This Paper discusses several ways to compromise your TPM. It also notes that secure boot infrastructure like Intel TXT and the AMD counterpart (when used with an appropriate boot loader) effectively prevents the attacks.
valgrind, BoundsChecker, and I believe the others mentioned, are all run-time error checkers. These require a test case that execises the bug.
The static analysis tools the poster was asking about, like those from Coverity and Green Hills, don't need test cases. They work by analyzing the actual semantics of the source code. I've found bugs with tools like these in code that was hard enough to read that I had to write test cases to verify that the tool was right. And it was! The bug would have caused an array overflow write under the right conditions.
I just don't understand who you people are and how you act that you arouse suspicion when entering countries. I have long hair and a beard, I look like a stoner, I mean I look like a software engineer. No one has ever searched ANYTHING of mine entering Japan, Sweden, Germany, The Netherlands, UK, Mexico, or Canada. On returning from Amsterdam to the US many times, still bleary from the night before, all I ever get is "Welcome Home, Sir". Have I just been lucky?
The worst experience I ever had was entering Canada late at night and mistakenly answered "yes" when asked if I was there to work. What I meant was "No, I'm here on business". That one cost me twenty minutes waiting to talk to immigration to correct my mistake.
I don't wish C++ would go away. I just wish people would have some ^#@$!% *TASTE* when using it. Don't overload arithmetic operators for non-arithmetic types! In fact don't overload ANY operators. It makes your code absolutely unreadable and often hides the very real cost of intermediate value allocation/deallocation.
The bigger one better be more stable than the old one. We found it to be mighty shaky at best. It rapidly falls victim to the cats, let alone Empire Tie Fighters.
I agree that gaming on Linux desktops isn't a great business case today. But competition with NVidia in the embedded market is. NVidia has a lot of energy behind OpenGL ES. Take a look at the talks they gave at GDC 2006, such as Khronos: Creating the Embedded Media Processing Ecosystem and Graphics Rendering With OpenGL ES. AMD has a better play than NVidia for embedded platforms running Linux because AMD can win both the graphics socket AND the processor.
As a pleasant side effect for my/.'ers, desktop support will rock too. But I don't think that's what this is about.
It is called the Marin Headlands. All it takes is to cross the Golden Gate bridge. 10 minutes from town at the right time of day/week.(Begin the cackling about actually GETTING to the bridge from SoMa.)
In Tokyo, I remember never having a sense of where in the city I was. You just sort of disappear into the subways and reappear in a different setting.
I just go by where on the Yamanote line I am. No worry about getting on the wrong direction, you'll get there eventually. Not quite like getting on the 405 heading south when you should have been going north. You can loose hours that way.
This is the second breathy nonsensical post on/. today. Nobody is being gouged for anything. Using GPL code does not obligate you to distributed update software. Using LGPL libraries does not obligate you to distribute source for your applications. Get over it people! Just because they used Linux doesn't mean they have to bend over to keep your precious STB alive! You think DirecTV is doing anything about my DirecTivo?!?!?!
The other breathy nonsensical headline today was the tripe about HP "dishonoring" warantees if Linux was installed. Riiiiight. I can see them saying "Sorry, unsupported configuration, please reinstall the software we qualified the box with and if you are still having trouble call us back". That makes sense. But I saw nothing that implied that installing Linux in some way permanently invalidated your warantee. Nothing. Nothing except a bunch of trolls.
Is this like, the late 1990's or what? This article is as breathy as an AI article in Byte Magazine. It is as over-hyped as a pump-and-dump stock spam scam. WHO GIVES A SHIT!?! We're talking about a data encoding scheme, not a polio vacine! Get a lIfE!
Intel is very hard to get docs out of even if you have a commercial need for them. When they do issue docs, they are issued to a specific engineer, not a company. Each copy is tracked. The cover has language that says the book must be stored in a locked cabinet and direction not to leave the book unattended when it is not in a locked cabinet.
Given this behavior toward partners with a legitmate comercial need for docs, I can't imagine them changing their policy toward open source projects.
