* Posts by -tim

648 posts • joined 10 Jul 2009

Page:

Thought you were done patching this week? Not if you're using an Intel-powered PC or server

-tim
Facepalm

Who cracked their secure enclave?

The scope of these patches makes it looks like someone with talent managed to extract the software from their secure enclave and took a look at it. Someone who was willing to tell Intel about the problems as opposed to those willing to sell zero day exploits.

Open-source 64-ish-bit serial number gen snafu sparks TLS security cert revoke runaround

-tim
Boffin

Re: Jeffy's Theorem of Binary Digit Distribution

About half of data streams should have a leading 0 but a vast majority of numbers in a computer have a leading 0. When looking at raw data in a computer when doing reverse engineering, pointers will often have their top bits set but not look like negative numbers. Most other numbers have at least their top 4 bytes all zeros. Modern CPUs move around so many 64 bit numbers that are mostly zero bits that the power use is optimized for it.

Windows XP point-of-sale machine gets nasty sniffle. Luckily there's a pharmacy nearby

-tim

Out of support? Or Mostly out of support

I know there are still companies selling WinXP based products that have current licenses and current support from Microsoft. At the end of 2018, there are still large organizations that keep paying for XP support. The only thing that is clearly out of support is the home and small company issues.

God DRAM, that's a big price drop: Memory down 30 per cent, claim industry watchers

-tim
Facepalm

I'm sure the market will correct

The prices will go up to make up the losses just as soon as $RANDOM_DISASTER happens in $SOME_REMOTE_VILLAGE and wipes out the single source of $DRAM_MAGIC_INGREDIENT.

SPOILER alert, literally: Intel CPUs afflicted with simple data-spewing spec-exec vulnerability

-tim
Mushroom

1st attack to mention write?

Spectre and its friends are mostly academic as long as they are read only. This is the 1st published one implying the ability to change memory. Once there are published public read/write attacks, then the malware people will take notice and then everyone will be shopping for a new computers. Hackers aren't so interested in hacking a system with a one in a million chance of finding a banking password but if they have a one in a hundred chance of getting to an entire password list, they will.

I say, that sucks! Crooks are harnessing hoovers to clean out parking meters in Chelsea

-tim

Re: Start up money

I was woken up by what I thought were hacksaw sounds and I noticed a guy with the hood of his car up and working on something. The next day I notice that the parking meter was gone and there was a freshly cut pipe where it used to be. A few days latter all the parking meters were gone as it appeared that the proceeds from the night of the slow hacksaw went to buy a proper pipe cutter which was quick and silent. A few weeks later all the meters were replaced and someone had welded rods on the sides of the pipes. I'm guessing a prybar was the next weapon of choice based on the paint on the top of the newly added fulcrum. The next step was rods with angles and far more precision. At AU$10,000 per year per space, the council wasn't about to let that money go away.

A neighbor wanted to protest the increase in parking cost by getting a key made for the parking meters and then get a hundred copies made and distributed to the homeless before a long weekend. The plan would have put an enormous pressures on the council's finances. He want to call it "keys for the homeless"

YouTube's pedo problem is so bad, it just switched off comments on millions of vids of small kids to stem the tide of vileness

-tim
Holmes

This will just move then to stranger chan boards

A number of videos that my sister made of dance recitals have been found by adolescent boys and "fixed". The initial updates were crudely putting boy classmate's faces on the girls but I'm guessing someone found a pirate version of better video editing software so the fixes got better. Some of the latter work was fortune 500 tv commercial quality. And since these were adolescent boys, most can guess what else was added.

Customer: We fancy changing a 25-year-old installation. C'mon, it's just one extra valve... Only wafer thin...

