3554 posts • joined 10 Jun 2009
I recall Litecoin was specifically designed to not be GPU-friendly. Other coin proof-of-work algorithms could be tailored to make other specialized computations less optimal, although the AS part of ASIC means they can ALWAYS create a specialist unit. Question is, at what point does the algorithm make ASIC not worth the specialization vs. a general-purpose CPU?
Re: All your passwords are belong to us!
That will depend on the algorithms used to encrypt them. Some of them are still computationally infeasible even with modern tech (a matter of degree), barring exploits (a matter of kind).
As for the laboratories, I'm sure cheap GPUs will start being looked at by universities interested in a HPC cluster (since they've been using hybrid kits for a few years now).
Re: The new renaissance
Perhaps, when all the fuss over bitcoin dies down, all this excess power can be harnessed into something useful. My proposals would be proper speaker-independent voice recognition and maybe the ability to do some real-time processing on HD video streams. You know the sort of thing: replace the news-reader's head with a talking cat, remove all their clothes, have yourself playing centre-forward for your favourite football team.
We're working on the voice recognition part. I think the stumbling block here is the "intuition" factor: being able to make accurate educated guesses based on incomplete data. That's a "hard" problem right now because the human brain and a deterministic computer don't work the same way. We've made progress in the field using neural nets, but translating this progress to discrete computers again isn't as easy as it sounds.
As for video encoding, this has been asked about ever since GPGPU computing has appeared. One problem: motion estimation, probably the most computationally-intensive task of modern lossy video encoding, doesn't suit well to GPGPU because it has a divergent workload: that is, in worst case, it can end up branching into more subtasks than you have compute units on the GPU, and if you have to shuffle the subtasks, you usually end up better off sending it back to the CPU which sees things more generally and has a more direct line to the main memory. I've seen the x264 forums discussing this aspect.
Re: What about the next time?
The retailer needs to know the credit card number in case a transaction is challenged. Otherwise, the credit card company has no way of tying the card to the transaction, and if the trust is moved to the payment processor, what if that's corrupted from the inside so as to alter records and make the retailer appear guilty. The retailer knowing the card number if a trust tradeoff. They need to be trusted with the number in order to answer challenges of that trust.
As for authenticating based on an ID, consider that the American idea of a national ID system usually ends in two words: Big Brother. They don't trust the government with the kind of information available NOW and therefore don't want them to have any kind of unique identification specific to an individual across a country.
(UPDATE: Found it in graphic form. URL: http://www.designsim.com.au/What_Is_Forticom.html) It sounds interesting, but I think it would be bad for people with really bad memories or a poor head for figures. Plus many malwares have taken to screencapping, meaning they can also interpret clicks. Also, while observing one login would not provide enough information, correlating multiple ones would probably help in crytanalysis.
Re: Who said the POS system has internet access?
So: POS software is managed by MSC, which is running on servers that very likely have Internet access. And those servers almost certainly can talk to their counterparts in other stores. Get malware on one, and it likely could spread by unpatched vulnerabilities across the network.
Just because a system has MSC doesn't mean it's not exposed to the greater Internet. Many setups I've seen have both the POS devices and the servers with addresses in the 10.x.x.x range, which if you'll recall is an IP range reserved for private nets. So this would mean a corporate intranet at least one step removed from the greater Internet. How big that step is can depend and can have an influence on how much effort it would take an outsider to jump the gap and get into the intranet from the Internet.
What you describe in terms of software IIRC appears pretty typical for an NCR setup. For many years NCR has used POS software based on some form of Windows: either XP or CE and Windows Server systems at the back end.
Re: Wow... lots of half baked stuff.
"The sad thing is that if you can infect a single PoS and then have it spread out... that's a major, major RED flag."
Because normally the POS units don't talk to each other. Instead, the POS images come from the back office, which in turn gets that from headquarters. To be able to infect EVERY Target POS in the country smacks of an alteration in the master image that goes to the store back offices and from there to the POS units. That implies a breach very high up the chain, perhaps even beyond Target's control (if Neiman Marcus was hit with the same breach). Furthermore, if the code was authenticated, it had to have been breached BEFORE authentication.
Re: Who said the POS system has internet access?
