laarctags | new | comments | ask | show | place | submit | nickpsecurity's threadslogin

The tool is here:

https://github.com/SoftSec-KAIST/Eclipser

Trail of Bits uses this tool. They have a write-up on using it with their DeepState:

https://blog.trailofbits.com/2019/05/31/fuzzing-unit-tests-with-deepstate-and-eclipser/

reply


I thought this was interesting just because of how pervasive the author claims it is over there with deep effects on the participants. I've known a few people that didn't seem rich because they just dress normal. They knew who they were, though, far as I could tell.

reply


The neat part is that we might be able to quickly filter most of the bullshit studies immediately by just searching for statistical significance. :)

reply


Someone recently reminded me of this essay I did. I kept seeing articles on Schneier's blog and other places talking like conspiracy was a made up concept that required nutballs to believe. Yet, there are provably conspiracies everywhere. By the numbers, conspiring against each other is one of the most common and pervasive things people do. Being that pervasive, it should be a default possibility to investigate as a cause of anything.

The problem kicks in when people aren't checking sources, aren't looking for counterpoints, being selective about presentation, and so on. More a mis- and dis-information problem than conspiracy theory itself being bullshit.

reply


Then, the Bitcoin supports make a counter-argument like this:

https://twitter.com/search?q=from%3Ataoeffect%20bitcoin%20energy&src=typd

After reading it a while, I noticed that Bitcoin and the current financial systems can't be treated as competing in isolation. Bitcoin uses the current financial systems. So, Bitcoin's energy profile is its energy/resource use plus the financial system's. I argued that on Lobsters with Greg Slepak and David Gerard. I also described specifically what would be necessary for Bitcoin to be an isolated system:

https://lobste.rs/s/qt9sns/ethereum_casper_proof_stake_only_has_work#c_q1nsqj

David later wrote an article on it, although cited other sources. Least he's getting the info out there. His has tons of extra details about the energy usage along with examples of misleading claims cryptocurrency advocates are using to make excuses for the drawbacks of their protocols:

https://davidgerard.co.uk/blockchain/2018/05/22/bitcoins-stupendous-power-waste-is-green-apparently-...

My scheme was to simply fix the problems in existing systems with proven methods. Change incentives via public-benefit corps and non-profits with charters requiring common good things, banning common bad things, and penalties decided by 3rd-party non-profit with good record. The decentralization benefits can be achieved, a la SWIFT, with centralized operations that interact over standardized protocols. They can both run and check logs using the fastest, cheapest tech available for centralized operations. I gave simple example here:

https://lobste.rs/s/wxqkyj/bitcoin_s_stupendous_power_waste_is_green#c_bltibw

reply


I don't watch the show. I did find the business analysis interesting. There's obviously some big gaps in what they're saying. The model goes pretty far for a lot of medium to large businesses, though. Even some small ones if you look at owner -> manager -> supervisor(s) -> worker(s). Still a buffer in the middle to exercise control on or blame shift to.

reply


Here was their justification:

https://flow9.org/2019/04/26/why.html

Historically, in case yall are interested, Curl was the first attempt I saw at one language to unite various aspects of web development targeted toward front end people:

https://en.wikipedia.org/wiki/Curl_(programming_language)

reply


By author of LOCKSS whose been doing this long time:

https://www.eecs.harvard.edu/~mema/courses/cs264/papers/lockss-SOSP-2003.pdf

That one also addressed endpoint security a bit by using OpenBSD.

reply


I'll just toss a related submission that shows all the ways hardware fails slowly:

https://ucare.cs.uchicago.edu/pdf/fast18-failSlowHw.pdf

reply


Abstract: "We present TaxDC, the largest and most comprehensive taxonomy of non-deterministic concurrency bugs in distributed systems. We study 104 distributed concurrency (DC) bugs from four widely-deployed cloud-scale datacenter distributed systems, Cassandra, Hadoop MapReduce, HBase and ZooKeeper. We study DC-bug characteristics along sev- eral axes of analysis such as the triggering timing condition and input preconditions, error and failure symptoms, and fix strategies, collectively stored as 2,083 classification labels in TaxDC database. We discuss how our study can open up many new research directions in combating DC bugs."

reply

120 more...

Welcome | Guidelines | Bookmarklet | Feature Requests | Source | API | Contact | Twitter | Lists

RSS (stories) | RSS (comments)

Search: