Shared posts

06 Oct 22:28

When Tailwinds Vanish: The Internet in the 2020s

Link: https://luttig.substack.com/p/when-tailwinds-vanish

The Internet tailwinds that propelled Silicon Valley’s meteoric growth for decades are stalling out. The ripple effects will jolt the tech industry.

By [[John Luttig]] https://luttig.substack.com/p/when-tailwinds-vanish


Like any mature industry, Silicon Valley must battle to maintain growth in the face of immense economic gravity. For the first time in Internet history, startup growth will require a push from the company and not a pull from the market. Unlike the organic pull that drove many of the dotcom-era successes, today’s Internet startups need to fight for growth by investing more heavily into sales, marketing, and operations.


A shift from R&D to SG&A will operationalize Silicon Valley, leaving room for new financial infrastructure. VCs will need to take risks on vision, not numbers. And the founders and operators of tomorrow won’t look like those of the past 20 years.


Software companies founded today are competing less with pen and paper than with other Internet-first incumbents. Put another way, as happens in every maturing industry before it, Internet company revenue will become zero-sum. As a corollary, the time between founding years of software startups and their competitive incumbents is shrinking:


To pose the inverse of the opex reduction question: if you had an extra million dollars for your startup, where would you spend it?

In the immature Internet era, a consumer Internet company would likely invest this money into R&D by hiring engineers, product managers, or designers.

As a SaaS company, you’d spend an extra million to hire more sales reps or run a marketing campaign. These SG&A investments are a prerequisite to drive business growth. Relative to the R&D-driven growth of early Internet companies, SG&A will become the primary growth vector in the 2020s.


For startups taking R&D risk in new technological areas, the founding team may look like something we can’t pattern match to historical successes. Maybe it’s a scientist in his garage who escaped the tendrils of academia. Or your first hire for the founding team is no longer your college roommate, but an expert in your startup’s industry.


27 Sep 23:13

[RIDGELINE] Disaster, Averted?

by Craig Mod
Ridgeline subscribers — Let me try to explain how I’ve felt these past few weeks by way of pained or overreaching metaphor: It was as if we were all walking the Shikoku pilgrimage together — all of you out there reading, and especially all of you who had purchased Kissa by Kissa, and the printers I was working with, and, who knows who else. Spirits and demons, I imagine from past lives.
27 Sep 06:22

Fifth Generation Management

Link: https://breakingsmart.substack.com/p/fifth-generation-management

I want to talk about an idea I call fifth-generation management. 1/ [[Fifth-generation management is an emerging style of management we don’t know much about because it doesn’t actually exist yet.::highlight]] But it is guaranteed to emerge post-Covid because historically, big sharp disruptions have reliably triggered discontinuous changes in management culture, and it is already clear that this one is doing that.

By [[vgr]] from his [[Breaking Smart]] newsletter https://breakingsmart.substack.com/p/fifth-generation-management

Forwarded to me by @cambel, who also tagged @catthekin as starting to practice this fifth generation management. Feels like [[Wardley Maps]] fit in here as well, plus the [[Pioneers, Settlers, and Town Planners]] concepts. Well, just channeling [[Simon Wardley]] generally.

27 Sep 06:20

Fifth Generation Management

by Boris Mann

I want to talk about an idea I call fifth-generation management. 1/ [[Fifth-generation management is an emerging style of management we don’t know much about because it doesn’t actually exist yet.::highlight]] But it is guaranteed to emerge post-Covid because historically, big sharp disruptions have reliably triggered discontinuous changes in management culture, and it is already clear that this one is doing that.

By [[vgr]] from his [[Breaking Smart]] newsletter https://breakingsmart.substack.com/p/fifth-generation-management

Forwarded to me by @cambel, who also tagged @catthekin as starting to practice this fifth generation management. Feels like [[Wardley Maps]] fit in here as well, plus the [[Pioneers, Settlers, and Town Planners]] concepts. Well, just channeling [[Simon Wardley]] generally.

27 Sep 06:11

Web Feeds

by Boris Mann
Link: https://images.weserv.nl/

@MattWebb built About Feeds to explain web feeds. Introducing About Feeds is his intro article.

aboutfeeds.com is a single page website, for linking wherever you keep your web feed.

If you go to the homepage of this very blog you’ll see a header on the left that says “GET LATEST POSTS”. Next to that is a link that says “FEED.” As we all know, that link is broken unless you have a newsreader app installed. And so next it is a new link that says: HELP! WHAT IS A FEED?

I added a [[Feeds]] page. Right now, just RSS. Why not just call it RSS? Well, there’s Atom, there are [[JSON Feeds]], and [[ActivityPub]] / [[ActivityStreams]] are all under the bigger umbrella of Web Feeds.

27 Sep 04:48

Twitter Favorites: [gaminginthewild] My brain is still somehow struggling to accept that Inigo Montoya from The Princess Bride is also Saul Berenson fro… https://t.co/JE6pJm39S0

Gaming In The Wild @gaminginthewild
My brain is still somehow struggling to accept that Inigo Montoya from The Princess Bride is also Saul Berenson fro… twitter.com/i/web/status/1…
27 Sep 04:39

Instapaper Liked: The Era of Visual Studio Code

Monday, Sep 21, 2020 The Era of Visual Studio Code The most important thing I look for when choosing which tools to use is longevity. Learning software is an…
26 Sep 23:55

Amazon cancels TV adaptation of Culture series

by Rui Carmo

I’m quite a bit saddened by this, as I was quite looking forward to see how one of my favorite Sci-Fi series would translate to the screen. There is so much about The Culture that makes it a cult classic, and so much to explore.


Want to show your appreciation?
26 Sep 23:54

IndieWebCamp: Domain of One’s Own Meetup

by Reverend

This past Tuesday I attended the second Indie WebCamp generously hosted by Chris Aldrich focused on Domain of One’s Own. The format is a more focused 10-15 minute talk around a specific technology, in this meeting Tim gave folks a walk-though of Reclaim Cloud, and then opens up to the 21 attendees for anyone to share something they are working on. Tim shared the Cloud, and not only was I thrilled to see Jon Udell in attendance, but it’s always nice when one of your tech heroes tweets some love for your new project. Even better when you know they’re not one to offer empty interest and/or praise. Thanks Jon!

