Samba Developers Release Patch For Remote Code Execution Vulnerability (CVE-2017-7494)

Subject: General Tech | May 28, 2017 - 07:10 PM |
Tagged: samba, linux, ransomware, security, networking

Last week, the development team behind Samba – popular software suite used on Linux and Unix clients and servers that uses TCP/IP protocol for file and print sharing to SMB/CIFS clients (including Microsoft Windows) – released a security advisory along with patches for a remote code execution hole that has been present in Samba for seven years since the release of Samba 3.5.0 in March 2010. The vulnerability, classified under CVE-2017-7494, allows an attacker to upload malicious code to a Samba server and get the server to run the code by sending a malformed IPC request that references the local file path. The Samba server will run the code in the malicious shared library (.so) file even though it is from an untrusted remote source.

Samba logo.jpg

The bad news is that this is a fairly serious flaw that could lead to an attacker successfully holding a business or home user’s files (including backups!) at ransom, stealing data, or using the now owned file server to attack other network resources that trust the file server. If not securely configured (e.g. allowing anonymous writes), the attack could even be wormable which would allow it to self-replicate across the network or Internet. Further, while various security firms have slightly different numbers, they all seem to agree that around 100,000 Internet-accessible machines are running vulnerable versions of Samba.

It is not all bad news though, and in some respects this vulnerability is not as big of an issue as the WannaCry ransomware and EternalBlue SMB vulnerability because in order to successfully exploit the Samba flaw an attacker needs to obtain credentials to upload the malicious code to the file share(s) which need to be writeable in the first place and not running as noexec under a SELinux policy. Also, attackers need to know or guess the local path name of the files on the file share to send the malformed IPC request. More importantly, the Samba team released three security releases (4.6.4, 4.5.10, and 4.4.14) for the newer branches and is working with OS distributions on providing patches for older Samba versions. For systems that cannot be updated or patched, there is also a workaround that can be implemented by modifying the global Samba config file to contain the setting “nt pipe support = no”. While this will break some expected Windows functionality (mainly machines will not be able to access null shares and will need to use the specific share path rather than just the server path), it will make it so that Samba will not accept the malicious requests.

Perhaps the most worrying aspect of this vulnerability is that security researchers estimate that up to 90% of the vulnerable Internet-connected Samba endpoints do not have a direct patch or update available yet and may not ever get one. While the enterprise hardware and even bigger consumer and SMB hardware providers will provide support for this in the form of patches or firmware updates, there is a sea of home routers, NAS boxes, file and print servers, and IoT devices running on home networks that are not open to user updates and may not ever get firmware updates. The best thing to do in this scenario according to the security advisory (if you can’t just not use it or replace it with different hardware that can be patched or isn’t affected of course) is to not expose it to the Internet. There would still be a risk of it being exploited should someone get a virus on a client machine through email, malicious downloads, or social engineering though. Considering these home NAS devices are usually used as destinations for backups, the risk of ransomware not only infecting client machines but also the main file share and network backups is scary. I have always been a fan of offline and/or cloud backups and in these modern times they are more important than ever with the rise of ransomware and other profit motivated viruses.

If you are not sure if your network is affected, there are tools being made available (including a Metasploit module, nmap scripts, and Internet scans) to help you determine that and reduce your attack surface using that information by updating to the latest security release, applying patches, updating, using SELinux policies to prevent the server from executing files itself, and preventing them from communicating with the Internet in order of effectiveness.

All that is to say don’t panic, stay vigilant, and make sure your important data is properly backed up and secured as much as possible!

Source: Samba.org

Yungchin Realty Group Partners with iStaging

Subject: General Tech | May 27, 2017 - 10:11 PM |
Tagged: xr, VR, mr, istaging, AR

iStaging is virtual-, augmented-, and mixed-reality company that focuses on the real estate, interior design, furniture, and related industries. The news that lead to this post is that Yungching Realty Group, based out of Taiwan, has partnered with iStaging to enhance their real estate business with VR and AR. The demo that they are showing at their press conference was a virtual street, which presented information about restaurants, schools, and other points of interest for someone researching the neighborhood.

istaging-2017-threedemos.jpg

I’d expect our audience is more interested in the technology side of this, although let us know in the comments (or via email – my address is in my author page linked on the byline) if you’re interested in the enterprise / real-estate side. From the technology standpoint, it’s interesting to see applications like these push high-end graphics into more and more businesses, large and small. Likewise, these applications give a stable income that XR technology companies (ex: HTC Vive) can rely upon while they find a foothold in fickle, but potentially lucrative consumer market.

