Slashdot Mirror
Intel's Remote Hijacking Flaw Was 'Worse Than Anyone Thought' (arstechnica.com)
An anonymous reader quotes Ars Technica:
A remote hijacking flaw that lurked in Intel chips for seven years was more severe than many people imagined, because it allowed hackers to remotely gain administrative control over huge fleets of computers without entering a password. This is according to technical analyses published Friday... AMT makes it possible to log into a computer and exercise the same control enjoyed by administrators with physical access [and] was set up to require a password before it could be remotely accessed over a Web browser interface. But, remarkably, that authentication mechanism can be bypassed by entering any text string -- or no text at all...
"Authentication still worked" even when the wrong hash was entered, Tenable Director of Reverse Engineering Carlos Perez wrote. "We had discovered a complete bypass of the authentication scheme." A separate technical analysis from Embedi, the security firm Intel credited with first disclosing the vulnerability, arrived at the same conclusion... Making matters worse, unauthorized accesses typically aren't logged by the PC because AMT has direct access to the computer's network hardware... The packets bypass the OS completely.
The article adds that Intel officials "said they expect PC makers to release a patch next week." And in the meantime? "Intel is urging customers to download and run this discovery tool to diagnose potentially vulnerable computers."
Saturday Ars Technica found more than 8,500 systems with an AMT interface exposed to the internet using the Shodan search engine -- over 2,000 in the United States -- adding that "many others may be accessible via organizational networks."
"Authentication still worked" even when the wrong hash was entered, Tenable Director of Reverse Engineering Carlos Perez wrote. "We had discovered a complete bypass of the authentication scheme." A separate technical analysis from Embedi, the security firm Intel credited with first disclosing the vulnerability, arrived at the same conclusion... Making matters worse, unauthorized accesses typically aren't logged by the PC because AMT has direct access to the computer's network hardware... The packets bypass the OS completely.
The article adds that Intel officials "said they expect PC makers to release a patch next week." And in the meantime? "Intel is urging customers to download and run this discovery tool to diagnose potentially vulnerable computers."
Saturday Ars Technica found more than 8,500 systems with an AMT interface exposed to the internet using the Shodan search engine -- over 2,000 in the United States -- adding that "many others may be accessible via organizational networks."
"Authentication still worked" even when the wrong hash was entered, Tenable Director of Reverse Engineering Carlos Perez wrote.
He and I have different definitions for the word "worked".
It must have been something you assimilated. . . .
"There are no comments"
Says it all, doesn't it?
need inspiration from the 1040
Putting Internet accessible code running over the operating system was a terrible idea and this is the predictable outcome.The implementation was totally brain dead and wasn't even tested beyond "works in correct usage cases." This is the reason projects like Libreboot exist.
Dear Intel,
Why should I buy your wide open backdoor chips?
What are you going to do to prevent this problem in the future?
(What? I get that security is hard and that sometimes there are unforeseen vulnerabilities. But... you can enter any text as the password, and it accepts it? Did no one at Intel test a wrong password at any point? This isn't a bug, this is outright negligence.)
The article is a bit confusing regarding this, but no, you can't send an empty password. That's because when a browser does digest authentication it doesn't actually send the password, or even a password hash, to the web server.
The browser sends instead a response MD5 hash computed on a string composed of various items, including a variable nonce sent by the server, in addition to the password, for example:
response=MD5(MD5(username:realm:password):nonce:MD5(method:digestURI)) ... entication
https://en.wikipedia.org/wiki/Digest_ac
This means a normal browser would never send an empty response, even when you enter an empty password. It would always send a 32 hex digit MD5 hash looking like this:
response="6629fae49393a05397450978507c4ef1"
The server would then compute the same hash, and compare them. If they are equal, it allows login, if they are different it denies login.
