Skip to main content

2024-10-17

AI PCs Aren't Good at AI: The CPU Beats the NPU

  • Benchmarking Qualcomm's Neural Processing Unit (NPU) on a Microsoft Surface Tablet revealed a performance of only 1.3% of the advertised 45 Teraops/s, achieving just 573 billion operations per second.
  • The tests, which included matrix multiplications akin to those in transformer models, showed the NPU performing slower than the CPU, despite using tools like Python, Cmake, and Visual Studio.
  • Various factors such as power settings, model topology, and configuration errors were considered, indicating the NPU's performance is significantly below its marketed potential.

Reactions

  • AI PCs utilizing Qualcomm's Neural Processing Unit (NPU) are not meeting performance expectations, with CPUs often outperforming NPUs.
  • The NPU is designed for energy efficiency rather than speed, leading to a minimal performance gap between CPU and GPU, indicating potential inefficiencies.
  • The current implementation of NPUs may not be fully optimized, emphasizing the need for improved support and optimization to harness their intended power-saving benefits.

Adobe's new image rotation tool is one of the most impressive AI tools seen

  • Adobe introduced 'Project Turntable' at the MAX conference, an AI-driven tool that enables users to rotate 2D vector art in 3D while preserving its 2D look.
  • The tool can intelligently fill in missing details, such as adding legs to a horse when the image is rotated, showcasing advanced AI capabilities.
  • Adobe has unveiled over 100 new features this week, highlighting a significant leap in AI technology, though it's unclear if 'Project Turntable' will be commercially available.

Reactions

  • Adobe has introduced a new AI image rotation tool that allows 2D vector graphics to be rotated in 3D space, addressing practical user needs.
  • The tool is praised for its innovation, contrasting with other tech companies that often focus on AI for investor appeal rather than user benefit.
  • Despite some criticism of Adobe's business practices, the tool is considered a smart move, particularly beneficial for illustrators, emphasizing the balance between innovation and user-centric design in AI development.

Using Cloudflare on your website could be blocking RSS users

  • Cloudflare's Bot Fight Mode and AI scraper blocking features can inadvertently block legitimate RSS readers, affecting their functionality.- Users can whitelist RSS readers by identifying their user agent or IP address in Cloudflare's dashboard, though this process is cumbersome and unreliable.- Open RSS, a nonprofit, suggests donations to support their service, highlighting the need for Cloudflare to improve its system to prevent blocking RSS readers.

Reactions

  • Cloudflare's security measures are inadvertently blocking RSS users, impacting services like NewsBlur, an open-source RSS reader, by causing 403 errors.
  • Despite being on Cloudflare's verified bots list, NewsBlur and other RSS readers face challenges due to Cloudflare's bot protection, which often blocks legitimate RSS traffic.
  • Suggested solutions include whitelisting RSS URLs or disabling bot checks for RSS feeds, but Cloudflare's default settings continue to pose issues, raising concerns about web privacy and accessibility.

Escaping the Chrome Sandbox Through DevTools

  • Two vulnerabilities, CVE-2024-6778 and CVE-2024-5836, were discovered in the Chromium web browser, allowing a sandbox escape from a browser extension and enabling execution of shell commands on a user's PC.
  • The vulnerabilities were found in Chromium's WebUI and enterprise policy systems, involving manipulation of the chrome://policy page and the Browser Switcher feature, as well as bypassing restrictions using the chrome.devtools.inspectedWindow API.
  • Google classified these vulnerabilities as high severity, rewarded the researcher $20,000, and implemented fixes, emphasizing the need for thorough security checks of old code and undocumented features.

Reactions

  • A high school student identified a vulnerability in Chrome's DevTools, enabling escape from the browser's sandbox, which is a security mechanism to isolate web content.
  • The exploit requires user interaction, such as installing an extension and opening DevTools, and affects only Chromium and Chrome Canary, not the stable Chrome versions.
  • The incident sparks debate on bug bounty programs, with some advocating for higher payouts to deter selling exploits on the black market, while others emphasize the ethical risks of selling to criminals.

WordPress retaliation impacts community

  • The conflict between Automattic and WP Engine is causing disruption in the WordPress community, with Automattic's CEO, Matt Mullenweg, retaliating against WP Engine by creating a hostile fork of a plugin.
  • WP Engine has filed a lawsuit against Automattic, leading to a divisive atmosphere where contributors must choose sides, and some face bans for questioning policies.
  • This situation underscores governance and commercialization challenges in open-source projects, raising concerns about WordPress's future and community dynamics.

