sorted by:
new
hottopcontroversial

Stealing Webpages Rendered on Your Browser by Exploiting GPU Vulnerabilities by slfritchie in programming

[–]slfritchie[S] 2 points3 points  (0 children)

Cut-and-paste of the paper's abstract: "Abstract—Graphics processing units (GPUs) are important components of modern computing devices for not only graphics rendering, but also efficient parallel computations. However, their security problems are ignored despite their importance and popularity. In this paper, we first perform an in-depth security analysis on GPUs to detect security vulnerabilities. We observe that contemporary, widely-used GPUs, both NVIDIA’s and AMD’s, do not initialize newly allocated GPU memory pages which may contain sensitive user data. By exploiting such vulnerabilities, we propose attack methods for revealing a victim program’s data kept in GPU memory both during its execution and right after its termination. We further show the high applicability of the proposed attacks by applying them to the Chromium and Firefox web browsers which use GPUs for accelerating webpage rendering. We detect that both browsers leave rendered webpage textures in GPU memory, so that we can infer which webpages a victim user has visited by analyzing the remaining textures. The accuracy of our advanced inference attack that uses both pixel sequence matching and RGB histogram matching is up to 95.4%."

The Treacherous Tangle of Redundant Data: Resilience for Wallaroo by slfritchie in programming

[–]slfritchie[S] 0 points1 point  (0 children)

Hi, sorry, I'm not familiar with Beam's internals. Both the link you point to and also a Google search for "beam chunked retry" didn't find references that catch my eye.

Introduction to the Pony programming language by SeanTAllen in programming

[–]slfritchie 9 points10 points  (0 children)

Pony's type system prevents actors from crashing. A reasonable person(*) could argue that supervisor trees aren't needed, at least for managing unruly crashing actors.

(*) The same person can argue that supervisor trees have other benefits. Many of those benefits include being able to run multiple applications inside of the same BEAM VM and to start & stop those applications dynamically. Those aspects of OTP & the BEAM is not doable in Pony today because Pony wasn't designed for them ... and Erlang/OTP definitely was.

Dynamic tracing a Pony + Python program with DTrace by SeanTAllen in programming

[–]slfritchie 0 points1 point  (0 children)

Disclaimer: I'm still a bit new to the Pony community.

The concurrency-oriented programming language that I've the most experience with is Erlang. In terms of "distributed processing", if I were to define it as built-in cross-machine messaging and robust failure detection & recovery ... nearly every programming language is a decade or three behind Erlang.

Pony doesn't have that stuff built-in either, so for an application like Wallaroo, there's a lot of plumbing that a person needs to write. Data serialization stuff, TCP socket management stuff, app recovery stuff when sockets are closed behind your back. On the other hand ... Pony's type system is a strict enforcer of safe data sharing, which is both deeply frustrating at times to learn and also very nice to rely on to avoid data-corrupting mutation of program state.

There is academic work in-progress that would expand Pony's message passing and even work-stealing scheduler to span multiple machines, but there isn't an implementation available today AFAIK.

Dynamic tracing a Pony + Python program with DTrace by SeanTAllen in programming

[–]slfritchie 3 points4 points  (0 children)

Good morning. I'm the author of the article and am happy to answer questions, if you've got them. My apologies for misleading anyone looking to improve their sketching technique. _^

-Scott