Thursday, September 30
- 96% of third-party containers deployed to the cloud contain known vulnerabilities. (ZDNet)
And 63% of code used to deploy cloud solutions is also insecure.
Basically if you follow the latest standards and best practices in deploying a containerised cloud solution, you're fucked.
I use containers - both the old and new servers are containerised - but for isolation, not for deployment. And I certainly don't use third-party containers for production (and rarely even for development).
Docker... Basically sucks.
- U.S. needs to work with Europe to slow Chinaâ€™s innovation rate, says Commerce Secretary Raimondo. (CNBC)
That headline struck me as still more paid propaganda for China from the mainstream press, but that's unusual for CNBC. It's actually a direct quote:
If we really want to slow down Chinaâ€™s rate of innovation, we need to work with Europe. ... We have to work with our European allies to deny China the most advanced technology so that they canâ€™t catch up in critical areas like semiconductors. ... We want to work with Europe, to write the rules of the road for technology, whether itâ€™s TikTok or artificial intelligence or cyber.That doesn't mean it's not paid propaganda; it's just not CNBC getting paid off.
- Phison has shown a new PCIe 5 SSD controller for both server and client devices. (Tom's Hardware)
Toshiba already showed off controllers for server SSDs, but the client models are new.
These will support transfer rates up to 14GB per second. Which is a lot.
- The users are always wrong. (UTK)
But so are the programmers, and so are the managers. The secret to success is to never try to do anything.
- Russia has arrested the head of a cybersecurity company on charges of high treason. (Bleeping Computer)
Because he wouldn't roll over for the intelligence agencies running the ransomware gangs.
- Digital pickpocketing the Apple Pay way. (Bleeping Computer)
Hackers can spend unlimited amounts on your Visa card from a locked iPhone without the phone ever leaving your pocket. Apparently does not work with Mastercard or with Android devices.
Researchers notified Apple of this a year ago.
- An entirely different attack has been making the rounds on Android. (Bleeping Computer)
Malware embedded in at least 200 apps on the Play Store has been signing people up to unwanted paid subscriptions. The apps have been removed but that doesn't mean the subscriptions have been cancelled, and it certainly doesn't mean anyone is getting their money back.
Wednesday, September 29
Floor To Ceiling Maintenance Windows Edition
- Dude, where's my stuff? (JP Morgan)
Why absolutely everything is out of stock absolutely everywhere.
Which goes double for Australia.
- So that's where the 3000x2000 displays have gone. (AnandTech)
The Huawei MateBook X Pro has a 3000x2000 display. On the other hand it doesn't even make an attempt at the Four Essential Keys - there aren't even labels overlaid on the cursor keys, has no storage options, and while it does have a touch screen it doesn't have the stylus that would make that display truly useful.
Kind of meh. Also made by slave labour for the PLA.
- The WD Red SN700 is an M.2 NVMe SSD intended for caching duty in NAS boxes. (Anandtech)
That means it's designed for consistent performance and durability rather than the absolute peak throughput or the lowest possible price. And it's available in capacities up to 4TB, which is currently an under-served category. (I'm about to buy one, and the available models are not cheap.)
- Twitter fell over. (Bleeping Computer)
And less than nothing of value was lost.
My sixth appeal of my most recent ban is pending now.
- Microsoft's two-factor authentication for Office 365 fell over. (Bleeping Computer)
And it failed safe, so that... Wait, what?
This issue could potentially affect any user if they leverage MFA and either Network Policy Server (NPS) or Active Directory Federation Services (ADFS) to access Microsoft 365 services. This issue only affect on-premises users, and cloud hosted users are not affected.Their cloud service failed in such a way as to only affect those not using their cloud service.
- Apple updated iWorks. (Thurrott.com)
And it's not a subscription. But you have to buy a Mac, which is worse.
- Six reasons to replace your Surface Pro 7 with a Surface Pro 8. (ZDNet)
It's one louder.
- Install Windows 11 on a potato. (Bleeping Computer)
The Universal MediaCreationTool can now create install files for Windows 11. You still need an activation key, but otherwise it will install regardless of whether your computer meets all of Microsoft's strict compatibility rules, or indeed any of them.
- Microsoft is rushing to fix a bug that leaks Exchange Server login credentials. (Bleeping Computer)
A bug they've known about since 2017.
- Jelly much? (9to5Mac)
The new iPad Mini 6 suffers from visible jelly scrolling. Apple says this is entirely normal and totally not an issue because, and I quote, fuck you that's why.
