* Posts by BinkyTheMagicPaperclip

724 posts • joined 11 May 2012

Page:

It's time for TLS 1.0 and 1.1 to die (die, die)

BinkyTheMagicPaperclip
Silver badge

Re: Needing TLS 1.0 is not a surprise

Some devices that I'm thinking of do have remote firmware update capability, but it definitely isn't automatic as this isn't sensible in a corporate environment. They're still 'supported' but are a legacy product and later firmware isn't going to be produced.

It's also possible the hardware isn't capable of running TLS 1.4. In one instance I know of it does 'support' TLS 1.0, but badly. If TLS 1.0 is switched on fully (proper end to end certificate chain validation, etc) rather than its default setting of 'ignore the validation and assume everything is ok' (not ideal, but it does at least stop casual users snooping traffic), the commands it sends are delayed, which causes issues.

Sometimes hardware has plenty of resource to spare, the system tools are comprehensive, and a lack of updated firmware is entirely down to vendor laziness/stingyness. At other times the hardware is difficult to code with limited resource and space. Not everyone is NASA with millions of pounds and bright minds to throw at problems.

The other solution is to proxy the insecure device at the client end, but that solution has to be developed, installed, requires two power and network ports, and then you have two devices to secure..

0
0
BinkyTheMagicPaperclip
Silver badge

Needing TLS 1.0 is not a surprise

Modern OS aren't the problem, embedded kit is. There's a variety of embedded kit that supports either HTTP, or TLS 1.0, and it isn't getting updated beyond that point.

It's all very well to say 'update to TLS 1.4', but when the response is 'where's 300 grand for new hardware and installation', even the more security conscious firms aren't likely to bite if the data involved aren't particularly sensitive. Then, beyond the 300 grand it turns out the new secure hardware isn't compatible with the old, so it needs work on both the client and server end, so add another ten grand plus by the time development and testing are complete.

What TLS endpoint vendors should really be doing is selective endpoint validation. So the majority of TLS clients go to the normal site and stay nice and secure. The few expensive holdouts only browse to www.mysite.com/URLUsedOnlyByExpensiveEmbeddedKit and are secured there.

Alternatively there's running the endpoint in HTTP and having a load balancer/TLS offloader that does selective permitting of TLS 1.0 as mentioned.

8
0

'90s hacker collective man turned infosec VIP: Internet security hasn't improved in 20 years

BinkyTheMagicPaperclip
Silver badge

Re: 56k bullshit

ISDN terminal adapters run at 56K (probably 57600 to match the serial port speed, to be pedantic), an ISDN routed connection runs at 64K per channel. That may account for the memory. Towards the end of dialup this caused problems, because some TAPI profile creators forgot terminal adapter mode existed.

V.90 was late 90s, yes, because it needed an ISDN endpoint. Plenty of places were still using standard phone lines.

0
0

Universal Credit has never delivered bang for buck, but now there's no turning back – watchdog

BinkyTheMagicPaperclip
Silver badge

It's not that simple. Leaving aside whether basic income would work, and historic allowances etc there will always be people that require more than the basic income. PIP, Motability and others will always have to be administered (hopefully better than the vindictive way it's implemented at the moment).

If companies are providing better benefits, the money has to come from somewhere, not to mention the cost of covering multiple people doing the same job, if you're deciding to spend <n> days a week doing non work activities because of a basic income.

3
0
BinkyTheMagicPaperclip
Silver badge

UC is fundamentally a good idea

It's the implementation that sucks, and the fact not enough money is being pumped into it.

Who said this? No, not me - the architect of Universal Credit, on Radio 4.

So the guy has designed a system that prevents people being stuck in a benefit trap, and the government has ignored the resources that are required to make it work.

He knows it should work, but isn't. The goverment knows it needs to be putting in more resources to fix it, but won't. The electorate are supporting the party most keen on cracking down on welfare.

It doesn't work when you do it on the cheap and have no flexibility.

Likewise with the bedroom tax - the principle is sound, but taxing people when there are no properties to avoid the charge is wrong.

5
1
BinkyTheMagicPaperclip
Silver badge

Re: The government position:

Nope. Voting is, and always will be choosing the least worst option. Sometimes least worst is still choosing between death between frying pan or fire.

It is democracy, you just don't like it.

