It's actually easier to extract plain text from a word document than an OpenOffice one. OpenOffice uses an SGML-like structure, where tags are intermixed with text to define formatting. Word uses a flat block of text and a separate blob of XML to describe formatting for ranges of the text (which isn't surprising, as that's how most word processors represent rich text internally and large parts of OOXML were straight transliterations from MS Office internal data structures to XML).
In a well-run IT department, replacing a dead machine is one of the simplest things to do and in comparison to staffing costs computers are almost free these days. Buy new machine, image it, drop it into the correct office, done. Replacing a machine even once a year is a lot cheaper than having a technician visit every desk once a month.
The compiler community is pretty small. I know a few people who worked for Intel's compiler teams until quite recently (I don't know anyone who still does - they've been scaling down their compiler teams for quite a while now). They got a lot of bad press back in the '90s for emitting instructions that were either much slower on non-Intel systems (IDT in particular, but also Cyrix implemented a few things that ICC liked to use in microcode, whereas on the Pentiums they were 1-2 cycle instructions), or hitting bugs in other CPUs that caused programs to crash. They moved to the whitelisting approach in reaction to this.
The keys are useless if you don't use them for encryption / decryption / signing / verification, so allowing that but preventing extraction is pretty much useless.
Not true. Offline attacks are almost always worse than online attacks. If I can compromise your OS and use your keys, then the damage I can do is bounded by the amount of time between the compromise and the fix and by the amount of bandwidth that you have. If I can exfiltrate your keys, then even if you fix the vulnerability and remove my exploit code 10 seconds after the compromise then I can keep using your keys until you update any other system that accepts these credentials (and once I start noticing you doing that, then I know I've been discovered, so I may as well change your keys for all of the services that I now have access to). Still think that they're equivalent?
That doesn't usually work, because work by subcontractors of the US government is subject to copyright and most research is done by subcontractors and not employees of the government.
That said, any work that is either funded by almost all of the UK research councils, or intends to be included in the next REF[1] must be either green or gold open access. Green means that the preprint is uploaded to the institution's open access repository, which guarantees that it will make it publicly accessible in perpetuity, though it may be embargoed for a short period. Gold means that the publisher makes it available without cost from their own site, under a license that permits redistribution of the downloaded version. Most (all?) publication venues make the bibliometrics available for free, even if they charge for the articles, so if you find any UK authors on the list then you can probably get a copy from their host institution at a stable long-term download location.
Even without any of that, most reputable researchers put preprints on their own web pages because a big part of their evaluation as researchers is how many people cite their work, and anything that makes their work easier to access increases their impact.
[1] Research Excellence Framework (horrible name), the thing that ranks UK universities and departments and determines, among other things, how much money they'll get in the next REF period for their block grant.
I have very rarely come across a research paper where typing the title into DDG didn't give me a link to the preprint on the author's home page. The only exceptions have been more obscure older papers that haven't been digitised (and in most of those cases emailing the authors has worked - and in a few cases has resulted in being given the original TeX sources so that I can tweak them to work with pdflatex and get a nicely searchable version, rather than the original PostScript that was intended solely for printing).
Yeah. So Apple has the greatest display tech..... that their biggest competitor (Samsung) makes
You seem to be under the misapprehension that Samsung is a company. Samsung is a collection of largely independent companies that hate each other only slightly less than they hate all non-Korean companies. It's very misleading to think that Samsung displays, Samsung CPUs, and Samsung phones are made by the same company - Samsung phones often include non-Samsung parts even when there is a Samsung equivalent.
Outsourcing manufacturing fails every, single, time. You give away your technology, teach others to make it, and then get yourself toasted as they figure out how to make it better, cheaper, faster, or just copy it so they don't have to pay for an R&D budget.
There are basically no companies that build products without using any third-party suppliers. Apple makes their own CPUs, GPUs, and OS. They buy RAM and displays from third parties and buy flash from factories that they own but which are operated by third parties. In contrast, Samsung fabs their own SoCs, but typically using CPU and GPU IP that they've licensed from third parties (their flagship Exynos line contains ARM-designed GPUs, and ARM-designed CPUs, though the most recent iterations have also included a Samsung-designed CPU core). Their OS is largely under the control of Google. I'm not really sure what your point is.
