Posts by diodesign

Size and weight

It's just a description. It's like if we said it had some heft to it.

C.

Re: RYZEN 7000CPU

Hi -- yeah, we'll get that clarified for you.

C.

You're commenting on an article from 2019...

...in which the people who did the survey chose not to make a distinction between Angular and AngularJS.

C.

"anti-American president"

That was the previous guy. At least the latest guy seems to have a more measurable level of concern for his fellow citizens.

C.

Pronounciation

It's "sadge-a-star."

The article initially included this but it was cut in the edit for readability reasons.

C.

Feedback

Hey thanks for the feedback. We've taken your points onboard, with a few tweaks to the piece and also for food for thought in future.

The thrust of our argument was that more and more traffic is going into the hands of a smaller number of network owners, which isn't great for resilience, for one thing.

Also, if we end up in a situation where 90%+ of traffic ends up in Google, Cloudflare, Amazon, Microsoft, Akamai, etc, pipes, what happens with standards? Might be a bit less IETF and a lot more GAMCA. Maybe we're worrying about nothing, maybe it's worth putting it out there. We went with the latter.

Also, re: CDNs. Sure, you don't have to use one or you could build your own. Much like if you don't like using DHL or FedEx, you could ship something literally yourself. Or if you don't want to fly BA or AA, you could get your own plane, pilot's license, and fly. There comes a point where you need a site-protection service that's cost prohibitive for you to build.

You mentioned other anti-competitive stuff, which is valid, but beyond the intended scope of this article.

It's a comment piece on this particular part of the industry.

C.

Mix of GPUs

The GPUs aren't consistent across tests, which we've popped into the piece. Hope this helps.

C.

Correction

You're right. We could have done better. We should have said:

"... Donald Trump, who was impeached twice and continues to be unable to stop his inane thoughts from spilling out of his alleged brain."

We are happy to clarify the article.

C.

Titles, schmitles

We'll call him whatever we like, TBH.

Britain's Big Beancounter.

C.

Walkerisms

I lol'd

C.

Typo.

Yeah minus 25. Don't forget to email corrections@theregister.com if you spot anything wrong, please, so we can fix it right away.

C.

"That's all the protesters on 6th January were after"

That's gold-winning mental gymnastics

C.

revenue or profit

It's revenue (sales), which I've inserted into the piece.

C.

No

The answer to your question is: no. One or two stories had a flag put on them for manual moderation of all comments as they were about sensitive subjects.

It's been a long weekend (public holiday in the UK) so moderation slowed down. Queue is being cleared now.

C.

"most distributions don't even package"

It gets more desperate the more you look at it. It's not on our Debian 11 workstations.

That it's in default Ubuntu, so some people out there are using it, is Redmond's saving grace.

C.

A share

It's $54.20 a share, FWIW

C.

Not solar

Hi, yeah, brain blip by one of us. It's fixed. Don't forget to email corrections@theregister.com if you spot anything wrong.

C.

Errors

Hi -- just a reminder to all and any: if you think there's an error in an article, please email corrections@theregister.com specifying exactly which sentence you think is wrong and why.

Think of it as filing a bug report

C.

Corections

Hi -- can you please email corrections@theregister.co.uk if you spot anything wrong so we can fix it?

The year typo has been fixed.

C.

'I have much trouble agreeing with'

So, wait, you're for or against free speech?

C.

Re: Re: Virtual Friday BOFH

I could lie here in an attempt to make you all return on Friday

But no, we brought BOFH forward for those who want to do other things in an Easter break other than check out IT news and the internet

But hey you're welcome to drop by tomorrow anyway, half of us will still be working ;-)

C.

VM costs

"the article makes it sound like the cost of a 8x x86 CPU (with HT enabled) is same/similar as a 16 x x86 CPU VM. I assume this is not the case"

It likely costs more. We've updated the article with Ampere's POV on this.

C.

Un-fool

This year we tried to do an April unFool. There's so much weird and bad stuff happening that taking something completely bonkers but real and running it straight might be more amusing that a corny obvious AF joke.

C.

Re: "The NSA is [..] supposed to be very good at securing data"

Keyword: supposed.

C.

Income

Two things. One, the IRS demands you report ill-gotten gains as income. The IRS doesn't care if you robbed a bank - that's another agency's problem - it wants that income tax from your heist. If you ripped off Apple and you under-declare your income, you'll have the IRS to answer for. So - if the allegations are true - he may have tried to declare some of the scam money as income to avoid the IRS poking around.

Second thing, examples of Apple pay are on levels.fyi FYI.

C.

Typo

We probably meant the ~200 countries on Earth, not 200 million. It's fixed. Don't forget to email corrections@theregister.com if you spot anything weird in stories so we can get right on it.

C.