"Shockingly, yes, some POS terminals have direct access to the internet, I was told for firmware upgrades and diagnostics."
Savvy firms don't allow direct upgrades and instead test the upgrades, vet them, then roll them out at their schedule through the corporate intranet. Also consider some transctions were probably done with the POS's reader rather then the PIN Pad's. If they were sniffed as well, the exploit would need to be in the POS itself, as the PIN pad wouldn't have read that data.
I'd have to pay a visit, but I think Target uses NCR brand POS systems (if not, then it's probably IBM). But the PIN pads come from a different comapny (I don't think it's Ingenico, but I suspect it's the same comapny that supplies Best Buy).
Re: back-end systems should not have Internet access.
"At least one back end system of necessity has internet access: the one that contacts the credit/debit card vendors to authorize the credit/debit transaction."
But that should be the ONLY link. Meaning you can treat it like a store-to-headquarters link. It need not be on a dedicated line, but if it's a well-defined connection, you can tightly restrict the connection with assistance from the data provider and the other end (limited access, VPN tunnels, encrypted connections, only accept outgoing initiation, etc.) to make it so that's the ONLY thing it can see.
I suspect Target and Neiman Marcus were targeted specifically because they were big retailers (as in, large gross receipts due to (the former) lots of customers or (the latter) high-ticket customers). But as you say these firms are no hayseeds, and the POS software usually undergoes vetting and testing prior to a rollout (which does not occur often--they usually only change the POS systems when they HAVE TO due to security or internal procedural updates), which means the exploit had to survive that kind of testing. Plus if the code was signed, it would need to have been altered BEFORE signing.
These along with the fact the data didn't appear to be detected en route leads me to believe the attack was very sophisticated: in fact so sophisticated as to preclude someone without intimate knowledge of the internal software and/or network. That's why I suspect an insider. I would need to know more about the respective POS systems, but for now, given that two different retailers were hit at the same time with the same MO, I hypothesize the exploit occurred at base POS code that would then be common to both retailers. So IOW, not an insider with the retailer but an insider with the POS manufacturer.
Re: Many barcode scanners allow arbitrary keypresses
True, but most of them ALSO feature a specific procedure that requires scanning not one but a SERIES of barcodes to configure them the way you want. The Symbol scanner I own (which is similar to models seen in smaller stores) can be configured to refuse to scan certain types of barcodes so that you can limit exploit avenues.
As for exploiting the POS, that depends on the system. Among the different things you can set the barcode readers to do is to emulate a serial port rather than a keyboard, meaning the POS can distinguish between them and be much less likely to be exploited through this method.
Re: If we really want to protect copyrights.....
n fact such a mind wipe law would be doubly beneficial as no one would ever get bored of reruns !
Damn! The perfect business model. Exhibit entertainment then force everyone to forget the moment they leave! With the right ads you can make people see it again and again. Nearly guaranteed repeat business.
Re: Dear America...
A small aircraft or cruise missile with a 100-foot wingspan? Please... Plus if it HAD been a missile, you'd think they'd set up the warhead to explode such that it would cause an IMMEDIATE collapse (No Witnesses...) If the war hawks had wanted endless war, why not just set off a nuke on US soil and make everyone dump their pants? Ultimate nightmare scenario for anyone of age: Cold War turns Hot! Duck and Cover! You'd have the entire US in your pocket.
There are plenty MORE that corroborate with the news footage: not all of whom were American (and thus not subject to American laws--remember, the United Nations is in New York, not far from Ground Zero). Next ask, what happened to the passengers of the flights in question? It would be hard to "vanish" some 200 people without a trace unless things happened just as described.
Re: Did he mount his Glass on a tripod?
I encorage you to test for yourself: if you pay attention, you'll notice that at times you actually look away from the screen.
I have. I've also learned I'm perfectly capable of moving my eyes around while keeping my head still. No matter where you position the camera there will be the risk of it being jostled: usually by someone passing the camera's position in one form or another. Not much you can do about that if the theater's crowded.
Re: People still go to the movies?
Yes, because NO business will be satisfied with a one-and-done. Repeat business is where the real money lies.
Re: Actually old boy,
No, he was fully American: born and raised in Virginia.