There are a number of large and obvious problems that are not easy to solve :

1) The electorate voted for the status quo two referendums ago. They wanted strong parties, and that's what they got.

2) The electorate also do not like being told the truth. Truths include 'someone has to pay for it' and 'due to globalisation, history, population, and improved healthcare you will pay more, and get less'

2a) The refusal to accept 'someone has to pay for it' leads to reduced funding on welfare and healthcare

3) Large corporate interests, and the inability to crack down on them makes this worse

4) It's not quite as easy to shit all over other countries in order to enjoy a high standard of living as it used to be

5) Most competent people won't bother going into politics.

6) The electorate largely don't care about politics, which is a pity, as it's extremely clear that if enough people care about an issue it makes a definite difference to the larger parties' policiies.

7) An increasing cult of personality

If the job is thankless, difficult, and not that well paid why bother doing it?

11
0

User spent 20 minutes trying to move mouse cursor, without success

BinkyTheMagicPaperclip
Silver badge

Re: Keyboard ecosystems

That doesn't apply to all keyboards. I like my Unicomp keyboards, and they're a decent evolution of the IBM Model M, but unfortunately not quite as maintainable. The casing can be unscrewed, and the keys individually cleaned, but the circuit board is almost impossible to disassemble.

After a drink accident it didn't survive, and I had to resort to the spare which I'd bought just in case. Hopefully I won't make the same mistake again; the keyboards are reasonably priced, but shipping from the US is a bit spendy.

1
0
BinkyTheMagicPaperclip
Silver badge

Re: Keyboard ecosystems

Buying a basic keyboard for a tenner is your mistake - you spend literally hours using it. Money should be prioritised for keyboard, mouse, and monitor. Everything else is likely to be changed, but those will last.

I've spent my own money on my (buckling spring) keyboard and a reasonably inexpensive claw grip 'gaming' mouse (comfy, has multiple buttons) at work. I'm not about to suffer shite for 35 hours a week.

Once I've finished my study at home the priority will not be yet more computers(*), but a really nice chair.

(*) who am I kidding, I'll probably get more anyway, although it's a small room and already has a lot of shelves..

17
0
BinkyTheMagicPaperclip
Silver badge

Re: Speaking of which,

Take the mouse apart, remove fluff, put mouse back together. Be certain not to lose the little spring that keeps the mouse wheel in. If the mouse isn't easily unscrewed there isn't a magic solution, unfortunately.

10
0
BinkyTheMagicPaperclip
Silver badge

Re: Trackball can be worse....

I use a Logitech Trackman at home (the same one model CeX used to use), and it doesn't get very grungy and is simplicity itself to clean. It also works with an electrical USB to PS/2 converter (i.e. the little adaptors that just rewire the output rather than change the protocol) if your KVM is PS/2 only.

My only irritation is that connected through my KVM only three buttons are detected (both small buttons are detected as the same button).

5
0

Xen Project patches Intel’s Lazy FPU flaw

BinkyTheMagicPaperclip
Silver badge

Well, it's not as if you can just live migrate all your running tasks to another (unpatched) system/bring up a new patched system, then patch the unpatched system before moving tasks back to it, is it?

Oh, wait..

What are they smoking? Both VMWare and Xen support live migration unless you're running PCI passthrough.

3
0

Keep your hands on the f*cking wheel! New Tesla update like being taught to drive by your dad

BinkyTheMagicPaperclip
Silver badge

Re: Auto-crash-pilot

Also importantly it looks like the Tesla is poor at braking. I wouldn't leave it that late to brake from the car in front in the first example, and if I cannot see ahead of the car in front and it brakes, I brake too pretty much regardless of distance - doesn't look like the Tesla does that. There is sufficient time to brake hard, and to swerve into the next lane which does have room (or are we now looking at the extreme example that the car in front magically has space to swerve into, and you do not?).

If a car in front of you brakes, you brake as well because you don't know what it has seen. If it carries on doing odd things, and it's not a case of the brake lights failing, time to drop way back or get in front of them in case they're an accident waiting to happen.

I can't stand all these driver assistance aids, even automatic lights are pretty annoying. Cruise control is the only item that might be useful, and even that isn't always perfect. Rain sensitive wipers are never quite right. Reversing sensors are useful, but proximity sensors when driving along occasionally get things wrong and actively distract from being able to to study the road.

