These are just individuals, they just use computers, and they just want to steal your data and make money. They're not mythical. They don't have superpowers. //

And thus, the Dark Web Roast was born. It's a regular blog complete with memes, mockery, and a Ricky Gervais' "they're just jokes" inspired disclaimer: "While these incidents are genuinely amusing, they represent real criminal activities causing significant harm. This content is for threat intelligence and educational purposes only."

The most recent edition features a ransomware gang that bulk-drafted and scheduled their extortion attempts like a content calendar: "Considering the sheer, numbing volume of their posts, it's a solid bet that their 'victims' are probably just fake sites they spun up themselves for content, because nothing screams legitimacy like inflating your stats with phantom compromises," the researchers wrote. //

But public mockery (as with LockBit), and infiltration like the FBI did with Hive's ransomware network, can fracture trust among cyberthieves. And this fragmentation can help defenders dismantle criminal operations and keep people and data safe. //

The video shows an administrator skimming the most valuable secrets and cryptocurrency keys for personal gain, while passing only less lucrative data to customers. Trellix learned about this incident during a briefing with Dutch police.

"They said to us, 'We found out that this admin is also stealing from his own customers,'" Fokker remembers. After the Europol press release came out, Trellix unleashed the snark in a Dark Web Roast.

"We basically said you're stupid if you work with him, because he's just getting rich, and we just make fun of him," Fokker said. "We don't know if the impact was measurable, but still, we had an opportunity to run with that story and make a complete fool out of this admin. So that's something." ®

Into the woods my Master went,
Clean forspent, forspent.
Into the woods my Master came,
Forspent with love and shame.
But the olives they were not blind to Him,
The little gray leaves were kind to Him:
The thorn-tree had a mind to Him
When into the woods He came.

Out of the woods my Master went,
And He was well content.
Out of the woods my Master came,
Content with death and shame.
When Death and Shame would woo Him last,
From under the trees they drew Him last:
'Twas on a tree they slew Him -- last
When out of the woods He came.

Excors Ars Centurion
12y
365
Subscriptor++
Resistance said:
I thought the current trajectory has the spacecraft and everything near it returning to Earth?
Yes - NASA says the translunar injection burn was also the deorbit burn. It's a very long deorbit trajectory, and there's six opportunities for correction burns to ensure a safe reentry angle and splashdown location, but they're already on their way to Earth. And they've skipped the first two correction burns because the trajectory is close enough to optimal.

If I'm interpreting this paper right, the requirement is to reach the entry interface with a max downrange error of 25.6km (figure 4), with up to 20 m/s delta-v of corrections, so this is just about fine-tuning. I presume that means anything that's still floating near the spacecraft, and not flying off at many m/s, is close enough to the optimal trajectory that it's still going to impact the Earth.

The cost of high-performance GPUs, typically $8,000 or more, means they are frequently shared among dozens of users in cloud environments. Three new attacks demonstrate how a malicious user can gain full root control of a host machine by performing novel Rowhammer attacks on high-performance GPU cards made by Nvidia.

The attacks exploit memory hardware’s increasing susceptibility to bit flips, in which 0s stored in memory switch to 1s and vice versa. In 2014, researchers first demonstrated that repeated, rapid access—or “hammering”—of memory hardware known as DRAM creates electrical disturbances that flip bits. A year later, a different research team showed that by targeting specific DRAM rows storing sensitive data, an attacker could exploit the phenomenon to escalate an unprivileged user to root or evade security sandbox protections. Both attacks targeted DDR3 generations of DRAM. //

On Thursday, two research teams, working independently of each other, demonstrated attacks against two cards from Nvidia’s Ampere generation that take GPU rowhammering into new—and potentially much more consequential—territory: GDDR bitflips that give adversaries full control of CPU memory, resulting in full system compromise of the host machine. For the attack to work, IOMMU memory management must be disabled, as is the default in BIOS settings. //

A separate mitigation is to enable Error Correcting Codes (ECC) on the GPU, something Nvidia allows to be done using a command line. //

Kevin G
Ars Scholae Palatinae
21y
1,483
Thursday at 2:54 PM
#12
New
The ECC functionality on nVidia cards can take a pretty big performance hit as they do not include extra DRAM for ECC. Thus on a 32 GB workstation GPU, the amount of usable memory is reduced down to a 28 GB. Thus if you were using that extra memory and flipped on ECC, performance tanks as the remaining 4 GB gets paged out to host CPU memory. Beyond that, the ECC algorithm itself as the where the parity data for ECC resides is some what configurable. If itis on the same memory controller (which generally means the same memory chip as often there is only one chip per memory channel), then the calculation is done inside the memory controller relatively quickly. This of course comes at the higher integrity risk of losing data if a memory chip fails but this does protect against random bit flips. The other ECC algorithm is more akin to software RAID5 which rotates where the parity data resides across the chip and across the various internal memory controllers. Thus to compute ECC, one memory controller has to wait for another control to read that information and pass it down which is big performance penalty.

