* Posts by Bronek Kozicki

1304 posts • joined 6 Sep 2007

Page:

US plans to apply export controls to 0-days put out for comment

Bronek Kozicki
Silver badge
Coat

This regulation will force many technology companies in security field out of US - only ones dealing with the gov directly would benefit from remaining in the country.

If US gov continues creating legislation out of fear of technology, I foresee exodus of technology companies in any field from the US, because otherwise they would be out competed on global stage due to regulations. Also, it is quite possible they will be no longer willing to sell technology to US consumers, either directly due to regulations or for lack of demand (indirectly caused by regulations) - and US consumers will not even know what they missed.

For example, see how long it took US cell networks to "invent" SIM cards which could be easily swapped between phones (thanks to telecom regulations), how long it took to "invent" chip & pin (thanks to banking regulations) etc.

It's not a good news for Americans, but you get what you voted for (sorry, couldn't resist sarcasm here). At least Amish will not complain.

1
0

AMD promises 100 gigabyte/second memory

Bronek Kozicki
Silver badge
Paris Hilton

Right, I also wonder what impact this might have on memory latency

0
0

Wrestling with Microsoft's Nano Server preview

Bronek Kozicki
Silver badge

Re: The why and what for

Exactly my thinking, seems like Microsoft reinvented something well known in other ecosystems and very useful. That is : headless server platform optimized for running open source server software (e.g. open source version of .NET, ngix, Python etc.) on top of minimal kernel. Since large number of Windows shops do not understand the idea of "headless machine" they will obviously complain, but that does not make the whole idea wrong at all.

Is it something I could put to use personally? Probably not ... but I could toy with it, especially if it ran bare metal on cheap-and-cheerful ARM box. Or on top of kvm hypervisor on regular PC.

1
0

Attack of the possibly-Nazi clone parakeet invaders

Bronek Kozicki
Silver badge

Re: I saw plenty of those

For those who have not seen parakeets near bird feeder in winter - they come in groups and stick around for long hours, stuffing themselves as much as possible and not letting smaller birds anywhere close to the feeder.

0
0
Bronek Kozicki
Silver badge

I saw plenty of those

They, quite literally, steal food (seeds mix) we put in the feeders out in winter for the smaller birds.

0
0

It’s Adobe’s Creative Cloud TITSUP birthday. Ease the pain with its RGB-wrangling rivals

Bronek Kozicki
Silver badge

I recommend RawTherapee if you like free.

0
0
Bronek Kozicki
Silver badge

Corel ...

... is where old software goes to die; seriously, this company seems to have carved itself a niche buying long running titles and then ruining them. Actually, the part about "buying" is optional, they did the same to Corel Draw.

I understand why you started with PaintShop, it used to be a very good program. Before Corel bought it, of course.

BTW, thanks for the hint about Affinity, never heard about them but seems like the one to watch.

3
0

Malfunctioning Russian supply podule EXPLODES above Pacific

Bronek Kozicki
Silver badge

well at least you can enjoy burnt and broken pieces of Labour of Scottish origin. As you perhaps might have enjoyed watching fall Tory in the same place, some 5 years ago :)

1
0
Bronek Kozicki
Silver badge

... until it's hit by a piece of flying debris and severed. Which could cause a really big trouble down on Earth.

3
1

T-Mobile prods at corpse of BlackBerry, says 'me too!'

Bronek Kozicki
Silver badge

Re: It was a leading brand in PDA space

Remember app is also in Classic (no surprise, it's the same BB10 OS) although I have not used it. I think this particular app lacks synchronization (to Exchange Gmail etc.)

0
0

NSA spying is illegal? Then let's make it law, say Republicans

Bronek Kozicki
Silver badge
Paris Hilton

Am I the only one who read it ...

... as "One day, I hope ... there will be an attack that's successful"? Of course I personally do not expect this to ever happen, but I also think that's what they want - because it would legitimize all this spying. Little, twisted people with much too much power than is healthy for anyone.

3
0

Attackers target new XSS in millions of WordPress sites

Bronek Kozicki
Silver badge

WordPress on my machines? Just say no.

3
2

How Project Centennial brings potentially millions of desktop apps to the Windows 10 Store

Bronek Kozicki
Silver badge
Coat

Re: Choices? Who needs choices?!