2
0

Intel chip flaw: Math unit may spill crypto secrets to apps – modern Linux, Windows, BSDs immune

BinkyTheMagicPaperclip
Silver badge

shhh.. If they investigate they'll find all the bugs in the 486 as well, and then they'll never come out from under the bed.

5
0
BinkyTheMagicPaperclip
Silver badge

'That's the kind of thing an idiot would have on his luggage!'

5
0
BinkyTheMagicPaperclip
Silver badge

Re: Floating point crypto operations?

Modern x86 FPU programming is very different from historic programming - no-one uses the same methods used by the 8087, although obviously you can do if you really want.

7
0

UK.gov online dating tips: Do get consent, don't make false claims or fake profiles

BinkyTheMagicPaperclip
Silver badge

Bumble is poor - most matches fail to talk, and far too high a percentage that do are boringly concerned about your job.

Tinder is alright, but only because it has a massive population, as a platform it is poor.

1
0

Intel confirms it’ll release GPUs in 2020

BinkyTheMagicPaperclip
Silver badge

Also, oh joy! Server chipsets with intel graphics.

I don't know if it will happen, but I can dream. Integrated BMC chipsets with an Intel graphics chipset.

I realise they're servers, and servers don't require graphics. Even so it would be nice to have more than a G200e with 8MB RAM running over a PCI-e 1x link (slower than AGP...). Something with better acceleration and PCI-e compression. Haven't checked how the more modern AST chipsets are, but if you briefly need to run even a vaguely modern desktop the G200e is just glacially slow.

Suspect it won't happen with specialists like AST sewing up the market.

0
0
BinkyTheMagicPaperclip
Silver badge

Hopefully not just the high end..

I'm hoping these cards will also cover the lower end, and be open source. Yes, Intel graphics are somewhat underpowered compared to Nvidia and AMD, but they have decent documentation and open source drivers enabling a large amount of open source support, especially on the BSDs.

For OS that reject binary blobs (hello, OpenBSD), Nvidia support died not far off a decade ago - Xorg is still using the nv driver. AMD support is quite up to date, and Intel support is doing quite well. Given a lot of developers use laptops, it would be useful to have a discrete GPU version of those chipsets when using a CPU that doesn't have a GPU built in.

5
0

Automation won’t take your job until the next recession threatens it

BinkyTheMagicPaperclip
Silver badge

Re: Article is missing the obvious....

Much though it's tempting to blame Millennials (I'm gen X, but have a lot of Millennial friends), I doubt that is the case.

I think it is more probable that increased regulation, globalisation, complexity, and a little consideration for the rest of the world is likely to result in a slowdown in productivity gains, not to mention that at some point productivity probably will plateau. There are human limits in terms of effective communication.

It's also very difficult to counter the established set of operating systems and social media, particularly given the increasingly widespread refusal to pay for social media, applications, and entertainment (mostly thinking about the horrid scourge of free to play games here).

0
0

Clock blocker: Woman sues bosses over fingerprint clock-in tech

BinkyTheMagicPaperclip
Silver badge

Re: Stupidity

Also note, you can't forget your fingers, and if a site has several dozen employees biometrics are cheaper (based on a hardware write down cost of a few years). Cards are not that expensive, but they're not zero cost either.

2
0
BinkyTheMagicPaperclip
Silver badge

Re: Stupidity

It's not difficult to identify cheats, just more expensive.

The number of clocks is limited. The exact time and location the employee (or fake fingerprint) swipes in is known - because it's a time clock..

Stick a camera covering the clocks (some clocks have this built in). Ensure the video is timed.

Probably also worth changing the employee's unique id to something else when re-registering a different biometric source, so it's easy to spot the miscreant when they swipe in under the old id.

0
1
BinkyTheMagicPaperclip
Silver badge

Re: Salt free

The third use case, which I've outlined below, is to synchronise biometrics back down to a replacement clock. Re-registering hundreds of employees is a little tedious.

If Kronos offer a fully managed service, it is entirely possible that they are hosting a clock server in addition to any HR solutions they provide (no idea, though).

