Saturday, January 13, 2018

Artemis: a very short review

Andy Weir had the debut novel sensation that, surely, every novelist dreams of: The Martian was a world-wide best-seller, stayed on the best-seller lists for almost two years, and was then adapted to become one of the top ten movies of 2015.

You can only imagine what a life-changing experience this must have been for a guy who spent 15 years writing novels while working full time.

Anyway, Weir is now back with his second novel: Artemis.

In various creative fields, people talk about the "sophomore slump", and it surely can't have been easy for Weir to figure out how he wanted to write his next book. I'm sure he was also feeling pressure from both his readers and his publisher to hurry up and deliver another book.

So he did.

Artemis is certainly not the book that The Martian was.

However, both as a standalone effort and as a companion piece, it is quite interesting.

And, as you should probably grow to expect from Weir, it's a rollicking roller-coaster adventure ride of a book.

But while The Martian was a book about humans who were in space, and wanted to get back to Earth, Artemis is a book about people who were on Earth, and have decided that they want to live in space.

Weir is very interested in the notion of what it would mean for humans to be living somewhere other than on Earth, which is indeed a fascinating thing to think about, and Artemis is of most interest when you look at it from that viewpoint.

Artemis, as it turns out, spends most of its time spinning tales of completely ordinary experiences that have much more to do with being human beings, than with being in outer space. Rather than being just a sterile laboratory occupied by scientists, as so many "outer space" books are, Weir's outer space civilization is full of everything that makes us human. There are bars, casinos, and night clubs; there are prostitutes, drug dealers, and smugglers; there are petty rivalries, dirty laundry, and double-dealing.

But, most of all, there are complex systems, and, as was true with The Martian, it is when dealing with interesting complex systems that Weir's book is at its most interesting (even if great literature it ain't):

He wiggled his hand. "That wasn't just you. There were a lot of engineering failures. Like: Why aren't there detectors in the air pipeline for complex toxins? Why did Sanchez store methane, oxygen, and chlorine in a room with an oven? Why doesn't Life Support have its own separate air partition to make sure they'll stay awake if the rest of the city has a problem? Why is Life Support centralized instead of having a separate zone for each bubble? These are the questions people are asking.

Moreover, as Weir observes, these aren't actually engineering questions at their root; they are questions about how we organize our societies, a question which is just as important and relevant in outer space as it is here on Earth:

"The next big step is taxes."

"Taxes?" I snorted. "People come here because they don't want to pay taxes."

"They already pay taxes -- as rent to KSC. We need to change over to a property-ownership and tax model so the city's wealth is directly tied to the economy. But that's not for a while."

She took off her glasses. "It's all part of the life-cycle of an economy. First it's lawless capitalism until that starts to impede growth. Next comes regulation, law enforcement, and taxes. After that: public benefits and entitlements. Then, finally, overexpenditure and collapse."

"Wait. Collapse?"

"Yes, collapse. An economy is a living thing. It's born full of vitality and dies once it's rigid and worn out. Then, through necessity, people break into smaller economic groups and the cycle begins anew, but with more economies. Baby economies, like Artemis is right now."

Although Artemis ultimately fails as a work of literature, it is promising as a hint of what Weir is interested in, and where he might go.

Humans in space is a fascinating concept, and thinking about it realistically, rather than in some fantastic sterile implausible laboratory fashion, is how we're going to get to a point where we're actually ready to have humans in space. Building space ships and sending people out in them is just an engineering problem, and we'll solve that, probably pretty soon. But economics, politics, crime, government? These are actually HARD problems.

Writing about them, thinking about them, sharing those ideas, is one way to make it real, and for that, if for nothing else, I enjoyed reading Artemis and will look forward to Weir's next work.

Wednesday, January 10, 2018

Public Equity 501

A short lesson, this time; perhaps our education is nearing completion and we are moving on to become graduate students?

Clearlake Capital Acquires Perforce Software

Clearlake Capital Group, L.P. (together with its affiliates, “Clearlake”) today announced that it has acquired Perforce Software (“Perforce” or the “Company”), developer of the industry’s most flexible, scalable and secure version control and collaboration platform, from growth equity investor Summit Partners. The Company will continue to be led by Janet Dryer, CEO, and Mark Ties, COO, who will both join the Board of Directors alongside Clearlake. Financial terms were not disclosed.

Saturday, January 6, 2018

The Silk Roads: a very short review

Peter Frankopan's The Silk Roads: A New History of the World is an extremely ambitious book.

It sets out to survey, in a single 500 page volume, some 2000+ years of history of the region which, roughly speaking, spans from Turkey and Egypt to Mongolia and Pakistan in the one direction, and from Yemen to Russia in the other.

