Massive CPU Security Flaws Revealed


#422

I dunno, depends on how hard it actually is to fix the issues, and not kill performance.

If it kills performance, and there’s no rabbit pull to save us, I can see it happening, on the client side the big issue I see is a javascript ad somewhere running code to get your passwords while you’re home banking, etc.


#423

Not a chance. Nobody will change their code because it may be insecure.

Nobody really knows how quantum computing works, which is what makes it fun, but alternate universes are one theory.


#424

I’d like to sign up for an alternate universe for reasons outside of computing please. I am only marginally pleased with the one I am in.


#425

Sure. Until Google implements a setting somewhere where every time you enter a site you need to allow it to use Javascript, OS level controls that don’t allow you to go to a website / run a program if any other program is running, etc.

Also, quantum computing, if it ever comes and it’s truly a great boon to performance using barely understood “this might as well be magic” techniques, will be great for security. Hope you can remember your several million character passwords. :D


#426

Well, if quantum computing becomes a real thing most currently used forms of encryption will immediately become garbage, because it can leverage alternate universes to solve problems that are very difficult like factoring huge prime numbers extremely quickly. That’s not a big deal in the end as we already invented new quantum-resistant algorithms like elliptic-curve cryptography.

So, no need for giant passwords. They wouldn’t help anyway. There are an infinite number of alternate universes!


#427

I will stick with “[email protected]” for everything. Quantum computing be damned!


#428

People do understand how quantum computing works. Quantum mechanics can fully explain what happens without invoking alternate universes.

But quantum mechanics is fundamentally different from our regular experience. And people like to grok things using analogies to regular experience. So that raises questions like, “How can the properties of an electron be random??”

That’s a nonsense question in quantum mechanics. They are random because they are random. Just like the charge of an electron is 1.6E-19 C because the charge of an electron is 1.6E-19 C.

Some people aren’t satisfied by knowing only the facts, so they come up with supernatural explanations. Like, “They only appear to be random, but they really aren’t because of alternate universes”. Which is equally unscientific as “The charge of an electron is 1.6E-19 C in this universe, but 900 in an alternate universe”. Which is equally unscientific as “God decides where the electron goes, and also decides its charge”.

They are all theories, without a shred of supporting evidence.

Therefore, I think it’s fair to say that if quantum computing becomes a real thing most currently used forms of encryption will immediately become garbage, because it can leverage the power of God to solve problems that are very difficult like factoring huge prime numbers extremely quickly.


#429

What if the charge of an electron were random? I think you would start to complain too.


#430

No, I wouldn’t. It is what it is.


#431

:rolleyes:


#432

I’m serious. There is an underlying assumption that everything in the universe is deterministic. It’s totally unproven. It’s not our place to tell Nature that it is has to be 100% predictable.


#433

“I just have to find a dimension where you used a shitty password.”


#434

You must be a lot of fun at parties.


#435

You should seem him pole dance.


#436

I was under the impression places that really care about security moved away from username and login already and went to two step and more authentication.


#437

Sometimes I am and sometimes I’m not. It’s impossible to predict.


#438

That doesn’t really have anything to do with encryption. For example your password on these forums could be stored unencrypted in a text file somewhere, and you would never know (n.b.: it isn’t).

It’s reasonable to assume that all traffic on the internet is recorded and stored indefinitely. We know the UK was doing that as far back as 2013. These days most traffic is encrypted so it can’t be read. You see where that’s going, right?


#439

I get that.

What I am saying is… i thought we were heading in a direction, already, where large complicated passwords don’t matter because we’re not going to be relying solely on that anymore. That’s the impression I got anyway. Long, complicated and even having to frequently change your passwords… out.


#440

Anyway, I wouldn’t hold by breath for quantum computing anyway, even if it’s coming, it might not work for “general” computing, and even if it does, who knows how long it’ll take to go from “stuff the military gets to play with” to something regular people have access to. We’re stuck with regular CPU’s for the time being / probably our lifetimes.

And their massive security flaws.


#441

These days, people at Google will probably play with it before the military.