218 posts • joined 23 Jan 2015
Snow too cold in winter?
Did I miss the memo? I though life evolved in water, then eventually moved to land. Does life require a tidal margin?
As for us, surely this thing called a "ship" can handle living on the surface of an eternal ocean.
Or by "habitable" are we now requiring that a Club Med already be set up for us when we get there?
2 + 2 = 4, er, 4.1, no, 4.3... Nvidia's Titan V GPUs spit out 'wrong answers' in scientific simulations
Redlining memory? Buhahahaha! Not a chance.
I spent 10 years doing microprocessor validation, from 1996-2006.
1) There an approximately 0% chance that this is due to pushing memory to the edge of the envelope. All doped silicon degrades with use. If they push the envelop, then all of their cards will die sooner rather than later. The closest you get to this is what we call "infant mortality", where a certain percentage of product varies from the baseline to the point that it dies quickly.
2) In order to root cause errors of this sort, it is really, really important to understand if this affects all parts, indicating a design bug, or some, indicating a manufacturing defect. If the article indicated which is the case, I missed it.
3) Design bug or manufacturing defect, inconsistent results come down to timing issues in every case I saw or heard about. In the worse case, you get some weird data/clock line coupling that causes a bit to arrive late at the latch. Much more often there is some corner case that the design team missed. Again, I would need to know what the nature of the computations involved, and the differences observed, to meaningfully guess at the problem.
A quick possibility. If you had an infinite number of universes with a dense distribution, then you end up with an infinite number in which human consciousness is possible. And also an infinite number (same class of infinity or higher) in which is it not. So anthropic arguments get you no where when considering the possible physics of such a multiverse.
On the other hand, if there is some strong constraint such that either some small number of universes exist, or that all universes are nearby to the observed one, then the anthropic argument does constrain possible physics.
Buganizer is Google's tracking tool for just about everything. Presumably, it started out for bug tracking, but fairly quickly branched out. There is a required selection for things like bug/feature/process.
It might not be the best tool for RTBF requests, but I don't know that it would make sense to set up a different tool just for such a purpose.
One presumes that they are not simply looking at text stings in the code & deciding where it came from based on that. At a minimum, they can intercept packets & see where they are headed. The next step is to penetrate the shell and see where that server is getting orders/sending information. And figure out if these communications are the real path, or if the "shell" is in fact the terminus.
It took them a year and a half to reach this conclusion because they actually had to do work.
FYI: There's a cop tool called GrayKey that force unlocks iPhones. Let's hope it doesn't fall into the wrong hands!
Defending the innocent
A couple of commenters here have complained in an assumption that the readers are the ones walking around with sensitive data on their smart phones. I, for one, don't own a smart phone. So I'm not overly concerned about these matters as they affect my person. But my wife? I cannot get her to understand, let alone comply with, the most basic principles of data protection. Nevermind households that don't have anyone in the industry.
Re: Journalists in court
Long for ANYTHING, I would say....
Learn to speak the language
Putin has been offing 1-2 expats a year for how long? There is only one way to get him to stop. I'll let a retired James Bond explain: "You wanna know how to get Putin? They pull a knife, you pull a gun. He sends one of yours to the hospital, you send one of his to the morgue."
At the very least, you have to figure out what he cares about--and hurt that. If not him, then the people that will take care of him for you. Throwing out diplomats is a farce. Economic sanctions are a farce. (Check NK, Iran, Syria...) Cyberwar actually plays to his strength, because our economies are far more dependent. Direct military action is out.
"You said you wanted to get Putin. Do you really wanna get him? You see what I'm saying is, what are you prepared to do?"
Re: ..broke by now..
Nope. That comic is about internal bug bounty programs. Which incentivise dev teams to write bugs.
It's a good thing I don't drink coffee...
Re: Oh dear
And you're taking M$ advice as gospel? As folks to the right of the pond say, "Oh, dear". For this case, why not use month-long leases with daily renewals?
"These days?" The M$ business model has been that customers are QA since DOS 1.0.
