Slashdot: News for Nerds


Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Bastardi's Wager

SiliconEntity Been there done that (672 comments)

Take a look at to see an earlier example. A similarly (un)qualified guy offered to bet that temperatures would be unchanged over ten years. He tried to get Al Gore to bet, of course without success. So he started this website to track who would have won. At first it looked good for him and he updated regularly, crowing about his success. But then things changed and started warming up. Now the website is abandoned. He didn't have the guts to document his failure. I imagine much the same will result from this new bet.

more than 3 years ago

The Galaxy May Have Billions of Habitable Planets

SiliconEntity Paging Carl Sagan... (380 comments)

Shouldn't that be "billions and billions"?

more than 3 years ago

NASA Working On Solar Storm Shield

SiliconEntity Re:Mitigate it? (85 comments)

I've only heard of long transmission lines being affected, miles long or even hundreds of miles. A house should be fine. The only thing I'd worry about is a spike coming in from the grid itself, if all their insulators and transformers fail. I have no idea how big that might be by the time it got to you.

more than 3 years ago

FSF Announces Hardware Endorsement Criteria

SiliconEntity What is true freedom (273 comments)

I know people have trouble accepting it, but I want to offer once again the philosophical principle that true freedom implies the right and ability to commit yourself and to constrain your future actions. This principle should be very acceptable to the FSF, because it is the basis for their argument that the GPL is more free than BSD style licenses. Superficially, the BSD is more free, because it let's you do whatever you want. But the FSF argues that the GPL is actually freer, because it let's you do whatever you want only as long as you let others do whatever they want with the result. Imposing this limitation on freedom, paradoxically, increases freedom.

And really, this should not seem paradoxical, because we see the same principle all the time in everyday life. Every time someone signs a contract, he commits to performing certain actions and thereby limits his own freedom. The same thing happens when two lovers promise to be faithful. The point is that the essence of true freedom requires the ability to voluntarily limit your own freedom.

This is where the FSF, along with much of the network community, has gotten off on the wrong foot with some of these hardware technologies, in particular Trusted Computing. These technologies allow you to make credible commitments to limit your own freedom. You can promise to run only certain software to handle certain data, and failure to honor your promise can be detected.

It should be clear that, as with contract, marriage, and other areas where we make binding commitments, as long as these kinds of promises are voluntary, allowing them actually enhances freedom. Yet the FSf doesn't see it that way. They are so angry and upset at the notion that people may make promises only to run certain code that they are doing all they can to make such promises impossible to make credibly.

I can understand the concerns that these technologies could be made mandatory. That would obviously be an unacceptable infringement on freedom. But we don't eliminate marriage just because some people are unfairly forced into marriage in certain cultures. We don't eliminate contract just because some are coercive. We fight the unjust arrangements while recognizing the value of a system which allows people to make binding commitments.

The same approach should be applied to Trusted Computing. We should support voluntary adoption of the technology, while vigorously opposing efforts to make it mandatory.

Unfortunately I don't see much prospect of the FSF changing its position on this issue; Stallman is not notoriously amenable to reasonable persuasion. But I hope the larger community can start to look at these matters with open eyes, and not feel obligated to follow the FSF in lockstep.

more than 3 years ago

SEC Blames Computer Algorithm For 'Flash Crash'

SiliconEntity Re:No bugs, Nothing went wrong (218 comments)

I'd say something did go wrong. While a $4 billion sell order is not overwhelmingly large in some markets, in the e-Mini market, those 75,000 contracts will overwhelm the standing bids if dumped on the market too fast. And that's what happened, due to the retarded algorithm that targeted 9% of trading volume *without regard to price*. In today's environment, that algorithm is broken because high frequency traders swarm as soon as the market starts to move. HFT is not a problem per se, they mostly just buy and sell with each other without much net effect, but it drives up volume. So this firm is dumping shares on the e-Mini, overwhelming the market, and it falls like a rock. That gets everybody else panicky and the market breaks down for a few minutes.

