* Posts by diodesign

3496 publicly visible posts • joined 21 Sep 2011

Verizon outages across US as hurricane recovery continues

diodesign (Written by Reg staff) Silver badge

Did you drop this /s ?

Can't tell if you're being sarcastic but recovery isn't the name of the hurricane.

C.

That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking of devices

diodesign (Written by Reg staff) Silver badge

Re: Is that all?

FWIW I'm using Debian 12.7 right now (desktop Linux FTW) and I not only had cups-browsed installed, I just removed it.

C.

CrowdStrike's Blue Screen blunder: Could eBPF have saved the day?

diodesign (Written by Reg staff) Silver badge

Just no.

If we interview someone, it's not an ad. It's an interview. Ads are labeled as such, they're handled by our publisher's non-journos, and we charge a healthy amount of money for them, thank you very much.

We don't give ads away for free.

C.

WordPress.org denies service to WP Engine, potentially putting sites at risk

diodesign (Written by Reg staff) Silver badge

Now PE

AIUI WP Engine is owned by private equity firm Silver Lake, since 2018.

C.

US may exempt latest chip fabs from eco red-tape, but power is still a trip

diodesign (Written by Reg staff) Silver badge

Re: Re: Yes, but

Ah yeah, wind is AC - I've removed that.

C.

diodesign (Written by Reg staff) Silver badge

Conflation

Hi -- yeah, we know. We didn't mean to conflate those issues but I can see how it came across that way.

We've rejigged the piece to make it clearer. cheers,

C.

diodesign (Written by Reg staff) Silver badge

Separately

Yeah, I see what you mean - we didn't mean to say that the grid supply would go direct to the factory equipment. We've now tried to make everything clearer for you. It's two separate issues: Supply and cleaning that supply.

C.

diodesign (Written by Reg staff) Silver badge

'US can't have nice fabs'

Yeah, I can see how it was read that way. We've been adding to the article to steer it toward the point we were trying to make.

Edit: We've rejigged the piece to make the distinction between supply and cleaning that supply clearer - hope that helps.

C.

diodesign (Written by Reg staff) Silver badge

It's just as simple as it sounds

Obviously, the fab isn't going to pipe the outside supply, no matter how clean and stable, into the machines direct. It's going to be conditioned and buffered along the way, but that's the infrastructure they're talking about.

Edit: As I've commented elsewhere, yeah there are two issues that are separate but related - the supply, and the regulating of that supply - and I can see that talking about them at the same time is confusing some people. So we've rejigged the piece to clearly split those apart.

C.

diodesign (Written by Reg staff) Silver badge

Re: Erm

Once you have the smoothing and backing, yes.

C.

diodesign (Written by Reg staff) Silver badge

'WTF is the author babbling on about?'

Edit: I can see the potential for confusion - we're mentioning AC-DC and pure DC at the same time. They are two separate but related issues, so we've rejigged the piece to clarify that.

C.

diodesign (Written by Reg staff) Silver badge

It's non-trivial

Edit: We've rejigged the piece to make the arguments clearer. There are two separate issues. The supply, and the conditioning of that supply. I can see why talking about them at the same time is confusing. Happy to clarify things.

C.

diodesign (Written by Reg staff) Silver badge

True, true

Yeah, that's true - we've added a bit about the renewable supply needing backing to even it all out. Sometimes these things seem obvious to us, but happy to state it more clearly for everyone.

C.

WP Engine hits back after Automattic CEO calls it 'cancer'

diodesign (Written by Reg staff) Silver badge

That's about the size of it

WP wanted WP Engine to pay its way more - it's been saying that for a while - and lately allegedly wanted millions in trademark licensing fees or it would trash WPE in public and private.

WPE isn't happy with any of that. Hence that letter.

C.

Microsoft on a roll for terrible rebranding with Windows App

diodesign (Written by Reg staff) Silver badge

Re: RDP is not going anywhere

The underlying protocol isn't but Microsoft is trying to move people in terms of the app they use. From the official announcement:

"With this general availability launch, users of Remote Desktop clients for Windows, macOS, iOS, iPadOS, and web will transition to Windows App."

C.

Musk dreams of launching five Starships to Mars in two years

diodesign (Written by Reg staff) Silver badge

Just reality

No, not negative. Just reflecting reality. If that comes across as negative to you then that speaks more to Elon's decision making.

