Sunday, March 31
Postprismatic Stress Edition
Top Story
- A little more background on that security disaster that almost was. (Substack)
It looks like it started with "social engineering" - a confidence scam - two years ago, with one person attacking the maintainer of the xz utility and another one offering to help, and then actually helping. That warped over time into slipping more and more suspect code into the package, until they got caught.
It's a bit of an odd one because it took a lot of care and planning but was guaranteed to get caught and removed if it ever went mainstream. So it's not a targeted attack on particular groups, and not subtle enough to pass unnoticed long-term.
If you infect one server you're likely to get away with it, but if you infect every server in the world, there are literally hundreds of honeypot servers set up by security researchers specifically to detect weird stuff like this.
Purely speculation but I'm wondering if this was North Korea rather than China or Russia. It looks like the kind of miscalculation they would make.
Tech News
- Software needs to be more expensive. (Glyph)
There's a well-known XKCD cartoon illustrating that the modern world is utterly dependent on some random bit of code maintained by one guy in Nebraska since 2003.
Not specifically true, but true in general; we nearly had a global disaster with a small but useful library called xz because the maintainer wasn't getting paid anything despite the code being used on hundreds of millions of computers. (If it's included in iOS or Android, which it probably is, billions.)
The solution proposed here is to make it easy to pay these people.
- Meanwhile AT&T is resetting customer passcodes after millions of customers' account details were leaked... In 2019. (Tech Crunch)
Or possibly earlier. AT&T doesn't know or isn't saying. But yeah, the data has been out there for five years and they're responding now.
- The world needs more gadgets like this (checks notes) overpriced underwhelming 27" 1080p monitor in a briefcase. (The Verge)
The world needs fewer websites like The Verge. If that leaves me with nobody to mock, so be it.
- Banning TikTok could harm blah blah blah. (Tech Crunch)
Don't care, didn't ask.
Sasaki and Peeps Opening Credits Video of the Day
Posted by: Pixy Misa at
05:02 PM
| Comments (3)
| Add Comment
| Trackbacks (Suck)
Post contains 474 words, total size 4 kb.
Saturday, March 30
Prism Project - under the Sony Music umbrella for the past 18 months - will be closing its doors tomorrow, and today is the last day any of the Prism talents will be streaming.
It's been a huge day. Prism is focused on music which is why Sony was interested in them in the first place, but they don't normally deliver eight new original songs and covers per day.
Here's... Here's Jinn, the mascot of Sara Nagare, and his kids Shane, Bazza, Dave-O, and Jules, covering The Angels' Am I Ever Gonna See Your Face Again.
Best version of the song. Sara along with her colleagues Non Anon and Naki Kamizuki are providing the traditional crowd response.
Really.
The exceptions are Kou Tsubame from Gen 5 who will be stepping back from streaming, although her channel will stay up and she'll still be in contact with the rest of the talents, and Naki Kamizuki from Gen 4 who will move away from regular vtubing and pursue other creative forms instead.
From now on if you need to find them, Gen 1 is Cosmia, Gen 3 is Requiem, and Gen 4 is Ever After. They're working on a new name for the whole group since they can't use "Prism" and they are all planning to continue working together.
Posted by: Pixy Misa at
07:05 PM
| Comments (4)
| Add Comment
| Trackbacks (Suck)
Post contains 292 words, total size 2 kb.
Almost Oops Edition
Tech News
- The man who saved the world: Andres Freund noticed that SSH logins - used by every server in the world - were taking half a second longer than they should. (Ars Technica)
He was curious so he poked at it a bit and found the equivalent of the demon core being added for free to every school lunch in the world.
In essence, had this been done with more care and not caught before it was added to production releases of Linux, a state actor - this is almost certainly the work of some place like China or North Korea - could have had access to everything, everywhere.
You might be at AWS and have all your services behind a VPN, but that wouldn't help you at all because they'd just need to hack AWS first.
All the development for this hack was done in public, either by a developer who spent a lot of time building up trust by writing useful code, or by hacking that developer's GitHub account.
