Posts by Michael Wojcik

Foxconn EPCOT. Temple to the spirit of Buckminster Fuller. Sunsphere Mount Pleasant.

Re: Horses for courses...

The idea of an active/passive pair of OS images has been around for decades. OS/400 had it in the '80s, and it wasn't considered novel then. Implementations have probably been around for half a century or so.

And of course you could roll your own with any number of boot managers. IIRC, even with BSD 4.3 Tahoe (1988) the bootloader could be told what label to use when locating the root partition.

Sure, it's "a benefit". It was a benefit 35+ years ago. Everything old is new again, generally without the implementors taking any note of the lessons learned in the previous incarnations.

Re: BAYC

You are Walter Benjamin, and I claim my £5.

In all (well, some) seriousness, Benjamin's "The Work of Art in the Age of Mechanical Reproduction" does a good job of analyzing the psychological attachment to "original" works and how reproduction interacts with it, even if he indulges in his penchant for somewhat obscurantist language.

If you read his use of "aura" as referring to some real, measurable property of the object, it seems like rubbish; but understand it as an attitude people tend to have toward what they believe is an original, and it seems quite apt – more so now, even, than when it was written. It's also important to read the whole piece because there's a critical tone shift near the end that reveals his actual political thrust, in something of a twist ending. (I've heard plenty of people cite the essay in support of claims not justified by the text.)

Matt Scala's "What color are your bits?" blog post is another great rumination on how these sorts of parasitic attributes can be attached to digital artifacts by (what people believe to be) their provenance, regardless of their actual content. You might have to grub about in the Internet Archive to find that one, though.

Re: another closed system with no upgrade path

Hennessy's MIPS project at Stanford (eventually spun out into the company MIPS) and Patterson's RISC project at Berkeley were both funded under DARPA's VLSI grant program, starting around 1980.

Both also took inspiration from IBM's 801 project, which started in 1974, and Tannenbaum's 1978 paper showing most applications used only a small number of the instructions provided by the CISC architectures that dominated in that era.

IBM's 801 evolved into the ROMP CPU (begun '77, running '81, public demo '84), which became the CPU for the PC RT (1986); and the RIOS / POWER architecture (development '82-'89, available 1990). John Cocke was probably the most influential figure in RISC development at IBM, though there were certainly many others, such as Phil Hester.

There was a lot of cross-influence. Tannenbaum's study and others made an argument that was sufficiently compelling to drive parallel development on RISC architectures in a number of places.

Tired: reality. Wired (or, rather, wireless): ubiquitous fiction, without even a smidgen of mental effort.

My first hands-on experience with VR and, to a limited extent, AR was at SIGGRAPH in Boston in ... 1989, I think. I wasn't impressed then, except for a few niche applications. I'm not impressed now.

"Rendering happens" indeed. For various meanings of "render".

Re: Best practice

It's not "written in stone". It's a best practice, not a standard or law.

It's best practice because it takes time to assess whether a portscan or DoS or other event is actually a breach, much less one of any significance. As it is, as someone mentioned upthread, even after 72 hours we get a lot of noise with insignificant events being reported. Scans, DoSes, and other automated attacks happen all the time. Reporting all of those makes it impossible to separate the wheat from the chaff; it's worse than not reporting at all.

"my bank is hacked" is a meaningless phrase. It has no technical meaning. What matters are breaches and damage done, what's known and suspected and with what probability, what risks are present, what contingency plans are in place -- technical specifics. Your bank is "hacked", for some meaning of the term, every day, probably every hour. Everything on the public Internet is, to a first approximation. The public Internet itself is, with invalid BGP routing advertisements and the like (which number in the thousands per day).

It's a harsh world. Panicking at every little thing does not help.

Re: "I'm fairly confident"

And for those that don't work, many of the failure modes create a big ol' mess somewhere. I dare say most of us would rather that didn't happen.

Re: Paper tax returns

I do mine electronically, but archiving isn't an issue. I have paper and PDF copies of all my returns.

But I use the desktop Turbo Tax, not the web version. I wouldn't touch the web version if they paid me.

