Posts by Blazde

Re: Replacement versus successor

You can always auto-translate C/C++ code to Rust. The issue is you're left with lots of unsafe code or you have to tidy up your memory ownership to satisfy Rust's strictness (which could involve big architectural changes to pull off cleanly), however the fact your code doesn't already satisfy Rust's ownership model IS a valid reason to call it broken if you care a lot about security, and will make it easier to maintain if you reduce the firehose of CVEs.

As for Rust being difficult to learn, it isn't really. It's more accurate to say it's difficult to learn how to code in a memory safe way and Rust happens to force (or at least strongly convince) you to learn that fairly invaluable skill. I'd even say it's much easier to learn the skill with Rust as a crutch rather than spending years of your life debugging mysterious memory corruption bugs as punishment for not being born with the skill.

Without thinking about it too much.. static scenes wouldn't benefit from multi-frame interpolation (in a not dis-similar way to how detailed photographs don't benefit from resolution enhancement as much as cartoon images do - the required information just isn't present), and there a lot of static scenes in old TV shows so the results would be uneven, glitchy and probably feel more unreal than simply watching the low-res version and letting the more worldy-experienced AI in our heads figure out the detail.

Zoom meeting eyeglass reflection is probably a best case scenario because there'll always be small amounts of head movement to provide differing information over multiple frames.

Re: NSS

The problem is that serialisation is awfully convenient.

A well known MMOG - written in a non-Java language I won't mention because it would probably give the game away - uses serialisation for network communication. Many years ago I dug into it that part of it and quickly found a dozen separate vulnerabilities (some of them caused heap corruption, some just causing memory violations that would bring down the targetted client or server without taking it over, etc).

The most egregious involved them allowing a limited set of method calls to be serialised. A sort of a la carte direct-'gadget' menu. My creative juices began flowing dreaming up the most majestic exploit that could be written with such tools. Of all the possibilities for combining them which would I choose? But the inventive process was cut short when one of the methods turned out to be "Hey, run this arbitrarily long string of code for me please".

The more difficult problem was how to get across to the company the breadth of the problem. You could see why they'd done it, apart from the gaping security issue, the architecture was powerful but clean. You could abstract really complex object behaviour, throw the object across a TCP connection or some shared memory to another process, put it in a database, and retrieve it years later when your codebase had moved on, all without caring much what the object was in the first place. Knowing the genesis of the game, how rapidly it was prototyped with so few developers, it's quite likely it wouldn't have come to market without some form of serialisation of untrusted input. And the world would be a poorer place for that *shrug*

Re: Lay off Janet

"hardly anybody listens to Janet Jackson anymore." Which is absolutely untrue.

Indeed. She's got 5.5mil monthly listeners on Spotify. That's fully twice as many people as listen to Aqua's Barbie Girl each month..

Re: Publicity seeking bullshit

In neither of these places does US law .. apply

There isn't a nation on Earth that more resolutely applies it's laws overseas than the US does.

Re: Data damage come again ?????

I suppose, to be fair to them - and they don't deserve it - the data is only lost if you didn't make a backup. Having to restore from backups is therefore arguably a data damaged and in need of repair situation, and in this day and age Microsoft can fairly assume their users have backups because they should.

Assholes nevertheless.

Re: all of that grant money

The same hardware crops up in a number of their papers, I think it's just what they have. Honestly mathematicians rarely need good hardware. Either they spend a few days making their algorithm a thousand times faster, or it's this kind of result common in cryptography: "We show the primitive can be broken in 10^40 billion years instead of the expected 10^50 billion years", which doesn't benefit from computational resources at all.

Re: Verified Purchase

In general only 1-2% of real buyers leave a review

Better incentives from Amazon (rather than the seller) for real buyers to leave genuine reviews would help a lot, but right now with lack of competition and any relevant legislation Amazon have no motive to divert a significant slice of their margin to that. They would also point out their reviews are read by consumers who end up purchasing the item elsewhere so perhaps an industry-wide independently-incentivised review database is the answer. Would also require splitting Amazon into separate retailer and marketplace companies, so the marketplace side of them could independently manage reviews about Amazon's own products.

Even if they committed to all that Amazon's quote about achieving the goal of "Permanently ridding fake reviews" is worthy of a good chuckle.

Re: I've got zero faith in anything gov.uk says anymore...

