* Posts by cb7

275 publicly visible posts • joined 9 Mar 2017


Apple's T2 custom secure boot chip is not only insecure, it cannot be fixed without replacing the silicon


"Apple did not respond to a request for comment"


What did you expect them to say? "Yes, our T2 Security Chip we've so prominently been marketing, isn't actually all that secure"?

Third time's still the charm: AMD touts Zen-3-based Ryzen 5000 line, says it will 'deliver absolute leadership in x86'


Some observations:

1. Usually, the chips with fewer cores clock faster. Here the opposite appears to be true. I suppose it's a way to encourage people to buy the higher end chip. Unless the lower end models can be overclocked easily. Time will tell.

2. No Ryzen 3 chips were announced. I'm hoping they'll come sooner rather than later. Not everyone can afford a $299 CPU. The trouble is, most gamers don't need more than 4-6 cores, so releasing Zen 3 Ryzen 3's early will no doubt hurt higher margin Ryzen 5 sales.

3. It would appear AMD has finally won the single core crown from Intel (at least according to the announced single core Cinebench score). Well done AMD.

The Cinebench score seems remarkable given that Zen 3 tops out at 4.9GHz vs Intel's 5.3GHz.

However, Intel's hitting those frequencies at 14nm whilst AMD's now on 7nm. I wonder what's stopping AMD clocking faster? And when (if?) Intel hits 7nm, there's a good chance they'll be on top again.

Nevertheless, it's a great time to be building some kick ass machines :-)

Pack your bags! Astroboffins spot 24 'superhabitable' exoplanets better than Earth at supporting complex life


KOI 5554.01 sounds like paradise with its average temperature of 26.17 degrees Celsius (how the heck do they measure that so accurately from so far away anyway?)

Suffering silicon: Benchmarks for Apple's A14 chip are in, but post-Intel Macs, when they arrive, will tell the real story


If the single core score of 1583 is comparable, it beats Intel's fastest 11th Gen i7-1165G7 which has a mahoosive 12MB of L3 cache, turbos up to 4.70GHz and pumps out up to 28W and achieves only 1474.

Apple clearly had a lot of faith in their ability to execute to go down this road.

And the best single core desktop chip only manages a score of 2000 currently, so it's not difficult to imagine Apple wiping the floor with Intel in the desktop space either.

I'm no Apple fanboi. I find the whole Apple ecosystem a bit stifling, claustrophobic and grossly overpriced. I won't even mention upgradability/repairability, so this is still unlikely to make me want to switch platforms.

Apple seeks damages from recycling firm that didn't damage its devices: 100,000 iThings 'resold' rather than broken up as expected


"Apple, he said, doesn't want a secondary market for its devices because it's something the tech goliath can't control."

Oh boo the hoo. There's a lot of shit in this world Apple can't control. Tough titty. Get over it Apple.

Just because they made it, it doesn't mean it's still theirs once they've sold it. Jeez. Let people do wtf they want to do with their shit and stop meddling. Control freaks.

If the Samsung Galaxy S20 Fan Edition doesn't make you a fan, we don't know what will


Re: A 600£ or 700£ price is now considered not hard to swallow? For a phone?

Does the Xiaomi come with an English keyboard and certified Google services installed? Or are you expected to side load them from some dubious source?

Revenues from in-app purchases swelled 32% to almost $30bn for Q3 2020 – and Apple snaffled most of it


Wait, so what happens if you sign up to YouTube Premium on your PC and then sign in with the same ID on your iPad?

It's been a vintage year for bug bounty hunters, says HackerOne as it boasts of $40m+ passing through its treasure chests


It's a shame they haven't turned a profit yet.

There's a lot of shit that can unravel the more bugs go unfixed.

Safety driver at the wheel of self-driving Uber car that killed a pedestrian is charged with negligent homicide


It doesn't help when they keep calling it "self-driving". That makes the driver think they can leave the car to it.

If they called it driver-assist technology for example, it's clearer that the tech is there to assist the driver, not replace them.

China’s UK embassy calls for probe into 'hack of Ambassador’s Twitter account'


Wait, why the fook does the Chinese ambassador have a Twitter account when Twitter is banned/blocked in China anyway?