Age has another aspect to it -- replacement hardware. I'm on my second PS2, a power surge after a car hit a power pole in my neighborhood took out the first one about eight months ago. I've seen others here post that they are on their third. A most interesting statistic would be how many of these are second time purchases.
The predictable response time in an RTOS extends up to the application level. Interrupt to semaphore release time is a figure of merit with regard to RTOSes.
Most RTOSes have optional priority inversion safe semaphores. I can't think of an RTOS that doesn't provide semaphores, as opposed to spin-locks.
An RTOS places no restrictions on APPLICATION code. An RTOS does place restrictions on DRIVER code. You are right that the things you decribe cannot be done in driver code. But from an application API and multi-threaded programming point of view, an RTOS looks like any other OS.
You can get priority inversion with ANY threading package, including pthreads and Java as both allow you to set priorities. You can get deadlock in ANY multi-threaded program, including pthreads and Java programs.
There is nothing magic about an RTOS. Now building real time systems with an RTOS is something that very few people seem to grasp.
You don't really want a general purpose OS as "realtime" anyway - it just doesn't help things at all and tends to complicate the processing model.
In what way does an RTOS complicate the "processing model"? On the aplication side you can use pthreads on a posix conforming RTOS and you get better response time to events from the drivers than you would with a posix conforming non-RTOS like Linux.
Go figured they'd detect Cocaine at UCSB. I went there in the 80's, and I detected plenty of coke. Also the same school where a Psych grad got busted for stealing cocaine from lab rats.
It's already too late. If you've already developed the product, then you've shot your wad. Why did you build it without a plan for how you were going to make money by bringing it to market? Might as well go find a real job while you have some money left.
Most common startup business plan:
Phase 1: Collect Underpants
Phase 2: ???
Phase 3: Profit!
I've always wanted to name a company "Phase 3 Software".
I gave up on gnucash years ago. Scheme for scripting? Yeah right. I looked at Moneydance, but I wanted full source. Finally just wrote my own -- it does exactly what I want.
At least around here, it isn't too uncommon for people to work many dozens of more hours than they're officially paid for in a week.
These are not "hourly employees". If they were, they would get paid overtime or even the government would be violating labor laws. These are exempt employees. They are not paid by the hour, so they can't be workng dozens more hours than they are getting paid for.
You know, a job is a job. Stop whining, or find a better employer. I've pulled been unemployed, and I've been underemployed, and it sucks. There are worse problems to have than not being able to Skype at work.
Slashdot Mirror
This Paper discusses several ways to compromise your TPM. It also notes that secure boot infrastructure like Intel TXT and the AMD counterpart (when used with an appropriate boot loader) effectively prevents the attacks.
valgrind, BoundsChecker, and I believe the others mentioned, are all run-time error checkers. These require a test case that execises the bug. The static analysis tools the poster was asking about, like those from Coverity and Green Hills, don't need test cases. They work by analyzing the actual semantics of the source code. I've found bugs with tools like these in code that was hard enough to read that I had to write test cases to verify that the tool was right. And it was! The bug would have caused an array overflow write under the right conditions.
I just don't understand who you people are and how you act that you arouse suspicion when entering countries. I have long hair and a beard, I look like a stoner, I mean I look like a software engineer. No one has ever searched ANYTHING of mine entering Japan, Sweden, Germany, The Netherlands, UK, Mexico, or Canada. On returning from Amsterdam to the US many times, still bleary from the night before, all I ever get is "Welcome Home, Sir". Have I just been lucky? The worst experience I ever had was entering Canada late at night and mistakenly answered "yes" when asked if I was there to work. What I meant was "No, I'm here on business". That one cost me twenty minutes waiting to talk to immigration to correct my mistake.
I don't wish C++ would go away. I just wish people would have some ^#@$!% *TASTE* when using it. Don't overload arithmetic operators for non-arithmetic types! In fact don't overload ANY operators. It makes your code absolutely unreadable and often hides the very real cost of intermediate value allocation/deallocation.
The bigger one better be more stable than the old one. We found it to be mighty shaky at best. It rapidly falls victim to the cats, let alone Empire Tie Fighters.
As a pleasant side effect for my /.'ers, desktop support will rock too. But I don't think that's what this is about.
