intel wanting to make future chips "Fast but insecure" by default, and requiring the BIOS or OS to tell the CPU "No bitch, secure mode only please", just so they could continue to claim benchmark scores (naturally, with the anti-spectre and meltdown patches disabled so the chip runs really fast.)
Which is effectively the VW-emissions-scandal school of benchmarking.
Or the robot called speedy in Asimov's runaround who goes to fetch selenium but ends up going round in circles - the equilibrium point between two of the laws of robotics: always obey human instructions and always protect your existence (as long as it doesn’t result in human injury).
It depends on the definition of 'on the internet'.
Your average person is connected, and broadcasting information about their life, to the internet whether they realise it or not. Maybe technical people on Slashdot are aware of that, or take countermeasures to prevent it, but the vast majority of people are communicatating personal data with other networked machines via a personally identifiable device throughout the day (and often night).
Taking into account smart TVs, wearables, alexa equivalents, networked vehicles, net-connected power monitoring, phones etc, measuring 'on the internet' as equivalent to screen-time seems false right now.
South Korea doesn't require real names for general internet use. That was proposed in 2007-2009 and struck down in 2012. I was working in Seoul in November & December last year. There was no real name requirement to use the internet.
Forcing mobile handsets to use GPS for 911 calls was supposed to have been enshrined in US law since 1996 (The E911 program). But...
In 1996, the U.S. Federal Communications Commission (FCC) issued an order requiring wireless carriers to determine and transmit the location of callers who dial 9-1-1. The FCC set up a phased program: Phase I involved sending the location of the receiving antenna for 9-1-1 calls, while Phase II sends the location of the calling telephone. Carriers were allowed to choose to implement 'handset based' location by Global Positioning System (GPS) or similar technology in each phone, or 'network based' location by means of triangulation between cell towers. The order set technical and accuracy requirements: carriers using 'handset based' technology must report handset location within 50 meters for 67% of calls, and within 150 meters for 90% of calls; carriers using 'network based' technology must report location within 100 meters for 67% of calls and 300 meters for 90% of calls.
The order also laid out milestones for implementing wireless location services. Many carriers requested waivers of the milestones, and the FCC granted many of them. By mid-2005, implementation of Phase II was generally underway, limited by the complexity of coordination required from wireless and wireline carriers, PSAPs, and other affected government agencies; and by the limited funding available to local agencies which needed to convert PSAP equipment to display location data (usually on computerized maps).
In July 2011, the FCC announced a proposed rule requiring that after an eight-year implementation period, at some yet-to-be-determined date in 2019, wireless carriers will be required to meet more stringent location accuracy requirements. If enacted, this rule would require both "handset based" and "network based" location techniques to meet the same accuracy standard, regardless of the underlying technology used. The rule is likely to have no effect as all major carriers will have already achieved over 85% GPS chipset penetration, and are thus able to meet the standard regardless of their 'network based' location capabilities.
The UK has laws that provide for this right to search encrypted digital data. The Regulation of Investigatory Powers Act 2000, Part III. In the UK, strong encryption is permitted, but if the police demand that a defendent decrypts a file then either the passcode/phrase or plaintext must be handed over. If the defendent doesn't do this and is convicted under RIPA they can be sentenced to 2 years imprisonment, or 5 years if the data is believed to involve child abuse or terrorism.
There is some dispute over whether this law has been applied fairly in the UK (eg some people convicted of refusing to decrypt data have been diagnosed with Aspergers Syndrome), there are no legal provisions for people who forget a password/phrase (reversal of the presumption of innocence), and the law is ambiguous regarding what exactly constitutes a provably encrypted file vs random data. But this law exists in parallel with the right to encrypt.
To be clear, I believe RIPA is bad legislation. But it is an example of what a government concocts after six years of deliberation into the problem.
The super-rich often school their children in low-tech or anti-tech Waldorf Steiner and Montessori schools. This is especially true of the offsping of the wealthy tech elite.
documentation explaining what key update/replacemet mechanism was build into the southbridges in case the key DID leak
There is no documentation on update/replacemet because it's not possible. If they leaked, chips using those keys would be compromised.
From the only authoritative book on the subject; 'Platform Embedded Security Technology Revealed' by Xiaoyu Ruan:
The Boot Guard configurations set by the OEM slightly vary among different products. In general and at a minimum, the OEM is responsible for configuring its public key hash for a verified boot, and the boot policies via the security and management engine.
