Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:Why not blame the manufacturer? (Score 1) 263

Marginal extra cost, want to look up the difference in price between a Intel Core i7 extreme edition on an X99 board and the equivalent Intel Xeon where the difference between the processors is the ECC memory controller. There are a few low end mobile and embedded processors Intel do with ECC, but majority of their consumer range deliberately do not have it, it is a Xeon "feature" and the price tag that has.

Comment Re: "Of course it can," says government (Score 1) 263

Accept what are being talked about here is not low frequency radiation but extremely higher frequency radiation, wavelengths smaller than gaps between atoms that are only stopped on that direct hit which if it happens to just the right atom on that added circuit or whatever. Now the are extraordinarily rare events it the probability of any single ray is calculated but are being constantly but by these rays all day every day making the probability of causing an issue somewhere on the plant quite high. There are some solutions though, ECC ram for example means individual but flips can be fixed and is what is used in most server systems however support on consumer level gear is non existent. If that isn't enough run systems in triplicate on the separate machines then run a vote on the result only one machine is likely to have had a bit flip during that specific operation.

Comment Re: ECC (Score 2) 263

We are already there:
http://www.pcworld.com/article...
http://arstechnica.com/gadgets...

As the IBM article states they are working with Samsung and Global Foundries while the other article is about Intel that is 3 of the major chip fab companies stating they are moving to silicon-germanium hybrid crystal over pure silicon for exactly this reason. Also the fabs on a new process node take time to setup and they need to be ready before circuit design comes in to fab prototype batches so they are usually a couple of years ahead of what is commercially available on the market.

Comment Re:the real reason theyre arguing it. (Score 1) 310

Rarely is the issue a BGA package, usually it's a capacitor or soic package which can be replaced by hand even if it's not the easiest component to replace. A multimeter is still the most useful diagnostic tool especially when the most common component, a VRM or capacitor in the power supply has gone, knowing what the potential difference should be across various points of the board helps in identifying such issues. Memory test failure and similar software errors could literally be that the memory didn't get enough power cause part of the power supply has gone dead.

Some vendors are really nasty and rub the id codes off or re-badge(own brand and id instead) on what is otherwise off the shelf components making it even more of a nightmare to tell what is wrong.

Comment Re: Slackware..... (Score 2) 145

Yeah, not to mention. Ubuntu users are more likely to be on ask Ubuntu. Mint also had it's own forums. This is personal choice not server administration so redhat and centos are out...
The real question is how many prefer slackware for their personal desktop but use something else most of the time for some work reason or something.

Comment Re: You cannot sign with MD5, you hash with MD5. (Score 1) 55

Part of the RSA signature algorithm is signing a hash of the content you want to sign. They are changing that hashing algorithm.

The funny thing is sha-1 is nolonger fit for this purpose and so Mozilla is requiring sha-2 in all HTTPS certificates from next week (after a major push by all the browser creators for CAs to use sha-256 for the last couple of years), so yeah, Oracle and Java is way behind the times and that is before we get to those that won't update.

Comment Re:uh, no (Score 4, Interesting) 148

I suppose you know how timing side channel attacks are done? All those layers of abstraction make it possible to accurately predict and alter code path length? Oh, and they do automatically handle things like proper memory scrubbing of keys when no-longer valid? Right?

These things need low level hardware access to manage, and are hard even then where there is less in the way screwing with it. It is nearly impossible to handle properly on highly abstracted languages running in managed virtual environments like Java and C#.

Yes those abstractions help avoid specific classes of vulnerabilities, but can open a whole host of just as bad context specific ones when talking about security stuff like encryption. This is why we should only let specialists in that specific field do such implementations and have them vet each others code.

Comment Re:what we need here is a mentality reset (Score 4, Insightful) 86

Google's safe browsing list have been in both Firefox and chrome since chrome's first release, and both Firefox and chrome have a toggle to turn it off in the options should you wish. For some reason Google has added pirate bay download pages to the list, according to database lookup it matches the sort of block they usually impose when the site has been compromised either directly or via maleware embedded in advertising.

Slashdot Top Deals

"Anyone attempting to generate random numbers by deterministic means is, of course, living in a state of sin." -- John Von Neumann

Working...