3244 posts • joined 27 Nov 2009
Re: Why is this even a story?
I hat a few QFs. A mate had problems with SCSI termination and was going to through a SCSI card and 4 drives in the bin. I nabbed them off him, set one jumper and had a blindingly fast set up on my PC!
Re: Temperature ratings
One company I worked for had a rack in a south facing 3rd floor room, with large windows. The CEO got air con in his office, but he declared the IT had survived this long without AC, it didn't need it.
The "trick" was, the first person in in the monring opened the windows wide to allow the air to circulate... :-S
I installed a thermometer in the room and in the rack. Average summer temperature in the room was 38°C. The middle of the rack was approaching over 60°C!
Interestingly, we only had one server throw a hissy fit, an 8 year old HP server. The rest (only 6 years old) all ran stably throughout the summer! We did however borrow an air compressor in the June and cleaned the dust out of every machine in the rack, 6 years worth of dust isn't good for the lungs!
Re: Vetting? Does he thinks he's James Herriot?
I was helping install a new personnel system at a Naval dockyard. I was thrown on the project at the last minute, got the vetting forms on a Friday afternoon, had to fill them out over the weekend and drive halfway across the country on the Monday morning...
The problem is, the vetting takes 3 months. I needed to start work on the Monday and you got a maximum of 3 daily passes, then you had to wait for the vetting to complete, before getting a permanent pass...
On the Thursday, I turned up for work and my colleagues abandoned me at the gate. The security guard checked his records and said I couldn't come on site. I tried to point out that the vetting was under way, but that didn't help.
Then I had a brainwave. I explained that I was converting the data from the old personnel system to the new one and if I didn't finish that work, he wouldn't be getting his pay check at the end of the month... That did it, I got a 3 month temporary pass.
Obviously being paid is more important than security. The good news is the vetting was completed and I was allowed to apply for a permanent pass. The bad news, that was 2 months after the end of the project.
Re: Back in my day
Training is too good for them... Or too dangerous.
I had one engineer turn up because my hard drive was making "funny" noises when the PC was turned off (the heads clanging against the platter as they "landed".
He promptly removed the drive and opened it up! He then removed the particla filter, claiming that was the culprit, clappering against the platters as they slowed down. He then screwed it all back together.
I pointed out, that you shouldn't take a drive apart outside of a clean room. He said no problem, they had dismantled hard drives on the training course and the trainer even had one with a clear perspect cover, so you could see it working! :-D
Of course, the drive started to serious numbers of bad sectors after that.
I tried explaining to my boss... Yes, but he had to open up the PC to get the drive out. No, he opened the drive. Yes, of course, he had to remove the drive. Not remove open, dismantled, exposed the platters to the air! SH1T!
A quick call to the maintenance company and he had the same conversation again, taking on my part this time... Followed by apologies and an express packet with a new HDD in it!
This was the same engineer that decided the best way to repair a bubble jet printer wasn't to replace the broken purge unit (for removing air from the pipe between the resevoir and the head), but to remove the tube from the head and suck on it to geet rid of the air... Then promptly spitting a mouthful of ink all over the personnel manager's desk and running to the toilet to clean his mouth out! The PM just looked at me and said, "he never, EVER, sets foot in this building again!"
So, the UK wants "out", but it wants to stay in... Glad that is sorted.
Re: @ big_D and it's all to appailing even to consider
I agree with your analysis of the situation, up to a point.
You keep banging on about Intel, as if they are something special in this situation. I keep trying to point out that, while Meltdown is solely an Intel problem, Spectre is an industry-wide problem that affects pretty much every processor designer / maker at the moment.
It is as if all skyscraper builders had designed in the wire outside the ground floor to collapse the building.
At the current time, there is no alternative.
They are all, including Intel, working on new designs to rectify this, but this isn't something that will happen over night. Therefore they all, including Intel, are working on patches to the microcode, among other things, to circumvent or at least mitigate the problem.
Intel have been shoving out microcode patches for everything going back to Sandy Bridge (2011). AMD are doing the same, as are Qualcomm and Co.
Just look at the Windows and Linux patches in the last 6 months, all have had regular updates for Intel and AMD microcode changes to combat this.
The chip makers are also providing as much information as possible to help mitigate this problem at the software level.
Your only real choice at the momnt is to either not use a computer at all, or dump your PC and smartphone and dig out a Pentium III machine or earlier...
