• The man who saved the world:  Andres Freund noticed that SSH logins - used by every server in the world - were taking half a second longer than they should.  (Ars Technica)
  
  He was curious so he poked at it a bit and found the equivalent of the demon core being added for free to every school lunch in the world.
  
  In essence, had this been done with more care and not caught before it was added to production releases of Linux, a state actor - this is almost certainly the work of some place like China or North Korea - could have had access to everything, everywhere.
  
  You might be at AWS and have all your services behind a VPN, but that wouldn't help you at all because they'd just need to hack AWS first.
  
  All the development for this hack was done in public, either by a developer who spent a lot of time building up trust by writing useful code, or by hacking that developer's GitHub account.
  
  Expect GitHub to force 2FA on all users in short order, even if that wouldn't have prevented this incident.  Every warning sign has a story behind it, and Andres is the Harry Daghlian and Louis Slotin of the age, except that he didn't die of radiation poisoning.
  
  
  
• However, some not-really-production releases of Linux were impacted.  (CyberKendra)
  
  Fedora Rawhide and Kali Linux were affected for the past three days.  Arch Linux has been affected for five weeks, and Debian's unstable release seems to be the worst hit, with the new packages added eight weeks ago.
  
  Fedora 40 Beta might be affected if you set up the test library versions as well as the regular beta libraries.
  
  AWS Linux is not affected, nor are stable releases like Ubuntu LTS or RedHat Enterprise Linux.
  
  
  

• Microsoft and OpenAI are planning to build a $115 billion supercomputer with the goal of answering all the world's questions...  Incorrectly.  (Tom's Hardware)
  
  I can do that for half as much.
  
  
  
• And I'm pretty sure that New York spent less than $115 billion on its useless lying chatbot.  (Ars Technica)
  
  It might be difficult, but owners can still evict tenants who refuse to pay their rent.
  
  Which means that both parties can sue the city for providing false legal advice.
  
  
  
• AMD's upcoming Zen 5 chips could be over 40% faster than Zen 4.  (WCCFTech)
  
  That's a lot, but AMD's progress over the past five generations has been impressive, ]with single-core Passmark scores climbing from 1600 on the last mainstream core before Zen to 4300 with the Zen 4 based 7950X, an average of 28% improvement across four generational upgrades.
  
  And Zen 1 was nearly 40% faster than its predecessor on single-threaded tasks, and 140% faster on multi-threaded.
  
  
  
• Barnes and Noble is dropping support for its Nook tablets...  For models more than ten years old.  (Liliputing)
  
  If you have the original Nook Color from 2010 and you're still using it, well, first congratulations on not dropping it in all that time, and second, it will keep right on working for all the content you have bought and downloaded.  You won't be able to buy new content on that device, and you won't be able to download new content directly from B&N, though you can still side-load files and read them.
  
  14 years of support is pretty decent; that's about the rate at which Apple completely changes hardware platforms.
  
  
  
• The top model of the new Minisforum V3 tablet costs under $1000...  In China.  (Liliputing)
  
  This might be the perfect replacement for my late, lamented HP Envy X2 tablets, which expired from terminal battery bloat a couple of years ago without me ever having much time to use them.
  
  The top-of-the-line V3 has a 2560x1600 165Hz 14" screen with 100% DCI-P3 and 500 nits max brightness, a Ryzen 8845H CPU, 32GB of RAM, and a 2TB SSD.  Actually it lists an M2 2280 SSD, so if you're brave enough to open it up you can expand it to 8TB. 
  
  Ports include two USB 4 ports (basically Thunderbolt 3), a full size SD card slot, a USB-C port with VLink, and a headphone jack, plus a 2Mpixel front camera and a 5Mpixel rear camera.
  
  Apart from the screen (which was 3000x2000 on the HP) it's better in every way, as you'd expect after five years.
  
  The CPU is ten times faster than the HP on multi-threaded tasks, and nearly three times faster single-threaded, it has the Four Essential Keys, and that VLink port supports video input - so you could buy two of them, install Linux on one, take both with you, and have a complete dual monitor working environment everywhere you go.
  
  Which I had some idea of doing with those HPs before they ate too many electrons and died.

Posted by: normal at Saturday, March 30 2024 09:47 PM (bg2DR)

Posted by: Kurt Duncan at Sunday, March 31 2024 12:55 AM (dMQGF)

Posted by: J Greely at Sunday, March 31 2024 01:39 AM (oJgNG)

Posted by: PatBuckman at Monday, April 01 2024 01:42 AM (rcPLc)

Hide Comments | Add Comment