nm are just labels when it comes to chips. The manufacturers call it whatever they want. There is no mass-production chip that actually has meaningful features measured at 10nm, much less 7nm.
Intel manufacturing is about level with the competitors, possibly slightly ahead. This however is a massive change from most of chip history, where mass produced Intel chips could be counted on to be at least one and sometimes two generations ahead of mass produced competitors.
There is a word in economics for the robot takeover. It's called "productivity growth". I.e. each worker produces more because they get robot help (or for any other reason) so fewer workers are needed to achieve the same output. Productivity growth is one of the very basic statistics that we know a lot about.
If the robot takeover was imminent, we would expect to see productivity growth of at least 10% a year, the same kind of growth that we saw in the previous great changes like the beginning of industrialization. In reality, productivity is struggling to grow at all! We are seeing a trend towards lower and lower growth.
Robot-takeover advocates keep saying that "it's just around the corner". However, it seems entirely unlikely that the downward-pointing productivity growth trend of the last decades would suddenly and drastically change.
Desalination plants are capital intensive. You cannot economically run a desalination plant on surplus electricity for a few hours a day, you need to run it almost continually. You can probably get away with shutting it down for a few peak-hours a day though.
The same is true for most of the other things people propose using free electricity for, such as hydrogen production.
Pumped storage makes sense if the river does not have sufficient flow but the height difference is considerable. With pumps and a lower reservoir, you can reuse the same water several times.
However, pumped hydro is generally only worth building if you get to use the pumps at least once a day, you can't meaningfully use it to e.g. store energy from winter to summer (unlike regular hydro which often does that). Batteries will soon (as in within 10 years) be able to do intraday load-following cheaper that pumped storage. Hopefully the pumps will have paid themselves back before that happens.
Marketshare doesn't affect me much. Modern Firefox is faster, more stable, less memory-intensive, renders even complex pages great.
If Firefox loses enough marketshare that it means layoffs for its developers, then that obviously affects me. But really, if I didn't care about stability and performance and rendering, what need would I have for new development?
Hopefully people will see how much of an improvement modern Firefox is, and the market share will go up again.
Of course one party consent should be enough for recording an actual conversation that they're taking part in.
Publishing said conversation (as opposed to e.g. handing it over to the police) is an entirely different matter, and likely should not be generally permitted.
Recording a conversation that they are NOT part of, like a driver recording passengers, should obviously not be allowed without at least implicit consent (i.e. prominent warning labels)
I can easily create reasonably meaningful work for at least 2 people with their hands "screwed on right", so to speak. I can't afford to hire them, partially because I prefer to spend money on goods and housing instead of services, but mostly because I'm just a regular guy.
I bet most people feel that way really. Does anyone in the 99% look around and say "gee, if I could have 2 people creating stuff for me, they'd just have to sit idle because I have everything I want in life". No. That will be the case until art and craft can be automated.
To conduct such attacks, the attacker depends on specialized hardware (so called software-defined radios) and a customized implementation of the LTE protocol stack. In addition, a controlled environment helps to be successful within an acceptable amount of time. In particular, the use of a shielding box helps to maintain a stable and noise-free connection to the attack setup. Especially the latter cannot be maintained in a real-world situation and more engineering effort is required for real-world attacks.
The same was said for attacks on 2G. Today attacks on 2G are routinely used by quite poor criminal gangs in third world countries. The state of 3G is a bit murky, but most phones happily downgrade to 2G if you ask them to.
The poor security of 2G is still costing lives on a regular basis. It is depressing that 4G isn't the leap forward we could hope for.
You can't really improve the algorithm, you can only switch which patterns you correct, which you detect, and which you fail on. Provably optimal algorithms have been known basically since anyone cared.
However, modern memory is 64 bit, not 16 bit. That gives you 20 bit of ECC to play with, and it ought to be possible to do much better with that.
Would using ECC memory avoid all this over hyped crap?
Yes ECC memory and ECC cache mitigates Rowhammer. In theory not completely, you could cause an undetected triple-bit error if you ran the attack long enough. However, in that time you are vastly more likely to hit a detectable-but-uncorrectable two-bit error that halts the machine.