The bug was in the code to compare the two strings. It used the strncmp function that compares the first N characters of two strings:
strncmp(string1, string2, N)
http://www.cplusplus.com/reference/cstring/strncmp/
And applied it to the computed hash and the hash response received from the browser, with N set to the length of the response received from the browser, so something like:
strncmp(computed_hash, response, strlen(response))
So when it compared a real hash generated by a browser it would do something like:
strncmp("6629fae49393a05397450978507c4ef1","d3d4914a43454b159a3fa6f5a91d801d", 32)
This would work just fine for hashes sent by the browser, which are always 32 characters in length. Even if the password field is empty, it would compare the two strings, they wouldn't match, and it would reject the empty password or invalid password.
So anyone testing this from a browser would find it works perfectly.
The problem is what happens if you don't use a browser, but you generate an invalid request manually or using a proxy to alter the response, sending an empty string instead of the 32 character hash. Then the compare code does this:
strncmp("6629fae49393a05397450978507c4ef1","",0)
This means the function will compare the first 0 characters between the two strings. So it is equivalent to:
strncmp("","",0)
Of course, two 0 length strings are equal, so it wrongfully concludes the hashes are equal.
What the programmer should have done is check if the hash coming from the browser has the correct length, 32 characters, before attempting to compare the two strings.
Or even better, the programmer should have used the proper string comparing function, strcmp, that already does that for you and you don't need to supply a length parameter, like this:
strcmp(string1, string2)
http://www.cplusplus.com/reference/cstring/strcmp/
Downloading a random binary file and executing it seems like a good idea. Fucking idiots...
When companies will bear responsibility for flaws in such features, as AMT encrypted and obfuscated from 3rd party analysis and management, and enabled by default, and for such screw ups they will pay hefty fines, they will think twice, before making features work such way.
It is time to finally star holding engineers criminally and civilly liable, in addition to their employers, for these obviously reckless, negligent, and possibly even intentional "features."
When it's YOUR ASS that is going to get strung up, you'll pay a lot closer attention to what the fuck you're doing.
see e.g. https://hardware.slashdot.org/story/15/01/29/2241214/fsf-endorsed-libreboot-x200-laptop-comes-with-intels-amt-removed
Moneyquote:
But hey, the FSF and Stallman are just overreacting hippies right? RIGHT?
Russian and Chinese government agencies have been passively or actively promoting the development of a domestic semiconductor industry.
Any way to disable this in Linux?
Does this only give control of hardware aflicted by windows?
Interesting info, APK.
Does this only give control of hardware aflicted by windows?
No, Intel AMT runs completely independently of the operating system. It doesn't matter whether the operating system is Windows, Linux, BSD, or anything else.
It's desperately important that open hardware platforms get developed and made available -- alternative CPU architectures, hardware, and boot firmware are the only possible defense against the Intel monoculture completely screwing us like this. Security holes/backdoors are only one problem of many. There are a lot of powerful, monied interests who would prefer you not to have any control over your own hardware, and they will continue to take any opportunity to tighten the screws in that direction.
Yes, this means you will have to pay more for less performance (at first anyway), and no, you won't be able to run Windows. But if we don't make this long-term investment general purpose computing is dead.
I have a Q170 chipset board at home and it's supposedly vulnerable, but I like having the ability to remotely control my PC (Server) from bootup to bios to Windows. If it's on a home network behind a firewall, this shouldn't matter.
See subject: I omit BIOS settings you have to check too (but I did it ages ago here). Thought I'd note drivers/services removed results here too showing it's basically enough to do it manually yourself!
(I asked a while back to the guy that trumpets this here IF that'd be enough between service stoppage, drivers yanked for AMT/Intel Mgt. Engine & BIOS - he never answered so I tested it)
Results?
Per BOTH checking tools (OpenSORES one & Intel one)??
Once I disabled Windows service involved AND removed the device driver in Management Console's DEVICE mgr.???
* BOTH said I was 'clean' of it (I never had it installed but EVERY ONCE IN AWHILE? I'll install stuff like this just to test the removal tools...)