All companies do something like this, because manufacturing and R&D both have huge economies of scale. The more units you can amortise the costs across, the better, and if one supplier is selling to a dozen integrators then it's likely to be better and cheaper than anything designed in house. This was why AMD spun off Global Foundries, for example: they were producing around 20% of the volume of chips that Intel produced, and so couldn't compete building fabs with the latest technology, but when GF started fabbing chips for other vendors this volume went up and they were more able to compete (plus AMD had the option of using other companies' fabs if GF stumbled over a particular process node).
Actually, installing just Linux would make your system pretty secure. Of course, without any userland, it might not be so useful, but that's not part of the stated requirements...
Words like "trusted", "secure" etc in computer salesdroid-speak are like "people's" and "democratic" when they get shoe-horned into a country's name - they're a warning sign, a veneer to hide a darker truth.
Trusted, as a technical term, means exactly what you'd expect from its use as a non-technical term: it is a thing which is expected to be correct and which can compromise (at least part of) the system if not. It is not the same as trustworthy. For example, the trusted computing base is the set of all things (microcode, bootloader, firmware, kernel, privileged daemons) that must be correct for the system to be secure. A system that uses a formally verified microkernel to provide isolation has a component that is both trusted and trustworthy.
Secure in this context also means what you'd expect. A system supporting secure boot can only boot an OS (or, at least, a second-stage bootloader) that is signed by a trusted party. There's nothing stopping such a system from allowing you to provide your own public keys, and many do, but if malware corrupts your on-disk kernel image then the system will refuse to boot unless you've also installed the malware vendor's key.
There's always a tension between user freedom and security, which goes right back to Stallman complaining about users on shared systems not being given the root password: was it better to allow users of the system to fix issues even at the expense of making all of their files wide open to every other user of the system? In the MIT AI lab, it was probably fine for everyone to have the root password, but it's not fine for everyone on the Internet to have my root password.
Yeah, SMM CPU, TPM chip, UEFI, Windows 10, line to Microsoft... doesn't sound like the security we usually think of at all
SMM is a bit odd, but something like a TMP is pretty important as it allows you to protect secret keys from a compromised OS. A TPM provides some write-only storage for keys and an API that allows you to use them for encryption / decryption / signing / verification, but doesn't allow you to extract the keys. UEFI at least allows the OS to replace the running firmware, which can reduce the attack surface by removing most of the vendor-provided functionality.
BTW, is there a open-source FPGA
Nope. There are no open source FPGAs and no vaguely high-end FPGAs that have a documented bitstream format, so you can't even verify the output from the proprietary synthesis tools. Oh, and any vaguely high-end FPGA has lots of fixed-function logic blocks that will make any attempt to verify them difficult.
Intel gets a lot of bad press for this, but it's worth remembering why they did it: a bunch of x86 chips advertised the relevant CPUID feature flags and then either didn't implemented the instructions correctly (IDT, I'm looking at you), or (in AMD's case) implemented them entirely in slow microcode so that the fast paths ended up being slower than the versions that used the older instructions. AMD complained when they emitted code that used the newer instructions that were much faster on Intel chips than AMD, then they complained when Intel whitelisted CPUs where they'd tested that there actually was a speedup. There was basically no way for Intel to win here.
In theory, the threshold for elected officials is a bit higher than 'not actually breaking the law', it also includes not doing things that too many of the population consider to be unacceptable.
Leaks indicating that a democratic country that has a government accountable to its public is corrupt and is using the security apparatus to spy on its own citizens or destabilise nominally friendly foreign regimes: News.
Leaks indicating that a corrupt oligarchy run by the former head of the security apparatus who uses intimidation as a tool to keep himself in power is using the security apparatus to spy on its own citizens or destabilise nominally friendly foreign regimes: Not news.
If your defence is 'Russia is as bad as us!' then you're in a pretty depressing place.
That's also true if you come from a Smalltalk background. The only globals in Smalltalk are the class names in the class table. Object state is all private, and both methods and closures have their own scopes for locals. I'd forgotten how bad it was in JavaScript until you reminded me.
'The space program hasn't done anything important since 1969', says the guy carrying around a cheap consumer device that uses satellites to tell him where he is, to an accuracy of a few metres, on network that uses satellite links to enable access from planes and ships, and remote land locations, across most of the world.
