W.O.O.D. – 3 January 2018

This is another of the W.O.O.D. series of semi-regular
Weekly Occasional Open Discussions.
(i.e. if I forget and skip one, no big)

Immediate prior one here:
https://chiefio.wordpress.com/2017/12/24/w-o-o-d-24-december-2017/
and remains open for threads running there
(at least until the ‘several month’ auto-close of comments on stale threads).

Canonical list of old ones here: https://chiefio.wordpress.com/category/w-o-o-d/

So use “Tips” for “Oooh, look at the interesting ponder thing!”
and “W.O.O.D” for “Did you see what just happened?! What did you think about it?”

For this week, it looks like there’s ANOTHER significant security issue involving Intel CPUs (64 bit from the last decade). Discussion of it started on the December TIPS page. It isn’t likely the particular mode of attack will show up on regular user’s desktops, but it is a major risk to large operations (data centers, companies, “Cloud” providers). Hits Linux, MS Windows, and who knows what others as it requires an OS patch to fix the hardware mistake.

H/t to “Mr. Wonderful” for that here: https://chiefio.wordpress.com/2017/12/06/tips-december-2017/#comment-89960

Those of us using ARM Chips are unconcerned… (so far at least). It also looks like AMD chips are not at risk.

Iran is having some kind of melt down (h/t Larry! here: https://chiefio.wordpress.com/2017/12/06/tips-december-2017/#comment-89826) and I probably need to see if it is being crushed or succeeding. Updates appreciated.

The Spouse informs me that the penguins at the Calgary Zoo were brought in as it was too cold for Penguins… (So much for “Global Warming”…)
https://www.thestar.com/news/canada/2017/12/31/calgary-zoo-decides-its-too-cold-outside-for-penguins.html

How cold is it in Canada? Too cold for penguins, Calgary Zoo decides

The zoo brought its king penguins inside after a cold snap pushed temperatures below -25 C.

Most of the Eastern half of the USA had a Jolly Frozen Christmas and an Icy New Year. (The West Coast being on the other side of the meridional flow were comfortable, so that made the Warmista News…)

And finally, welcome all to a new year, 2018! Be sure to double check the dates you write on checks and other documents, prepare to be surprised that it is this far into the next millennium already (wasn’t it just a year or two ago we had the Y2k Bug panic?…) and remember that if Global Warming Predictions had been at all right, we would be semi-tropical to the middle of Canada, and we are not! (only a little /sarc;)

Subscribe to feed

Advertisements

About E.M.Smith

A technical managerial sort interested in things from Stonehenge to computer science. My present "hot buttons' are the mythology of Climate Change and ancient metrology; but things change...
This entry was posted in W.O.O.D. and tagged , . Bookmark the permalink.

106 Responses to W.O.O.D. – 3 January 2018

  1. E.M.Smith says:

    @Glenn:

    We’ve already got some discussion running on that from the December Tips page (and now showing up on the Jan Tips page even though I’d kind of pointed the discussion to here in the posting text above).

    So some fishing about to get the whole story required for folks reading now….

  2. E.M.Smith says:

    Well, it looks like timing your news cycle is everything.

    Back from their New Years Hangovers the MSM are finally covering the Iranian protests.

    Unfortunately, it was just in time for the government sponsored counter protestors to hit the streets. This has Reuters reporting that “after 6 days of protests pro government demonstrators are out in force” showing nice video of the government supporters… Same thing on Al Jazeera. Same thing on, I think it was, Sky News. Same thing on… so it goes.

    So if you are going to have a revolution against a dictatorial regime, don’t start it during a major drunken holiday or on a weekend… The US MSM are all out drinking…

  3. Larry Ledwick says:

    Moving the conversation of the speculative processing problem over here, sorry EM missed that, I was posting before the new WOOD thread was seen by me.

    Cert just put out an alert at 01/03/2018 10:15 PM EST

    US-CERT

    Meltdown and Spectre Side-Channel Vulnerabilities
    01/03/2018 10:15 PM EST

    Original release date: January 03, 2018

    US-CERT is aware of a set of security vulnerabilities—known as Meltdown and Spectre—that affect modern computer processors. Exploitation of these vulnerabilities could allow an attacker to obtain access to sensitive information.

    Users and administrators are encouraged to review Vulnerability Note VU#584653, Microsoft’s Advisory, and Mozilla’s blog post for additional information and refer to their OS vendor for appropriate patches.

    US-CERT is not aware of any active exploitation at this time and will provide additional information as it becomes available.

    This product is provided subject to this Notification and this Privacy & Use policy.
    A copy of this publication is available at http://www.us-cert.gov. If you need help or have questions, please send an email to info@us-cert.gov. Do n

    ===================

    Meltdown and Spectre Side-Channel Vulnerabilities
    https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities

    Vulnerability Note VU#584653
    https://www.kb.cert.org/vuls/id/584653

    microsoft
    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

    Mozillia
    https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/

  4. philjourdan says:

    I am just catching up as well, and just posted about Spectre over on the January Tips page (in response to a comment by Larry).

    Going to be a killer to disable Java Script, but it is about time that web pages became pages and not games again.

  5. Larry Ledwick says:

    For your daily chuckle – it appears Kim Jong Un bombed himself with his latest missile test. Missile fell back inside NK and probably exploded on impact.

    https://www.louderwithcrowder.com/north-kora-botches-missile-launch/

  6. Larry Ledwick says:

    Looks like the above missile failure happened back last spring but still funny in a hold my beer sort of way.

    https://thediplomat.com/2018/01/when-a-north-korean-missile-accidentally-hit-a-north-korean-city/

  7. E.M.Smith says:

    @Larry:

    No worries on multiple landing spots. On major breaking issues like “All your chips are belong to us!” I expect such things. Better too many places than one too few.

    From: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

    We have:

    And it appears 64-bit ARM Linux kernels will also get a set of KAISER patches, completely splitting the kernel and user spaces, to block attempts to defeat KASLR. We’ll be following up this week.

    Which implies they are not worried about the 32 bit kernels and those are mostly the ones without out of order execution. As I’m running the Pi M3 in M2 32 bit armhf mode, and it doesn’t do OOE anyway, I’m still not worried ;-)

    Sometimes a paranoid gets to have that warm smuggly feeling ;-)

  8. Glenn999 says:

    Not too long ago we were looking at voter fraud and vote cheating. There was an attempt to look into this at the national level called the Election Integrity Commission. According to reports it has been dissolved. So what’s next?

    Rather than engage in endless legal battles at taxpayer expense, today President Donald J. Trump signed an executive order to dissolve the Commission, and he has asked the Department of Homeland Security to review its initial findings and determine next courses of action.

    “What’s happening is a tactical shift where the mission of the commission is being handed off to Homeland Security without the stonewalling by Democrats,” Kobach said.

    Kobach characterized the decision to dissolve the bipartisan group as a “tactical change” and argued DHS can pursue an investigation of election fraud more quickly and efficiently.

    Kobach, who served as vice chairman of the voter fraud commission, blasted organizations like the ACLU and NAACP, along with Democrats in Congress and on the commission who attempted to halt the panel in its tracks.

    “They have absolutely no interest in stopping voter fraud,” Kobach said. “It’s truly extraordinary that one party in our system has made clear that they don’t care.”

    “Some people on the [l]eft were getting uncomfortable about how much we were finding out,” Kobach continued.

    The commission will now more soundly operate without hold-ups in courts, lawsuits, and political battles, a move that Kobach says Democrats brought onto themselves.

    “The investigations will continue now, but they won’t be able to stall [it] through litigation,” Kobach said.

    It seems the left has outsmarted itself by making alleged “Russian hacking” of the election a national security issue. This opens the door for DHS – armed with far more investigatory power than any commission might exercise – to go full bore at election fraud.

  9. Larry Ledwick says:

    I agree better easy to find that lost in the jungle someplace.

    I was just trying to be consistent since the discussion started in the Dec Tips, and jumped to the new Jan tips before you had created the new wood thread.

    Anyway my shop uses Centos (Red hat fork for industrial users) About the same time as CERT put out their announcement last night:
    https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities

    These kernel patches showed up on the Centos Announce thread on twitter:

    https://lists.centos.org/pipermail/centos-announce/2018-January/022699.html
    https://lists.centos.org/pipermail/centos-announce/2018-January/022698.html
    https://lists.centos.org/pipermail/centos-announce/2018-January/022697.html
    https://lists.centos.org/pipermail/centos-announce/2018-January/022696.html

    This is going to result in some interesting conversations. From what I have seen on the web the patches to fix these vulnerabilities could cause slow downs in performance ranging from 5% -30% drop in processing through put, with a couple sources listing they had run benchmark tests that showed best case a -17% performance hit and a worst case of -28% performance hit. But some users have reported performance hits near 50% slower to execute certain tasks.

    https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-every-modern-processor-has-unfixable-security-flaws/

    In synthetic benchmarks that do nothing but make kernel calls, the difference can be substantial, dropping from five million kernel calls per second to two-to-three million.

