I think it's hilarious that they don't realize that it's their own insatiable desire to spy on everyone that is the primary driving force behind the spread of encrypted communications. That they don't realize this truth makes it all the more funny.
I think it's hilarious that they don't realize that it's their own insatiable desire to spy on everyone that is the primary driving force behind the spread of encrypted communications. That they don't realize this truth makes it all the more funny.
WTF is the point of them other than to make you feel good?
The point is to make you play the game more and want to play more games. It's a form of psychological validation which people very much want. If you analyze what they are then you can undermine your desire for them but that can also be quickly undone when you see what you are lacking.
It's neurohacking to get people to spend money on games, so why would they ever stop doing it?
It pains me to side with Microsoft but their decision here is a good and legitimate one.
The key to it's legitimacy is this quote:
There is a problem where some anti-virus vendors are using techniques to bypass Kernel Patch Protection by injecting a hypervisor which they use to intercept syscalls and make assumptions about memory locations — memory locations which are now changing with the Meltdown fixes.
Let's see if the courts are as willing as social media platforms to allow racism and discrimination as long as it's against the "right" people.
Social media platforms are privately owned spaces. As such, they are allowed to discriminate against anyone for any reason. If you do not like how they discriminate then you can build your own platform and discriminate against people you don't like. Alternatively, you can discriminate against nobody and have an entire platform that is swamped by spammers, the most reviled and discriminated against class in existence.
Open Hardware doesn't fix problems in silicon that has already been manufactured. It might help with the next generation but it won't prevent bugs from appearing in the first place.
This is 100% correct. However, unlike with Intel, you would be able to get a 1:1 replacement with only the hardware issue fixed.
Open Hardware is a worthy goal but it's going to be a LOT trickier to pull off in the real world for mostly economic reasons.
Also 100% correct. That said, people are working out the details on drastically reducing the cost of microfabrication. It won't replace cutting edge mass production but it will make it prototyping and inspection of subsystems a lot easier. The idea here is to identify hardware/timing exploits before they ever make it mass production.
The "World Wide Web" is not the Internet, it's what is the cumulative result of using the Hyper Text Transport Protocol. The Internet is the amalgamated cable, routers and servers which send information around, including the Web. I agree that the World Wide Web Consortium (W3C) which dictates what qualifies as being Web has gone to shit and needs to be replaced but that has nothing to do with the hardware.
The Internet is more alive than ever, it's only what the Internet is used for that needs to be replaced.
NASA doesn't make drones because drones do well defined repetitive tasks. NASA makes probes that explore the unknown. Even the program is called "Ross Ice Shelf and Europa Underwater Probe"
The PoC might have been written "in Javascript", but that doesn't mean it can be exploited by a random script referenced by an untrusted web page somewhere...
Actually, that's exactly what it means. Why do you think they went through the effort of dropping support for high resolution timers? https://hackaday.com/2018/01/0...
When, exactly, did web pages acquire the means of compiling random Javascript into literal x86/AMD64 assembly language? Oh wait... they didn't.
It doesn't have to be literal because it's a timing based attack. It reads like you don't understand the issue and have no real place commenting here because they even made an example in the whitepaper of using javascript.
If you just look at Intel's legal history, you'll see they have been mired in accusations and convictions of unethical and anti-competitive business practices since the early 1980s. Buying from Intel has always been a devil's bargain, it's just now that you are realizing what you have done because it's directly affecting you.
The problem isn't random parts of the internet being slowed down, it's your local ISP slowing you down. Regulation on intrastate traffic is sufficient to get basic net neutrality. ISPs would really have to go out of their way to screw you over which is just asking for trouble.
We as humans are animals and as such can be victims of our own nature. In this context, it's a well understood fact that humans have a tendency to make poor long-term decisions based on sudden emotionally charged events. After the flood of neurotransmitters has subsided, we are much better at making long-term decisions.
This is a good example of what happens when you fail to invest in strong security. I'm not talking just about getting hacked, I'm also talking about employees walking off with your data and selling it. The ability to access this information should have been heavily scrutinized and limited. I'm guessing India had an amateur hour setup and has no way of tracking how this information was even taken.
It's gotta be tough being in the marketing department at Microsoft because you have to invent all these bizarre scenarios where an inferior product actually performs marginally better. Obviously, Edge is slower at loading websites and uses more electricity in the process so they resorted to the least realistic usage scenario: playing a video from disk for 15 hours.
The truth of the matter is that they are all using hardware based video decoding which means all three browsers should have nearly equal run-time. I'm guessing the difference is how the file is or isn't cached which they exaggerated as much as possible.
Microsoft's motto should be: if you can't compete then just cheat!
What we need is to limit the amount of money that any one entity can spend on political causes and require that 100% of funds for Political Action Committees are from donations. This would drastically reduce the amount of political corruption in this country.
That said, websites that are not dedicated to carrying news need to stop carrying news and those that do need to be held accountable for it's accuracy or lack thereof.
Slashdot Mirror
Congress Is About To Vote On Expanding the Warrantless Surveillance of Americans
I think it's hilarious that they don't realize that it's their own insatiable desire to spy on everyone that is the primary driving force behind the spread of encrypted communications. That they don't realize this truth makes it all the more funny.
Well I guess if you can't care for oil properly that means *no more oil for YOU*.
Oh if only the world were so lucky then we could switch over to wind/solar/nuclear in under a year.
I think it's hilarious that they don't realize that it's their own insatiable desire to spy on everyone that is the primary driving force behind the spread of encrypted communications. That they don't realize this truth makes it all the more funny.
