* Posts by Sam Mason

5 publicly visible posts • joined 5 Mar 2008

Google applies patch to nasty Chrome vulns

Sam Mason

RE: Security is safe in Google's hands

The disclosure does say "An attacker might be able to run arbitrary code within the Google Chrome sandbox." *Within the sandbox* is the important part, and means that the attacker's code is severely hampered and would have to exploit some sort of privilege escalation within windows to get out and touch the user's (or the system's) files or network connection. This is good because the attacker would have to have two working zero-day exploits (one in chrome and one in windows) to have a chance of attacking an uptodate system.

64-bit Chrome takes centre stage in Linux land

Sam Mason

re: Is there a need for a 64 bit browser

no, 64bit OSs will generally run 32bit binaries without a problem. To pick one example, Linux has been able to do this for a long time. 64bit processes need more memory (pointers are twice as big) and hence tend to be slower than 32bit ones. There are some cases where it's indeed helpful to have 64bit processes, but it's definitely not a case of 64bit = always better.

Cameron Colley: If a 64bit OS is designed to run 32bit processes and has a problem with them, then that's a bug that should be fixed. 32bit processes are fine when you don't need to address more than about 2GB of memory at any one time, and this is true for a surprising number of programs.

Brazilian TV ad: Save water, piss in the shower

Sam Mason

remind me why it matters again?

I don't get it, the world is *not* running out of water so "saving water" seems somewhat pointless.

Saving the energy used while purifying the water makes sense and reducing chemical usage is laudable. How much of either are actually used I don't know, but even if I did I'd hazard a guess that industrial use so enormously overshadows normal consumer use that this will make about as much difference as pissing into the wind.

Police ad urges: 'Trust no one'

Sam Mason

I blame the media!

The media comes down far too hard on any little mistake made; the natural response (of, i.e. politicians and police) to this is to make sure you don't make any mistakes. To do this you've got to be keep taking a tougher line than before and we quickly get into situations like we're seeing here.

I'm basically plagiarizing Bruce Schneier's argument:


Tool makes mincemeat of Windows passwords

Sam Mason

IOMMU anyone

why should external hardware have unfettered access to my system's internals? bigger machines have had things called IOMMUs for a while that stop, a bit like the MMU on your CPU, hardware from looking at memory they shouldn't. crypto is another way to do this, it's much less efficient though.