For one, I'd like to see submissions to Windows Store accepted free for free code. Given that you can also have current Visual C++ for free, allowing users to build the binary from the sources downloaded from Store, this could be even in the source form. This would make it more similar to code repository of a typical Linux distribution.

Well, one can only dream.

1
0
Bronek Kozicki
Silver badge

Re: Choices? Who needs choices?!

Well it's not only that under Win32 you can do what you want with your computer. You can also do what you want with your users' computers, which is not so cool.

Windows Store puts some limits to that, and being able to package your application to Store means that your users will, well, have little less to worry about when installing your application.

1
1

Tesla's battery put in the shade by current and cheaper kit

Bronek Kozicki
Silver badge

Re: Back of an envelope calculations

You are onto something, but there is a limit of how many lead batteries you can have in a given area, due to their weight. If foundations (and floors) of your home are not designed to take the weight of lead batteries in little space, you will be risking structural integrity of the building by putting too many batteries in one place. In other words, unless the building has been designed specifically for this, you cannot really make much use of this great energy density of lead batteries. Although of course, you can put these to some use and 10kWh does not seem like unreasonable figure - assuming this is not hung on a wall or put in tall tower on the floor with small footprint.

As for charging cycles, in case of lithium based batteries it actually depends on how much a battery ever gets discharged. If the limit is at 50% (as opposed to standard over 80%) then you can virtually cycle the thing in perpetuity, with only little loss of efficiency (say, 20% as opposed to 50% after 1000 cycles). I do not know how charge cycles are limited in lead batteries though, perhaps someone will enlighten me.

3
2

Sorry, Windows 10 early adopters: Microsoft Edge WON'T block ads at launch

Bronek Kozicki
Silver badge
Pint

Well, to me this seems like a step in right direction. A browser which supports http, https, hopefully all the current W3C standards and not much beyond it. Seems like an improvement to me!

4
1

Building the world's biggest telescope array - with machines that don't yet exist

Bronek Kozicki
Silver badge
Megaphone

... it's not new, but still very tricky thing to do!

0
0

Intel raises memory deflector shields in Xeon E7 processor refresh

Bronek Kozicki
Silver badge

Re: Where's my S/360?

No at all; TSX is transactional memory support in hardware (think temporal locking and shadow copies of cache pages) and the only protection it helps to achieve is against data races - if used correctly, which can be tricky. It will be mostly used in usermode applications (although kernel would benefit as well), by developers brave enough to try a different paradigm of parallel programming. Or, it could be used implicitly when hardware internally optimizes uses of locking primitives which is another mode of TSX operation.

2
0

Boeing 787 software bug can shut down planes' generators IN FLIGHT

Bronek Kozicki
Silver badge
Unhappy

I would be more concerned about climate control than anything else. Aircraft spends most of the time on high altitude, where as a glider it would give pilots lots of time to recover, but with air pressure falling fast they might not be able to do much after short time.

2
0

What is Apple's idiot tax on Watch these days? 'About $265 or 80%'

Bronek Kozicki
Silver badge
Devil

"if sales match the interest the Apple Watch has generated"

... does he mean that if all the journalists who slavishly follow the trend to write about, show and pontificate this one product, had actually bought one, then Apple would be much richer than it is now?

0
0

High-speed powerline: Home connectivity without the cables

Bronek Kozicki
Silver badge

Re: Solwise

Just few days ago I received pre-ordered TP-Link TL-PA8010P

0
0

Debian ships new 'Jessie' release with systemd AND sysvinit

Bronek Kozicki
Silver badge

Re: systemd a copy of Solaris SMF

@MadMike thanks for that, but I think you will agree the problem is not as much with an OS but with system (hardware) architecture and applications which run on it? Basically there are limits when you can have cache coherency between all sockets and still expect sensible performance from traditional many-synchronized-threads-paradigm applications, and beyond that you have to make a move to network (real or virtual) or message passing interfaces such as OpenMP.

I do not quite see where is place for Linux in this discussion, to me it seems to be about discord between application(s) and hardware architecture limitations. Linux might (or might not) be a host hypervisor, guest VM or even entirely left out of picture - which would improve nothing.

