Daily Archives: July 14, 2024

Are Intel’s i9-13900k’s and -14900k’s Crashing at a Higher Rate?

Posted on by

“Intel’s problems with unstable 13th-gen and 14th-gen high-end CPUs appear to run deeper than we thought,” writes TechRadar, “and a new YouTube video diving into these gremlins will do little to calm any fears that buyers of Raptor Lake Core i9 processors (and its subsequent refresh) have.” Level1Techs is the YouTuber in question, who has explored several avenues in an effort to make more sense of the crashing issues with these Intel processors that are affecting some PC gamers and making their lives a misery — more so in some cases than others. Data taken from game developer crash logs — from two different games — clearly indicates a high prevalence of crashes with the mentioned more recent Intel Core i9 chips (13900K and 14900K).

In fact, for one particular type of error (decompression, a commonly performed operation in games), there was a total of 1,584 that occurred in the databases Level1Techs sifted through, and an alarming 1,431 of those happened with a 13900K or 14900K. Yes — that’s 90% of those decompression errors hitting just two specific CPUs. As for other processors, the third most prevalent was an old Intel Core i7 9750H (Coffee Lake laptop CPU) — which had a grand total of 11 instances. All AMD processors in total had just 4 occurrences of decompression errors in these game databases.
“In case you were thinking that AMD chips might be really underrepresented here, hence that very low figure, well, they’re not — 30% of the CPUs in the database were from Team Red…”

“The YouTuber also brings up another point here: namely that data centers are noticing these issues with Core i9s.”

More details at Digital Trends… And long-time Slashdot reader UnknowingFool wrote a summary of the video’s claims here.

Intel is not in a good place with these chips: After 3 Faulty CPUs & 2 RMAs, Intel Refuses to Refund a Crashing 13900K, Less than a Month Old

WTFBBQ?! Firefox Starts collecting personal ad preferences

Posted on by

In a world where so much of our lives depend on the use of online services, the web browser used to access those services becomes of crucial importance. It becomes a question of whether we trust the huge corporate interests which control this software with such access to our daily lives, and it is vital that the browser world remains a playing field with many players in the game.

The mantle has traditionally fallen upon Mozilla’s Firefox browser to represent freedom from corporate ownership, but over the last couple of years even they have edged away from their open source ethos and morphed into an advertising company that happens to have a browser. We’re asking you: can we still trust Mozilla’s Firefox, when the latest version turns on ad measurement by default?

Such has been the dominance of Google’s Chromium in the browser world, that it becomes difficult to find alternatives which aren’t based on it. We can see the attraction for developers, instead of pursuing the extremely hard task of developing a new browser engine, just use one off-the-shelf upon which someone else has already done the work. As a result, once you have discounted browsers such as the venerable Netsurf or Dillo which are cool as heck but relatively useless for modern websites, the choices quickly descend into the esoteric. There are Ladybird and Servo which are both promising but still too rough around the edges for everyday use, so what’s left? Probably LibreWolf represents the best option, a version of Firefox with a focus on privacy and security.

[…]

Source: Ask Hackaday: Has Firefox Finally Gone Too Far? | Hackaday

Many comments in the thread in the source. Definitely worth looking at.

A hydrogen-powered air taxi flew 523 miles emitting only water vapor

Posted on by

A flying-car-like vertical takeoff aircraft created by Joby Aviation has completed a first-of-its-kind, 523 mile test flight using hydrogen power. The aircraft, which reportedly left only a trail of water vapor in its wake, is being pitched as a more environmentally friendly alternative to traditional gas powered jets for mid-range, regional travel. Though questions remain about hydrogen power’s long-term viability at scale, the test flight proves it’s possible to retrofit existing electric powered aircraft with hydrogen fuel cells to effectively extend their range.

Joby is one of several companies attempting to create an air taxi service around vertical takeoff and landing vehicles (VTOLs). Up until now Joby has focused on creating fully electric battery powered aircraft with a range of roughly 100 miles intended to transport people and products within cities or to major airports. For the new test flight, Joby took a pre-production prototype of one of its battery-electric aircraft and outfitted it with a liquid hydrogen fuel tank and fuel system. The modified, hydrogen-powered VTOL was able to complete a 523 mile flight above Marina, California with no in-flight emissions. When it landed, the aircraft still had 10% of its remaining hydrogen fuel load.

