Month: January 2018

There Is a Major Computer Not Vulnerable to Spectre or Meltdown

No Comments

It turns out that, the Raspberry Pi is not subject to these vulnerabilities (From the Raspberry Pi blog) because they chose a processor that did not strive for the last iota of peformance.

The Raspberry Pi single board computer was designed as a low cost single board computer for use in computer education and in the 3rd world, and so absolute performance is not a priority, which means no predictive execution, and no vulnerabilities to either of these exploits:

Over the last couple of days, there has been a lot of discussion about a pair of security vulnerabilities nicknamed Spectre and Meltdown. These affect all modern Intel processors, and (in the case of Spectre) many AMD processors and ARM cores. Spectre allows an attacker to bypass software checks to read data from arbitrary locations in the current address space; Meltdown allows an attacker to read data from arbitrary locations in the operating system kernel’s address space (which should normally be inaccessible to user programs).

Both vulnerabilities exploit performance features (caching and speculative execution) common to many modern processors to leak data via a so-called side-channel attack. Happily, the Raspberry Pi isn’t susceptible to these vulnerabilities, because of the particular ARM cores that we use.

………

Modern processors go to great lengths to preserve the abstraction that they are in-order scalar machines that access memory directly, while in fact using a host of techniques including caching, instruction reordering, and speculation to deliver much higher performance than a simple processor could hope to achieve. Meltdown and Spectre are examples of what happens when we reason about security in the context of that abstraction, and then encounter minor discrepancies between the abstraction and reality.

The lack of speculation in the ARM1176, Cortex-A7, and Cortex-A53 cores used in Raspberry Pi render us immune to attacks of the sort.

Of course, we need the additional performance because no one writes tight code any more.

Airline Passenger Does to Plane What Airlines do to Passengers

No Comments

After a passenger let loose in the bathroom in a way that it, “Resembled the sets in The Wild Bunch if the film had been directed by John Waters instead of Sam Peckinpah,” United Airlines flight 895 was forced to make an emergency landing:

United Airlines passengers found themselves in a fetid situation when their Chicago-to-Hong Kong flight made an unscheduled landing in Alaska after a man had smeared feces all over some of the plane’s bathrooms, airport officials said.

United Flight 895 was diverted to Anchorage on Thursday night, according to CBS affiliate KTVA, and police officials at Ted Stevens International Airport said the landing was due to a “passenger smearing feces everywhere.”

More specifically, officials said the man had dirtied “a couple” of lavatories on the plane and had also tried to cram his shirt down a toilet.

United said in a statement only that the flight was diverted due to “a disruptive passenger.”

This is some sort of metaphor lived in real life.

What a Surprise

1 Comment

That Jewish lawyer that Kayla Moore invoked to defend her husband, Roy Moore from accusations of anti Semitism is not Jewish:

Kayla Moore, the wife of failed Alabama Senate candidate Roy Moore, has revealed the identity of the Jewish attorney she cited to defend her husband from anti-Semitism charges — and that attorney is a Christian.

The identity of the lawyer was the subject of intense curiosity in the Jewish community ever since Kayla Moore proclaimed at a campaign rally last month, “One of our attorneys is a Jew.”

Moore told local news website AL.com on Thursday that she was referring to Martin Wishnatsky, a staff lawyer at the Foundation for Moral Law, which she runs.

………

Wishnatsky, who got a doctorate in political science from Harvard University in 1975, says that he accepted Jesus Christ as the son of God two years later. He first started exploring Mormonism, but later distanced himself from it; he went on to write a book called “Mormonism: A Latter Day Deception.” He now identifies as a Messianic Jew.

………

After two decades in North Dakota, Wishnatsky went on to graduate from law school at Liberty University before clerking for Roy Moore in the Alabama Supreme Court, then working for the Moores’ foundation, where he writes friend-of-the-court briefs.

Wishnatsky’s personal website includes links to poetry, books and legal briefs he has written, as well as coverage of his exploits in church musical performances, talent show competitions and community theater.

