dan @ dan @upvote.au

Aussie living in the San Francisco Bay Area.

---

Read more

Posts

7

Comments

3,376

Joined

2 yr. ago

Most regular players didn't encounter these bugs though, as often they're edge cases that don't occur during regular gameplay. A lot of them were found by people intentionally looking for them.

I'd argue that games today are bugger than games in the past, just due to how complex they are now. Sure, they're a different class of bug (and arbitrary code execution via buffer overflows isn't really a thing any more thanks to ASLR and the NX bit), but I don't think there's fewer bugs at all.

In some cases, the RAM actually is in use by the site. That's especially the case on sites with heavy client-side logic. In that case, it's not Chrome's (or Firefox's) fault, it's the website's fault. If you hover over the tab, it should show memory usage in the popover.

Chrome has a "Memory Saver" feature where it'll unload tabs that are offscreen/hidden which helps quite a bit. Not sure if Firefox has something similar.

I wouldn't be surprised if they're also using something like Google Analytics to track users.

Unused RAM is wasted RAM. Apps like Chrome use available RAM if it's available, but they should be releasing it for other apps to use when there's high memory pressure.

It's the same with disk caching. If you have a lot of free RAM, the OS will use all of it for caching files.

Games were impressive in this way too. Computers and consoles didn't have much CPU power or memory, so they had to squeeze every little bit.

This was still happening even with 5th gen consoles. Crash Bandicoot couldn't fit in the Playstation's memory so they ended up overwriting system memory and memory allocated to features of Sony's standard library they weren't using.

These days, game development is more "boring" in that aspect. Systems are powerful and frameworks like Unreal Engine handle all the core stuff. That's not necessarily a bad thing though - it lets the game developers focus on the game itself.

I'm just joking - it was a reference to the famous Bill Gates quote (that he didn't actually say) about 640k of RAM being enough.

Running ai locally is the same energy as playing a 3d AAA game for the same time

I wonder if they're factoring in the energy usage to train the model. That's what consumes most of the power.

Crowdsec is much more efficient than fail2ban. Fail2ban is a lot of old single-threaded Python code with inefficient log parsing/tailing routines. Crowdsec is a more modern Go codebase.

If you're looking at old-school solutions, there's also DenyHosts.

Crowdsec blocks login attempts too.

480Mbps ought to be enough for anybody.

you immediately tie the permanent accessibility of your local files to you retaining access to a cloud account?

The Microsoft account holds a backup of the recovery key, which you need to use to restore access in if you do something like significantly change the hardware or move the drive to a different system (which are effectively the same thing).

You don't need it for day-to-day use of the system, and you can also just get the recovery key and print it out or write it down somewhere, which is usually how it's handled on systems that don't use a Microsoft account.

Say, Veracrypt is churning away in the background. Why would one leave Bitlocker activated?

That's a good point.

You have different opinions on TPM and the prevalence of evil maids than me, fair

I work at a big tech company so have to be vigilant even with my personal systems :)

the premise of the thread

Some of the things mentioned in the OP don't actually happen in real life, though. Bitlocker is only automatically activated if you use a Microsoft account to log in, and why wouldn't you know the account credentials if it's what you use to log in?

doesn't rely on TPM and secureboot silliness

TPM is optional (but recommended) for Bitlocker. Practically every computer released in the past 10 years has TPM support.

Secure boot is needed to ensure that the boot is secure and thus it's okay to load the encryption key. Without it, a rootkit could be injected that steals the encryption key.

You generally want to use TPM and secure boot on Linux too, not just on Windows. You need secure boot to prevent an "evil maid attack"

I didn't mean to imply that every rental store in Australia did this, just that I lived in Australia and the rental stores I used included the manual.

You can install Dropbear into your initramfs and configure it to allow entering the encryption key via SSH. Example guide I found: https://www.cyberciti.biz/security/how-to-unlock-luks-using-dropbear-ssh-keys-remotely-in-linux/

You do have to have an unencrypted /boot, but the rest of the system can be encrypted. This uses a separate authorized_keys file embedded within the initramfs.

I know, I just meant why would someone willingly disable Bitlocker?

It sounds like you're complaining about both approaches.

If Microsoft doesn't have the key: You can't recover your files if you lose it.

If Microsoft does have the key: An attacker could get in and take it (unlikely if you have two factor auth though) and you need to trust Microsoft.

And Micosoft stores that key in plain text.

How do you know this, though? It could be encrypted using your account password as a key or seed.

Whenever I rented an N64 game, the manual was in the box, and the store would check to ensure the manual was there when you return the game. That was in Australia though, so maybe it was different in your country?

There were rental places that didn't include the manual?

But it also has the superior option which is to turn it off.

Why would you not want to encrypt your files? My Linux systems are encrypted too.

I wonder why they didn't go with something more supported, like a Realtek chip. They're not the best (I'd prefer Intel or Aquantia), but they're cheap and widely supported. The Framework's Ethernet expansion card uses a RTL8156 which is supported practically everywhere.