Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Re:I call bullshit on anything from Forbes (Score 1) 132

by DamonHD (#49534389) Attached to: New Javascript Attack Lets Websites Spy On the CPU's Cache

Look elsewhere in this story: I've posted a 2013 paper where using this type of attack it appears that very nearly 100% of your secret key bits can be recovered as you do a single encryption in another process.

Note: not just revealing that I did an encryption, but what the bits of the key were that did it.

*That* seems bad enough to need serious thought (or refutation) ASAP.



Comment: Re:Not very useful. (Score 3, Informative) 132

by DamonHD (#49531359) Attached to: New Javascript Attack Lets Websites Spy On the CPU's Cache

Such as this?


"We demonstrate the efficacy of the FLUSH+RELOAD
attack by using it to extract the private encryption keys
from a victim program running GnuPG 1.4.13. We tested
the attack both between two unrelated processes in a sin-
gle operating system and between processes running in
separate virtual machines. On average, the attack is able
to recover 96.7% of the bits of the secret key by observ-
ing a single signature or decryption round"



Comment: Re:"Surge Pricing" (Score 1) 96

by DamonHD (#49515147) Attached to: How Uber Surge Pricing Really Works

Interesting, thank you.

Given that I no longer see differential pricing in any of my own retail bills, and given remarks from BT execs some time ago that they'd like the differentials to go away, I assumed that they'd gone at wholesale level too.

What ratios are there in the wholesale pricing, eg is it still anything like 4:1 between the highest and lowest by time of day?



Comment: Re:"Surge Pricing" (Score 4, Insightful) 96

by DamonHD (#49505493) Attached to: How Uber Surge Pricing Really Works

It's called 'scarcity pricing' if you want to keep emotion out of it.

Sometimes it's needed to help prevent a service being overwhelmed: our phone calls used to cost 4x more 9am to 1pm than 6pm to 8am because our phone service (government run) had limited available bandwidth. Now that is no longer an issue (largely c/o fibre optics) there is no pricing surcharge for the daytime peak. Nor even for national vs local calls in the UK. It was a premium charge or lots of failed calls, including for those who really had no alternative to using the morning business slot.



Comment: Re:Waste is heat! (Score 1) 198

Yes it is, because you are wasting lots of extra exergy, ie you could be getting the heat you need with far less electricity, leaving the rest for someone else or allowing less upstream resource (nuclear fuel, water, transmission infrastructure) to be consumed for the same outcome.



Comment: Re: What Would be a Trivial Amount? (Score 1) 198

Indeed. We should be targetting microwatts or at most tens of milliwatts not tens of watts. We're talking lazy engineering and insufficiently discerning end-users here.

(I'd like to chat about your stuff off-line, BTW. as part of our public IoT Launchpad project, see sig!)



Comment: Re:QuikClot and Celox (Score 3, Interesting) 76

by DamonHD (#49364213) Attached to: Material Made From Crustaceans Could Combat Battlefield Blood Loss

Is there a significant antigen left in this foam?

I know people can be allergic to almost anything, but this looks to me like only relatively simple innocuous compounds remain in the foam.

The point being on the battlefield, what proportion of people would be killed by this from anaphylaxis (say) rather than saved by it?



Nothing will ever be attempted if all possible objections must be first overcome. -- Dr. Johnson