* Posts by Charles 9

8208 posts • joined 10 Jun 2009

Government regulation will clip coders' wings, says Bruce Schneier

Charles 9
Silver badge

Because the customers start clamoring for it and you lose business if you don't comply.

0
0
Charles 9
Silver badge

Re: Management

You never saw the Atari 2600 versions of Pac-Man or E.T., have you? Even in the 80's the PHB could dictate terms (like "It MUST be ready by Black Friday or we'll miss the holiday shopping season and lose ALL THAT MONEY!"), and the results could get pretty ugly.

0
0
Charles 9
Silver badge

Re: "We are going to see...more trusting of the government"

"OH YES YOU ARE"

Because the alternative is corrupt corporatocracies that can find their ways AROUND laws. Which would you have have lording over you (and BTW, you WILL be lorded over; your only choice is BY WHOM).

0
2
Charles 9
Silver badge

OK, how do you design security into a business that's pressured by the investors to get the RoIs quickly?

0
2
Charles 9
Silver badge

Re: I want a dumb house.

Wanna bet? It'll be hidden in another chip: more than likely one critical to its basic operation. You won't be able to kill it without killing the device itself. Part and parcel.

0
0
Charles 9
Silver badge

Re: I perfectly agree with Schneier

"Physically disabling the device in questions ability to communicate and WI FI too."

It'll reach a point where you can't kill the communications capability without killing the device itself. AND voiding the warranty.

2
0

Thief dresses as Apple Store drone, walks off with $16,000 in iGear

Charles 9
Silver badge

Not if they can change the IMEIs on the phones or simply fence them off to the unsuspecting or to other countries that don't enforce blacklisting.

1
0

FBI tries again to get warrantless access to your browser history

Charles 9
Silver badge

Re: Bah!

The other poster is saying you can turn this fetish around by having the browser (in your sleep) look for grotesque imagery. Very few people will be able to tolerate highly-varied grotesque imagery for very long. Sure, you can have people into gore or grandpas who would actually get turned on by granny porn, but having all these fetishes in the same person? Unlikely. Thus you need the filter (otherwise, you'll need to check the late night meal selection as well as make sure the toilet isn't prone to clogging).

0
0
Charles 9
Silver badge

Re: Bah!

Wouldn't they just invent a filter to screen them out based on timing and pattern matching?

0
0
Charles 9
Silver badge

Re: Is there a crime for "wilfully adding the breach of constitutional rights"

No, because treason is explicitly and narrowly defined. Unless they actually take up arms against the US government, they cannot be tried for treason. Plus most people in office are immune from direct prosecution and have to be impeached and removed first. Breaking the Constitution in other ways can be impeachable offenses, but Congress does look after its own.

0
0
Charles 9
Silver badge

Impossible. The snoops can always dig up existential threats to the government, and government by default has a self-preservation motive...

0
0
Charles 9
Silver badge

Re: Coward

Apparently, a republic doesn't work either, because it ALSO sits around all day spending others' money. In fact, ANY government is at its core a bunch of people (a bunch can be one sometimes) spending other people's money. Kinda comes with the territory.

1
1
Charles 9
Silver badge

Re: Spoilt brats

"It is called a leather belt, and it is applied judiciously to the bottocks."

Unless the brat's a masochist, in which case the belt only solicits cries for more, along with some erotic moaning. With some people, you just can't win because they like it BOTH ways...

0
0

RIP ROP: Intel's cunning plot to kill stack-hopping exploits at CPU level

Charles 9
Silver badge

Re: One layer down, infinity to go.

"In what sense are such virtual machines immune from such attacks?"

Well, at some point, the code MUST go through the CPU, meaning it should be able to screen even these. If malicious bytecode or interpreted code causes the compiler or interpreter (both of which are native) to act funny, this should catch it. Anything else and you're looking at high-level malware which will likely have a few other catches involved, but even then if high-level malware is trying to exploit the lower-level stuff, this can still act as a safeguard.

0
0
Charles 9
Silver badge

Re: Silver Bullet

"So far no lasting Apple-product botnets, right?"