1
0
Bronek Kozicki
Silver badge

Re: systemd a copy of Solaris SMF

"Nobody uses Linux on large 16/32 socket servers"

I think you are mistaken

2
0
Bronek Kozicki
Silver badge

Re: How to get rid of systemd and ban it

FIFY

How to remove systemd from a Debian jessie/sid installation

2
1

2016 might just be the year of Linux on the (virtual) desktop

Bronek Kozicki
Silver badge

Re: Why?!?

I don't know where "somewhere else" came from, as I understand both XenApp and XenDesktop are applicable for both "on premises" and "in the cloud" deployments, and actually the former one is more traditional model of doing VDIs. You do not outsource from your firm, you outsource from individual desks to your data centre.

Although what do I know, I am mere developer.

4
0
Bronek Kozicki
Silver badge

Re: Why?!?

You are unnecessarily focused on "renting" part, the customers already paid for Citrix linceses and are presumably using these for Windows VDIs. If they also have users who need/prefer Linux desktops and do not want/cannot spend the time maintaning their own desktops, these machines can be now put on the same VDI and managed using familiar tools by corporate infrastructure team. This VDI is what Citrix is selling, and the actual machine OS is just an extra "flavour" to choose from. IMO adding Linux to the mix is a good thing.

The point is: do not confuse corporate deployments where you have hundreds of end-user machines per one person from infrastructure team (who are also maintaining network, phones, AV etc.), with your home where you can spend as much time as needed to keep much smaller number of machines (below 10, most likely) in good order.

9
0

C++ Daddy Bjarne Stroustrup outlines directions for v17

Bronek Kozicki
Silver badge
Trollface

Re: Will anyone really understand the language?

"learning the language is even more difficult. It is a never ending task."

Good, that's how it should be.

3
3

Windows 10 Device Guard: Microsoft's effort to keep malware off PCs

Bronek Kozicki
Silver badge

Re: This is opening a wriggly can of worms

It is a can of worms, but I think probably not as bad. A fresh fish bait (rather than something old and mouldy), I'd say.

1) agreed, although virtualisation overhead in modern CPUs is really small, especially if hypervisor does not over-commit memory, CPUs etc.

2) and 4) agreed again, however I suspect this would be only enabled on certified machines with correct ACS support

3) it is possible that Device guard will not need communication with wider world but if it does, hypervisor could manage network card and set a bridge, with different IP for each VM. Of course this implies only certain cards would work, see above

5) again, I do not imagine that this would work on any old PC, so again some kind of certification would be needed

Also, since my Windows already runs under a hypervisor (and plenty of business with their own VDI setup) it is imaginable that this solution would only work for some some setups, where Windows 10 is installed bare metal on supported (and certified) hardware. All in all, I think it's a win for average consumer.

1
0
Bronek Kozicki
Silver badge

Re: IOMMU?

I suspect you are slightly confused here. To start with, IOMMU (as implemented in modern PCs) relies on hardware level isolation provided by CPU and PCIe root complex and managed by the hypervisor, i.e. lower level than kernel of a virtual machine. The innovative part in Windows 10 design is that the OS itself (as seen by the user) is actually a virtual machine with all PCIe devices passed through, running on top of a hypervisor, alongside with a different tiny virtual machine called Device Guard. Hardware level isolation is required to ensure that device passthrough will not be used to hack Device Guard (or hypervisor) from inside OS seen by the user (i.e. virtual machine employing device passthrough).

Of course, since the hypervisor itself is presumably closed source Windows, this just moves vulnerability point away from the user, rather than remove it (which arguably cannot be done anyway). If Microsoft used open source for hypervisor and Device Guard that would be really innovative (for them), nevertheless this seem like a good step to me. Perhaps because it's similar to my own setup (two Windows 7 VMs running on top of single Linux hypervisor with kvm/vfio device passthrough for GPU , USB etc.)

2
0

JetBrains releases CLion - new cross-platform IDE for C/C++ users

Bronek Kozicki
Silver badge

Re: Promotional feature?

still, it is certainly interesting feature news for those who use both gcc and cmake

2
0

Nvidia's GTX 900 cards lock out open-source Linux devs yet again

Bronek Kozicki
Silver badge

Re: unfortunately, or perhaps ok....

