* Posts by gnasher729

2334 publicly visible posts • joined 13 Oct 2014

Eurocops take down 'secure' criminal chat system known as Matrix

gnasher729 Silver badge

Re: Speculation

MITM attacks run into legal problems. In at least two cases the encrypted message didn’t get touched, but a software update contained code that would send the unencrypted message directly to the police. With a MITM attack police might have no evidence that is acceptable by a court. If they modify your software to send unencrypted messages then it is much easier to use legally. .

gnasher729 Silver badge

Re: Why?

Why do criminals think this software is more secure than say Signal? Same reason why people avoid vaccination. They see conspiracies that don’t exist and instead fall for the real dangers.

gnasher729 Silver badge

Re: In other news.....

Anonymous: The application sends the same message encrypted to an ultra secure server which sends it 100% safely to the planned receiver, and the original unencrypted message to the police. Thats done with a software update, without any changes to the server.

And since the app tries to prevent anyone from accessing your message, it also prevents anything from detecting that two messages are sent instead of one.

gnasher729 Silver badge

Re: In other news.....

Especially bad if you had an iPad that you operate with both hands.

gnasher729 Silver badge

Re: In other news.....

Or against new software updates that spill everything to the police before encryption. Which also solves legal problems, much easier to listen to in legally_before_ messages at encrypted.

Intel aims to reinvent itself as foundry focus sharpens amid leadership shake-up

gnasher729 Silver badge

Re: On "On package memory "...

On the other hand apple gets better performance for on silicon tha Intel gets without producing tons of heat.

Musk and Trump to fall out in 2025, predicts analyst

gnasher729 Silver badge

Re: They will fall out over ego

Just going to point out that Hunter Biden’s chances for a fair trial in the next four years are approximately zero.

Microsoft flashes Win10 users with more full-screen ads for Windows 11

gnasher729 Silver badge

Re: Linux in the new year

If you are a Mac user, you could get a new Mac mini and install (I think it’s called) Asahi Linux. From what I hear just a fine Linux version, the hardware is lovely, you’ll find it hard to ever get the fans running, and if you find Linux is not for you you have a Mac.

Microsoft confirms there will be no U-turn on Windows 11 hardware requirements

gnasher729 Silver badge

Not knowing enough about Windows…

Is the problem that people don’t trust TPM 2.0, or that lots of people have computers that don’t support it and could run Windows 11 just fine without this requirement?

No, I can't help – you called the wrong helpdesk, in the wrong place, for the wrong platform

gnasher729 Silver badge

Re: Warren's big mistake

My last employers all had my private phone number. So I could be reached in an emergency. Lucky enough all my bosses understood the meaning of the word “emergency”.

Temporary printable tattoos could be the future of EEGs

gnasher729 Silver badge

Re: Definitely proof of concept gear.

They might hire the nearest professional hair dresser as a consultant. Or get someone in who removes hair from your head with minimal damage 15 minutes before you get the tattoo.

Broadcom loses another big VMware customer: UK fintech cloud Beeks Group, and most of its 20,000 VMs

gnasher729 Silver badge

It sounds like this is open source software, so they would have the source code and no reverse engineering is needed.

Judge again cans Musk's record-setting $56B Tesla package

gnasher729 Silver badge

His goals were not “unachievable”. That was as proven in court a lie produced by the board under his control.

Who had Pat Gelsinger retires from Intel on their bingo card?

gnasher729 Silver badge

You can write macOS code, compile it for ARM and x86, and run both on an ARM silicon Mac. The Intel version will automatically be translated from Intel to ARM assembler code using Clang.

The result runs typically at 80% of the speed of an ARM processor. So thats at most the penalty: 20% slower after translating assembler code.

Intel processors are just not very fast. If you look at performance per Watt they don’t come close to Apples ARM implementation. There are people who use Apple Silicon because it runs Intel code at same speed for much less power.

gnasher729 Silver badge

Re: replaced ... by ... CFO

I think the problem is not any foundry, but having a CEO who can find someone to run the foundry.

Microsoft goes thin client with $349 Windows 365 Link mini PC

gnasher729 Silver badge

Re: For less than half...

Can I buy a complete working raspberry pi computer at my local curries store?

D-Link tells users to trash old VPN routers over bug too dangerous to identify

gnasher729 Silver badge

Re: Is there no product liability at all?

No, you don’t get six or five years. You get a “reasonable time” from the date of sales until the defect is found. The repair can take a bit longer. And a device less durable then it should be is defective from day one. But six years is when statute of limitations runs out.

Zabbix urges upgrades after critical SQL injection bug disclosure

gnasher729 Silver badge

SQL injections happen out of utter stupidity. You must be hiring morons or worse hire morons as managers to get sql injections. Yes, it is unforgivable.

Will passkeys ever replace passwords? Can they?

gnasher729 Silver badge

Re: 2FA can be a Catch-22 when moving countries

Before you move check that your phone supports roaming.

gnasher729 Silver badge

Re: Single point of failure

That’s when you send a message to your mum. “Mum, I lost my phone, please send me money”. Except mum has been told only a scammer would do that. Prepare for a long walk home. I always have 2 cards and some cash hidden away.

gnasher729 Silver badge

That’s not recent research. It’s known for many many years that more than 2^256 state changes are not possible using all the energy in the universe.

