714 posts • joined 21 Sep 2010
What a total bunch of Assanges.
"FinFisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the most abusive regimes in the world."
Looks like Wikileaks has gone into the end of the weapons business, didn't see that one coming...
The most likely net result of publishing "weaponised surveillance malware" at zero cost is going to be a few more innocent bystanders pwned. At a push it may put a dent in FinFisher's sales for a quarter - until their customers realize they need an update to keep it useful.
Re: Political more than commercial (wrong end of the stick there Led)
"Abandoning WP is a daft idea from Huawei if on purely commercial grounds, because it gives them less of a stick to wave at Google,"
The problem for Huawei is they were holding the shitty end of the stick, the one with low sales revenues and no reason to believe that the turd coating will spontaneously transform the entire stick into solid gold.
That's a shame...
Another fine product doomed to be bled ugly by a corporation. :(
I would be *very* happy if Microsoft proved my cynicism to be unfounded.
Re: RISC, not IRONIC
"Yes, I deliberately didn't mention those because I'm not sure they actually help with code density."
I got the impression (years ago, in the days when people were speculating about EPIC) predicated instructions were about improving performance rather than coding density.
Re: 384 cores in one memory pool?
"is it coherent? If so, how the $%^&*( do they manage to do it?"
Here's my value-free unresearched cynical speculation : Magic Smoke.
"I instantly thought of the Data General Eagle and came across all warm and fuzzy."
You have to love DataGeneral for naming a product "SuperNova" - a derivative of which was allegedly the fastest minicomputer for a decade (source: Wikipedia :P) ...
Re: Low Hanging Fruit
"Once again the British Government, and the media barons, show a complete lack of understanding of how the internet works, and concentrate on the search engine indexes."
It pays to judge people by their actions rather than what they say...
In this case you will see that the folks making these huge blunders in understanding are trying to change the internet into something completely different that suits them better (typically: from unrestricted distributed control to an authenticated & centralized control model). It is easy to make fun of these plonkers, but some of them carry enough to weight and influence to make life very miserable for everyone.
This blather is corrosive, some people have questioned why I choose to run my own mail server in preference to using a more "legit" service like gmail... Go figure where that kind of thought process is going to lead...
Re: Theft @ Zack Mollusc
"we would pay out the 50p that it was insured for, now that same toerag has grown up and is 'Downloading' 'Files' from pirate sites such as 'Napster' and the 'Cloud' and we are paying out hundreds of millions of pounds an hour."
It is hard to be sympathetic, when all you have to do to counter that problem is up your premiums, which is the normal practice for the insurance biz... Also the insurance industry in the UK has the benefit of guaranteed income from car insurance, I am finding it hard to find any shred of sympathy. :)
"Not a downloader, but my sympathies are with Google."
I feel sorry for the folks who are locked up for offering an identical service from their bedroom while Google have been taking the piss massively since year 0 of their existence and trousering $bns in the process. Judging by their words and actions it appears that HMG believes Google are too big to prosecute.
"They invent a simple product that pretty much revolutionises how we use the web and can be run with a handful of people and a shed full of servers"
Copyright infringement was a concern for folks setting up search engines from day 1, simply because they are present content lifted from other websites (eg: the quotes you see in the search results). Google had smart folks working for them, they've got a bunch of well paid lawyers on their payroll, they have no excuse for facilitating copyright infringement on a massive global scale.
For the record I don't feel the world will end without copyright legislation, but equally if there are rules, I believe that they should be enforced consistently and fairly. Currently that is clearly not the case at present, and it has enabled a US multinational to gain a massive advantage over any of their competition. The sad thing is that even if Google were to be prosecuted, you won't see Larry Page's front door kicked down, his assets frozen, and Larry fined + sent to jail, despite that being the established precedent here in the UK.
Re: Count on it.
"Bottom line: state-of-the-art microprocessors run 24 x 7 are going to have a limited life. Credible speculation is that this could be as short as a few years. And nobody appears to be seriously thinking about the cost of end-of-life replacement."
Precisely the premise of the early BlueGene machines. They used tried & trusted embedded cores at larger feature size & lower clock (better FLOP/W *and* higher MTBF). Superficially it looks as though BlueGene/Q is following the same path. Someone might take ARM in a similar direction, it has already been done with MIPS64 (SiCortex).
