Author Archives: pappp

Article note: Because I know too much about this, I like comparing tellings. This includes some international context that most tellings don't, which is fun, but skips some of the domestic context like Apollo, Multiflow, and Convex/Convey. Marks but intentionally does not discuss some of the other VLIW fad things like Transmeta. It makes an amusing clear-but-understated presentation of the degree to which Itanium was a bulldozer in the industry. It makes the back-ties to i860 and PA-RISC, and somehow does Elbrus but not iAPX423 (which was an unmitigated disaster) or Burroughs Large Systems (if you want an example that wasn't a disaster) when talking about HLL support in processors. It doesn't touch the (hilarious) thread that the Alpha team leaving for AMD after HP killed it in favor of Itanium is _very directly_ the genesis of the initial AMD64 designs, which were the stake through the heart in the market. And it disappointingly doesn't really talk about _why_ the performance was consistently underwhelming in a semi-technical way. The great lesson of the era is that "You can't statically schedule dynamic behavior." Some of the HN comments get there in nice detail.

Article note: The kind of psycho prestige-seeking behavior that _gets_ people into high prestige positions is exactly the same as the one that makes them likely to commit fraud. This fact has really fucked up society.

Article note: Gig economy startups "successfuly" turning straightforward two party interactions that are more or less acceptable to both parties into three-party interactions where everyone is unsatisfied and losing money (except the executives making off with investor money).

Article note: Not that modern Nokia Bell Labs is all that related to monopoly-lucre-era Bell Labs, but it does seem existentially weird that they're leaving the Murray Hill campus.

Article note: If the creepy, intrusive, and largely useless "AI" shit could go away because it's unsustainably expensive to run and not paying for itself, that would be great.

Article note: tl;dr: In the old days the web was driven by sharing and communities, then everything turned into self promotion, because in late stage capitalism everything is a hustle, and once something is a hustle it's gonna be awful for everyone.

Article note: Ugh.

Article note: Man, UK got hit by Google ramping educational storage costs a couple years ago, and nudged everyone on to Microsoft storage. It sounds like this is really McGill being goofy, but if it becomes a general thing it'll be ugly. Academic storage capacity is a huge problem because there are rules requiring data retention, and limiting where it can happen, so there are relatively non-technical users with sometimes terabytes of stuff that has to be housed on university-approved storage for extended periods of time. It'll be interesting to see what happens if there's another round of the same bullshit from cloud providers, as it'll pretty fully demonstrate that the whole cloud situation is largely rentseeking. Maybe we'll go back to hosting our own storage appliances instead of renting. Or just losing data stored on media tucked in desk drawers until the last person who knows about it leaves.

Article note: Financialization.

Article note: The reference TianoCore EDK2 PXE implementation that everyone just checks out a copy of and ships is full of fail, and all you need to exploit it is to be able to sniff/inject packets on the same network while PXE (netboot) is enabled in the firmware. Lovely. Sure would be nice if there was something not as over-complicated as UEFI but still capable of passing hardware description tables (...preferably in a format not as nasty as ACPI) so we're not doing DeviceTree shit everywhere.

Enlarge (credit: Nadezhda Kozhedub)

UEFI firmware from five of the leading suppliers contains vulnerabilities that allow attackers with a toehold in a user's network to infect connected devices with malware that runs at the firmware level.

The vulnerabilities, which collectively have been dubbed PixieFail by the researchers who discovered them, pose a threat mostly to public and private data centers and possibly other enterprise settings. People with even minimal access to such a network—say a paying customer, a low-level employee, or an attacker who has already gained limited entry—can exploit the vulnerabilities to infect connected devices with a malicious UEFI.

Short for Unified Extensible Firmware Interface, UEFI is the low-level and complex chain of firmware responsible for booting up virtually every modern computer. By installing malicious firmware that runs prior to the loading of a main OS, UEFI infections can’t be detected or removed using standard endpoint protections. They also give unusually broad control of the infected device.