My complaint with Intuit is that this year they made it damned near impossible to get the desktop version. Every damn link from the website led back to the goddamned web version. I had to do multiple web searches and dig through results to get a download for the desktop version. Intuit really want to own your data, and to kill the standalone product.

It also does that obnoxiously obsequious thing when it's checking for updates, with messages like "OK, we know it's taking a little while". Microsoft does the same thing these days in products like Teams. Stop patronizing me, you bastards; I was writing software before you were a gleam in some traveling sales rep's eye.

Re: ADA attack

There's no question that ransomware has stained and pitted the once-gleaming surfaces of our network defenses, and you mustn't just brush it off or pay lip service to it. Incisive action is necessary. The troubling calculus is whether to pay the ransom. Pick your poison and scrape up the necessary resources to plane down the attack surface, fill in missing capabilities, and seal porous boundaries. White-box testing can help identify vulnerabilities before they bite. Rinse, spit, and repeat.

And, um ... something about dentures? I dunno.

Re: IBM also had a song...

IBM had an entire songbook. It was real. I held a physical copy in my own hands when I worked at IBM long ago (OK, circa 1990). In addition to the usual music and lyrics, it had black-and-white photos of choruses of besuited IBMers dutifully singing some of the numbers.

Corporate songs, songbooks, and even full-fledged musicals were A Thing in the US for a while.

And surely everyone knows the KPMG song? That one's famous. There are a bunch of remixes on YouTube.

Re: Latticies

Wait how long? "some algorithm" to do what?

If you'd waited until MD5 and SHA-1 were broken to decide what cryptographic hash to use, you'd have waited until SHA-2 was standardized in 2001 to do any asymmetric cryptography, HMACs, etc.

There are certain kinds of proofs of security that we can, in principle, find or create (depending on your stance on mathematical Platonism) for algorithms. We can say "under these assumptions, we can prove a lower bound on the amount of work needed to reverse this construction without the secret", for example. We can talk about Random Oracle proofs and the like.

We can't prove something is secure in an absolute sense, because 1) that would involve either proving a negative (there is no viable attack) or exhausting all possibilities; and 2) there's no such thing as "secure in an absolute sense". It's a nonsense concept.

And we use lots of cryptography which doesn't have particularly strong proofs. There's no proof of the hardness of factoring; there's just no published algorithm for general integer factoring that's better for large integers than GNFS. (There are special cases, such as when the factors are relatively close to one another and you can use Fermat's, where other algorithms are better.)

That's why we have a three-stage NIST competition for PQC, which is now in stage three. And things continue to shake out; Rainbow was broken just a few weeks ago.

But we can say some useful things about PQC. Like, for example, that if there's an algorithm in complexity class BQP for solving lattice problems, then the complexity hierarchy collapses, which would be a Pretty Big Deal and seems Rather Unlikely.

The oldest PQC schemes, McEliece and NTRU, look to be reasonably secure. They've received a lot of attention. The problem is they're expensive. So people come up with related schemes that use smaller keys or smaller signatures or are faster or whatever, and then other people try to break them. (Well, that's one problem. They also don't have some results we'd be happy to see.)

Most of these schemes are variants on McEliece, which is conceptually pretty simple. You have a matrix-based error-correcting code. You inject some noise into your generator matrix using a permutation P and a linear transformation S. P and S become the private key; if you know them, you can remove the noise and correct out the errors that were injected into the message.

I think it's a little early to be advertising baked-in PQC, since the NIST competition is still running. Even if we get practical quantum supremacy in, say, the next few years, breaking RSA or ECC with decent key sizes will be expensive; attackers won't be breaking everything left and right. And applications that deal directly with cryptographic resources such as keys and signatures will probably need changes to handle the huge keys and signatures typical of these algorithms, so organizations will be slow to switch to PQC.

Re: Modula 2

Rust is about as close to the metal as C is. It just imposes more restrictions on the programmer, and provides more syntactic sugar and abstractions at the library level. But it runs comfortably in the same environments as C does.

