Archive for July 3, 2016

Sunday, July 3, 2016 [Tweets] [Favorites]

Building My $1,200 Hackintosh

Felix Schwarz:

Remember when building a #Hackintosh was about getting a cheap “Mac”?

Today it’s about getting #macOS-running hardware that’s not outdated.

Mike Rundle (tweet, Hacker News):

To be honest, I hadn’t thought about the Hackintosh community in years, I actually forgot it was still a thing. Ian said the community was now organized around a website called TonyMacx86.com and it had hardware guides, build tutorials, forums, lots of updates, and had been extremely lively in the past 18 months or so as it’s now easier than ever to build a Hackintosh. When he told me how fast his custom Mac was (faster than any iMac and most Mac Pros), and how little it cost (around $1,200–1,300) it struck me as impossible. I know that Apple hasn’t updated their MacBook Pros or Mac Pros in a long time, and I know there’s an “Apple Tax” you pay when parts like RAM or a processor are included in an Apple-designed computer, but the more we talked about his build the more excited I became. It was as if someone told me, yeah, duh, of course there are flying cars, check out my flying car over in the parking lot. You want a flying car, too?

[…]

64GB of RAM running at DDR4 speed for $229? Are you serious? I was originally looking to get 32GB but it was only about $90 more to double the amount and go full throttle. By the way, Apple charges $1,200 to configure a Mac Pro with 64GB of RAM, and those are slower DDR3 sticks. That’s almost as much as this entire system.

Granted, the Mac Pro has ECC RAM.

Not everything is rosy in Hackintosh land though, so here’s a call-out to some issues I encountered[…]

[…]

Here’s a comparison of my Hackintosh’s Geekbench runs compared to all other Macs. The multi-core score isn’t surprising considering my CPU only has 4 cores in it, but it does almost beat a 6-core Mac Pro. And the single core test shows my system is faster in day-to-day usage than any Mac that Apple makes.

After running the Cinebench GPU benchmark test, here’s the result: dramatically faster graphics capabilities than even the most high-end 12-core Mac Pro with dual D700 cards, which is a little crazy considering that machine costs almost $7,000 more than mine.

Note, also, that this violates Mac OS X’s EULA.

Update (2016-07-07): Peter Steinberger:

Needs new mac. Looks at buyers guide. Oh. :(

Update (2016-07-13): Nick Heer:

Apple’s sales decline is an 8.3% reduction compared to the year-ago quarter. Given that the most recent Macintosh news — the discontinuation of the Thunderbolt Display notwithstanding — was a spec bump of the MacBook, this is completely unsurprising. MacRumors’ own buyers’ guide shows a “Don’t Buy” indicator below every Mac except the MacBook.

Of the current lineup, fully half of all Macs — the Mac Pro, the Retina MacBook Pro, and the MacBook Air — are the most stale that those products have ever been.

Update (2016-07-17): Sebastiaan de With:

I am currently using a Hackintosh with dual-GPUs. Would rather give Apple my money.

Chuq Von Rospach:

So if you’re Apple, you’ve likely planned your product line around a new Thunderbolt 3 display that’s fully retina and has at least a 4K screen in it — and perhaps that embedded GPU so it can be used by less powerful computers. And your Macbook pros will have 2 (or 3 or 4) ports that will take either USB-C or Thunderbolt 3 and drive these monitors.

And none of that can happen without the Intel parts.

Update (2016-08-12): See also: Hacker News.

Eye-Fi Demonstrates the Danger of Cloud-Dependent Hardware

Glenn Fleishman:

Are you concerned about the long-term viability of devices that fall under the loose notion of the Internet of Things (IoT), in which a cloud connection is required to keep devices functioning? If so, a move by Eye-Fi, which makes SD cards that could automatically transfer newly taken photos to a cloud service, should give you pause. It sure did for me.

In September 2016, the company will discontinue support for features and Web apps for every model of card it shipped from its launch in 2007 up to the X2 models introduced in 2011 and sold through retail channels until March 2015. Only its Mobi line, introduced in 2013, will retain active support. Eye-Fi said in an email to customers the impetus for this move is the obsolescence of “Internet security and authentication mechanisms that were state-of-the-art in 2007 when we built them into our products but have since proven to be vulnerable.” Because these are hardware problems, the company can’t just push firmware upgrades out.

[…]

But while Eye-Fi says it began to phase out the last products that are affected starting in 2012, it allowed them to remain in retail sales channels until March 2015.

Android’s Full-disk Encryption Just Got Much Weaker

Dan Goodin:

A blog post published Thursday revealed that in stark contrast to the iPhone’s iOS, Qualcomm-powered Android devices store the disk encryption keys in software. That leaves the keys vulnerable to a variety of attacks that can pull a key off a device. From there, the key can be loaded onto a server cluster, field-programmable gate array, or supercomputer that has been optimized for super-fast password cracking.

[…]

But researchers from two-factor authentication service Duo Security told Ars that an estimated 37 percent of all the Android phones that use the Duo app remain susceptible to the attack because they have yet to receive the patches. The lack of updates is the result of restrictions imposed by manufacturers or carriers that prevent end users from installing updates released by Google.

What’s more, Gal Beniamini, the independent Israeli researcher who authored the blog post and wrote the exploit code, said that many Android devices that were once vulnerable but later patched—including a Nexus 6 he tested—can be rolled back to their earlier, unprotected state. He suspects the reversion is possible if a device has an unlocked, or unlockable, bootloader.

[…]

Beniamini said Android phones have a similar silicon-bound key dubbed SHK that’s used for some cryptographic functions. But rather than using the SHK to directly unlock an encrypted drive, the Qualcomm TrustZone uses the SHK to create a second key that exists as a software variable. It’s this second key that can be extracted through one of the methods outlined above.

How AWS Came to Be

Ron Miller (Hacker News):

What you may not know is that the roots for the idea of AWS go back to the 2000 timeframe when Amazon was a far different company than it is today — simply an e-commerce company struggling with scale problems. Those issues forced the company to build some solid internal systems to deal with the hyper growth it was experiencing — and that laid the foundation for what would become AWS.

Speaking recently at an event in Washington, DC, AWS CEO Andy Jassy, who has been there from the beginning, explained how these core systems developed out of need over a three-year period beginning in 2000, and, before they knew it, without any real planning, they had the makings of a business that would become AWS.

See also: The Secret to Amazon’s Success: Internal APIs, Steve Yegge’s Google Platforms Rant.