It was also very cool to read Will Monroe write-up of the session, and like him I found it a “very friendly group” and I realized while attending that this kind of low-key chatting and sharing is one of the things I have missed these days. Folks like Will who want to explore what’s possible in their classroom with Domains and beyond is a big part of what I miss about the day-to-day work of an edtech in an institution. And while I’m not necessarily chomping at the bit jump back into that game given the current circumstances, the ability to share and chat with folks who are interested in Domains is always a welcome opportunity.

During the sharing portion of the meetup Jean Macdonald, community manager at mico.blog, turned me on to the Sunlit project while I was bemoaning the dearth of open source alternatives to photo sharing apps like Instagram. Soon after I finally took the leap and signed up for a mico.blog to explore that platform. That platform has been a indieweb cornerstone for many folks I respect like John Johnston, Kathleen Fitzpatrick, and Dan Cohen to name just a few. So I wrote my first post:

What was even cooler was the fact that while writing this post I logged back into micro.blog and discovered a few folks had welcomed me to the micro.blog community, including Jean Macdonald and Dan Cohen—that makes all the difference.

I’m sold, so the IndieWeb meetup was a total win for me, and I look forward to the one next month. I am going to start getting serious about headless WordPress development for my new website at jimgroom.net, inspired by Tom Woodward’s talk for #HeyPresstoConf20

So, I’ll have something to share in my journey to learn WordPress headless, which will mean learning javascript, CSS, and some other insanity I am not entirely ready for. I have to give a special thanks to Chris Aldrich for putting this together and working to create a space to talk Domain of One’s Own within the IndieWeb community, and I know Greg McVerry has been pushing hard on this for a while now as well, so it is very much appreciated!

26 Sep 23:51

Embrace the mess if you want to do better knowledge work

by Jim

I’ve been deeply immersed in the recent profusion of new ideas, apps, and initiatives in the knowledge work  space. I’ve been working to make sense of a host of terms and concepts and discern their relevance to my own work. A partial list of those concepts (with some pointers to good entry points) includes:

There’s also a recent uptick in applications and services offering a path to implementing these ideas. These new apps are also fighting for mindshare with a set of existing apps. A very partial list (basically those apps I have experimented with or use with some regularity) includes:

Software developers, entrepreneurs, and evangelists of all stripes have to make the spine of their application, service, or approach clear and compelling. You’ve got to be a believer if you’re going to put in the time and effort to build something new. Early adopters also tend to be believers.

I tend to be an early adopter in many settings. But I’m also an old fart, so I’ve been jilted many times. Scar tissue provides perspective.

One of the drivers behind this surge in new work is the inexorable shift to knowledge work. Knowledge work is different from so much of the work that organizations have learned to manage and control. No matter what the bean-counters and compliance managers would like, knowledge work is inherently messy.

There’s a distinction in the world of early AI research that is useful in this context. The early world of AI research broke into two camps on the nature of intelligence; the “neats” and the “scruffies.” I took a look at this argument a number of years back in an earlier blog post on the realm of knowledge work–Knowledge management: the latest battle between the neats and the scruffies.

I once aspired to being a “neat”–business school is fundamentally targeted towards those who cherish and desire to impose order. The reality, linked no doubt to my ADD, is that I will always be a “scruffie.”

Fortunately, the world now aligns more closely with my “disorder.” You can’t get to “neat” without traveling through “scruffie.”

The challenge is that nearly all of the evangelizing and advice about new ideas is packaged as though that journey is over or, at least, easy. We get a “neat” picture of the destination. The journey is left as an exercise for the reader.

Even if the developers and early adopters acknowledge that there is a journey to be made, they gloss over the messy parts. If they share any details of the necessary hero’s journey, they offer just enough of the ugly parts to burnish their story. Preparing you for what you will encounter just gets in the way of the next chapters of their stories.

The absolutely essential step if you want to travel the path to being more effective as a knowledge worker is to accept that you have to walk the path for yourself. Seeking out more honest accounts of those who have traveled before you can help. Finding guides who can walk with you and help you avoid the quicksand and tar pits is even better.

But you’re still going to get dirty.

The post Embrace the mess if you want to do better knowledge work appeared first on McGee's Musings.

26 Sep 06:25

The whole: - Mail in ballots are fraud - We will support whoever wins on November 3rd (ignoring counted mail votes after that) - Rush a 3rd supreme court pick (who rules on elections) - Not committing to peaceful transition of power That's like....coup stuff yeah?

by DarkViperAU
mkalus shared this story from DarkviperAU on Twitter.

The whole:
- Mail in ballots are fraud
- We will support whoever wins on November 3rd (ignoring counted mail votes after that)
- Rush a 3rd supreme court pick (who rules on elections)
- Not committing to peaceful transition of power

That's like....coup stuff yeah?




125 likes, 3 retweets
26 Sep 06:24

RT @pointlesslettrs: “No spoilers for what’s coming in 2021 but let’s just say that the ability to live through food shortages while rememb…

by Pointless Letters (pointlesslettrs)
mkalus shared this story from mrjamesob on Twitter.

“No spoilers for what’s coming in 2021 but let’s just say that the ability to live through food shortages while remembering to doff your cap and thank the toffs for the privilege will be a definite plus.” pic.twitter.com/9G6BKztod9



Retweeted by James O'Brien (mrjamesob) on Friday, September 25th, 2020 3:32pm


466 likes, 161 retweets
26 Sep 06:23

Weeknotes: software carpentry, compiling modules for SQLite

This week I completed the Software Carpentry instructor training course, added two foundational features to sqlite-utils and learned how to compile modules for SQLite.

Software Carpentry

This week I took the two day instructor training course put on by Software Carpentry. I've been wanting to do this for over a year now, so I'm excited to have finally found the time to attend the workshop.

The Carpentries is a really interesting non-profit organization. Their mission is to "teach foundational coding and data science skills to researchers worldwide" - but I've always thought of them as teaching software engineering fundamentals to scientists - things like version control!

It turns out I've been following the carpentries project for fifteen years now, ever since their founder Greg Wilson started writing about his efforts to bring software engineering to scientists on his blog.

As you would expect from an organization that specializes in workshop education, the workshop they put on teaching you how to run workshops is top notch. Their curriculum materials, forged by a process of continuing tweaks over hundreds if not thousands of presentations, are superb. I aspire to produce educational documentation this good some day.