APK
P.S.=> Again, it was odd (since remnants of Intel mgt. remains on disk) BOTH tools said I was 'clean' (remnants were on disk still) - so I literally had to INSTALL IT AGAIN, run Intel's UNINSTALL, & then test w/ the tools again (knowing I could manually remove a .sys driver file or .dll's for its services etc.) . Apparently both tools TARGET THE "ACTIVE INGREDIENTS" in the service & drivers involved, & that's what I did manually anyhow... apk
No, Intel AMT runs completely independently of the operating system. It doesn't matter whether the operating system is Windows, Linux, BSD, or anything else.
In fact, it's even worse. Intel AMT can still be running while the computer is off (but still plugged in). See
https://fsf.org/blogs/community/active-management-technology
Let me say it again: your computer can be pwned while it's off! You don't need to have anything running at all, because Intel AMT keeps running in the background as long as the machine is plugged in.
Why, then, is the detection tool only for Windows?
If they hadn't added this stupid feature to begin with, we wouldn't be dealing with this problem.
Yes, AMD's doing it as well, and I'm not buying their bugged CPUs, either. It'll be some time before my Phenom 2x6 is flat-out obsolete.
I think you miss the point. It runs at the most basic hardware level, if it's enabled and supported by your motherboard. Having to install extra software to enable it suggests your motherboard does not directly support it, so this test is meaningless. It does not require additional software to work....
" AMT makes it possible to log into a computer and exercise the same control enjoyed by administrators with physical access [and] was set up to require a password before it could be remotely accessed over a Web browser interface. But, remarkably, that authentication mechanism can be bypassed by entering any text string -- or no text at all..."
I find it hard, very very hard, to believe that this was an accident or just the result of stupid coding. This was either deliberate or was some carefully planned subversion somewhere along the tool chain.
Just cruising through this digital world at 33 1/3 rpm...
In case you were wondering, AMT allows you to access the screen, keyboard, and mouse of your machine through VNC as if you had a network KVM on that machine. It seems to use the VNC protocol even. Network KVMs are expensive specialty items, and something like AMT is a cleaner, simpler way of accomplishing the same thing.
It's a shame Intel messed up and gave this feature a bad name. I hope they'll fix the problems and/or other motherboard makers will come out with a safer and improved version of it.
Now one wonders what great "security features" Intel has places in their network cards, chipsets and CPUs. This really is on the most stupid level possible. They cannot even have done an internal review of this code that deserves the name before putting it into production.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
One of our devices comes with control port open; you can enter commands and they will be executed according to your privileges. Besides "login" very few commands should work for the default user... except external software interacting with the device still doesn't support logging in, so the default privileges are set to maximum. You can still log in... to lower your privileges.
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
See subject & I think YOU missed the part where I already covered it here an hour before you posted https://hardware.slashdot.org/comments.pl?sid=10581229&cid=54373155/ like VPro etc. (it's in my bios off).
* Hence WHY the Intel Mgt. Engine ware (& much more by Intel) came w/ my mobo on a CD...
APK
P.S.=> "Onwards & UPWARDS"... apk
Try reading the summary, you helpless imbecile.
Indeed.
This is yet another security bug produced directly by the archaic C programming language. If this had been any other language the bug wold not have happened, despite the incompetent programmer. Null terminated strings! Wild pointer usage!
C is evil.
This much more common mistake than one might think. A *lot* of applications will accept an empty password. It's one of the more common of the 90,000 or so vulnerabilities that we test for.
Programmers get so focused on making things work, 95% of the testing they do is geared toward that, toward doing whatever is supposed be used for, given correct input. They forget to test the negative - what does it do with incorrect input? If a program retrieves a web page, what if it's empty? What does a searching or sorting program do when asked to aort or search an empty list, or a list of just one item? That stuff doesn't get tested much.
strncpy is just broken. Period.
It should complain if there is no null termination in the first string. The code should work, it just does not work around the bug in strncpy.
Very much like strncpy not adding a null if it is N long.
Lots of C grade rubbish that we still live with.
Why would Intel Mgt. Engine come w/ my mobo then in both hardware and on CD for its software? Please... lol!
