Tech News Today 519

From The Official TWiT Wiki
Jump to: navigation, search
Tech News Today
Episode 519

Tech News Today 519: Asymmetrical Fanboy!

Why dual core doesn't matter for mobile, Swordfighting games get real, a bunch of Apple stuff, and more.

Submit and vote on story coverage at


News Fuse

Discussion Stories

  • Dual Core Processors Wasted on Android, Intel Claims
    • Mike Bell, GM Intel's Mobile & Comm. Group says Android's thread scheduler can't handle multi-core processors. Intel's Medfield Atom single-core processor has Hyperthreading technology that mimics multi-threading, ARM chip designers Nvidia, Qualcomm and Samsung all tout dual or quad-core processors.
    • While multicore processors offer performance boosts on a machine without power constraints, Bell says smartphones have limits on both power consumption and thermal tolerances. He says as Intel moves to multiple cores, "we're actually putting a lot of investment into software to fix the scheduler and fix the threading so if we do multi-core products it actually takes advantage of it."
    • didn't call anyone out specifically but "We ran our own numbers and [in] some of the use cases we've seen, having a second core is actually a detriment, because of the way some of the people have not implemented their thread scheduling."
    • he says chip makers could adjust thread scheduling issues in their chips but just haven't
    • Bell says that's not the case with smartphones, which have limits on both power consumption and thermal tolerances.
    • so is multicore processing a marketing tool for android handset makers who want to stand out? dual-core processors preceeded Android supporting them
    • Intel just now getting into smartphone game, Motorola and Lenovo lined up with Medfield processors
  • Neal Stephenson's 'Clang:' changing the sword fighting game
    • Neal Stephenson is the public face of a project called Clang that wants to improve sword fighting simulation in video games
    • Wants to raise $500,000 on Kickstarter to create the engine. (July 9 deadline)
    • Will implement it in an Arena combat game -- Descriobes the aim as "Guitar Hero with swords"
    • Clang will use a "low-latency, high-precision motion controller"
  • Apple hardware announcements
  • First Pics Of The Redesigned MacBook Pro
  • Macbook Pro video
    • MacBook Air, 3rd Gen Ivy Bridge i7, USB 3.0, 8 GB RAM 512 GB ssd, 720p FaceTime camera, Ships Today 13-inch 1440x900
    • MacBook Pro , IvyBridge 3rd-gen, 8GB, GeForce GT 650M graphics, 1280 x 800
    • 15-inch starts with quad core Ivy Bridge. 1440 x 900. Ships today
    • Next Generation MacBook Pro - Retina Display, thin as MB Air --0.71 inches thin, less than 4.5 pounds 15.4-inch diagonal, 2880 x 1800, 220 ppi, reduced glare, Apple apps updated for resolution
    • Photoshop and AutoDesk updated. Other apps pixel doubled. Diablo III, Battery dominates, 16GB RAM, quad-core i7. GeForce GT 650M, 768 GB SSD, HDMI,
    • SD slot, HDMI, Thunderbolt, USB 2 and 3 on both sides, headphone, magsafe... thinner.
    • $2199 - shipping today
  • iOS 6 announcement
  • iOS 6 developer beta previewed in leaked photos
  • Apple selects TomTom as primary iOS 6 maps provider
    • Siri. Partnered with Yelp and apparently ScoreL, Open Table, RottenTomatoes, Twitte rintegrated, Eyes Free. Integrated with major car manufacturers.
    • New language support.
    • Full Siri on new iPad.
    • Facebook integration.
    • Like apps on Facebook. API to add functionality.
    • Facebook integration to contacts
    • Start a reminder of a missed call, or reply with message
    • Do Not Disturb -- Allows exceptions for favorites.
    • Facetime over cellular. Unifying phone number and the Apple ID.
    • Safari - iCloud tabs, smart app banners (instead of full screen takeover), upload photos from Safari to websites
    • Shared Photo Stream.
    • VIPs (kind of a priority inbox)
    • Passbook -boarding passes, movie tickets, store cards, geolocate will pull up your card
    • Guided Access - Can just circle controls to disable interface elements, and home button doesn't leave the app.
    • Maps - Brought it in house. local search, Integrated Yelp, Anonymous real-time crowd-source traffic, turn by turn, Quick Route, Siri Integration, Flyover 3D, redesigned app store,
    • iOS6 to developers today. Coming this fall, support for 3GS+, 4th gen iPod touch, and 2nd-gen iPad+.
  • In other news:
    • Mountain Lion got shown off, many of the features shown off before. New features: Voice Dictation, new Safari with iCloud tab syncing, PowerNap brings updates to notifications while your machine is asleep. $19.99, available next month, and upgrades Snow Leopard and higher
    • Airport Express also got an update. $99, now it does dual band 802.11n 2.4GHz and 5GHz (like the Aiport Extreme). Looks like a white AppleTV. 2 10/100 ethernet ports (AE does gigabit), Still does wireless printing, airplay audio and can serve as a wireless network extender.
    • The big iPad announcement everyone missed! A new iPad Smart Case. It's like a SmartCover + a back cover. Polyurethane, not leather. Covers back and front of your iPad. Works with 2nd gen iPad and higher. $50
    • MacPro update: fastest processor option is now: 12-core 3.06 GHz CPU, Xeon X5675 processors. (previously 12-core 2.93 GHz). No Thunderbolt or other updates.
    • MagSafe to MagSafe 2 adapter also available, $10
  • Cnet took a look at the what we didn't get - pretty much looking at the rumors that surrounded WWDC:
    • No 4G on Macbook, no new Mac Minis or Mac Pro (MP did get a spec bump on the site).
    • No Apple TV/iTV or Apps on AppleTV
    • No iPhone (no kidding), no mini iPad, no new iTunes"






