* Posts by Zola

305 publicly visible posts • joined 13 Nov 2012


Downfall fallout: Intel knew AVX chips were insecure and did nothing, lawsuit claims


"Why bother with security checks", said Intel

The fundamental issue is that Intel decided to skip all privilege/permission checks when executing instructions speculatively, in order to save time. The privilege/permission checks were applied only once the path of the speculatively executed instructions was actually taken. This meant that inaccessible memory would be physically accessed by the speculatively executed instructions, and subsequently leaked, even if the CPU eventually threw a privilege exception.

This was a major design cockup that Intel *chose* to make. They must have know of the potential risk, but still considered it worthwhile. Conversely, AMD did not cut this corner in their own speculative execution design (it's why their CPU designs were not hit anywhere near as hard by Spectre etc.) as all necessary checks were applied during speculative execution, as one would expect.

The sad thing is that Intel has effectively gotten away with it all, and their customers have paid for it in terms of weakened security, loss of performance etc., while OS and compiler developers have had to apply increasingly shit workarounds.

This court case is a long time coming, but it's unlikely it will significantly impact Intels bottom line.

CEO Satya Nadella thinks Microsoft hung up on Windows Phone too soon


With those words, Elon Musk could certainly learn a thing or two from Sataya the Wise One.

Raspberry Pi 5 revealed, and it should satisfy your need for speed


Re: Expensive

> but they now seem to fall into the standard business habit of having to release a new version regularly

Regularly? This is the first new RPi SBC in 4 years... LOL.


> since lost focus and is pricing itself out of the low power market

You know the Pi5 supports suspend mode with power consumption of 4mW?

And when fully powered and active it's using single digit Watts.

If there's more efficient hardware available then you were probably never the target market.


Re: Lost the plot

2GB and 16GB "sometime early next year once we've got past the initial launch pain!"

No mention of anything more than 16GB, which to be honest is probably not going to sell in significant numbers (4GB and 8GB being the "sweet spot").


> does the Pi5 default to booting when power is applied out of the box like all previous PI? Can it be bypassed?

Yes, and yes. Power button behaviour is configurable - it is just standard Debian power button handling.


Re: Lost the plot

It seems there's a Pi to suit every level of performance, and/or wallet. It's easy (and cheap) enough to start with a Pi3 and go up or down to find the level of performance that your project requires.

For £5 more than a Pi4, the Pi5 offers significantly more performance and expansion potential, but if that's not required then the Pi4 may still be the better option. I run a headless Pi4/8GB booting from nvme and that's perfectly fine for my needs, maybe I'll take a look at Pi5 once the software and hardware (HATs) has matured.

I personally find the Pico support to be exemplary.

FCC plans to restore net neutrality rules tossed out under Trump


Ted Cruz

What a total fuckwit.

Do SSD failures follow the bathtub curve? Ask Backblaze


Makes me think the Backblaze figures would be more meaningful with the "drive lifetime write" figures - how can we tell if a drive failed after being absolutely thrashed to death (which would be expected) or if it failed while being mostly idle (or mostly read only), which would be highly unusual?

'Small monthly payment' only thing that stands between X and bot chaos, says Musk


I wouldn't pay 1 penny (total, never mind as a recurring fee) to use Twitter:

A) there are (or will be) free alternatives (Threads isn't that bad, and improving, and also much less toxic than Twitter)

B) I don't trust Elmo with my credit card details. Period.

Seeing Twitter go behind a paywall would be the best thing to happen to it so that the mainstream media can forget about it, and it will die a slow death.

Those that are stupid enough to pay for it will continue to enjoy their toxic echo chamber, with even dodgier advertisers than there are now (all the big name brands appear to have left the platform based on the absolute junk I'm being shown).

God knows how he expects to attract new users to his pay-to-use platform when everyone has forgotten about it - I guess he'll need to advertise it (ironic).

Or maybe it will be free to Tesla owners, LOL.


