13
points
indolering
Joined 1,253 karma
- indolering parentIt's hard to rule out intentional side channels without access to source.
- CHERI is undeniably on the rise. Adapting existing code generally only requires rewriting less than 1% of the codebase. It offers speedups for existing as well as new languages (designed with the hardware in mind). I expect to see it everywhere in about a decade.
- Spinlaunch is also promising drastically reduced cost per launch. The payload size for their first launcher is pretty small and they appear to be struggling to get the kinetic launcher online.
- Please elaborate!
- 25 points
- The healthcare industry is basically locked into 365 due to a lack of alternatives supporting HIPAA.
Google Workplace theoretically can be configured, but it doesn't cover basic stuff like information in contacts. So if ANYONE in your organization (like an outreach coordinator) adds a patient and puts notes into the contact field, it's a HIPAA violation. There is no way to effectively police that.
I wish the regulations were written such that messaging apps, office suites, etc over a certain percentage of revenue had to qualify for HIPAA by default. It's absurd how many small shops just do everything in over WhatsApp/iMessage/Gmail/iCould, etc.
- Yes, it's technically possible. But what you are suggesting is basically a dynamic filter. The problem is that codes are designed for end delivery and have very specific practical constraints.
For example, we could GREATLY improve compression ratios if we could reference key frames anywhere in the file. But devices only have so much memory bandwidth and users need to be able to seek while streaming on a 4g connection on a commuter train. I would really like to see memes make use of SVG filters and the like, but basically everyone flattens them into a bitmap and does OCR to extract metadata.
It's also really depressing how little effort is put into encoding, even by the hyper-scalers. Resolution (SD, HD, 4k and 8k) is basically the ONLY knob used for bitrate and quality management. I would much prefer to have 10 bit color over an 8K stream yet every talking head documentary with colored gradient backgrounds has banding.
Finally, there is the horror that are decoders. There a reference files that use formal verification to excise every part of a codec's spec. But Hollywood studios have dedicated movie theaters with all of the major projectors and they pay people to prescreen movies just to try and catch encoding/decoding glitches. And even that fails sometimes.
So sure, anything is possible. Flash was very popular in the 56k days because it rendered everything on the end device. But that entails other tradeoffs like inconsistent rendering and variable performance requirements. Codecs today do something very similar: describe bitmap data using increasingly sophisticated mathematical representations. But they are more consistent and simplify the entire stack by (for example) eliminating a VM. Just run PDF torture tests through your printer if you want an idea of how little end devices care about rendering intent.
- They were going to shut it down due to upstream Fedora considering ending 32-bit support. Sticking to upstream wouldn't have helped you avoid that issue.
- It would be helpful in automating the busy work of many verification aware programming languages. At least the Dafny authors are excited about it.
- While I'm sure the creators would love to see their work become commercially successful and widespread, I don't think that a very interesting criteria to judge what's essentially cool computer science research.
- I've never understood why anyone would use a wizard to install software: they are unstable old men with magical powers and they are NOT to be trusted!!!
Now you are going to have one write out instructions for an AI?! I guess we know how the AI apocalypse gets started!
- Don't use IPv4 and NAT < firewall.
Why would IP based routing be inherently more power hungry?
- Any particular advantage to Suzi over Thread? Why didn't they adopt an IP based standard that is interoperable with ... all major networks since ~1995 (if not before)?
- It's absurd that the list is so long considering the PR to fix it would only take a couple of hours.
- Have they done anything to mitigate this? Like client side filters or message scanning for new direct messages?
- WINE, CodeWeavers, Mesa, Red Hat, and plenty of others have been pumping money into the Linux graphics subsystems for a very long time. It's cool that Valve was able to use its considerable wealth to build a business off of it. But they came in at a pretty opportune time.
Windows support had gotten a boost from .NET going open source as well as other stuff MS began to relax about. It also helped that OpenGL was put to rest and there was a new graphics API that could reasonably emulate DirectX. I don't know much about the backstory of Mesa, but it's pretty cool tech that has been developing for a long time.
- It is not common outside of security inclined communities like cryptocurrencies. It should be and we are slowly moving there.
- Wtf is up with the clown car that is floating point standards?
