HackerTrans
TopNewTrendsCommentsPastAskShowJobs

btdmaster

no profile record

Submissions

Stackmaxxing for a recursion world record [video]

youtube.com
2 points·by btdmaster·6 ay önce·0 comments

Steam Depot Downloader

github.com
1 points·by btdmaster·6 ay önce·0 comments

Rust–: Rust without the borrow checker

github.com
2 points·by btdmaster·6 ay önce·0 comments

What Happens When All Training Data Is AI Generated? [video]

youtube.com
1 points·by btdmaster·7 ay önce·0 comments

Update for NGI Zero Entrust: GNS to DNS Migration

gnunet.org
3 points·by btdmaster·10 ay önce·0 comments

Speech Enhancement Mamba

github.com
3 points·by btdmaster·10 ay önce·1 comments

comments

btdmaster
·3 ay önce·discuss
> Thus succeeding at making the telecommunications vendors used for Top Secret US national security data less secure, the obvious goal of the US National Security Agency, and the only reason they wouldn't use the better cryptography designed by Dr. Bernstein. /s

I guess the NSA thinks they're the only one that can target such a side channel, unlike, say, a foreign government, which doesn't have access to the US Internet backbone, doesn't have as good mathematicians or programmers (in NSA opinion), etc.

> Timing side channels don't matter to ephemeral ML-KEM key exchanges, by the way. It's really hard to implement ML-KEM wrong. It's way easier to implement ECDH wrong, and remember that in this hypothetical you need to compare to P-256, not X25519, because US regulation compliance is the premise.

Except for KyberSlash (I was surprised when I looked at the bug's code, it's written very optimistically wrt what the compiler would produce...)

So do you think vendors will write good code within the deadlines between now and... 2029? I wouldn't bet my state secrets on that...
btdmaster
·3 ay önce·discuss
> “Doesn’t the NSA lie to break our encryption?” No, the NSA has never intentionally jeopardized US national security with a non-NOBUS backdoor, and there is no way for ML-KEM and ML-DSA to hide a NOBUS backdoor.

The most concrete issue for me, as highlighted by djb, is that when the NSA insists against hybrids, vendors like telecommunications companies will handwrite poor implementations of ML-KEM to save memory/CPU time etc. for their constrained hardware that will have stacks of timing side channels for the NSA to break. Meanwhile X25519 has standard implementations that don't have such issues already deployed, which the NSA presumably cannot break (without spending $millions per key with a hypothetical quantum attack, a lot more expensive than side channels).
btdmaster
·3 ay önce·discuss
That's so cool.

This is interestingly very similar to domain fronting, except in this case the server doesn't need to work around it because it will still see the correct SNI.

Do DPI servers in your experience only check the first SNI packet for a given connection?
btdmaster
·5 ay önce·discuss
Very cool. The horsle demo made me think, how hard would it be to add a virtual memory address (or a non-8086 RAND instruction) that returns a random byte (that would allow it to pick a random value and get a standard wordle working in principle)

I see CSS random() is only supported by Safari, I wonder if there's some side channel that would work in Chrome specifically? (I guess timing the user input would work)
btdmaster
·5 ay önce·discuss
It emits a cmp/jmp still when arithmetic would be fine though which is the difference highlighted in the article and examples in this thread. It's nice that it simplifies down to assembly, but the assembly is somewhat questionable (especially that xor eax eax branch target on the other side).
btdmaster
·5 ay önce·discuss
I see yeah that makes sense. I wanted to highlight that "magic" will, on average, give the optimizer a harder time. Explicit offset loops like that are generally avoided in many C++ styles in favor of iterators.
btdmaster
·5 ay önce·discuss
In my experience C++ abstractions give the optimizer a harder job and thus it generates worse code. In this case, different code is emitted by clang if you write a C version[0] versus C++ original[1].

Usually abstraction like this means that the compiler has to emit generic code which is then harder to flow through constraints and emit the same final assembly since it's less similar to the "canonical" version of the code that wouldn't use a magic `==` (in this case) or std::vector methods or something else like that.

[0] https://godbolt.org/z/vso7xbh61

[1] https://godbolt.org/z/MjcEKd9Tr
btdmaster
·6 ay önce·discuss
I think you could argue there is already some effort to do type safety at the ISA register level, with e.g. shadow stack or control flow integrity. Isn't that very similar to this, except targeting program state rather than external memory?
btdmaster
·6 ay önce·discuss
Everything really is a file: if you do `cat /` you'll get back the internal representation of the directory entries in / (analogous to ls)

And they still had coredumps at the time if you press ctrl-\
btdmaster
·6 ay önce·discuss
You can also press `s` to save data from a pipe to a file rather than manually copy pasting.
btdmaster
·6 ay önce·discuss
Ah you can use https://github.com/NixOS/patchelf/pull/564

So you can do e.g. `patchelf --remove-needed-version libm.so.6 GLIBC_2.29 ./mybinary` instead of replacing glibc wholesale (step 2 and 3) and assuming all of used glibc by the executable is ABI compatible this will just work (it's worked for a small binary for me, YMMV).
btdmaster
·6 ay önce·discuss
Yes you can do this, thanks for mentioning I was interested and checked how you would go about it.

1. Delete the shared symbol versioning as per https://stackoverflow.com/a/73388939 (patchelf --clear-symbol-version exp mybinary)

2. Replace libc.so with a fake library that has the right version symbol with a version script e.g. version.map GLIBC_2.29 { global: *; };

With an empty fake_libc.c `gcc -shared -fPIC -Wl,--version-script=version.map,-soname,libc.so.6 -o libc.so.6 fake_libc.c`

3. Hope that you can still point the symbols back to the real libc (either by writing a giant pile of dlsym C code, or some other way, I'm unclear on this part)

Ideally glibc would stop checking the version if it's not actually marked as needed by any symbol, not sure why it doesn't (technically it's the same thing normally, so performance?).
btdmaster
·7 ay önce·discuss
> When you get into lower power, anything lower than Steam Deck, I think you’ll find that there’s an Arm chip that maybe is competitive with x86 offerings in that segment.

At which point does this pay off the emulation overhead? Fex has a lot of work to do to bridge two ISAs while going through the black box of compiler output of assembly, right?
btdmaster
·8 ay önce·discuss
See also "Parse, don't validate (2019)" [0]

[0] https://news.ycombinator.com/item?id=41031585
btdmaster
·10 ay önce·discuss
SEMamba is a speech enhancement model to denoise speech.

Demo: https://roychao19477.github.io/speech-enhancement-demo-2024/

Try it: https://huggingface.co/spaces/rc19477/Speech_Enhancement_Mam...
btdmaster
·3 yıl önce·discuss
It looks like they're getting users banned [0] for using alternative clients.

[0] https://github.com/tgalal/yowsup/issues?q=is%3Aissue+is%3Aop...
btdmaster
·4 yıl önce·discuss
You should not need to reverse engineer a piece of software for it to not spy on your network activity. Either way, it's not clear whether resolving cheatsite.com is that well-correlated with cheating. There's a reason why this is called Hacker News.