Only because there aren't that many Macs to go around, but vulnerabilities (NASTY ones at that) still exist. It's just not worth malware writers' time at this point.

0
0
Charles 9
Silver badge

"If malicious code is running you already lost."

Then the war is unwinnable because you MUST assume malicious code is already running. We need to change the model to assume (like in the real world) the system IS potentially compromised and find a way to keep running DESPITE it.

1
3
Charles 9
Silver badge

Re: Silver Bullet

OK, so how do we fix Dave when You Can't Fix Stupid?

0
2
Charles 9
Silver badge

Re: "If they don't match, then an exception is raised..."

"This is where I begin to wonder, if the part above can be borked by a 2-pronged attack...??? Hackers first find a loophole in the 'shadow watcher' and tackle that (sidestep CET)."

To do that, they'd have to find a hardware exploit since they're talking about something directly in the CPU.

"Zooming out to macro level for a sec... The Bangladesh-Swift Sony hackers, intercepted the return confirm and manipulated that to make it seem like the transfers were legit (hence no exception thrown). Could the same happen here?"

Only again by a hardware exploit since that would involve intercepting a memory bus, something much harder to do than a network or device bus.

"What I'd like to see is a hardware based LOCK system to prevent any manipulation of code whether its on hard-drive or in memory. The whole idea of self-modifying code is a disaster anyway. But Imagine code that was fixed like an original DVD. That's how it should be from disk to memory. Data on disk should be separated from code permanently and at a hardware level, so any weakness in OS can't be exploited."

You're calling for a Harvard architecture. But much as you hate self-modifying code, it's essential in certain restricted environments or those where speed is essential. Without the idea that code is data and data is code, you couldn't have things like a JIT compiler, for example.

"The process of installing apps i.e. pressing a fixed DVD, would need to be a special process. You don't want it to be cumbersome for users but it also can't continue down the path of silent installs."

Problem here is that you run into an Unhappy Medium. Since Users are Stupid (and You Can't Fix Stupid), there's a need for silent installs of mission-critical stuff like security patches. Meaning you have an overlap where NO ONE is happy.

"But if a program wanted to install itself or update code, I'd like to think that the user would be forced to do something physical like insert a master USB key / turn a physical key, something eternal, so that users better appreciate that what we have right now with UAC is oversight done by painting in water."

And then people just lose their keys and complain.

2
1
Charles 9
Silver badge

Re: this is all very well but...

"more than 5 files got modified in the last 0.1 seconds"

This can happen when you copy a bunch of small files. Too much risk of false negatives resulting in click fatigue (think UAC). Also, smarter malware can just "smurf" and encrypt things slowly to stay under the radar.

"warn against running executables in zip files"

They already do that as far as it goes. It warns against running files just downloaded (shows the signature if it has one), warns against running things off a network, and so on.

"And how about getting rid of the feature in Windows that hides the file extension, so "file.doc.exe" doesn't show as "file.doc"?"

That's mainly to prevent unintentional extension altering, which casual users may not have the skill to undo. Anyway, e-mail programs and archive managers (the main conduits for this trick) show the extensions.

"I'm pretty sure that better Antivirus hooks and cleverer email programs (so obviously not Outlook then) are the key to reducing malware attacks."

Smarter malwares target and disable these or just go above them straight to the kernel where they can't be dislodged. Some even go into the BIOS, MBT, or EFI, making them nuke-proof.

But in the end, as you say, until a better human comes along, this is the best we can do.

1
0
Charles 9
Silver badge

A direct push before a register pass still allows for this. It's one reason modern chips keep larger numbers of registers. Excessive recursion will overflow the stack no matter what. There's also concepts like placing parameters in a structure and passing a pointer to it by register (rearranges the parameter transfer a bit but makes for a cleaner stack).

0
2
Charles 9
Silver badge

"Because in (almost?) all programming language implementations the stack also contains data (local variables)."

And last I checked, there are plenty of alternative ways around that. If the parameters are popped into registers or local memory when the function starts, that gets around it. Passing by register for low-parameter-count functions is an option, too. If this is the price for having a hardened stack, it may be worth paying. As I think about it, do CPUs these days also check for 1:1 stack use by functions (checking that SP at CALL = SP after RET) to guard against stack misalignment?

