This meme format works best to absurdly overstate the uselessness of something you find mildly annoying. That’s when it’s funniest, because the criticisms are grounded in something real, and the low-stakes controversy makes the aggressive tone funny in context.

They did, eventually. The first PlayStation was relatively easy to pirate for (with a mod chip), but it took a while for that stuff to become available. Someone had to go and manufacture the chips, or reverse engineer the check.

By the time that scene matured, Sega released the Dreamcast right into a more sophisticated piracy scene that could apply lessons learned to the Dreamcast right away.

On paper, Sega had more sophisticated copy protection than the first PlayStation did. But it also released 4 years later.

you could go to your local library and carry a USB stick.

I don’t remember it this way. Nothing else came close to the portable storage capacity of CD (and thus CD-R and CD-RW). The iomega zip drive was still a popular medium, allowing rewritable 100mb or 250mb cartridge. That was the preferred way to get big files to and from a computer lab when I was an engineering student in 2000.

USB flash drives had just been released in 2000, and their capacity was measured in like 8/16/32mb, nowhere near enough to meaningfully move CD images.

Then again, as a college student with on-campus broadband on the completely unregulated internet (back when HTTP and the WWW weren’t necessarily considered the most important protocols on the internet), it was all about shared FTP logins PMed over IRC to download illegal shit. The good stuff never touched an actual website.

For what it’s worth, that particular format war, the format backed by more porn studios (HD-DVD) actually lost to the one with less porn backing (Blu-ray). Personally I think that the PS3 tipped things over the edge.

Oh don’t worry, malicious .exe files were all over the forums back then.

I’m volunteering at an animal hospital.

Animal Hospital?!?

The animals are the patients.

Oh. That makes sense.

It basically varies from chip to chip, and program to program.

Speculative execution is when a program hits some kind of branch (like an if-then statement) and the CPU just goes ahead and calculates as if it’s true, and progresses down that line until it learns “oh wait it was false, just scrub all that work I did so far down this branch.” So it really depends on what that specific chip was doing in that moment, for that specific program.

It’s a very real performance boost for normal operations, but for cryptographic operations you want every function to perform in exactly the same amount of time, so that something outside that program can’t see how long it took and infer secret information.

These timing/side channel attacks generally work like this: imagine you have a program that tests if variable X is a prime number, by testing if every number smaller than X can divide evenly, from 2 on to X. Well, the bigger X is, the longer that particular function will take. So if the function takes a really long time, you’ve got a pretty good idea of what X is. So if you have a separate program that isn’t allowed to read the value of X, but can watch another program operate on X, you might be able to learn bits of information about X.

Patches for these vulnerabilities changes the software to make those programs/function in fixed time, but then you lose all the efficiency gains of being able to finish faster, when you slow the program down to the weakest link, so to speak.

This particular class of vulnerabilities, where modern processors try to predict what operations might come next and perform them before they’re actually needed, has been found in basically all modern CPUs/GPUs. Spectre/Meldown, Downfall, Retbleed, etc., are all a class of hardware vulnerabilities that can leak crypographic secrets. Patching them generally slows down performance considerably, because the actual hardware vulnerability can’t be fixed directly.

It’s not even the first one for the Apple M-series chips. PACMAN was a vulnerability in M1 chips.

Researchers will almost certainly continue to find these, in all major vendors’ CPUs.

Can’t fix the vulnerability, but can mitigate by preventing other code from exploiting the vulnerability in a useful way.

I’ve seen it for keypads that have to send a signal to an actuator located elsewhere, but I think the typical in-door deadbolt (where the keypad is mere millimeters from the motor itself) wouldn’t have the form factor leaving the connection as exposed to a magnet inducing a current that would actually actuate the motor.

Most of LPL’s videos on smart locks just defeat the mechanical backup cylinder, anyway. I’d love to see him take on the specific Yale x Nest model I have, though.

Yup. The backup for battery failure on this model is that the bottom of the plate can accept power from the pins of a 9V battery, held there just long enough to punch in the code.

Things might be different by now, but when I was researching this I decided on the Yale x Nest.

It’s more secure than a keyed lock in the following ways:

• Can’t be picked (no physical keyhole).
• Codes can be revoked or time-gated (for example, you can set the dog walker’s code to work only at the time of day they’re expected to come by).
• Guest codes can be set to provide real-time notifications when used.
• The lock keeps a detailed log of every time it’s used.
• The lock can be set to automatically lock the door after a certain amount of time.

It’s less secure than a physical traditional lock in the following ways:

• Compromise of a keycode isn’t as obvious as losing a key, so you might not change a compromised keycode the same way you might change a lost key.
• People can theoretically see a code being punched in, or intercept compromised communications to use it.
• Compromised app or login could be used to assign new codes or remotely unlock

It’s basically the same level of security in the following ways:

• The deadbolt can still be defeated with the same physical weaknesses that a typical deadbolt has: blunt force, cutting with a saw, etc.
• The windows and doors are probably just generally weak around your house, to where a determined burglar can get in no matter what lock you use.
• Works like normal without power or network connection (just can’t be remotely unlocked or reprogrammed to add/revoke codes if not online)

Overall, I’d say it’s more secure against real-world risk, where the weakest link tends to be the people you share your keys with.

Well it’s obvious that Musk wants X to be a bank, so this isn’t unexpected.