I am not saying that Intel are innocent, just pointing out that the whole industry is guilty and there are no real "safe" alternatives on the market at the moment, even if you wanted to abandon Intel because of Spectre. That would strike AMD, ARM, SPARC and most other processors off the list as well.
Re: @ "And what would they do with recalled chips?"
Whatever they do with trash normally, I would seriously doubt intel would actually recall the hardware, they are much more likely to pay a set price for RAM, motherboard and CPU sufficent to buy an equivilent product from someone else.
My point being, they can't replace them with a "bug free" chip from their own product lines and there are currently no equivalent products from other manufacturers that aren't also affected.
I guess they could replace those Core i7 and Xeons with Pentium III chips or AMD Athlon+ chips from the turn of the Century. AMD multicore chips are out, ARM and SPARC chips are out, any powerfoul x86/x64 clone is out... So, what would you spend the money on?
The best Intel, AMD, Apple Qualcomm and the others can do is patch the firmware and give enough information to the OS vendors and application developers that they can do their best to protect their software from such attacks.
it is already shaken but irrespective of what happens to intel all your predictions about the end of the world if Intel disappear is just rubbish. There is emulation and they could implement everything that the CPU was supposed to do on other hardware, with options to turn security down if more accurate emulation if required.
You are forgetting the timescales. There is no magic bullet for this. Every chip designer is currently rushing around trying to get new designs into the pipeline. The problem is, that is a long pipeline, so there won't be any "Spectre free" designs for the next few years. It is something we will have to live with.
And I never said it would be the end of the world if Intel went down, I was just pointing out that, currently, there is no alternative to Intel, if you want a Spectre free design.
As to OS and apps then since they are mostly written in portable lanaguages then they should all move over to new hardware with minimal changes.
OS? Not really, a lot of it is still done in Assembler/machine code, even if a majority is written in C/C++ or high level, managed languages. But it is the low-level libraries that will need to be re-written first, before the rest can come over. That can take years, even with a big programming team to pick through those 10s of millions of lines of code and re-test everything.
Even something "trivial" on paper, like changing from Bigendian architecture to Littelendian architecture, would require a lot of work, you still need to review all of the code, whether manually or automated, to ensure you pick up every instance of Bigendian moves.
Applications are a little easier, but, for example, up until recently most of Excels macros and VBA was written in Assembler for performance. You aren't going to re-write that in a few weeks!
Again, this isn't about defending Intel, this is just pointing out, that currently, there are no "safe" chip designs from ANY of the major players that would be in a position to push out the required numbers of high performance parts. There might be some small players, with low performance chips, like the Eden x86 chips (32-bit) that might not be affected by Spectre, but that would set you back to turn of the Century performance and software, no modern Linux, no modern Windows or OS X, no PC with more than 4GB RAM...
Re: A whole lotta "not just intel" @AC
That should be 2021, not 2012! Shame the edit is only 10 minutes...
Re: A whole lotta "not just intel" @AC
ntel x86 offerings are insecure, Intel are still selling their insecure chips and until they show that they have learned their lesson then truely they cannot be trusted.
Intel sold premium products on promise of security and when it became public that their products were faulty at time of sale then they should have recalled, they still have not been.
And what would they do with recalled chips? This problem affects pretty much ALL processors from all manufacturers, including ARM and various other RISC processors, AMD etc. Some more, some less.
None have released Spectre free chips, although Meltdown was almost exclusively Intel.
Why haven't they? Because they can't. It isn't a simple matter of writing a bug fix. These problems are fundamental in the design of all modern processors. You need to go back to the late 90s to find a design that doesn't embody these techniques. You need to then unlearn everything you've been doing in processor design for the last 20 years and come up with a new way of doing it!
That isn't going to happen over night. There will be a couple of new generations of chips, which were already in development when this all hit, which will still be partially vulnerable to these attacks. I would guess, that we won't see a completely corrected design until at least 2012, if not later. And chances are there will be incompatibilities with existing chips and software.
This is going to shake up the whole industry, not just Intel, it will affect all processor manufacturers, all operating system vendors (including Open Source), all web browsers, all hypervisor vendors and possibly a large number of normal applications vendors. It might be that existing Windows, Android, iOS, MacOS and Linux versions will no longer run on new hardware, that new versions will be required and new software to run on them.
