* Posts by Roo

1604 posts • joined 21 Sep 2010

'5G for Five Eyes!' US senator tells Parliamentarians the world would be better without Huawei

Roo
Windows

If it's important to them I imagine the US would simply ask Boris to hand over the carrier and crew for free and he'd deliver it to them gift wrapped. That said I think it more likely the US would simply use it for target practice - or simply cancel the junket out of spite.

'Beyond stupid': Linus Torvalds trashes 5.8 Linux kernel patch over opt-in Intel CPU bug mitigation

Roo
Windows

Re: Real Fix

Kinda sad seeing a key Intel customer, AWS, flounder around trying to fix Intel's bugs instead of leaning on Intel to actually fix them. AWS are between a rock and a hard place - they either replace the hardware - with the unavoidable chance that the new hardware will also be broken, or they implement performance killing hacks on their heavily utilized shared boxes... Gee, maybe putting all your eggs in one basket was a dumb idea after all...

Remember when Republicans said Dems hacked voting systems to rig Georgia's election? There were no hacks

Roo
Windows

Re: Move on

He did get paid 132K for the work...

Roo
Windows

Sadly true. My interest in what goes on in the US is because UK government foreign policy has pretty much been dictated by the US government. Although that does seem to have evolved a little - the UK cabinet now takes it's orders from a bunch of shady think tanks that are set up & funded by US & Russian billionaires instead - I guess they cut out the middle man which makes sense if they already own the US government from top to bottom.

Roo
Windows

Re: Move on

"If you have actual proof of such wide-spread fraud, please alert the authorities ... and the Press. Posting about it here does absolutely zero good."

Fair point, but I suspect the poster may well have been thinking about such as "Leslie McCrae Dowless Jr" - he has been indicted recently. Funnily enough it's actually quite difficult to get search results for this stuff because of all the mud stirred up by the Republicans - the majority of hits reflect their narrative rather than the fraud investigations and their outcomes.

Apple owes us big time for bungled display-killing cable design in MacBook Pro kit, lawsuit claims

Roo
Windows

You'd have to shout pretty damn loud to be heard over the hordes of of the bean counters chuckling happily at the huge mountains of cash that Tim Cook sleeps on.

In case you need more proof the world's gone mad: Behold, Apple's $699 Mac Pro wheels

Roo
Windows

Re: Re Cycle Wheels

I worked in the AV installation trade biz for a while - where I got sample a very wide range of gear. The weird thing was - while we were all bowled over by the 10/50/100K speakers, in a blind test most folks preferred the (relatively) cheap Rega R3s over everything else (including the R7s). I'm fairly sure no one is going to claim the R3s are the worlds best ever speaker - but they just sounded nicer than the other gear. In the demo room customers tended to insist on starting at the high end and worked downwards - they rarely got below the 5K mark. On occasion they'd make it down to the R3s - and listen visibly entranced for a while - and then move back to the expensive gear that pushed more Watts... :)

'VPs shouldn't go publicly rogue'... XML co-author Tim Bray quits AWS after Amazon fires COVID-19 whistleblowers

Roo
Windows

Re: "XML"

"Plus you can do a ,lot of great things to transform XML data using XSL."

Yeah, that's cool and all, until you find that the folks who wrote the transforms can't actually maintain them because it's "too hard" after they've spent years adding cruft and not writing any tests to validate their changes.

Disclosure: I have been savaged repeatedly by rabid XSLTs.

Roo
Windows

Re: "XML"

Over the years I've found that validation against a schema doesn't really help that much in practice, it's another complex pile of stuff to parse with more bugs waiting to bite your ass. Using as simple-to-parse format as possible (to minimize the valid permutations of input), writing unit tests and integration tests to go with it has proven to be more effective the long haul than adding yet more attack surface to the input handling code.