(A quick Google implied that modern systems are still stuck with single-correction double-detection. I am not sure that is correct.)
A typical A4 PDF fullscreen in full HD on a 15" laptop screen is unreadable. The same A4 PDF on a 15" 2880 x 1800 laptop is very readable. Since laptops are widescreen anyway, you can even fit two A4 PDF pages side by side. I have no opinion on whether 4K is any better than 2880 x 1800, but full HD is bloody annoying. I am on a full HD laptop right now. Text is both jagged and blurry at the same time. I could disable subpixel rendering to make it purely jagged, but that just makes it even less readable.
You can easily reason your way to "all drivers or components must be GPL", but sometimes you have to look at what you can actually get away with. The fact is that lots of phone manufacturers distribute Linux kernels + proprietary extensions, in binary form. No one sues them, and it is unclear whether such a lawsuit would be successful, despite the rather obvious and easy-to-understand language of the GPLv2.
Similarly, you can reason that Linus Torvalds couldn't relicense Linux to anything other than GPLv2. In practice, we don't know until Linus attempts to do so and someone manages to stop him by winning in court. He has already made two major clarifications/changes (depending on how you look at them) with the declaration that userspace isn't derivative and with the whole EXPORT_SYMBOL_GPL invention. Note that some developers have publicly stated that as far as they're concerned, EXPORT_SYMBOL is the same as EXPORT_SYMBOL_GPL -- yet no one has (correct me if I'm wrong) been sued for making a derivative module that only touched EXPORT_SYMBOL and avoided EXPORT_SYMBOL_GPL.
If you bought your faulty CO detected from a US company, you can take them to court. If it's bad enough a class action suit would be raised.
It is not obvious to everyone that things labelled "Fulfilled by Amazon", "Amazon Prime", "Dispatched by Amazon" are NOT in fact sold by Amazon. Good luck suing "Special Price for You My Friend Inc." that it turns out you actually buy from, if you read enough fine print.
Vehicles do not produce significant amounts of carbon monoxide these days. Catalytic converters take care of that.
People used to euthanise undesirable animals caught in traps by exposing them to vehicle exhaust. Hopefully they have stopped; doing it today would be unreasonably cruel and slow.
Enterprise networks can implement any policies they want in the DNS servers that they force the employees, or they can go extra evil and simply intercept all DNS requests from clients. They do not need the browser to help them, and if they do, they probably have more-easily-exploited holes anyway.
DoS against external targets will be a bit pathetic, SYN packets are small and rebind can't spoof the source. For later packets, the host header won't match, so the target is unlikely to spend more than minimal processing time before dumping the request.
You can blame the system all you want. If you are stuck in the poverty trap, it is unlikely that you will be able to influence public policy in any meaningful way.
The poverty trap and its associated effective tax rates >100% are why we need UBI.
DNS recursive servers are notoriously bad. Anything that comes in through DNS should be viewed with extreme suspicion, unless it is DNSSEC validated.
You COULD implement my proposed defense in the recursive DNS server, like OpenDNS has an option to do, instead of in the browser itself. However, that would mean you are exposed when connecting to a public hotspot with a captive portal that mangles DNS requests and prevents you from connecting to a trustworthy server.
1) You would simply make the device connect to your fake DNS server.
That is not part of the DNS Rebind attack. You can accomplish that WITH a DNS Rebind attack that messes with the CPE settings, but then you have already won. My proposal stops the DNS Rebind attack from messing with the CPE settings in the first place.
Despite your original post seeming intelligent, this is not. Are you really this naive about the typical home broadband installation? Where almost always the router is doing DNS duty, thereby pushing out on DHCP itself as the first DNS server. This is standard on millions of devices, and you propose breaking it?
No, that is not my proposal. It is perfectly valid for the local CPE to be DNS server.
Imagine that the client, 192.168.1.10/24 asks the CPE, 192.168.1.1, what is the A record for www.harmless.com? 192.168.1.1 answers www.harmless.com IN A 88.44.22.11, which is a public internet address, so the browser accepts the answer. Then the same thing happens except the request is for evil.attacker.com, and it gets the answer (again coming from the CPE 192.168.1.1) evil.attacker.com IN A 192.168.1.50, which happens to be the Roku. Now the browser says AHA, 192.168.1.50 matches 192.168.1.0/24, someone is doing something bad! It drops the answer and refuses to connect to 192.168.1.50.
