* Posts by LeoP

136 publicly visible posts • joined 9 Jun 2010


Bad things come in threes: Apache reveals another Log4J bug


OK, I fell for it

Your honour, while I am truly sorry, for the sake of the truth I have to add, that I have seen worse rants being ment word-by-word


Re: Open Source Has Failed

I recommend you do exactly that. Never ever again use a bit of open source software for you personally or for the good state of Texas.

That will show us "commies" and "libtards" what we need to know and make your IT run smoothly on "highly secure quality products from the likes of Microsoft, Apple, Oracle". I do especially recommend the latter.

US trade watchdog opposes Nvidia's Arm buy, mostly over fears about datacentre innovation


Re: This is Silly... There is plenty of competition in the CPU space

In the Joules/Gigainstructions performance indicator, which is what matters most where MALI-GPUs are used, they have a 1:10 advantage over Intel and still more than 1:5 on (today's) Nvidia.

While they are good enough for what they typically are used for, this is one of the areas where the merger could actually generate better products. Not a good enough argument for me, though.

HP's solution to running GPU-accelerated Linux apps on high-end Z workstations: Rely on Microsoft's WSL2


It's just "apt install" on Ubuntu

One can think so or so of Ubuntu, but the Nvidia stuff is just an "apt install" away.

We do lots of work for the broadcast industry, that includes lots of NVDEC and NVENC accelerated de- and encoding and lots of CUDA-based image filtering.

The combination of Ubuntu Server, the in-repository nvidia drivers (and even the out-of-the-box NVxxx-enabled ffmpeg) make this really pain-free. Definitly less painfull than a Windows 10 (or worse: Weindows 11) installtion.

We're closing the gap with Arm and x86, claims SiFive: New RISC-V CPU core for PCs, servers, mobile incoming


AMD's pre-Zen era

Do you mean when there Opteron designs forced Intel to go 64 bit, when "4GB per process should be enough for everyone"?

Been there, seen that. Old fart.

Alibaba Cloud drops all-in-one client device, on-prem cloud-native DB


Yes and no

It's slow for RAM, but it allows for (dynamic) scaling of RAM to and from VMs - that might easily bring a big net positive

WTF? Microsoft makes fixing deadly OMIGOD flaws on Azure your job


Moronity factor of nearly 100 mD

I petition the Register for a new unit of measurement - for moronity (this is the evil flavour, let's use "idiocy" for the foolish-but-not-evil flavour)

I propse the natural choice: The Donald

On such a scale, this would come up to nearly 0.1D (or just shy of 100mD)

Facebook and Apple are toying with us, and it's scarcely believable


specced well enough that an equivalent non apple machine would be similarly priced.

Would you please provide a pointer to a $999 display stand or a $699 set of tiny wheels by ANY other vendor?

Bork to school: Apple kit management service Jamf pulls a sickie for IT crews trying to get pupils on iPads


Teaching our young on closed systems we have no control over

What could possibly go wrong?

Your 60-second guide to what Intel announced at CES. Or in 5 seconds: New laptop chips


Re: Intel are lagging behind

A lot of us use Linux - including the overwhelming majority of servers. And the Linux drivers license allows you to drive both, a Ford and a Ferrari with the same ease.

Now if some clever big chap were to understand, that it is not Intel lagging behind Apple, but Intel lagging behind Arm and do what Apple did for Laptops, but target the Linux server market, this would be quite a Bugatti.

The ghosts of Microsoft SQL Server past, present, and yet to come: The Reg chats to Azure Data man Rohan Kumar


Quite a good product, but killed by its environment

SQL server in itself is one of Microsoft's better products. But.

- The possibility to run it on a sane OS came years after the others ate this part of the cake

- Licensing (for use on your own infrastructure) seems to be modeled around Oracle: Nobody understands it.

So thanks, but no thanks.