Joby accelerated its exploration of hydrogen power back in 2022 with its acquisition of hydrogen-powered aircraft startup H2Fly. That company completed the first piloted flight of a liquid-hydrogen powered electric aircraft last year. Since then, two other California startups have successfully tested hydrogen fuel sources to power propeller planes. One of those firms, Universal Hydrogen, reportedly flew as high as 10,000 feet at around 170 knots (195 mph.) Joby’s test flight, by contrast, is the first reported example of a VTOL-style aircraft completing a test flight using hydrogen power.

[…]

If all of this sounds too good to be true from an emissions stand point, that’s because it really still is. Hydrogen power is still far more expensive to produce than its electric or fossil fuel alternatives. It’s also not as environmentally friendly as it may initially seem. Though various energy sources can be technically used to release hydrogen from hydrocarbon molecules, around 95% of hydrogen currently produced in the US is made using natural gas which is itself a major source of CO2 emissions. So-called “green hydrogen” sourced from renewable resources remains relatively rare but that could change thanks to the Biden Administration initiative aiming to inject $7 billion into new hydrogen hub centers. Hydrogen power, not long ago considered a sci-fi pipe dream, is climbing closer to reality.

Hydrogen is also just one of several alternatives and options being explored by the air travel industry. Aircraft startups like Elysian are leaning on advances in battery technology to develop an electric-powered passenger plane they hope can transport 90 travelers up to 500 miles without recharging. Jet Blue, Virgin Atlantic, and other airliners are also investing in so-called “sustainable jet fuel” which would use feedstocks, waste products, and other renewable starting materials in place of fossil fuels. Some mix of all of these alternatives will likely be needed to prevent aircraft related carbon emissions from soaring in coming years, especially as passengers show no signs of cutting down on overall air travel any time soon.

Source: A hydrogen-powered air taxi flew 523 miles emitting only water vapor | Popular Science

Apple settles EU case by opening its iPhone payment system to rivals

Posted on by

The EU on Thursday accepted Apple’s pledge to open its “tap to pay” iPhone payment system to rivals as a way to resolve an antitrust case and head off a potentially hefty fine.

The European Commission, the EU’s executive arm and top antitrust enforcer, said it approved the commitments that Apple offered earlier this year and will make them legally binding.

Regulators had accused Apple in 2022 of abusing its dominant position by limiting access to its mobile payment technology.

Apple responded by proposing in January to allow third-party mobile wallet and payment service providers access to the contactless payment function in its iOS operating system. After Apple tweaked its proposals following testing and feedback, the commission said those “final commitments” would address its competition concerns.

“Today’s commitments end our Apple Pay investigation,” Margrethe Vestager, the commission’s executive vice-president for competition policy, told a press briefing in Brussels. “The commitments bring important changes to how Apple operates in Europe to the benefit of competitors and customers.”

Apple said in a prepared statement that it is “providing developers in the European Economic Area with an option to enable NFC [near-field communication] contactless payments and contactless transactions” for uses like car keys, corporate badges, hotel keys and concert tickets.

[…]

The EU deal promises more choice for Europeans. Vestager said iPhone users will be able to set a default wallet of their choice while mobile wallet developers will be able to use important iPhone verification functions like Face ID.

[…]

Analysts said there would be big financial incentives for companies to use their own wallets rather than letting Apple act as the middleman, resulting in savings that could trickle down to consumers. Apple charges banks 0.15% for each credit card transaction that goes through Apple Pay, according to the justice department’s lawsuit.

Apple must open up its payment system in the EU’s 27 countries plus Iceland, Norway and Liechtenstein by 25 July.

“As of this date, developers will be able to offer a mobile wallet on the iPhone with the same ‘tap-and-go’ experience that so far has been reserved for Apple Pay,” Vestager said. The changes will remain in force for a decade and will be monitored by a trustee.