………

Kayla Moore had also said last month that she and her husband “have very close friends that are Jewish and rabbis and we also fellowship with them.” According to Southern Jewish Life magazine, she was referring to leaders at Beth Hallel, a Messianic Jewish congregation in Birmingham.

What a surprise. 

She’s either lying through her teeth, or has no conception as to what Judaism is.

How Convenient!

No Comments

After learning of the vulnerabilities of its processors, Intel CEO Brian Krzanich as much stock as was allowed under the company by-laws:

Brian Krzanich, chief executive officer of Intel, sold millions of dollars’ worth of Intel stock—all he could part with under corporate bylaws—after Intel learned of Meltdown and Spectre, two related families of security flaws in Intel processors.

While an Intel spokesperson told CBS Marketwatch reporter Jeremy Owens that the trades were “unrelated” to the security revelations, and Intel financial filings showed that the stock sales were previously scheduled, Krzanich scheduled those sales on October 30. That’s a full five months after researchers informed Intel of the vulnerabilities. And Intel has offered no further explanation of why Krzanich abruptly sold off all the stock he was permitted to.

As a result of his stock sale, Krzanich received more than $39 million. Intel stock, as of today, is trading at roughly the same price as Krzanich sold stock at, so he did not yield any significant gain from selling before the vulnerability was announced. But the sale may still bring scrutiny from the Securities and Exchange Commission for a number of reasons.

Nothing to see here, move along.

Yeah, “Possible” Arson

No Comments

Tina Johnson, who accused Roy Moore of molesting her as a teen, has had her home burnt down, which authorities are investigating at as arson:

Roy Moore accuser Tina Johnson lost her home Wednesday in a fire that is now under investigation by the Etowah County Arson Task Force.

Tina Johnson, who first came to public notice for accusing Senate candidate Roy Moore of grabbing her in his office in the early 1990s, said her home on Lake Mary Louise Road in Gadsden caught fire Tuesday morning.

After neighbors and some utility workers called 911 shortly after 8 a.m. Tuesday, the Lookout Mountain Fire Department responded to the scene. By the time the flames were extinguished, Johnson and her family had lost everything they owned.

“I am devastated, just devastated,” said Johnson on Friday morning. “We have just the clothes on our backs.”

………

“That fire is still under investigation by the Etowah County Arson Task Force,” said Natalie Barton, public information officer with the Etowah County Sheriff’s Department. “A suspect of interest is being spoken to. But there have been no charges, to my knowledge, related to the fire at this time.”

Barton later released a statement, saying, “The ongoing investigation does not lead us to believe that the fire is in any way related to Roy Moore or allegations made against him. More details will be released when warrants are obtained.”

Yeah, right.  Nothing to do with Roy Moore allegations, because random arson is a common thing.

FWIW, there is a GoFundMe for her.

Resisintance, Schmesistance, There’s Money to Be Made

No Comments

What a surprise. The People who are running the so called “Resistance” are taking their vig:

When Donald Trump took office in 2017 many people feared the worst. During his campaign, he promised to build a wall to keep out immigrants, discussed creating religious registries, and was recorded making claims of sexual assault on women. A large group of the American population worried that their rights would diminish during a Trump Presidency.

As a reaction to the fears stirred up by Trump in the White House, the Democratic Party responded with the Resistance. In essence, the Resistance is a combination of activists, groups, Democrat Party leaders, and Democrat-leaning celebrities or media personalities. The purpose of the Resistance has been to organize people against the harshest parts of Donald Trump’s platform. Whether through organized marches and protests, or donning pink hats as a way to promote feminism, there have been many forms of resisting Donald Trump.