    [this link needs translation from German if you are an English speaker google chrome will do it for you]
    https://www.computerbase.de/2018-01/intel-cpu-pti-sicherheitsluecke/

    With these huge performance hits some companies will have to choose to isolate systems on the old kernal and continue to run the old kernal in order the maintain processing performance in systems where performance trumps exposure to malicious code (ie internal systems isolated from the web etc.)

    Some VM systems apparently are choking on the security updates:
    https://www.theregister.co.uk/2018/01/04/azure_vms_down_following_meltdown_patch/

    There is going to be a lot of pizza ordered in the near future in data centers all over the industrial world I suspect.

  10. Larry Ledwick says:

    Some PDF documents that describe in detail how these vulnerabilities are accomplished.

    https://spectreattack.com/spectre.pdf
    https://meltdownattack.com/meltdown.pdf

  11. E.M.Smith says:

    @Glenn999:

    Kobach said. “It’s truly extraordinary that one party in our system has made clear that they don’t care.”

    DON’T CARE? They very much do care! They want NO action that would uncover or prevent their frauds.

    @Larry:

    You say schadenfreude like it’s a BAD thing! 8-)

    After so many years of being ignored or ridiculed, the last decade has been all treats. This is just frosting on the baked Alaska.

    Really.

  12. Larry Ledwick says:

    Some early morning meltdown and spectre patch links from twitter

    Links I found this morning on twitter regarding the speculative processing fix

    https://www.theregister.co.uk/2018/01/04/amazon_ec2_intel_meltdown_performance_hit/

    https://www.theregister.co.uk/2018/01/04/microsoft_windows_patch_meltdown/

    https://www.theregister.co.uk/2018/01/05/cisco_releases_meltdown_patch/

    (all Macs iphones and ipads are at risk)

    The tech giant has admitted that the majority of its phones, tablets, computers and TV devices contain chips susceptible to security breaches, alongside devices by other manufacturers including Google, Samsung and Microsoft.

    https://linuxgram.wordpress.com/2018/01/05/red-hat-says-security-updates-for-meltdown-spectre-bugs-may-affect-performance/

    http://www.zdnet.com/article/windows-meltdown-spectre-fix-how-to-check-if-your-av-is-blocking-microsoft-patch/

    As Microsoft warned this week, it’s not delivering its January 3 Windows security updates to customers if they’re running third-party antivirus, unless the AV is confirmed to be compatible with it.

    http://news.softpedia.com/news/us-cert-says-fixing-meltdown-spectre-involves-replacing-your-cpu-519246.shtml

    CERT backed off this original replace your cpu recommendation & it looks like windows 10 is getting the first patches, windows 7 will be getting its patches in the Jan 9 Patch tuesday rollout.

    nixCraft: The Best Linux Blog In the Unixverse‏ @nixcraft

    How can you confirm the patch has been applied on a CentOS/RHEL based distro for Intel bug? Here is how you search for CVE. If you get output. You are patched. No output means not patched.

    rpm -q –changelog kernel | egrep ‘CVE-2017-5715|CVE-2017-5753|CVE-2017-5754’

    12:21 PM – 4 Jan 2018

  13. philjourdan says:

    Re: Fixing Voter Fraud.

    Why would anyone think democrats want to eliminate it? There is no upside. As everyone well knows, they are the beneficiary of most of it (since 1960 at least). And when it is not enough, they can yell it to invalidate the elections they do lose.

  14. p.g.sharrow says:

    In my experience as a Democratic operative. If they win the do not want an examination of their activities and if they lose they certainly do not want an examination of their failed attempt to change the outcome.
    As Bob Bectal said “Of course we cheat to win, We have to. We know that the Republicans cheat because We do it.” Can’t beat logic like that. ;-) …pg

  15. E.M.Smith says:

    Well I just got a Safari update pushed at my MacBook, so that’s happened.

    Unfortunately the MacOS 10.13..2 is not going to be available for this Mac. It’s stuck at 10.7.5 as the last update that works on it and when it exited support. Guess it’s time to get that round tuit for the Linux on Mac project… I’ll give them a couple of weeks to get updates to Linux in place though…

    Since I use the Mac almost 100% for just managing my own blog, it’s a low risk use and unlikely any hacking could happen anyway as the “sloth” running from the micro-SD card means any attempt to use a hammer type attack would likely be very obvious (things would be pushed to swap and any time this thing swaps I get to take a minute or so break ;-)

    But at least it lets me know I’m not going to bother sinking a couple of $Hundred into putting a new SSD into it so it runs as it ought…

  16. E.M.Smith says:

    My Netgear WiFi router just got a “security update”… Looks like they got on it pretty fast.

    No update yet for the Samsung Galaxy Note… Google has issued a fix, I think, so it is likely just a day or three away for them to roll it into the Samsung software and push. One hopes…

    I am left wondering just how many folks realize that their WiFi router is a prime target (since folks rarely are monitoring it nor paying attention to things like compute load)

    The AT&T Telco POP (point of presence) router is their responsibility. I don’t even know if I can log into it… IIRC I once got a web page from it where I could look at a few status things. I’m going to see if I can do that again tomorrow… But at least being behind two levels of router I can control my inner circle ;-)

    It isn’t paranoia when it turns out you were right ;-) Having two layers of router has many benefits, and this is one of them. Yes, I treat the Telco router as “outside” and “a risk”… OK to run the TV through it, but not my computer as a direct connection…

    Speaking of which… Now I need to check for updates on the LG “smart” TV, and my Roku sticks… I’ll likely leave them a couple of more days too. (Anyone who wants to break into the TV or Roku can, at most, cause them to fail and most likely can do nothing interesting other than see what TV show I’m watching. None of them have any input for audio or video so no snooping ability. Output only. They run on the Telco WiFi network, so not “inside”… that 2 router thing again 9-) so even trying to use them as a station to monitor network traffic isn’t going to get them much. Yes, I’m feeling smug…

  17. Glenn999 says:

    When Kobach say the Democrats “don’t care”, that is simply PC-speak for “they are willing to lie, cheat and steal to get in power or stay in power”.
    With the Democrat inspired “Russians hacked the election”, there is an opportunity to use DHS to investigate and force opponents of this investigation to turn over the requested data.
    A win here could be a game changer.

  18. jim2 says:

    Lots of great things going on. Effort to charge MI-6 “spy” who wrote or otherwise obtained the “trump dossier.” Investigations into members of rogue FBI members who worked under Obummer. More eyes on Hillary and Clinton Foundation. Hard to believe, but 2018 could be bigly better that 2017.

  19. E.M.Smith says:

    Discussion of Debian fix status:
    https://unix.stackexchange.com/questions/414786/how-to-mitigate-the-spectre-and-meltdown-vulnerabilities-on-linux-systems

    Links in it point to particular fixes in progress:

    https://security-tracker.debian.org/tracker/CVE-2017-5715

    Name CVE-2017-5715
    Description Systems with microprocessors utilizing speculative execution and …
    Source CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)

    Shown as “unfixed” in all Linux versions (wheezy, jessie, stretch, buster, )

    https://security-tracker.debian.org/tracker/CVE-2017-5753

    same status

    https://security-tracker.debian.org/tracker/CVE-2017-5754

    stretch (security) 4.9.65-3+deb9u2 fixed

    So a fix for one of the problems is being kicked around on the security oriented testing release… Likely a couple of more days before it rolls into the other releases, then a day or three more to get into Devuan (or maybe not since they just use the underlying Debian for a lot of things…) and Armbian (where they do their own build so yeah, takes a day or two…)

    Figure Sunday might be a good day to check in again on their status.

    Nice to know, though, that they ALL list “CPUs with speculative execution” as the risk platform. Those ARM chips without that are not an issue, so pretty much all my “shop” but the Odroid XU4 and the more obsolete hardware (but not the very obsolete hardware… so guess I’m not tossing my old White Box PCs just yet… ) Apple is patching for the spousal (newer) MacBook so it’s not an issue. That really just leaves roughly 4 platforms for me to worry about.

