> The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.
I think we've been playing "everyone gets along" for far too long, and it's become obvious to the meek that people are gaming the system whilst pretending to get along. A correction is necessary, and that's precisely what you're witnessing here.
Managed to make a massive cursor and it was broadcasted to the whole party. Had some fun hacking this with Chrome dev tools.
Was simple as breakpointing in dev tools on "mousewheel", setting h.scale = 15, and then resuming. Massive cursor and massive fun. I'm sure people were wondering how I got mine so big. Considering it was clamped to 1.
I've thought about injecting a non-zero number to crash the app or perhaps inject some XSS to run some fun code on everyone's machine but...I decided to be nice and not literally crash the party. ;-)
All that's needed to fix this "exploit" is to properly sanitize data on the way in. Classic example of why sanitizing I/O is important!
These fuses are inside the CPU itself. They are programmed in a sense much like the firmware itself is.
These fuses have always been around in microcontrollers. They are used to configure various aspects of the microcontroller operations, like startup sequences, whether or not the contents of the chip can be read out, is their voltage monitoring (brownout detection) enabled, is there a watchdog timer enabled which could reset the chip automatically if needed, etc.
It is common that fuses like this can only be set to progressively stricter settings. And the only way to reset the fuses is to erase the entire chip, firmware and all. It sounds like these fuses in the Nvidia dont even allow this.
There have been attacks against eFuses implemented as flash by way of decapping and using UV light. (I'm on mobile and don't have links at hand. Sorry!)
The article that gp linked mentions that it's stored in non-volatile memory that supposedly is "programmable" only once. Obviously, it depends on the chipset, but how is non-reversibility guaranteed in this case?
The bit cell is programmed by applying a high-voltage pulse not encountered during a normal operation across the gate and substrate of the thin oxide transistor (around 6 V for a 2 nm thick oxide, or 30 MV/cm) to break down the oxide between gate and substrate. The positive voltage on the transistor's gate forms an inversion channel in the substrate below the gate, causing a tunneling current to flow through the oxide. The current produces additional traps in the oxide, increasing the current through the oxide and ultimately melting the oxide and forming a conductive channel from gate to substrate.
So, basically, they intentionally apply an out-of-spec voltage on the cell's output port, overloading the gate and causing a permanent short to ground. The cell always reads as 0 afterwards.
I don't see the "non-volatile" part at first, sorry about that. I guess non-volatile just means the data persists across resets, not necessarily that the fuses are stored in flash or something that can be modified.
YouTube makes opinionated decisions about what gets in their search results. They edit their search results and have a team that decides that goes on the front page. That's editing. YouTube is a publisher.
