• A massive vulnerability in a Java logging library widely used in enterprise software caused utter panic at pretty much every major company in the world.  One commenter mentioned being in a Slack channel with three thousand other engineers all working frantically to patch systems.
  
  How much was the team of developers working to maintain this library being paid?
  
  If you guessed absolutely nothing you'd be very close.  (Christine.website)
  
  This is obviously unsustainable.  Trillion-dollar companies depend on this software and don't even think about contributing towards its upkeep.
  
  Open source software is supposed to be open.  It's not supposed to be free, because nothing is free.  If you're not paying for it up front, you'll be paying for it later on by diverting every engineer in your entire organisation two days while other critical issues go ignored.
  
  
  
• We're from the government.  We're here to help.  (CISA)
  
  The statement from CISA Director Jen Easterly on the Log4j vulnerability reads

  blah blah blah blah blah you should probably patch that blah blah blah.

  Thanks Jen. 
  
  The director of the US Cybersecurity and Infrastructure Security Agency has an MA in politics, philosophy, and economics from Oxford, which qualifies her for the job almost as much as you might think.
  
  
  

• What went wrong?
  
  Some idiots demanded that a logging library perform magic for them.  (Crawshaw)
  
  And once the magic was put in place, it couldn't be removed because that would break critical software.
  
  And there wasn't anyone to take the necessary time to push back, deprecate the feature, and eventually remove it, because they weren't getting paid.
  
  
  
  
  
  
• Cloudflare reports on the vulnerability and their response.  (Cloudflare)
  
  One important point is that they firewall all their servers for both inbound and outbound access.  If a server gets compromised but is blocked by default from accessing anything else, the damage is contained.
  
  With this particular exploit the payload was installed by dialling out to a malicious server, and if that connection was blocked, nothing happened.  The server got handed a bottle of poison pills but couldn't get the damn child-proof cap off.
  
  
  
• Future AMD GPUs could use stacked dies for cache memory and AI accelerators.  (WCCFTech)
  
  Maybe not the 2022 lineup, but this is likely to happen soon, for reasons.
  
  
  
• The reasons being that Moore's Law is ending - again - in 2028.  (LessWrong)
  
  At the 1.5nm node (which doesn't measure 1.5nm in any dimension but never mind that) planar scaling will likely stop.
  
  What will happen instead - and the linked article goes into all the details you could possibly want - is that chips will go 3D.  Flash storage already has, and it was a revolution.  Cell phone chips stack storage and memory on top of the CPU.  AMD is stacking cache on top of server CPUs, and Intel is wedging stacks of RAM into their supercomputer CPUs.
  
  One of the side effects of this is that chips will get cheaper.  Fabs - chip factories - are massively expensive, and only remain at the leading edge of technology for a couple of years.  If they lasted for twenty years instead of two - and the machines to make the machines for the fabs also lasted twenty years instead of two - prices would come down drastically.
  
  
  
• I want to see default RED.  (Reddit)
  
  While Amazon's systems were down all over the place - not just at US-East-1 but where the one critical Amazon-based service I look after runs in US-West-2 - their public monitoring systems were reporting everything was fine because the outage prevented the monitoring page from updating.
  
  Monitoring systems should autonomously go red if they can't update.
  
  
  
• Intel's new X710-T4L is a massive upgrade.  (Serve the Home)
  
  It's a quad 10Gbase-T card that uses a maximum of 14.2W with all ports running at full speed.  The previous model peaked at 28.9W.
  
  In fact, this model running at 10Gb uses less power than the previous model running at 1Gb.  That's a huge improvement because a core delaying factor in the rollout of 10Gb Ethernet has been the power requirements for running it over cheap twisted-pair cable.  (It uses less power over specialised cables or fiber, but the pricing is absurd.)
  
  The new version of the card is also $100 cheaper than the old one at $500.
  
  It's also out of stock everywhere because everything is.
  
  
  
• Except the QSW-M2108-2C which does seem to be available albeit in short supply.  (QNAP)
  
  I wanted a 2.5Gb / 10Gb managed switch for my lab buildout, but had planned to settle for an unmanaged model because I could find one that wasn't insanely expensive.  This is just what I wanted - 8 x 2.5Gb ports, 2 x 10Gb ports with both RJ45 and SFP+ connectors, and fairly solid management features including link aggregation and VLANs.
  
  Part of the function of the software lab I'm building is to simulate real-world faults, and being able to mess with the network under software control is a key part of that.
  
  They also have a 16-port model, but that's more than I need, twice as expensive, and out of stock.
  
  
  
• Managed 1Gb switches are a dime a dozen.  Well, not quite, but you can get them starting at around $35, a tenth the price of the cheapest managed 2.5Gb switches.
  
  
  
• A new FDA-approved eye drop causes red eyes and headaches.  (CBS News)
  
  Well, what the hell does it treat then?
  