What this article doesn't cover is HBM which can both have extra stacks of memory in a channel as well as extra bits of parity on each die in the stack. Most ECC leverage the extra memory on the die plus rotating where the parity data resides. The end result is effectively the same as having an extra DRAM chip on a DIMM. (For those who don't know, an 8 GB ECC DIMM will contain ten 1 GB memory chips but the extra 2 GB is used exclusively for ECC and does not alter the usable capacity.)

HBM controllers are rather complex and the reason why capacities like 141 GB exist is due to a single die failure in one of the many stacks. Instead of disabling a wholes stack and reducing the memory capacity down to 120 GB, only the explicitly broken die is disabled.

A retro computing connoisseur has installed and booted Microsoft Windows 3.1X on a Ryzen 9 9900X and RTX 5060 Ti PC system. That’s a 1992 OS working on a bare-metal 2024 Zen5 CPU and 2025 Blackwell GPU. The full story contains a few nuances, but basically, a system and OS separated by over 30 years of huge advances kind of play nicely together. //

This Asus motherboard’s ‘classic BIOS’ functionality doesn’t get in the way of users tinkering with old OSes like Windows 3.1X when the built-in Compatibility Support Module (CSM) is enabled. Moreover, we noticed Omores initially prepared the system using a Windows 95 boot floppy to create the bootable DOS FAT16 partition necessary for setup.

Earlier this week, Bloomberg reported that “almost half of the US data centers planned for this year are expected to be delayed or canceled” because developers can’t import enough transformers, switchgear, and batteries to build out the power infrastructure that every data center needs.

These parts, which China has primarily manufactured for US manufacturers “for decades,” used to take between 24 and 30 months to get delivered prior to 2020. Now, they can require wait times up to five years, Bloomberg reported. That lag could matter, since China is reportedly about five years behind the US in the AI race.

Rather than rely on China, Trump would prefer that the US manufacture its own equipment. However, currently, “US manufacturing capacity for these devices cannot keep up with demand,” Bloomberg reported.

At Friday’s hearing of the Colorado Senate Business, Labor, and Technology committee, lawmakers voted unanimously to move Colorado state bill SB26-090—titled Exempt Critical Infrastructure from Right to Repair—out of committee and into the state senate and house for a vote.

The bill modifies Colorado’s Consumer Right to Repair Digital Electronic Equipment act, which was passed in 2024 and went into effect in January 2026. While the protections secured by that act are wide, the new SB26-090 bill aims to “exempt information technology equipment that is intended for use in critical infrastructure from Colorado’s consumer right to repair laws.” //

“I can point out at least five problems with the bill as drafted,” Gay Gordon-Byrne, the executive director at the Repair Association, said during the hearing. “The definition of critical infrastructure is completely inadequate. The definition that has been proposed in this bill is not even a definition.” //

Repair advocates also say that limiting this kind of repairability is the exact opposite of keeping devices secure. If something goes wrong with a critical piece of technology, the people using it need to fix it and not have to wait for manufacturer approval.

“There’s a general principle in cybersecurity that obscurity is not security,” iFixit CEO Kyle Wiens said in the hearing. “The money that’s behind the scenes, that’s what’s driving the bill.” //

DarthSlack Ars Legatus Legionis
12y
23,110
Subscriptor++
So critical infrastructure is, well, critical, right? Like you need it to keep working because if it stops you're in a world of hurt? So isn't that the stuff you really, really, really want to be able to repair when it breaks and not sitting on your ass waiting for some clownshoes to show up and charge you a small fortune to turn a screw or apply a patch?

One can get away with “roughing it” when using the bathroom during trips to the Moon. Going to Mars, requiring months in space, is a different matter. If the toilet breaks on the way to Mars, there is a non-zero chance the crew is dying. So it’s great to try out these systems now, on Orion. This really is the purpose of this test flight, to make sure life support systems work for the crew, to identify problems, and to implement fixes in the future.

In the big picture, the Artemis II mission continues to go splendidly. The deputy manager of the Orion program for NASA, Debbie Korth, said Saturday that the spacecraft is performing “remarkably well,” and that the vehicle’s overall performance has “pleasantly surprised” the engineers working on the program.

Everything is going so well, in fact, that much of the focus has been on frozen urine. And considering all of the things that could go wrong with a dangerous deep space journey like this, a wee problem like this seems like a big win. //

Zapfenzieher Wise, Aged Ars Veteran
15y
137
Go, Artemis, go!

Oh, wait ... 😋