Don't be BlindSided: Watch speculative memory probing bypass kernel defenses, give malware root control


I've said it before, I'll say it again. The future is lower latency RAM. And stacked behind the CPU to minimise distance related latency.

Then there's no need for caches, prefetching, speculative execution, branch prediction etc. Just simple high speed in/out processing.

Assuming we're not all using quantum computers by then.

Q: How does hydrogen turn into a metal? A: Hang on a second, I need to train my AI supercomputer first


And another confusing point

On the one hand the required pressure and temperature is "200 GPa at 1000K". But then it's superconducting at room temperature?

What did I miss?

Angry 123-Reg customers in the UK wake up to another day where hosted mail doesn't get through to users on Microsoft email accounts


Re: Recommendations please

Not sure I can recommend Ionos. Used them temporarily a few months back and all users email addresses seem to have been leaked and the amount of spam they receive has gone through the roof.

When I tried to raise the issue with Ionos support twice, they cut me off straightaway.

I've got a good mind to report them to the ICO.

Google, Amazon pass on UK Digital Services Tax by hiking ad prices, fees at same rate the government takes


Yes, but you didn't address the point I was making, which is the operating profit is so low because staff costs seem to be artificially high. Does an average salary of £250,000 (round numbers) really sound realistic to you for 4,000 staff (again round numbers)


Only 2%?

Why only 2%?

Anyway, something's fishy. I don't get how the average pay packet for nearly 4,500 staff supporting UK operations can be £234,000.

Allowing Google to pay only 2.73% tax on £1.6Bn revenue.

Source: https://www.accountancydaily.co/google-revenue-hits-ps16bn-pays-only-ps44m-corporation-tax

'A guy in a jetpack' seen flying at 3,000ft within few hundred yards of passenger jet landing at LA airport


I'm surprised no one's made a VTOL version yet.

The amount of thrust needed to keep a person in a wingsuit in the air is a lot less than using thrust alone to keep them there.

Heck you could get away with even less power if you can sort out take-off and landing on eg roller skates.

Borking all over the world: At home or abroad, you're never more than 6ft from a BSOD


Tut tut. Perhaps it's my fault for expecting Reg journos to be more computer literate?

The bug check code is actually 0x000000F4

Which points at a hard disk error. Altogether a much more likely scenario given that hard drives are perhaps the most common point of failure in most machines.

Amazon spies on staff, fires them by text for not hitting secretive targets, workers 'feel forced to work through pain, injuries' – report


I wonder if Bezos would still be grinning after a month on the shop floor working to the same "targets" with his balls wired up to some electrodes that delivered a nasty shock everytime he fell behind.

Ditto "management".

He'd automate every role there is if he could.

Apple hits back at Epic, says Fortnite crew wants a 'free ride' on fees: Let the app store death match commence


Apple are saying that 30% cut enables them to maintain the checks etc that ensure iOS apps are free of malware etc. Whilst it also helps create additional profit, they carefully don't mention that.

Epic want an open structure akin to what has existed (and still does) in the PC/Windows world, although ironically Microsoft are trying to move to the App Store model.

Now we all know Windows isn't as secure as iOS but I can see how allowing a free for all on iOS could lead to "unsafe" apps.

Either Epic will manage to secure a lower Apple cut, or they'll have to suffer a humiliating defeat and carry on as they were (assuming they want to stay on iOS). I really can't see Apple agreeing to an open App Store. Though if they get forced into it, I'll eat my hat.

Reap it in the family: Four brothers accused of cheating Amazon out of $19m in wholesaler fraud caper


Re: Amazon screws it's business customers every day

"Amazon screws it's business customers every day"

And other businesses. Global buying power and the resources to undercut the competition til they go bust means they're getting too big and powerful to the ultimate detriment of the consumer.


Re: End to end WhatsApp encryption?

WhatsApps aitpmatic backups are stored unencrypted on eg Google Drive. So your chats can be scrutinised without going anywhere near your phone.

Backup a sec – is hard drive reliability improving? Annual failure rate from Backblaze comes in at its lowest yet


My experience while repairing computers and laptops over the last 20 odd years, arranged in most reliable to least:


2. Toshiba

3. Samsung

4. Western Digital

5. Seagate

I know there's been consolidation. I sincerely hope WD don't ruin HGST tech.