I need to make posts on Twitter confirming this is a genius idea, to help ensure it happens - don't fight it people, this will guarantee the collapse of the entire platform!

BT confirms it's switching off 3G in UK from Jan next year


Re: Three

Three are the same joke in my location which is a densely populated South London borough (postcode CR0), so their garbage network is by no means limited to "oop North".

4G data download speed on Three is measured in tens of kbps, sometimes single digit kbps, while the upload speed cannot be measured at all - it errors out. 3G is the same.

I put up with it for years (complained, but they refused to acknowledge they even had a problem - neighbours with different phones had the same issues with Three) as I had contracts on Three that used their femtocell in a location that no network covered at the time, but when Three turned off their femtocells a month after I had renewed for another 12 months I was left to count down the days until I could bin all the Three contracts, particularly as O2 coverage recently appeared in the location of the now ex-femtocell.

I'm now with Sky, which runs on top of O2, and it's night and day. And cheaper.

Avoid Three like the plague.

Cage match: Zuck finally realizes Elon is full of twit


Shame - I'd just started warming to the idea

I must admit, at first I thought the idea of two CEOs fighting in a cage was incredibly unseemly and totally unnecessary. And in many ways, it still is.

However, everytime Musk opens his mouth to spout yet more BS it's made me realise that watching someone (anyone) BATTER THE LIVING SHIT OUT OF HIM until he begs for it to end, live on TV/internet and recorded for posterity, would actually be quite wonderful.

Scientists strangely unable to follow recipe for holy grail room-temp superconductor


Re: As expected

Starting to get a distinct Hwang Woo-suk fraud vibe from all of this, unfortunately.

If this turns out to be another fraud then the Korean science community could find itself in a very unfavourable situation.

Fool me once, and all that.

Linus Torvalds calls for calm as bcachefs filesystem doesn't make Linux 6.5


Re: Rights and Wrongs

> P.S. as well as RAID5/6, don't use quotas either...

Graham... you're really not selling it!

BTRFS has been a "nearly there" filesystem for as long as I can remember... and it's usually the same issues that come up every time it is discussed. Why not focus on fixing them and stabilising the codebase before adding more fancy functionality?

Personally, I use ZFS. It works. Has done for more than a decade. No caveats required.

It's a massive shame that Linux hasn't been able to adopt it without the licensing issues.

Techie wasn't being paid, until he taught HR a lesson


Re: Unique keys


GPs are private and always have been as GPs refused to allow the formation of the NHS back in the 1940s until the Bevan government of the time cut them a deal that allowed GPs to remain private and outside of the NHS. This is why the GPs can sell their partnerships and their patients off to the highest bidders (Virgin Health Group, American health groups etc.).

So that kack computer system your dads GP surgery uses? Almost certainly not the fault of the NHS (for once).

Microsoft Windows edges closer to SMB security signing fully required by default


SAMBA Performance

SAMBA file transfer performance on low powered ARM devices is going to end up in the toilet once server signing is required - not so easy to add another core, or replace with a more powerful CPU.

I can see this being disabled by users on the Microsoft end. Hopefully it can be disabled on a per-share basis.

Raspberry Pi production rate rising to a million a month


Re: A Bit Late Now

> Though if all that people want is a media player, pi-hole or other purely software solution then the Pi people may well find that those potential customers have already found other boards that satisfy their needs.

Pretty sure that's not really the target market for the RPi people - sales to such customers are a nice little earner, yes, but those customers are not the Foundations focus.


> "I don't even understand why you're making them rather than a newer model."

> "... which disappear in seconds"

I think you answered your own question.

And when there's strong demand for existing products that are in short supply, why introduce a new product (that may be in short supply) knowing it will experience even stronger demand? Clear the backlog first... no need to make life harder for yourself than it already is.

Florida folks dragged out of bed by false emergency texts


Three appears to have opted out of the UK EAS test

without informing anybody.

A very significant number of Three users (including those on Three-based MVNOs) did not receive the alert.

I look forward to the publication of the Three post-mortem into this incident (yeah, right).

