Forgot your password?

Comment: Doesn't look unreasoanble (so far) (Score 3) 189

by marcansoft (#48009543) Attached to: NVIDIA Begins Requiring Signed GPU Firmware Images

So, they're locking out things that can brick the card (flash ROM/fuses, screw up thermal sensors) and apparently a hint of OS security (the Falcons that respond to userspace commands can no longer access physical memory, only virtual memory). The latter sounds somewhat bizarre, considering the firmware should be fully under the control of the driver, not userspace (I guess/hope?), but not unreasonable. Maybe there are software security reasons for this.

Nouveau is free to continue using its own free blobs or to switch to nvidia's. If they start adding restrictions that actively cripple useful features or are DRM nonsense, then I would start complaining, but so far it sounds like an attempt at protecting the hardware while maintaining manufacturing flexibility for nvidia. This isn't much different from devices which are fused at the factory with thermal parameters and with some units disabled; the only difference is that here firmware is involved.

NV seem to be turning friendlier towards nouveau, so I'd give them the benefit of the doubt. If they wanted to be evil, they would've just required signed firmware for the card to function at all. The fact that they're bothering to have non-secure modes and are only locking out very specific features suggests they're actively trying to play nicely with open source software.

Comment: Re:Current.... melt (Score 1) 227

by marcansoft (#46685951) Attached to: Nanodot-Based Smartphone Battery Recharges In 30 Seconds

It's 2Ah, so 240A.

Now, it could be that their battery runs at a higher voltage (and thus not really 2Ah, but they're using that figure as a 3.7V li-ion equivalent capabity), or that there is a power converter built into the battery pack (unlikely for a prototype, though). Still, even for a 37V battery (vs. 3.7V for a normal Li-Ion cell), we're talking 24A. That cord didn't look like 24A cord, and I highly doubt they were using a voltage higher than 37V to charge (especially not with exposed banana jacks like that).

I call the demo highly dubious if not an outright fake/mock.

Comment: Re:Hey (Score 5, Interesting) 80

by marcansoft (#46596519) Attached to: eBay Japan Passwords Revealed As Username+123456

Sorry for the threadjack, but this is yet another case of horrible security reporting.

From watching the video, what it seems happened here was that eBay chose phpBB for their community forum, but did not integrate its authentication system directly with eBay's on the server side. Instead, the site was set-up as a standalone system, and whoever implemented the integration had the bright idea of hardcoding the forum password for everyone as username+123456, and then just having the eBay login page issue a hidden POST request behind the scenes to authenticate users to the community forum section.

Thus, this allows anyone to trivially impersonate anyone else on the forum. It shouldn't have anything to do with the rest of the site, though. Nor does this have anything to do with initial passwords, salts, or any of the other terms that have been thrown around.

A case of absolutely retarded login integration for the community site, but not something that would allow people to take over others' main eBay account. What this says about the people running eBay is another matter entirely...

Comment: Re:Dumb (Score 3, Informative) 358

by marcansoft (#46488967) Attached to: EU Votes For Universal Phone Charger

This is incorrect. There is no bidirectional negotiation between chargers and devices, nor are there any magic extra pins (at least for pretty much all Android and Apple products - dunno about Zune).

What there is is one USB charging standard, that basically says one thing and one thing only (that matters): if the data pins are shorted together (but otherwise not connected to anything), then the port is a Dedicated Charging Port. A DCP must meet certain voltage/current curve ranges and may be engineered to supply anywhere from 500mA to 1.5A (or more), with the voltage dropping as the device exceeds the charger's maximum. Devices are simply supposed to regulate current draw upwards until the voltage drops below a threshold, indicating the charger's capability. No digital negotiation takes place. Devices are limited to 1.5A charging current, which is quite typical for modern devices (and significantly better than the 500mA of a non-charging port).

There is a newer USB Power Delivery specification that is much more recent, supports higher powers, probably uses more complex negotiation (I haven't read it), and nothing implements it yet.

Then there's what Apple does - they have an incompatible implementation that uses resistors on the data pins in the charger to signal its current capability. Different resulting voltages mean different current levels. This is completely incompatible with the USB charging standard. Recent Apple devices (since the iPhone 3G or so) do support DCP chargers (to some extent - some charge more slowly, and I don't know about larger iPads?), but non-Apple devices will only charge at 500mA or worse from Apple chargers.