  It treats reading glasses.
  
  If you're between 40 and 65 years old and need reading glasses (but not specifically prescription glasses) these eye drops can alleviate that need for six to ten hours.
  
  Since I do need prescription glasses (I have three pairs for distance, computers, and reading, plus a couple of spares) these won't do anything for me, but if you just need plain cheap reading glasses they could do the trick.
  
  
  
• Apple found a benchmark where the 2021 M1 Max MacBook Pro is faster than the 2019 Intel Mac.  (WCCFTech)
  
  Linus Tech Tips tested the M1 Max and found that while it did excel on one test, most of the time it was slower than an Intel-based notebook with an RTX 3050 - at about one third the price.
  
  That might change as they improve the drivers and software optimisation but right now it's a very expensive toy.
  
  I'll likely be getting a MacBook Air or an iMac to do Mac and iOS software testing for work, but I'll be getting the cheapest model I can get away with.
  
  
  

Party Like It's 1979 Video of the Day

Posted by: Will at Monday, December 13 2021 12:30 AM (8548M)

Posted by: David at Monday, December 13 2021 02:19 AM (kOkn4)

Posted by: Rick C at Monday, December 13 2021 02:42 AM (Z0GF0)

Posted by: Rick C at Monday, December 13 2021 02:48 AM (Z0GF0)

Posted by: normal at Monday, December 13 2021 11:05 AM (obo9H)

Posted by: Pixy Misa at Monday, December 13 2021 03:31 PM (PiXy!)

Hide Comments | Add Comment

• Hackers breached the payroll system for the South Australian government and got all of everyone's data.  (Bleeping Computer)
  
  Name, date of birth, tax file number, address, bank account details, employment, payment and tax data, everything, for up to 80,000 people.

  "Having the bank account details doesn't give you access to the bank account, but it's the first step in trying to crack a code in terms of passwords."

  In theory, sure.  In practice, not so much.  One YouTuber - I don't remember who it was - showed his bank account details on screen because you need the password to actually do anything.
  
  His account got cleaned out.
  
  The breach was at a commercial payroll provider, not the government itself, which means that the other 1700 organisations using the same payroll provider suddenly have a major headache.
  
  
  
• A security breach at Volvo resulted in the loss of their R&D data.  (Bleeping Computer)
  
  It's boxy, but good.
  
  
  
• Hackers also hit multiple government systems in Brazil, including those tracking vaccination programs.  (Reuters)
  
  The systems are currently offline, and it's not clear yet how extensive the breach was, or whether any data was stolen or deleted.

• I've been looking for some compact shelves for my new lab, which is made up of laptops and possibly some NUCs but probably not (see below).  I haven't been able to find quite what I want: Bookshelves are too bulky and most desk storage systems are for paper and will fit a 14" laptop but not a 16" one.
  
  Browsing around storage on Amazon I saw something that looked like what I needed and was cheap and shipped free in 48 hours, so I clicked through to it and then realised what it actually was: A shoe rack.
  
  Well, fine.  By Monday I'll have storage for 40 pairs of shoes or four laptops and the associated power supplies, external drives, switches, routers, USB hubs, audio mixers, speakers, and so on, whichever comes first.
  
  And, uh, another six bags of gluten free jelly beans, because I forgot I had those in my cart.  They have a shelf life of a year; there's no way they won't get eaten.
  
  
  
• Intel just EOLed Panther Canyon.  (Tom's Hardware)
  
  Panther Canyon is the regular range of Tiger Lake NUCs.  Tiger Lake is Intel's 1th generation, and there aren't any low power 12th generation chips yet, so that's the entire current lineup.
  
  I was originally looking to get three of the slim-line i5 NUCs, but then those disappeared.  Now the entire lineup has been cancelled.
  
  Asus makes an alternative with AMD CPUs, but I expect that will become hard to find once retail stock of the Intel model sells out.  So I'm looking at getting a third Inspiron 16 Plus.  It's twice as fast as the Intel NUC - eight cores rather than four - but since it also comes with an RTX 3060 and a 16" 3k screen it's more than twice as expensive.
  
  
  
• What happened at AWS US-East-1.  (Amazon)
  
  The control network used behind the scenes to manage all the other AWS services got overloaded.  Since the control network is used to manage the control network, that not only caused problems all over the place, it prevented engineers immediately fixing the problem.
  
  They had to find a way to redirect some of the traffic when the usual mechanisms for redirecting traffic weren't working, so that they could redirect more of the traffic using the usual mechanisms, so that they could fix the management network, so that they could fix AWS itself.
  
  That's why it took six hours.  There's a button to fix all this, but the button broke.
  
  
  
• Imagor is an image processing server written in Go.  (GitHub)
  
  I've written these things half a dozen times at this point, but it's nice to have one that I can just take off the shelf and deploy.
  