    3 Old but not Real Old PCs that are essentially deprecated. Two are desktops I’m only keeping around “in case” I ever need to run anything on Windows (which has not happened in the last half decade…) and the other is an HP Laptop I got for $100 some half dozen? years ago. I have another better HP Laptop with a nice quad core CPU in it, but the fan died about a half dozen years ago and I’ve not fixed it… so now wondering if it’s just time to pitch it as uninteresting all around… Why sink $200 or so into fixing the fan and a new battery for something with drain bammaged CPU hardware and an OS I don’t like… So it will continue to sit on the junk / parts pile for a while…

    I think next week I need to do a round of “Boot it and see what CPU it has” on the various “junk boxes” and make some decisions about the size of the junk pile… As I’m very very comfortable with a “Stack of Pi’s” plus the XU4, and haven’t so much as booted the Intel stuff for about a year, maybe it’s time to commit to “moving on”…

  20. llanfar says:

    Just pushed out a brief email to the security cert team for our project. Stated that not a problem for our servers as they only deal with JSON/REST over TCP/IP and serve up JSP… noted our users might have potential exposure to XSS given we can’t upgrade our 3rd-party jars as we’re still on Java6 (I’ll keep pushing that button until tptb decide the developers may be right).

  21. E.M.Smith says:

    Oh, forgot about the Chromebox (as I only really use it as a media server and occasional Youtube portal… it’s plugged into the “other” TV…) Did an OS Update. It’s latest build was 18 December but Google was early to find the issues so that likely is the fix date. I’ll have to do some more digging to verify that.

    The digging I did so far found an interesting statement about Google Servers in their farm:

    https://bgr.com/2018/01/05/meltdown-spectre-fix-google-patch-performance/

    Google has great news about fixing the Meltdown and Spectre chip flaws

    Chris Smith @chris_writes
    January 5th, 2018 at 7:45 AM

    Google on Thursday explained that fixing the severe security issues that affect computers of all sizes out there, with special emphasis on Intel-powered devices, won’t cause significant slowdowns.

    Google’s revelations echo Intel’s own assessment of the matter, but they’re a lot more reassuring. Intel’s press release detailing the Meltdown and Spectre security issues seemed to minimize the security risks and performance degradations that users would see after software patches are deployed.

    Google said in a blog post on its security blog that it shared a new fix, called Retpoline with its partners which fixes one of the Spectre vulnerabilities (CVE-2017-5715). Google also deployed a Kernel Page Table Isolation (KPTI) fix that protects against the Meltdown (CVE-2017-5754) vulnerability.

    After patching its Linux computers on all its computers, Google observed “negligible impact on performance.” That’s great news for anyone using Google services that run on Google’s cloud. One worry was that the cloud would be the most impacted by the patches, but that doesn’t appear to be the case:
    […]
    Google’s fixes are all the more important as it’s one of the entities that discovered the flaws and then notified chipmakers — Google’s official disclosure on Meltdown and Spectre, also posted on Thursday, is available at this link.
    https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html

    I’m presuming they “eat their own cooking” and any patch they developed for their version of Linux has been rolled into the Chrombox path… but eventually I’ll find verification of that. From that security link, this is a promising statement (bold by me):

    As soon as we learned of this new class of attack, our security and product development teams mobilized to defend Google’s systems and our users’ data. We have updated our systems and affected products to protect against this new type of attack.

  22. E.M.Smith says:

    Looks like for Chrome-thingys you need to know the specific model number. They are NOT bothering to patch old ones…

    https://sites.google.com/a/chromium.org/dev/chrome-os-devices-and-kernel-versions

    And the HP Chrombox looks like it is still under support, but being left for later in the update cycle:

    zako HP Chromebox CB1-(000-099) / HP Chromebox G1 / HP Chromebox for Meetings 3.8.11 x86_64 2019-06-01 No Pending 3.8 KPTI backport

    The “No Pending Backport” says not patched yet but the 2019-06-01 says there’s still a year and a half of support time, so ought to be in the works.

    Interesting also to note that for the armV7 and aarch64 devices they note “not needed” for all of them ;-) So at least Google thinks they don’t need to do anything for those chips…

    So, OK, I’m going to shutdown the Chromebox now and check again in a week or so…

  23. jim2 says:

    Looks like the liberal women rue the day they opened the Pandora’s box of sexual harassment. They are OH SO SORRY Franken got caught in the net. Tough bananas there ladies.

    “Publicly, they say the right things, expressing approval and joining in the chorus of voices that applaud the takedown of maleficent characters who prey on vulnerable women in the workplace.

    Continue reading the main story
    In private it’s a different story. “Grow up, this is real life,” I hear these same feminist friends say. “What ever happened to flirting?” and “What about the women who are the predators?” Some women, including random people I talk to in supermarket lines, have gone so far as to call it an outright witch hunt.

    It goes without saying that no one is coming to the defense of heinous sorts, like Kevin Spacey and Matt Lauer. But the trickle-down effect to cases like those of Garrison Keillor, Jonathan Schwartz, Ryan Lizza and Al Franken, in which the accusations are scattered, anonymous or, as far as the public knows, very vague and unspecific, has been troubling.”

  24. Larry Ledwick says:

    Looks like for Chrome-thingys you need to know the specific model number. They are NOT bothering to patch old ones…

    Hmmmm sounds like a target of opportunity for a lot of vendors to obsolete old equipment (can you sing Y2K in three part harmony).

    I bet a lot of hardware will just be pushed to unsupported using this as an excuse.

  25. E.M.Smith says:

    It does look like vendors are sticking to their original “supported until” dates.

    The Chrome page originally had “No No” for several of the 3.8 based platforms (as in my Chromebox not getting anything) but in the middle of typing the comment the status changed to “awaiting backport” for future availability. (So right after hitting “post” I had to edit the comment to change it…) I suspect someone at HP (legal or tech manager) called up to ‘splain to them what a contract means and what complications might follow if HP product were NOT given the same support as other vendors… and the likely tendency of HP to “participate” in any future ChromeOS projects…

    There are now only two EOL products (that I noticed) on the list that are being ignored. Everything that was “No” in the future patch column now has “awaiting backport”. Now we get to see how long THAT takes.

    FWIW, I only bought the Chromebox after assuring I could put a Linux on it “someday”, so whenever it does become an issue, It’s going to Linux Land. 8-)

    Might be a good opportunity to pick up a bunch of vendor unsupported hardware for cheap as folks dump it and put a patched Linux on it… I feel a visit to Weird Stuff in my future ;-) They and another couple of stores are the local reseller of old computers being dumped by companies… I suspect they will get a jump in inventory “soon” as EOL stuff exits the building and then more as “New Improved CPUs” (i.e. no longer broken) enter the market.

  26. Larry Ledwick says:

    Yes once the new architecture chips come out the old speculative processing chips will be dirt cheap. If you have an application that these vulnerabilities are not important to, it will be like Christmas.

  27. Larry Ledwick says:

    So apparently AMD has another security issue due to not implementing common protective techniques. Can you say stack over flow problem?

    AMD’s Platform Security Processor (PSP), which resides on its 64-bit x86 processors and provides administrative functions similar to the Management Engine in Intel chipsets.

    https://www.theregister.co.uk/2018/01/06/amd_cpu_psp_flaw/

  28. E.M.Smith says:

    I saw this about a month ago. Now I’m thinking it was killed when Intel first got notice of their Fup…
    https://www.top500.org/news/intel-dumps-knights-hill-future-of-xeon-phi-product-line-uncertain/

    Intel Dumps Knights Hill, Future of Xeon Phi Product Line Uncertain
    Michael Feldman | November 15, 2017 04:34 CET

    While vendors are busy announcing new HPC offerings at this week’s Supercomputing Conference (SC17), Intel announced it is removing its next-generation “Knights Hill” Xeon Phi product from its roadmap. And that might just be the beginning.

    In a blog penned by Intel’s Data Center Group GM Trish Damkroger describing the company’s exascale strategy and other topics they are talking about at the SC17 conference, she offhandedly mentioned that the Knights Hill product is dead. More specifically she said that the chip will be replaced in favor of “a new platform and new microarchitecture specifically designed for exascale.”

    Knights Hill, you might remember, was going to be the chip that powered Aurora, a DOE pre-exascale machine that was to be deployed at Argonne National Laboratory in 2018. But last month it was revealed that the Aurora contract had been rewritten, increasing the original performance target of 180 petaflops to over one exaflop, and moving the deployment date out to 2021. It was widely believed that problems with the development of Knights Hill chip forced the DOE to rework the contract.

    With Knights Hill gone, customers who were planning to upgrade from the current Knights Landing processors, or those who were interested in building Xeon Phi systems for the first time, no longer have much of an option. Damkroger wrote that customers looking for nearer-term HPC solutions can turn to Intel’s Scalable System Framework architecture, which encompasses a number of the chipmaker’s other performance-centric offerings, like the Omni-Path fabric, Optane SSDs, and node management software, and Xeon Scalable processors (previously code-named Skylake).

