* Posts by Bronek Kozicki

2859 publicly visible posts • joined 6 Sep 2007

Upset Equation Editor was killed off? Now you can tell Microsoft to go forth and multiply: App back from the dead

Bronek Kozicki

Re: >lacking access to the ancient app's source code

Given that Equation Editor was a 3rd party tool, sublicensed by Microsoft, I suspect they never had a copy of to the source files in the first place. Assuming they had access to source code in the first place, it is not the same as having a copy of it which you can keep "just in case the original author loses it".

Supermicro crams 36 Samsung 'ruler' SSDs into dense superserver

Bronek Kozicki

Another question, how much bandwidth do you want for this 20TB of data? With small factor storage directly attached to PCIe bus (M.2 discussed here, or older brother 2.5" U.2 NVMe) you have some balance between capacity and bandwidth. On the other hand, single SAS connector is not really that much, and there is no form factor with directly attached 3.5" PCIe bus.

Bronek Kozicki

Re: Use Case?

I was thinking about it. For Lustre you would normally rely on a failover cluster of two MDS with single shared high-performance disk system (SAN e.g. fibrechannel) used for MDT i.e. actual data storage. There is no space for such arrangement if you have one server with all disks inside directly attached to PCIe buses of the CPUs. Unless the servers in the cluster were virtual, running inside that one machine - but that it is not much of added resiliency, is it?

Another possible scenario is ZFS volume, shared as iSCSI target for a cluster (i.e. two more machines for MDS, without such outrageous storage). However then you lose large part of the potential performance gains from NVMe and flash, so perhaps not so good either.

On top of that, it would have to be a very, very large filesystem which would need 200TB of MDT (i.e. metadata only). Still, I would be very happy to play with such a storage, for an experimental Lustre setup just to see how fast it is :)

Heathrow Airport's local council prohibits drone flights from open spaces

Bronek Kozicki

Re: Difficult

I do not think it is really justified. Hillington borough covers very large area and both Heathrow airport and its approach are only a small part of it. Also, approach on the east side of the airport (which, judging by the noise outside my window is the most commonly used) is not over Hillington at all, it is Hounslow i.e. neighbouring borough.

Meltdown, Spectre bug patch slowdown gets real – and what you can do about it

Bronek Kozicki

Re: Filesystem choice?

Good question. My take is that some filesystems (notably ZFS) make heavy use of the memory, which is fine if user space and kernel share the address space (little impact on cache) but pretty bad if cache needs to be cleared on every disk IO (only if the only cache in question is page translation tables).

Ubuntu 17.10 pulled: Linux OS knackers laptop BIOSes, Intel kernel driver fingered

Bronek Kozicki

Update

Turns out the bug was initially found in kernel 4.11 , in June 2017

Also, the bug does not actually "brick" the computer. Looking at the fix it appears the problem is in module initialisation code. This section of code gets hit on every start, and it borks BIOS anew on every start. However following the original kernel thread it appears that as soon as the module is updated not to flip "writeable" flag in bios on startup, the machine is back to normal.

Bronek Kozicki

Well, as far as new functionality (new drivers etc) in Linux kernel are concerned ... sometimes you do end up with beta-quality for some time after the release. I know it may sound like heresy to some, but there is a reason why RHEL is running old kernels (with a very long list of in-house maintained patches).

However, since I like living on the bleeding edge, I use fresh upstream kernels, which is how I also know that bugs are quickly fixed. Usually within days (or short weeks) from the first report.

As for malware writers - kernel module can do a lot and damaging hardware was possible since a very long time ago. But in order to run a new module, you need to root the OS first. So, nothing new really.

Bronek Kozicki

Re: Accidental Aardvark

These machines are not really permanently borked. It is possible to reflash them, which restores normal BIOS functionality. The difficulty is that Lenovo only supplies reflashing tools which work under Windows, and in order for these to work you need to boot Windows. Which is tricky, if your only OS available on disk is Linux, and you cannot boot anything else from USB.

Some affected users managed to attach CDROM via USB and proceed from there. Ideally Lenovo should provide BIOS reflashing tool which works under Linux :-(

Oh, the weather outside is frightful, but the data centre temp's delightful

Bronek Kozicki

Re: Um...

OK, I promise to pay the visit the next time I am in Texas. Can I have that downvote removed or balanced now?

