* Posts by williamyf

44 publicly visible posts • joined 31 Jan 2024

Biden bans Kaspersky: No more sales, updates in US


¡¡¡COOL!!! ¡Cheaper Karspesky for us!

I live in LatAm. Most of us in LatAm do not care if the FSB spies on us instead of the CIA (or the MI5, or the five eyes, or the chinese). Probably similar sentiment in Africa, ME, SE asia and other places.

What we want is to keep viruses and ransomware out of our systems (both desktop and server, both Windows and Linux, both physical and virtual). Also keep attacks from hacking groups and State backed actors out.

For that, we want the best perf/cost ratio. Karspesky products are very decent. And cover all the aforementioned areas.

If Karpesky loses access to the USoA market, it will probably have to lower prices, to capture more money elsewhere.

As long as your company's threat model is not affected by rusia spying on you, or having a reason to hack you directly, or indirectly throug affiliated hacking groups, a very good tool is about to get much cheaper...



Nearly 20% of running Microsoft SQL Servers have passed end of support


Re: Microsoft has deliberately made it difficult

«However, if you can set things up that none of the systems is diretly connected to the network, then why shouldn't you run it for as long as possible? »

Struxnet and its descendants would like a word with you...

:-P ;-)

The end is nigh for Windows 10 21H2


Re: Bring it on!

You will have to wait a looooong time.

Because the key word is Enterprise

As the article clearly states, enterprises have choices:

1.) Stick with Win10 LTSC 2121 until 2027

2.) Stick with Win10 LTSC 2019 until 2029

3.) Stick with Win10 IoT 2021 until (jan) 2032

4.) Pay up the ESU to keep vanilla Win10 supported until 2028

SO, if you are waiting for enterprise machines, you may wait a while. Most likely you will see a steady tickle from now until 2029...

And, if you are thinking about average janes' and joes' machines, not only most of them will keep the machine with the original OS until it breaks, but also:

For the first time ever, the ESU option for Windows (10) is available to average peasants like me/you/us.

China's SMIC sounds alarm on price wars from silicon surplus


SMIC and other sanctioned companies do not have to worry

The CCP can always edict that SMIC, Huawei, YMTC et al sell most of their p[roduction inside china (i.e. quotas), to sanctioned and non-sanctioned entities (please remmeber that SMIC is under sanctions, not as strict as Huawei, but sanctions).

Meanwhile, non-sanctioned entities must sell most of the production OUTSIDE of china, flooding the external market, but not the internal one, and lending a lifeline to the sanctioned companies.

Latest figures show AMD chipping away at Intel's CPU dominance


Re: AMD has been 'chipping' away since the 70's.

They will slowly converge, until there is a precipitious dip for both, as X-86 becomes the new High end for Big Iron, servers and such, ARM becomes the new X-86 for desktop, laptop and low end servers, and RISC-V becomes the new mobile darling.


Watch out for rogue DHCP servers decloaking your VPN connections


Yes, if you are using E2EE (or even HTTPS), the data is encrypted before it leaves THE APPLICATION (which is even better than the device). So, yes, Is important to use as much E2EE as possible.


1.) there may be holes/weaknesses in the Encryption. For instance, if a website has both an HTTP and an HTTPS variant which have the same static data, it means that we can get encryped and decripted data for the site, leading to a cryptographic attack (see point 4)

2.) The app may be misconfigured.

3.) A MITM Attack may be performed.

4.) Even in E2EE Scenarios, there is info that is exfiltrated in plaintext, for instance, the IP and port of the receiving device, and, to give a concrete example, in HTTPS, the Address of the WebPAge goes as plaintext, therfore, can be either censored or logged by the attacker.

So, E2EE is not a cure-all.

Bulk surveillance will probably not be possible using this vuln, but spying on high-value tragets probably is.


Re: What am I not understanding about this?

If they are using the VPN for Geoblock avoiding or Selective country shopping... yes. If you are using it to circunvent censoring or to avoid spying by an oppresive regime, most likely not.

I live in Venezuela, ask me how I know


Re: as far back as 2002?

¿remember that there were class A (/8 addresses), class b (/12), class c (/16) and class d (/8) addresses?

