Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

Mira Yurizaki

Member
  • Content Count

    20,911
  • Joined

  • Last visited

Reputation Activity

  1. Agree
    Mira Yurizaki got a reaction from NerdyGlasses for a status update, https://www.technologyreview.com/s/615113/these-are-the-highest-resolution-photos-of-   
    https://www.technologyreview.com/s/615113/these-are-the-highest-resolution-photos-of-the-sun-ever-taken/
     
    The sun is a creepy looking place.
  2. Like
    Mira Yurizaki got a reaction from Cyberspirit for a status update, https://www.technologyreview.com/s/615113/these-are-the-highest-resolution-photos-of-   
    https://www.technologyreview.com/s/615113/these-are-the-highest-resolution-photos-of-the-sun-ever-taken/
     
    The sun is a creepy looking place.
  3. Informative
    Mira Yurizaki got a reaction from Cyberspirit for a status update, More random thoughts of the day! Well more like one. RDNA 2 GPU goodness Considering   
    More random thoughts of the day! Well more like one.
     
    RDNA 2 GPU goodness
    Considering Microsoft confirmed the Xbox Series X uses RDNA 2, and it's basically all but confirmed going to be in the PS5, and with both companies spouting out ray tracing capabilities, it looks like this year AMD will hop on that ray tracing bandwagon. And it looks like RDNA 2 will support other DirectX 12 features like Variable Rate Shading.
     
    So it looks like Navi was AMD's Maxwell 1. Hopefully this means games in the future will start taking advantage of these new features.
  4. Like
    Mira Yurizaki got a reaction from TopHatProductions115 for a status update, Random thoughts of the day (I wonder if I should make this into a blog series, but yo   
    Random thoughts of the day (I wonder if I should make this into a blog series, but you know, I keep doing that)
     
    On CacheOut
    At the surface it sounds scary: An exploit that can dump data anywhere in the processor even in so-called secure enclaves. But before people start panicking it's helpful to take a step back, breath, and take hopefully calm approach to looking at this.
     
    To me, security is ultimately about the following: risk management. I know that I cannot completely secure a system. I'm also human who's lazy and would do the minimum amount of work as possible. So security becomes the following:
    How valuable is the thing I'm trying to secure? How much of a problem is it if someone gains access to the thing I'm trying to secure? How often do I need the thing I'm trying to secure? Depending on how I answer it, I may be more relaxed or more strict with what I'm trying to secure. For example, throwaway online accounts aren't valuable, wouldn't be much of a problem if someone gained access to it, and frequency of use is sort of irrelevant. So I wouldn't implement something like 20 random character passwords and 2FA. But say an email account I use that's valuable, is a problem if someone gained access to it, but I use it often. I will use a hard password and 2FA, but I relax 2FA to be used only on the first login.
     
    In addition to those questions, the following information is also valuable in assessing risk:
    What I know ("Known knowns") What I don't know that I'm aware of ("Known unknowns") What I don't know that I'm not aware of ("Unknown unknowns") The goal is to obviously minimize #3 and #2. But even if I have a lot of knowns but few unknowns in general, that doesn't make something insecure by default. If anything, having more knowns means I can formulate mitigations and contingency plans should they be exploited. #2 is hard to form mitigations or contingency plans for and #3 is practically impossible.
     
    In any case, my take on CacheOut is this:
    For a home user, they're likely not going to be targeted as this attack is for focused pinpoint pieces of data. This is useful for someone who wants the keys to a data vault. According to commenters on Y Combinator, this is an exploit of the TSX system, which is off by default in most cases.
    I wouldn't call it a non-issue, but if this is the characteristic of the attack, it makes home users less of a target.
      Also keep in mind that just because an exploit can't happen on one system, doesn't mean it's not exploitable in another way. Often these exploits are focused and poke at something with the architecture implementation itself. So while the AMD crowd may be cheering on, I feel the potential for issues with AMD is just as large because of how few known knowns there are about Zen.

    Remember, even a few years ago we didn't know about speculative execution attacks.  
    On Sonos and the idea of "planned obsolescence"
    I sort of glazed over the specifics of what happened, but the idea of "planned obsolescence" was thrown around enough that I thought I'd throw in my own input.
     
    The first part is what even is "obsolescence." Is something obsolete the moment something better comes out? Then this raises question of if Core i5s are obsolete because Core i7s exist. Though people would go "no we mean when the next gen comes out." So if we add in the word "planned" meaning the company had a plan to do something, then wouldn't "planned obsolescence" apply to everything damn thing? Lots of companies are planning on making a new, better product, so by the letter of the phrase, everything has planned obsolescence.
     
