* Posts by tim292stro

69 posts • joined 7 Jun 2017


Oddly enough, when a Tesla accelerates at a barrier, someone dies: Autopilot report lands


Re: Not an "autopilot"

"...OK, so what if there's no mass transit in your area, you're still expected to work on time despite something like uncontrolled epilepsy, you live alone, and you can't afford to move?..."

Then statistically that person is a heck of an outlier (specifically a poor, solitary, epileptic, living outside a major metropolitan area - I'd estimate less than 0.01% of the total global population), and obviously not the target audience for this type of product. Tough life.


Re: OlaM

"...Autopilot on planes is simple.

You are joking, right ? Do you have any idea of the sheer number of flight parameters there are on an aircraft ? Ever heard of lift, roll, pitch, yaw, stall, altitude, air density, thrust...?..."

I think he means the data entry for autopilot systems and what they are meant to control is simple... On something like an Airbus A310, the autopilot has only a few controls: heading, altitude, speed.

All of the flight surface controls that affect the airframe's trajectory are manipulated by fairly simple optimized mathematical models and some simple tuned filters to control dynamics - but the user doesn't get a window into those on the display. They just get three settings and a few knobs to adjust "the big picture".

Hell if you set your altimeter's barometric value (which tells the plane what altitude it's at) wrong your automated landing system (ALS) can fly you right into terrain... The actual skill on a modern commercial plate still occupies a seat and has to RTFM to get the procedures right...


Re: OlaM

"...IMHO if you manually tell it to do a dangerous thing, it stops being an autopilot at that point. Aircraft autopilot follows routes, with set safe altitudes, and terrain-following radar to avoid collisions..."

Autopilot is pilot automation - but only REDUCING the pilot workload. If someone or something is watching your heading and altitude, it can give your brain cycles to look into why your #3 engine is running a little warm. It helps you follow your flight plan easier too, getting you from one waypoint to the next and lining you up for a nice landing on the runway you punch into the flight computer.

Now realize that they still load navigation data onto those things with 8" floppies on some older variants, and you'll start to get an idea about the technical limitations of what an autopilot can do. Your average 737 doesn't have the latest Nvidia Volta GPU in its telemetry rack - it's a step up from vacuum tubes and loading programs by tape or punch card.

Aviation autopilot also has the benefit of a mandated air traffic control in Class A airspace, so that comes with an external nanny in the event something goes off. You may have also noticed the lack of erratic turns and road maintenance issues on your last flight (although the turbulent air potholes can bee a real pain).

Getting a self driving car to work without human oversight is a HUGE effort, and is has never even been attempted at commercial scale in aviation or marine markets (there are recent attempts to get systems working but nothing is being deployed like Waymo on the water or in the air).

"...Tesla's tech shot off into a barrier..."

Sure that's one damning way to look at it, but as an engineer I also look pragmatically at the longer phase that was used to describe this situation: "it was following a car and then the car went through an interchange and then the Tesla drove into a barrier". I also noted in the NTSB statement that the following distance was set to minimum...

So with those two data points, I immediately apply my expertise in driving in the S.F. Bay Area, where our roads are crap, and so are our drivers (on ballance).

I can imagine a scenario where, the Tesla was following a car that decided late, to take the interchange a different way, and made a moronic move across the gore point which was poorly maintained (we are lucky if Caltrans fixes a crash barrier or guard rail within a month let alone a week - now take a guess how bad the paint markings are...). Now in my imagination I can see the Tesla following closely behind that idiot who jumped across the gore - with the lane markings partially obscured by the closely followed car in front (the idiot's car). In that case, the car was probably simply following the car in front into the gore that was poorly marked, and once the idiot completed his late freeway change to the other direction across the gore, the Tesla realizing he was crossing a line decided not to follow him. From there the line which would have been the left solid line may have come back and the car thought it was in a lane and tried to center itself (remember it's narrow at the tip of the gore). Another part of the code, facing south and brightly lit from head on by the sun (because that's the direction that interchange faces) no longer saw a vehicle in front - many reasons possible, a Tesla has previously not seen a truck trailer across lanes because of poor lighting, I'd speculate that the camera based vision system Tesla chose still can't see in adversarial lighting conditions. Then with no one in front the car attempted to return to the un-obstructed cruise control set point (even though the speed limit is 65, people will do 90 because they feel like it - Tesla drivers out here love their electric torque and drive like jerks.

So the steering would be trying to center itself on the two lines it detected, and the cruise setting would not think there is a car in front so would speed up to the set-point.

To me, this looks like a failure of localization (GPS-only can easily be off by 3-meters, or about a full lane). Without having a high resolution map and LIDAR to compare your position on the road, to known fixed things like concrete barriers, bridges, and road signs - relying on radar within a few miles of Moffett NASA Ames Federal Airfield which has the civil aviation surveillance radar for the S.F. Bay area, isn't a good idea - and that pretty much leaves you with visual navigation to keep you in lane.

See previous comment about which direction the forward facing camera was pointing relative to the sun, and our terrible road maintenance practices in California and the obscuring of oncoming obstructions by the car in front. If anything I'd be surprised if Caltrans doesn't get a bit of a spanking on this for road conditions, and then Tesla being dragged over the coals for not having good enough sensory perception and geo-localization.


Re: Self Preservation mode

"...I've said it before and I'll say it again. Its a glorified cruise control. Calling it "Autopilot" vastly overstates its abilities and lulls drivers into a false sense of security..."

I've hadn't really noticed that people had such a messed up definition of autopilot until the last few days when this crash's report came out.

This is Autopilot. Not a chauffeur, or a self-driving car. On and airplane, Autopilot holds a heading and an altitude. It does not steer around other planes or terrain. On a boat, autopilot will hold a magnetic/true-heading course, it will not avoid other boats or undersea obstructions and the shore. Sure other systems have been piped into those autopilots to do more advanced stuff - reaching waypoints can trigger the loading of the next waypoint with a new heading - and radars, GPS, TCAS, and transponders add to the overall information picture, but a person still needs to respond when all the alarms start going off.

If you set a heading on a boat and then go below deck to get a cup of coffee for 10 minutes, the autopilot will drive itself right into another boat and not think anything was wrong with that. We don't have <u>self driving</u> commercial boats and planes yet either... The US Navy had a few crashes in recent history that show what happens on a boat when you don't pay attention to what your automation systems are doing.

It seems that only in the delusions of people who are literally >>>dying<<< to get a self driving car, that the definition seems to have been misunderstood.

Uber robo-ride's deadly crash: Self-driving car had emergency braking switched off by design


Re: Design Life Limitations

"..."Anything with electrolytic capacitors has a useful life limit of about 10 years, then the seals leak or the caps dry-out"

Nope, only if they're bad caps.

I have equipment with 30 year old caps in them that is just fine.

Bad caps was an issue we thought had been nailed down in the 1970s. It came back due to industrial espionage and counterfeit manufacturing. In any case if you know it can happen you design for the possibility..."

You forgot, bad quality control out of Taiwan as recently as the 2000's, and I presume you understand that anecdotal examples of still-functioning-presumably-well-cared-for-kit does not equal statistically significant data. Electrolytics can lose their electrolyte and still appear to function, but not have the same technical characteristics required when they were implemented in a circuit design (typically the capacitance begins to decay and the ESR spikes). Also don't confuse "appearance of function" with engineering design margin - in a safety critical system, the limit of the engineering margin should occur far before the system fails to behave in a way that puts safety under threat.

