Article note: Neat, someone rigged a syscall emulation layer for Switch OS calls on ARM64 Linux.
There's some neat discussions with the Wine/Kernel folks about rigging seccomp or BPF to intercept Windows syscalls for WINE acceleration in the same manner, so it might be one of those things that comes in a self-supporting wave.
Article note: This is very elegant, let's teach people to reason this way.
My personal definition of a brilliant idea is one that is immediately obvious once it’s explained, but no one has thought of it before. I can’t believe that no one has described this taxonomy of access control before Ittay Eyal laid it out in this paper. The paper is about cryptocurrency wallet design, but the ideas are more general. Ittay points out that a key—or an account, or anything similar—can be in one of four states:
safe Only the user has access, loss No one has access, leak Both the user and the adversary have access, or theft Only the adversary has access.
Once you know these states, you can assign probabilities of transitioning from one state to another (someone hacks your account and locks you out, you forgot your own password, etc.) and then build optimal security and reliability to deal with it. It’s a truly elegant way of conceptualizing the problem.
Article note: The effort is commendable, but I'm not really sure how they realistically plan to put this genie back in the bottle.
The Federal Trade Commission has kicked off the rulemaking process for privacy regulations that could restrict online surveillance and punish bad data-security practices. It's a move that some privacy advocates say is long overdue, as similar Congressional efforts face endless uncertainty.
The Advanced Notice of Proposed Rulemaking, approved on a 3-2 vote along partisan lines, was spurred by commercial data collection, which occurs at "a massive scale and in a stunning array of contexts," FTC Chair Lina M. Khan said in a press release. Companies surveil online activity, friend networks, browsing and purchase history, location data, and other details; analyze it with opaque algorithms; and sell it through "the massive, opaque market for consumer data," Khan said.
Companies can also fail to secure that data or use it to make services addictive to children. They can also potentially discriminate against customers based on legally protected statuses like race, gender, religion, and age, the FTC said. What's more, the release said, some companies make taking part in their "commercial surveillance" required for service or charge a premium to avoid it, employing dark patterns to keep the systems in place.
Article note: Now what entirely foreseen recent event could have suddenly caused them to do that? It couldn't have to do with the christian nationalist takeover of parts of our government subpoenaing them under our fucked-up third party doctrine to prosecute people for medical care?
Meta has long been working on end-to-end encryption for its messaging products, but so far, only WhatsApp has switched on the privacy feature by default. In its latest update about its efforts, Meta said it will start testing default end-to-end encrypted chats for select users on Messenger. Those chosen to be part of the test will find that some of their most frequent chats have been automatically end-to-end encrypted. That means there's no reason to start "Secret Conversations" with those friends anymore.
The company is also testing secure storage for encrypted chats, which gives users access to their conversation history in case they lose their phone or want to restore it on a new device. To be able to access their backups through security storage, users will have to create a PIN or generate codes that they'll then have to save. Those two are end-to-end encrypted options and provide another layer of protection. That said, users can also opt to use cloud services to restore conversations — those with iOS devices, for instance, can use iCloud to store the secret key needed to access their backups. Meta will also begin testing secure storage this week, but only on Android and iOS. It's still not available for Messenger on the web or for unencrypted chats.
The other tests Meta is rolling out in the coming weeks include bringing regular Messenger features to end-to-end encrypted chats. It will test the ability to unsend messages and to send replies to Facebook Stories as encrypted chats, and it's also planning to bring end-to-end encrypted calls to the Calls Tab on Messenger. Ray-Ban Stories users will be able to send encrypted hands-free messages through Messenger, as well.
In addition, Meta is launching a new security feature called Code Verify, which is an open-source browser extension for Chrome, Firefox and Microsoft Edge. As its name implies, it can verify the authenticity of the Messenger website's web code and ensure that it hasn't been tampered with. As for Instagram, the company is retiring the app's vanish mode chats, which aren't encrypted, while also expanding ongoing tests for opt-in end-to-end encrypted messages and calls on the service.
All of these are part of Meta's preparations as it works its way towards the global rollout of default end-to-end encryption for messages and calls on its services. It plans to launch even more tests and updates before its target rollout sometime in 2023.