Well that was very inneficient (my university has a /16, even if we do not need more than 1000 addresses, but at the time we got our assignment, the classless system was not invented yet)

Since there were only 4MM IP addresses and many were reserved for stuff like multicasting, something had to be done, the solution was the classless address sytem, were things like a /10 address space could be givem to an organization that only needs 1000 addresses (like my university).

Problem was, routing that stuff was quite hard, so, new infrastructure and methods to assign and route that stuff was needed.

Tanenbaum's book on networks has a great explaining on it.


"What I don’t get is how the rogue DHCP server is issuing valid sessions to clients."

Pretty simple. Two options. The first one is a rogue admin compromising the real/only DHCP server of the network. From the hollywood scenario of an uber-hacker spy posing as a maintenance employee in the cozzy little cafe frequented by the target to insert a rouge DHCP, to the more likely scenario in poor countries of a spy bribing an employee to look the other way for 10 min.

The second one, which is the one you probably are most curious for: the normal behaviour of DHCP is that the client broadcasts a DHCP request, and there may be more than one DHCP server in the network, any or all of them can answer, and is to the client to choose which request to accept, however it sees fit.. Most clients go for fist answer.

If your rogue DHCP server can answer faster than the network's real one, you are golden.

This can be prevented by using client issolation in the AP/router, but then your laptop will not be able to chromecast to the smartTV in the room. And in the case of CyberCafees, they will forget the setting, or will not use it because they are using the same AP (with different SSIDs and passwords) for internal and guest traffic... Also preventable by configuring the Eth switch or router to drop all DHCP response packages not originationg from the IP/MAcAddr/port of the real DHCP server (preffer the port, the IP can be spoofed) . Not all Eth switches or routers can do this.

As for the valid leases, many a provider of prosumer gear (say, the router for a small cafe) and pro gear (say, the router for a medium hotel), send the gear pre-configured to assign addresses in the 10/8 or 172.16/12 range. Plenty of addresses to spoof without fearing you assigning an address already used. Double points if an attacker maps the network beforehand. And even if you are in 192.168/16, more often than not, there is a bunch of addresses reserved, outside of the DHCP range, for things that need a static IP address (like servers, printers and such).

Heck,the rogue router can even dish addresses in an address range different from the one the network uses (if the hotel wifi uses 10/8 you can dish addresses in 172.16/12) but that means you have to provide other services aside from DHCP, including NAT, and that is on top of the horsepower needed to Spy the traffic. That Workstation replacement laptop the attacker is using will start to struggle, and be noticed like a sore thumb amid the fan noise ;-)


Then you are safe. That case is similar (almost equal) to using a VPN inside a VM with a NON-Bridged adapter.

DHCP option 121 works by over-riding the routing tables if your machine. If your t-router connects to the network, the T-ROUTER's tables will be infected, but, when your laptop gets a DHCP lease fromn the t-router, the LAPTOP's routing tables are not altered.

iFixit hails replaceable LPCAMM2 laptop memory as a 'big deal'


Is it the end of SO-DIMM? NO!

CAMM2 has something that SO-DIMM does not: The possibility to have LP-DDR(5)

But SO-DIMM has something that CAMM2 does not: ECC-Memory

CAMM2 and LP-CAMM2 are designed for instances where the Z dimension is important (say LAptops and AIOs)

SO-DIMM is more suited where XY is more premium than Z (say NUC type computers, Small servers and such)

And, if you want ECC with that (say, workstation replacement laptops, or Small form factor servers) So-DIMM is your only choice for ECC

Has Windows 11 really lost marketshare to Windows 10?


A comapny wants to buy an AI PC because they want that PC to be compatible with Win12 in the future, and not be doing the whole crying riglamore about TPM and secure boot everyone did, but now with the TOPs (Tera Operations PEr Second) in the NPU all over again.

Problem is, right now there are NO PCs which comply with the 40TOPs in the NPU required for AI (microsoft Dixit) unless you have a GPU with suitable NPUs on them. And no processor available TODAY includes NPUs (either in the iGPU or the SoC) that hit that target. Qualcomm (arm, not X86) promisses a processosr that does it, but has not launched yet.

And even if the copmputer the company ends up acquiring hits 40TOPs, nothing guarantees that the Win12 requirement is above that number (which will render said HW incompatible or subpar) or below (which means the company spent money unnecesarily).


Re: what happens next?

"or of keeping Windows 10 supported for a little longer"

Sorry, but, for the first time, Microsoft extended the ESU to mere mortals and SMB, instead of the large and huge companies of before.