What you propose is basically a variant of Intel's idea, BTW (the shadow stack is your call stack). They probably can't do a full separation for legacy reasons since the logic in most CPU architectures is that RET pops the return address.

As for catching overflows, that's a nontrivial solution since functions may be required to work on items outside of its local context (pointer dereferencing, for example), creating conflicting issues of context. Due to the architecture, bounds checking has to be left to the code itself, especially when speed efficiency is required.

4
3
Charles 9
Silver badge

Is there a reason no one's tried to introduce a guarded stack: one that can ONLY be manipulated by PUSH's and POP's such that any attempt to smash or otherwise alter it throws an exception? If you can flag a "shadow stack" as protected memory, why not just flag the ordinary stack as protected?

2
6

Freeze, lastholes: USB-C and Thunderbolt are the ultimate physical ports

Charles 9
Silver badge

Re: Even a broken clock etc. etc.

Not necessarily. That's why USB3 had to go with added wires for its SuperSpeed mode. There are still limits that can beat even "future-proofing".

0
0
Charles 9
Silver badge

Re: Not being packet based?

"A big dis-advantage of USB has always been the flood of dodgy kit"

Thing is, dodgy kit is not unique to USB. It basically happens anywhere there's something ubiquitous to exploit. Dodgy diskettes, dodgy CD-Rs, dodgy USB drives, the list goes on.

0
0
Charles 9
Silver badge

Re: wireless charging pads

The thing with Qi is that you don't need a matching cradle for each and every device you own (Lose the cordless phone? The base is now useless, and vice versa). At least you're not a slave to the manufacturer. Pick whatever suits you, put it down, and it goes to work. Breaks? Easy enough to get another one. Not only that, it saves wear and tear on your USB socket.

0
0

Get ready for Google's proprietary Android. It's coming – analyst

Charles 9
Silver badge

Re: And the bigger picture!

Only one problem. Linux on ARM lacks a lot of driver support, especially for those key mobile chips, which are protected by the chip makers under patents and NDAs. That's why the code for them is delivered as binary blobs only. The key element here is that these blobs need to go to Google, not the device manufacturers. This would allow Google to bypass the device makers and push updates anyway.

0
0
Charles 9
Silver badge

"Chip vendors would not give Google the blobs and Google would not waste their own time maintaining firmware for devices they didn't produce. Google might as well produce all the devices themselves which they don't want to do."

But they may HAVE to do it. Think about it. The Stagefright exploit is in the Android code, not the driver code or anywhere else, but in the part of the code that belongs squarely to Google. If the lawyers play their cards right, they can assert that Android is not fit for purpose unless Google can find a way to get past the manufacturers and patch it and anything else that comes along. Either Google has to FORCE manufacturers to send updates (which they won't as they have perverse incentive NOT to; they'd sooner drop out), they have to take control themselves, or Google is likely to face severe civil and maybe even criminal liability. Ask the bean counters which will be worse for the bottom line.

0
0
Charles 9
Silver badge

"Why would they need the code from the chip makers? They would give the chip makers an API and they would supply blobs that implement it just like they do now."

Except these blobs would go straight to Google, not to the manufacturers. That's the reason to take it proprietary: to take control of the OS away from the manufacturers and put it square in Google's corner the same way iOS is all Apple. Thanks to things like Stagefright, Google's potentially on the hook (since the exploit code is in Android itself, NOT in the driver blobs) unless they can control the update channel, and the only way to control the update channel is to take control away from the manufacturers. There's no other way around it because the manufacturers in this case will be actively interfering (because they want a Captive Market so they can tell customers, "Your phone is obsolete. Time for a new one *ka-ching!*").

0
1
Charles 9
Silver badge

Re: The more closed Android becomes ...

Sorry to send microwaves to your tin hat, but ALL US phones are subject to the Patriot Act. Submitting is a condition of being allowed to sell in the US.

0
0
Charles 9
Silver badge

But doesn't ART still rely on the same Java-based API as Dalvik, only it's compiled instead of interpreted?

