|
Earlier this year, the Central Intelligence Agency informed its counterparts in Australia, Canada, New Zealand, and the UK that Chinese technology company Huawei has received funding from the Central National Security Commission of the Communist Party of China, the People’s Liberation Army, and a “third branch of the Chinese state intelligence network,” according to The Times. There's an awful lot of uncertainty in this article. Reader be warned!
|
|
|
|
|
Sean Ewington wrote: There's an awful lot of uncertainty in this article. Uncertainty?
About truth?
When the CIA is involved?
Don't be silly!
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Please correct me, but did the 90s boom of the internet not have red flags regarding American government inital development of the internet and weather it was safe enough to use for foreign countries in fear that the America Department of Defence might have a backdoor?
|
|
|
|
|
Microsoft has become the third US company to pass a market cap of $1 trillion. The software giant passed the milestone briefly today after a jump in stock price today following strong fiscal Q3 earnings. Congratulations, Microsoft!
|
|
|
|
|
It's a shame that it's all because of cloud and subscription services, and has nothing to do with the quality of their software.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Perhaps they could spare a million for QA
|
|
|
|
|
Nope, that's not in the budget.
"They have a consciousness, they have a life, they have a soul! Damn you! Let the rabbits wear glasses! Save our brothers! Can I get an amen?"
|
|
|
|
|
Software mitigations are an unsustainable path
Fortunately or unfortunately, our offensive research advanced much faster than our defensive research, and we quickly discovered that software mitigation of all possible leaks due to Spectre was infeasible. This was due to a variety of reasons. First, the engineering effort diverted to combating Spectre was disproportionate to its threat level. In V8 we face many other security threats that are much worse, from direct out-of-bound reads due to regular bugs (faster and more direct than Spectre), out-of-bound writes (impossible with Spectre, and worse) and potential remote code execution (impossible with Spectre and much, much worse). Second, the increasingly complicated mitigations that we designed and implemented carried significant complexity, which is technical debt and might actually increase the attack surface, and performance overheads. Third, testing and maintaining mitigations for microarchitectural leaks is even trickier than designing gadgets themselves, since it’s hard to be sure the mitigations continue working as designed. At least once, important mitigations were effectively undone by later compiler optimizations. Fourth, we found that effective mitigation of some variants of Spectre, particularly variant 4, to be simply infeasible in software, even after a heroic effort by our partners at Apple to combat the problem in their JIT compiler.
Fortunately, one of their existing features that has long been sponsored by DRAM manufacturers - isolation via a zillion processes - does appear to work.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
I read it as "Why the Hell should we invest on keeping our users safe, when our people can spend that time on screwing advertising bucks out of them by finding new ways to steal their personal data?"
I'm pretty sure that if we went through what they spend all their money on, my interpretation will turn out to be the correct one.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Quote: ...of all possible leaks... (my emphasis)
With a straw man like that, you can say anything.
|
|
|
|
|
I think the key point is in this sentence : Quote: the engineering effort diverted to combating Spectre was disproportionate to its threat level. I agree fully. In my opinion Spectre poses no threat worth worrying about. That's because it can only acquire random data on a random basis. You/we are far better off taking steps to prevent malware from executing in the first place than worrying about that.
"They have a consciousness, they have a life, they have a soul! Damn you! Let the rabbits wear glasses! Save our brothers! Can I get an amen?"
|
|
|
|
|
As the blog post explains, if a password is never stolen, there's no need to expire it. And if a password is suspected to be stolen, you would want to act immediately, not wait until the expiration date. Forced updates also lead to more users writing their passwords down or forgetting them altogether. Plus, as Microsoft puts it, "if your users are the kind who are willing to answer surveys in the parking lot that exchange a candy bar for their passwords, no password expiration policy will help you."
So, does anyone know where the candyman is? I'm asking for a friend.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
Jes' correctin' whut done needs correctin'
So they've finally caught up on what the non-stupid amongst us knew thirty years ago.
My gast could not be less flabbered.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
One group less... I hope IT Chiefs, IT Hotlines and moron Webmasters are next
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Quote: lead to more users writing their passwords down
That's the best form of security. I have well over 100 accounts with passwords; either it's P@ssword! or writing them all down (albeit in a secure place.)
|
|
|
|
|
Last week, after seven years of work, Nintendo fan ZeroPaige finally released a working port of Super Mario Bros. for the Commodore 64. Just Nintendo things.
|
|
|
|
|
I'm not sure what shocks me more, that someone is willing to spend seven years to recreate Super Mario or that there's apparently a thriving C64 hobbyist scene
And come on, Nintendo, it's not like you're losing sales over this or it costs you anything or whatever, so why take it down AFTER SEVEN YEARS OF HARD LABOR?!?!
|
|
|
|
|
Actually, if Nintendo did nothing they could lose their trademark.
|
|
|
|
|
Not sure how, but that's perverse
I mean, there's plenty of fan fiction, fan art, fan everything (not for Mario specifically, but for any fictional character).
|
|
|
|
|
I couldn't write jokes this funny.
Mind you, I'm not Japanese, and I don't do jokes.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Windows 7 users have started to report the appearance of a pop-up message from Microsoft informing them that support for the operating system is coming to an end. Goodbye my friend will I ever love again
|
|
|
|
|
|
For two periods last year, those using preview builds of Windows 10 could access a feature called Sets: a tabbed interface that was eventually to allow tabs to be put in the titlebar of just about any window. Come. We will honour Sets memory. *grabs kazoo*
|
|
|
|
|
Let's get real, here.
As ms currently is, they'd have F***ed it up really badly, so we're better off using third-party stuff, anyway/
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Don't bother with Stardock's Groupy. It causes far more problems with Excel than it ever solves. Could be a good product, but low levels of service and denial of the problem means updates don't exist
|
|
|
|