You were talking about the difficulty of updating the password hashing mechanism due to not having access to the pain text passwords.

I wrote a patch for ThinkUp that improves the security of password hashing and thought I'd share some thoughts with you.

The first idea I had was to do it as follows:

Add a new column to the table called updated?

Then at every login:

  • If updated()
    • hash the password with the new hashing mechanism and check if its valid
  • if !updated() && passwordValidUsingOldHash()
    • take the plain text password you have because the user gave it to you and hash it with the new mechanism, save the new password hash in the database and set updated? to true

This method is completely transparent to the user but the obvious downside to this is that it increases the number of database queries every time the user logs in.

Which is why we went with the following method:

Whenever a user changes their password hash it using the new mechanism and set updated? to true.

Obviously this is not as secure as the first method as if a user does not update their password despite being told to do so they are at risk, but it does reduce the number of database queries at every login.

As always security is a trade of between a number of things.



"Hey TNT crew, thanks all of you for the great show and congrats on the anniversary.

In response to Bill in Jacobs Town on ep.518. Here are 2 ways to change methods of password hashing that won’t irritate your users:

Option 1, Quick and dirty: Rehash the original badly hashed password with the salt. Then add that same process in to the verification method. No user action required, instantly more secure.

Option 2, Move from an old method to a new method:

You have 2 columns in the DB for the hashed passwords. One for the current hashed passwords that used the old, insecure, method and another new column that starts blank.

When the user logs in they will provide their user name and password. At this point the system will check to see if the new hashed password column is blank.

If it IS blank, hash the provided password with the old method and compare to the column for the old password hash. If it does not verify then it was the wrong password for the user. If it does verify then hash the password with the new method, that is hopefully more secure than the last, and enter that new hash into the new hashed password column. Clear out the value of the old hashed password column, because if you keep that in the DB then there isn't much reason for doing all this.

If the new hashed password column is NOT blank then they have already been through this process. Hash the provided password with the new method and compare the 2 values to authenticate the user. If they don’t match it was the wrong password for the user.

Now as users log in they will be automatically moved to the new more secure method transparently. You can use this method for n months until all the truly active users have logged in and then send a notice to all the users who's new hashed password field is still blank and let them know they need to come log in. This will actually engage users that have not been active for n+ months and you may get a few old users coming back.

This is, of course, a per-compromised solution. If the old hashes are already out there then you will HAVE to have the users change their passwords.

-Hope this is helpful, Ben in Dallas."

"I just thought I'd send this your way, today The Oatmeal had this tweet: which details a threatened lawsuit against him and his response. The important part though is that he's raising money for charity as part of his response, and has in the ~20 minutes from the tweet/post raised 9,520 dollars. It has been a total of 17 hours since he set the donation project up, and he has until the 26th to reach his goal of 20,000. I think he's going to go way over it, and since it's a good cause I thought you could add it in the randomizer.

The direct link is here:

- Jerod Lycett"



  • ad times: :44-:59 and 6:15-7:50


  • ad times: :59-1:13 and 23:23-25:05

Production Information

  • Edited by: Jason
  • Notes:
Info.png This area is for use by TWiT staff only. Please do not add or edit any content within this section.