Article note: I don't feel like fighting my way to the full paper right now, but color perception is so fucky it would not surprise me *at all* if this adaptation was specific to the stride they used for their gradations.
Last summer I posted about some tiny stepper motors from the internet, thinking about them as an alternative to mechatronic standbys like those terrible SG90 type servos or larger and differently terrible 28BYJ-48 geared steppers driven through a ULN2003.
At the time, I tried one with an A4988 stepstick from the top of my parts bin, and it didn’t work, so I figured there was some limitation and stuck to directly driving with H-bridges. …it turns out the “limitation” was that the cheap current-setting potentiometer on that particular stepstick was broken so it was driving no output current.
Discoveries:
Those little bipolar stepper motors work fine with bipolar stepper drivers.
Generational gains in bipolar stepper driver ICs are substantial (eg. A4988 -> TMC2208).
The venerable 28BYJ-48 unipolar stepper motor is easily modified to run from bipolar drivers.
Article note: Just paraphrasing my comment in the HN discussion on my own medium:
The 432 was the first of Intel's many expensive lessons about the problems with extremely complicated ISAs dependent on even more sophisticated compilers making good static decisions for performance. Then they did it again with the i860. Then they did it again with Itanium.
Some reasonably substantiated opinions:
1. Highly sophisticated large-scale static analysis keeps getting beaten by relatively stupid tricks built into overgrown instruction decoders, working on relatively narrow windows of instructions.
2. The primary reason for (1) is that performance is now almost completely dominated by memory behavior, and making good static predictions about the dynamic behavior fancy memory systems in the face of multitasking, DRAM refresh cycles, multiple independent devices competing for the memory bus, layers of caches, timing variations, etc. is essentially impossible.
3. You can give up on a bunch of your dynamic tricks and build much simpler more predictable systems that can be statically optimized effectively. You could probably find an good local maxima in that style. The dynamic tricks are, however, unreasonably effective for performance, and have the advantage that they let you have good performance with the same binaries on multiple different implementations of an ISA. That's not insurmountable (eg. the AOT compilation for ART objects on Android), but the ecosystem isn't fully set up to support that kind of thing.
I’ve been biking a fair amount lately after a 20-odd year hiatus; I decided last year that I wanted to start biking, bought a Giant Escape 3 Disc near the end of summer, but didn’t get confident enough riding to use it around campus last year among the students texting their way to their first (next?) vehicular manslaughter charge before they flocked back.
This summer, I’ve been dong my commute into campus on it, plus a significant amount of fun/exercise riding, and the top fixable annoyance has become getting sprayed at the slightest hint of wet. I did some hackin’ that I haven’t seen on the interwebs to fit the fenders I picked to the frame, which is the point of this post.
Article note: The search method is neat, they found that the collection of known processor vulnerabilities in pairs (every transient execution vulnerability had a static ISA vulnerability with the same underlying mechanism)... except for one where there were only known transient attacks. So they built tools to hunt for it, and sure enough, ISA vulnerability. Which renders SGX useless (again). Demonstrating, once again, that high-complexity ISA features will cause bugs, either by implementation bugs or interactions.
Intel’s latest generation of CPUs contains a vulnerability that allows attackers to obtain encryption keys and other confidential information protected by the company’s software guard extensions, the advanced feature that acts as a digital vault for security users’ most sensitive secrets.
Abbreviated as SGX, the protection is designed to provide a fortress of sorts for the safekeeping of encryption keys and other sensitive data, even when the operating system or a virtual machine running on top is maliciously compromised. SGX works by creating trusted execution environments that protect sensitive code and the data it works with from monitoring or tampering by anything else on the system.
Cracks in Intel’s foundational security
SGX is a cornerstone of the security assurances many companies provide to users. Servers used to handle contact discovery for the Signal Messenger, for instance, rely on SGX to ensure the process is anonymous. Signal says running its advanced hashing scheme provides a “general recipe for doing private contact discovery in SGX without leaking any information to parties that have control over the machine, even if they were to attach physical hardware to the memory bus.”
When religion and politics travel in the same cart, the riders believe nothing can stand in their way. Their movements become headlong – faster and faster and faster. They put aside all thoughts of obstacles and forget the precipice does not show itself to the man in a blind rush until it’s to late.