> type in anything, and somehow it will read your mind
I think we can go back to the way things were, which had nothing to do with mind reading. In the past, you could type in word, and google would offer 10 million results, and you could page through each of them. That was very powerful, and google does not do that today.
I don't think you know what you are asking. Do you really want 10 million pages of results, of which 99.999...% are SEO spam for Viagra et al, and on average you will need to browser ~9 million pages of results to find something that's actually "relevant"?
I was in high school 15 years ago and Google absolutely read minds to conclude Briney Spears was not a search for pickles but rather a pop artist. This was significant enough for them to come to go talk about it.
Also a good point. One time I couldn't remember what Minute (multi-app installer) was called, so I googled "the thing what downloads all the things" and lo and behold, Google found it. Their algo used to be really clever.
I'm very curious to see how this investigation plays out, especially considering the debt situation here in the US. It appears (according to tether's audit reports) that tether went from about 64 billion in treasuries mid-2023 to about 92 billion mid-2024. That's 27 billion in demand for treasuries over that one year period which (if my math and research is correct) is about 3% of all treasury demand for roughly that time period.
It does appear that tether holds short-term maturity treasuries, and I don't know how that fits into the larger demand picture.
True...but his quoted bit of the article amounts to "why didn't somebody else, on their own time and dime, Do Stuff"? There's no hint that he (or anyone associated with him) had previously cared to even look for such materials. Let alone do a superficial study of them.
The article also notes that the company had previously tried to sell the entire Gollancz collection - vastly more material than just the George Orwell part - to institutional buyers for £1m. None of them were interested. And I don't see any criticism of them for that neglect.
But now, when it's easy for the ass-sitters to score points by screaming about Evil Corporations destroying England's sacred history, there is a huge fuss.
But taking drugs also affects physiological things such as breathing, heart rate, salivation, sweat, etc. All of those things are tied to physical material that starts outside the body that our physical bodies manage thanks to evolutionary selection. We manage oxygen with breathing/heart rate, water for salivation and sweat, etc. The fact that the physical body and evolution also manage consciousness should probably be evidence that consciousness exists outside the body just like oxygen and water.
The other side of this argument is that the world is not getting off oil. We will need the oil if we want to get every nation up to a Euro/US standard of living.
It’s destroying demand at a massive clip, if the IEA is to be believed [1]. With Riyadh’s elevated break-even price [2] that doesn’t leave them a lot of time.
Excellent call outs, the price of oil doesn’t have to go to zero, it must simply be held below what middle eastern countries need to pacify their populations. Failing that, all hell breaks loose, potentially impairing their petroleum supply chains (depending on intensity of turmoil that occurs).
The industry runs on oil (and gas) and that's not going to be phased away as easily as cars.
It would be nice to see something like Tesla but for heavy/industrial machinery, though. I think I saw something somewhere, but can't find the source at this time.
NetGuard doesn't support the standard OS leak blocking like Mullvad and doesn't try to filter DNS so it inherently has leaks. There are no known remote leaks on Android 14 when a VPN app supporting is already active or when it's down. The DNS leaks in this post were partially caused by an app bug that's not fixed and also happen when the VPN is in the process of connecting. The issue with leaks when the VPN is in the process of connecting may be an app bug or an OS bug. It's not clear that it's an OS bug at this point. It was reported to us for GrapheneOS earlier and we've been looking into it.
There's also leak issue which was reported where multicast packets leak outside of the VPN tunnel to the local network. This is highly likely to be an OS bug, unlike the DNS leak issue where it's not yet clear if the OS or the app is the problem. The OS can likely prevent those DNS leaks even if apps don't get fixed but it wasn't necessarily supposed to be responsible for it. From the OS perspective, a VPN app is supposed to set a DNS configuration and not setting that configuration results in partially using the OS DNS.
If you don't mind clarifying, currently GOS uses ASYMMETRIC MTE for the low overhead and to close the soft time constraint in ASYNC MODE. I was having a read though https://googleprojectzero.blogspot.com/2023/08/mte-as-implem...
Where I had come accross possible MTE bypasses in ASYNC mode and I quote:
'Since SIGSEGV is a catchable signal, any signal handlers that can handle SIGSEGV become a critical attack surface for async MTE bypasses'. Moreover, "The concept is simple - if we can corrupt any state that would result in the signal handler concluding that a SIGSEGV coming from a tag-check failure is handled/safe, then we can effectively disable MTE for the process", hence having MTE as ineffective.
Paradoxically, I don't believe this issue is faced regarding SYNC MODE. As you obviously know, 'in asymmetric mode, read memory accesses are processed as SYNC, while write memory accesses are processed as ASYNC'.
does this mean that the signal handlers in write memory are exploitable?
If this be true, does GOS offer a mitigation for this, or can it be possible to simply allow all users to have the option to pick SYNC MTE to bypass this attack surface?
Furthermore, MTE is not enabled for the kernel, would it be possible to have it enabled by choice as well?
Finally, regarding the OS processes to which GOS recently enabled MTE for as an option for its users, does it also include the cellular firmware, IOMMU/SMMU and the software stack that communicates between the isolated chip and the OS? I address this point because, GAL Beniamini stated that:
" That said, up until now we’ve only considered the high-level attack surface exposed to the firmware. In effect, we were thinking of the Wi-Fi SoC and the application processor as two distinct entities which are completely isolated from one another. In reality, we know that nothing can be further from the truth. Not only are the Wi-Fi SoC and the host physically proximate to one another, they also share a physical communication interface". Nonetheless he further states:
"For example, by going over the IOMMU bindings in the Linux Kernel, we can see that apparently both Qualcomm and Samsung have their own proprietary implementations of an SMMU (!), with it’s own unique device-tree bindings. However, suspiciously, it seems that the device tree entries for the Broadcom Wi-Fi chip are missing these IOMMU bindings". Despite that the research is from a couple years, it remains viable evidence that IOMMU although provides adequate protection, it remains an insufficient mechanism on its own and requires further hardening on the software stack. Does GOS address this profound attack vector?
If you are worried about users holding the DAO hostage by not signing cooperatively, you might want to check out ROAST which is basically FROST done in rounds in such a way that you can withstand some malicious participants.
> type in anything, and somehow it will read your mind
I think we can go back to the way things were, which had nothing to do with mind reading. In the past, you could type in word, and google would offer 10 million results, and you could page through each of them. That was very powerful, and google does not do that today.
reply