Report that #letsencrypt is handling a vulnerability:
"[Investigating] The tls-sni challenge has been disabled due to strong credibility of a vulnerability report."
https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/5a55777ed9a9c1024c00b241
Impact to #golang
"Welp, the #golang autocert (https://golang.org/x/crypto/acme/autocert …) @letsencrypt package is now broken because it relies on tls-sni-01, which just got emergency shut down:"
Finding a CPU Design Bug in the Xbox 360
https://randomascii.wordpress.com/2018/01/07/finding-a-cpu-design-bug-in-the-xbox-360/
<<The recent reveal of Meltdown and Spectre reminded me of the time I found a related design bug in the Xbox 360 CPU – a newly added instruction whose mere existence was dangerous.>>
Believe it or not I had sort of prepared a neat little tootstorm on OoO and speculative execution when I realised that what is really needed is an analysis on what tradeoffs were chosen as opposed to yet another OoO description.
What seems to be missing from everything I have read are two points:
a) speculative execution and OoO go back a long time (IBM S/360 model 85),
b) they are essential for performance: you simply cannot get “the numbers” otherwise.
Some of you might be old enough to…
btw, read the project zero post on spectre/meltdown if you haven't already. it's really clever. https://googleprojectzero.blogspot.co.uk/2018/01/reading-privileged-memory-with-side.html
So we're having a alert level orange (second highest) for a heavy storm tonight. This after the darkest December for 80 years.
Guess who got a roof full of solarpanels last summer 😥.
Let's hope we still have them, and the satellite dish, tomorrow morning...
people: "we can build a nationwide internet through the wireless!"
me, an RF engineer with years of tactical mesh network PHY experience, multiple radio licenses, and an apartment two blocks from her corner office at a leading manufacturer of wideband SDR hardware: "good fuckin' luck"