Microsoft

Microsoft Unveils Windows 10 S Laptops Starting at $189 and New Office 365 Tools for Students (venturebeat.com) 40

An anonymous reader shares a report: Microsoft today unveiled new Windows 10 S devices from Lenovo and JP, starting at $189, aimed at the education market. The company also announced new Office 365 learning tools for students. The news mirrors Microsoft's firstline workers push in September, which saw new Windows 10 S devices starting at $275. The company is now simply doing the same as part of its latest EDU push, and it's not mincing words when it comes to explaining its target audience: "schools who don't want to compromise on Chromebooks."

Microsoft unveiled four new Windows 10 devices that are all supposed to offer more than Chrome OS. Two are standard laptops: the Lenovo 100e powered by Intel Celeron Apollo Lake for $189 and JP's Classmate Leap T303 with Windows Hello for $199. The other two are 2-in-1s: the Lenovo 300e convertible with pen support for $279 and the Trigono V401 with pen and touch for $299. All four are spill resistant, ruggedized for students, and promise long battery life to avoid having wires all over the classroom.

Intel

Linus Torvalds Calls Intel Patches 'Complete and Utter Garbage' (lkml.org) 354

An anonymous reader writes: On the Linux Kernel Mailing List, Linus Torvalds ended up responding to a long-time kernel developer (and former Intel engineer) who'd been describing a new microcode feature addressing Indirect Branch Restricted Speculation "where a future CPU will advertise 'I am able to be not broken' and then you have to set the IBRS bit once at boot time to *ask* it not to be broken."

Linus calls it "very much part of the whole 'this is complete garbage' issue. The whole IBRS_ALL feature to me very clearly says 'Intel is not serious about this, we'll have a ugly hack that will be so expensive that we don't want to enable it by default, because that would look bad in benchmarks'. So instead they try to push the garbage down to us. And they are doing it entirely wrong, even from a technical standpoint. I'm sure there is some lawyer there who says 'we'll have to go through motions to protect against a lawsuit'. But legal reasons do not make for good technology, or good patches that I should apply."

Later Linus says forcefully that these "complete and utter garbage" patches are being pushed by someone "for unclear reasons" -- and adds another criticism. The whole point of having cpuid and flags from the microarchitecture is that we can use those to make decisions. But since we already know that the IBRS overhead is huge on existing hardware, all those hardware capability bits are just complete and utter garbage. Nobody sane will use them, since the cost is too damn high. So you end up having to look at "which CPU stepping is this" anyway. I think we need something better than this garbage.
Graphics

Can A New Open Photo File Format Replace JPEGs? (cnet.com) 227

Got lossless compression? An anonymous reader quotes CNET: Google, Mozilla and others in a group called the Alliance for Open Media are working on a rival photo technology. In testing so far, the images are 15 percent smaller than Apple's HEIC photo format, said Tim Terriberry, a Mozilla principal research engineer working on the project. But smaller sizes are just the beginning... it's got a strong list of allies, an affinity for web publishing and modern features that could make it the best contender yet for overcoming JPEG's 1990s-era shortcomings... JPEG isn't just limited by needlessly large file sizes. It's also weak when it comes to supporting a wider range of bright and dark tones, a broader spectrum of colors, and graphic elements like text and logos...

The HEIC's new rival is from the Alliance for Open Media, a group whose top priority is a video compression technology called AV1 that's free of patent licensing requirements. It's got heavy hitters on board, including top browser makers Google, Microsoft, Mozilla and the most recent new member, Apple -- though Apple's plans haven't been made public. And it's got major streaming-video companies, too: Netflix, Amazon, Hulu, Facebook, videoconferencing powerhouse Intel and Google's YouTube. And with the support of chip designers Intel, Nvidia and Arm, AV1 should get the hardware acceleration that's crucial to making video easy on our laptop and phone batteries.

To use Apple's HEIC, "makers of software, processors and phones must jump through a lot of hoops to license patents," which CNET predicts "means HEIC will have trouble succeeding on the web: patent barriers are antithetical to the web's open nature."
Red Hat Software

Red Hat Reverts Spectre Patches to Address Boot Issues (bleepingcomputer.com) 74

An anonymous reader quotes BleepingComputer: Red Hat is releasing updates for reverting previous patches for the Spectre vulnerability (Variant 2, aka CVE-2017-5715) after customers complained that some systems were failing to boot. "Red Hat is no longer providing microcode to address Spectre, variant 2, due to instabilities introduced that are causing customer systems to not boot," the company said yesterday. "The latest microcode_ctl and linux-firmware packages are reverting these unstable microprocessor firmware changes to versions that were known to be stable and well tested, released prior to the Spectre/Meltdown embargo lift date on Jan 3rd," Red Had added.