I've got 2 contracts on Three and I'll be switching both once they come to an end later this year (not solely because of this EAS fiasco - that's really just the cherry on top of this shit network cake).


Re: Wot no alert?

Android 10 supports Emergency Alerts (BBC source is wrong, but no surprise there) - I received the alert on my Android 10 device from O2, but had another phone on the Three network which didn't receive anything. Three ballsed this up good and proper.

GlobalFoundries sues IBM for flogging 'chip secrets to Intel, Rapidus'


Re: IBM great damage to GFS ??

I got halfway through and started thinking "has amanfrommars got a new handle..."

Fancy trying the granddaddy of Windows NT for free? Now's your chance


Debugging was a joy on VMS, regardless of language - single stepping a COBOL programme that called a module written in C which then calls a MACRO32 library, you could debug them all in a really easy to use and comfortable environment, switching seemlessly from one language to another as you step into/step out.

DEC were years ahead when it came to their common language environment.

Linux still doesn't come close, as gdb is horrible.


Re: VMS 1.0...

We were a COBOL shop, and in the very early 90s we needed to write a small amount of functionality (asynchronous multi-threaded terminal IO handling using QIO syscalls) where COBOL - surprise, surprise - just wouldn't cut it, and at the time DEC charged for their C-compiler (very expensive) so it was decided the only option was to write it in MACRO32.

Fortunately I already knew 68K assembler and the MACRO32 differences were pretty minimal, so it all worked out great (and I only crashed the dev VAX twice while testing, successfully getting VMS on one occasion to allocate a negative amount of virtual memory which was apparently something DEC had never seen before!)

But then about 2 years later the official C-compiler became available for free from DEC, and in hindsight it would have made more sense to convert the MACRO32 to C code but that never happened, so the MACRO32 code ran until the VAX systems were decommissioned in about 2010-2015 I think. I'm pretty sure they got their money's worth out of that code!


Re: The modern museum

I used to know that documentation, and the preceding blue wall, so well that I could have told you what book, and probably roughly what page, from memory.

Is that you, "Raymond"? :-)


Re: The modern museum

it eventually took 4 of use a half day going through numerous manuals to eventually find the syscall he wanted.

Half a day?! What you needed is a system admin with Rain Man-like "Grey wall" powers!

One day, many many years ago, I was writing in MACRO32 on a VAX, and needed the documentation for the QIO syscall.

I walked into tech support, custodians of the Grey Wall, and spoke to the senior system admin - a man of very few words - and our "conversation" went something like this:

Me: "Hi Raymond <not his real name> I'm looking for the QIO documentation, any idea where the manual is?"

Raymond thinks for a second or 2, then says: "4th rack from the left, 3rd row down, 2nd manual from the right. Section 8."

And he was spot on! I was in and out of there in less than 2 minutes. :-)

Elon Musk actually sits down and talks to 'government-funded media' the BBC


Re: "Yes. Yes, that is the reason."

He's lying, as a court ruling was absolutely NOT the reason - he could have walked away from the entire deal as it included a $1Bn breakup fee (plus unquantifiable amount of lost face). But he didn't, presumably as the loss of face is worth more to him than any amount of money.

A truly smart person would have run away from the Twitter deal thinking they'd got off lightly with "only" a $1Bn loss, but not Elmo who will likely lose every penny and more of the $44Bn (not all his money).

And dumb people will still claim he's a "genius".

Twitter tweaks third-party app rules to ban third-party apps


Or alternatively, he's about to flood the Twitter experience with adverts in an effort to balance the books, and he needed to ban the Twitter-like alternatives in order to prevent users abandoning the soon-to-be advert-laden official Twitter app overnight.

And, with no engineers left at the company to support the API, it's a potential win/win for Elmo.

Native Americans urge Apache Software Foundation to ditch name


Re: MongoDB next?

Makes me wonder when will they be coming for Devo.


Virgin Orbit doesn't


Re: On the positive side

Wrong. 61 in 2022. 31 in 2021.

