New post: "Compromise recovery on Qubes OS":
https://www.qubes-os.org/news/2017/04/26/qubes-compromise-recovery/
Because fuckups happen... and it's good to have a reasonable Plan B.
http://eprint.iacr.org/2015/121
Multi-Client Oblivious RAM secure against Malicious Servers
Travis Mayberry et al.
This paper tackles the open problem whether an Oblivious RAM can be shared among multiple clients in the presence of a fully malicious server. Current ORAM constructions rely on clients knowing the ORAM state to not reveal information about their access patter. With multiple clients, a straightforward approach requires clients exchanging updated state to maintain security.[...]
My friend @seanhn pointed me to this great paper that is a historical survey over heap allocators from the 70s to the mid-90s:
http://www.cs.northwestern.edu/~pdinda/ics-s05/doc/dsa.pdf
Sigh. I envy the days where such sweeping surveys of this scope were still being written.
does anyone know how to dab in morse code
we can all agree that the shitty part of the chrome/quic thing is that it's unreachable from the plugin (ie. adblocker) api, not that they're using experimental networking to get noticable performance improvements, yes?
Meh, dragging a dead cat off the road is pretty sad. At least its face looked so broken that it probably didn't suffer for long…but that won't console its family much, I guess :/
Turns out content blockers in Chrome can't yet block QUIC requests:
https://blog.brave.com/quic-in-the-wild-for-google-ad-advantage/
How security works... #sec
#Gentoo life:
> upgrade world
> upgrade gcc
> ABI change, run revdep-rebuild
> rebuild Chromium, Firefox, boost, Qt4, Qt5 and 597 other packages
> blockers
> slot conflicts
> in the distance, wailing of sirens
remember, the results of the science march are inconclusive -- we need to conduct many more marches to study their effects, and for a proper double blind, everyone needs to be in black bloc
Recently left my employer, returning to infosec research soon (my actual passion).
Back when they planned search term highlighting in results, I warned them that it'd likely be slow if they added it to the "quick search" functionality. They still implemented it.
Today, I saw a ticket in the bug tracker that says "Search suggestions are slow". 🙄
"On the Turing Completeness of Microsoft Powerpoint" https://www.youtube.com/watch?v=uNjxe8ShM-8
administration: distributed computing with a network of four high-powered servers
admaxistration: distributed computing with a network of eight thousand hacked IoT coffee makers
This is both remarkable and sad. A scheduled suicide blog post: https://willopines.wordpress.com/2017/04/19/punched-out/
I get his reasons. It's tiring to be an obligate social creature when you're not good at being social.
But if you go down that mental road, consider that the opinion of "the masses" will always be irrelevant and usually somewhat dumb. It's okay to be bad at social interactions, too.
It's not that "nobody cares", it's that it's irrelevant if anybody cares as long as you do.
"the MP3 technology became patent-free in the United States on 16 April 2017 when U.S. Patent 6,009,399, ...administered by Technicolor, expired"
The rTorrent XMLRPC interface is almost completely undocumented, making every attempt to use it an exercise in trial and error.
This perfectly combines with the minor nuisance that around 2000 torrents say "Could not connect to tracker" despite working flawlessly on manual announce.
So, err, if anybody needs help with that, I've now waded through enough rTorrent XMLRPC to re-announce all of those.