Breaches of EU competition law can draw fines worth up to 10% of a company’s annual global revenue, which in Apple’s case could have amounted to tens of billions of euros.

“The main advantage to the issuer bank of supporting an alternative to Apple Pay via iPhone is the reduction in fees incurred, which can be substantial,” said Philip Benton, a principal analyst at research and advisory firm Omdia. To encourage iPhone users to switch away from Apple Pay to another mobile wallet, “the fee reduction needs to be partially passed onto the consumer” through benefits like cashback or loyalty rewards, he said.

Banks and consumers could also benefit in other ways.

If companies use their own apps for tap-and-go payments, they would get “full visibility” of their customers’ transactions, said Ben Wood, chief analyst at CCS Insight. That data would allow them to “build brand loyalty and trust and offer more personalised services, rewards and promotions directly to the user”, he said.

Source: Apple settles EU case by opening its iPhone payment system to rivals | Apple | The Guardian

Note: Currently, Apple has this full visibility of your transactions. Are you sure you want to trust a company like that with your financial data?

I wonder how childishly Apple will handle this, considering how it has gone about “opening up” it’s app store and allowing home screen apps (not really at all)

Why all Chromium browsers tell Google about your CPU, GPU usage? A whitewashing bullshit explanation.

Posted on by

Running a Chromium-based browser, such as Google Chrome or Microsoft Edge? The chances are good it’s quietly telling Google all about your CPU and GPU usage when you visit one of the search giant’s websites.

The feature is, from what we can tell, for performance monitoring and not really for tracking – Google knows who you are and what you’re doing anyway when you’re logged into and using its sites – but it does raise some antitrust concerns in light of Europe’s competition-fostering Digital Markets Act (DMA).

When visiting a *.google.com domain, the Google site can use the API to query the real-time CPU, GPU, and memory usage of your browser, as well as info about the processor you’re using, so that whatever service is being provided – such as video-conferencing with Google Meet – could, for instance, be optimized and tweaked so that it doesn’t overly tax your computer. The functionality is implemented as an API provided by an extension baked into Chromium – the browser brains primarily developed by Google and used in Chrome, Edge, Opera, Brave, and others.

Non-Chromium-based browsers – such as Mozilla’s Firefox – don’t have that extension, which puts them at a potential disadvantage. Without the API, they may offer a worse experience on Google sites than what’s possible on the same hardware with Google’s own browser, because they can’t provide that live performance info.

There is, however, nothing technically stopping Moz or other browser-engine makers implementing a similar extension itself in Firefox, if they so chose.

Crucially though, websites that compete against Google can’t access the Chromium API. This is where technical solutions start to look potentially iffy in the eyes of Europe’s DMA.

Netherlands-based developer Luca Casonato highlighted the extension’s existence this week on social media, and his findings went viral – with millions of views. We understand at least some people have known about the code for a while now – indeed, it’s all open source and can be found here in the preinstalled extension hangout_services.

That name should give you a clue to its origin. It was developed last decade to provide browser-side functionality to Google Hangouts – a product that got split into today’s Google Meet and Chat. Part of that functionality is logging for Google, upon request, stats about your browser’s use of your machine’s compute resources when visiting a *.google.com domain – such as meet.google.com.

Casonato noted that the extension can’t be disabled in Chrome, at least, and it doesn’t show up in the extension panel. He observed it’s also included in Microsoft Edge and Brave, both of which are Chromium based. We reached out to Casonato for more of his thoughts on this – though given the time differences between him in Europe and your humble vulture in the US, we didn’t immediately hear back.

Explanation

If you’ve read this far there’s probably an obvious question on your mind: What’s to say this API is malicious? We’re not saying that, and neither is Casonato. Google isn’t saying that either.

“Today, we primarily use this extension for two things: To improve the user experience by optimizing configurations for video and audio performance based on system capabilities [and] provide crash and performance issue reporting data to help Google services detect, debug, and mitigate user issues,” a Google spokesperson told us on Thursday.