That's a lot of land, and a lot of time, to cover.

Certainly if you, like me, struggle to distinguish Basra from Bactria, Samarkand from Sanjan, Karakorum from Kashgar, Mosul from Mashad, Dushanbe from Dunhuang, or Istanbul from Isfahan (ok, well, that last one I knew), then you'll find a lot to learn in this history of human activity in Central Asia over the last few thousand years.

And it's certainly a colorful book, full of great stories of traders, adventurers, explorers, merchants, prophets, and their interactions.

(Attila the Hun! Genghis Khan! Richard Lionheart! The Black Death! Vasco da Gama! T.E. Lawrence! Timur! Marco Polo!)

It's an immense scope, though, and Frankopan can barely get going on one episode before he races on to the next, breathless and impatient, rather like the White Rabbit: always in a hurry, but not quite sure where he's going.

I didn't mind any of the minutes I spent with The Silk Roads, but in the end I'm afraid that this part of the world is still rather a blur to me, which is a shame, because I think that's precisely the problem that Frankopan set out to solve.

Would he have been more successful (with me, at least), had he confined himself to a smaller region, or a shorter time period, the better to have used those pages to spend more time inhabiting particular incidents and characters? I'm not sure. I'm not much of a reader of histories, so I suspect this problem is just endemic to the genre, and it really just means that while his book was fascinating, I'm not really the target audience.

Thursday, January 4, 2018

RowHammer strikes again

Before we get to the main event (just be patient), I want you to first spend a little time with something that I think is actually a much MORE interesting story about computer security: The strange story of “Extended Random”

Yesterday, David Benjamin posted a pretty esoteric note on the IETF’s TLS mailing list. At a superficial level, the post describes some seizure-inducingly boring flaws in older Canon printers. To most people that was a complete snooze. To me and some of my colleagues, however, it was like that scene in X-Files where Mulder and Scully finally learn that aliens are real.

Why is this such a great story?

  1. Well, for one thing, it's been going on for more than a decade. That's a long time.
  2. For another thing, the technology involved is quite complex: multiple software systems have to interact, in quite complex ways
  3. And for another thing, at least one part of the overall vulnerability involves simply including additional COMPLETELY RANDOM DATA in your messages over the network. How is adding some extra random data a vulnerability? (You'll have to read the article for yourself)
  4. But most importantly, as opposed to most computer security vulnerabilities, this isn't simply an implementation mistake made by some systems programmer; from everything we can determine, it is actually the result of deliberate sabotage by our own government, sabotage so subtle that, fifteen years later, the best cryptographic minds in the world are still picking through the details.

Anyway, enough of that.

I know what you came here for.

You want to hear what good old RowHammer has been up to over the last couple years, right?!

Well, unless you've been living in a cave (and who reads blogs if they live in a cave?), you know that what we're talking about here is Reading privileged memory with a side-channel, also known as: "the latest amazing work by the astonishing Google Project Zero team."

Well, anyway, here are the goods:

  • Reading privileged memory with a side-channel
    We have discovered that CPU data cache timing can be abused to efficiently leak information out of mis-speculated execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts.
  • Meltdown and Spectre
    These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs.
  • Meltdown
    Meltdown allows an adversary who can run code on the vulnerable processor to obtain a dump of the entire kernel address space, including any mapped physical memory. The root cause of the simplicity and strength of Meltdown are side effects caused by out-of-order execution.
  • Spectre Attacks: Exploiting Speculative Execution
    in order to mount a Spectre attack, an attacker starts by locating a sequence of instructions within the process address space which when executed acts as a covert channel transmitter which leaks the victim’s memory or register contents. The attacker then tricks the CPU into speculatively and erroneously executing this instruction sequence, thereby leaking the victim’s information over the covert channel. Finally, the attacker retrieves the victim’s information over the covert channel. While the changes to the nominal CPU state resulting from this erroneous speculative execution are eventually reverted, changes to other microarchitectural parts of the CPU (such as cache contents) can survive nominal state reversion.
  • Mitigations landing for new class of timing attack
    Since this new class of attacks involves measuring precise time intervals, as a partial, short-term, mitigation we are disabling or reducing the precision of several time sources in Firefox. This includes both explicit sources, like, and implicit sources that allow building high-resolution timers, viz., SharedArrayBuffer.
  • KASLR is Dead: Long Live KASLR
    In this paper, we present KAISER, a highly-efficient practical system for kernel address isolation, implemented on top of a regular Ubuntu Linux. KAISER uses a shadow address space paging structure to separate kernel space and user space. The lower half of the shadow address space is synchronized between both paging structures.
  • The mysterious case of the Linux Page Table Isolation patches
    Of particular interest with this patch set is that it touches a core, wholly fundamental pillar of the kernel (and its interface to userspace), and that it is obviously being rushed through with the greatest priority. When reading about memory management changes in Linux, usually the first reference to a change happens long before the change is ever merged, and usually after numerous rounds of review, rejection and flame war spanning many seasons and moon phases.