Which means, that, if you pay, your win 10 stays supported until 2028. the first year is cheap, the other two, not so much (the program is designed to help you move to Win11, not to stay on Win10).

Also, If you can (legaly) get your hands on it*, LTSC 2019 H2 is supported until ~2029 and IoT 21H2 is supported until Jan 2032

So, with Win10 microsoft gave every opportunity to keep the OS supported "a little longer"

* Is harder but not impossible for us mere mortals.


Re: Deja vu

Nah, microsoft is not on an "every three years a new version of the OS" like old times. Instead, they are on a:

"We only emit a "new OS" version when we need to radically alter the (minimum) Hardware specs."

Also, they are on a "We will reduce partial support timelines for xxH2, LTSC and IoT so that the Overalll OS version gets 10 years (and maybe a 3 years paid ESU extension), even though every specifc xxH2, LTSC and IoT receives less than that" and you will see that Win12 will take a lot long time to land. Many enterprises can not wait that long (due to support and certification issues).

So, expect Win11 to be supported until around Oct 2031 (probably without an ESU option, but do not quote me on that). Expect the Last LTSC and IoT of Win11 to be emmited around 26H2, and for reference, the last supported version of Win10 is IoT 21H2 which will be supported until Jan 2032.

As we say in my country: Te lo firmo

Win12 will not appear before 26H2, probably much farther to that date than closer to it.

Microsoft will take its sweet time to learn about AI requirements and usage with the (optional) Win11 AI PCs, before setting those HW requirements in Stone for 10 years with Win12


Re: I took the plunge into Win 11

I always keep the native browser of my OS, as a fallback from FireFox ESR (which is my main browser in all platforms). I sugest you do the same.

EDGE now is chromium based, and you can not really take it out completely, as, under the hood, remains there to provide webview services to web-like apps in the OS. (Think Tauri or Neutralino). So, the bulk of it will remain in your C drive...


Re: The flagship OS and its hardware requirements

Since most of your machines in your company already support Win11, expect that between Now, and Oct 15 2025 (or even oct 15, 2028) several things will slowly occur:

1.) People will be sent to "refresher courses" for Windows + Relevant Apps. I doubt the people in HR need solid works or matlab, and I doubt the boffins require the Native HR App, and do everithing HR related via browser, and not the Native HR Client. Here they will explain the differences between Win10 and Win11 and the differences between the Win10 version and Win11 version of each (relevant) app (if any)

2.) Canary Users within every group will go to Win11

3.) Then, low risk groups will transition wholesale to Win11, leaving a few select users with Win10 as Fallback

4.) Then, all groups will transition wholesale to Win11, leaving a few select users with Win10 as Fallback

5.) Outlying Apps will be identified, and great effort will be done to upgrade or replace them.

6.) then, is finished. If your company is on an LTSC branch, you will have support for five years from the landing of the LTSC (witch tend to be an H2 Version). (with ~3000 users is plausible you meet the licensing requirements)

7.) If your company uses plain vanilla pro or Workstation, somewhat less support time.

Your company does not seem to require sertifications (or maybe is a top secret DoD stuff), but having compliant endpoints is critical in industries that have strict regulation and certification rules, think financial (for example Payment Card Industry certifications), Health (HIPPA), Legal, etc. Yes, a company could go from Win10 to Ubuntu desktop (as per your own experience, they are the flagship company for Linux desktops that require certifications), but there enters that beespoke App, that app where the developer refuses to certify linux, or that web portal that was never tested with Firefox ESR, and you see that the environment steers COMPANIES to stay on Windows....

Expect big bumps to Win11 around october 25, 26, 27 and 28.

Ten years ago Microsoft bought Nokia's phone unit – then killed it as a tax write-off


Re: Public Service Announcement

IF by "ha highly regarded corporation went extinct" you are talking about nokia, well, nokia is alive and well.

They reinvented themselves many times, and the loss of the HAndset arm sparked a new reinvention as the third largest Telecom provider on earth (Huawey and E// alternate the 1 & 2 Spots, ZTE is the perennial #4)

Nokia still exists, it is still very big, it just hiding from consummer electronics and such. But those who know, know.