    Okay, so obviously I'm gaming the argument here. But I'd argue that just because a company doesn't want to support a product anymore doesn't make it "planned obsolescence" as long as the product can still work as a stand alone product. I did read somewhere that supposedly if you put one of Sonos's unsupported speakers online, it'll "brick" the speaker, but that's reaaaaaallly silly. Any company that tries to pull that off will have a fast track ticket to a class action lawsuit (which won't help the consumers, but a major expense is a major expense) and/or a fine from the FTC.
     
    But if someone is butthurt that older products won't get new features... okay, well what do you want the company to do? You may as well complain that Microsoft isn't supporting Windows 10 on your 20 year old Pentium III machine. If they're taxing the microcontroller inside of the speaker to the limit, there's not much else you can do. I mean, you could swap out the board for another, but that's not something you should expect an end user to do. Plus it'll probably cost an arm and a leg anyway.
  5. Like
    Mira Yurizaki got a reaction from seee the state im in nooow for a status update, Random thoughts of the day (I wonder if I should make this into a blog series, but yo   
    Random thoughts of the day (I wonder if I should make this into a blog series, but you know, I keep doing that)
     
    On CacheOut
    At the surface it sounds scary: An exploit that can dump data anywhere in the processor even in so-called secure enclaves. But before people start panicking it's helpful to take a step back, breath, and take hopefully calm approach to looking at this.
     
    To me, security is ultimately about the following: risk management. I know that I cannot completely secure a system. I'm also human who's lazy and would do the minimum amount of work as possible. So security becomes the following:
    How valuable is the thing I'm trying to secure? How much of a problem is it if someone gains access to the thing I'm trying to secure? How often do I need the thing I'm trying to secure? Depending on how I answer it, I may be more relaxed or more strict with what I'm trying to secure. For example, throwaway online accounts aren't valuable, wouldn't be much of a problem if someone gained access to it, and frequency of use is sort of irrelevant. So I wouldn't implement something like 20 random character passwords and 2FA. But say an email account I use that's valuable, is a problem if someone gained access to it, but I use it often. I will use a hard password and 2FA, but I relax 2FA to be used only on the first login.
     
    In addition to those questions, the following information is also valuable in assessing risk:
    What I know ("Known knowns") What I don't know that I'm aware of ("Known unknowns") What I don't know that I'm not aware of ("Unknown unknowns") The goal is to obviously minimize #3 and #2. But even if I have a lot of knowns but few unknowns in general, that doesn't make something insecure by default. If anything, having more knowns means I can formulate mitigations and contingency plans should they be exploited. #2 is hard to form mitigations or contingency plans for and #3 is practically impossible.
     
    In any case, my take on CacheOut is this:
    For a home user, they're likely not going to be targeted as this attack is for focused pinpoint pieces of data. This is useful for someone who wants the keys to a data vault. According to commenters on Y Combinator, this is an exploit of the TSX system, which is off by default in most cases.
    I wouldn't call it a non-issue, but if this is the characteristic of the attack, it makes home users less of a target.
      Also keep in mind that just because an exploit can't happen on one system, doesn't mean it's not exploitable in another way. Often these exploits are focused and poke at something with the architecture implementation itself. So while the AMD crowd may be cheering on, I feel the potential for issues with AMD is just as large because of how few known knowns there are about Zen.

    Remember, even a few years ago we didn't know about speculative execution attacks.  
    On Sonos and the idea of "planned obsolescence"
    I sort of glazed over the specifics of what happened, but the idea of "planned obsolescence" was thrown around enough that I thought I'd throw in my own input.
     
    The first part is what even is "obsolescence." Is something obsolete the moment something better comes out? Then this raises question of if Core i5s are obsolete because Core i7s exist. Though people would go "no we mean when the next gen comes out." So if we add in the word "planned" meaning the company had a plan to do something, then wouldn't "planned obsolescence" apply to everything damn thing? Lots of companies are planning on making a new, better product, so by the letter of the phrase, everything has planned obsolescence.
     
    Okay, so obviously I'm gaming the argument here. But I'd argue that just because a company doesn't want to support a product anymore doesn't make it "planned obsolescence" as long as the product can still work as a stand alone product. I did read somewhere that supposedly if you put one of Sonos's unsupported speakers online, it'll "brick" the speaker, but that's reaaaaaallly silly. Any company that tries to pull that off will have a fast track ticket to a class action lawsuit (which won't help the consumers, but a major expense is a major expense) and/or a fine from the FTC.
     
    But if someone is butthurt that older products won't get new features... okay, well what do you want the company to do? You may as well complain that Microsoft isn't supporting Windows 10 on your 20 year old Pentium III machine. If they're taxing the microcontroller inside of the speaker to the limit, there's not much else you can do. I mean, you could swap out the board for another, but that's not something you should expect an end user to do. Plus it'll probably cost an arm and a leg anyway.
  6. Like
    Mira Yurizaki got a reaction from DriftMan for a status update, Random thoughts of the day (I wonder if I should make this into a blog series, but yo   
    Random thoughts of the day (I wonder if I should make this into a blog series, but you know, I keep doing that)
     
    On CacheOut
    At the surface it sounds scary: An exploit that can dump data anywhere in the processor even in so-called secure enclaves. But before people start panicking it's helpful to take a step back, breath, and take hopefully calm approach to looking at this.
     