-tim
Flame

Disgusting old control systems

I worked for company made valve actuators which are the fancy motors that turn pipeline type valves and they had recently finished their new product. The first one installed in Australia at the Longford gas plant on 24 September 1998. I know the day because there is a wikipedia page about the explosion the next day. While the device had nothing to do with the fire, the local news paper had a nice front page photo of the damage to the plant so I sent that back to company with a nice note saying that it did work as advertised. The device had been in debug mode and had recorded quite a bits of data, some of which was used to figure out just what had happened the other side of the plant. At least the company had a nice photo of one of their test sites.

Don't mean to alarm you, but Boeing has built an unmanned fighter jet called 'Loyal Wingman'

-tim
Black Helicopters

Isolated transmistters and receivers

Modern stealth aircraft can all be found using passive radar where a strong transmissions from one transmitter are received at a second location to find the the stealth target. That looks like the real role of this aircraft but it won't be in close formation like a typical wingman, it will be close enough to be the target for HARM type missiles but far enough away to be the transmitter for passive radar.

Linus Torvalds pulls pin, tosses in grenade: x86 won, forget about Arm in server CPUs, says Linux kernel supremo

-tim
Boffin

The way the standard BIOS was done was a huge mistake for the x86 systems. Microware OS9 (for the 6809/68000) used to have device modules. They were small files that were tweaked for the machine that could be on disk on in ROM. A serial driver device module would say something like "use chip driver mc68681.drv, interrupt 4 and memory i/o of 0x80008". There was a second name module that gave names to com1 and com2 for the device module. The chip driver would be loaded off disk and the ROM based name module or device module could be replaced from one on the disk. The main processing loop of the OS knew how to share interrupts as the modules contained enough info to figure out which chip caused the interrupt. It could reload an reinitialize modules. Add a few fields for PCI style IDs and device UUIDs and it could be used on all modern hardware.

-tim
Coat

Tere's simply no rational reasons to run ARM servers.

Unless you want an extra security layer that consists of "something that isn't x86". The ARM architecture is much more difficult to implement some types of common x86 attacks. Some type so return oriented programming type hacks are extremely difficult. Some architectures use hardware stacks so there is no addresses of many things on the stack so they can't be accessed that way at all which is a very common x86 attack.

Artificial Intelligence: You know it isn't real, yeah?

-tim
Unhappy

Re: the error is in call it "AI" !!!

I was given a lower grade on a computer science paper because I referred to AI as "Fake Intelligence"

Bloke thrown in the cooler for eight years after 3D-printing gun to dodge weapon ban

-tim
Mushroom

Re: Because

A private company has twice. AT&T's Bell Labs was playing with x-ray lasers and needed a source of X-rays so they called up their friends at the DOE and arranged for some boom boom time.

Oracle throws toys out pram again, tells US claims court: Competing for Pentagon cloud contract isn't fair!

-tim

Commodity?

If the cloud is just a commodity, they do have some points. The DOD wouldn't sign an exclusive 10 year contract for the supply of mess hall forks to one company, why should they do the same for compute resources if they are also a commodity? They also have rules about having multiple vendors in many other cases such as comms.

Use an 8-char Windows NTLM password? Don't. Every single one can be cracked in under 2.5hrs

-tim
Facepalm

Re: Easy to remember

Almost all of the memorable book and song titles and most of the lyrics are already in the hacker dictionaries.

I did this experiment in about 1992 with many thousands of people. We had them enter 5 different lines of lyrics from songs. We also asked them if they listened to both types of music or rock or something else. It turns out that the people who picked rock or country would often pick one of the same hundred to so lyrics. If we asked a country fan to quote 5 rock lyrics, it resulted in a much larger pool. The results would have also allowed high accuracy guesses of the subjects children's ages if they had small children.