Roo
Windows

Re: Who are the downvoters, in this comment thread

The "small disadvantages" of DDT that you glossed over include it killing ff a lot more than mosquitoes and persisting in the environment (and accumulating in larger organisms) over a long period of time. IIRC it takes 30-40 years to breakdown... Quite a few people see those as huge disadvantages - not least the folks who want their crops pollinated...

Roo
Windows

Re: Who are the downvoters, in this comment thread

"According to the article he wanted to strong-arm his employer into taking "climate action"."

I think that's a legit call when you take into account that Amazon is heavily into the Data Center business in the form of AWS - in addition to box shifting lots of shiny luxury items to the masses.

AWS runs on a huge amount of plant that is continually refreshed and burns a lot of juice. Furthermore AWS tends to run I/O intensive applications on Virtual Machines - which tend to impose a heavy penalty for I/O - thus increasing the amount of energy to run those I/O intensive apps.

Roo
Windows

Re: Who are the downvoters, in this comment thread

Companies impact all aspects of our individual lives and the environment we live in - but very few of them actually take responsibility for that. Furthermore there are plenty of disincentives to price the downsides in - as the 2009 crash illustrated so vividly. Hell, it took over 40 years of activists to kicking up a fuss to get DDT usage under some kind of control (note: it still isn't actually banned outright), and there's a some evidence that we're facing a similar problem again with Neonicotinoids.

I'm all for people having a roof over their heads and a comfortable life - and making money to facilitate that - but I'm also for folks taking responsibility, honestly considering the downsides to society and the planet as a whole, and moderating their activities accordingly...

TL;DR version: Narrowly focussing on the money is simply not sufficient to run a society or a planet.

Not really sure why you're so anti-Koala preservation - did one bite you in the nuts on a nudist beach ?

Roo
Windows

Re: "XML"

Agreed... To put it another way the worst aspect of XML (and to a much lesser extent JSON) is the expense of parsing the bloody stuff and the myriad vulnerabilities that result from folks getting it wrong, all to make it "readable" by meatbags..

Ex-Imagination Technologies boss tells UK Foreign Affairs Committee: Britain needs to stop overseas asset stripping

Roo
Windows

Re: The Value of the Company

"No one puts money in for National Security."

That's weird - because Boeing, Lockheed-Martin, General Dynamics, Dassault and BAe have been taking lots of money for National Security.

The Great British anti-5G fruitcake Bakeoff: Group hugs, no guns, and David Icke

Roo

Re: I just get cruel to them.

Might be wise to keep a fire extinguisher and a cricket bat on hand just in case.

Roo
Windows

The WHO are a coordinating entity (at best), they don't have a bunch of jackboots on the ground to bust asses - or the ability to apply sanctions at the drop of a hat. All they can do is to The buck stops with the power brokers. It's hardly a surprise those power brokers that dropped the ball are blaming the WHO, they haven't got anyone else to blame having shit-canned the advice and experts who advised them to prepare for pandemics before Covid blew up in the first place.

Microsoft frees Windows Subsystem for Linux 2 from the shackles of, er, Windows?

Roo
Windows

Re: @Yet Another Anonymous coward - @Snake - Microsoft shooting itself in the foot?

It's actually pretty easy under Linux too. :)

You run the heavyweight processing on Linux servers (because it is actually a lot cheaper to run at 10-100K node scale all your weird rants about FOSS aide), set a few aside for hosting Windows as guest VMs. Put 10-100K (Linux) remote desktop terminals on people's desks and they really don't care or notice the difference. It's not rocket science, and it's being done - at a lot of large multinationals.

Roo
Windows

Re: @Snake - Microsoft shooting itself in the foot?

"And that's why you people are not only DEAD WRONG but proven so with a 2.7% desktop adoption rate ."

Not even sure why you care so much about it, desktops are going the way of the dodo.

Roo

Re: Microsoft shooting itself in the foot?

"Fully functional Linux embedded within MS Windows presents opportunity for enterprise, public sector, education, and individuals, all currently in thrall to Microsoft, to explore and evaluate alternative non-proprietary software without trauma of full system change with possibly expensive reversion should the outcome be unsatisfactory."

