This sounds great... having a core hit 5GHz on your ultra-portable that gets 12 hours battery life. Unfortunately, what they do not tell you is that most manufacturers of ultra-portables fail to include the cooling necessary to sustain 5GHz for more than a few seconds. In reality, you are better off getting the cheaper I5 instead of the I7 in most cases simply because you can't access the higher clock speed since the CPU throttles down almost immediately to keep thermals in check.

I have seen the exact opposite in AZ where I live. There were probably 30 Biden signs on Shea Blvd (major street in Phoenix metro) that were defaced or removed within a week of going up. The Trump signs on the same street have stayed up the entire time.

I did not personally benchmark the new Epyc CPUs, but Anadtech did, and had this to say:

AMD offers you up to 50 to 100% higher performance while offering a 40% lower price. Unless you go for the low end server CPUs, there is no contest: AMD offers much better performance for a much lower price than Intel, with more memory channels and over 2x the number of PCIe lanes.

Which is a pretty bold claim for them. It has my attention at least.

I live in Phoenix AZ - which... if Waymo has their way, may very well be ground zero to see how this whole autonomous vehicle service plays out in a major metro area. I don't live in Chandler (where Waymo is running the service now), but... just yesterday while at lunch with family, on a TV at the bar was a Waymo commercial advertising this site: https://letstalkselfdriving.co...

I don't think you start an ad campaign for something that is decades away - maybe it is decades away, but Waymo thinks otherwise.

It may depend on the conditions of the driving and how well the computer knows the lay of the land. Waymo's tech for commercial service, as I understand it relies heavily on extremely detailed 3D maps (https://letstalkselfdriving.com/about/waymo-zones.html). My guess is that they think they can get to real service faster by utilizing these maps and comparing what the computer knows should be there vs what the onboard sensors providing as input. Perhaps this will work and I can hail a Waymo in my part of Phoenix before too long... after my part of the city is mapped out.

I use podman as a docker replacement - part of the reason is for security - namely its ability to run without a persistent daemon with root and its ability to run rootless containers. Regardless of if you are running podman or docker - employing selinux to prevent a container process from accessing the host security context seems like a good solution here. Selinux is kind of a PITA, but once configured it really helps with this sort of thing.

The article states:

The executive said he has seen similar manipulations of different vendors' computer hardware made by contractors in China, not just products from Supermicro. “Supermicro is a victim -- so is everyone else,” he said. Appleboum said his concern is that there are countless points in the supply chain in China where manipulations can be introduced, and deducing them can in many cases be impossible. “That's the problem with the Chinese supply chain,” he said.

According to the original article - the alleged Chinese culprit chip exploited via the BMC. Aspeed is the company that makes 99% of the BMC controllers in Supermicro boards. If China really did go through the trouble to develop a chip to exploit via Aspeed controllers.... why limit themselves to Supermicro? I know at least Tyan and Lenovo also use Aspeed. From China's intelligence perspective, they would want a solution that could work across multiple board vendors.

According to latest:

Appleboum said one key sign of the implant is that the manipulated Ethernet connector has metal sides instead of the usual plastic ones. The metal is necessary to diffuse heat from the chip hidden inside, which acts like a mini computer. "The module looks really innocent, high quality and 'original' but it was added as part of a supply chain attack," he said.

Really wish they would give us more to go on than just that. Not sure about other Slashdotters, but I have Tyan/Supermicro/Insert-Taiwanese-Motherboard-Manufacturer boards in production, and would really appreciate more information on what to look for.

If they are only charging customers the registry cost plus the ICANN fee as mentioned in the article, that means they are still operating at a loss if they 1) are accepting payment methods which cost money (i.e. credit cards, paypal, etc.) or 2) providing customer support to registrar customers. I would prefer they charged more to at least break-even since presumably they will do at least one if not both of these (they already accept credit cards for their other services). I have all my domains at NameSilo, which I really like, and while they charge a bit more than Cloudflare, at least I understand that they are making money and therefore NameSilo's domain registration service is sustainable.

I have used Cloudflare for years and really like them as well, but when a business announces pricing which would result in a loss or at best - not make any money, that makes me suspicious. I am left to assume they are counting on sales from their other services to make up for this - they are a business after all - beholden to investors who at some point expect ROI.

Cloudflare is stating "we promise to never charge you anything more than the wholesale price each TLD charges" - but that is not just a promise to "never" make money on domain registrations... if they are offering support for domain registrations or offer popular payment methods it is also a promise to always lose money on that part of their business. When a company makes a promise like that (i.e. unlimited bandwidth)... it calls for additional scrutiny. I'd be careful when considering Cloudflare for your domains - they have either not really thought this one through, or are rolling our their own bait and switch scheme.

I was a long time FF user years ago, but ended up switching to Chrome due to its speed relative to FF. I tried 57 when it came out, and love it - I am back to FF now and happy to say that it at least seems as fast as Chrome, but I prefer the FF experience overall. Hopefully they can port over these improvements to FF on Android since Chrome still seems to have a noticeable edge there. Plus... you have to admit that it is kind of bad ass that a lot of these improvements are resulting from Rust - a language Mozilla developed in part to bring better resource utilization and security to FF. It appears this v57 improvement was largely resulting from the Stylo component (written in Rust) - but their roadmap calls for more components to be swapped out - so the good times may keep getting better for FF - I hope they do because competition is good for us all.

