One way ?
Am I correct in thinking that this vulnerability *only* affects clients that have initiated a download from the server, so clients uploading would not be affected ?
1563 posts • joined 21 Sep 2010
"And yes fuses fail. If you shoot a lot, more fail, in absolute terms. And trying to hit something as small as a small drone, you will shoot a lot. Are they even big enough to trigger a proximity fuse?"
I would *hope* we can do a bit better than an Soviet AA unit designed over 60 years ago (which incidentally fired ~10 round bursts)...
The primary purpose of these light AA ammunition fuzes is to stop you shredding the stuff you're trying to protect on the ground, they don't carry enough explosive to be useful with a proximity fuze - assuming you could make one small, reliable and cheap enough for sub 30mm rounds... I think you would need a much cheaper and less powerful round for drone blasting - which would further reduce the scope for collateral damage.. :)
"The ZSU was designed for AA not anti-armour, and most if not all modern IFVs are supposed to resist rounds that small."
True... But I reckon vanilla 23mm HEI-T rounds would still be overkill against drones. They point about mentioning post-war AA units was to show that it is possible to make small(ish) rounds that self-destruct to minimize the collateral damage on the ground. I really wouldn't want a ZSU-23 anywhere near Gatwick.
"The government can't be that risk averse (or bothered about our safety) as they seem perfectly happy to carry on, year after year, importing 100K+ people per year from populations known to have a large minority of people who mean us and our way of life direct harm."
The only folks I have ever had causing me direct harm because they resent my "way of life" in the UK have been white 'British' people. I would be more than happy for those folks to piss off to somewhere else and be happy with like-minded Brit haters.
"...and there's more of it."
The targets are relatively soft and slow so you wouldn't need big rounds, or many of them.
I was thinking along the lines of something that was accurate at short ranges (ie: <1km), rather than something like a ZSU-23-4 which is intended to shred armor at a couple of km, so I wouldn't be parking ZSU-23s around Gatwick anytime soon. :)
"Those fuses where used to maximize the chance to hit an airplane even when you didn't get a direct hit."
Not exclusively so...
The vast majority of shells fired will *miss* or fail to detonate in typical AA applications if they *didn't* have some kind of time/altitude fuzes. Without that "failsafe" fuze your AA batteries will do more damage than the opposition's bombers. ;)
Delay fuzes are used in lots of applications to reduce the chances of harm to the operator, from "dumb" bombs to the latest and greatest missiles.
I don't think Warning/ID is really an issue in the airport use-case - because you know that no drones should be larking about over runways & approaches... Plus there's no guarantee that such a "fighter" drone would be quick or agile enough to actually disable/destroy it's targets... Small cheap low-powered SAMs for drone destruction would be more fun to build and they'd be quick (airlines/airports lose money very quickly). If you can knock a drone out quickly enough the nuisance drone operators are *likely* to come to the conclusion that their fun/protest is no longer economically viable.
At low altitudes ground based guidance should be possible (most drones are relatively slow moving), so you can have a lighter, cheaper and less dangerous-when-it-goes-wrong missile...
If you wanted it to be pricey, you could have some kind of netting + parachute warhead, but huge explosions would obviously be much more fun^Weffective.
Anti-aircraft guns tackled the problem of rounds returning to the sender with fuses that detonated at a given time/altitude... Admittedly it would suck if the fuse failed - but it that doesn't seem to have impeded folks from putting AA batteries in the middle of built up areas in times gone by...
IMO AMD will have to maintain their edge for a couple more years to make a big inroad into Intel's market share, simply because it takes many months if not years for a large corp to switch over to new gear.
AMD do have a great opportunity to go for the jugular. Four years ago Intel gear was seen as fast and reliable, but multiple rounds of patching BIOSes and OSes to fix Intel faults (not forgetting basic stuff like default admin creds in their 'security' related offerings) has changed people's perceptions, Intel gear is now seen as slow, insecure and flaky.
Let's hope AMD keep pushing forward, make patching a rare and painless process (in contrast to Intel) and don't make any major missteps - it'll be good for everyone. Having a viable alternative architecture that exhibits stable performance characteristics over time is very useful (I can't say critical because we got by with Intel's random 10 million variables and BIOS settings to work out what your clock rate might be technology for so long).
I am looking beyond the specifics of SPECTRE/MELTDOWN, they are just a few vulns out of many that have popped up on the Intel platform over decades.
The trend is that networks are increasingly hostile - even 20 years ago there was the infamous Ping of Death that would take out an unpatched machine pretty much as soon as you dialed into your ISP... The environment has become more hostile, the threats more varied, the attacks more frequent, and the pace of change is accelerating rapidly (in my eyes), folks are having to patch their software on a daily if not hourly basis already to keep the lights on.