Instead, Red Hat is recommending that each customer contact their OEM hardware provider and inquire about mitigations for CVE-2017-5715 on a per-system basis. Besides Red Hat Enterprise Linux, other RHEL-based distros like CentOS and Scientific Linux are also expected to be affected by Red Hat's decision to revert previous Spectre Variant 2 updates, so these users will also have to contact CPU/OEM vendors.

At least one site "characterized the move as Red Hat washing its hands of the responsibility to provide customers with firmware patches," writes Data Center Knowledge, arguing instead that Red Hat "isn't actually involved in writing the firmware updates. It passes the microcode created by chipmakers to its users 'as a customer convenience.'" "What I would have said if they'd asked us ahead of time is that microcode is something that CPU vendors develop," Jon Masters, chief ARM architect at Red Hat, told Data Center Knowledge in a phone interview Thursday. "It's actually an encrypted, signed binary image, so we don't have the capability, even if we wanted to produce microcode. It's a binary blob that we cannot generate. The only people who can actually generate that are the CPU vendors."
Wine

Wine 3.0 Released (softpedia.com) 150

prisoninmate shares a report from Softpedia: The Wine (Wine Is Not an Emulator) project has been updated today to version 3.0, a major release that ends 2017 in style for the open-source compatibility layer capable of running Windows apps and games on Linux-based and UNIX-like operating systems. Almost a year in the works, Wine 3.0 comes with amazing new features like an Android driver that lets users run Windows apps and games on Android-powered machines, Direct3D 11 support enabled by default for AMD Radeon and Intel GPUs, AES encryption support on macOS, Progman DDE support, and a task scheduler. In addition, Wine 3.0 introduces the ability to export registry entries with the reg.exe tool, adds various enhancements to the relay debugging and OLE data cache, as well as an extra layer of event support in MSHTML, Microsoft's proprietary HTML layout engine for the Windows version of the Internet Explorer web browser. You can read the full list of features and download Wine 3.0 from WineHQ's website.
Intel

Intel Says Newer Chips Also Hit by Unwanted Reboots After Patch (zdnet.com) 115

Intel says the unexpected reboots triggered by patching older chips affected by Meltdown and Spectre are happening to its newer chips, too. From a report: Intel confirmed in an update late Wednesday that not only are its older Broadwell and Haswell chips tripping up on the firmware patches, but newer CPUs through to the latest Kaby Lake chips are too. The firmware updates do protect Intel chips against potential Spectre attacks, but machines with Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake architecture processors are rebooting more frequently once the firmware has been updated, Intel said. Intel has also updated its original Meltdown-Spectre advisory with a new warning about the stability issues and recommends OEMs and cloud providers test its beta silicon microcode updates before final release. These beta releases, which mitigate the Spectre Variant 2 CVE-2017-5715 attack on CPU speculative execution, will be available next week.
Intel

Intel Unveils 'Breakthrough' 49 Qubit Quantum Computer (extremetech.com) 204

Long-time Slashdot reader cold fjord writes: Extremetech reports, "At CES 2018 this week, Intel's CEO Brian Krzanich declared the company's new 49-qubit quantum computer represented a step towards "quantum supremacy." A 49 qubit system is a major advance for Intel, which just demonstrated a 17-qubit system two months ago. Intel's working with the Netherlands-based Qutech on this project, and expanding the number of qubits is key to creating quantum computers that can deliver real-world results... "Qubits are tremendously fragile," Intel wrote in October. "Any noise or unintended observation of them can cause data loss. This fragility requires them to operate at about 20 millikelvin -- 250 times colder than deep space." This is also why we won't be seeing quantum computers in anyone's house at any point."
Krzanich also thanked the industry for "coming together" to address the Meltdown and Spectre vulnerabilities. "The collaboration among so many companies to address this industry-wide issue across several different processor architectures has been truly remarkable."
Intel

Researcher Finds Another Security Flaw In Intel Management Firmware (arstechnica.com) 87

An anonymous reader quotes a report from Ars Technica: Meltdown and Spectre are not the only security problems Intel is facing these days. Today, researchers at F-Secure have revealed another weakness in Intel's management firmware that could allow an attacker with brief physical access to PCs to gain persistent remote access to the system, thanks to weak security in Intel's Active Management Technology (AMT) firmware -- remote "out of band" device management technology installed on 100 million systems over the last decade, according to Intel. [T]he latest vulnerability -- discovered in July of 2017 by F-Secure security consultant Harry Sintonen and revealed by the company today in a blog post -- is more of a feature than a bug. Notebook and desktop PCs with Intel AMT can be compromised in moments by someone with physical access to the computer -- even bypassing BIOS passwords, Trusted Platform Module personal identification numbers, and Bitlocker disk encryption passwords -- by rebooting the computer, entering its BIOS boot menu, and selecting configuration for Intel's Management Engine BIOS Extension (MEBx).

