Tag Archives: hp

Intel CPU + AMD GPU 合一的的系統

先前就有看到 Intel 要與 AMD 合作,將 Intel CPU + AMD GPU 整合在一起以對抗 Nvidia,現在看到 HP 推出對應的筆電了:「HP’s new 15-inch Spectre x360 uses the hybrid Intel/AMD processor」。

不過名字剛好跟最近的安全漏洞撞到了 XDDD (所以才想寫 XDDD)

The new Spectre x360 15 is one of the first systems to be announced that uses the new Kaby Lake-G processors from Intel. These processors combine an Intel CPU (with its own integrated GPU) with an AMD GPU, all within a single package.

出自「Kaby Lake-G unveiled: Intel CPU, AMD GPU, Nvidia-beating performance」。

這種合作的仗打不打的動呢... 不怎麼看好就是了 :o

這次換 HP 裝 Spyware 啦~

討論的頗熱烈的,像是「HP is installing spyware on its machines disguised as an "analytics client"」、「HP stealthily installs new spyware called HP Touchpoint Analytics Client」。

這個軟體會被注意到是因為吃太多資源,而且使用者沒有同意安裝這個軟體 (目前看是起來是透過自動更新機制裝進去的):「Didn't Install HP TouchpointAnalyticsClient and It's Causing CPU 95-98 Red」(先備份一份在這邊,以免被砍...)。

然後這軟體很明顯會傳資料回 HP:

The HP Touchpoint Manager technology is now being delivered as a part of HP Device as a Service (DaaS) Analytics and Proactive Management capabilities. Therefore, HP is discontinuing the self-managed HP Touchpoint Manager solution.

先前聯想因為類似的行為賠了 350 萬美金,這次 HP 搞這包不知道會怎麼樣...

HP 的 audio driver 內含 Keylogger

HP 被發現 2015 年簽出來的 audio driver 內含 keylogger (yeah,因為有數位簽名,所以賴不掉...):「[EN] Keylogger in Hewlett-Packard Audio Driver」。完整的報告在「modzero Security Advisory: Unintended/Covert Storage Channel for sensitive data in Conexant HD Audio Driver Package. [MZ-17-01]」這邊。

keylogger 記錄後會寫到 local file 裡。來拉板凳...

Etsy 用 SSD 的故事

EtsyLaurie Denness 對於 Etsy 使用各種品牌 SSD 的情況給出了他的經歷:「SSDs: A gift and a curse」。


SSD firmware is buggy

可以看到當 SSD 配上 RAID controller 的時候,常常會需要找問題... (而且很難找)

Intel 的評價很不錯:

Okay, bad start, we’ve actually had no issues with Intel. This seems to be common across other companies we’ve spoken to.

OCZ 倒了,被 Toshiba 收購,而且 S.M.A.R.T. 資訊很差,很難預測什麼時候會掛掉 (有助於提前替換):

However, they had poor SMART info (none) so predicting failures was hard.

HP 是個大黑盒:

Unfortunately, HP have proprietary RAID controllers, and they don’t support SMART. Or rather, they refuse to talk to non-HP drives using off the shelf technology, they have their own methods.

Samsung 的評價不錯,C/P 值很高,而且有 S.M.A.R.T.:

Samsung saved the day and picked up from OCZ with a ludicrously cheap 960GB offering, the 840 EVO. A consumer drive, so very limited warranty, but for the price (~$400-500) you got great IOPS and they were reliable. They had better SMART info, and seemed to play nicely with our hardware.

不過 BB6Q 版的韌體搞爆了效能,雖然最後修好了:「Samsung Releases Firmware Update to Fix the SSD 840 EVO Read Performance Bug」。

LiteOn 則是掛在 GC 上 (RAID 裡同時掛掉兩顆以上):

The SSDs were having extended garbage collection periods, exacerbated by a smaller amount of SSDs with higher IO, in RAID6. This caused the controller to kick the drive out of the array… and unfortunately due to the write levelling across the drives, at least two of them were garbage collecting at the same time, destroying the array integrity.

不過後來 Dell 與 LiteOn 分別就 RAID controller 與 SSD 本身都跳下去修正,最後還是解決了:

Dell and LiteOn together identified and fixed weaknesses in their RAID controller, the backplane and the SSD firmware.

算是經驗分享,在 SSD 硬碟成熟的過程中間必經的道路 XD

Nokia 以 166 億美金買下 Alcatel-Lucent

在「Nokia to acquire Alcatel-Lucent」這邊看到的報導,Nokia 以 166 億美金買下 Alcatel-Lucent


其中 OSNews 被拿出來講的... 由於 Nokia 將手機部門賣給了微軟,所以 Nokia 其實是不能發展手機的 (應該有時間限制),但是 Alcatel-Lucent 現在手上有:

Nokia is not allowed to make smartphones for a while, but Alcatel-Lucent does make smartphones.

而這是從 HP 買來的 Palm... (所以 Nokia 又要玩什麼花招了 @_@)

單台 12TB RAM 的 server

翻資料的時候翻到「Scalability Techniques for Practical Synchronization Primitives」這篇文章,裡面剛好提到 HP 的高階伺服器:

HP 的 CS900 (HP ConvergedSystem) 看起來是搭著 SAP HANA 而出的硬體...


記錄起來,如果有需要用到的時候可以去問問 HP...

試用 HP Cloud (Compute 部分)

剛剛註冊了 HP Cloud 測試 Compute 的部分 (相對於 AWS 就是 EC2)。

先就公開的資訊來看,其實還不錯?最小的 instance 是 Extra Small,規格是 1GB RAM + 30GB Disk,收費 USD$0.04/hour,如果是 Small 則是 2GB RAM + 60GB Disk,另外在 Public Beta 期間是 50% off (半價)。

頻寬部分與 AWS 美國區的價錢相同,Inbound 不收費,Outbound 與 AWS 階梯式相同。

有提供網頁介面操作外,也有提供 CLI 可以用:「Unix Command Line Interface」,看起來是 Ruby... (沒裝起來測)

實際註冊完成後可以由從 zone 的名稱「az-1.region-a.geo-1」推敲出實際的機房位置在亞利桑那州 (實際開起來後也是如預期),HiNet 過去大約 140ms。

就 Public Beta 服務來看,要開 instance 時可以選擇的 OS image 也還算豐富:

CPU 部分,openssl speed 的數據是:「HP Cloud, openssl speed」,速度比起 EC2 的 m1.small 算是相當好的。

硬碟部分,iozone -a 的數據:「HP Cloud, iozone -a (over XFS)」,我是在跑 iozone 的時候用 dstat -at 觀察,寫入極限大約有 90MB/sec 到 100MB/sec,不過實際用 dd 測試就會發現應該是 host 有 cache,因為檔案很大的時候只有 20MB/sec 的寫入速度 XD

晚點再來測 Object Storage 與 CDN 的部分...

請更新 HP 印表機的韌體...

HP 發了安全通告「HPSBPI02728 SSRT100692 rev.2 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default」,在安全通告內列出的印表機都有安全問題,「允許遠端安裝未經授權的印表機韌體」,攻擊者可以遠端直接安裝有木馬的韌體:

A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware.

另外可以參考 CVE-2011-4161 的說明:

The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.

能更新的就想辦法更新吧,無法更新的看看有沒有辦法處理 port 9100...