Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
Posted on 19-05-13, 20:26 in Cellphone software preservation (revision 2)
Stirrer of Shit
Post: #281 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Thank you.

I've downloaded both firmwares, but I can't get MotorolaAndroidDepacker to run under Wine. It wants .NET, but neither Microsoft .NET or Mono 2.10 works. In both cases, nothing happens when I run it:

C:\Program Files\MotoAndroidDepacker-1.2alpha3>dir
Volume in drive C has no label.
Volume Serial Number is 0000-0000

Directory of C:\Program Files\MotoAndroidDepacker-1.2alpha3

5/13/2019 <DIR> .
5/13/2019 <DIR> ..
5/13/2019 109,568 MotoAndroidDepacker.exe
5/13/2019 405 MotoAndroidDepacker.xml
2 files 109,973 bytes
2 directories bytes free


C:\Program Files\MotoAndroidDepacker-1.2alpha3>MotoAndroidDepacker.exe

C:\Program Files\MotoAndroidDepacker-1.2alpha3>
No errors or anything, but nothing pops up. I'm running in PlayOnLinux, but that shouldn't make a difference - it's still Wine under the hood. Just doing wine ./MotoAndroidDepacker.exe tells me I need to install .NET.

Any pointers?

Also, do you have any advice on the actual reverse-engineering? For instance, some stuff looks to be written in C/C++. What tools would you recommend using for those binaries? And is there such a thing as static analysis for J2ME, or do I have to decompile it and look at the reconstructed "source code"?

Is the firmware signed? Would it as a last resort be theoretically possible to edit it so that one can dump the filesystem to the SD card without encrypting it?

EDIT: It seems like SD-Binding (.sb1 drm) is listed on a feature on all models that have it, and I can't find anything about the M702iS having it. It was listed as an explicit feature for the 902i series (see https://www.nttdocomo.co.jp/english/binary/pdf/corporate/technology/rd/technical_journal/bn/vol7_4/vol7_4_020en.pdf), but it might have been in phones earlier than that too.

Anyway, there's this 2ch browser for FOMA 90x phones, and that seems to have support for SD-binding to save data (?) to SD card. So if you have physical access to e.g. a N902i, then you might be able to force it to encrypt arbitrary data with an unknown key. No idea how much access you get. If it provides an API where you get a key, a function pointer to encrypt(), and get told to go wild, then of course it would be jackpot. But I would think it's something far more mundane, because they should have the good sense not to directly expose the encryption primitives. And if we diff the SD and no-SD versions' .JAM files, we see that the only change (other than "parameter", which seems to be the filename), is this line:

UseStorage = ext

Which makes me think that it just provides wrappers over whatever Java has instead of fwrite and friends in C, and encrypts it in the background.

That has support for the M702i anyway, and it has separate versions for with and without SD. So it's possible that M702iS does get SD-binding, but it's not documented anywhere.

(For some reason, you can only download the files from the actual phone, but you can guess the URL from the filename; the jar is at http://woontai.dip.jp/w2ch041/w2ch_client.jar)

Do you have any old Motorola phones lying around? If so, you could test if it supports SD-binding. If you try to back up a .dmj file to an SD card, and then dd the whole block device to another SD card, that would keep the FAT volume ID and everything, but not the secured parts. So if it still reads it from the new SD card, there isn't any SD-binding support.

EDIT 2: I'm fairly certain M702iS doesn't support SD-binding, because there's this passage in the manual (https://www.nttdocomo.co.jp/binary/pdf/support/trouble/manual/download/m702is/M702iS_J_13.pdf, pg245):

• ファイルによっては、コピー/移動できない� �合があります。
• 本 FOMA 端末に保存されている Flash、キャラ電は、microSDメモリーカードにコピー/移動できません。

Google Translate:

• Some files can not be copied / moved.
• Flash and Chara-den stored in the FOMA terminal can not be copied / moved to microSD memory card.

Chara-den is キャラ電, "a function that allows you to make a call by sending and receiving images of characters". Character in the sense of avatar, not grapheme. Flash is written with romaji, so presumably that's referring to Macromedia Flash and not flash memory.

Also, other phones (e.g. N902i) lists more stuff under spec. Compare:
https://www.nttdocomo.co.jp/support/utilization/product/m702is/spec.html

Note 13 About the data that can be saved:
Captured image / voice etc

https://www.nttdocomo.co.jp/support/utilization/product/n902i/spec.html

Note 5 About the data that can be saved:
Phonebook / sent / received mail / photographed image / bookmark / voice etc


The manual for the M702iS also says that the folder structure is different from other terminals. Compared to what? Who knows. Either for all the Motorola phones, or the G, or the S.
•本FOMA端末で使用したmicroSDメモリーカードは、FOMA M702iGでもご利用になれます。た� し、その他のFOMA端末とはフォルダ構成が異なるため、そのまま他のmicroSDメモリーカード対応のFOMA端末に差し込んでもご利用できません。
• The microSD memory card used on this FOMA terminal can be used on the FOMA M702iG. However, because the folder configuration is different from other FOMA terminals, you can not use it as it is by inserting it into another microSD memory card compatible FOMA terminal.