Yes there is a patch (actually, it's official in both newer kernels, qemu and libvirt - no need to patch if you use the right version) but it only hides CPU type. Since then nVidia caught up and added detection of Hyper-V extensions which is a bummer - there is no patch for this, you either enable those or you don't. So, if you want to use newer nVidia drivers on a guest with consumer card, you are forced to disable Hyper-V extensions and some of them are actually useful at improving guest performance (timers, kernel spinlocks etc). Quite visibly, it's an arms race as you say. IMO it is entirely possible that in the future nVidia will tighten the screw again, doing something which will make it even more difficult to use consumer GPUs under virtual guest passthrough. I do not want to take this risk, thus will be staying with Radeons.

In fact, I just started little research of my own into GPU passthrough of a single slot water-cooled 295X2 ... and the fastest single slot nVidia you can buy is K4200 which is waaay behind this (but costs about the same, because it says "Quadro" on the box)

2
0
Bronek Kozicki
Silver badge

Re: yeah, sounds familiar

... and my home computer is actually a VDI running on Linux kvm/vfio with GPU passthrough for two Radeons, to two Windows guests. It's perfectly good for gaming, just ask my sons. From above you can also guess why I do not expect to replace these with nVidia ... ever. And I do not need to pay VMWare either, there is nothing wrong with kvm.

1
0
Bronek Kozicki
Silver badge

yeah, sounds familiar

Ask RedHat developers why they do not recommend consumer nVidia GPU for passthrough in kvm/vfio .... similar reason, the drivers in guest Windows detect they are being run under kvm and refuse to work. This is only to force the user to spend few hundred (or thousands, depending on model) more on a Quadro card, which is not better from guest perspective in any other way, except to allow this use.

7
1

Samsung's PCIe flash card: Slim, speedy, and just nibbling power

Bronek Kozicki
Silver badge

why downvote, it's a good question. You can implement either against PCIe interface of a M.2

2
1

It's 2015 and a RICH TEXT FILE or a HTTP request can own your Windows machine

Bronek Kozicki
Silver badge
Mushroom

I guess you only installed first batch of updates and forgot to press "Check for updates" to see a whole lot more updates for the updated "Windows update". Among which will be second update to "Windows update" after which you will have to restart, and again will be blissfully unaware that you are not even half-way through the process. Because that's the Microsoft Way, doh.

6
0
Bronek Kozicki
Silver badge

... and the long, long process of applying each one of them, with obligatory multiple restarts in the middle of the process. As opposed to installing one service pack (whose total size is a fraction of total size of patches) which applies all patches in one go.

4
0

HGST says its NVMe flash card will manage 750,000 IOPS

Bronek Kozicki
Silver badge

Re: Very cool

SLOG device and L2ARC cache on a busy ZFS server ...

0
0

Aluminum bendy battery is boffins' answer to EXPLODING Li-ion menace

Bronek Kozicki
Silver badge
Coat

Re: Bored of Battery "Breakthroughs"

"... to win a grant" ... or just someone taking on popular topic for PhD work, as simple as that.

Mine is the one without any academic papers in pockets.

0
0

VirtualBox v. 5.0 beta 1 spins up for desktop virty lab chuckles

Bronek Kozicki
Silver badge

Re: Key question: does it support accelerated 3D?

For Windows gaming, you could use GPU passthrough feature of kvm, if 1) your CPU supports PCI device virtualisation (this is called VT-d by Intel, do not confuse with VT-x) 2) you are lucky to own compatible GPU (newer AMD models are mostly good) and compatible motherboard. That's how I run 2 Windows instances on top of oversized headless Linux (with 2 GPUs, two keyboards etc., each for one Windows). You can find more on such setup in ArchLinux forums.

3
0

Bloke faces 25 years in the cooler for upsetting Thai king on Facebook

Bronek Kozicki
Silver badge

Re: Warning to The Register

Well, tough on you then I'm afraid. You may need to find other ways of reading The Register, I heard Tor Browser is gaining in popularity.

I am very much in doubt The Register would stoop to censoring its comments section (or actual articles), especially for sake of some backwater dictatorship.

8
0

Belgium to the rescue as UK consumers freeze after BST blunder

Bronek Kozicki
Silver badge

Re: GMT/BST and working with Americans

@VP that is exactly where one extra hour came from (time difference to UK was 4hrs instead of the usual 5hrs).

