Apparently co-written by Nicolas Winding Refn. And boy did the trailer give Crysis vibes.

View this comment - View article - View full comments

It's a series of games I never got into, sadly. They have such a loyal fanbase, must be doing something right. I think it was MGS5 that I tried to play, but spent like 40 minutes watching cutscenes in a plane on the way to the first mission. I just remember thinking that I'd have been better off watching a movie instead.

There is not a single cutscene on a plane on the first mission (nor the second, nor on any mission). MGS4 on the other hand is basically a movie with some gameplay intercut (if you have played the entire series before though MGS4 is extremely enjoyable), sadly only exists for the PS3.

View this comment - View article - View full comments

What the heck? game that released 2021 on PC is getting remaster already?
whats going on in this industry. The original game looks great and performs woderfully, whats the point of remaster really.
switching to that unoptimized blurry/smeary UE5 now?

The PC version will not be remastered, it's the old PS4 version from 2019 that will be remastered for PS5.

View this comment - View article - View full comments

Never understood the complaints about the story lines in BL3, I mean the storylines in BL2 was completely horrendous and story was never a huge part of BL anyway.

View this comment - View article - View full comments

does this mean mangohud doesn't work with vulkan games anymore or is this something else?

This is something else, haven't been able to find all the details but it was something separate called "mangoapp_layer" that was only 270 lines of code, according to the commit that removed it it was never actually used.

View this comment - View article - View full comments

Hopefully AMD can sort out the issue with HDMI 2.1 support.

That will only work if they change the hardware in future cards, the issue is that AMD does HDMI in software and the HDMI consortium have forbidden them to release anything beyond 2.0 as open source. Intel solved this by only doing DP on their card and then have a hardware DP->HDMI chip and Nvidia solved it by having HDMI2.1 be done in their closed firmware.

View this comment - View article - View full comments

@LoudTechie
<quote>Something trying to imitate external(Windows) behavior still runs in the kernel.
Something will try to access an edge case and render the entire thing catatonic. </quote>
Look at the actual code, it is extremely simple.

Aka we are talking about a few codeblocks that looks like this:
 
static int ntsync_mutex_kill(struct ntsync_obj *mutex, void __user *argp)
{
struct ntsync_device *dev = mutex->dev;
__u32 owner;
int ret;

if (get_user(owner, (__u32 __user *)argp))
return -EFAULT;
if (!owner)
return -EINVAL;

if (mutex->type != NTSYNC_TYPE_MUTEX)
return -EINVAL;

if (atomic_read(&mutex->all_hint) > 0) {
spin_lock(&dev->wait_all_lock);
spin_lock_nest_lock(&mutex->lock, &dev->wait_all_lock);

ret = kill_mutex_state(mutex, owner);
if (!ret) {
try_wake_all_obj(dev, mutex);
try_wake_any_mutex(mutex);
}

spin_unlock(&mutex->lock);
spin_unlock(&dev->wait_all_lock);
} else {
spin_lock(&mutex->lock);

ret = kill_mutex_state(mutex, owner);
if (!ret)
try_wake_any_mutex(mutex);

spin_unlock(&mutex->lock);
}

return ret;
}

View this comment - View article - View full comments

I see little hope for it.
The primary problem with kernel involvement remains: crashes.
Wine can't help, but be a really crashy program.
In the kernel a crash means a reboot, while in user space it means a signal: making it recoverable.

Note that NTSync doesn't mean that any part of the game or WINE runs in the kernel so there are basically no added risk of kernel crashes here.

View this comment - View article - View full comments

Quoting: LoudTechieYou demand nanometer precision, you get nanometer precision.(I still argue that a full microcontroller without shared cache, which is what ME would need to be to be hidden from software analysis requires a lot more than a single transistor, but maybe intel can do it. [External Link]

Still I don't think you have thought this through fully. Your claim was that every single University out there could reverse engineer a modern Intel CPU with ease and now you bring out a paper from this year talking about "a world record" where they have achieved 4nm, the needed resolution to even begin to look at how a modern CPU is constructed.

So a world record in 2024 would have made every one be able to see hidden logic back in 2011? But it doesn't end there, looking at 4nm is one thing, being able to fully re engineer a chip of 20Bn transistors and probably 100-200 times that in interconnects and then on top of that being able to fully determine the use of each and every transistor and interconnect...

Don't you see the problems here? It's your bias to make this out to be a large conspiracy that makes you ignore all of this.