Ballmer 0, Stroustrup 3 (HT)
I have to say that Bjarne's choice of face furniture is awful. He carries off the 70s badman speed wasted biker look far better without the inverse Dama Edna effect spectacles.
Argh !!! My fscking eyes !
I just happened to be browsing the Reg this evening when my eyes were violently assaulted by the For Dummies themed advertorial backdrop. I can't tell you what it was advertising because I had to vanquish said abomination before it had a chance to progress further into my precious grey matter. The only thing I remember was the outline of a severe looking owl.
Note to el Reg: Think of it as a back-handed flame.
Anyone else been struck senseless by a piece of advertising @ El Reg ?
Re: There's no such thing as a secure platform...
"Apple might have screwed the security pooch."
Nice to see some upvotes shielding the bearer of bad tidings. Thank you. :)
Re: There's no such thing as a secure platform...
"Not sure why you have been down voted here. Very sensible comment. Have an up vote"
I can't speak for the down voter but that comment stated the bleeding obvious. The fact remains that Apple have made iOS remotely exploitable by design. It's a web security 101 level of screw up, the good news is that it should be trivial to fix in iOS, the bad news is that folks are asking apps to fix it instead because they don't want to face the idea that Apple might have screwed the security pooch.
Just goes to show...
Politicians and lobbyists who are stupid, self serving and malicious. I think I may be suffering from justifiable cynicism.
Re: Not surprising
"Most dumb code is produced either by poor quality or inexperienced developers (usually operating in a poor or non-existent review framework), "
The lack of adequate review framework is a key fail. You have no idea about the quality of a piece of code until it's been tested and those tests have been reviewed by > 1 trustworthy third parties...
Re: Not surprising
"I'd also like to point the finger of blame at two technical issues:
1. The C language and its derivatives."
The root cause of that problem is the people choosing to use C where it is not a good fit for their problem & skill set. As it happens it was a pretty good fit for systems programming on PDP-11s with 64kb address space.
"Its time IT had a regulatory body to drive up standards in our industry to something akin to a professional level."
That's really down to the folks doing the hiring. If employers were prepared to meet the costs then I am sure it would happen, however at present they clearly prefer hiring cheap blinged up monkey-ass-wannabe-centaurs.
At present it is *far* quicker easier and lucrative to be an Electrician or a Plumber than it is to write safety-critical embedded software (in terms of gaining qualifications + certification)... I really can't see a reason for the alleged "skill shortage" to evaporate while that fact of life persists.
Re: Or rewrite nothing with Qt, which is cross-platform
"Scala, just too escape that circle of hell."
You are likely to find there is always another circle of hell with Scala. :)
Re: POWER8 disappoints
"And look at the IBM road map. It seems a bit empty? What is there after POWER8? Nothing?"
Good question. I suspect a fair amount of their power budget is expended in driving those massive I/O and memory bandwidth numbers, and it's a brutal game of diminishing returns... However IBM also punt massively scalable beasts like BlueGene/Q that deliver very close to peak performance - with decent power efficiency (3.7GF/W). POWER8 being opened offers possibility of convergence on something like a BlueGene style building block with SoC customization (see POWER A2). POWER's future looks a lot more useful to people who want to fun code faster and cheaper than Larry's boat wrecks.
Re: POWER8 disappoints
"BTW, the SPARC M6 is faster than the POWER7+ cpu"
Depends how you measure it. Oracle have failed to provide CINT2006 & CFP2006 single thread results for 3 years and counting now, however they do provide the rates figures (spec.org explains the difference between the two types of benchmark in plain english on their website).
The lowest common denominator between recent (ie: <2 years old) SPARC & POWER SPEC results seem to be the 16 core rates figures. Box boxes look to be of a similar physical size too. :)
SPARC T5-1B int 489, fp 369 (Oct 2013 & Apr 2013)
IBM Power 730 Express (4.2 GHz, 16 core, SLES) int 852, fp 575 (Feb 20i13)
Power7+ delivers 70% more int and 50% more fp in those 16 core 2U boxes... IMO the main reason for people to run a SPARC is that they can't run their binaries on something else, the performance argument just doesn't stack up, and it hasn't done for at least a decade.
Re: POWER8 disappoints
"It didnt get this. Care to explain a bit more? How can one POWER8 core match one SPARC T5 socket?"
