WD My Cloud NAS devices have hard-wired backdoor

Found on The Register on Monday, 08 January 2018
Browse Hardware

WD mostly markets the My Cloud range as suited for file sharing and backup in domestic settings. But several of the models with the backdoor are four-disk machines suitable for use as shared storage in small business and also capable of being configured as iSCSI targets for use supporting virtual servers. Throw in the fact that some of the messed-up machines can reach 40TB capacity and there's the very real prospect that sizeable databases are dangling online.

At the same time, politicians still believe that backdoors are a safe and secure way to access all data of citizens. As soon as a backdoor gets exposed, it will be abused.

Amazon: Intel Meltdown patch will slow down your AWS EC2 server

Found on The Register on Friday, 05 January 2018
Browse Hardware

Punters said that, since AWS began rolling out anti-Meltdown updates in December, they have noticed an increase in CPU utilization by their EC2 virtual machines. The solution is to either optimize the application code, or move to a more powerful and expensive host server to take the extra load.

"Immediately following the reboot my server running on this instance started to suffer from CPU stress," one admin noted after installing the patch.

So (obviously) Intel's statement that patches will barely have any noticeable performance penalty was pretty much fake news. It was already clear the moment Intel released the propaganda statement.

Major flaw in millions of Intel chips revealed

Found on BBC News on Thursday, 04 January 2018
Browse Hardware

A serious flaw in the design of Intel's chips will require Microsoft, Linux and Apple to update operating systems for computers around the world.

Experts have said that the fix could slow down the performance of computers by up to 30% but Intel played this down, saying that "for the average user, performance impacts should not be significant and will be mitigated over time".

The flaw is also likely to affect major cloud computing platforms such as Amazon, Microsoft Azure and Google, according to The Register, which broke news of the bug.

The average user rarely makes full use of his CPU to notice; but if you ever did some video encoding or 3D renders, you now can drink a few cups of coffee more while waiting for results. However, Intel should be way more concerned and not try to downplay the impact of the bug. After all, it also affects all those who use Intel CPUs in their servers, and there a 30% performance hit can be dramatic. For many this will include buying new hardware to cope with the loss, and those customers sure won't be happy about the way Intel handles all this.

Nvidia’s new graphics card is $3,000, painted gold, and not meant for graphics

Found on Ars Technica on Friday, 08 December 2017
Browse Hardware

Although Nvidia launched its 21 billion transistor Volta GPU architecture back in May, until now the chip has been used exclusively in compute cards—specifically, the Tesla V100 cards, which cost about $10,000 for the PCIe version.

It's inevitable that some deep-pocketed gamers will pick up a Titan V and use it as nothing more than a graphics card, but that's certainly not the core market.

If someone really thinks he can show off by buying one of these cards, so be it. You cannot even have pity with such people.

Hundreds of Printers Expose Backend Panels and Password Reset Functions Online

Found on Bleeping Computer on Thursday, 05 October 2017
Browse Hardware

One of the cause of some of these exposures is Brother's choice of shipping the printers with no admin password. Most organizations most likely connected the printers to their networks without realizing the admin panel was present and wide open to connections.

An attacker could include spyware-like behavior in tainted firmware updates and have printers send copies of printed documents to an attacker's server.

In the past, printers were just dumb machines that offered no real value to an attacker. With the idea to add a network port to everything, this changed. Especially since today printers are more powerful than computers back then and thus offer a nice backdoor that many won't think of.

FCC chief Ajit Pai wants Apple to stop disabling FM radio chips in iPhones

Found on Ars Technica on Thursday, 28 September 2017
Browse Hardware

Various smartphones with an active FM chip use the cord from a pair of wired headphones as an antenna, however, so the omission of the headphone jack on the iPhone 7 and iPhone 8 may contribute to those devices' lack of FM tuner support.

The FCC chief framed the activation of the FM radio chip as a boon to public safety, since FM radio signals are generally easier to receive in times of emergency when compared to Internet-based services provided over a cellular network.

Many smartphone manufacturers and mobile carriers have disabled that function. Part of that, critics say, is because having a free alternative may discourage customers from using and thus paying for services that demand mobile data.

Radio is not that complex and adds an useful feature. It's pretty obvious however why some do not like free services.

Apple: iPhones Are Too 'Complex' to Let You Fix Them

Found on Motherboard on Sunday, 24 September 2017
Browse Hardware

The company's message is that rather than repairability, the company designs its products for "durability."

"Our first thought is, 'You don't need to repair this.' When you do, we want the repair to be fairly priced and accessible to you," she added. "To think about these very complex products and say the answer to all our problems is that you should have anybody to repair and have access to the parts is not looking at the whole problem."

It's simple: if you buy a product, you own it. If you want to smash it, you can. If you want to let someone else repair it, you can. Apple has absolutely no interest in durability; it wants to sell as much new hardware as possible.

HP Brings Back Obnoxious DRM That Cripples Competing Printer Cartridges

Found on Techdirt on Wednesday, 20 September 2017
Browse Hardware

The company this week released a new software update for the company's OfficeJet 6800 series, OfficeJet Pro 6200 series, OfficeJet Pro X 450 series, and OfficeJet Pro 8600 series printers. One of the major "benefits" of the update? Printer cartridges from competing manufacturers no longer work.

Stop buying HP printers until the company realizes that eliminating device functionality under the pretense of security is obnoxious bullshit.

Or just sue them hard for repeating this, forcing them to pay users an amount that will hurt them. There is no other method to make a company without any morals learn a lesson.

Hard Drive Stats for Q2 2017

Found on Backblaze on Tuesday, 29 August 2017
Browse Hardware

The enterprise drives have 363,282 drives days and an annualized failure rate of 1.61%. If we look back at our data, we find that as of Q3 2016, the 8 TB consumer drives had 422,263 drive days with an annualized failure rate of 1.60%. That means that when both drive models had a similar number of drive days, they had nearly the same annualized failure rate.

Once again, Seagate is at the top when it comes to failure rates. If you value your data, buy drives from someone else who is by an order of magnitude more reliable.

The Right to Repair Movement Is Forcing Apple to Change

Found on Motherboard on Sunday, 18 June 2017
Browse Hardware

For the better part of the last decade, every design decision Apple has made has seemingly been in the pursuit of making its products thinner and more beautiful at the expense of upgradability and repairability.

Apple's authorized repair program leaves a lot to be desired—companies must pay a fee to join the program, and those who join aren't allowed to do many types of repair (such as a charge port replacement, which is trivially easy for any repair professional).

If consumers buy a product, they own it completely. If they want to take it apart to repair it, it's their right. If Apple wants to change that, it should rent hardware to the fanbois; but that would cause another load of problems for the company because customers would return defective hardware and demand a free replacement. On the other hand, that could result in better and more reliable hardware and reduce interest in planned obsolescence.