Prime suspect: Amazon to loosen logistics and delivery from EU retail


Going further, I'd like to hide sellers that use specific delivery companies, ie. Evri, as that would be perfect.

I'd simply specify in my profile the delivery companies that I DON'T trust to deliver my purchases and that I don't want to have to deal with, and bingo - sellers using the cheapest and crappiest delivery companies would disappear from my listings and those sellers will most likely see a dramatic loss of business until they start paying a fair price to have their stuff delivered by reputable delivery companies.

Evri would be put out of business overnight. Hopefully.

Mythic bet big on analog AI but has run out of cash


Re: 10 years old?

They did make it, and apparently it worked.

The problem is there was nobody that wanted to buy it, or not in big enough numbers to keep them afloat.


10 years old?

When is a startup no longer a startup?

Is IBM still a startup? Or HP?

But 10 years is a lot of runway... maybe they were trying to make something nobody wanted to buy.

ZX Spectrum: Q&A with some of the folks who worked on legendary PC


QDOS ahead of its time

The QL was also my first machine with a floppy (twin 3.5" in my case)! I upgraded to the QL after a Spectrum 48K.

What many don't appreciate about the QL is that it had a fully pre-emptive multi-tasking operating system with job prioritisation/scheduling, IO channels with redirection (windows, files, pipes), and possibly the most advanced version of (Super)BASIC.

All in a 48KB ROM.

Tony Tebby (QDOS) and Jan Jones (SuperBASIC) did an outstanding job designing and fitting all of that into such a small ROM.

And credit too to Laurence Reeves for squeezing even more functionality (and many bug fixes!) into the same ROM space with his "Minerva" reimplementation of QDOS after Sinclair Research went belly up.

I learned BCPL, Pascal, C and MC68000 Assembler (not necessarily in that order) on the QL and the latter set me up nicely when asked to programme DEC VAXen in MACRO32 in my first IT job - that was a LOT of fun!

There were far too many corners cut on the QL hardware which was in truth a bit of a disaster, but the effort that went into QDOS is so often overlooked.

Alert: Let's Encrypt to revoke about 2 million HTTPS certificates in two days


Re: Would be really nice

Exactly. With automated cert renewal (certbot) the 90 day limit really isn't an issue - in fact it could be reduced further and I wouldn't give a toss as my LE certs reliably auto renew just fine (HTTP-01 challenge, so unaffected by this revoke issue).

Throw away your Ethernet cables* because MediaTek says Wi-Fi 7 will replace them


40Gbps sounds amazing, but...

I hope it uplinks to the network router or switch over something faster than 1Gbps Ethernet. Eventually there's going to be a wired Ethernet connecting the wireless access point to the backend, and 2.5Gbps/5Gbps/10Gbps ports are still not exactly commonplace (getting better, but still classed - and priced - as "premium" for some reason), even less so 40Gbps ports (maybe link aggregating multiple 10Gbps ports will work/be required).

Feeding the 40Gbps WiFi7 beast sounds like it may be the more difficult nut to crack, in a world of predominantly 1Gbps wired connections.

Thales launches payment card with onboard fingerprint scanner


All good until cards are stolen in the mail

If the cards are supplied blank to customers who then programme them with a fingerprint, this will likely increase the theft of cards sent through the post because the first person to receive the blank card will have access to unlimited transactions until the card is cancelled.

I've been the victim of "new card postal theft" and can only see this ending badly unless there are additional checks to prevent the wrong people programming stolen cards but I don't see any mention of that in the article.

I'd also be very concerned if banks (or credit card companies) then refused to cancel the fraudulent transactions because of their belief that it's not possible to fake my fingerprint etc. (even though I didn't receive the new card which is now down to me to prove etc.)

Perhaps cards should only be programmed by placing them into an ATM which would mean they can't be programmed without the PIN. But this would mean fitting fingerprint readers to ATMs although that isn't necessarily a bad idea. Or the cards can read and store a fingerprint but it's only "activated" by an ATM.