Strictly speaking that has been possible for a very long time - whether it be by CD, USB stick, VNC or whatever. The only material difference here is that you've got Microsoft embracing and extending Linux - and subjecting it to the hit and miss joy of Windows Update. I don't expect much to change, people have got over the shock of Phone apps and Web apps now, and that is pretty much going to kill off the majority of the Windows desktop market (for better or worse) - this is simply Microsoft trying to stay relevant to server side developers.

Your Agile-built IT platform was 'terrible', Co-Op Insurance chief complained to High Court

Roo
Windows

One wonders if IBM is mired in Multiple Agile Backlog syndrome which is the usual end state of Agile in a large corporate concern. Specifically multiple backlogs, one for the devs doing the actual work, one to present the state of play to the upper manglement, and another that holds all the technical debt that isn't allowed to see the light of day because it looks "untidy", with the devs having to enter everything in triplicate...

That upgrade from Java 8 to 11 you've been putting off? UK fintech types at Revolut 'quite happy' after a year in production

Roo
Windows

Re: Just put everything in containers.

The version of JRE that you're using is a serious problem, but containerizing it only solves the trivial cases.

In the case of the real world non-trivial Java applications we deal with (aka enormous multi-threaded monoliths with literally hundreds of dependencies), it's actually impossible to get *all* the dependencies to work on same JRE... Splitting that lot up into different processes (laughably called "Microservices") is often not pretty - and involves some serious effort and (usually) a big hit in performance.

Maybe in a few years time the dust will settle, everyone will have caught up and it'll be as easy as porting a bit of C/C++... YMMV ;)

US hands UK 'dossier' on Huawei: Really! Still using their kit? That's just... one... step... beyond

Roo
Windows

Re: It's cute

Judging by previous form I'm sure he'll follow that announcement up by spaffing a few million quid of tax payers' dosh on feasibility studies carried out by his unqualified friends, family, lovers and offshore/foreign Tory party donors.

Blackout Bug: Boeing 737 cockpit screens go blank if pilots land on specific runways

Roo
Windows

Re: allow the US to down a plane at will

"And on the other other hand, until recently most people didn't realise just how stupid Boeing management and their regulatory colleagues could be."

In the case of Boeing Manglement and the FAA being self-serving pays better than being diligent or stupid.

EU wouldn't! Uncle Sam brandishes 'up to 100%' tariffs over France's Digital Services Tax

Roo
Gimp

Re: To see such a regrettable fellow holding a position of power is normal in a shithole country

So people's votes don't count if you don't like their choice, but the vote of a square mile of land counts as it voted the way you wanted it to. Hope you enjoy your Monarchy, the Gimp suit is for you and your Monarch's enjoyment.

Roo
Windows

Re: To see such a regrettable fellow holding a position of power is normal in a shithole country

"He got elected because people hated him less than they hated Clinton."

OTOH Trump was hated by 3 million more people than Hillary was.

Running on Intel? If you want security, disable hyper-threading, says Linux kernel maintainer

Roo
Windows

Re: Updating Firmware isn't easy

There is an easy answer, but the vendors and "power users" aren't going to like it.

The hundreds of megabytes of Flash, the tweaking guff, weird Windows backwards compatibility widgers (eg: "A20" config), PXE boot loaders can and should get shit-canned. This allows a customer to have some confidence + control over what is actually executed and some assurance that their M/B can't be perma-bricked by some tosser at the other end of an Ethernet cable.

This could be achieved very simply and cheaply by replacing the Flash memory + fscking BIOS / UEFI with a tiny *ROM* bootloader that loads a few bytes off a bootstrap storage device (eg: a MicroSD card on the motherboard) and executes it. That ROM bootloader should do nothing other than load those bytes and execute them - everything else is to be done by the code on the MicroSD card that is firmly under customer control.

Another rewrite for 737 Max software as cosmic bit-flipping tests glitch out systems – report

Roo
Windows

Re: So...