Indonesia tells Apple $100 million investment isn't enough to lift iPhone 16 sale ban

gnasher729 Silver badge

So I expect Mr Starmer will insist that 40% of iPhone parts are Uk made.

Fujitsu does not trust Post Office in use of Horizon data in future third-party prosecutions

gnasher729 Silver badge

Re: You'd think

There is a little booth outside my local Sainsbury’s that takes all the photos you want for sny of the purposes you mentioned. I wonder how much their it system cost.

The NPU: Neural processing unit or needless pricey upsell?

gnasher729 Silver badge

Re: Multi tasking?

From what I've seen, cache bandwidth or access time is quite irrelevant. What counts is pure memory bandwidth, Which can be 100 to 280 GB/sec on a not-top-of-the-range Mac.

The US government wants developers to stop using C and C++

gnasher729 Silver badge

Re: Runtime Checks

"Sarcasm aside, how much help on this are we getting from the current x86 architecture? Hardware-based runtime checks should be much-faster than software-only-based runtime checks."

Says who? Software based can run through an optimiser. So in a loop for (i = 0; i < n; ++i) a[i] = 0; I can get away with exactly one check in software (is n greater than the size of the array). But then there has been tons of effort to make normal code run fast that is used by software-only runtime checks. With hardware checks, good luck integrating this into the normal code flow.

gnasher729 Silver badge

So let's say I have an array with 100 elements and do an assignment a[101] = 0. Undefined bheaviour in C or C++. In Swift I know it will crash the application. Instantly and guaranteed. Which is likely the best possible outcome, but obviously not good. In Objecctive-C it throws an exception which is unlikely to get handled properly. No matter what, the user is f****d.

So what exactly does it do in Rust, and how is that safe?

Thanks, Linus. Torvalds patch improves Linux performance by 2.6%

gnasher729 Silver badge

Re: UABP

Drop any speculation, and you performance drops a facto 3 at least. The trick is to only drop speculation when it can give a hint to an attacker.

Hide the keyboard – it's the only way to keep this software running

gnasher729 Silver badge

During CeBit, my boss walked around, came back and said “I went to this computer, pressed Control-A, and it crashed, so I thought I better come back”.

Four hours later “I went back to that booth, they still try to get their computer back running” .

Linus Torvalds affirms expulsion of Russian maintainers

gnasher729 Silver badge

Re: About those "Nazis"...

"Holy Roman Empire" - that's the one that was neither Holy, nor Roman, nor an Empire, right?

gnasher729 Silver badge

Not a good comparison. As an art lover, you wouldn't have prints of Hitler's pictures on your wall due to lack of art to be loved. Any German art from the 1930s that was worth loving and hanging on your wall was illegal. Reiser OTOH is a convicted killer, but produced a worthwhile file system.

gnasher729 Silver badge

Re: 1939 Soviet invasion of Finland (Winter War)

85 years ago, Linus' grand grandfather was in Finland handing out headshots to Russian would-be invaders. The grand grandson behaves in a very civilised manner. Not shooting anyone.

41-million-digit prime crunched by datacenter GPUs

gnasher729 Silver badge

Re: Well done!

Mersenne primes have a special form. There are primality tests that work well if you have the complete factorisation of n + 1. And for Mersenne primes, we know the complete factorisation of n + 1, because (2^k-1) + 1 is just a power of two. Proving that a general number is a prime is much much much harder.

Trump campaign arms up with 'unhackable' phones after Iranian intrusion

gnasher729 Silver badge

Re: Intentionally Be-bugging Computer Code

If your QA finds an intentionally planted bug, then you put all reported bugs to the “bugger” team and they know exactly where the bug is.

gnasher729 Silver badge

Re: Oh, my

The question isnt “how long until it is cracked” but “how long until trump decided to use an iPhone or Android phone”.

The billionaire behind Trump's 'unhackable' phone is on a mission to fight Tesla's FSD

gnasher729 Silver badge

Don’t remember which one this is, but the phone that was created on order of the NSA was supposedly quite secure - after sending the unencrypted message to the authorities.

Spectre flaws continue to haunt Intel and AMD as researchers find fresh attack method

gnasher729 Silver badge

That’s what the article says. The obvious way to go is to use speculative execution wherever it doesn’t reveal internal information to the outside (99% of the time) and don’t use it when it does. So with a lot of care you can remove the problems with very little performance impact.

The main problem is that this is hard to test. You need a test case that is vulnerable against spectre and not vulnerable against spectre after a fix. And that apparently wasnt tested correctly.

gnasher729 Silver badge

Different from Spectre

With Spectre, someone figured out that predictive execution could open a side channel. On the other hand those calling to abolish it seem unaware what kind of performance gains it gives. It’s not percent, it’s factors two or three. Want your processor to crawl, turn off predictive execution.