Re: Software updates

Nokia was in a similar boat to android, OtA updates were gated by the operator. But, if you knew what you were doing, you could flash/update your Symbian device. I did so many times to My E71. Having said that, it was a VERY involved process.

The tie up with microsoft actually IMPROVED on that situation, OtA updates were still gated by the operators, but updatying yourself manually was significantly easier than before. As a matter of fact, easier than android at the time.


Re: "The... Maemo operating system failed to take off"

There are a few reasons for that:

1.) No one wanted to license Maemo. Nokia really wanted to use an OS that was used by other players. Heck even Symbian was Licensed (To SonyE//, Moto and Samsung). Since no one wanted to License MAemo, it was a probably-no-go

2.) Before Elop's arrival, there was an internal feud in Nokia, where the Symbian Guys wanted to nip every flowering OS in the bud, while the New OS guys wanted to Nuke Symbian from orbit. There were more OSs before MAemo and Meego (is just that they never left Nokia)

3.) Elop had four choices:

a.) Stay with Symbian, get done with the civil war, and refine it like there is no tomorrow (belle is a good example of that directon). Symbian was sparse in the use of resources, so a good fit in low income markets. Think of AndroidGO or KaiOS

b.) Make Meego the OS of the future, and go at it completele alone, and using your own money for EVERYTHING (R&D, Coding, Marketing, Mainetenance)

c.) Go android and have no diferentiating factor whatsoever

d.) Go Windows and get a Cool 4.x MI££IARD$ for marketing, and not having to deal with SW R&D, Maintenance and coding costs...

Hindsight is 20/20, but, if I were Elop, with the Info I had at the time, Option 4 looks tempting... I can give you 4 Mi££liard reasons why.

But, I might add, Elop sold himself as a Microsoft Insider, so, perhaphs he should have known that the succesiove versions of the OS would arrive late and buggy, and that the NT kernel would supplant the CE one sooner rather than latter, and prepare accordingly...

Tiny11 Builder trims Windows 11 fat with PowerShell script


Re: Stripped down to find .................

For People who want/need/are forced to use Windows(10/11), Mint with Cinammon desktop will not cut it.

Having said that, I'd personally rather run Windows debloating scripts post-install...

Sacramento airport goes no-fly after AT&T internet cable snipped


¡Wait! Sacramento is California's capital

¿Are you telling me that the Airport in the capital of one of the most powerfull states in the USoA as ony ONE internet connection?

¡No redundacies!


October 2025 will be a support massacre for a bunch of Microsoft products


Re: Win 10 will surely get an extension

Win10 ALREADY HAD a support extension, is called ESU, and costs$61 for the first year.

People who do notknow what the ESU is, or do not qualify, or do not want to pay,or do not wnt to move to Win11 when their hardware does qualify, are of no interest to microsoft.

Samsung snags $6.4B in CHIPS Act funds for Texas fabs


Re: 2nm

The M0 Metalization Layer pitch is a good indicator. It currently sits at about 30nm~36nm This number is lower in the current nodes, but will get slightly higher in the nodes with backside power delivery, before getting back down if/when we go to full cobalt (sans cooper) interconnects.

But advances like High K gates, FinFets, Gate All Around and others kept moore's law going for a while longer. This doubling of performance whas detonted by a nm designation, even if, below about the 28nm, the actual number is more a marketing moniker than a real dimension on the slilicon. Also of note is that, between the 12nm and the 7nm nodes, the SRAM transistors (used, among other things, for cache) stoped shrinking. Nowadays, most of the silicon area of our µProcessors and SoCs is cache.

TL;DR: Ask for the M0 pitch to know the true size of features in the silicon beyond the marketing nm number. But the marketing nm number still has value.

China orders its telcos to rip and replace US chips with homegrown silicon by 2027


You are right and wrong at the same time. MUCH/MOST of the second hand telco equipment is dropped of the compatibility matrix, so is logical that you think that all of it is, but that is not the case.

If the equipment is inside the compatibility matrix, support can (and is) bought from the original manufacturers.

This particular case is a perfect example of when this type of thing happens. Also, another example is, when, for one reason or the other, the operator is feed up with a provider and does a full swap of equipment in favour of another vendor. Sometimes the incoming vendor buys back the equipment and destroys it, but some times, the telco has to "fend for itself" and sells the supported equipment to the intermediary.

I've see a few of those cases first hand.