Re: Don't Underestimate Incompetence
Been there. Not. A. Chance. They know.
I find the position of these "activist investors" odd. The Goog's corporate structure has always been odd in that they effectively don't sell voting rights. They'll let you in on the profit & loss, but that's it. If that doesn't tell you that you're not going to get details on their operations, I don't know what does. You bought these shares & only now you notice the lack of transparency? I don't think that I would want to announce that fact to the people that I reported to.
These are like the assholes that buy a house next to a power plant and then complain about the smell.
Don't get me wrong, the G sounds way out of line here. But I don't get the institutionals at all.
The agent problem
There is no theory in which an actor can be completely protected from a rogue agent. That is, whatever powers you entrust to someone can be abused.
The entire question becomes what level of trust you can manage for your agent.
Formally, western powers have constitutional limits on the actions of their governments, including various bills of rights. In practice...well, it doesn't always work that way.
China has nothing comparable. 1) The government is not seen as an agent of its citizens in the first place. 2) The Chinese language does not even have the concept of human rights that we have in the west.
In particular, anyone posting anonymously in these forums complaining about the behaviours of our intelligence agencies is NOT doing so to avoid detection by these agencies. We are completely confident in our ability to freely criticize the actions of our government so far as the government goes. We worry much more about individuals objecting & that limiting our job opportunities.
THAT is the difference. And we hold to the thin hope that this freedom can be used to turn the corner and reign in our agent, the government.
Re: Regulatory Oversight
So if a US company launches a satellite from India, we all expect the company to be subject to US rules. What if they set up a server in India to monitor the launch? Do we expect them to be subject to US rules with respect to the data on the server?
I still don't get it.
Avast uses non-https links for downloads? Uggh...
Join new group alt.talk.scientology?
What a day....
Re: You're never alone with all your online personalities
Except that facial recognition at The Social Network has rendered this essentially useless for several years already. Clark Kent?
In the US at least, race has long been a proxy for which party you can be expected to support in elections. Which is what really matters. Analysis of your graph is far more predictive. I don't know if we will have reached the tipping point by 2021, but certainly by 2031, talk about race in redistricting is going to be largely dropped because it will be considered far too crude a measure.
Re: Auto responders
The first guy to propose that got a visit from the FBI that resulted in him rolling up what to that point had been his livelihood. According to him, the FBI's real concern (which they did not explicitly state) appeared to involve the fact that at the time (mid-to-late nineties) that the NSA & the Chinese were in a daily competition to see who could do more hacking.
So, no. Computer hacking is on the list of rights exclusive to the State here in the US.
Re: re: (with nods to Twain and Spurgeon too)
That article was beautifully ironic. It basically traced three centuries of misquotes, misattributions, and almost certain malattributions--of a quote about truth's disadvantage when combating lies.
I'm stunned by the researcher's restraint--he made no reference to this fact.
But Swift's discourse is not about the speed of transmission--he is talking about efficacy.
"Besides, as the vilest Writer has his Readers, so the greatest Liar has his Believers; and it often happens, that if a Lie be believ’d only for an Hour, it has done its Work, and there is no farther occasion for it. Falsehood flies, and the Truth comes limping after it; so that when Men come to be undeceiv’d, it is too late; the Jest is over, and the Tale has had its Effect..."
1710 November 2 to November 9, The Examiner, Number 15, (Article by Jonathan Swift), Quote Page 2, Column 1, Printed for John Morphew, near Stationers-Hall, London.
"If a Lie be believed only for an hour, it has done it's work." THAT is a quote that deserves prominent display in many offices. Unfortunately, most of them would cause me more dismay than satisfaction.
Re: No more anonymous hacks then?
Even when I wrote in asm, I used libraries. I assume that the attributions to the various actors run along the lines of identifying reused code. It would be really expensive to develop new tools that reimplement core functionality on a tool-for-tool basis. Expensive because once you've got the expertise to do it once, it's going to be hard to rewrite it again without reusing your own techniques...
Sure, the big boys could do it. In theory.
To be fair...
