Posts by diodesign 3496 publicly visible posts • joined 21 Sep 2011
FWIW... 10nm v1 (Cannon Lake) is dead and buried. It was impossible to see it through to mass volume. The integrated GPU in the CL Core i3 was disabled because it didn't work.The metalization was not viable.
Sunny Cove is v2 of 10nm, after going back to the drawing board.
C.
See the comment by theblackhand and DougS. There's production, and then there's production.
We didn't say TSMC wasn't shipping 7nm in 2018 - the point was 2019 and 2020 are when it really kicks off for desktop and server-grade stuff, the things Intel makes and is the context of the piece.
I've tweaked the sentence to make it clearer, cheers.
C.
"Why would you want to use this if anyone could just come along and change your data (albeit without ever knowing what it was)?"
No one can "just come along" and change it - if you have unauthorized database access then if the DB is unencrypted t's completely game over, and if it's encrypted then at least they can't see the data. If someone breaks in and changes the database records, then roll back to a backup and seal up your network security.
The aim of this is to keep the data shielded and minimize risk.
C.
"I'm a bit confused about the reasoning behind forcing password changes leading to weaker passwords"
I imagine it goes something like this: you start out with D9xTMffgH!#82 then D9xTMff then DxCitrixAgain and then ihatecitrix and ihatecitrix! and ihatecitrix123
etc
C.
"the idea that someone could somehow gain anything useful from spying on a random oscilloscope"
Well, Target was pwned via its air-conditioning unit. I'm personally thinking you could use this to inject other systems - no one would suspect the scope - or infect it, wait for it to be transferred to another lab and then mess with stuff on that network.
Just use your imagination.
C.
"Has the author failed to engage their brain before writing this?"
No - I think you're blaming us for the actions of tech workers? I mean, techies have been creating bad press and embarrassment for corps by kicking up a fuss over military contracts. It's a little surprising that MS has gone for it, in that context.
But as we say, Microsoft has shrugged off prev criticism.
C.
Choo choo! Here comes the reality train:
"Bush and Obama did not have policies that resulted in the mass separation of parents and children like we’re seeing under the current administration"
https://www.factcheck.org/2018/06/did-the-obama-administration-separate-families/
C.
From the linked-to Treasury page...
"...these digital currency addresses should assist those in the compliance and digital currency communities in identifying transactions and funds that must be blocked and investigating any connections to these addresses.
"As a result of today’s action, persons that engage in transactions with Khorashadizadeh and Ghorbaniyan could be subject to secondary sanctions. Regardless of whether a transaction is denominated in a digital currency or traditional fiat currency, OFAC compliance obligations are the same."
Read into that what you will.
C.
Er, at the time of writing:
1. the only image beamed back was the crappy photograph *embedded* *in* *the* *story* so that's the one we went with. More have since arrived, we can link to them now.
2. mobile users don't see the article's top 'hero' picture so they wouldn't see the Mars image if it was used as the header picture. instead, we *embedded* *it* *in* *the* *story*.
3. the image was *embedded* *in* *the* *story*.
C.
Yes, that's exactly what's happened - confirmation. It's a demonstration of the attack. Just as it's one thing to say some software has a heap overflow, and quite another to develop an exploit to reliably and usefully exploit the flaw to achieve code execution.
To make everyone happy, I'll clarify it's a confirmation rather than a discovery.
C.
No one's saying ECC is bad - not us, not the researchers, pretty much no one - it's just that if you thought ECC would stop Rowhammer, you're sadly mistaken.
As we wrote in the article:
"The boffins said that their findings should not be taken as a condemnation of ECC either. Rather, it should show admins and security professionals that ECC is just one of several protection layers they should use..."
C.
"It must be a really slow day if this is news."
Where's your published paper on this, then, egghead? The point is showing that ECC can't stop Rowhammer attacks on adjacent RAM cells.
Also: the Meltdown vuln was stunningly trivial to exploit, and was staring people in the face for years, and was rightly heralded as a major find. Sometimes the obvious has to be pointed out.
C.
It has access like all software - it runs from the CPU cache thus it can measure how other stuff sharing the same cache is operating, and fingerprint it.
This normally requires precise timing, and thus requires access to high-precision timers that are being locked off from developers for this reason.However, this technique gets around that.
Check out the linked-to paper, it's why we link to original materials wherever we can.