Re: This reminds me of the old cautionary joke
Then imagine the chagrin when the Ranger informs her he DOESN'T have the equipment, having been emasculated, AND that he's now adding false accusation to the charges.
I'd have personally preferred a Nekocoin based on a very cute Japanese cat icon from the 90's. But I digress...
Re: serious question - not to be confused with earlier comments/screeds
Even if all the matter and all the antimatter were sent in opposite directions so that they'd never meet? What research is there against that idea?
The prevailing theory is that antimatter still has positive mass and therefore would react normally to gravity, thus preserving conservation laws.
In contrast to negative matter, which would have negative mass, react in the opposite way, and should never exist in our universe.
Re: Antiblocking tools ?
It's been subverted by the Men In Black because it can't work end to end. Plodd simply take over and start up enough endpoints to sniff most of the traffic.
What the FCC can (and should) do is reclassify the physical-layer access from the subscriber to the ISP as telecommunications common carriage, so that people can choose ISPs, while leaving the Internet itself unregulated. The Court opinion made it pretty clear that this option -- the Computer II rules in effect prior to 2005 -- was well within the law, and the FCC could go back there if they gave justification. Of course politically they're afraid; AT&T and VZ have too many friends in Congress. So nothing will happen.
IIRC, the real real problem is that, according to the Telecommunications Act of 1996, the FCC lacks the authority to make that declaration. Common carrier designations were written directly into the Act with apparently no latitude for extension. Meaning the only authority able to make ISPs into common carriers is Congress, who would have to pass a new Telecommunications Act to redefine the term.
Re: Nice Rant, but missed the point
So Ars is saying to look at this as a matter of a trust via vertical integration, in which case precedent does exist for breaking up such: the historic US v. Paramount case of 1948 that broke up the studio-theater relationship, altering the Hollywood studio system as well. If things got nasty, perhaps one could take an integrated company like TWC or Comcast to court using the Paramount case as a basis. Just hypothesizing.
Re: One Way
"Of course, some deviations from net neutrality may be inevitable. Torrent type protocols might end up being blocked except for whitelisted sites associated with academic institutions and the like, because of their association with piracy."
And what happens when mass-transfer traffic starts encrypting and obfuscating itself to hide itself from protocol sniffers?
Re: How come...
Which leads me to suspect the main reason they don't do link caching these days boils down to two words: "It's complicated."
But with just two, it's pretty easy to assume a duopoly and go into cartel behaviour to squeeze out any upstarts. The rival ISP becomes 'the enemy of my enemy' vs. A firm like Netflix.
Re: These are not the pixels you are looking for.
"Incidentally, for what it's worth, as you are an analogue person, analogue colour signal transmissions were also heavily compressed using PAL, Secam or NTSC due to the way colour was encoded into the video signal. It's one of the myths of analogue folk that somehow their preferred method of transmission somehow contains more information when, in practice it's the reverse. Just Try squeezing an HD analogue video stream into the bandwidth used by a digital HD stream..."
NTSC and PAL both work IIRC by emphasizing the luma quality over the chroma quality, and that's due to experiments that show we're more sensitive to luma detail than chroma detail. That's also why MPEG-based codecs also emphasize the luma over the chroma (thus YUV ratios like 4:2:2 and 4:2:0). To transmit 30 frames of raw 24-bit RGB video and 1 second og 16-bit 48kHz 2.0 Stereo audio, both uncompressed, requires, at a minimum, 249.6MB of storage and bandwidth. And that's PER SECOND. I would be curious to know, for the record, just how much digital information one could've crammed in the frequency allocations provided for one analog PAL or NTSC channel, to see whether or not it would've been enough to carry that much data at a time.
As for the analog insistence of audiophiles, I believe the issue is not so much bandwidth as it is tonal idisyncracies. Some people DO have a very sensitive ear, I understand. Has anyone conducted a scientifically-significant study to see if audiophiles really can tell the difference between a good analog audio setup and a good digital one.
Re: Pissing the night away.
"But, they shoud have carrte blanche. It is their network; their hardware; often it was their inventions. What we did in the past was just as inexcusable as what we are doing today. Your need is not a claim check on anyone else's blood, sweat and tears."