The reports I read suggested the pilots weren't paying attention to the instrumentation enough with respect to the AF447 crash.

Roo
Windows

Re: So...

"The AoA sensors are not critical in that the plane can fly just fine with them as long as the pilots (and the flight control computers) know to ignore that input modality altogether with a failure"

... Yet AoA seems to be a recurring theme in airliner pilot error/accidents - it was a key parameter in AF447 accident as well. From this armchair pilot's point of view it looks like you really need some working AoA instrumentation to fly the aircraft "instruments only" in bad conditions.

Time to Ryzen shine, Intel: AMD has started shipping 7nm desktop CPUs like it's no big deal

Roo
Windows

Re: Spectre?

We knew the context switching on Intel gear was pretty bad, but had no idea that AMD was so much better - thanks for that ray of sunshine. In some cases post-fix we've had to reduce the process count on a box, as if the app has suddenly become memory bandwidth limited despite running on hardware that delivers more bandwidth, expensive context switching would explain that anomaly.

With respect to Intel's misfortune, it was a result of design. AMD took the view that they shouldn't evaluate permissions *after* doing the accesses. Intel chose to evaluate permissions during/after access - presumably to mitigate memory access latency. Pretty sure Intel aren't unique in taking that option, there were quite a few papers on reducing memory access latency in the mid-late 90s.

Roo

Re: Spectre?

AVX512 clock scaling does have an impact - it adds another set of variables when you're trying to work out why a particular machine is slower than another seemingly identical machine. :)

Roo
Windows

Re: Intel spokesperson quote

Pretty sure I recall seeing some AMD Bitslice gear on the VAX-11/785 CPU cards - maybe the FPU.

Roo
Windows

Re: Spectre?

"Frankly, I'm hoping AMD will now casually wander into the server market as well, where performance per watt matters as much as just the raw performance in itself"

Seems more likely to happen than it was a couple of years ago... Some folks who consume a huge amount of compute have noticed a drop in "per-core" throughput on the Xeon boxes across three generations in a row that isn't being offset by "TurboMode", cache size increases, or the increase in cores per cubic foot. Some of it is down to poorly tuned code, some down to chip errata, and to matters even more fun the performance varies pretty wildly from box to box or even run to run on the same box. Makes tuning very tiresome for everyone involved, and all the effort that goes into tuning new boxes to make them nearly as quick as the ones they replaced isn't going down well.

The "stable performance" thing is critical for big workloads - you need to be able to predict how long stuff will execute in order to hide dispatch latency and startup costs... Throughput that can take a 25% hit on 100% loaded boxes depending on the phase of the moon makes life much harder and more expensive for everyone.

Where there's a will, there's Huawei: US govt already eases trade ban with 90-day reprieve

Roo
Windows

Re: You know who else isn't acting in Americas best interest?

"I would be very interested in an explanation and description of what the jaffa had done for Putin lately."

In fairness it's hard to tell when Trump has been busy destroying every record of communication between himself & Putin. But there is a nice fat money trail and a few instances of Trump deciding to exchange classified information with Russia on a whim - the sort of thing that folks get locked up for many years normally.

Withdrawing from Syria and repeated vetoing any action on Ukraine were two pretty big favours to Vlad. Tearing up the nuke treaty also helps Vlad too, as the classes of weapon affected just happen to be the ones that Russia has expended the most effort developing - and the ones that fit their strategic needs far better.

Microsoft debuts Bosque – a new programming language with no loops, inspired by TypeScript

Roo
Windows

Re: Ambivalence of complexity

"Now sending electrons through layers of silicon to implement an abstract instruction set is definately science and /or engineering."

I learnt a lot (mostly good) from VLSI chip designers - who happened to use C for a wide variety of tasks in their daily grind. In my view they were much more adept at working with abstractions than pure comp.sci folks - borrowing from comp.sci, maths and physics to find a pragmatic (and usually elegant) solution.