  It takes an image from somewhere (not sure yet if it only reads from upstream HTTP servers or can also read from the filesystem), and can resize, reformat, crop, rotate, blur, sharpen, adjust hue, brightness, and contrast, and overlay other images.
  
  The system we built at my day job does even more - it has its own scripting language to run arbitrary sequences of operations over tens of thousands of files - but for many applications Imagor will provide everything you need.
  
  
  
• An unfortunate alignment of bugs in Android and Microsoft Teams meant one user couldn't dial 911.  (Medium)
  
  They were calling on behalf of their grandmother and the grandmother had a landline phone so immediate crisis averted, but there's a fundamental problem with burying a very simple function in a ever-growing nightmare of complexity.
  
  
  
• An exploit of the Log4j Java library is an enterprise nightmare.  (Bleeping Computer)
  
  The library is developed by Apache an used by many Java-based Apache applications like Struts2, Solr, Druid, Flink - yes, these are all real - none of which I use, though Solr is interesting.  They are commonly used by small companies like Apple, Amazon, Cloudflare, Twitter, and Steam, so there are many, many sysadmins having a bad day yet again, because the bug is being actively exploited right now.
  
  
  
• And Minecraft.  (Bleeping Computer)
  
  If you run a public Minecraft server, update it right now.  The Java edition of the Minecraft client has also been updated but it's not clear if it's directly vulnerable.
  
  
  
• Elasticsearch, for once, is not vulnerable.  (Elastic)
  
  They use the Java Security Manager which prevents this attack.
  
  
  
• Here's the Apache announcement of the vulnerability.  (Apache)
  
  Note that I do not refer to this a bug.  It's not a bug.  It's a feature.  The Apache Log4j library is DESIGNED to allow the execution of arbitrary code.
  
  Good work there, guys.  Top notch.
  
  
  
• A new bill in the US Senate would force social networks to open their data to researchers.  (The Verge)
  
  Whereupon it would get hacked, but that's not the key point here.
  
  The key point is the penalty involved: If networks fail to provide this access, the bill would revoke their CDMA 230 protections.
  
  And once the idea is out there that those protections are contingent rather than fundamental, all the social networks are screwed.  I don't think the Democrats understand what they are doing; the social networks are their best - possibly their only - friends, but the they treat them as enemies.
  
  

Posted by: PatBuckman at Sunday, December 12 2021 01:03 AM (r9O5h)

Posted by: PatBuckman at Sunday, December 12 2021 01:07 AM (r9O5h)

Posted by: Pixy Misa at Sunday, December 12 2021 01:51 AM (PiXy!)

Posted by: StargazerA5 at Sunday, December 12 2021 03:01 AM (gJ4RY)

Hide Comments | Add Comment

• Dell has a new range of XPS desktop systems, using DDR5.  For some reason.  You can't buy DDR5 RAM anywhere, but you can configure a system on Dell's website with up to 128GB for an extra $1300.  And it doesn't change the delivery date, which is this time next month.  Whether that's realistic or not is an open question, but my latest Dell order left the factory a day ahead of schedule, so they seem to have some idea of the extent of the delays in their pipeline.
  
  But there's the question of how much faster memory actually helps and the answer is not much.  (Tom's Hardware)
  
  On a range of synthetic and real-world benchmarks, upgrading from DDR4-2666 to DDR4-4600 improved performance by about 5%.
  
  
  
• Gluten free nuggies and Special K are out of stock again.  But I do have eight pounds of gluten free jelly beans and jelly babies, since that order arrived unimpeded, along with that little mixer I mentioned and some audio cables for it.
  
  What hasn't arrived yet is my new keyboard, and the . key on the current one just required percussive maintenance again.
  
  

• AMD just released an update to their Linux drivers for Radeon 9500, 9700, and 9800 cards.  (Phoronix)
  
  Which came out in 2002.
  
  
  
• Speaking of Linux and AMD, the company just confirmed that their 4th generation "Genoa" server CPUs will support 12 channel DDR5 RAM.  (Tom's Hardware)
  
  Not by press release.  It's in their Linux kernel patches, the number one source for confirmed leaks these days.
  
  
  
• Australia's stupid federal government is debating new regulations for stupid social networks.  (ZDNet)
  
  The article makes my head hurt.  Everyone involved is both lying and stupid.
  
  
  
• Now they know how many holes it takes to fill the Albert Hall.  (Quanta)

  The first major advance on the Arnold conjecture took place decades later, in the 1980s, when a young mathematician named Andreas Floer developed a radical new way of counting holes. Floer’s theory quickly became one of the central tools in symplectic geometry. Yet even as mathematicians used Floer’s ideas, they imagined it should be possible to transcend his theory itself — to develop other theories in light of the new perspective that Floer opened up.

  Nope, no idea.

