I wonder if it would be possible to integrate this into existing online banking. Being able to use this through an existing bank account could be a good selling point to privacy-aware customers, at least in Germany.
Very interesting. I'm now wondering if Travis CI is collecting any code usage statistics? I'd imagine that they would have a more application-centric view on the rubygems ecosystem. Also, since they are actually executing code, they could potentially collect data on constants and method calls, I believe.
This looks rather clueless, I think. As others have mentioned, the problem isn't so much in the interconnects, but more with the services being used. But there isn't going to come a new Facebook or Google out of Berlin - or anywhere else for that matter.
What would be helpful would be decentralized services that match the user experience of the existing ones. But that kind of innovation isn't what's going to be discussed here, I'm afraid. On the contrary, such eavesdropping-safe technology would be viewed very conspicuously by the non-tech savy politicians in Europe and other places.
But there isn't going to come a new Facebook or Google out of Berlin
That is, in part, because the kinds of privacy invasion those two organisations routinely conduct would probably have been challenged earlier and more aggressively if they had been within European jurisdiction, and particularly within Germany.
I was shocked by the rails results, and the massive number of errors, so I looked into it a little.
The setup they're using is an nginx serving 8 unicorn workers with a backlog of 256. They then throw requests at that with a concurrency of 20. DB pool is 256 too. It seems to me quite likely that the unicorn queue fills up very quickly and it starts rejecting requests, which could be an error. It's hard to see how a maximum of 8 workers would ever get close to the 256 available DB connections.
At first glance the unicorn setup is totally inadequate for the amount of traffic being thrown at it. The first thing to do would be massively increase both the number of workers and the backlog, otherwise this almost instantly turns into an overflowing request queue and literally millions of errors.
There's no denying, though, that this kind of request flood is not exactly rails' strong point and if you're expecting massive numbers of fairly simple requests you're probably better off with something else.
In contrast to Bootstrap and many other CSS frameworks we tested, Susy really enables you to write semantic, non-bloated HTML which can be strictly independent of the CSS you throw at it.
THIS. I think Bootstrap is great for prototyping & back-end admin UIs that a developer might slap together without a designer, but the sheer number of sites that take user-facing sites to production w/ Bootstrap is disconcerting.
Yes, it's more complicated than just SSH'ing into the server.
But on a compromised machine you can't trust anybody, not even the kernel. Assuming the worst, the attacker could have gained root privileges and modified the kernel or the base tools like ls and grep. You also can't trust the log files if they're not stored off-site. The modified kernel or ls could hide the attacker's traces from you.
Thus, the only possibility to really make sure nothing is hidden from you is to (power off the machine and) attach its hard disks to a trusted computer where they're mounted and investigated.
Could you please elaborate on that? How do you do "trusted" live forensics on systems with possibly infected kernels and stuff? Assuming these servers were normal COTS and nothing fancy (thinking of CPU-bypassing memory access...)
Firewire is awesome for the attacker, unfortunately few servers have it, especially not externally exposed ports. Also, smart OSes use some of the newer Intel features (VT-d) to lock down DMA while the OS is running, which usually protects from rogue firewire, and can theoretically help against rogue PCIe, although usually badly implemented in chipset and OS.
Another option is a reboot onto a custom OS which is designed specifically to preserve memory (you get a safe few seconds of holdover). LiveKd is pretty cool (sysinternals)
There are PCIe cards which do processor/network and let you explore main memory -- WindowsSCOPE CaptureGUARD for PCIe or ExpressCard. Probably enough time to pop the case open and throw one in before memory degrades.
Countermeasures are numerous -- everything from doing memory encryption inside the CPU die (putting code in the cache, like TRESOR) and doing hypervisor tricks ("TresorVisor") (http://www1.informatik.uni-erlangen.de/tresor) to using Hardware Security Modules (like the SafeNet or Thales nCipher) to just keeping your servers physically secured from intruders who might memory-analyze them (although a software bootloader and remote-reboot could still be applied).
Forensics as a field seems to be a lot more interested in attacking mobile phones (which is one of the things I'm talking about at RSA 2013), but desktops and servers are still interesting targets.
On the contrary -- you have to at least admit that if you disconnect a compromised machine, the attacker could have installed a script that detects that the machine is disconnected and erases evidence.
If you power off, you can always mount the hard drive read-only and do a forensic analysis.
On the contrary - you have to at least admit that if you power off a compromised machine, the attacker could have installed all his code in RAM only so that powering off erases evidence.
If you disconnect, you can still try to examine the current memory content and do a forensic analysis.
Of course what you really want is a memory dump via a trusted channel while the CPU is halted (hardware hypervisor or something like that) and then immediately power down. This is usually not supported on COTS hardware, so you have to choose the strategy that will erase the least evidence (power off, disconnect, suspend to disk, VM snapshot, whatever) depending on what you suspect the attack to be.
If you don't have the resources to take a snapshot of memory without disturbing the operation, then power off is the right thing to do.
For all you know, the trojan might uninstall itself or otherwise delete all evidence after a short while without network connectivity to a control center ("a dead man's switch").
Or, it patches the kernel so that it is "invisible" from the inside.
What you want to do is take a snapshot of the memory (from outside the kernel, if you can) and then power down.
"In addition to supporting portable, consumer, industrial, communications and medical applications with commercial and industrial temperature devices, Actel also offers ProASIC3 FPGAs with specialized screening for automotive and military systems."
"Specialized screening for automotive and military systems" means that they have done more extensive tests on otherwise identical chips.
As an example: for military chips they will certainly do every (non-destructive) test they know on every single device, say at elevated temperature with a little less than the minimum specified operating voltage... The test-devices themselves might cost $1M and be occuplied for oen hour per chip, hence they will charge you more for the final chip.