Those folks took a very different view of security too, tending to work on the physical principles - eg: if accounts share access to the same storage you have to assume the info will leak (many of them cut their teeth cracking minicomputers for extra storage/compute time :P). They used TDD for everything, big or small, (there wasn't a label for it back then - it was basic engineering practice) and their transistor counting instincts ensured that the code was lean and cruft free.

Three decades have passed since, things have moved on quite a bit - but I think software still has a lot more to learn from hardware, especially as folks seem intent on chewing up more memory forcing the data to travel a few mm further than it needs to (looking at you Java), which can easily add up to lots of wasted kilowatts at the data centre. :)

Roo
Windows

Re: What's Wrong With a Loop?

" but in another human reading it and upon seeing a jump destination being able to work out how many ways one gets there."

We have try...catch constructs to keep us guessing these days. :)

And here's Intel's Epyc response: Up-to 56-core, 4GHz 14nm second-gen Xeon SP chips, Agilex FPGAs, persistent mem

Roo
Windows

Re: Patching nonsense

I suspect the killer for Intel is the cost of the validation. It can't be cheap (or quick) to validate changes to access validation and speculative execution with a huge ISA like x86.

How'd your servers get that baby-smooth look? Dutch and Brit cool kids dunk Supermicro systems in synthetic oil

Roo
Windows

Re: Practical question

At most datacenters I've worked with entire boxes are swapped out - the broken one taken away for further examination/repair/exchange/disposal. As long as they have nice self-sealing connectors for the plumbing they'll be fine.

The boxes will be substantially more dense than normal ones though - the oil will be heavier and they appear to be packing a lot more components into the same volume than a vanilla box... Perhaps professional wrestlers could do the job - they should be well practiced in grappling with heavy oily units. :)

When the bits hit the FAN: US military accused of knackering Russian trolls, news org's IT gear amid midterm elections

Roo
Windows

"Though an IPhone hijacking a windows machine from iTunes to destroy a raid array and two disks is some next level spy stuff"

There are published Intel hardware vulns that allow full system pwnage (including the Management Engine) via USB. Furthermore there are also published privilege escalation attacks to break into the System Management Mode as well that would permit a server's firmware to get walloped. Bricking RAID adapters is pretty low end vandalism given what could have been done...

Linus Torvalds pulls pin, tosses in grenade: x86 won, forget about Arm in server CPUs, says Linux kernel supremo

Roo
Windows

Re: The cost of broken x86 is already significant and rising rapidly...

What's interesting about whether Intel/AMD can adapt is that they've already done it once with x86-64, but in doing so they made a lot more cruft. They might be able to offer a stripped back more efficient better validated DC focussed x86-64 variant, but it'll be tough for them to market it. Case in point Xeon Phi's long twisty genesis.

Roo
Windows

The cost of broken x86 is already significant and rising rapidly...

"As to the future ISTM that the determining factors over the next few years will be the ability to mitigate the likes of Meltdown in Intel/AMD architecture* in the next generation of products and the adoption of ARM in workstations in a configuration consistent with those of servers."

I think the deciding factor will be chip errata. Case in point Xeon errata have been consuming a serious amount of man-power, money, and lost production. It's easy to point the finger at the validation processes, but I think the actual root cause is the ISA. It's too big, too complex, and in many areas too poorly defined. It is a money pit for validation and remediation.

Cleaner ISAs with cheaper more reliable hardware will tell in the end.

YMMV :)

Intel to finally scatter remaining ashes of Itanium to the wind in 2021: Final call for doomed server CPU line

Roo
Windows

Re: Just imagine

"Win9x Killed Pentium Pro" - hardly, I found PPros to be competitive with the 233MHz P5s under '95...

Price killed the PPros, they were MCMs consisting of a core chip and a (big) cache chip which ran at clock clock frequency. They cost a lot more to make and a little bit more to buy. For the applications I was working on the extra price was well worth it, PPros flew on the image processing code I worked on - and it was very easy to optimize for them in comparison to their peers. :)

Oh, SSH, IT please see this: Malicious servers can fsck with your PC's files during scp slurps

Roo
Windows

One way ?

