President Donald Trump signed an executive order on Monday to make it easier for the private sector to locate broadband infrastructure on federal land and buildings, part of a push to expand high-speed internet in rural America. Reuters reports: "We need to get rural America more connected. We need it for our tractors, we need it for our schools, we need it for our home-based businesses," a White House official told reporters ahead of Trump's speech at the annual convention of the American Farm Bureau Federation. "We're not moving mountains but we're certainly getting started," the official said, speaking on condition of anonymity to preview Trump's actions. The White House described the moves as an incremental step to help spur private development while the administration figures out what it can do to help with funding, something that could become part of Trump's plan to invest in infrastructure. "We know that funding is really the key thing to actually changing rural broadband," a second White House official said. Reuters cites a 2016 report from the Federal Communications Commission, noting that 39 percent of rural Americans lack access to high-speed internet service.

Powermat, the only contender to the dominant format Qi, has joined the Wireless Power Consortium (WPC) and now backs its rival. "Qi has become the dominant wireless charging standard on the market and the recently launched Apple iPhone lineup is evidence of this success," Powermat said in a statement. "[We] will share technology innovation to further unlock wireless charging potential, and will expedite the growth of the wireless charging infrastructure." Engadget reports: Powermat was barely hanging on as a standard, but as it mentioned, Apple's favoring of Qi for its upcoming chargers pretty much sealed its fate. The company was forced to upgrade its chargers to support Qi at Starbucks locations, for instance, so that Apple's Qi-supported iPhone X- and 8-owning clients could juice up. Until a few years ago, there were essentially three standards, the Alliance for Wireless Power, the Power Matters Alliance (no joking), and Qi, which was already the dominant player. The first two merged to form the Airfuel alliance in 2015, of which Powermat was the main player.

BrianFagioli shares a report from BetaNews: Today, yet another security blunder becomes publicized, and it is really bad. You see, many Western Digital MyCloud NAS drives have a hardcoded backdoor, meaning anyone can access them -- your files are at risk. It isn't even hard to take advantage of it -- the username is "mydlinkBRionyg" and the password is "abc12345cba" (without quotes). To make matters worse, it was disclosed to Western Digital six months ago and the company did nothing. GulfTech Research and Development explains, "The triviality of exploiting this issues makes it very dangerous, and even wormable. Not only that, but users locked to a LAN are not safe either. An attacker could literally take over your WDMyCloud by just having you visit a website where an embedded iframe or img tag make a request to the vulnerable device using one of the many predictable default hostnames for the WDMyCloud such as 'wdmycloud' and 'wdmycloudmirror' etc." The My Cloud Storage devices affected by this backdoor include: MyCloud, MyCloudMirror, My Cloud Gen 2, My Cloud PR2100, My Cloud PR4100, My Cloud EX2 Ultra, My Cloud EX2, My Cloud EX4, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, and My Cloud DL4100. Firmware 2.30.172 reportedly fixes the bug, so make sure your device is updated before reconnecting to the internet.

MojoKid writes: At CES 2018, Intel unveiled more details of its 8th generation Intel Core processors with integrated AMD Radeon RX Vega M graphics. Like cats and dogs living together, the mashup of an Intel processor with an AMD GPU is made possible by an Embedded Multi-Die Interconnect Bridge (EMIB), which provides a high-speed data interconnect between the processor, GPU and 4GB of second-generation High-Bandwidth Memory (HBM2). Intel is delivering 8th generation H-Series Core processors in 65W TDP (laptops) and 100W TDP (desktops) SKUs that will take up 50 percent less PCB real estate, versus traditional discrete configs. Both the mobile and desktop variants of the processors will be available in Core i5 or Core i7 configurations, with 4 cores and 8 threads, up to 8MB of cache and 4GB of HBM2. The 65W mobile processors can boost up to 4.1GHz, while the Radeon RX Vega M GL GPU has base/boost clocks of 931MHz and 1011MHz, respectively. The AMD GPU has 20 compute units and memory bandwidth checks in at 179GB/s. Desktop processors ratchet the maximum boost slightly to 4.2GHz, while the base/boost clocks of the Radeon RX Vega M GH GPU jump to 1063MHz and 1190MHz, respectively. Desktop GPUs are also upgraded with 24 CUs and 204GB/s of memory bandwidth. Intel says that its 8th generation Core i7 with Radeon RX Vega M GL graphics is up to 1.4x faster than a Core i7-8550U with an NVIDIA GeForce GTX 1050 GPU in a notebook system. System announcements from Dell and HP are forthcoming, with availability in the first half of this year. Intel has also launched a new NUC small form factor gaming mini PC based on the technology as well.