The security of a verified boot is rooted to the OEM's asymmetric keypair. The OEM generates a 2048-bit RSA keypair as its root key for signing manifests for the initial boot blocks. The private portion of the root keypair must be kept securely, and signing manifests for initial boot blocks shall be its sole usage. On the other hand, the SHA-256 hash of the public key is programmed to the field programmable fuses during the manufacturing process. The public key hash consumes 256 fuses that belong to the multiple-bit one-time programming category, which cannot be updated once written. Because of the one-time programming limitation, the OEM will not be able to renew the root key or update the hash, even if the private key is compromised. Therefore, the OEM must protect its root private key in a signing server with strong protection from attacks or leakage.
Xiaoyu Ruan is responsible for designing cryptography infrastructure and security applications for Intel's security and management engine.
The option is open hardware. One of Intel's most vocal anti-ME corporate customers is Google, who are gearing up to replace Intel x86-based servers with the OpenPOWER (IBM Power9) platform in data centres, in part, for this very reason.
They're not going far enough with the Amazon Echo/Google Home/Apple HomePod.
I keep reading about the advances in autonomous weapons platforms, and how the world's going to be over-run by swarms of 'killer robots', yet even with the resources of Google and Amazon, their idea of a turf war is 'directing users to the web version'.
Man-up guys, I want to see the home entertainment system equivalent of Robot Wars, right in my front room. Partner with DARPA, weaponize those babys up, give them some tank-tracks, and let's see Amazon and Google really duke it out for prime real-estate in the consumer's house.
A dusting of andom noise does not fool facial recognition. Features extraction for hashing uses wavelet image processing (among other processes). Splitting the data into different frequency ranges allows the algorithm to isolate the frequency components (introduced by factors like expression or illumination) into sub-bands. Wavelet-based methods strip out these variables and focus on the sub-bands that contain the most relevant information.
Slashdot Mirror
Users can be tracked without Cookies, Javascript, LocalStorage, SessionStorage, GlobalStorage, Flash, Java, IP or browser/font profiling etc.
ETag tracking doesn't need any of these methods.
And I'd like to know how it will work on my Nokia Brick!
Without a charismatic visionary at the helm, a social enterprise of any worth devolves into an aimless, directionless mess.
intel wanting to make future chips "Fast but insecure" by default, and requiring the BIOS or OS to tell the CPU "No bitch, secure mode only please", just so they could continue to claim benchmark scores (naturally, with the anti-spectre and meltdown patches disabled so the chip runs really fast.)
Which is effectively the VW-emissions-scandal school of benchmarking.
Or the robot called speedy in Asimov's runaround who goes to fetch selenium but ends up going round in circles - the equilibrium point between two of the laws of robotics: always obey human instructions and always protect your existence (as long as it doesn’t result in human injury).
Bangkok is an hour away and has absolutely world-class healthcare at about 1/5th to 1/7th of the cost of western private healthcare.
Singapore is also very good, but not as cheap as Thailand.
It depends on the definition of 'on the internet'.
Your average person is connected, and broadcasting information about their life, to the internet whether they realise it or not. Maybe technical people on Slashdot are aware of that, or take countermeasures to prevent it, but the vast majority of people are communicatating personal data with other networked machines via a personally identifiable device throughout the day (and often night).
Taking into account smart TVs, wearables, alexa equivalents, networked vehicles, net-connected power monitoring, phones etc, measuring 'on the internet' as equivalent to screen-time seems false right now.
The existing open hardware platform (OpenPower/Power9) is also exposed to this vulnerability.
Regarding size and weight specifics...
From the Nat Geo site: Estimates say the rock likely measured three to six feet across, and could have weighed more than a ton.
Unplanned obsolescence!
South Korea doesn't require real names for general internet use. That was proposed in 2007-2009 and struck down in 2012. I was working in Seoul in November & December last year. There was no real name requirement to use the internet.
In 1996, the U.S. Federal Communications Commission (FCC) issued an order requiring wireless carriers to determine and transmit the location of callers who dial 9-1-1. The FCC set up a phased program: Phase I involved sending the location of the receiving antenna for 9-1-1 calls, while Phase II sends the location of the calling telephone. Carriers were allowed to choose to implement 'handset based' location by Global Positioning System (GPS) or similar technology in each phone, or 'network based' location by means of triangulation between cell towers. The order set technical and accuracy requirements: carriers using 'handset based' technology must report handset location within 50 meters for 67% of calls, and within 150 meters for 90% of calls; carriers using 'network based' technology must report location within 100 meters for 67% of calls and 300 meters for 90% of calls.
The order also laid out milestones for implementing wireless location services. Many carriers requested waivers of the milestones, and the FCC granted many of them. By mid-2005, implementation of Phase II was generally underway, limited by the complexity of coordination required from wireless and wireline carriers, PSAPs, and other affected government agencies; and by the limited funding available to local agencies which needed to convert PSAP equipment to display location data (usually on computerized maps).