Lastly, I’m curious what applications will be possible when another round of innovation learns from this generation. What does this enable, even if only by expanding what people think is possible?

Definitely something to think about.

Source: iStaging

SoftBank Invests $4 Billion In NVIDIA, Becomes Fourth Largest Shareholder

Subject: General Tech, Graphics Cards | May 27, 2017 - 12:18 AM |
Tagged: vision fund, softbank, nvidia, iot, HPC, ai

SoftBank, the Tokyo, Japan based Japanese telecom and internet technology company has reportedly quietly amassed a 4.9% stake in graphics chip giant NVIDIA. Bloomberg reports that SoftBank has carefully invested $4 billion into NVIDIA avoiding the need to get regulatory approval in the US by keeping its investment under 5% of the company. SoftBank has promised the current administration that it will invest $50 billion into US tech companies and it seems that NVIDIA is the first major part of that plan.

SXM2-VoltaChipDetails.png

NVIDIA's Tesla V100 GPU.

Led by Chairman and CEO Masayoshi Son, SoftBank is not afraid to invest in technology companies it believes in with major past acquisitions and investments in companies like ARM Holdings, Sprint, Alibaba, and game company Supercell.

The $4 billion-dollar investment makes SoftBank the fourth largest shareholder in NVIDIA, which has seen the company’s stock rally from SoftBank’s purchases and vote of confidence. The (currently $93) $100 billion Vision Fund may also follow SoftBank’s lead in acquiring a stake in NVIDIA which is involved in graphics, HPC, AI, deep learning, and gaming.

Overall, this is good news for NVIDIA and its shareholders. I am curious what other plays SoftBank will make for US tech companies.

What are your thoughts on SoftBank investing heavily in NVIDIA?

Intel Persistent Memory Using 3D XPoint DIMMs Expected Next Year

Subject: General Tech, Memory, Storage | May 26, 2017 - 10:14 PM |
Tagged: XPoint, Intel, HPC, DIMM, 3D XPoint

Intel recently teased a bit of new information on its 3D XPoint DIMMs and launched its first public demonstration of the technology at the SAP Sapphire conference where SAP’s HANA in-memory data analytics software was shown working with the new “Intel persistent memory.” Slated to arrive in 2018, the new Intel DIMMs based on the 3D XPoint technology developed by Intel and Micron will work in systems alongside traditional DRAM to provide a pool of fast, low latency, and high density nonvolatile storage that is a middle ground between expensive DDR4 and cheaper NVMe SSDs and hard drives. When looking at the storage stack, the storage density increases along with latency as it gets further away from the CPU. The opposite is also true, as storage and memory gets closer to the processor, bandwidth increases, latency decreases, and costs increase per unit of storage. Intel is hoping to bridge the gap between system DRAM and PCI-E and SATA storage.

Intel persistent memory DIMM.jpg

According to Intel, system RAM offers up 10 GB/s per channel and approximately 100 nanoseconds of latency. 3D XPoint DIMMs will offer 6 GB/s per channel and about 250 nanoseconds of latency. Below that is the 3D XPoint-based NVMe SSDs (e.g. Optane) on a PCI-E x4 bus where they max out the bandwidth of the bus at ~3.2 GB/s and 10 microseconds of latency. Intel claims that non XPoint NVMe NAND solid state drives have around 100 microsecomds of latency, and of course, it gets worse from there when you go to NAND-based SSDs or even hard drives hanging of the SATA bus.

Intel’s new XPoint DIMMs have persistent storage and will offer more capacity that will be possible and/or cost effective with DDR4 DRAM. In giving up some bandwidth and latency, enterprise users will be able to have a large pool of very fast storage for storing their databases and other latency and bandwidth sensitive workloads. Intel does note that there are security concerns with the XPoint DIMMs being nonvolatile in that an attacker with physical access could easily pull the DIMM and walk away with the data (it is at least theoretically possible to grab some data from RAM as well, but it will be much easier to grab the data from the XPoint sticks. Encryption and other security measures will need to be implemented to secure the data, both in use and at rest.