Tell that to the bus companies and restaurant and shop owners of the 1950's US South. The way they put it, it was "Our business, our rules," but when just about everyone in an area discriminates openly in what is essentially cartel behaviour, it's obvious they don't care about a certain percentage of clientele, profits be damned.
As I've said, when said business is a service open to the public, then some would say there comes a moral obligation to offer your service to EVERYONE in that public.
Re: Doesn't it depend what you mean *by* "net neutrality" ?
"The answer is you don't prioritize ANY type of packet. You prioritize identified packets based on how latency-sensitive their payload is. That's good traffic management in a nutshell."
That's still prioritization of a sort. I have to wonder if some applications wouldn't cheat on this kind of system and disguise their packets' latency sensitivity to fool QoS systems.
Re: Pissing the night away.
Last I checked, so do the telephone networks. Just because a resource is private doesn't meant the owner gets carte blanche, especially when the resource is providing a service rather than is directly a good.
Re: Doesn't it depend what you mean *by* "net neutrality" ?
But that introduces a slippery slope. If you prioritize ANY type of packet (a VoIP packet, like you say), what's to stop de-prioritizing a different type of packet (like a BitTorrent packet)? Furthermore, what if the ISP faces an encrypted or otherwise-obfuscated stream where identifying the purpose is difficult?
Re: US ZIP codes are hardy personally identifiable
I don't see how. There can be more than 10,000 households for a given ZIP code, making it mathematically impossible for ZIP+4 to be accurate to that level unless additional information was entered such as a street number or a surname,
Re: I'll hold a candle for Sailfish
Possibly. They could be making scapegoats, or someone could have a grudge (both have been documented to happen). Put it this way. Many people don't trust the government with ANYTHING pertaining to us without a PUBLIC search warrant, period.
Re: I'll hold a candle for Sailfish
Except GSM voice comma are ALREADY encrypted, just not strong enough to beat Big Brother. Thing is, it may never be given BB is the aggressor in essentially a siege (which historically favors aggressors as time passes). Plus the realtime nature of voice comms limits the available computing power for encryption.
I don't think that's Nintendo's style. You have to realize they HAVE had their share of misses in recent history. The Virtual Boy was a real-life bust, and few can say the Nintendo 64 and GameCube were exactly shining moments. Given their business model, I think Nintendo stumbled because their Wii U was not different ENOUGH. The DS series and the Wii shook gaming up and gave them something immediately unique and identifiable, and I think that's why they worked in a market with two giants already in the playground. I suspect there will be some shakeups in Nintendo while they start brainstorming to find a way to regain the "uniqueness" factor that has become part of Nintendo's identity.
"I could be wrong on the details, but I believe abandoning a console because it didn't sell well and bringing a new one out quickly was one of the big nails in the coffin of SEGA. Gamers felt betrayed and changed brands, if Nintendo tried something similar I don't know how the casual market would react."
I think in this case you would be mistaken. The Dreamcast may have been the first console to come out in the sixth generation, but its timing didn't necessarily stink. Yes, they did release early, but the Saturn had already been around for nearly five years, about par for the course as far as consoles go, so gamers couldn't really whine about being shafted too soon. Dreamcast was something of a last gasp for Sega, and perhaps some of the things they did to get out the gate early (such as using CD-based instead of DVD-based media) probably came back to bite them, OTOH, Sony's entry into the gaming market, with its vast media tie-ins probably did Sega few favors. When Sony decided to wait and release the PS2 with a DVD drive, they triggered a shift in gaming expectations that Sega couldn't match, essentially turning Sony into the hammer in Sega's console coffin.
Would probably be construed as destruction of evidence. It would be analogous to keeping the password on flash paper and taking a quick match or lighter to it (or something of the like; flash paper is designed to ignite easily and burn quickly and cleanly) when threatened.
Re: and another thing ...
Well, for one thing, encrypted volumes tend to strictly follow certain randomness characteristics. TrueCrypt volumes, for example, would be distinctly nondescript when subject to a chi-square analysis. Can the same thing be said of pink noise?
Re: Read the judgement!
Next question: Is it within the FCC's power to actually make that determination? Or is "common carrier" status defined by the Act itself, meaning the FCC couldn't call ISP's common carriers even if they wanted to because it would require an Act of Congress to do?
Re: The Internet is run on MAGIC!