Quoting: LoudTechieYou demand evidence that intel ME was put there as part of a mass surveilance conspiracy.
I provided means(FISA)
I provided opportunity(meeting between officials with connection PRISM and Intel)
I provided capability(AMT keys can be used like this, due to the lack of user config needed to activate it)
I provided precedent(PRISM)
I thought the motive was obvious(fighting enemies of the USA)
I provided a semi-weak casus(bootguard, drm and secure boot all keep you from running self-checked code and the default is of a company that is in the PRISM program according to the Snowden leaks)

And none of these are evidence that Intel ME is a mass surveillance conspiracy. This is not how evidence works. What you have presented are the kind of things that conspiracy theorists always use since they have no real evidence. It's all conjecture and guilt by association.

Evidence here would be actual evidence that Intel ME was designed for and used for surveillance. If it now is so easy to reverse engineer cpus as you believe, why have no one come forward with actual evidence of this yet when the Intel ME circuits are that much easier to decode than the rest of the CPU?

Quoting: LoudTechieI don't understand how the economy of scale works, because I think that inserting a device in billions of chips you actively lock out of using it for a few thousand/hundred customers for who you already have several separate product lines (XEON and vpro), a separate purchase process and who you will be requiring to register anyway. Apparently.

Yes that very sums it up. Intel ME is integrated into the CPU core, the fabs that makes those cores cost around $10Bn to create, that is why the same core is used for the consumer cpu and for the Xeon line (the differences between the two lies outside the core). The silicon making up the Intel ME parts costs nothing, having unique fabs for non Intel ME and Intel ME cores however is extremely costly. Why would they spend 2x$10Bn when they can get away with $10Bn?

This is the exact same reason why you on the Phenom II and Athlon II could activate more cores by modifying the bios since AMD only made quad core variants but sold some of them as 2 or 3 core cpu:s with the 2-1 cores disabled by software. It was much cheaper for them to do it that way than to create fabs for a 2 and a 3 core cpu.

Quoting: LoudTechieI'm not above conspiracy theories. I claim that Microsoft, Dropbox and the NSA all collected data about my behavior online in the hope to find whether or not I had the necessity to keep things from them, to when if they did dispose of me. I even claim they called it PRISM and did it to all my friends and family(I'm not an USA citizen, so FISA always meant they could look at my data)

Ofc they do, that is not the question though. We know that the NSA have these programs, but that is not the same thing that they managed to get some secret backdoor into every single CPU out there with the help of Intel. Also why would they even bother with PRISM if they already could have done it much more sneaker with Intel ME?

It would also put in question why the NSA are hoarding zero days if they have access to Intel ME.

View this comment - View article - View full comments

Quoting: LoudTechie

Quoting: F.Ultra

Quoting: LoudTechie

Quoting: BlackBloodRum

Quoting: F.Ultra

Quoting: LoudTechie

Quoting: F.Ultra

Quoting: LoudTechie

Quoting: F.Ultra

Quoting: LoudTechie

Quoting: F.Ultra

Quoting: LoudTechie

Quoting: F.Ultra

Quoting: LoudTechie

Quoting: F.Ultra

Quoting: PublicNuisanceSo the companies that screw me over with Intel ME and AMD PSP are joining forces ? Consider me wanting to get off X86 to RiscV or Power9 even more than before.

yes it is popular to scare people that have no clue on how things work that these are somehow secret spy things when they in reality are nothing but managing devices for enterprise IT departments (just like how we in the server space have full on BMC cards instead).

ME is also what powers fTPM, bios signing and PlayReady drm.
These are all used to restrict your freedom to use your device how you like right now.
ME has been used by Israelian hackers to hack devices.
The procedure for using it requires you to receive an identification key from Intel based on information Intel generated, there is no indication that you can lock Intel out.
Maybe the American government isn't using it as a back door right here, right now, but the only reason we have to believe that is Intels' word.
ME is the reason modern devices can't install coreboot.

Also if it was just for remote management they would've put not such ridiculous amount of effort to counter all the efforts that have been done to remove it, because this is how it went: first you could simply remove the hardware, than they patched that and you could only remove the software, than they patched that and you couldn't, but someone found the secret government switch to turn it off and than they patched that and now the we have clean room reverse engineer it to turn it off without bricking our devices.

Also I'm not an It department and Intel knows that, because they sell a different bussiness and consumer line.
This is a feature they know I will never need, but they added it anyway.

The PlayReady drm does not use Intel ME, it uses SGX which is a completely different thing. fTPM exists only on AMD so again not Intel ME. Nor does it do bios signing.

Various hackers around the world have used every single piece of hw and sw to hack devices so not sure why Intel ME should be singled out for that reason. And for that matter I cannot find any information at all about anyone having hacked Intel ME, Israeli or otherwise, is this you confusing this with something else again or do you have any links?

You also seem a bit confused about coreboot, there are no Intel ME mechanism to prevent the installation of coreboot. The only connection between Intel ME and coreboot is that since Intel ME have it's firmware stored in the BIOS, Intel ME is disabled by coreboot since coreboot does not contain the necessary firmware.