All that said, I do feel I should revise my statement - 10 years is the maximum one can expect nominal performance without service intervention. As I had already described, I have presonaly repaired an instrument cluster, and just this weekend, I replaced a few caps in the standby power supply of a Yamaha AV receiver to bring it back from the dead (higher ESR from dried out electrolyte resulted in too much ripple on the standby rail, and made the microprocessor trip it's brownout reset constantly). Age related failures can be managed, but it's not a hands-off deal, and let's be honest - most auto repair shops have turned into part-replacer shops. I haven't seen one in 25 years that would do component level debugging, unless it was a classic car, numbers matching and the parts were actually impossible to obtain. Even Tesla seems to suffer from this, I've heard anecdotally that if a car throws an error code, they start carpet bombing possible causes until it goes away, then they leave in all the extra parts they installed and toss the other parts working or not - this is all second hand info though for what it's worth.

I just went back over the big four aluminum electrolytic capacitor manufacturer site (Nichicon, Panasonic, KEMET, Vishat, etc...) looking at longevity application notes, and none of them guaranteed >15 years life, and all agreed that seal life time was the reason. Even worse, depending on hot and cold maximums, life can be exceptionally short (1,000s or 10,000s of hours). We all can appreciate the severe environments automobiles operate in, it's hardly 25C ambient on the exterior of the vehicle.

the takeaway is no engineer would, in light of those app notes, recommend to the company's legal team that they should extend out the warranty. The more potential failure points one puts in a design, one must assume that the probability of any failure mode occuring would only increase, so you'd reduce the warranty period to only cover infant mortality and possible but unlikely edge cases, and then let the bulk of expected failures cause the customer to replace the major component or the entire product on their own dime once it begins to fail.

Cheers! :-)


"...The analog ones tend to be pretty reliable. OK, fuel floats can stop working, but analog devices to measure temperature and voltage are pretty much foolproof..."

You are glossing over the other problem with the tight integration for digital systems rather than analog sensors: What is interpreting the collected data. This is where I really balk at AVs removing all drivers from the road - a code flinger sitting in a cube will program the ECU/BCM/Autonomous system to rely on only what is made available to it. Since it's too expensive to put a sensor of everything, and sensors fail, the decision tree to resolve what is actually the problem will be very limited in some cases (a roundabout way of saying the result will be wrong - and probably often).

In ye olde days, where your fuel sensor was a variable resistor attached to a float, and the signal varied the current on a wire which heated a bi-metal element in a gauge based on that current - if something went wrong, to the "skilled" (i.e. anyone who had to deal with the cars available), a stuck fuel gauge became obvious rather quickly. Likewise an engine water temperature sensor that suddenly spiked when the vehicle ran over a bump (suddenly meaning faster than the physics of heating water with an engine allows for), you could tell that the value was B.S. In that case the data was presented to the human operator, and they applied their experience with their specific vehicle to determine the validity of the data in relation to the total vehicle function.

Most engine computers etc. are designed to catch the large distribution cases - a specific vehicle with a specific chronic problem may thus be an outlier, and the ECU may mis-diagnose a problem. I am reminded of my wife's '90's Chevy Cavalier which after running over an extension ladder on the freeway never stopped complaining about how the emissions system was out of spec - because GM put the wiring harness from the ECU right under the front bumper where it was most likely to be hit by road debris. I'm also not aware of any vehicle manufacturer who currently implements a smell sensor or a camera underneath, to detect leaking coolant, power steering fluid, transmission fluid, or oil - even though the driver can easily look at the spot the parked in after they leave or before they get in, and the smell of each fluid is unique. They wait until the problem has gotten pretty severe (low level) to detect/report it.

We in the USA already put a majority people on the road who don't care to understand maintaining their vehicles, how to interpret what the vehicle is telling them. I lament how much less useful we are trying to make ourselves in order to save the 0.012% of the population that dies as a result of automobile accidents. I take the less popular position that we need fewer safety warnings and more heard thinning...


Design Life Limitations

"...Sensors and electrickery may work when it is brand spanking new, but what happens when it is ten years old and getting an annual MOT, maybe? My three 12 year old cars regularly throw up sensor faults, from oxygen sniffers to ABS - what do we do when the "don't run over that kid on the crossing" sensors go bad?..."

Anything with electrolytic capacitors has a useful life limit of about 10 years, then the seals leak or the caps dry-out, and the whole thing starts behaving badly. I had a '93 Toyota pickup with a speedometer that stopped working - turned out the stiffening cap on the +5V rail after the regulator leaked, ate the copper trace to the point it wouldn't support the stepper driver's current, then the remainder of the trace blew like a fuse. Simple enough to fix with a new $0.30 cap and some wire to bridge the burnt trace if you have ever worked on electronics, but the dealership tried to sell me a $1500 instrument cluster, then they wanted to charge the labor to put it in...

There is a reason nobody in the automotive world offers a >10 year warranty ;-)

IMHO, more electronics seems like a solution to whatever ails the automotive industry, but the potential waste stream from all of these is huge. Assuming anyone tries to keep these vehicles on the road past the design life, and that's assuming the manufacturer was making customer-oriented descisions when they produced the parts (yeah right).


This confirms my suspicion, that the SW stack from sensor fusion on down (well after the sensors themselves) was to blame. That and the completely moronic decision tree at Uber that led to a vehicle having all control of a vehicle except the >>>safety<<< controls. I agree with other posters here that there needs to be a federal fine and probably a prohibition on Uber ever going near AV development again. This car saw the person conflicting with the vehicle, couldn't make heads or tails about what was going on but wanted to stop - and was prevented from doing so by an administrative decision. Kind of like a new driver being on the road with an annoyed parent in the passenger seat, and the new driver coming across a situation they are not certain how to handle and wanting to stop, and the parent blindly yelling - "JUST KEEP GOING!!" without looking up from their iPhone. Total negligence on Uber's part.

Of course I just had a vehicle totalled by a real Uber driver on April 30th, 2018 - because his passengers told him to "make a u-turn", and he just did it. Across 3+ lanes of 30MPH traffic coming up from behind him and oncoming. Without looking first. In a cut-through in the median where left and u-turns were forbidden. After stopping to pick up passengers in a bike lane that was very clearly posted "No Stopping Any Time". Yeah, none of those descisions were right either. I managed to not kill or injure him or his passengers even though I was driving a 6,000lb 1980's Chevy Blazer, and he was driving a little 20-teens Honda Civic 4-door.

I'm still shocked that anyone intentionally works at Uber any more or that they haven't been sued out of existence long ago...

Trio indicted after police SWAT prank call leads to cops killing bloke



Yeah, so I have a VoIP home phone, and I administer my phone system (Asterisk). It has always been interesting to me that Law Enforcement agencies are getting away without liability when someone gets SWATTED. I can't use my home VoIP phone number to register for various services (take a look at Google Voice for example), so the technology to detect when a phone number is originating from VoIP exists. I would think that given the few SWATting events that turned out badly, the 911 call centers would get a red flag if the incoming number was a VoIP number, so that if they are reporting a SWAT call-out-able event, there would be some suspicion on the dispatcher's behalf, and some extra caution on the SWAT team's behalf.

Also, if the world was a wonderful place we'd try to apply the rule for both IP addresses and phone numbers - an ISP/carrier shall only pass out a packet/call when the IP-address/phone-number originates from one of their own customer accounts. Everything else is "dropped" and referred to fraud analysis and enforcement. Since all numbers are managed by a resporg (Responsible Organization), a master table of which carrier the call should be coming from is already available and distributed - all 911 calls should be vetted in general, but I actually feel the same rule applies in the reverse of the above: If you are an ISP or carrier and you see and IP-address/phone-number dialing in from the wrong ISP/carrier, that call should be dropped and the ISP/Carrier reported to the authority having jurisdiction. Even more obvious when you see an IP-address/phone-number coming in from outside of you that YOU own...