0
0
Charles 9
Silver badge

Re: It isn't like Google has the only maps

Plus there's the matter of context linking, where a map search has a logical connection to a Web search, a contact search, and so on.

0
0
Charles 9
Silver badge

Re: Hopefully leads to devices getting patched

"But accusing the world's medical scientists of a global conspiracy to keep cures off the market because profit is more important to them (the scientists themselves, not the companies) than saving lives, with zero evidence, is a whole new step into tin-foil hattedness."

Who pays the scientists? Who is willing to cross the boss and get kicked to the curb as a result? And if you want evidence, look at the human microcosm that is politics.

0
0
Charles 9
Silver badge

Re: GPL?

No, they can just do what Tivo does: open-source the kernel itself but keep everything else under lock and key. Look up "Tivoization".

0
0
Charles 9
Silver badge

The point is that with the code completely under Google's control, they can get the code from the chip makers directly (which they MUST provide to get their stuff working on Android in the first place), going around the phone makers who aren't motivated due to market pressures.

0
0
Charles 9
Silver badge

Re: Hopefully leads to devices getting patched

"Saying that phone vendors don't do updates because they love built in obsolescence is art school level of analysis. you might be right on occasion, but your reasoning is suspect."

Not art school. Economics 101. There's no business like repeat business. That's why they don't make vacuum cleaners that last for decades anymore like Kirby or Electrolux. That's why medical companies make treatment regimens, not cures. There's no money in a one-and-done.

0
1
Charles 9
Silver badge

If you plan to make an audio CD that correctly plays in all the players on the market, or make a player that can correctly play all those CDs, then yes, you need the "Red Book" which specifies the formats and so on for them (IOW, it's the interface for making audio CDs). And last I checked, you have to PAY for the Red Book. And there are plenty of other interface books you have to PAY to access.

3
2
Charles 9
Silver badge

Re: Why this will actually NOT happen

1. Would Chinese manufacturers be willing to submit to Microsoft's terms any more than the terms they have now? They could just fork the last AOSP version and go from there, but that has its own pitfalls as Amazon can attest.

2. But it's still full of bugs no manufacturer wants to patch. Even the blanking KERNEL has bugs. The only way Google can force them to be fixed is to go full vertical integration the way Apple does.

3. The Tivo kernels are GPL Linux, too, but that never stopped them. Google can release the kernel clean as day, but everything ON TOP of it can be proprietary. Also, with dm-verity enforced in Marshmallow and up, they can check for modified kernels, too, all without violating the GPL (see "Tivoization").

4. The manufacturers are aware of the switch part already, meaning the bait doesn't mean anything to them anymore. Did you read the part of the article where Samsung gave up trying to make their own services?

6. Closing AOSP is meant to make the manufacturers moot, not force them to update. The idea is that the software becomes wholly under Google's control, meaning they can push the updates as needed instead of waiting on manufacturers who would rather you junk you phone. Increasing legal pressure means Google HAS to take this route or face potential civil and criminal penalties for increasingly-vulnerable installations that, at the last, falls to them.

0
1
Charles 9
Silver badge

Re: Could be interesting....

"...especially if all the Asian manufactures get together and dump it like a hot potato."

Dump it for what? No other mobile OS open to them has nearly as much in terms of availability, and apps require the Network Effect to really take off. Google had the resources to play the long game, and that's pretty much what you need, especially with incumbents already in the market.

6
0
Charles 9
Silver badge

"This goes against the entire reason Android was created. Highly doubt it's true. Many devs choose Android (over Apple) specifically because it's open-source."

NO, many devs choose Android because of audience penetration. Once upon a time, many of them stuck with iPhones...for the same reason. Until a few years ago, devs made iPhone apps first, then jumped to Android.

1
0
Charles 9
Silver badge

Re: Speaking as a consumer ...

"All I really care about, is to be able to buy a phone, and have control over what crap I do - and don't want on it."

So what do you do when you come across a closed market where NO phones are customizable and all the existing customizable phones are hopelessly out of date?

6
1

Even in remotest Africa, Windows 10 nagware ruins your day: Update burns satellite link cash

Charles 9
Silver badge

Re: Simple answer: Don't use Windows.