Watt's next for batteries? It'll be more of the same, not longer life, because physics and chemistry are hard


EV charging time

What I have a hard time understanding is the unreflected "must charge in 15 minutes" argument. It may be true: What percentage of cars is actually used in a role, where a range of say 500 Km / day isn't sufficient with an 8 hour overnight top-up?

I am in the process of selecting an EV to buy, which implies, that I did a thorough analysis of use-cases. My personal cut-off is below 300 Km / day, and I know not of a single person, where this would be beyond 600 Km / day.

Combine parked-time or overnight charging with some smart grid-balancing by means of a charging priority (e.g. I don't care if my car is full at 2 a.m. or 6 a.m., but I want it to be guaranteed full at 7) and you might get quite a tasty package: Grid-reserve is maintained by switching off thousands of chargers for those 30 minutes it takes to get that gas turbine online when something big fails, instead of idling it all day or all night.

CentOS project changes focus, no more rebuild of Red Hat Enterprise Linux – you'll have to flow with the Stream


IBM has a hard time adjusting to the new realities

Call ne sentimental, but I was quite attached to IBM for many years. Their x-Series servers were solid like rocks, and at the time this was even more important than it is today. And they were quite early on the "Linux is the default OS for a server" bandwagon. The SCO saga (most of you will remember groklaw) added more respect to that.

But it is not ment to be. They seem to be just are unable to cope with the realities of today, where you can't slap an IBM sticker on something to double its perceived value, where the only ultra-high-margin cashcow remaining is the mainframe, which is going the way of the Dodo. Any of those perky new banks or insurance companies using them? Nope. And DB2 neither.

Instead of adapting, they chose to do more of the same - not good. Bye, IBM, it was nice while it lasted.

OpenZFS v2.0.0 targets Linux and FreeBSD – shame about the Oracle licensing worries


Re: "acting within the rights granted"

Oracle seems to have managed to let the licensing problem stand long enough to make it irrelevant: Scaling file systems has gone through a few paradigm changes in these 20 years, so that the target market for ZFS is ... not that big any longer.

Add to that some arcane rituals needed to be performed if you run into one of those nice little 'cannot mount ZPOOL' siutations and it is just no longer relevant except for some rare edge cases.

I'd have happily invested in it 20 years ago. Even 15. Buto today? Nah.

Open-source database outfit Redis Labs grabs $100m funding as it seeks to be about more than just cold, hard cache


Re: How does redis work if the power goes off?

That depends on your config - out of the box you lose the last 2 seconds of changes, but you can chose your sweet point of performance vs. pesistence in a spectrum from "This is just a cache" up to "every transaction counts"

Apple: We're defending your privacy by nixing 16 browser APIs. Rivals: You mean defending your bottom line


This is not about privacy

We all know the "This website wants to send push notifications, Allow yes/no" prompts. It has proven quite a well-working way to deal with site privileges. Nothing (ahem ... nothing technical) would stop browser vendors from defaulting all such APIs to disallowed, but present the user with a "This website asks for these privileges: 1., 2., 3., ..." dialog when first loaded,just the way it is with Apps from some App-store.

PWAs that actually put value into the users hand would have a good case, but not every click-bait site.

Removing the "secret" from "secret sauce" seems much saner to me than disallowing sauces alltogether. It would also help to move things from the "App"-Domain back into the "Open Web"-Domain, which is of cause what Apple fears like a Vampire fears daylight.

25 years of PHP: The personal web tools that ended up everywhere


Have that wordpress-related upvote.

... tile says it all

'Beyond stupid': Linus Torvalds trashes 5.8 Linux kernel patch over opt-in Intel CPU bug mitigation


Re: funny security

Interesting. While we are not a TLA, we do insist on physically seperated management segments. I do think to remember the double-tagging attack to work quite fine on a lot of colo switches.

While waiting for the Linux train, Bork pays a visit to Geordieland with Windows 10


Re: Need a bit of Raspberry Pi action

We do support a large number of appliances in really remote (to us, as behind doors with gun-carrying guards around them, who always - and I really mean always - look annoyed) places.