But anyway, the Motorola track seems like a dead end.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-05-13, 21:19 in Cellphone software preservation (revision 1)
Stirrer of Shit
Post: #282 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Okay, so here's something interesting:
http://www.jollen.org/blog/2006/09/linux_smartphone.html
Apparently, the N902i runs Linux.

And the NEC even open-sourced the software of the N-01G.
http://www.n-keitai.com/gpl/n/list/n-01G.html

And the N-01G supports SD-Binding.

Then that ought to mean one of four things, in reverse order of likelihood.
1) they're utter madmen who open-source stuff they're contractually under NDA to keep secret
2) the C2 algorithm is implemented in hardware
3) they took out the C2 algorithm before open-sourcing it (why not only remove the secret constant?)
4) the C2 algorithm is implemented in software, but at a higher level than the stuff they chose to share

I'd think 4, because there's no references to other strings used in backups either (see https://www.nttdocomo.co.jp/binary/pdf/support/trouble/manual/download/N-01G_J_OP_01.pdf, pg310)

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-05-13, 22:23 in Cellphone software preservation
Stirrer of Shit
Post: #283 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
https://web.archive.org/web/20190314051233/https://www.engadget.com/2010/11/17/windows-phone-7s-microsd-mess-the-full-story-and-how-nokia-ca/

According to this article, both Windows Phone 7 and Symbian support SD card protection.

I found a guide on how to remove the password protection (e.g. nuke the protected area) that WP7 phones automatically set up on all SD cards you insert into them (!), and that had a link to a file named DEV_STORAGELOCK.cab. That contains an file named StorageLockTool.exe. And it has some very interesting strings:

unlock
lock
locked
unlocked
The storage card is currently %s. Do you want to %s it?
SD Card Lock
No storage card detected.
Failed toggling card lock.
Operation successful.


It's too small to actually implement it, so it should call some library or something. And WP7 is fully dumped, right?

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-05-14, 15:57 in Cellphone software preservation
Stirrer of Shit
Post: #284 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Posted by tomman
Almost all FOMA phones use a proprietary DoCoMo platform, MOAP. There are both Linux and Symbian-based versions of MOAP (MOAP-L/NOAP-S). Those Motorola phones are a notorious exception, as they are just standard Motorola P2K05/Synergy phones with the i-mode/DoJa bits replacing the usual Opera/JBlend stack.

And that isn't dumped?
IIRC Nokia Symbian phones could password-lock SD cards, but never knew how these phones did it.

That should be SD-Binding, like WP7 and the Japanese phones, or at least something very similar. It should have to implement the same S-box at least, which is all that matters.
Is there anywhere you can download a full firmware dump of them?
All I remember is that it was a pain to reuse that cards on other phones should you forget to unlock them on a Nokia phone...

But it was possible, somehow?

As for the MotoAndroidDepacker, I just ran it on my ol' XP laptop, where I only have .NET 3.5. But I've just tested on my Debian Stretch laptop:
tomman@himawari:~$ mono --version
Mono JIT compiler version 4.6.2 (Debian 4.6.2.7+dfsg-1)
Copyright (C) 2002-2014 Novell, Inc, Xamarin Inc and Contributors. www.mono-project.com
TLS: __thread
SIGSEGV: altstack
Notifications: epoll
Architecture: amd64
Disabled: none
Misc: softdebug
LLVM: supported, not enabled.
GC: sgen

...and it runs just fine with that Mono version, FWIW.

Right, I was trying to run it in Wine.
Well, it doesn't matter though, since the Motorola firmware is most likely useless.
Sadly, Argon firmwares are signed, and noone cracked the RSA stuff as it was done for earlier 2G phones (it was pretty much a requirement to get rid of the signed .JAR requirement for accessing restricted APIs, like filesystem access or GPS; for 2G phones on platforms like Neptune LTE all you needed was a hacked bootloader to get rid of the RSA signature crap).

How about the Japanese phones? Would they use strong RSA too? I can't find any firmware anywhere, just their tools that download and flash it for you.
My RAZR V9x does the .dmj shit, but sadly the flex cable just broke a month ago and therefore the displays are dead, so the phone is pretty much unusable for those purposes as-is :/ (Mind you, it STILL works as a phone... as long as you have memorized your phone book, or use it as a modem)

Do you have any samples? I can't find anything on Google for "dmj file" or "dmj file motorola". Do they go by another name in specifications and such?

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-05-14, 20:09 in Cellphone software preservation
Stirrer of Shit
Post: #285 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days

You should assume that if it runs firmware AND works on Licensed Radio Spectrum™, it HAS to be signed. Sometimes it's even a requirement from carriers too. Things like BREW exist for the benefit of the carriers, not for the OEMs themselves (Nokia particularly hated BREW, and this is a reason of why Verizon rarely sold their phones). And then, there is good ol' "protect MUH IP" paranoia.

"RSA" is commonplace. Except for shit-tier garbage Chinese junkphones, all serious OEMs do sign their firmwares, and those phones often have several layers of security for preventing the run of unsigned/modified firmware.

Yeah, but they can mess up the implementation, e.g. small keys. But Motorola is a serious company, or at least was at that time, so they'd probably use a big enough prime size.

As for the files you sent:
* There appears to be some kind of header. The both .dmj files share their first 16 bytes, but the .jar files only share their first 10. There's no resemblance in the .dmj files after this.
* One .dmj file (j2me1) is 23 bytes larger than its corresponding .jar, the other 29 bytes.
* Both .dmj files' sizes are evenly divisible by 16. (32 if you don't count the "header")
This seems to suggest that 16 bytes were added to the start of the files, then they were padded to the nearest 16-byte increment.