As I just explained, the piggy bank will go away on a regular basis. The lottery might, very unlikely, give you enough money to push you out of the trap. In the vastly more likely case that it does not rescue you, you have not lost anything you would not have lost anyway.
Yes, and this story has nothing to do with browsers.
In most cases the only thing you can achieve with a DNS rebind attack is sending a HTTP or HTTPS request to a target. Usually it will be a browser that sends that request. Many modern email clients can also send HTTP(S) requests, I had forgotten to consider those since I find that extremely silly.
But you are right, email clients that implement HTTP(S) should just a) stop doing that (I know, won't happen) or at least b) block all HTTP(S) access to RFC1918, RFC6598, link-local IPv6, ULA IPv6. And those clients should never send any HTTP requests that aren't GET; hopefully anything harmful that can be done to a homenet device at least requires a POST.
Are there any other clients that are realistically vulnerable to DNS rebind? I'd love to hear if so.
Example, the user types www.mybank.com and he is directed to the fake hacker site that looks just like his bank site and the hacker steals your credentials when you enter them.
That is not a rebind attack. You'd need a cache poisoning attack or a full takeover of the victim's DNS server to do that. My mitigation obviously does not fix that, that's what certificates are for.
Browsers could start ignoring DNS answers that point to addresses in the local LAN, unless the request was for a record that matches the local DNS domain or the answer comes from mDNS. That should be a relatively quick 90% solution that still keeps e.g. Active Directory working. It will even work for both IPv4 and IPv6.
And yes, fellow Slashdotters, I know you have networks where such assumptions will break. You also have the knowledge to enter about:config or to reconfigure your DNS server or network as appropriate.
For extra security, block all of RFC1918 + all non-public IPv6 space -- but that means a lot more false positives.
Slashdot Mirror
Javascript is both security-sensitive and performance-critical. Locking it to a single in-order core would be awful for browsing.
We could hope that Javascript developers would then fix their code, of course. Good luck.
10nm has been out for cell phones for years.
nm are just labels when it comes to chips. The manufacturers call it whatever they want. There is no mass-production chip that actually has meaningful features measured at 10nm, much less 7nm.
Intel manufacturing is about level with the competitors, possibly slightly ahead. This however is a massive change from most of chip history, where mass produced Intel chips could be counted on to be at least one and sometimes two generations ahead of mass produced competitors.
There is a word in economics for the robot takeover. It's called "productivity growth". I.e. each worker produces more because they get robot help (or for any other reason) so fewer workers are needed to achieve the same output. Productivity growth is one of the very basic statistics that we know a lot about.
If the robot takeover was imminent, we would expect to see productivity growth of at least 10% a year, the same kind of growth that we saw in the previous great changes like the beginning of industrialization. In reality, productivity is struggling to grow at all! We are seeing a trend towards lower and lower growth.
Robot-takeover advocates keep saying that "it's just around the corner". However, it seems entirely unlikely that the downward-pointing productivity growth trend of the last decades would suddenly and drastically change.
Desalination plants are capital intensive. You cannot economically run a desalination plant on surplus electricity for a few hours a day, you need to run it almost continually. You can probably get away with shutting it down for a few peak-hours a day though.
The same is true for most of the other things people propose using free electricity for, such as hydrogen production.
Pumped storage makes sense if the river does not have sufficient flow but the height difference is considerable. With pumps and a lower reservoir, you can reuse the same water several times.
However, pumped hydro is generally only worth building if you get to use the pumps at least once a day, you can't meaningfully use it to e.g. store energy from winter to summer (unlike regular hydro which often does that). Batteries will soon (as in within 10 years) be able to do intraday load-following cheaper that pumped storage. Hopefully the pumps will have paid themselves back before that happens.
Marketshare doesn't affect me much. Modern Firefox is faster, more stable, less memory-intensive, renders even complex pages great.
If Firefox loses enough marketshare that it means layoffs for its developers, then that obviously affects me. But really, if I didn't care about stability and performance and rendering, what need would I have for new development?