An interesting aspect of Carpentries is that every workshop is presented using live coding - no slides! The instructor works through the same material as the learners, talking through each line of code as they run it. The kind of thing you would normally use slides for (diagrams etc) instead lives in the workshop handouts. Take a look through their Databases and SQL course to get an idea of how that works.

I have to complete a couple more steps, but once I've done that I'll be a certified instructor for the program - which means I can volunteer to help run their workshops in the future.

SQLite3 modules

I had two encounters with compiled SQLite modules this week.

One of my favourite lesser-known features of PostgreSQL is trigram indexes. The short version is: they make where text like '%something%' queries run crazy-fast. Normal indexes just speed up prefix% like searches, but trigrams work for strings in the middle of other strings as well.

I started a thread on the official SQLite forum asking about trigram index support, and proposed that maybe it could be achieveable using a custom SQLite FTS tokenizer. Core SQLite maintainer Dan Kennedy replied with a complete, working implementation of exactly that, written in C!

With Dan's permission I've published his code in a sqlite-fts5-trigram GitHub repository. In doing so I figured out how to build it for macOS, and then hooked that build script up to a GitHub Actions workflow that produces a compiled ftstri.so module ready for anyone on macOS to run themselves.

Just one problem: it turns out binary modules like that need to be signed for macOS before anyone can run them. That's a step beyond me at the moment, but I may revisit that in the future.

The other complied module I learned to use this week is spellfix.c, see my TIL Compiling the SQLite spellfix.c module on macOS. I needed these because I've started expereminting with Plex as a home media server, and it turns out Plex runs on SQLite! The catch is that it uses the spellfix module, which means you can't open the Plex database in Datasette without first compiling that module for use with --load-extension - see the TIL for details.

sqlite-utils

I shipped sqlite-utils 2.20 and 2.21, and wrote about the big new features in two blog entries here:

The extract operation in sqlite-utils 2.20 was taking 12 minutes to execute against a table with 680,000 rows. I had a rethink of how it worked and got that down to just 4 seconds in sqlite-utils 2.21!

I worked on these as part of my ongoing exploration of Datasette and sqlite-utils as tools for cleaning up and refactoring data. They fill some key holes in the tooling I've built so far.

I'm already using transform to build out the next phase of my datasette-edit-tables plugin. See issue #11 for notes on work-in-progress support for editing table schemas directly in Datasette.

Screenshot of datasette-edit-tables showing an interface for editing and re-ordering columns

TIL this week

Releases this week

25 Sep 20:10

Netflix opening new production hub outside of Vancouver

by Brad Bennett
Netflix

Netflix is expanding its Canadian footprint by opening a new production hub in Burnaby, British Columbia.

The streaming giant has taken a long-term lease at seven separate soundstages in the Canadian Motion Picture Park studio complex, according to a report from The Hollywood Reporter. This city is located just outside of Vancouver.

The complex has a total of 18 soundstages and 25 acres of space. The streaming company says it plans to shoot a yet to be announced project from Graham King, a producer who has worked on big-budget movies like The Departed and Bohemian Rhapsody. 

This is Netflix’s second Canadian production hub and follows the eight soundstages it leases in the Toronto area. It makes sense for the streaming giant to expand to Vancouver since the city and the dramatic topography help the area play many other locations around the world.

Netflix has previously shot Originals like Lost in Space, Chilling Adventures of Sabrina, Altered Carbon and Another Life in the area.

Source: The Hollywood Reporter

The post Netflix opening new production hub outside of Vancouver appeared first on MobileSyrup.

25 Sep 20:09

Guided Tour of the Precursor Motherboard

by bunnie

We talk a lot about “verifiable hardware”, but it’s hard to verify something when you don’t know what you’re looking at. This post takes a stab at explaining the major features of the Precursor motherboard by first indicating the location of physical components, then by briefly discussing the rationale behind their curation.

Above is a photo of a pre-production version of Precursor, annotated with the location of key components. Like software, hardware has revisions too. So, when verifying a system, be sure to check the revision of the board first. The final production units will have a clear revision code printed on the back side of every board and we’ll tell you where to look for the code once the location is finalized. There will be a few changes to the board before production, which we’ll talk about later on.

But what do all the components do, and how are they connected? Above is a block diagram that tries to capture the relationship between all the components.

Trusted and Untrusted Domains

First and foremost, you’ll notice that the design is split into two major domains: the “T-domain” and the “U-domain”. “T” stands for “Trusted”; “U” stands for “Untrusted”. A simplified diagram like this helps to analyze the security of the system, as it clearly illustrates what goes into and out of the T-domain; in other words, it defines the hardware attack surface of the trusted domain. Of course, not shown explicitly on the diagram are the side-channels, such as RF emissions and power fluctuations, which can be used to exfiltrate secret data. Very briefly, RF emissions are mitigated by enclosing the entire T-domain in a Faraday cage. Meanwhile, power fluctuations are mitigated partially through local filtering and partially through the use of constant-time algorithms to perform sensitive computations.

As the “Trusted” name implies, the T-domain is where the secrets go, while the U-domain acts as a first-level firewall to the untrusted Internet. The U-domain is explicitly designed for very low power consumption, so that it can be “always on” while still providing several days of standby time. We refer to the FPGA inside the U domain as the Embedded Controller (EC), and the FPGA inside the T-domain as the System on Chip (SoC) or sometimes simply as “the FPGA”.

Power Management and the Embedded Controller (EC)

The intention is that the always-on EC listens for incoming wifi packets; only once a valid packet is received will the T-domain be powered on.

Using a low-power EC separate from the SoC allows power-hungry processing to be done in bursts, after which the T-domain powers itself off. Thanks to the “memory LCD” that we have chosen, the display can appear persistently even when the T-domain is powered down. Of course, leaving data on the screen while the T-domain is powered down is a potential security risk, but users can adjust the power policy to trade off between security and battery life based on their particular use case and threat scenario. We anticipate that the T-domain running full bore with no power management would exhaust an 1100 mAh battery in about 6-7 hours. Any time spent in an idle state will greatly extend the battery life; thus for a hypothetical messaging application where the CPU is only active during periods of typing and data transfer, one should be able to achieve a full day of use on a single charge.

