Become a fan of Slashdot on Facebook


Forgot your password?

Comment Re:Hardware IS compromised - Sold as a feature (Score 1) 259

I agree with your points.

I also agree that, regardless of whether disabling VT-d keeps NSA out of AMT (or equivalent) or if they have some personal back door associated with it, shutting it down is still very useful: It closes this barn door to all the other bad guys who don't have any "extras" and use it as you describe.

Comment Re:Correct! (Score 3, Insightful) 228

... who was Time's Person of the Year in 2001? Osama Bin Laden, naturally?... no, it was Rudy Guliani.

Remember that this choice was made a little less than four months after 9/11, and the popular reaction to the event was so bad that women in California were ordering their dogs to attack people who "looked Muslim" at freeway rest areas. Time is published from New York City, ground zero for the bulk of the attacks.

I suspect they figured that if they gave Osama the title there'd be another building brought down - by New Yorkers with sledgehammers.

Comment Re:Hardware IS compromised - Sold as a feature (Score 1) 259

In most instances on Intel hardware you can effectively disable AMTs interface to the outside world by turning off the hardware virtualization (VT-d) feature in the BIOS.

But how do we KNOW this works? (As opposed to, say, the machine's AMT server no longer talking to remote clients unless the right encrypted hand-waving is done by the client to tell the server it's NSA calling - or the encrypted handwaving telling eavesdropping firmware to switch VT-d on and be cagey about it?)

If I understand it correctly, the AMT stuff is running on a separate ARM core. There's no reason (beyond software elegance) that this has to work through the normal virtualization mechanism, or that NSA wouldn't think ahead and either design it to work with its own mechanism or turn VT-d on but make it act like it's off, and spread the story about VT-d disablin a necessary underpinning of the feature.

Comment Re:Definition of anarchist (Score 1) 396

The term anarchist is usually reserved for people who use violent means to protest or overthrow governments and who aren't organized enough to be called "insurrectionists" or "rebels"

By whom? I smell B.S.

The term "anarchist" is used, by anarchists, political scientists, and anyone astute, to mean anyone who wants (and works for) a situation where governmental control over a population is eliminated (or minimized, though the latter are properly called "minarchists") on an ongoing basis. (This actually requires considerable social organization to achieve.)

  It is used by government propagandists as a pejorative to flame anyone attempting to reduce their power. One part of this operation is to attempt to equate it, in the minds of their target audience, with "nihilist" (a person working for the elimination of all social organization - some of the famous of whom were obvious psychopaths) and various terrorist wackos.

Similarly, "andrchism" gets applied to situations where a government is losing its hold on an area in the face of attacks by one or more self-appointed replacement governments, or where a government has fallen and several such alternative gropus are fighting it out to be the new top dog. Such a situation, in my opinion, is the exact opposite: "Polyarchy" - a multiplicity of governments, and the death and chaos is the result, not of no governments, but of too many. B-b

Comment Hardware IS compromised - it's sold as a "feature" (Score 2) 259

Modern laptops and desktops come with remote administration tools built into the chips on the board. (The vendors tout this as a feature, simplifying administration of a large company's workstations. It's easier and cheaper to build it into everything than to be selective, so it's in the machines sold to individuals, too.)

One example: Intel Active Management Technology (AMT) and its standard Intelligent Platform Management Interface (IPMI), the latter standardized in 1998 and supported by "over 200 hardware vendors". This is built into the northbridge (or, in early models, the Ethernet) chip).

Just TRY to get a "modern laptop" (or desktop), using an Intel chipset, without this feature.

You can't disable it: Dumping the credentials or reverting to factory settings just makes it think it hasn't been configured yet and accept the first connection (ethernet or WiFi, whether powered up or down) claiming to be the new owner's sysadmins.

If the NSA doesn't know how to use this to spy on, or take over, a target computer, they aren't doing their jobs.

Some of the things this can do (from the Wikipedia articles - see them for the footnotes):

Hardware-based AMT features include:

Encrypted, remote communication channel for network traffic between the IT console and Intel AMT.

                Ability for a wired PC (physically connected to the network) outside the company's firewall on an open LAN to establish a secure communication tunnel (via AMT) back to the IT console. Examples of an open LAN include a wired laptop at home or at an SMB site that does not have a proxy server.

