Tag Archives: zero

Apple 打算把 iCloud 加密用的 Key 放到用戶端

Posted on March 19, 2016 by Gea-Suan Lin

在經過最近 FBI 與 Apple 的戰鬥中 (FBI–Apple encryption dispute),Apple 正規劃把 iCloud 加密所使用的 key 放到用戶端裝置上,而非放在伺服器端:「Apple to Hand iCloud Encryption Key Management to Account Holders」: In effect, Apple is following the lead of secure cloud services such as SpiderOak which has been offering … Continue reading

Posted in Cloud, Computer, Murmuring, Network, Political, Security, Software | Tagged , , , , , , , , , , , , , , , | Leave a comment

Raspberry Pi Zero

Posted on November 29, 2015 by Gea-Suan Lin

Raspberry Pi 出了新的系列,只要 USD$5 的 Raspberry Pi Zero:「Raspberry Pi Zero: the $5 computer - Raspberry Pi」。 機器更小了,不過要注意的是沒有網路介面。看起來比較像是接機器人之類的?先用 USB 裝一裝,裝好後就都不需要了... A Broadcom BCM2835 application processor 1GHz ARM11 core (40% faster than Raspberry Pi 1) 512MB of LPDDR2 SDRAM A micro-SD card … Continue reading

Posted in Computer, Hardware, Murmuring | Tagged , , , | 1 Comment

Rowhammer Bug:攻擊記憶體的值...

Posted on March 15, 2015 by Gea-Suan Lin

Google 的 Project Zero 實做 Rowhammer Bug:「Exploiting the DRAM rowhammer bug to gain kernel privileges」。 開頭就很科幻: “Rowhammer” is a problem with some recent DRAM devices in which repeatedly accessing a row of memory can cause bit flips in adjacent rows. … Continue reading

Posted in Computer, Hardware, Murmuring, Security, Software | Tagged , , , , , , , , , , , , | Leave a comment

Google 的 Project Zero 修正 Policy

Posted on February 14, 2015 by Gea-Suan Lin

在之前受到批評後,Google 的 Project Zero 修正了對應的 Policy:「Feedback and data-driven updates to Google’s disclosure policy」。 原先的 Policy 是 90 天強制公開,修正的 Policy 有幾個改善: 如果揭露日是週末或是美國的假日,會順延到下一個工作日。 如果原廠有告知需要更多時間修復,Project Zero 會延長 14 天的寬限期。 在公開前會申請對應的 CVE 號碼。

Posted in Computer, Murmuring, Security | Tagged , , , , | Leave a comment