    The KAISER (now KPTI) series was merged in some time less than 3 months.

  • Quiet in the peanut gallery
    I wish there were some moral to finish with, but really the holidays are over, the mystery continues, and all that remains is a bad taste from all the flack I have received for daring intrude upon the sacred WordPress-powered tapestry of a global security embargo.
  • Re: Avoid speculative indirect calls in kernel
    I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed.

    .. and that really means that all these mitigation patches should be written with "not all CPU's are crap" in mind.

    Or is Intel basically saying "we are committed to selling you shit forever and ever, and never fixing anything"?

  • Today's CPU vulnerability: what you need to know
    The Project Zero researcher, Jann Horn, demonstrated that malicious actors could take advantage of speculative execution to read system memory that should have been inaccessible.

It's pretty interesting stuff.

It will take a while to dig through and think about.

But, it's important to note: this is primarily an attack against large, shared servers, which typically run software on behalf of many unrelated parties on the same physical system, using techniques such as "virtualization", or "containers".

Think "cloud computing."

Those environments are the ones which are spending the most amount of time thinking about what these new findings mean.

Sunday, December 31, 2017

Up, up, and away

With the opening of the Salesforce Tower looming in the next few weeks, there's a flurry of media attention.

Here are two very interesting articles, with lots of links to chase:

  • Transbay Transformed
    As the blocks around the transit center fill up with towers, San Francisco is getting a crash course in what high-density urban living is all about.
  • San Francisco’s Skyline, Now Inescapably Transformed by Tech
    While few were looking, tech ate San Francisco, a development encouraged by Mayor Ed Lee, who unexpectedly died this month. There are now 79,129 high-tech jobs in the city, about triple the number a decade ago, according to a new research report from the real estate firm CBRE.

    If you work in an office in the city, there is a 28 percent chance you work in tech. That level is exceeded only by Seattle, where the sharp growth of Amazon pushed the percentage of tech workers up to 38 percent, and by Silicon Valley itself, where it is 42 percent.

    “San Francisco has gone from being driven by multitudes of industries in 2007 to being now focused largely on tech,” said Colin Yasukochi, a CBRE analyst. “The growth feeds on itself. Tech workers are attracted to the great opportunities in the city, and the supply of workers means more tech companies come here.”

And no, I'm not moving into the new building.

And yes, it really does look like all the new office floors will be the dreadfully mistaken awfully horrible open seating arrangement.


Saturday, December 30, 2017

Private Equity 401

Happily, I'm mostly out from under the thumb of Private Equity, at least for the time being.

But it's still quite interesting to me, to learn how it operates, and what influences it has on the world.

For example, why do shopping center owners set their rental rates at a level which leaves the shopping center 30%-50% empty? How can that make sense?

It's obviously quite interesting to others, as well:

  • Retail’s Woes? Much More Than Online
    Private-equity funds have become involved in retail as developers and landlords. In an era of low interest rates, a business model predicated on higher, steady returns is an attractive use of capital.

    However, what works on a spreadsheet for distressed businesses doesn’t always translate into the commercial real estate space. Storefront businesses are limited to the rent they can afford based on the revenue they generate. Lease renewals with increases of as much as 100 percent from new private equity-funded landlords do not work. If the rent increase can’t be supported by the retailer’s revenues, they fold the tent up.

    It is too easy to blame retail’s woes on Inc. and other online merchants. The broader picture has to take in the enormous changes in how consumers behave. Retail has been very slow to adapt to this. The sooner the industry figures this out, the better.

  • Putting on Developers’ Hard Hats, Private Equity Managers Break Risky New Ground
    Private-equity firms’ inexperience in construction and short investment horizons make them unnatural collaborators for contractors, he explained.

    In particular, Callahan said, private funds can run into trouble in negotiating the financial relationships that undergird large-scale construction. “A lot of the contracting world relies on surety credit, and the surety market space has been very suspicious of the private equity investor because [surety firms] build their relationships for the long term. The private-equity model is three to five years. That gives everyone a little cause for concern.”

    Pfeffer, the construction lawyer, also singled out financial arrangements with contractors as a source of risk for private equity.