If MEBx hasn't been configured by the user or by their organization's IT department, the attacker can log into the configuration settings using Intel's default password of "admin." The attacker can then change the password, enable remote access, and set the firmware to not give the computer's user an "opt-in" message at boot time. "Now the attacker can gain access to the system remotely," F-Secure's release noted, "as long as they're able to insert themselves onto the same network segment with the victim (enabling wireless access requires a few extra steps)."

Bug

Intel's Chip Bug Fixes Have Bugs of Their Own (bleepingcomputer.com) 59

From a report: Intel said late Thursday it is investigating an issue with Broadwell and Haswell CPUs after customers reported higher system reboot rates when they installed firmware updates for fixing the Spectre flaw. The hardware vendor said these systems are both home computers and data center servers. "We are working quickly with these customers to understand, diagnose and address this reboot issue," said Navin Shenoy, executive vice president and general manager of the Data Center Group at Intel Corporation. "If this requires a revised firmware update from Intel, we will distribute that update through the normal channels. We are also working directly with data center customers to discuss the issue," Shenoy added. The Intel exec said users shouldn't feel discouraged by these snags and continue to install updates from OS makers and OEMs.
AMD

AMD Is Releasing Spectre Firmware Updates To Fix CPU Vulnerabilities (theverge.com) 74

An anonymous reader quotes a report from The Verge: AMD's initial response to the Meltdown and Spectre CPU flaws made it clear "there is a near zero risk to AMD processors." That zero risk doesn't mean zero impact, as we're starting to discover today. "We have defined additional steps through a combination of processor microcode updates and OS patches that we will make available to AMD customers and partners to further mitigate the threat," says Mark Papermaster, AMD's chief technology officer. AMD is making firmware updates available for Ryzen and EPYC owners this week, and the company is planning to update older processors "over the coming weeks." Like Intel, these firmware updates will be provided to PC makers, and it will be up to suppliers to ensure customers receive these. AMD isn't saying whether there will be any performance impacts from applying these firmware updates, nor whether servers using EPYC processors will be greatly impacted or not. AMD is also revealing that its Radeon GPU architecture isn't impacted by Meltdown or Spectre, simply because those GPUs "do not use speculative execution and thus are not susceptible to these threats." AMD says it plans to issue further statements as it continues to develop security updates for its processors.
Intel

Intel Says Chip-Security Fixes Leave PCs No More Than 10% Slower (axios.com) 276

Intel trying to defuse concern that fixes to widespread chip security vulnerabilities will slow computers, released test results late Wednesday showing that personal computers won't be affected much and promised more information on servers. From a report: The chipmaker published a table of data showing that older processors handled typical tasks 10 percent slower at most, after being updated with security patches. The information covered three generations of processors, going back to 2015, running Microsoft's Windows 10 and Windows 7 computer operating systems. Further reporting: Intel, Microsoft offer differing views on impact of chip flaw
Power

Power Outage Brings CES To a Standstill For Nearly 2 Hours (cnet.com) 58

A major power outage brought a major portion of the Consumer Electronics Show in the Las Vegas Center to a standstill for nearly 2 hours today. The lights went out at around 11:13 a.m. PT, just as the second day of CES 2018 was ramping up, and didn't turn back on until around 12:34 p.m. PT. CNET reports: It came a day after more than an inch of rain fell in Las Vegas, which caused flash flooding in the desert city. (Wednesday's weather is clear and warm, and it's unclear if the power outage was at all related.) The first reports of the blackout came from the convention center's Central Hall, which houses the giant booths for show mainstays including Sony, Samsung, LG and Intel -- though Samsung's booth still had limited electricity thanks to its own private backup power. By noon, security guards were refusing entry to parts of the Convention Center. The website of Nevada Energy, the power provider, listed the cause of the problem as "customer-owned electrical equipment."
Microsoft

Microsoft Details Performance Impact of Spectre and Meltdown Mitigations on Windows Systems (microsoft.com) 237

Microsoft's Windows chief Terry Myerson on Tuesday outlined how Spectre and Meltdown firmware updates may affect PC performance. From a blog post: With Windows 10 on newer silicon (2016-era PCs with Skylake, Kabylake or newer CPU), benchmarks show single-digit slowdowns, but we don't expect most users to notice a change because these percentages are reflected in milliseconds.

