Sponsored Content




Intermarkets' Privacy Policy
Support


Donate to Ace of Spades HQ!



Recent Entries
Absent Friends
Bandersnatch 2024
GnuBreed 2024
Captain Hate 2023
moon_over_vermont 2023
westminsterdogshow 2023
Ann Wilson(Empire1) 2022
Dave In Texas 2022
Jesse in D.C. 2022
OregonMuse 2022
redc1c4 2021
Tami 2021
Chavez the Hugo 2020
Ibguy 2020
Rickl 2019
Joffen 2014
AoSHQ Writers Group
A site for members of the Horde to post their stories seeking beta readers, editing help, brainstorming, and story ideas. Also to share links to potential publishing outlets, writing help sites, and videos posting tips to get published. Contact OrangeEnt for info:
maildrop62 at proton dot me
Cutting The Cord And Email Security
Moron Meet-Ups

NoVaMoMe 2024: 06/08/2024
Arlington, VA
Details to follow


Texas MoMe 2024: 10/18/2024-10/19/2024 Corsicana,TX
Contact Ben Had for info





















« Saturday Overnight Open Thread (12/11/21) | Main | 12/12/21 EMT »
December 12, 2021

Daily Tech News 12 December 2021

Top Story

  • A massive vulnerability in a Java logging library widely used in enterprise software caused utter panic at pretty much every major company in the world. One commenter mentioned being in a Slack channel with three thousand other engineers all working frantically to patch systems.

    How much was the team of developers working to maintain this library being paid?

    If you guessed absolutely nothing you'd be very close. (Christine.website)

    This is obviously unsustainable. Trillion-dollar companies depend on this software and don't even think about contributing towards its upkeep.

    Open source software is supposed to be open. It's not supposed to be free, because nothing is free. If you're not paying for it up front, you'll be paying for it later on by diverting every engineer in your entire organisation for two days while other critical issues go ignored.


  • We're from the government. We're here to help. (CISA)

    The statement from CISA Director Jen Easterly on the Log4j vulnerability reads
    blah blah blah blah blah you should probably patch that blah blah blah.
    Thanks Jen.

    The director of the US Cybersecurity and Infrastructure Security Agency has an MA in politics, philosophy, and economics from Oxford, which qualifies her for the job almost as much as you might think.



Tech News

  • What went wrong?

    Some idiots demanded that a logging library perform magic for them. (Crawshaw)

    And once the magic was put in place, it couldn't be removed because that would break critical software.

    And there wasn't anyone to take the necessary time to push back, deprecate the feature, and eventually remove it, because they weren't getting paid.




  • Cloudflare reports on the vulnerability and their response. (Cloudflare)

    One important point is that they firewall all their servers for both inbound and outbound access. If a server gets compromised but is blocked by default from accessing anything else, the damage is contained.

    With this particular exploit the payload was installed by dialling out to a malicious server, and if that connection was blocked, nothing happened. The server got handed a bottle of poison pills but couldn't get the damn child-proof cap off.


  • Future AMD GPUs could use stacked dies for cache memory and AI accelerators. (WCCFTech)

    Maybe not the 2022 lineup, but this is likely to happen soon, for reasons.


  • The reasons being that Moore's Law is ending - again - in 2028. (LessWrong)

    At the 1.5nm node (which doesn't measure 1.5nm in any dimension but never mind that) planar scaling will likely stop.

    What will happen instead - and the linked article goes into all the details you could possibly want - is that chips will go 3D. Flash storage already has, and it was a revolution. Cell phone chips stack storage and memory on top of the CPU. AMD is stacking cache on top of server CPUs, and Intel is wedging stacks of RAM into their supercomputer CPUs.

    One of the side effects of this is that chips will get cheaper. Fabs - chip factories - are massively expensive, and only remain at the leading edge of technology for a couple of years. If they lasted for twenty years instead of two - and the machines to make the machines for the fabs also lasted twenty years instead of two - prices would come down drastically.


  • I want to see default RED. (Reddit)

    While Amazon's systems were down all over the place - not just at US-East-1 but where the one critical Amazon-based service I look after runs in US-West-2 - their public monitoring systems were reporting everything was fine because the outage prevented the monitoring page from updating.

    Monitoring systems should autonomously go red if they can't update.


  • Intel's new X710-T4L is a massive upgrade. (Serve the Home)

    It's a quad 10Gbase-T card that uses a maximum of 14.2W with all ports running at full speed. The previous model peaked at 28.9W.

    In fact, this model running at 10Gb uses less power than the previous model running at 1Gb. That's a huge improvement because a core delaying factor in the rollout of 10Gb Ethernet has been the power requirements for running it over cheap twisted-pair cable. (It uses less power over specialised cables or fiber, but the pricing is absurd.)

    The new version of the card is also $100 cheaper than the old one at $500.

    It's also out of stock everywhere because everything is.


  • Except the QSW-M2108-2C which does seem to be available albeit in short supply. (QNAP)

    I wanted a 2.5Gb / 10Gb managed switch for my lab buildout, but had planned to settle for an unmanaged model because I couldn't find one that wasn't insanely expensive. This is just what I wanted - 8 x 2.5Gb ports, 2 x 10Gb ports with both RJ45 and SFP+ connectors, and fairly solid management features including link aggregation and VLANs.