I'm personally really tired of these Neighbor Spoofing calls I get in Mandarin (which I don't speak).

New Facebook political ad rules: Now you must prove your ID before undermining democracy


"...The horse is a speck on the horizon – but at least the barn door now has a bolt on it..."

Maybe they should now focus on putting a roof and the other three walls on the barn - IMHO Facebook controls are more of a one-wall-set-piece than a full free-standing structure.

"...We believe that increased transparency will lead to increased accountability and responsibility over time – not just for Facebook but advertisers as well..."

<humor> Read as: We're hoping you don't notice in that statement that we've basically admitted that up until now we have had no clue who was using our systems and how - we're really scrambling to even get basic usage statistics beyond how many dollars we pulled in or how many accounts we have active on a day-to-day basis. </humor>

"...If a person sees a political ad that doesn't have a label and needs one, we're asking them to report it..."

<humor> Read as: In order to not get broken up (which we really, really don't want to have happen, because it might impact our employee profit sharing!!), we are doing our level best to ensure we don't have to understand what we are actually doing, and also that we are trying as hard as possible to find a way to have plausible deniability and no responsibility if we manage to cock it up. After all, if Congress or the EU comes back and says "Hey what about this political ad?" our architecture will allow us to say "Nobody flagged it as political, thanks for notifying us about it, we'll look into your concerns and promptly tell you that we were not responsible." Anyway, since we'll still be running the database where we keep track of people's reports of political ads, we can just go in there and tweak (or more likely, remove) the numbers if it looks like we are about to get in trouble. </humor>

Furious gunwoman opens fire at YouTube HQ, three people shot


Re: then I would force people to learn empathy.

">>...Can one "learn empathy"?

>I've always thought empathy was a capacity one either has or lacks. Sociopaths can learn to fake it, but learn it?..."

I also read a study that showed that having Sociopaths around is good for critical/difficult decision making, especially in a crisis requiring triage. If everyone "understood and shared the feelings of" everyone else, we could not ever pass a law that "negatively affects" someone else... Like everything else in life, empathy and sociopathy is good in moderation - logic and reason have to be allowed entry into a discussion between multiple people groups of people and the realization that for the greater good some bad must be allowed to exist/occur.

I'd like to see logic and ethics back in the required course classes for primary and degree diplomas... I feel the absence of that might have had a negative effect on our most recent generations.


"...You do realize that the entirety of your commentary means that rampant gun ownership is not required to overthrow a tyrannical government, and is thus a brilliant argument for gun control?..."

Well no, again there is an external muddying happening here regarding the 2nd amendment - what the 2nd amendment essentially says (paraphrasing) is that our government or any other government cannot disarm the American people as that would provide a gateway to becoming tyrannical and oppressive to the American people.

Also @defile but in relation to this comment and for the sake of contextual clarification from my end, one cannot separate the US military's soldiers from the citizenship (aka "the people) as the military is comprised of citizens and those who are in good standing and have through a legal process, obtained Green Cards (the green card soldery thing is an interesting case where you are still subject to Green Card penalties if you are found to have committed a crime, including expulsion from the country). In general the people of the USA are proud to have soldiers as citizens among us (many of my best friends serve/served, my 1st choice best-man only missed out because of an Iraq deployment - my dad was Navy and my father-in-law Air Force). So conversationally we don't separate ourselves from our military service-people. @defile, you caught this subtext I note in a follow-up comment. So, when I say "we" can get organized against a government which has become tyrannical, I never for a moment assume that at least some fraction of the U.S. military (either active or the vast pool of retired, or private contractors would not be involved.

I noted in that last comment after the edit window expired, that I should have also qualified the suggestions as merely "hypothetical" when talking about overthrowing any government - I was simply exercising my mind after the invitation to do so, and have no motivation as of yet to seek any such overthrow. I still believe we can talk things out for now.

Cheers. ;-)


Re: Of all places

"...Use your emotions man!..."

Argh!! Anger!! Fury!! (better? ;-) )

I remember once coming upon a severe car crash. I got on the phone to 911 (local emergency number), calmly described the location, and the circumstances of the crash, and began controlling the scene so that there weren't any secondary accidents that might hurt me or the other people who had also stopped to help. When the CHP showed up and the fire department, they took a statement and took over scene control. Right before I was cleared to leave by the officer, I received a comment "You're pretty calm for having just seen all that" - I replied, "Would it have helped if I freaked out?"

If I were to believe in wishes, my only one would be that people stopped and thought a bit before running around screaming and flailing. We humans can be pretty smart if we give ourselves a chance to use our brains...

Cheers ;-)


"...As I say, I understand the sentiment behind the argument, but it only works when both sides have horses and rifles..."

@defiler: I personally drive an M1009 around as a daily driver in the S.F. Bay Area and I'm not the only one I see around here - not saying that's going up against an A-10, but military grade hardware does get into the hands of civilians in the USA - mostly at DoD auction or through other transactions. There are tank collections in the S.F. Bay area hills, and we have the benefit of home turf advantage.

Also don't underestimate will and ingenuity when it comes to capturing military hardware when necessary - yes there would be a human cost but I'd offer an A-10 pilot might not want to do that strafing run against an unarmed city protesting an overreaching lawn ordinance - they know not to follow unlawful orders. If the USA recalled all 2-Million active and reserve and sent them all to California for instance, that's one service-person for about 15 Californian men women and children. They would have to be split to logistics and command/control (about 50-60%) with the remaining 40% reduced to containment and imprisonment and the limited combat roles - even with force multipliers like jets with high impact munitions, I don't think that's a manageable combat environment personally, just due to physical size and population we're a pretty hard target for our own military.

Further, you can't presume the military in the USA would be 100% behind a tyrannical government, and if the majority of the people are against the government, the military would have reason to be party to a coup against the government in order "...to alter or to abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness..." After all - the military needs money, and the citizens pay for it - and the military is essentially comprised of its citizens.

Somolians demonstrated $50 RPG and enough people shooting will take out a multi-million$ helicopter - FLIR has blind time during the night-day/day-night transitions, C4I systems can be interfered with when FCC regulations no longer apply, night-vision can be countered with fire - think uncontrolled wildland fire... heading right towards your government compound - chemistry still works when you're not the good guy so IEDs could become homegrown. Military action is mostly logistics, and the US military depends on the backing of the US industrial complex - which in the CONUS the civilians own and control the resources in a way the military could not effectively overcome. The people only really need enough hardware to get a foothold and demonstrate their will IMHO, the military would have little choice but to follow.

My brother teaches chess so he's well armed, but I still know enough to make a mess of his plays on a board, and I would only need to keep them busy... ;-)


Re: You can't legislate evil out of society

"...@tim292stro: You haven't provided an argument against misuse here, you've reinforced it, as the use of a deadly weapon to counter the use of a deadly weapon doesn't change the fact that the thing is designed primarily to harm humans, and the fact that it creates an arms escalation to keep a sort of Mexican stand off balance demonstrates that its primary use is effectively the problem, regardless of which side of the goody-baddy line you stand..."

I haven't attempted to make a cause for or against misuse, I've merely pointed out that your perception of the definition of misuse apparently includes "all use," and that definition is not inline with written and enforced law even in countries other than the USA. I am more pointing out that you seem to be mad there is a difference between good and evil and that they have it out now and then - I'm not sure about what to do with people like you, except ensure people who think like you don't ever get control/power. Which I suppose is why the NRA fights blanket gun control. Don't misread that comment to imply I respect or think any less of you as a person, you just don't have a future in US politics IMHO...