This is indeed one aspect of the many problems with our patent system,. Another is the corporate strategy, initiated over a decade ago, which has virtually eliminated the interaction between innovative small firms and larger firms with the need for innovation and the deep pockets required to drive innovative products to market. After my small firm was purchased in 2000, I was ordered to inform all engineers that it would be a major (i.e. firing) violation of corporate policy if they let themselves become aware of the intellectual property of any other firm. I was told that this had recently been adopted as corporate policy by most major firms as a brilliant defense against the feared "triple damages" awards for patent infringement. Corporate policy explicitly banning any effort to learn about other firms' patents currently eliminates any possibility of a court awarding triple damages - even if patent infringement were proven. Since most innovative small firms lack the financial resources needed to take on a multi-year legal battle, even if they were able to show infringement on their patent, this new corporate policy amounted to a free pass for large wealthy firms to simply steal innovations from innovative small firms. The worst thing that could happen would be that the small firm won in court, at which point the worst-case punishment would be to pay 'damages' - which are defined as simply the amount that the stealing firm would have had to pay had they properly licensed the patents from the small firm in the first place. While this is considered a brilliant legal strategy, it is a disastrous national policy for technological innovation. It virtually eliminates the financial incentive for small firms to invest in innovation, by providing carte blanche for larger firms to simply steal that innovation; the logical large firm strategy in this case is to never discuss intellectual property with any small firm - simply steal it and defy them to take you to court. We do indeed need to make war on patent trolls, but even more importantly, we need to make war on patent thieves - by punishing deliberate ignorance of patent theft with large penalties. If it is proven that infringement occurred, and that the infringing firm had a policy of deliberate ignorance, the damage award should be at least tripled. Or - we should start letting speeders go free if they claim ignorance of the speed limit because they chose to deliberately avert their eyes every time a speed limit sign came near.

I wrote the backend for a registrar (NameSilo) and still help out with their developers from time to time. Because they offer free privacy and low prices - they get a lot of black hat use. Spamhaus frequently sends them abuse complaints and I have seen a few of them. What is amazing is that most of them offer little to no evidence of the wrongs a given domain has done. I am literally pasting from an email I was copied on here:

From NameSilo regarding an alleged malware domain:

Hi Thomas, We would like to help expedite this since it involves potential malware, but you don't give us much to go on here. Can you please review: http://www.namesilo.com/Support/Abuse-Reporting-Procedures

From Spamhaus:

This domain name is operated by cybercriminals and used to provide DNS resolution to botnet domains, aimed to steal thousands of $$$ from financial institutions. Please suspend it.

So in short - the registrar asked for evidence that the domain was violating their terms of service and spamhaus simply replies they are cybercriminals... trust us! After seeing other abuse reports from them, I can tell you that spamhaus has a very snub attitude and expects to be listened to. Once when Namesilo did not listen to them enough to their liking, they added namesilo.com to their RBL - they had me modify their MTA to route email around the block, but still - I think you can see the problem here - someone has to keep spamhaus in check.

http://www.namesilo.com/

NameSilo - I would highly recommend them

This site is pretty straight forward: http://www.customerservicescoreboard.com/ - people can score companies based on the customer service they provide. Facebook / markmonitor.com decide for some reason that it infringes on their trademark based on this page: http://www.customerservicescoreboard.com/Facebook Which leads to the following big waste of time/resources simply to tell their legal team to leave them alone: 1) they receive the complaint 2) they contact their registrar http://www.namesilo.com/ to find out what problems if any they have with their domain 3) NameSilo recommends some trademark attorney and 4) the attorney files a response (http://www.customerservicescoreboard.com/images/CustomerServiceScoreboard_Facebook_Response.pdf) which more or less tells Facebook to please leave them alone and that their trademark infringement case is baseless. Facebook ended up dropping the threat. But this goes to show you how ridiculous the situation has become. Sites like Facebook employ services like Markmonitor.com to basically send out thousands of trademark and/or dmca threats.

Is that they want to go after application layer security as well according to the NYTimes article (They want it to include "Developers of software that enables peer-to-peer communication must redesign their service to allow interception."). If that is the case, then this is a direct assault on the right to privacy for all US citizens. Even worse is that it is being touted as a way to catch the bad guys instead of a means to obtain the right to spy on the general population. Any self respecting bad guy will use application layer encryption (i.e. PGP etc.) that works independent of the transport encryption. Do you really think bad guys are going to use software that plays by the rules this law creates?

If this law also goes after application layer security - in other words, it tries to make it illegal to make/use software to enforce your own privacy - then this is a HUGE problem and we all need to act to help inform those around us who don't understand the repercussions of such a law. Right now we have the right to make/use software that protects our privacy. Do you want to live in a country that has removed this right in the name of protecting its citizenry from the evil doers?