IANAL but I think forced arbitration is a perversion of justice. Still not siding with Oracle though.
16 posts • joined 20 Oct 2015
Re: WTF is 550TB/year workload rating ? limited endurance or something else
"Basically the manufacturers state that if the overall workload is kept below this threshold then the reliability of the drive will be as advertised. Exceeding the WRL rating reduces the reliability conferred."
It's probably just an excuse to not honor the warranty.
Re: Middle ground
"avoiding leaking timing info generally means every instruction running for the worst-case time."
Not necessarily, IMO. You could have some flags in the cache that certain line was loaded speculatively and the flag is cleared when it's loaded for real. When it's in the cache but has the speculative flag then it's like not being there until the speculation is resolved. Obviously that would require hardware support but I think it's doable. I'm not a CPU designer though.
Re: Linux Noob question
If your Wi-Fi sits on a mini-PCIe card, as is often the case, I'd rather replace it with something well supported under Linux, like the Intel ones. They go for about 10-20 quid on Amazon. Unfortunately, Wi-Fi is sometimes soldered on the mainboard. There are some pretty small USB WiFi controllers but their usable range might not be that good as opposed to using the antennas inside the laptop.
Just under the article (in the Whitepapers section) the first link is "Understanding the depth of the global ransomware problem". How appropriate.
Edit: Actually, I now see completely different list of whitepapers. Still, in light of the article, Java SE seems not much different from ransomware.
Too expensive? Yeah, sure!
Reminds me of when Microsoft refused to localize Windows for my country saying that it would take them > $1million. And a local dude did it for free by replacing the strings in the binaries. It was only for a specific version of Windows (Win98 IIRC) but I'd never trust MS on such things again.
UEFI, Linux and other things
For UEFI+Linux the indispensable resource is Roderick Smith's page:
As for the firmware, I'd only ask for two things: (1) be entirely accessible via an RS-232 interface and (2) offer a way for you to be in complete control of your machine. Like get rid of the SMM mode that can be used to shaft your machine without any chance of you noticing. And no - running it in a virtual machine (!) as Intel suggests as remedy for the vulns (an SMM vuln can screw even TXT setup), doesn't quite cut it. Because who's controlling the SMM VM...?
"the Dell Service Tag pretty much only nails you down to the model"
I'm not a Dell Support Specialist but AFAIK the service tag is unique to each machine. And any third party can obtain the details of said machine but entering it manually in a Web form - I've done that for a couple of my machines.
TrustZone user-tweakable boards?
Anyone here knows a good and cheap ARM board where the TrustZone feature is available for experiments by the user? Because usually it's initialized by the firmware and once this is done you cannot tamper with it (exploitable vulnerabilities notwithstanding). I need a board where TrustZone is left alone until I say so.
Re: Cygwin SSH server
"1) You don't need to install all the cygwin stuff (and maintain it yourself)"
Well, but Cygwin is always the first thing I install on any Windows machine I use. Ok, the second one - I furst install Firefox and then use it to download the Cygwin setup utility. BTW, is there some native Windows application akin to the 'screen' terminal multiplexer?
"3) It should be better integrated with Windows security and accounting - i.e. in many situations you may wanto to know from Windows logs who connected and when, and manage permission through active directory."
Not my use case, really. But just out of curiosity - can Cygwin be set up for LDAP authentication against AD. Anyone here knows? It can be done statically with mkpasswd but it would certainly be better to be always up to date with AD.