    “Standard-form construction agreements benefit contractors and design professionals,” Pfeffer said. Typical contracts protect contractors against, for example, accountability for construction delays that could cost the developer tenants. “If there’s a waiver of construction damages on the agreement, the owner is out of luck collecting that big bucket of damages.”

  • Real Estate Private Equity: Technology’s Next Victims? (Part 1)
    First and foremost, funds don’t have a strong incentive to invest in new capabilities and tools since things are not going too badly. In the short term, the glut of capital might even seem good: New money flows into the hands of the most established players and, for some, it feels like times have never been better.

    Second, funds do not respond because, strictly speaking, they aren’t allowed to. As you remember, private equity funds usually have a narrow mandate to invest in assets under a specific strategy and in a specific geographical area. What about investing in technology or acquiring new capabilities and expertise? That’s not part of the mandate. Keep in mind that the assets most funds currently manage were acquired 1–5 years ago with money that was raised from investors 2–7 years ago.

  • Axios Pro Rata, Thu, Dec 21, 2017
    Private equity executives are largely pleased with the tax bill, but there are growing grumbles about how the change to interest deductibility isn't grandfathered in for existing loans.
    • This could be a particularly acute problem for highly-leveraged companies that are either unprofitable or barely profitable. In those cases, private equity sponsors may have to choose between pumping in new cash and crossing their fingers.
    • Going forward, expect leverage levels to decrease. Per one buyout big: "We use leverage as a tax shield, which is about to become much less relevant."
    • There is likely to be a decline in dividend recaps, at least in the short-term.
    • To be clear, private equity firms are still cheering these changes (at least from a portfolio perspective).
    • The longer-term hold period to qualify for carried interest is unlikely to prevent firms from selling before three years, in the rare cases when applicable. Just expect the funds to essentially defer the carry.

Viewed from their perspective, they are doing what makes sense: making a profit as effectively as they can.

But reread this quote, and think about it:

funds don’t have a strong incentive to invest in new capabilities and tools since things are not going too badly. In the short term, the glut of capital might even seem good: New money flows into the hands of the most established players and, for some, it feels like times have never been better.

This is not a good way for a society to organize its productive resources, even if "for some, it feels like times have never been better."

And the tax reforms passed this month did almost nothing to change the deep systemic incentives in the American tax code which encourage exactly this sort of destructive activity.


Thursday, December 21, 2017

Stuff I'm reading, holiday 2017 edition

This was a busy year, and I didn't get to blog as much.

Sorry about that.

  • Just watch this
    It’s a good, no, great talk about principles of leadership by Bryan Cantrill. At turns hilarious, angry, and poignant, it is quite simply one of the best talks I have ever seen about what we’re building in tech and why and how to do better. We need to move forward, take responsibility and begin to tear down a culture in which "always be hustlin'" is a leadership principle. A frank, harsh look at Amazon, Uber, and techbro thinking, with some eulogy to Sun baked in. It’s a great talk. Please watch it.
  • Google Maps's Moat
    But "buildings" is the wrong word to describe what Google’s been adding; it’s more like "structures". Because not only has Google been adding houses, it’s been adding garages and tool sheds
  • We Are Running Out of Time to Make Algorithms Fair
    It’s tempting to presume that technology changes more quickly than society and that software can reinforce social progress by rapidly encoding new norms and insulating them from regressive or malicious actors. A sentencing algorithm can do less harm than a blatantly bigoted judge. But it can also obscure the history and context of bias and hinder, or even preclude, progress. Infrastructure is sticky and the window of opportunity is narrowing: Technology can improve in the future, but we’re making decisions about what tradeoffs to make now. It’s not clear how often, or even whether, we’ll get the opportunity to revisit those tradeoffs.
  • Dozens of Companies Are Using Facebook to Exclude Older Workers From Job Ads
    The ability of advertisers to deliver their message to the precise audience most likely to respond is the cornerstone of Facebook’s business model. But using the system to expose job opportunities only to certain age groups has raised concerns about fairness to older workers.
  • The 2017 Stratechery Year in Review
    the most popular and most important posts of the year: tech and society figure prominently.
    It turns out that a common trick when displaying an x86/x64 call stack is to subtract one from return addresses before looking them up in the symbol tables. The return address is the instruction after the function call which could be from an arbitrarily different line of code (thanks to optimizers), but subtracting one from the return address gets an address that is guaranteed to be inside the call instruction, and therefore will let the debugger show the line number of the call instead of the return. This is such a clever and seamless trick that we normally don’t even notice it is happening - until it fails.
  • Secret Link Uncovered Between Pure Math and Physics
    Over the past decade Kim has described a very new way of looking for patterns in the seemingly patternless world of rational numbers. He’s described this method in papers and conference talks and passed it along to students who now carry on the work themselves. Yet he has always held something back. He has a vision that animates his ideas, one based not in the pure world of numbers, but in concepts borrowed from physics. To Kim, rational solutions are somehow like the trajectory of light.
  • When You Can’t Afford Not to Have Power Redundancy
    It seems sensible for the operators of the biggest airport in the world and the airlines that fly through that facility to collectively pay $21M for 10 years of protection and have power redundancy. Considering this from a regulatory perspective and looking at the value of keeping the largest of the nation’s airports operating, a good argument can be made that it shouldn’t be possible for a single power event to take out such a facility and it should be a requirement to have reasonable redundancy through all the infrastructure of any airport of medium or larger size.
  • Only Verify State-Changing Method Calls
    Instead of verifying that they are called, use non-state-changing methods to simulate different conditions in tests
  • Motel Living and Slowly Dying
    The particular rhythms of what I do - track the pig in its journey beneath the prairies, hand off the job to my counterpart on the other shift, find a hotel near where I’ll rejoin the line, sleep, lather, rinse, repeat - have made me something of an unintentional expert on hotel living and on the America nobody dreams about seeing on vacation.