Bronek Kozicki

Re: Um...

Yes, there is. Never been there, though.

Ghostery, uBlock lead the anti-track pack

Bronek Kozicki
Trollface

DoNotTrack HTTP header provides almost no protection

I am shocked.

No hack needed: Anonymisation beaten with a dash of SQL

Bronek Kozicki
Coat

Re: This was proven years ago

... and at the bottom.

Yes, I know the way out.

PHWOAR, those noughty inks: '0.1%' named Stat of The Year

Bronek Kozicki

Re: From the linked site:

Airports: 0.2%

Road and rail networks: 0.05%

For me, this is a surprise.

Oi, force Microsoft to cough up emails on Irish servers to the Feds, US states urge Supremes

Bronek Kozicki

Re: sort of confused... No. VERY confused.

I do not know about Irish laws, but there is a possibility that executive branch is prohibited from making such a decision, and has to pass it to courts instead.

Bronek Kozicki

Re: Change "email" with "money"...

Hm, money stored offshore? As long as the bank does any business at all in the US, all such money owned by US individuals have to be reported to US authorities.

Merry Xmas, fellow code nerds: Avast open-sources decompiler

Bronek Kozicki

I do not agree with the "meaningless" portion, even though you are correct on the first part. The problem is that some people will not realize it.

Bronek Kozicki

Re: This is game-changing stuff

@JulieM do not forget that 1) the decompiled source will have been after all the optimizations that the original compiler applied, hence it will be removed from the original programmers intent 2) it will not have any of the symbolic names that the original programmer intended and finally 3) it will not reflect the design of the original source, since all the static program constraints will have been optimized away (things like encapsulation etc.).

The tool is meant for providing a more readable form of what the program actually does, which is very useful in itself. However, I would not put collaboration between projects without appropriate language bindings in this bucket because collaboration implies a statement of intent, which is next to impossible if the design is hidden.

Bronek Kozicki
Thumb Up

Nice!

Open sourcing hopefully also means that a community will build around it, improving the overall quality of the tool.

UK's map maker Ordnance Survey plays with robo roof detector

Bronek Kozicki
Coat

Re: OK, cleverclogs ML algorithm

Flat, obviously.

So what happened with the patent judge and the Euro Patent Office?

Bronek Kozicki

Re: How has he survived?

@Potemkine! I think you are onto something, but you are also missing important part: 5% upheld complains from a large number is still something to consider. Also, the way the Administrative Council of EPO works, it does not really take much interest in the workings of EPO (as it should). Unfortunately.

One per cent of all websites probably p0wned each year, say boffins

Bronek Kozicki

Interesting technique

Create unique email address (i.e. the user name that is hard to guess even by brute force, as-if good password) and use easily guessable password for that one. Create another unique email address, but with a strong password. If first account was breached, that means the email leaked (or email + easy password hash). If second was breached, that means plain text password leaked. I would be interested if such monitoring of websites was standard and users were informed of results.

Transaction Processing Performance Council to deliver AI benchmark

Bronek Kozicki

Major GPU-makers aren't currently members of the TPC

That's the most important point. It seems TPC is looking for another pie to push its fingers into, but without the expertise needed to actually deliver something useful.

Netflix silent about ridicule as it discusses punters' viewing habits

Bronek Kozicki

Re: I'm confused

"I wish it would also keep the data" - if I remember right, you can give "thumbs down" in Netflix to anything you watched.

Sloppy coding + huge PSD2 changes = Lots of late nights for banking devs next year

Bronek Kozicki

Re: Legacy Systems

There are two or three things which matter. The actual running program, doing what it was supposed to do, is just one of these. In the short term, it is the most important thing (probably), and it is right to keep it in mind. The other two things are knowledge what it does in the heads of people supporting it and availability of support for the underlying platform. The other two are problematic for any legacy system because people will eventually retire and vendors will stop providing support (or ramp its cost so much that it will become a huge drag). Hence the necessity for long-term planning to replace any such legacy platform, which IMO should start at spreading the knowledge of what the system does (hence, educating the next "generation" of domain experts). This does not mean the same thing as outright planning big bang replacement with a new, flashy and very expensive system.

The problem with old systems is that they work. And work, and then work some more. Until they stop working or prove to be insufficient performance-wise (whatever metrics of "performance" you use). It is right and appropriate to be prepared for such eventuality.