Also, even if we decided to be negative, so what? I thought Elon and his fans loved free speech - or is it only free speech you agree with?

C.

Valencia Ransomware explodes on the scene, claims California city, fashion giant, more as victims

diodesign (Written by Reg staff) Silver badge

Size doesn't matter

Like, a password is, what, 20 bytes?

C.

Chinese spies spent months inside aerospace engineering firm's network via legacy IT

diodesign (Written by Reg staff) Silver badge

No love for Oracle huh

It's just generic code for a generic illustration. I was gonna change it to something else anyway.

C.

The empire of C++ strikes back with Safe C++ blueprint

diodesign (Written by Reg staff) Silver badge

let mut x: int = 1;

It a) declares to the compiler that x is mutable (ie, can be changed; Rust defaults to immutable variables for safety) and b) that x is type 'int'. If you try to use it as something else later, that's a build-time error.

They are both to avoid code being written at one point in time with assumptions in mind, and then at some other time, the code being changed or added to without those assumptions in mind.

C.

SpaceX Polaris Dawn mission completes first commercial spacewalk

diodesign (Written by Reg staff) Silver badge

Re: Left unmentioned

Oh that's a good point, thanks. I've added it.

C.

Mainframes aren't dead, they're just learning AI tricks

diodesign (Written by Reg staff) Silver badge

Mainframe

If you need help deciding if your installation is a mainframe computer or a cluster of nodes then chances are it's a cluster of nodes. A mainframe, generally speaking, is designed and operates as a single large powerful computer, not a collection of computers that work together.

C.

Datacenters to emit 3x more carbon dioxide because of generative AI

diodesign (Written by Reg staff) Silver badge

It's about the load generated by AI and carbon targets

Hi -- first things first, this is an article about a Morgan Stanley note. We're reporting that, it's not a conclusion we came to. It's us reporting an observation by market watchers that readers may find interesting.

Second, this isn't about the grid being dirty or not. It's about the increasing power demands of datacenters due to AI, which means datacenters are indirectly causing or taking up more share of CO2 output. That's worth pointing out, in that rather than just saying datacenters are using more power, this is pointing out one consequence of that. If it's all known to you already, great, but MS felt it needed a note and we felt like highlighting it.

This isn't about the climate or pollution or dirty energy. This is about carbon targets, whether those targets can be met if servers are helping emit more and more CO2, and financial / business opportunities for decarbonizing. This is Morgan Stanley after all.

I think you might be overthinking it.

C.

What do Uber drivers make of Waymo? 'We are cooked'

diodesign (Written by Reg staff) Silver badge

Check-in

No, not in my experience. The cars will go from passenger to passenger. However, there are cameras on board that use computer vision to watch to make sure you have your seat belt on, have got out of the car, haven't left anything behind.

I would imagine there is some CV involved to inspect the interior after everyone's out. I can't be certain. It's something that occurs to me when I get in one.

C.

Boeing's Calamity Capsule returns to Earth without a crew

diodesign (Written by Reg staff) Silver badge

Which bright spark named it "Calamity"

Oh, we did. It's officially called the Starliner.

C.

Google says replacing C/C++ in firmware with Rust is easy

diodesign (Written by Reg staff) Silver badge

Wanna give some examples?

Can you give some examples of claims that don't add up? Don't get me wrong, Rust and its toolchain aren't perfect, but your comment is a bit ChatGPT-y.

C.

diodesign (Written by Reg staff) Silver badge

return Err(No);

For one thing, Google wouldn't allow the pair's post to go out if it didn't align corporately. And second, if you read the article, Google is overall pro-Rust.

To imply just "two" people at Google like the language is, as we say in the world of Rust, unsafe { }.

C.

OpenAI allegedly wants TSMC 1.6nm for in-house AI chip debut

diodesign (Written by Reg staff) Silver badge

Re: Degree

They don't say - in fact it's us saying to some degree as OpenAI doesn't disclose that. Read into that what you will.

C.

Ex-Microsoft engineer resurrects PDP-11 from junkyard parts

diodesign (Written by Reg staff) Silver badge

Deep breath and...

Tis summer so no wonder we're gonna knuckle under and plunder the Plummer wonder asunder.

