Yep. This is why the estimates of compute needed for AI (if it turns out to be useful) are many orders of magnitude too low — the technology isn’t mature until it actually succeeds at tasks, with fully homomorphic encryption from my prompt through the response.
They do if they’re in the specs. See near-universal use of lockstep processors, ECC etc in safety-critical and high radiation cases, which comes from the two requirements that “a single bit flip from a cosmic ray shall be detectable” and “multiple simultaneous hit flips from cosmic rays shall be shown to be sufficiently rare in the operating environment.”
The Lockheed D-21 drone. Supersonic ramjet without the complexity of scramjet or the cost of turbojet, hamstrung by the need for a manned launch platform (making operations safety-critical… with predictable results) and recovery to get data off it. Twenty or forty years later it would have been paired by a small number of high-cost launcher UAVs and had its cost driven down to disposable, with data recovery over radio comms… but twenty to forty years later there’s nothing like it, and the maturation of satellites means there almost certainly never will be.
“Half life tracking” isn’t really a thing — decay is a memory-less process (by definition), so there’s no distinction in decay rate between a lot of old Cesium 137, and a bit of young Cesium 137. The way to put an age on the contamination is by looking at the ratio of Cesium 137 and Barium 137, which presumedly someone has done…
> I wonder how many years need to pass after a company removes a user-hostile pattern before it should stop being lambasted for it.
Why would there be a statute of limitations on this. A company doesn’t have an inherent right to customers. A lot of us gave up on Windows with XP (a second strike, after ME). Maybe it’s better now, maybe not, but why would I be motivated to give a company who screwed up already (due to making choices I hate, not just incompetence) another chance? NYT absolutely permanently lost customers by placing revenue above civility; which of us benefits from hoping people forget that?
> and seemingly was blue-shifted by an amount that could make sense from an approaching craft
What do you think the natural spectrum of the Wow signal was, for determining amount of blue shift? What resolution of spectral data do you think we have on it?
This seems pretty trivial to fix (or at least work around) by adding an enclave generation number to the key initialization inputs. (They mention that the key is only based on the physical address, but surely it has to include CPUID or something similar as well?) Understood that this is likely hardware key generation so won’t be fixed without a change, and that persistent generation counters are a bit of a pain… but what else am I missing?
Need to go Apple style where the AES engine is on die. Only the AES engine and the Secure Enclave know the decryption keys. The CPU doesn't know the decryption key. Nothing is sent in clear text over the bus.
That's how it works already. The memory is encrypted. However, the SGX/SEV model is a very powerful and flexible one - different entities who don't trust one another can share the same hardware simultaneously. If you encrypt all of RAM under a single key, then you can start up a malicious enclave, do some writes - which the CPU will encrypt - capture those writes and redirect them to the memory of a different enclave, and now you can overwrite the memory of that other enclave with your own cleartext.
That such attacks are possible was known from the start. What they're doing here is exploiting the fact that Intel (knowingly!) enabled some hardware attacks on SGX in order to allow enclaves to scale up to much larger amounts of RAM consumed.
reply