Patching hardware is somewhat more problematic and inherently more costly at present, attack windows are in the order of years, and the remediation costs can easily top 10^8 USD for mid-sized deployments... I reckon the time between critical hardware vulns being exploited in the wild is going to continue to reduce - to the point where customers face a stark choice between their systems being thoroughly owned or bankrupting themselves patching & replacing hardware.
Adding more features simply inherently increases the size of attack surface, and thus the frequency of customer bankrupting exploits. My argument is that the pressures applied by exploits will work against complex behemoths like x86-64 and favour simpler designs.
It'll be interesting to see how it unfolds, happy for your mileage to vary. :)
"These chips have NEVER been sold as "unhackable" or even hack-resistant."
OTOH Intel does promote the "security" features of their chips very loudly and have done for quite a few years now. I don't think it's a facade either, Intel really have applied themselves to creating a highly sophisticated (ie: complex) hairball of security features.
IMO they need to rethink their approach to securing their platforms, work hard to cut the fat, simplify, make it *easy* to comprehensively validate that the systems are actually secure. I say this because it's clear that validating a contemporary x86 chip is *hard* if not impossible. In my view Intel (and AMD) have got a lot of bright folks working for them - many of whom I believe would favor prioritizing validation over checkbox features.
I *hope* Spectre & Meltdown do prod vendors to improve their products, but the x86 gene pool is very shallow - there is too little competition and too much inertia to overcome.
... "We suspect this is part due to the wide rollout of mitigations, and part due to there being better bugs for hackers to abuse."
I suspect it's because there is no reliable tool for detecting cache side-channel attacks, so the attacks are flying below the radar. The techniques I've seen so far require calibration to avoid false positives, and it looks to me as though attackers could defeat those methods by reducing or disguising their activity to below the magic threshold that the detector is set to...
It'll be interesting to see how the first detection in th wild happens and how many false positives they had to discount. :)
I worry that the big boys are overthinking it a bit. All they have to do is put in a "run like a dog" mode that flushes the entire state every context switch and job's a good 'un. The lawyers can sleep at night on their overstuffed mattresses and the punters can carry on sacrificing security & reliability for speed - remember "Parity is for farmers"...
I agree with your assessment a_yank_lurker, but the thing that bothers me about Spectre class exploits is how do you detect them reliably in the wild ? Quite frankly I fully believe that at least a few Kskiddies to be trying it out in AWS right now.
From a risk management point of view nothing has changed, if you care about keeping stuff secret you don't share your box with anyone else. :)
... or you can use Linux Mint with the effects switched off like I do... ;)
I'd love the ReactOS folks to put some effort into Wine instead of rehashing NT 4.0 - but sadly they seem to have concluded that UNIX kernels are shit - despite overwhelming evidence to the contrary. I confess that I admire their faith, but I lament their judgement.
"Remain could have ran a positive campaign on the actual benefits of EU membership, rooted in fact, rather than a negative campaign based on lies. But they didn't. In my view, that was a massive own goal, and deeply regrettable."
The Remain campaign did in fact campaign on the benefits, such as freedom of movement, freedom of trade within one of the worlds largest markets, the ability to shape the legislation and policy from within the EU, etc.. These benefits were discounted as part of "Project Fear" by those lovely gentlemen who spent so much time in the company of Putin's henchmen, and that cry was shouted loudly every single time the benefits were mentioned.
The Brexiteers tell us that they want to have their cake and eat it. The cake is a lie.
"it appears fine for Khan the Mayor of London to lead calls for a derogatory blimp of Trump to be used"
That is a blatant lie, protesters led the calls for the blimp to be used. The Lord Mayor of London simply granted permission for the protest to go ahead having being asked permission.
Blimps flying lawfully in London is small beer... Trump is cool with terrorists driving cars into crowds as protest, inciting lynching at his political rallies and taking a pop at folks because they are Muslim (including servicemen who gave their lives so that he could continue to be a fat self serving draft dodging racist).
The attacks on the Lord Mayor from Trump and his pals consist of bullshit garnished with innuendo, none of it stacks up to daylight scrutiny. As a punter I have to look at the track record of these folks to work out what their problem with the Mayor is, and I don't have to look too far to see that they have a *public* track record of discriminating against Muslims, denigrating Muslims and pushing Muslims around.
There are legit complaints against the Lord Mayor of London, I am just not seeing any in this faux outrage over a satirical blimp. :(
"Seriously, I'm not running a VM farm, I don't give a shit about this and any of my own personal kit."
I'm in the same boat as far as my desktop box goes, but I do give a bit of a shit because quite frankly having a machine go tits up on you costs time and effort to resolve... I have found that prevention is better than a cure - simply because it wastes less time.
"Basically, if there's a way for a human to interact with it, there's probably a way to pwn it, and that's true even of black boxes."
There are degrees of badness.
"Basically, if there's a way for a human to interact with it, there's probably a way to pwn it, and that's true even of black boxes."
I do share your assertion that no box will ever be secure, but I don't see security as an end goal. It's a continuous process, one where you will usually be one step behind, and it can appear that you are so far behind that all your efforts are futile... However I derive some satisfaction in finding a good fix for a vuln and making my patch a little bit better than it was yesterday. :)
I see the whole vuln-discovery + vuln-remediation cycle as a an opportunity to broaden my knowledge of the systems I work with/against.
That said, I do admit that I do find the burden of supporting / using the crud I deal with on a daily basis pretty horrible...
I confess to feeling overwhelmed by the weight of despair that descends upon me when I find another JVM with wide open JMX sockets lurking in a dark corner, or some 9.7 CVSS score vuln in the 9000000 zillion .jars that Spring has pulled in because someone wanted to create an instance of an object using XML rather than a simple new.
Minding the C/C++ and Python stuff really is child's play by comparison.
It turns out that recent SPARCs are also vulnerable to SPECTRE attacks... Relatively "easily" solved in this age of multi-core dies... Shoehorn a slow but secure core onto the die and run sensitive code on that core alone. The question becomes whether the user has enough "non-sensitive" code running to make the performance hit acceptable.
"AMD kept lying telling that their products aren't affected and bug free. AMD doesn't make public most of its Errata. That is a fact. AMD is the one hiding and spreading fake info against its competitors."
Extraordinary claims require extraordinary proof, of which you have provided precisely zero. In fact AMD *have* reported SPECTRE vulns - and they *do* publish their errata, although I can't prove that they publish it all. While we're in the business of fair play, you could also point out that the 800lb Gorilla's arse sat on errata for months and some cases years, MELTDOWN included.
Personally I'd like CPU vendors to feel confident enough to be open about their vulns, and be given the space to remove the root causes without people whining about backward compatibility. I think that *could* be achieved with a compact ISA with a freely available robust validation suite (actively maintained with tests for vulns added as they crop up). As it stands I think folks punting x86 chips are doomed to fail due to the inherent complexity and ambiguous spec of the ISA, they have a very tough job.
"All of a sudden it seems that only Intel is affected by that while AMD saves the world or something?"
Intel ship the most $ worth of CPUs by a very wide margin, so they will naturally attract the most attention. The fact is SPARC, MIPS, ARM and even POWER have been reported as having SPECTRE vulns - so it's not just poor likkle old Intel.
To my reckoning there are an awful lot of VMs out there sharing Intel boxes on networks with strangers, so it seems reasonable that Intel cops the majority of the flak to me... Big fail is a natural by-product of big success. :)
"not so 'trivial' in real life. POSSIBLE, yes"
You are correct they are also possible, and I judge them to be trivial because I've been able to download a bit of code or read a paper and try them out at home without any special equipment beyond a Xeon inside a box as the victim. I'm not even an expert on this stuff, but as an amateur I have been able to fully crack Xeon boxes remotely or locally for *most* of the last decade or so that I've been taking a passing interest.
Ignoring or trivializing the problem will only help the crooks in the long run. Nor will "Safe Browsing" as long as the hardware remains fundamentally insecure.
Carry on Bob.
Intel already supports Linux (and BSDs) to varying degrees, it won't help, because their CPU + chipset + firmware stacks are trivial to crack remotely and locally so they are not fit for use for multiuser applications - which happens to cover the vast majority of their target market.
"it would be better if the Mps et al were made aware of how much skill and knowledge it takes to produce stuff nowadays."
I can't upvote that enough and I'd add the top echelons of Manglement to that list of people who need to be made aware. This "agile workforce" shit has to end too - to do good quality work you need some time to learn how to do it.
"Streaming by schools doesn't work."
It can't work effectively in sparsely populated rural areas, because the distances between schools is too great. I wish folks would apply a bit of grey matter to the outliers of this problem before dictating their one-true solution. :)
I believe that local authorities need more say in how they fund and deliver their services, combined with a well funded agency that ensures standards are met across the country... Sort of what we have now - but with ministers surrendering much of their budget to local authorities. I don't think it's reasonable or even plausible to expect someone who has rarely stepped out of the SE England bubble or worked a trade to be qualified, let alone equipped to make decisions at regional level.
