HackerTrans
TopNewTrendsCommentsPastAskShowJobs

wyes

no profile record

Submissions

Rampant Noncompliance (~50%) with California Privacy Laws (CCPA)

news.uci.edu
5 points·by wyes·12 mesi fa·0 comments

The Zoox robotaxi serial production facility

zoox.com
3 points·by wyes·anno scorso·0 comments

comments

wyes
·6 mesi fa·discuss
How is the LaTeX compatibility? Base mermaid's LaTeX compatibility is quite sparse.
wyes
·11 mesi fa·discuss
100%

"The crown jewel? Your 8-digit gym door PIN is your API password and you most likely didn't set it yourself. The same PIN that hasn't changed since the iPhone 8 was cutting-edge technology."

Reads directly from ChatGPT
wyes
·anno scorso·discuss
They have gotten worse.
wyes
·anno scorso·discuss
Interesting to see that AI search was basically turned off during the election time. edit: no the election was later, why we're AI searches basically non-existent mid sept - mid oct?
wyes
·2 anni fa·discuss
Attestation will run on the RoT.

>While we’re publishing the binary images of every production PCC build, to further aid research we will periodically also publish a subset of the security-critical PCC source code.

I expect that they'll publish the attestation source code.

But, basically what will happen is the Verifier will request a certain memory region to be attested, then that region will be hashed and the digest will be sent back to the Verifier. If the memory is different from what is expected, the hash digest will NOT match.
wyes
·2 anni fa·discuss
They rely on Trusted Execution Environments and the fact that hash functions are one-way functions.

Verifier -> requests a Prover to attest its software state

Prover -> goes into RoT, verifies authenticity of Verifier (and request), computes hash of attested memory region, sends hash digest

Verifier -> receives digest and compares to known hash

> What’s stopping remote endpoint always responding “yes” The attestation code is inside of a RoT, so a bad actor shouldn't be able to call this code, only callable by receiving a request from a Verifier
wyes
·2 anni fa·discuss
We use F* for some of our crypto for embedded systems software :D