In July 2011, the FCC announced a proposed rule requiring that after an eight-year implementation period, at some yet-to-be-determined date in 2019, wireless carriers will be required to meet more stringent location accuracy requirements. If enacted, this rule would require both "handset based" and "network based" location techniques to meet the same accuracy standard, regardless of the underlying technology used. The rule is likely to have no effect as all major carriers will have already achieved over 85% GPS chipset penetration, and are thus able to meet the standard regardless of their 'network based' location capabilities.
https://en.wikipedia.org/wiki/...
The UK has laws that provide for this right to search encrypted digital data. The Regulation of Investigatory Powers Act 2000, Part III. In the UK, strong encryption is permitted, but if the police demand that a defendent decrypts a file then either the passcode/phrase or plaintext must be handed over. If the defendent doesn't do this and is convicted under RIPA they can be sentenced to 2 years imprisonment, or 5 years if the data is believed to involve child abuse or terrorism.
There is some dispute over whether this law has been applied fairly in the UK (eg some people convicted of refusing to decrypt data have been diagnosed with Aspergers Syndrome), there are no legal provisions for people who forget a password/phrase (reversal of the presumption of innocence), and the law is ambiguous regarding what exactly constitutes a provably encrypted file vs random data. But this law exists in parallel with the right to encrypt.
To be clear, I believe RIPA is bad legislation. But it is an example of what a government concocts after six years of deliberation into the problem.
Their meltdown backdoor's unavailable so it's time to legislate on front doors again.
The super-rich often school their children in low-tech or anti-tech Waldorf Steiner and Montessori schools. This is especially true of the offsping of the wealthy tech elite.
You had me at 'Think'.
documentation explaining what key update/replacemet mechanism was build into the southbridges in case the key DID leak
There is no documentation on update/replacemet because it's not possible. If they leaked, chips using those keys would be compromised.
From the only authoritative book on the subject; 'Platform Embedded Security Technology Revealed' by Xiaoyu Ruan:
The Boot Guard configurations set by the OEM slightly vary among different products. In general and at a minimum, the OEM is responsible for configuring its public key hash for a verified boot, and the boot policies via the security and management engine.
The security of a verified boot is rooted to the OEM's asymmetric keypair. The OEM generates a 2048-bit RSA keypair as its root key for signing manifests for the initial boot blocks. The private portion of the root keypair must be kept securely, and signing manifests for initial boot blocks shall be its sole usage. On the other hand, the SHA-256 hash of the public key is programmed to the field programmable fuses during the manufacturing process. The public key hash consumes 256 fuses that belong to the multiple-bit one-time programming category, which cannot be updated once written. Because of the one-time programming limitation, the OEM will not be able to renew the root key or update the hash, even if the private key is compromised. Therefore, the OEM must protect its root private key in a signing server with strong protection from attacks or leakage.
Xiaoyu Ruan is responsible for designing cryptography infrastructure and security applications for Intel's security and management engine.
LazyCoin is rooted in reality and practicality.
At least her temper tantrum saved you the $24.68 transaction fee.
The option is open hardware. One of Intel's most vocal anti-ME corporate customers is Google, who are gearing up to replace Intel x86-based servers with the OpenPOWER (IBM Power9) platform in data centres, in part, for this very reason.
Trump uses PHP.
Or Golf Script to keep his Code Golf score to a minimum. Arf.
the world’s most populous city.
Tokyo is nowhere near. By number of people, that's Mexico City. By overall density it's Dhaka. And by density in a single district it's Hong Kong.
"Yabba Dabba Dooooo!!!!"
--Yogi Bear (market)
They're not going far enough with the Amazon Echo/Google Home/Apple HomePod.
I keep reading about the advances in autonomous weapons platforms, and how the world's going to be over-run by swarms of 'killer robots', yet even with the resources of Google and Amazon, their idea of a turf war is 'directing users to the web version'.
Man-up guys, I want to see the home entertainment system equivalent of Robot Wars, right in my front room. Partner with DARPA, weaponize those babys up, give them some tank-tracks, and let's see Amazon and Google really duke it out for prime real-estate in the consumer's house.
A dusting of andom noise does not fool facial recognition. Features extraction for hashing uses wavelet image processing (among other processes). Splitting the data into different frequency ranges allows the algorithm to isolate the frequency components (introduced by factors like expression or illumination) into sub-bands. Wavelet-based methods strip out these variables and focus on the sub-bands that contain the most relevant information.