GoPro has announced that it's exiting the drone business, citing the challenges of turning a profit in an "extremely competitive" market. From a report: The company revealed the news during its earnings report today, saying that its Karma drone would be the last it would make. The company is also laying off hundreds of staff and reducing the pay of CEO Nicholas Woodman to $1 as it struggles to manage its rocky financials. The $799 Karma drone was first unveiled in late 2016, but proved to be an unfinished and expensive product.

MojoKid writes: AMD is unveiled a number of upcoming chip products for the new year at CES 2018, including updated next-generation Ryzen and Threadripper desktop processors covering every market segment from mobile to HEDT, and an array of Vega-based graphics products. AMD will be releasing a pair of Ryzen 3-branded mobile APUs for mainstream notebooks. The quad-core / quad-thread Ryzen 3 2300U has base and boost clocks of 2.0GHz and 3.4GHz, respectively, while the dual-core / quad-thread Ryzen 3 2200U clocks-in at 2.5GHz and 3.4GHz, base and boost. Desktop Ryzen APUs, codenamed Raven Ridge, are inbound for the AM4 platform as well. Launching on February 12 are the upcoming Ryzen 5 2400G and Ryzen 3 2200G. The Ryzen 5 chip is a quad-core / eight-thread machine with an on-die, 11 CU Vega graphics core, priced at $169. The Ryzen 3 2200G is a quad-core / quad-thread chip with and 8 CU Vega-based graphics engine for only $99. CPU core frequencies on the Ryzen 5 2400G range from 3.6GHz -- 3.9GHz (base / boost) and the Ryzen 3 2400G clocks-in at 3.5GHz -- 3.7GHz. 2nd-generation Ryzen desktop processors are on the way as well and will be manufactured using an advanced 12nm+ lithography process, leveraging the Zen+ architecture, which is fundamentally unchanged from current Zen-based processors, save for a few tweaks and fixes that improve cache and memory speeds and latency. 2nd-Generation Ryzen processors are NOT based on the Zen 2 architecture. AMD also mentioned that these new processors will be used in a new line-up of 2nd-Generation Threadripper processors. Finally, the company disclosed two new Vega-based GPUs, a Vega Mobile part with a svelte 1.7mm Z-height and second Vega-based chip, which will be manufactured at 7nm that specifically targets machine learning applications. The low-profile Vega Mobile GPU will find its ways into ultra-thin notebooks and mobile workstations, but speeds and feeds weren't disclosed. AMD also announced that it will be supporting variable refresh rate over HDMI 2.1 in the future as well.

troublemaker_23 quotes ITWire: Disclosure of the Meltdown and Spectre vulnerabilities, which affect mainly Intel CPUs, was handled "in an incredibly bad way" by both Intel and Google, the leader of the OpenBSD project Theo de Raadt claims. "Only Tier-1 companies received advance information, and that is not responsible disclosure -- it is selective disclosure," De Raadt told iTWire in response to queries. "Everyone below Tier-1 has just gotten screwed."
In the interview de Raadt also faults intel for moving too fast in an attempt to beat their competition. "There are papers about the risky side-effects of speculative loads -- people knew... Intel engineers attended the same conferences as other company engineers, and read the same papers about performance enhancing strategies -- so it is hard to believe they ignored the risky aspects. I bet they were instructed to ignore the risk."

He points out this will make it more difficult to develop kernel software, since "Suddenly the trickiest parts of a kernel need to do backflips to cope with problems deep in the micro-architecture." And he also complains that Intel "has been exceedingly clever to mix Meltdown (speculative loads) with a separate issue (Spectre). This is pulling the wool over the public's eyes..."

"It is a scandal, and I want repaired processors for free."

An anonymous reader writes: AMD has fixed, but not yet released BIOS/UEFI/firmware updates for the general public for a security flaw affecting the AMD Secure Processor. This component, formerly known as AMD PSP (Platform Security Processor), is a chip-on-chip security system, similar to Intel's much-hated Management Engine (ME). Just like Intel ME, the AMD Secure Processor is an integrated coprocessor that sits next to the real AMD64 x86 CPU cores and runs a separate operating system tasked with handling various security-related operations.

The security bug is a buffer overflow that allows code execution inside the AMD SPS TPM, the component that stores critical system data such as passwords, certificates, and encryption keys, in a secure environment and outside of the more easily accessible AMD cores. Intel fixed a similar flaw last year in the Intel ME.