    But replacing a Xeon Phi supercomputer with a tricked-out Xeon cluster is not what most customers would have opted for. Compared to even the latest Skylake Xeon CPUs, Knights Landing Xeon Phi processors offers more cores, more floating point performance, significantly better energy efficiency, and access to high-performance 3D memory on the package.

    Why kill off your new zippy way cool processor family? Perhaps to avoid a whole lot of buyer’s remorse and maybe suits for selling a known defective product? Date of 2 months ago is about right…

  29. Larry Ledwick says:

    Not to mention they will need a lot of chip manufacturing capacity in the near future to produce bug free processors (and will have to toss a few billion dollars of chips currently in the pipe line).

    I suspect for a while they will completely slam all manufacturing capacity to dig out of the hole this will put them in.

  30. E.M.Smith says:

    I’m not seeing much risk in that AMD bug

    Cohen’s post described the vulnerability as remote code execution flaw. However, physical access is a prerequisite.

    In an email to The Register, Dino Dai Zovi, cofounder and CTO of security biz Capsule8, said the vulnerability isn’t quite subject to remote execution “since the crafted certificate that exploits the vulnerability needs to be written to NVRAM, the attacker must already have privileged access to the host or physical access. It would let an attacker bypass secure/trusted boot, which is performed by the TPM.”

    An AMD spokesperson told The Register that an attacker would first have to gain access to the motherboard and then modify SPI-Flash before the issue could be exploited. But given those conditions, the attacker would have access to the information protected by the TPM, such as cryptographic keys.

    If someone has physical access to your box, there are much easier things to do, like just clone your disk… This would matter for TLA spook atracks where they want to bugger your machine then watch all your new activity, but really they can just do a faster motherboard swap for that…

    Let’s just say I’m not worried about my one AMD 64 bit box that has been off for about a half year…

  31. Larry Ledwick says:

    My comment about AMD was more in the “when it rains it snows” sense.
    The cpu folks don’t need any more bad news right now.

    I think they are reaching the point where complexity is going to demand its due and a reminder that a little slower to market with a design that never clobbers half the world’s computer devices is probably a good production ethic to push.

  32. jim2 says:

    LL said (off the cuff,, I’m sure) … “Not to mention they will need a lot of chip manufacturing capacity in the near future to produce bug free processors”

    As a programmer and also having a clue how complicated these chips are, I doubt there will ever be a bug-free processor :)

  33. Larry Ledwick says:

    As a programmer and also having a clue how complicated these chips are, I doubt there will ever be a bug-free processor :)

    Oh very true! That is one of the common fallacies in the general public they “think” that bug free actually exists. I was specifically referring to a chip they could sell marketed as “free of this bug”

  34. Larry Ledwick says:

    An interesting observation by N N Taleb

    1) When a collection of journos getting around minimum wage call someone consistently successful “an idiot”, one is entitled to invoke Wittgenstein’s ruler:
    you don’t just use a ruler to measure the table, but the table to measure the ruler.
    (in Fooled by Randomness)

    2) In other words, if reality continuously delivers something that doesn’t “make sense” to you, it is *you* that you need to worry about.

    3) Commentary by anyone who
    a) ruled out Trump ‘s election,
    b) thought market wd collapse if Trump elected
    c) thought Trump wd be impeached within 1y
    should be ignored.

    Can only use Krugman-style IYIS is Uber drivers or something requiring low understanding.

  35. jim2 says:

    I’m sure you’ve all seen that there is a new book out on Trump. I know when I want solid news, I turn to a gossip columnist. Once this farce runs its course, the Dimowits will probably assemble a panel of the best, most omnipotent astrologers. They will predict Trump will reincarnate Hitler, Frankenstein style, and take over the world if not impeached within the next 7 days.

  36. Larry Ledwick says:

    Here are your two candidates for Weather Oops of the day award.


    ————–

    This showed up on twitter – image appears to be from this report :
    http://glisa.umich.edu/climate/great-lakes-ice-coverage
    And here:
    https://www.globalweatherclimatecenter.com/climate/insights-into-great-lakes-ice-coverage-decreases-credit-glisa

    From another source we see that they left off the two highest ice coverage years in the recent period.

    https://www.glerl.noaa.gov/data/ice/#historical

  37. Larry Ledwick says:

    This will make your eyes cross (long and detailed) but it is a very detailed presentation about what is going on in the background to setup an untainted investigation of government corruption in several departments of government and the Clinton Crime empire.

    https://threadreaderapp.com/thread/949501891108593664.html

  38. jim2 says:

    This is AWESOME!!

  39. Larry Ledwick says:

    Seems the cold outbreak hitting North America east of the Rockies is also hitting Spain.

    https://sg.news.yahoo.com/spanish-army-called-snow-traps-thousands-roads-174405255.html

  40. Larry Ledwick says:

    In the weird animal news category, we have fire starting birds who intentionally? use fire to aid in finding prey.

    https://www.theregister.co.uk/2018/01/08/australian_birds_light_fires/

  41. Larry Ledwick says:

    Just an idle observation here for folks to consider:

    First this reference
    https://news.nationalgeographic.com/news/2010/07/100715-shrimp-prozac-antidepressants-environment-science/

    Next we know that the Left are far more accepting of drug usage – could it be that the low level of insane behavior we are seeing in the left recently is do to prolonged exposure to routine and long term exposure to a shopping list of over the counter drugs like Prozac, anti-depressentants mood enhancers, allergy drugs, anti-histamine etc.

    Discuss

    Seriously it is like 25% of the population has suddenly gone insane (pussy hats, vagina costumes, completely irrational responses to election out comes, punch a nazi, completely inverting the meanings of words – – – )

  42. p.g.sharrow says:

    @Larry; it has been my opinion that many years of being subjected to Liberal indoctrination, brain washing, can result in permanent brain damage. Religious cult members seem to manifest similar behavior. The constant drilling in illogical thought conclusion results in erratic actions. These people also seem to gravitate toward mood changing drugs to help them cope with the contradictions of their lives.

    OR they are just genetically screwed up and there is no hope for them. ;-) …pg

  43. Larry Ledwick says:

    I am just waiting for the lemming like rush as they charge off of Niagra Falls in protest against something Trump does (J/k)

    Sometimes you wonder what are the limits to folks who seriously think there are 61 genders, and all the other social justice warrior nonsense.

  44. E.M.Smith says:

    Or maybe it’s the big push to “low salt” that makes them depressed so they then go for the anti-depressants that then screws them up:
    https://news.nationalgeographic.com/news/2009/03/090317-salt-antidepressant.html

    Is Salt Nature’s Antidepressant?
    Helen Fields
    for National Geographic News
    March 17, 2009

    Could salt be the solution to a sad, empty life?

    Maybe, says physiologist Alan Johnson of the University of Iowa.

    He’s found that sodium-deprived rats take less pleasure in daily activities—they can’t be bothered to drag themselves across the cage to push a bar that releases a dose of sugar water.

    But let the rats have salt again and “they’re all happy,” Johnson said.

    Very low sodium in rats, humans, and other land animals may induce something similar to depression—and that eating more salt may make us happier, Johnson thinks.

    He points to one study of people with chronic fatigue syndrome. Many of the patients were found to have reduced their sodium intake for health reasons. Increasing sodium in their diets alleviated many of the patients’ symptoms.

    So you have your typical veggy burger left wing-nut avoiding salt as part of their “health” fetish. That diet results in too little B vitamins, a shortage of Omega-3s and depression. So to stop all the worry that causes, they resort to “anti-depressants” that then makes them carefree risk addicts… (and some of the ones under adolescent pressures in school go on a revenge – shooting campaign since they no longer “worry” about the consequences being drugged to think risk is fun…)

    FWIW, one quasi-conservative Engineer friend has gone a bit loopy and shifted left wing now that he’s on anti-depressants, but you can’t tell him that, he thinks he feels “better”… Some relatives who are vegan have started showing “odd thinking patterns” (but one of them may have had that before ;-)

    One of our vegan neighbors was informed by her doctor that she needed to start eating some fish or her health problems would be getting worse… I’m guessing Omega-3 issues and how that influences hormone production (all sorts of hormones some involved with inflammation and thinking…)

    In short, I think it is a constellation of things that all come together, and all push toward a warped perception ability. The bad part is the person “feels” good during the slide…

    Oh, and remember that old Adolf H. was a vegetarian on drugs when running Germany into the ground and taking insane risks (think losing his army in Stalingrad instead of taking a strategic retreat…)

    So IMHO it’s the whole “prescription” from low salt to vegetarian to prozac for desert… each one laying on a bit more brokenness to the brain.