Not necessarily. The big problem is not the lack of jail time, it's the lack of any consequences. If companies start to pay such large fines, then that gives the shareholders a big incentive to make salary, bonuses, and share options contingent on avoiding such fines.
There is no reason to hate Javascript unless you come from C++/Java "inherit everything and override everything" classes.
Sure there is. If you come from a Smalltalk or Self background, the lack of sane support for numbers is a good reason to hate JavaScript. Smalltalk had a rich set of integer and floating point types, and the default integer kind was automatically promoted to a BigInt object on overflow. In contrast, JavaScript has only one numeric type, a double-precision floating point value. Trying to efficiently represent a 64-bit integer in JavaScript is basically impossible, trying to support arbitrary-precision integers is horrible pain. Lisp and Smalltalk had these from the start.
Then there's the lack of portable support for sane forwarding until very recently. In Smalltalk, if you call a method that doesn't exist, then the invocation is wrapped in an object and passed to the doesNotUnderstand: method. This lets you do proxy things transparently and easily. In JavaScript, this used to be impossible.
Then there's the not-quite-pure-OO nature. Everything is an object, but some of the operations can't be modified and some objects (e.g. Number) can't be subclassed / used as a prototype. Or the fact that you have a single immutable prototype chain. Or the fact that the operators aren't methods (so can't be overloaded) but are weirdly defined for arbitrary types (what is object + object?). Or the weird type coercion that happens, so adding an integer to a string is well defined and has odd results, so 'foo' + 1 + 1 is 'foo11', but 1 + 1 + 'foo' is '2foo' (where, in a sane language, both of these would throw exceptions).
The problem is not that the salary is lower, it's by how much the salary is lower. A lecturer (most junior tenured faculty position in a UK university) makes, after a PhD, about the same amount as a computer science graduate from a decent university makes in their first job. After about 15-20 years, if they make it to professor (the most senior faculty position), they're making about a quarter to a half of what a PhD graduate from a decent university will make after a couple of years in industry (or what someone with a few years of good experience and a decent track record who didn't do a PhD). It's quite easy to find good people who will take a 20-30% pay cut in exchange for academic freedom. It's much harder to find people who will take a 70% pay cut for the same freedom. This is especially true when there are industrial research labs like MSR that pay a lot closer to an industrial salary for very slightly less freedom.
It's quite surprising to me. Apple's UK machine learning centre is just down the road and they're unusual in that they're the only part of Apple that's allowed to publish research papers. If he's going there, he's almost certainly going to do something that would count towards a PhD, so I'd expect him to stay enrolled, take the salary from Apple, and submit a thesis in a year to get the PhD as well.
Exactly my point. The Firefox extension model is probably fine for a password manager if you only use it for web sites that you completely control. Anything else? Not so much.
A few months ago, Slashdot reported Google was in trouble over their gmail for education product because they weren't showing ads to children, but they were scanning the information to build a profile of the children. Want to bet that their commercial version doesn't do the same thing?
Except that, in this case, they're still maintaining it as part of Office365, they're just no longer selling it as a stand-alone product. If you're an existing subscriber, there's literally no benefit for Microsoft to stop taking your money: some people will switch to Office365, but others will switch to gmail or whatever. There's no software maintenance cost for them, because they're still selling the exact same product as part of Office365.
Remember back when Microsoft stopped selling Word and so on as separate products and only sold Microsoft Office as a bundle? Would it be honest to say back then that they'd killed Microsoft Word?
EM noise is a real issue for analogue signals, where the wire acting as an antenna adds noise to what you hear. It's a complete non-issue for most digital connections, where it's in one of three states:
Too low to flip any bits, no effect on signal output.
Low enough that the built-in error correction can compensate, no effect on signal output.
High enough that you end up with massive corruption.
The third state is the only one where it matters. You can usually compensate for that by adding more error correction, so it's only an issue in very noisy environments or very long cable runs. This is why fibre is largely dying in the home: you need runs of at least several tens of metres before the signal quality loss from electric signals vs optical matters and until that point fibre gives you nothing other than inconvenience and cost.
The extension can only do that if the tabs are different sandboxes (typically different processes). Firefox does not currently do that and cannot switch to the security model that all other modern browsers including Edge use until they remove the current extensions mechanism.