For the record, I am in general like most people - against misuse, aka what we commonly call "crime". But I'm also totally all for enjoying what we generally call "not crime" or "Life, Liberty, and the Pursuit of Happiness".



Re: Back on the hamster wheel..

"...So basically you say affluent people don't want guns - not even for protecting themselves and their wealth, while poor working class one need one to rob the affluent ones, so it's OK they can find them everywhere?..."

Well no, the rich pay the upper-middle class to protect them with their guns from other middle class and lower class. Warren Buffet doesn't walk around with a conceal-carry on his hip, but his private security guard's firm who have access to fully automatic weapons that the rest of us can't legally buy and carry...

The rest of the time the rich use guns for sport... hunting or target shooting and sometimes just collecting.


"...If you outlaw guns, only outlaws will have guns...

And the police, the armed services... and indeed anyone with a legal purpose for gun ownership..."

And before you think the police and military are never the outlaws, Texas church shooter was ex-Air Force, Lee Harvey Oswald was ex-Army, eight cops in Boston just got arrested for stealing a drug dealers car on going on a crime spree and they tried to pin blame on the arrested dealer, in Texas if they believe you had anything to do with crime they can seize your assets and you must prove beyond a reasonable doubt that you never had anything to do with crime (flipped from presumed innocent - its basically government-sanctioned-organized crime), and US Boarder Patrol Agent kidnapped and Raped an illegal immigrant... I could probably write a book on crimes committed by people in a position of trust and power. Which incidentally is why we have the second amendment to start with.

Before you get cocky and give the guns only to "your allies", make sure your allies are actually on your side and can never switch...


Re: You can't legislate evil out of society

"...For those who don't understand a gun when misused is just a convenient device for those who want to harm other people.

Harming other people is the primary function of a handgun, so "misuse" doesn't really fit..."

Except you're cherry-picking... >>Legally<< fatally harming other people IS the primary purpose of a described "self defense" weapon, not ILLEGALLY harming people. It is actually legal to shoot and kill someone even as non-law-enforcement in the United States, and as such many guns are sold specifically for that purpose, and so they must be effective at the specified task to be readily sold. Some guns are made for hunting (i.e. semi-automatic rifles with big scopes that are easy to reload), some exclusively for target practice (double barrel shotguns aren't much use in combat). Those are legal activities that don't include murdering people. So shooting a person without a lawful cause, using a hunting rifle to kill people listening to a country concert, or using a trap/skeet shotgun to kill your wife or neighbor is by definition a "misuse".

In this same way, I can't think of a single vehicle which is designed to be driven by a drunk driver or used without insurance, all road-going cars are designed to be driven by a fully alert and properly licensed and insured driver. The act of doing so is illegal, though we enjoy the legal usage of the vehicle more than 99% of the time.

Painting a bike with a can of spray-paint is what a can of spray-paint was designed for, snuffing the propellant to get high is a misuse.

Raising sheep for wool and meat is why we do with animals, having a go at one stuck in a fence because one is unable to get a date is a misuse.

So yes, "misuse" does actually fit, as murder, man slaughter, and maiming is actually illegal without just cause, which would make it not murder, man slaughter or maiming... (as legally defined). I can't honestly recall the last gun ad I saw where they said: "bully whacker 1000! It's the perfect gun for shooting up those b@s+@rd$ at your school!", or "Is your life a B*+c#? Our new brain blaster is your exit to the easy afterlife... and you can take your family with you!"

I know it's distasteful, but I see this avoided all the time in gun control arguments and I need to point it out clearly - killing people can and in several clear and logical cases MUST be legal in order for the vast majority of us to enjoy Life, Liberty, and the Pursuit of Happiness... and unless the existential threats to that belief goes away, you can't get rid of the 2nd Amendment and thus arms/guns have to stay. Heck, even the Met has an armed unit due to that knowledge. If we genuinely believed all threats from all sources were gone, there would be no standing armies or police - or laws for that matter, as their very existence belies that we don't trust everyone do know or do what's "right".



"...The NRA didn't really squash research, except for by the CDC. Yes, the Centers for Disease Control..."

Yes, that very same government agency that disapproves of listing medical malpractice on their top 10 causes of death list as it would knock murder/suicide right off the list...


"...Change the Constitution to the right to bear cocks so you can have a pissing contest up a wall where the worst thing that can happen is wet shoes rather than dinner plate sized holes, blood everywhere and death..."

Until our government who then no longer need fear its people's beliefs does what it pleases and then we have 1930's Germany... Or 1770's England, or more likely China just coming over here as saying it was always part of China and "they want their stuff".

Enshrined in the constitution, the first 10 amendments are known as the Bill of Rights, which are the things we believe are fundamentally required to support our ability as stated in the Declaration of Independence:

"...that whenever any Form of Government becomes destructive of these Ends, it is the Right of the People to alter or to abolish it, and to institute new Government..."

Good luck throwing off that government that has become unjust and tyrannical when that government is the only ones with the guns... There are some who say we've about reached the point where we are due for another revolution - one example case being a couple in Missouri who are at risk of 20 years in prison and a ~$200K-USD fine because they didn't plant 50% of their yard in grass (which the home OWNER is allergic to), and it's an ordinance that was passed after the yard was landscaped with a maintained natural garden. The federal judge threw their challenge out as he "didn't see anything wrong with the fine and prison..."

I'd like us to avoid a revolution in my lifetime, but there are some people in this country who just can't help themselves but screw with the laws every year until everything is illegal in some form or another in the interest of changing the country to suit them (rather than all).


Re: "in the 1930's semi-automatic pistols became more common and cheap"

"...Actually, it was WWI to make the machine gun cheap and available. US had in the 1920s one of the worst periods of violence, facilitated by gangs shooting at each other with machine guns - like the Thompson - not semi-automatic pistols..."

Right but you have to separate that surge from the general trend as that spike was due to an obvious cause: prohibition. Make something illegal, and there will be money to be made in selling it illegally anyway, and that caused organized groups to form, who then fought each other. In fact, we learned that lesson so well, that we repealed prohibition and the organized crime stats crashed again. We also got the FBI out of that period, and the beginnings of the CIA.

Duwe did a fabulous job isolating what he terms "mass public shootings" from other types of shootings - if you wanted to lump all types of shootings in there, for example we'd have the Civil War battles (over >600K dead) and the Native American Massacre (millions, estimated, dead - 4K just in ONE Cherokee "death march" along the trail of tears) at the hands of the US Army in the mix - which would make every mass public shooting since 1900 look like a warm gentle Sunday brunch by comparison.

Again, individual murder, and the fraction of that which can be defined as a mass public shooting has not appreciably changed in over 100 years, merely the weapon has - and removing that weapon will have the same effect it had in other locations we've observed empirically - the killings would simply switch back to other means. And you're still statistically likely to know your killer by over 80% if murdered or mass-killed. The biggest effect on spikes over that 100 year sample in the USA was socioeconomic influences.


Re: Of all places

"...Here in Canada you cannot just walk in and buy an assault gun over the counter at your local Walmart store..."

We can't either here in California, but this was a pistol - so what's your point?

Of course you can't legally call a transgender whatever by whatever pronoun they don't like either - and good luck knowing that beforehand! How am I supposed to know that 6'5" muscular thing in the corner of a bar with a full beard and chest hair expects to be called Mary? Out here in the sane world assuming that is more likely to get your face punched in... I'll stick with the Bill of Rights thanks, keep your flavor of crazy up there. ;-) Cheers.