Intel Slide XPoint Info.jpg

Interestingly, Intel is not positioning the XPoint DIMMs as a replacement for RAM, but instead as a supplement. RAM and XPoint DIMMs will be installed in different slots of the same system and the DDR4 RAM will be used for the OS and system critical applications while the XPoint pool of storage will be used for storing data that applications will work on much like a traditional RAM disk but without needing to load and save the data to a different medium for persistent storage and offering a lot more GBs for the money.

While XPoint is set to arrive next year along with Cascade Lake Xeons, it will likely be a couple of years before the technology takes off. Supporting it is going to require hardware and software support for the workstations and servers as well as developers willing to take advantage of it when writing their specialized applications. Fortunately, Intel started shipping the memory modules to its partners for testing earlier this year. It is an interesting technology and the DIMM solution and direct CPU interface will really let the 3D XPoint memory shine and reach its full potential. It will primarily be useful for the enterprise, scientific, and financial industries where there is a huge need for faster and lower latency storage that can accommodate massive (multiple terabyte+) data sets that continue to get larger and more complex. It is a technology that likely will not trickle down to consumers for a long time, but I will be ready when it does. In the meantime, I am eager to see what kinds of things it will enable the big data companies and researchers to do! Intel claims it will not only be useful at supporting massive in-memory databases and accelerating HPC workloads but for things like virtualization, private clouds, and software defined storage.

What are your thoughts on this new memory tier and the future of XPoint?

Also read:

Source: Intel

G.Skills svelte Ripjaws KM570 mechanical keyboard

Subject: General Tech | May 26, 2017 - 04:40 PM |
Tagged: G.Skill, Ripjaws KM570 RGB, gaming keyboard, RGB

G.Skill learned from the feedback offered from users of the KM780R and incorporated it into the KM570.  They've simplified the design and added back the top plate to protect the switches, though they did replace the volume wheel with buttons, a decision The Tech Report were not wholly enthusiastic about.   The keyboard sports two USB plugs, one is for transferring software settings to the keyboard and is not needed unless you are updating your settings.  The lighting has five different brightness settings as well as the all important off setting.  It retails for $120, which is less than much of the competitions offerings; as odd as it is to say.

fullshotstraight.png

"G.Skill's KM570 puts an everything-you-need, nothing-you-don't board in the company's gaming-keyboard quiver. We tried out this distilled gaming board to see whether it has what it takes to stand out in a crowded field."

Here is some more Tech News from around the web:

Tech Talk

 

New AI products will Crest Computex

Subject: General Tech | May 25, 2017 - 12:19 PM |
Tagged: nvidia, Intel, Lake Crest, Knights Crest

DigiTimes have heard about Intel's plans to reveal their next hardware devoted to AI functionality at Computex.  Lake Crest is their deep learning hardware to support a new generation of neural network based computing and Knights Crest is the result of Intel's $350m purchase of the deep learning company Nervana which will be based on the familiar Xeon and Xeon Phi families of processor. 

Jen-Hsun Huang, will deliver a keynote about NVIDIA's current AI projects along with their advancements in autonomous driving and deep learning, but we have not heard any juicy rumours about hardware announcements yet.  Love him or hate him, Jen-Hsun's keynotes are never a waste of time to listen to.

nvidia_ceo_tattoo.jpg

"Nvidia and Intel are expected to unveil their latest plans on hardware platforms for artificial intelligence (AI) applications at Computex 2017, according to sources from the upstream supply chain."

Here is some more Tech News from around the web:

Tech Talk

Source: DigiTimes

Podcast #451 - New Surface Pro, Analog Keyboards, Water Cooled PSUs and more!

Subject: General Tech | May 25, 2017 - 11:12 AM |
Tagged: vulkan, video, Surface Pro, SolidScale, seasonic, ps4 pro, podcast, opencl, micon, macbook pro, Khronos, fsp, Eisbaer, Chromebook, Alphacool, aimpad

PC Perspective Podcast #451 - 05/25/17

Join us for talk about the wew Surface Pro, analog keyboards, water cooled PSUs and more!

You can subscribe to us through iTunes and you can still access it directly through the RSS page HERE.

The URL for the podcast is: http://pcper.com/podcast - Share with your friends!