Thanks for the memories... now pay up or else: Maze ransomware crew claims to have hacked SK hynix, leaks '5% of stolen files'


Re: Tossers.

Rich tossers.

And getting richer unless someone comes up with a foolproof way of defeating ransomware.

With all the clever people in this world, I'm surprised it's taking this long.

Breaching China's Great Firewall is hard. Pushing packets faster than 1Mbps once through is the Boss Fight


Chinese no flied packet

Clue's in the name: Samsung's next Galaxy Note line captures scrawls with responsive stylus then punts them over to a PC


Re: Biometrics crap like the S20?

Face unlock on the S10e is so rubbish, my son, less than half my age, managed to unlock my phone by looking at it. And that's with slower "more accuracy" turned on.

I've had to go back to fingerprint unlock.

Oh & I hate the new on screen "virtual buttons". Especially when they don't stay on screen despite what the settings say.

Amazon gets green-light to blow $10bn on 3,000+ internet satellites. All so Americans can shop more on Amazon


Re: Use of personal data ?

"You can't own the entire thing from end to end, or else price fixing would/could be used to drive competitors out of the market."

You don't need end to end control to drive competitors out of the market. Amazon's already doing that with it's global volume buying power and own distribution network.

For an example just look at the prices of popular SSDs on independent e-tailers like ebuyer.com. They're having to price match Amazon every single day and still can't compete once delivery costs are added in.

So despite having invested to create a much better website, the only way they'll survive is through undying customer loyalty.

Who was behind that stunning Twitter hack? State spies? Probably this Florida kid, say US prosecutors


Twitter is for twits. It certainly seems that way since a certain orange person started spewing his verbal diarrhoea through it.

That said there are a few intelligent people using it still. So the lunatics haven't completely taken over yet.

Amazon's auditing of Alexa Skills is so good, these boffins got all 200+ rule-breaking apps past the reviewers


What's to stop any innocent looking app streaming objectionable content from a server that only serves acceptable content at the time of review?

My life as a criminal cookie clearer: Register vulture writes Chrome extension, realizes it probably breaks US law


"But I decided not to publish my extension"

But I decided to publish its source code in the guise of an article that explains why I couldn't publish the extension itself...

Networking boffins detect wide abuse of IPv4 addresses bought on secondary market


How many cowboys are out there continuing to set up new servers/routers etc with IPv4 only, because they don't understand IPv6, or they encounter issues that are easily "resolved" by turning IPv6 off instead of configuring things properly?

India drops the bar on e-commerce seller's listings: You want to sell it? Tell us where it came from from then


"requirement to offer “guarantees related to the authenticity or genuineness of the imported products”"

I would have thought a guarantee that the damn thing works and will continue to work for a reasonable period of time would be quite important too, alongside knowing where it came from.

Hot, synchronous DRAM: Next-gen memory tech spec DDR5 lands


I wonder what sort of latency it'll have?

If at first you don't succeed... Rackspace files IPO papers to go public once again, hopefully with better timing


I'm sorry to say this, but customer data is not safe in the hands of Indians.

Why is it that ever since numerous companies off shored their call centres to India, large numbers of scammers with heavy Indian accents have started ringing out of nowhere?

Your 2.3m Instagram fans won't stop the FBI... Web star accused of plotting to launder millions from cyber-crime


Crime pays. Til you get caught.

Things that happen every four years: Olympic Games, Presidential elections, and now new Mac ransomware


Yes but I thought "Macs don't get viruses"?

Sarcastic mode off.

'It's really hard to find maintainers...' Linus Torvalds ponders the future of Linux


iShit not locked down? Ain't gonna happen. Not in my lifetime and not in yours.

Finding SAP hard to swallow? ERP giant says it's working on something more bite-sized


A large conglomerate I used to work for used Oracle for its finance systems. Oracle pushed to move everything off premises and into the cloud.

All whilst pushing its next gen all singing, all dancing "drill all the way down into invoice line items from a single figure on the P&L" wizardry.

Except even their fastest mega server couldn't really handle the volume of data. I left the company at that point.

After buying another large conglomerate that uses SAP, last I heard was, they were going to migrate the whole lot to SAP.