This really is tinfoil hat territory. I mean, theoretically, IF you captured someone's fingerprint, then somehow turned it into a full fingerprint form that would work with a clock with a proper sensor (which would have to be the clocks only for the employee's work, or at least the same type of clock and sensor if you've hacked the clock server and downloaded all the templates to a clock), then either broke into the clock or the clock server, and determined the employee number. Then broke into the system with the employee's HR data, and then obtained personal information it's oh so very theoretically an issue.

However it would be far *far* easier to

1) Steal their fingerprint by dusting/etc if you want the fingerprint. After all you can't get their finger print from the clock.

2) Break/socially engineer access into the HR system based on more easily obtained employee information.

5
0
BinkyTheMagicPaperclip
Silver badge

ex-employee with axe to grind, rather than actual concerns..

Part of my work involves timeclocks with biometrics. Not Kronos, but it is probably similar.

As mentioned, what is stored in the clocks is a template, not data reversible to a fingerprint image. The image of the fingerprint that is shown on the clock when registering (if it has a display) is not retained.

The typical reason a biometric template is transmitted to a server is so that they can be distributed between different clocks, allowing an employee to clock in and out at any of the customer sites. You also want to record the biometrics in case the clock fails and the data need to be synchronised down to the new clock.

The biometric distribution is an overnight process, clocks send upload/update/delete biometric requests to the central clock server, so if it the biometric is deleted from the clock used to register it, it's removed from all other clocks.

When swiping in and out, all that is transmitted is the unique id for the employee, the time and date, and clock status information. Biometrics are not included.

The sensors used are rather better than the pieces of crap included in laptops and phones, and cost hundreds of pounds just by themselves. Whilst I've been able to lock myself out of a Thinkpad by having sanded down fingerprints after doing some DIY, on a clock the accuracy of my finger print recognition went down by about 4%, it was still perfectly able to check my prints.

It's possible to register multiple biometrics (most people add a backup finger), and a lot of clocks offer multiple input options, so if biometrics can't be used for a small number of staff, proximity cards or other identification can be used instead.

An 'ex-employee'. I definitely sense a huge axe to grind here.

However, it is critical to get employee buy in. I know of instances of repeated clock vandalism. Repairing of deliberate damage is not covered by warranty, and these clocks are not cheap.

5
2

Samsung escapes obligation to keep old phones patched

BinkyTheMagicPaperclip
Silver badge

Consumers largely don't care as most contracts are 2 years.

Phone manufacturers don't care as they want to sell new shiny

Even if they did care, the chipset providers don't want to provide security updates for many years either, and also want to sell new shiny.

If you run your banking app on an out of security support phone you're an idiot. We'd better hope the situation is better, once criminals really start to target two factor authentication.

We don't accept this for operating systems (even OS X isn't quite that bad), we shouldn't accept it for phones.

This will only worsen as people keep their phones for longer, now functionality improvements continue to plateau.

4
0
BinkyTheMagicPaperclip
Silver badge

Re: So What Is the Law for Updates...

To be slightly fair to the phone manufacturers, it's not entirely straightforward.

ARM (most Android phones) is a horrid platform, poor documented, and infested with binary blobs.

The manufacturer chooses the CPU and the support chipsets. Often the drivers and binary blobs for the support chipsets (graphics, camera, HDMI output, etc) are provided by the manufacturer.

So, basically the guarantee to security updates needs to apply all the way down the chain.

Alternatively, enforce free and full documentation so that new drivers can be written, but that's unlikely to happen.

3
4
BinkyTheMagicPaperclip
Silver badge

In 'normal' use Android is not pretty safe if there's an exploit the manufacturer refuses to patch..

Naturally consumers should not be entitled to feature updates, but personally I think security updates should be a given.

18
0

Britain mulls 'complete shutdown' of 4G net for emergency services

BinkyTheMagicPaperclip
Silver badge

Just pay the bloody money

In the grand scheme of things five hundred quid extra per handset isn't obscene, if it works.

Remember the Lancaster power cut : http://www.lancaster.ac.uk/media/lancaster-university/content-assets/documents/engineering/RAEngLivingwithoutelectricity.pdf

'Mobile phone systems did not hold up. On most networks, the base station (the transmitter that provides the radio signal to communicate with phones in that area) is powered from the local 230V electricity supply. Some have a battery back-up that continues to provide a service for an hour or two but few, if any, cope with the 30-hour loss or supply experienced over much of Lancaster'

Airwave key sites have a seven day power supply and a deployable mobile base station according to their website.