Re: Of all places

"...Let's keep in mind that the NRA... ...It's an industry lobby body primarily representing companies that make more profit the more guns are sold. This made it worth their while, for example, to donate $30M to Trump's campaign..."

Well I call B.S. on your $ number for Trump Campaign donations. The various non-partial sources I've found (like Politio/Politifact) show a varying number from $4.7-5.9Million spent across donations to all republican candidates (yes a majority to Trump). What you are confusing is direct donation versus "benefit". They spent over 200 Million in lobbying and other actions which benefited Republican candidates.

I think it should be noted however that of gun owners in the USA, 60% are Republican - so finding that the spending of a Gun safety and legal advocacy organization is primarily on Republicans is not a shock. When you have a bunch or Republicans with decision making power on how their money is going to be spent, you will (feigning shock) find that they spend it on themselves - not Democrats (though they did spend about $10K-USD on Democrats in 2016).

It's also worth noting that the NRA collects most of its funding from individual donors in small amounts - there's just a lot of them (keep in mind not all of the approximately 10 Million donors are registered members). That's still about 4% of the voting age population in the USA, or nearly one person out of 20 adults in the country. This should give you pause if you berate this group publicly when around 20 or more people as you are statistically likely to offend at least one of them - and they probably won't tell you to your face.

Also keep in mind that a lot of NRA members are Cops and professional Soldiers too. Are those really the kind of groups you want and need to upset while not armed yourself? Those are they people everyone says they want to have the guns, I for one don't think they are the perfect prototype for a responsible gun owner however...

All of this is moot however to this story - the NRA didn't demonetize this lady's channel due to some dystopian AI-Algorithm which viciously determines what content is potentially offensive to at least one inconsequential person on the planet (*cough* YouTube), and the first people these S.F. Bay Area geeks called when someone who didn't like them started shooting at them for their totalitarian dictatorship practices, was more people with guns - and those who statistically probably mostly NRA are members...



Re: Of all places

"...For instance Australia made many firearms illegal and removed them from circulation... ...And no more mass shootings to date..."

Funny, my Aussie friends and family say the reason for this is due to politically motivated under-reporting and reclassification of what is labeled a mass shooting - kind of like what we did here in the USA but the other way. Now we call one person shooting three others (rather than 4 or more) a "mass shooting", and the Australians need at least 6 for something to be called a mass shooting. Not exactly a level playing field to declare Job Done IMHO...

Grant Duwe has a study of mass murder from the 1900's on to the 1990's in the USA and (paraphrasing) showed that the rate of mass-murder has not appreciably changed in 100 years, even though the weapons changed (in the 1930's semi-automatic pistols became more common and cheap - thanks WW2 for the weapons development). It basically shows what we have empirically observed from recent international attempts on gun reduction - mass murders are only a small percentage of murder in total, and the weapon used follows a similar distribution between mass and simple murder. Changing access to various killing technology/means has no observable effect on the murder rate in total or the basic fraction of mass-murders relative to simple-murders.


Re: 'Well for a start I'd ban religion'

"...The US constitution has been amended dozens of times before so no reason why that couldn't happen..."

Well, not recently it hasn't - and the amendment process is littered with failed amendment attempts in the last 100 years alone. Heck, we couldn't make Washington D.C. a "State", have never ratified the Child Labor amendment, or the Equal Rights amendment. The problem is that touching the Constitution requires an essentially undivided national opinion to get passed - 2/3 in The House, 2/3 in The Senate, then 3/4 of the states (38 out of 50) must ratify. Last thing we states agreed on that much was for blocking Congressional pay raises until after they NEXT election (those greedy bastards!!) - and that sat over 200 years before it was ratified... Gun control is not the kind of thing some rabble rouser president with an optimistic agenda is going to "go to Washington to get done"...

Did the FBI engineer its iPhone encryption court showdown with Apple to force a precedent? Yes and no, say DoJ auditors


Re: Excellent article, but one (important) niggle

"...The iPhone in question was owned by the county, not the perpetrator..."

Indeed, >>almost<< every issue the government had either before or after a "tragedy" reported in the last few years, could be traced back to someone in government not doing their job effectively even with the extensive tools they currently had at their disposal. In this case, the local government's I.T. hadn't set up the phone correctly before they issued it, so they didn't have their own access path to the data.

Texas Church shooter got guns because an Air Force paper pusher didn't push all their papers, Florida school shooter wasn't investigated by the FBI or the local Sheriff after recommendation by the the School Resource Officer who noted the troubled kid...


"...The NSA has their OWN chip-fab to make the new chips!..."

You do know that you don't need a fab to be able to plug something in which you control... In the commercial design space, Cadence has an entire business unit dedicated to producing retail emulation devices (https://www.cadence.com/content/cadence-www/global/en_US/home/tools/system-design-and-verification/acceleration-and-emulation.html). When I worked at a Silicon Valley GPU company, they had a Cadence emulator about the size of a minivan which would plug into PCIe slot and emulate the fully code complete GPU (albeit at a reduced clock rate). Simply changing the connector and the code loaded would emulate something completely new on the same hardware.

Once you reverse the design into RTL, you can pwn it in physical. And BTW, reversing IP is the first step in figuring our the applicable vulns, so it's a necessary step they would be doing already.


Re: No right to conceal information

"...There is no way to read the original court order to imply that it asked for anything remotely resembling a "universal skeleton key (like the TSA locks on luggage)..."

The problem with this viewpoint is the lack of understanding of how technology is made - the phone does not have a UNIQUE encryption technology and implementation on it, every phone of that model with the same software has the same encryption. It is merely the unique information the USER possesses in their head which makes the local data inaccessible to anyone else. Thus "breaking" one so that you no longer require the unique information which blocks access to the data, means you have broken all as a result. And a single key which accesses all locks is: a Skeleton Key.

The proposed technical control of locking it to an IMEI or serial number is not effective, as the encryption does not rely on the IMEI or serial number to access the data. The control is like proposing that in order to smash a neighbor's front window with a hammer, you first have to buy a flower pot to put in you own front yard. We rational people people understand that the flower pot being there or not has no effect on your ability to pick up a hammer and smash a window - you merely need access to the hammer and the window...

This is shown by Apple stating that the encryption system they implemented was designed around the user having the correct key/pass-code at the time of data access. Apple's argument was simply that by authoring a piece of software that would generate the correct key without the memory/information contained in the user - would require circumventing the fundamental test that a user of the encryption scheme be the exclusive holder of the knowledge - which would EFFECTIVELY be a skeleton key, as user(s) and their unique knowledge would no longer be required. This would also mean that once that tool was generated, its USE would be solely constrained by the integrity/honesty of the possessor of the tool. So, writing a piece of software which relies on the integrity of the end-user is in itself a hazard to all users. Apple went on record to say even that they didn't want the responsibility to state that their own employees were 100% honest in its use, when the government suggested that Apple write and then keep charge of the tool. One trust failure would result in that control/trust being rendered permanently useless. Anecdotally, the NSA can't even keep track of their own tools, so how could one presume to think that an overworked, underappreciated tech employee who can move companies several times a decade wouldn't EVER make an error?

We are intellectually honest in understanding that 100% of people are not 100% honest 100% of the time, so the correct decision in the case of this question is to not make that tool. In fact, this report by the FBI suggest that even within the FBI there is a concern that certain invested parties may be suffering from a, let's call it a "deficiency", of necessary integrity to ask for the very tool requested.