Cards being issued "preprogrammed" from a stored and verified fingerprint would be an obvious (and almost total) solution to postal card theft, but then the privacy issues are huge.

Another successful flight for SpaceX's Starship apart from the landing-in-one-piece thing


SpaceX have turned rocket science into Spaghetti Engineering

"Throw it at the wall and see what sticks."

Literally. Or until the money runs (handy then that the owner has a bottom pit of cash).

And they really think they're going to to put people inside this. I can't wait for the Corporate Manslaughter charges. Or will the idiot millionaire/billionaire space tourists sign away all their rights because they believe in the Cult of Musk? Most probably.

"I'm a con-man, or maybe I'm a God..."

Guilty: Sister and brother who over-ordered hundreds of MacBooks for university and sold the kit for millions


Re: laptops – codenamed "ingots" for a short while

I guess they realised it was pointless and not worth the hassle using codenames once the buyer wanted to know the model numbers and screen sizes of the "ingots" that were on offer.

Realme 7 5G: Parents, this is the phone you should have got your kids for Christmas


Wireless Charging is a real deal breaker for me

Honestly, I'd be all over this if it had wireless Qi charging.

The only budget/mid-range phone with decent specs (ie. better than 720p display) and built-in wireless charging I've found is the Ulefone Armor 7 for £211 (current price on banggood.com) - I've ordered one even though physically it's a bit of a beast. It should even come with Android 10, once it arrives from China (ordered 21 December, tracking suggests a late January/early February delivery to the UK).

I hope Qi charging starts to become a standard feature on more mid-range devices in the next 12 months. Withholding Qi - which is pretty much the last means of market segmentation other than in terms of individual component quality - isn't going to magically cause me to drop an extra £400 (or more!) on a higher-end device that does have Qi charging (which in reality is a $2 BOM cost). Instead, I'll find cheap alternatives, even if they are beasts from the previous year, or stick with my current phone.

Ransomware masterminds claim to have nabbed 53GB of data from Intel's Habana Labs


And no shits were given because... Intel.

The victim here is Intel and they've made a victim out of many other companies in order to succeed (and likely continue to do so to this day).

So this is all just a wafer thin slice of karma.

Me? I'll just grab myself a large bucket of popcorn.

AMD performance plummets when relying on battery power, says Intel. Let's take a closer look at those stats


I wonder...

Have Intel hired Trumps legal team to help produce these stats? They do have a similar way with numbers.


Re: Lies, Damn Lies, and Statistics

Oh the irony - didn't Intel announce a few months ago that benchmarks were not a good way of determining processor performance? Oh look, yes, yes, they did...

(I tried to find the same article on anandtech.com but surprise surprise the Intel shill site didn't think it was worth covering, just as they don't talk about Intel vulnerabilities, or any Intel performance problems from the resulting mitigations. They're more than happy to discuss the merits of benchmarks - and their abuse - on ARM, however.)

I wonder if Intel - by using possibly flawed and/or contrived benchmarks - are simply trying to prove their rather untenable point?

No such thing as a Three lunch: Hutchinson CK to sell tower biz to Cellnex


Re: surprised

> as plenty of places I go 3 reception varies between dire / non existent.

It's like that at my 80+ year old parents place, where they have no cellular signal at all (no 3, O2, BT/T-Mobile or Vodafone coverage) so I got them both on 3 SIM only deals (as I am, at about £8-£10/month) and ordered them a 3 Home Signal femtocell (provided free of charge due to the total lack of network coverage) which is connected to their broadband - a just about usable 20-30Mbps from Sky "Fibre" FTTC - and it works great.

The Home Signal is 3G only, but to be honest for voice and text that's totally fine, giving the full 4 or 5 bars of coverage around the house, and - which is why I demanded it - it will work with any smart or dumb phone (once the phone number has been registered with the femtocell) unlike the "WiFi calling" option they'd rather non-service subscribers use but which really needs a smartphone. My old parents don't need/want iPhones, they're much happier with dumb phones.