That will mean legacy software will be stuck on legacy chips. And legacy software will be anything from Windows 10 back (although the next iteration will probably be available in a legacy processor and new processor versions), it is unlikely that Windows 7 or 8.1 will get patched for new processor designs, they are already EOL and will be stuck on old hardware. The same for any software that isn't 100% compliant with the official documentation.
This obviously also applies to all other operating systems and software as well.
If it really is a complete redesign of multithreading and hyperthreading on the processors, that is a game changer for everyone. Move to the new hardware and buy new versions of all of your software or stick with older, vulnerable chips and run your existing hardware.
Re: What about disturbing others?
I hat phones and conferencing as well. And I don't mind working in teams, I currently sit in an office with 2 other people and my boss next door, with the door open. Most of the time, it is great, the noise level is acceptable.
But in the large open-plan offices, where dozens of teams have to work together, the noise level is often too high to concentrate.
I also hate it when other people can look over my shoulder. It is irrelevant, whether I am just doing my work or dossing off and reading the Reg, I feel somehow violated, that people can just look over my shoulder, without me knowing about it or allowing it.
I must be lucky.
I only worked for a short while in the mid 90s in a real open-plan office. I've worked mainly in offices with 3 - 4 other people, tops - and that can get noisy enough, when they are telephoning at the same time.
I haven't seen a company in the last 18 years that has really had an "open-plan" office (dozens or hundreds of desks in an open space).
Re: Is it just me?
I thought open plan died a death towards the end of the 90s...
Re: What about disturbing others?
We had this in the late 80s and early 90s. Big open plan offices. If you talked to your neighbours, the noise level increased so quickly, you were often shouting. Even telephone calls were awkward, because you had somebody talking quietly in the receiver in one ear and the whole office shouting in the other ear.
After a while, nobody bothered talking to anyone else and tried to have hushed telephone conversations.
The other thing is, everybody can hear what you are saying, so you are more reticent to talk at all, in case you make a fool of yourself. If you have misunderstood something and the other person in the conversation points it out, it is a little embarassing, but if the whole office is listening to you making a fool of yourself, that is another matter. Private discussions are also difficult to have.
We used to get up and go into the stairwell to have conversations, or go out and get a coffee.
Re: On SettingContent-ms files...
The easiest way is to block it yourself. You can add it to the blocked filetype list in GPOs.
Re: On SettingContent-ms files...
There was no mention of Office in the article... :-S But, generally, it is probably more secure, because it does less (KISS).
The problem you mention is the execution of control panel shortcuts within Thunderbird on Windows. The problem, among other things, is the <DEEPLINK> tag. If a manipulated attachment on an email in Thunderbird is opened, it can execute the embedded patch to an executable.
This is a problem with the .SettingContent-ms specification and will affect any application that allows these settings files to be executed. They are designed to be used locally, to open direct control panel elements, it seems it wasn't envisioned that they would be manipulated and sent per e-mail or downloaded from malicious websites. The same old story, a useful tool, where the developers didn't think far enough, when it comes to security.
This is a Windows 10 problem, bu it affects any application that allows the files to be opened or executed.
Re: Good to see it's still in development
At my last employer, an open source security company, they used that and Claws.
It is starting to feel a bit dated and needs a little more love, but it is still a solid program.
Re: Spam, Spam, Spam, Spam...
Mid 2000s spam was a problem, but they seem to have it sorted now.
I opened my account before Microsoft bought HoTMail. It has gone through phases of bad spam. But in the last few years, I have used it as my main private account (still the original account) and I guess less than 1 spam a month gets through at the moment.
But thereagain, I use GMail as a dumping ground for site registrations and other guff that could easily spam up my mail account, to keep my main account spam free.
Good to see...
that they are taking the security and quality seriously.
I'd rather wait a few days or weeks for a secure, stable product than have something rushed out to meet some marketing deadline.
Microsoft and Apple often get caught up in this, if they release a buggy pile, they get grilled in the press, if they delay to deal with last minute problems, they get grilled in the press...
As a user, yes, I want to see / try the latest and greatest releases, but on the other hand, I have to work with it, so it has to be secure and stable. So I'm very happy if a company or project delays a release / launch a few days or weeks to "get it right".
Of course, even then, we are talking about software, so it isn't going to be 100% bug free, ever... But taking a bit of extra time to iron out the most obvious problems is time well spent.
