New Destover Malware Signed By Stolen Sony Certificate
Well, it wouldn't be the first Sony-signed rootkit...
Google Maps Crunches Data, Tells You When To Drive On Thanksgiving
Driving ON the holiday is much, much easier than driving the day before.
It's cheaper and there's less airport chaos if you fly on Thanksgiving or Christmas.
New Music Discovered In Donkey Kong For Arcade
As another example, in January 2013, I discovered a cheat code in the SNES RPG Breath of Fire 1 that allows you to create a save file at a few key locations in the story. This cheat code sat hidden for about 20 years, and it wasn't until I came along and reverse engineered the game that it showed up.
Link to it: click me. Sorry for the quality; it is a really difficult thing to record when your only recording device is an iPad and there was nobody home at the time. Not to mention how hard it is to do that controller sequence and record with only two hands.
How English Beat German As the Language of Science
The point is that claiming "things are worse than ever" is pretty silly in a country where it used to be common for people to own slaves.
Except that it was never common to own slaves. Slave ownership was primarily among Southern aristocrats--your average white Southerner wasn't rich enough to afford one.
Still laughed, though. <3
Spot ET's Waste Heat For Chance To Find Alien Life
The new approach, dubbed G-HAT for Glimpsing Heat from Alien Technologies, makes no assumptions about what alien civilisations may be like
Such assumptions as, that alien life has not found a way around the Second Law of Thermodynamics?
Interviews: Ask Bjarne Stroustrup About Programming and C++
Screw ancient architectures and minor compiler optimizations. I'd rather have my binary math work like all of us were taught in discrete math classes. Not to mention not have my machine pwned by the mob because a programmer didn't realize that their security check was removed for being undefined behavior.
Interviews: Ask Bjarne Stroustrup About Programming and C++
Signed integer overflow is undefined. That is, in C++, overflowing a signed integer is considered to be equally bad as dividing by zero. Combined with modern compilers, this is resulting in exploitable security bugs in many programs.
Programmers have been taught for decades about two's-complement integer arithmetic and how it overflows. As a result, many of us who don't know about signed integer overflowing being undefined are making "mistakes" like assuming that it wraps as we were taught.
The reason that C++ considers signed integer overflow to be undefined is because of non-two's-complement machines. Such machines pretty much don't exist anymore. Why does C++ insist upon keeping such requirements around, when it is wreaking security havoc on everyone else?
Can We Call Pluto and Charon a 'Binary Planet' Yet?
Well, Earth has an unmanned expeditionary mission that will take pictures of Charon in July 2015 =^-^=
New Russian Law To Forbid Storing Russians' Data Outside the Country
As another pointed out, Russia isn't anywhere near the first country to do this; in fact, doesn't the European Union require it Union-wide?
Anyway, I'm most curious how the Kremlin defined "personal". Being that a lot of us are software industry programmers, product managers, etc., it'd be useful to know what kind of changes we need to make to our respective companies' international back-end infrastructure.
Interviews: Ask Andrew "bunnie" Huang About Hardware and Hacking
...and Andrew/bunnie doesn't answer them, I can. I'm very briefly mentioned in the book under a different Internet name that I'd rather not say here.
I was the person who figured out how to dump the second version of the MCPX's secret boot ROM without having to repeat the HyperTransport bus tap craziness that Andrew did in the first place. Namely, the A20M# attack, which was much easier to do. (If Andrew hadn't done his original attack, though, we wouldn't have had the knowledge necessary to pull off my attack. <3 Andrew)
We kept the A20M# attack secret until the 360 was released, in case another MCPX silicon revision was released. It turned out that Microsoft had, in fact, coded a new MCPX ROM to defeat many of the exploits used to hack Xboxes - they just never released it, probably because it would've cost a fortune for what was then a console in its late stages. We didn't find out about this MCPX ROM update until some people looked into how the Chihiro arcade boards worked in 2014, which showed the new MCPX code in the debug ROMs. The A20M# attack still would have worked on this design - it was an attack on entire secret boot ROM design, not the MCPX ROM's code =)
Hawaii's Oahu Used To Be a Bigger Island
I'll probably sound crazy for asking this, or get modded off-topic, but... My understanding is that the scenario in the movie Waterworld can't happen by melting the polar ice caps because there isn't enough water frozen in them to rise enough enough to cover the continents. Goodbye to Florida and similar areas, but most of the continents would remain. (And thanks to global warming, we'll likely see that scenario... >.<)
But it seems to me as though one way in which it could happen is if we greatly expanded our use of geothermal power, to the point that we exhausted the energy driving plate tectonics. (Hopefully most of the leftover heat would escape into space, or we'd really be screwed.) Then the continents would gradually erode until the solid surface of Earth was at an even level, at which point the existing ocean would completely cover Earth.