4G is still a joke, I wouldn't rely on it for anything. Too many areas where it's slow or unavailable, even in major cities. Not to mention places in the countryside where there is no mobile signal, at all.

3
0

MH370 search ends – probably – without finding missing 777

BinkyTheMagicPaperclip
Silver badge

Re: Someone probably knows where it is/was

The ocean is big. Really, really big.

Use Occams razor here. Either it's a huge military coverup which can't reveal data because it might show super secret capabilities, or no-one knows.

Given the number of ways nation state security services could leak information from the blunt 'we were just reviewing some spy satellite/meteorological data data from that day, and we found a plane!' to the more covert such as engineering a way for someone to be in the area and scanning for a plane, it's just not tenable that this is a conspiracy.

If they had some amazing sonar that knew within five minutes that the plane had crashed then yes, maybe keep quiet, but now? It's so long since the crash I can't imagine this revealing any intelligence capabilities of note.

14
0

Chief EU negotiator tells UK to let souped-up data adequacy dream die

BinkyTheMagicPaperclip
Silver badge

Re: Well, duh

You could look at it that way, or alternatively you could look at the decision as 'pain now, or pain later'.

There's going to be pain for both us and the EU. If the EU lets us stay, the pain occurs later when UK and EU law or regulation differ, plus it also encourages other countries thinking of leaving.

If the pain occurs now, the EU has time to arrange for other countries to take up the slack. There's 27 of them, so they have a fair choice..

23
1

As Tesla hits speed bump after speed bump, Elon Musk loses his mind in anti-media rant

BinkyTheMagicPaperclip
Silver badge

Re: unexpected honesty

Oh, I wouldn't say the Guardian is that bad. It's just terribly uneven.

There's some excellent journalism on there, backed by facts, that questions things - you know, real journalism, rather than trying to sell papers.

Unfortunately there are also opinion pieces, articles that push some of the Guardian's preferred worldviews, and forgetting that there's a world outside London and the upper middle class (a little irritating seeing as it originated in Manchester).

To be fair I think that most of the broadsheets have articles where you can occasionally learn something, if suitably checked and filtered. The Mail, on the other hand, I have less confidence in anything other than a paper to maintain people's Daily Hate.

49
6

The future of radio may well be digital, but it won't survive on DAB

BinkyTheMagicPaperclip
Silver badge

Actually I'd say there are so many DAB stations that it's easily possible to avoid adverts or listen to the music/discussion you want, the difficulty is knowing the station/mux.

You have to be kidding about data coverage, vast swathes of the country's mobile data coverage is too slow for decent streaming, although it's a lot better than it was. Just half a mile from my house, which is near but not quite in the countryside, mobile data is frequently at Edge level, despite that in the same locality fibre broadband is readily available.

2
0

IPv6 growth is slowing and no one knows why. Let's see if El Reg can address what's going on

BinkyTheMagicPaperclip
Silver badge

Re: NAT required

You can make a pretty good attempt at doing this through NAT..

2
0

Capita cost-cutting on NHS England contract 'put patients at risk' – spending watchdog

BinkyTheMagicPaperclip
Silver badge

Crapita to fail next

There's already been rumblings in Private Eye, and direct warnings in government that Carillion could happen again, and soon.

Not that I feel optimistic about the alternative, they'll probably try and get Virgin to do it, after all Virgin don't have to carry the can for fucking up the east coast mainline now.

2
0

Oh, great, now there's a SECOND remote Rowhammer exploit

BinkyTheMagicPaperclip
Silver badge

Re: Is it actually viable outside the lab?

With respect to older embedded devices using dated encryption, in some cases it is a case of 'stick it in the bin'

I think it's unlikely we'll see a really basic unpatchable flaw, but with the recent spate of side channel attacks, who knows? The PC platform has so many rough edges and poorly implemented specifications that it's unreal (one of my favourites being the CDROM manufacturer that used a command commonly used for other functions to equal 'brick the firmware')

2
0
BinkyTheMagicPaperclip
Silver badge

Is it actually viable outside the lab?

Last time I looked at Rowhammer, there was no follow up media coverage (hint, hinty, hint hint) to assess how much of a problem it actually was.

