Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Was referring to microcode compromise (Score 1) 250

Russ1642's mention of "the source for the chips themselves" implied the (remote) possibility of a compiler backdoor implemented as part of a CPU's microcode, something Applekid stated more explicitly. Sure, the WDC 65816 in the Apple IIGS is connected to 1 to 8 MB of RAM into which a compromised compiler may be loaded. But that doesn't mean the CPU's microcode itself is compromised. There are detailed photomicrographs of the 65816, and the microcode part is not that big. I only mentioned it in the first place because something like ORCA/C is highly unlikely to have the same backdoors as popular compilers.

Comment Accepting a signature on a tablet (Score 1) 362

An article published by the U.S. Small Business Administration claims that people are doing signatures on touch screens. Let me guess how it'd be exposed to JavaScript: A digitizer feeds a stream of (x, y) drag events to the script on the page. The page renders these drag events to a canvas. This would work with a standard Wacom tablet on a PC or with the touch screen in a smartphone or tablet.

Comment Re:that's not even wrong... (Score 2) 250

You also need the source for the chips themselves.

Not if the diverse double compiling process includes other CPU architectures. For one thing, there exists a C compiler that runs on an Apple IIGS computer with a 65816 CPU, which doesn't have enough gates to hold a Ken Thompson backdoor.

Comment Diverse double compiling (Score 5, Informative) 250

And how can I trust the cpu to actually execute the code as compiled and not insert it's own microcode into the process?

By using free compilers and ensuring clean binaries using diverse double compiling. (Thud457 mentioned it, and we discussed it a week ago.) Essentially what you do is bootstrap the compiler (compile the compiler's source code with your existing compiler binary, then recompile it with itself) on several different brands of compiler. If the binaries resulting from all bootstraps match, then either none of them have a backdoor or they all have the same backdoor. The more compilation processes you use, the less likely it will be that they all have the same backdoor. To exclude CPU microcode bugs that target a particular compiler, you could try running some of the bootstraps in an emulator such as DOSBox or bootstrap them as cross-compilers on another CPU architecture.

Comment Top US Lobbyist Wants Broadband Data Caps (Score 1) 559

Most of the world doesn't have that kind of cap.

You'd be surprised at what's likely to happen in the near future: Top US Lobbyist Wants Broadband Data Caps

Those caps are for rural people on satellite and places like Australia.

Then what workaround for 4K's higher data rate do you recommend "for rural people on satellite and places like Australia"?

Slashdot Top Deals

All Finagle Laws may be bypassed by learning the simple art of doing without thinking.

Working...