Hosts: Ryan Shrout, Jeremy Hellstrom, Josh Walrath, Allyn Malventano

Peanut Gallery: Alex Lustenberg, Jim Tanous, Ken Addison

Program length: 1:39:25

Podcast topics of discussion:

  1. Week in Review:
  2. Casper!
  3. News items of interest:
  4. Hardware/Software Picks of the Week
  5. Closing/outro

Subscribe to the PC Perspective YouTube Channel for more videos, reviews and podcasts!!

PCPer Live! Aimpad Analog Keyboard Technology Discussion

Subject: General Tech | May 24, 2017 - 04:42 PM |
Tagged: lance madsen, keyboard, analog, aimpad

If you missed the live stream, we have the VOD below! This is a compelling discussion about the benefits of having an analog keyboard - definitely worth watching if you are a dedicated PC gamer!

You might not have heard of the company or the technology yet, but Aimpad is set to bring about another drastic change to the world of gaming keyboards. Lance Madsen will join us from Aimpad to talk about the idea of an analog keyboard, and why having keys that aren't simply on or off can benefit gamers as they strive to find the best possible experiences.

Website-Banner-1.jpg

In our live stream we will be talking about the technology that makes it work, how it will be integrated into future keyboards, and walk through a handful of demonstrations of the technology at work on a prototype keyboard integration. 

pcperlive.png

Aimpad Analog Keyboard Live Stream

1pm PT / 4pm ET - May 23rd

PC Perspective Live! Page

Need a reminder? Join our live mailing list!

The event will take place Tuesday, May 23rd at 4pm ET / 1pm PT at http://www.pcper.com/live. There you’ll be able to catch the live video stream as well as use our chat room to interact with the audience, asking questions for me and Lance to answer live. 

Aimpad-Photo-2.jpg

If you have questions, please leave them in the comments below and we'll look through them just before the start of the live stream. Of course you'll be able to tweet us questions @pcper and we'll be keeping an eye on the IRC chat as well for more inquiries. What do you want to know and hear from Tom or I?

So join us! Set your calendar for this coming Tuesday at 4pm ET / 1pm PT and be here at PC Perspective to catch it. If you are a forgetful type of person, sign up for the PC Perspective Live mailing list that we use exclusively to notify users of upcoming live streaming events including these types of specials and our regular live podcast. I promise, no spam will be had!

DOOM Guy gets hot and bothered

Subject: General Tech | May 24, 2017 - 02:24 PM |
Tagged: doom, gaming, hack, mod

It's the May Two-Four so you have probably turned down your furnace* and your thermostat has very little to do, so why not play a game of DOOM on it?  Over at Hack a Day you can get a port of Chocolate DOOM which you can set up and run on a Honeywell Prestige thermostat.  The colour may be better than the original but for now you will have to play it without sound, still it is impressive how far hardware has come, even in simple appliances.

doomstat-feat.png

*offer may not be valid in Wyoming

"In his video, [cz7asm] shows us the game running quite nicely on the 480 x 272 LCD with an NES controller plugged into the USB port originally intended for software updates. The thermostat runs on a STM32F429 which is an ARM9 processor that has the juice to pull it off."

Here is some more Tech News from around the web:

Gaming

 

Source: Hack a Day

New AMD products with go forth July

Subject: General Tech | May 24, 2017 - 01:24 PM |
Tagged: amd, Vega, ryzen 3, rumour

On a recent investors call AMD's head, Lisa Su, let it slip that the Radeon RX Vega family will be arriving on the market this July, shortly after we see the Frontier Edition launch.  The Inquirer also mentions that this is likely to indicate a similar launch time for the Ryzen 3 family, which seems a sound presumption.  During the call she set some dates for AMD's next generation of processors, they will be taping out their 7nm products later this year with Zen 2 scheduled for 2018 and Zen 3 in 2020.  It is also likely we will not be seeing mobile Zen parts at Computex; next year is far more likely to be their target.  Still, this has been an exciting year for enthusiasts with a wide variety of parts launched already and more on the way.

