Quinn 0.2.0: QUIC protocol implementation in Rust

We (@djc and @Ralith) are happy to announce the release of 0.2.0 of Quinn, our pure-Rust implementation of the QUIC protocol, the next generation TCP replacement protocol currently being standardized at the IETF. After 3 months of development since the release of 0.1.0, 0.2.0 is much more complete. First and foremost, Quinn 0.2.0 is among the most conformant implementations of the latest QUIC draft (draft 17), according to the interoperability testing data maintained by implementers participating in the QUIC working group. We're also grateful for the work @imp, @est31, @psiphi75, and @kryptan have contributed to this release. To support this release, we've contributed work to libc, tokio, rustls and ring.

Link  |  View on HN

Advanced Mac Substitute: API-level reimplementation of classic Mac OS

Advanced Mac SubstituteAdvanced Mac SubstituteAdvanced Mac Substitute is an API-level reimplementation of classic Mac OS. The opening of the prologue cinematic from The Fool’s Errand running in Advanced Mac SubstituteAmazing running in Advanced Mac Substitute (point to see the solved maze)Unlike traditional emulators, Advanced Mac Substitute doesn’t emulate the hardware on which an operating system runs (except for the 680x0 processor), but actually replaces the OS — so it launches directly into an application, without a startup phase. Solitaire running in Advanced Mac Substitute on an Android phoneAdvanced Mac Substitute is capable of running several applications written for the original Macintosh computer. Missile running in Advanced Mac Substitute (point to see the next frame)IAGO running in Advanced Mac Substitute (point to see who won)Current support includes 1-bit-deep graphics, regions, circles and roundrects, lines, cursors, GrafPorts, text, windows, controls, menus, dialogs, and more. If you’re feeling adventurous, you can try out Advanced Mac Substitute on Mac OS X (versions from 10.4 through 10.12, at least) or Linux framebuffer.

Link  |  View on HN

Genode OS: A tool kit for highly secure special-purpose operating systems

About GenodeThe Genode OS Framework is a tool kit for building highly secure special-purpose operating systems. Genode is based on a recursive system structure. Thanks to this rigid regime, the attack surface of security-critical functions can be reduced by orders of magnitude compared to contemporary operating systems. In line with Unix philosophy, Genode is a collection of small building blocks, out of which sophisticated systems can be composed. Virtualization: VirtualBox (on NOVA and Muen), L4Linux (on Fiasco.OC), and a custom runtime for Unix softwareOver 100 ready-to-use componentsGenode is open source and commercially supported by Genode Labs.

Link  |  View on HN

On whether changes in bedroom CO2 levels affect sleep quality

Some psychology studies find that CO2 impairs cognition, and some sleep studies find that better ventilation may improve sleep quality. High levels CO2 could potentially worsen sleep, similar to hypercapnia, where the panic/arousal impedes sleep. Existing sleep research mostly investigates sleep apnea, infants, and SIDS. To model sleep effects, I want to take into account bedroom temperature, humidity, CO2, sound, and measure sleep. Whether I would want to start leaving the door open would then depend on whether CO2 ~ Door.r + Fan.r + Door.r*Fan.r * Sleep ~ CO2 > Sleep ~ Door.r + Fan.r + Door.r*Fan.r - that is, the net improvement on sleep through the indirect path of reduced CO2 and CO2 to sleep is better than the worsening through the direct path of intervention to sleep.

Link  |  View on HN

If 5G Is So Important, Why Isn’t It Secure?

The Trump administration’s so-called “race” with China to build new fifth-generation (5G) wireless networks is speeding toward a network vulnerable to Chinese (and other) cyberattacks. We cannot allow the hype about 5G to overshadow the absolute necessity that it be secure. Our current wireless networks are fourth-generation, or 4G. Iranians hacking the delivery of “Game of Thrones” isn’t good, but the real transformational promise of 5G goes far beyond wireless cable and its security is much more critical. The autonomous car is something vastly different, in which the 5G network allows computers to orchestrate a flood of information from multitudes of input sensors for real time, on-the-fly decision-making.

Link  |  View on HN

Show HN: FBP editor for music/vfx with [three, tone, tensorflow].js nodes

Link  |  View on HN

Intro to hacking MicroSD cards

In order to explain the hack, it’s necessary to understand the structure of an SD card. You can see some die shots of the inside of microSD cards at a microSD teardown I did a couple years ago. Therefore, it’s recommended to dispose of memory cards through total physical destruction (e.g., grind it up with a mortar and pestle). While SD cards are admittedly I/O-limited, some clever hacking of the microcontroller in an SD card could make for a very economical and compact data logging solution for I2C or SPI-based sensors. Tags: flash, hacking, microcontroller, microsd, mitm

Link  |  View on HN

Why does APT not use HTTPS?

Downloaded files are rejected by APT if they are signed by an unknown key[1] or are missing valid signatures. HTTPS does not provide meaningful privacy for obtaining packages. This means that HTTPS provides little-to-no protection against a targeted attack on your distribution's mirror network. Why not provide HTTPS anyway? Your distribution could cryptographically sign the files using the existing scheme and additionally serve the files over HTTPS to provide "defense in depth."

Link  |  View on HN

Letter in Response to Jan. 17 Article in The New York Times

January 19, 2019To the Editor:Gideon Lewis-Kraus (Jan. 17) profiles the nascent field of ancient DNA, which in the last few years has contributed to a transformation in our understanding of the deep human past. Second, he contends that ancient DNA specialists favor simplistic and sweeping claims. On the contrary, the paper he references and indeed my whole body of work argues for complex mixture, not simple replacement. Lewis-Kraus also suggests that I use small sample sizes to make unjustifiable sweeping claims. In small-sample size studies, I emphasize that more samples are needed to flesh out the details of the initial findings.

Link  |  View on HN

Greenland’s Melting Ice Nears a ‘Tipping Point’

Greenland’s enormous ice sheet is melting at such an accelerated rate that it may have reached a “tipping point,” and could become a major factor in sea-level rise around the world within two decades, scientists said in a study published on Monday. The authors found that ice loss in 2012 was nearly four times the rate in 2003 , and after a lull in 2013-14, it has resumed. Just a week ago, a separate study of ice loss in Antarctica found that the continent is contributing more to rising sea levels than previously thought. Another new analysis suggested that the oceans are warming far faster than earlier estimates. Warming oceans are currently the leading cause of sea-level rise, since water expands as it warms.

Link  |  View on HN