Sad news. She gave me a gmail invite after I begged for one on slashdot, seems like an eon ago. We corresponded off and on but unfortunately I was never able to meet her in real life. Rest in peace.
Even assuming you are correct on all these points ASLR is still an important use case and the effective security of current 64-bit address spaces is low.
Agree Raleigh and the general Triangle area is a good one. Maybe surprising for most here but Maryland and Virginia is like this as well. We're more expensive but you can get 1-3 acres within an hour commute of DC and/or Baltimore with a relatively robust tech scene, especially if you're willing to work for the government. Areas like Frederick, MD even have reasonable rail commutes into DC!
I know less about shareholder buybacks than I do about divideds, but they are pretty similar to dividends. A buyback is returning $X in bigger chunks to a few shareholders, and a dividend it returning a $X to all shareholders. A dividend usually drops stock value in line with amount of dividend paid out, so in a sense you could think if it as the company saying "I'm buy 1% of your $100 share, so you get $1 and the share is now worth $99".
Anytime a company pays a dividend AND increases their outstanding debt in the same time period, you could draw ths conclusion that they financed the dividend using debt.
On the summary page you can see they pay about a 15% dividend. On their income statement you can see their net income is less than $100 million USD. On the balance sheet, you can see the long term debt has increased by a serveral hundred million over the last few years. That dividend sure sounds like it is financed by debt, although you'd have to dig into what is really going on to know for sure.
If anyone trades options, the IV on options expiring in March on AMD went up significantly last week with no apparent news, probably because of these guys.
Seems like the ultimate end-game here is to have mini-vms for every process using CPU-level ring protection. If you can't speculate across privilege levels, only inside them, it isn't a security problem anymore.
Or time to have Kernel live on dedicated cache not ever accessed/shared with anything else. Let the CPU speculate all it wants, just not when playing in the kernel's cache. It may even be time for dedicated kernel cpus/cores.
Reading Kernel memory (Meltdown attack) is extra bad but regular user processes being able to read each other's memory (Spectre attack) is also very bad and not solvable by isolating the kernel.
Im less worried about my steam client reading my chat cache than something inside my web browser reading the keys that encrypt my home directory. Short of abandoning all sharing, the least we can do is isolate kernel cache.
That depends on what you are chatting with. My chatlog would be very interesting to our competitors. The key that encrypts my home directory isn't useful because the firewall blocks your access to my home directory (that a different layer of security).
> It may even be time for dedicated kernel cpus/cores.
Oh yes, I agree! One needs to be able to phycically (un)lock the "kernel fpga" like a door without remote capabilities, except for server cpu's. Or whatever chip designers believe is a good "physical kernel embodiment" other than fpga.
EDIT: I know it's not really clever, but I would really enjoy hearing any solutions that doesn't try to fix it at the hardware level.
> mini VMs for every process using CPU ring protection
Yes. We should really start to learn from history, MULTICS operating system had already 16 CPU ring support back in the early 1970s. MULTICS is the mother of UNIX, its smaller child. MULTICS had so many advanced features that barely got implemented (often reinvented) in newer OS. It's time to read old docs and ask the old devs who are still alive. (Another such often overlooked gem is Plan9, but it's better known thanks to Go lang devs).
Older Intel CPUs only supported 2 rings. Modern Intel CPU supports only 4 rings. Windows and Linux use ring 0 for kernel mode and ring 3 for user mode. And Intel introduced a ring -1 for VT.
"To assist virtualization, VT and Pacifica insert a new
privilege level beneath Ring 0. Both add nine new machine
code instructions that only work at "Ring -1," intended to
be used by the hypervisor
It's time for modern operating systems to use more rings, and modern CPUs to correctly protect between different rings.
You're not trusting the miners, you're trusting a system that was designed so that one would need 51% of the mining power to perform an attack. While there is a worrisome level of centralization in mining, you are also trusting the economic incentive structure of the miners is sufficient for no one to coordinate a 51% attack given the current dynamics.
Mining becomes even more centralized due to high cost.
Next, attackers (mean, naughty miners) simultaneously launch / initiate / pay for a DDOS attack on the others such that they can reach this 51% figure?
kind of. But the miners have a financial incentive to follow the system. The system is built in such a way that it's in their best interest to follow the system (except in a coordinated 51% attack, then the system falls apart).
Which is the same thing as saying that you are trusting that miners will be motivated by the financial incentive.
That's a generally sane reason to trust the miners, but the truth is, the mining nodes are controlled by people, and people can be motivated by many things other than money, including fear of people with much political power.
If 20% of bitcoin miners 'wasted' block space with a very high minimum transaction fee to drive up average transaction fees you get a huge problem. (This could actually be a net gain depending on the demand curve.)
If you look at the actual block chain there are many empty blocks so this is less theoretical than you might assume.
Another attack is if you get say 40% of miners to block transactions for a specific company you could create a lot of issues for them at minimal costs.
You are correct it trades to Gemini's spot price, but you are wrong in terms of the difference between the two. As I write this there is a 5 cent different between GDAX and Gemini.
in general they are very close but at times of extreme volatility they can differ quite a bit, as was the case several days ago when GDAX surged up past $19,000/BTC and then crashed.