                Remote power up / power down / power cycle through encrypted WOL.

                Remote boot, via integrated device electronics redirect (IDE-R).

                Console redirection, via serial over LAN (SOL).

                Keyboard, video, mouse (KVM) over network.

                Hardware-based filters for monitoring packet headers in inbound and outbound network traffic for known threats (based on programmable timers), and for monitoring known / unknown threats based on time-based heuristics. Laptops and desktop PCs have filters to monitor packet headers. Desktop PCs have packet-header filters and time-based filters.

                Isolation circuitry (previously and unofficially called "circuit breaker" by Intel) to port-block, rate-limit, or fully isolate a PC that might be compromised or infected.

                Agent presence checking, via hardware-based, policy-based programmable timers. A "miss" generates an event; you can specify that the event generate an alert.

                OOB alerting.

                Persistent event log, stored in protected memory (not on the hard drive).

                Access (preboot) the PC's universal unique identifier (UUID).

                Access (preboot) hardware asset information, such as a component's manufacturer and model, which is updated every time the system goes through power-on self-test (POST).

                Access (preboot) to third-party data store (TPDS), a protected memory area that software vendors can use, in which to version information, .DAT files, and other information.

                Remote configuration options, including certificate-based zero-touch remote configuration, USB key configuration (light-touch), and manual configuration.

                Protected Audio/Video Pathway for playback protection of DRM-protected media.

Additional AMT features in laptop PCs

Laptops with AMT also include wireless technologies:

                Support for IEEE 802.11 a/g/n wireless protocols

                Cisco-compatible extensions for Voice over WLAN

This just happens to be one I'm familiar with. I don't know whether (or which) other chip makers (such as AMD) have similar "features" built in as well (though I'd be surprised if they didn't, since they want to sell into big companies, too).

Comment So put it under a freeway! (Score 3, Interesting) 110

Each hole might be of manageable size. But the array would be on the order of the same size as the town. That's a lot of holes and a lot of property you are going to be perforating.

It must be on the scale of the town IN ONE DIMENSION. Linear-square law: The bigger the area you're protecting, the lower the percentage of the area you need to perforate.

So you need to perforate a strip around the town to do this? Do it while you're ALREADY perforating such a strip. Like when you're building (or revamping) the next beltway-freeway around the city of interest, or approving a rezoning for the construction of a new outer subdivision.

Comment Or send it back out to sea. (Score 1) 110

divert tsunamis from strategic buildings and towards some poor fishing village full of primitive natives nobody cares about.

You can also use this to send the wave back out to sea - and defocus it while you're at it, so it's just a slightly higher wave than usual when it finally gets to another piece of land.

This is what happens to it when it hits shore: Some of it bounces and is diffused - or possibly focussed. By doing this intelligently we can make it SMALLER when it hits the "secon

Comment Energy level doesn't matter in this case. (Score 1) 110

You are talking about redirecting amounts of energy in a wall of water than may be 10-20 feet high or more, yet it comes in as a solid wave and the elevation stays at that height causing water to move inland extremely fast for a long time.

It would be easy to calculate what amount of energy that would be in a width of a town: ...

Yes, you are. So what? That energy is spread out over a very wide area. You're talking about building a "lens" over a similarly wide area - out where the "tsunami" is a gentle (though fast-moving) rise of a couple inches to a foot - representing a water current that's comparable to other wave action. The only thing special about a tsunami is that it's a very low frequency wave.

A mirror, lens, or metamaterial doesn't care HOW much energy it's handling, until the energy density gets high enough to start damaging it. The energy density of a tsunami, spread out over those same several miles or whatever, is quite low.

In fact, it's a similar structure acting on the wave - the gradual rise of the seabed as you approach the beach - that concentrates the energy of the tsunami, along its direction of propagation, into a destructive, abrupt, wavefront.

Comment Industrial-grade vanadium redox. (Score 1) 579

Hawaii has basically hit the saturation point of renewable energy until a decent storage system is developed.

A fine, industrial scale, storage system has already been developed and deployed. It's the "vanadium redox" battery.

Think of it as a battery built something like a liquid-fueled fuel cell, with chemical solutions pumped across the two sides of a membrane going through oxidation-state changes, and the electrons going the long way around via conductors on the surfaces of the membrane to cross the potential difference. In this case the solutions on BOTH sides are the same soluble vanadium compounds (except for the different oxidation state of the vanadium), so minor leakage doesn't contaminate the solutions.

