New SnailLoad Attack Exploits Network Latency To Spy On Users’ Web Activities

Longtime Slashdot reader Artem S. Tashkinov shares a report from The Hacker News: A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a user’s web activity. “SnailLoad exploits a bottleneck present on all Internet connections,” the researchers said in a study released this week. “This bottleneck influences the latency of network packets, allowing an attacker to infer the current network activity on someone else’s Internet connection. An attacker can use this information to infer websites a user visits or videos a user watches.” A defining characteristic of the approach is that it obviates the need for carrying out an adversary-in-the-middle (AitM) attack or being in physical proximity to the Wi-Fi connection to sniff network traffic. Specifically, it entails tricking a target into loading a harmless asset (e.g., a file, an image, or an ad) from a threat actor-controlled server, which then exploits the victim’s network latency as a side channel to determine online activities on the victim system.

To perform such a fingerprinting attack and glean what video or a website a user might be watching or visiting, the attacker conducts a series of latency measurements of the victim’s network connection as the content is being downloaded from the server while they are browsing or viewing. It then involves a post-processing phase that employs a convolutional neural network (CNN) trained with traces from an identical network setup to make the inference with an accuracy of up to 98% for videos and 63% for websites. In other words, due to the network bottleneck on the victim’s side, the adversary can deduce the transmitted amount of data by measuring the packet round trip time (RTT). The RTT traces are unique per video and can be used to classify the video watched by the victim. The attack is so named because the attacking server transmits the file at a snail’s pace in order to monitor the connection latency over an extended period of time.

Read more of this story at Slashdot.

Christie’s Likens Microsoft’s Work On MS-DOS To Einstein’s Work In Physics

Longtime Slashdot reader theodp writes: “If Einstein paved the way for a new era in physics,” explains auction house Christie’s in a promotion piece for its upcoming offering of 150+ “objects of scientific and historical importance” from the Paul G. Allen Collection (including items from the shuttered Living Computers Museum), “Mr. Allen and his collaborators ushered in a new era of computing. Starting with MS-DOS in 1981, Microsoft then went on to revolutionize personal computing with the launch of Windows in 1985.”

Christie’s auction and characterization of MS-DOS as an Allen and Microsoft innovation comes 30 years after the death of Gary Kildall, whose unpublished memoir, the Seattle Times reported in Kildall’s July 1994 obituary, called DOS “plain and simple theft” of Kildall’s CP/M OS. PC Magazine’s The Rise of DOS: How Microsoft Got the IBM PC OS Contract notes that Paul Allen himself traced the genesis of MS-DOS back to a phone call Allen made to Seattle Computer Products owner Rod Brock in which Microsoft licensed Tim Paterson’s CP/M-inspired QDOS (Quick and Dirty Operating System) for $10,000 plus a royalty of $15,000 for every company that licensed the software. A shrewd buy-low-sell-high business deal, yes, but hardly an Einstein-caliber breakthrough idea.

Read more of this story at Slashdot.

Nvidia Forecasted To Make $12 Billion Selling GPUs In China

Nvidia is expected to earn $12 billion from GPU sales to China in 2024, despite U.S. trade restrictions. Research firm SemiAnalysis says the GPU maker will ship over 1 million units of its new H20 model to the Chinese market, “with each one said to cost between $12,000 and $13,000 apiece,” reports The Register. From the report: This figure is said by SemiAnalysis to be nearly double what Huawei is likely to sell of its rival accelerator, the Ascend 910B, as reported by The Financial Times. If accurate, this would seem to contradict earlier reports that Nvidia had moved to cut the price of its products for the China market. This was because buyers were said to be opting instead for domestically made kit for accelerating AI workloads. The H20 GPU is understood to be the top performing model out of three Nvidia GPUs specially designed for the Chinese market to comply with rules introduced by the Biden administration last year that curb performance.

In contrast, Huawei’s Ascend 910B is claimed to have performance on a par with that of Nvidia’s A100 GPU. It is believed to be an in-house design manufactured by Chinese chipmaker SMIC using a 7nm process technology, unlike the older Ascend 910 product. If this forecast proves accurate, it will be a relief for Nvidia, which earlier disclosed that its sales in China delivered a “mid-single digit percentage” of revenue for its Q4 of FY2024, and was forecast to do the same in Q1 of FY 2025. In contrast, the Chinese market had made up between 20 and 25 percent of the company’s revenue in recent years, until the export restrictions landed.

Read more of this story at Slashdot.

Kien, the Most-Delayed Video Game in History, Released After 22 Years

An Italian video game, 22 years in the making, has finally hit the market, setting a record for the longest development time in gaming history. “Kien,” an action platformer for Nintendo’s Game Boy Advance, began development in 2002 by a group of five inexperienced enthusiasts, The Guardian reports. Only one, Fabio Belsanti, saw the project through to completion. The game, inspired by 15th-century Tuscan manuscripts and early Japanese graphics, offers a challenging, nonlinear fantasy experience. It’s now available on a translucent gray cartridge, complete with a printed manual — a rarity in modern gaming. Belsanti’s company, AgeOfGames, survived the delay by creating educational games. The recent boom in retro gaming finally made Kien’s release feasible, he said.

Read more of this story at Slashdot.

Roku Faces Criticism Over Controversial TV Update

Half of Petrol Stations Expected To Close in Next Decade

Half of the Netherlands’ petrol stations are set to close in the next five to 10 years as electric cars start to take over the market, according to ING Research. From a report: The bank’s economists say there will be insufficient earnings in future, with only some 2,000 of today’s 4,131 gas stations remaining. “It is mainly the small, unmanned petrol stations that will disappear,” says ING Research, as reported in De Telegraaf. […]

Owners are trying to maintain turnover by increasing their sales of food and beverages, maintenance services and even car washing, ING says. But the long-term business model of independent stations will be difficult to maintain. “A quick calculation shows how long petrol station owners can still sell petrol,” Dirk Mulder, Trade & Retail sector banker at ING Research, said. “A new car remains in the Dutch fleet for an average of 19 years. The last petrol and diesel cars will come onto the market in 2034 and will stay on the road until approximately 2053.”

Read more of this story at Slashdot.