    To me, security is ultimately about the following: risk management. I know that I cannot completely secure a system. I'm also human who's lazy and would do the minimum amount of work as possible. So security becomes the following:
    How valuable is the thing I'm trying to secure? How much of a problem is it if someone gains access to the thing I'm trying to secure? How often do I need the thing I'm trying to secure? Depending on how I answer it, I may be more relaxed or more strict with what I'm trying to secure. For example, throwaway online accounts aren't valuable, wouldn't be much of a problem if someone gained access to it, and frequency of use is sort of irrelevant. So I wouldn't implement something like 20 random character passwords and 2FA. But say an email account I use that's valuable, is a problem if someone gained access to it, but I use it often. I will use a hard password and 2FA, but I relax 2FA to be used only on the first login.
     
    In addition to those questions, the following information is also valuable in assessing risk:
    What I know ("Known knowns") What I don't know that I'm aware of ("Known unknowns") What I don't know that I'm not aware of ("Unknown unknowns") The goal is to obviously minimize #3 and #2. But even if I have a lot of knowns but few unknowns in general, that doesn't make something insecure by default. If anything, having more knowns means I can formulate mitigations and contingency plans should they be exploited. #2 is hard to form mitigations or contingency plans for and #3 is practically impossible.
     
    In any case, my take on CacheOut is this:
    For a home user, they're likely not going to be targeted as this attack is for focused pinpoint pieces of data. This is useful for someone who wants the keys to a data vault. According to commenters on Y Combinator, this is an exploit of the TSX system, which is off by default in most cases.
    I wouldn't call it a non-issue, but if this is the characteristic of the attack, it makes home users less of a target.
      Also keep in mind that just because an exploit can't happen on one system, doesn't mean it's not exploitable in another way. Often these exploits are focused and poke at something with the architecture implementation itself. So while the AMD crowd may be cheering on, I feel the potential for issues with AMD is just as large because of how few known knowns there are about Zen.

    Remember, even a few years ago we didn't know about speculative execution attacks.  
    On Sonos and the idea of "planned obsolescence"
    I sort of glazed over the specifics of what happened, but the idea of "planned obsolescence" was thrown around enough that I thought I'd throw in my own input.
     
    The first part is what even is "obsolescence." Is something obsolete the moment something better comes out? Then this raises question of if Core i5s are obsolete because Core i7s exist. Though people would go "no we mean when the next gen comes out." So if we add in the word "planned" meaning the company had a plan to do something, then wouldn't "planned obsolescence" apply to everything damn thing? Lots of companies are planning on making a new, better product, so by the letter of the phrase, everything has planned obsolescence.
     
    Okay, so obviously I'm gaming the argument here. But I'd argue that just because a company doesn't want to support a product anymore doesn't make it "planned obsolescence" as long as the product can still work as a stand alone product. I did read somewhere that supposedly if you put one of Sonos's unsupported speakers online, it'll "brick" the speaker, but that's reaaaaaallly silly. Any company that tries to pull that off will have a fast track ticket to a class action lawsuit (which won't help the consumers, but a major expense is a major expense) and/or a fine from the FTC.
     
    But if someone is butthurt that older products won't get new features... okay, well what do you want the company to do? You may as well complain that Microsoft isn't supporting Windows 10 on your 20 year old Pentium III machine. If they're taxing the microcontroller inside of the speaker to the limit, there's not much else you can do. I mean, you could swap out the board for another, but that's not something you should expect an end user to do. Plus it'll probably cost an arm and a leg anyway.
  7. Like
    Mira Yurizaki got a reaction from TopHatProductions115 for a status update, I found out I have a pocket watch in my possession that's give or take 97 years old.   
    I found out I have a pocket watch in my possession that's give or take 97 years old.
     
    ( It's also not really worth anything :B )
  8. Like
    Mira Yurizaki got a reaction from NerdyGlasses for a status update, I found out I have a pocket watch in my possession that's give or take 97 years old.   
    I found out I have a pocket watch in my possession that's give or take 97 years old.
     
    ( It's also not really worth anything :B )
  9. Like
    Mira Yurizaki got a reaction from Gegger for a status update, I found out I have a pocket watch in my possession that's give or take 97 years old.   
    I found out I have a pocket watch in my possession that's give or take 97 years old.
     
    ( It's also not really worth anything :B )
  10. Like
    Mira Yurizaki got a reaction from TVwazhere for a status update, I found out I have a pocket watch in my possession that's give or take 97 years old.   
    I found out I have a pocket watch in my possession that's give or take 97 years old.
     
