Monthly Archives: December 2021

Reading Time: 4 minutes

Hoping that everyone is enjoying the holidays, had a good Christmas, and has an enjoyable NYE 2022 on deck. During the Xmas holidays a lot of people find time for entertaining themselves that’s not as easily found during the rest of the year. For some people that entertaining is best done via their computer, and for many there’s nothing better than enjoying games. They’ve come a long way over the last decade +, and usually in order to get all the visual pop and immersive experience the game developers want you to have you need a good GPU.

Lots of people are perfectly fine with the one that came in their desktop, and not many of them will be the type inclined to perform invasive surgery on computing devices in the first place. For others with the know how and no hesitation to perform ‘tweaks’ it is possible to make small changes to computer components that will alter how they function. One of these procedures that gamers will probably at least have heard of is undervolting the GPU. To describe in plainly, it means to restrict the power that the card has access too and gain specific performance benefits because of it.

This is not something that would generally be among the familiarities for a Canadian web hosting provider, but here at 4GoodHosting we are good at identifying what might be of interest for people who are tech-savvy in this way, and it turns out that undervolting isn’t especially difficult to do. So it’s something that might be possible for you if you’re an avid gamer, and what we’ll do here with the last entry for 2021 is talk about advantages and disadvantages to undervolting graphics cards.

Efficiency Boost

Your GPU is going to have a few important calibrations that are open to manual adjustment with software like MSI Afterburner. These include power limit, core and memory clocks, plus the voltage. The entirety work in unison to provide the performance and power needed for what’s expected in regard to out-of-box operation.

So what exactly is undervolting? Simply, it is a reduction of the voltage your GPU has access to and the primary aim is to maintain the performance associated with stock settings while at the same time boosting efficiency. Undervolting takes specific aim at power draw and heat as areas where improvements can be made.

The first question is this then; if a GPU is able to run better at a lower voltage, why wouldn’t the manufacturer build them with this in mind? The answer is that silicon can vary with each individual GPU and some will tolerate different voltages and clocks better than others. Standard settings will be aligned with whatever is known to be the average tolerance.

The most noticeable differences will be with a GPU that’s built to be power hungry, and the Nvidia RTX 30-series Founders Edition is one of them. Undervolting this card may offer many improvements, especially in challenging applications. A lower-power GPU will put out less heat so you’ll have less to gain undervolting a GPU card like this.

 

 

Pros / Cons for Undervolting

We should start by saying that most of the time it will actually be best to leave your GPU at stock settings. Some users will also choose to use an automatic overclocking tool as a cost-effective and simply implemented tool for regulating graphics card performance.

Pro 1: Lower power consumption will promote lower heat. This means a reduced power bill, even if it’s not much lower. Less heat can also equate to better thermal performance for your other surrounding components like the CPU. Modern GPUs tend to come with plenty of power, so undervolting can be very beneficial for mitigating the effects on your PC ecosystem. Plus your power supply will be less stressed.

Con 1: You’ll need to spend time familiarizing yourself with settings on the GPU. While undervolting is not especially difficult, it does require some knowledge and ability to tinker around effectively and neglecting that may mean you do permanent damage to the GPU.

Pro 2: Familiar software like MSI Afterburner makes it free to do, and generally it’s not too risky. Keep in mind as well that undervolting may also help prolong the life of your GPU because it will be under less thermal stress over time.

Con 2: Further tinkering may be required in the future. New driver updates or changing ambient temperatures are two of the reasons you may sometimes have to go in and adjust your settings for optimal performance.

Pro 3: Undervolting is ideal when you’re fitting a powerful GPU into a small form factor enclosure, because it makes it a much better experience. Small cases are usually more restrictive for heat dissipation, so you’ll enjoy better thermals in these smaller spaces while performance isn’t compromised like it might be with a CPU that hasn’t been undervolted.

Con 3: You may end up applying incorrect settings without being aware of it, and poor performance results. If insufficient voltage to the GPU occurs or it isn’t properly applied there may be overall instability and reduced frame rates. Double checking and testing your GPU performance to insure it’s improving with voltage changes is always a good idea.

Pro 4: Less noise. The lower voltage will make it so that the GPU fans can spin at lower RPMs with the accompanying reduced heat. This also means less power is needed for the fans, and that keeps the entire system performing at a lower noise level.

 

Reading Time: 3 minutes

There’s the old expression ‘take only what you need’ and it’s good advice to follow in all sorts of situations. It may be followable when you’re at an all-you-can-eat buffet and you’ve eaten all you can, but when it comes the processing power in your computers at home you get what’s given to you when the device was put together. Some people put the entirety of that processing power to work for them, but most people don’t use anywhere near the total of it. And in truth the majority of people may not even know what it is they actually have at their disposal.

Some will though, and it’s these people who will want to take note of a new decentralized Internet platform that will let people pay for their apps and services by making their idle computing power available to those who could put it to use. As a quality Canadian web hosting provider, this is something that resonates with us here at 4GoodHosting because like any host we can relate to what it’s like to have real constraints based around this and in the industry there’s been much in the way of roundabout talk along the lines if something like this might become possible someday.