Slashdot Mirror
It's actually easier to extract plain text from a word document than an OpenOffice one. OpenOffice uses an SGML-like structure, where tags are intermixed with text to define formatting. Word uses a flat block of text and a separate blob of XML to describe formatting for ranges of the text (which isn't surprising, as that's how most word processors represent rich text internally and large parts of OOXML were straight transliterations from MS Office internal data structures to XML).
In a well-run IT department, replacing a dead machine is one of the simplest things to do and in comparison to staffing costs computers are almost free these days. Buy new machine, image it, drop it into the correct office, done. Replacing a machine even once a year is a lot cheaper than having a technician visit every desk once a month.
The compiler community is pretty small. I know a few people who worked for Intel's compiler teams until quite recently (I don't know anyone who still does - they've been scaling down their compiler teams for quite a while now). They got a lot of bad press back in the '90s for emitting instructions that were either much slower on non-Intel systems (IDT in particular, but also Cyrix implemented a few things that ICC liked to use in microcode, whereas on the Pentiums they were 1-2 cycle instructions), or hitting bugs in other CPUs that caused programs to crash. They moved to the whitelisting approach in reaction to this.
The keys are useless if you don't use them for encryption / decryption / signing / verification, so allowing that but preventing extraction is pretty much useless.
Not true. Offline attacks are almost always worse than online attacks. If I can compromise your OS and use your keys, then the damage I can do is bounded by the amount of time between the compromise and the fix and by the amount of bandwidth that you have. If I can exfiltrate your keys, then even if you fix the vulnerability and remove my exploit code 10 seconds after the compromise then I can keep using your keys until you update any other system that accepts these credentials (and once I start noticing you doing that, then I know I've been discovered, so I may as well change your keys for all of the services that I now have access to). Still think that they're equivalent?
That said, any work that is either funded by almost all of the UK research councils, or intends to be included in the next REF[1] must be either green or gold open access. Green means that the preprint is uploaded to the institution's open access repository, which guarantees that it will make it publicly accessible in perpetuity, though it may be embargoed for a short period. Gold means that the publisher makes it available without cost from their own site, under a license that permits redistribution of the downloaded version. Most (all?) publication venues make the bibliometrics available for free, even if they charge for the articles, so if you find any UK authors on the list then you can probably get a copy from their host institution at a stable long-term download location.
Even without any of that, most reputable researchers put preprints on their own web pages because a big part of their evaluation as researchers is how many people cite their work, and anything that makes their work easier to access increases their impact.
[1] Research Excellence Framework (horrible name), the thing that ranks UK universities and departments and determines, among other things, how much money they'll get in the next REF period for their block grant.
I have very rarely come across a research paper where typing the title into DDG didn't give me a link to the preprint on the author's home page. The only exceptions have been more obscure older papers that haven't been digitised (and in most of those cases emailing the authors has worked - and in a few cases has resulted in being given the original TeX sources so that I can tweak them to work with pdflatex and get a nicely searchable version, rather than the original PostScript that was intended solely for printing).
Yeah. So Apple has the greatest display tech..... that their biggest competitor (Samsung) makes
You seem to be under the misapprehension that Samsung is a company. Samsung is a collection of largely independent companies that hate each other only slightly less than they hate all non-Korean companies. It's very misleading to think that Samsung displays, Samsung CPUs, and Samsung phones are made by the same company - Samsung phones often include non-Samsung parts even when there is a Samsung equivalent.
Outsourcing manufacturing fails every, single, time. You give away your technology, teach others to make it, and then get yourself toasted as they figure out how to make it better, cheaper, faster, or just copy it so they don't have to pay for an R&D budget.
There are basically no companies that build products without using any third-party suppliers. Apple makes their own CPUs, GPUs, and OS. They buy RAM and displays from third parties and buy flash from factories that they own but which are operated by third parties. In contrast, Samsung fabs their own SoCs, but typically using CPU and GPU IP that they've licensed from third parties (their flagship Exynos line contains ARM-designed GPUs, and ARM-designed CPUs, though the most recent iterations have also included a Samsung-designed CPU core). Their OS is largely under the control of Google. I'm not really sure what your point is.