Doesn't this mean 3 is now (or will be) effectively just an MVNO?

See title.

Excel is for amateurs. To properly screw things up, those same amateurs need a copy of Access


This brings back a bad memory!

I worked in the London branch of a US investment bank, in the IT department, and the Ops department had hired one of the Y2K COBOL "consultants" we had been using prior to Y2K to "knock them up a system to help record certain compliance issues". So this all took place just before Y2K (Oct/Nov 1999) as the consultants were all looking for their next gig by then and had obviously convinced one of their old users (who had been system testing Y2K) that they could help them out with some of their more mundane reporting issues.

Apparently, development of the system had gone swimmingly and the consultant delivered the system (with no input from IT, this was all done behind our backs) and the Ops department - which had a mixture of UK and US staff - diligently entered their data for a few months, and the consultant left the scene rolling in dough.

Shortly after, early Jan 2000, the system began misbehaving - the reports weren't making any sense. Could the IT department send someone down to fix it?

We had a brief internal discussion within IT, mostly involving the phrases "fuck off, I'm not touching it", "no fucking way am I taking a look" and "they developed it, it's their problem!" until finally I got given the short straw and talked into taking a look, but that if it couldn't be fixed relatively quickly then I should leave it alone as it really wasn't our problem (apparently the Ops department had been warned about this sort of shenanigans in the past - mostly using massive Excel spreadsheets that nobody could support).

So I went down to Ops. Asked to see this system. All based on Access 97 and Forms. I quickly ascertained what it did, and what the problem was. In a nutshell: "A lot of the dates are wrong".

I began looking at the data, and deduced that the Access 97 database being used to store the application data was using a TEXT column for all of the dates.

You can all guess where this is going... right?

Some of the users entering the records had their PCs set to use UK dates (dd/mm/yyyy) and other - US users based in our UK office - had their PCs configured to use US dates (mm/dd/yyyy). Sigh.

"01/04/1999" as stored in the database could have been 01-April-1999 or 04-Jan-1999. Was "01/04/1999" entered by a UK user the same as "01/04/1999" entered by one of our US visitors? Yes? No? Maybe? Who could possibly tell anymore?

And, due to the total absence of any audit trail, it wasn't even possible to know which user had entered which records (and thus dates) so matching US users to specific mm/dd/yyyy records - which might have been the only possible way to unfuck about 50% of the dates back to a sensible dd/mm/yyyy date format - was entirely impossible.

I swiftly threw up my hands and said the existing data was now garbage, and couldn't be saved. In future, make sure everyone has the same date format on their PC when using this system. Bye!

As for how it ended, the US investment bank was bought out by a European bank about a month later, and the Ops team (and their noddy system) were made redundant. That, as it turned out, was a lucky escape!

She was praised by the CEO and promoted. After her brother and mom died, she returned from compassionate leave. IBM laid her off


A whistleblower from the IBM HR department is required

But that would assume there is someone working in the HR department that has a conscience. Or even a spine.

So, ain't gonna happen. :(

Autonomous robots that can be injected? Not as far off as it sounds, say boffins, thanks to new ion-powered silicon legs



> The group of researchers estimated a production cost of one US penny ($0.01) per device.

Maybe so, but the end user will still have to pay tens of thousands of dollars per treatment because... US healthcare system.

We've come to wish you an unhappy birthday: Microsoft to yank services from Internet Explorer, kill off Legacy Edge by 2021


> If he does, I hope Microsoft respond by creating an email client called Bono.

It it happens I'm sure they'll be Mullen it over.

Intel talks up its 10nm Tiger Lake laptop system-on-chips as though everything is going according to plan


"Layers a few Angstroms thick"

It all sounds very good, and nice to see Intel actually innovating again (now that they have to). However one can only hope that these new CPUs don't suffer the same fate as the Intel Atom C2000 SoC that died after a couple of years. The cautious may be advised to take a pass on this new unproven design.