Fun fact: GPS uses 10 bits to store the week. That means it runs out... oh heck – April 6, 2019

-tim
Boffin

Re: RTFM

A bit more info for those who don't like too much light reading... The week number was mostly there to help cache ephemeris data and two bits would have been enough for that use. Each sat transmits a message roughly like "sat 1 is in virgo, sat 2 is near the moon,..." that should be discarded after a week. Each sat also sends a much more detailed message along the line of "I'm supposed to be in this orbit but I'm wobbling just a bit about this axis and this axis and this one and this one" as well as the most important one "at the tone the time will be ....". The wobble takes into account tides and how the sats are moving because of Jupiter, Sun and Moon and are a 9th order polar coordinate polynomial for those who want nightmares about complex formulas. The rough message is enough to locate them to a degree, the precision message is good enough to place them within a few meters at a given time. Modern GPS receivers know their time and calculate the "pseudo-range" to each sat it can see down to a wavelength (20 cm) or better. That is the basis for differential GPS where a different GPS receiver can send a signal saying "that sat 31 which is about 15 above the horizon is lying by 45.22322 meters". The receiver needs to have its time synchronized down to about 90 nanoseconds to even get a reasonable position fix. Its very impressive that its doing that with signals at very low baud rates and used to be broadcast at about 55 watts.

Long before the week rollover came up the first time, there was a proposal to occasionally send the full date and time in a different packet that could be added where it wouldn't interfere with normal operations. There were uses of the extra messages for military and now aviation differential signals.

Now Microsoft ports Windows 10, Linux to homegrown CPU design

-tim

Another level of exploits to defend against?

These systems have yet another level of security problems. They are much better for Return Oriented Programming but the information flow system also has a state machine like system that can be exploited to make use of the unused or deferred data flow states to move data around.

Leaky child-tracking smartwatch maker hits back at bad PR

-tim

There were some early mobile phone tower assisted GPS systems which lead to what is now called Augmented or A-GPS which use a cheap GPS receiver that sends the data to the tower for processing. The early versions of that were only good for about 500m at best. A real full Navstar GPS receiver must know its time down to 90 ns to even get a fix which means its knows its position to about 90 feet (90 light nano-seconds or about 30 meters) discounting signal reflections and atmospheric delays. GLONASS, Galileo and BeiDou are similar.

Hands up who isn't fighting Oracle in court? HPE, for now, as Solaris support sueball tossed

-tim

Re: Hands up who isn't fighting Oracle in court?

We aren't yet... but soon, very, very soon.

They told us: "Please be informed that I had checked with your Support Sales Representative (SSR) and it seems that indeed you have a valid support CSI for Solaris Operating System 11.4 support on the T5120 servers."

So they charged us to run 11.4 on a machine that it won't run on.

Ouch, Apple! Plenty of iPhones stuck in tech channel. How many? That's a 'wild card'

-tim
Facepalm

Another factor

We aren't buying any more mac-minis for our secure areas since the new ones have no removable storage so we can't get them repaired since we have to keep any data in house even if encrypted. The result is no more macs in our secure areas, which resulted in no more macs for management of those areas which resulted in a decision not to support both PCs and macs. No more macs for management means no more mac laptops for any of their underlings which means the iPhone unified experience isn't anymore. I'm sure I don't work for the only company where this has happened.

Oddly enough, there is a connector pad with access to PCIe channels on the new mac-mini, they just didn't bother putting the connector on the circuit board.

And it's go, go, go for class-action lawsuits against Equifax after 148m personal records spilled in that mega-hack

-tim
Facepalm

People or households?

It is my understanding that it wasn't "148 million personal records" but "148 million household records". If that is the case, it isn't most US, UK and Aussie adults, but close to ALL adults.

Raspberry Pi Foundation says its final farewells to 40nm with release of Compute Module 3+

-tim

Not only a mass-produced connector, one that was falling out of favor but still in demand when it was picked so it wall be cheap for a very long time.

As far as frying stuff, the voltages on a PC ram slot aren't high enough to damage the pi so if the pi doesn't short any of the power supply pins, there shouldn't be any long term damage if you plug one into a PC.