This is the very argument against the politicians asking for putting in a back door to start with - one cannot guarantee that the end use of such a backdoor will be either honest or lawful, but once it's available, there can no longer be any such external control. Thus once the tool is even written, the system it circumvents MUST be presumed insecure by definition. Criminals already break laws, so why would we expect them to be honest with the use of this "vulnerability"? Since there would no longer be a publicly-auditable need to sue for or ask for assistance from the manufacturer, and access with the tool or backdoor would not leave a public trace, what incentive would governments have to constrain their use of the tool for honest lawful purposes? 100% of all people are not 100% honest 100% of all time, so why would one be so naive to attempt write a backdoor/tool for use by people?

If one still think that a backdoor in an encryption algorithm is possible for a system designed to have one way for data to get in an out, then one simply hasn't thought it all the way through...

Linux Foundation backs new ‘ACRN’ hypervisor for embedded and IoT


So more proprietary than Jailhouse?

Yet another attempt by Intel to smear thier legal feces all over the computing world, and seemingly more frequently - at the expense of non-proprietary offerings by other vendors. Jailhouse by Siemens already does this, and is not locked to x86 or Intel's hardware...

I'll bet they are touting novel security, but also don't want to open up the codebase for public inspection. ME and Intel proprietary "security" all over again - but now they want to do to IoCrap and automotive what they've done to the datacenter.

Ladies and gentlemen, I give you the most prolific advanced persistent threat - Intel. SMH.

'WHAT THE F*CK IS GOING ON?' Linus Torvalds explodes at Intel spinning Spectre fix as a security feature


Re: The bug is better than the buggy fix !!!


>> neither Meltdown or Spectre is much of a threat to a home user

> No idea about Chrome, and even less about IE.


Chrome 63 added a test feature one needs to turn on called Strict Site Isolation (https://support.google.com/chrome/answer/7623121?hl=en), and Chrome 64 is going to address Meltdown/Spectre formally for all users, a version which should be released any second now... (they said the 23rd of January, which I note is today).


Re: I Remember When...


>> Still waiting for AMD, Microsoft, Apple, and Linux to announce that they are

>> discontinuing x86 development

> This isn't an x86 problem, its affecting other CPU architectures too. Aren't

> Sparc and IBM's Power chips also suffering, some ARM CPUs are


Correcting: "it's not an x86 problem" ONLY. My point is the x86 architecture is still around because after Intel got clobbered trying to release Itanium before the software industry was ready adapt their software to new architectures - they learned that legacy compatibility is a "YUGE" selling point (I'm mean it's going to be big, beautiful - the best!), and basically have stuck with that at the exclusion of all else. If I've understood the entire Core series at all, it's not actually x86 anymore anyway - the "microcode" everyone talks about is the low level emulator software they run on a much more flexible hardware layer to look and act like an x86/amd64 processor. This is one of the reasons they don't like getting rid of ME, as it's effectively guarding the crown jewels of the actual hardware layer.

I'm not saying Itanium was necessarily a bad architecture either - just very poorly executed when brought to market by Intel management.

Nowadays, we don't expect software that's compiled for say x86 to run on ARM, but the base code and functionality will work when compiled "just in time" (install-time or run-time). Linux is a great obvious example of this, Perl, Python, etc... After IBM pulled the PowerPC rug out from under Apple, the market got a taste of a large seemingly unkillable staple of the tech industry suddenly disappearing - so that had a different effect than simply introducing a new arch.

The difference went from "Why a new standard/arch when it works now?" to "Oh Snap!! We need to move to a new standard/arch or we'll have to close the doors!!!"

I'd like to see a vendor like AMD take on a RISC-V processor design since they own graphics IP (one of the sorely missing things on RISC-V CPUs). They are already huge on "Open Source Standards", and if I can be a bit facetious, they love to half a*se their documentation and let the community figure out what they did (or meant to do) and write the software by themselves without any useful support...

At this point in semiconductor history, I just don't believe a single company can employ enough people to design a CPU architecture well, or catch all of the design flaws in their ISA. AMD hitching their wagon to a horse like RISC-V, which has been looked at and worked on for years and years by some of the best minds in academia and tech, would be a no-brainer IMHO.


Re: I Remember When...

> "...lawyers are dictating your responses to ensure the lowest possible liability to Intel..."

This. I'm absolutely certain this is what's happening, and I'm sure there are a lot of big Intel customers who are thinking the same thing who are not happy with Intel planning on the service providers or end-users holding the bag for their sins.


I Remember When...

"It's a feature not a bug" was a quiet joke among engineering groups in tech... not a serious product marketing plan that made it into the "wild". Those were the days right?

Still waiting for AMD, Microsoft, Apple, and Linux to announce that they are discontinuing x86 development - someone else is going to have to put them out of their own misery, Intel's people aren't smart enough to fix this themselves (either through inability or lack of vision), and wow are they a boat anchor on the entire industry...

In Soviet California, pedestrian hits you! Bloke throws himself in front of self-driving car


Haven't been to SF El Reg?

"...Drugs or alcohol could just as well explain things..."

I propose rather than drugs or alcohol being a factor, it was just a typical Wednesday morning... I'll bet they didn't call the police because that person after striking the car immediately returned to the sidewalk, removed their shirt, and began yelling at a trash can for being an ar**hole.

Really, the locals in SF are sometimes a sight to behold.

Drone perves defeated by tinfoil houses


Re: Arm Laser Turrets!

> "...And if you don't use a laser strong enough to actually damage the camera, there is nothing anybody could sue you about; AFAIK there is no law against shining lasers on drones hovering over your garden..."

With people's luck today, the dazzler laser would have enough range to point at a passing jumbo jet - pretty sure that's illegal. Most people who aren't trained to shoot guns around people aren't aware of the concept of ballistic backdrop... ;-)


If your house has SmartGlass on it, why not take the time to actually detect the drone, and then automatically opaque the windows?

Seems like a few upwards facing cameras with very wide angle lenses and an electronic iris, should be able to detect a drone or birds - and classify if the object is loitering or flying past for simple classification. Then piggy back that with some SDR radio direction finding (https://www.youtube.com/watch?v=8Wzb1mgZ0EE), and you should be able to further pick out if that "bird" is emitting radio waves...


> How many people are actually monitoring extra wifi streams anyway?

Depends on the person and their circumstances. I live in an apartment over a coffee shop and a restaurant. After my wireless internet slowed down, I started looking at my AP's access table - I found a few devices that didn't belong, and I had WPA2 (but no RADIUS or equivalent). So I added two more commercial APs, wrote a tool to take the RSSI from each antenna and triangulate the location of the radio into a 3D volume (in addition to the other network hardening I did). I found that the tables outside the coffee shop were getting used by a local geek to try his circumvention tools. I retooled my network routing/partitioning to isolate him, making him think he was getting on "free" (stolen) WiFi as usual then redirected every outgoing request to a local copy of: https://www.youtube.com/watch?v=dQw4w9WgXcQ

That slowed him down for a day or two, so after that I, had my wife record "HEY!! ARE YOU WATCHING PORN?!?!?!" and I play that audio file in embedded in my warning page now for every client that shows up outside my apartment volume. Haven't seen that 90's silver VW Golf or the heavy-set unshaven guy who drove it and sat outside the coffee shop with his laptop in a while now...

But, I did recently see in the logs a WiFi AP appear airborne across the street from me, at the city park - where it's illegal by city ordinance to fly a drone...

Point is, just because YOU aren't watching the extra streams, don't assume nobody else in the world is or that there isn't a good reason in general for people to be doing that at all.

