Posts by diodesign

Re: Micron

Cool – we'll check it out.

C.

Re: I work in the field

If you think this is scare mongering, then I regret being restrained, and not going balls out with

DIRTY BOMB SHELL: NUKE NASTY STOLEN, FILTHY WEAPON FEARS GROW

C.

Re: Re: anonymous coward

"they have very little effect on the target country"

Doesn't matter - a hand was, allegedly, caught in the cookie jar. if you're gonna spy and do counter intelligence, then at least do it right.

Also, Clinton's campaign was flawed. Like, really flawed. It's easy to see that. Again, this isn't about candidates. It's about securing the West's systems, and snaring those who seek to cause mischief.

C.

Re: No comments

Embarrassingly, someone accidentally triggered a bug in our publishing system that prevents comments from opening on the Broadcom-CA story. And our chief BOFH is on vacation.

Apologies!

C.

Re: No

It"s missing a 1 - now fixed. Don't forget to email corrections@theregister.com if you spot anything you think is odd or wrong.

C.

Re: I don't think so

Or, I dunno, jerry cans.

C.

"the article has no mention of P for profits, instead quoting an R for revenue figure."

SUSE's operating profit for the 6 months to Oct 2017 was $49m, more or less matching the year-before's $50m.

I've added this to the article.

C.

Re: VPNFilter menace on routers?

The infection vector changes depending on the firmware and model - there is no definitive list, and no concrete details published TTBOMK.

It's not believed the malware exploits any unpatched 0-day bugs - it's going after known vulnerabilities and insecure configurations (such as leaving remote administration enabled, weak passwords, etc).

C.

"Where does the 4 to 6 interchange take place?"

In the home router - thus keeping IPv4 within someone's house and leaving the carrier network IPv6-only.

In the US, cable companies rent out their home gateways. They'll just send out new ones, we guess.

C.

Re: stussybear

"It's not clear from the article exactly what's gone wrong"

They've stopped working. You can't use them. You can't ask them to control stuff in your house.

"should still work locally, just without voice control."

Yes, see the sentence at the end of the article about having to use your fingers.

C.

Re: K8s = too complicated

"is kubernetes getting more and more complicated?"

Generally, K8s is seen as a heavy duty solution. For personal or small grade stuff, Docker might be more your thing - I run pretty much everything (toolchains, linux tools, etc) in Docker containers on a personal laptop.

It keeps tools and dependencies separate, and if I screw up one container, the others work fine. This is useful when playing with cross-compilers or tools with particular dependancies.

(I used way BITD to do a lot of Arm cross-compiling on an x86 box, and won't forget the time I overwrote my base GCC installation with 32-bit Arm binaries. Once bitten, etc.)

C.

Re: Oh two or zero two?

"Any reason why a zero was used in this paragraph?"

Just a typo, mate. Now fixed.

C.

Re: Core issues

"The one thing that they did not explain is exactly how TLBs on modern processors tend to be architected"

This tends to be part of the secret sauce in the chips - along with the speculative execution, etc - to increase performance. As the paper notes, exactly how the TLBs work isn't fully documented, and they needed to train a classifier to predict it.

This is common: Intel won't tell you, for example, how it distributes cache slices around its CPU core ring bus on large shared caches.

Also, as the paper states, the TLB design changes from microarch to microarch. So I tried to keep it general :-)

C.

Re: Is my math dodgy?

MTBF = *mean* time between failure, not minimum or maximum.

Your drive might last 171 years, or 200, or 300, but spare a thought for those that last 3 months or 6 months.

C.

"If it was the backup switch then presumably the primary has already failed unless the backup was firing out packets that interfered with the rest of the network."

It was a backup switch within the primary center that failed to activate due to a component fault in another switch.

C.

Re: Mouse cursor?

TBH I'm happy with "mouse cursor" to annoy the pedants.

C.

Re: What about Replicant?

The article's about eelo and our interview with its key players – we can do another about Replicant... Thanks for the suggestion.

C.

Re: Talos Response

Indeed - we apologize for the error. The article has been rewritten.

C.

Re: Floating point crypto operations?

Intel's AES-NI instructions use FP registers to store AES round keys.

[Source]

C.

Re: OlaM

"An airliner autopilot will happily fly straight into a mountain if you tell it to."