Happy Thursday! 770 MEEELLLION email addresses and passwords found in yuge data breach

-tim
Unhappy

Re: Check the Password page

Sometimes "Password" is the best password. I have a domain that I've been using for almost 25 years. In that time I've been asked for a email address and password for hundreds if not thousands of sites that I don't trust at all. Far too many of those untrusted sites happen to be on HIBP's lit of Pwned Websites. The most common email address I use for these throw away things managed to get 4068 spam messages already this year and that is the ones that got past the spam filters.

If I could turn back time, I'd tell you to keep that old Radarange at home

-tim
Boffin

Re: Running backwards ?

Hardware clocks can't run backwards because the core BCD counters don't generally have the hardware to do it. What can happen is the hardware time chip might have been programmed to provide 60 interrupts a second and the real time was calculated based a interrupt counter but the the microwave was blocking some of those interrupts so it calculated a time that went backwards. That was common on early multi-processing systems.

Two out of five Silicon Valley techies complain Trump's H-1B crackdown has hit 'em hard

-tim
Facepalm

They just want slaves

I've been approached by many head hunters trying to get me to work in the US on an H1-B. The employer never seems to be interested once they learn that I'm a citizen and don't need a visa to work there.

Begone, Demon Internet: Vodafone to shutter old-school pioneer ISP

-tim

Re: Modem ISP

The equipment for setting up a dial in service is now cheaper than the power it will use in a year. Ebay has E1 dialup RASs for less than $50 but can you still get an E1 service or would you need to build a server pretending to a fake phone company and a VoIP service that can deliver uncompressed data properly? The last time I saw a rack full of dialup servers, there were only two active calls out of a capacity of about 5,000.

I'm just not sure the computer works here – the energy is all wrong

-tim
Boffin

Re: Memories

The 727 had auto land capability for ILS approaches. My father designed part of that system. Autoland is a bit of an overstatement. It predated the RNAV systems but If I remember correctly it could change altitude and course over a VOR transmitter and then follow an ILS approach while adjusting the throttles. It couldn't do the landing flair and probably couldn't even adjust the flaps. It could not lower the landing gear (just like the shuttles computer) or apply the brakes so its use is limited to making bad weather approaches a bit easier for the flight crew.

Fake 'U's! Phishing creeps use homebrew fonts as message ciphers to evade filters

-tim
Unhappy

Fonts are hacking vectors and are not safe.

Most font rendering engines can be tricked into drawing something like an O about a billion times. Modern fonts are just a program that often runs with elevated privileges.

Blind downloading fonts into a browser is a risk. There were a number of CVEs last year about the issue.

Millennium Buggery: When things that shouldn't be shut down, shut down

-tim
Pint

Millennium Buggery, I knew there was something I forgot

We have a special file drawer at work where we file very odd things that are just too unique to go into the round file. One of them is folder that contains quite a few letters asking for us to prove we are y2k complaint. I wonder if I should reply to them yet.

-tim

Re: God Bless written instructions

I thought "needful" was another way of saying "can you do my job for me?"

It's a lot of work, being popular: Apple, Tim Cook and the gilets jaunes

-tim
Meh

Tariff planning?

I wonder if part of the high price for the newer products was so they could "absorb" the tariff if they did go to 25%. Of course it could just be price gouging or even something else. Apple has made some very odd decisions lately like not allowing removable storage in the mac mini to be removed even though there appears to be pads on the motherboard for connector for an high speed add on board. A simple option would have made the machines much friendlier for companies that have security compliance issues.

Apple to splash $10bn raisin' American bit barns

-tim
Black Helicopters

$42? What is it doing?

I seems to me that is about $42 per American worth of data processing capability. In my industry it cost about $.02 per record with security and audit process in addition to typical IT capex and opex expenses. So is Apple keeping 88,000 records of data on every American and if so, what and why?