IMO the fundamental problem was this big trader who dumped shares on the market too fast. That firm should be held responsible and penalized. They used a broken algorithm that resulted in a massive order imbalance.

more than 3 years ago

Haystack and the Myth of the Boy Wizard

SiliconEntity Slashdot response (127 comments)

First, it wasn't last summer, it was this summer (it's still summer); or more precisely, last month.

Slashdot at least didn't join the hype. Although the discussion got sidetracked into whether Iran should be called a dictatorship, and whether America is evil, the technical comments were generally quite skeptical. Haystack was accused of relying on security through obscurity, and in the end that proved to be the case.

more than 3 years ago

Preventing Networked Gizmo Use During Exams?

SiliconEntity Simply purchase an ordinary microwave oven... (870 comments)

...and using a drill and jigsaw, cut through and remove the window in the front. This will allow the microwaves to escape and jam electronic communication. For extra fun, mount the microwave on a "Lazy Susan" spinning platter. You can sit behind it and turn it from side to side, to sweep the room and aim it at anyone who's acting suspiciously.

more than 3 years ago

Sentence Spacing — 1 Space or 2?

SiliconEntity iPad is best of both (814 comments)

On the iPad (which always capitalizes it's own name that way (also it always puts an apostrophe in "it's" even when it's wrong)) you can type two spaces INSTEAD of a period at the end of a sentence, and it turns it into a period and a single space. Best of both.

more than 3 years ago

Research Lets You Type Words By Thought Alone

SiliconEntity Still just typing (114 comments)

Amusing comments but the reality is that this is still the same old P300. You concentrate on a letter, they flash different letters on the screen for about 30 seconds, and it makes a guess at what letter you were thinking of. Then if it's right you go on to the next letter. Super super slow. Eye blink signals are probably just as fast. And if you can't use your eyes you probably can't use P300. I think there have been some studies trying to extract P300 signals from audio cues but they have not been too successful.

more than 4 years ago

Quantum State Created In Largest Object Yet

SiliconEntity Disproof of Penrose, evidence for MWI (265 comments)

If it is true that '"I don't think there is a limit, that there will be a certain size where quantum mechanics starts to break down," Dr Aspelmeyer said,' then that means that even larger objects also go into superpositions of quantum states. That would go all the way up to human sized and larger. This is the fundamental principle of the Many-Worlds Interpretation (MWI), that when quantum measurements occur, even though we only see one outcome, actually we go into a superposition of multiple states, each of which sees a different outcome. Each state evolves independently. It is as though the world splits into parallel universes, where every possible outcome occurs in a different universe.

This follows strictly from the principle that QM applies at all sizes. And this new experiment certainly pushes us in that direction.

Some scientists, notably Roger Penrose, had speculated that QM would break down at macroscopic sizes. He specifically proposed that once sizes were large enough for gravitational forces to exceed some threshold, QM would break down. Wikipedia has this: "Tiny superpositions, e.g. an electron separated from itself, if isolated from environment, would require 10 million years to reach OR threshold. An isolated one kilogram object (e.g. Schrödinger's cat) would reach OR threshold in only 10^-37 seconds." Now here we have a trilliion atom object. That is about 10^13 amu, which is 10^-14 kg. Dividing 10^-37 seconds by 10^-14 we get 10^-23 seconds, which is far shorter than this experiment lasted. This means basically that this experiment disproves Penrose's theory! This is the first time this has happened, and I am (AFAIK) the first person to notice this.

In short it is becoming harder and harder to avoid accepting the reality of parallel worlds. What this should mean for our actions is up to the philosophers, but we should not bury our heads and pretend it isn't true.

more than 4 years ago

How the Internet Didn't Fail As Predicted

SiliconEntity Risks of contrarianism (259 comments)

According to the article, Stoll's excuse is that he was trying to play the contrarian:

At the time, I was trying to speak against the tide of futuristic commentary on how The Internet Will Solve Our Problems.