While the Resistance might boost morale or inspire some people, it has also become an opportunity for others in the media to make thousands of dollars. Enter Scott Dworkin, an MSNBC contributor, who claims to lead the Resistance in his twitter bio. He has regularly appeared on Joy-Ann Reid’s show, AmJoy. During his appearances, Dworkin has pushed theories of a connection between Donald Trump and the Russian government. He hypes this connection as something that will lead to the impeachment of the President. But that is not where Dworkin’s efforts end; in fact, it’s just the beginning.………

………

During the 2017-2018 election cycle, The Democratic Coalition took in a reported $221,847.62 from individual contributors and spent $209,073.96. A closer look at their expenditures revealed something of interest. The Super PAC made multiple payments of $5,000-10,000 dollars to a firm BULLDOG FINANCE GROUP, for “Consultant-Fundraising.” A quick search of Bulldog Finance Group revealed that its founder was none other than Scott Dworkin himself. In total, Dworkin, who sits on the board of The Democratic Coalition, agreed to pay his consultant firm $79,500.

Furthermore, other expenditures made by the Democratic Coalition had ties to someone sitting on their board, Jarad Geldner, who is listed as the Super PAC’s senior adviser. Geldner also founded FWD Communications, a public relations firm. The Democratic Coalition made multiple payments to Geldner’s firm totaling $18,500.
………

Rather, Dworkin’s Super PAC promotes fear through a repeating cycle of Russian-based propaganda, which garners donations, which pay consultants that generate those stories over and over again, garnering yet more donations. As to what purpose his Super PAC actually serves, it appears to be little more than a Möbius strip of self-serving opportunism. The money sent to this Super PAC would be better spent in other ways to help fight back against a Trump administration. Donors could be sending money to candidates or grassroots organizations, rather than to the whims of Scott Dworkin.

Donate to local campaigns. not the party apparatchiks.

Job one for them is lining their own pockets.

Is It Wrong to Push a Crack-Pot Theory Just to F%$# with People?

No Comments

It appears that a bit of history is false.

The generally accepted fact that Connecticut did not ratify the Bill of Rights until 1939 (it was symbolic) is incorrect.

The reason that this is interesting is that the Bill of Rights sent to the states in the 1790s had 12, not 10, amendments, and Connecticut ratified all 12 at that time, but never properly reported it to Congress.

The first two were not ratified, and were not incorporated into the constitution, though the 2nd amendment (basically preventing Congressmen from voting in their own pay raises) was ratified later as the 27th amendment in 1992 (It’s actually the same amendment, because it never expired).

If Connecticut did actually approve the whole bill of rights, then the first amendment is technically ratified, and it reads thusly:

After the first enumeration required by the first article of the Constitution, there shall be one Representative for every thirty thousand, until the number shall amount to one hundred, after which the proportion shall be so regulated by Congress, that there shall be not less than one hundred Representatives, nor less than one Representative for every forty thousand persons, until the number of Representatives shall amount to two hundred; after which the proportion shall be so regulated by Congress, that there shall not be less than two hundred Representatives, nor more than one Representative for every fifty thousand persons.

Yep, you got it right, it requires that Congressional districts have no more than 50 thousand persons, as opposed to the roughly ¾ million (actually 710,767) currently used.

By way of comparison, the Maryland House of Delegates has roughly 42,000 people for each representative.

This means that, if Connecticut were to notify the US government of the vote, there would be 6175 (you gotta round up) members of the House of Representatives.

I think that some sh%$ stirring is in order by a member of Connecticut’s Congressional delegation.

I am under no illusion an appellate court, or (inevitably) the Supreme Court would uphold this, but the ambiguity that it would bring, and in the best case it might result in an increase the number of seats in the lower house of Congress to something more reasonable.

I am not suggesting that they could actually win a court case, but it’s a great way to f%$# with the Republicans, because it is a lot harder to Gerrymander 6175 districts than it is to Gerrymander 435.

H/T Naked Capitalism.

I Am Not Sure If This Is “Well Done”, or WTF

No Comments

The US has suspended security assistance to Pakistan because they have been paying footsie with the Taliban and the Haqqani network:

The United States announced Thursday it was suspending security assistance to Pakistan for failing to take “decisive action” against Taliban militants targeting U.S. personnel in neighboring Afghanistan.