Party Like It's 1988 Video of the Day

Posted by: cxt217 at Saturday, December 11 2021 02:36 AM (MuaLM)

Posted by: DougO at Saturday, December 11 2021 04:06 AM (G1vK4)

Hide Comments | Add Comment

Posted by: normal at Friday, December 10 2021 09:54 AM (obo9H)

Posted by: Pixy Misa at Friday, December 10 2021 12:01 PM (PiXy!)

Posted by: Frank at Friday, December 10 2021 04:26 PM (rglbH)

Posted by: Pixy Misa at Friday, December 10 2021 06:04 PM (PiXy!)

Hide Comments | Add Comment

• Twitter has bought chat platform Quill.  (Quill)
  
  If you use Quill, you have three days to download your history before they turn the servers off.  I'm not being snarky, they are literally doing that.

  Can I export my team’s Direct Messages (DMs)?

  No, we do not allow the export of Direct Messages.

  If I don’t export, will you delete my data?

  Yes. On 1pm PST, Saturday, December 11th 2021 we will delete all user data, whether or not you’ve exported it.

  Well, thanks.
  
  
• So, that happened.
  
  

• Amazon's US-East-1 datacenter suffered increased error rates today.  (CRN)
  
  This is in the same sense as "Jeffrey Epstein didn't increase his own error rates".  AWS US-East-1 burned down, fell over, and sank into the swamp.
  
  With it went a few little sites like Netflix and Disney+ and, oh, Amazon itself.  Tens of thousands of Adele fans waiting in virtual line for pre-release tickets were not impressed when the whole thing was rescheduled, and they weren't notified by email because email services relying on AWS were also down.  (Fortune)
  
  Coinbase, Binance, dYdX (which is a cool name for a derivatives trading platform I must admit) and blockchain gateway Infura all suffered outages, which makes you wonder just how decentralized this decentralized finance thingy really is.  (Be In Crypto)
  
  Alexa wouldn't talk to you, Kindles couldn't kindle, Roombas couldn't roomb, and Ring video doorbells couldn't burn down your house.  (The Verge)
  
  Within Amazon, not a creature was stirring, not even a wireless mouse.  (Business Insider)
  
  AWS is not just a product, it's Amazon's own computer system.  With that down, the storefront went down, and all the inventory and logistics services went with it.  Delivery drivers were paid and sent home because there was nothing they could do - there's no paper trail for this, not at Amazon's scale.
  
  Instacart, Venmo, CashApp, Roku, McDonald's app and automated kiosks, Tinder, and Delta Air Lines all went off the air.  (USA Today)
  
  We only have one direct AWS dependency at work, and that's at US-West-2 a thousand miles away, but it went down for six hours anyway.
  
  We have quite a few indirect dependencies, though, so my day was spent cleaning up after all of those services failed.
  
  
  
  There is no cloud, there's just someone else's computer, and it's down.
  
  
  
• Oh, QNAP.  Not again.  (Tom's Hardware)
  
  Do not under any circumstances attach your network-attached storage to a network.
  
  
  
• Western Digital's Blue SN570 is pretty good and pretty cheap.  (Tom's Hardware)
  
  It's a DRAMless TLC drive, which is a viable option if you're on a budget and not running Oracle databases.  But if you look around you'll likely find the Samsung 970 EVO for only about 10% more, and it's worth the 10%.
  
  
  
• Leaked benchmarks of AMD's new laptop chips puts the graphics performance just short of a GTX 1650.  (WCCFTech)
  
  Which is to day, pretty darn good for integrated graphics, more than double the performance of the current generation.
  
  
  
• Notepad now has a dark mode.  (Thurrott.com)
  
  Its mother insists it's just a phase.
  
  
  
• DARPA-funded researchers did not accidentally create the world's first warp bubble.  (The Debrief)
  
  The article is horseshit.

  "To be clear, our finding is not a warp bubble analog, it is a real, albeit humble and tiny, warp bubble,” White toldThe Debrief, quickly dispensing with the notion that this is anything other than the creation of an actual, real-world warp bubble. "Hence the significance.”

  Yeah.  Funnily enough, the actual published research paper - of which White himself is the lead author - says nothing of the sort.  It's full of words like "intriguing" and "correlation" and starkly short on "actual real-world warp bubbles".

Posted by: Rick C at Thursday, December 09 2021 12:24 AM (Z0GF0)

Posted by: Rick C at Thursday, December 09 2021 12:30 AM (Z0GF0)

Posted by: normal at Thursday, December 09 2021 12:46 AM (LADmw)

Posted by: Rick C at Thursday, December 09 2021 01:09 AM (Z0GF0)

Posted by: Pixy Misa at Thursday, December 09 2021 03:06 AM (PiXy!)

Posted by: Rick C at Thursday, December 09 2021 03:26 AM (Z0GF0)

Posted by: Pixy Misa at Thursday, December 09 2021 03:54 AM (PiXy!)

