Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Politely Disagree (Score 2) 667

The lessons of Liberal Arts last for a lifetime, compared to technology which is largely short lived knowledge. I'm sure you were proud of your Commodore64 knowledge like I was at the time, but that stuff all vanished. As did DOS, SunOS 2, HP-UX 9, and all of these other technologies that people said were "essential" to know. The latest application is not important when a large portion of the population can't afford it.

If you learned SunOS 2 or HP-UX 9, most of that knowledge is applicable to Solaris and modern Linux distributions today.

Comment: Re:Be realistic (Score 4, Interesting) 194

by linuxrocks123 (#49107937) Attached to: The Imitation Game Fails Test of Inspiring the Next Turings

And he died more than a year after the end of his "treatment".

This. There is a good chance that Turing actually didn't commit suicide, but rather died of accidental cyanide inhalation. He had set up a chemical lab in his living space and wasn't exactly using OSHA-approved storage protocols for dangerous chemicals. His mother, at the time, said she didn't think he'd killed himself, and contemporary accounts were that he was doing pretty okay. The supposedly cyanide-poisoned apple was not tested for cyanide. None of this is conclusive.

IMO, any modern report on Turing should account for the possibility he didn't kill himself. The suicide angle makes a great story for gay rights activists, but it does a disservice to the memory of this great man to reduce him to a political talking point. The forced hormone treatment was abominable, whether or not it drove him to suicide. There's a chance it did, and a chance it did not.

Comment: Re:Bring it on, folks! (Score 1) 215

by linuxrocks123 (#49078737) Attached to: New Encryption Method Fights Reverse Engineering

Heh ... you're lucky. I seated a PCI card in wrong once and it shorted out. Fortunately, it was only $10 or so to replace.

But, you may have a point: it might be possible to electrically tap the PCI or PCI Express bus and do bad things with DMA, even if the bus wasn't built to support hot-swapping. You'd probably need custom hardware, a lot of time, and a lot of luck, though. Also, you'd need to keep power to the CPU on, meaning stuff like chassis intrusion detectors would be a sufficient countermeasure.

Comment: Re:Redundancy Is Good For Civil Rights (Score 5, Informative) 46

The story is actually very interesting. The Bill of Rights was enacted as a compromise to get the Constitution passed. The Constitution was not our first government -- that was the Articles of Confederation, but the Articles of Confederation basically wasn't working at all because it was a very poor design.

Some highlights: it gave the federal government so little power it couldn't do anything. It couldn't even pass taxes; the states were supposed to voluntarily pitch in. It also required unanimous consent in Congress to pass any law, and Congress was all there was; there was no executive or judicial branch.

So some of the leaders -- the Federalists -- drafted the Constitution to replace it. But there were Anti-Federalists, and they argued the central government would become so powerful it would eventually turn tyrannical. So, the Bill of Rights was added to placate them. We can see now that was a really, really Good Idea(TM).

Comment: Re:No (Score 1) 291

by linuxrocks123 (#49059219) Attached to: Should We Really Try To Teach Everyone To Code?

Personally, though coding certainly helped, I think my high school economics classes really helped dispel a lot of my personal "magical thinking" about social issues. That framework is much more useful than if/then/else for thinking about human endeavors. I think CS is cool, of course, but economics and statistics (correlation versus causation) are the logical/mathematical fields we should be pushing for everyone to know.

Comment: Re:Bring it on, folks! (Score 2) 215

by linuxrocks123 (#49052755) Attached to: New Encryption Method Fights Reverse Engineering

I assume you mean PCI Express, since PCI-X is an obsolete standard not used on modern systems, but the answer is the same for PCI, PCI-X, and PCI Express, so no matter.

The TRESOR-HUNT attack works by having the attacker plug a malicious peripheral into the running computer, then having that peripheral use DMA to write malicious code into the computer's RAM which copies the encryption key out of the CPU.

Plugging a PCI card into a computer while it is running is likely to fry the motherboard, or at the very least cause an immediate system crash, so this is not a risk.

Comment: Re:Bring it on, folks! (Score 3, Interesting) 215

by linuxrocks123 (#49051091) Attached to: New Encryption Method Fights Reverse Engineering

I am the author of Loop-Amnesia, a system similar to TRESOR, but more sophisticated in that it supports multiple encrypted volumes. After looking over the article, it does not appear that this is at all similar. It also does not appear to protect against the cold boot attack as claimed.

The authors claim a 2% performance reduction. Such a reduction implies that the instructions are not being decrypted literally on-the-fly; the reduction would be much more severe then. They're using a tactic called a "TLB split", which corrupts the cached page table so that reading memory gets you different results from executing it. A page of executable code is likely decrypted with a key stored in the CPU, put in a different physical page, and then the TLB split is performed so that executes go to the other page while reads still go to the encrypted page.

The cold boot attack dumps physical memory. This tactic corrupts virtual memory to frustrate analysis. The executable code is still stored in RAM somewhere, just not somewhere where you can get to it by reading from a virtual memory address. The cold boot attack would still work fine.

Finally, TRESOR and Loop-Amnesia are not broken. TRESOR-HUNT only works if you enable DMA on your FireWire bus. You shouldn't be doing that anyway.

A man is not complete until he is married -- then he is finished.

Working...