For an OS, the reduced need for serialization of execution provided by Rust's object-ownership guarantees (which are imposed at build time, not run time) should overcome any incremental overhead introduced by good Rust programming practices.

For end-user applications, any performance difference is almost certainly irrelevant, because the vast majority of them will be I/O-bound.

For stuff in the middle -- execution environments and libraries and subsystems and whatnot -- some of it will be CPU-bound and performance-sensitive, but again most of those things will get more back from the reduction in locking than they'd lose from Rust's level of abstraction, which is not, after all, much higher than that of C, much less that of C++.

Re: Si non confectus, non reficiat*

Upgrading Itanium CPUs is ... tricky, these days.

But, yeah, we'd be happy to sell them a COBOL runtime for shiny new x86-64 blades running Linux. Or whatever their beverage of choice might be.

Re: And how about GINGER, GIST, GIBBERISH, GIBLET, and GIN?

"Why the long face?"

Bling is functional. Veblen goods provide social signalling and satisfy psychological cravings that some people are susceptible to acquiring under exposure to certain cultural artifacts.

Those may be functions you don't care about. Good for you; that's one (small) part of acting like a relatively efficient economic agent. It's a quirk of psychology, though. Nothing more.

I'm not interested in Veblen goods either. Some people — and I'm not saying you're one — regard that as some sort of moral superiority, and I think that's mistaken; it's far more complicated.

Re: Russxit

I read an article somewhere — alas I do not recall the source — that claimed Putin's political career has been largely shaped by profound bitterness at what he felt was the USSR's abandonment of him and his KGB compatriots in East Germany during the fall of the Berlin Wall and German reunification. In this reading, his rule over post-Soviet Russia has been primarily concerned with correcting what he sees as weakness in the late USSR and the first nine years of post-USSR Russia, and attempting to create a new Russian empire.

There's a scene in Pamela Dean's Juniper, Gentian, and Rosemary where Gentian and her father are discussing Gentian's recently-thwarted adversary, who is also The Adversary, if you take my meaning. Gentian says she thinks she hurt his feelings, and her father remarks that "his feelings are permanently hurt". (Milton of course makes a similar observation, at somewhat greater length.)

That's how I imagine Putin. His feelings are permanently hurt, and he's happy to burn the world out of spite.

Re: Lawyers and Tech...

Even though the PoOp documents the instruction set, some aspects may be patented. Patents are public documents too, after all; that doesn't mean you can just implement what they describe with no consequences. Note that IBM says two of the allegedly-violated patents are for "methods embodied in IBM mainframe instructions".

There are also potential issues in how you implement the instruction set. Two of the allegedly-violated patents are for optimizations. z is a CISC architecture; there's a lot of wiggle room in implementing some of those opcodes. That also means trade secrets and reverse engineering might apply, if IBM can demonstrate that LzLabs used optimizations that are used in z, aren't documented (in the PoOp or patents or otherwise), and (make a convincing argument for) wouldn't be arrived at independently. That would support their charge of license violations.

But, yeah, the other licensed software has to be a sticking point for this sort of thing.

Re: So much fail

Exactly. Smartphones are:

• Fragile, but carried everywhere and frequently handled, and so frequently broken.
• Expensive, with a high resale value and often with valuable contents, and so frequently stolen. And since they're expensive, they're unavailable to people of severely-limited means, which can include people with access to sensitive systems.
• Not infrequently misplaced or lost.
• Extremely complex and loaded with software of dubious quality, making them unreliable at the software level as well as the hardware.
• Equipped with an enormous attack surface, and frequently compromised.
• In my experience, often used without a passcode or other even minimal protection.

As authentication tokens, smartphones are abysmal. It would take some effort to devise a worse choice.

The FIDO alliance has spent most of its history barking up the wrong tree. This is no exception.

Re: A fail on both counts

Or people with decent performance, plus a comfortable ride and ample room for cargo.

Re: @Richard Speed -- Wait...Wha'?

Bloat hurts cache utilization, too. It's not just RAM footprint that matters.

Personally, I loathe all the modern IDEs I've used. None come close to the power of bash. Sure, it doesn't do much for software development by itself; but I can plug in my choice of editor, debugger, build system, etc., and indeed use a variety of them in the same session. And I have all sorts of tools to eliminate repetitive tasks.

