Hacker Newsnew | past | comments | ask | show | jobs | submit | drvdevd's commentslogin

If you find macro shots of their faces too they kinda look like dogs with a few extra eyes


> Whether February 22, 2024 comes in like a lion or a lamb, that day will always be September 11131, 1993.

> And one thing is sure: If September is eternal, then Usenet is eternal, too.

Amazing. Love this.


I haven’t done any objective tests but I frequently run Windows 11 on ARM via Parallels on macOS and - it’s kinda insane (subjectively) how fast it is. Emulated x86 code is pretty fast there as well - I can easily get a solid 60 FPS on some x86 steam games as well.


60 FPS for some steam games, very nice. Now lets see how fast an x86 electron app runs.


I used Discord in Rosetta 2 for a while before there was a proper aarch64 build, it was fine.


Isn't the point of electron to be cross platform? (I get a company may have not released an ARM build or wherever, but seems an odd choice for emulated performance comparison)


Yes, the idea is that it runs equally slow with massive RAM useage independent of platform.


It works surprisingly well for x86 electron apps. It's kind of amazing how fast and bug free it is, in general.


Some steam games? What steam games? Cyberpunk 2077? Starfield?


GTA V (admittedly not a very modern title anymore) is very playable on Apple Silicon systems, you can find plenty of demo footage on youtube.


I don’t have a good list of which games I validated in parallels and which I didn’t (since I’ve stopped gaming for the last 6 months or so).

And I do heavily play boomer shooters so it’s likely I was impressed by performance of less demanding games.

Doom Eternal is one AAA game I definitely would want to play in Parallels but can’t because the Vulkan version is not new enough. I’m confident though that Microsoft could bring these APIs up-to-date on an “ARM PC” though, if it has capable 3D hardware.


This appears to be an architectural vulnerability where a speculative execution side channel similar to Spectre can be utilized within Safari or any other browser. The specifics of which environment is exploitable comes down to the specifics of the JavaScript-based gadget they use to trigger/measure this side channel. It may be in the linked paper which I haven’t read yet.


From a cursory review of the FAQs on the page it appears one mitigation might be to only keep one browser tab open at a time? They appear to be using timers and a cache eviction gadget to infer the state of other browser tabs/processes so it’s unclear what they can recover if you are not concurrently having a session to a particular site outside the gadget execution context. ???


They use window.open on a mouseover event listener to open another page. Even if you close it, they still are able to read from it as that memory isn't immediately zeroed or returned to the OS.


Besides windows.open I'd wonder if iframes could also be vulnerable if they launch in the same process.

Chrome and Firefox both support Out-Of-Process Iframes as part of their security setup; though I'm not sure if Firefox has it enabled by default yet. Firefox even drew some lovely pictures about it here: https://hacks.mozilla.org/2021/05/introducing-firefox-new-si...


Don’t forget these systems are trained or aligned to respond to common niceties because they are meant for public consumption.


I need a self driving Segway, yesterday.


Should be able to avoid cliffs without a radar. You can always add it back later anyway.


The song is Fu Man Chu, by Desmond Dekker and the ACES.


So from an attackers perspective nowadays it sounds like focusing on encryption weaknesses and/or hardware issues (e.g. glitching) or firmware vulnerabilities is the right place to look?


I don't know much about Apple's hardware but at least consoles are secured against both those things. They have anti-glitch circuitry. The boot ROM doesn't even do comparisons against computed hashes, it just extends PCRs with them so it's glitch-proof by design even if the core stability monitoring fails. The Xbox One doesn't even expose most of the keys to software at any point. The keys flow from the hardware parts of the security complex to the RAM decryption/hashing engine via dedicated wires on the SoC.

Also, the entire stack is renewable. Unless you find a bug in the boot ROM they will just patch it and months of work will be toast within days. The boot ROMs are (a) encrypted and (b) very heavily reviewed and pen tested. Again, don't know about Apple but all these modern security architectures are more or less the same. The underlying theory is universal and sound, it just boils down to varying levels of cost / effort / backwards compatibility / generality.

So I'd say there are no right places to look anymore. There's always the potential for bugs in the tiny parts of the systems that act as the roots of trust, but these are small pieces of code and it's possible with enough break/fix cycles and review to make them perfect.

All the above rests on a few assumptions:

• Attackers of limited motivation. Xbox guys set a budget of $600 for hacking a specific console. If you're willing to spend more than that on a physical attack then they accept defeat (i.e. FIB workstations are out of scope).

• Platform vendors with tight control over hardware. PCs are insecure against physical attacks by design due to general disagreement and lack of consensus over whether it really matters / what the threat model is. So there are RA schemes but they're hardly used and mostly sold to enterprises wanting to defend against malware.

• Goal is to defend the whole stack. PC platforms can do RA of isolated worlds, this is how SGX works, and it's in theory secure against physical attack (encrypted memory) but SGX enclaves are very limited in what they can do. In theory you could build a secure path to the GPU, but in practice to do that requires a billion NDAs and only works with some GPUs etc and there's no encrypted path for input devices. On iDevices, consoles and other places with vertical integration that's solvable.


God, all this sounds like a nightmare. I can't wait for laws that prohibit platforms/software from refusing service/content to users on the basis of the level of control they have over devices used to interact with it.

Dark times.


Users love this stuff. It lets them buy cheap consoles that are sold below cost and subsidised by game royalties. Heavy gamers subsidise light gamers, and both can effectively "pay off" the true cost of the hardware over time as they buy titles. So it's a bit like zero-interest credit.

Also it eliminates cheating in multiplayer games, and users love that too.

And finally it stops gamers who play by the rules and buy games from feeling like mugs when their mates are playing for free, because there's no piracy.

You think users are going to vote to end all that? They already voted with their feet and embraced consoles on a massive scale. Both console and mobile gaming dwarfs PC gaming.


Consider privacy. One might say "Users love this stuff. They get complex and effective services for free, all in exchange for contributing their data towards ads. Purchasers and advertisers subsidize light users who just consume the content."

And yet, we got laws like GDPR on the ideological basis that personal data is above the concept of "market" and about the individual, period. Your business model be damned.

The same thing should happen here. Both the complete control over all parts/SoCs of a device, and the right to the lack of negative consequences for choosing to exercise that control (such as being second-class citizens on the platform that runs on that device in terms of content/service availability) are paramount to a digital free society, and should be regulated as such, putting them above the concept of "market", just as privacy was.


These same platform controls allow Apple to restrict user data collection from apps. Meanwhile: the notion of a "digital free society" isn't a thing.


I'd much prefer governments use their force of law to make those tracking practices impossible (for anything that isn't an outright criminal enterprise) than a private entity making them technically difficult.


I was wondering what the newly exposed vector of exploitation was here and I think you nailed it.


Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: