah, notice the part where they tried to spread the blame to other CPU manufacturers.

  10. "All you little people, performance doesn't matter for you." I do like this quote, though:

    "Intel believes its products are the most secure in the world"

    Yeah, more secure than all those other products who don't let you log in with an empty password.

  11. Whenever I read the words 'climate model', I generally replace them in my head with the words 'wildly inaccurate climate model'. Scott Adams has some interesting things to say [dilbert.com] about the subject

    Forget Scott Adams, look was Nature has to say on the subject: models have overestimated warming. Again, a more recent study, models have overestimated warming. There will be plenty of work in the next decade to figure out why.

    I personally believe humans definitely do influence climate,

    What you believe is utterly irrelevant.

  12. Re:ballot images on New Bill Could Finally Get Rid of Paperless Voting Machines (arstechnica.com) · · Score: 2

    The main things to guard against are:
    1) Don't make the images individually identifiable
    2) Don't consider the images to be authoritative. The paper is still authoritative.

  13. Re:ballot images on New Bill Could Finally Get Rid of Paperless Voting Machines (arstechnica.com) · · Score: 1

    Ballot images are good, but they can't be used as the *only* form of verification. If you don't have the paper ballots to back them up, they aren't as good. The advantage is that any citizen who is interested can look at them for anomalies. Then you can go back to the actual paper ballots to make sure the anomaly is actually real.

    It lowers the barrier for citizens to participate. There are actually examples of this happening, I believe in Inyo county (in California) about a decade ago, citizens were looking at the images of the ballots and noticed some kind of problem.

  14. ballot images on New Bill Could Finally Get Rid of Paperless Voting Machines (arstechnica.com) · · Score: 5, Interesting
  15. Re:I know this isn't politically correct on UK 'Faces Build-up of Plastic Waste' (bbc.com) · · Score: 1

    What a shitty way to look at the world....

    For you, but that's your perspective. To me it seems like a good way to look at the world.

  16. Re:Not a blue moon on First Blue Moon Total Lunar Eclipse in 150 Years Coming This Month (space.com) · · Score: 1

    So......there's more than one definition of a blue moon, the moon itself doesn't turn blue, and according to one of the common definitions, there will be a blue moon this month.

  17. Re:MODERATION IS CENSORSHIP on First Blue Moon Total Lunar Eclipse in 150 Years Coming This Month (space.com) · · Score: 2, Informative

    Your point would be more convincing, but on Slashdot moderation doesn't actually get rid of any of the comments. They're all still there for anyone who wants to read wild, untamed rants.

  18. Re:Someone said once... on How Climate Change Deniers Rise To the Top in Google Searches (nytimes.com) · · Score: 1

    Yeah, I didn't think you could link to papers. You get all your info from blogs, that's your problem.

  19. Re:Yeesh on Want to Be Happy? Think Like an Old Person (nytimes.com) · · Score: 1

    5. Do other appetites decrease? I'm not sure.

    The desire for money and security increases pretty dramatically.

  20. Re:I know this isn't politically correct on UK 'Faces Build-up of Plastic Waste' (bbc.com) · · Score: 1

    This is something that must be investigated. When I have time.

  21. There's another study that backs up your point, and finds that it could cause up to 15% bugs.

  22. Re:Is there an actual practical use for blockchain on Bitcoin Starts a New Year by Tumbling, First Time Since 2015 (bloomberg.com) · · Score: 1

    Is there an actual practical use for blockchain?

    The use case is basically everything e-gold was used for, before the feds shut that down.

  23. Re:I know this isn't politically correct on UK 'Faces Build-up of Plastic Waste' (bbc.com) · · Score: 1

    You're making a statement of ideology, not of practicality.
    IT's fine to do something based on ideology, but you should be aware of it.

  24. Re: I know this isn't politically correct on UK 'Faces Build-up of Plastic Waste' (bbc.com) · · Score: 1

    Try recycling aluminum without the CRV some time.......that stuff is not worth much until it gets processed.