The State Department’s declaration signaled growing frustration over Pakistan’s cooperation in fighting terrorist networks, but it was not immediately clear how much money and materiel was being withheld. The vague details suggested the primary goal was to substantiate President Donald Trump’s surprising New Year’s Day tweet that accused Pakistan of playing U.S. leaders for “fools.”

Spokeswoman Heather Nauert said the restrictions covered security assistance above and beyond the $255 million for Pakistani purchases of American military equipment that the administration held up in August.

Nauert said details were still being worked out on the additional funds, and referred questions to the Defense Department. Earlier Thursday, Defense Secretary Jim Mattis said the policy on military aid was “still being formulated.”

One of the corner stones of the conventional wisdom that is the foreign policy community some times called, “The Blob,” is that Pakistan is a crucial ally in the, “War on Terror.”

I remember that Osama bin Laden lived for many years in, and was found, and killed, in the same neighborhood as the Pakistani military academy, as well as their long history of playing footsie with the Taliban, so I am inclined to think that they are a part of the problem.

Crap

No Comments

The Republican won the random drawing in the Virginia House race, so ‘Phants continue their control of that body:

A Virginia elections official reached into an artsy bowl, pulled out a name and named Republican David E. Yan­cey the winner of a House of Delegates race that could determine which political party controls the chamber.

Triumphant Republicans declared that they would be in charge when the legislature reconvenes Wednesday. But Democrat Shelly Simonds did not concede, and she could request a second recount.

With that race in limbo and Democrats suing over another disputed Republican win, the GOP’s hold on a chamber it has dominated since 2000 remains tenuous. In a hearing Friday in federal court in Alexandria, Democrats will ask a judge to order a new election for a Fredericksburg-area House seat because nearly 150 voters were given the wrong ballots.

Thursday’s dramatic and rare election lottery, carried live on CNN, drew national attention as an odd way to decide a highly consequential contest. Simonds and a crowd of about 100 state officials, journalists and politicos crowded into the West Reading Room of the Patrick Henry Building for the event. Yancey was not present, although he sent a representative.

So, no Medicaid expansion then.

On the Crapification of American Life

No Comments

The author, who shuttles between Europe and the US, notes that the quality of everything here sucks:

Everything I consume in the States is of a vastly, abysmally lower quality. Every single thing. The food, the media, little things like fashion, art, public spaces, the emotional context, the work environment, and life in general make me less sane, happy, alive. I feel a little depressed, insecure, precarious, anxious, worried, angry — just like most Americans do these day. So my quality of life — despite all my privileges — is much worse in America than it is anywhere else in the rich world. Do you feel that I exaggerate unfairly?

I am not sure why, though I think that the myth of American exceptionalism has something to do with it, but the model for American businesses is doing your job as poorly as is humanly possible.

Look at the airlines, or the cable companies, or the insurance companies, or finance, or healthcare, or pharma.

They all suck like 1000 Hoovers all going at once, and every one depends on some sort of information asymmetry, deception, or public subsidy for viability.

Why Am I Not Surprised?

No Comments

I just found out that in most states, “Hairstylists are Required to Attend Significantly More Training Than Cops.”

I guess that a blow drier is more dangerous than a Glock:

Absurdity is a common trait of bureaucracies. But nothing says “we have no clue about the laws we pass” more than state requirements for law enforcement training.

Police are given the trust of the municipalities in which they ‘serve’ to uphold the rule of law. They are given a gun and vehicle and a certain level of autonomy in order to accomplish this task.

They consistently find or place themselves in compromising positions in which they must make life or death decisions; decisions which affect the lives of every person in this country.

………

With all of these particularly intricate responsibilities, one would naturally come to the conclusion that a police officer should be required to attend a significant amount of training to achieve maximum proficiency.

Some would assume that the required training to become a trustee of public safety and carry the vast responsibility of a police officer would require considerably more time than say, the training that it takes to learn how to cut hair.

However, they would assume incorrectly.