    I travel by secondary and tertiary roads, skulking around the pipeline on 12-hour shifts, either midnight to noon or noon to midnight. I work alone, mostly. And when the shift is done, I catch my rest in places like Harrisonville, Missouri, and Iola, Kansas. Lapeer, Michigan, and Amherst, New York. Toledo, Ohio, and Thief River Falls, Minnesota.

  • How AlphaZero Wins
    To evaluate a position, it simply plays hundreds of random games from that position. To you or me this may seem like a crazy idea, but actually it makes a certain amount of sense. In some positions there may be only one "correct" way for White to win - but often in these positions Black is visibly in trouble anyway. If you give the position to two grandmasters, they might play the correct line and White would win. If you give it to two 2200 players, they may play almost correctly and White will still win. If you give the position to two 1400 players, they will make mistakes right and left - but White will still win. So the point is that even incorrect play will still give you a sense of who is winning, as long as the mistakes are equally distributed on both sides.
  • Truth From Zero?
    The Dec. 5 paper is sketchy and only 10 of the 100 games against Stockfish have been released, all hand-picked wins. I share some general scientific caveats voiced by AI researcher and chess master Jose Camacho-Collados. I agree that two moves by AlphaZero (21. Bg5!! and 30.Bxg6!! followed by 32.f5!! as featured here) were ethereal. There are, however, several other possible ways to tell how close AlphaZero comes to perfection.
  • From Automata to Zelda, These Are the Best Games of 2017
    2017 was an incredible year for videogames-a mixed bag of genre, style, and mood. The best titles ranged from sweeping adventures to tense shooters to meditations on the existential burden of life. Some of the games released this year will go on to be lauded as the most important, profound videogames of this generation. If you don't know how to dive into videogames in the coming days, here is where to start.
  • The Best Games You Might Have Missed in 2017
    More than 400 videogames were released this year. Four. Hundred. With a firehose like that, it's all too easy to miss some of the gems that become available, so we pored through our played list to pull together our favorite under-the-radar titles.
  • 16 Best Gifts for Gamers, According to Gamers
    For our latest installment, we found ten gamers to tell us what they want for the holidays, from wireless earbuds to vintage-ish Tamagotchis.
  • Table-top generals
    A board-game café sounds like the sort of niche business that appeals only to hip millennials with a fondness for ironic nostalgia. But, on a Friday afternoon, the crowd is more diverse than that, with families and 50-somethings alongside the youngsters. Draughts is doing so well that its owners are now pondering opening another branch. It is just one beneficiary of a new golden age in board games.
  • The Best Jazz Albums of 2017
    Even as the world goes up in smoke, artists still make art, and this very much includes jazz musicians, whose best work this year (at least the best that I managed to hear amid the noise) plumbed old and new, tradition and innovation, structure and freedom, with - under the circumstances - heroic strivings.
  • Chicago's underground city that’s becoming a design star
    Mazing for five miles under 40 blocks of The Loop (Chicago’s business district), this network of tunnels connects some of the city’s most famous buildings, including Macy’s, City Hall and the Chicago Cultural Center.

    Construction began in 1951 to provide safe, weatherproof passage between the buildings, and the hotchpotch of corridors has been built piecemeal ever since. Each section is independently owned and maintained by the corresponding building above, so each section has different lights, even different air temperatures.

  • The Most 2017 Photos Ever
    Not necessarily the top photos of the year, nor the most heart-wrenching or emotional images, but a collection of photographs that are just so 2017.