Comment Re:Good grief... (Score 1) 681
My undergrad curriculum had a class where we designed a pipelined processor, though we didn't actually build it. It was an interesting and educational experience for me, and I'm glad to have done it.
My undergrad curriculum had a class where we designed a pipelined processor, though we didn't actually build it. It was an interesting and educational experience for me, and I'm glad to have done it.
And he died more than a year after the end of his "treatment".
This. There is a good chance that Turing actually didn't commit suicide, but rather died of accidental cyanide inhalation. He had set up a chemical lab in his living space and wasn't exactly using OSHA-approved storage protocols for dangerous chemicals. His mother, at the time, said she didn't think he'd killed himself, and contemporary accounts were that he was doing pretty okay. The supposedly cyanide-poisoned apple was not tested for cyanide. None of this is conclusive.
IMO, any modern report on Turing should account for the possibility he didn't kill himself. The suicide angle makes a great story for gay rights activists, but it does a disservice to the memory of this great man to reduce him to a political talking point. The forced hormone treatment was abominable, whether or not it drove him to suicide. There's a chance it did, and a chance it did not.
Heh
But, you may have a point: it might be possible to electrically tap the PCI or PCI Express bus and do bad things with DMA, even if the bus wasn't built to support hot-swapping. You'd probably need custom hardware, a lot of time, and a lot of luck, though. Also, you'd need to keep power to the CPU on, meaning stuff like chassis intrusion detectors would be a sufficient countermeasure.
I intended no sarcasm. I think the Bill of Rights was a very good idea.
The story is actually very interesting. The Bill of Rights was enacted as a compromise to get the Constitution passed. The Constitution was not our first government -- that was the Articles of Confederation, but the Articles of Confederation basically wasn't working at all because it was a very poor design.
Some highlights: it gave the federal government so little power it couldn't do anything. It couldn't even pass taxes; the states were supposed to voluntarily pitch in. It also required unanimous consent in Congress to pass any law, and Congress was all there was; there was no executive or judicial branch.
So some of the leaders -- the Federalists -- drafted the Constitution to replace it. But there were Anti-Federalists, and they argued the central government would become so powerful it would eventually turn tyrannical. So, the Bill of Rights was added to placate them. We can see now that was a really, really Good Idea(TM).
I get writing a compiler, but why a text editor?
Personally, though coding certainly helped, I think my high school economics classes really helped dispel a lot of my personal "magical thinking" about social issues. That framework is much more useful than if/then/else for thinking about human endeavors. I think CS is cool, of course, but economics and statistics (correlation versus causation) are the logical/mathematical fields we should be pushing for everyone to know.
For all practical purposes, you are incorrect. Desktops and laptops do not typically support PCI Express hot swapping; this is a feature implemented only on high-end server chipsets.
Additionally, grow up.
I assume you mean PCI Express, since PCI-X is an obsolete standard not used on modern systems, but the answer is the same for PCI, PCI-X, and PCI Express, so no matter.
The TRESOR-HUNT attack works by having the attacker plug a malicious peripheral into the running computer, then having that peripheral use DMA to write malicious code into the computer's RAM which copies the encryption key out of the CPU.
Plugging a PCI card into a computer while it is running is likely to fry the motherboard, or at the very least cause an immediate system crash, so this is not a risk.
I am the author of Loop-Amnesia, a system similar to TRESOR, but more sophisticated in that it supports multiple encrypted volumes. After looking over the article, it does not appear that this is at all similar. It also does not appear to protect against the cold boot attack as claimed.
The authors claim a 2% performance reduction. Such a reduction implies that the instructions are not being decrypted literally on-the-fly; the reduction would be much more severe then. They're using a tactic called a "TLB split", which corrupts the cached page table so that reading memory gets you different results from executing it. A page of executable code is likely decrypted with a key stored in the CPU, put in a different physical page, and then the TLB split is performed so that executes go to the other page while reads still go to the encrypted page.
The cold boot attack dumps physical memory. This tactic corrupts virtual memory to frustrate analysis. The executable code is still stored in RAM somewhere, just not somewhere where you can get to it by reading from a virtual memory address. The cold boot attack would still work fine.
Finally, TRESOR and Loop-Amnesia are not broken. TRESOR-HUNT only works if you enable DMA on your FireWire bus. You shouldn't be doing that anyway.
It's experimental now, but it won't always be. Are you saying that you won't use it because it's experimental now, or you won't ever use it because you think there is something fundamentally wrong with the approach?
Well, LTE roaming could still be useful to you even if there are no roaming agreements. Just get a local SIM.
I get that, but you can do process migration without virtualization: http://criu.org/Main_Page
Is it just because that's experimental still?
Why would you use virtualization in such an environment? Not trying to be argumentative, but it doesn't seem like virtualizing a bunch of database servers would be that big a win. So many people post here about virtualization that I'd like to know what they find so useful about it.
I personally just don't like the concept of adding a layer between the OS and the hardware. The OS is supposed to handle running different programs and providing the environment they need to run. If it's not, fix the OS, don't just add another layer and take the associated performance hit.
If anyone wants to argue this point because you think Singleton is a good design pattern, you're a bad programmer and should consider getting a MBA.
That's not a very good argument.
Even if it's the one good example of a time when a singleton might actually be a good fit for something, the code review board will shoot it down.
Where do you work where you have an entire board dedicated to code review?! How do you get anything done!?
The only places where that much red tape is justified is with pacemakers, airplanes, manned space flight, and anything with the word "nuclear" in it. And maybe a few other cases, but you get the idea.
The moon is made of green cheese. -- John Heywood