It is called the Marin Headlands. All it takes is to cross the Golden Gate bridge. 10 minutes from town at the right time of day/week.(Begin the cackling about actually GETTING to the bridge from SoMa.)
This is the second breathy nonsensical post on /. today. Nobody is being gouged for anything. Using GPL code does not obligate you to distributed update software. Using LGPL libraries does not obligate you to distribute source for your applications. Get over it people! Just because they used Linux doesn't mean they have to bend over to keep your precious STB alive! You think DirecTV is doing anything about my DirecTivo?!?!?!
The other breathy nonsensical headline today was the tripe about HP "dishonoring" warantees if Linux was installed. Riiiiight. I can see them saying "Sorry, unsupported configuration, please reinstall the software we qualified the box with and if you are still having trouble call us back". That makes sense. But I saw nothing that implied that installing Linux in some way permanently invalidated your warantee. Nothing. Nothing except a bunch of trolls.
The MAC address ...
Try getting people to pronounce "Linux" consistently ...
Is this like, the late 1990's or what? This article is as breathy as an AI article in Byte Magazine. It is as over-hyped as a pump-and-dump stock spam scam. WHO GIVES A SHIT!?! We're talking about a data encoding scheme, not a polio vacine! Get a lIfE!
Since when does fantasy get mod'ed as insightful?
/. readers think that this romantic image of the startup is a viable. It's not.
Sure the teaming millions of young
THE TECHNOLOGY DOESN'T MATTER!!! IT IS HOW YOU MARKET AND SELL IT THAT MATTERS!!
Has no one looked at the 8086 vs 68k recently? Windows vs MacOS? AMD vs Intel?
How many times must we relearn this lesson?
If you like technology, like it 'cause it's cool. If you want to earn money, then get an MBA!
But you wear it so well!
Based on your argument C doesn't have arrays, just pointers with some syntactic sugar.
Given this behavior toward partners with a legitmate comercial need for docs, I can't imagine them changing their policy toward open source projects.
If Plasma == BetaMax, does that mean in another year I'll only be able to watch pRon on my plasma TV?
Age has another aspect to it -- replacement hardware. I'm on my second PS2, a power surge after a car hit a power pole in my neighborhood took out the first one about eight months ago. I've seen others here post that they are on their third. A most interesting statistic would be how many of these are second time purchases.
The predictable response time in an RTOS extends up to the application level. Interrupt to semaphore release time is a figure of merit with regard to RTOSes.
Most RTOSes have optional priority inversion safe semaphores. I can't think of an RTOS that doesn't provide semaphores, as opposed to spin-locks. An RTOS places no restrictions on APPLICATION code. An RTOS does place restrictions on DRIVER code. You are right that the things you decribe cannot be done in driver code. But from an application API and multi-threaded programming point of view, an RTOS looks like any other OS.
You can get priority inversion with ANY threading package, including pthreads and Java as both allow you to set priorities. You can get deadlock in ANY multi-threaded program, including pthreads and Java programs. There is nothing magic about an RTOS. Now building real time systems with an RTOS is something that very few people seem to grasp.
In what way does an RTOS complicate the "processing model"? On the aplication side you can use pthreads on a posix conforming RTOS and you get better response time to events from the drivers than you would with a posix conforming non-RTOS like Linux.
Go figured they'd detect Cocaine at UCSB. I went there in the 80's, and I detected plenty of coke. Also the same school where a Psych grad got busted for stealing cocaine from lab rats.
Most common startup business plan:
I've always wanted to name a company "Phase 3 Software".
I gave up on gnucash years ago. Scheme for scripting? Yeah right. I looked at Moneydance, but I wanted full source. Finally just wrote my own -- it does exactly what I want.
These are not "hourly employees". If they were, they would get paid overtime or even the government would be violating labor laws. These are exempt employees. They are not paid by the hour, so they can't be workng dozens more hours than they are getting paid for.
You know, a job is a job. Stop whining, or find a better employer. I've pulled been unemployed, and I've been underemployed, and it sucks. There are worse problems to have than not being able to Skype at work.