    Supposedly, when dying, there is a flood of endorphins that causes a sort of euphoric state. I’ve also had a flood of “something” (some adrenalin some other stuff IMHO) when sick or injured that made me feel better (so I could ignore the discomforts from the issue and get to the doctor…). I speculate that something like this MIGHT be happening when the total burden of broken nutrition and drugs gets too high. The person starts to feel “good” and doesn’t realize it’s natures way of saying the exit is nearby…

  45. Larry Ledwick says:

    Lots of possible causes, ecstasy / molly fueled parties and related party drugs are certainly possible drug insults too.

    We know from brain injury cases that the brain has an astounding ability to “re-wire” itself if given proper stimulation, perhaps nonstop immersion in irrational thinking with no consequences leads to the brain rewiring itself for irrational behavior.

    In the wild that sort of behavior would get you eliminated from the gene pool directly or sequestered in a non-breeding role like village idiot.

  46. philjourdan says:

    Re: Salt Nature’s anti-depressant

    Guess that is why I am always happy. ;-)

    (but my doctor is not).

  47. E.M.Smith says:

    Just saw a Reuters bit on a Google Employee who was fired for writing a non-PC memo. He’s a white guy who said real gender differences accounted for why there were fewer women in positions at Google. Now suing for discrimination against conservatives and white guys. His (lady) lawyer “nailed it” IMHO when she pointed out white men are the only group left that it’s OK to discriminate against.

    The simple fact is that far fewer women are interested in how mechanical things work. You get fewer entering into Engineering degree programs, so fewer women Engineers from whom to select talent. Then they want the company to “fix it” in the hiring process. “Equal opportunity” is not enough, you must have “equality of outcomes”. At Apple, we had annual “diversity reviews” to assure we had discriminated appropriately (i.e. against white men and for women and minorities in recent hiring). Just wrong.

    My Bias: Since the above will undoubtedly cause some folks somewhere to want to assert I’m some kind of sexist bigot, note: THE largest raise I ever gave was to a woman programmer we’d hired straight out of college. I argued with HR that she was just as good as the men on my team and got a 36% raise for her, despite the boys having 10 years seniority. (Yes, she was that good and I didn’t want her hired away). Women programmers have been in the field from the start (Ada Augusta Countess of Lovelace programmer for Babbage, and Grace Hopper who created COBOL among others) and seem to excel at software. There are more men Electrical Engineers because, IMHO, they like playing with the hardware more. So we ought to have more “software only” tracks in schools not force women to play catch up with the “boys and their toys”. There ARE real gender differences, we ought to be happy with them and let everyone follow their own path that’s most in keeping with their particular gifts. IMHO, women make better doctors ( I’ve had several ) largely due to their greater sensitivity to the condition of others and they are proven better portfolio managers due to better risk avoidance for excessively risky stocks. That ought to be put to good use, not ignored.

    FWIW, my group at Apple was singled out for exceptional examination since we DID have a great mix of genders, races, and a gay guy secretary. The company wanted to know how we had done such a great job of “diversity”. When asked why, we had not realized that we were in that position. All we could say was we hired the best talent for each job. Only in retrospect did we notice some where Asian, Hispanic, Black, etc. etc. IMHO it was largely because we did not require an EE Degree. As a support group, we could hire based on ability, not a degree check box. That removed the prior adverse selection process in college majors. BTW, I’m one of them. My degree is in Econ, not Engineering. I did take a lot of programming and engineering classes, but the checkbox is still in my way to this day at many employers.

    So wander around Silicon Valley big name employers, you find great effort to get the best EE and similar degreed candidates. The Engineering groups are packed with guys from Name Schools. For hard core engineering, you need that skill set and training (yet the “2 Steves” at Apple didn’t have the degree and Woz only got his after making $Millions…) and that sets the model for much of the hiring process. Even for positions where it isn’t important to have that degree. Look at the job ads and see how many require “Vendor Certs” where you must be employed in the field to get or keep the cert AND sink a few $Thousand/ year into keeping it current. That just keeps folks in skill set silos and keeps opportunity limited to those with advantages in the selection process. Rich dads. Degrees in the field. etc.

    I wish the guy luck with his lawsuit, but he’s fighting a system of legally mandated discrimination and decades of mandated PC Indoctrination. It won’t be easy. I had to attend “Managers and the Law” every 2 years at apple to keep me apprised of the recent legal environment. LOTS of emphasis on how to discriminate appropriately in favor of women and minorities and why not to hire white men… I got “the hairy eyeball” when, in one “diversity training session” I pointed out many of us of Irish ancestry remember that there were once “No Irish need apply” signs and that white folks had a history of being discriminated against too…. The “presenter” had no good come back and did a sort of “OK… moving on…” but did tone down the Poor Discriminated Black Folks rhetoric a little. A token nod to the token white discrimination was about all.

    In that context, to stand up and say “Stop bashing white guys” is going to be a hard task. Maybe he needs a bus and a seat in the back to make his point…

  48. Larry Ledwick says:

    Speaking of crazy behavior found this item video documents a tantrum somebody had in a gun store. Hard to explain .

    https://www.louderwithcrowder.com/fat-sjw-walks-gun-store-hilarity-ensues/

  49. Larry Ledwick says:

    Very interesting play by President Trump, he invited the press pool to watch negotiations on DACA with bipartisan congressional representatives.

    https://www.chicksonright.com/2018/01/09/president-trump-makes-unusual-move-allows-press-pool-to-watch-bipartisan-debate-on-immigration-reform/

  50. Larry Ledwick says:

    Life will find a way
    How alligators survive freezing weather
    http://www.charlotteobserver.com/news/local/article193602684.html

  51. Larry Ledwick says:

    Reference to some of your discussions about secure browsing like using Tor, this is an application that apparently the folks in Iran are using to side step internet blocks. Might be worth some investigation for those in areas that restrict internet access.

    https://psiphon.ca/en/user-guide.html

  52. E.M.Smith says:

    @Larry:

    Just a little bit of FYI… The alligator page tried to load and crashed, and the gun Pat Page would not play the video. Cut /paste of video URL said I needed a flash upgrade…

    All this on Opera on the Mac. I’ll try other browsers later. FWIW, most things do work on this combo. I also have Safari and FireFox on it, but try not to run flash as it has security issues.

    Psiphon looks interesting. Like a well packaged VPN service with proxy services built in.

    As I’ve said many times, if you allow any communications you allow all communications; all that changes is the rate and the intelligence test…

  53. philjourdan says:

    Re: White males only allowed discriminated against group.

    The pendulum is swinging and along with the law of unintended consequences, that is about to change. Not overtly. No one will come out and say it (although some have). But the extreme #metoo campaign is making sure that intelligent men will not hire a woman (there is no upside). Now that does not mean it will be a white male. But it will be a male. And there are only so many to go around.

    I am at the end of my career. I am glad I do not have to go through this. But on the bright side, white males are going to learn how to be entrepreneurs and create their own companies at a faster pace than before.

  54. Larry Ledwick says:

    Ahhhh Venezuela that shining star of socialism (where hungry people beat cows to death in the field with rocks to get food)

    http://www.dailymail.co.uk/news/article-5262257/Starving-mob-beat-cattle-death-rocks-Venezuela.html

  55. Larry Ledwick says:

    On a similar front news out of Sweden is not good either. Looks like Sweden is turning into Chicago.
    from twitter:

    PeterSweden
    ‏@PeterSweden7
    7 minutes ago
    Headlines last 24 hours from Sweden.

    – Explosion at family apartment
    – 5 shootings
    – Police chase after attempted rape of a woman
    – Person stabbed during robbery
    – Womans car windows smashed when driving thru Malmö
    – Police issue strong warning not to excersice alone outside

    PeterSweden
    ‏@PeterSweden7
    15 minutes ago
    Another explosion happened in Sweden tonight.

    A family apartment door was destroyed in what the police describes as a “powerful detonation”.
    This is such a daily occurrence in Sweden now that this has barely made the news.
    It’s only a small side story in the media.

    PeterSweden
    ‏@PeterSweden7
    1 hour ago
    Shootings in Sweden yesterday.

    – 1 man killed in Helsingborg.
    – 1 man seriously injured in Helsingborg.
    – 2 people shot in a Pizzeria.

    This is rapidly going downhill.

    PeterSweden
    ‏@PeterSweden7
    1 hour ago
    Things are going overboard in Sweden.

