Hacker News: achamayou

New comment by achamayou in "More patents disclosing a Sony medium format camera with curved sensor"

achamayou — Mon, 16 Nov 2020 20:16:03 +0000

A GS645w isn’t much larger than a modern 35mm digital, and is certainly lighter.

New comment by achamayou in "Pytest-austin: performance regression testing with no instrumentation"

achamayou — Thu, 22 Oct 2020 20:51:35 +0000

New comment by achamayou in "Nine in ten adults think buying latest smartphone is waste of money"

achamayou — Sat, 10 Oct 2020 12:32:09 +0000

More like 45k now (assuming you mean post tax, pre-tax is even higher of course): https://www.gov.uk/government/statistics/percentile-points-f...

New comment by achamayou in "Hermann Hauser: ‘It’s in Nvidia’s Interests to Destroy Arm’"

achamayou — Thu, 03 Sep 2020 11:55:30 +0000

He did: https://www.bbc.co.uk/news/business-36827769

New comment by achamayou in "Python Generated Sequence Diagrams"

achamayou — Sat, 23 May 2020 10:04:25 +0000

Mermaid (https://mermaid-js.github.io/) is excellent, easy to embed inline in Markdown or reStructuredText and to version with the rest of the documentation.

New comment by achamayou in "V0LTpwn: Attacking x86 Processor Integrity from Software"

achamayou — Sun, 12 Apr 2020 15:53:28 +0000

No, the user is still in control of what they execute on the machine, whether it is run in enclave or not. If anything, because it is deliberately unable to patch itself, software running in an enclave gives more control and auditability to a user who can know exactly what code they are running.

Importantly, a user who does not fully trust the machine administrator can still maintain integrity and confidentiality over their computation.

SGX memory encryption keys are ephemeral, they are generated at boot, and they do not need to be owned by anyone to be useful, on the contrary!

New comment by achamayou in "V0LTpwn: Attacking x86 Processor Integrity from Software"

achamayou — Sun, 12 Apr 2020 15:33:15 +0000

I don’t think it’s helpful to confuse side-channel or micro-architectural attacks with attacks on SGX itself. Stating that hardware enclaves don’t work and do not ship is absurd, they are present in virtually every modern phone for one thing.

Code running in an SGX enclave is measured and absolutely known at enclave launch. The fact that enclave memory is encrypted for confidentiality is unrelated.

I don’t understand why you think trusting the hyper visor is helping anything. You are still open to this attack, and to all side channel attacks as soon as you run any untrusted code.

New comment by achamayou in "Deprecating password authentication in GitHub API"

achamayou — Sun, 12 Apr 2020 15:22:44 +0000

The same person creating separate accounts for automation is explicitly permitted however: https://help.github.com/en/github/getting-started-with-githu...

New comment by achamayou in "V0LTpwn: Attacking x86 Processor Integrity from Software"

achamayou — Sun, 12 Apr 2020 11:42:21 +0000

I’m not sure why you think that SGX shows hardware enclaves “don’t work”. I also don’t see why you think enclaves “protect the malware from you”. Enclaves are created and started from host code, which can interrupt or terminate them at any time.

The scheme you suggest, which isn’t typically how TrustZone is used, gives zero integrity and confidentiality guarantees for applications. I don’t know if it’s “the right way” for some threat model, but for the most typical TEE use cases which are trying to establish strong integrity and confidentiality guarantees in the presence of an untrusted host, it’s absolutely not right nor useful.

New comment by achamayou in "V0LTpwn: Attacking x86 Processor Integrity from Software"

achamayou — Sun, 12 Apr 2020 10:35:14 +0000

Why not? An OS is a large beast, it’s a massive TCB. Much easier to audit a small amount of code running in an enclave with few dependencies.

New comment by achamayou in "V0LTpwn: Attacking x86 Processor Integrity from Software"

achamayou — Sun, 12 Apr 2020 09:41:28 +0000

Not that I know, I suspect a limiting factor is that there aren’t many cloud providers with good support for SGX at the moment.

New comment by achamayou in "V0LTpwn: Attacking x86 Processor Integrity from Software"

achamayou — Sun, 12 Apr 2020 07:35:31 +0000

There are many interesting uses for enclaves, most of which have nothing to do with DRM. A good example is Signal’s secure value recovery mechanism: https://signal.org/blog/secure-value-recovery/

New comment by achamayou in "Too Much Food in the Wrong Places"

achamayou — Sat, 04 Apr 2020 18:32:36 +0000

How do you distribute it out freely without affecting the market price? If packaging and transport are a substantial part of the cost, which they are for milk, who’s going to pay that cost?

New comment by achamayou in "Tired Mountain Syndrome"

achamayou — Fri, 03 Apr 2020 19:26:37 +0000

Which is French for tired.

New comment by achamayou in "EU Commission to staff: Switch to Signal messaging app"

achamayou — Mon, 24 Feb 2020 20:18:01 +0000

Mistakes were made along the way: https://medium.com/@fs0c131y/tchap-the-super-not-secure-app-...

New comment by achamayou in "Past Time to Tell the Public:It Will Probably Go Pandemic, We Should Prepare Now"

achamayou — Sun, 23 Feb 2020 15:48:39 +0000

I suspect cases are even worse. Screens are at least smooth and easy to clean.

New comment by achamayou in "France fines Apple €25M for iOS software that slowed down older iPhones"

achamayou — Fri, 07 Feb 2020 18:35:06 +0000

A substantial difference as others pointed out is that Apple did this quietly, whereas limp mode is typically notified to the driver about loudly as anything can be.

New comment by achamayou in "Cryptic Rumblings Ahead of First 2020 Patch Tuesday"

achamayou — Tue, 14 Jan 2020 13:14:49 +0000

https://project-everest.github.io/

New comment by achamayou in "Open letter concerning Facebook's proposals to apply end-to-end encryption"

achamayou — Mon, 23 Dec 2019 13:11:31 +0000

Not the government, who was never using WhatsApp, the Tory Party.

New comment by achamayou in "“Rule the Waves”: a game of naval strategy (2016)"

achamayou — Mon, 28 Oct 2019 14:37:00 +0000

A Type 45 destroyer is almost 10000 tons though, a WWII destroyer would have been 2 to 3000. It’s probably difficult to come up with an accurate cost comparison, but I suspect the difference is even greater than for tonnage.