    ( It's also not really worth anything :B )
  11. Like
    Mira Yurizaki got a reaction from lewdicrous for a status update, I found out I have a pocket watch in my possession that's give or take 97 years old.   
    I found out I have a pocket watch in my possession that's give or take 97 years old.
     
    ( It's also not really worth anything :B )
  12. Like
    Mira Yurizaki got a reaction from ARikozuM for a status update, I found out I have a pocket watch in my possession that's give or take 97 years old.   
    I found out I have a pocket watch in my possession that's give or take 97 years old.
     
    ( It's also not really worth anything :B )
  13. Like
    Mira Yurizaki got a reaction from tophercrunch for a status update, If you're using a GeForce card and don't want to deal with DCH drivers, which require   
    If you're using a GeForce card and don't want to deal with DCH drivers, which require the Control Panel to be installed from the Microsoft Store, NVIDIA still provides so-called Standard Drivers at https://www.nvidia.com/Download/Find.aspx?lang=en-us
     
    If you installed a DCH driver, you will need to uninstall it first. You may need to run DDU as well to ensure Windows doesn't try re-install the DCH driver.
  14. Like
    Mira Yurizaki got a reaction from TopHatProductions115 for a status update, If you're using a GeForce card and don't want to deal with DCH drivers, which require   
    If you're using a GeForce card and don't want to deal with DCH drivers, which require the Control Panel to be installed from the Microsoft Store, NVIDIA still provides so-called Standard Drivers at https://www.nvidia.com/Download/Find.aspx?lang=en-us
     
    If you installed a DCH driver, you will need to uninstall it first. You may need to run DDU as well to ensure Windows doesn't try re-install the DCH driver.
  15. Like
    Mira Yurizaki reacted to wkdpaul for a status update, Wait, the 2060 KO is a failed 2080 ?!??!   
    Wait, the 2060 KO is a failed 2080 ?!??!
     
     
  16. Funny
    Mira Yurizaki got a reaction from fpo for a status update, Cyberpunk 2077 is delayed because "console limitations" https://comicbook.com/gaming/   
    Cyberpunk 2077 is delayed because "console limitations" https://comicbook.com/gaming/2020/01/23/cyberpunk-2077-ps4-xbox-one-release-date-delay/
     
    I mean, if you were planning on releasing to the PS4/XB1, you should've known what you were signing up for. Especially since The Witcher 3 is on them.
  17. Informative
    Mira Yurizaki got a reaction from TopHatProductions115 for a status update, Cyberpunk 2077 is delayed because "console limitations" https://comicbook.com/gaming/   
    Cyberpunk 2077 is delayed because "console limitations" https://comicbook.com/gaming/2020/01/23/cyberpunk-2077-ps4-xbox-one-release-date-delay/
     
    I mean, if you were planning on releasing to the PS4/XB1, you should've known what you were signing up for. Especially since The Witcher 3 is on them.
  18. Funny
    Mira Yurizaki got a reaction from fpo for a status update, Running an NES on nothing but AA alkalines be like ?   
    Running an NES on nothing but AA alkalines be like ?
     
  19. Funny
    Mira Yurizaki got a reaction from Cyberspirit for a status update, Running an NES on nothing but AA alkalines be like ?   
    Running an NES on nothing but AA alkalines be like ?
     
  20. Like
    Mira Yurizaki got a reaction from TopHatProductions115 for a status update, Running an NES on nothing but AA alkalines be like ?   
    Running an NES on nothing but AA alkalines be like ?
     
  21. Like
    Mira Yurizaki got a reaction from TopHatProductions115 for a status update, What if working on the PlayStation 4 and Xbox One inspired AMD to create the socket A   
    What if working on the PlayStation 4 and Xbox One inspired AMD to create the socket AM4 platform?
  22. Agree
    Mira Yurizaki got a reaction from ARikozuM for a status update, "AMD jebaited itself" I mean, they should've seen that play coming a mile away consid   
    "AMD jebaited itself"
     
    I mean, they should've seen that play coming a mile away considering what they did.
  23. Like
    Mira Yurizaki reacted to handymanshandle for a status update, Not gonna lie, it’s really refreshing to only have two storage drives in my desktop:   
    Not gonna lie, it’s really refreshing to only have two storage drives in my desktop: my boot drive and my “random shit” drive.
  24. Informative
    Mira Yurizaki got a reaction from TopHatProductions115 for a status update, "AMD jebaited itself" I mean, they should've seen that play coming a mile away consid   
    "AMD jebaited itself"
     
    I mean, they should've seen that play coming a mile away considering what they did.
  25. Informative
    Mira Yurizaki got a reaction from TopHatProductions115 for a status update, I like how statistical outliers are treated as the norm.   
    I like how statistical outliers are treated as the norm.
×