IMHO if you manually tell it to do a dangerous thing, it stops being an autopilot at that point. Aircraft autopilot follows routes, with set safe altitudes, and terrain-following radar to avoid collisions.

Tesla's tech shot off into a barrier.

C.

Re: This is another 10GHz Pentium 4!

The 28-core Core X-series part that's due out this year is 14nm, and will likely be a de-featured Xeon, and will not run at 5GHz unless massively overclocked.

Given Intel's other SKUs, 28 cores isn't ridiculous - but it smells like a stunt to steal the thunder from Threadripper 2.

C.

Numbers

An anonymous HPE staffer wrote:

"Weren't 4Q18 results 21.935Bn so this is actually a QoQ decline? This just looks like an easy YoY compare vs 1Q18."

We compare year on year, typically not quarter to quarter.

C.

Re: richardcox13

As in, will CodePlex be folded into GitHub, or will GitHub become the new CodePlex. Was CodePlex shuttered to make way for GitHub? Those sorts of questions.

C.

Re: Missing vital information

It doesn't appear you can stream RTMP etc, however you can download video from the cameras to your Apple Mac or Windows PC as MPEG-4 media. See:

https://www.youtube.com/watch?v=CNXNzi0vjvM

C.

Re: BSOD no its not, it's a GREEN SOD

"Why do you call it a BSOD when it's a GREEN error screen under Windows 1803"

Same reason the floppy disk stayed as a 'save' icon long after we stopped using floppies – convention and widely recognized shorthand. It'll revise eventually.

C.

Re: Destroy All Monsters

'"Privacy Shield and GDPR" I doubt this very much.'

The collapse of Privacy Shield and EU-US data sharing was a direct result of Schrems asking awkward questions about Facebook in light of Snowden's mass surveillance leaks. Also, Google et al started encrypting their data center links. E2E crypto was no longer for tinfoil-hat paranoids. So many things kicked off.

Sure, none of these are Diffe-Hellman Exchange groundbreaking, but you can't stand there and claim there has been no effect.

I think you're just having a grumpy day, and decided to pick a fight online - like a geezer sitting on a deckchair on his lawn, shouting at the kids across the street to quieten down.

C.

Re: None issue

"Notice that the exploit is a hijacked HYPERVISOR, that's really not an issue."

The whole selling point of SEV is to thwart hijacked hypervisors and evil administrators. It was a selling point AMD pushed for cloud and off-prem platforms. According to this research, it may not live up to the marketing.

AMD made a big deal out of SEV in its Epyc and Ryzen Pro marketing and advertising. It's only right that it is scrutinized, just like Intel's SGX was.

C.

"So how to differentiate oneself?"

Exclusives tend to do the trick, to be honest. Reporting true and useful information before anyone else, that sort of material gets read and shared a hell of a lot more than SCREAMING DRAMA.

C.

Re: "emergency braking switched off by design"

"IT HAD TO BE TURNED OFF"

Disagree. Volvos ship with EB enabled, for humans. Uber could have designed its software to work with Volvo's emergency system, but it didn't. EB was disabled, and the software wasn't good enough to avoid someone crossing the road.

C.

Studies have shown that articles are trusted more if there is a picture under the headline. We try to make them as relevant as possible.

C.

Re: Obvious bias -- twice

"Can we stick to IT please?"

No.

C.

Re: I know it's just a typo, but it's also sadly realistic:

It's fixed - don't forget to drop corrections@theregister.com an email if you spot anything wrong.

C.

Re: size

The exact quote from an email from one of the researchers is "50-cent coin". But turns out they meant a five eurocent coin.

C.

Re: RISC-V

"RISC-V has its advantages, but immunity to Spectre-class attacks is not one of them."

Um. "No announced RISC-V silicon is susceptible, and the popular open-source RISC-V Rocket processor is unaffected as it does not perform memory accesses speculatively." [RISC-V Foundation]

No available RISC-V cores right now do spec-ex in a way that can be exploited, Spectre-style. They don't perform the level of out-of-order execution seen in CPUs from Intel et al.

A 64-bit 1GHz RV64G (64-bit RISC-V with IMADF extensions) SoC is available to order from SiFive that runs Linux. Exciting times.

C.

Re: The title is no longer required.

The original headline was, as can be seen here...

Cambridge Anal. plugged once and for all? Maybe not

And as amusing as that was, it was going to set off a few too many corporate web and email filters. Hope people enjoyed it while they could.

C.