In New York, hairstylists need 50% more training than cops, and in California,  it’s 140% more.

Something is seriously f%$#ed up.

Good Riddance

1 Comment

Kris Koback weeps, because Donald Trump’s bogus vote fraud commission is no more:

President Trump on Wednesday abruptly shut down a White House commission he had charged with investigating voter fraud, ending a brief quest for evidence of election theft that generated lawsuits, outrage and some scholarly testimony, but no real evidence that American elections are at all corrupt.

 Mr. Trump did not acknowledge the commission’s inability to find evidence of fraud, but cast the closing as a result of continuing legal challenges.

 “Despite substantial evidence of voter fraud, many states have refused to provide the Presidential Advisory Commission on Election Integrity with basic information relevant to its inquiry,” Mr. Trump said in a White House statement.

 “Rather than engage in endless legal battles at taxpayer expense, today I signed an executive order to dissolve the commission, and have asked the Department of Homeland Security to review these issues and determine next courses of action,” he said.

This is a good thing, but not a perfect thing.

A perfect thing would also involve having Kobach frog marched out of the White House in handcuffs.

When a Press Release Becomes a Breathless Headline

No Comments

There are a whole bunch of headlines screaming that anthropogenic climate change could eliminate chocolate from the world in just 40 years.

I get it:  Climate change has the prospect of causing major disruption in all sorts of agriculture, and coastal cities, and social unrest.

It’s real, and the potential harm is high.

That being said, this story is all about someone trying to make their product the next big thing.

Just read this:

Beyond the glittery glass-and-sandstone walls of the University of California’s new biosciences building, rows of tiny green cacao seedlings in refrigerated greenhouses await judgment day.

Under the watchful eye of Myeong-Je Cho, the director of plant genomics at an institute that’s working with food and candy company Mars, the plants will be transformed. If all goes well, these tiny seedlings will soon be capable of surviving — and thriving — in the dryer, warmer climate that is sending chills through the spines of farmers across the globe.

It’s all thanks to a new technology called CRISPR, which allows for tiny, precise tweaks to DNA that were never possible before. These tweaks are already being used to make crops cheaper and more reliable. But their most important use may be in the developing world, where many of the plants that people rely on to avoid starvation are threatened by the impacts of climate change, including more pests and a lack of water.

What is the first thing that you think?

If it’s panic over the potential of a world without chocolate, then you are the victim of what is called a “Hack Journalism”.

Some steps:

  • Check Snopes.
  • Figure out whose pocket is lined.

In this case, Snopes has it pegged as a fraud, and it’s clear who is making money from this:  Monsanto and its ilk.

Chocolate is not going away.

It might move a few miles further south, or a few hundred feet higher, but this is a press release for transgenic IP protected agricultural products.

Forcefully Unmap Complete Kernel With Interrupt Trampolines

No Comments

Yes, Apple crippled older phones, and Intel said, “Here, hold my beer.”

Basically the error can allow low level programs to take over the kernel, with a result kind of like that scene in Raiders of the Lost Ark when they open up the ark.

There is a fix, but it involves changes to the operating system that causes a significant performance hit, and Linux developers were unamused:

2) Namespace

   Several people including Linus requested to change the KAISER name.

   We came up with a list of technically correct acronyms:

     User Address Space Separation, prefix uass_

     Forcefully Unmap Complete Kernel With Interrupt Trampolines, prefix f%$#wit_

   but we are politically correct people so we settled for

    Kernel Page Table Isolation, prefix kpti_

   Linus, your call :))

As near as I can figure out, Intel’s claim that this is, “Not a bug,” and this appears to be true.

This appears to be a direct consequence of their attempt to boost processor performance in their competition with AMD, which appears not to be vulnerable to the “KPTI” bug, also called “Meldtown”.

However, it does appear that speculative execution in general creates a whole host of potential (though thankfully more difficult) exploits across a much wider range of processors. (This one is called Spectre).

I’m beginning to think that it is time for a major change in CPU architectures.