Bronek Kozicki

Re: Legacy Systems

I think the only viable way to replace any legacy system is for developers to become domain experts. Which is a big problem for organization, because domain experts are expensive (as opposed to code monkeys), and also because some developers are happy with the coding part alone, and finally because there is frequently "old guard" which do not like sharing the secrets (or even sees secrecy as security imperative). The definition of "domain expert" is someone who can understand what the "old thing" is doing and why, and build the mental model necessary to design its replacement.

AI smarts: IBM pushes out 'faster than X86' POWER9 servers

Bronek Kozicki

Re: Price-performance

I doubt Red Hat spend a huge amount of time optimising the software they provide for Power

No, IBM did that part. You can their commits in git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/

Bronek Kozicki

Re: Price-performance

There are clouds with POWER CPUs, but I have not looked at pricing. You can see some listed at https://www.ibm.com/power/solutions/cloud . There is also https://ptopenlab.com/cloudlabconsole/ , but I am not sure what that is. And finally https://openpowerfoundation.org/?resource_lib=ibm-power-development-cloud which is perhaps most suitable.

Elon Musk finally admits Tesla is building its own custom AI chips

Bronek Kozicki

Re: Nothing to worry then

Not burning through 600 millions of investor dollars a quarter.

... also not leaving anything remarkable for the future generations, either. Not much of a record, is it? Unless you consider financial profit to be the ultimate goal of any worthwhile activity, in which case please pass my sympathy to your family and friends.

Disk drive fired 'Frisbees of death' across data centre after storage admin crossed his wires

Bronek Kozicki
Windows

I remember 20MB "Winchester" hard drive ...

... and that is why I cannot resist buying ever smaller size, but larger capacity memory devices. The marvel of the ever growing data storage density never ceases to amaze me. Recently bought 200GB microSD SanDisk U1 card. Even though I do not need it (at the moment).

Yes sir, no sir, 3 bags NoSQL sir: It's a whizz-bang benchmark ... but WTF does it signify?

Bronek Kozicki

Re: Sharding to /dev/null is quicker...

There is good reason why "NoSQL" is called the way it is. It is meant for non-structured data. If there are no relationships between tables (i.e. your database is at most 1st normal form) then it makes no sense to pay performance penalty in the database to maintain these, non-existing, relationships. Of course you have good reason to wonder "why anyone would want this" but as it turns out, sometimes it is useful.

For example, when chucking large amounts of data into a datastore, when it needs to be ingested with maximum efficiency, but only some of it will be processed later (and rest simply thrown away or archived and forgotten). Clearly there are no literal transactions taking place here.

Just as SQL is not a silver bullet for all data storage needs, neither is NoSQL. However SQL had its period of juvenile growth, decades ago, while NoSQL is only entering it now - hence, you hear about it more.

Intel Management Engine pwned by buffer overflow

Bronek Kozicki

Re: WTF?

I wouldn't be so sure. It is nice to think that builders of home PCs are a significant market for Intel, but I strongly suspect this is not true. If you look into the part of the market where volumes are, i.e. server farms or office PC, it starts to make sense that administrators cannot attend to each PC in person. They want remote administration capability and unfortunately ME is part of it. I am not trying to argue that these administrators actually want ME, but instead that this is Intel's positioning of this feature on the market.

Microsoft adds nothing to new Semi-Annual Windows Server preview

Bronek Kozicki

It is Tech Preview

I mean, this is almost advertised as beta release.

Lap-slabtop-mobes with Snapdragon Arm CPUs running Windows 10: We had a quick gander

Bronek Kozicki

Re: Linux?

I'd like to have a NUC-sized computer (or perhaps even Raspberry Pi sized) with these guts. Nice 64bit ARM CPU and lots of memory and disk space, HDMI or DP output, few USB interfaces, (micro)SD card and two 1Gbps Ethernet ports - yummy.

Drone collisions with airliners may not be fatal, US study suggests

Bronek Kozicki

Re: How is this different than birdstrike?

A drone is not made of meat, bones and feathers. It is made of aluminium, carbon fibre and steel bits. Also lithium ion batteries, which are known to be flammable. The study confirmed that, upon strike, the battery is more likely to disintegrate than burn, but it is useful to know it. Would be also good to know what happens to the engines if they get stuffed with this type of materials, rather than a bird.