SPECfp & SPECint are *different* benchmarks from the *rate ones. One targets single thread performance the other multi-thread. It's the Apples & Oranges scenario again.
Re: POWER8 disappoints
"IBM POWER8 is a big disappointment. One POWER8 socket gives 437 SPECint2006, and it gives 342 SPECfp2006:
The SPARC T5 gives more performance that, 467 and 436 for one socket:
How bizarre, it looks like you are comparing base to rate figures, totally different benchmarks. All you have shown is that a single POWER8 *core* can get within spitting distance of a T5 running flat out with all cores blazing.
Re: This explains IBM's $3 billion systems invest FUD
"Not just single-thread performance, but multi-thread as well."
My gut says you're right, but there have been some pretty stunning massive thread count success stories, like GPUs for instance. They tend to operate well below peak, have relatively tiny cache and suck data through a fat but very long straw, but they dominate the Green500 list nonetheless.
I still prefer working on machines that can sustain a high percentage of peak performance on a single thread. The Pentium Pro 200 (256kb L2 @ core clock) was a fine example of that style of core, it worked miracles on gnarly dusty deck code. :)
Re: This explains IBM's $3 billion systems invest FUD
"Performance not good because of loss of single chip cache coherence so they went to giant off chip(s) shared L4 cache."
The POWER8 has 512kbytes of dedicated L2 *per core*. That is backed by a further 96Mbytes of shared L3 on the same die, and up to another 128Mbytes of L4.
By contrast the M7 has 256kbytes of shared L2 for each 4 cores, and 64Mbytes of shared L3 per die.
"Sparc M7 seems like a big step ahead."
The M7 has less cache, and the L2 cache has 4x the number of cores using it. Even if you ignore the L4 cache, the M7's caching scheme is in fact a step backwards for people who value single-thread performance.
"I really wonder sometimes. How does a comment about trying to cool something like this get a thumbs down?"
That's easy: The down-voters are ignorant fanbois and shills. They really don't give a toss about the tech, all they care about is burying bad news under a mountain of downvotes. The Itanic fanbois did the same trick, a few architectures got buried as a result, but in the real world the Itanic still ended up as an overpriced, inefficient and underperforming boat anchor. The only winners were the shills who got rich in the process (eg Steve Milunovich), of course none of them actually had to use an Itanic to earn a living...
Re: Cache size
"Does anybody else think that 64MB of cache seems tiny for 32 cores and 8 threads a core?"
Totally inadequate at that kind of clock rate, they are banking (sic) on the latency being hidden by threading. It'll be interesting to see how one of those chips stacks up against a Xeon Phi.
Re: Not all supercomputers are created equal
""I know how to make 4 horses pull a cart - I don't know how to make 1024 chickens do it." --Enrico Clementi."
Yesterday's horses are no match for today's mice...
A Cray X1E node peaked at 18 GFLOPs with 34 GBytes/sec in 2005, Intel hit 100 Gbyte/sec with STREAM using a two sockets with 2012 vintage Xeon E5s...
Re: Default deny
"What about creating a default-deny state on computers?"
Default deny is one way of looking at it, it may be more constructive to turn it on it's head and say "what shall I allow this operation to read/write/execute ?"... ie: Capabilities a la KeyKos. Simple to understand, safe by default (ie: you have to load the gun before blowing your toes off), but please don't let the vista UI bods skin it... Instead of supplying signed vendor supplied templates for apps they would insist on swarms of dialogs to swat down.
Re: "with a competent operating system, these machines were essentially bomb proof."
"If you want things less complicated---and there is definitely merit in reducing the attack surface--then try a Chromebook. If that won't do what you want, then you need the complexity of the Windows' folder."
It's not an either-or proposition at the moment (thank goodness).
There are a whole spectrum of possibilities, that provide different strategies for tackling attack surface.
A base install of OpenBSD is pretty minimal, it might be a better fit to Hargrove's OSes of yesteryear, all the core stuff is designed to be "secure by default", but you can, at *your* discretion, install 'ports' (ie: imported stuff like GNOME :P), either in pre-built form or build them from source. undeadly.org publishes hackathon reports if you want to know what is being hacked on and why.