3
0

In-depth: Supermicro's youngest Twin is a real silent ice maiden

Bronek Kozicki
Silver badge

Re: Supermicro

Many SuperMicro boards have LSI chip onboard (usually 2308), with a choice of firmware either HBA or RAID. Depending on motherboard you will have different sockets for those extra drives. Allows for nice SAS RAID solution without hassle of extra card.

0
0
Bronek Kozicki
Silver badge

Re: Deduplication?

Right. I am well aware of RAM requirements of ZFS deduplication which is why I'm not using it and not recommending it. With this out of the way, lets talk about SLOG.

As mandated by POSIX, ZFS will by default complete all synchronous (as requested by caller) writes before returning to caller. Also, any metadata changes in ZFS are performed synchronously. Many filesystems use journal for this purpose, ZFS uses ZIL, i.e. ZFS Intent Log which is either carved from storage space of your volume, or placed on dedicated volume depending on 1) presence of "log" device 2) option logbias . Also, ZIL can be explicitly disabled (thus making filesystem behaviour for synchronous writes non-compliant with POSIX)

Now, assuming that ZFS setup has not been "optimized" either by "logbias=throughput" or "sync=disabled", there is big benefit from having dedicated log device with low latency, because that allows all synchronous writes to complete after intent has been written to such dedicated device (as opposed to writing to data volume with large latency). Looking at latency figures, ZeusRAM is up to 0.023ms and Intel P3700 is around 0.02ms (however, ZeusRAM capacity is only 8GB and P3700 starts at 400GB - which leaves lots of space for other purposes such as L2ARC, however we do not know max latency of P3700 only average). This number should be compared against latency of spinning rust storage (or whatever is used for main data volume) which typically would be somewhere between 2ms - 12ms depending on specific HDD in use. This means that synchronous writes would complete much, much faster if dedicated log device such as ZeusRAM or Intel P3700 was used. Normally this could significantly boost IOPS number.

However, what we do not know is whether 1) Maxta does actually use synchronous writes 2) its underlying ZFS ZOLVs are not "optimized" to avoid using ZIL. It would be interesting to learn this.

1
0
Bronek Kozicki
Silver badge

Re: Deduplication?

You mean, ZVOLs? They can make good use of both SLOG and L2ARC as well.

0
0
Bronek Kozicki
Silver badge

Deduplication?

I guess that's ZFS running there? If so, one upgrade I can recommend is small(ish) Intel P3700 for both SLOG device and L2ARC. I'm pretty sure that will push IOPS bit higher (I'm using such setup, but without dedup)

1
0

Chipzilla spawns 60-core, six-teraflop Xeon Phi MONSTER CHIP

Bronek Kozicki
Silver badge

Re: Memory

Nah, many computational real-time tasks require lots of CPU power and parallelize well, but do not use much memory at all. I guess if I was to use such a machine, 16GB of near RAM would suffice for most purposes (except for file buffers of course)

1
0
Bronek Kozicki
Silver badge

Re: The Platform

It's new to me too, but I like breath of the articles there. Only had time to read one on Xeon Phi which could be said to be remotely related to work (need to always have long-term strategy, right?)

1
0

All the flash world needs is more TLC, suggests report

Bronek Kozicki
Silver badge

Re: Let's hope they fix the data degradation problem

Also, checksums in filesystem will not speed up reads of degraded memory cell. Either the read will fail completely, possibly after long wait (in which case checksum + redundancy will aid the filesystem in transparently recovering the data), or it will take a long time because underlying hardware will need this much time to read all cells reliably.

1
0

European Space Agency demos MARS LANDINGS BY DRONE

Bronek Kozicki
Silver badge
Boffin

small issue of air density

This experiment is not going to deliver most robust results, as far as drone flight is concerned. They would have to repeat it under atmospheric conditions similar to Mars - that is air pressure 0.6% of Earth's at sea level. It will be very challenging to generate enough lift from reasonably sized rotary wing aircraft (e.g. drone) in such conditions.

My guess is that they were actually testing dropping rover on a surface using sky crane, not actual drone (to which rover was attached). It's just so much cheaper to use drone rather than rocket engines.

1
0

I see you have the gTLD that goes .ping!

Bronek Kozicki
Silver badge

Wait, ".int" ? What does that stand for?

1
0

Page:

Forums