It's a cache timing app. Pretty impressive that they were able to maintain the precise timing necessary to conduct the attack in Javascript, but still quite limited in what it can collect. Basically they can tell if certain cache lines are in use, and figure out maybe what those lines are shared with to do some behavior analysis on the victim. This application is a bit of a stretch, since learning the allocation patterns is not going to be easy.

Their other example is a user that has a machine with two VMs on it. One is highly secure (no network access) but has been rooted. The other has network access but no normal connection to the rooted VM. You can pass data from the secure VM to the network VM and then ex-filtrate the data using a malicious advertisement injected into a normal browsing session. It does require the victim to not understand that VMs are not airgapped though.

The paper assumes that your problem is exfiltrating data because the target has somehow gotten infected but is ultra-paranoid about outbound traffic from his machine. You can instead transfer the data to a javascript app running in a webpage on a different VM that may be less secure. It seems pretty cornercase to me, but every time I think that someone comes out with some crazy exploit that extracts all of your SSH keys or something from the box using what seems like a nearly useless exploit.

think yellow school bus. :-)

My guess is that going pure pneumatic is probably inefficient and more difficult to build. A hybrid system probably make more sense, if for no other reason than you don't have to maintain an airtight seal around the car for an entire 1000km journey. Electric motors are pretty reliable and relatively inexpensive.

Thank you for your correction. I'll post an apology for my English misuse on every light post in the area, from Seltjarnes to Mosfellsbær.

Then every car (and the tunnel itself!) needs to be a pressure vessel and you need oxygen masks if there is a leak. Plus you have to turn every station into an airlock. Depressurizing the tunnel is a lot of extra work.

It might be easier (although not much more sane) to have two large ventilation systems for the tunnel. One working at high negative pressure (near vacuum), and the other working at a high positive pressure. The vents would be shutters that could be opened and closed rapidly, so you're always pulling air from the front of the train and introducing it behind the train. Basically you would always have a strong tail wind, reducing the heating effects of compressing that much air. The energy required to move the air would be substantial though, and it might not make sense. The high speed shutter system would be relatively complex too, and making it reliable would be a challenge.

I don't know who exactly, but someone will probably complain about the invisible death rays crossing the street. People tend to notice when you start cutting cars in half when they drive in between your buildings.

Optical networking startups are littered through history. Ultimately the tech works, but has caveats like you can't move your machine around without losing connectivity, and you also lose connectivity whenever someone walks in front of the beam. Also, they tend to be expensive, and since the machine ends up having to be basically immobile anyway it usually makes sense to just run cables instead.

Even for Point to Point links where you can't easily run cables (to a building across the street for example), you end up with a reasonably fast link that still cuts out when there is heavy rain or a bird lands in front of it or something. 100Mbps is really nothing to write home about either. In 2015 you should be pushing more like 1Gbps over an optical link to make it even somewhat attractive compared to plain old WiFi.

I see language all the time in Defense related project that require all software to be from "commercial vendors". It's one of the big reasons Red Hat Linux stays in business. There are reasons for it. If something goes wrong and there needs to be someone to hold accountable you can't just call up random screen names from GIThub and hope they appear before Congress.

I guess we know why Wikileaks is under the smear campaign now. These sort of leaks are bound to make some people uncomfortable, although I doubt they will do much in the grand scheme of things. The people who care already suspected, and the people who don't care still don't care. Having some hard evidence to throw in the face of the naysayers helps, but is not likely to change much since they were mostly shills. Not many regular people believe that big corporations are not complicit with political corruption. They just don't know what they can do to fix it, other than hoping that other people elect better politicians (not theirs though, because they love their Congressman).

The first patent (which had no attempt to commercialize) was in 1979. Most early research, with largely failed attempts to come up with a commercially viable product, were in the mid 1980s. The tech has slowly advanced since then, and nowadays is becoming rather mature.

I don't know why this is seen as a way to diss 3d printing. Some people's hatred of makerbots and their ilk is so great that they can't accept that 3d printing broadly has developed into actually useful production processes in some fields. Rocketry is a great example. It's just silly to have to make (and warehouse) moulds or stamps for parts that you only need a couple dozen of and which you may revise after just a couple launches. Now that 3d printing technologies have advanced enough to produce high quality metal parts, it's properly taking of. It even pairs nicely with CNC, there's now hybrid 3d printing / CNC machines out there. CNC gets you the coarse, primary shape and 3d printing adds in the intricate and/or jutting out components.

3d printing is a very useful technology for low volume or rapidly evolving part runs. No need to play it down just because Makerbots exist.

Agreed. XKCD covered it concerning apps, but it's usually not much better with mobile versions.

What happened with Google? It's like every change they make these days is to make things worse. And I say this as a person who's generally a big Google fan.

That's actually the point. Warm temperatures and near constant sunlight = high productivity - if you import water. Ag in California takes up 80% of the water, but ag + mining together is only 2% of the economy. It's fine when water is abundant, but when it's in short supply, ag has to give.

I don't think the Mandelbrot Set itself persay is all that useful, but its 3d relatives like Mandelbox, Mandelbulb, etc sure generates some amazing landscapes... I could totally picture that used in games or movies. It's amazing the diversity it can do with some parameter changes - steampunk machinery and evolving spacescapes, reactors / futuristic computers, art deco, extradimensional beings, alien cities, floating viny landscapes, transforming robotics, things hard to describe, etc.

I'd love to have a house / secret supervillain lair that looks like this one ;)

The majority of major, targeted hacks (rather than just sweeping the net for vulnerabilities) - aka, the kind of stuff that the US military cares about - involves sending emails or making phone calls and introducing yourself as Bob from IT, and sorry to bother you but there's a problem that we need to discuss with you, but first a couple questions...

They don't need script kiddies, they need social engineers. Question number one in the job interview should be "Is your native language Russian, Chinese, Farsi, Korean or Arabic?" And even as far as the more traditional "hacking" goes, rather than script kiddies they're going to need people who are going to custom analyze a given system and assess it's individual vulnerabilities, people with real in-depth understanding. One would presume that in most cases that the sort of targets that the US military wants to hack are going to keep themselves pretty well patched to common vulnerabilities.

AIs doing hacking? What are you talking about? This is the real world, not Ghost In The Shell.