Contrarianism helps sell magazines (and garners pageviews) but let us not forget that it is usually WRONG. Yes, humbling as it may be to admit, the great unwashed masses, the "sheeple", are usually right in their collective opinions. Contrarians often escape punishment for their folly because no one cares, but in this case Stoll got properly burned.

more than 4 years ago

Hardware TPM Hacked

SiliconEntity Re:When will they learn (327 comments)

I'm a programmer and I've studied the 332 page TCPA Main TCG Architecture v1_1b.pdf design specification. It explicitly refers to the owner as an attacker and it specifically mandates the chip to be secure against the owner himself.

Pics or it didn't happen.

The closest I can find is pages 313-314: "The basic design point for the attack tree is that the TPM should be resistant to all software attacks and somewhat resistant to hardware attacks."

A prescription that the chip be "somewhat [!!!] resistant to hardware attacks" is a pretty thin basis for asserting Orwellian control and domination.

more than 4 years ago

Hardware TPM Hacked

SiliconEntity Re:HEY TARNOVSKY (327 comments)

He cracked the SLB9635TT12 as seen on the Wiki page image.

Thanks, that is helpful, but where is this Wiki page? I looked at the BlackHat session links and right now there are just some slides that are very generic and don't mention any parts. The video and audio is not up yet.

I have no doubt he could tell us this EK you mention but this might violate the DMCA if he did.

I wouldn't think so, but even so he could instead sign a message with the EK and get the same effect, as suggested above.

more than 4 years ago

Hardware TPM Hacked

SiliconEntity Re:HEY TARNOVSKY (327 comments)

If it all sounds TinfoilHat-ish, that's because the system really is that Orwellian.

Let me make a couple of arguments against this:

1. The TPM can also be used for non-Orwellian purposes. For example playing an online game and making sure nobody has cheat mods loaded. This could even be a P2P game if anybody was interested in that any more. Or how about online poker or blackjack. How do you know the dealer's not cheating? He could use a TPM protected system and other players could verify that his software is fair. Another example, imagine a P2P Ebay. The seller could run the auction and everybody could send in their maximum bid. But the seller uses TPM so bidders know he can't see what their max bids are, and cheat them. No third party, no commissions.

I know it's hard to believe, but there are actually many situations in life where it is to your advantage to be able to commit yourself not to break the rules. That is really what a contract is, if you think about it. Contracts are a way to get the other guy to believe you will keep your word (and vice versa). It is to your advantage to be able to commit yourself in this way.

Trusted Computing delivers the same capability in the realm of software and data. You can convince the other side that you will follow certain rules, the rules embodied in the software. Believe it or not, this can actually be to your advantage. And if it's not, you can tell the other guy to take off.

2. TCPA didn't have to do it like this. If all they wanted was DRM, they could have gone ahead and made a centralized system that works the way (almost) everybody thinks Trusted Computing and TPM works: "it will only run signed code". How many times have I heard that over the years. Hundreds. And it's wrong every time. But they could have done it like that, made a system that lets Big Business trust your computer because it controls it. They could have made it so you couldn't run a hacked movie player or logging video driver. This would have accomplished the DRM goals.

But they didn't. They came up with a general purpose system for Trusted Computing that provides just that: a way for people to trust EACH OTHER'S computing. Anyone can use it, for any purpose. Any code can run. It's just that you can't lie about what is running.

Ironically of course the one system that does provide all the horror of what everyone was afraid of is the iPhone, which also happens to be enormously more successful than TPM. For all the fear about it, TPM has never been used in any single application for DRM. All it has been used for is protecting your own crypto keys. But for years everyone has been "Oh teh Orwell" about TPM, while meanwhile Apple is fat and happy signing every iPhone app before it lets it go out.

more than 4 years ago

Hardware TPM Hacked

SiliconEntity Re:Wait a minute... (327 comments)

Why don't you have him just sign something with that public key signature rather than divulging the private key to the world?