71_Chevrolet_Vega_Hatchback_Coupe.jpg

"Su revealed that the company was planning a late-June release date for the Frontier Edition of the company's next-generation graphics card, with the more mainstream Radeon RX Vega coming out the following month."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

Win-ning friends in the workplace and hoping you hate group policy

Subject: General Tech | May 23, 2017 - 03:08 PM |
Tagged: microsoft, Win 10, enterprise

Microsoft is continuing with their policy of self inflicted hurdles for Enterprise adoption of Windows 10.  We have known for a while that Group Policy no longer works as expected on the new version of Windows and today The Inquirer posted more exact information this particular issue.  A security researcher locked down a machine using Group Policy settings and found that even with policies in place to prevent certain protocols and services, the machine continued to attempt connections.  The most damning proof of all was on a machine set to extreme security, with all but connections to Microsoft Update blocked, that still happily attempted to connect to advertising servers.  The marketshare of Win 10 devices in the workplace does not look to be on the rise any time soon.

IC180010.gif

"On Monday, we revealed that a security researcher had used a packet sniffer to show that many settings designed to prevent access to the internet were being ignored with connections to a range of third party servers including advertising hubs."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Inquirer

Sit back and read about the Vertagear Triigger 350 Special Edition Gaming Chair

Subject: General Tech | May 19, 2017 - 02:02 PM |
Tagged: vertagear, Triigger 350 Special Edition, gaming chair

We now know the real reason Kyle agreed to getting a red stripe in his hair; so he can match the chair he is sitting in.  He has been resting his laurels on the Vertagear Triigger 350 Special Edition for the past few months and has published a review of his experiences.  This 55lb beast is constructed of aluminium, mesh and calf leather with hubless caster type wheels which turned out to work and look good.  If you are in the market for a high end gaming chair you should check out the full review, especially the last page where he answers numerous questions asked by his forum members.

149513174587gi9q3da6_1_2.jpg

"What happens when you rope yourself in to doing a gaming chair review? You take your time, do it right, and make sure your butt spends at least a few months in the chair before you write your review. My butt has been in the VertaGear Triigger 350 Gaming Chair for over 3 months, and here are my thoughts."

Here is some more Tech News from around the web:

Tech Talk

Source: [H]ard|OCP

Add an ARM to your cortex

Subject: General Tech | May 18, 2017 - 12:29 PM |
Tagged: cyborgs, arm

Researchers at the Center for Sensorimotor Neural Engineering are working on a way you can truly have SoC on the brain, partnering with ARM to develop chips which can be implanted in the brain.  The goal is not to grant you a neural interface nor add a couple of petabytes to your long term memory but to help treat people suffering from paralysis due to stroke or other damage to the brain.  There is the small problem of heat, brain tissue will be much more susceptible to damage from implanted devices than an organ in the torso; a pacemaker has space in which to dissipate excess heat.  We are still a long way off but you can read up on the current state of the research by following the links at The Inquirer.

maxresdefault.jpg

"CHIP GIANT ARM is teaming up with US researchers on a project develop human brain implants aimed at helping paralysed patients as well as stroke and Alzheimer's patients."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

Good news Battletech fans, Paradox will publish Harebrained Schemes new game

Subject: General Tech | May 17, 2017 - 02:56 PM |
Tagged: battletech, paradox, gaming, Kickstarter

The Kickstarter for the new turn based Battletech gaming was wildly successful with 41,733 backers pledging $2,785,537 and now we have even more good news.  Paradox Interactive, they of the continual updates and addins to published games have agreed to publish the new Battletech game.  Not only does this ensure solid support for players after release but could mean we see a long lineup of expansions after release, Paradox just added another major expansion to EU4 four years after its release.  For backers there is even more news, the closed beta will kick off in June and there is a new video of multiplayer gameplay you can watch.

"The long life of these internally developed games is a core part of Paradox’s business model, but the company is also expanding as a publisher. That includes not only third-party originals like Battletech, but ports of existing titles such as Prison Architect on tablet."

Here is some more Tech News from around the web:

Gaming

Dating Intel and AMD in 2017, we're going out for chips

Subject: General Tech | May 17, 2017 - 12:30 PM |
Tagged: Intel, amd, rumour, release dates, ryzen, skylake-x, kaby lake x, Threadripper, X399, coffee lake

DigiTimes has posted an article covering the probable launch dates of AMD's new CPUs and GPUs as well as Intel's reaction to the release.  Not all of these dates are confirmed but it is worth noting as these rumours are often close to those eventually announced.  Naples will be the first, with the server chips launching at the end of June but that is just the start. July is the big month for AMD, with the lower end Ryzen 3 chips hitting the market as well as the newly announced 16 core Threadrippers and the X399 chipset.  That will also be the month we see Vega's Founders Frontier Edition graphics cards arrive.