Boffins split on whether Spectre fix needs tweaked hardware


Meltdown is not comprehensively protcted agaist.

@El Reg "Meltdown = job done" is a BS thought right now. Even if Intel managed to develop a micro-code workaround to the design flaw, at boot this requires a BIOS flash to achieve. Good luck finding a vendor who is going to dust off the tempermental leased Intel development platforms to give that a try for every motherboard SKU they've released in the last 10 years... from my experience, Intel tells vendors to sod off after the first year of release, especially if there's no new money in it for them.

Then there is the issue of Specter fixes, pushing the fix burden on software people is a fantastic way to get software people to hate your living guts. At the OS level the vendors are probably finding out right now that even they didn't fully understand all of the use-cases, and that's probably where we will get the drawn out reporting of major slow downs. It'll take a while for the individual application software vendors to touch their code again to optimize around the new kernel controls, so this story will linger for 5+ year IMHO.

I'd wait the cast >final< judgement on the impact of the Meltdown/Specter bugs until the second fiscal quarter well after Jan 1 2018. By then you should be able to see Intel making stock charges to hold reserves for lawsuit settlements, machine performance contract breaches at the larger datacenters, and hits from the various computer manufacturers.

Here come the lawyers! Intel slapped with three Meltdown bug lawsuits


Re: timing attacks

Reducing timer accuracy will mean you can only fire events on more coarse intervals, which would necessitate a slow down (missing an event at a near time slot would mean you now wait much longer for the next) - and let's be frank, while the "impact" may not be felt on the local client machine's CPU, most of us home bodies are touching something on a VM or a database in a datacenter over a network, so IMHO we will actually feel it at the screen. Even if just subtly. I believe yes, the datacenter people are going to spend most of their time talking up how there is no security impact, and stating that the performance slow-down is "moderate but your mileage may vary" (about as non-binding as they can get).


Re: We have only ourselves to blame

"...If we had all done 64 bit properly with Itanium like Intel told us to we would not be in this situation so really it is our own fault for following the cheap and simple AMD64 route. We made Intel f**k up..."

The market had built itself around x86 and Itanium would have broken compatibility rather suddenly, leaving a CPU without any software. AMD's x64 extension to x86 was easier for software people to get on board with while they evaluated their life choices on code management. When PowerPC shortly thereafter stopped getting produced and ARM came along a lot of software companies had a bit of a come-to-Jesus moment about how fragile the CPU sector could be and realized that a bit of code-base agility was the way forwards.

Of course this whole time, Intel learned the exact opposite lesson - rather than still paving the way forwards with new clean and well though out ISAs, they reacted like a dog that got tazer'd and really dug-in to the trench of "Hey look! x86 is still compatible with all of your code!!! Don't think about any other ISA!!! EVER!!!" See KnightsCorner/Ferry, etc... They even dabbled in Arm for a bit with the XScale stuff, but never really wanted to impact their server/desktop market with that. Now Marvell has taken that business unit and run with it.


Interesting about RISC-V, I'm on the mailing list for that, and I'm pretty sure with my vague cursory eavesdropping that RISC-V would at least be susceptible to Specter - though they are actively brainstorming on how to eliminate that possibility at the metal layer. The thread is in the ISA-DEV list, with the subject "Discussion: Safeguards on speculative execution?" For those who want to play along at home.

Even the RISC-V ISA guys are still contemplating the entirety of the vulnerabilities, with many "solutions" put forward for simpler work-arounds only leading to new attack vectors - so it makes me wonder how Intel's PR people can stand out there and say Intel CPUs are effectively immune to Meltdown and Specter after this simple patch (which many companies and most end users will never upgrade to - and that so far doesn't include any microcode changes, and no one seems to offer a good reason why that would even work). Answer is probably simple: "because they are paid to".

Lesson, know who is paid to lie to your face for profit, then look elsewhere for answers. ;-) Major kudos to El Reg for the un-spun distillation of the Intel Press Releases article.

Sigfox doesn't do IP and is therefore secure, says UK IoT network operator


Re: @ Pascal Monet "Sigfox's proprietary protocol"

"...You don't know that the argument of 'security thru obscurity' is the case. While this may be true, it may also not be true too... ...Since they claim its proprietary we don't know for sure..."

By the very fact we can't know, that is obscurity, so in this case proprietary = obscurity. It would be better if they said "we use a peer-reviewed encryption protocol based on well-vetted libraries".

"...Having said that... more than likely they cobbled something together that's utter garbage..."

I think you'll find that like the LoRa stuff we've seen at Blackhat and Defcon, there's already enough interest out there in hacker space, that someone has read this PR blurb and said "Challenge Accepted!" which will be followed shortly by a new talk and the stunning realization that the encryption was baked into hardware and can't be changed easily.

Intel finds critical holes in secret Management Engine hidden in tons of desktop, server chipsets


RE: No, SPARC is open source. There are two companies that make SPARC chips, Oracle and Fujitsu.

You... may want to take another look at that partnership - Fujitsu is not totally independently producing SPARC processors, or modifying the ISA they way they feel like it. It's more like Fujitsu is a glove and Oracle is the hand inside it - and the tool the gloved hand picks up is more or less Oracle-only software... Kind of makes my point actually - like the MySQL fiasco, and the ongoing Java saga. Because Oracle own the copyright to SPARC, MySQL, and Java - they can and in actuality have the right to do whatever they want with the license at any time, which gives them an enormous amount of power over the users of those items. Just look at how hard Oracle has been going after Google for Java, it's a valid risk having that hanging over one's head.

Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign


Re: NSA specific bug?

> I have to wonder if this wasn't something that the NSA insisted get put in under the whole umbrella of "National Security".

No, No.... you don't get it. The NSA doesn't need to "put things in". The Clipper Chip demonstrated to them that if they applied themselves a bit like they do with TEMPEST, they could find the stuff idiots put in themselves, and just get back to work reading things plain text. As "idiots" who didn't work for the NSA were able to crack the protections. This demonstrated that their adversary was more technically capable than they expected themselves to have to be.

In the computer world companies are pretty well matched on what they can do within a given instruction set architecture, so they have to find ways to "cheat" more performance out of a given ISA in order to get their competition over a barrel. There is an engineering axiom "You don't get ANYTHING for NOTHING". What we have here is the problem being improperly constrained from an engineering standpoint - someone said: "Let's get more performance without using more power or area on the die." Nobody said: "Let's get more performance without using more power or area on the die, and without impacting security".

It's a common theme seen all over tech that security is considered an after-the-fact-add-on, rather than integral to the design. The NSA knows that, and they can demand the full documented ISA from Intel and we'd never know it - the government are also not obligated to inform Intel of any problems found. Kind of like the FBI doesn't need to tell Apple how they cracked those phones after the terrorist shooting. They can just quietly go about their jobs and no one needs to be the wiser (one of the reasons I wish the FBI would just shut up about the encryption back-door thing). I think these agencies talk too much for their own good.


Re: some systems that will have a much worse impact

> Hmmm. Does this mean it will have no impact at all on my WinXP virtual machines on ESXi 4, because (apart from the fact all components are out of support), wasn't this context switch on every interrupt the reason XP ran so crap on ESXi 4?

If you're running an ESXi that old and an OS that old, it doesn't sound like "patching" is in your world-view, so yeah it wouldn't "impact" you more than knowing your system is more vulnerable today than you knew it was it was yesterday. ;-)


Re: Counting chickens?


> The information in this article appears to make a point of it being of greatest impact to cloud virtualization, though the writing is so convoluted, I can’t be positive about this.