C.
It exists because it mitigates the Spectre Variant 2 security vulnerability. It hits performance because the mitigation in combination with Hyper Threading potentially slows down software.
So your choices are:
- a: enable mitigation for security reasons, enable Hyper-Threading, take the potential performance hit
- b: enable the mitigation for security reasons, disable Hyper-Threading because you weren't benefiting from it anyway
- c: disable the mitigation because you're not worried about the security issue, and enable Hyper-Threading
- d: disable the mitigation because you're not worried about the security issue, and disable Hyper-Threading because you don't benefit from it anyway
Most people will decide between a, b and c.
C.
It's true VPNs are useful in China, which is why there's such an interest over there.
However, that doesn't excuse crap security. If you're using a stranger's VPN, you're placing an enormous amount of trust in that provider to not screw you over. With near-zero transparency, scrutiny or oversight, free VPNs are a privacy nightmare.
Edit: Oh yeah, don't forget all VPN providers must register with the Chinese government (see below, Google, etc), which is not... great.
C.
It depends on the VPN. Anything clear-text can be snooped on or tampered with to inject ads. Any DNS look-ups for host names will be visible. Some VPNs offer a free browser that may collect your browsing history.
The VPN app could install a root certificate and MITM your SSL/TLS connections, if the websites you browse aren't mitigating that.
We've tweaked the sentence to clarify it.
C.
Well, yeeeeeah... our planet is in this universe, at least it was the last time I checked ;-)
I kinda thought it would be presumptuous to say the constants would work everywhere in the universe. I expected a physics PhD to pop up and yell at us if we said "anywhere in the universe" because, I dunno, at least one of the constants used by the SI base units may not apply or change near black holes or other weird crap out there.
I don't know if people realize how much of a tightrope it is writing for a fair number of readers, most of them experts in a technical field. We try to get everything right within a reasonable time frame.
So anyway, that's why we thought "planet" would be a sensible non-offensive, non-triggering bounding box for boffins, seeing as humans aren't going much further into space for a while.
C.
I dunno, we've run a lot of skeptical stuff. The acceleration hardware and libraries popping up are interesting, and some NN applications, too, in that new algorithms are interesting.
Whether or not AI is a good idea in the real world long-term isn't clear. I get the feeling no one gets VC funding for saying they use "heuristics" these days.
C.
Some articles have been marked for hand-moderated comments, most not, eg this one, which is why your comment went through immediately.
Articles and users on manual-moderation mode have to wait for someone to be free to clear the queue; certainly I've seen the queue averaging 10-40 posts.
If you find yourself in the queue, it may be because you posted a correction as a comment, or had a comment recently rejected/removed. That'll put you in the queue for a while.
C.
If you click through to the previous article, and pull up the grand jury paperwork*, you'll see it says Barriss "acquired an assigned telephone number from TextNow so it appeared to Wichita emergency personnel (with caller id) that defendant BARRISS was using a telephone with a '316' area code, the area code that includes Wichita, Kansas."
He used a Wichita number. FWIW US area codes are a little loose. Our San Francisco office has (650) phone numbers, which makes ppl think we are in San Mateo.
C.
* it's still here https://regmedia.co.uk/2018/05/24/barrissindictment.pdf
"I remember when 'biting the hand that feeds it' referred to a lack of reverence for the IT industry, rather than for the eyeballs that pay the staff's salaries."
I dunno, man. I think you're mistaken. I've been reading the Reg since 1999, and it's always been a bastion of tech eggheads who have no time for tedious pedantic bastards. And it still is.
C.
"don't assume that the rest of the world is confused about which is the world city and which is the obscure USA town."
If we don't say it's UK/England then we get a load of comments and emails complaining that there's a London, Ontario, or London, France.
So thanks to you, we can't win either way. I almost want to wish you, and other tedious pendants, a most unhappy weekend.
C.
Please read the next few words in that paragraph ("Given Apple's enormous purchasing power...")
Yeah sure, it's $50 for you to buy a bog-standard 256GB card. Not disputing that. But we're just not buying that Apple really has to charge several hundred dollars for its NAND without some kind of rude margin.
It's standard Apple. It charges $80 for a wireless mouse, FFS - our office has bought enough of them to know. Official RAM upgrades for Macs at least to be eye-watering. We call it the Cupertino idiot-tax operation for a reason.
C.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
