Sunday, January 28, 2018


It was a busy weekend.

My marvelous wife arranged a small family reunion for my parents' SIXTIETH wedding anniversary (!!).

People came from all over: Albuquerque, NM; Richmond, VA; San Diego, CA; Sonora, CA; San Antonio, TX.

The weather complied and we got some great pictures.

It was a wonderful day.

Thank you, one and all!

But especially thank you to my wonderful wife.

Cibola Burn: a very short review

Cibola Burn is Book 4 of The Expanse.

Cibola, a word not previously known to me, is a name of the location visited by Coronado's disastrous expedition to find the city of gold.

This being The Expanse, however, we're far, far away from New Mexico; our expedition to find the city of gold has taken us to New Terra, a.k.a. Ilus, a.k.a. another planet that we get to through the gate.

We're now deep into The Expanse, of course, and many aspects have become familiar, but Cibola Burn does not flag, and picks up from the slightly-disappointing third volume to return to the excitement and thrills that the series is famous for.

As any thriller must, we need a good villain, and Cibola Burn's Murtry is as foul and despicable as you could possibly want.

And there are many other great new characters, including Elvi, the best biologist-nerd-heroine to come along in quite some time:

Scientific nomenclature was always difficult. Naming a new organism on Earth and even in the greater Sol system had a lengthy, tedious process, and the sudden massive influx of samples from New Terra would probably clog the scientific literature for decades. It wasn't just the mimic lizards or the insectlike fliers. Every bacterial analog would be new. Every single-celled organism would be unfamiliar. Earth alone had managed five kingdoms of life. Six, if you agreed with the Fityani hypothesis. She couldn't imagine that the ecosphere of New Terra would turn out to be much simpler.

But in the meantime, the thing living in her eyes -- in all their eyes, except Holden's -- wouldn't even officially be a known organism for years. Maybe decades. It would be officially nameless until it was placed within the larger context of life.

Until then, she'd decided to call it Skippy. Somehow it seemed less frightening when it had a silly nickname. Not that she'd be any less dead if she bumbled into a death-slug, but at this point anything helped. And she was getting a little punchy.

You know you're reading The Expanse when we get to "the thing living in her eyes". I'm doing my best not to spoil it any more.

By this point, I guess, you either love The Expanse, or you have no interest at all, but if you're in that first category, Cibola Burn delivers.

Wednesday, January 17, 2018

Up, up, and away

OK, sports fans, here we go!

A Look Inside Salesforce Tower

Get an inside look through the eyes of an employee working in the building!

Tuesday, January 16, 2018

Oh this is a shame

For the last few years my favorite web site had become The Awl.

And now, no more.


I hope all those EXTREMELY talented writers and editors find good new locations elsewhere.

Saturday, January 13, 2018

Artemis: a very short review

Andy Weir had the debut novel sensation that, surely, every novelist dreams of: The Martian was a world-wide best-seller, stayed on the best-seller lists for almost two years, and was then adapted to become one of the top ten movies of 2015.

You can only imagine what a life-changing experience this must have been for a guy who spent 15 years writing novels while working full time.

Anyway, Weir is now back with his second novel: Artemis.

In various creative fields, people talk about the "sophomore slump", and it surely can't have been easy for Weir to figure out how he wanted to write his next book. I'm sure he was also feeling pressure from both his readers and his publisher to hurry up and deliver another book.

So he did.

Artemis is certainly not the book that The Martian was.

However, both as a standalone effort and as a companion piece, it is quite interesting.

And, as you should probably grow to expect from Weir, it's a rollicking roller-coaster adventure ride of a book.

But while The Martian was a book about humans who were in space, and wanted to get back to Earth, Artemis is a book about people who were on Earth, and have decided that they want to live in space.

Weir is very interested in the notion of what it would mean for humans to be living somewhere other than on Earth, which is indeed a fascinating thing to think about, and Artemis is of most interest when you look at it from that viewpoint.

Artemis, as it turns out, spends most of its time spinning tales of completely ordinary experiences that have much more to do with being human beings, than with being in outer space. Rather than being just a sterile laboratory occupied by scientists, as so many "outer space" books are, Weir's outer space civilization is full of everything that makes us human. There are bars, casinos, and night clubs; there are prostitutes, drug dealers, and smugglers; there are petty rivalries, dirty laundry, and double-dealing.