APK
P.S.=> I also merely pointed out that the test tools (1 from Intel per this article & the other being "openSORES") produced the results they did when I tested after installing the Intel mgt. engine ware... apk
I'm going to continue using the Host File Engine. Your software is well written, functional. The Host File Engine performs exactly as promised by mmell
his hosts program is actually pretty good by xenotransplant
his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg
I've never tried to belittle (APK's) work, I've flat out said it's good by BronsCon
take a look at the APK hosts file engine by SuperKendall
APK is kinda right. I've tried his hosts file generating software. It works by bmo
I like your host file system by Karmashock
I find your hosts file admirable by vel-ex-tech
* My code's liked + recommended & hosted by Malwarebytes' hpHosts!
APK
P.S.=> Slashdotters find me useful/clever & getting the LAST LAUGH @ you UNIDENTIFIABLE anonymous troll? See subject... apk
Ouch... yeah, that guys got a security vulnerability.
Active Management Technology... it sounds so much like ActiveX, and equally porous it would seem.
When all you have is a hammer, every problem starts to look like a thumb.
See subject: BOTH @ OS software & router hardware level firewalls - "ain't happenin'" w/ that & BIOS stuff = off off as I noted I did LONG ago.
* I only let 80, 8080 & 443 in here, nothing else...
APK
P.S.=> It can't GET to my system based solely on what YOU SAY NOW in fact - it'd have to compromise my firewall (especially router) too... apk
We succumb to the overlords when we use proprietary software!
See subject: Internally & externally? I'm pretty well setup (I 'wrote the book' on it decades ago) https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&btnG=Google+Search&gbv=1/ (funniest part is I actually got paid for it too, lol!).
* I serve up nothing. I get access to everything (stand-alone system, FAR easier to secure external@perimeter & internally vs. a LAN/WAN. By far - but, it definitely works vs. threats I never saw coming decades ago but to this day, that setup's pretty prime (newer hardware by far since then all the way around but principle's same & effective).
What I liked best using PARTS of it on a LAN/WAN? I was invisible (even to admins, whole system) but I got access to everything... It's that good.
APK
P.S.=> Put it THIS way, lol - let's see: I've got UNSTOPPABLE to my credit (ask Whipslash, lol) & now INVULNERABLE - what's next? INVINCIBLE too?? It's look that way so far, lmao... apk
The Discovery Tool from Intel is a Windows executable. So how about the rest of us, Intel? Are our Intel CPUs vulnerable?
See subject: Being proofed vs. this for decades++ now & how? Well - you know https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&btnG=Google+Search&gbv=1/ Hardening your entire setup = does everything (long before it happens - this thing just "can't touch this" due to that setup that way for decades++ now).
* It stops this thing cold (& I did decades ago, lol, setup that very way as I said) before it was a twinkle in the eyes of its creators INTEL.
APK
P.S.=> Enjoy the read - My setup is a "Look @ the future & the future IS now..." decades++ later... apk
Yes, secure for decades by the virtue that the processor predates the features(2008ish).
It wasn't worse than what we thought. What were you smoking Intel?
Results, matter: Now, who do YOU know who said this (you know who, lol)
"I've never tried to belittle (APK's) work, I've flat out said it's good" - by BronsCon (927697) on Thursday February 11, 2016 @06:48PM (#51491263)
?
* RoTfLmAo... anybody YOU know say that? Hehehehehe... @ least I didn't tell you to EAT YOUR WORDS (or, did I? LOL!)
Results matter - CONCRETE, verifiable & UNDENIABLE results (I've got 'em - I got you with 'em in fact (in many a way)).