Reactions

  • The WordPress community is experiencing unrest due to accusations against Matt Mullenweg of using the WordPress Foundation for personal projects rather than maintaining its independence.
  • Controversial actions by Mullenweg, such as taking over a popular plugin and banning WP Engine from WordPress.org, have led to significant backlash.
  • Automattic, the company behind WordPress, offered buyouts to employees who disagreed with Mullenweg's actions, prompting discussions on open-source governance and the WordPress-Automattic relationship.

Gamedev in Lisp. Part 2: Dungeons and Interfaces

Reactions

  • The article "Gamedev in Lisp Part 2: Dungeons and Interfaces" on GitLab is praised for its clarity, depth, and comprehensive tutorials, including code samples and visual aids.
  • It covers managing builds across multiple operating systems and provides insights into Lisp's history and its applications in game development.
  • The discussion around the article highlights Lisp's versatility and complexity, with readers sharing their projects and experiences, and some expressing a newfound appreciation for the language.

Crokinole

  • In October 2024, Connor Reinman and Jason Slater, renowned Crokinole players, achieved double perfect rounds at the World Crokinole Championship semifinals, a rare feat with odds of 1 in 277 rounds.
  • Crokinole is a tabletop game from Ontario, Canada, akin to shuffleboard and curling, where players flick discs into scoring areas, aiming for a central hole worth 20 points.
  • The game is gaining international popularity, although it has not yet been recognized as an Olympic sport.

Reactions

  • Crokinole is a traditional board game with a rich history, particularly popular in Canada, and is often played on handmade boards passed down through generations.
  • The game is tactile and social, similar to shuffleboard or curling, and can be played on a small table, making it accessible and enjoyable for all ages.
  • Digital versions and adaptations, such as Crokicurl, a mix of Crokinole and curling, have emerged, expanding its reach and appeal in the board game community.

Cats are (almost) liquid

Reactions

  • Cats possess a high level of adaptability, allowing them to navigate narrow spaces with ease, unlike dogs.
  • Their sensitive whiskers, known as vibrissae, and flexible spines aid in their agility and ability to move through tight spaces.
  • Cats' behavior and physical traits are shaped by their dual role as predators and prey, seeking enclosed spaces for safety and hunting, contributing to their fluid, liquid-like movements.

Should We Chat, Too? Security Analysis of WeChat's Mmtls Encryption Protocol

  • The report is the first public analysis of WeChat's MMTLS encryption protocol, identifying significant security weaknesses due to custom cryptographic modifications.- Issues such as deterministic Initialization Vectors (IVs) and lack of forward secrecy are highlighted, indicating a failure to adopt cryptographic best practices in Chinese apps.- The authors recommend transitioning to standard encryption protocols like TLS or QUIC+TLS for enhanced security and provide tools and documentation for further research on WeChat's security.

Reactions

  • The article highlights security concerns with WeChat's Mmtls encryption protocol, pointing out its weaknesses and potential vulnerabilities.
  • It suggests that these vulnerabilities are likely due to overworked developers rather than being government-mandated, despite the Chinese government's direct access to WeChat's backend.
  • The discussion raises broader issues about the use of non-standard encryption protocols and the challenges of maintaining secure communications amid potential government surveillance.

OpenVMM – A New VMM for Windows and Linux, Written in Rust

  • OpenVMM is a modular and cross-platform Virtual Machine Monitor (VMM) developed in the Rust programming language.
  • Contributions to OpenVMM are encouraged, but most require signing a Contributor License Agreement (CLA), facilitated by a CLA bot during pull requests.
  • The project adheres to the Microsoft Open Source Code of Conduct, and inquiries can be directed to opencode@microsoft.com.

Reactions

  • OpenVMM is a new Virtual Machine Monitor (VMM) for Windows and Linux, developed in Rust, emphasizing safety features over traditional languages like C/C++.
  • The project focuses on OpenHCL as a paravisor but lacks polish in traditional host contexts and does not guarantee API stability.
  • OpenVMM is utilized by Microsoft employees and is integrated into Azure infrastructure, highlighting its significance in cloud computing environments.

Automated smooth Nth order derivatives of noisy data

  • The project aims to differentiate sensor data for analysis using Kalman filters, known for resampling to a consistent rate and smoothing outliers.
  • A new numpy-based Bayesian filtering/smoothing library, named Kalmangrad, has been developed and is available on GitHub.
  • The developer is open to feedback, feature requests, and bug reports to improve the library further.

Reactions

  • The project focuses on differentiating noisy sensor data using Kalman filters, which are preferred for smoothing and resampling.
  • A Bayesian filtering library was developed to address this challenge, with the potential for feature expansion based on user feedback.
  • The project is applicable in fields such as air quality monitoring and self-driving cars, and is useful for calculating derivatives in noisy, non-uniformly sampled data.