    Nurses at a hospital in Swedish city Malmö are now hiding their name badges out of fear of being doxxed by criminals.

    They also sleep with a baseball bat by their bed because of threats.

    This comes from gang criminals they treat.

  56. Larry Ledwick says:

    Oooops!

    Apparently a false alert but made a bunch of people freak out for a while.

    CBSDenver Retweeted

    Tulsi Gabbard
    ‏@TulsiGabbard
    14 minutes ago

    HAWAII – THIS IS A FALSE ALARM. THERE IS NO INCOMING MISSILE TO HAWAII. I HAVE CONFIRMED WITH OFFICIALS THERE IS NO INCOMING MISSILE.

  57. Larry Ledwick says:

    Since the false missile alert has raised the subject some other interesting stuff is showing up on twitter as every on back peddles.

    Image showing key missile defense component assets of the US

  58. Larry Ledwick says:

    The threat assessment and intercept process:

  59. Another Ian says:

    Mental elasticity exercises?

    “Leftie “logic”.

    1) Those countries aren’t sh*tholes.

    2) You can’t send illegals back to those countries because they’re sh*tholes.

    The cognitive dissonance must be causing their poor excuses for brains to explode.”

    http://joannenova.com.au/2018/01/weekend-unthreaded-194/#comment-1973633

  60. E.M.Smith says:

    @Another Ian:

    Nope. They are not at all bothered by mutually exclusive ideas. All an idea needs to do is make them feel good. If it feels good, it must be right. Any seeming conflict between them is just because you haven’t thought about it enough and they are too busy saving the world to waste time thinking about it, besides, it is obviously right because it feels good.

    (Yes, I’ve been through far too many conversations of that circle… )

    Remember that many of these people have no idea where the water in the faucet comes from, see electricity as some kind of magic, and all they know about gasoline is that it costs a lot and makes Arabs rich and kills the planet… They know the government prints money and think they ought to stop being so mean and just print more of it to eliminate all poverty, so the government is just mean. Oh, and if you want to “Do Something” for some cause, go walk in circles for hours as your family and friends “pledge” to see how much of it you can take… While eating a slice of cheesecake, make sure to have a Diet Soda as that 26 Calories saved is really going to make you lose weight…

    There isn’t a lot of any kind of thought, never mind coherent consistent thought, in any of that lifestyle…

  61. E.M.Smith says:

    @Larry:

    Yeah, saw a blurb on Reuters where an embarrassed guy from the Hawaiian government was saying “someone pushed the wrong button” during some test…. and Trump said “It’s a State issue”…

    Hawaii just re-started their nuke civil defense warning training, and it looks like they really really need the practice, a lot.

    Per Sweden:

    That will continue until enough Swedes remember their Viking roots or the place becomes Swedestan.

    One could hope that a nice round of 40 below would chase out the riff raff, but maybe they have too much central heat for that now…

    A friends Swedish Dad was the nicest guy you could ever want, and with a lot of patience. BUT, when it reached the end of the line, you found yourself (or he found himself as a kid…) upside down against the wall after a quick smack in the chops. (His Dad had been a 5 foot 4 inch or so Marine in W.W.II… Never knew a guy that small could be so strong… )

    It will be interesting to watch in any case. At a minimum they can be the example for everyone else of what not to do. I’m just hoping we don’t end up resolving this as they did in the clearing of France and Spain last time around… And Vlad The Impaler in Romania left a lasting cultural mark… If folks have forgotten that history, they will eventually relive it.

  62. beththeserf says:

    That ol’ battle of ..

  63. Larry Ledwick says:

    Here is the time line summary of the Hawaii misfire on warning.
    Cliff’s notes version it took 38 minutes to put out the formal retraction:

    From my experience in both computers and emergency management it all fits.
    Countless times I have seen (and done) autopilot click on the button things where by the time you realize you went a step too far, it is too late to stop the action. Likewise on the emergency management side the internal confusion about how to deal with something that should not have happened (and they obviously had not prepared a plan of action for) would have easily chewed up 10-15 minutes.

    It goes something like this:

    Oh crap did I really click on that?
    cell phones start going off all over the place. Everybody is busy yelling WTF!!!
    Everyone is so busy trying to figure out what happened and explaining what happened to the boss that 5 minutes evaporates.

    Quick staff planning session (for those not answering phones or turning up the volume on tv sets)
    Okay how do we fix this ? – another 5 minutes evaporates as they get a list of critical notifications they need to get out prioritized by both functional and political priority. (governors office, their top level administrators in both the state and federal level, local police departments and fire departments etc.)

    Everyone realizes that they can’t just send a random “never mind” message over the emergency messaging system without authorization (and need to figure out who to contact to do that)

    Another 10 minutes evaporates –

    They finally figure out who to contact for authorization, and try to get contact info for them.
    (Oh I’m sorry Mr. xyz is not in the office yet may I take a message?)
    They finally get through to that point of contact, burn another 5 minutes explaining what happened, and then burn another 5 minutes getting chewed out while the honchos quickly draft an “approved message”
    Then that approval works its way back down the chain.(another 5 minutes evaporates)
    Then someone sits down at the console and manually enters a custom message (which rarely happens ) without long lead time like in a situation such as a major storm where they have 10s of minutes to get the message out.

    Finally the message is drafted, 3 people look over the guys shoulder and confirm it says what they want it to say, everyone takes a deep breath and they punch the send button – then wait for the bulk SMS messages to crawl through a saturated cell phone system.

    Yeah 38 minutes delay between action and retraction sounds perfectly reasonable to me (been inside the loop on this sort of cluster a few times – – where’s my call list? Oh here it is!
    Drat called the number and it is no longer in service! Call so and so they will know the current number!

    Hello So and so I need a current number for xyz – yes I know an alert went out, How?
    It was an accident. Yes I know that is not supposed to happen, do you have the number?
    – – –

    http://www.euronews.com/2018/01/14/hawaii-missile-alert-test-goes-wrong-terrifies-state-n837551

  64. E.M.Smith says:

    @Larry:

    I did the “Hurricane Plan” contact and bring up for Disney. Which applications in what order and who to contact when an Aw Shit happens. Every year we updated. Every year we found out just how many staffing changes had been made without us being notified and how many folks got new phones, email, etc. etc.

    Yeah, 38 minutes is about right, even in a full on pull out all the stops panic mode…

  65. jim2 says:

    To my mind, the courts have become a negative force in the US.

    “A group of kids, including “future generations, through their guardian Dr. James Hansen,” claim that the government’s actions and failures to act have caused climate change, thus violating the youngest generation’s constitutional rights to life, liberty and property, and have failed to protect essential public trust resources.”

    https://www.investors.com/politics/commentary/the-childrens-climate-lawsuit-against-the-children/

  66. Another Ian says:

    “Delingpole: Trump – Making the World Great Again, One Shithole at a Time”

    http://www.breitbart.com/big-government/2018/01/14/james-delingpole-trump-making-world-great-one-shithole-time/

  67. Larry Ledwick says:

    FCC statement on the false alert in Hawaii – I suspect all states will see an FCC directive soon to review alert procedures and setup safe guards like 2 person verification of alerts and a pre-scripted and approved “never mind” message in case of accidental false alert situations.

    https://pbs.twimg.com/media/DTh4F6sVQAA7lRC.jpg:large

  68. Larry Ledwick says:

    I assume these sort of weapons are coming out of the balkans, but a bad sign for Sweden’s future stability.

    http://www.breitbart.com/london/2018/01/14/swedish-police-officer-hand-grenades-easy-find/

  69. Another Ian says:

    E.M.

    Do you reckon that there would be any mention of Vlad in the Islamic version of history?

  70. p.g.sharrow says:

    A couple of years ago a small freighter from Iran was captured in a Danish port with many tons of small arms of all kinds aboard. They had been visiting and off loading in ports all over North Europe. If I recall correctly this was one of three such ships that were sent out in that period. During that time the Mullahs were bragging that they were readying uprisings all over western Europe. …pg .

  71. E.M.Smith says:

    @Another Ian:

    I’m sure he will be mentioned, but just how he is portrayed will be variable…

    @P.G.:

    The Koran mandates that Islam MUST reclaim any lands lost. That means up to the gates of Vienna and Andalusia into southern France, at a minimum. Greece had 400 years of domination IIRC, so it, too, must be retaken.

    There can be no peaceful immigration from Muslim countries until that goal is abolished, and that goal can not be abolished as long as the Koran is held as holy write and immutable.

    @Larry:

    Hand grenades are pretty simple to make. Yeah, easier to just import them, but realistically, a sack of screws with some black powder in the middle and a timed ignitor is all you need.