On the rowhammer forums there's practically no comments, and appears not to be a particular problem in the real world. Maybe if you're a nation state guarding something particularly valuable, but for the average user?

3
0

Oculus Go: Capable kit, if the warnings don't put you off

BinkyTheMagicPaperclip
Silver badge

Can we please have a review from someone that's a bit more realistic?

What I really want to know is how it compares with a Rift. The Rift is ok, but considerably lower fidelity than a modern game, awkward to set up, and needs a powerful PC. How much of this does the Go manage? 40% as good?

Yes, it's valuable information that the single controller is less useful than the Rift/Vive's two, but it's simply not accurate to say that VR doesn't add an extra dimension to interaction.

It's like 3D monitors - for some purposes it works fine, for others not so much. Having played a little with VR sculpting, looking at 3D formulae that can be rotated before my eyes with virtual hands, the spatial dimension of sitting inside a different environment, or being at the bottom of the sea surrounded by glowing fish, it definitely has some uses.

I've barely used my Rift for over a month mainly because it's a faff (and I have other stuff to do). A new standalone desktop is expensive (although the GPU drought is ending) and my study is small, so a realistic VR experience involves using extension cables into another room.

This is all manageable with a little planning, but it's a lot less convenient than something that can be picked up and just stuck on your head.

VR is definitely not a panacea, but it will have its place. Time will show exactly which niche it fills.

1
0

Android devs prepare to hit pause on ads amid Google GDPR chaos

BinkyTheMagicPaperclip
Silver badge

' Organisations should "avoid making consent to processing a precondition of a service" '

That's going to bite a lot of people.

If ElReg wants to have some fun with IAC (please do, they're almost a monopoly on dating sites) note that one of their sites will keep your details for up to two years of inactivity, and they'll remain on the system (but not visible) for an extended period even if you delete 'just in case you come back'

uhuh... Nothing to do that artificially padding numbers is a selling point, at all.

3
0

Every major OS maker misread Intel's docs. Now their kernels can be hijacked or crashed

BinkyTheMagicPaperclip
Silver badge

Re: "They really didn't ditch security for performance at the wrong time. "

Thanks for proving my point. AMD needed to get something out into the market, managed it, and gained a competitive advantage for a while. intel couldn't react fast enough and still thinks it isn't worth a notable redesign to provide extra security. I don't see any clamouring from most users, either.

A 'new, more sophisticated design' of OS is utterly pointless unless it addresses any of the major OS players. There hasn't been a new OS that stands a chance of success for well over a decade, in fact it's closer to twenty years, as examples such as WebOS, Sailfish, and Android are all based on a Linux kernel.

Until now, it hasn't been necessary to increase the performance of instructions used to mitigate the recent exploits. This will of course change in new chips in addition to specifically adding defences against side channel attacks, and people will get on with their lives.

Bear in mind that even the initial Spectre/Meltdown patches on intel kit offer performance many times higher than one of the unaffected ARM based systems.

Fundamentally I agree with you that improved hardware support would be a decent idea, but that doesn't sell product to most people, neither does it guarantee support from coders.

1
0
BinkyTheMagicPaperclip
Silver badge

Re: "the CPU manufacturers have asked the major OS producers what they want"

They really didn't ditch security for performance at the wrong time. Performance has been acceptable for most end user purposes roughly since the Core2Quad came out. Spectre has affected everything since the pentium, that's fourteen years of 'everyone needs more speed'. You can argue over the necessity of embedded management engines as well, but modern chips have additional features that (in general) improve security.

Security does not sell product for anything other than a very specialist market. Witness the horrendous whinging that occurred upon the release of Vista and the UAC - it was very slightly over the top, but not particularly so, and Windows 7 and subsequent releases are less secure by default.

I don't see people putting their money where their mouth is and buying more secure systems, so it's the same as usual : commodity platforms with good enough security and occasional patches.

1
0
BinkyTheMagicPaperclip
Silver badge

Re: Solving Polynomials on a VAX

Everyone also needs to look at this from the viewpoint that software drives hardware sales, and the two do not operate in isolation. Since the late 80s at the very least, and almost certainly considerably before then, the CPU manufacturers have asked the major OS producers what they want (starting with Microsoft asking for a faster way of switching from V86 mode to protected mode on the 386).