Posted by: Rick C at Thursday, December 09 2021 06:21 AM (Z0GF0)

Hide Comments | Add Comment

• With the new software lab buildout I'm going to end up with eight computers on my desk - half laptops and half NUCs, so they don't take up much room.  And it's a big desk.  Huge actually, it's made from the oak floorboards of an old wool warehouse and weighs about three thousand pounds.
  
  Anyway, with three or possibly four monitors each with four inputs, there'll be no problem plugging everything in to a display.  But then there's sound.  What I want is all of those systems wired up to a single good speaker system, so it doesn't matter what the sound source is, it comes through loud and clear.
  
  I could use a Behringer mixer; they're easy to find and reasonably priced.  But they are mono, and designed for XLR or at best 1/4" phone jacks, so for each 1/8" stereo input I'd need a cable to convert to it two 1/4" mono plugs, which again, easy to get, but having eight of those plugged into a 16 channel mixer seems like overkill.
  
  If only there were something small, cheap, and purposed-designed to take five 1/8" stereo inputs, provide suitable fader, gain, and balance controls, and deliver three 1/8" outputs at line, speaker, and headphone levels respectively and maybe - stop me if I'm dreaming - have a special cable to loop multiple units together like the Maker Hart Loop Mixer (Amazon) oh wait that's just what I need hang on (clicking noises) right that should arrive next week.
  
  
  
• Included in my lab shopping list is regrettably a MacBook Air because I will need to test some things on a Mac.  Plan is - with all four notebooks - that they will sit on a shelf while plugged in to two 27" monitors each, and rarely actually move.  They're laptops in potentia.
  
  That's fine with Windows.  Do it all the time.  Scaling support isn't perfect but it works.
  
  On an M1 Mac though if you venture outside standard 4k resolution the results are likely to be poop which is odd because Apple doesn't make a computer with a 4k screen.  (The Register)
  
  MacBook Air is 2560x1600; MacBook Pro 14" and 16" are 3024x1964 and 3456x2234 respectively; the 24" iMac is 4480x2420 and the 27" 5120x2880; and the Pro Display You Can't Afford It Edition is 6016x3384.
  
  So it's kind of curious why M1 Macs only give reliable results on third-party monitors if they run natively at 4k.
  
  But credit to Apple for creating new opportunities for independent software developers fixing their shitty operating system.
  
  
  
• The jelly beans arrived too.  Amazon still won't let me order more, even though they're in stock.
  
  Were they really worth the wait?
  
  ...
  
  Yeah, actually.  These are pretty good.
  
  
  

Tech News

• Imagination has announced its Catapult range of RISC-V cores.  (AnandTech)
  
  Are they any good?
  
  No.
  
  
  
• AMD is following up its weird 4700S desktop kit thing with the new 4800S.  (Tom's Hardware)
  
  These use recycled PlayStation 5 chips, which are AMD CPUs with AMD graphics built in.  If the graphics component doesn't work - there's some built in redundancy, but if there are too many microscopic defects on that particular sliver of silicon - Sony can't use it, but it is still a perfectly functional 8 core CPU.
  
  The 4700S gave these damaged chips new purpose in life.  Unfortunately it kind of sucked.  The integrated graphics were disabled, and it only had a PCIe 2.0 x4 interface for a graphics card, which severely restricted performance.  This new board upgrades that to PCIe 4.0 x4, which is four times as fast and faster than the interface on external Thunderbolt graphics cards.
  
  Still seems slightly pointless but we'll see how it goes when it arrives.
  
  
  
• AMD, Intel, and Nvidia will be giving their CES keynotes on January 4.  (WCCFTech)
  
  I expect my brand new laptops to be immediately obsoleted.  Hell, one of them was dropped from Dell's product line the day it arrived.  
  
  But I wanted that specific configuration; having see the leaks of Intel's new laptop CPUs I don't think they're going to work better for my use case, which as I said is more of a shelftop.
  
  
  
• Fastly (a CDN) says Cloudflare (another CDN) is lying about its relative performance in edge computing.  (Fastly)
  
  Some of their points are quibbles, but some of them seem valid, like the fact that Cloudflare compared their own platform against a beta product using a free trial and a compute workload that involved no computation.
  
  
  
• YouTube's ContentID system has an abuse rate 40 times higher than other copyright claim mechanisms, according to a study performed by, uh, YouTube.  (ZDNet)
  
  So, YouTube, maybe you could, I don't know, stop doing that?
  
  
  
• The Australian federal government is building a "data tool" for tracking labour market needs.  (ZDNet)
  
  By which they mean job roles going unfilled because there ain't no-one to fill them.

  The demand for digital skills is widespread, but computing skills are what will become a major need, according to the government.

  Thank you and welcome to 1968.
  
  
  
  
• Crypto trading platform BitMart lost $200 million.  (ZDNet)
  
  Oops.
  