You can get read-only Linuxen that support persistent storage, all the way through to a full on 'experience/clusterfunt' like Android and Ubuntu. Then there's NetBSD, FreeBSD, and some looney Russians trying to clone Windows NT. Pretty much all of those will run Thunderbird, Firefox, and some descendent of OpenOffice which covers about 80% of the time people spend using computers for work and play.
So there is some choice out there, and if folks threw half as much money at an Open Source project as they spaffed on Oracle licensing they would have a better product that fits their needs perfectly.
Love it or loathe it Open Source has given us a massive amount of choice and it has given the vendors a massive kick up the arse. Prices have fallen, utility and security have improved at a far greater rate since Open Source showed up. I expect this process to accelerate - because the percentage of people who can write code is going up every day, and they now have a massive library of mature open source components to use.
It will be interesting to see which vendors adapt and survive. IMHO the odds don't look good for Oracle while Larry & H-Bomb are showing their faces at the office. :)
"This is just a rant. It starts by explaining how things were in the good old days. Then, on the final page, the author admits they don't understand how things are these days. And then he says he doesn't care."
The article reflects very badly on the knowledge base and quality of thinking in the BCS.
I can't help but suspect that John Watkinson is trying to justify mass surveillance with the intent of hitching his wagon onto the anti-liberal-government think-tank/quango gravy train.
Re: If I could, I would ...
""Back-in-the-day boffins did not want to do harm"
If they had, would VAX and the like have remained untouchable?"
History says no. Students were cracking machines to get more compute/disk space and cause mischief before the VAX-11/780. I suspect people are unaware of this because they are too lazy to search USENET archives, or they assume that if it isn't indexed by Google then it didn't happen. Computer history has developed a "dark age" because people tend to use Google and WWW as their primary sources rather than books, journals and periodicals. Anything pre-WWW seems to be forgotten... :(
Rose tinted glasses are misleading...
The old machines he refers to were actually very prone to being hacked, people found holes the microcode, OSes and peripherals, they were anything but bombproof. The only thing making them look better than they were are the rose tinted specs being worn by John Watkinson.
He's right to touch on the software side of problem, but I think the OS folks have (mostly) got a good grip on what needs to be done now, the nastiest security holes seem to be in userland these days. Sometimes those holes are usually caused by app developers circumventing/ignoring OS security provisions & policies, but often it's down to userland developers failing to design and implement an robust and verifiable security model.
The verifiable bit is really important, ideally the verification process should be repeatable, cheap, transparent and available to the end user. Anything less than that is a fail. This is all doable now, but it is often viewed as a nice to have - rather than an essential part of product development. That will only change when vendors get hit very hard in the wallet.
The idea that having people identify themselves online will somehow improve the hacking situation is extremely naive and extremely dangerous. Crackers, and other criminals will *continue* to spoof ids regardless, meanwhile folks who would like to make an honest protest will be now have a massive bullseye painted on their back. Personally I don't think we should trade legit protest for an increased incentive for criminals to commit id theft and spoofing.
Re: Windows...the end date
"The corporations can't make the change on their internal software they run on their thousands of computers fast enough to keep up with the end of life dates for each version of the Windows OS"
Err, that really shouldn't be a problem, they own the software & IP so all they have to do is reach into their pockets and pay people to update the stuff. In practice the big show-stoppers are vendors who refuse to upgrade their products - or make it hard/ridiculously expensive to upgrade...
I'm not surprised, nor am I disappointed... Well a litte. ;)
The good thing is that Intel are willing punt it to customers, and smart enough to put their hand up and switch it off. Pain tends to happen along with progress.
The thing is, even if Intel doesn't get TSX out into the wild, I think it's a fair bet some MIPS clone will get something comparable in China (it may already have been tried).
Re: He's right! PGP sucks to use!
Have an upvote for that point about independence brooxta.
Re: Containers = Ancient tech
"With containers being significantly different from VMs on terms of what they offer, it seems that they compliment virtualization rather than compete with it. "
In many cases people are using VMs as application+OS containers, it is rare (in my experience) that they use them to mix different OSes or versions of OSes on a box. Containers can achieve the same end but more efficiently and more easily (because you have less layers to admin), so a significant portion of VMware's lunch could be eaten by containers.
It's pretty simple really.
