See the original CVE description for the OpenSSL bug, it affects all padding modes as the leak is happening before any padding operations.
Posts by Tomato42
1140 publicly visible posts • joined 31 May 2011
ROBOT crypto attack on RSA is back as Marvin arrives
Salesforce flipflops from 'you're fired' to 'you're hired' in six short months
Red Hat redeploys one of its main desktop developers
OpenAI's ChatGPT has a left wing bias – at times
RAM-ramming Rowhammer is back – to uniquely fingerprint devices
China to Meta: Flattery needed to get you into our VR market
HSBC banks on quantum to lock down comms network

Penny wise pund foolish?
> Uses QKD that had implementations broken multiple times
> Doesn't use Kerberos that is just as secure against quantum computers and has survived the test of time (literally decades)
I guess yet another proof that just because you have the money doesn't mean you have the brains.
What it takes to keep an enterprise 'Frankenkernel' alive
Gen Z and Millennials don't know what their colleagues are talking about half the time
Identity thieves can hunt us for 'rest of our lives,' claims suit after university data leak
Ampere heads off Intel, AMD's cloud-optimized CPUs with a 192-core Arm chip
Are accelerators the cure to video's power problem or just an excuse to peddle GPUs?
Microsoft suggests businesses buy fewer PCs. No, really
ChatGPT creates mostly insecure code, but won't tell you unless you ask
Ex-politico turned Meta hype man brands Metaverse 'new heart of computing'
The ThinkPad X1 Carbon Gen 10 as a Linux laptop
openSUSE finds an elegant solution to x86-64 version support
FBI boss says COVID-19 'most likely' escaped from lab
Chinese defence boffins ponder microwaving Starlink satellites to stop surveillance
Re: @khjohansen - actually....
1. It's illegal to post incorrect information about your spacecraft
2. For a country like China is trivial do random checks of published information
would have been much bigger egg on face for both SpaceX and the US to be caught publishing false info than anything else, it's just not a way of thinking that the CCP is even capable at this point
Tech job vacancies hamper England's digital health plans
What you need to know about the real-time capable edition of Ubuntu 22.04
Learn the art of malicious compliance: doing exactly what you were asked, even when it's wrong
Microsoft boffins contemplate equipping Excel with AI
FOSS could be an unintended victim of EU crusade to make software more secure
Re: If...
Because people that benefit from it (users) don't want to pay more for software to get it.
Just like you need regulation to force people to buy cars with catalytic converters so the same people have better air to breathe, you need to force people to buy software developed with good practices so that we don't have a new headline every month about yet another data breach.
Re: Hurrah for Brexit
> Legislation would be unnecessary if this *really* worked, because this is the holy grail.
How many projects (both open source and not) actually measure the quality of the test coverage they have?
And let me repeat: measure not even strive to improve, just measure. Stuff like path coverage, mutation score? Few and far in between.
Stuff that's already well known and proven to reduce defects in software. Stuff that's already legally mandated for safety critical software (in avionics or systems like ABS in cars).
But, as the Fine Article states, eliminating bugs reduces the cost of the use of the software (which is external to the developer), not the development cost (which is internal).
So, what will happen, is that EU users will be forced to pay more upfront for higher quality software, while UK users will continue to use subpar software (because it is cheaper) and suffer the consequences (because the PII data leaks get a slap on the wrist for the corporations that actually are responsible for them, so the cost is external to them too).
Chinese researchers' claimed quantum encryption crack looks unlikely
India sets USB-C charging deadline for smartphones
Google datacenters use 'a quarter of all water' in one US city
IBM to create 24-core Power chip so customers can exploit Oracle database license
AMD’s latest, greatest Radeon graphics card $600 cheaper than Nvidia’s top RTX 4090

Re: Tempered enthusiam
I thought that it will be the compute dies that will be in chiplets, turns out that it's not the case.
It's the cache that is in chiplets, I don't expect much issues from this, or requiring vastly different behaviour from drivers.
Still, will wait for independent benchmarks before pulling the trigger.
Enterprises are rolling out more AI – to 'middling results'
Russia says Starlink satellites could become military targets
Shareholders slam Zuckerberg's 'terrifying' $100b+ Metaverse experiment
CEO told to die in a car crash after firing engineers who had two full-time jobs
Appeals court already under fire for upholding Texas no-content-moderation law
The next deep magic Linux program to change the world? Io_uring
Re: CDC 6600 had this 50 years ago
And IBM has pioneered the process isolation, system isolation, image isolation and application specific accelerators in the mainframe space that we got only recently or are getting just now in the x86_64 space.
Yes, we should remember the history of the inventions, but an idea without an implementation isn't really useful.
FCC Commissioner demands review of Starlink rural broadband subsidies
Re: Good! Give the money to Starlink!
Sure, the government could also migrate to Celsius and metric system. Right after passing policing reforms to get rid of the institutionalized racism.
Subsidies do work and at least are something that the obstructionist fascists can't block so do cut them some slack.