Protecting Our Purity of Essence

2 Comments
The latest health fad for people is untreated and untested drinking water:

Welcome to 2018, where some things never change. Selling snake oil to those with more money than sense is still a thing, and the newest “health” trend is already upon us.

According to the New York Times, a new “raw water” movement is springing up in the West Coast of America, particularly in affluent areas like Silicon Valley and San Francisco, in an attempt to “get off the water grid”.

We’re sure many of you are scratching your heads and wondering what on Earth “raw” water means, and, taking its literal meaning, why on Earth that would be a good thing. So, let us explain.

“Raw” water (yep, sticking to air quotes) is, according to Live Water – who sell 11-liter (2.5-gallon) bottles for a hefty $37 – unfiltered, unsterilized, untreated spring water, and this is a good thing because unfiltered water has some kind of loosely defined probiotic quality, filtering water removes beneficial minerals and tap water is poisoned by those in charge.

They are literally spending 7 times as much for water as I do for regular unleaded gasoline.

To quote a character from a comic book, “I firmly believe that if you can’t fool all of the people all of the time you should start breeding them for stupidity.”

Here is some musical accompaniment to this story:

OK, This is F%$#ing Amazing Trolling

No Comments

This may be the best troll ever done on Twitter:

this is the best pic.twitter.com/VondMhYhgk

— sam glover (@glovelyjubbly) January 1, 2018

When I first saw this, I thought, “People should never quote that overrated hack ……… Ummmm ……… I mean Freidrich Hayek, not Selma Hayek ……… I’m fine with quoting her ……… OMFG! That pack of right wing nut jobs just got completely owned.”

Well played, my friend, well played.

You got movement conservatives saying that Freidrich Hyek used his looks to get ahead.

That is brilliant.

H/t DC at the Stellar Parthenon BBS.

Better Judgement or Cowardice?

2 Comments

A couple of weeks back, I went to lunch with my colleagues at work.

We went to Mission BBQ with colleagues.

Mission Barbecue includes a heavy branding on the whole, “Support the Troops,” thing.

One of the things that I discovered, when we arrived at noon, was that they play the Star Spangled Banner at noon, as we walked in the door.

Everyone was standing, looking at the flag with their hands on their hearts.

I just stood there, no hand on my heart, but then I thought, “Maybe I should go down on one knee.”

Instead, I just stood there.

Should I have kneeled, or perhaps (as a friend suggested) lift my arm in a Black Power Salute, or would that just make me an asshole?

I’m still conflicted.

It’s Called a Windshield Wiper

No Comments

I saw an article talking about how Silicon Valley is a terrible place for testing self driving cars because the weather there is too good.

Of course there is not a whole bunch of snow there, but there are ski resorts about 100 miles away, and mountains, etc.

They also make the point that this is a tremendously difficult problem.

The truth is that it is not a big problem.  The solution is called a windshield wiper.

In fact, I spent nearly a year working on a windshield wiper system for the LIDAR sensor clear on the US Army’s now canceled MULE (Multifunction Utility/Logistics and Equipment ) program.

The windshield wiper was complex, because the sensor covered about 200 degrees, and the windows were faceted with sharp edges, and I had to design a linkage to make the wiper follow the profile, and EMI/RFI shielded cabling, and gas tight seals, etc. ………

This is not trivial, but the solutions are straightforward, and California can accommodate pretty much all of the environmental conditions with the exceptions of tropical rain forest and tundra.

The real problem with the self-driving cars being developed in Silicon Valley is that the Silicon Valley ethos simply does not work for things that have to work outside of a computer.

The debacles at Theranos and Juicero are classic examples as to what happens Silicon Valley tries to conquer the real world, it turns to complete sh%$.

There may be self-driving vehicles capable of driving on any road before I die, but they will not come from the minds of Google, or Tesla, or Uber.

It might come from the NSA, it might come from Detroit, but truly autonomous cars are not cute cat GIFs, so I don’t expect them to come from the Randian supermen of Silicon Valley.