Re: "Skywater Technology's 130nm process"

130nm is OK for low-volume simple devices and microcontrollers. Academic studies, first-time tape-outs, one-off silicon, weird mixed-signal stuff, etc. No one expects it to be advanced. Depending on how much money you have, the 130nm is virtually free (or free if qualifying with Google), so you get what you pay for.

Skywater does 90-350nm (and seems to be trying out 65nm) and if you need something else, like 65nm and below, there are other foundries.

BTW one of the reasons why you want a high transistor count (and therefore a dense node) is to fit a decent amount of cache on the die. If you don't need a lot of cache, and you're not doing an SoC with a lot of complex things on it, well, why do you need a small node?

But hey, don't let me stop you. If you want something super dense, knock yourself out. Just cough up the six or seven figures rather than ten large.

For instance, take SiFive: their first chips were in the 16-14nm range, and it's had hundreds of millions of dollars in funding, and sales on top of that.

C.

Re: Interpreter please

5th grade is 10-11 years old.

C.

What's $500k to Cafepress?

As an aside, Cafepress's quarterly revenue was $15m in 2018, on which it made a $1.5m loss. That year it was acquired and taken private by Snapfish for $25m, got hacked in 2019, and was sold to PlanetArt in 2020.

Those are the final financial figures we have for it.

C.

'the wrong metaphor'

We can kinda use words how we want around here. Call 911 if you don't like it.

C.

'ended up'

Well yeah, that's why we used the words "ended up," as in: one way or another, they put performance before security.

It could have been intentional, it could have been accidental. I've heard anecdotally in the Valley that some CPU designers had an inkling that speculative execution left a trace in the cache that could be used to leak data but thought it was either theoretical or not worth worrying about.

C.

Get in the f***ing robot, Shinji

I'm glad someone got it.

C.

Just check out the paper

It's just an interesting way to get threads on GPU cores to talk direct to NVMe SSDs to get the data they need in a fine-grained, software-cached manner that specifically suits the access patterns of GPU-bound applications.

Yeah it involves DMA and all that. It's not claiming to have reinvented or come up with DMA; it's an application of it specific to GPU workloads.

C.

Timing

The 'X hours' string is generated using client-side JavaScript running in your browser.

The webpage contains the exact time and date, and the code on the page converts that into 'X hours ago' based on the local time of your device. So the time on your device was out.

To me, it says your comment was posted an hour ago.

C.

IDC figures

I think the point is that it's too early to know exactly how much was spent in 2021, so IDC is guesstimating right now.

C.

'deleting my post'

FWIW your now-deleted previous post made what looked like a baseless accusation of criminal activity so a moderator removed it.

Also FWIW Cloudflare's pretty open about the position it takes: it doesn't want to decide what's right or wrong on the internet. It doesn't want to be the arbiter of what is allowed to be hosted. Eg:

Cloudflare: We dumped Daily Stormer not because they're Nazis but because they said we love Nazis

Cloudflare speaks out amid allegations it safeguards banned terror gangs' websites

If you report spam or malware-based abuse to Cloudflare, feel free to CC us in (news@theregister.com) and we'll take a look at the same time.

C.

Just a stock image

It's just a generic pic to indicate someone tinkering with kit at home. I've changed the pic.

C.

Re: HEVC "data" files contain executable code?

No, they're not supposed to contain arbitrary code.

What happens is, with these kinds of bugs, is that there is a payload of instructions carefully placed within the multimedia file that is otherwise just data. When the file is parsed, the vulnerability in the parser is exploited to allow the payload to eventually execute.

There are steps in between to get around the OS's security defenses.

C.

Re: Linux Bias?

"How big would the article be for a Windows vuln that let any fucker get admin privileges?"

For a Windows vuln for which patches are already out? Typically a few sentences: there are EoP holes in every Windows Patch Tuesday.

If we write a whole article about an EoP it's usually because a patch isn't out yet (it's a zero day) or it's being actively exploited or that the bug is particularly interesting, or that someone on the team was at a loose end and had enough time and material to write a whole article.

"C'mon El reg, there was a time when you weren't afraid to put the boot into ANY OS, even Linux. Are you really that frightened of a load of pissy comments?"

No. We often assign stories based on how much time and scribes we've got available. For Dirty Pipe, we wanted to get it out as soon as possible as the next lead item on the weekly roundup.

In fact think of it as a Dirty Pipe story with bonus material, as the DP section is quite a lot more than a couple of paragraphs.

We'll look at the Android angle next (it's also mentioned in the article).

Good news is that we've hired two writers this month to cover security, so expect more security stories sooner rather than later.

"Step the fuck up."

Sigh, why this angry?

C.

Confused

How do you mean?

C.

Patch level

The sidebar was there right from the start for those who needed an intro to MPLS.

C.

Hype

FWIW there is no commercial project linked to this or anything like that, from what I can tell, so there's no snake oil to sell here.

It's an interesting attack vector that we thought we'd write about. We'll stay away from more theoretical attacks in future.

C.