Category Archives: News

Article note: The kind of psycho prestige-seeking behavior that _gets_ people into high prestige positions is exactly the same as the one that makes them likely to commit fraud. This fact has really fucked up society.

Article note: Gig economy startups "successfuly" turning straightforward two party interactions that are more or less acceptable to both parties into three-party interactions where everyone is unsatisfied and losing money (except the executives making off with investor money).

Article note: Not that modern Nokia Bell Labs is all that related to monopoly-lucre-era Bell Labs, but it does seem existentially weird that they're leaving the Murray Hill campus.

Article note: If the creepy, intrusive, and largely useless "AI" shit could go away because it's unsustainably expensive to run and not paying for itself, that would be great.

Article note: tl;dr: In the old days the web was driven by sharing and communities, then everything turned into self promotion, because in late stage capitalism everything is a hustle, and once something is a hustle it's gonna be awful for everyone.

Article note: Ugh.

Article note: Man, UK got hit by Google ramping educational storage costs a couple years ago, and nudged everyone on to Microsoft storage. It sounds like this is really McGill being goofy, but if it becomes a general thing it'll be ugly. Academic storage capacity is a huge problem because there are rules requiring data retention, and limiting where it can happen, so there are relatively non-technical users with sometimes terabytes of stuff that has to be housed on university-approved storage for extended periods of time. It'll be interesting to see what happens if there's another round of the same bullshit from cloud providers, as it'll pretty fully demonstrate that the whole cloud situation is largely rentseeking. Maybe we'll go back to hosting our own storage appliances instead of renting. Or just losing data stored on media tucked in desk drawers until the last person who knows about it leaves.

Article note: Financialization.

Article note: The reference TianoCore EDK2 PXE implementation that everyone just checks out a copy of and ships is full of fail, and all you need to exploit it is to be able to sniff/inject packets on the same network while PXE (netboot) is enabled in the firmware. Lovely. Sure would be nice if there was something not as over-complicated as UEFI but still capable of passing hardware description tables (...preferably in a format not as nasty as ACPI) so we're not doing DeviceTree shit everywhere.

Enlarge (credit: Nadezhda Kozhedub)

UEFI firmware from five of the leading suppliers contains vulnerabilities that allow attackers with a toehold in a user's network to infect connected devices with malware that runs at the firmware level.

The vulnerabilities, which collectively have been dubbed PixieFail by the researchers who discovered them, pose a threat mostly to public and private data centers and possibly other enterprise settings. People with even minimal access to such a network—say a paying customer, a low-level employee, or an attacker who has already gained limited entry—can exploit the vulnerabilities to infect connected devices with a malicious UEFI.

Short for Unified Extensible Firmware Interface, UEFI is the low-level and complex chain of firmware responsible for booting up virtually every modern computer. By installing malicious firmware that runs prior to the loading of a main OS, UEFI infections can’t be detected or removed using standard endpoint protections. They also give unusually broad control of the infected device.

Article note: Huh. The claim is that Magic Leap's overspend included a custom APU from AMD, and the first gen Steam Deck is built on basically that part with the special DSPs fused off, bought cheap either because there were a ton of extras or since the design was already spun ordering more with a post-processed tweak was way less than a custom part. It's fairly credible, dumber things have happened in the silicon industry, the Switch and Raspberry Pi are basically built on repurposed existing SoCs.