But, most of all, there are complex systems, and, as was true with The Martian, it is when dealing with interesting complex systems that Weir's book is at its most interesting (even if great literature it ain't):

He wiggled his hand. "That wasn't just you. There were a lot of engineering failures. Like: Why aren't there detectors in the air pipeline for complex toxins? Why did Sanchez store methane, oxygen, and chlorine in a room with an oven? Why doesn't Life Support have its own separate air partition to make sure they'll stay awake if the rest of the city has a problem? Why is Life Support centralized instead of having a separate zone for each bubble? These are the questions people are asking.

Moreover, as Weir observes, these aren't actually engineering questions at their root; they are questions about how we organize our societies, a question which is just as important and relevant in outer space as it is here on Earth:

"The next big step is taxes."

"Taxes?" I snorted. "People come here because they don't want to pay taxes."

"They already pay taxes -- as rent to KSC. We need to change over to a property-ownership and tax model so the city's wealth is directly tied to the economy. But that's not for a while."

She took off her glasses. "It's all part of the life-cycle of an economy. First it's lawless capitalism until that starts to impede growth. Next comes regulation, law enforcement, and taxes. After that: public benefits and entitlements. Then, finally, overexpenditure and collapse."

"Wait. Collapse?"

"Yes, collapse. An economy is a living thing. It's born full of vitality and dies once it's rigid and worn out. Then, through necessity, people break into smaller economic groups and the cycle begins anew, but with more economies. Baby economies, like Artemis is right now."

Although Artemis ultimately fails as a work of literature, it is promising as a hint of what Weir is interested in, and where he might go.

Humans in space is a fascinating concept, and thinking about it realistically, rather than in some fantastic sterile implausible laboratory fashion, is how we're going to get to a point where we're actually ready to have humans in space. Building space ships and sending people out in them is just an engineering problem, and we'll solve that, probably pretty soon. But economics, politics, crime, government? These are actually HARD problems.

Writing about them, thinking about them, sharing those ideas, is one way to make it real, and for that, if for nothing else, I enjoyed reading Artemis and will look forward to Weir's next work.

Wednesday, January 10, 2018

Public Equity 501

A short lesson, this time; perhaps our education is nearing completion and we are moving on to become graduate students?

Clearlake Capital Acquires Perforce Software

Clearlake Capital Group, L.P. (together with its affiliates, “Clearlake”) today announced that it has acquired Perforce Software (“Perforce” or the “Company”), developer of the industry’s most flexible, scalable and secure version control and collaboration platform, from growth equity investor Summit Partners. The Company will continue to be led by Janet Dryer, CEO, and Mark Ties, COO, who will both join the Board of Directors alongside Clearlake. Financial terms were not disclosed.

Saturday, January 6, 2018

The Silk Roads: a very short review

Peter Frankopan's The Silk Roads: A New History of the World is an extremely ambitious book.

It sets out to survey, in a single 500 page volume, some 2000+ years of history of the region which, roughly speaking, spans from Turkey and Egypt to Mongolia and Pakistan in the one direction, and from Yemen to Russia in the other.

That's a lot of land, and a lot of time, to cover.

Certainly if you, like me, struggle to distinguish Basra from Bactria, Samarkand from Sanjan, Karakorum from Kashgar, Mosul from Mashad, Dushanbe from Dunhuang, or Istanbul from Isfahan (ok, well, that last one I knew), then you'll find a lot to learn in this history of human activity in Central Asia over the last few thousand years.

And it's certainly a colorful book, full of great stories of traders, adventurers, explorers, merchants, prophets, and their interactions.

(Attila the Hun! Genghis Khan! Richard Lionheart! The Black Death! Vasco da Gama! T.E. Lawrence! Timur! Marco Polo!)

It's an immense scope, though, and Frankopan can barely get going on one episode before he races on to the next, breathless and impatient, rather like the White Rabbit: always in a hurry, but not quite sure where he's going.

I didn't mind any of the minutes I spent with The Silk Roads, but in the end I'm afraid that this part of the world is still rather a blur to me, which is a shame, because I think that's precisely the problem that Frankopan set out to solve.

Would he have been more successful (with me, at least), had he confined himself to a smaller region, or a shorter time period, the better to have used those pages to spend more time inhabiting particular incidents and characters? I'm not sure. I'm not much of a reader of histories, so I suspect this problem is just endemic to the genre, and it really just means that while his book was fascinating, I'm not really the target audience.