    I suspect I could set up an ersatz manufacturing facility from commonly available items in about 2 days working fast or a week part time and slowly…

    (There’s an easy way to make cordite from battery acid, cotton, and fertilizer… I’ve done it…)

    But yeah, the idiots in the EU have invited a culture war into their homes and soon it will become a hot war. In some areas it already is a hot war. The only question is will they continue to be idiots so long that they are exterminated (and the peaceful Europeans with them); will they expel and / or exterminate the invasion; or will Islam have a reformation and “make nice” by ignoring the explicit directions in the Koran.

    I have little expectation for the last of those, and only modest expectations for the first…

  72. jim2 says:

    “After a long internal dispute, a high-level investigation and an intervention by Sen. Ted Cruz (R-Tex.), the university last week rejected a proposal by the leader of its new China center to accept money from the China United States Exchange Foundation (CUSEF). The Hong Kong-based foundation and its leader, Tung Chee-hwa, are closely linked to the branch of the Chinese Communist Party that manages influence operations abroad.

    After several professors and university officials raised concerns about ties among CUSEF, Tung and the Communist Party, university President Gregory Fenves launched an investigation. Over several weeks, Fenves met with intelligence officials and experts to gauge the risk that accepting CUSEF money could compromise the university’s academic integrity or give China undue access to and influence over academic products.”

    https://www.washingtonpost.com/opinions/global-opinions/university-rejects-chinese-communist-party-linked-influence-efforts-on-campus/2018/01/14/c454b54e-f7de-11e7-beb6-c8d48830c54d_story.html?utm_term=.a7f766452870

  73. Larry Ledwick says:

    I figured the story about the missile alert, which would come out would be something like this.

    https://www.theregister.co.uk/2018/01/15/hawaiian_missile_warning/

    I really dislike those pull down menu systems for that exact reason! I have been bitten by this sort of interface many times, just a little bit of lag in clicking the button and accidentally dragging the cursor across the wrong menu item and no confirmation step or validation, like making you click the real alert 2x to make sure it is not a miscue.

    Action items especially of that magnitude should have some sort of double authentication, or a time out timer that gives you 30 seconds to cancel the action before it takes effect.

    A pull down menu should be inactive until the mouse has hovered on the same selection for a couple seconds to be sure you don’t accidentally slide off the intended item an onto an adjacent item. The test and action items should also be physically spaced some distance apart so you cannot accidentally click on the boundary and get the non-intended action, mapping the active area to a have a large boarder around it that does nothing.

    We have an in house application at work to trigger all sorts of actions and that sort of human interface which accounts for human factors (guy in a hurry etc.) takes time to develop without a clear set of rules for interface developers.

  74. E.M.Smith says:

    Or just, on big things like, oh, booking a flight or starting W.W.III “Press I confirm” to launch and have read the end of the world message…

  75. Larry Ledwick says:

    Sometimes Twitter is really funny.

    Jonathan Swan‏Verified account
    @jonathanvswan

    The biggest beneficiary from l’affaire de shithole appears to be @RaheemKassam .. he’s become a right-wing viral sensation in the UK for calling London a shithole on Sky

    8:24 AM – 15 Jan 2018

    Now I dare you not to say “l’affaire de shithole” with a Pepe Le Pew voice in your head.

    (or out loud as the circumstances might allow)

  76. catweazle666 says:

    “he’s become a right-wing viral sensation in the UK for calling London a shithole on Sky”

    Yep, can’t argue with that.

  77. Larry Ledwick says:

    Hmmmm don’t suppose this is a social engineering effort to capture users pictures for a face recognition / tagging feature to be used in the future? I mean what could go wrong letting the most powerful technology company in the world build a data base of images that ties your face to the device you use to surf the net?

    https://www.rt.com/usa/416021-facial-recognition-database-google/

  78. jim2 says:

    LL – I have tape over the camera of my tablet. Once at the airport I was attempted to connect to their wi-fi. My screen flashed white – eerily reminiscent of a camera flash. I wondered at the time if “they” were attempting to capture my image and tried to flash the screen since they weren’t seeing anything – all programmatically of course.

  79. Larry Ledwick says:

    Looks like we now have 2 legitimate competitor designs for a successor to the SR-71
    Boeing with “Son of Blackbird” and Lockheed Martin with their proposed SR-72

    Note the Lockheed announcement is from 2013 so this has been a work in progress for a bit over 4 years. Given the history of the SR-71, my guess is that both air frames are already in advanced development or perhaps even in early prototype flying test beds by this time, if they are now pushing public disclosure.

    http://www.foxnews.com/tech/2018/01/15/boeings-son-blackbird-hypersonic-strike-aircraft-could-go-five-times-speed-sound.html

    https://www.lockheedmartin.com/us/news/features/2015/sr-72.html

  80. Larry Ledwick says:

    Special deal!
    While it lasts! Buy bugs for your home so unknown people can listen and view your daily life. Now only $165 USD.

    http://www.dailymail.co.uk/sciencetech/article-5273947/Amazon-s-Echo-Spot-coming-UK-later-month.html

  81. philjourdan says:

    I can see how Clippy would cause the false alarm. LOL

  82. Larry Ledwick says:

    renewable energy story on Colorado –

    https://www.vox.com/energy-and-environment/2018/1/16/16895594/colorado-renewable-energy-future

    Does it strike anyone odd that part of this cost comparison chart is priced in Mega Watt Months and the other half is priced in mega watt hours?

    Seems they are mixing apples and oranges here.

    https://www.ppcpdx.org/industry-info/glossary/
    megawatt-hour (MWh): A unit of electrical energy which equals one megawatt of power used for one hour. Electricity prices are frequently quoted in dollars per megawatt-hour.

    megawatt-month (MW-mo): A unit used to measure and price transmission service. A megawatt-month is one megawatt of transmission capacity made available for one month.

  83. jim2 says:

    LL – another major inaccuracy is this: “When a utility puts out a request for proposals (RFP) — asking developers to bid in for the chance to build new energy resources — the developers who respond aren’t guessing, or boasting. They are laying down a marker that might get called.”

    In reality, firms bid as low as possible because the agency may be legally required to accept the lowest big. Even if that isn’t strictly true, it will probably accept the lowest bid anyway to avoid the usual attack dogs complaining they spent more than necessary.

    The then winning company will implement their solution and it will cost more install and/or more to run than the bid stated. The company will then complain and make excuses until they get more money. Seldom are these contracts written such that the company pays a price for underbidding a contract – especially if the customer is the government.

  84. p.g.sharrow says:

    @Larry; I agree, that article and spreadsheet is valueless to base any decision on. The only part that might give any chance of cross checking was Redacted! Liers figure to make their preconceived point. It would appear to me that the cost of dependably dispatch-able electrical wind power is 3 times higher then combustion power. But “Some Day” might be of value! Really? Battery Backup is twice as expensive as direct Combustion supply. Farming the system of rate payers being required to purchase their generation plus government subsidies is the only way Wind & Solar generation can be made to give a valuable ROI to investors. At great cost to those of use that are being Required to pay for it…pg

  85. Larry Ledwick says:

    Another reference to SR-72 which suggests it has crossed a technological threshold (probably in materials science computational capabilities for design and or in production methods [3D printing perhaps] )

    https://www.bloomberg.com/news/articles/2018-01-16/america-s-fastest-spy-plane-may-be-back-and-hypersonic

    Like I mentioned above we might be entering the phase where they are laying the ground work for public reveal of developments that they cannot hide once they start active testing.

    Things like hypersonic ground tracks of sonic booms are not able to be kept from the public in our sensor rich world.

  86. Larry Ledwick says:

    Gee who could have anticipated this outcome? Locals and immigrants fighting in Germany.

    http://gatesofvienna.net/2018/01/the-lugenpresse-and-the-violence-at-the-wurzen-asylum-center/

  87. Another Ian says:

    “How Facebook, Youtube, Twitter and Google silence and crush non-left dissent”

    http://joannenova.com.au/2018/01/how-facebook-youtube-twitter-and-google-silence-and-crush-non-left-dissent/#comments

  88. Larry Ledwick says:

    Things are starting to get out of hand in Sweden now if this guys reports and sense of the issue is correct.

    PeterSweden

    @PeterSweden7
    45 minutes ago
    BREAKING: Massive explosion, handgrenade attack against Swedish police in Malmö RETWEET!

    From twitter:
    PeterSweden
    ‏@PeterSweden7
    1 hour ago
    Here’s a timeline of events in Sweden.

