Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment: Laser cutting directions! (Score 4, Insightful) 59

by Gollum (#47465991) Attached to: SRI/Cambridge Opens CHERI Secure Processor Design

Breathless excitement!

The achievements in the rest of this paper far outweigh the existence of a tablet built on this foundation.

They've created their own 64-bit processor! They've implemented a compiler for it! They've ported FreeBSD to it! That's some seriously impressive stuff!

But the leader has to be the laser cut tablet assembly. :-(

Comment: Re:Nobody Noticed ... Except Everyone (Even Slashd (Score 1) 247

by Gollum (#34251922) Attached to: For 18 Minutes, 15% of the Internet Routed Through China

Noone has to intercept anything, or maintain a session. Just TCPdump the lot, and look at it later.

That is, unless they are trying to intercept SSL, which they COULD do, as a CA cert controlled by a Chinese company has been added to most browsers already.

Comment: Re:obviously meant for low-level debugging (Score 2, Insightful) 217

by Gollum (#34055220) Attached to: The iPhone Serial Port Hack

Alas, this hack won't do it:

In other words, this design is powered with a power source that isn't even available until the iPhone/iPod is booted up.

I guess you could fix that with an appropriate external power supply; a little wall-wart and some appropriate voltage regulation.

A USB-serial adapter like the CA-42 (powered from the PC on the other end) would be perfect for that purpose. Check out all the OpenWRT or similar "serial console" articles.

Comment: Hadn't really found anywhere to post this . . . . (Score 1) 365

by Gollum (#32816308) Attached to: Working Toward a Universal Power Brick For Laptops

I recently bought an HP 6730b laptop on auction. I took it out of the container, and turned it on (without attaching the power supply). It's pretty snappy, and seems to be in good nick.

Perfect for my mother, I thought.

I plugged the charger in, and started installing Ubuntu. Good God! It's taking an AGE to even go through the POST, never mind running the OS. Shit! And the auction specified no returns if the OS has been changed! Now what?

Xorg is taking 80% of the CPU, just moving the mouse around. WTF!?

Long story short, it turns out it is the aftermarket power brick that is to blame. Unplug it, run it on battery, works like a dream. Plug it in, and it all goes to shit.

Check the voltage on the brick - all according to spec.

Looks like it is time to get a genuine brick for my mom.

My only thought is that the laptop is spending more time cycling between power saving (C3?) states that it actually does executing the instructions it has been given. Can anyone explain this behaviour better?

Comment: Re:Buffalo Technology gets my vote. (Score 1) 344

by Gollum (#31976026) Attached to: Open Source Router To Replace WRT54GL?

I have bought a Buffalo WZR-HP-G300NH, and couldn't be happier with it.

4 GbE ports (plus one GbE downstream to an ADSL modem in bridged mode), 32MB flash, 64MB RAM, 1 USB port. Supported by OpenWRT.

While ideally I'd also prefer an integrated ADSL + all of the above, the reality is that they are few and far between (meaning: I couldn't find one!) The advantage of the separated configuration is that should the ADSL modem be fried (e.g. by lightning), with any luck, the more expensive router might survive.

Comment: Java WebStart, J2ME, Java applets (Score 3, Insightful) 127

by Gollum (#29656073) Attached to: Thawte Will End "Web of Trust" On November 16

One thing that a lot of people are ignoring is that Thawte FreeMail certs are used by a lot of small developers to publish Java apps, and this would kill off that ability quite quickly.

That said, I have not seen a word of this on the Thawte web site, which makes me wonder if the submitter is trying to perform a DoS on Thawte for some reason, and are tricking the slashdotters into being that DoS. The page linked takes an enormous amount of time to decide that there is nothing to return, meanwhile slashdotters are beating on the server over and over. Sorry for the OP, though. The rest of their site still seems to be just fine.

Comment: Re:Track record? (Score 4, Interesting) 143

by Gollum (#27237989) Attached to: Card-Sniffing Malware On Diebold ATMs

I did some work for a local bank, and their ATM's were running Windows XP (not embedded), IIS (can't remember the version), and IE. This was to allow them to serve "rich content" (movies, images, animations, etc), without having to write it all themselves. The ATM just had IE talking to IIS, and displaying the results in "kiosk mode". The buttons on the sides of the screen were mapped to keys on the keyboard (I think), and that's how it ran.

I specified a full set of ports that needed to be accessible to the ATM controllers, and that was all that was supposed to be accessible from the network.

However, if you can get access to the back of the machine, it has a second monitor, keyboard and mouse, and you can access the OS, and do whatever you want to do. I *THINK* that the keyboard and mouse were locked away in the vault (or at least behind a door), but the hardware itself is pretty standard PC, so I don't imagine that it would be particularly difficult to add a USB keyboard or mouse and gain access when rebooting the device. Maybe even boot from a USB disk or similar.

The reality is that if you have physical access to practically anything, it is game over.

Personally, I would have been a lot happier to see a stripped down Linux kernel + minimal OS, BIOS passwords, bootloader passwords, etc than the entire Windows stack. Less to verify == more security.

Money can't buy love, but it improves your bargaining position. -- Christopher Marlowe