As dubious as I consider this proposal, I'm quite certain that it is being proposed as _a_ way to detect alien life--not _the_ way.
The point that I feel needs to be made in support of this is that convergent (intelligent) evolution suggests that there is a good chance that aliens will put up a lot of satellites, and that these satellites will tend to be composed of a lot of highly refined metals with sharp edges. But unless these structures are large enough to cause detectable interference patterns, I'm having a hard time seeing how you can detect this.
But yeah, if they transition to a ringworld, we might just detect that...
Re: Low cost disposal....
Been too long for me to remember the full intro. "Where ever I go, I leave space a cleaner place." Followed by an interruption that theirs was the most polluting style of starship... :D
Here are a few of my 5-minute ideas:
1) Drones are going to obsolete a lot of weapons systems, or force substantial changes. But some (many?) of the ideas have simple counters. For instance, tank top armour has been weak for a century. A fact noted as not future proof forty years ago at least. (Footfall anyone?) But there is no reason that top armour cannot be added relatively cheaply.
2) Drones have a tremendous breath of form factors. For me, the real issue is not size, but autonomy. On man cannot track and control forty drones. Most of us would have trouble with two. Therefore, in the short term, the "swarm" size is limited by the number of people controlling them. So long as the drones lack autonomy, their weakness is their communications to their controller. Note that convoys are already using this against radio-controlled bombs.
3) Anyone who has hunted doves knows that you don't target individual birds, you target the flock. Defence in depth is key, with the earlier rounds basically throwing flak.
4) Civilian drones vs military? I would design small, cheap drone-interceptors. Designed to home in on very small engines other than their own. Launch in batches of 100. In other words, autonomous systems beat others easily. Note: when fighting insurgents, spending 10-to-1 or 100-to-1 is often entirely acceptable--especially if it keeps our casualties down.
5) Autonomous systems are much scarier. (And arguably include cruise missiles.) Sensor blinding feels like a good way to go in many cases. Autonomous swarms are still going to have communications as their big weakness, however, as the swarms have to communicate inside the swarm. Some of that flak will be chaff...
6) Far, FAR more interesting potential in attacks on the homeland.
Re: Regulation over a sweetheart deal
Granholm v. Heald
Regulation over a sweetheart deal
I live in WA, and, just, uggh.
The first problem is all the sweetheart deals that the cables have that have allowed them to create effective local monopolies.
The second problem is that the cat is out of the bag wrt last mile carriers strangling disfavoured endpoints and protocols. (And attacking consumer privacy.)
Now we have sweeping legislation to try to deal with the second problem while ignoring the first.
In the case I know about, the SC decided to invalidate part of the 21st amendment--in favour of the feds. (Which demonstrated finally that the US is no longer a constitutional republic.)
Point. Kinda like M$ has been an idiot tax for most things since Linux matured a bit?
More like, "if you don't want your stuff subject to our jurisdiction, don't hand it to a company that is in our jurisdiction."
G has been slower than most might expect to beef up internal security. The company famously trusts its workers--to the point that, for instance, the quarterly lock on stock sales that is required only of directors and above at most companies applies to all. This came crashing down with the Chinese hack, but it has taken a long time for changes to be identified, agreed, prioritized, and then implemented. But perhaps I need to clarify. It was NOT a free-for-all.
Yes, as an SRE (one of about 1500), I had root more-or-less anywhere. But to actually use that, I had to "break glass". We had special access keys to do so, and a log of my activity went directly to my manager & to security. In my year and half, I never even considered doing so, except for the regular testing that I could.
Furthermore, with the advent of GCP, there was a lot of effort going into figuring out what kind of security changes were needed in order to support that market. It would probably be very interesting to sit in on meetings to try to figure out a way to give someone a pager without them having break glass. My comment was about the reality about how one major play was actually doing things at the time that M$ started. I was not implying anything about whether or not such a policy was proper.
URGENT: US companies are subject to US law!
I don't know if I should just give up the drum, but it is fundamental. A company does not get to ignore the laws of its home nation by becoming an "international". People here rightly jeered the double-Dutch and whatever Irish deal was being used to avoid taxes. Why are data production laws any different?