Mapping the T-Domain Attack Surface

Extending the boundary of trust to include human-facing I/O is a core tenet of the Precursor secure design philosophy. Thus, the T domain also includes the keyboard, LCD, and audio elements. This is because deferring the rendering of messages to an untrusted display means that any cryptography used to secure messages can be trivially defeated by a screen scraper. Delegating keystrokes to an untrusted touch controller likewise offers a quick work-around for capturing outgoing secrets through a keyboard logger. To mitigate/prevent this, Precursor incorporates an LCD that can be verified with an optical microscope and a physical keyboard that is trivial to verify with the naked eye. Precursor also forgoes an integrated microphone and instead favors a 3.5mm headphone jack, thus putting users solidly in control of when the device may or may not have the ability to record a conversation.

The green boxes in the block diagram above are connectors. These are items that plug into components that are not integrated into the mainboard. With this in mind, we can define the attack surface of the T-domain. We can see that we expose GPIO, USB, and JTAG to external connectors. We also have a bus to the U-domain that we call the COM bus, as well as a pair of quasi-static pins to communicate power state information and a set of pins to monitor the keyboard for user wake up events. Let’s explore each of these attack surfaces in a little more detail.

  1. JTAG A user is required to glue shut the JTAG port when the system needs to be sealed and secrets made inaccessible. This is done by placing a metal shield can over the T-domain and dabbing a specially formulated epoxy into the holes. This simultaneously completes the Faraday cage which reduces side band emissions while making the JTAG port more difficult to access.
  2. GPIOs and USB In its default configuration, the GPIOs are inert, and thus a difficult attack surface. We also advocate leaving the USB pins disconnected for secure applications; however, developers may opt to wire them up inside the FPGA, at the risk of opening up the expansive USB attack surface.
  3. Raw Power Input The primary postulated attack surface resulting from the raw power input are glitches. Denial of service is of course also an issue, by removing power or by destroying the system by applying too high a voltage; but these are beyond the scope of this discussion. The primary countermeasure against raw power input glitches is a reset monitor that will extend any glitch into a several-millisecond long reset signal if the voltage drops below a prescribed level. Furthermore, local filtering, regulation and power storage removes very short glitches. All T-domain power signals are routed so they are fully contained within the T-domain shield can. No T-domain power signals are exposed as outer-layer traces or vias on either the top or back side of the PCB outside of the T-domain shield.
  4. Power State Pins The power state pins allow the EC to coordinate with the FPGA SoC on the current power state. They are structured as “read only” from the SoC, and are also considered to be “advisory”. In other words, the SoC is capable of independently forcing its own power into the on-state; therefore the EC is only able to shut down power to the SoC when it is explicitly allowed by the T-domain. This minimizes the risk of the EC attempting to perform a glitch attack against the SoC by manipulating its access to power.
  5. Keyboard Wakeup Pins In order for the EC to know when to power on the system, the EC also has access to a pair of row/column pins on the keyboard matrix. This enables the EC to respond to a two-key chord to wake the system from sleep; however, it also means the EC can potentially monitor a few keys on the keyboard, leading to a potential information leakage. This is mitigated by a set of hardware isolation switches which the SoC uses to deny EC access to the keyboard matrix once the system is powered on.
  6. Audio is rendered by way of a CODEC chip. The DVT prototype shown in the photo above uses the LM49352, but a few months ago it was announced to be end-of-life by the vendor, TI. For production, we plan on employing the TLV320AIC3100, a functionally equivalent CODEC which will hopefully have a longer production lifetime. The CODEC chip integrates all the circuitry necessary to amplify the microphone, drive a pair of headphones, and also drive a small speaker for notifications. While it is possible to bury implants within the audio chip, it’s thought that any implant large enough to either record a useful amount of conversation or to do speech-to-text processing of the conversation would create an easily detectable size or power signature, or both. The headphone jack is wired for optimum compatibility with headsets from the Android ecosystem.
  7. COM bus Finally, the COM bus is an SPI interface used by the T-domain to talk to the rest of the world. It is directly connected to the EC. The COM bus is structured so that the SoC is the sole controller of the SPI bus; the EC is not able to send data to the SoC unless the SoC allows it. Further packet-level and protocol-level countermeasures are required on the COM bus to harden its attack surface, but at the end of the day, this is the primary pathway for data to reach the T-domain from the outside world, and therefore it should be the primary focus of any software-oriented attack surface analysis.

It is important that COM bus packets be authenticated, encrypted, and serialized prior to hand-off to the EC; the EC can only put T domain data into the appropriate envelopes for routing on the Internet and no more. This allows us to safely delegate to the EC the job of mapping COM bus packets onto a given network interface.

COM Connects to the Internet

Secure software running on the T-domain should be as oblivious as practical as to what type of Internet connection is implemented by the EC. Thus whether the EC routes COM packets to wifi, LTE, bluetooth, or Ethernet should have no bearing on the security of the T-domain.

For Precursor, we have chosen to add a Silicon Labs WF200 wifi chip to the EC as a primary means of Internet connectivity. The Silicon Labs WF200 contains a substantial amount of un-trustable code and circuitry; however, because the WF200 is in the Untrusted domain, we have no need to trust it, just as we have no need to trust the cable modem or the core network routers on the Internet.

Thus we can safely leverage the substantial co-processing within the WF200 to handle the complications of associating with WAPs, as well as other MAC/PHY-level nuances of wireless Ethernet. This allows us to substantially reduce the power requirements for the system during “screen off” time when it is mainly waiting to receive incoming messages. Furthermore, the WF200 has a well-characterized low power mode which agrees well with bench measurements. This is different from the ESP32, which as of a year ago when the evaluation was done, advertises low power but suffers from power-state transition nuances that prevent a practical system from achieving overall low power consumption.

The EC takes care of uploading firmware to the WF200, as well as servicing its interrupts and transcribing received packets to the T-domain. In addition to these responsibilities, the EC can detect if the system has been physically moved during standby by polling an IMU, and it also manages the battery charger and gas gauge. It also provides a ~1Hz square wave to the LCD that is required by the LCD during standby to continue displaying messages properly.

Random Number Generators

The T-domain includes a discrete TRNG. This is meant to complement a TRNG integrated into the SoC itself. The benefit of a discrete TRNG is that it can be verified using common lab equipment, such as an oscilloscope; the drawback of a discrete TRNG is that an attacker with physical possession of the device could manipulate its output by drilling through the RF shield and dropping a needle onto millimeter-scale component pads.