C.

diodesign (Written by Reg staff) Silver badge

Usagi Electric

That is a good point. We should feature his Bendix restoration. I'll make a note for the team.

C.

LiquidStack says its new CDU can chill more than 1MW of AI compute

diodesign (Written by Reg staff) Silver badge

A watt is a joule per second

Look, we regrettably make some errors from time to time for various reasons, some due to deadline pressures, some due to misunderstandings by us or our sources -- but if you see "a stupid amount" of errors then you might want to consider that we're not the ones who are wrong.

The problem I think you have is that you see "cooling capacity" and you think some kind of quantity, like a mass, is involved. Understandable given the terms. But cooling capacity is specified in watts (the unit of power). It's a rate. Just like the speed of light is given in metres per second, cooling capacity is given in watts, and watts are joules per second.

Think of the 1MW cooling capacity as the rate of refrigeration, the opposite of heating. Your kitchen electric kettle might heat your water at a rate of 1200 J per second (1.2kW). A 1MW CDU takes 1MJ out of the system a second.

HTH. Try to give us some credit, ta.

C.

After nearly 3B personal records leak online, Florida data broker confirms it was ransacked by cyber-thieves

diodesign (Written by Reg staff) Silver badge

Well, yeah

I get what you're saying but I also want to make clear it was NPD's responsibility to secure that information. It wasn't just that your data was taken, your data in NPD's charge was stolen -- that's how it should be read.

C.

If the world had a hyperscale datacenter capital, it would be... Northern Virginia

diodesign (Written by Reg staff) Silver badge

Re: Gee...

Heh, well, as we've seen (eg, Room 641A), US intelligence doesn't need a HQ to be near a facility of interest to do its thing.

But sure, we can remind people the geography of that part of America.

C.

Elon Musk claims live Trump interview on X derailed by DDoS

diodesign (Written by Reg staff) Silver badge

Re: There aren't enough comments on this story

Ah, it's a sarcastic reference to Florida Man talking America down all the time, this once-great nation etc etc.

Hence the bigly.

C.

Microsoft patches scary wormable hijack-my-box-via-IPv6 security bug and others

diodesign (Written by Reg staff) Silver badge

Yup, it's fragile

MOTW is pretty fragile, yeah, we've covered past exploits - and now noted the one in the article, too.

C.

diodesign (Written by Reg staff) Silver badge

Re: WTF

It's a memory safety failure. The LPD is designed to do the things you've said and expect. But the vulnerability is a use-after-free, so what happens is, someone sends it some specially crafted data that causes the daemon to reuse free'd memory leading to exploitation.

I don't know the specifics but usually what happens is that you trick vulnerable software into freeing some memory, you cause that memory to be reallocated and filled with your attacker-controlled data, then the software uses the memory again in the original context after it was freed. Rather than using its own information, now it's using that attacker-controlled data - and if that data is function pointers (usually is) then now you can direct program control to your own functions you included in the payload. Or similar.

'Friends are always telling me you’re a user. I don’t care what you do to them. Just be good to free().'

From Microsoft's disclosure about the bug: "An unauthenticated attacker could send a specially crafted print task to a shared vulnerable Windows Line Printer Daemon (LPD) service across a network. Successful exploitation could result in remote code execution on the server."

C.

Palo Alto Networks execs apologize for 'hostesses' dressed as lamps at Black Hat booth

diodesign (Written by Reg staff) Silver badge

Re: And I suppose the women were coerced?

I think it's more about the concern of portraying women as window dressing at a trade show. It's weird.

C.

SpaceX tries to wash away Texas pollution allegations

diodesign (Written by Reg staff) Silver badge

Typo

It was indeed a typo, SpaceX says, in its application. That's now being fixed.

C.

Chinese satellite broadband launch rocket breaks up into space junk

diodesign (Written by Reg staff) Silver badge

Re: Oh good, more QC noise

Yeah, we felt it was only worth a sentence or two. I've tweaked that bullet point so people don't read too much into it.

C.

Raptor Lake microcode limits Intel chips to a mere 1.55 volts to prevent CPU destruction

diodesign (Written by Reg staff) Silver badge

From Intel...