Eh? It's not gov.uk though is it, it's opposition parties & back benchers. Almost all the signatories to this letter are all the same people and organisations who've been calling for the banning of facial recognition and biometric profiling for a long time. Linking it to the more recent concern on human rights abuses in China is a tactic to highlight the danger of being complacent about civil liberties here, and to gain more widespread support.

Re: There are two ways of taking over a country

The bill the UK paid was a tiny fraction of overall US Lend-Lease, mainly related to supplies which arrived after the end of the war and ended up being handed over on very favourable terms.

There were a few other quid pro quos, notably so called Reverse Lend-Lease from across the British Empire, and the Tizard Mission but overall the US deployed an awful lot of resources to shore up it's European allies against Facism and subsequently against Communism in the post-war period. Of course it reaped diplomatic and strategic rewards, but that's a longer subtler game than tired tropes about control over raw materials. The US has more than enough food and oil it doesn't need to go starting or supporting wars just to get more.

Re: Team Rule Of Law ?

Nevertheless the names really need some work. 'Team Authoritarian' would also point to the careful underpinning of everything they do by laws, enacted by a legislature (*).

Meanwhile many in 'Team Rule Of Law' point to their authoritarian internet censorship increasingly being rolled out, and with dubiously minimal electorate collaboration in some key areas.

(*) Or at least everything that would be done that way in a modern liberal democracy. Starting wars, and okaying diplomatically sensitive black ops of the kind Russia is frequently accused of, aren't typical legislature fare anywhere.

Re: No software can be trusted

Even the full time software security specialists put holes in their code. Doesn't matter who you are, your own vulnerabilities are the hardest ones to see.

Re: False-flags are a "feature"

That might be typical but it's not a given. The environment is different in that there are less laws to adhere to so for example reverse engineering and re-using a peer's software is fine. For nation states or particularly well motivated political groups in some cases the most important thing may well be to provoke misattribution rather than make an attack successful. Some of the best known historic 'kinetic' false flag operations weren't or were never intended to be successful attacks per se.

But you have a point, requesting it as a half-hearted feature late in the development cycle is going to be the cheaper and apparently more common scenario, for those who don't have the resources and foresight to develop a convincing false flag capability ahead of time. If you do you'll need a separate development effort for each entity you want the capability to impersonate. They'll need maintenance to stay current. And they'll be less effective the more they're used, especially if used carelessly enough to land on Kevin Mandia's desk. I suspect those factors have more to do the lack of evidence than any desire to create an international norm against false flag use.

A bit of a Google shows Europol names tend to be non-random but cryptic. Eg. Operation OPSON targets food crime because (apparently) opson means ‘food’ in ancient Greek. Operation Lake? Illegal trade in endangered eels (which is funny because a lake is about the worst place to look for trafficked eels where they hide among the non-trafficked ones).

What *is* random is the capitalisation. Sometimes Opson. Other times OPSON.

In my book capitalisation means shouty and tourniquet is never used in non-shouty situations so it feels appropriate in this instance.

SCISSORS!

TOURNIQUET.

GAUZE.

DAMNIT DOES ANYONE KNOW HOW TO USE A TOURNIQUET CORRECTLY?

Re: Every country does this. Every country whines about it.

I doubt any of that is the motivation for such announcements. It always feels more like:

- Our own counter-intelligence is awesome, we're on top of this stuff

- We've captured their thing (go us)

- We're watching what they're up to, so they better watch out!

- Average Joe don't panic

- Law-makers keep giving us the resources to do our jobs

- Security pros help us by looking out for these attack signatures

- And now here's a 30 second message from our partner Symantec

Re: There are several answers to this.

It's not helping him now though is it? Public opinion in the free world is firmly on Ukraine's side. In one move he's squandered what small vocal support he spent years building up. Even in Russia young people (who matter re revolution etc) fear arrest or worse and keep their heads down, but for the most part are not brainwashed.

Perhaps he needs to wash his own brain once in a while..

Re: "it looks like it's safest to only run Zoom while on active calls"

"keep a list of how many you find where the manufacturer took the effort to supply you with a real physical ON/ OFF button. One of those old fashioned concepts, common in the last century which sets power usage to 0W.

Spoiler alert: make sure you can reach that power plug easily..."

The problem nowadays is that the switch needs to be on the wall side of the transformer, typically dangling awkwardly in the middle of the power cord, and by the time you're there it's often easier to go for the wall.