The integrated TRNG inside the SoC is less vulnerable to attack by a physically present attacker, but at the expense of being difficult to manually verify. Thus, we provision both discrete and integrated TRNGs, and recommend that developers combine their outputs prior to use in secure applications.

Keeping Time

A sense of time is important in many cryptographic protocols, thus a Real Time Clock (RTC) is a security-critical element. We chose an RTC that integrates both the crystal and the clock chip into a single hermetically sealed package to reduce the attack surface available to a physically present attacker to manipulate time. The chosen RTC also incorporates basic clock integrity checking, which helps to mitigate simple glitch attacks against the RTC.

RAM: Why 16MiB?

We provide 16MiB of battery-backed SRAM for secure computations. We made it battery-backed so as to reduce the standby/resume overhead of the system, at the expense of creating a potential attack surface for physically present attackers to recover data from the system.

The choice of 16MiB of SRAM was deliberate and motivated by several factors:

  1. Power A larger DRAM would have required using the DRAM PHY on the SoC. This interface is extremely power hungry and would have more than doubled the amount of power consumed when the system is on. Furthermore, keeping the DRAM in self-refresh mode would disallow powering down the FPGA entirely, meaning that the substantial standby leakage power of the SoC would count against the “screen-off” time.
  2. Code complexity Precursor is a spin-off from the Betrusted project. One of Betrusted’s goals is to build a codebase that could be audited by an individual or small group within a reasonable amount of time. Choosing a small amount of RAM is the equivalent of burning the boats before a battle to force an advancing army into a win-or-die situation; it confines every choice made in the OS and application layers to prefer simpler, less complex implementations at the expense of more development time and fewer features.
  3. Roadmap Eventually, we would like to fit the entire T-domain of Precursor into the footprint of a single chip. Incorporating hundreds of megabytes of RAM on-chip is impractical, even in aggressive process nodes. In a more realistic 28 or 40nm node, we estimate 4-16MiB is a potentially practical amount of RAM to incorporate in a low-cost, low-power, mass-market implementation. Provisioning Precursor with a similar amount of RAM helps to ensure code developed for it will have a migration path to more highly integrated solutions down the road.

Self-Destruct Mode

Finally, we have provisioned a “self-destruct” feature for users that opt to use battery-backed AES keys to protect their FPGA image. The “self-destruct” mechanism consists of a latch built using discrete transistors. During normal power-on, the system latches into a “normal” mode of operation. However, when the SoC asserts the “KEY_KILL” pin, the latch switches into the “kill” mode of operation. Once in the “kill” mode, power is cut to the T-domain – including the power that backs up the AES key. There is also a set active pull-downs which rapidly discharge the relevant voltage rails to ensure the power lines drop to a level suitable for data erasure in a matter of milliseconds. Although the data erasure only takes a fraction of a second, the only way to get out of “kill” mode is to remove the battery or to wait for the battery to fully discharge.

That wraps up our whirlwind tour of the Precursor motherboard. This post introduced all of the major design features of the Precursor motherboard and briefly summarized the rationale for each choice. The system architecture minimizes the attack surface of trusted components. Furthermore, component choice was guided by the principles of simplicity and transparency while trying to provide a complete but auditable solution for security-sensitive applications. Finally, the mainboard was designed with components only on one side, and all security-critical components are contained within a well defined area, with the hope that this makes it easier to visually inspect and verify units upon receipt by end users.

Liked this post? Sign up to the Precursor funding campaign mailing list to be notified when new posts go live!

25 Sep 20:09

QM and the Politics of the “Unbiased” Bias

Matt Crosslin, EduGeek Journal, Sept 25, 2020
Icon

There's some good discussion in this post about how the choice of a course assessment framework reveals biases about the sorts of approaches to education are preferred. It is presented in the context of a tweet (and thread) from Stephanie Moore: "When Quality Matters trumps learning sciences as the evaluation framework for course design, then Houston, we have a problem." As Matt Crosslin says, "it is harder for some approaches like heutagogy, ungrading, and connectivism to pass... these are all well-researched concepts that don’t always have content, assessment, activities, and objectives in a traditional sense... (but) the institution is going to look at it as a worse course than a traditional instructivist course that scores a 98." And the point here - made quite rightly - is that this is a determination that was made before the assessment, and not as a result of it.

Web: [Direct Link] [This Post]
25 Sep 16:37

Jeopardizing people’s health.

by Andrea

The Washington Post: ‘People are just being dishonest’: Parents are sending coronavirus-infected kids to school, Wisconsin officials warn. “As authorities in suburban Milwaukee gamed out the complex preparations to allow children back into classrooms amid the coronavirus pandemic, they didn’t plan for one scenario: parents deliberately sending infected kids to school.
Yet that’s exactly what’s happened multiple times in Washington and Ozaukee counties, health officials said this week.”

The Washington Post: The code: How genetic science helped expose a secret coronavirus outbreak. “POSTVILLE, Iowa — It wasn’t until their colleagues began to disappear that workers at Agri Star Meat and Poultry realized there was a killer in their midst.
First came the rumors that rabbis at the kosher plant had been quarantined. Then a man who worked in the poultry department fell ill. They heard whispers about friends of friends who had been stricken with scorching fevers and unbearable chills — characteristic symptoms of the novel coronavirus.
Where was the contagion coming from?”

“It’s unclear why the state did not report the full number of positive antibody tests. But at least 20 percent and as many as 29 percent of Agri Star workers contracted the coronavirus between mid-March and early May. These numbers, which Guerrero confirmed, clearly exceed the CDC’s recommended definition for an outbreak — two or more linked cases of a disease — and likely meet Iowa’s 10 percent threshold.
Health experts and worker advocates have criticized Iowa’s metric, which was adapted from an older policy for monitoring flu outbreaks in schools.
Covid-19 is far more contagious and virulent than the flu, said Jan Flora, a sociology professor at Iowa State University. “To use the same threshold means that the state and the meatpacking plant will always be attempting to close the barn door after the horse has escaped.”
In denying The Post’s request for Agri Star’s case numbers, the Iowa Department of Public Health said it only released information about workplaces in cases of “active viral infection.” In other words, because the state took so long to test workers, the peak of the outbreak had already passed — so Iowa never had to acknowledge that the outbreak occurred at all.