  
  
• Decentralised finance platform Badger lost $120 million.  (ZDNet)
  
  Oops.
  
  I mean, thanks for so thoroughly validating my concerns with smart contracts, but you can stop now.
  
  
  
• Nuh-uh says MongoDB.  (The Register)
  
  Amazon has a MongoDB-compatible database called DocumentDB.  Rather than taking the sane approach and building on the last open-source release of MongoDB, they added an interface layer to PostgreSQL which, um, should at least be entertaining.

  "It is not MongoDB compatible," Porter said. "That is an untruth… it is 34 per cent compatible, through our tests. Most importantly, for our users and our customers, it is not compatible in all the ways that make MongoDB magical.

  "There's no aggregation, there's no change streams, there's not as many languages; it is a 'Frankenbase', there is no other word for it.

  On the other hand, it doesn't create duplicate keys in unique indexes and irrecoverably lose your data the way MongoDB releases 5.0.0, 5.0.1, and 5.0.2 all did.
  

Posted by: normal at Wednesday, December 08 2021 02:24 AM (LADmw)

Posted by: PatBuckman at Wednesday, December 08 2021 09:34 AM (r9O5h)

Hide Comments | Add Comment

Posted by: Rick C at Tuesday, December 07 2021 12:34 AM (Z0GF0)

Posted by: normal at Tuesday, December 07 2021 02:54 AM (LADmw)

Posted by: Rick C at Tuesday, December 07 2021 03:03 AM (Z0GF0)

Posted by: Wonderduck at Tuesday, December 07 2021 07:12 AM (bHHXR)

Posted by: Pixy Misa at Tuesday, December 07 2021 07:35 AM (PiXy!)

Posted by: wheels at Wednesday, December 08 2021 12:00 PM (RM7ch)

Hide Comments | Add Comment

• "I'm going to need your smallest violin."
  "This is the Stradicaster 50000.  Each one is hand-crafted by an ancient order of Bolivian nuns from a single neutrino.  Only three of its kind exist, and nobody knows where the other two are.  The price is-"
  "I'll take it."
  
  Right-wing activists are openly 'weaponizing' Twitter's new private media policy. (CNN Business)
  
  You'd have to have a heart of basalt not to collapse in a fit of giggles.  Twitter's latest attempt to curtail unapproved speech has backfired because it turns out - as everybody except apparently the room-temperature IQ goldfish running Twitter immediately realised - that the new policy banning the sharing of photos, even those taken at public events, without the explicit consent of everyone depicted therein directly targets the most popular pastime of Twitter's own core audience of rabid Maoist lunatics, which is to say, doxxing and destroying the lives of everyone with whom they disagree.
  
  Twitter thought they were targeting conservative pushback against violent left-wing nutcases, but what the rule actually says is that nobody can post photos of people without their consent.
  
  So everyone to the right of Kropotkin has started reporting the offenders en masse and they're getting them banned.

  In January, Samuel Braslow was covering an anti-mask protest at a Los Angeles mall for the Beverly Hills Courier, the 56-year-old local newspaper where he is a staff reporter.  During the public event, Braslow tweeted a video of a standoff between anti-maskers and a mall official — a common practice in the age of digital reporting.
  
  Braslow couldn't have known that, this week, someone would file a report about that same photojournalism and cause Twitter to lock down his account.  The complaint led to Braslow being unable to tweet until he either successfully appealed the report or deleted the old tweets.  He was stuck.

  Ahahahahahaha.

  "The videos in [my] post clearly represent newsworthy content, as they subsequently were picked up for broadcast by multiple affiliate stations and national outlets," said Braslow, who has previously appeared on CNN discussing his coverage of anti-vaccine rallies.

  Let me see where Twitter's policy has an exemption for newsworthiness....
  
  Oh wait, it doesn't, because the entire point of this policy is to shut down free speech.

  The rapidly unfolding campaign highlights how a tool intended to help protect vulnerable individuals has quickly evolved to help shield others from the scrutiny that might stem from their public actions.

  Funny how nobody predicted that this is exactly what would happen.  Oh wait.

  "It's really important to view the current mass-reporting actions by the far right as just the latest salvo in an ongoing, concerted effort to memory-hole evidence of their crimes," said Chad Loder, an anti-fascist activist* who said they use their Twitter account to document examples of far-right extremism and police misconduct.

  Translator's note: "Anti-fascist activist" means fascist.

  On Thursday, Loder said they were trapped in an "endless cycle" of reports, account locks and appeals as one of their tweets was reported under the policy, restored by Twitter following an appeal, and then reported again on the same day, resulting in another temporary suspension linked to the same tweet.

  I am so upset by this that I have the hiccups.

  The speed, scale and enthusiasm with which some groups have invoked the policy — along with numerous enforcement errors — have prompted some experts to conclude that Twitter's policy is backfiring.

  Where would we be without experts?
  
  Probably Alpha Centauri.
  