The Register reports: Nvidia has banned the use of its GeForce and Titan gaming graphics cards in data centers -- forcing organizations to fork out for more expensive gear, like its latest Tesla V100 chips. The chip-design giant updated its GeForce and Titan software licensing in the past few days, adding a new clause that reads: "No Datacenter Deployment. The SOFTWARE is not licensed for datacenter deployment, except that blockchain processing in a datacenter is permitted."
Long-time Slashdot reader Xesdeeni has a few questions: Is this really even legal? First, because it changes use of existing hardware, already purchased, by changing software (with potentially required bug fixes) agreements retroactively. Second, because how can a customer (at least in the U.S.) be told they can't use a product in a particular place, unless it's a genuine safety or security concern (i.e. government regulation)!?
Nvidia expects that "working together with our user base on a case-by-case basis, we will be able to resolve any customer concerns," they told CNBC, adding that "those who don't download new drivers won't be held to the new terms."

An anonymous reader quotes USA Today: "Always connected personal computers" -- or ACPCs -- refer to a new breed of Windows laptops with three key features: a battery that can last multiple days; instant-on access when you open the lid or touch a key; and an optional high-speed cellular connection, to avoid hunting for a Wi-Fi hotspot to get online. In other words, your laptop is going to behave a lot more like your smartphone...

In fact, with the Qualcomm Snapdragon 835 processor, ASUS is claiming battery life of up to 22 hours of continuous video playback, and up to 30 days on standby. At $799, the ASUS NovaGo (model # TP370) will also be the first always-connected PC with a 360-degree flip hinge -- making it a "2-in-1" that can convert from laptop mode to a tablet by bending back the 13.3-inch screen -- and the first with Gigabit LTE speeds, for an always on, always connected experience.
ASUS's media relations director touts the high-speed cellular connections -- which consumers pay for separately -- as 3 to 7 times faster than broadband. "It allows you to download a 2-hour movie in about 10 seconds."

And Qualcomm's senior director of product management says there's more ways that it's like a smartphone. "Even when the screen is off, it's still connected, so when I open the lid, it does facial recognition, and I'm in."

An anonymous reader quotes a report from The Guardian: Intel has been hit with at least three class-action lawsuits over the major processor vulnerabilities revealed this week. Three separate class-action lawsuits have been filed by plaintiffs in California, Oregon and Indiana seeking compensation, with more expected. All three cite the security vulnerability and Intel's delay in public disclosure from when it was first notified by researchers of the flaws in June. Intel said in a statement it "can confirm it is aware of the class actions but as these proceedings are ongoing, it would be inappropriate to comment." The plaintiffs also cite the alleged computer slowdown that will be caused by the fixes needed to address the security concerns, which Intel disputes is a major factor. "Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time," Intel said in an earlier statement.

An anonymous reader quotes a report from The Wall Street Journal (Warning: source may be paywalled; alternative source): Of the three major new products since Mr. Cook became chief executive in 2011, both AirPods earbuds in 2016 and last year's HomePod speaker missed Apple's publicly projected shipping dates. The Apple Watch, promised for early 2015, arrived late that April with lengthy wait times for delivery. Apple also was delayed in supplying the Apple Pencil and Smart Keyboard, two critical accessories for its iPad Pro. The delays have contributed to much longer waits between Apple announcing a product and shipping it: an average of 23 days for new and updated products over the past six years, compared with the 11-day average over the six years prior, according to a Wall Street Journal analysis of Apple public statements. Longer lead times between announcement and product release have the potential to hurt Apple on multiple fronts. Delays give rivals time to react, something the company tried to prevent in the past by keeping lead times short, analysts and former Apple employees said. They can stoke customer disappointment and have cost Apple sales.

Raspberry Pi founder and CEO Eben Upton says the Raspberry Pi isn't susceptible to the "Spectre" or "Meltdown" vulnerabilities because of the particular ARM cores they use. "Spectre allows an attacker to bypass software checks to read data from arbitrary locations in the current address space; Meltdown allows an attacker to read data from arbitrary locations in the operating system kernel's address space (which should normally be inaccessible to user programs)," Upton writes. He goes on to provide a "primer on some concepts in modern processor design" and "illustrate these concepts using simple programs in Python syntax..."

In conclusion: "Modern processors go to great lengths to preserve the abstraction that they are in-order scalar machines that access memory directly, while in fact using a host of techniques including caching, instruction reordering, and speculation to deliver much higher performance than a simple processor could hope to achieve," writes Upton. "Meltdown and Spectre are examples of what happens when we reason about security in the context of that abstraction, and then encounter minor discrepancies between the abstraction and reality. The lack of speculation in the ARM1176, Cortex-A7, and Cortex-A53 cores used in Raspberry Pi render us immune to attacks of the sort."