Amazon reveals 'Nitro'... Custom ASICs and boxes that do grunt work so EC2 hosts can just run instances

Bronek Kozicki

Re: This is interesting

That was my impression too - kvm works with vfio (these both being implemented in the kernel). However Xen also has kernel support, so in theory it could support vfio as well.

Bronek Kozicki

This is interesting

But I'd also like to hear why they chose KVM as a base for Nitro, rather than Xen. Perhaps on the sister site, soon?

Linux laptop-flinger says bye-bye to buggy Intel Management Engine

Bronek Kozicki
Pint

Re: >>It is an antonymous op

@Mike 125 - of course, thanks

Bronek Kozicki

In case you missed the hint - it does not require a driver.

It is an antonymous operating system (based on venerable MINIX) running on a tiny CPU embedded inside your "actual" CPU, with a direct access to the whole of the physical memory and to the network interface (as both network and memory controller are implemented inside modern Intel CPUs). The goal apparently was to enable the remote administrator to manage the machine, even after e.g. its BIOS was borked and the "actual" CPU is unable to boot the operating system.

Crypto-cash souk Coinbase forced to rat out its high rollers to probing US taxmen

Bronek Kozicki

Re: Bitquestions

I'd suspect that HK tax rules for investment in crypto-currencies may soon change .... if they haven't already.

Wondering why your internal .dev web app has stopped working?

Bronek Kozicki
Coat

Re: An attempt at journalism?

El Reg news are not reserved for competent developers or administrators (or operators). Sometimes their less competent or less experienced colleagues, or perhaps just learning, or even pointy-haired bosses read them, too. Something that is not news for one folk, might be news for another.

Bronek Kozicki
Joke

Re: .test.icann?

"ithinnk.icann"

Apple embraces El Reg! iOS 11 is now biting the hand that types IT

Bronek Kozicki
Terminator

Here is my theory

Apple implemented antonymous unsupervised neural net somewhere deep inside auto-correct and left it in learning mode. For some users, it will evolve into replacing good words with rubbish. For some, it will evolve into automatically adding rubbish words in the middle the sentence. Next, it will evolve from auto-correct to auto-type, automatically writing and sending messages without users' involvement.

I suspect that some posts on El Reg forums could be the proof of it.

Open source nameserver used by millions needs patching

Bronek Kozicki

"That can be catastrophic if done right: for example, if a network is tricked into advertising itself as the whole of the Internet, it can be hosed"

I only ever managed small DNS servers but the above would require a change in the NS record. This would hose the sub-domain (relative to one of the domains hosted on the vulnerable server) but nothing beyond. Alternatively, a new zone could be imaginably added to the vulnerable server hence allowing spoofing of any domain within the organization, but there is no "advertising itself" element here either. DNS is no BGP. Unless I missed something?

Uber, quit shoveling money into the fire for one second and explain that hack – US senators

Bronek Kozicki
Coat

Wake me up when Uber receives some praise - or does something well, even without recognition. That's an event I do not want to miss

Thou shalt use our drone app, UK.gov to tell quadcopter pilots

Bronek Kozicki

Re: Could they perhaps...

I guess the downvote is for "10g" because the remaining part seems, in principle, sane to me. The difficult practical part would be making it a legal requirement for a drone RC-receiver to carry such "registration sign".

.GIF garage Imgur plugs 1.7 million-subscriber creds breach

Bronek Kozicki

SHA-256 brute force?

It is a tricky proposition. Assuming salt was used it would be very difficult to brute force such stored passwords. Even though there are plenty of ASICs specialised in SHA-256 thanks to bitcoin mining, we are talking about computational load measured in ages of universe ("billions of guesses per minute" does not cut it)

Fujitsu imagines adjusting your rear view mirror for better hearing

Bronek Kozicki

I wonder how is the sound quality

If it can be made very good, I'd like such speakers - for a computer.

SurfaceBook 2 battery drains even when plugged in

Bronek Kozicki
Joke

This is sooo smart

Finally, a working solution for battery wear when a laptop is attached to power supply all day long. Just keep depleting the battery nevertheless!

To fix Intel's firmware fiasco, wait for Christmas Eve or 2018

Bronek Kozicki
Black Helicopters

Re: Can't you zap the offending management with a cattleprod?

@AC here is appropriate icon for you, as you were unable to select it yourself ->