Now, most likely is probably that the files were then encrypted wholesale. Maybe the first 16-byte chunk serves as something like TrueCrypt's "TRUE". That is, not a header, just a known value to compare to to check the decryption succeeded. Then:
1. The files used the same key for encryption
2. The block size of the algorithm is 128 bits
3. CBC mode or similar was used

It could also be that the first 16 bytes are an initialization vector for CBC. But that still would mean a block size of 128 bits, CBC mode.

What I don't think we have is a header as used in SD-Binding. Because that uses 64-bit block sizes and unencrypted headers. Also, the samples I've seen had longer, unencrypted headers.

This should mean Motorola doesn't use C2 encryption. In that case, I don't see why they'd use the SD card's Protected Area. Possibly they'd use the serial number, Media ID, or something like that to get a bit more protection, but that's enough, and it's a lot more implementation work they'd need to do to gain access to the holiest of holies for very little gain.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Stirrer of Shit
Post: #286 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Posted by CaptainJistuce
Intel stopped caring too. That's the problem.

I don't see any problem. I've never once been affected by these Spectre or Meltdown vulnerabilities. If I would be, then whatever exploit kit manages to use it would affect many other people too, and then presumably someone (who still isn't me, mind you) would do something. I don't really have a dog in this fight, so why would I care?

More cores and hyper-threading are complementary, rather than contradictory. And it is frankly embarrassing that they disable hyper-threading on any of their products(just like so many other things they disable so they can charge a premium for something their entire product line is capable of).

That's actually reasonable, though. The marginal cost of manufacturing a chip is negligible, R&D (and masks) is the expensive part. So it makes more sense to only manufacture a few types of CPUs, disable the parts that don't turn out so well, and then market them as different processor models based on what clock frequency, core count, etc they could sustain.

Sure, you could argue this is immoral, but it's more efficient than trying to make all the different kinds of CPUs, throwing away some, and wasting enormous overclocking potential in some.

I don't get it.
On 14 May 2019 ... coordinated with Intel, disclosed their discovery


Security people are infamous for having lax morals and a tenuous grasp on reality. But yet they felt the need to do the whole "responsible disclosure" schtick?
Fine if you can actually fix it. But in this case, we're all fucked anyway. So why not release the paper, and then just go all-in on puts? It's not even illegal.
Say they're 10 people, can pool up $10k each. That'd be big enough to get a good deal on the transaction costs. Buy puts with to get like 50x leverage. Say it goes down by 2%, they've doubled their money. Spectre/Meltdown had it down by over 5%, and that was with responsible disclosure too.

Probably they could get more leverage or money too. The odds of it going up are infinitesimal, so they only really have to fear random fluctuations before the news hit the market. And I'm sure the smart money'd be happy to back them.

There was a guy who had an idea for a hedge fund like this, but he got into some legal trouble (for other stuff, later exonerated) and then later on some political trouble. Not sure if I'm allowed to speak positively about him here. But it seems like a workable idea, and one that would be good for society.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-05-15, 15:00 in Computer Technology News/Discussion
Stirrer of Shit
Post: #287 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
You can (should, must) never back down, and that is a consequence of having one in the first place, so un-EOL ing XP won't happen.

Good on them to still support it. I'd reckon all this "Windows 7 EOL" tripe is a hoax for the same reason.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-05-15, 15:40 in hiro vs libui (vs Dear ImGui?)
Stirrer of Shit
Post: #288 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
That and never having an API call generate callbacks, which is something I've never seen another toolkit get right.

How do you mean, generate callbacks? It doesn't use them at all?

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Stirrer of Shit
Post: #289 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Posted by CaptainJistuce
If this were like the 486 SX, I'd agree.

Intel moved several years ago to gating off features and setting clockspeeds based on what they WANTED to sell rather than supply being restricted by yields. It is why you occasionally see a processor model that reliably overclocks by 100%. The reason it isn't being sold as a faster part is because Intel doesn't want there to be a larger supply of faster parts.

Especially obvious with things like ECC RAM and hyper-threading. There's no hardware failure I can imagine that renders them unusable that doesn't also kill the rest of the processor.

No, I don't mean they're restricted by yields anymore, R&D is their main cost. And chip binning is just a simple optimization to do.
But R&D is still a cost. You could argue that they're holding back the computer industry, which I suppose is true, but I think this is for the best. We don't deserve any better. Say clock speeds were to jump tomorrow, what would happen?
A) people keep writing software like usual, but it now goes 2x as fast
B) people make their software use 2x as much resources and claim the compiler will optimize it

As much as I hate to say it, Intel did nothing wrong.

Posted by Screwtape
Security issues tend to be subtle, and understanding them usually requires a thorough understanding of the product in question, such as the product's designer might have. If you announce a vulnerability alongside patches and mitigation guides written by the vendor, you've probably found something cool and worth paying attention to. If you announce a vulnerability out of the blue, the best that's going to happen is that people will ask the vendor what's up, and the vendor will say "we dunno, give us a month or two to figure out whether this has any merit whatsoever". Much less dramatic, and hence much less likely to win you the respect of the security industry, or tenure, or whatever.