Thursday, January 4, 2018

RowHammer strikes again

Before we get to the main event (just be patient), I want you to first spend a little time with something that I think is actually a much MORE interesting story about computer security: The strange story of “Extended Random”

Yesterday, David Benjamin posted a pretty esoteric note on the IETF’s TLS mailing list. At a superficial level, the post describes some seizure-inducingly boring flaws in older Canon printers. To most people that was a complete snooze. To me and some of my colleagues, however, it was like that scene in X-Files where Mulder and Scully finally learn that aliens are real.

Why is this such a great story?

  1. Well, for one thing, it's been going on for more than a decade. That's a long time.
  2. For another thing, the technology involved is quite complex: multiple software systems have to interact, in quite complex ways
  3. And for another thing, at least one part of the overall vulnerability involves simply including additional COMPLETELY RANDOM DATA in your messages over the network. How is adding some extra random data a vulnerability? (You'll have to read the article for yourself)
  4. But most importantly, as opposed to most computer security vulnerabilities, this isn't simply an implementation mistake made by some systems programmer; from everything we can determine, it is actually the result of deliberate sabotage by our own government, sabotage so subtle that, fifteen years later, the best cryptographic minds in the world are still picking through the details.

Anyway, enough of that.

I know what you came here for.

You want to hear what good old RowHammer has been up to over the last couple years, right?!

Well, unless you've been living in a cave (and who reads blogs if they live in a cave?), you know that what we're talking about here is Reading privileged memory with a side-channel, also known as: "the latest amazing work by the astonishing Google Project Zero team."

Well, anyway, here are the goods:

  • Reading privileged memory with a side-channel
    We have discovered that CPU data cache timing can be abused to efficiently leak information out of mis-speculated execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts.
  • Meltdown and Spectre
    These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs.
  • Meltdown
    Meltdown allows an adversary who can run code on the vulnerable processor to obtain a dump of the entire kernel address space, including any mapped physical memory. The root cause of the simplicity and strength of Meltdown are side effects caused by out-of-order execution.
  • Spectre Attacks: Exploiting Speculative Execution
    in order to mount a Spectre attack, an attacker starts by locating a sequence of instructions within the process address space which when executed acts as a covert channel transmitter which leaks the victim’s memory or register contents. The attacker then tricks the CPU into speculatively and erroneously executing this instruction sequence, thereby leaking the victim’s information over the covert channel. Finally, the attacker retrieves the victim’s information over the covert channel. While the changes to the nominal CPU state resulting from this erroneous speculative execution are eventually reverted, changes to other microarchitectural parts of the CPU (such as cache contents) can survive nominal state reversion.
  • Mitigations landing for new class of timing attack
    Since this new class of attacks involves measuring precise time intervals, as a partial, short-term, mitigation we are disabling or reducing the precision of several time sources in Firefox. This includes both explicit sources, like, and implicit sources that allow building high-resolution timers, viz., SharedArrayBuffer.
  • KASLR is Dead: Long Live KASLR
    In this paper, we present KAISER, a highly-efficient practical system for kernel address isolation, implemented on top of a regular Ubuntu Linux. KAISER uses a shadow address space paging structure to separate kernel space and user space. The lower half of the shadow address space is synchronized between both paging structures.
  • The mysterious case of the Linux Page Table Isolation patches
    Of particular interest with this patch set is that it touches a core, wholly fundamental pillar of the kernel (and its interface to userspace), and that it is obviously being rushed through with the greatest priority. When reading about memory management changes in Linux, usually the first reference to a change happens long before the change is ever merged, and usually after numerous rounds of review, rejection and flame war spanning many seasons and moon phases.

    The KAISER (now KPTI) series was merged in some time less than 3 months.

  • Quiet in the peanut gallery
    I wish there were some moral to finish with, but really the holidays are over, the mystery continues, and all that remains is a bad taste from all the flack I have received for daring intrude upon the sacred WordPress-powered tapestry of a global security embargo.
  • Re: Avoid speculative indirect calls in kernel
    I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed.

    .. and that really means that all these mitigation patches should be written with "not all CPU's are crap" in mind.

    Or is Intel basically saying "we are committed to selling you shit forever and ever, and never fixing anything"?

  • Today's CPU vulnerability: what you need to know
    The Project Zero researcher, Jann Horn, demonstrated that malicious actors could take advantage of speculative execution to read system memory that should have been inaccessible.

It's pretty interesting stuff.

It will take a while to dig through and think about.

But, it's important to note: this is primarily an attack against large, shared servers, which typically run software on behalf of many unrelated parties on the same physical system, using techniques such as "virtualization", or "containers".

Think "cloud computing."

Those environments are the ones which are spending the most amount of time thinking about what these new findings mean.