Yes... and no. Normaly, the Decomissioned equipment is sold to well known intermediary companies, that, in turn, sell it to other telcos.

But, unless the equipment is Super-Duper-New, the rich telcos buy newer stuff, and the poorer telcos (rural telcos and/or big telcos in less affluent countries) buy the second hand stuff. So the Huawei Kit removed from the USoA and Europe will end up in LatAm, SE Asia and Africa, While the decomissioned western equipment decomissioned in china will end up in the same places + Rural and smallish telcos in europe and the USoA.


Loongson CPU that performs like 2020 Core i3 makes its way to Chinese mini PCs


X-86 32/64 emulation

The OG LoongSon had ~100 extra (non-MIPS) instructions intended to make it easier/faster to emulate (via QEMU) an X86 machine. I am curious what is the status of that in these newer implementations, in both the HArdware and Software side...

¿Abandoned? ¿Deprecated? ¿As is? ¿Under active development?

If anyone Knows, please chirp in, thanks in advance.


Re: China will soon match the west

¿where were you in 2016? In that year I heard time and time again "No way Trump can win." The rest, as they say, is history.


Re: China will soon match the west

The USoA is not "the west". Ask continental european children about "being in debt for education" and you will get a very different picture.


Re: Good enough

Nothing was said in the article about the GPU paired with the machine. If it can do DP4a, you are golden for "entry level" AI inference workloads device-side


Re: Probably not exactly a bargain.

¿Does "Ryzen 3 level tech" work out for you? AMD has been pushing that brand far less than intel's core.


Re: Probably not exactly a bargain.

Then the examples of Taiwan and South Korea (both right wing dictatorships while developing) would be more your alley.

D-Link issues rip and replace order for besieged NAS drives


You can "TRY" patching that NAS with ALT-F

ALT-F Provided ALTernative-Firmware for D-Link NASes, many of which are the subject of this CVE. AS an added bonus, said updates provided support beyon the SMB1 only support D-Link provided.

I do not have a D-Link NAS, and heard about ALT-F thanks to user jm1 over at Ars

I say "provided" because the last major firmware they provided is dated 2017, and the last patch of said FW was a few months latter. But still, better than nothing, I guess, doubly so if it plugs this particular hole.

A little more time to save up for a newer NAS from a reputable source, and with a decent CPU, so it gets a long support window

Other than that, you know the ussual routine: block acess to the NAS to and from the internet, harden the NASs security configuration, etc...

Link: https://sites.google.com/site/altfirmware

Imagination licenses RISC-V CPU cores for smart TVs, IoT, embedded stuff


Re: If TV using this have a good upscaler, count me in!

I agree 100% with you, that's why I pitched a Laczos derivative, as it is 100% statistical/matematical formulas. AI free. + Temporal Interpolation/extrapolation free


Re: the need for decent Upscalers is there, and not satisfied.

For content already stored on my NAS, maybe

But, for OtA content would be a pain in the ass, as it would mean:

Capture said content.


Then, finally, watch

Ditto for the odd CD(video) or DVD.

Is a pain in the ass.

And let's not talk acout retro console games.

I'd rather pay for the convenience of a centralized DECENT upscaler.


If TV using this have a good upscaler, count me in!

Being Smart or non-smart, most TVs (and computer monitors too) have very crappy upscalers. In the case of the computer monitors, is comprenisble, they can ofload the work to the more powerfull GPU of the computer (even the punny iGPU is orders of magnitude faster than whatever is controlling the monitor).

But in the case of TVs? This is inexcusable. We achieved peak upscaler in the 2006-2010 timeframe, and it has went downhill from there*. you get bilinear... trilinear if you are lucky. In the cheaper models, even less.

If these chips, coupled with an Imagination GPU, can do upscaling using some better upscaler (perhaps a Laczos derivative like AMD's FSR 1.x which is FOSS), then they can have my money for the TV (be it smart or not, and no, a monitor alone does not a TV make)...

There is way too much content available in 240i~340i (old Video Tapes), many movies that never got (and never will get) anything beyond DVD, TV programs that were shoot in 480p (umatic and Digital formats for TV broadcast). For many of those is uneconomical (or complicated by licenscing deals) to get remaster (if in HD) or an upscale (if they are not available as such).. that for many people, me included, the need for decent Upscalers is there, and not satisfied.