    Part of the function of the software lab I'm building is to simulate real-world faults, and being able to mess with the network under software control is a key part of that.

    They also have a 16-port model, but that's more than I need, twice as expensive, and out of stock.


  • Managed 1Gb switches are a dime a dozen. Well, not quite, but you can get them starting at around $35, a tenth the price of the cheapest managed 2.5Gb switches.


  • A new FDA-approved eye drop causes red eyes and headaches. (CBS News)

    Well, what the hell does it treat then?

    It treats reading glasses.

    If you're between 40 and 65 years old and need reading glasses (but not specifically prescription glasses) these eye drops can alleviate that need for six to ten hours.

    Since I do need prescription glasses (I have three pairs for distance, computers, and reading, plus a couple of spares) these won't do anything for me, but if you just need plain cheap reading glasses they could do the trick.


  • Apple found a benchmark where the 2021 M1 Max MacBook Pro is faster than the 2019 Intel Mac. (WCCFTech)

    Linus Tech Tips tested the M1 Max and found that while it did excel on one test, most of the time it was slower than an Intel-based notebook with an RTX 3050 - at about one third the price.

    That might change as they improve the drivers and software optimisation but right now it's a very expensive toy.

    I'll likely be getting a MacBook Air or an iMac to do Mac and iOS software testing for work, but I'll be getting the cheapest model I can get away with.


Party Like It's 1979 Video of the Day





Disclaimer: Lights in the mirror may be bluer than they appear.
digg this
posted by Pixy Misa at 02:48 AM

| Access Comments




Recent Comments
Wolfus Aurelius, Dreaming of Elsewhere [/i] [/b]: "[i] Is that pronounced - Waff, Wawgg, Waw, Wawf, W ..."

Bulgaroctonus: "When I was very small, I thought the PSAs about "C ..."

Martini Farmer: "During the winter months the Pacific Coast around ..."

Zombie Robbo the Llama Butcher: "73 Is that pronounced - Waff, Wawgg, Waw, Wawf, Wo ..."

Lizzy[/i]: ">>Yup. A good day for a drive around Bass Rocks. ..."

[/i][/b]andycanuck (2yu8s)[/s][/u]: "[TBF, I don't know if it's a blind spot in my brai ..."

Warai-otoko: "Is that pronounced - Waff, Wawgg, Waw, Wawf, Woe.. ..."

The Upper Atmosphere: "[i]Could use some seals. Tell me about it Post ..."

[/i][/u][/s][/b]Muldoon: "Loan arranger! Heh! ..."

Chuck Martel: "Frederick J. Waugh ____ Is that pronounced - W ..."

Wolfus Aurelius, Dreaming of Elsewhere [/i] [/b]: "[i]Could use some seals. Tell me about it Post ..."

Lady Who Always Has a Burning Question: "A scene I could appreciate, from the shore. In th ..."

Recent Entries
Search


Polls! Polls! Polls!
Frequently Asked Questions
The (Almost) Complete Paul Anka Integrity Kick
Top Top Tens
Greatest Hitjobs

The Ace of Spades HQ Sex-for-Money Skankathon
A D&D Guide to the Democratic Candidates
Margaret Cho: Just Not Funny
More Margaret Cho Abuse
Margaret Cho: Still Not Funny
Iraqi Prisoner Claims He Was Raped... By Woman
Wonkette Announces "Morning Zoo" Format
John Kerry's "Plan" Causes Surrender of Moqtada al-Sadr's Militia
World Muslim Leaders Apologize for Nick Berg's Beheading
Michael Moore Goes on Lunchtime Manhattan Death-Spree
Milestone: Oliver Willis Posts 400th "Fake News Article" Referencing Britney Spears
Liberal Economists Rue a "New Decade of Greed"
Artificial Insouciance: Maureen Dowd's Word Processor Revolts Against Her Numbing Imbecility
Intelligence Officials Eye Blogs for Tips
They Done Found Us Out, Cletus: Intrepid Internet Detective Figures Out Our Master Plan
Shock: Josh Marshall Almost Mentions Sarin Discovery in Iraq
Leather-Clad Biker Freaks Terrorize Australian Town
When Clinton Was President, Torture Was Cool
What Wonkette Means When She Explains What Tina Brown Means
Wonkette's Stand-Up Act
Wankette HQ Gay-Rumors Du Jour
Here's What's Bugging Me: Goose and Slider
My Own Micah Wright Style Confession of Dishonesty
Outraged "Conservatives" React to the FMA
An On-Line Impression of Dennis Miller Having Sex with a Kodiak Bear
The Story the Rightwing Media Refuses to Report!
Our Lunch with David "Glengarry Glen Ross" Mamet
The House of Love: Paul Krugman
A Michael Moore Mystery (TM)
The Dowd-O-Matic!
Liberal Consistency and Other Myths
Kepler's Laws of Liberal Media Bias
John Kerry-- The Splunge! Candidate
"Divisive" Politics & "Attacks on Patriotism" (very long)
The Donkey ("The Raven" parody)
Powered by
Movable Type 2.64