Of course they are Linux based.

Of course they shit themselves from time to time (TBH basically only with hardware faults)

Our "Fleet Management" is a device/software/version-personalized script on the appliance that phones home every so-and-so telling e.g. "I am fine" or "I'd rather have a new disk in slot 3" (they carry a largish cache each, but no genuinly original data apart from the system-generated config). And that "phone home box" is of course a cluster and of course keeps track of missed calls.

The "dashboard" is ugly as hell, but nobody ever bothered to have the designers put a lick of paint on something, where the "show last 100 events with lever warning or worse" logtable is the page that gets 99% of the hits.

If such an event occurs from a not-yet signalled device-id, a list of e-mail addresses will be pinged once an hour until they log in and display details for this device id.

If they log a warning+ event or if ordered to do so when phoning home, they will also open a reverse SSH tunnel to the watchdog server, so that the admins can log in.

The whole setup took less than 2 days to create and hasn't failed us in many thousands of deviceyears.

And: It is no subscription, belongs to us, isn't tied into some "cloud service" and moving it is a DNS record away.

And: it is ISO123456789-certified to exactly 125ml of Pinot Grigio

Linus Torvalds drops Intel and adopts 32-core AMD Ryzen Threadripper on personal PC


Re: AMD vs. Intel: War Games v3.0

"without the PCIe bottlekneck"

This made me again realize what an old fart I am.

Oracle to take IT out of the equation for HR, ship prebuilt metrics, KPIs to analyse carbon-based lifeforms


What's more frightening ...

... than being pulled into the cloud that noone wants by a desperate billionaire?

Can only be: The results of this being used to do "analytics" on human beings.

There is no icon for disgust, please add one.

Now there's nothing stopping the PATRIOT Act allowing the FBI to slurp web-browsing histories without a warrant


Land of the free

For which definition of free?

Please Mr. Trump: Build a wall. A big wall. Not only to the south, but all around. Keep that lunacy in.

Incredible how you can steal data via Thunderbolt once you've taken the PC apart, attached a flash programmer, rewritten the firmware...


This is just another example ...

... of "physical access = complete compromise modulo time".

And this tends to be even cheaper and easier with "Smartphones" (i.e. smallish pocket computers) than with the PC counterparts - and I know quite a lot of people, who use the former to unlock the latter.

Some sanity might just help: This document is important? Encrypt it on a file level and PLEASE close it before letting you computer unsupervised.

On the opposit end of the spectrum, they might have all my "photos" folder. Well, the Memsahib might take issue with that, so not really all.

What do you call megabucks Microsoft? No really, it's not a joke. El Reg needs you


Only one possibility

comes to mind, since I watch some random GoT episode yesterday:

Neverlearn Livebane

Forever mothballed: In memoriam Apple Butterfly Keyboard (2015-2020)


Still, at least you can now eat ...

... a cronut at your desk without worrying about subsequent trips to the Genius Bar.

I always could. Since I need my notebook for work, not to show of wealth and/or moronity I didn't and wouldn't dream of buying such a device (and at such a price) for the privilege of running OSX "Vista" Catalina.

Prank warning: You do know your smart speaker's paired with Spotify over the internet, don't you?


Cloudy days ...

... for anyone thinking he actually owns that expensive gadget he shelled out for.

And a briiliant burglery reconnaissence tool: If after the 17th loop of "Last Christmas" (or any title in the 1000 volume collestion "Songs I'd have hoped to never hear again") nobody is running out of the house with blood dropping from the ears, the target can safely be assumed as empty.

That awful moment when what you thought was a number 1 turned out to be a number 2


This might explain ...

... the performance of the Banks when things got a bit rough.

Mix 1 part moronity with 2 parts of greed and you get a tasty taxpayer-bailout cocktail.

AI startup accuses Facebook of stealing code designed to speed up machine learning models on ordinary CPUs


Re: Schadenfreude

Full disclosure: My first language is German, where the word "Schadenfreude" comes from.