* My trusty tioshiba TV from 2008 has a cell processor inside, no less, for such things as upscaling and screen stretching.

Want to keep Windows 10 secure? This is how much Microsoft will charge you


Re: gog/linux

If we are honest, there is no guarantee. There are crowdsourced lists of games that work or not, but, in the end YMMV

your best bet if to reconfigure your lappy to dualboot, and try them yourself. If you are satisfied, zapp it completely.

what I am recommending friends and family is to pay the first year (if they are elegible) and for years 2 and 3, move tot he free version of https://0patch.com/


If, as you say, they are processing payments, the PCI (Payment Card Industry, not Peripheral Component Interconnect) rules demand that they are using a supported and certified OS, so all those Win10 tills you see need to be Win10 LTSC 2019 (supported until 2029), or Win10 IoT 2021 (supported until 2031), or that they buy one, or two, or three years of this Win10 paid support.

And then migrate to something acceptable for the PCI certification at that time (be it Win11, win 12 or some CERTIFIED Linux desktop [as installing Linux server on a Till is overkill]). Current standard is PCI DSS 4.0 if you want to know what the certification entails.

As for people who use Win10 for digital signeage, they will not update until their signeage is hacked to show pron, k0rn or other questionable (for them) material.

Lack of knowledge, specially in SMBs nad individuals also play a factor in people not updating unsupported Win10 to "something/anything" else, or buying extended support.

Why Microsoft's Copilot will only kinda run locally on AI PCs for now


nah. the Microsoft stickers will save the day!

Windows Vista, ... errrr sorry, Windows 12 AI PC Capable will be PCs with 16GBRAM, no NPU, AVX2 and a GPU that supports DX12 Feature level 12 + a specific set of OpenCL 3.0 primitives.

Both the AI and overall experience will be terrible, but at least you could upgrade your Win11 cluncker

Windows12 AI PC basic will have 16GB RAM, an NPU below 40 TOPS, and a GPU with DP4a support. The experience will not be much better

finally Windows12 AI PC Premium will require minumum 32GB DDR5 RAM, and an NPU above 40 TOPS

marketing saves the day, big bonuses all around, ans then the unwashed mases buy the Windows 12 AI PC Capable machines, and complan about the OS experience.

SK hynix said to be building $4B memory packaging plant in Indiana


something does not add up

Normally, fabbing is/can be done in high cost countries because it is highly automated and highly profitable. Meanwhile packaging (even advanced packaging) is more labour intensive and therefore, relegated to low cost counttries. More so if done "at high scale/volumes"

when done in high cost countries is either as a boutique/R&D initiative, or for historical reasons, and this one seems to be neither.

so why indiana-USoA and not, say, monterrey-mexico? Only god knows.

and no, subsidies alone do not explain it.

only time will tell

UXL Foundation readying alternative to Nvidia's CUDA for this year


Is very likely this will fail, like many others before

And the worst part is that I'd love to see an alternative to CUDA to exist, but our desires should not impede an impartial analysis...

The most glaring example of past initiatives failing is OpenCL. Between 1.0 and 2.2 it was painfully slow, so slow in fact, that Apple deprecated it, after all the work they did to spearhead it, and integrat it as a frist class citizen in OSX/MacOS (for instance, one could use Grand Central dispatch to issue OpenCL tasks as easily for OpenCL as for CPU).

And then came the clusterFSCK that was OpenCL 3.0, where the mandatory baseline is OpenCL 1.2 (that is, in fact, a regression) and then everything else is OPTIONAL. Which means, is super hard to write hardware agnostic code in OpenCL 3.0, as not all functions will be supported by all manufacturers.

And remember, beyond AMD, Intel and nVidia, there is Qualcomm (Adreno), ARM (Mali), PowerVR, VIA (as S3), and the Only-China duo of Imaginnation Technologies (similar but not equal to PowerVR) and MooreThreads. Pleanty of hardware to choose if you want to write OpenCL code. And please also remmeber GPU Accelerated code is not only used for ML/AI, or CFD, or HPC, but also for day to day tasks (Like calculating indexes and hash codes in databases). Also, remmeber that many of the "Lesser" GPU architectures are used in ARM servers

Similar examples exist with things like SYCL, and, as the previous comentor wrote, AMD doing FOSS GRaphics and CUDA-Killers as knee-jerk reactions and changing things every few years... AMD has been bussy changing their "CUDA Killer" architecture (and the Accelerated Graphics one too) every few years. Close To Metal, Mantle, Stream, GPUOpen, HIP, ROCm... ¿Does any one of those ring a bell?

