Yeah "Recommendation"
"we recommned you pay us, or your nice pizzeria will no longer be protected by us. Also, your school children will not be protected either".
48 publicly visible posts • joined 6 Jul 2021
+ Raspberry PI, which is by now more than good enough for libreoffice, for personal webserving, SVN server, personal file server etc. Also for light WWW surfing.
+ Fujtsu Servers based on SPARC are a powerful alternative to Intel and their ME backdoor. https://www.fujitsu.com/us/products/computing/servers/unix/sparc/
+IBM Power https://en.wikipedia.org/wiki/IBM_Power_Systems
+ ARM
https://www.gigabyte.com/Enterprise/Rack-Server/R152-P30-rev-100
https://www.asacomputers.com/ampere-altra-arm.html
https://www.solid-run.com/arm-servers-networking-platforms/honeycomb-servers-workstation/#overview
We must actively use, buy or influence the buying of alternatives to the Wintel monopoly.
Please don't freak out, there have always been options to buy well-supported Linux machines. The more we buy from these vendors, the stronger they will be when we need them. Just don't expect to get a cheap communist Laptop without shackles.
See my other post.
(I admit to having bought communist computers in the past, but I will defintely not do this again)
Note that even with code signing, a complete swap-out of the brake/ESP control unit is probably possible in most cars today. The "hostile" brake control unit could have a radio receiver function for "disable brake".
In this movie plot, a car could "fly out of the curve" after receiving the signal from the baddies.
Again, who needs to kill somebody covertly ? And will the police not find the modified ECU ?
Automotive ECUs do have signed software update mechanisms and further security mechanisms.
Nevertheless, most CAN traffic is not authenticated these days (except for some special signals). An attacker could splice a hostile control unit into a CAN bus in order to mess with the signals.
Is it a problem ? Probably not, as the attacker could in this case simply mount a remote controlled handgrenade into the car and have the same bang for lesser bucks.
The car makers use crypto in order to protect their investment and make modifications harder.
Of course, without code signing, you could have the movie-plot idea of stealth, hostile code in the brake ECU doing seriously nasty stuff. Without the police putting the ECU under the microscope later. Realistic ?
Finally, authenticating all CAN messages would easily require 3x the bandwidth (can message is 64 bit, but authentication would require something like additional 64+128 bit) . Higher BW would probably require much more expensive wiring/cabling, which is why it is only done for special messages while 99% of CAN messages are not protected.
Of course one cannot assume that a refinery(or similar sized plants) with thousands of employees is totally free of bad apples. Compartmentalize the plant with physical access locks, have plenty of cameras and most importantly, have a plant-internal intel+security service which will find out funny stuff.
Run your employees through government intel databases to weed out the obvious criminals. Liaise with government on threats against your plant.
Never assume an "intranet computer" is always friendly.
All of these security measures require seasoned IT and security experts, it requires documentation and maintenance of the various measures. It requires managers who know what they are doing. And it requires a budget, something the beancounters obviously hate.
In the automotive world, CANbus is by default plaintext and not authenticated. If an attacker has access to your car's wiring, he can do a lot of damage.
BUT - the attacker could likewise cut your brake piping, damage the brakeplates, losen the screws of your wheels etc. According to some horrible DDR stories, the Stasi did exactly this in order to punish dissidents.
The "fix" to such issues is to
A) have proper physical security around your car and in/around your industrial plant. Everything from intel/security service, police down to plant security personnel. Dangerous people are kept away from your car by capable security experts(the real 007s) of your government.
B) Hide such bus systems from the outside world by means of PROPER firewalls. If remote access is needed, use SSH, stunnel, TLS, secure IP tunneling, SE Linux, seL4 etc. This will cost some money to set up.
All this handwringing revolves around the idea that everything must be secure without any additional cost, except for "patching".