Kit Colbert has every incentive to pretend that 40 odd years worth of prior art and products don't exist, and very little incentive to read what commentards say on el Reg. The only way to tackle him is to call him on his wilful ignorance in public.
Have the NSA/Canadian authorities bungled their tapping operation ? :)
Re: IoT Hype
Gartner analysts will benefit hugely from the "right to be forgotten".
but also not entirely surprising...
"Microsoft should school Ellison on safeguarding privates, says infosec bod"
That is a delightful sub-heading. 10/10.
Have a beer, you earned it. :)
Re: Encryption with SSL is problematic
"I think that's dubious."
I can live with that. :)
"It would only help where you have many requests over persistent connections; where the size of the HTTP header is significant compared to the size of the message-body;"
In my experience that is not as rare as you may think with in-house REST services. 'Real-time' sensor data can generate a lot of header and not much data, and it's something we'll get more of with toasters acquiring internet connections.
"and where transmission time is significant in relation both to total turn-around time and to encoding and parsing time."
There are benefits to be had in terms of less traffic on slow main memory & I/O busses, as well as reduced cache pressure. Not that many people seem to care about that icky hardware stuff anymore... Can't entirely blame them if they're running code on a JVM that is running under a VM...
Re: Encryption with SSL is problematic @ CB
"You just push in your data and it'll come out with the latency of the line."
Encoding and Decoding the message is > 0 cost, I was careful to specify "local" as well. A reduction in codec cost would yield benefits in power consumption AND latency, so there would be more cases where you can provide a ubiquitous web API instead of something more specialised and prone to misunderstanding + failure. That's all speculation and dreams until it hits the metal though. :)
Re: Encryption with SSL is problematic
Compressed headers may reduce the round-trip latency for local REST services which could be a big win over the long haul.
Re: Can someone please explain
"I suspect rushed deadlines are the problem."
SQL injection is easy to fix using parameterized queries, they are widely supported and have been around for a long time. It really doesn't take much effort to write the code correctly in the first place in this instance, the most likely reason for SQL injection vulns are ignorance and lack of care.
"That and vulnerabilities seem to be found at a rate quicker than sys admins can patch."
That is a fact of life that is unlikely to change. :)
Re: "a tool Microsoft uses to hide its source code from being copied"
"This doesn't mean it is a good option, and great file systems on other platforms are not particularly relevant if they're on other platforms and not where they're needed..."
Interestingly Wikipedia reckons that NTFS currently supports tail-packing like FFS. If MS have done the job properly you won't have to worry about small files munching all your "LFAU"s while you sleep. That's one less excuse for the Registry's existence.
Re: Treacle OS
"Yep, transpose 90% of Windows users over to Linux or OSX overnight and watch the carnage continue as though nothing had happened."
I suspect that you will find that about 10% of that 90% have already migrated to OSX/iOS, of those maybe half would be folks who were beaten into retreat by Windows, the other half would be techies would like stuff that works well and looks nice.
The thing is, even if there is massive carnage happening in OSX/iOS land I can ignore it because the potholes are being dug in departed Steve's FruitLoop Lawn.
For that matter in Linux land it's always carnage, same with OpenBSD land too, however for the Open source projects a much higher proportion of the carnage (aka R&D) makes it's way to the outside world (for better or worse).
Retrospectively I am glad that Microsoft have been around, but I would have preferred it if they chose to compete via innovation rather than domination. For example, they were talking about delivering WinFS (a FrankenFileSystem consisting of a database engine with a file system API bolted to it's neck) in 1996 with Cairo... They failed and failed again with Longhorn. Clearly this feature has been eagerly awaited because some developers have been using the Registry as a WinFS instance all these years anyway... :)
Re: So quite a lot of AV not very good?
"rely upon the volume of legitimate traffic to shroud it"
Nothing to hide, nothing to fear...
It does beg the question as to what they are doing that could lead to harm as a result of publication. Surely they have nothing to hide because UK gov have issued them with a license...
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Review A SCORCHIO fatboy SSD: Samsung SSD850 PRO 3D V-NAND
- Was Earth once covered in HELLFIRE? No – more like a wet Sunday night in Iceland
- Every billionaire needs a PANZER TANK, right? STOP THERE, Paul Allen
- Vid MIT boffins cry havoc and let slip the ROBOT CHEETAHS of Whoa