Depends on how big the vulnerability is. The Israelis messed up by posting a paper that was as shady as can be, with no proof, and by an unknown company. If a (relatively) well-renowned university had posted it, with proof, and with some PoC code (ready for use) included, then the stock probably wouldn't do so well.

Would you really think Intel would help them exploit their CPU? They'd do research, sure, but I don't think they'd share it with the public until they've fixed it.

Of course, the interesting thing with *this* vulnerability is that basically the same thing was found by many individuals and research groups, and Intel made all of them swear to secrecy individually, and strung them all along for up to a year, never letting them know about each other. If they'd been allowed to talk to each other, they might have been able to properly explore the security implications of today's CPUs, maybe even discover the *next* vulnerability-with-a-logo. Instead, they sat and twiddled their thumbs waiting for the responsible disclosure period to elapse.

EDIT: Also, https://make-linux-fast-again.com/

Now THAT's impressive. Say they had 10 people at each "discoverer" who knew about it, that's 110 people, and none of them took out short positions.

Or maybe they did. I suppose we wouldn't know about it unless they told us. It's perfectly legal, so the bank wouldn't tattle on them, and if they want to be on good terms with the uni they wouldn't tell them about it either. So the only one who would hear about it would be their friends, if any, and even if they in turn would tattle on them, there'd be no conclusive proof either way. Especially not if they were smart and got someone else to do it.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-05-16, 19:08 in Cellphone software preservation
Stirrer of Shit
Post: #290 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Posted by Content Protection for Recordable Media Specification: Introduction and Common Cryptographic Elements
A properly formatted MKB shall have exactly one Verify Media Key Record as its first Record. Bytes 4 through 11 of the Record contain the value
 Dv = C2_E(Km, DEADBEEF16 || XXXXXXXX16)
 where Km is the correct final Media Key value, and XXXXXXXX16 is an arbitrary 4-byte value.
The presence of the Verify Media Key Record in an MKB is mandatory, but the use of the Record by a device is not mandatory.

As an optimization, a device may attempt to decrypt Dv using its current Km value during the processing of subsequent Records, checking each time for the condition
  [C2_D(Km, Dv)]msb_32 == DEADBEEF16
  where Km is the current Media Key value.
If this condition is true, the device has already calculated the correct final Km value, and may therefore stop processing the MKB.

Reading the MKB (in full) requires no authentication at all. Just send the GET_MKB command a few times.

So offline brute-forcing should get you 2^24 candidates for Km. With two SD cards, that would enable you to easily get Km by doing a quick union query.

On my CPU, one C2 encryption operation takes around 12 ns, or 2^26.3 ops/s. (single-threaded, C, -O3, their implementation unmodified, random S-box).
Using all four cores, that'd be about 2500 days of CPU time.
With AVX and elbow grease, I'd reckon you could reduce this number by about 5-25x. With GPU I don't know. Some post on the hashcat forum suggests about 30x, but I don't know if CPU OpenCL is as fast as a proper hand-made AVX implementation. Let's say it is. Then under those ideal conditions, one person could brute-force it in around 80 hours of computer time (worst-case, avg 40h).

If you only get a 10x reduction, no GPUs, and are ten people, it'd take you about a month (worst-case, avg two weeks).

So a brute-force is doable, but hardly a pleasant experience or one you'd want to do more than absolutely necessary.

I think you'd need to do two brute-force operations as above to get Km, then for each Km one brute-force operation per column. I don't know if you'd need all 16 columns, the brute-force attacks mentioned on wikipedia all use col 0, but I don't know why else you'd want to. Maybe it's so if only one device key leaks that can be revoked without having to replace the device?

I would think the easiest way to go at it would be some kind of cloud project (assuming the S-boxes are ever found) where you can submit MKBs, have them checked against a database of previously recovered keys, and contribute to the recovery of device keys. And with the device keys, you could decrypt the protected section of any medium, which is just ordinary FAT12, and Bob's your uncle.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Stirrer of Shit
Post: #291 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Posted by CaptainJistuce

It really sounds like that WAS what you're saying, but...

No, my point is that the manufacturing process doesn't matter. It's like complaining about how Adobe would just burn one kind of DVD-ROM and then laser out a part of it on the Photoshop Elements disks. The disk costs mere cents and you're not paying for the piece of plastic, so why care about how they make their disks?

God help us all if this kind of rapacious and abusive behavior is considered a good thing now.

Is that greedy, then? I mean, I know the memes about Intel, but what are they to do? They do have R&D costs, so unless the regulator forces them to sell at margin cost or they get nationalized not much will happen. Be happy you can still buy a CPU, even if they're not gracious enough to give you complete control over it.
There's not any legitimate use for more computing power anyway, so people would just squander it on electron/mining crypto/making HTML5 even more retarded.
If this offends you, you can do absolutely nothing about it, because it's not feasible (unless you're Chinese) to catch up to Intel/AMD, and for them it's cheaper/easier to license it than to obtain it via industrial espionage leapfrog it. I suppose you could buy yourself a Hygon or Zhaoxin CPU, but you wouldn't be accomplishing very much.
In other words, it's absurd to complain about things being bad when you can tell from a mile away they'll get far, far worse.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-05-17, 09:20 in I have yet to have never seen it all.
Stirrer of Shit
Post: #292 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Under a new partnership announced by the U.S. Embassy in Vienna, American citizens can go to any of the 194 McDonald’s in Austria to seek help to contact a consular office
“It is a smart move for McDonald’s. The company’s engagement and interaction with American citizens abroad is very significant, making them an ideal partner for consular outreach and assistance.”