Imagine you are running your company's data sharing with manufacturing in a cloud hosted server on shared hardware. This bug basically means that if any other service run in user-space on the same shared hardware had the code required to poke at the kernel, it could bypass ALL virtualization boundaries and take ownership of the whole platform at Priv-0 level. Essentially, if this bug is not quashed and RAPIDLY, the entire virtualization market on these Intel platforms is at risk - as well as the sanctity ad security of the data currently trusted to this market.

> Keep in mind, syscalls have to go through the kernel...

Yeah, and now imagine that you have to stop everything that needs an interrupt so the kernel can lock down and handle kernel level operations while the rest of the user-space tasks sit there and twiddle their thumbs... every time this happens. That's potentially a 5 millisecond hit every 15 milliseconds, and that's where the potential of the performance impact lies. Systems that have a kernel-level VM handler running at Priv-0, will have to UNLOAD anything belonging to a less privileged worker so that it can flush the speculative cache, then handle the kernel task and flush again to continue with the VM guest tasks.

There are some systems that will have a much worse impact than others, for example machines that run over-provisioned guest VMs that need to share a common resource pool will be impacted more during the VM switching (reduces the value of each VM host), machines that run VoIP bridges have a 125uSec interrupt for analog sample-to-packet timing. Machines that do anything with a physical serial port will trip interrupts constantly.

> I think Intel is handling this well so far. They have insurance plans in place to handle these issues and although general operating practice is to wait for a class action suit and settle it in a fashion that pays a lawyer $100 million and gives $5 coupons to anyone who fills out a 30 page form, Amazon, Google and Microsoft have deals in place with Intel which say “Treat us nice or we’ll build our next batch of servers on AMD or Qualcomm”.

Well you may be bitter and think that your buying dollar (or Krone), doesn't provides any power anymore, but the truth couldn't be farther from that. Yeah, so you're aware that Intel will slime their way out of it, that has a PR cost. Yes AMD has CVEs, but I can't recall them having a Pentium 90 math coprocessor issue like Intel, a SATA failure like SandyBridge, a Floating Point bug that needs to be fixed in SW (by third parties), a Management Engine that can't be turned off that leaves systems exposed unless you stop feeding the system power, and now this cache accelerator bug that can adjust performance numbers down to 0.66% of the advertised specs under the only SW fix available (again done by third parties). I'm also aware that the tempo of fairly embarrassing problems are increasing, so if I were a person building a system and saw an increase in the level of ineptitude from a multi-national company, and they only left me with a stack of paper to fill out for my $50 and a still broken POS system that 30% slower than the day I bought it, I'd be so jaded I wouldn't buy their crap any more (and I wouldn't be alone).

If I worked for the Intel PR team in the EU, the first thing I would have thought when reading this article is "uff da..." Even Apple can't get away with a known design flow affecting the product near the end of the design life - see their battery fiasco as of late. Allowing your lawyers and your insurance to cover your screw ups only works a few times... Personally I foresee an investor meeting where someone's head is going to need to be offered as a result of the stock price hit.


So Intel ME is broken, and the VMM is broken, sounds like Intel completely forgot how to make CPUs while they enjoyed their market dominance - probably a good time to switch out to Power or take another look at AMD again IMHO.

Open-source civil war: Olive branch offered in trademark spat... with live grenade attached


Re: The most disturbing thing...

Those trademarks are obtained just like websites, and represent the "public face" of a group. Certainly you understand the risk to facebook.com in there being a faecbook.com that does social media also - and it would be like the senior IT people of facebook.com starting the new company. I worked in consumer electronics, and I can attest that having a product similarly named is a practice a shady company will do to ride the coattails of a competitor. Nothing like racking your brain on the phone with a some panicked installer trying to figure out how he got the software options in the menu that don't match any of the release software, and why it won't even do some of the basic functions it's supposed to - then the email with the picture comes in, and the product isn't ours, but even the product Industrial Design and the remote control got copied...

Just because you're a fake product expert doesn't mean that someone (even a smart person) while under duress is not going to notice the difference. And then there's the other end of the bell-curve...

I've been following the back story to these two groups and talking to others who are closer to both parties, and I personally side with SFLC (the original group).

That was fast... unlike old iPhones: Apple sued for slowing down mobes


Re: Or, shocking thought...

You are presuming they didn't consider the operating life. If a highly technical firm like Apple has to slow down the phone due to admittedly engineering-understood battery limitations in models as recently as the iPhone 6, doesn't that elude that they they expected the product life to be short? They could have managed the battery life issue better following experience gained from iPhone <6. Either way I see Apple getting their @$$ handed to them. The lawyer will ask the question "What is the product design life?" No matter how they answer that question, Apples loses IMHO. "Oh it's two years maximum" = PR disaster as people would be finding our from the horse's mouth they are paying nearly a grand for a throwaway product - doesn't matter if it's made of gold if you're throwing it away after a few years, only the upper 0.01% can afford to do that on a regular basis (ah, thanks Instagram for showing us that). Or "It's expected to last a minimum of 5 years" = product defect = payout + PR disaster. There are basically two ways how that can be answered "We are shady/dirty" or "We are incompetent" with various mixtures of those two answers in the middle.

Personally I think it'll end up that people will be told that any phone only has a design and market life of 2 years. Screens, cameras, cellular technology, Bluetooth revision, connectors, etc... which all make the foundation of a mobile device - change too fast and too frequently for a product ecosystem to really exist around a single design anymore. An $800 phone sounds terrible, unless you are having a cell phone company subsidize the phone with higher contract costs spread over two years, at which time you'd be able to upgrade to the next device while continuing your carrier lock-in, a carrier that gets high enough turn over they can use the excuse that the minority to hold on to their old stuff are no longer supported as they are running obsolete radios... Causing the rest of their customers to have to re-buy-in. I'm not optimistic enough about the world to believe that companies aren't collaborating on this stuff off the record outside the reach of regulators, there's just too much money at stake for there not to be anything underhanded going on IMHO.

Intel Management Engine pwned by buffer overflow


Re: Insecurity by obscurity

> [...] There is no silly naive "once someone figures out how to understand what you are doing, your logical mistakes will become very public".


That can only happen thru spies.


Competitors and governments secret agencies are behind these black ops.

I think you are giving WAY to much credit to the large pool of lazy inept software engineers employed in a wide distribution of jobs in tech who make the lives of the energetic properly skilled and qualified engineers lives hell. You must not also be a frequent reader of The Register either, software exploits and bugs are a common problem in tech, and very widely reported. Don't believe me? Look up "CVE Reports" on Google - those reports in the system are just the ones that were honestly reported to be corrected. You don't hear from spies about spies' work - they typically play that stuff close to the chest and don't tell anyone as it would make their job harder.

When you get down to it, a machine that runs machine code has to keep it somewhere for it to be ready to run. If you can figure our what the instructions are, then you can find the mistakes.

If all you do all day long is look at C++ code and you put a === where there should be a ==, you aren't likely to see that without help (rules checker, good compiler, third party, etc). Making mistakes is easy, getting it right is hard - humans make mistakes.

And as someone who works in Tech, I can tell you that if a piece of code or logic "reasonably approximates intended functionality", there is little incentive to revisit it unless a problem is found that causes a manager somewhere with task scheduling power some grief. If you then hide your code and refuse to publish the specifications for any peer review, you are only delaying further debugging by an adversary, not preventing it. The adversary will never care about honesty or rules or damage, imagining they do care is security suicide.


Biting the hand that feeds IT © 1998–2018