WTF is the point of them other than to make you feel good?
The point is to make you play the game more and want to play more games. It's a form of psychological validation which people very much want. If you analyze what they are then you can undermine your desire for them but that can also be quickly undone when you see what you are lacking.
It's neurohacking to get people to spend money on games, so why would they ever stop doing it?
Just think of the entirely new type of ransomware we'll get out of this! Super job, facebork! ;)
It pains me to side with Microsoft but their decision here is a good and legitimate one.
The key to it's legitimacy is this quote:
There is a problem where some anti-virus vendors are using techniques to bypass Kernel Patch Protection by injecting a hypervisor which they use to intercept syscalls and make assumptions about memory locations — memory locations which are now changing with the Meltdown fixes.
Let's see if the courts are as willing as social media platforms to allow racism and discrimination as long as it's against the "right" people.
Social media platforms are privately owned spaces. As such, they are allowed to discriminate against anyone for any reason. If you do not like how they discriminate then you can build your own platform and discriminate against people you don't like. Alternatively, you can discriminate against nobody and have an entire platform that is swamped by spammers, the most reviled and discriminated against class in existence.
but it's clear that when AMD is competitive Intel produces better chips.
No, they don't. What they do is resort to anticompetitive behavior. You clearly do not know the history of Intel.
Open Hardware doesn't fix problems in silicon that has already been manufactured. It might help with the next generation but it won't prevent bugs from appearing in the first place.
This is 100% correct. However, unlike with Intel, you would be able to get a 1:1 replacement with only the hardware issue fixed.
Open Hardware is a worthy goal but it's going to be a LOT trickier to pull off in the real world for mostly economic reasons.
Also 100% correct. That said, people are working out the details on drastically reducing the cost of microfabrication. It won't replace cutting edge mass production but it will make it prototyping and inspection of subsystems a lot easier. The idea here is to identify hardware/timing exploits before they ever make it mass production.
The "World Wide Web" is not the Internet, it's what is the cumulative result of using the Hyper Text Transport Protocol. The Internet is the amalgamated cable, routers and servers which send information around, including the Web. I agree that the World Wide Web Consortium (W3C) which dictates what qualifies as being Web has gone to shit and needs to be replaced but that has nothing to do with the hardware.
The Internet is more alive than ever, it's only what the Internet is used for that needs to be replaced.
Young. ;)
Guess there really are some smart people doing science. Who knew?
Anyone that knows anything about science.
Ok, I was wrong about the "Javascript in browser is effectively sandboxed" part.
that is the only part i was arguing. everything else you are saying is irrelevant.
NASA doesn't make drones because drones do well defined repetitive tasks. NASA makes probes that explore the unknown. Even the program is called "Ross Ice Shelf and Europa Underwater Probe"
Language matters.
The PoC might have been written "in Javascript", but that doesn't mean it can be exploited by a random script referenced by an untrusted web page somewhere...
Actually, that's exactly what it means. Why do you think they went through the effort of dropping support for high resolution timers? https://hackaday.com/2018/01/0...
How are you this dense?
When, exactly, did web pages acquire the means of compiling random Javascript into literal x86/AMD64 assembly language? Oh wait... they didn't.
It doesn't have to be literal because it's a timing based attack. It reads like you don't understand the issue and have no real place commenting here because they even made an example in the whitepaper of using javascript.
Intel didn't get corrupted, they started corrupted and used that corruption to get power.
How long until there is an ad being served that runs Javascript/Webassembly code that exploits Spectre to steal all your passwords?
I'm so glad we have "near native" execution speeds for this shit.
If you just look at Intel's legal history, you'll see they have been mired in accusations and convictions of unethical and anti-competitive business practices since the early 1980s. Buying from Intel has always been a devil's bargain, it's just now that you are realizing what you have done because it's directly affecting you.
The problem isn't random parts of the internet being slowed down, it's your local ISP slowing you down. Regulation on intrastate traffic is sufficient to get basic net neutrality. ISPs would really have to go out of their way to screw you over which is just asking for trouble.
We as humans are animals and as such can be victims of our own nature. In this context, it's a well understood fact that humans have a tendency to make poor long-term decisions based on sudden emotionally charged events. After the flood of neurotransmitters has subsided, we are much better at making long-term decisions.
This is a good example of what happens when you fail to invest in strong security. I'm not talking just about getting hacked, I'm also talking about employees walking off with your data and selling it. The ability to access this information should have been heavily scrutinized and limited. I'm guessing India had an amateur hour setup and has no way of tracking how this information was even taken.
A "party foul" at the lab is unacceptable, JOHN! ;)
It's gotta be tough being in the marketing department at Microsoft because you have to invent all these bizarre scenarios where an inferior product actually performs marginally better. Obviously, Edge is slower at loading websites and uses more electricity in the process so they resorted to the least realistic usage scenario: playing a video from disk for 15 hours.
The truth of the matter is that they are all using hardware based video decoding which means all three browsers should have nearly equal run-time. I'm guessing the difference is how the file is or isn't cached which they exaggerated as much as possible.
Microsoft's motto should be: if you can't compete then just cheat!
What we need is to limit the amount of money that any one entity can spend on political causes and require that 100% of funds for Political Action Committees are from donations. This would drastically reduce the amount of political corruption in this country.
That said, websites that are not dedicated to carrying news need to stop carrying news and those that do need to be held accountable for it's accuracy or lack thereof.