Ask yourself. Is the Internet specifically a telephone, telegraph, cable, or wireless form of communication? Most would say "none of the above", and last I checked, the Telecommunications Act of 1996 did not change this picture. Meaning the Internet is in a grey area: not specifically under the FCC's remit. What is supposed to be the FCC's procedure regarding a form of communication OTHER than those listed in its mandate?
Re: monopoly is when one firm has control of an entire market.
"But that very act creates the normalizing forces that will destroy them unless they have government protection. Since they have an economic profit, it behooves another firm to move into their market and undercut their price. The only problem(s) is/are potential barriers to entry in the market. Usual barriers are the amount of capital or labor needed or government regulation; of the three only government regulation is nearly impossible to overcome unless you are the incumbent."
Explain natural or "de facto" monopolies, then. They can occur because the barrier of entry is inherently high. For example, utilities industries that require lots of eyesore infrastructure to operate, like an electric or sewage company. If a rival firm wanted to butt in, they'd have to install THEIR OWN infrastructure alongside theirs, creating a NIMBY situation that's pushed by the people, not the government. Here, the incentive to create competition is countered by the NIMBY disincentive.
Similarly, some resources (like spectrum) are physically limited (there's only so much spectrum to go around, they have fundamental limitations, and the maximum amount of raw data they can carry is fixed according to mathematical calculations) and have no practical alternatives (Know anything else nonphysical and undetectable to human senses that can work through solid walls over long distances?). These would need to be regulated or someone will eventually gain control of all of it. Here, the resource is practically irreplaceable, precluding any kind of disruptive force.
Lastly, even if neither scenario was in place, a monopoly could obtain enough power over the market to be able to weather a disruption or even coerce the acquisition of said disruption. That's why I use the poker example. Even in a "rebuy" tournament (where one can buy back into the game), you're still at a disadvantage against a chip leader with a huge chip count advantage over you. Even with several rebuys, the chip leader can still bully you around AND withstand a few all-in losses from you only to take it all back by winning one himself. IOW, the disruption would have to be an absolute game-changer or the monopoly still has a chance to withstand or absorb the competition.
Re: @Trevor_Pott: What have you been smoking?
I look at this this way. Capitalism is "Winner Economics": Economic Darwinism, in a sense.
It has a good side and a bad side. The good news is that high levels of competition forces firms to be lean and to woo customers. The bad news is that many firms can't keep up at this level and they start to fall away to winners, which will in turn look towards the remaining competition. IOW, it ultimately results in a few well-funded bullies who can squeeze the smaller players out and then fight amongst each other until there is "one firm to rule them all".
I think the closest analogue to how capitalism operates is an open poker tournament. Everyone buys in with the same amount of cash. Gradually, players fall away and the winners take their proceeds. Eventually, you end up with big chip holders who can bully the table around. And eventually, one player emerges as the winner.
Sure, you can sometimes disrupt the market if you're lucky (like undercutting the market or flopping quads), but if a firm is big enough, they can withstand such a disruption and wear you out (winning an all-in bet with quads doesn't mean much if you're at a 1-to-8 disadvantage against your opponent--you need several breaks to turn the tables, and odds are against you there).
Re: A license to do what they please and no oversight - perfect combination
"Anyway, your analogy doesn't hold up. A country's population isn't all composed of really stupid people -- only half of them are of less than average intelligence, and a significant percentage are going to be more intelligent than half of the people making up the government."
Except we're a representative government elected by majorities. And suppose MORE than half of the population (the majority) IS that stupid? History tells us enlightened individuals are few and far between while the average joe can't think too often between black and white. Meaning they're easily swayed by manipulative types. Now the stupid votes squelch the smart ones, creating what might be called a "tyranny of the stupid. Look at the increasing polarization of legislatures around the country.
Re: Re. hidden transmitters
Would such noise still exist in a Faraday cage?
Yes, I was actually able to understand the description to enough of a degree to understand what happened. Apparently, when groin met crossbar, he broke open an artery down there and it couldn't heal right resulting in an unusual form of blood ballooning. As I understand it, the procedure involved was meant to locate the problematic artery and then fix the break.
The trademark concerns his name and likeness. Also, using a parody as fair use only applies to copyright, not trademarks. You spoof a brand name at your own peril.