Certainly, if a company does business in country X, this depends on staying on the right side of the laws of country X. And if it is not possible to comply with the laws of country X and country Y both, then a business decision will have to be made.
If you don't like our laws, don't do business with our businesses. Please. I would LOVE to see the Balkanization of these multinationals, even though it would cost me money. These companies are entirely too powerful, and there are very, very few ways to address the issue.
You mention "someone" and then debunk "everyone". When I worked at G, (as an SRE), I had the ability to root almost any prod box. (I assume there were a few I did not.) I expect that M$ is the same way, or at least was when this started.
Stop us if you've heard this one: Ex-Googler sues web giant claiming terrible treatment. This time, sex harassment
I still don't buy this. I did not buy the idiots claiming this sort of thing was happening every day to every woman at G when I was there, and I don't believe it now. I've worked at startups & at IBM, AMD, and G. It's not just that "I did not see" this. It's that the culture did not tolerate it. Yes, there are unprofessional idiots everywhere. But we're actually too busy to allow garbage of this sort to pass.
Only case I heard about--at IBM my director was suddenly gone one day. Apparently, he had propositioned a subordinate the day before. (She got his job--and was already fast tracking.)
To win against the company, you have to demonstrate that management was aware of the behaviour, and failed to respond appropriately. At G in particular, management was in a perpetual tizzy to identify and eliminate environmental "problems" that weren't even willful. This doesn't pass the smell test.
The problematic underlying assumptions go even further. If a company is completely running there systems on AWS, then having their DNS solely with Route53 increases their expected downtime by how much?
Certainly, some redundancy is likely to be useful, but I'm not going to bet strongly that if Route53 gets hacked, that access to AWS services is going to be fine if only we have redundant authoritative hosts.
Although it is at least just plain rude for Route53 not to support functioning as a authoritative host.
Try the officers first
Perhaps one person making their living as a code slinger in a hundred actually has the scope to evaluate actions at the level being proposed here. On the other hand, the majority of managers (at least) do. And, as a rule, they cannot be bothered.
The fact that it was even necessary to give Heartbleed a catchy name should tell you just how hard it is to get management to allow software engineers to work on customer-damaging issues.
I was dismissed from my last place of work because "my approach was different". My approach is to test all logic & to spend a bit of time every week to make sure that we're not passing CVEs downstream.
Re: Cut along the undefined line or else!
This is the key point. The value of data defined by the uses that we can make of the data. This in turn is strongly correlated to the number of connections of the individual pieces of data. And that to the amount of data.
There were those who worried that the breakup of AT&T would destroy consumer value. That was probably marginal. The worry about the same in the face of a proposed M$ breakup was fairly clear (except that almost all of their offerings were garbage). In the case of G especially, but also f, it would be pretty much crazy to argue that a breakup would not destroy consumer value.
G has a sort of interesting feature in that it has managed to more or less constantly fail at social proper. That means that a geographic breakup (by country) would likely be a lot less damaging to consumer value than breaking up the business units. Not certain how effective that would be, but it would certainly lower G's power.
Especially if, say, there were a Google tld with the country codes pointing the various entities ( www.us.google, www.uk.google, .....)
As I mentioned, not sure that this would actually gain much.
Re: Death of DRM on PC platforms??
A back-of-the envelope computation suggests that branch prediction might be doubling performance in processor-bound applications. If you think that microprocessor designs are complicated today, just wait until you see what comes out to try to claw back the performance losses.
But of course, it's pretty rare to have processor-bound code. The real bottleneck is almost always memory or IO. Caches are there to help with that, but it is the speculative loads & stores that really win here. And are creating most of these vulnerabilities. So we're talking pre- and/or post- buffers on the caches.
Re: Update vs Install
At G, it was about fifty key strokes to tear down the applications on thousands of boxes and replace them with new containers running the latest version. This is being done AFTER the image has been built. In prod, you don't update libraries, packages, or, frankly, anything but the set of containers that is running.