Either it'll all go Tits-Up, or they'll still be trying to merge the two in 5 years time, or they'll give up and will still be running the two side by side 10 years from now.

You heard it here first.

Wanted – DRAM or alive: US Feds bag arrest warrants for three Taiwanese accused of stealing Micron's mem secrets


Yes, but China doesn't have an extradition treaty with the US, so in effect the Chinese government is protecting the criminals.


"Jinhua in 2018 was placed on the US Commerce Department's Entity List, which forbids US companies from doing business with the designated firms"

Need to go much further. There should be economic sanctions against countries harbouring industrial spies.

Let's roll the 3d6 dice on today's security drama: Ah, 15, that's LG allegedly hacked, source code stolen by Maze ransomware gang


We live in an era where this type of crime pays.

And law enforcement is powerless to track them down and put them away (preferably forever).

How can someone put up a website and remain untraceable in this day and age?

Working from home on Virgin Media's broadband? Too bad. Outage hits English capital


"You want redundancy? Go sign up for 2 ISPs and use one as a backup."

How many ISPs have their own core network? Heck, how many actually have their own edge network? Most of them simply rent the equipment off the incumbent and push the bill out to the customer.

And let's not forget, most of the access network is owned by only eg 2 companies here in the UK.

CompSci student bitten by fox after feeding it McNuggets


♫ who let the foxes in? Doop Doop Doop Doop Doop ♫

Health Sec Hancock says UK will use Apple-Google API for virus contact-tracing app after all (even though Apple were right rotters)


Why don't Google and Apple co-operate and develop the app and roll it out as a critical public safety update across the globe?

They could have done this months ago.

It would save countries across he whole world duplicating effort and going down rabbit holes. And think of the number of lives it could have saved / would save.

And the app would also work once international travel resumes.

They routinely push out updates that help them maintain their not so insignificant income streams.

They have the technological prowess to make it happen.

About time they did something that gives something meaningful back to the public.

If you're despairing at staff sharing admin passwords, look on the bright side. That's CIA-grade security


I wonder if they came up with any Linux exploits?

Windows Server to require TPM2.0 and Secure boot by default in future release


Re: Well now....

"It is rare for Windows Server to be deployed nowadays for any reason other than to run Microsoft's own server programs (Active Directory, Exchange, Sharepoint, etc)"

Incorrect. There's a whole swathe of shared applications, from various vendors, in the health care, logistics, CRM, SRM, finance, HR and other fields that rely on Windows Server OS. Applications with decades of man hours of development behind them.

It's easier and cheaper, though not necessarily painless, to migrate these to new hardware running a newer version of the Windows OS they were written for than it would be to switch OS completely and re-develop the apps for a completely different OS.

The whole reason Windows remains dominant in many areas is due to these legacy apps.

Japan to test self-destructing satellite to shrink space junk with string and an inanimate carbon blob


So if you reverse the polarity, you could speed up and hence raise the orbit of a satellite using electricity? Sounds cool.

Obviously I've over simplified. You might have to modulate and pulsate at the right moments and have the tether face the other way to achieve the end goal, but it seems plausible to, in effect, use the earth's magnetic field for this "motor".

How many? 28 million fewer PCs and tablets to find a home in 2020


There are some lovely (used) HP ProBooks selling on ebay right now. 7th Gen Core i5, 8GB RAM, 256GB SSD, 14" screen for less then £300. Go for an immaculate one.

Even the 15" Full HD screen versions are under your budget.

Alternatively try the Lenovo L560.

Lenovo certifies all desktop and mobile workstations for Linux – and will even upstream driver updates


If an "unsupported" cheaper model laptop uses the same model wifi card as a supported model, what's to stop a user installing and using the driver from the supported model?

FYI: There are thousands of Chrome extensions with so, so many fake installations to trick you into using them


How does one turn off the ability to install Chrome extensions?

I have some users who need to be protected from themselves.

Apple promises third, no, fourth, er, fifth time's a charm when it comes to macOS Catalina: 10.15.5 now out


Catalina broke Google Drive too.

And yes I've gone into Security settings and turned on full drive access for it already.

Apple and Google support were "about as useful as a chocolate teapot".

I don't even understand Apple's desire to rush out an OS update full of bugs. It's not like it's going to bring in additional revenue or something.