If the CPUs aren't in a state you think they should be, the largest OS creators don't want it to be that way, probably due to compatibility concerns, or unnecessary effort.

When intel went on their itanium crusade, AMD picked up the parts of the market that intel wasn't addressing - namely large memory support for the general x86 market[1]. The changes in architecture to allow many more registers in x64 mode, and the limited number of protection rings were almost certainly driven by asking OS creators what they actually used (OS/2 is one of the very few x86 operating systems to use more than two protection rings, and then only rarely), coupled with limitations on what AMD could actually get to market fast enough to create a commercial advantage.

The PowerPC chips used by Apple, and by IBM in their i/p series were different (cheaper, less features for Apple). AMD have provided custom CPUs to Apple.

Then you have AMD's desperate APU architecture, which is almost certainly driven entirely by them and not by the OS manufacturers in order to sell more chips. It's never been included in AMD's high end (so they're not serious about it), and software support has been lacklustre.

I'd also note that for everyone that says (quite accurately) that a lot of modern tasks can be run in a browser, that even the non Windows world is extremely intel centric. It's true that whilst Linux runs on several (I can't be bothered to count) platforms, NetBSD on 57 platforms, OpenBSD on 13, and FreeBSD on 8ish, all platforms are not equal. A lot of those systems don't have a usable X server, and of the ones that do, many don't have a functional mainstream web browser as it involves a set of dependencies way longer than your arm.

The one architecture that might be considered a vaguely viable modern intel alternative, ARM, is extremely fragmented, nowhere near as fast as intel, and plagued by binary blobs. POWER systems are beyond the reach of the average user, even in their cheaper (~£3Kish) configurations.

[1] Yes, I remember PAE. It's horrid, and driver support was buggy.

1
0
BinkyTheMagicPaperclip
Silver badge

Re: PC 2.0

You're basically talking bollocks, it was tried before by Intel and called 'Itanium'. IBM tried it and called it 'OS/2 on the PowerPC'. Apple vaguely managed to make a go of it with PowerPC Macs but that couldn't withstand Intel either.

The PC is actually slowly (very slowly) ditching legacy code. Classic BIOS are disappearing and being replaced by UEFI (yes, people will now point out that UEFI has some issues, but BIOS really is a mess). Lots of legacy ports have been removed, and the classic physical A20 gate is disappearing from modern processors.

Pre ACPI SMP operating systems won't have run on hardware for the last few years, as practically all UEFI/BIOS now lack the MPS table needed.

There are always more dependencies than you expect, I thoroughly recommend reading both os2museum.com and TheOldNewThing to understand just how extensive backwards compatible is, why it's required, and the effort Microsoft makes to support legacy code.

A fresh break is usually not a good idea, and people do not like expense for no clear reason, this has been proven often enough it's not even a debatable point.

9
0

LLVM contributor hits breakpoint, quits citing inclusivity intolerance

BinkyTheMagicPaperclip
Silver badge

Re: The promote discrimination while claiming to fight it

Religious organisations shouldn't have charitable status, full stop. Neither should private schools.

See the recent-ish furore about the Catholic adoption service that shut down rather than subject to equality laws that same sex couples should also be able to adopt. Just because you believe in a sky pixie doesn't mean the laws of the land can be avoided.

'How do churches promote discrimination' - how to even start, the list is so bloody long.

19
4

No top-ups, please, I'm a millennial: Lightweight yoof shunning booze like never before

BinkyTheMagicPaperclip
Silver badge

Re: unwarranted scepticism

Well, no.

The last time I took a look at one of these studies (linked to on thereg), it amazingly coincided with the government's opinion. It basically said that no alcohol is best, and that a fair bit of alcohol reduced your lifespan by a measurable and significant amount.

The in-between bit? Nothing. No stats.

That's not informed consent, that's pushing a point. Provide the data and let me choose on average how many years I want to knock off my lifespan. I'll be happy, it probably won't affect my overall health too much, and it'll make the brewing industry happy too.

1
0
BinkyTheMagicPaperclip
Silver badge

Re: They'll grow up

I don't want to be too much of a dick about this, because I do reckon that Lucrelout has underestimated costs, but you've at least partly overestimated them. Internet, food, and utilities tend not to be that expensive, and a five mile commuting distance can be cycled.

