Posts
Showing posts from September, 2016
Good News (!!!) from the world of TCP Congestion Control
- Get link
- X
- Other Apps
Google released a patch today that significantly improves how congestion control works in TCP . First, the great part - the changes are on the sender side, and require no co-ordinated changes on the receiver , or the intermediary network . Which is awesome - it means that this can be incrementally deployed purely by updating the network stack at the end-points. Seriously, that is awesome news. This field has been more art than science for the longest time, and despite the plethora of approaches out there , not much has really changed since the days of Reno. Part of the reason for this is the network equivalent of the Heisenberg Uncertainty Principle - where bandwidth and network delay are inextricably linked, and can't be disambiguated. And the problem with that is that it turns out that you really, really want to look at the two independently to find the optimal operating point for a network . Anyhow, Google's new algorithm - called BBR , for Bottleneck, B
When should I be posting s**t?
- Get link
- X
- Other Apps
SumAll did a bunch of research around when you should be posting stuff if you actually give a s**t about people reading your tweets/posts/whatevers, and came up with the following data. Mind you, they don't actually say so, but I assume that they are referring to the timezone of the target audience :-) Anyhow, this is the worst possible time to post stuff : And, these, conversely, are when people are paying attention.. Finally, these are the best times to "optimze" your "social media interactions" (yeah, i just threw up in my mouth) (LinkedIn data from here )
On Apple's Cloud Key Vault - and why it *might* actually be secure
- Get link
- X
- Other Apps
There is a nice writeup on this at Lawfare . (TL;DR - holding on to keys in a safe way such that 3rd parties can also access them repeatedly without high potential for catastrophic loss is impossibly hard) ...Apple’s design intentionally solved the problems that come from exceptional access schemes by removing itself from the equation. Rather than providing an exceptional access solution, Apple took the radical step of destroying those keys in order to have an acceptable level of protection. [To] turn Apple’s Cloud Key Vault into an exceptional access mechanism....Apple would have to replace the HSM with one that accepts an additional message from Apple or the FBI—or an agency from any of the 100+ countries where Apple sells iPhones—saying “OK, decrypt,” as well as the user’s password. In order to do this securely, these messages would have to be cryptographically signed with a second set of keys, which would then have to be used as often as law enforcement access is requir
Core RAM =/= Core ROM
- Get link
- X
- Other Apps
They work using completely different principles. Core RAM used ferrite cores as the bits , with the wires used to magnetize the cores in opposing directions (clockwise vs counterclockwise; '1' vs' '0'). (Little memory moment here - the ferrite cores would break and fall on the floor. Your sysadmin would sweep up the detritus, and put it in the bit-bucket . (see? there was a literal explanation!!!) Core ROM uses ferrite cores as transformers, with the wires themselves being the bits . The ferrite core would be used to induce a current (or not!) in a second wire based on whether there was a current in the first wire (if the second wire was wrapped around the core too, the current would be induced. If it wasn't wrapped, no current. See? '1' vs '0'! (Mind you, you could, theoretically , flip a bit by moving/rewrapping a wire!) To think this is the stuff that got people to the moon and back :-)
The Forever War
- Get link
- X
- Other Apps
In the presence of limited good, and of corruptible man, what is our responsibility? Is it to use present evil on behalf of present good and thereby to ensure the continuation of evil? Or is it to deny present gain in an effort to destroy evil itself? The above questions are the underlying theme of The Lord Of The Rings (and has been happily appropriated from here ), and are as true today as they were back then. The more things change...
Indian Accents
- Get link
- X
- Other Apps
From NPR While making fun of a stereotypical Chinese accent or "black" speech patterns is today widely understood to be off limits, giggling at a strong Indian accent still seems to be up for grabs — whether you're South Asian or not. (*) Speaking for myself, yeah, I find it offensive, but tend to go along (and no, I probably shouldn't...)
"Tech Appliances" and "Security" (IoT too!)
- Get link
- X
- Other Apps
So, Filippo lost the password to his WD NAS , and discovered that All actions are actually unauthenticated. If you are not logged in the NAS will answer with a HTTP 302 Redirect... AND THEN PROCEED HANDLING THE REQUEST and sending the output. As if you were logged in. That's a first for me. Let me repeat this: if you are not logged in, the only thing the system will do is add a redirect to the login page in the HTTP Headers and carry on, obeying whatever you are telling it to do. I pretty much assume that security on these things is s**t . The thing is, I wasn't particularly perturbed by this - and on reflection, I realized that the reason was that Seriously, I just assume that pretty much any "tech appliance" at home - wifi routers, NAS, cable boxen, whatever - probably have more holes in them like swiss-cheese. Why? Well, look at it this way The software they are shipped with will have some security holes in it. You, OTOH, are extremely unlikely to