To use that much geothermal energy seems pretty ridiculous, though. Just some random Myria musings...
Surface Pro 3 Has 12" Screen, Intel Inside
The Surface Pro, like any other x86 PC that comes preinstalled with an OEM version of Windows 8/8.1, is locked down with Secure Boot UEFI. However, Microsoft follows its own rules--the Surface Pro also meets their own requirement that the BIOS allows you to disable Secure Boot given physical access.
Also, I believe that the Surface Pro's preconfigured UEFI Secure Boot NVRAM contains the Microsoft "Third Party Marketplace" UEFI certificate, which if true would mean that the Surface Pro would out-of-the-box recognize, as an example, the Secure Boot-compatible GRUB2 on the 14.x x86-64 Ubuntu disks as legitimate. I don't have a Surface Pro to check this, however.
Microsoft Confirms It Is Dropping Windows 8.1 Support
Yes, apple want you to upgrade to iOS 7, but if you don't want to (or can't because your hardware is too old) they still provide security patches for iOS 6.
The last update was iOS 6.1.6 in Feb:
6.1.6 was only released for devices that cannot run iOS 7. If you have a device that can run iOS 7, you had to upgrade to iOS 7 in order to get the important security fix, even if the device had iOS 6.x at the time. There was never an iOS 6.1.6 released for iPad 2 or 3, for example.
If they had released an iOS 6.1.6 for iPad 2/3, it would've allowed downgrading from iOS 7.x to iOS 6.x then jailbreaking, something Apple hates with a passion.
OpenSSL Bug Allows Attackers To Read Memory In 64k Chunks
Chrome just uses the operating system for a lot of the certificate validation of HTTPS, so it can be vulnerable to security holes that apply to the operating system. Chrome wasn't vulnerable to "goto fail", but presumably it has been vulnerable to others in Windows and Mac OS.
Subversion Project Migrates To Git
(Technically, as Git is SVN compatible, so you could get this effect simply by using Git 'locally'.)
git2svn has a problem that we ran into recently: because git does not support hierarchical branching, if you do not keep all your branches in a single Subversion directory, it will take an excessively long time for a local git repository to synchronize with a Subversion repository.
For example, let's say that you have the typical /branches directory in Subversion. Now user "myria" comes along, and she wants to make her own directory of branches so that her own branches don't pollute the /branches directory. She does an svn copy of /trunk to /branches/myria/new-crypto. Now git2svn tries to import this change from Subversion into a local git repository and takes three hours. Why?
Because git doesn't support hierarchical branch names, from git's naive perspective, what Myria has done is make a copy of the entire repository into a new directory named "new-crypto" inside of her "myria" branch. Git does not interpret her commit as a creation of a branch - it sees "myria" as the branch, and "new-crypto" as merely a directory within the branch. Subversion gives no special meaning to the directory named "branches", so git2svn is simply using a hack of assuming that the "branches" directory contains objects that it can convert into git's branch objects. Git thus sees her commit as one giant commit of 100,000 files, and consequently takes forever processing it.
The above was a recently-encountered real-life situation at the office from about two weeks ago.
Adaptation From Flash Boys Offers Inside Look at High-Frequency Trading
80% of firms CANNOT beat the S&P in the same timeframe.
Long-term, it's unsustainable for any company to beat the stock market as a whole. I wish I could find the Warren Buffet quote on this matter.
TrueCrypt Master Key Extraction and Volume Identification
Why can't there be SATA controllers with drive encryption support? Your drive encryption program could then just be an expansion UEFI ROM card that prompts you for your password and sends it to the SATA controller, then erases it from main memory. There's no need to do anything else after that point, because encryption and decryption would be completely transparent to all software on the system.
Simulations Back Up Theory That Universe Is a Hologram
So this means if a tree falls in the forest and no one was listening, it wouldn't be simulated and therefore would not make a sound. That was easy...
So long as it is provably impossible for anyone to feel or notice the effects of that sound for all of eternity, yes, a simulation could get away with not simulating it. Provable impossibility in our Universe would be something happening outside the light cone of the simulated area.
Microsoft May Finally Put Windows RT Out To Pasture
If they hadn't locked it down, Windows RT could have just been another target to which developers could recompiled their software and that would have kick-started the application ecosystem somewhat. It would have been with desktop applications, though, which Microsoft considers deprecated. Desktop applications also don't work with touch control very well and more importantly don't make Microsoft any money.
It seems as well that Microsoft wanted the locked-down environment to prevent Windows RT from having viruses, an inevitable side effect of open development. Many more people bought the virus-laden Surface Pro than the Surface RT, so maybe people like their viruses =)
Microsoft May Finally Put Windows RT Out To Pasture
Was it because of the OS that the Surface did not have cell data support???
Myria has no journal entries.