- Thankfully, there are regulatory regimes that require physically segregated systems for most cars, airplanes, power stations, etc
However, safety critical is not limited to cars: it also includes the phones of activities and journalists living under authoritarian regimes.
Monolithic kernels written in portable assembly mean that such bugs DO grow on trees [1] and the lack backporting means they just drop to the ground: the poor are sold phones that may never receive a security update. So even sugar tax activists in Mexico are the target of spyware!
We have seen the sophistication of these attacks ramp up as cryptocurrency has made them profitable and the North Koreans have made a killing exploiting these bugs.
Maybe you are right and it is very difficult to find these bugs but that just means low demand is what is keeping the price down. But that's probably because there enough LPEs and known RCEs that they are not needed most of the time.
[1]: https://www.cvedetails.com/vulnerability-list/vendor_id-33/L...
- I mean, they do all the time. The value is generally in keeping access, however, and operational security and access control is helpful. You can knock a system out but then you just get kicked out and have to start over.
- It's in a proto state due to anemic academic funding. We need to throw cash at the problem.
- I was agreeing with you! It's a drinking game because the infosec field is laughable. Who needs a zero day RCE when the president is using an EOL Samsung?
- seL4 has the lowest IPC overhead of any kernel and it's an order of magnitude faster than Linux [1]. But you are correct: switching cost amounts of noise when architectured correctly. LionsOS [2] (which is based on seL4) has some benchmarks showing improved performance over Linux [3].
I am betting you know what mandatory access control is ; ). They basically amount to a firewall that is placed on applications restricting what they can do. The rules are generally written by downstream distros and are divorced from the implementation. The problem is that it's hidden control flow, so the program just dies and can't fall back gracefully. Capability oriented APIs make broker processes and narrowing of permissions tractable.
[1]: https://sel4.systems/performance.html
[2]: https://lionsos.org/
[3]: https://trustworthy.systems/publications/papers/Heiser_25%3A...
- Everything thinks of Defcon et al a a gathering of elite hackers. But it's more of a fucking drinking game.
The depressing fact is that you don't need an RCE to accomplish most goals.
- We do see it! Do you not remember the Snowden leaks?
Shit hasn't changed much. We still have monolithic kernels written in portable assembly. Linus still doesn't tag bug fixes with potential security impacts as such because he is more worried about unpatched consumer garbage (which compromise all low end phones). When your mitigation for such problems is to not make it obvious, then your OS is not safe enough in safety critical settings (which includes consumer devices).
Process isolation would downgrade the vast majority of critical Linux CVEs to availability bugs (crash a server but not compromise it).
Just because governments don't need to reach for RCE everytime doesn't mean that it is safe. Th fact that such bugs are so cheap is an indication that your safety margin is too thin.
- Militaries have billion dollar budgets.
- I was not being hyperbolic: a couple million dollars is very cheap for virtually any military. Both exploit broker bounties and corporate bug bounties are in that range.
What is your objection?
- There is power in restricting access and air gapping helps a lot. A drone (for example) can fall back to basic cryptography to limit access.
Air gapping is a baseline requirement in most safety critical systems. Nuclear power plants in particular have lots of redundant layers of safety. AFAIK Russia hasn't physically tried to cause a meltdown, presumably due to the political blow back (although they have attacked Chernobyl's sarcophagus). I assume this limits their digital espionage attacks too.
We do get glimpses of the use of such malware, like when Saudi Arabia hacked Jeff Bezos' phone. But we don't hear about most of it because there is a benefit to keeping a hack secret, so as to keep access.
Finally, it's usually cheaper to social engineer someone into loading a PowerPoint presentation and doing a local privilege escalation. They burn those for things as petty as getting embarrassing political information.
- These prices are consistent (actually more costly) than public bounties by (now defunct) western based exploit brokers and manufacturer bounties.
> Those are (mostly) not RCE, and are for consumer devices configured in a default way.
I'm more worried about activists and journalists in developing counties without the financial means to afford flagship phones. But even Google can't manage to keep out a pedestrian mid sized security outfit selling to the cops and the FBI.
When activists lobbying for a fucking sugar tax in Mexico get hacked, then the bar is too fucking low.
Let's not talk about the nightmare that is old networking equipment or IoT devices.