Comment: Re:Faster is not necessarily better: Quality matte (Score 5, Informative) 101

by marcansoft (#46315575) Attached to: FFmpeg's VP9 Decoder Faster Than Google's

This is false. Decoding for modern video formats is strictly defined, and all decoders must produce bit-perfect output. You can add as many filters as you want after that, but that's a postprocessing step in the video player and has nothing to do with the decoder. Things like in-loop filters are strictly defined as part of the decoding process and must be there for the decoder to be considered correct.

Comment: Re:Why does Wikimedia hate batteries? (Score 1) 235

by marcansoft (#46259171) Attached to: FLOSS Codecs Emerge Victorious In Wikimedia Vote

Nope, they just crash, lag, or play it with severe artifacts (the latter happens with some hardware codecs and 10bit files).

Basically no modern video codecs are designed to gracefully degrade given limited decoder features, because they rely on bit-perfect output to be used as a reference for future frames. Any error accumulates in the decoding loop and becomes significant artifacting until the next I frame.

+ - Ask Slashdot: What's there to like about the BETA?-> 7

Submitted by Narnie
Narnie (1349029) writes "I come to /. not for the nearly interesting pseudo-tech articles, but for the lively, self-moderated discussion. Today I'm bit surprised to see every discussion summarized to fuckbeta. Popping up all over the place there's discussions about beta and even alternatives being revived and created. As I tend not to RTFA, I haven't sampled the beta myself. So, I ask you guys, what's there to like about the BETA and what's there to loath?"
Link to Original Source

Comment: It's just 1200baud 7O1 Bell 202 (Score 5, Informative) 163

0x80 is just a null byte with odd parity. What she apparently missed is that this is bog-standard Bell 202 AFSK (1200 baud) with 7 data bits and odd parity, and the data is ASCII. By throwing away the top nybble, she was throwing away the parity bit and the top 3 bits of the ASCII encoding of decimal digits. The fact that it was a parity bit should've been pretty obvious, since the top nybble flips between 0x3x and 0xbx in the pattern that you'd expect for a parity bit.

You can decode it with off the shelf software, throw away the top bit, and get back mostly ASCII:

$ ./minimodem --rx 1200 -f ~/helicopter.wav | tr '\200-\377\r' '\000-\177\n'
### CARRIER 1200 @ 1200.0 Hz ###
  282 0002.3
#L N390374 W09432938YJ
#AL #NA 282 0002.3
#L N390374 W09432938YJ
#AL #NA 283 0002.3
#L N390372 W09432928YJ
#AL #NA 283 0002.3
#L N390370 W09432918YJ
#AL #NA 283 0002.3
#L N390370 W09432918YJ
#AL #NA 283 0002.3

I'm actually surprised that she missed / didn't mention this, considering her experience with signals analysis and demodulation. This is pretty much as basic as telemetry data modulation gets! Then again, as a reverse engineer myself, sometimes we get caught up doing deep analysis of something that later turns out to be totally trivial :)

Comment: Re:An O'Scope (Score 2) 215

by marcansoft (#45480403) Attached to: Ask Slashdot: What's On Your Hardware Lab Bench?

The MHz number on the box is the bandwidth, not the sample rate. The sample rate is measured in samples per second (GSps). A 100MHz scope is probably adequate for analog signals up to 100MHz. However, if you're debugging a digital signal, you want a scope that has 3x the bandwidth of your signal's base frequency or more, because square waves are composed of the base frequency and an infinite number of harmonics. If you only have bandwidth for the base frequency, your square wave will be distorted into a sine wave and you won't be able to accurately see ringing, glitching, and other artifacts.

I have a 1GSps, 100MHz scope. I wouldn't use it for serious digital signal debugging above 30MHz (which is 33x lower than the sample rate), due to the bandwidth constraint. It's adequate for seeing if stuff up to 100-150MHz is "there" though (and for reading the bits out if you just want to use it as a poor man's logic analyzer), just don't expect to diagnose signal integrity and timing issues at those speeds.

They laughed at Einstein. They laughed at the Wright Brothers. But they also laughed at Bozo the Clown. -- Carl Sagan