  Even that idiot Popehat is weighing in:

  It's impossible they didn't know this would happen, and it's inexplicable they didn't plan for it.

  No, Ken, that's easy to explain.  They're morons.
  
  
  

Tech News

• Apple's M1 Max CPU has a secret interconnect bus. (Tom's Hardware)
  
  And when I say secret, not only did Apple fail to mention it, they edited the published die photos to hide it.
  
  
  Not until someone sacrificed an expensive MacBook Pro and took their own die photos was this discovered.
  
  There are rumours that Apple is working on 20 core and 40 core Arm CPUs to replace Intel in their high-end systems, and now we know exactly how they plan to do that.  The M1 Max is a 10 core chip, so two or four of those connected together will produce the rumoured high-end parts.
  
  AMD has been doing this for years - the 32 core Epyc server processors released in 2017 were simply four 8 core desktop chips wired together using the built-in interconnect.
  
  AMD has also done the secret feature trick more recently - apparently all Zen 3 chips shipped in the past year have the circuitry needed for the expanded cache in the recently announced high-end Milan-X server chips.
  
  It costs a lot of money to design a new chip and prepare it for production, so if you can bundle in a feature that you're not going to need for a year without delaying anything else, that can make commercial sense.
  
  It's likely that the interconnect, while present, isn't 100% functional yet, and there will be either a respin or a whole new version before the high-end multi-die processors can ship.  But in the meantime Apple has an unlimited supply of test units.
  
  
  
• ActiLizzard management are not nice people. (WCCFTech)
  
  "I am shocked, shocked, to find bad behaviour going on in the gaming industry."
  "Your underaged Belorussian sex slave sir."
  "Oh, thank you very much."
  
  
  
• Windows 11 now lets you set a default browser. (Bleeping Computer)
  
  In earlier releases you had to track down at least four separate settings.

  "Through the Windows Insider Program you will continue to see us try new things based on customer feedback and testing.  Most of them will be complete shit because ninety percent of our UX team is on meth, but what are you gonna do?  No, seriously, what are we gonna do?  These idiots are killing me."

  
  
  
• A hermaphroditic cannibal has washed up dead on a beach near San Diego. (MSN)
  
  Hrm.
  
  Oh, fish.  A hermaphroditic cannibal fish has washed up dead on a beach near San Diego.
  
  That's normal.
  
  
  
• Python library of the day is LocalStack, which provides a local test version of AWS. (GitHub)
  
  Without the Amazon part.  Install it on your own hardware or hosted server and spin up whichever services you need.
  
  The free version doesn't support every single AWS feature, but it goes a long way:
  
  
• ACM
• API Gateway
• CloudFormation
• CloudWatch
• CloudWatch Logs
• DynamoDB
• DynamoDB Streams
• EC2
• Elasticsearch Service
• EventBridge (CloudWatch Events)
• Firehose
• IAM
• Kinesis
• KMS
• Lambda
• Redshift
• Route53
• S3
• SecretsManager
• SES
• SNS
• SQS
• SSM
• StepFunctions
• STS

There's a paid version for €20 per month per developer that has even more features, but that's kind of a problem.  What happens to the software running on my own server if I stop paying the monthly license fee?

The answer seems to be, don't do that.  Inviting as it might be, this is for testing not for persistent data.  Even the paid version has only a very basic persistence mechanism.  The free version uses a replay log to restore the state - if you reboot it starts with a blank slate and just runs every API call you've send since you last explicitly reset the data.

What If Everything Were Spiders?

No people. No language. No war. Only spiders.

We communicate through sensation alone, touch, smell, taste. Feeling with our eight long legs. Beady black eyes look out, only to see a swarm of our brothers and sisters. They look back. We click. We scamper.

No air. No sea. No land. Only spiders.

We crawl over the bodies of one another. Suffocate against one another. A dark, writhing mass. We eat one another for sustenance. We lay our eggs in the carcasses of the deceased. Life and death cycle as it can, the living spring from the dead to have their turn. We breed. We rot.

No heat. No time. No space. Only spiders.

Were a wayward, miraculous human scientist to somehow observe us, it could be speculated that our atoms and molecules resemble the mass of our whole selves. Were a wayward, miraculous human scientist to somehow speculate on our universe, the shape of it could be thought to have a large abdomen, and eight scampering legs. We are, everything is spiders.

A Long Walk Down a Windy Beach Video of the Day

Party Like It's 1979 Video of the Day

Posted by: normal at Monday, December 06 2021 01:38 AM (obo9H)

Posted by: Rick C at Monday, December 06 2021 02:41 AM (Z0GF0)

Posted by: Rick C at Monday, December 06 2021 02:42 AM (Z0GF0)

Posted by: Rick C at Monday, December 06 2021 02:49 AM (Z0GF0)

Posted by: Rick C at Monday, December 06 2021 02:50 AM (Z0GF0)

Posted by: normal at Monday, December 06 2021 04:27 AM (obo9H)

Posted by: Rick C at Monday, December 06 2021 05:30 AM (Z0GF0)

Posted by: PatBuckman at Monday, December 06 2021 06:29 AM (r9O5h)

Posted by: Pixy Misa at Monday, December 06 2021 08:44 AM (PiXy!)