The actual cause is that the iPad Mini, a small tablet that will mostly be used to read content in portrait mode, has a screen that is natively in landscape mode. Jelly scrolling - there's video at the link - appears mostly when you rotate a display so that it's refreshing on one axis and scrolling in the other. It is to some degree unavoidable if you turn your device sideways.
Apple saves you the trouble by delivering the device sideways out of the box.
- RemObjects Elements for personal use is available for $199 per year. (Elements)
It supports Object Pascal, C#, Basic, Swift, Java, and Go, and compiles to .NET, iOS, Android, WebAssembly, JVM, and native binaries for Windows, Mac, and Linux - including the Raspberry Pi.
Tuesday, September 28
Way Worse Edition
- Facebook has abandoned the idea of Instagram for Kids after everyone in the Universe, and many people from nearby universes, told them what a terrible idea it was. (Hot Hardware)
The planned app was to target children under 13. You do have to wonder where these people come from and how small their bubbles are that they even contemplated this.
They say that YouTube and TikTok have versions for children, but YouTube has - always has had - content for children, and TikTok is an internationally designated relativistic black hole targeting zone.
- For just $3 you can strangle AMP at its source. (Apple)
This is a Safari extension for iOS that finds Google AMP links and converts them to take you to the original content instead.
- The problem with the blockchain is the blockchain. (The Block Crypto)
Oops. Accidentally spent $22 million in transaction fees to transfer $100k.
- The problem with North Korea is North Korea. (Bleeping Computer)
If you try to travel secretly to North Korea, people will notice and assume you are up to no good - particularly when you are up to no good.
- This is impossible. What mistake are you making? (Quanta)
The discovery of a double charm tetraquark was met with appropriate levels of skepticism, but seems to check out. Unlike those faster-than-light neutrinos that were all down to a faulty cable.
- Sydney is fully exiting lockdown December 1.
No vaccine mandates, no vaccine passports, no intrastate travel restrictions.
The past couple of months have still been appallingly authoritarian and a huge overreaction, but they at least had the sense to back off before it blew up in their faces. Assuming they actually follow through. We'll see.
Melbourne continues to spiral into the abyss.
- The FCC is setting up a $1.9 billion fund to rip Chinese spy equipment out of US communications networks. (ZDNet)
Larger telcos can't access the funds, but smaller carriers, schools, libraries, and other organisations providing internet access are eligible.
This is not the worst way to spend public funds.
Monday, September 27
Vtubers Channeling Donald Trump Edition
- Chipmakers to carmakers: Get out of the Stone Age. (Fortune)
Carmakers to chipmakers: Your old chips actually fucking worked. Well, not worked as such, but failed in documented ways. It takes years to validate a new design, and not taking the time to do that validation could get people killed.
- Why is Elizabeth Holmes facing criminal charges when other tech CEOs aren't? It's because she's a wxmxn, isn't it? (NPR)
Because she's a wxmxn who engaged in fraud that could have killed people, yes.
- A review of AMD's "new" 4700S CPU. (Tom's Hardware)
This is actually a a broken PlayStation 5 chip with the graphics cores disabled. It has up to 16GB of soldered-in GDDR6 memory - much faster than DDR4 - but the PlayStation was never designed to support a separate GPU so it only has 4 lanes of PCIe 2.0, which is kind of crap.
It's an adequate desktop CPU but useless for gaming. But if the price is right and you're not planning to play games it might work fine.
- AMD hit 16% market share on server CPU sales in the last quarter. (WCCFTech)
Up from basically 0% five years ago.
- Forget machine learning, return to inverse FFT. (Revue)
A simpler approach to eliminating Moiré patterns, and one that actually works.
- A raytraced Minecraft clone running on a budget FPGA. (GitHub)
Pretty basic but kind of neat. It's a 16-bit CPU running at 32MHz, but has hardware designed to run the game's graphics and physics.
The Age is outraged at @therealrukshan for reporting without a license.
I blocked you you IT genius. But I can still see your stupid shit in apps that donâ€™t get access to the full API you fucking dipshit motion fuckface Fuckwit.â€” Peter Wells (@peterwells) September 26, 2021
Or they've just gone completely insane. Hard to tell.
Or maybe Iâ€™m just using SorosBot you fucking moron racist fuck stain embarrassment to your parents.â€” Peter Wells (@peterwells) September 26, 2021
Sunday, September 26
Pessimalism Anonymous Edition
- The BBC is bringing back Russell T Davies to revive Doctor Who. (BBC)
Which the BBC themselves killed.