Instead of AMD's engineers heeding the suba divers advice:

Stop-Think-Act. If I can do that 500m inside a Cavern, why AMD's fellow engineers can not do it sitting in a conference room is beyond me...

So, TLDR: While I would like to have an alternative to CUDA, past experience says that these kind of initiatives fail, Is likely that this one will fail as well.

Mozilla fixes $100,000 Firefox zero-days following two-day hackathon


Re: Range of FF versions?

ESR 102 is deprecated and fully insecure at this point. ESR 115.9.1 (what I am using) is fully patched against this. And is also the oldest firefox version patched against this.

If you are on the ESR channel, you should UPGRADE once a year, either as soon as the new ESR lands, or ~ three months later, when the new ESR hits the automatic UPGRADE channel.

The next ESR (128) is expected to land on July 8 (I intend to install it then and there), and is expected to enter the automatic update system (and become the only ESR version) about Oct 1. It would behove you to UPGRADE if you value security.

Also, if you are on ESR, you should enable automatic security updates, as it will not mess with your stability, as the updates carry neither neither new features, nor inteface changes (i.e. no guff-storms), only security patches.

Microsoft's first AI PCs Surface with Intel cores and a Copilot key


If you want to know what an "AI PC" is, do not look into this new batch of Surface devices, instead, ait a litlle whhile, and see what Windows 12 demands as a bare minimum for AI...

You can use DirectML with something as old as a DX12 Video Card (Feature level 12), which means, even a GTX9xx card, or a Gen9 Intel iGPU can do it. ¿Will that alone be enough for MS's AI Ambitions? That will NOT leave many computers out of the upgrade path.

¿Perhaps OpenCL 1.2 with choice features of 2.x and 3.x? Again both intel 9th gen iGPUs and nVidia 9xx series graphics can do it, but it will depend on the specific 2.x and 3.x features needed

¿Maybe those two, coupled with AVX 2 for good measure?

¿Perhaps DP4a (which means something as old as an RTX10xx can cope)? That will let many desktops and laptops in, but so many iGPU only machines out.

¿Maybe A processor with VNNI support (or more likey, AVX 10.x with VNNI Support).? That will leave even more machines out of the upgrade

¿Or maybe the minimum cutoff will be an NPU somehwere in the machine (either the GPU or in the processor itself)? That will leave all iGPU only laptops (except for the newer stuff) out for pasture.

¿And how much memory will Micosoft demand for running the models device side?

¿Will they even want to TRAIN (smaller) models device side side for things like voice or handwriting recognition device side for added privacy?

Only time will tell what a MINIMUM "AI PC" is, and I guess not even Microsoft knows at this point...

China 'readies production' of homegrown high-bandwidth memory


the chinese are not dumb

They will develop 2 ecosystems, one for sanctioned entities, and one for non sanctioned ones. So expect santioned entities using huawei processors, moore threads GPUs and YMTC (G)DDR-5, flash and HMB, and expect non-santioned entitites to use CXMT memories, innosilicon GPUs and processors from non sactioned entities.

of course, some functionaries in china may be less than bright and try to use son sanctioned components in equipmentt made by santioned entities, and there is no guarantee that the USoA can sanction other entitites, even if the comply 107% with the letter of the law...


Crunchbang++ versus Bunsen Labs: The pair turn it up to 12


CBPP Vs. Bunsen

I came to Know about #! and its devivatives CBPP + Bunsen through el reg, many years ago when I was looking for tyny distros to Replace Damn Small Linux with something more modern. I was using it for VMs, also to resurrect old machines, and I recomended it to my students to simulate Workstations in virtualized nertwork topologies.

I ended up decanting for CBPP for a simple reason, they are MONTHS faster to release after a new Debian drops. Debian is stale as it is, imagine waiting on top of that for the extra time that Bunsen takes to release, by the time you get the Bunsen with the latest Debian, you have already oudated applications. That is a no-go for me

Having said that, I have read many times that the Bunsen Comunity is more welcoming and helpfull for newbiies, but, not having used Bunsen, I can neither confirm, nor deny.

CBPP for the Win!