“Becoming a trusted place to go when you have a personal crisis adds a new dimension to the focus on customer needs.”


There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Stirrer of Shit
Post: #293 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Posted by CaptainJistuce

It is a shift in business model, it gets worse every year, and that R&D budget was CLEARLY not going to actually improving their product if the raft of Intel-exclusive vulnerabilities is any indication.

They've boosted profits wildly over the last several years without actually offering improved products, and in fact with the pace of computer upgrades slowing greatly in part due to a lack of meaningful updates.

Things haven't always been this way? I doubt it.
As for the R&D budget, those are two disparate things. If I'd have to choose between two processors, where one has an obscure theoretical vulnerability, and the other one is 20% faster, I'd sure as heck go with the other one. Even at just 5% or 10% or whatever. I mean, sure, fix Spectre if it's been disclosed, but don't go around sacrificing performance for "security".

I mean, if you want to defend a shift from "manufacturer shipping the best product we can at a competitive price" to "manufacturer shipping the worst product we think people will actually buy at the highest price we think people will tolerate", then okay. It isn't a stance I will ever agree with.

What do you mean, a shift? Presumably, they're in it for the money like everyone else, so they'd always have done that. Most people nowadays have no need for "the best product" like they did in, say, the 90's, because what makes a CPU the best is often niche features that far from all applications can leverage.

ECC RAM disabling, of course, goes back to before the DRAM controller was even ON the processor. Intel worked hard to get everyone else out of the motherboard chipset business, then immediately turned around and started removing features from their chipsets and telling people it was an improvement because they were removing features people didn't need(except on the new server-grade chipsets that were suspiciously much more expensive despite being the same thing aside from those removed features still being present).

...
Umm,, yes? Have you SEEN the markup on Xeon processors?

Xeon CPUs and server-grade chipsets are kind of a special case. The people who buy them are quite price-insensitive, they're the kind of people who throw out the whole machine whenever a part breaks. So it's just regular market segregation.
Case in point: For any consumer-grade CPU, the MSRP is pretty much what you get if you're not buying used. For server-grade CPUs, you can get all sorts of deals on Engineering Samples and whatnot. Just go on Taobao and search for Xeon, and you'll see what I mean.
This is not much different to Nvidia and their Quadro cards. The Quadro cards are just more expensive for no real reason, because the people who buy them have infinity money, and wouldn't ever dare hack something together out of reflashed warranty voided cards.
That's just the way it is. For regular consumer processors, prices are still normal.

Your analogy is also flawed, because I may be paying for software rather than media, but in the case of the processor, I am actually paying for the physical object.

If you bought a car and it had a V8 engine under the hood, but the ECU only fired four cylinders... you'd be mad, right? That's what Intel is doing.

I don't agree with you on that. You can buy a silicon wafer for next to nothing, what you're paying for is Intel's monopoly on the IP needed to manufacture one of whatever processor it is you have.

It's a good analogy with the car. But no. I mean, sure, it's aggravating that parts are locked away. But not much can be done about it. It's like with injection molding: the marginal cost is almost zero, but there's a fat starting cost. And it's indifferent to me whether I get a CPU that has speed X, or one that has speed Y but is hardware locked to speed X in a way that I can't ever change. So they might as well save their money. It's not like I wouldn't get an unlocked CPU if they didn't do that, they'd just have slightly higher expenses.

They aren't offsetting R&D costs, they are boosting profit margins.
And I'm not going to thank them for throwing shit at my face just because they didn't actively force it down my throat.

What's the difference? Both are just return on investment. I don't mean that they have the right to exact payment because they have R&D costs, I mean that they have the ability to do it because everyone else has R&D costs too.
That the desktop is a viable platform there's nothing to thank Intel for. Not Microsoft either. Really, I don't know who to thank for it. PC gamers, maybe?


Then they shouldn't have any R&D budget because there's nothing to develop.
(also buttcoin is done on graphics cards or ASICs these days. No one digs for buttnuggets on CPU.)

That's a reasonable point, and I suppose a race to the bottom might commence soon. Diminishing returns, I guess. They did make some strides even if Moore's law is dead. AVX-512 became commonplace in 2017 (Skylake-X), and still isn't fully implemented. We'll only get _mm512_aesdec_epi128 in Ice Lake, for instance. And then they might work on making AVX-512 work well; as it is now it has quite bad thermal throttling, and AMD doesn't have it. There's always going to be more features to add, at least for a few years. But after that, sure, you might get your $10 ARM processors.

AMD AREN'T feature-gating, their processors AREN'T frequency-locked(and binned much more realistically in any case), and their profit margins are lower. I don't think that AMD actually respects its customers, but I think they aren't actively raping them in the ass with a railroad spike. I'm not sure why you would paint AMD and Intel with the same brush.

AMD would if they could, I'd reckon. AMD did sell locked CPUs in the past, they just didn't do it for Ryzen. If AMD ever gets ahead of Intel, presumably the sides would switch and Intel would be selling cheaper unlocked processors. And then we would be talking about how AMD is greedy and how we should all buy Intel instead, or something like that.