All companies do something like this, because manufacturing and R&D both have huge economies of scale. The more units you can amortise the costs across, the better, and if one supplier is selling to a dozen integrators then it's likely to be better and cheaper than anything designed in house. This was why AMD spun off Global Foundries, for example: they were producing around 20% of the volume of chips that Intel produced, and so couldn't compete building fabs with the latest technology, but when GF started fabbing chips for other vendors this volume went up and they were more able to compete (plus AMD had the option of using other companies' fabs if GF stumbled over a particular process node).
Actually, installing just Linux would make your system pretty secure. Of course, without any userland, it might not be so useful, but that's not part of the stated requirements...
Words like "trusted", "secure" etc in computer salesdroid-speak are like "people's" and "democratic" when they get shoe-horned into a country's name - they're a warning sign, a veneer to hide a darker truth.
Trusted, as a technical term, means exactly what you'd expect from its use as a non-technical term: it is a thing which is expected to be correct and which can compromise (at least part of) the system if not. It is not the same as trustworthy. For example, the trusted computing base is the set of all things (microcode, bootloader, firmware, kernel, privileged daemons) that must be correct for the system to be secure. A system that uses a formally verified microkernel to provide isolation has a component that is both trusted and trustworthy.
Secure in this context also means what you'd expect. A system supporting secure boot can only boot an OS (or, at least, a second-stage bootloader) that is signed by a trusted party. There's nothing stopping such a system from allowing you to provide your own public keys, and many do, but if malware corrupts your on-disk kernel image then the system will refuse to boot unless you've also installed the malware vendor's key.
There's always a tension between user freedom and security, which goes right back to Stallman complaining about users on shared systems not being given the root password: was it better to allow users of the system to fix issues even at the expense of making all of their files wide open to every other user of the system? In the MIT AI lab, it was probably fine for everyone to have the root password, but it's not fine for everyone on the Internet to have my root password.
Yeah, SMM CPU, TPM chip, UEFI, Windows 10, line to Microsoft... doesn't sound like the security we usually think of at all
SMM is a bit odd, but something like a TMP is pretty important as it allows you to protect secret keys from a compromised OS. A TPM provides some write-only storage for keys and an API that allows you to use them for encryption / decryption / signing / verification, but doesn't allow you to extract the keys. UEFI at least allows the OS to replace the running firmware, which can reduce the attack surface by removing most of the vendor-provided functionality.
BTW, is there a open-source FPGA
Nope. There are no open source FPGAs and no vaguely high-end FPGAs that have a documented bitstream format, so you can't even verify the output from the proprietary synthesis tools. Oh, and any vaguely high-end FPGA has lots of fixed-function logic blocks that will make any attempt to verify them difficult.
Intel gets a lot of bad press for this, but it's worth remembering why they did it: a bunch of x86 chips advertised the relevant CPUID feature flags and then either didn't implemented the instructions correctly (IDT, I'm looking at you), or (in AMD's case) implemented them entirely in slow microcode so that the fast paths ended up being slower than the versions that used the older instructions. AMD complained when they emitted code that used the newer instructions that were much faster on Intel chips than AMD, then they complained when Intel whitelisted CPUs where they'd tested that there actually was a speedup. There was basically no way for Intel to win here.
In theory, the threshold for elected officials is a bit higher than 'not actually breaking the law', it also includes not doing things that too many of the population consider to be unacceptable.
Leaks indicating that a democratic country that has a government accountable to its public is corrupt and is using the security apparatus to spy on its own citizens or destabilise nominally friendly foreign regimes: News.
Leaks indicating that a corrupt oligarchy run by the former head of the security apparatus who uses intimidation as a tool to keep himself in power is using the security apparatus to spy on its own citizens or destabilise nominally friendly foreign regimes: Not news.
If your defence is 'Russia is as bad as us!' then you're in a pretty depressing place.
That's also true if you come from a Smalltalk background. The only globals in Smalltalk are the class names in the class table. Object state is all private, and both methods and closures have their own scopes for locals. I'd forgotten how bad it was in JavaScript until you reminded me.
Machine learning is a computationally expensive way of getting an approximate solution to problems that you don't really understand.