I'm cautiously pessimistic. I don't think it will be good, but I think it might at least return to being watchable.
- Germany's attempts to balance free speech with their national pastime of stamping out all independent thought seems to be floundering. (MSN)
They are shocked that politicians are being criticised:
The aim of our legislative package is to protect all those who are exposed to threats and insults on the internetThey see being rude to those who richly deserve it as a crime to be punished.
Well, I don't live in Germany, so go fuck yourselves you fascist Furbies.
- Which VPN is best for you? (ZDNet)
They give top marks to NordVPN which got hacked two years ago. (Tech Crunch)
Second on the list is ExpressVPN which their own reporting says no-one should touch with a ten-foot pole.
Number three is Surfshark which... I haven't heard anything bad about. I haven't heard much about them at all, which might be a good sign, because when things go bad in the security world that invariably makes the news. Well, the news I follow.
- Hands on with HP's new Pavilion Aero. (Thurrott.com)
I mentioned this one before; it's a 13" laptop with an AMD CPU, a 16:10 2560x1600 display, and the Four Essential Keys. Potentially the best small laptop available right now with Dell's Inspiron 14 7000 no longer available.
Even South Canada Still Has Some Freedom of Speech Video of the Day
A Wisconsin teen sued after being threatened with jail over an Instagram post - and won.
Though Joseph Conrad is a great name for a sheriff.
Saturday, September 25
Update And/Or Smash All The Things Edition
- Update your Chrome browser. (Bleeping Computer)
Update your Exchange server.
Update your VMWare vCenter.
Update your iOS.
Update your IOS. That's Cisco rather than Apple.
Update your SonicWall security devices. Again.
Update your, uh, European Union. Or not, that one's definitely non-critical.
- China has banned cryptocurrencies. (Tom's Hardware)
Well, except for one, controlled by China.
Be interesting to see what happens with video card prices. Hard drive prices are on their way back down after the Chia mining crazes fizzled out, but video cards are in short supply even without the miners.
Anyway, I have an RTX 3060 now - albeit a laptop 3060 - which should do for a while.
- A teenager on TikTok invalidated the garbage research of thousands of garbage scientists. (The Verge)
How it happened is you're lazy and stupid and your research is worthless.
- Your face is not a bar code. (UCLA)
- Your butthole on the other hand... (The Guardian)
- A look at the Asus Zenbook 13. (Hot Hardware)
This one has a Ryzen 5800U, an OLED display covering 100% of DCI-P3, albeit only at 1080p, the four essential keys, two USB-C, one USB-A, HDMI, microSD... No headphone jack and soldered RAM, but oh well.
- Using Nim instead of Python for data processing. (Benjamin D Lee)
Nim is essentially a statically typed and statically compiled Python. I say essentially because the languages are just very similar, not actually compatible.
There is a Python JIT compiler - it's called PyPy and it works very well - and in this case it's already nine times faster than Python, but Nim is three times faster again.
I mean, not relevant to this particular post, it is relevant o the world at large and the frauds in charge.
This is one of my favorite troll responses. These fake Russia stories were The Biggest Thing On Earth, for years, when the crooks behind them still hoped they'd work. Now they just want to get away clean, and people like you say, "Can't you just let it go?" https://t.co/KFvYTksorGâ€” Matt Taibbi (@mtaibbi) September 23, 2021
Read your own tweet: the Beacon originally funded the "research firmâ€ that created the dossier, not the dossier itself. Timeline: Beacon drops Fusion, Perkins Coie hires Fusion, Fusion hires Steele. No one disputes this. Itâ€™s been testified to countless times. https://t.co/xDnRVXTvDgpic.twitter.com/8Z2WvQvPwpâ€” Matt Taibbi (@mtaibbi) September 24, 2021
Every single person who works at the media corporations that spread the CIA lie that the Biden archive was "Russian disinformation" knows they lied to protect Biden.â€” Glenn Greenwald (@ggreenwald) September 24, 2021
But they also know their audience doesn't care if they get caught lying as long as it's for the right Party.
Also, this is literally the objectification of women.
Our new issue is here! On the coverâ€”'Periods on display' and the cultural movement against menstrual shame and #PeriodPoverty.â€” The Lancet (@TheLancet) September 24, 2021
Plus, @WHO air quality guidelines, low #BackPain management, community-acquired bacterial #meningitis, and more. Read: https://t.co/eP1Lx7D116pic.twitter.com/DchfiHnYEs
Yeah, we're back.
57 queries taking 0.1687 seconds, 370 records returned.
Powered by Minx 1.1.6c-pink.