    – Government sends out leaflets to 4.7 million households telling them how to prepare for war.
    – Leader for Swedish Democrat party says “A war is being waged on Swedish society”
    – Swedish PM is considering deploying the army in no-go zones

    PeterSweden
    ‏ 1 hour ago
    Swedish PM: We could “DEPLOY THE ARMY” to tackle gang criminality in Sweden.
    This is a serious admission that something is very wrong in Sweden.
    Could this be why they sent out leaflets to 4.7 million households warning people what to do in case of war?

    [Requires translation]
    https://www.svt.se/nyheter/inrikes/lofven-utesluter-inte-att-satta-in-militar

    PeterSweden
    ‏@PeterSweden7
    37 minutes ago
    BREAKING UPDATE: The police station in Swedish city Malmö has been bombed.
    Appears to be a handgrenade attack.
    Just 2 weeks ago a police car was blown up in Malmö.

    There has been 2 bombing attacks against the police in Swedish city Malmö the last two weeks.

    This is INSANE.

    PeterSweden
    ‏@PeterSweden7
    1 hour ago
    Everything is completely fine in Sweden – NOT.
    I have been trying to report about what is happening in Sweden for months. MSM has ignored it.
    Turns out I have been correct about Sweden all alon.
    @realDonaldTrump has been right about Sweden too.

    https://nypost.com/2018/01/17/sweden-is-preparing-its-people-for-war/

  89. E.M.Smith says:

    About Germany & Sweden:

    Things will get far far worse before they blow up and then they will become better … It takes a lot of blood to wash away Political Correctness Stupidity…

    @SR72:

    When they are talking about secret tech, it has been in production and service for years…

    The SR71 was not retired due to inability, it was retired once something else was doing it better. At first, it was satellites that were the idea… but they brought the SR71 back due to dispatch-ability and cloud issues… BUT, when they retired it again that was because they had something else that was dispatchable and not because clouds went away.

    Remember that we have had a hypersonic air frame flying since the first space shuttle… it is VERY OLD tech at this point.

    @Per Awan:

    Why I’m glad I’m no longer faced with Idiot Upper Management who thinks that cheaper is better…

    The basic problem is that they CAN understand that $320,000 is less than $430,000 but they just can’t make the connection to the technical loss involved in that. All the tech talk explaining it just sounds like “Wa wha waah wa whhaa wa” to them, so they pick the smaller number, collect a bonus, and move on. A year or three later someone else gets the face-plant / palm face moment… (And then I get a phone call…) Oh Well.

    Why I’m finding it very hard to even bother sending a resume out to anyone. After a few decades you realize it just isn’t going to change. I can’t bring myself to build insecure sites, but the TLAs and PRISM soiled companies have made that impossible. THEN, the Executive Class does NOT believe you when you say the chips are insecure, the operating system “of choice” is Swiss cheese full of holes, the network provider is a POP for the TLAs, and using The Cloud is near lunacy as far as security is concerned. All you get is “But all the other companies IT guys do it and don’t have a problem.” (And explaining that the are either idiots or just quit caring enough to bother even trying to it right anymore doesn’t cut it.)

    Yes, I’ve actually had a V.P. say to me that other IT guys didn’t see any problem using (FOO) so why was I making a fuss… The old “How can everyone using Microsoft be wrong?” argument (that started life as “No one ever got fired for buying IBM” a few decades back).

    I wonder if the resent round of “Issues” has begun to penetrate their collective consciousness? Or if it is just more wha waa whaaa wa wha…

  90. Larry Ledwick says:

    India successfully test launches its Nuclear Capable AGNI-5 missile to full range.

    http://www.moneycontrol.com/news/india/in-pics-india-successfully-test-fires-nuclear-capable-icbm-agni-5-2486197-5.html

  91. Larry Ledwick says:

    Holy cow!
    I was wondering how long it would take for something like this to happen.

    Hospitals are banding together to form a non-profit drug company to sell generics at reasonable prices.

    http://denver.cbslocal.com/2018/01/18/hospitals-non-profit-drug-company/

  92. E.M.Smith says:

    Just a little note on my “Moving River” system of the day; Daily Driver:

    Right now I’m posting this from a new Orange Pi One that was a Christmas gift. It’s running the standard XFCE Ubuntu Armbian at the moment. (That is, I’ve install some programs but not changed it over to a Devuan yet).

    Now that I have a real and proper HDMI TV Set on my desktop, it’s just dandy on the display. (Remember that my first one as nothing but a royal PITA to get going since then I only had a DVI adapter monitor… and it didn’t talk to that… so went off to be a file server).

    So far the only “glitch” has been that originally I set it up to be 1080p 60 and it was quite happy that way. Then, after installing some various standard applications like libreoffice and distcc etc. it now reverts to 720p. Go figure… So “someday” I’ll need to figure out why and get it back to full resolution. I’m also not keen on the XFCE interface. It isn’t exactly bad, just I like LXDE a bit more. So a swap of them “someday” too.

    What I’m doing today is just trying it out as a minimal Daily Driver for web pages and stuff. It’s “only” 512 MB of memory, so 1/2 the Pi M3 and 1/4 the Odroid XU4. OTOH, as a quad core chip with a light weight desktop, even that ought to be overkill. With Chromium running as the browser (FireFox crashes… fresh new install too…) and 4 tabs open, it’s at 412 MB out of 495 MB (some set aside for video processing remember…) used. Still, crisp enough and working reasonably well. This is with the fat memory hog Ubuntu at that. I’ll try adding “real swap” on a disk later. Oddly, I’m running this $15 computer with a $25 USB Hub attached and a $60 disk plugged into it… though I’ve not used the disk yet. Still on the $12 mini-SD card for everything in the fresh install.

    With that, and with “car stuff” out of the way too, I hope to catch up some more postings today and this weekend. All trying out my “minimal posting box” system. As of now, it looks like if you already have an HDMI TV, then a $15 computer and even a cheaper-but-fast mini-SD is “enough” computer. You would need one of those integrated USB keyboard/mouse combo’s though as there’s only one real USB port…

    Makes the entry point to “workable computer” about $25 for the system and another $25 to $40 for the keyboard, mouse, power, etc. Still, under $75 if you are extravagant and buy new, and far less if keyboard mouse etc. are scrounged.

    So what’s the future of this board “someday”? I’m going to use the two OrangePi boards in the compute cluster and see how they do. With a chip SD card that would be an all-up about $40 compute node of 4 cores. $10/core connected isn’t bad. This one came with a heavier heat sink, so I think a repeat of the heat test is in order too.

    Eventually it will either go into use as “cheap cluster computes” or become Yet Another Server Appliance. (Perhaps both… nothing prevents running computes on a low importance server that’s not otherwise busy. So, for example, a source archive and build target for keeping all those local apt-get install commands off the public wires would rarely be busy at the same time boards were doing heavy computes. One tends to use heavily, or update systems, but not both at the same time ;-)

    But for a little while, it’s Yet Another Daily Driver with a fresh install and no history on it. Moving target and amnesia about the past usage and all that ;-)

  93. Pingback: W.O.O.D. 19 January 2018 | Musings from the Chiefio

  94. E.M.Smith says:

    @Larry:

    I think Kaiser has had generics in house and cheap for a while now. Not an actual drug company, but widely sourced. Walmart has something like a $4 flat rate generic prescription for many drugs, too.

    Then there are “Generic Drug Companies” that just wait for drugs to come off patent and start cranking them out. This link lists their idea of the top 7:
    https://www.thebalance.com/top-generic-drug-companies-2663110

    I would guess that those hospitals either think they can beat those generic suppliers at their own game, or they are really just making a buyers consortium who will repackage other guys products as their in house brand.

  95. E.M.Smith says:

    Oh, and FWIW at 6 tabs open ( 3 WordPress including edit and management windows that can be a bit heavy as they are interactive) and an advertizing heavy window from one of the linked stories above, the Orange Pi slowed WAAaaayyyy down… for a while. Finally it swapped some out of memory and improved a little. I’ve since turned on swap on a USB stick (fast one) and on a real disk drive; both at higher priority than the built in dinky 128 M of swap on the SD card that’s at negative priority… Now it’s nice and crisp again. Clearly for any multi-page browsing one needs some kind of non-SD swap. The Monster USB Stick seems to work well as it’s a USB 3.0 capable device so is loafing at USB2 speeds. Real disk of course works well, but the sanity of spending $60 on a disk to up the performance of a $15 system is a bit off ;-)

    So clearly the memory limit starts to bite on a bloatware Ubuntu with Chromium and some high page weight pages open. Some Later Day… I’ll see about a cleaner lighter weight build and try to work out how much is Ubuntu, Chromium, pages, whatever… But for now, it’s 4 pages open and think about closing some along with have swap off the SD card on something…

Anything to say?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s