Re: They create the kind of wonder...
Due to the price of subsidies, we get the choice of a Hauwei P20 or an iPhose SE or iPhone 6. If I wanted a current iPhone 8 or X, I'd have to pay at least 450€ out of my own pocket for a "company" phone... (Samsung Galaxy S9 is only 250€ of my own money). For something that sits on my desk all day, gets put in my bag at night and get put back on my desk when I get back to work, it isn't something I want to invest my own money in...
Re: It isnt the encryption that is the problem
@itzman the virtual hosts all use the same IP-address and the cert is for the domain name. This has been possible for over a decade - heck, I was doing this in my test environment running under WAMP and LAMP back at the beginning of the decade.
Re: It's not "browsing" anymore..
@zapgadget I've never known Firefox or Chrome refuse to connect. They'll throw up a warning any you'll need to add an exception, but they will normally then let you through...
I've set up hundreds of https devices on internal networks over the years (2 QNAPs and a couple of printers just yesterday) and I've never had problems with self-signed certs.
Re: It's not "browsing" anymore..
Yes, you can use https on any address and most corporate devices these days use https.
If your business is big enough, you will have your own trusted issuing authority set up, so you can issue certs for your internal devices, that your corporate devices will accept as valid.
But you need to put work into it, so only larger businesses with dedicated IT staff will bother.
Most CMS systems, like WordPress, now have automated scripts for putting in certs from letsencrypt, for example. This makes it relatively easy to update.
I can't remember the game, it was an R-Type clone of some description, but the cheat code was to type in the "couple of keystrokes" of "xr3iturbonutterbastard" after you had typed that in, you had infinite lives and I think all power-ups.
Don't talk to us...
Google's attitude is, don't talk to us.
My previous employer was on the receiving end of a DOS attack last year. We did a quick check of the IP address initiating the attack (it was pushing >100mbps down a 10mbps line). The IP address belonged to Google.
Call Google... After 10 minutes of bouncing back and forth in their automated telephone system, the answer is: look at the relevant page on our website; only I couldn't find a page about Google hosting DOS attacks.
I then tried email, email@example.com and admin and webmaster... All returned a form-email saying that they get so many emails, they just don't bother reading them and I should refer to the relevant part of the website for support... Again, no part of the website covers being DOSed by Google.
I then tried Twitter, but no response form Google there, either.
In the meantime, I had contacted our ISP and they managed to put in a perimeter block on the IP address causing the attack (this is how I know that they were pumping over 100mbps at out 10mbps line). But that only ran for 7 days, after that, we had to pay for continued use of their IP blocking service.
Luckily, we were in the middle of switching to a new 100mbps line with another ISP, so we just accelerated the tests and switched over, leaving the Google server to continue to wallop a disconnected line.
It was probably a badly configured server in the Google farm or one of their cloud clients with a badly configured instance... Whatever it was, contacting Google was a nightmare.
No, not me...
We had a series of VAX 11/7xx machines in a row in the computer room, about a dozen of them.
DEC sent an engineer out to do some maintenance and upgrade the memory on one machine. We duly moved all jobs and users to the next machine in line, shut the machine down and told the engineer he could power down the machine.
He disappeared behind the CPU cabinet and... Nothing. He reappeared, the VAX was still in Shutdown mode. His face went a bit pale and, suddenly, there were screams and shouts from the next machine in the row. You know, the one we had shoved all the users and jobs onto from the one we had shut down.
He'd managed to mix up the circuit breaker for the machine he wanted to turn off and the one next to it.
Re: Why tabs?
@Loyal Commenter but that would be a case, for me, for having them in a "launch" set, but not tabbed, I'd have them open in separate windows spread across my main monitor at home (34" ultra wide) or spread over the three Full HD monitors at work, I wouldn't want them grouped in a tab, because if that is the case, I can only see one piece of information at a time, I can't compare the content of different windows or look at the contents of one windows (E.g. report) whilst working on another windows (E.g. Report Generator) to correct the output and a third window with the data sources in it.
Re: Why tabs?
@Geoff Campbell but then is the point where I don't want them in tabs, I want to read one window whilst working on another...
Re: Why tabs?
Theoretically, you can "group together" a bunch of related applications or application "windows" in one window. They act just like tabs in a browser, so you can switch between Word, Excel, browser, Notepad etc. Why you would want to do that is anybody's guess.