It consists of "Schaden" (loosly translatabel to "damage") and "Freude" (loosly translatable to "joy"). So "Schadenfreude" is enjoying somebody else's damage.

Now I strongly reject the notion of me really enjoying something, that only damages Facebook! I will not settle for anything else than full destruction. My (bohemian in both senses) great-grandmother would have said (again loosly translated into modern english): They have already sinned more, then what can be counterbalanced by a single eternity in hell.


One factual and one meta opinion

Let's start with the factual opinion: The important part in today's AI workloads is not so much a question of performance alone (you can throw a lot of hardware against it), but of performance per unit of energy consumption. It is rather hard to believe, that even the smartest trick can make a general purpose CPU work as efficient on such a specialized problem than a specialized (i.e. GPU) accerlerator card.

Now the meta opinion: Whatever is bad for Facebook is good for me. YMMV.

Broken lab equipment led boffins to solve a 58-year-old physics problem by mistake


Not really

They are good in the breaking part, but seem to find the learning part quite a challenge.

Meltdown The Sequel strikes Intel chips – and full mitigation against data-meddling LVI flaw will slash performance


The other wayround

Code, that is compiled with these handbrakes on is not (or at least less) susceptible to being attacked. So the deliberate compiler deoptimizations are for the victims, not the miscreants.

And why would an attacker want to slow down his code?


The average bod vs. the average conman

Of course we see from the enlightened example of our Trumpian friends, that draconian punishment (including death) are a near guarantee for a very low-crime environment, peacfull streets and no cybercrime at all.

Speaking of it: Are you interested in an investment opportunity into an essential and lucrative bridge?


Re: If these exploits carry one

Also from the FA: "However, LVI turns out to be most practically exploitable on Intel processors because of the combination of the facts that we have seen more Meltdown-type leakage sources there that can potentially be inverted, plus certain design decisions that are specific to the Intel SGX architecture (i.e. untrusted page tables)."

Quote-picking doesn't alter the real world.

BOFH: Here he comes, all wide-eyed with the boundless optimism of youth. He is me, 30 years ago... what to do?


Re: A better essay on the state of IT I have not read

The quicklime references provide additional headroom to that undisputed lead.

If you're writing code in Python, JavaScript, Java and PHP, relax. The hot trendy languages are still miles behind, this survey says


Collecting a few downvotes

First of all: I appreciate StackOverflow

This stems to a big part from those nasty bastards that pay my bills: The customers. A lot of our work is replacing outdated/buggy/no-longer-suppported/whatever systems and applications with something more robust that runs on a sane foundation (for varying values of sane). This often includes having to dip into the other system deep enough to make migration easier or sometimes even feasable. StackOverflow has this knowledege.

As a thank you, I tend to answer a selected "hard" question from time to time - quid pro quo.

Now the second flame war: There is no inherently bad programming language - and if there is, then neither JS nor PHP. It might be (and likely is) true, that the perceived easyness and accessability of the pair produces an out of proportion amount of inexperienced or just bad developers, but I consider it unwise to blame this on the languages. We create a lot of PHP - but we (at least try to) do it in a sane, controlled and responsibe way.

I do on the other hand know from personal experience a metric shitton of C{,++,#} code that should never have been allowed to leave the dark cave it was conceived in. And don't get me started on 100MB+ Java processes doing basically a "Hello, World".

Languages (and more important: Runtimes) are tools. Tools help. Tools do not replace skills.

Virtualization juggernaut VMware hits the CPU turbo button for licensing costs



This is neither cynical nor a flame war, but an honest question:

Why would anybody use VMware for virtualisation in more than a Lab/SMB scale?

- If you are so big, that you feel the pain on 33+ core CPUs, you most likely have an IT department

- If you have an IT department, the actual people working there will want the money going in their pockets, not VMware's

- Xen and (even better) KVM cost nothing in license fees and scale much better, the HCL of KVM being ... close to everything ever built on x64.