Just imagine this political cartoon, but with the political parties swapped for chipmakers.
Ow!! Next time I'll buy AMD!


"Everything is terrible, and it is only going to get worse, so take it with a smile."
Ummm, how about no? That's a terrible fucking attitude.

Whether you smile or not makes no difference, but that's the way it is, terrible or not. There's no use in crying over spilled milk.
I agree that it's regrettable, but nothing can be done about it, so why care?

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-05-17, 14:43 in I have yet to have never seen it all.
Stirrer of Shit
Post: #294 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Posted by CaptainJistuce
Why does Apple have a /8 block? And why did they buy it in 1990, while they were otherwise engaged in simply not going bankrupt?

Weren't they dirt cheap/free back then?


There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-05-17, 18:42 in I have yet to have never seen it all.
Stirrer of Shit
Post: #295 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Posted by tomman
And there was this reckless "this intertubes thing will never catch on, so let's squander /8s away because nobody cares" attitude back then. Why the DoD still holds so many /8s to this date!? (ranges that they will never relinquish control over due to "national sekuritah" BS just because they still store their routing tables on 8" floppies). Why radio hams had to waste a COMPLETE /8 too?! (AMPRnet, 44.0.0.0/8). Why Ford Motor Company and an insurance company still have assigned /8s!? (I'm sure your Mustang and its insurance policy doesn't have to be in the public Internet). At least I'm glad that GE turned theirs back to the public interest, albeit very late.

>DoD
Oh wow, I never knew they had so many. 13 /8's, that's over 5.9% of all IPs.
And then there's the PRC's 330,321,408 IPs (equivalent to 19.7 /8's), another 8.9% down the drain.

The many new Internet users in countries such as China and India are also driving address exhaustion.

This is a direct lie, because the Indians aren't "driving" shit, this is just to make up an alibi for a certain other country. They have 0.028 IPs per capita, 34.7 million in total. This is 33% less than the Dutch, a small, irrelevant, EU country whose greatest achievements throughout history are the creation of the world's first speculative market bubble and almost sinking into the sea.
It would be more factually accurate to rewrite the passage as such:
The many new Internet users in countries such as China and the Netherlands are also driving address exhaustion.

Yet nobody would do this. Why? Why do the Dutch of all people get a free pass?


I'm still pondering the switch to TEST-NET-3, seriously.
All I would need is to edit some stuff at my routerbox (the interfaces file, a couple of scripts, and my local BIND zones), change the IP on my AP, and call it a day.
I don't expect breakage from any of my real PCs (even the Windows 95 one, as I suppose that example networks weren't a thing back then), but as for smartdevices...

You can always do it North Korea style. No routing, no problem!

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Stirrer of Shit
Post: #296 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Posted by BearOso
most kernel programmers work for virtualization providers.

Ah, so that's why.
Always thought it seemed overblown.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Stirrer of Shit
Post: #297 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
I'm not crying over spilt milk, I'm raging over the fact that no one's standing the jug up before the rest of it dumps out on the floor. Things CAN be done.

But whatever. You're actually the enemy. This "take it and be happy because you are powerless" attitude is why things have gotten as bad as they have. I'm wasting time I could spend on literally anything else arguing with either a corporate shill or a consumer whore.

Hey, calm it with the personal attacks. I am neither a corporate shill nor a consumer whore. I have never set foot inside an Intel office (or any chipmaker's office, for that matter), nor have I ever purchased an Intel CPU in my life, except for when it was inside a laptop.
I don't own any stock in Intel either, except for whatever exposure I get through retirement funds and whatnot. My closest connection to them is probably that I think the AVX intrinsics are fun to program with and the documentation site is kind of neat, but that doesn't mean I like them.

And it isn't that I think what Intel is doing is particularly good or that I feel enthusiasm about it, just apathy. You can rage all you want, but nothing can be done about the matter. The "solution" essentially boils down to "go buy AMD or something". Even if this were a good solution, there's no point to doing so - if their CPUs are good enough, they'll get sold anyway, and if they're not, they won't get sold anyway. In no way do my actions ever enter the equation, so I might as well take it easy and save my money.

Anyway, the main concern isn't that chipmaker A would best chipmaker B reducing CPU costs by X%, that's rearranging the deck chairs on the Titanic. Soon the desktop will be an utterly irrelevant platform, and we'll all be stuck with Chinese locked-down ARM smartdevices with hardware DRM, with nobody even bothering to translate the SDK (which would require a license, of course, and depend on access to The Cloud™) into English.

Nothing can be done about this either, lest you accuse me of changing the subject, I'm just saying that chipmaker profits are a fairly irrelevant concern in the grand scheme of things.
Posted by CaptainJistuce
If only profit margins, processor performance, and feature sets were publicly available data. Oh, wait...
It is rather easy to confirm that having segmented markets for full-featured enterprise processors and kneecapped personal-use processors is a modern business practice that didn't even START until the Core line, and resulted in wildly larger profit margins(because businesses will buy what they need no matter the cost IF there isn't a lower-cost alternative).