“Both are important for the user experience and in both cases we follow robust data handling practices designed to safeguard user privacy,” the spokesperson added.

As we understand it, Google Meet today uses the old Hangouts extension to, for one thing, vary the quality of the video stream if the current resolution is proving too much for your PC. Other Google sites are welcome to use the thing, too.

That all said, the extension’s existence could be harmful to competition as far as the EU is concerned – and that seems to be why Casonato pointed it out this week.

Source: Why Chromium tells Google sites about your CPU, GPU usage • The Register

A lovely explanation, but the fact remains that chromium is sending personal information to a central company: Google, without informing users at all. This blanket explanation could be used to whitewash any information they send through Chromium: the contents of your memory? Improving user experience. The position of your mouse on websites? Improving user experience. It just does not wash.

AT&T says criminals stole phone records of ‘nearly all’ customers in another data breach there – also, Snowflake again

Posted on by

In a statement, AT&T said that the stolen data contains phone numbers of both cellular and landline customers, as well as AT&T records of calls and text messages — such as who contacted who by phone or text — during a six-month period between May 1, 2022 and October 31, 2022.

AT&T said some of the stolen data includes more recent records from January 2, 2023 for a smaller but unspecified number of customers.

The stolen data also includes call records of customers with phone service from other cell carriers that rely on AT&T’s network, the company said.

AT&T said the stolen data “does not contain the content of calls or texts,” but does include calling and texting records that an AT&T phone number interacted with during the six-month period, as well as the total count of a customer’s calls and texts, and call durations — information that is often referred to as metadata. The stolen data does not include the time or date of calls or texts, AT&T said.

Some of the stolen records include cell site identification numbers associated with phone calls and text messages, information that can be used to determine the approximate location of where a call was made or text message sent.

In all, the phone giant said it will notify around 110 million AT&T customers of the data breach, company spokesperson Andrea Huguely told TechCrunch.

AT&T published a website with information for customers about the data incident. AT&T also disclosed the data breach in a filing with regulators before the market opened on Friday.

Breach linked to Snowflake

AT&T said it learned of the data breach on April 19, and that it was unrelated to its earlier security incident in March.

AT&T’s Huguely told TechCrunch that the most recent compromise of customer records were stolen from the cloud data giant Snowflake during a recent spate of data thefts targeting Snowflake’s customers.

[…]

This is the second security incident AT&T has disclosed this year. AT&T was forced to reset the account passcodes of millions of its customers after a cache of customer account information — including encrypted passcodes for accessing AT&T customer accounts — was published on a cybercrime forum. A security researcher told TechCrunch at the time that the encrypted passcodes could be easily decrypted, prompting AT&T to take precautionary action to protect customer accounts.

Source: AT&T says criminals stole phone records of ‘nearly all’ customers in new data breach | TechCrunch

Data breach exposes millions of mSpy spyware customer support tickets

Posted on by

Unknown attackers stole millions of customer support tickets, including personal information, emails to support, and attachments, including personal documents, from mSpy in May 2024. While hacks of spyware purveyors are becoming increasingly common, they remain notable because of the highly sensitive personal information often included in the data, in this case about the customers who use the service.

The hack encompassed customer service records dating back to 2014, which were stolen from the spyware maker’s Zendesk-powered customer support system.

mSpy is a phone surveillance app that promotes itself as a way to track children or monitor employees. Like most spyware, it is also widely used to monitor people without their consent. These kinds of apps are also known as “stalkerware” because people in romantic relationships often use them to surveil their partner without consent or permission.

The mSpy app allows whoever planted the spyware, typically someone who previously had physical access to a victim’s phone, to remotely view the phone’s contents in real-time.

As is common with phone spyware, mSpy’s customer records include emails from people seeking help to surreptitiously track the phones of their partners, relatives, or children, according to TechCrunch’s review of the data, which we independently obtained. Some of those emails and messages include requests for customer support from several senior-ranking U.S. military personnel, a serving U.S. federal appeals court judge, a U.S. government department’s watchdog, and an Arkansas county sheriff’s office seeking a free license to trial the app.

