Did you drop this /s ?
Can't tell if you're being sarcastic but recovery isn't the name of the hurricane.
C.
3496 publicly visible posts • joined 21 Sep 2011
Obviously, the fab isn't going to pipe the outside supply, no matter how clean and stable, into the machines direct. It's going to be conditioned and buffered along the way, but that's the infrastructure they're talking about.
Edit: As I've commented elsewhere, yeah there are two issues that are separate but related - the supply, and the regulating of that supply - and I can see that talking about them at the same time is confusing some people. So we've rejigged the piece to clearly split those apart.
C.
The underlying protocol isn't but Microsoft is trying to move people in terms of the app they use. From the official announcement:
"With this general availability launch, users of Remote Desktop clients for Windows, macOS, iOS, iPadOS, and web will transition to Windows App."
C.
It a) declares to the compiler that x is mutable (ie, can be changed; Rust defaults to immutable variables for safety) and b) that x is type 'int'. If you try to use it as something else later, that's a build-time error.
They are both to avoid code being written at one point in time with assumptions in mind, and then at some other time, the code being changed or added to without those assumptions in mind.
C.
Hi -- first things first, this is an article about a Morgan Stanley note. We're reporting that, it's not a conclusion we came to. It's us reporting an observation by market watchers that readers may find interesting.
Second, this isn't about the grid being dirty or not. It's about the increasing power demands of datacenters due to AI, which means datacenters are indirectly causing or taking up more share of CO2 output. That's worth pointing out, in that rather than just saying datacenters are using more power, this is pointing out one consequence of that. If it's all known to you already, great, but MS felt it needed a note and we felt like highlighting it.
This isn't about the climate or pollution or dirty energy. This is about carbon targets, whether those targets can be met if servers are helping emit more and more CO2, and financial / business opportunities for decarbonizing. This is Morgan Stanley after all.
I think you might be overthinking it.
C.
No, not in my experience. The cars will go from passenger to passenger. However, there are cameras on board that use computer vision to watch to make sure you have your seat belt on, have got out of the car, haven't left anything behind.
I would imagine there is some CV involved to inspect the interior after everyone's out. I can't be certain. It's something that occurs to me when I get in one.
C.
Look, we regrettably make some errors from time to time for various reasons, some due to deadline pressures, some due to misunderstandings by us or our sources -- but if you see "a stupid amount" of errors then you might want to consider that we're not the ones who are wrong.
The problem I think you have is that you see "cooling capacity" and you think some kind of quantity, like a mass, is involved. Understandable given the terms. But cooling capacity is specified in watts (the unit of power). It's a rate. Just like the speed of light is given in metres per second, cooling capacity is given in watts, and watts are joules per second.
Think of the 1MW cooling capacity as the rate of refrigeration, the opposite of heating. Your kitchen electric kettle might heat your water at a rate of 1200 J per second (1.2kW). A 1MW CDU takes 1MJ out of the system a second.
HTH. Try to give us some credit, ta.
C.
It's a memory safety failure. The LPD is designed to do the things you've said and expect. But the vulnerability is a use-after-free, so what happens is, someone sends it some specially crafted data that causes the daemon to reuse free'd memory leading to exploitation.
I don't know the specifics but usually what happens is that you trick vulnerable software into freeing some memory, you cause that memory to be reallocated and filled with your attacker-controlled data, then the software uses the memory again in the original context after it was freed. Rather than using its own information, now it's using that attacker-controlled data - and if that data is function pointers (usually is) then now you can direct program control to your own functions you included in the payload. Or similar.
'Friends are always telling me you’re a user. I don’t care what you do to them. Just be good to free().'
From Microsoft's disclosure about the bug: "An unauthenticated attacker could send a specially crafted print task to a shared vulnerable Windows Line Printer Daemon (LPD) service across a network. Successful exploitation could result in remote code execution on the server."
C.
"Intel’s internal testing – utilizing Intel Default Settings - indicates performance impact is within run-to-run variation (eg. 3DMark: Timespy, WebXPRT 4, Cinebench R24, Blender 4.2.0) with a few sub-tests showing moderate impacts (WebXPRT Online Homework; PugetBench GPU Effects Score).
"For gaming workloads tested, performance has also been within run-to-run variation (eg. Cyberpunk 2077, Shadow of the Tomb Raider, Total War: Warhammer III – Mirrors of Madness) with one exception showing slightly more impact (Hitman 3: Dartmoor).
"However, system performance is dependent on configuration and several other factors."
FYI. So, yeah, performance is about the same, except in some cases when it's not.
C.
We're *quoting* what Tim was accused of. We're not saying it - we're quoting what the allegation is. That's why there are quote marks around it. We've linked to what was actually said by Tim for *your* context.
If you don't agree with the allegation, fine. But we're not saying it. The stuff in quotes you're attributing to us for some reason you should attribute to the Python council.
C.
Yeah, if no one untrusted can reach the web interface of the devices, they can't exploit it. If someone malicious is on your network and can reach them, then they can attack.
As for if you should worry about it, I think it comes down to this: If there's an intruder or malicious user in your network, are you going to worry about the phones as a priority or whatever else they could do first? You might find a rogue insider or compromised machine has other goals than screwing with your phones.
I guess a particularly nasty intruder might seek to exfiltrate data or run some malware, and then to hamper your efforts to fix things, attack the phones.
But another point: The attacker would have to craft a buffer overflow exploit, which is fiddly, or just crash them with a more trivial exploit. It depends on how much pain someone wants to cause you.
C.
Yeah, yeah. We know, that's why our article is upfront about it. We were on the fence about the research and decided in the end to cover this because other outlets, including the Washington Post, were writing about this without mentioning the admin aspect at all.
The PR team for the vendor told us, when we asked, that admin rights are needed or you need a priv'd user to intervene. But Microsoft think it's important enough to warrant a fix and there is an EoP aspect to it.
We're not telling you to panic. We're telling you how it is. Give us some credit!
C.