Pumping the liquid "electrodes" of this battery decouples power and energy storage rating. Size the cells for the power requirement, size the tanks for the energy storage requirement.

This has already been developed and deployed for utility energy storage. As I understand it: It's quite cost effective and the limited deployment is mainly because it's still under patent protection and the one manufacturer isn't big enough (yet) to make a dent in the power grid's potential market. (Of course it's also new, so it's not yet time-proven.)

Comment Re: There must be a very good reason... (Score 4, Insightful) 579

Solar goes from zero to max out put from dawn to solar noon back to zero at sunset. ... You need a huge amount of peaking plants to keep the grid stable. You do not want large voltage and or frequencies swings.

Except that renewable energy largely feeds during the peaks, REDUCING the need for peaking generation. Solar generates more during sunny times, closely tracking air conditioning requirements. Wind peaks in afternoon/evening, along with classical peak load, due to "lake effect" wind at good sites (i.e. Altamont pass, with the Pacific for the "lake" and California's central valley for the "land") and also tracks heating requirements, due both to lower temperatures during stormy times and greater thermal transfer through walls during windy times. A mix of solar and wind is normally a close match to the grid's peak cycle.

Meanwhile, generation-affecting weather phenomena, like storm shadows and weather-related winds and gusting, make output vary quickly at any given site, but with both solar and wind generation spread out over many square miles and grid-connected these variations are smoothed out. They're also predictable days in advance.

So solar and wind DECREASE the need for peaking generation.

Comment Because there are also wiring losses. (Score 1) 579

... as home lighting is trying to become more efficient, LED lighting wants to work on lower power but efficiency is actually harmed with each AC-DC conversion for each LED lamp. So why not start by going DC in the home?

Because you have to include the (square law!) resistive losses of the wiring, too. For every factor of two you drop the voltage you must multiply the amount of metal in your wriing by by a factor of four to get the same percentage loss for a given amount of powe4r transferred., Going low-voltage DC means putting in a LOT of new VERY HEAVY copper wire, and copper is currently so expensive that thieves are actually breaking into empty houses and ripping open the walls to steal it.

Meanwhile, semiconductor-based switching-type voltage converters have become very cheap and very efficient - to the point that modern commercial computer and networking equipment puts individual voltage converters next to the major chips, to save a substantial amount of power (mainly to reduce cooling requirements) from transporting the power across a few inches of power-plane printed circuit layer.

By substantial, I mean that, by feeding the boards 48V and regulating it beside the chips, rather than using a single regulator where the power enters the board, they more that cut their heat losses IN HALF. The resistive losses at low voltage were bigger than the load AND its regulator. It's the same story as using high voltage transmission lines cross-country. But now switching regulators are substantially more efficient than line-frequency transformers.

So you want the regulators at the load, to keep your efficiency up and your house wiring costs and losses down. The last step: Switch to DC at high voltage for the house wiring? Why bother? You don't lose enough extra power or add enough extra cost by including a couple diodes and a filter capacitor to make up for the trouble of retooling ALL THE APPLIANCES for AC/DC capability, and failing to do that means you still need both AC and DC wiring in the home (doubling the wiring again) or to only be able to use DC-capable devices. How many gadgets do you have powered by transformer-based "wall warts"?

Comment Make me think twice? Sure does! (Score 1) 579

... does this make you think twice about it?

It sure does. Here's the relevant sentence:

Efficiency gains and cost reductions has brought the price of solar energy to within parity of traditional power generation in states like California and Hawaii.

I.e. places with enough sun (5ish or so solar hours) to make it worthwhile. (It's not just the subsidies.)

What's new is that the breakeven point is finally being crossed. So it's finally time to look into actually getting off the grid.

Comment Re:Did Civilization Create Beer? (Score 2) 89

Anthropologists are currently documenting another way it may have led to civilization: Tribes brewing batches of beer and, when it's ready, throwing beer parties and inviting the neighboring tribes (who reciprocate when THEIR beer is ready - or do some other valuable thing for the partygivers). This leads to alliances and good relations between polities.

Slashdot Top Deals

The two most beautiful words in the English language are "Cheque Enclosed." -- Dorothy Parker