The article states quite clearly that this is different; Out of the many changes to defang Sceptre one wasnt implemented correctly. There is just a bug. I guess it’s an area that is very hard to test, but still a bug. They had a correct design that would have fixed the problem and it wasn’t implemented correctly.

Server-maker Wiwynn expands $61M lawsuit against X

gnasher729 Silver badge

I think you misunderstood the post. It was reasonable to make such a deal with Twitter who was a readonably trusted company at the time. Doing the same desl with X today would bd madness because you know how they behave. Wiwynn can’t be blamed for trusting Twitter in 2014.

Opening up the WinAmp source to all goes badly as owners delete entire repo

gnasher729 Silver badge

Re: Simplest solution

Since we are for simple solutions, hiring a sniper or two to kill anyone involved would be easier.

gnasher729 Silver badge

Re: Simplest solution

How many users do you think have the ability and the spare time to improve the source code? And how many who claim this come from North Korea?

gnasher729 Silver badge

Re: Simplest solution

Your “simplest solution” is one where the combined power of the whole software industry comes down on you and will make sure that you won’t win any elections for the next twenty years.

Two British-Nigerian men sentenced over multimillion-dollar business email scam

gnasher729 Silver badge

Why should it be hidden? If it was two men from Michigan, it would say “two Michigan men”.

Elon Musk's assassination 'joke' bombs, internet calls for his deportation

gnasher729 Silver badge

Re: @jake

The truth about the geese: A black guy (not Haitian) watched two geese being hit by a car and he tried to get them to a vet.

gnasher729 Silver badge

O just realised the big differences between Sunak and Trump. First, Sunak made his fortune himself. Not thanks to millions and millions of dollars from a racist scum dad.

Second, plenty of press that claims “Sunak doesn’t understand how little people think and doesnt care for them” when in reality he has done his best for the UK (tough job after Liz Truss bringing us to the brink of bankruptcy), while in the USA the idiots actually think that Trump cares for them, while he only sees them as stupid marks. Or as scapegoats. Because fascism doesnt work without scapegoats.

Brazilian court sprays Musk's X with more fines for returning after ban

gnasher729 Silver badge

When Twitter unblocked itself, there were plenty of people smelling victory: “Musk is back in Brazil and there is nothing this fascist liberal judge and Brazil can do about it.”

Turns out they could. Charge him close to a million dollars every day :-)

Feds charge 3 Iranians with 'hack-and-leak' of Trump 2024 campaign

gnasher729 Silver badge

Twitter is financially painful for Musk, but it won’t bankrupt him. Another court case not allowing him to steal $56bn from Tesla share holders that might help more.

Twitter just loses over half a billion per year, plus 1.2 billion unpaid interest. The banks will suffer for their loans and unpaid interest when musk lets Twitter go bankrupt, but for him the damage is already done.

Intel thinks it's got a final microcode fix for recalcitrant Raptor Lake processors

gnasher729 Silver badge

Nothing to do with that. Two problems: Mothrrboard makers asked for more voltage and power than they should. And Intel hardware produced higher voltage and power use than asked for. The chips (probably) survive one of those, but definitely not both.

An ARM chip would have the same problem. If Apple asked for more power than is safe, and then provided more power than the already unsafe amount it’s asked for, then the chips would be just as damaged. It’s just that Apple doesn’t overclock its chips.

CrowdStrike apologizes to Congress for 'perfect storm' that caused global IT outage

gnasher729 Silver badge

What they shipped to customers just could never work. That was not a bug that you could miss, that bug would have crashed on everybody single machine it was tried without exception. Before testing comes “trying out if it works”. Neither the developer nor their test system did that.

The bug itself was a combination of a totally broken configuration file reader and a tiny mistake in a configuration file. A configuration file reader should survive _anything_ you throw at it. That is an unforgivable weakness.

Interestingly, I see nothing that makes this related to the kernel in any way.

Green recycling goals? Pending EU directive could hammer used mobile market

gnasher729 Silver badge

Re: Move along here, nothing to see

Apple looks at the long term as well. The best overall strategy would be to hang on to lightning as long as possible, and then on one day switch to USB-C. Because what’s worst is using both at the same time. Like ripping of a plaster, it’s painful but has to be done.

Curiously the EU is talking about “USB-C chargers” all the time. My charger is a bit old, so it has four old-style ports with USB-A (or is it B?) ports with 19 Watts and one 27 watt port with a USB-C port. Now there are four different cables I could plug in, and they all work. One cable is USB-C to lightning and it does 27 Watt on my old iPhone like USB-C should do, and one is USB-a to lightning doing 19 watt. So my iPhone supports USB-c charging through its lightning port. Old iPad doesnt support usb-c but the same cables work. Except you get 19 instead of 27 watt from the usb-c port on the charger.

gnasher729 Silver badge

But then the whole rule is nonsense. It makes sense for new devices, but for old ones whatever damage there is, that damage is already done and selling the device and keeping it in use is surely better than buying a new device.

It’s like plastic straws: You shouldn’t buy them because they are bad for the environment when you throw them away. So some idiots throw them all away, which causes exactly the damage they want to prevent. I say the damage was done when you bought them, so once bought you might as well use them.