I think it would substantially reduce graft and wastage too... Case in point I heard of an incident where a minister was refusing to hand out funding unless a local gov agreed upfront to spend the money with the minister's preferred vendor (that just happened to be owned by a sibling of said minister supplying services priced at 160x the going market rate).
"The VAX format for floating point numbers, both single and double precision, differs from the now customary IEEE standard."
The VAX architecture was pretty well defined + documented in the manuals (including the FP formats) - and those documents still exist (in my bookshelf and likely bitsavers.org) - so I reckon that wouldn't be a barrier to someone who can bash bits around.
You beat me to it !
I really enjoy reading about Cocke's work and the machines he worked on - fascinating beasts. H&Ps contributions have become so ubiquitous that I take them for granted. Nice to see H&P getting some recognition - they changed things for the better in a big way. Perhaps RISC V will clear out the last vestiges of CISC. :)
"by accusing someone who disapproves of Mrs. Clinton of being a 'couch misogynist', you are making a ridiculous accusation, and in so doing, are basically 'crying wolf' with the 'misogyny' label."
The record will show that I made a wisecrack in the form of an unpleasant leading question. The accusation was implicit, an answer could have been given that showed that misogyny was not the root cause. So far we've had assertions that women don't get shot and misogynist views & behavior is not a factor in these attacks.
Your essay seems to be a round-about exercise in denying that there is a problem because (in your view) some folks cry wolf too much. Fair comment - but I think there is an equally strong case to say that folks have accepted public acts of misogyny for so long that they are desensitized to it or simply in denial.
"So Giffords, who was shot by a grammar nutter who was concerned about how she wouldn't answer his questions about English Language usage is somehow a specific attack on women. "
That's half the truth leading to an unsupportable conclusion. The whole truth is that Bryce Tierny (the original source of that claim) also mentioned that Loughner asserted that women should not hold positions of power, and spent several years attacking her amongst his circle of friends to the attack.
Glad you agree that female politicians get shot, and it seems that you may agree to some degree that politicians get shot as a side-effect of over the partisan foul mouthing that goes on.
"I'm sure your OK with that -"
FWIW I'm not OK with anyone getting shot for stuff they aren't responsible for or have no control over.
"And attacking Trump the way you and others do DOES get people shot - like Scalise for example."
That would not be a valid excuse for anyone to behave badly, I reckon we could make more progress by rising above this divide and conquer bollocks.
The stuff I have *personally* posted in relation to Trump has also been placed in the public record by medical and law enforcement professionals acting in their professional capacity. Their statements carry more weight and have more evidence to support them than the cheapshot one-liners targetting an unsuccessful presidential candidate from pseudo-Anonymous posters on El Reg.
"Literally everything you have said is a lie."
Plagiarizing Trump won't magically unshoot female politicians such as Jo Cox & Gabrielle Giffords. You don't have to look very far to find other examples.
"Do you need a safe space?"
Everyone needs a safe space in order to thrive. Case in point folks who live in war zones are more likely to die or get wounded in them than folks who stay out of war zones. I am no different, and I reckon you are no different in that regard.
That was a nothingburger of a post served with a side of women hating.
A number of (female) politicians have been attacked and shot by nutjobs who cite that same bullshit and name calling you are pedalling as justification for their attacks on women (fatal and otherwise).
Will you be appearing on the News anytime soon - or are you a couch misogynist ?
Posted like a typical numpty who doesn't understand the words and labels that is written on their "distract the proles from the clusterfuck going on in the Whitehouse" script handed down to them by folks who really couldn't give a stuff if their shills live or die, only whether they'll get to keep a few % worth of tax which would pay for shills outgoings for a couple of million years.
"What part of Spectre being a hardware bug did you fail to understand? If a chip is vulnerable it doesn't matter what software you are running on it."
It appears to be theoretically possible to defeat those attacks with suitably crafted software, but that's a case of running new binaries - and likely some kind of hit in performance. The big.little boxes out there could run sensitive processes on an in-order processor - and the less sensitive workload on faster OOO cores.
Looks handy to me.
I dreamt of this kind of throughput when waiting for a compile to complete off a Fujitsu Eagle back in the day (shared with 30 other people). Kinda fun to see it happen even if it's not quite the way I predicted... The TaihuLight boxes are hooked up with PCI-Express 3.0, so presumably they have a way to integrate NVMe drives directly into their fabric. Could be a fun OCCAM platform. :)
The PCI-Express 3.0 fabrics remind me of the some of the ideas floated for IEEE1355 back in the day, but much quicker and ubiquitous. It's fun to see (some) things get a lot better despite everything else falling apart. :)
Biting the hand that feeds IT © 1998–2019