Am I correct in thinking that this vulnerability *only* affects clients that have initiated a download from the server, so clients uploading would not be affected ?

A few reasons why cops haven't immediately shot down London Gatwick airport drone menace

Roo
Windows

Re: Flak

Apparently Finland had a few 88's deployed just over 20 years ago, now retired so we'll never know if they're any use for 'overkilling' drones. :)

Roo
Windows

Re: Flak

"And yes fuses fail. If you shoot a lot, more fail, in absolute terms. And trying to hit something as small as a small drone, you will shoot a lot. Are they even big enough to trigger a proximity fuse?"

I would *hope* we can do a bit better than an Soviet AA unit designed over 60 years ago (which incidentally fired ~10 round bursts)...

The primary purpose of these light AA ammunition fuzes is to stop you shredding the stuff you're trying to protect on the ground, they don't carry enough explosive to be useful with a proximity fuze - assuming you could make one small, reliable and cheap enough for sub 30mm rounds... I think you would need a much cheaper and less powerful round for drone blasting - which would further reduce the scope for collateral damage.. :)

Roo
Windows

Re: Flak

"The ZSU was designed for AA not anti-armour, and most if not all modern IFVs are supposed to resist rounds that small."

True... But I reckon vanilla 23mm HEI-T rounds would still be overkill against drones. They point about mentioning post-war AA units was to show that it is possible to make small(ish) rounds that self-destruct to minimize the collateral damage on the ground. I really wouldn't want a ZSU-23 anywhere near Gatwick.

Roo
Windows

Re: No gumption

"The government can't be that risk averse (or bothered about our safety) as they seem perfectly happy to carry on, year after year, importing 100K+ people per year from populations known to have a large minority of people who mean us and our way of life direct harm."

The only folks I have ever had causing me direct harm because they resent my "way of life" in the UK have been white 'British' people. I would be more than happy for those folks to piss off to somewhere else and be happy with like-minded Brit haters.

Roo
Windows

Re: Flak

"...and there's more of it."

The targets are relatively soft and slow so you wouldn't need big rounds, or many of them.

I was thinking along the lines of something that was accurate at short ranges (ie: <1km), rather than something like a ZSU-23-4 which is intended to shred armor at a couple of km, so I wouldn't be parking ZSU-23s around Gatwick anytime soon. :)

Roo
Windows

Re: Flak

"Those fuses where used to maximize the chance to hit an airplane even when you didn't get a direct hit."

Not exclusively so...

The vast majority of shells fired will *miss* or fail to detonate in typical AA applications if they *didn't* have some kind of time/altitude fuzes. Without that "failsafe" fuze your AA batteries will do more damage than the opposition's bombers. ;)

Delay fuzes are used in lots of applications to reduce the chances of harm to the operator, from "dumb" bombs to the latest and greatest missiles.

Roo
Windows

Re: Flak

Things moved on somewhat after WWII. Post war AA guns have tended to use much smaller rounds and lots of them (eg: 23mm), so the shrapnel is smaller and lighter...

Roo
Windows

Re: Clearly we need a "fighter" drone

I don't think Warning/ID is really an issue in the airport use-case - because you know that no drones should be larking about over runways & approaches... Plus there's no guarantee that such a "fighter" drone would be quick or agile enough to actually disable/destroy it's targets... Small cheap low-powered SAMs for drone destruction would be more fun to build and they'd be quick (airlines/airports lose money very quickly). If you can knock a drone out quickly enough the nuisance drone operators are *likely* to come to the conclusion that their fun/protest is no longer economically viable.

At low altitudes ground based guidance should be possible (most drones are relatively slow moving), so you can have a lighter, cheaper and less dangerous-when-it-goes-wrong missile...

If you wanted it to be pricey, you could have some kind of netting + parachute warhead, but huge explosions would obviously be much more fun^Weffective.

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020