No news here...
At their developer conference last month, they announced that it would be unlikely to make it into Redstone 5.
So it is hardly a surprise that it is disappearing from Redstone 5 builds.
That isn't to say it is totally dead, Microsoft said they would deliver features when they are ready... That said, I saw sets on the last build and it is useless to me, I couldn't see any plausible reason to "tab" together different applications.
Re: "Does anyone..."
@Mike Shepherd I think you should read the OP again, or even the bit you quoted. His point was, if you type in the first part of the address in Cyrillic, Arabic, Hebrew, Urdu or whatever, why would you switch to Latin for the suffix (or would that be prefix)?
I would say, that the Cyrillic name on the Cyrillic version of .eu and the Latin version of the Cyrillic name under the .eu domain.
As to the European ä â°a etc. being in the "Latin" .eu domain, that only makes sense, those letters are additions to the English Latin alphabet and they still use e and u, therefore it would be .eu anyway. Greek is harder to defend.
If there is a Cyrillic version of the .eu domain structure, it make sense to push the Cyrillic names there.
For me, it looks like a logical move. At first glance, the only people who should be really upset are scammers using a mix of Cyrillic and Latin to dupe people into visiting "fake" sites.
Re: 128TiB in an SD card?
Your array will probably get hot very quickly and the cards will start to throttle performance.
Speed causing heat problems in big, fat SSDs and m.2 cards, squish that down onto an SD card (or a micro-SD) and you are going to run into heat disipation problems very quickly, if you are using it as a traditional drive.
Re: Rubbish in, rubbish out...
Agreed. I worked for a short time in a translation buro. My translations were readable, made sense, grammatically okay, but were a long way from what the trained translators were producing.
And what I was producing was a thousand times better than what Google Translate was dishing up. As you say, it is a long way from being production ready. In most cases, at least with German, you could take about 15% of what it produced as usable text, the rest would need to be re-written from scratch.
Re: Rubbish in, rubbish out...
When I hear Dutch people talking, it always sounds like every other word is either English or German. I can usually understand what they are saying, but I can't speak Dutch.
Re: Rubbish in, rubbish out...
Also, I always hear people praising Google Translate, MS Translate and various other tools and services, but they are all doing English <-> Spanish or English <-> French, with a bit of Chinese thrown in for luck.
All of them make a horrible pig's ear of English <-> German.
Google doesn't even need spelling mistakes, or it didn't used to.
English -> German is very dodgy with Google.
(NOTE: The following example now works, because I uploaded the correct translations a couple of years back)
I had to do a quick translation of a handbook I'd written in English into German. I thought I could save a little time and use Google Translate to get the rough text translated and just tidy it up...
The problem is, Google Translate has real problems with formal English. Abbreviated English is fine, but formal caused it to ignore the negatives:
"Do not open the case, high voltage inside" -> "Das Gehäuse öffnen, Starkstrom drinnen"
"Don't open the case, high voltage inside" -> "Das Gehäuse nicht öffnen, Startstrom drinnen"
Or even funnier:
"Do not open the case, no user serviceable parts inside" -> Das Gehäuse öffnen, nicht drinnen"
(Open the case, nothing inside)
There was nothing with the spelling mistakes, just it would ignore certain words, like "not", although why "no user serviceable parts inside" translates to "nothing inside" is anyone's guess.
Re: and what if they had done it?
It would be illegal to hack-back, so the Mandiant staff could also face charges.
That said, if that is the only video Sanger was shown, how could he describe that they were reading sporting scores and chatting to girlfriends, before starting work and describing what they were wearing? :-S
Re: One in twenty users?
@doubelayer except for those one machines that are no longer compatible with new versions. Mine is on Lion, because that is the last version that it can run, it can't run anything newer... The hardware is still fine, it is just very insecure under OS X. Under Windows 7, it still gets monthly security updates.
Re: One in twenty users?
Mine is still on Lion, as that is the last version that supports the hardware... But it spends most of its time in Windows these days, as Windows still gets support.
Re: " … it won’t be long before Kaspersky is recognised as an Uber-style disruptor …"
I don't think Kaspersky want to be tainted with that brush, they have enough problems as it is!
Re: Well the big difference is...