Poor people should get slower internet speeds, American ISPs tell FCC

-tim
Pint

Rural ISPs in the USA have unique problems

I've helped some of the one man ISPs that are represented by WISPA. They tend to be providing service in regions that have very low population density centered around monopoly controlled areas. They often will have a few wireless access points on a radio tower but will have to backhaul the uplink feed to a remote larger city because the local towns ISP only covers a few blocks from the exchange. The owner of the exchange may not be willing to sell upstream service to a competitor or will sell but but mess with the speed and that assumes they haven't oversubscribed their link to the exchange. Another problem is the density is just high enough to make things expensive. If you can get a fiber line from a larger town, you still have to run it though intermediate towns and that might require going around it. Many power companies think they are in the ISP game yet won't or can't provide service so leasing space on their poles is out. The regulations are a mess as they might be federal, state, Indian, county, town, home owners associations, water authority, electrical authority, telco co-op, sewer authority, federal or state parks, railroad or even the army corp of engineers and those are just the ones I've heard about. Some of these ISPs are replacing dialup services that wouldn't do much over 9600 baud and sometimes cover areas where satellite coverage is even an issue due to steep mountains.

WhamWham, bambam, no thank you, SamSam: Iranians accused by the Feds of orchestrating ransomware outbreak

-tim
Facepalm

They are looking at a lifetime in Leavenworth

Computer crimes against US military hospitals where they treat people that have been harmed by top secret things can get you 18 years per offense. So if they tried to hack a hospital where an airman that worked on an Atlas in 1959 had been a patient, they can be persecuted under some particularly draconian cold war era laws. Being out of the easy reach of the US government is only a minor inconvenience unless they also managed to screw around with CIA operative's medical records.

MIT to Oz: Crypto-busting laws risk banning security tests

-tim
Flame

What I would like to see...

The day before voting starts at the next federal election I would love to see Apple or Google run out an update that turns all the Aussie smart phones into dumb phones and with a display of "Your government is run by morons who pass laws they don't understand so your phone is now a dumb phone." The voter backlash would be so strong that no sane elected government would ever consider this type of stupidity again anywhere in the world.

NBN satellite user waiting for extra gigabytes? Keep waiting

-tim

In the days before ADSL, there were satellite providers where the data to them was via dial up modem and the bulk data went via a cable TV satellite. It had much better latency than symmetric satellite but was prone to errors and a real pain to fix. It was great for high speed downloads compared to the other options.

What's that? SSH can still use RC4? Not for much longer, promise

-tim
Meh

There are lots of buried systems

It isn't the public facing ones that are the real issue, it is all the stuff hidden away with automated scripts that will be a real pain to find and update.

My toolbox includes a copy of the last openssh to support ssh protocol 1 with all the bad ciphers because sometimes it is needed.

While the authors seems to treat ssh as a interactive utility, there is a massive amount of data that is slung around automatically with it. The scripts used tend not to be too robust with even simple things like server key types being updated.

Dot-com web addresses prices to swell, thanks to sweetheart deal between Uncle Sam, Verisign

-tim
Pint

Say what?

"Given the enormous value built up behind most dot-coms..."

And all this time I thought most of the 138 mill dot coms were useless. 1.8 million are just all 4 letter combinations.

At least domains aren't $100 for 2 years like it was long ago.

The great and powerful Oz (broadband network): Revs rise, but nbn™'s exec bonuses don't

-tim
WTF?

Odd maths?

There are 24 million people in Australia. At an average of 2.4 people per family the nbn should have 10 million homes connected if they are close to being done. That doesn't include the 2 million registered businesses.

Our brave El Reg vulture sat through four days of Oracle OpenWorld to write this cracking summary just for you

-tim
Facepalm

Trusted extensions in the cloud?

Can you even run their labeled system stuff properly in the cloud? They say their cloud stuff is a fortress but if it has a screen door, a bunker with a real door would be better.

Who am I kidding... people don't use the trusted extensions since they were just too hard.