Even after amassing several million customer service tickets, the leaked Zendesk data is thought to represent only the portion of mSpy’s overall customer base who reached out for customer support. The number of mSpy customers is likely to be far higher.

Yet more than a month after the breach, mSpy’s owners, a Ukraine-based company called Brainstack, have not acknowledged or publicly disclosed the breach.

Troy Hunt, who runs data breach notification site Have I Been Pwned, obtained a copy of the full leaked dataset, adding about 2.4 million unique email addresses of mSpy customers to his site’s catalog of past data breaches.

[…]

Some of the email addresses belong to unwitting victims who were targeted by an mSpy customer. The data also shows that some journalists contacted the company for comment following the company’s last known breach in 2018. And, on several occasions, U.S. law enforcement agents filed or sought to file subpoenas and legal demands with mSpy. In one case following a brief email exchange, an mSpy representative provided the billing and address information about an mSpy customer — an alleged criminal suspect in a kidnapping and homicide case — to an FBI agent.

Each ticket in the dataset contained an array of information about the people contacting mSpy. In many cases, the data also included their approximate location based on the IP address of the sender’s device.

[…]

The emails in the leaked Zendesk data show that mSpy and its operators are acutely aware of what customers use the spyware for, including monitoring of phones without the person’s knowledge. Some of the requests cite customers asking how to remove mSpy from their partner’s phone after their spouse found out. The dataset also raises questions about the use of mSpy by U.S. government officials and agencies, police departments, and the judiciary, as it is unclear if any use of the spyware followed a legal process.

[…]

This is the third known mSpy data breach since the company began in around 2010. mSpy is one of the longest-running phone spyware operations, which is in part how it accumulated so many customers.

[…]

the data breach of mSpy’s Zendesk data exposed its parent company as a Ukrainian tech company called Brainstack.

[…]

Source: Data breach exposes millions of mSpy spyware customers | TechCrunch

India antitrust probe finds Apple abused position in apps market

Posted on by
NEW DELHI, July 12 (Reuters) – An investigation by India’s antitrust body has found that Apple exploited its dominant position in the market for app stores on its iOS operating system, engaging “in abusive conduct and practices”, a confidential report seen by Reuters showed.
The Competition Commission of India (CCI) has been investigating Apple Inc since 2021 for possibly abusing its dominant position in the apps market by forcing developers to use its proprietary in-app purchase system.

[…]

The CCI’s investigations unit, in its 142-page report which is not public but was seen by Reuters, said Apple wields “significant influence” over how digital products and services reach consumers, especially through its iOS platform and App Store.
“Apple App Store is an unavoidable trading partner for app developers, and resultantly, app developers have no choice but to adhere to Apple’s unfair terms, including the mandatory use of Apple’s proprietary billing and payment system,” the CCI unit said in the June 24 report.
“From the perspective of app developers, Apple iOS ecosystem is indispensable.”
[…]
In June, European Union antitrust regulators said Apple breached the bloc’s tech rules, which could result in a hefty fine for the iPhone maker. The company also faces an investigation into new fees imposed on app developers.
In January, in response to a new EU law called the Digital Markets Act, Apple outlined plans to allow software developers to distribute their apps to users in the European Union outside of Apple’s own App Store.
The CCI report is the most critical stage of the Indian investigation and it will now be reviewed by the watchdog’s senior officials.
[…]
The Indian case was first filed by a little-known, non-profit group called “Together We Fight Society” which argued Apple’s in-app fee of up to 30% hurts competition by raising costs for app developers and customers.
Later, a group of Indian startups, Alliance of Digital India Foundation, and Tinder-owner Match filed similar cases at the CCI against Apple, which were all heard together.
The CCI investigation team said in its report that no third-party payment processor was being permitted by Apple to provide the services for in-app purchases.
It added that in most cases the apps are also not being allowed to include any external links that direct customers to other purchasing mechanisms, violating Indian competition laws.
[…]
In its submissions to the CCI, Apple argued its market share in India is an “insignificant” 0-5%, while Google commands 90-100%. The company also argued that the in-app payment system allowed it to maintain and develop the safety of its App Store.
But the CCI said, “App stores are OS (operating system) specific and Apple’s App store is the sole App store available for reaching iOS users.”
“The payment policy of Apple adversely affects the app developers, users and other payment processors,” it said.
[…]