APK
P.S.=> I'm not here to win a popularity contest - I'm here to WIN (& I always do - It's how I roll - I mean, HOW can I help it when you guys make it easy to do by you losing? LOL!)... apk
The Intel-recommended "mitigation" until the patch is released involves "Unprovisioning clients". What the ___ does that mean? They provide software to do it, but what exactly are the effects? (And yes, I did a web search, but it was unenlightening.) There is a wikipedia article here
https://en.wikipedia.org/wiki/...
on "provisioning", but it talks about seven different kinds of provisioning, and it's not clear which one the Intel doc is talking about. Nor is it clear from reading that article what the effects of UNprovisioning would be. Loss of ability to go on the web? Inability to download antivirus updates? Is it reversible, when the fix from Intel comes out? (and if a computer is "unprovisioned", can you even get the fix from Intel when it comes out?)
See subject & https://hardware.slashdot.org/comments.pl?sid=10581229&cid=54373735/ via "a look @ the future"...
* :)
(As I said - that'd make some sense as to my results testing these tools per my last post - they were blind in usermode minus monitoring filtering drivers).
APK
P.S.=> Porsche - accept NO substitutes - doesn't matter - I was literally UNTOUCHABLE per that link above to this threat (& others like it before + yet to come due to my setups illustrated in part in the link above)... apk
When I was looking at buying a Dell or HP laptop a couple years ago, they both gave me the choice of disabling vPro. AMT is a subset of vPro. So you could disable it if you wanted. Not sure why anyone would choose to have it enabled. And from what I've read, if you have them disable vPro at the factory, it's not possible to enable it later.
Pertinent excerpt of my words per my post to you "newer hardware by far since then" from https://hardware.slashdot.org/comments.pl?sid=10581229&cid=54373899/
* My firewall setup ALONE cuts this threat off easily (per my security guide that STANDS STRONG to this day 10++ yrs. later no less!)
APK
P.S.=> "I RULE!!!" ... apk
See subject: ... & via a layered-security/defense-in-depth security hardened system (correcting you too) https://hardware.slashdot.org/comments.pl?sid=10581229&cid=54374409/ there.
* :)
Imagine that: A security guide I started in 1997's methods STILL protect me to this very day 20++ yrs. later (pats self on back)...
APK
P.S.=> It's NOT easy being "world-class" (like me, lol)... apk
Because of the first mention that no-one uses this - most of these articles are rather sensationalist and really have no idea what the capabilities are of AMT.
A query of the Shodan security search engine found over 8,500 systems with the AMT interface exposed to the Internet, with over 2,000 in the United States alone.
APK is totally right on this count. Adblock Plus on Firefox mobile is a dog on older, or lower end, phones. A hostfile based adblocker makes for a much better experience by chihowa
I support APK's stand on the hosts file by Trax3001BBS
Your premise that hostfiles are a good way to deal with advertising and malvertising is quite valid by JazzLad
No complaints from me, I like APK... Reminds me to use a host file. Also, his stuff is free by aaaaaaargh!
APK's monolithic hosts file is looking pretty good by Culture20
APK... Awesome to see he's still spreading the good word by Molochi
ABP is insufficient as a solid hosts file does everything that APK reminds us about by fast turtle
APK isn't wrong by cfalcon
APK, I know people give you a lot of shit regarding hosts, but please don't ever stop by nasredin
You need APK's hosts file by Teun
APK solution STILL relevant by Thud457
you're right about hosts files by drinkypoo
APK
P.S.=> There's a dozen more than you've got to your name... apk
yet another reason I am a proud buyer/user of AMD products
The only open sores here are the ones in APKs gaping asshole after taking some elephant cock.
By gaping I mean he puts goatse to shame
I implore you seek help for your elephant cock addiction.
See subject: Where even the highly esteemed CIS Tool took fixes to their security ware from me & where I was even unexpectedly paid for these security guides https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&btnG=Google+Search&gbv=1/ + the fact I made a ware for security many others like & use including our /. peers as shown here https://hardware.slashdot.org/comments.pl?sid=10581229&cid=54373621/
* You manage to show us YOU have done more, better & earlier than I have? THEN, you can talk!
(All you ARE is off-topic trolling blowhard windbag mere 'talk' though - no action (on your part)).
