yes, as i said

from the article it’s not clear what the performance boost is relative to intrinsics

(they don’t make that comparison in the article)

so its not clear exactly how handwritten asm compares to intrinsics in this specific comparison. we can’t assume their handwritten AVX-512 asm and instrinics AVX-512 will perform identically here, it may be better, or worse.

also worth noting they’re discussing benchmarking of a specific function, so overall performance on executing a given set of commands may be quite different depending what can and can’t be unrolled and in which order for different dependencies.

from the article it’s not clear what the performance boost is relative to intrinsics (its extremely unlikely to be anything close to 94x lol), its not even clear from the article if the avx2 implementation they benchmarked against was instrinsics or handwritten either. in some cases avx2 seems to slightly outperform avx-512 in their implementation

there’s also so many different ways to break a problem down that i’m not sure this is an ideal showcase, at least without more information.

to be fair to the presenters they may not be the ones making the specific flavour of hype that the article writers are.

for sure, its perfectly reasonable to say “this tool isn’t useful for me”

its another thing to say “this tool isn’t useful for anyone”

nice.

can usually get a pretty good performance increase with hand writing asm where appropriate.

don’t know if its a coincidence, but i’ve never seen someone who’s good at writing assembly say that its never useful.

why does it need to be device agnostic?

happy to get into into these subtopics, but it’s also possible i may not be understanding you properly because i agree with alot of what you just said.

what are you attributing the close to 0 probability to?

if you wanna say “whats the probability that CMG was at least partly talking out their arse about their capabilities (and especially any claim they were currently in possession of that capability)?”

i’d also give it like >90% probability they (CMG) are full of shit. in which case you could say i agree with you (to within say 10% error margin).

if you’re instead saying the probability is ~100% that audio surveillance capability cannot possibly currently exist outside TLAs because “someone would’ve published it already” then i really cannot agree. (and afaict that ars article does not support that stance either)

Not disputing the three letter agencies

The capability they were claiming to have would make a three letter agency very excited.

sorry i didn’t understand. didn’t you say you don’t doubt TLAs likely already have this capability?

oppressive regimes

most (all?) of whom are operating outside typical legal constraints and likely already have access to the million dollar exploit trade which already exists.

further, i’m not sure how this changes the landscape anyway? its not without precedent that variations on capabilities can be useful to more than one market segment concurrently?

trivial to discover and flag as malware

can you explain further what you mean by this? i’m not sure there’s anything trivial about conclusive analysis of the deep complexities and dependencies of modern smart devices

Apple and Google would also be very keen to find and squash whatever loophole let’s them record without showing the notification.

historically we’ve seen google can take over half a decade to address such things, afaict (welcome correction on this) apple’s generally been faster to respond, and i do agree apple’s current public image attire would be contrary to be seen to enable this. [not simping for apple btw, just stating that part of their brand currently seems to be invested in this]

in reality there are a confluence of many agendas and there’s likely ALOT of global users running non-bleeding edge or other variations on the myriad of sub-system components, regardless of what upstream entities like google implement. if you are aware of any conclusive downstream binary analyses please link

which if true would have been exposed/validated by security researchers long ago.

i agree the probability of discovery increases over time. and the landscape is growing more hostile to such activities. yet i’m not aware that a current lack of published discovery is actual proof it’s never happened.

tbh we have our doubts this leak is directly connected to solid proof “they are listening”.

but we’re not currently aware of any substantiated reasons to say with certainty “they’re absolutely not listening”

well they’re an ad company, so being full of shit is pretty much mandatory.

but i’m not aware of any evidence they’re actually 100% full of shit on this exact issue or not? can you explain a little more how you know for certain they’re full of shit. or you just meant “they’re most likely full of shit”?

honestly i think this is due to unplanned voice calls essentially being broken technology now.

imagine we had 2020s email spammers while mail servers had 1990s spam filters, that’s basically where we’re at now with unplanned voice.

you make excellent points, but not sure i can agree with your conclusion

if we had full source a variety of automated analysis and hardening tooling could be applied which is much much more efficient compared to parsing the arch docs.

noscript is like a screwdriver. umatrix is the whole toolbox.

both have their place

not sure if you’re being sarcastic, but if anything this news paints linux deployment in an even better light.

cos nothing proves “microsoft <3 opensource” like releasing a project over ⅓ of a century old

great news, openai keeps getting more open by the minute

/s

out of interest, how would that hostile SMS URL work with those SMS preview things alot of mobile SMS messaging implementations use?