Intel's Basin Falls platform; Skylake-X and Kaby Lake-X along with the associated X299 chipset are still scheduled for Computex reveal and a late June or early August release.  Coffee Lake is getting pushed ahead however, it's launch has been moved up to late August instead of the beginning of next year. 

Even with Intel's counters, AMD's balance sheet is likely to be looking better and better as the year goes on which is great news for everyone ... except perhaps Intel and NVIDIA.

Vega FE Slide.png

"Demand for AMD's Ryzen 7- and Ryzen 5-series CPU products has continued rising, which may allow the chipmaker to narrow its losses to below US$50 million for the second quarter of 2017. With Intel also rumored to pay licensing fees to AMD for its GPUs, some market watchers believe AMD may turn profitable in the second quarter or in the third."

Here is some more Tech News from around the web:

Tech Talk

 

Source: DigiTimes

CORSAIR Launches T1 RACE Gaming Chair

Subject: General Tech | May 16, 2017 - 01:58 PM |
Tagged: gaming chair, corsair, T1 RACE

Corsair have jumped into the gaming chair market, a product we did not see much of which has recently taken off in a big way.  The T1 RACE is made of PU leather, also known as bicast leather, so the shiny finish should last quite a while though the feel will not quite the same as a true leather chair, nor will the price be as astronomical.  Depending on the type of polyurethane leather they used, this product might be vegan.  You can choose between yellow, white, blue or  red trim to highlight your chair, or if you prefer you can choose to forego the colours for a purely black chair.  It can recline 90° to 180° if you need a moment to lie back, the arm rests can be adjusted for height, width, position and angle and neck and lumbar PU leather pillows are included. 

Check out Corsair's page here or the PR just below.

unnamed.jpg

FREMONT, CA – May 16th, 2017 - CORSAIR®, a world leader in enthusiast memory, PC components and high-performance gaming hardware today announced the launch of its first gaming chair, the T1 RACE. Inspired by racing, crafted for comfort and built to last, the T1 Race joins CORSAIR’s award-winning range of mice, keyboards, headsets and mousepads to complete the ultimate gaming experience. Built using a solid steel skeleton and dense foam cushions, the T1 RACE has the strength to ensure a lifetime of sturdiness, while it’s 4D-movement armrests raise, lower, shift and swivel to put gamers in the most comfortable position every time. Styled to turn heads and finished with immaculate attention to detail, the T1 RACE is the gaming chair your desk deserves.

Upholstered in luxurious PU leather on seating surfaces and available in five different colors, T1 RACE lets you choose your seat to match your style, in either Yellow, White, Blue, Red or Black trim, finished with automotive color-matched stitching and base accents. Nylon caster wheels, often an optional upgrade on office and gaming chairs, are included with T1 RACE as standard, ensuring stability and smooth movement on any surface.

T1 RACE’s sculpted race-seat design and included neck and lumbar PU leather pillows provide adjustable support for day-long gaming sessions, while its 4D-moment armrests effortlessly adjust in height, width, position and angle to put your arms precisely where they need to be. A steel construction Class 4 gas lift provides reliable height adjustment, while the seat itself tilts up to 10° and can recline anywhere between 90° to 180°, lying completely flat for when you need to take a break from the action. Finishing the T1 RACE’s attention to detail, the CORSAIR logo is tastefully embroidered into the rear of the chair, and lightly embossed into the headrest for maximum comfort.

Source: Corsair

Pot, meet kettle. Is it worse to hoard exploits or patches?

Subject: General Tech | May 16, 2017 - 01:27 PM |
Tagged: security, microsoft

Microsoft and the NSA have each been blaming the other for the ability of WannaCrypt to utilize a vulnerability in SMBv1 to spread.  Microsoft considers the NSA's decision not to share the vulnerabilities which their Eternalblue tool utilizes with Microsoft and various other security companies to be the cause of this particular outbreak.  Conversely, the fact is that while Microsoft developed patches to address this vulnerability for versions of Windows including WinXP, Server 2003, and Windows 8 RT back in March, they did not release the patches for legacy OSes until the outbreak was well underway. 