HP announced this week that it is recalling the lithium-ion batteries in more than 50,000 laptops because of the danger of fire in cases of battery malfunction. From a report: "These batteries have the potential to overheat, posing a fire and burn hazard to customers," the company said in a statement. "For this reason, it is extremely important to check whether your battery is affected." The recall affects the battery, not the entire computer. Consumers should run HP's Validation Utility software to determine if their battery has been recalled. If the battery needs to be replaced, they should then install an update that will put the device in Battery Safe Mode, which will discharge the battery and prevent it from being charged until it's replaced. This update will allow consumers to continue using the computers safely with AC power while they wait for a new battery. The recall affects batteries sold with, or as accessories for, the following models: HP Probook 640 G2, HP ProBook 640 G3, HP ProBook 645 G2, HP ProBook 645 G3, HP ProBook 650 G2, HP ProBook 650 G3, HP ProBook 655 G2, HP ProBook 655 G3, HP ZBook 17 G3, HP ZBook 17 G4, HP ZBook Studio G3, HP x360 310 G2, HP Pavilion x360, HP ENVY m6, and HP 11 Notebook PC.

Hoping the Meltdown and Spectre security problems might mean Intel would be buying you a shiny new computer after a chip recall? Sorry, that's not on the cards. From a report: Intel famously paid hundreds of millions of dollars to recall its Pentium processors after the 1994 discovery of the "FDIV bug" that revealed rare but real calculation errors. But Intel CEO Brian Krzanich said the new problems are much more easily fixed -- and indeed are already well on their way to being fixed, at least in the case of Intel-powered PCs and servers. "This is very very different from FDIV," Krzanich said, criticizing media coverage of Meltdown and Spectre as overblown. "This is not an issue that is not fixable... we're seeing now the first iterations of patches." On Thursday, Intel said it was aiming to fix 90 percent of all Intel products that have been introduced within the past year by end of next week. CNET asked if the company was looking at older Intel processors? From the report: "We're working with [computer makers] to determine which ones to prioritize based on what they see as systems in the field," an executive at the company said. Intel also is fixing the problem in future chips, starting with products that will arrive later this year. Intel is effectively taking the software fixes being released now and building them directly into hardware, he said.

troublemaker_23 writes: A little more than 20 years ago, Intel faced a problem with its processors, though it was not as big an issue as compared to the speculative execution bugs that were revealed this week. The 1997 bug, which came to be known as the F00F bug, allowed a malicious person to freeze up Pentium MMX and "classic" Pentium computers. Any Intel Pentium/Pentium MMX could be remotely and anonymously caused to hang, merely by sending it the byte sequence "F0 0F C7 C8". At the time, Intel said it learnt about the bug on 7 November 1997, but a report said that at least two people had indicated on an Intel newsgroup that the company knew about it earlier before. The processor firm confirmed the existence on 10 November. But, says veteran Linux sysadmin Rick Moen, the company's reaction to that bug was quite similar to the way it has reacted to this week's disclosures.

"Intel has a long history of trying to dissemble and misdirect their way out of paying for grave CPU flaws," Moen said in a post to Linux Users of Victoria mailing list. "Remember the 'Pentium Processor Invalid Instruction Erratum' of 1997, exposing all Intel Pentium and Pentium MMX CPUs to remote security attack, stopping them in their tracks if they could be induced to run processory instruction 'F0 0F C7 C8'? "No, of course you don't. That's why Intel gave it the mind-numbingly boring official name 'Pentium Processor Invalid Instruction Erratum', hoping to replace its popular names 'F00F bug' and 'Halt-and-Catch Fire bug'."

SpaceX has reportedly worked with the Air Force to develop a GPS-equipped on-board computer, called the "Automatic Flight Safety System," that will safely and automatically detonate a Falcon 9 rocket in the sky if the launch threatens to go awry. Previously, an Air Force range-safety officer was required to be in place, ready to transmit a signal to detonate the rocket. Quartz reports: No other U.S. rocket has this capability yet, and it could open up new advantages for SpaceX: The U.S. Air Force is considering launches to polar orbits from Cape Canaveral, but the flight path is only viable if the rockets don't need to be tracked for range-safety reasons. That means SpaceX is the only company that could take advantage of the new corridor to space. Rockets at the Cape normally launch satellites eastward over the Atlantic into orbits roughly parallel to the equator. Launches from Florida into orbits traveling from pole to pole generally sent rockets too close to populated areas for the Air Force's liking. The new rules allow them to thread a safe path southward, past Miami and over Cuba.