Finally, Iran has a serious internal intelligence+security failure, which allowed enemy spies to physically access their PLC networks. I fail to see how more ciphering of PLCs would have saved them from this threat. Iran state security is weak, that is the core problem.
I do think you do not know the Russian soul and their patriotism. The average russian is not a globalist and they will stay loyal to Russia even if the current ruler is a bit nutterish.
The backbone of Russia are KGB and army officers who know how to motivate, improvise and organise. They also know how to bring the brightest people at one place to develop something great. They are also realists who would call off a costly war, because they are also students of history, economics, hard science and social sciences.
The current problem is the corruption and mediocrity at the top. The BMW-iphone-superyacht set.
https://en.wikipedia.org/wiki/Nikolai_Dmitriyevich_Kuznetsov
https://en.wikipedia.org/wiki/Kuznetsov_NK-93#Performance
https://en.wikipedia.org/wiki/NK-33
https://en.wikipedia.org/wiki/RD-180
(According to wiki the RD180 was not directly designed by Kusnetzov, but strongly influenced)
https://en.wikipedia.org/wiki/Vladimir_Kotelnikov
https://en.wikipedia.org/wiki/Nyquist%E2%80%93Shannon_sampling_theorem
Now imagine how we could work with them to make Airbus even better, if only we could find a way to go along without shooting and the little KGB antics...
Russia is more powerful than Bangla Desh because they have some outstanding well educated and experienced officers(of all branches of service), engineers, scientists, artists, musicians.
For example, General Kusnetzov, who designed and built a large rocket engine in the 60s, which is top notch even by todays standards. Americans chose to buy and use this engine. Or Mr Kotelnikov, who apparently did the same theoretical work as Mr Shannon in signal sampling theory.
Nevertheless, they have too few babies and a problem with corruption and (I assume) their national soul. But this can be said about almost all european nations.
We should really heal the soul instead of burning the youth in wars...
It must be said that wasting soldiers and officers is not new to the Russians. They did this 41-45 in enormous numbers. Stalin also murdered virtually his entire general officer corps, which certainly aided Germany to a great degree. But they had America on their side, plus the spirit of defending the rodina. Now they have none of this, just a notorious professional liar without principles at the helm.
Professional lying, deceiving and br4infucking seems to be their core competence (their leader comes from this sector of intel work), while everything else is on soviet or even much worse levels. For example, communications security is at 1910, battle of Tannenberg level. Plain text between general officers. No money for even primitive ciphers, because they need to show off the 150m yachts.
The Moscovites have the ELBRUS CPU, which is a 64 bit, 1.5MHz VLIW processor. It is completely homegrown, including the C++ compiler. Its the brain of the high SAMs they have. Other applications I can only guess, such as aerospace, marine and the T14 tank, which needs powerful sensor processors.
I benchmarked it and found it as fast as a RPI4, without using the parallel processing.
They have a fab in Zelenograd which apparently can do 65nm chips.
Can it be used for banking ? Surely, if they get rid of the Java Bloat and apply their brains to the problem instead of the Intel-SUN Fat.
How will this work out economically and militarily ?
Surely it will degrade their high end processing and AI* capabilities as compared to those who have access to TSMC and Samsung.
Now is the time for Russian intelligence to show what they can. So far we have seen mostly corruption, incompetence and hybris. Compensated by wasting soldiers and officers. They would be very wise to end this war and recognize their grave mistake.
* a very real thing, as the HAROP drone proved in Armenia recently.
Creating a european competitor to IPhone and Android requires a very smart strategy and a certain amount of capital.
BUT - remember that we once were leaders in mobile phones through Nokia. We were leaders in developing the (then) state of the art digital phone standard GSM !
We have all the pieces required:
+Qt as the GUI
+Linux or FreeBSD as OS
+ARM CPU
+Canonicals Ubuntu Touch
+Olimex
+ublox creating modems and GNSS receivers
+seL4 high security microkernel
So - the pieces must be put together and a bit of polish applied. Probably start with a chinese HW platform and just port the software initially. In Generation 3 we could switch to hardware made in Bulgaria, for example.