Hopefully people will see how much of an improvement modern Firefox is, and the market share will go up again.
And they're massively better off for it.
Modern Firefox is an absolutely great browser.
It's all confused.
Of course one party consent should be enough for recording an actual conversation that they're taking part in.
Publishing said conversation (as opposed to e.g. handing it over to the police) is an entirely different matter, and likely should not be generally permitted.
Recording a conversation that they are NOT part of, like a driver recording passengers, should obviously not be allowed without at least implicit consent (i.e. prominent warning labels)
I can easily create reasonably meaningful work for at least 2 people with their hands "screwed on right", so to speak. I can't afford to hire them, partially because I prefer to spend money on goods and housing instead of services, but mostly because I'm just a regular guy.
I bet most people feel that way really. Does anyone in the 99% look around and say "gee, if I could have 2 people creating stuff for me, they'd just have to sit idle because I have everything I want in life". No. That will be the case until art and craft can be automated.
The researchers state:
To conduct such attacks, the attacker depends on specialized hardware (so called software-defined radios) and a customized implementation of the LTE protocol stack. In addition, a controlled environment helps to be successful within an acceptable amount of time. In particular, the use of a shielding box helps to maintain a stable and noise-free connection to the attack setup. Especially the latter cannot be maintained in a real-world situation and more engineering effort is required for real-world attacks.
The same was said for attacks on 2G. Today attacks on 2G are routinely used by quite poor criminal gangs in third world countries. The state of 3G is a bit murky, but most phones happily downgrade to 2G if you ask them to.
The poor security of 2G is still costing lives on a regular basis. It is depressing that 4G isn't the leap forward we could hope for.
You can't really improve the algorithm, you can only switch which patterns you correct, which you detect, and which you fail on. Provably optimal algorithms have been known basically since anyone cared.
However, modern memory is 64 bit, not 16 bit. That gives you 20 bit of ECC to play with, and it ought to be possible to do much better with that.
Would using ECC memory avoid all this over hyped crap?
Yes ECC memory and ECC cache mitigates Rowhammer. In theory not completely, you could cause an undetected triple-bit error if you ran the attack long enough. However, in that time you are vastly more likely to hit a detectable-but-uncorrectable two-bit error that halts the machine.
(A quick Google implied that modern systems are still stuck with single-correction double-detection. I am not sure that is correct.)
A typical A4 PDF fullscreen in full HD on a 15" laptop screen is unreadable. The same A4 PDF on a 15" 2880 x 1800 laptop is very readable. Since laptops are widescreen anyway, you can even fit two A4 PDF pages side by side. I have no opinion on whether 4K is any better than 2880 x 1800, but full HD is bloody annoying. I am on a full HD laptop right now. Text is both jagged and blurry at the same time. I could disable subpixel rendering to make it purely jagged, but that just makes it even less readable.
You can easily reason your way to "all drivers or components must be GPL", but sometimes you have to look at what you can actually get away with. The fact is that lots of phone manufacturers distribute Linux kernels + proprietary extensions, in binary form. No one sues them, and it is unclear whether such a lawsuit would be successful, despite the rather obvious and easy-to-understand language of the GPLv2.
Similarly, you can reason that Linus Torvalds couldn't relicense Linux to anything other than GPLv2. In practice, we don't know until Linus attempts to do so and someone manages to stop him by winning in court. He has already made two major clarifications/changes (depending on how you look at them) with the declaration that userspace isn't derivative and with the whole EXPORT_SYMBOL_GPL invention. Note that some developers have publicly stated that as far as they're concerned, EXPORT_SYMBOL is the same as EXPORT_SYMBOL_GPL -- yet no one has (correct me if I'm wrong) been sued for making a derivative module that only touched EXPORT_SYMBOL and avoided EXPORT_SYMBOL_GPL.
If you bought your faulty CO detected from a US company, you can take them to court. If it's bad enough a class action suit would be raised.
It is not obvious to everyone that things labelled "Fulfilled by Amazon", "Amazon Prime", "Dispatched by Amazon" are NOT in fact sold by Amazon. Good luck suing "Special Price for You My Friend Inc." that it turns out you actually buy from, if you read enough fine print.