Re: Most Valuable Single Asset.
"I do not know what the situation is in Paris, but in NYC, in order to operate a taxi you need to have a "medallion" which is more or less a license to pick up passengers on the street. These medallions are fantastically expensive - up to $1 million. If taxi owners in Paris have anything similar, then Uber and friends are undermining the value of the single greatest asset that the taxi drivers will ever own."
Yes, I'm aware of the New York medallion. Thing is, most of them aren't owned by the drivers themselves, but by tycoons and corporate figures who see them as a steady source of revenue (IOW, an investment) and therefore worth the high prices. Because they're considered an investment, the prices would remain high EVEN IF they issue new medallions: more investors would simply appear to invest in them, making them inflexible. I think the number is kept low more for reasons of SPACE (consider the geography of Manhattan Island).
How is the situation in Paris? Do drivers own most of the medallions?
Re: circumventing the heavily regulated systems
"They are only circumventing the heavily regulated system of taxis, they are not escaping the heavily regulated system of private hire vehicles. These are not unlicensed cabbies, they are fully licensed to pick up passengers at point a and transport them to point b for a charge."
If Uber cars are actually licensed "private hire" or "car service", then these are licensed vehicles, and I have less issue with them. Americans call a private hire a car service, and they have their own sets of regulations that legally distinguish them from taxi service.
"Have you *been* in a French cab?"
I was speaking in general terms about what customers expect of a taxi. If French taxi services are, as mentioned, exploiting an oligopoly, then as I've mentioned before, that is an abuse of regulation and a separate issue from the intention of regulations to enforce fair service.
Re: circumventing the heavily regulated systems
We're going into another legal gray area here. The cabbies have a point. Cab licenses and permits help enforce standards of service. In general, cabs needs to be clean and well-maintained, drivers fit, properly licensed and trained, and fares assessed fairly and clearly posted. Service should be prompt, swift, and direct within reason and non-discriminatory.
Now, if the regulations raise other issues apart from the above, that's a matter to be argued on its own.
If Uber and the like provide an alternate means to obtain a ride, that is one thing. But should Uber be subject to the same regulations as those for traditional taxi services? The argument CAN be made in that regard, and a serious discussion needs to be made regarding how to proceed.
As for the cab companies themselves, I suppose rivalry prevents them pooling their resources, but I wonder if a few of the savvier companies have considered fighting fire with fire: using the Web and/or smartphones to provide an interactive portal for their services. One could use their smartphone location to page a cab. Perhaps inputting a destination can help in estimating a fare total, giving the customer time to get the appropriate cash if needed. Once the cab is selected, its location and current status can be pinged back to the prospective customer, letting them know with at least a little precision when to expect their ride. It would be a way to add value to the service and distinguish themselves from the Uber rides.
Mozilla CTO Eich: If your browser isn't open source (ahem, ahem, IE, Chrome, Safari), DON'T TRUST IT
But you can beat the Ken Thompson by cross-compiling and comparing results. All you need is one known-good compiler (which can be hand-assembled) to check all the rest.
Re: maybe it's the idiot to ipad ratio..
"What utter rubbish, how exactly do android use their stuff? in their pockets without taking them out?"
Two words: Bluetooth earpieces. They can talk without taking out their phones. And if more information is needed, we're starting to see smartwatches now (which would normally be strapped to the wrist and harder to remove unless you're willing to risk bloodying your booty).
Re: On the Plus Side...
I take it you don't live near Cornwall. Last I checked, people living there get more radiation on a daily basis than anyone's getting in California. And that radiation is literally coming out of the ground in Cornwall because of the granite sitting there. Indeed, any natural source of granite is going to have elevated radiation (Did you know granite can naturally contain trace amounts of uranium which can in turn decay into radon?). That includes Colorado and parts of New England.
- Twitter: La la la, we have not heard of any NUDE JLaw, Upton SELFIES
- China: You, Microsoft. Office-Windows 'compatibility'. You have 20 days to explain
- Apple to devs: NO slurping users' HEALTH for sale to Dark Powers
- Is that a 64-bit ARM Warrior in your pocket? No, it's MIPS64
- Apple 'fesses up: Rejected from the App Store, dev? THIS is why