This two-year-old X.org give-me-root hole is so trivial to exploit, you can fit it in a single tweet

-tim
Coat

Those who fail to learn history are doomed to repeat it

Why does the frame buffer, gpu and mouse need root access and the inevitable setuid root nonsense with its security issues? System V Unix had special devices such as modems that could be opened by one user at a time that didn't require root access. That is why modern systems have /dev/tty* and /dev/cu* which talk to the same hardware but one only allows on user to open it without root privileges.

Haunted disk-drive? This story will give you the chills...

-tim
Angel

Re: Bah!

I had a house that had a number of hanging plastic dome lights. When they cooled after being turned off, I would hear a pop and see a flash. A friend was convinced she would see ghosts. I decided to record the noise and the flash but it wasn't there. What was there was piezoelectric generator. I've found it interesting that many places with high ghost siting areas have piezoelectric geological effects and different cultural areas seem to have different results such as ghosts, UFOs or saints.

Talk about a curveball: Microsoft director of sports marketing fired, charged with fraud over 'fake' invoices

-tim
Coat

The best use case for AI

It seems that one of the 1st jobs that AI will be very good at is replacing the top end of middle management. How hard can it be to allocate a chunk of advertising money to sports and verify it is doing what it should?

Watt the heck is this? A 32-core 3.3GHz Arm server CPU shipping? Yes, says Ampere

-tim

Re: Locked Up?

"I was aware that IBM manufactired, and offered for sale, data centre servers built around the PowerPC architecture."

IBM and Sun opps... Oracle still make same fantastic insanely powerful hardware. The problem is nearly no one has a problem where they need that much power. Both of them also have the problem that you can no longer start small. Sun's last server comes in sizes that are the price point of a very nice new car, a very nice house or very nice house in the Bay area. There is no way the future decision makers will ever get to play with that sort of hardware so there isn't much research being done about making use of some of the newer concepts like fully compressed and encrypted memory. The very big machines from last year can map tends of terabytes of a file into ram and then go through it with a thousand threads. What that is cool, it isn't a problem most companies have.

No, that Sunspot Solar Observatory didn't see aliens. It's far more grim

-tim
Boffin

Standard procedures?

Did the FBI want to copy all the images on the local servers too? Observatories tend to have lots of images.

Card-stealing code that pwned British Airways, Ticketmaster pops up on more sites via hacked JS

-tim
WTF?

PCI-DSS? Where?

If your web form uses javascript and processes credit cards, it must be audited to comply with PCI-DSS specs. It looks like someone's PCI auditors missed that part. I wonder if version 3.3 will start to clamp down in useless javascript on payment forms.

Raspberry Pi supremo Eben Upton talks to The Reg about Pi PoE woes

-tim

Compliant but non-functional?

We have 8 devices that claim to be 802.3af compliant power providers. Most of them work with most devices we plug in but there appears to be no rhyme or reasons why some devices won't talk to some providers. There have been situations such as 20 supposedly identical devices plugged into switch A and 16 work but 4 don't. Plug them into vendor B's switch and a different 4 don't work. We even have a Mobotix camera that used to work on most switches but now only works on just one port on one Cisco switch.

Python joins movement to dump 'offensive' master, slave terms

-tim

"I had to change the terms whitelist and blacklist from an internal server-side application over 15 years ago. [...] I thought it was silly but NBD, I changed it to redlist and greenlist and carried on."

So now your going to upset the Indians and the Hippies?

Strewth! Aussie ISP gets eye-watering IPv4 bill, shifts to IPv6 addresses

-tim
WTF?

Re: Finally?

Internode no longer supports IPv6 on the HFC (aka cable TV) NBN as they are simply reselling TPG service there.

Experimental 'insult bot' gets out of hand during unsupervised weekend

-tim
Coat

Where is that window?

We had a lab full of shiny new Sun 4 workstations. I found out that there was no protection of the window position of other peoples sessions and I could detect which window was active. The result was a program that moved their active window towards the edge one pixel every second. In the days of 1024 pixel screens, it didn't take long for it to be very annoying.

Page:

Biting the hand that feeds IT © 1998–2019