So you're basically saying, "Live with it." As evidenced by the dominance of Windows, especially in the consumer sphere, lots of people apparently already do, thank you very much. If that means people are stupid, then people are stupid. After all, the people most likely to call cigarettes "cancer sticks" are the smokers, so that means you can't win.

We'll live with it. You can live with it, too. After all, You Can't Fix Stupid.

0
0
Charles 9
Silver badge

Re: If you use Microsoft products...

I'm just saying that for many people the application comes before the OS, regardless of what anyone else may say or do. If you wish to make people change their OS, you have to solve the application problem first, and while things like WINE and VMs provide some outs, it's not a 100% solution or even a 50% solution. Hardware can have Windows-only drivers and are too custom to be supported elsewhere (like industrial C&C interfaces--very custom stuff probably running on antiquated hardware: two strikes against virtualization). It's basically the Network Effect.

0
0
Charles 9
Silver badge

Re: Simple answer: Don't use Windows.

"And, again, "but, but I can't run this game on anything but Windows" just means you can't run that game. The price for running Windows has always been that one gives up freedom and sponsors crime."

Well, then, if you expect people to stop sponsoring "a criminal organization" as you put it, you need to put forth some alternative options. Telling people to stop committing crime is a waste of breath if there are no honest options available.

0
0
Charles 9
Silver badge

Re: Preventable.

"This could be prevented by replacing the operating systems of donated computers with suitable open source alternatives that allow greater user control. For example, Ubuntu is freely available, regularly maintained, and was conceived based on African values. Why not?"

Probably because they need specific applications to work...Windows-ONLY applications. Unless you can deliver the total package (OS AND Applications), you won't be able to get people to jump ship.

1
0

Ad-blocking super-weapon axed by maker for being TOO effective

Charles 9
Silver badge

Re: Why ?

"What we are seeing here is a major limitation of the existing web/internet protocols. IP (v4 and v6) has no real concept of network quality and so is unable to feedback to a source that it is trying to feed a 1mbps data stream into a 56kbps pipe."

What you are seeing is a major limitation of a network where there's no overlord. Plain and simple, if someone insists on being sent, they'll impersonate a high-priority packet or just wrap the whole business in encryption so you can't tell what's what (and since at least some encrypted connections are high-priority like time-sensitive financial information, you can't de-priorititize encrypted traffic in bulk). About the only way you could defuse this is to create a completely-stateful internet where everything can be identified (but then that defeats the anonymity factor that makes the Internet so appealing at times).

0
0
Charles 9
Silver badge

Ad men ∈ Spammers.

0
0

Why Oracle will win its Java copyright case – and why you'll be glad when it does

Charles 9
Silver badge

Re: It is Fair Use!

Oh? Then explain why you can't get the colored books on optical discs (like the Red Book for audio CDs) for free (those are APIs as well).

0
0

Hardcore creationist finds 60-million-year-old fossils in backyard ... 'No, it hasn’t changed my mind about the Bible'

Charles 9
Silver badge

Re: re: creationism makes perfect sense. As long as you ignore all of creation?

"As long as you don't ask "Where did the creator come from?"."

A: The Creator didn't come from anywhere. He always existed, an absolute presence (and many religious people believe the Creator IS the one absolute presence in the universe): always was, is, and will be. In layman's terms, the Creator is outside of time as we know it.

0
0

US military tests massive GPS jamming weapon over California

Charles 9
Silver badge

Re: @Gray ... Military aggression

They can do that anyway with inertial guidance (which is impossible to jam), and if the target is big enough, drift isn't a concern, as it just needs to get close enough.

5
4

So. Why don't people talk to invisible robots in public?

Charles 9
Silver badge

You do know HDMI cables can now carry Ethernet? And that more and more appliances contain Whispernets?

Let's face it. Big Brother's already here, and he's not going to go away. They'll make it so that EVERY appliance you buy phones home. And then they'll find ways to disable all the ancient tech that doesn't phone home. Make old vehicles non-compliant, add new product compliance testing, and so on.

2
1

Forums