I wasn't around for the early era of microprocessors, but that should still make sense. VIA and Cyrix were making CPUs, because the cost to entry back then was lower. There's even a law, Moore's second law, stating that "the cost of a semiconductor chip fabrication plant doubles every four years". The 486 came out in 1989, according to the article a plant cost $14B in 2015, so that gives around $80M for a plant back in 1989. About the same as in this article. Also, the R&D you'd have to catch up to hadn't gotten so far yet.
Businesses would pay money out the ass even if there is a lower-cost alternative, as long as paying out the ass is the so-called "industry best practice". The same goes for universities (in the first world), or at least a good chunk of them.


So every processor from the 486 onward has made a mistake by integrating the FPU? At the time, it was a niche feature that normal users didn't need. There was some annoyance that people who were only going to need integer performance were being forced to pay for a FP coprocessor.
ONCE IT WAS AVAILABLE, it started seeing widespread usage because, hey, it turns out that it wasn't that useless after all.

I suppose the FP is different, but that's a good point. However, stuff like AVX is a fair bit more niche. Compilers can't vectorize well, so all you get is optimizations for programs specially written to take advantage of it (and yes, they do get far faster, even though a GPU is often better still) and a ~5% speedup for other stuff.
Joe Q. Public won't get anything much out of AVX. They're mostly used in video en/decoding, but for H264, the only codec of value to him, that's hardware accelerated anyway.
https://dxr.mozilla.org/mozilla-central/search?q=m256&redirect=true
As you can see, mostly used in libvpx. Doesn't make browser go faster. Also, mr. Public would only use Chrome, which isn't any better.

It is market segregatoin that largely did not exist before the Core series, and didn't exist AT ALL before the Pentium Pro. The PPro had the excuse of being genuinely expensive to manufacture. The Pentium 2 started the trend of ARTIFICIAL market segmentation, where you disable features on most of your parts so that you can charge a premium for the ones that allow access to those parts.

Actually, you traditionally gain much better warranty terms and support in exchange for the Quadro prices. Though nVidia started feature-gating once businesses started becoming more concerned with the price than the support.
And now they flat-out include usage restrictions in the driver license so you legally CAN'T use cheaper enthusiast cards in a business or research setting REGARDLESS of the performance and feature set.

Yeah, but wasn't that just because the enthusiasts and professionals had about the same needs back then, but then they diverged?
Market segmentation is a good thing, in theory. If a company makes $X more on the expensive "industry-grade" products, they would need to earn $X less on the consumer-grade ones to keep the same level of profit. This is what Adobe does: for personal use, Photoshop is effectively free (yes, this is a strategy they encourage), but for businesses that's obviously not an option outside of China.
The Quadro example proves my point: they get warranty and support, yes, but is it really worth paying thousands of dollars for? And the license, same thing. It's not a crime to violate an EULA, and the probability of them getting sued is infinitesimal.
Stuff like the PS3 supercomputer does exist, you know. But nobody wants to save money, because they'd prefer wasting it for use as a status symbol so they get the tuitions.
Journal subscriptions (an utter fraud) are another great example of this. Cut them, the students will teach each other about sci-hub, wait until the Elsevier problem solves itself.
But I digress. Anyway, that big corporations need to pay big $$$ for status symbols isn't a big problem to me.

But not the way it always was, or the way it has to be.

It wasn't that way before because the barriers to entry were lower. At least now things are okay - you can still purchase loose CPUs. I don't think they can get much better, since there's no market for it.

Individuals just get less for their dollar than they used to(and businesses get MUCH less).

To be blunt, fuck businesses. They waste money, that's on them.
I get more for my dollar now than at any other time in the past. Especially if I buy used CPUs. The most expensive CPU in, say, 1990, probably cost around the same as the most expensive now, but it sure as heck isn't as fast.

I'm paying Intel to manufacture a processor, and I'm willing to pay more for a part that is actually harder to make. But when Intel tells me I should pay more not because it is harder, but because they want a wider profit margin, I get upset.

Well, what should be done about it? They can justify this profit margin with the higher costs to entry, a la might makes right, and unless you have $billions lying around in your couch you sadly have to agree they're right on this.
(Also, the profit margins are not so high. P/E of 10 is high but not stellar nor ATH.)


Even when they were ruling the roost, they binned processors honestly(easy enough to test given that their processors were easy to unlock during their dominance), and didn't gate features.

Don't they do the exact same stuff, like disabling broken/unstable cores with lasers? I know you could reflash 270 to 270X, but I don't think you could do that for 370 -> 370X, for instance.

If AMD ever gets close to ahead of Intel, Intel will ease up on their bullshit. We've already seen that as Zen has proven damaging to their sales and they've responded by offering better products at lower prices. Hooray for some fucking competition.

Yeah, but this only works past a certain point, because if AMD gets far ahead enough they'll start pulling the same moves Intel did.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-05-18, 18:54 in Mozilla, *sigh*
Stirrer of Shit
Post: #298 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Bloomberg is a nice website with clean design that has reasonable and neutral financial analysis, it's like a slightly worse Financial Times without paywall. I browse it with JS disabled though.

The performance of applications on the web platform is becoming increasingly bottlenecked by the startup (load) time. Large amounts of JavaScript code are required to create rich web experiences that we’ve become used to. When we look at the total size of JavaScript requested on mobile devices from HTTPArchive, we see that an average page loads 350KB of JavaScript, while 10% of pages go over the 1MB threshold. The rise of more complex applications can push these numbers even higher.