APK
P.S.=> No small wonder you 'hide' as UNIDENTIFIABLE anonymous troll - you don't have ANYTHING to show for yourself (& you know it) - bit jealous are ya? Yes - of me, lol... apk
Projecting your issues onto me? LOL, please - get on topic & grow up!
APK
P.S.=> You have some SERIOUS issues - take your own advice & seek professional psychiatric help (you need it)... apk
Projecting your issues onto me? Get on topic & grow up!
APK
P.S.=> You have SERIOUS issues - take your own advice & seek professional psychiatric help (you need it)... apk
See subject: To do better than https://hardware.slashdot.org/comments.pl?sid=10581229&cid=54373621/ or https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&btnG=Google+Search&gbv=1// on my part (a fraction of what I can put out to my credit).
* The latter PROOFS ME vs. this exploit (hardware firewall ranges blocked this threat uses) - you've done more, better & earlier with proof?
I DOUBT IT!
APK
P.S.=> Of course, there IS a reason you have to 'hide' behind FAKE NAMES online for your FAKE LIVES &/or use UNIDENTIFIABLE anonymous trolling - lol, you don't have a THING to your name/credit - now do you? Nope - prove otherwise (good luck)... apk
But why in the name of all that's holy was this function in the CPU? Did O read the story wrong?
That's a good question. Perhaps, if you managed to create an environment where tests are expected and used in useful way, one could add an expectation to have an equal number of "not" tests, of tests showing what happens when input is not good, that the software does not do things when it shouldn't. That may get developers more into that frame of mind. The famous "goto fail" might have been avoided.
Mature software development includes peer review followed by QA testing. Perhaps mature software development should include security review and security testing. Just as you do peer review, have a security-focused person look over the code and run a test. Not just to catch issues, though it'll do that, but so the feedback helps developers think about those types of issues in the future.
AMDs Bulldozer Cores are about to become a lot more valuable on the second hand market.
I'm going to continue using the Host File Engine. Your software is well written, functional. The Host File Engine performs exactly as promised by mmell
his hosts program is actually pretty good by xenotransplant
his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg
I've never tried to belittle (APK's) work, I've flat out said it's good by BronsCon
take a look at the APK hosts file engine by SuperKendall
APK is kinda right. I've tried his hosts file generating software. It works by bmo
I like your host file system by Karmashock
I find your hosts file admirable by vel-ex-tech
* My code's liked + recommended & hosted by Malwarebytes' hpHosts!
APK
P.S.=> See subject: When you've personally done better tell me "how it works" then - ok? Proof above vs. bs works for me... apk
"I've never tried to belittle (APK's) work, I've flat out said it's good" - by BronsCon (927697) on Thursday February 11, 2016 @06:48PM (#51491263) - works for me & I trust it (as do tons of registered /. users + security pros https://hardware.slashdot.org/comments.pl?sid=10581229&cid=54377473/
* I wonder - do you trust YOURSELF?
APK
P.S.=> You say 1 thing quoted above & now something else, lol... can others trust "shifty" people that don't stick to their guns? apk
See subject & when you can show us you've done more, better & earlier than https://hardware.slashdot.org/comments.pl?sid=10581229&cid=54377473/ & https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&btnG=Google+Search&gbv=1/ then talk!
* LMAO - All you ARE is off topic trolling hotair blowhard windbag 'talk' & nothing more...
APK
P.S.=> Prove otherwise for yourself (I know you can't & so do YOU, lol - all you can do is show us your wasted life + time, trolling others who do well (in myself))... apk
such a complete exploit, it seems more like it was put there deliberately for the government to access...
it makes no sense such exploit could come about by accident.
obamasweapon.com
See subject & your words quoted: "(APK's) work, I've flat out said it's good" BronsCon (927697) on Thursday February 11, 2016 @06:48PM (#51491263) - same as registered /. users + security pros https://hardware.slashdot.org/comments.pl?sid=10581229&cid=54377473/
* What more can I say? You said it better than I can!