Intel ME have never been a separate piece of hw, it have always been builtin to the cpu and it really have to be in order for it to function the way it's supposed to work.

I think that you are confusing Intel ME with TPM here since TPM started out as a separate chip and was then moved into the CPU after it was discovered that the connection between the TPM and the CPU could be eavesdropped and manipulated in a way that rendered TPM useless.

Intel ME is builtin to every single cpu since #1 Intel does not know which specific cpu a business tends to purchase for their office machines that their IT department wants to perform remote administration on and #2 it would be extremely expensive to have two separate chip fabs for non-ME and have-ME line of CPU:s of the same core design.

I would hope that people would understand that IF intel decided to put some hidden backdoor into their processors that they would have done that _hidden_ and not in a piece of hw that they openly advertise (and with complete guides on how to use like this one: Getting Started with Intel® Active Management Technology [External Link]. Also to date not a single person have been able to see any Intel ME trying to communicate with the outside world (aka phone home), had this ever occurred you would not have missed it since it would have been screamed from rooftops.

In the modules section of the wikipedia BootGuard(bios signing), Protected Audio Video Path, frimware TPM(fTPM) and Secureboot(os signing) are explicitly mentioned as ME modules together with AMT(remote management feature). [External Link]
You seem to be right about your playready thing though.

I'm not confusing ME with the TPM. That's why I specified it served fTPM(the f stands for firmware).
I was though conflating Coreboot with Libreboot. Libreboot/Canoeboot can't run on modern devices, because it doesn't include the properietary ME code.

The problem with the hacking, is that I can flash a new os when my os is hacked, but not a new ME.

wikipedia explanation of how Intel bootguard prevents coreboot. [External Link]

Intel sells the Xeon line for enterprise applications and the I line for consumer applications they can simply only include it in Xeon processors.

The lack of phoning home is indeed the best proof we have about it not being a backdoor, which to me proofs mostly that they're not listening in on the devices of the kind of people who monitor and publish their web traffic.
Intel publishing it isn't that surprising.
Several researchers pull processors apart for new undocumented features finding something new without an explanation is really suspicious, while "we're trying to compete with openssh" is a lot less suspicious.

ok, had somehow missed that boot guard was part of ME, thanks for pointing that out. Yes XEONS are for server and workstation use but 99% of office machines are not Xeons and remote management is something that large companies use to manage their large fleet of office machines. Myself I only use the server side version (so a full BMC on Xeons and Epycs) since where I work we let every one manage their own pc as they see fit, but the servers we have in a remote location and ssh is not fun when the machine is stuck in bios, powered off or kernel hang.

99% of office machines are not Xeons

: extra reason for Intel not to include enterprise specific features in them. A Xeon is an upsell(more expensive), you want those precious enterprise features, pay for them.
On the SSH point:
A. SSH is only not fun in those situations when it's not on a separate already booted controller(just like intel AMT), but that is actually quite easy to build.
Most server racks already have separate controllers.
B. Well, yes that's why they can argue it to be an attempt at competing with SSH. SSH might be free as in freedom and free beer and have more features, but it requires to set up your own separate microcontroller to manage ring 0 crashes.

Also a more generic reason I have against, "but it's for enterprise IT".
In enterprise IT the users don't own their time and/or devices any limitation of software freedoms makes sense in such a situation, because it would directly cost the one who does own these things the software freedom they get from owning these assets.
As a private buyer I do own my time/devices as such I want to control them.

Office desktops outsells consumer desktops by orders of magnitude and is where the money is for companies like Intel. Them removing ME from their consumer grade CPU:s and trying to get companies to upgrade to Xeons would only lead to one outcome: every single company would switch to AMD.

A. For at least a decennium AMD didn't have their own ME/AMT alternative(yes, it does now, but that is much later), so there would still be little reason and on the workstation devices AMD was never a real alternative anyway(, because no seller of prebuild workstation devices includes them, allegedly because intel pays them to).
B. Also Office desktops don't need the, "but I can edit the bios" feature, since there will always be someone who can follow simple instructions behind it and the os can flash the bios if you want to run an update.
For servers it's needed, because you might need to flash a new custom and unsigned bios, but for workstations you don't need that.

Edit: They included the option to turn it off for the American army, they could have simply left the option when it was discovered and used.
It required a special motherboard, so enterprise workstation devices could have avoided it easily by simply not blowing that fuse.
Residential consumers aren't an as profitable market as big enterprise contract, but they're the size of American Army contracts.