"Intel’s internal testing – utilizing Intel Default Settings - indicates performance impact is within run-to-run variation (eg. 3DMark: Timespy, WebXPRT 4, Cinebench R24, Blender 4.2.0) with a few sub-tests showing moderate impacts (WebXPRT Online Homework; PugetBench GPU Effects Score).

"For gaming workloads tested, performance has also been within run-to-run variation (eg. Cyberpunk 2077, Shadow of the Tomb Raider, Total War: Warhammer III – Mirrors of Madness) with one exception showing slightly more impact (Hitman 3: Dartmoor).

"However, system performance is dependent on configuration and several other factors."

FYI. So, yeah, performance is about the same, except in some cases when it's not.

C.

Core Python developer suspended for three months

diodesign (Written by Reg staff) Silver badge

Re: The horse's mouth

Hi Tim - thanks for commenting.

For avoidance of doubt, I checked with Tim and by "their side," he means, the steering council's side.

C.

diodesign (Written by Reg staff) Silver badge

Link

Yes, all we've done is link through to the thread so people can see what it's about. It's otherwise a direct quote of the Python people, not an allegation we've made. I've moved the link out of the quote.

C.

diodesign (Written by Reg staff) Silver badge

No.

We're *quoting* what Tim was accused of. We're not saying it - we're quoting what the allegation is. That's why there are quote marks around it. We've linked to what was actually said by Tim for *your* context.

If you don't agree with the allegation, fine. But we're not saying it. The stuff in quotes you're attributing to us for some reason you should attribute to the Python council.

C.

Under-fire Elon Musk urged to get a grip on X and reality – or resign

diodesign (Written by Reg staff) Silver badge

Re: The REAL reason ...

Are you going to rattle off all the crimes committed by White people? Wouldn't want you to be seen as biased or anything.

C.

Secure Web Gateways are anything but as infosec hounds spot dozens of bypasses

diodesign (Written by Reg staff) Silver badge

Free tool

Yeah, it's not out yet - we've linked to their site where it may appear, or we'll do an update if we spot it.

Edit: OK now the link works - it's there in the piece.

C.

It's 2024 and we're just getting round to stopping browsers insecurely accessing 0.0.0.0

diodesign (Written by Reg staff) Silver badge

CVE

None is assigned.

C.

ICANN reserves .internal for private use at the DNS level

diodesign (Written by Reg staff) Silver badge

Re: Is it really final?

Yeah - we've added a link now.

C.

US 'laptop farm' man accused of outsourcing his IT jobs to North Korea to fund weapons programs

diodesign (Written by Reg staff) Silver badge

Re: To Fund Weapons Programs

Well, Kim ain't spending it on his people. But yeah, interesting focus by Uncle Sam. Reminds me of Colin Powell's speech.

C.

Hello? Are you talking on a Cisco SPA300 or SPA500 IP phone? Now's the time to junk 'em

diodesign (Written by Reg staff) Silver badge

Re: Phones still OK on an inside non-routable network?

Yeah, if no one untrusted can reach the web interface of the devices, they can't exploit it. If someone malicious is on your network and can reach them, then they can attack.

As for if you should worry about it, I think it comes down to this: If there's an intruder or malicious user in your network, are you going to worry about the phones as a priority or whatever else they could do first? You might find a rogue insider or compromised machine has other goals than screwing with your phones.

I guess a particularly nasty intruder might seek to exfiltrate data or run some malware, and then to hamper your efforts to fix things, attack the phones.

But another point: The attacker would have to craft a buffer overflow exploit, which is fiddly, or just crash them with a more trivial exploit. It depends on how much pain someone wants to cause you.

C.

Your victim's Windows PC fully patched? Just force undo its updates and exploit away

diodesign (Written by Reg staff) Silver badge

Re: Re: Full admin access

Thanks, friend. If it feels like tech media's lost its mind sometimes, we feel the same way reading other reports.

C.

diodesign (Written by Reg staff) Silver badge

Re: Full admin access

Yeah, yeah. We know, that's why our article is upfront about it. We were on the fence about the research and decided in the end to cover this because other outlets, including the Washington Post, were writing about this without mentioning the admin aspect at all.

The PR team for the vendor told us, when we asked, that admin rights are needed or you need a priv'd user to intervene. But Microsoft think it's important enough to warrant a fix and there is an EoP aspect to it.

We're not telling you to panic. We're telling you how it is. Give us some credit!

C.