> Certificates signed by TrustCor that were issued before December 1st will still be trusted (for now); certificates issued on December 1st or later will not be.
How does this work? If TrustCor is no longer trusted, what keeps them from creating certificates which claim to be issued before December 1st, even after that date?
Just a guess: In priciple, yes, but it wouldn't be very practial. Because of noise sources on earth, one would need very big antennas pointing to the pulsars to get good s/n ratios.
Additionally, as x-rays are blocked by the atmosphere, one would be limited to longer-wavelength pulsars, again increasing the size of the antennas.
Given that, using GPS, we already have a positioning system much more accurate, I don't see why one would use pulsars for positioning on earth.
My reaction when I wanted to searched for a file in a larger github repo, and the search bar was missing: I just cloned the repo and used `git grep` locally.
What's the next step? Cloning only allowed for logged-in users?
It was really easy to setup automatic renewals, running as an ordinary user. sudo access for reloading apache is the only privileged operation necessary. Great job!
Similar technology (OpenWRT based firmware), easier to use, less privacy issues as it's not necessary to track your network usage. And completely free.
Not loading the firewire driver is not an option, as the attack needs the driver.
I guess loading the driver with DMA disabled would be a good option, as I don't think the attack needs DMA on the host side. Not sure, though, after skimming over the documentation.
I guess writing a new hard drive firmware from scratch, without inside knowledge, would be close to impossible.
But why start from scratch if you can just modify the existing firmware? And that seems to be perfectly possible:
http://spritesmods.com/?art=hddhack
I'd say the most difficult and resource consuming part is to make versions which work on as many brands, models and revisions as possible, and make them all robust enough so they won't be detected because of random malfunctions.
But I don't know anything about hard disk firmwares: Perhaps they are not too diverse and once you know how to modify one drive, the others will follow easily?
How does this work? If TrustCor is no longer trusted, what keeps them from creating certificates which claim to be issued before December 1st, even after that date?