SpaceX pushed for the new automated system for several reasons. One was efficacy: The on-board computer can react more quickly than human beings relying on radar data and radio transmissions to signal across miles of airspace, which gives the rocket more time to correct its course before blowing up in the event of an error. As important, the automated system means the company doesn't need to pay for the full use of the Air Force radar installations on launch day, which means SpaceX doesn't need to pay for some 160 U.S. Air Force staff to be on duty for their launches, saving the company and its customers money. Most impressively, the automated system will make it possible for SpaceX to fly multiple boosters at once in a single launch.

Popular repair site iFixit has acquired an iMac Pro and opened it up to see what's inside. They tore down the base iMac Pro with an 8-core processor, 32GB of RAM, and a 1TB SSD. Mac Rumors reports the findings: iFixit found that the RAM, CPU, and SSDs in the iMac Pro are modular and can potentially be replaced following purchase, but most of the key components "require a full disassembly to replace." Standard 27-inch iMacs have a small hatch in the back that allows easy access to the RAM for post-purchase upgrades, but that's missing in the iMac Pro. Apple has said that iMac Pro owners will need to get RAM replaced at an Apple Store or Apple Authorized Service Provider. iFixit says that compared to the 5K 27-inch iMac, replacing the RAM in the iMac Pro is indeed "a major undertaking."

Apple is using standard 288-pin DDR4 ECC RAM sticks with standard chips, which iFixit was able to upgrade using its own $2,000 RAM upgrade kit. A CPU upgrade is "theoretically possible," but because Apple uses a custom-made Intel chip, it's not clear if an upgrade is actually feasible. The same goes for the SSDs -- they're modular and removable, but custom made by Apple. Unlike the CPU, the GPU is BGA-soldered into place and cannot be removed. The internals of the iMac Pro are "totally different" from other iMacs, which is unsurprising as Apple said it introduced a new thermal design to accommodate the Xeon-W processors and Radeon Pro Vega GPUs built into the machines. The new thermal design includes an "enormous" dual-fan cooler, what iFixit says is a "ginormous heat sink," and a "big rear vent." Overall, iFixit gave the iMac Pro a repairability score of 3/10 since it's difficult to open and tough to get to internal components that might need to be repaired or replaced.

In a post on Google's Online Security Blog, two engineers described a novel chip-level patch that has been deployed across the company's entire infrastructure, resulting in only minor declines in performance in most cases. "The company has also posted details of the new technique, called Retpoline, in the hopes that other companies will be able to follow the same technique," reports The Verge. "If the claims hold, it would mean Intel and others have avoided the catastrophic slowdowns that many had predicted." From the report: "There has been speculation that the deployment of KPTI causes significant performance slowdowns," the post reads, referring to the company's "Kernel Page Table Isolation" technique. "Performance can vary, as the impact of the KPTI mitigations depends on the rate of system calls made by an application. On most of our workloads, including our cloud infrastructure, we see negligible impact on performance." "Of course, Google recommends thorough testing in your environment before deployment," the post continues. "We cannot guarantee any particular performance or operational impact."

Notably, the new technique only applies to one of the three variants involved in the new attacks. However, it's the variant that is arguably the most difficult to address. The other two vulnerabilities -- "bounds check bypass" and "rogue data cache load" -- would be addressed at the program and operating system level, respectively, and are unlikely to result in the same system-wide slowdowns.

Reuters tells the story of how Daniel Gruss, a 31-year-old information security researcher and post-doctoral fellow at Austria's Graz Technical University, hacked his own computer and exposed a flaw in most of the Intel chips made in the past two decades. Prior to his discovery, Gruss and his colleagues Moritz Lipp and Michael Schwarz had thought such an attack on the processor's "kernel" memory, which is meant to be inaccessible to users, was only theoretically possible. From the report: "When I saw my private website addresses from Firefox being dumped by the tool I wrote, I was really shocked," Gruss told Reuters in an email interview, describing how he had unlocked personal data that should be secured. Gruss, Lipp and Schwarz, working from their homes on a weekend in early December, messaged each other furiously to verify the result. "We sat for hours in disbelief until we eliminated any possibility that this result was wrong," said Gruss, whose mind kept racing even after powering down his computer, so he barely caught a wink of sleep.

Gruss and his colleagues had just confirmed the existence of what he regards as "one of the worst CPU bugs ever found." The flaw, now named Meltdown, was revealed on Wednesday and affects most processors manufactured by Intel since 1995. Separately, a second defect called Spectre has been found that also exposes core memory in most computers and mobile devices running on chips made by Intel, Advanced Micro Devices (AMD) and ARM Holdings, a unit of Japan's Softbank.