Emphasis mine.

25 Sep 16:37

US Excess Mortality

Update

I’ve redrawn the graphs here to add more information about COVID-19 deaths specifically. This post is getting a substantial amount of traffic and some of the feedback I’ve gotten suggests people were confused about what exactly was being shown. The original graphs were drawn from this CDC dataset, which led some readers to think that there was some undercounting happening. In the new versions, I’ve used a merged version of the 2014-2018 data and the ongoing 2019-2020 counts.

I’ve also put up a GitHub repository containing the code needed to reproduce the graphs here, if you’re interested in looking in more detail.

The CDC recently released some new data on mortality counts by state and cause of death in the U.S., allowing us to get a look at excess mortality patterns due to the COVID-19 pandemic. I’ve folded the data into the covdata package. As an illustration of the sort of thing you can do with it—and of the sort of thing you can do with ggplot and R—here’s a graph of various aspects of mortality in the U.S. so far this year.

An overview of mortality in the US in 2020

An overview of mortality in the US in 2020

The figures have four sections. At the top is the weekly count of deaths from all causes in the United States. Counts for 2020 so far are highlighted in red. In gray are the equivalent counts for the years 2015 to 2019. More or less reliable data is available for about the first thirty weeks of the year so far, so we stop there. If you’re not familiar with mortality data of this sort, one thing that will jump out at you is its strongly seasonal character. People are more likely to die in the Winter than in the Summer. You’ll also note the relative stability of these patterns. The grey lines over the past five years are pretty steady, as the ordinary cycle of things continues. It’s this patterned character to the data that lets us infer excess mortality, when things are worse than usual for some reason. Not everything is fixed, of course. For example, the flu season in the Winter of 2017-2018 was exceptionally severe and is the reason there’s a high peak for one of the gray lines. The severity of the flu is easy to underestimate.

The second section shows the count of COVID-related deaths from week to week. The bars show the “COVID-19 (U071, Multiple Cause of Death)” ICD code.

The bottom left panel shows the same weekly data as the upper panel, but broken out by major cause of death. The causes are ordered from highest to lowest by prevalence, with Malignant Neoplasms (that is, cancer) and heart disease being the leading causes in the country in these data. The bottom right panel shows the CDC’s own calculation of the percentage difference between each cause of death so far this year as compared to its average in the five previous years. The ordering of the panels is the same, from highest to lowest overall number of deaths. But because the column charts show weekly changes, you can see where excess deaths are being registered within each cause. Thus far the comparisons are for the first thirty weeks of the year only, as reporting lags make counts from more recent weeks much noisier.

Bear in mind that these are counts and not modeled estimates. For the CDC’s own modeling of excess deaths due to COVID-19, consult their dashboards.

I think the data make some patterns quite clear. Most obviously, deaths attributed to influenza and pneumonia surge upwards beginning about ten weeks into the year. But so, too, do deaths from Alzheimer’s, hypertension, and diabetes. While I’m not a public health expert, I think the distribution of these surges is clearly suggestive of the differential impact on various groups of people, such as the elderly and those more likely to suffer from various diseases.

As I say, these data are available at the state as well as the national level. Here, for example, is the same graph for New York City:

New York City

New York City

And here, for contrast, is Georgia:

Georgia

Georgia

I imagine a serious dive into this data would reveal not just structural variation across states but also evidence of differences in reporting and attribution. The data for states with smaller populations is of course much noisier than for bigger ones, as breaking things down by fourteen causes of death on a week by week basis causes you to run out of degrees of freedom pretty quickly.

These plots were all made in R and ggplot, and assembling the multiple panels was made much easier thanks to Thomas Lin Pedersen’s fabulous patchwork package. The combination of patchwork and purrr makes the production of a whole lot of plots quite efficient. I’ll put a repository with the code on GitHub once I’ve cleaned it up a little. In the meantime, here are links to graphs for all the jurisdictions in the data. Bear in mind that the graphs have different y-axes, each appropriate to the range of variation within each state and directly connected to the number of people that live in that jurisdiction. So you can’t just overlay one on top of another. For a PDF version of any one of these, replace the .png extension in the file name with a .pdf.

Gallery of Jurisdictions

Click or touch a thumbnail to see the full version and browse the gallery of images.

25 Sep 16:36

The ghost station reemerges! https://www.blog...

by illustratedvancouver
25 Sep 16:28

A Gentle Introduction to Using a Docker Container as a Dev Environment

Burke Holland, CSS-Tricks, Sept 25, 2020
Icon

I must admit I had more than one knowing chuckle as I read this. It illustrates so many of the problems inherent in working in development environments today. How often have I had this reaction: "Apparently everyone is supposed to know this already. I didn’t know it until about four hours ago." Yeah. People who write documentation for this stuff (if they write any at all) assume a lot of background knowledge that often just isn't there. And that's not counting the local limitations that nobody tells you about (like, say, computer services blocking volume sharing) that will cause your work to just break for no reason.

Web: [Direct Link] [This Post]
25 Sep 16:28

In Defense of Cognitive Psychology

Clark Quinn, Learnlets, Sept 25, 2020
Icon

Clark Quinn responds to a recent short piece I write in response to Donald Clark's post on intelligence. In it, as Quinn summarizes, I argue "that education and cognitive psychology have put on layers of ‘cruft’ (“extraneous matter“) on top of the neural underpinnings." Quinn's defense is essentially that "the theories that have arisen have provided useful guidance for designing systems and learnings that wouldn’t have emerged from strictly neural explanations." I would respond that the proponents of cognitive psychology represent their theories as rather more than simply 'useful guidance' (otherwise they wouldn't so urgently criticize different theories). And the criticism is that cognitive psychologists extrapolate beyond the observable evidence (and not merely that they extrapolate beyond strictly neural explanations).

Clark uses Sweller's cognitive load theory, and that's a good test case. The theory essentially states that there are limitations to our ability to process information in short-term memory, and so having extraneous information impairs our ability to learn. Now it's well established that there's such a thing as sensory overload; we can experience itself and model it in simulations. But it does not follow that there is a corresponding 'cognitive overload' describable in terms of information theory. The mechanisms that are postulated in cognitive load theory - processing, storage, buffering - are extrapolations that draw on an outdated and mechanical theory of mind that is nowhere observed or confirmed except in experimental designs that presume their existence. And, as I have argued over the years, the outcome of postulating these theoretical mechanisms is bad practice, not good practice. Image: MindTools.