It has made a lot of sense for a long time, but like many things it takes time to get the wheels sufficiently in motion to see things start to happen. But that’s what’s happening now with Massive, an app monetization startup that’s set to make some serious waves.

Smart Decentralization

Massive has just recently closed a $11 million seed round, which will let it move forward with a monetization software development kit that will be able to support the project and move forward with s small yet noteworthy step in decentralizing the internet and making it possible for people to pay for apps using their idle compute power.

This is an impressively unique potential solution, one that will benefit the individual consumer but also improve on how app developers and service providers make money for the work they do. As it is now they usually charge users money, and it’s fairly standard to have a 1-time app download fee or subscription services that come with a monthly charge. There are some who want to make their work free to the public and will set up their compensation by means of an implementing on-screen ads, and nearly everyone will know the type from using the apps they have.

This is especially common for mobile games and sometimes it is preferable because upfront costs often turn off new customers. But ideally most people will enjoy an ad-free experience, and that may be what’s soon to be possible if people have the means of renting out their CPU power.

Expanding on Distributed Computing

What is being proposed here is taking the concept of distributed computing – utilizing extra CPU cycles on otherwise idle machines- and reinventing it as a legitimate payment method. Looking at how it works it is not unlike to individuals can rent their unused vehicles and homes on Turo and Airbnb. The unused compute power is exchanged for a passive means of paying for apps and services already being used and enjoyed.

 

Some might say this will sound a little invasive because the space and power is going to be utilized on a personal device, and it may be for those who aren’t familiar with distributed computing. However, Massive is adamant that it will be putting a priority on security and digital consent, with promises on their website that users will need to opt into the model to participate plus able to opt out at any time.

They’re also very upfront about their wish to be a part of dismantling the internet’s reliance on nosy marketing practices. The idea is that this new arrangement opportunity will reduce the amount of personal information users unwittingly give away, and it is true that antivirus protections are going to be thoroughly incorporated into Massive’s CPU-sharing software.

They are working with third-party partners to this model to customers, but as of now Massive is only compatible with desktop apps. Plans are in the works to bring this opportunity to Mobile, although that may be a good ways down the road. Currently more than 50,000 computer users have already opted in, and that’s a very strong reflection of the high level of interest there’s going to be from people who like the idea of ‘bartering’ in a way for their apps and services.

 

Reading Time: 3 minutes

It has certainly been a while since we’ve had a nasty bug making enough of a stink that it warrants being the subject of one of our weekly blog posts, but here we are again. The good thing has always been that these software vulnerabilities are usually quite limited in the scope of what they’re capable of, and that means they usually don’t get much fanfare and they’re also usually fairly easily dealt with via patches and the like.

The problem becomes when the bug is rooting in software that is ubiquitous as far as being used in cloud serves and enterprise software used as much for government as it is in industry. That’s the scenario with the new Log4Shell Software Vulnerability that has the Internet ‘On Fire’ according to those who are qualified to determine whether something is on fire or not. All joking aside, this is apparently a critical vulnerability in a widely used software tool, and – interestingly enough – one that was quickly exploited in Minecraft.

But now it emerging as a serious threat to organizations around the world, and here at 4GoodHosting like most quality Canadian web hosting providers we like to keep our people in the know when it comes to anything that’s so far-reaching it might apply to a good number of them.

Quick to be Weaponized

Cybersecurity firm Crowdstrike is as good as any for staying well on top of these things, and reading what they have to say about Log4Shell is that within 12 hours of the bug announcing itself it’s been fully weaponized. That means that tools have been developed and distributed for the purpose of exploiting it. Apparently all sorts of people are scrambling to patch, but just as many are scrambling to exploit.

It’s believed this software flaw may be the worst computer vulnerability to come along in years. As hinted at, it was discovered in a utility that’s ubiquitous in cloud servers and enterprise software used across industry and government. If allowed to continue unchecked it has the potential to enable criminals, spies, pimps and programming novices alike for no-hassle access to internal networks.

Once in they can loot valuable data, place malware, wipe out crucial information or do a whole lot of other types of damage. And it seems to be that many different kinds of companies could be at risk because their servers have this utility installed in them and we’re still in the early stages of fallout with this.

Cybersecurity firm Tenable goes one step further in describing it as ‘the single biggest, most critical vulnerability of the last decade’ and maybe even the biggest one in the history of modern computing.

10 / 10 Cause for Alarm

We also have Log4Shell being given a 10 on a scale of 1 to 10 for cause for alarm the Apache Software Foundation, which oversees development of the software. The problem is that anyone with the exploit can obtain full access to an unpatched computer that uses the software, and specifically said the extreme ease the attacker has with accessing a web server through the viability and without a password is what makes it such a major threat.