@Christian the German Government won't protect you from themselves! :-D
The courts have twice told them that the Bundestrojaner is illegal... But they are trying to push through yet another law to allow them to use such technology (I believe Bayern / Bavaria has already "legalised" it, although there is still the opportunity to bring that before the Constitutional Court AFAIK).
They got into trouble in Germany as well, because they marked the "Bundestrojaner" (State Trojan, a program used by the BND and police to infiltrate PCs of suspects) as malware, which didn't go down well in political circles.
Re: The biggest problem
@JohnFen as I said, after 2 years, it becomes a plain dumb TV... So why bother buying it "smart" in the firsrt place?
I'd stick to buying dumb and adding cheap intelligent boxes where necessary.
The biggest problem
Is that we are moving from a solid product world, where non-intelligent devices last decades, to an IoT world, where you may get 6 months support, if you are lucky.
In industry, you are working on 10 to 20 year amortization timescales. Very little in the way of IoT is going to get support on that timescale.
The same for consumer products, a fridge or TV is something you buy in decade timescales, yet you are lucky if you get security updates for your TV after 2 years... So, after 2 years, it either becomes a dumb-TV or a security risk.
Amazon, eBay and pals agree to Europe's other GDPR: Generally Dangerous Products Removed from websites
See, there is always a silver lining.
Re: Define Dangerous Please
There are plenty of regulations out there that define what dangerous is.
The certification for sale of most types of good (food, electrical, clothing, children's toys etc.) ensure that the products have been legally declared safe (CE mark, for example).
But a lot of clothing and toys still get through that are either toxic or downright dangerous (kids' cuddly toys that have stiff wires in them that can poke through and cause injury or the use of lead base paints, for example).
Things like the helmets would not be legal for sale on the sites, because they don't carry the EU certification. This has always been a problem, long before Internet sales. The same helmet is available with or without the ECU mark. The one with is legal in Europe, the one without is a grey import and is illegal, because it doesn't contain the right certification. The problem is, the average copper on the street can't tell the difference between a certified Shoei or Arai and a fake, so he has to go by the certification mark (even if it is faked), so a US DOT approved one is illegal...
Anything electrical without a CE certification, for example. Products for children that have been tested and proven to contain toxic substances or metal spikes (last year in Germany several cuddly toys were removed from sale because they were either toxic, poorly manufactured (heads came off and babies could ingest the foam) or were stiffened with metal wires that could cause injury).
Clothing or upholstery that isn't fire retardent (and tested) to EU standards would be another area.
IoT dolls have also been removed, because they break EU privacy laws (know security weaknesses that allow hackers to listen in on the kids or speak directly to them). A kids watch was also removed out of privacy grounds, because parents could listen in on the kids when they were at school, this broke the pirvacy of other children and of the teachers. The parent would need to get the written permission of everybody the kid came in contact with, before they could evesdrop on the kid.
Re: If ARM is so good
the HP x2 that was released earlier this year came with 4GB RAM and 8GB RAM and a Snapdragon 835, hardly 800Mhz and 1GB RAM...
That said, the problem is still going to be legacy applications. Store apps can be compiled in ARM 32-bit and ARM 64-bit, which means they should run reasonably well. But legacy code is restricted to x86 32-bit code - MS and Qualcomm have announced that they have no plans at the current time to run x64 code under emulation.
The reports I've seen so far have said that Store apps are a mixed bag, but x86 legacy code emulation makes an Intel Atom look like a speed demon...
That means it is technically possible to run x86 code, but you wouldn't want to use it for anything you have to interact with or need quick answers from. Which in end effect means that if you can survive on Store apps that have been cross-compiled to ARM, you will have a reasonable experience, but if you rely on non-Store apps or the Store apps you need aren't ARMed, you will be better off looking at an Intel machine for the foreseeable future.
Re: If ARM is so good
Longer battery life? I spent 2 days working offsite and didn't need to recharge my Lenovo L480. When I was finished with 2 working days, there was still around 20% battery life.
Given that I could have charged the laptop in the office or in the hotel (it was new and I wanted to see how long the battery would last), I doubt many people really need 20+ hour battery life on a daily basis or go on trips that mean they are so long without access to a power socket - and if they are, then it will probably mean that they need power for a lot longer than an ARM laptop would provide.
I'm guessing that most users are either no longer than 2 days without power or they are weeks or months without power. I would think that there are relatively few use cases that fall between the two scenarios.