Vehicles do not produce significant amounts of carbon monoxide these days. Catalytic converters take care of that.
People used to euthanise undesirable animals caught in traps by exposing them to vehicle exhaust. Hopefully they have stopped; doing it today would be unreasonably cruel and slow.
Enterprise networks can implement any policies they want in the DNS servers that they force the employees, or they can go extra evil and simply intercept all DNS requests from clients. They do not need the browser to help them, and if they do, they probably have more-easily-exploited holes anyway.
DoS against external targets will be a bit pathetic, SYN packets are small and rebind can't spoof the source. For later packets, the host header won't match, so the target is unlikely to spend more than minimal processing time before dumping the request.
You can blame the system all you want. If you are stuck in the poverty trap, it is unlikely that you will be able to influence public policy in any meaningful way.
The poverty trap and its associated effective tax rates >100% are why we need UBI.
DNS recursive servers are notoriously bad. Anything that comes in through DNS should be viewed with extreme suspicion, unless it is DNSSEC validated.
You COULD implement my proposed defense in the recursive DNS server, like OpenDNS has an option to do, instead of in the browser itself. However, that would mean you are exposed when connecting to a public hotspot with a captive portal that mangles DNS requests and prevents you from connecting to a trustworthy server.
1) You would simply make the device connect to your fake DNS server.
That is not part of the DNS Rebind attack. You can accomplish that WITH a DNS Rebind attack that messes with the CPE settings, but then you have already won. My proposal stops the DNS Rebind attack from messing with the CPE settings in the first place.
Despite your original post seeming intelligent, this is not. Are you really this naive about the typical home broadband installation? Where almost always the router is doing DNS duty, thereby pushing out on DHCP itself as the first DNS server. This is standard on millions of devices, and you propose breaking it?
No, that is not my proposal. It is perfectly valid for the local CPE to be DNS server.
Imagine that the client, 192.168.1.10/24 asks the CPE, 192.168.1.1, what is the A record for www.harmless.com? 192.168.1.1 answers www.harmless.com IN A 88.44.22.11, which is a public internet address, so the browser accepts the answer. Then the same thing happens except the request is for evil.attacker.com, and it gets the answer (again coming from the CPE 192.168.1.1) evil.attacker.com IN A 192.168.1.50, which happens to be the Roku. Now the browser says AHA, 192.168.1.50 matches 192.168.1.0/24, someone is doing something bad! It drops the answer and refuses to connect to 192.168.1.50.
As I just explained, the piggy bank will go away on a regular basis. The lottery might, very unlikely, give you enough money to push you out of the trap. In the vastly more likely case that it does not rescue you, you have not lost anything you would not have lost anyway.
Yes, and this story has nothing to do with browsers.
In most cases the only thing you can achieve with a DNS rebind attack is sending a HTTP or HTTPS request to a target. Usually it will be a browser that sends that request. Many modern email clients can also send HTTP(S) requests, I had forgotten to consider those since I find that extremely silly.
But you are right, email clients that implement HTTP(S) should just a) stop doing that (I know, won't happen) or at least b) block all HTTP(S) access to RFC1918, RFC6598, link-local IPv6, ULA IPv6. And those clients should never send any HTTP requests that aren't GET; hopefully anything harmful that can be done to a homenet device at least requires a POST.
Are there any other clients that are realistically vulnerable to DNS rebind? I'd love to hear if so.
Example, the user types www.mybank.com and he is directed to the fake hacker site that looks just like his bank site and the hacker steals your credentials when you enter them.
That is not a rebind attack. You'd need a cache poisoning attack or a full takeover of the victim's DNS server to do that. My mitigation obviously does not fix that, that's what certificates are for.
Browsers could start ignoring DNS answers that point to addresses in the local LAN, unless the request was for a record that matches the local DNS domain or the answer comes from mDNS. That should be a relatively quick 90% solution that still keeps e.g. Active Directory working. It will even work for both IPv4 and IPv6.
And yes, fellow Slashdotters, I know you have networks where such assumptions will break. You also have the knowledge to enter about:config or to reconfigure your DNS server or network as appropriate.
For extra security, block all of RFC1918 + all non-public IPv6 space -- but that means a lot more false positives.