Source: Exclusive: India antitrust probe finds Apple abused position in apps market | Reuters

After a year of no deliveries, F-35 Deliveries Finally Cleared To Resume, New Jets Will Be Limited To Training

Posted on by

A fix of a kind has been found for problems with the F-35’s vital Tech Refresh 3 software, or TR-3, which had seen production deliveries suspended for around a year. Deliveries of the stealth fighters will resume “in the near future,” clearing a backlog of jets sitting in storage, although the TR-3 is only installed in what’s described as a “truncated” form, raising questions about when the F-35 will actually be able to make full use of the long-awaited Block 4 improvements that this software underpins.

The F-35 Joint Program Office announced yesterday that Lt. Gen. Michael J. Schmidt, the F-35 program executive officer, approved the use of the “truncated” TR-3 software on July 3. This means that more than 90 (perhaps as many as 120) F-35s that had been manufactured but then put into storage at Lockheed Martin’s Fort Worth, Texas, plant can be delivered. These jets are destined for both U.S. and foreign customers.

In the meantime, the TR-3 software remains in flight testing, with the aim of achieving a long-term fix.

[…]

TR-3 has suffered numerous delays that have contributed to significant cost overruns in the program. The ongoing issues meant that deliveries of these aircraft were suspended in July 2023.

As of December 2023, it was reported that the development of TR-3 would be completed sometime between April and June of 2024 — after this, the same TR-3 enhancements would have to be incorporated into the existing jets.

By January of this year, Lockheed Martin was saying it didn’t expect F-35 deliveries to resume until late this summer, but it also confirmed that thought was being given to accepting jets before then, without the fully validated TR-3 hardware and software. This is the workaround that Schmidt signed off earlier this month.

In March, when the F-35 was finally been cleared for full-rate production, 17 years after the aircraft first took to the air, customers were still not accepting new aircraft.

[…]

TR-3 has been described as the F-35’s new ‘computer backbone,’ since it promises to provide 25 times more computing power than the existing TR-2 computing system.

Some of the unclassified upgrades are expected to be part of Block 4. The exact configuration is not publicly disclosed just yet. U.S. Department of Defense

Block 4 will give the F-35 advanced new capabilities, including much-expanded processing power, new displays, enhanced cooling, new EOTS and DAS electro-optical sensors, and a range of additional weapons that will greatly help the aircraft meet its potential. A very significant aspect of Block 4 will be a new radar and electronic warfare suite.

[…]

The yearlong delivery hiatus has had a major knock-on effect on the program, both for U.S. and foreign customers.

Lockheed says it will be able to deliver F-35s at a rate of one aircraft per day, but even if it meets that target, it will take more than a year to catch up on deliveries of the stored jets. At the same time, new F-35s continue to come off the production line, making it even harder to address the backlog.

With deliveries on hold, plans to establish new squadrons, train new crews, and accelerate the replacement of older aircraft types have been impacted across the F-35 user community.

An example of these problems came to light late last month, when Denmark announced that the six F-35As it uses for training at Luke Air Force Base, Arizona, will be relocated to Denmark, to help make up for the delivery shortfall of new production aircraft.

[…]

To try and keep things moving, the Joint Program Office and the U.S. military have come up with two separate TR-3 software releases.

“The first release (40P01) is a truncation of the TR-3 software at a point when the code is stable, capable, and maintainable to deliver TR-3 configured aircraft for use in combat training, but it is not until the second software release (40P02) that full combat capability is realized.”

[…]

Source: F-35 Deliveries Finally Cleared To Resume, New Jets Will Be Limited To Training

Isn’t it wonderful as a NATO country to be forced to buy American, especially when the vendors know that you are being strong armed into buying their stuff and sell you absolute lemons. See also US / EU NATO Expenditure – is the balance really so lopsided?