Perhaps the most compelling proof of blame is the number of systems which should not have been vulnerable but were hit due to the fact that the available patches were never installed. 

These three problems, the NSA wanting to hoard vulnerabilities so they can exploit them for espionage, Microsoft ending support of older products because they are a business and do not find it profitable to support products a decade or more after release and users not taking advantage of available updates have left us in the pickle we find ourselves in this week.  On the plus side this outbreak does have people patching, so we have that going for us.

fingerpointing.jpg

"Speaking of hoarding, though, it's emerged Microsoft was itself stockpiling software – critical security patches for months."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

Khronos Group Published Finalized OpenCL 2.2 & SPIR-V 1.2

Subject: General Tech | May 16, 2017 - 09:00 AM |
Tagged: spir-v, opencl, Khronos

Aligning with the start of the International Workshop on OpenCL (IWOCL) 2017 in Toronto, Ontario, Canada, The Khronos Group has published the finalized specification for OpenCL 2.2 and SPIR-V 1.2. The headlining feature for this release is the OpenCL C++ kernel language, which SPIR-V 1.2 fully supports. Kernels are the portion of code that execute on the compute devices, such as GPUs, FPGAs, super computers, multi-core CPUs, and so forth.

OpenCL_Logo.png

The OpenCL C++ kernel language is a subset of the C++14 standard, bringing many of its benefits to these less-general devices. Classes help data and code to be more tightly integrated. Templates help define logic in a general way for whatever data type implements whatever it requires, which is useful for things like custom containers. Lambda expressions make it easy to write one-off methods, rather than forcing the developer to name something that will only be used once, like comparing two data types for a special sort in one specific spot of code.

Exposing these features to the OpenCL device also enables The Khronos Group to further the SYCL standard, which aims for “single-source” OpenCL development. Having the code that executes on OpenCL-compatible devices contain roughly the same features as the host code is kind-of necessary to let them be written together, rather than exist as two pools.

The final OpenCL 2.2 and SPIR-V 1.2 specs are available now, and on GitHub for the first time.

IBM Model M? Pah, get an Underwood based keyboard if you want to impress!

Subject: General Tech | May 15, 2017 - 01:55 PM |
Tagged: input, AiZO, MK Retro

Who needs a mechanical keyboard that is inspired by something a mere three decades ago when you can purchase one that looks like a manual typewriter you would see in a museum exhibit?  The AZiO MK Retro sports those raised circular keys use AZiO's own OARMY Olive switches, which NikKTech postulates were source from Kailh.  If you are desperate for a unique looking keyboard without any sign of RGB-itis, then feast your eyes below and follow that link to the review.

azio_mk_retroa.jpg

"With the MK Retro typewriter mechanical keyboard AZiO takes us for a trip down memory lane and although it leaves us asking for me we do feel they're on the right track."

Here is some more Tech News from around the web:

Tech Talk

Source: NikKTech

The internet is whipping out some Core-i9 tales

Subject: General Tech | May 15, 2017 - 12:36 PM |
Tagged: rumour, Intel, Core i9

A two part rumour circulating the internet this morning, involving new processors and a new naming convention.  The leak that The Inquirer posted about this morning reveals six new Intel processors, two Kaby Lake-X processors with four cores running at a base clock of 4GHz or 4.3GHz depending on the model and TDPs of 112W.  More interesting are the new Kaby Lake-X processors which are referred to as Core i9 models, running from an i9-7800X @ 3.6GHz base to the i9-7920X which runs at an unspecified speed.  All will have four times the L2 cache of the current i7-7700K and Turbo 2.0 Boost Max to increase the frequency of several cores at once as well as Turbo Boost 3.0 for single-threaded workloads. 

It will be interesting to see if the Core i7 family continues as an upper middle class of processors with the i9 family replacing it's current standing or if the new processors will be priced like high end Xeons.

Capture.PNG

"The slide, which an Anandtech forum member claims is an internal Intel document, provides details of four new Skylake-X processors and two Kaby Lake-X CPUs. The Skylake-X processors are described as Core i9, and if the leak is genuinely - and that's a fairly big if - the new Core i9s will replace Core i7s as Intel's top-of the-pile PC chipset range."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer