Author Archives: pappp

Source: The Truth About Guns

The United States Supreme Court has struck down New York’s “proper cause” or “may issue” requirement for obtaining concealed carry permits in a 6 to 3 opinion handed down today in New York State Rifle & Pistol Association v. Bruen. This is the case that was a second bite at the apple, challenging New York’s “may issue” concealed carry restrictions after the case that was argued in 2019 was declared moot when the New York changed its laws to avoid an adverse high court ruling.

Continue reading BREAKING: Supreme Court Strikes Down New York’s ‘May Issue’ Concealed Carry Law at The Truth About Guns.

Source: Hacker News

Source: Hacker News

Source: Hack a Day

If you want the classic experience of working with an IBM mainframe or another classic computer like a DEC VAX, you have a few choices. You could spend a lot of money trying to find one, transport it, and refurbish it. But, of course, most of us will settle for an emulator. While there are great emulators out there, most of the time you aren’t interested in running just the bare machine — you want the operating systems, the compilers, and the other software that made these machines so interesting. Running your three lines of machine code isn’t as much fun as playing hunt the wumpus or compiling some Fortran IV code. Unfortunately, finding copies of all this old software can be daunting. But thanks to the efforts of [Rattydave], you can do it with no problems at all. The secret? Pre-built docker images that have everything you need in one place.

In addition to IBM’s MVS, VM370, and TSS,  you can also run Multics — the predecessor to Unix — on a collection of computers from DEC, HP, and DG, and even a Cray 1 supercomputer. There are good instructions, although some of the machines do take a little work. For example, the TSS image notes:

This is not a ready to run system. You need to IPL 250 and then you can control via the telnet connection. (If you dont know what IPL 280 means then this container is not for you.)

We aren’t sure if both of those are supposed to be 250, or both 280, or if that sentence even makes sense as-is. It has been a long time since we IPL’d an IBM computer. We think they both should be 250.

The collection has a lot of SIM-H machines including the Altair 8080 with and without a Z80 CPU, an IBM 1130 and many others that probably still need some attention to get working.

Of course, you still need to know how to work the computer in question, although the notes for each image will help you get at least a foothold. You probably ought to know a little about docker, too, although just to use it, it isn’t all that hard. Plus if you start using docker, you’ll find a lot of different uses for it.

Source: Hacker News

Source: Hacker News

Source: Engadget

Politicians are determined to put a stop to brokers who compromise privacy by selling your data. Motherboard has learned Elizabeth Warren and other senators are introducing a bill, the Health and Location Data Protection Act, that would ban brokers from selling or transferring a person's medical and positional info outside of limited circumstances. The main exceptions would include HIPAA-compliant activities (such as sharing patient records between facilities) and First Amendment-protected speech.

The legislation would also give the Federal Trade Commission $1 billion over the next decade to help fund enforcement. The FTC, state attorneys general and individuals would also have the power to sue and seek injunctions. Bill cosponsors include longtime data privacy advocate Ron Wyden as well as Bernie Sanders, finance committee chair Patty Murray and HELP committee chair Sheldon Whitehouse.

The act comes in response to numerous instances where companies and government bodies violated privacy by purchasing data through brokers. Bounty hunters bought location data from carriers, for instance, while Google banned a company last year for allegedly selling Android location data indiscriminately. Critics have also accused agencies like ICE and the Secret Service of buying location info through brokers to get data that would normally require a warrant. At the same time, lawmakers are worried about access to abortion seekers' data when the Supreme Court is expected to overturn Roe vs. Wade. This measure could limit anti-abortion politicians and activists hoping to target patients.

Protection bills like this aren't new. Wyden's stalled Fourth Amendment is Not for Sale Act would require agencies to obtain warrants for location data. This would represent one of the most sweeping data controls yet if it became law, however, and reflects mounting opposition to companies that profit from trading sensitive content.

Source: Ars Technica

Enlarge

Microprocessors from Intel, AMD, and other companies contain a newly discovered weakness that remote attackers can exploit to obtain cryptographic keys and other secret data traveling through the hardware, researchers said on Tuesday.

Hardware manufacturers have long known that hackers can extract secret cryptographic data from a chip by measuring the power it consumes while processing those values. Fortunately, the means for exploiting power-analysis attacks against microprocessors is limited because the threat actor has few viable ways to remotely measure power consumption while processing the secret material. Now, a team of researchers has figured out how to turn power-analysis attacks into a different class of side-channel exploit that's considerably less demanding.

Targeting DVFS

The team discovered that dynamic voltage and frequency scaling (DVFS)—a power and thermal management feature added to every modern CPU—allows attackers to deduce the changes in power consumption by monitoring the time it takes for a server to respond to specific carefully made queries. The discovery greatly reduces what's required. With an understanding of how the DVFS feature works, power side-channel attacks become much simpler timing attacks that can be done remotely.

Read 9 remaining paragraphs | Comments

Source: Hacker News