Unique Value Proposition: Root Access for Everybody and No Spyware Whatsoever. Neither Apple nor Google can deliver that.
Of course we would need some sort of "IT-Airbus" to tie this together, do the marketing, sales, logistics, coordination and of course finance.
Well, it seems most IT clients have figured they can go directly to Tata, EPAM, IBA, Wipro and Infosys. They dont need to splice IBM or HP in between them and the low cost engineers.
Or they go to Google, Amazon, 1&1, Hetzner and MSFT for cloudy stuff.
And if something is mission critical, there are specialist development consultancies around, with much better engineers than you can ever get from the "computer" companies.
IBM can by now only attract expensive sales reps and cheap engineers.
There are some companies around who value "old age", highly skilled engineers. I know of one search engine behemoth who does.
IBM shoots itself in both of their feet by laying off their highly experienced talent.
It seems they want to go to die and a fully young staff will facilitate corporate death.
I always compile with
g++ -Wall ...
And I will fix any warning before I proceed to perform developer tests.
But this does not mean g++ will tell me all the memory safety issues that rustc would tell me in equivalent code. It simply is impossible for a C++ compiler to detect the same types of bugs as a Rust compiler can find. This follows from the language specifications.
Maybe by 2025 the C++ folks have added the same memory safety mechanisms as Rust in their language spec, then you might have a point then.
There have been quite a few non-C based operating systems, some of which are arguably safer than Unixoids/Windows, because they use bounds checking inside the kernel.
Here is a small list of them:
https://en.wikipedia.org/wiki/Burroughs_large_systems
https://en.m.wikipedia.org/wiki/ICL_2900_Series
https://en.wikipedia.org/wiki/Singularity_(operating_system)
https://en.wikipedia.org/wiki/HP_Multi-Programming_Executive
Finally, a Rust-based OS, which already works in a prototypical fashion:
https://www.redox-os.org/
In my experience with memory safe languages, bounds checks cost about 10% more CPU Runtime. Modern CPUs seem to perform the bounds check and the access "virtually" in parallel (speculative execution).
It is time to admit humans are NOT perfect "code generators". If we can mitigate the effects of our imperfect work, that is very good in my opinion.
So if Google wants to do something against the obvious security risks of the Linux kernel, you come here shouting and changing the subject to ChromeOS.
Maybe you just learn something new and better than what you already know ?
Or maybe you listen to Sir Tony Hoare and what he has to say about memory safety.
C++ has exactly the same problems as C, if used naively. For example, std::vector::operator[] is not bounds checked. If you dont use RAII, heap errors are almost preprogrammed.
Most importantly, C++ has no multithread-safe memory concept whatsoever. Best of luck debugging multithreaded memory errors.
You make it look as if the only problems of C are related to strings. This is just a subset of all memory safety errors which occur in practice. All C arrays potentially suffer from index errors. All C heap memory suffers from use after free, double frees and unitialized pointers. Have a look at the CVE database to get real world data.
The people who wrote the HPUX ping of death bug were most likely seasoned developers, not rookies.
Same goes for the many bugs in Windows, in Adobe flash and PDF, in TrueType, Unix utilities and hundreds of thousands of other places. The first time Unix userland utils were run using valgrind, there were loads of memory errors detected.
Your cute "small" language C has created an enormous amount of exploitable bugs. The Linux guys seem to attempt a gradual conversion to Rust.
It definitely makes sense given the history of bugs in the Linux (and many other C-programmed) kernels.
Will it work out ? We will see.
There are some highly interesting kernels such as seL4 around and they also use Rust for their higher level/application parts.
https://www.zdnet.com/article/microsoft-70-percent-of-all-security-bugs-are-memory-safety-issues/
https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/
Using C and C++ is like not using an ABS brake, "because I know how to properly brake".