Expect GitHub to force 2FA on all users in short order, even if that wouldn't have prevented this incident. Every warning sign has a story behind it, and Andres is the Harry Daghlian and Louis Slotin of the age, except that he didn't die of radiation poisoning.
- However, some not-really-production releases of Linux were impacted. (CyberKendra)
Fedora Rawhide and Kali Linux were affected for the past three days. Arch Linux has been affected for five weeks, and Debian's unstable release seems to be the worst hit, with the new packages added eight weeks ago.
Fedora 40 Beta might be affected if you set up the test library versions as well as the regular beta libraries.
AWS Linux is not affected, nor are stable releases like Ubuntu LTS or RedHat Enterprise Linux.
Tech News
- Microsoft and OpenAI are planning to build a $115 billion supercomputer with the goal of answering all the world's questions... Incorrectly. (Tom's Hardware)
I can do that for half as much.
- And I'm pretty sure that New York spent less than $115 billion on its useless lying chatbot. (Ars Technica)
It might be difficult, but owners can still evict tenants who refuse to pay their rent.
Which means that both parties can sue the city for providing false legal advice.
- AMD's upcoming Zen 5 chips could be over 40% faster than Zen 4. (WCCFTech)
That's a lot, but AMD's progress over the past five generations has been impressive, ]with single-core Passmark scores climbing from 1600 on the last mainstream core before Zen to 4300 with the Zen 4 based 7950X, an average of 28% improvement across four generational upgrades.
And Zen 1 was nearly 40% faster than its predecessor on single-threaded tasks, and 140% faster on multi-threaded.
- Barnes and Noble is dropping support for its Nook tablets... For models more than ten years old. (Liliputing)
If you have the original Nook Color from 2010 and you're still using it, well, first congratulations on not dropping it in all that time, and second, it will keep right on working for all the content you have bought and downloaded. You won't be able to buy new content on that device, and you won't be able to download new content directly from B&N, though you can still side-load files and read them.
14 years of support is pretty decent; that's about the rate at which Apple completely changes hardware platforms.
- The top model of the new Minisforum V3 tablet costs under $1000... In China. (Liliputing)
This might be the perfect replacement for my late, lamented HP Envy X2 tablets, which expired from terminal battery bloat a couple of years ago without me ever having much time to use them.
The top-of-the-line V3 has a 2560x1600 165Hz 14" screen with 100% DCI-P3 and 500 nits max brightness, a Ryzen 8845H CPU, 32GB of RAM, and a 2TB SSD. Actually it lists an M2 2280 SSD, so if you're brave enough to open it up you can expand it to 8TB.
Ports include two USB 4 ports (basically Thunderbolt 3), a full size SD card slot, a USB-C port with VLink, and a headphone jack, plus a 2Mpixel front camera and a 5Mpixel rear camera.
Apart from the screen (which was 3000x2000 on the HP) it's better in every way, as you'd expect after five years.
The CPU is ten times faster than the HP on multi-threaded tasks, and nearly three times faster single-threaded, it has the Four Essential Keys, and that VLink port supports video input - so you could buy two of them, install Linux on one, take both with you, and have a complete dual monitor working environment everywhere you go.
Which I had some idea of doing with those HPs before they ate too many electrons and died.
Posted by: Pixy Misa at
06:00 PM
| Comments (5)
| Add Comment
| Trackbacks (Suck)
Post contains 816 words, total size 7 kb.
Friday, March 29
Griftcoin Edition
Top Story
- With Sam Bankman-Fraud headed to prison for 25 years, the era of blockchain grifters is over, and we are entering the era of blockchain grifters. (Tech Crunch)
And AI grifters as well.
The article tries to paint Bitcoin as something different and better because it is deliberately slow, painful, and expensive to use, but those aren't actually good qualities in a currency. You want something fast, simple, and cheap to use, and merely slow, painful, and expensive to fake, or to steal.
That's hard, and nobody has solved that problem yet.*
Tech News
- FuryGPU is completely open-source - including the hardware - and can run Quake at 60 fps. (Tom's Hardware)
Not the 2021 version; the 1996 version. Which would run on most domestic appliances these days.
- Unless you source your domestic appliances from Russia, where half the CPUs don't work. (Tom's Hardware)
Russia, like China, has been cut off from advanced chip production facilities.
China has its own 14nm production. That's a long way behind TSMC, Intel, or Samsung, but it's not terrible.
Russia is still at 90nm.
- The race to replace Redis. (LWN)
Redis isn't a conventional database, but rather a kind of Swiss army chainsaw for short-term data storage and manipulation. It's extremely useful and justifiably popular and has been included in most Linux distributions for the past decade - and it just stopped being open source.
So the race is on to replace it because otherwise you won't be able to update to new Linux releases without things breaking.
- The race to replace VMWare ESXi. (Serve the Home)
VMWare ESXi was a free, entry-level version of VMWare's enterprise platform, intended for engineers to run on their own computers so that they could experiment with the software and provide better support.
VMWare got bought by Broadcom, which appears determined to kill it.
Proxmox VE can now import and run your VMWare ESXi servers, which solves your problem if you were using it, but does nothing for Broadcom's self-inflicted wounds.
- Oh, outrage. Cloud hosting provider Vultr has hastily removed some wording from its terms of service after users noticed. (The Register)
The legalese was supposed to grant Vultr rights to reproduce your content that you posted to their online support forums, which is normal because you can't run an online forum without that.
But the way it was worded made it look like they could just make off with the data on your servers. Which would be bad.
Posted by: Pixy Misa at
06:00 PM
| No Comments
| Add Comment
| Trackbacks (Suck)
Post contains 438 words, total size 4 kb.
Thursday, March 28
Sleepfirewalking Edition
Top Story
- The governor of Oregon took a break from her busy schedule of - reportedly - day drinking and nervous breakdowns to sign a new right-to-repair bill that is actually good. (Ars Technica)
The legislation bans "parts pairing", where you not only need an exact replacement part, you need the exact replacement part, because all the parts have built-in clique identifiers and won't talk to interlopers.
The rules come in to effect next year, and exempt a few classes of device like medical devices, where there might be an argument for strict controls over repairs, and... Electric toothbrushes.
Tech News
- Amazon is investing another $2.75 billion into AI company Anthropic, developer of Claude. (CNBC)
If you haven't heard of Claude you are not alone, but it is a thing that exists.
- FTX - what's left of it - is selling off most of its stake in Anthropic to raise funds to pay back customers. (Yahoo Finance)
FTX misused customer funds to - among other things - buy a $500 million stake in Anthropic.
That stake is now worth $1.35 billion, and may be the key to FTX customers getting all their money back.
- There's a mod for that.
Untamed Wilds adds 24 new animals to Minecraft, with anything up to 17 species of each animal. (So it counts "Big Cat" as one animal, but it actually includes lions, mountain lions, jaguars, leopards, snow leopards, and tigers.)
Only problem is it also includes camels, giant pandas, and polar bears, which are already in Minecraft, and the config file doesn't let you turn off individual species.
Bad Mobs, though, does. When you load your modpack it automatically generates a config file of all the creatures existing in your game and lets you turn off any of them.
Posted by: Pixy Misa at
05:50 PM
| Comments (1)
| Add Comment
| Trackbacks (Suck)
Post contains 311 words, total size 3 kb.
Wednesday, March 27
Strawberry Fields For Never Edition
Top Story
- Canva, an online design collaboration platform, is buying Affinity, a traditional software development house that creates good applications and sells them to you. (The Verge)
I'm hoping Canva doesn't turn Affinity into a subscription service, because right now you can buy the entire Affinity suite - photo editing, design, and publishing apps for Windows, Mac, and iOS - for around $120.
Not per year; once.
Tech News
- The Lenovo Legion Tab is officially coming to Europe and Asia. (Lenovo)
This month. Better get a move on, because there's not much of this month left.
Downside is that at 599 Euros the price is not much cheaper than importing the Japanese version.
On paper though it's a great device, with a 2560x1600 8.8" screen, 12GB of RAM, and 256GB of storage. CPU is a Snapdragon 8+ Gen 1, which has a Cortex X2 as its main core, so it's both recent and fast.
It includes a microSD slot and two USB-C ports. Either one can be used for charging, so you can charge while it is connected to a monitor or a headphone adapter (no separate headphone port).
I'll buy one since there is no real competition. Not two though, not at that price.
- I did buy the Asus M1505, the cheaper of the two Asus models I've highlighted recently.
Ryzen 7730U CPU (8 Zen 3 CPU cores and 8 Vega graphics cores), 16GB of RAM which I'm upgrading to 40GB, 512GB of SSD which I'm upgrading to 2TB, the Four Essential Keys in the form of a three-column numeric keypad - not ideal but better than not having them, and the standout feature, a 15.6" 2880x1620 120Hz OLED display.
Roughly $1000 as configured.
- If you have Mac Studio envy the FN60G sold by Topton is basically a shrunk-in-the-wash version. (Liliputing)
It's bigger than a regular NUC but still very small; it uses an Intel desktop CPU and a laptop graphics module. No expansion slots apart from memory and storage, so what you buy it with is all you get.
Apart from those two memory slots and two M.2 slots, it has two HDMI ports, two DisplayPort ports, one USB-C port which can also drive a display for up to five monitors in total; two 2.5Gbit network ports, and four USB-A ports on the back. On the front, another two USB-A ports, one USB-C, headphone jack, and a full-size SD card slot. Which is a pretty good complement of ports for a small system.
Prices fully configured start around $1000 and go up to $2000, which is not terrible but you can certainly build a regular PC for the same price.
- No further Minecraft crashes since I disabled the Strawberry Fields in Mystic's Biomes. Though given the number of new biomes in the modpack (over 200) and the number I've seen during testing (maybe 30) there could be something still lurking.
It's not entirely happy running in the default 4GB heap, but it certainly runs smoothly with 16GB of RAM, which my original efforts didn't.
If I don't trip over anything else I'll publish it to Curseforge this weekend.
Posted by: Pixy Misa at
05:36 PM
| Comments (1)
| Add Comment
| Trackbacks (Suck)
Post contains 541 words, total size 4 kb.
Tuesday, March 26
Also, now I seem to have a schrödinbug.
The current "full" version of the modpack now runs in the default 4GB heap, though I suspect it might run into trouble in more complex regions, since it's hovering around 3.5GB.
Posted by: Pixy Misa at
10:33 PM
| Comments (6)
| Add Comment
| Trackbacks (Suck)
Post contains 180 words, total size 1 kb.
Chalkled Edition
Top Story
- Europe is investigating Apple for its malicious compliance with the new Digital Markets Act. (The Register)
And Google.
And Facebook.
Do all three companies lie and cheat and steal? Sure.
Are they all woke beyond possibility of redemption? Well, Google certainly is. Apple while woke as hell notably produces genuinely well-engineered hardware on a regular schedule.
Do they suck less than the European government even after granting all of that? Absolutely.
Tech News
- Federation is the future of social media, says federated social media CEO. (The Verge)
We had that.
It was called Usenet.
- iOS 18 is to set to deliver new customisation features, bringing it into parity with, uh, Android 6.0. (9to5Mac)
On the other hand, 6.0 was the last Android update worth caring about.
- Criminals can't do crimes, that's illegal, explains... Don Lemon. (The Verge)
It's obvious that the writer of this piece knows she's lying, knows Don Lemon is an imbecile, and knows that Elon Musk is right about everything, but it's either this or writing two game guides a week for Kotaku.
- Speaking of Kotaku, the editor-in-chief of the alleged gaming news site resigned after being told by the site owners to write about gaming news. (Games Industry)
Kotaku's wokeness is to Google as red fuming nitric acid is to balsamic vinegar.
- Land near nuclear power plants is seeing a rise in value as AI datacenters seek cheap and reliably power which renewables ain't. (The Register)
I for one welcome our new glow-in-the-dark robot overlords.
Posted by: Pixy Misa at
05:39 PM
| Comments (1)
| Add Comment
| Trackbacks (Suck)
Post contains 267 words, total size 3 kb.
Monday, March 25
Quick one today because I'm a brown paper package tied up with string.
Tech News
- Apple's M4 CPUs could appear as soon as Q1 of next year. (WCCFTech)
Which is not all that soon, come to think of it. By then it will be competing with AMD's Zen 5, Qualcomm's X Elite series, and Intel's Apollo Lake and Lunar Lake ranges.
- That didn't take long: Redict is a fork of Redis that makes it free again. (Redict)
Redis Labs recently changed to license of Redis so that while source code is available it comes with restrictions on use.
Redict takes the last unrestricted version and keeps it unrestricted, meaning that the original Redis is basically dead.
- Emergent abilities in LLMs - where as an LLM grows it suddenly gains new abilities - are nothing but a measurement error. (Quanta)
LLMs don't know how to do arithmetic. The more data you shove into them, the better they become at guessing, that's all.
If you test them and give anything less than 100% a failing grade, the ability to do arithmetic suddenly appears out of nowhere. But the same thing would happen if you did that with children.
- The Chinese government has banned the Chines government from using Intel and AMD CPUs. (WCCFTech)
Their loss.
It does serve to give the Chinese CPU makers a guaranteed market for their products, which are not great but are basically adequate.
- As part of an investigation, the FBI posted videos publicly to YouTube, sent the links to the suspects, and then demanded Google hand over all details of the accounts of anyone who watched the videos. (Mashable)
The judge not only allowed it, but required Google to keep silent about it.
This is what warrant canaries are for. Unfortunately those are as dead as the passenger pigeon.
- Got a notice that my Myth Mascot plushies were about to ship, and it reminded me to check if the re-release of the original Myth plushies was still in stock. When they first came out, the world was still in Wuhan Bat Soup Death Plague mode and they weren't shipping to Australia.
They were.
I bought them.
- Got my Minecraft modpack trimmed down to the point where it runs smoothly with the default memory settings, and is perfectly happy on my 16GB laptop.
That involved getting rid of some of the less-vanilla stuff, but I think the feel of this version is much better.
I'd like to add Critters and Companions, which will apparently be released for 1.20.1 very soon. Other than that it's pretty solid.
Posted by: Pixy Misa at
05:52 PM
| Comments (2)
| Add Comment
| Trackbacks (Suck)
Post contains 444 words, total size 4 kb.
Sunday, March 24
Lone Pine Mall Edition
Top Story
- The global economy runs through a single road in Spruce Pine, North Carolina. (Tom's Hardware)
That road leads to a mine producing the purest quartz in the world, and the factory that processes it. There is no naturally occurring substitute.
The quartz is used to create crucibles which are used to produced silicon wafers, which are in turn sliced and cooked and dice to produce computer chips.
It is possible to make the quartz synthetically; we just don't right now because there's an enormous pile of it sitting underground in this one spot. But it would be a few difficult years if anything happened there.
Tech News
- This seems like a bad idea: EVGA changed the connector layout of its GQ 1000W power supply without changing the model number. (Tom's Hardware)
If you buy a new one the cables have changed too, and everything works.
If you have one already, and it's faulty and is replaced under warranty, then congratulations! Your existing cables will plug in just fine and deliver 12V on the 5V line to all your disk drives.
- The CEO and founder of Stability AI - creator of Stable Diffusion - has resigned. (Tech Crunch)
The official announcement doesn't say much and neither do his own tweets, but reading between the lines it seems he's pushing hard for actual open source solutions and the company's investors want bullshit that makes money like ChatGPT.
Doubly interesting in that he apparently owns a controlling interest in Stability AI. This is the same kind of conflict that recently roiled OpenAI, and led to Elon Musk's pending lawsuit against that company.
Posted by: Pixy Misa at
06:02 PM
| Comments (2)
| Add Comment
| Trackbacks (Suck)
Post contains 294 words, total size 3 kb.
59 queries taking 0.2347 seconds, 389 records returned.
Powered by Minx 1.1.6c-pink.