• 0 Posts
  • 991 Comments
Joined 1 year ago
cake
Cake day: June 30th, 2023

help-circle


  • I’m not sure there’s any guarantee that it will ever be sorted, since bit flips will be random and are just as likely to put it more out of order than more in order. Plus if there’s any error correction going on, it can cancel out bit flips entirely until up to a certain threshold.

    Though I’m not sure if ECC (and other methods) write the corrected value back to memory or just correct the signals going to the core, so it’s possible they could still add up over time and overcome the second objection.



  • Yeah, I think there is a lot of potential for code analysis. There’s a limited cross section of ways malware can do interesting things, but many permutations of ways to do that.

    So look for the interesting things, like:

    • accessing other programs’ address spaces
    • reading/writing files
    • deleting/moving files
    • sending/receiving network traffic
    • os system calls and console commands
    • interacting with hardware
    • spawning new processes
    • displaying things on the screen
    • accessing timing information

    Obviously there’s legitimate uses for each of these, so that’s just the first step.

    Next, analyze the data that is being used for that:

    • what’s the source?
    • what’s the destination?
    • what kind of transformations are being applied to the data?

    Then you can watch out for things like:

    • is it systematically going through directories and doing some operation to all files? (Maybe ransomware, data scrubbing, or just maliciously deleting stuff?)
    • is it grabbing data from somewhere and sending it somewhere else on the internet? (Stealing data?)
    • is it using timing information to build data? (Timing attacks to figure out kernel data that should be hidden?)
    • is it changing OS settings/setup?

    Then generate a report of everything it is doing and see if it aligns with what the code is supposed to do. Or you could even build some kind of permissions system around that with more sophistication than the basic “can this app access files? How about the internet?”

    Computer programs can be complex, but are ultimately made up of a series of simple operations and it’s possible to build an interpreter that can do those operations and then follow everything through to see exactly what is included in the massive amount of data it sends over the network so that you can tell your file sharing program is also for some reason sending /etc/passwords to a random address or listening for something to access a sequence of closed ports and then will do x, y, z, if that ever happens. Back doors could be obvious with the right analysis tools, especially if it’s being built from source code (though I believe it’s still possible with binaries, just maybe a bit harder).



  • That’s pretty smart, using it for legal documents. If the accuracy is high, it might be nice to just copy paste any tos or whatever to get the highlights in plain language (which imo should be a legal requirement of contracts in general, but especially ones written by a team of bad faith lawyers intended for people they don’t expect to read it and deliberately written to discourage reading the whole thing).





  • I want to see some videos of salesmen trying to sell touchscreens like they are cars of the future and so great. Followed by the same salesman selling the return to tactile buttons as a big step forward because of how bad of an idea the touchscreens are.

    Most likely the first one will be older, but I bet there’s many that could be lead to do both in the same day by two different people showing interest in the same model but different year of a vehicle.








  • Infinite monkeys would produce everything in the time that it would take to type it out as fast as anyone can type, infinite times. There would also be infinite variations of slower versions, including an infinite number of versions where everything but the final period is written, but it never gets added (same with every other permutation of missing characters and extra ones added).

    There would be infinite monkeys that only type one of Shakespeare’s plays or poems, and infinite monkeys that type some number greater than that, and even infinite monkeys that type out plays Shakespeare wanted to write but never got around to, plus infinite fan fictions about one or more of his plays.

    Like infinite variations of plays where Juliette kills Hamlet, Ceasar puts on a miraculous defense and then divides Europe into the modern countries it’s made up of today, Romeo falls in love with King Lear, and Transformers save the Thundercats from the Teenaged Mutant Ninja Turtles who were brainwashed to think they were ancient normal samurai lizards. Some variations having all of that in the same play.

    That’s the thing about infinity. If there’s any chance of something happening at all, it happens infinite times.

    Even meta variants would all happen. Like if there’s any chance a group of monkeys typing randomly on typewriters could form a computer, there would be infinite variations of that computer in that infinite field of monkeys, including infinite ones that are trying to stimulate infinite monkeys making up a computer to verify that those monkeys make up a valid computer worth building and don’t have some bug where the temperature gets too high and melts some of the monkeys or the food delivery system isn’t fast enough to keep up and breaks down because monkeys get too tired to keep up with necessary timings.

    BUT, even though all of these would exist in that infinite sea of monkeys, there would be far more monkeys just doing monkey things. So many more that you could spend your whole lifetime jumping to random locations within that sea of monkeys and never see any of the random organization popping out, despite an infinite number of monkeys and societies of monkeys dedicating their whole existence to making sure you, specifically, can find them (they might be too busy fighting off the infinite number of monkeys and societies of monkeys dedicating their lives to prevent you from ever finding non-noise in the sea of monkeys).


  • Ah, I haven’t used it so didn’t realize there was a social aspect to it, that makes sense, though I don’t think the social nonsense is worth giving that kind of data to the parent company. Though I suppose the leaks in this case were just from people looking up the bodyguards on the service? Is there an option to set your profile to private?

    But yeah, I’d agree that anyone who doesn’t want their location to be shared shouldn’t be using that, especially when there’s security concerns.

    Though just carrying a cell phone at all gives some people access to your full location information, if they care to track it.