Intel added ME in 2008 and AMD added PSP in 2013 so both have had this for 11 years now, and those 5 years in between was Intel taking 100% of the company sales due to AMD not being viable here, Intel breaking that advantage by moving it to Xeons only would be an insanely stupid move.

Also this "they could not have hidden it" is kinda moot, the number of people that can scan down to nanometres AND also make some sense out of interconnections among 4.2bn transistors are easily counted and those same people would be far more capable of finding any nefarious design in the small area of the ME thanks to Intel showing exactly where on the chip it is. This whole fear mongering that it was put there due to demand from NSA was shutdown when we got the Snowden files since there isn't a trace of this there plus that it also showed that this is not how they operate, they instead perform targeted attacks where they capture hardware in transit and modify it before it reaches the customer (which is much more logical since it reduces the number of possible whistleblowers).

There are not "it can edit the bios" feature, not more than what you can do from userspace.

I can find no information on that the US army required Intel ME to be disabled. What I do know happened however is that the NSA requires that it is disabled to meet their "High Assurance Platform Mode" standard but that is not strange, that is simply them requiring all venues where code can be injected and run that is not neccessary for their operation to be disabled, in a HAP the very term remote administration is a big nono to begin with.

To date no one have found a shred of evidence that Intel ME or AMD PSP is used as a backdoor for anyone despite having existed for 16 years and it's not that people haven't tried to find any.

during that period [External Link]they grew 6 percent [External Link]and made faster chips [External Link], while when they still had market dominance, but slower chips and their competition had AMT too it cost them 10% market share. [External Link].
I internally explained that with people buying faster cpus, but maybe you're right and the only feature the profitable customers care about is AMT or AMT is needed feature for faster chips.
If any of those is the case I would be quite sad, but maybe you're right.

I don't need to scan down to the silicon level to activate an option in the bios. This is a feature they disabled later when users like myself started using it. [External Link]
On the ease of hiding
A. Universities have access to such ability and they publish most to all things they find.
B. Also you don't need to scan up to silicon space to find software(and you need software to keep it updateable, which they need and did for something with full control of the entire device).
C. Also it's always active, so it could've been easily detected by power draw.
Generic storage chips take quite a lot more space than a few hard wired instructions and storing it on existing chips means someone only has to scan that chip

I've personally used the permanently disable feature on my older computer where this was still an option. [External Link]

There are not "it can edit the bios" feature, not more than what you can do from userspace.

Than it has no advantage to openssh in workspace machines and as such they should make it Xeon specific.

On the backdoor question:
A. Bootguard, secureboot and drm are backdoory enough for me personally(they took control of my bios/computer).
B. Distinquishing an actively exploited vulnerability from a backdoor is really hard especially when the attacker has resources on par with intel. It has at least been actively exploited by the PLATINUM group.
C. Often western government attacks are aimed at specific targets(often called "spear fishing"), so just because the kind of people who actively publish their internet traffic aren't currently under attack doesn't mean nobody is and all the other signs are there.
All you need for AMT access is a code provided by intel(I read in on the public procedure).
They put real effort in sabotaging all removing efforts.
We didn't get access to the source code(not even source available).
It has access to the entire device.
The thing was introduced 3 years in the PRISM program(changing the fabs for new chip features costs 2 years).
(Also if you want to get truly paranoid:
For as long they only had it they made the fastest chips in the world and once that stopped they didn't, it doesn't sound like a very speed inducing feature, so maybe they got heavy R&D funding or access to classified technology from the government for introducing it.
I don't think it's the case, but it's an argument someone might use.)

The thing you have missed with PRISM is that it was leaked (on several occasions), now show me the Intel ME / AMD PSP leaks. And please show me a single university with this capability.

Holy quote tree! :woot:

Yeah It's my shame.
I can't resist it.
What I should have done was let them have the last word, but I didn't, because I can't resist flexing my web search skills and am quite addicted to the smug feeling I get from being convinced that I'm right.
Also they're the first actual AMT user I've encountered in my life, so their perspective is actually quite refreshing.

Edit:
I retract all my shame look what I found. It seems to be a description about how to get full read/write access to most of intel ME and at least the advanced method works for us too. The official Intel method(pinmod) works too. [External Link]

I am not an Intel AMT user, not even sure where you got that from. And these new links doesn't prove your case either.

I wasn't trying to proof my case to him and yes this proofs zilch.
On where I got it from

Myself I only use the server side version

Edit:
also the only Intel Me functionality you named was remote control, which is named AMT by Intel.
I would not describe myself as an ME user, much like the average Windows user isn't a Microsoft Telemetry user until they start reading or writing crash rapports.

And with server side version I obviously meant a BMC/ipmi card. I wasn't talking about the server version of Intel ME but about the server side of this kind of service.

View this comment - View article - View full comments