Re: CCS may be a standard, but not a good one
Unless I’m massively wrong, a UK Model 3 has a CCS connector. It definitely fits; if it didn’t a model 3 wouldn’t be able to use a Tesla supercharger which might be considered a bit of a disadvantage.
Posts by jch
11 publicly visible posts • joined 3 Apr 2016
SAE says yes to making Tesla EV chargers an American standard
Let's... drawer a veil over why this laser printer would decide to stop working randomly
Friday 6th November 2020 09:12 GMT
Well, you say that but ...
A long time ago there was a PDP11/70 with an intermittent crashing problem. Engineers were called out to scratch their heads, mutter under their breaths, and leave the problem unfixed.
Eventually, by accident, one of the engineers happened to swing the rear door panel of the cabinet out of the way so he could get past. The 11/70 promptly crashed.
It transpired that there was a cable that was disturbed when said panel blew in the aircon breeze. The cable was replaced and all was happy until it rained.
(The machine room was underground and the building covered an old stream which occasionally resurfaced in the far corner)
Stuck inside with nothing to do? Apple fires out security fixes for iOS, macOS, wrist-puters... and something weird called iTunes for Windows
Wednesday 25th March 2020 08:48 GMT
Re: (CVE-2019-19232) that allows commands to be run "as a non-existent user"
I can only think that if you can run a program as a UID that doesn’t exist on a local machine of some sort you can use that to exploit another machine of some kind.
I don’t really believe that this is a vulnerability and it certainly doesn’t deserve its CVSS score.
All good, leave it with you...? Chap is roped into tech support role for clueless customer
Linus Torvalds opts for the scream test: Linux kernel syscall tweaked to shut data-leak hole – anyone upset, yell now
New side-channel leak: Boffins bash operating system page caches until they spill secrets
Tuesday 8th January 2019 08:01 GMT
Re: Linux patch
Yes, it is a change of semantics. Previously you could find out if someone had recently been looking at, say, /usr/share/dict/words but with the patch you can’t. You can only find out if a file is mapped by a process.
In practice this is not likely to be a big deal: mincore(2) is not exactly heavily used. You can still use mincore(2) to find out if some shared library, for example, is in use because it is mapped. You can’t know whether the pages behind the map are resident or not.
Monday 7th January 2019 16:33 GMT
Linux patch
Linux now has a patch: 574823bfab82 ("Change mincore() to count "mapped" pages rather than "cached" pages")
It changes the semantics of mincore(2) to report mapped pages rather than present pages which means that you can no longer use that to determine if a file is present in the cache. You might still be able to mount a timing attack by flushing pages and measuring how long it takes to load the page to determine whether it was present before you loaded it. Whether that makes the attack infeasibly slow I wouldn't like to say.
Systemd kills Deb processes
Tuesday 31st May 2016 22:11 GMT
Re: Why user processes should persist after logout?
I do this regularly. I kick off a long-running compile, for example, then I log out because I'm going home and I'm not going to be logged in.
People have worked like this for a long time and now systemd comes along and says, no you can't do that, you must stay at work until 10pm watching your long running build run.
What struck me as especially stupid was the comment that perhaps system users should be exempt from that policy. What's a system user? The user created for that application software you just installed? You're not retrospectively insisting that application software should have its user's uid < 1000 but those uids are informally reserved for system use, not application use.
systemd needs a dose of real-life -- forcing your own desktop world view on everyone is preternaturally arrogant and stupid.
Biting the hand that feeds IT