Presumably somewhere there are power outlets with their own standby circuits that can be turned off over the cloud by a smartphone app... to save you the trip to the wall. A new LED to rage against.

Re: I

Plausible plot-twist that makes all this irrelevant: US buying cheap Chinese-made F35s before 2040

Re: Lazy

The irony is rape prosecutions are at an all-time low, in part because of the huge volume of unencrypted digital data the police trawl through now, and in part because victims don't tolerate those levels of intrusion into their data.

Perhaps some lessons could be learned before this issue burdens all the other crimes as well.

Re: Nice to see Apple pays out

Apple don't have a perfect track record of payouts either. In all these programmes most researchers ultimately end up at the mercy of the big company's charity and it'll remain that way until the industry sets up some kind of genuinely independent dispute resolution process. Which they have little incentive to do because headlines involving $100k feel good stories make bigger waves than bitter he-said she-said tales of individual and corporate grubbiness.

Re: What's the real function?

My experience was a lot of hours wasted hunting down motherboards where Secure Boot could be disabled. Valuable hours which could have been more enjoyably wasted on ballyhoo, furore and hoopla.

Re: What do you expect for £500,000?

Are Barnardo's chipping in a few quid too maybe? Very disappointed to see them wading into such a far-reaching political argument.

Re: Despite assurances from Western leaders and NATO commanders …

The sad reality is that such assurances can only be given now because Ukraine is unstable and under threat from Russia, and hence not actually wanted in NATO. Putin knows that so he can't simply withdraw the threat and leave Ukraine to it's own devices. The best case scenario now is probably that he judges an unstable Ukraine is more valuable than a wholly occupied Ukraine, and the threat of mega-sanctions is enough to dissuade him from formally annexing the eastern half.

Meanwhile he knows given half a chance the West would happily push Russia itself toward being a stable liberal democracy with NATO membership. That wasn't looking completely unlikely 20 years ago, and it's probably an even more desired scenario now since China's rise (for the West, but perhaps also for Russia's citizens). No words from temporarily elected politicians are going to change that long-term geopolitical reality. Even a dramatically signed international treaty won't do anything if a future Russian regime wants to tear it up - not that Putin's Russia respects international treaties much anyway.

Re: Grow a pair

"equally as repressive"

No. The Uyghur genocide is not remotely comparable Texas banning abortion, even if both are regrettable. Why do these kind of nonsense false equivalences come out of the wood work every time China is involved?

Re: Bit of a leap...

There's a tear-down in the link I gave above. Higher false positives than virtually any other lateral flow test so I think their optical reader was failing sometimes rather than the assay pad itself.

Re: Trust

"A database of known passwords and usernames, is highly valuable because it probably indicates just how un-unique most peoples passwords are"

Because of just how nonunique many passwords such a database doesn't need to be very big and good ones have been in existence for 2 or 3 decades (of course there's been some evolution in common passwords over that time). Troy's database is a different beast and really just levels the playing field for the good guys by giving access to information the bad guys already have.

Re: Technically fantastic but...

Highly doubt firing a single ASRAAM is going to cost the UK £200k. More likely it's one less obsolete Block 4 missile to decommission as the Block 6s enter service, a bunch of useful live fire data, and a shiny new page in the marketing brochure.

Re: Well...

On the bright side the ejection was absolutely timed to perfection. It's almost like they've practised that very specific failure condition..

It's never going to be tested in court if it's ridiculous enough. The offence has effectively been in place since RIPA 2000 came into force and any dumb prosecutions would surely have been reported by El Reg.

Re: No excuse

"I'm sick of people using Asperger's as an excuse for not facing punishment for their acts"

It's not actually the excuse. Suicide risk is the excuse (rightly or wrongly). Asperger diagnoses are being used as evidence of heightened risk of suicide (3 times higher risk according to a quick Google - I've no idea the veracity of that figure), but I'd hope a range of other type of evidence would do equally as well. We just don't see many of the other risk factors disproportionately represented among criminal hackers facing extradition to the US.

Re: programs that run but produce the wrong result don't really fall under the "security" heading

From the point of view of server security yes, but the client may have it's own security goals in opposition to the server ('no sensitive information is uploaded to our servers' type guarantees), and usually will be part of a joint goal with the server to secure the process against 3rd parties between them, or in other applications etc adjacent to the client.

"(e.g. enabling/disabling action buttons and menus.)"

A classic example of something a client can be responsible for the integrity of, with security implications when it fails.