Web: [Direct Link] [This Post]
25 Sep 16:27

Don’t Force Different Groups Into One Platform

by Richard Millington

If you’ve spent a bunch of time and money on a community platform, it seems logical to get all your different audiences there.

When everything is in one place, you can easily measure things like participation, link member accounts, and create/track the entire journey customers or members have.

But there’s a problem.

You might not be dealing with just two different groups, but often two different cultures. Forcing them to use the same platform – especially a platform which is more difficult to use and not in the flow of their daily routine – is going to prove difficult. It might even prove antagonistic.

There’s a reason, for example, many companies host developer communities on a completely different platform (often Discourse or Slack) from their main customer community. The group has a completely different culture. They often want privacy and separation from customers. They don’t want to click on a ‘developer’ tab within a bigger community. They want a place just to themselves.

My advice would be to host audiences on the same platform if you can, but don’t try to force it. You can easily push people out of your ecosystem doing that. It’s far better to be where they are, support them however they need that support, and accept that it’s going to be a little messy – but it works.

25 Sep 16:27

Neuigkeiten vom Microsoft Surface Hub

by Volker Weber

bf2fec25dd5deca611941405cdec6f1f

Surface Hub ist so ein Produkt, das bei mir einen großen Haben-Wollen-Reflex auslöst. Und dann weiß ich nicht, was ich damit machen möchte. Im Prinzip ist das ein großer Screen mit eingebautem PC, der Meeting-Räume miteinander verbinden kann. Nicht einfach nur ein Display, sondern auch eine Zeichenfläche, eine Kamera für den Raum etc. Es gibt ab Januar nun neben der vorhandenen 50-Zoll-Version auch eine mit 85 Zoll Diagonale. Für jeden Zoll ein Kilogramm schwer. Mit einer Fläche von 1,96 x 1,13 Meter ist es größer als ein Bett. Was für ein Brecher.

Für beide Surface Hub 2S gibt es ein Rollgestell von Steelcase. Das will ich natürlich auch. Das kleinere lässt sich mit einem Akku ausrüsten, sodass es den Raum wechseln kann, ohne dass es wegen "Stecker raus" booten kann.

Für mich sind die Geräte ein wenig aus der Zeit gefallen, wo wir doch gerade üben, wie man in Teams zusammenarbeitet, wenn jeder vor seinem eigenen Screen sitzt. Aber das muss ja so nicht bleiben. Für die Chefs, die sich sowas ins eigene Büro stellen, erlaubt Microsoft mittlerweile auch die Installation von Windows 10 Pro oder Enterprise. Die bestimmungsgemäß eingesetzten Geräte bekommen ein Windows 10 Team 2020 Update.

Surface Hub 2S 85 kann jetzt bestellt werden und wird ab Januar 2021 geliefert. Setzt Ihr sowas in Eurem Unternehmen ein? Wenn ja, würde ich gerne lernen, wofür und in welchem Umfang, gerne per Email. Link ist unter diesem Post.

More >

25 Sep 16:27

Der Solo Loop ist toll

by Volker Weber

d671ab4b44a22728466370e0b68ebbc8

Apple hat mir diese Woche einen neuen Solo Loop zum Testen geschickt und ich war erst mal enttäuscht. Ich hatte nämlich Größe 9 gemessen, aber der Loop war Größe 7. Ich habe ihn dann doch ausgepackt und ausprobiert. Und war auf Anhieb begeistert. Die Größe 7 ist für mich nämlich perfekt und sie entspricht auch dieser Empfehlung.

Das Material ist sehr flexibel und doch fest. Wenn man daran zieht, hat es erst einen großen Widerstand, der dann nachlässt. So ähnlich wie bei einem Luftballon, den man aufpustet. Sobald der zu dehnende Querschnitt kleiner wird, lässt die Kraft nach.

Als Nächstes würde ich gerne ein geflochtenes Band testen. Das finde ich sehr edel.

25 Sep 16:26

Hallo Echo :: Hallo Volker

by Volker Weber

26d78ddb49e92b3129edc2822c9a7452

Jede Menge neue Hardware von Amazon. Interessant finde ich die kugelige Form von Echo und Echo Dot. Darin ist mehr Platz für Tieftöner, aber die Geräte benötigen auch selbst mehr Platz als die älteren Zylinder. Aktuell kann man nur vorbestellen, geliefert wird in vier Wochen.

More >

25 Sep 16:26

The Rationalist Papers (4): Is Joe Biden a socialist?

by Josh Bernoff

Donald Trump has called Joe Biden a “Trojan horse for socialism” and constantly denigrates “Democrats and their socialist agenda.” Socialism, as a political term, is toxic in America — many moderates and conservatives would rather die than vote for a socialist. So let’s examine what socialism actually is, and whether Joe Biden and Kamala Harris … Continued

The post The Rationalist Papers (4): Is Joe Biden a socialist? appeared first on without bullshit.

25 Sep 16:19

Rogers details $3 billion investment plan for Quebec should Cogeco deal go through

by Jonathan Lamont

Toronto-based national telecom Rogers released a $3 billion investment proposal “to bring connectivity, jobs and economic growth to Quebec” in its latest bid to secure the acquisition of Cogeco’s Canadian assets.

Rogers and American cable television provider Altice previously proposed a deal to acquire Cogeco. Altice sought to purchase Cogeco for $10.3 billion and then sell the company’s Canadian assets to Rogers for $4.9 billion. However, the Audet family, which owns Cogeco, rejected the “unsolicited” offer earlier this month.

Since then, Rogers has continued to push for the deal. The company promised to keep Cogeco in Quebec if the acquisition went through, and later issued a letter saying Cogeco rejected the offer with “undertaking any appropriate process.” Cogeco returned fire, saying Rogers engaged in “bad faith tactics” with the acquisition proposal.

Despite Cogeco stating it was not for sale, Rogers and Altice said they were still committed to pursuing the transaction. The latest part of that commitment is Rogers’ proposal to invest $3 billion dollars in Quebec should the acquisition go through.