- Just a handfull of VMware full-featured licenses will easily pay for a BOFH plus a PFY.

- The "ecosystem" (managability, storage options, ...) of the FOSS world have already bridged the gap and are often better than their VMware counterparts.

Vendor-bender LibreOffice kicks out 6.4: Community project feel, though now with added auto-█████ tool


Re: LibreOffice Draw


Microsoft previews Visual Studio update with added Linux love, many new features


Fundamentally different approach

We take a fundamentally different approach to tooling - I understand, that this causes more maintenance effort but the resulting increase in productivity and happyiness ahs until now outweighed it by far. It may be hard to scale though.

The "normal" stuff:

For every project

- there exists a defined repository (duh). What's not in there dosen't exist.

- there exists an automatic build and deploy process to a defined set of targets (usually VMs, that are spun up from a template). What doesn't build there doesn't count.

- Deep testing in development is encouraged, but only the tests on the targets count

The "strange stuff":

Every developer choses whatever tooling he wants to fill the repository. Choise of Hardware (within a budget), OS, IDE, tools whatever are completly up to the developer. Want to develop in nano via SSH? Go ahead. Want Visual Studio? Go ahead. Use whatever makes you happy, but remember that the build target isn't your machine, but the project build-and-deploy bot.

Some chose to "make things run locally" first and then basically port to the target, others keep very close to the mothership - I don't care. It's the output and dev happyness that count.

Sure, we made your Wi-Fi routers phone home with telemetry, says Ubiquiti. What of it?


This comes at a good point in time

A few days ago I was asked by a client (for whom we normally don't do any networking, but hey there is the water-cooler/coffee-maker/whatever talk) to help them think how to expand their (currently Ubiquiti) WLAN - stay with Ubi, roll their own or go "Enterprise". I forwarded them a link to this article at ca. 11 p.m., and got a reply along the lines of "so one possibility just dropped" within 5 minutes.

This tells me, that they are quite serious in both ways.

Lies, damn lies, and KPIs: Let's not fix the formula until we have someone else to blame


Been there, done that

Yours humbly is from a country that is better known for its musical than for its technical prowess and whose biggest telco was at that time a mostly state-owned partner of Vodafone (now a daughter of America Movil after a more than boitched privatization job).

Their claims of 95+ percent availability seemed rather absurd then, about 90 was what everyone would have guessed (remember that this means double the downtime).

Now: The clue for the why is in the first paragraph: It was a mostly state-owned telco. Management was picked by their party affiliation and willingness to do what some politician wanted, not by what was best from a technical perspective.

Larry Ellison tiers Amazon a new one: Oracle cloud gets 'always' free offer, plus something about Linux


Larry must be desperate

Let's face it: Using a public cloud offer always comes with a measure of lock-in: A spectrum from just "convenience lock-in" where the effort of moving a workload to another provider or self-hosting is just a resource-costing nuissance up to a "systematic lock-in" where you need to rebuild a lot of components to make it even possible to move to a different vendor. We have come to accept this and many (if not most) mitigate as good as possible.

The only reason we are willing to even consider accepting it is an uneasy trust not in the vendors, but in the market forces moving them: If one cloud vendor were to start screwing his customers more than the pain threshold, he would have a very hard time acquiring new customers and stall his growth - which is very near to a death sentence in an industry where economy of scale is a major effect.

There is one thing though: For many of us (and this definitly includes me) this trust does certainly not extend to Oracle, whose business model is sometimes perceived as "lock, screw and blackmail". And while this does work with (mosty legacy) applications that are tied into the main Oracle Database product, the idea of beginning or extending such a relation to cloud hosting does not go down well with IT departments. And forcing a product into goverment contracts via the courts doesn't inspire confidence as well.

So Larry made a cloud, and nobody wants it - if not coerced with one of those beloved audits, basically nobody signs up. Beware of a furious and desperate Billionaire!

Harvard freshman kicked out of US over OTHER people's posts on his social media


Re: So to gain entry into America you MUST......