With Windows 10 on older silicon (2015-era PCs with Haswell or older CPU), some benchmarks show more significant slowdowns, and we expect that some users will notice a decrease in system performance. With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or older CPU), we expect most users to notice a decrease in system performance.

Windows Server on any silicon, especially in any IO-intensive application, shows a more significant performance impact when you enable the mitigations to isolate untrusted code within a Windows Server instance. This is why you want to be careful to evaluate the risk of untrusted code for each Windows Server instance, and balance the security versus performance tradeoff for your environment.

For context, on newer CPUs such as on Skylake and beyond, Intel has refined the instructions used to disable branch speculation to be more specific to indirect branches, reducing the overall performance penalty of the Spectre mitigation. Older versions of Windows have a larger performance impact because Windows 7 and Windows 8 have more user-kernel transitions because of legacy design decisions, such as all font rendering taking place in the kernel.

AMD

Intel Launches 8th Gen Core Series CPUs With Integrated AMD Radeon Graphics (hothardware.com) 123

MojoKid writes: At CES 2018, Intel unveiled more details of its 8th generation Intel Core processors with integrated AMD Radeon RX Vega M graphics. Like cats and dogs living together, the mashup of an Intel processor with an AMD GPU is made possible by an Embedded Multi-Die Interconnect Bridge (EMIB), which provides a high-speed data interconnect between the processor, GPU and 4GB of second-generation High-Bandwidth Memory (HBM2). Intel is delivering 8th generation H-Series Core processors in 65W TDP (laptops) and 100W TDP (desktops) SKUs that will take up 50 percent less PCB real estate, versus traditional discrete configs. Both the mobile and desktop variants of the processors will be available in Core i5 or Core i7 configurations, with 4 cores and 8 threads, up to 8MB of cache and 4GB of HBM2. The 65W mobile processors can boost up to 4.1GHz, while the Radeon RX Vega M GL GPU has base/boost clocks of 931MHz and 1011MHz, respectively. The AMD GPU has 20 compute units and memory bandwidth checks in at 179GB/s. Desktop processors ratchet the maximum boost slightly to 4.2GHz, while the base/boost clocks of the Radeon RX Vega M GH GPU jump to 1063MHz and 1190MHz, respectively. Desktop GPUs are also upgraded with 24 CUs and 204GB/s of memory bandwidth. Intel says that its 8th generation Core i7 with Radeon RX Vega M GL graphics is up to 1.4x faster than a Core i7-8550U with an NVIDIA GeForce GTX 1050 GPU in a notebook system. System announcements from Dell and HP are forthcoming, with availability in the first half of this year. Intel has also launched a new NUC small form factor gaming mini PC based on the technology as well.
IOS

Apple Updates macOS and iOS To Address Spectre Vulnerability (engadget.com) 67

Days after Apple disclosed how it would be dealing with the Meltdown bug that affects modern computers, it's pushed out fixes for the Spectre exploit as well. From a report: iOS 11.2.2 includes "Security improvements to Safari and WebKit to mitigate the effects of Spectre," the company writes on its support page, while the macOS High Sierra 10.13.2 Supplemental Update does the same for your Mac laptop or desktop. Installing this update on your Mac will also update Safari to version 11.0.2.
AI

Alexa is Coming To Windows 10 PCs From HP, ASUS and Others (engadget.com) 99

An anonymous reader shares a report: Amazon's Alexa recently arrived on headphones and even toilets, but it's about to become much more ubiquitous by hitting Windows 10 PCs later this year. HP, ASUS and Acer have revealed that the voice assistant is coming to various models, including ASUS's ZenBook and VivoBook lineup, the HP Pavilion Wave, and select Acer Spin, Swift, Switch and Aspire notebooks. Amazon will release a special Alexa app in the spring, and laptop builders are tapping Intel's Smart Sound tech to make sure that the app can pick up your voice when you're not right next to your PC. "Hands-free access to Alexa on PCs can be helpful to customers in many ways, like making it simple to interact with your smart home, get news or weather, set timers, and more," Amazon Alexa VP Steve Rabuchin said in a statement.
Google

OpenBSD's De Raadt Pans 'Incredibly Bad' Disclsoure of Intel CPU Bug (itwire.com) 366

troublemaker_23 quotes ITWire: Disclosure of the Meltdown and Spectre vulnerabilities, which affect mainly Intel CPUs, was handled "in an incredibly bad way" by both Intel and Google, the leader of the OpenBSD project Theo de Raadt claims. "Only Tier-1 companies received advance information, and that is not responsible disclosure -- it is selective disclosure," De Raadt told iTWire in response to queries. "Everyone below Tier-1 has just gotten screwed."
In the interview de Raadt also faults intel for moving too fast in an attempt to beat their competition. "There are papers about the risky side-effects of speculative loads -- people knew... Intel engineers attended the same conferences as other company engineers, and read the same papers about performance enhancing strategies -- so it is hard to believe they ignored the risky aspects. I bet they were instructed to ignore the risk."