A computer emergency response team in New Zealand was the first to report of the flaw being actively exploited in the wild just hours after the first patch was released in response to it. This was weeks ago now, and the hugely popular online game Minecraft was where the first obvious signs of the flaw’s exploitation were seen, and the fact the game is owned by Microsoft shouldn’t be overlooked.

It’s been reported at the same time that Minecraft users were already using it to execute programs on the computers of other users by pasting a short message in a chat box. Apparently a software update form game users followed shortly after and customers who apply the fix are protected. But the ‘fire’ isn’t contained by any means – researchers reported finding evidence the vulnerability may also be exploited in servers operated by companies like Apple, Amazon, Twitter and Cloudflare.

Reading Time: 4 minutes

Android and iOS are definitely two entirely different worlds when it comes to the default choices between mobile devices, and you’d have trouble finding any more than just a few people who don’t take advantage of apps for their smartphones nowadays. Depending on who you are that may be for entertainment or personal pursuit aims, or it may be for making your workdays that much more productive and streamlined. All sorts of possibilities out there for what you can do with apps and it sure is a whole lot different from where we were just 10 or so years ago.

Once you’ve got a taste for them it’s hard to go back, and you won’t want to be thwarted in your attempts to get one into your device if you see the need for it. The reason that sideloading apps – installing apps without getting them from office

ial sources (namely Android Market or the App Store) – is as popular as it is because both Google and Apple have been fairly free with allowing certain carriers to block certain applications based on model and network. There’s plenty of people with phone only a couple years of old that are already encountering roadblocks, and sideloading the app allows them to get around that.

In the bigger picture though it’s not good for the development of better app versions in the future, as those developers don’t get what they should for their work and that’s something we can relate to in a roundabout way as a good Canadian web hosting provider. We certainly know all that goes into allowing people to enjoy the digital connectivity they do nowadays.

So not to pick sides, but recent information seems to suggest that sideloading apps for Android is not so bad as it might be for iOS devices. Let’s look at why that is.

Privacy & Security Concerns

Apple has come right out and made it clear that there’s plenty of evidence indicating sideloading apps through direct downloads and 3rd-party app stores would weaken privacy and security protections that have made their iPhone as secure as it’s been regarded to be all these years. They’ve even sent a letter to US lawmakers raising similar concerns about legislation that would require app store competition and mandate support for sideloading.

The focus here is more on sideloading apps installed by users on a device without the involvement of a trusted intermediary performing oversight function, at least to some extent. It is true that downloading an iOS app from a website and installing it isn’t the same as downloading one from an app store operated by Google or Microsoft. Whether a 3rd-party app store might offer better security and privacy than the official app stores is a legitimate question.

A lot of the concerns will be based around the fact that Apple only spends an average of 12 minutes or so reviewing each iOS app. Apps offered elsewhere than the iOS app store may be backed by a more detailed app review, and better for disallowing all third-party analytics and ad SDKs. Long story short apps that cost more elsewhere might be worth it after all, but generally you’re not going to find any versions of such being available for sideloading anyways.

 

Android Difference

A part of why Apple disapproves of the sideloading is in user interests as it believes that Android has poor security because it supports sideloading. It is true that a survey found that Android devices have 15 to 47 times more malware infections than iPhone, so there is some truth to this although the size of user base has to be taken into consideration too.

To be fair though Apple does not put out a Transparency Report the way Google does for Android. Security issues may be more visible on Android than iOS, but that is a reality of iOS being less accessible to researchers. According to the most recent version of that report, only about 0.075% of current Android devices running 11 during 2021 Q2 had a PHA (partially harmful application), and that would include devices that sideloaded apps.

It does need to be said though that security issues on Android are a reflection of Google’s inability to force operating system upgrades on devices sold by other vendors. As a results older Android versions with vulnerabilities hang around the market longer. That’s a consequence of Android’s multi-vendor ecosystem rather than the perils of sideloading.

The Case

• The risks that a person could assume if they sideload apps onto an iOS device:
• Greater numbers of harmful apps reaching users due to the ease for cybercriminals to target them this way, and especially including sideloads limited to 3rd-party app stores.
• Users having less up-front information about the apps to make informed decisions about whether or not to add them to the device, and less control with those apps once they’re on the devices.
• Protections against third-party access to proprietary hardware elements may be removed, and non-public operating system functions may be distorted or misaligned.
• Sideloaded apps needed for work or school may have put users at a direct disadvantage

Other Considerations

Another thing to keep in mind is that sideloading does increase the attack surface in iOS at least to some extent, although to be fair the App Store has had more than a few scam-geared and insecure apps themselves over the years. The security afforded by iOS is a legit benefit, largely due to security features built into the operating system, like app sandboxing, memory safety, permission prompts, and others.

It is also always advisable to look for reviews of the app that have been sideloaded in the same way you’re thinking of doing. External sites are often best for doing this as reviews for apps in 3^rd party app sources may not be genuine ones, and the frequency of placed app reviews has been well established. Proceed with caution as with everything else.