I'd go to America quite voluntarily - Canada seems a very nice place to visit - just not to Trumpistan (formerly known as USA).

Please don't equate AMerica and the USA, that's "Fake Olds"

Microsoft middlemen rebel against removal of free software licences


It is what's between the lines that is really important!

There have been many (both enlightened and whining) comments in the last years that Microsoft has basically given up on the SMB (and maybe "Power User") market:

- No more Exchange in SBS

- No opt-out of "Telemetry" below hundreds of seats

- Mo more WIndows for mobile

- More of that stuff.

Well, IMHO this is nothing else than completion of the circle: If we don't care for the SMB market, then why would we care for those supplying it?

What I am quite curious about is, whether there is some vacuum starting to establish and how it is going to be filled.

Akamai CEO: Playing games from the cloud? Seems too expensive to be viable right now



First of all: I don't game, so the blind is speculating on colours here.

But: I assume a decent gaming rig will cost over 1000,- (Euros, Dollars, Pounds doesn't really matter) - let's say 1200 to ease up the calculations. This means, that with a subscription cost of 50,- the hardware alone will cost two years worth of it, not taking into account the power it uses at your end (a.o.t. on Google's end). Most hardcore gamers I know will consider a 2 year old rig hopelessly outdated at least concerning the GPU. Add to this the cost (in expertise and time) of running Windows 10 and outsorcing all that to bigger players (pun intended) and only owning what is basically a smart-TV-sans-TV might actually be a good value proposition for the less tech-savvy.

Bring it on, Chipzilla! Nvidia swipes back at Intel in CPU-GPU AI performance brouhaha


Fair and square

Far be it from me to defend intel. Far as in at least a few galxies.

But in the name of fairness one has to make clear, that Nvidias GPUs have never undergone such scrutiny - and they would have fared rather poorly if they had: Just the NVENC part (which makes up a tiny proportion of the GPU) leaks the last image of every encoded stream to any Dick, Tom and Harry who create a new context.

Google puts Chrome on a cookie diet (which just so happens to starve its rivals, cough, cough...)


Looking forward to "the Facebook brwoser", "the Amazon browser" and friends

Maybe we will get some browser competition after all?

Welcome to the advent of "Apps" on your general purpose computer. Except it won't be any longer.

Owner of Smuggler's Inn B&B ordered to put up a sign warning guests not to cross into Canada


Canada! America! Canada! America!

Canada is part of America (some would argue the most sane part of it):

Canada is NOT a part of the USA (which of course explains why it is often seen as the sanest part of America).

As of 2019 the correct wording is "Look, boy! Now I'm in Trumpistan! Now I'm in Canada! Trumpistan! Canada! Trumpistan! Canada!".

On a more sobre note: Please don't help spreading the "fake olds" that "America" and "USA" are synonymous.

One click and you're out: UK makes it an offence to view terrorist propaganda even once


Can I expect a knock on the door?

Of yourse you can. Since your Internet use is monitored in real time thanks to the spook's charter, this is automated.

Epyc move: Supermicro plunges into Cascade Lake’s Optanical waters


Intel hopes ....

... it will outperform the Epycs by 4% with a price premium of 400%.

They'd better hope, not only Apple has fanboys.

Vitamin Water gets massive publicity for new flavor: Utter BS


Re: Bah. It's just the usual "Too good to be true" promise

Since yours truly lives in Vienna let me elaborate: Vienna City services (from trash collection to dog tax) are organized into "Magistratsabteilungen", or "Divisions of the Magistrate", called MAx with x being a Number between 1 and somewhere around 70.

The series is about an imaginary "MA2412", the division responsible for Christmas decoration - you can imagine that a division of civil servants having exactly nothing to do for 10+ months of the year (and I mean exactly nothing, not the figurative-but-true nothing) creates a good backdrop for a comedy series.

Bad thing though, that neither script nor acting nor ... ahem ... anything in that series is of better quality than what would be produced by a "Magistratsabteilung"