You're right, that's a better idea. He can sign something with the EK rather than publishing the private key. It accomplishes the same thing but maybe causes less disruption to the TPM world.

more than 4 years ago

Hardware TPM Hacked

SiliconEntity CHALLENGE TO TARNOVSKY (327 comments)

I've been reading about this hack for days, but something seems fishy. Some of the earlier reports had him hacking the SLE 66 CL processor chip which is embedded in the TPM, not the TPM itself. This article also describes him as having to work with many copies of the chip to discover its secrets, but it has the chips being inexpensive ones from China. Problem is that Infineon is a German company and I don't think you can get Infineon TPMs cheaply from China. Putting this together, it's not clear to me that he has truly hacked an Infineon TPM. He may have hacked a similar chip and he assumes that the same attack would work on TPM.

However, there is a way for him to easily prove that he has done what he said. Every Infineon TPM comes with an RSA secret key embedded in it, called the Endorsement Key or EK. This key is designed to be kept secret and never revealed off-chip, not to the computer owner or anyone. And Infineon TPMs also come with an X.509 certificate on the public part of the EK (PUBEK), issued by Infineon. If Tarnovsky has really hacked an Infineon TPM and is able to extract keys, he should be able to extract and publish the private part of the EK (PRIVEK), along with the certificate by Infineon on that key. The mere publication of these two pieces of data (PRIVEK and Infineon-signed X.509 cert on PUBEK) will prove that his claim is true.

more than 4 years ago

Sony, IMAX, Discovery To Launch 3D TV Network

SiliconEntity Avatar 3D at home? (218 comments)

Wouldn't it be great if somebody created a cam capture of Avatar 3D with one camera looking through the left lens of the glasses, and the other camera looking through the right lens? Then they could package them together in some format and people can watch them on existing 3D monitors that use glasses. I looked at some movie sites and they have Avatar "telesyncs" but no 3D versions, too bad. I wonder if any of the 3D TVs at CES will be showing Avatar, that would be good too.

more than 4 years ago

Neural Implant To Give Control of Paralyzed Arms

SiliconEntity Re:Great for Spinal Cord Injury but... (42 comments)

Actually although ALS kills neurons in the spinal cord, these cells extend from there to the muscles. And as the nerves begin to fail, they first withdraw from the muscles. They die from the muscle end back to the central location in the spinal cord. Once the nerves die, muscles atrophy in ALS and eventually shrink away to almost nothing. However I believe that electrical stimulation still works to make the muscles contract. E-stim can maintain muscles in ALS, but normally there is no point since there will be no more nerves connecting to them. However with this new technology it may be possible to make muscles contract electrically, controlled by sensors in the brain.

more than 4 years ago

FDA OKs First Human Trial of Neural Stem Cell Therapy

SiliconEntity Re:Dr. Stephen Hawking (149 comments)

Keep in mind that Hawking lives in England, not the United States. The FDA has no jurisdiction over him. Now it may be in practice that the British health service does follow FDA recommendations in large part, so it's not likely that the treatment would be available any too soon there. But it is certainly possible for him to travel to Europe or even to Asia in order to get treatment if he wants it. There are clinics in Germany, Mexico and China at least that are doing experimental stem cell treatments for ALS and similar diseases, many with rather extravagant claims of improvement but none with patients who are walking around cured.

more than 4 years ago



SiliconEntity SiliconEntity writes  |  more than 7 years ago

SiliconEntity (448450) writes "Amit Singh, author of Mac OS X Internals, has released software to allow Mac users to access the TPM chip and use it to store keys and sensitive data. He also puts to rest certain myths:

'The media has been discussing "Apple's use of TPM" for a long time now. There have been numerous reports of system attackers bypassing "Apple's TPM protection" and finding "Apple's TPM keys." Nevertheless, it is important to note that Apple does not use the TPM. If you have a TPM-equipped Macintosh computer, you can use the TPM for its intended purpose, with no side effect on the normal working of Mac OS X.'

In fact he goes on to say:

'At the time of this writing (October 2006), the newest Apple computer models, such as the MacPro and the revised MacBook Pro, do not contain an onboard TPM.'

Note to the editors, this myth is extremely pervasive and Slashdot would be doing a real service by publicizing the true facts about Apple's non-use of the TPM chip."


SiliconEntity has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account