'The space program hasn't done anything important since 1969', says the guy carrying around a cheap consumer device that uses satellites to tell him where he is, to an accuracy of a few metres, on network that uses satellite links to enable access from planes and ships, and remote land locations, across most of the world.
Not necessarily. The big problem is not the lack of jail time, it's the lack of any consequences. If companies start to pay such large fines, then that gives the shareholders a big incentive to make salary, bonuses, and share options contingent on avoiding such fines.
There is no reason to hate Javascript unless you come from C++/Java "inherit everything and override everything" classes.
Sure there is. If you come from a Smalltalk or Self background, the lack of sane support for numbers is a good reason to hate JavaScript. Smalltalk had a rich set of integer and floating point types, and the default integer kind was automatically promoted to a BigInt object on overflow. In contrast, JavaScript has only one numeric type, a double-precision floating point value. Trying to efficiently represent a 64-bit integer in JavaScript is basically impossible, trying to support arbitrary-precision integers is horrible pain. Lisp and Smalltalk had these from the start.
Then there's the lack of portable support for sane forwarding until very recently. In Smalltalk, if you call a method that doesn't exist, then the invocation is wrapped in an object and passed to the doesNotUnderstand: method. This lets you do proxy things transparently and easily. In JavaScript, this used to be impossible.
Then there's the not-quite-pure-OO nature. Everything is an object, but some of the operations can't be modified and some objects (e.g. Number) can't be subclassed / used as a prototype. Or the fact that you have a single immutable prototype chain. Or the fact that the operators aren't methods (so can't be overloaded) but are weirdly defined for arbitrary types (what is object + object?). Or the weird type coercion that happens, so adding an integer to a string is well defined and has odd results, so 'foo' + 1 + 1 is 'foo11', but 1 + 1 + 'foo' is '2foo' (where, in a sane language, both of these would throw exceptions).
The problem is not that the salary is lower, it's by how much the salary is lower. A lecturer (most junior tenured faculty position in a UK university) makes, after a PhD, about the same amount as a computer science graduate from a decent university makes in their first job. After about 15-20 years, if they make it to professor (the most senior faculty position), they're making about a quarter to a half of what a PhD graduate from a decent university will make after a couple of years in industry (or what someone with a few years of good experience and a decent track record who didn't do a PhD). It's quite easy to find good people who will take a 20-30% pay cut in exchange for academic freedom. It's much harder to find people who will take a 70% pay cut for the same freedom. This is especially true when there are industrial research labs like MSR that pay a lot closer to an industrial salary for very slightly less freedom.
It's quite surprising to me. Apple's UK machine learning centre is just down the road and they're unusual in that they're the only part of Apple that's allowed to publish research papers. If he's going there, he's almost certainly going to do something that would count towards a PhD, so I'd expect him to stay enrolled, take the salary from Apple, and submit a thesis in a year to get the PhD as well.
Exactly my point. The Firefox extension model is probably fine for a password manager if you only use it for web sites that you completely control. Anything else? Not so much.
A few months ago, Slashdot reported Google was in trouble over their gmail for education product because they weren't showing ads to children, but they were scanning the information to build a profile of the children. Want to bet that their commercial version doesn't do the same thing?
Except that, in this case, they're still maintaining it as part of Office365, they're just no longer selling it as a stand-alone product. If you're an existing subscriber, there's literally no benefit for Microsoft to stop taking your money: some people will switch to Office365, but others will switch to gmail or whatever. There's no software maintenance cost for them, because they're still selling the exact same product as part of Office365.
Remember back when Microsoft stopped selling Word and so on as separate products and only sold Microsoft Office as a bundle? Would it be honest to say back then that they'd killed Microsoft Word?
EM noise is a real issue for analogue signals, where the wire acting as an antenna adds noise to what you hear. It's a complete non-issue for most digital connections, where it's in one of three states:
The third state is the only one where it matters. You can usually compensate for that by adding more error correction, so it's only an issue in very noisy environments or very long cable runs. This is why fibre is largely dying in the home: you need runs of at least several tens of metres before the signal quality loss from electric signals vs optical matters and until that point fibre gives you nothing other than inconvenience and cost.
The extension can only do that if the tabs are different sandboxes (typically different processes). Firefox does not currently do that and cannot switch to the security model that all other modern browsers including Edge use until they remove the current extensions mechanism.