"more complex applications"
"rich web experiences"
Stop lying to me, you slimy fuckers! This isn't an application, it's just you cramming more shit into your websites! Nobody needs to load 350KB of JavaScript, except possibly ports of actual, complex applications (e.g. 3D game engines), which your React monstrosity isn't.
Can't they at least write their shit in WebAssembly? Then it should be much smaller and faster, and also harder to block. But of course, this is too difficult for these so-called people who find anything that isn't Python/JavaScript/Scratch "toxic masculinity" - not making this one up.

Interesting to not see Google involved on this, but then they would prefer to download an app for that™ on your Android smartdevices, or maybe some Chrome-specific feature.

Never interrupt your enemy when he is making a mistake. –Napoleon

In reality, I think it's much simpler. Google hires competent but soulless people, while large chunks of Mozilla appear to have genuine enthusiasm for the cancer that is HTML5 (or as I've recently taken to calling it, HTML5 plus JavaScript). HTML5 is not a markup language unto itself, but rather another free component of a fully functional website made useful by jQuery, the JavaScript interpreter and frameworks comprising a full website as defined by Google.

Google will probably go along with it, but you should always keep in mind that Mozilla are just a puppet of them and so there's no guarantee for who's actually proposing it.

Facebook are a mystery though. First they hire Indians to write a 0.3GB app. Then what do they do?
a) bring in normal developers to right the ship
b) bring in extremely good developers to find a way to bypass internal limits on the code size



That reddit thread gives a good view of their perspective:
Posted by some guy who presumably works there
There is a big effort to break up libraries to reduce app sizes. Messenger is especially sensitive to their app size and will ask hard questions to any developer that includes a huge new library, whether on purpose or by accident.

I don't get it. They have infinite money. Can't they just pay another team (in another country and language, so that there's no overlap) to re-write the whole app, have them do it properly, then fire the old team when testers can't tell the two apps apart any longer in double blind testing?

The million-dollar question is of course as always, are our new Chinese overlords going to keep writing these monstrosities, or will they settle for good ol' IE6 and XP?

Because I tell you, I'd far rather use IE6+XP than this. At least with IE6+XP you're using stable and proven technologies.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Stirrer of Shit
Post: #299 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Posted by legolas119
thanks

So:
1) if I untick "Prefer HLE for coprocessors" Bsnes could't correctly emulate games that needs special firmware if i don't have that firmware in the "firmware" folder. Correct? I think that i have every firmware (i have this list https://higan.readthedocs.io/en/latest/guides/import/) so i think that in this way every games will works with the better possible emulation if I uncheck "Prefer HLE...". Am I right?

2) I untick "Fast PPU", "Fast DPS" and "Fast coprocessors": in this way the emulation is good as Higan. If I keep checked these 3 options some games could be emulated in a worse way, correct? "No Sprite limit" is unkeced by default and "SuperFX clock speed" is at 100% by default so i didn't modified them.

thanks

It looks like Higan applies more blur and desaturation (making the colors more washed out) than bsnes in both images.
The emulation stuff (correct me if I'm wrong) should fix issues on much lower levels, like bugs appearing in some games or some stuff not rendering. I think you could leave the two options checked (faster but less accurate) for most games.
I think this is a shader issue. Are you sure you're using the exact same shader and such?

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-05-18, 21:47 in Something about cheese! (revision 1)
Stirrer of Shit
Post: #300 of 717
Since: 01-26-19

Last post: 1763 days
Last view: 1761 days
Posted by https://archive.fo/M4TyR (from https://www.washingtonpost.com/education/2019/05/16/coming-soon-sat-an-adversity-score-offering-snapshot-challenges-students-face/)
When students send colleges their SAT scores in coming years, the admissions office might also get another number that rates the level of adversity applicants typically face — or privilege they enjoy — based on crime and poverty data and other demographic information about neighborhoods and high schools.

The “overall disadvantage level,” known in admission circles as the “adversity score,” will be a single number from 1 to 100. With 50 set as the average, under a formula established by the College Board, higher scores will indicate higher adversity.

...

The adversity score, which officials described Thursday, will focus on social and economic factors associated with a student’s school and neighborhood, such as median family income, crime reports, housing circumstances, college attendance rates and parental education, according to the College Board. The formula does not consider race, the College Board said, or individual data about a student’s family or financial circumstances.

(archive link due to the wapo playing the GDPR silly-buggers)

What the fuck? This used to be the stuff of jokes/utter strawmen just a few years ago.

It's better than I first thought when I read the article, I guess. That it would have been the default way of computing the score, with your real score staying hidden. I reckon we've still got a good five years until that happens.

Also, a horrible article that doesn't even pretend to be neutral. Of course grades are a poor indicator. Kids who go to bad schools get straight A's just for showing up, while those who go to the kind of schools where they'd actually learn anything get graded on a curve. And as for poor people scoring worse, well they'd continue being poor even if they got into college, no? So what difference does it make that that's the cause?

If they wanted to test willpower, just give them some ridiculously hard take-home assignment ("here are a few thousand words in some non Indo-European language with Latin alphabet, you have a month, good luck") and see how they fare.

Gee, am I glad not to be American.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
    Main » sureanem » List of posts
    Kawa's Github