If the underlying OS (or Borg) is to be updated, all of the containers get kicked off. I presume that again, a fixed image is getting rolled out, but I was not working at that level.
Re: Update vs Install
That's the chef model (at least the old one), and past a certain point, it sucks. If I'm using containers, I've can have one set of bits I use in all environments. There is no "update", only, "tear down & replace" at the server level. Of course, you use canaries and the like as you update prod to the version currently in preprod.
Re: DevOps ?
My point is that proper DevOps means that you can sneak security in on them. ;)
Yes, proper QA is about thinking about what kind of idiotic things might happen. So to that extent, npm should accept 100% blame. HOWEVER, who is already root & then runs sudo to root?
Unless I'm really missing something, there is an ID10T admin involved, and this ID10T also gets 100% of the blame.
Re: DevOps ?
DevOps more or less started out as automated deployment processes, especially CI/CD, but in fact is a bit more. When proper software engineering is brought to bear, and the basic tooling is in place, new and better ways of doing things evolve.
For instance, suppose the devs are pushing out an app which is linked to a version of a library that now has a CVE on it. Pre-DevOps, the process would be for the security team to flag the issue and send it back to the devs. Which might spark a series of meetings to argue about what should take priority. If you automate that process (somehow) by having the pipeline flag the issue, you've not gained much.
But suppose you have confidence in your tests. Your build pipeline can simply grab the latest patch release of the library & build against that. If the tests pass, out you go. If not, the failed test triggers a ticket & maybe you have meetings. But if the devs want to deploy with an older version of the library, the onus is on them to prove that its the right thing to do.
Re: So testing before deploying isn't a "thing" anymore?
If you automate a process that lacks proper testing, it's not going to suddenly gain proper testing. If you automate a process and fail to include part of it (like testing), you're going to have a bad time. If you hear some popular term in the industry & decree that you have implemented it, your company is going to have a bad time.
So yeah, if someone is flinging the term "DevOps" around instead of doing proper engineering, that will be a bad thing. Same thing with any other term.
Re: LEARN WHAT IDEMPOTENT MEANS YOU NOOB
Dude, chill. Idempotentcy is a property, certainly. But the use of idempotent functions to achieve a goal is also certainly a technique. People get sloppy like this with language all of the time, but the intent of the communication is clear.
Looks like yet another case of people trying to take work that requires proper software engineering to address and attempting to dumb it down for people who most pointedly are not software engineers.
I don't have any use for a sometimes-available external communications channel in any part of my CI/CD pipeline unless it is a round-trip integration test to an external API service used in production (like a credit card service). And my pipeline knows what do to do when there is a network failure. I have written tools that link our (paid, internal) github to our jenkins servers. And jenkins creates tickets by (gasp) making api calls to our ticketing system. Our ticketing system makes (double gasp) api calls to our mail system to let people know that these tickets exist.
Sure, you can rely on external scripts to do this stuff. But then you have to go through all the steps this article mentioned.
Re: Backdoors don't matter.....
Pinky and the Brain, Season 2, Episode 5.
Kites to only 120m at an optimal place? Wow. I grew up in western Kansas. I've seen kites out with more than a mile of "string". I'm pretty sure that I've personally come near or broken that limit.
Re: Understanding the real horrible nature of Spectre
There are actually ways around this. If you put a prebuffer on your caches and only move the data into the cache proper when the underlying instructions commit, it would work. Assuming that the prebuffer access times are identical to the main cache, and only accessible on the same speculative branch. Expensive. Very expensive. But not as bad as flushing the caches for every process switch.
It's been a while since I had this level of detail, but you're slightly off in a couple of points in an otherwise very informative post.
1) The two-bit predictor is generally the level 1 predictor. At least some AMD products have had a more sophisticated predictor that kicks in after too many misses.
2) The prediction tables are not one-to-one with the addresses, but use part of it (and may hash). Aliasing is a thing.
3) The "speculative" part of speculative execution refers to the fact that results are sent back into the system before they are finally committed. If the execution units only worked on committed results, we have no speculation and no Spectre...