However, of course they don't contain emergency costs, clothing upkeep, and some entertainment. There's more to life than just owning a house, people want to maintain/grow friendships, and establish relationships too.

Having said that I reckon Lucrelout has a point : many people are not prepared to move a not unreasonable distance from a city because they want to be able to stay out late and be very close to their friends. That's fine, and understandable, but you can't have it both ways.

Still, I hope people continue to make those decisions, as I want to move house in the next 10-15 years or so to a detached house somewhere countryside-ish. If everyone else is prepared to put up with a bit of an inconvenient walk to the train station and difficulty staying out in a city much beyond 11, then there won't be much left for me..

1
0

Doom and Super Mario could be a lot tougher now AI is building levels

BinkyTheMagicPaperclip
Silver badge

You could use AI design but it wouldn't be the same game

There are some games that work well with 'random' design (in reality constraints are always applied). Part of the fun of roguelikes is running into extremely fortuitous or horrific situations (If I remember correctly it's technically possible to encounter about the fifth hardest monster on the second level of Nethack, but the probability is rather low).

However, the reason most platformers work is because they're predictable. People can develop strategies to pass them, run speed running contests, and play test them until they're perfect.

It's easy to make difficult games, but hard to tweak the balance between hard enough to be a challenge, but easy enough not to frustrate. Games already bend the rules to ensure they are fun, their main point (there's more than one game where the chance to be hit when at 1% health is much lower than at 20% health.. Just squeaking through to the end of a level is fun)

3
0

NetHack to drop support for floppy disks, Amiga, 16-bit DOS and OS/2

BinkyTheMagicPaperclip
Silver badge

Re: I just want to be worshipped as a god by another universe of conscious beings, 'k?

There's at least one program that plays Nethack, and plays it well - better than most players.

Move slowly, enscribe Elbereth a lot, check each item before using it, etc.

Personally I have a terrible habit of kicking sinks or quaffing from fountains, both of which can be beneficial, but are highly risky..

0
0
BinkyTheMagicPaperclip
Silver badge

The BeOS lovers will downvote me for this, but it really was A Bit Shit. Yes, it had some interesting sound capabilities and was multiprocessor capable out of the box, but beyond that?

The networking code was awful (and they tried to invent their own API, that didn't work), printing was non existent, OpenGL was unaccelerated, the multimedia codecs were sub par, and the supported hardware and software list was small (and even more tiny on PPC).

Giving it a go coming from OS/2 I was underwhelmed, when OS/2 could already do almost all of what it did, but better.. Instead, I moved to NT.

I do have an R4.5 Pro disc, and have installed BeOS PPC on a Powermac 4400, but I'm not fussed about booting it up very often.

2
0
BinkyTheMagicPaperclip
Silver badge

I might be daft enough to maintain the OS/2 version

Not bothered about the rest of them, though. Might spend ten minutes seeing if a new DOS version can be created by taking the win32 console code and running it through HXDOS that support a subset of win32 calls. Given DOS Nethack is already protected mode/extended memory based, keeping it alive seems utterly pointless.

I have all the other PC based OS (including BeOS PPC..), but no, I think not.

Roguelikes are alive and kicking, however. Dwarf Fortress is popular, and there's a large number of 'roguelike' action games out there. True, their interpretation is normally 'randomly generated world and permadeath with bones equipment drop', and it's realtime, but at least the legacy is being recognised.

I have finished Nethack, but only by save scumming (yes, I know). When I do play it I'm usually not careful enough and end up dying in the mines, or just above the castle.

3
0

Javid's in, Rudd's out: UK Home Sec quits over immigration targets scandal

BinkyTheMagicPaperclip
Silver badge

Re: What's the IT Angle?

No, Windows 8 actually worked. True, mashing together Metro and desktop didn't quite work but it was reasonably solid and not quite as dumbed down as Windows 10.

Rudd is more like Windows ME.

10
0

Ozzie Ozzie Ozzie, oi oi oi! Tech zillionaire Ray's backdoor crypto for the Feds is Clipper chip v2

BinkyTheMagicPaperclip
Silver badge

Re: Lotus Notes? Twat!

Lotus Notes isn't bad when used properly (*not* as a mail system), and particularly during the 90s when things were rather different.

15
1

Page:

Forums

Biting the hand that feeds IT © 1998–2018