Saturday, December 20, 2008

Nvidia Makes Notebook GPU Drivers Available

Today is a day that I thought I'd never see come.

For the last several years, I have had to help countless people with their graphics drivers on their notebooks. There are enough problems with desktop graphics drivers as it is, but on notebooks, you have to either pray that your laptop manufacturer will make a fairly recent version available to you, or download a modified version that will actually install on your laptops.

Of course, this hasn't been a problem for Linux users, but I am referring to Windows drivers.

A few years ago nvidia made drivers directly available for the Geforce 7800/7900 series, but few people have those and they didn't keep up and offer it for any more models.



Well today is different. You can now download graphics drivers for any discrete (non-integrated) Geforce 8 or Geforce 9 series GPU. This includes the 9500m GS on my 14.1" Asus notebook.
http://www.nvidia.com/object/notebook_drivers.html

This reinforces my moderate preference for Nvidia. Now please make Geforce 9400 powered netbooks, and the (less power-hungry) Geforce GTX 260 55nm available.

Friday, December 19, 2008

The Unimportance of Graphics Card Memory

Often I see/hear people saying "I have a 256MB graphics card, I should be able to run Crysis."

The fact that you may have 256MB of video ram on your graphics card is largely irrelevant. You may have 1GB of memory on your computer, but if it merely has a pentium-3 1.0 ghz, it still isn't going to run it at all. The video memory is a very poor indicator of performance, especially because graphics card companies like to pad the memory on lower end cards. They do that because low-end memory is cheap and makes it look faster than it really is.

In order to show how much 256MB cards can differ, I decided to collect benchmarks around the web. They will all have a fairly high end Core 2 Duo or so, an nvidia graphics card and they will demonstrate 3DMark06. This won't be an exact science, but it'll be good enough.



Here's hardwarezone's review of the 8800GT 256MB. I have this card in my desktop. They are using an Intel Core 2 Duo E6700 (2.66GHz.)

Resolutions: Score (with an 8800GT 256MB) : Score with an 8800GT 512MB
1280x1024: 10752 : 10968
1600x1200: 9541 : 9783

Next we have hardwaresecret's review of the Geforce 8500GT, but also showing off a few other cards. They used a Core 2 Extreme X6800 (dual-core, 2.93 GHz.)

Score with an 8600GT 256MB:
1024x768: 5743
1600x1200: 3797

Score with an 8500GT:
1024x768: 2927
1600x1200: 1784

Score with a 7300GT:
1024x768: 2046
1600x1200: 1281

So the 8800GT is 634 % faster than the 7300GT.

Finally, we have the 7300GS 256MB. This reviewer used a slower athlon 64 x2 3800+, but that can't make too much of a difference.
(Unspecified Resolution, probably 1024x768 or 1280x1024):
693

But now, how about the ultimate question! Can your 256MB card run crysis at high detail? This was done using a an exact scientific comparison by Tom's Hardware.



ATI Radeon 3850 256MB: 25.50 FPS
ATI Radeon x1300 256MB: 1.90 FPS

The 3850 is 1242% faster than the x1300!

So simply put, a fast GPU with 256MB can barely run crysis at high detail, a slow GPU with 256MB can't make it playable at all.

So please, don't ever say "I have a xxxMB Graphics card."

Wednesday, December 17, 2008

Asus Eee 700-Series Netbook for $232 total


Let me just say, that as a proud owner of an asus Eee 901 20G netbook, netbooks are awesome. They are great for taking to class, or coffee shops, or wherever. I am so much more productive on mine than on my iPod Touch.

Well, NewEgg is now offering the first generation Asus Eee 700-Series model for $232 (with the cheapest shipping.)


While you can often find more luxurious models for $250, such as this acer with a much better processor and a better screen (for $300 now,) this is still a huge step forward in making new computers affordable.

Tuesday, December 16, 2008

Saving and Reloading Your Debian/Ubuntu Package Llist

You can backup a list of all your installed packages on Ubuntu or Debian like this:
dpkg −−get−selections > list_of_installed_files

and then restore them like this:
cat list_of_installed_files > dpkg --set-selections && sudo apt-get dselect-upgrade

Note that this may require some work afterwards or during if you are going between different versions of the distro.

Monday, December 15, 2008

Potential Social Exploit

So I was looking at my own private forum, when I ran across this:

"A username and password are being requested by http://www.usersigs.com. The site says: "www.radavatars.com."

Obviously radavatars/usersigs don't care for me linking my avatar pics to their site. I linked to it before there was a password, but now there is one. I can't blame them, I'm sure they use up a lot of bandwidth this way while receiving little recognition. With PHPBB v3 at least, you can simply create a new post containing an externally hosted picture with a login.

Cracked recently had fun with direct linking plagiarists
, but that's a side note.

However, what struck me was that inexperienced users are likely to have no clue what's going on. They just go to their favorite forum about cars or whatever and hopefully hit cancel. But some may be deceived into entering a sensitive password, especially for the site they are on, if the prompt looked more like this.
"A username and password are being requested by http://automotiveforums.securesite.cn:8080. The site says "Enter your Automotive Forums Login"

(This is not a real pic per se. I used my hosts file to make automotiveforums.securesite.cn point to my own web server. That is not a real URL and I don't know what securesite.cn is.)

The most secure way to verify a website is by an examining the SSL certificate. Most people don't do that, and in this case it doesn't apply. The 2nd best way is to analyze the URL. Based on the URL, you can determine that this is a Chinese site (not Canadian), belonging to whoever registered securesite.cn (could easily be a scammer), and the automotiveforums.* portion would be completely designated at will be the securesite.cn owner.

Of course, most people don't even now how to analyze a URL. When my aunt Bella wanted to register SingledOut.com for her book, it was already taken. Someone in my family asked me if she could register book.SingledOut.com. The short answer was, she couldn't.

So I can completely imagine somebody entering the automotive forums login, and the scammer website (providing the prompt) collecting the username/password once it is submitted.
I can also imagine somebody launching a massive denial of service attack on a forum by putting up countless images like this, that make the site unviewable.

So what are the solutions to this problem? The best solution would be to train users to analyze URLs. Sadly, all they often know is that they shouldn't trust emails, which often contain phony links.
Firefox makes it quite clear which site is telling you to enter the password, and that they are merely claiming you should.
Perhaps the best solution is for forums to not allow image links to require authentication, but that would require the forum software to connect to the site, and it may need to do that frequently. They already disallow hotlinking images frequently, but that is not perfect because they don't connect to the site.

I'm going to have to say that we need to train users. I wish the best of luck to those who have no real knowledge of internet security, as they will need it.

-Mike

Hello World!

Over the last few weeks I've been thinking of creating a blog. There's a lot of tech advice that I would like to put into words for others, or at least for myself. However, I wanted something more than a newbie service, and the ability to transfer my blog to perhaps my own server in the future. Then Linus Torvalds setup his blog, and then Bart Purcel at PSU told my class about the ability to transfer RSS feeds between blog hosts. So now I have decided to use blogspot.

I intend to basically only blog about technology. There are plenty of political blogs out there and my friend Kevin Guckin hated personal blogs (where people whine a lot) so much that he ran theantiblog.org for a while.

So without futher ado, enjoy!