APK
P.S.=> If I'm 'dead' getting results like those death's a great place - I tell ya - It's NOT easy being "world-class" (like me doing good work others like & use)... apk
After all, it says "Intel inside", that doesn't imply that they won't prevent anyone else from getting inside.
See subject: Show you can get these kinds of reviews from our /. peers https://hardware.slashdot.org/comments.pl?sid=10581229&cid=54373621/ then you can talk.
APK
P.S.=> I keep asking you to show us others saying you do good work - how come you CAN'T, unidentifiable talker? I know why (lol, you're a "ne'er-do-well" full of HOT air blowhard bullshit - which ANY fool can manage - you're proof of that, lmao!)... apk
But but but we replaced all sprintf, strcmp, etc calls with secure versions - snprintf, strncmp.
See subject & "... not as clumsy or random as a blaster (antivirus/firewalls/local dns/browser addons): An elegant weapon from a more civilized age..." APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/
* "For over a 1,000 generations were the Jedi Knights were the guardians of peace & justice in the old republic - before the dark times (see article>... before the EMPIRE"
APK
P.S.=> That's my review & the light saber I constructed pretty much... apk
You've wasted your time with apk. He's never had a technical conversation, it's all fucking non-related hosts bullshit. He makes up a lot of shit. He really should have more supervision.
I had had a few beers and wanted to see how far he'd argue his nonsense :D
It's no nonsense to be safe vs. this as I am. You're not questioning that either after this https://hardware.slashdot.org/comments.pl?sid=10581229&cid=54373735/
APK
P.S.=> Enjoy your beer (Paul Masson here) - you need it apparently & this really "got your goat" that you reappeared to say that (you project it got to you), lol... apk
"You've made nothing original" - by Brockmire ( 4931623 ) on Monday May 01, 2017 @07:34PM (#54337699)
You've made NOTHING - prove otherwise FAKE NAME for your FAKE LIFE!
---
"You did not come up with the idea of a hosts file" - by Brockmire ( 4931623 ) on Monday May 01, 2017 @07:34PM (#54337699)
Did I say I did? No.
---
"You are not the first to use the hosts file" - by Brockmire ( 4931623 ) on Monday May 01, 2017 @07:34PM (#54337699)
Did I say I was?? Again, no.
---
"You are not even the first person to aggregate block lists into a single block list" - by Brockmire ( 4931623 ) on Monday May 01, 2017 @07:34PM (#54337699)
Did I say I was??? Yet again, no.
APK
P.S.=> I only said mine's better & it's no mere 'script' you SCRIPT KIDDIE "ne'er-do-well" do nothing zero:
"thousands who've made scripts to do this already" - by Brockmire ( 4931623 ) on Monday May 01, 2017 @07:34PM (#54337699)
They used prebuilt scripting tools that do a job (users want GUI, not mere scripts) vs. the fact that I wrote literally the equivalent of 14 UNIX commands into an EASY TO USE GUI multithreaded multitasking 32/64-bit non-runtime driven SINGLE .exe program to do it & do it better vs. my competitors (have you? Oh HELL no)... apk
I certainly hope that no one uses this to restart my comp^^$^@^#^@
NO CARRIER
MMUs, IOMMUs, and peripheral bus glue chips.
The only RISC-V cpus available to the consumer market are arduino or similiar replacements. Bare chips, without either data bus width or i/o options necessary to produce a desktop, notebook, or sbc off of.
Same deal with the J-series SH-clone processors (original designers from the SH on that project!) focusing on embedded instead of crowdsourced desktop replacement.
The only options at this point are to find the engineers necessary ourselves and crowdfund a proper cpu design, whether using patented components (and thus costing more) or taking the hit to performance and only utilizing legacy unpatented devices which are still available commercially (sdram, pci bus, etc, all unpatented and moderately cheap for purposes of developing a small 1 GB memory system with SDRAM and PCI. Or Larger systems (64 GB and 32 bit PAE only) that are libre, but still not cost effective/performant against DDR4+PCIe+x86_64 plus SSE/AVX extensions.