Rogers’ investment plan includes 5G rollout, keeping Cogeco in Quebec and more

The company laid out four parts of its investment plan. The first focused on growing jobs and powering economic growth, which included investing $3 billion in Quebec over the next five years. Half of that would go towards network improvements. Rogers also said it would ensure 5,000 jobs in Quebec for a combined Rogers and Cogeco entity. Moreover, the company once again committed to keeping the Cogeco headquarters in Montreal and to having a Quebec president leading the Quebec business. Finally, Rogers said it would maintain the Cogeco brand in Quebec and continue relationships with suppliers and contractors.

The next part in Rogers’ plan is to drive a “made-in-Quebec” innovation agenda. That means expanding its 5G rollout throughout Quebec with a commitment to covering 95 percent of the population in the next five years. Rogers said it would establish a tech innovation hub in Quebec that would create up to 300 highly skilled new technology jobs as a ‘Centre of Excellence’ in artificial intelligence, software engineering and digital technology.

Roger’s third piece is to expand on rural connectivity and enhance the customer experience. That entails building on Cogeco’s rural expansion commitments and establishing a rural connectivity partnership with the Quebec government to reach an extra 100,000 households. Further, Rogers plans to upgrade services for existing Cogeco customers with a rollout of its own services, such as Ignite Internet, Ignite TV, Ignite SmartStream and its Smart Home Monitoring program.

Rogers may hope to sway Quebec government with investment proposal

Finally, Rogers says it wants to promote culture and community partnerships. That includes continuing Cogeco’s existing community partnerships and launching a new student technology sponsorship program. Moreover, Rogers wants to continue sponsoring major sporting and other cultural events, which includes exploring ways to bring more major events to Quebec. Lastly, Rogers says it will establish a French language training fund for Rogers employees outside of Quebec.

“We understand the importance of reaffirming our strong commitment to Quebec. Rogers stands ready to be Quebec’s partner in building world-class networks to help make it a global leader in technology and innovation,” said Rogers CEO Joe Natale.

Rogers likely hopes to sway Cogeco into accepting the acquisition with its investment plan. However, it may also equally appeal to the Quebec government. Quebec Premier François Legault expressed opposition to the Cogeco acquisition proposal when it was first announced, and Quebec’s Minister of Economy and Innovation, Pierre Fitzgibbon recently recognized the importance of keeping Cogeco’s headquarters in the province. Such an investment proposal from Rogers could sway the provincial government to support the deal.

You can read Roger’s investment plan in full on the company’s website.

The post Rogers details $3 billion investment plan for Quebec should Cogeco deal go through appeared first on MobileSyrup.

25 Sep 16:19

Running with the wolves

by Doug Belshaw
The price of being a sheep is BOREDOM. The price of being a wolf is LONELINESS. Choose one or hte other with great care.

This gapingvoid cartoon from years ago has really stuck with me during the ups and downs of my career.

I find working in (most) hierarchical organisations boring and stifling. It’s not always all bad, but the more hierarchical the organisation, the more limiting the walls of the box of your job role. Being a sheep sucks.

On the other hand, going it alone is anxiety-inducing and lonely. During the short time I was a solo independent consultant, it was only the opportunity to work with other consultants (big shout out to Bryan Mathers) that kept me going.

So I’m thankful and grateful that I’m part of a co-operative and get to work with other co-operatives. It’s like hunting in packs, or running with the wolves. Except more friendly.


This post is Day 49 of my #100DaysToOffload challenge. Want to get involved? Find out more at 100daystooffload.com

The post Running with the wolves first appeared on Open Thinkering.

25 Sep 16:15

Not long ago, Anne-Sophie Mutter was very ill with Corona Virus. Yesterday, she played Beethoven in Berlin. Perhaps this video may give some people a bit of hope. thestrad.com/video/anne-sop…

by Helene von Bismarck (HeleneBismarck)
mkalus shared this story from HeleneBismarck on Twitter.

Not long ago, Anne-Sophie Mutter was very ill with Corona Virus. Yesterday, she played Beethoven in Berlin. Perhaps this video may give some people a bit of hope.
thestrad.com/video/anne-sop…




206 likes, 57 retweets
25 Sep 16:06

Vidéotron’s Radius wristbands warn employees if they get too close to each other

by Jonathan Lamont

Quebec-based regional carrier Vidéotron’s business arm has launched a new product designed to help people maintain physical distance in the workplace.

Dubbed Radius, the new wristband uses vibration and light to alert the wearer if they get too close to another person. Vidéotron’s website explains that Radius records proximity interactions between wristbands and that businesses will be able to use this to trace employee interactions if they test positive for COVID-19.

It’s important to note the wristband doesn’t use geolocation. Instead, wristbands operate on Bluetooth similarly to Apple and Google’s Exposure Notification system in smartphones. The Canadian government uses that same system as the foundation for its COVID Alert app, which utilizes Bluetooth to detect and anonymously record events of proximity and warn users if they potentially become exposed to someone with COVID-19. To be clear, Vidéotron’s band is very different from COVID Alert, but the use of Bluetooth to monitor proximity is similar.

Since Radius is designed for use in a business, there’s a little more going on than what’s behind COVID Alert and similar smartphone-based systems. For example, businesses can also install ‘gateways’ throughout different office areas like the entrance, cafeteria or coffee machine. The wristbands periodically transmit interactions to these gateways, which make the information available via an online portal. That portal can then be used to form internal action plans if someone tests positive for COVID-19.

The portal provides information like whether the wristbands synced with the gateways in the last 24 hours, the succession of close contact within your company and a search section with a history of wristbands that were too close together.

For those worried about privacy, Vidéotron says the Radius wristband uses an anonymous ID when recording incidents of proximity and that the data isn’t shared with Vidéotron. Instead, it’s “privileged information reserved” for the business using the wristbands.

Finally, Vidéotron says the Radius wristbands were designed and manufactured entirely in Quebec.

The Radius Wristband became available for purchase by Quebec businesses starting September 24th. Vidéotron offers two tiers for businesses: the first includes just the wristbands at $100 per band. There is no access to the online management portal, but the bands can still alert employees if they get too close to each other. There’s also ‘Radius Pro,’ which costs $10 per wristband per month and includes the gateways and access to the online portal. Businesses can place their Radius orders here.

Those interested can learn more about Radius on the Vidéotron Business website.

The post Vidéotron’s Radius wristbands warn employees if they get too close to each other appeared first on MobileSyrup.