He points out this will make it more difficult to develop kernel software, since "Suddenly the trickiest parts of a kernel need to do backflips to cope with problems deep in the micro-architecture." And he also complains that Intel "has been exceedingly clever to mix Meltdown (speculative loads) with a separate issue (Spectre). This is pulling the wool over the public's eyes..."

"It is a scandal, and I want repaired processors for free."
Linux

Can You Install Linux On a 1993 PC? (yeokhengmeng.com) 253

The oldest x86 CPU that the Linux kernel supports today is theoretically the 486. However is this theory actually true in practice? I decided to put this theory to the test in my project.
His site describes installing Gentoo Linux on an "ancient" IBM PS/1 Consultant 2133 19C (released in 1993), with 64MB SIMM-72 RAM. (Though to speed things up, he compiled that minimal version of Gentoo on a modern Thinkpad T430 released in 2012.) "Due to the age of the PC, the BIOS only supports booting from the floppy drive or internal HDD," so there was also some disk partitioning and kernel configuration. ("Must disable 64-bit kernel for obvious reasons!") A half-hour video shows that it takes almost 11 minutes just to boot up -- and five and a half minutes to shut down. "Despite the many roadblocks I faced, I was impressed by the level of support Linux has for ancient hardware like this."

And there's one more added bonus. "Given the age of the 486 (1989 technology), it does not support branch prediction... Ironically this makes it safe from the Meltdown and Spectre attacks."
Bug

After Intel ME, Researchers Find Security Bug In AMD's SPS Secret Chip-on-Chip (bleepingcomputer.com) 76

An anonymous reader writes: AMD has fixed, but not yet released BIOS/UEFI/firmware updates for the general public for a security flaw affecting the AMD Secure Processor. This component, formerly known as AMD PSP (Platform Security Processor), is a chip-on-chip security system, similar to Intel's much-hated Management Engine (ME). Just like Intel ME, the AMD Secure Processor is an integrated coprocessor that sits next to the real AMD64 x86 CPU cores and runs a separate operating system tasked with handling various security-related operations.

The security bug is a buffer overflow that allows code execution inside the AMD SPS TPM, the component that stores critical system data such as passwords, certificates, and encryption keys, in a secure environment and outside of the more easily accessible AMD cores. Intel fixed a similar flaw last year in the Intel ME.

Intel

Can We Replace Intel x86 With an Open Source Chip? (zdnet.com) 359

An anonymous reader quotes, Jason Perlow, the senior technology editor at ZDNet: Perhaps the Meltdown and Spectre bugs are the impetus for making long-overdue changes to the core DNA of the semiconductor industry and how chip architectures are designed... Linux (and other related FOSS tech that forms the overall stack) is now a mainstream operating system that forms the basis of public cloud infrastructure and the foundational software technology in mobile and Internet of Things (IoT)... We need to develop a modern equivalent of an OpenSPARC that any processor foundry can build upon without licensing of IP, in order to drive down the costs of building microprocessors at immense scale for the cloud, for mobile and the IoT. It makes the $200 smartphone as well as hyperscale datacenter lifecycle management that much more viable and cost-effective.

Just as Linux and open source transformed how we view operating systems and application software, we need the equivalent for microprocessors in order to move out of the private datacenter rife with these legacy issues and into the green field of the cloud... The fact that we have these software technologies that now enable us to easily abstract from the chip hardware enables us to correct and improve the chips through community efforts as needs arise... We need to stop thinking about microprocessor systems' architectures as these licensed things that are developed in secrecy by mega-companies like Intel or AMD or even ARM... The reality is that we now need to create something new, free from any legacy entities and baggage that has been driving the industry and dragging it down the past 40 years. Just as was done with Linux.

The bigger question is which chip should take its place. "I don't see ARM donating its IP to this effort, and I think OpenSPARC may not be it either. Perhaps IBM OpenPOWER? It would certainly be a nice gesture of Big Blue to open their specification up further without any additional licensing, and it would help to maintain and establish the company's relevancy in the cloud going forward.

"RISC-V, which is being developed by UC Berkeley, is completely Open Source."

Slashdot Top Deals