Why should combining all of your toolchain into a monolithic application be a good idea?

Re: "guaranteed a job."

Oh, be reasonable. Are you telling me that EXEC CICS BIF DEEDIT FIELD(ws-foo) LENGTH(7) RESP(ws-bar) RESP2(ws-baz) END-EXEC¹ is not intuitively obvious? Why, it's clear as day!²

But that's a legacy code base for you. Vast landscapes of undocumented, largely comment-free source — when source is available at all. Sometimes people just have faded listings on paper. Sometimes no source code at all. No one knows exactly what operations and calculations those applications perform. Replacing them would be a major feat in software archeology.

And why take the risk, when you can put a modern³ front end on the thing, by screen-scraping, or using an environmental mechanism like EXCI, or tacking a web API over the business logic. You get a new "user experience", management is satisfied, none of the incomprehensible tangled mess needs to be unpicked.

¹Not to be confused with BIF DIGEST, which does something entirely unrelated.

²It's snowing quite heavily here.

³For arbitrary definitions of "modern".

Re: Magic Sales Bot

On a more serious note, machine prose generation is already widely used commercially, for example in sports and financial reporting, and in the niche non-fiction market. Philip Parker's system is the best-known example of the last; his Icon Group International claims to have published over a million titles, either in electronic form or print-on-demand.

The first documented commercially-published machine-generated novel seems to have been True Love from SPb, in 2008. It wasn't very novel, actually, being a style-transformed pastiche of Anna Karenina,¹ but it was produced by software. There appear to be a number of commercial projects in this area so it's likely there are quite a few more commercially-published machine-generated novels by now.

And of course there is extensive academic and commercial research in the field of machine-generated prose, and related fields such as machine-assisted prose generation.² Doyle's efforts are not representative of the state of the art. A few years back CACM had a cover story on computational journalism, for example.

(Note, too, that in some other fields computer-generated "creative" work has been around longer and had greater success. Computer-generated classical music was winning praise from critics in the 1990s.)

¹If you're going to steal, steal from the best.

²I've done some work in computational rhetoric, for example. Computational narratology, computational adaptations of formalist and structuralist literary analysis, computational folklore, computational psychology ... there are many cognate fields of research.

Re: Not gonna happen any time soon.

"Sure, it's pretentious irrational bullshit, but it's pretentious irrational bullshit in a good cause."

No thanks. That's an excuse which has been used to cover a multitude of sins. I'm not going to give Musk a pass on this.

Re: the computer on which virtualisation was invented.

Citation, please.

The Atlas was the first machine to have virtual memory, including simple memory protection, but I can't find any reference (aside from your post) that claims it had virtualization. And the Atlas Supervisor paper doesn't say anything about virtualization either.

Re: What is the point?

Yes, Pascal's post was impressively wrong. We've seen him grind that axe several times before, though, and I expect we'll see it again.

To go back to the original question: There are many "stablecoins". The argument for them (which, as with all cryptocurrency projects, I do not find particularly persuasive) is that they combine the partial anonymity¹ of cryptocurrency with better price stability.

There was a really nice overview of a number of stablecoin proposals and implementations, discussing the technical and economic implications of their design choices, in CACM (if memory serves) a couple years back. In many ways, the research around cryptocurrencies is far more interesting, and useful, than cryptocurrencies themselves.

¹There's a substantial body of research on de-anonymizing cryptocurrency transactions using just the metadata available, to say nothing of various attacks against poor implementations and OPSEC, or making use of normal HUMINT (e.g. getting people to turn state's evidence).

Mani had prior art circa 250 AD. Your "electronic states" bit is just an implementation detail.

Now, if you'd said "electronic states with rounded corners"...

Re: odd wording

Not a problem, since IBM mainframe "MIPS" don't mean MIPS anyway, and haven't for a long time. They're a metric IBM derived years ago when z started getting architecturally more complex.

So they're only useful for comparing different z models, or figuring a rough estimate of workload size.