Posted by: Pixy Misa at Monday, December 06 2021 08:50 AM (PiXy!)

Posted by: normal at Monday, December 06 2021 08:58 AM (obo9H)

Posted by: PatBuckman at Monday, December 06 2021 10:00 AM (r9O5h)

Posted by: Pixy Misa at Monday, December 06 2021 10:49 AM (PiXy!)

Posted by: normal at Monday, December 06 2021 12:38 PM (obo9H)

Posted by: cxt217 at Monday, December 06 2021 02:10 PM (MuaLM)

Posted by: Pixy Misa at Monday, December 06 2021 02:24 PM (PiXy!)

Posted by: StargazerA5 at Tuesday, December 07 2021 02:53 AM (j3+MC)

Hide Comments | Add Comment

• This server is beginning to annoy me.  I disabled the audible monitoring alert while I was fixing it from the last crash and forgot to turn it back on, so all I got this time was an email, which is not always sufficient to wake me up despite my hypertrophied site outage senses honed to a microtome edge by nearly two decades of pain.
  
  Server move imminent.  Got three weeks off starting the 18th.  I know I'm going the get interrupted by work stuff and three weeks will turn into two, but that's better than my usual Christmas break which is one week turning into zero.
  
  
  
• I found another source for the perennially out of stock gluten free jelly beans I'm currently waiting on from Amazon.  They're a little more expensive, but only by about 10% if you buy in bulk, and you can buy in bulk, which Amazon won't let me.  They also have jelly babies from the same brand, which I didn't know were sold separately; I've only had them before in their "party mix" which has too much stuff I don't like to be worth the trouble.
  
  Their site tracks expiry dates of the products and they're all late next year.  So I'm considering buying 12 pounds of candy a month after Halloween.
  
  
  
• We're number one.  Again.  (The Guardian)

  Frequency of being drunk – top 10 countries
  
  1 Australia
  2 Denmark
  3 Finland
  4 US
  5 UK
  6 Canada
  7 Ireland
  8 France
  9 Sweden
  10 Netherlands

  Also of note, Russia is suffering crippling alcohol shortages and New Zealand is lying.
  
  
  
• Apple has started test production on the M3 chip using TSMC's 3nm process.  (WCCFTech)
  
  While that's a rumour and Apple hasn't said anything about it, Apple was TSMC's first customer on 5nm and 7nm, so it's implausible that Apple hasn't already started testing on the new production node. 
  
  The details of the rumour are that there will be M2 chips in between on either 5nm or 4nm.  That's also plausible since it's not expected that 3nm will deliver in volume until early 2023, with a few more months beyond that before products using the chips can reach customers.
  
  
  
  

Tech News

• The new Lego AT-AT model - which is huge and looks just like the ones in The Empire Strikes Back and costs a small fortune - can't be taken apart once assembled.  (Brickset)
  
  Well, it's not entirely impossible; there's a tiny slot in one of the components where if you slip in the point of an X-Acto knife and lever it verrrrry carefuly you can unlock it and tease it all apart again.
  
  Looks like it's inadvertent; it's just that things slide too neatly into place and leave no affordances for disassembly.
  
  
  
• Microsoft has confirmed that it won't leave the mess that is Windows 11 unpatched for the next year.  (Thurrott.com)
  
  Also, if you order Dell's business-grade notebooks, including higher-end Inspirons, they are still perfectly happy to give you Windows 10 Pro.
  
  
  
• Two men have been indicted over a $20 million YouTube Content ID scam.  (TorrentFreak)
  
  The scam is pretty simple: Assert copyright over content you don't own, post claims against YouTube channels you don't run, and steal all the advertising money.
  
  This goes on all the time and YouTube doesn't care.  This particular scam was big enough that it caught the attention of law enforcement, which is also rare.
  
  False DMCA takedown claims can be perjury, but Content ID doesn't require a DMCA takedown claim.  The charges in this case relate to wire fraud and money laundering.
  
  
  
• Alder Lake laptops are on their way.  (Tom's Hardware)
  
  Something worth noting is that these new chips go backwards in terms of full-size cores.  The low-power parts only have two P-cores; the full-size parts have six.  Current 11th-gen laptops have four or eight full-size cores.
  
  
  
• Test results of an early sample of next year's Raptor Lake have popped up on the net.  (Tom's Hardware)
  
  These results - if real - confirm the configuration of 8 P-cores and 16 E-cores.
  
  
  

Party Like It's 1979 Video of the Day