Why should people be forced to send perfectly usable hardware to a landfill simply because it's not the latest shiny thing on the market?
This is a bit of an overreaction. No one is forced to send usable hardware to a landfill. No one at Microsoft intentionally ruined any machines, they just have a bug somewhere and, more important, an inadequate testing system.
Please don't make a software bug into a conspiracy.
User code cannot read the content of protected kernel memory. If it does, the chip will raise the appropriate signal as defined by the ISA. Neither Spectre nor Meltdown change that. What they do is show that user code can create measurable effects on the state of the L2 cache based on the state of arbitrary memory. Those are two very different statements.
Finally, the Intel documentation is about what's guarantee by the chip -- specifically, that if speculative execution takes a 'wrong path', then the results are never visible in registers/memory. In other words, the chip guarantees that the code running on the CPU has the same result as in the abstract machine model (note, this is the same guarantee that OOO makes: that the program runs as if it was run in the order specified, not that it will be run in the order specified).
It's not sloppy cheating, it's following the machine model. The way we all understood this 3 weeks ago is that speculative execution can have no visible side effects on the program-observable state of registers/memory. Now we've changed the model to extend the idea that speculative execution across privilege boundaries must also not have any observable side-channels.
Well, I never insulted your credentials or insinuated you had no experience in the matter, so it's a bit of a different story there.
Anyway, substantively, if you really care so much about HIPPA users, partition them off so that they occupy a node exclusively with no other cluster jobs running concurrently with them. The unused partial nodes there seem like a much better tradeoff than a 10% penalty for all the regular HPC users (MD, CFD, QED, QCD,....).
This is probably true unless the number of confidential jobs approaches 20% or more of the total job-hours, at which point it's probably best to just create KPTI+ and KPTI- nodes and have the scheduler assign the confidential jobs only to the KPTI+ nodes. Anyway, the regular jobs can also run on the KPTI+ nodes at a modest penalty, so it's basically free performance.
Just some thoughts. I haven't "done" HPC in a decade, but security engineering gives one a view for mitigating risks while still delivering the needful.
I mean, I have a doctorate in computational physics. We had a half million dollar grant for our own HPC cluster. I had many thousands of hours of jobs run on other university systems. There's no need to suggest that I have no idea what I'm talking about. It's beyond rude.
If I were still at my old job, I would without a doubt recommend disabling KPTI on our cluster.
[ Amusingly enough, my current job is security engineering. ]
Why in the world would you patch a HPC cluster? The security issue described is completely not applicable in this case -- these aren't processing TLS connections, dealing with sensitive data or whatnot. I used to do computational physics (albeit in a different decade/life) but I can't imagine what use I would have had snooping the entire memory of our cluster nodes. At worst, I guess I could game the quota to get free hours, but that's hardly the end of the world.
The most it seems you should be upset at Intel for is a few days of support time to reconfigure the kernel builder to disable KPTI and be done with it.
Well spotted on the typo. I did mean before the heliocentric model.
As to whether it's corporatist or collectivist or any other-ist, a consumption tax can be made arbitrarily progressive or regressive to suit your political fancy. From my perspective, the important thing is to chose a non-distortionate tax that cannot be gamed by those with fancy lawyers and creative accounting. Once chosen, I'll gladly let someone else turn the progressively dial.
Remember that a tax on gross revenue could be at 50x lower rate than a tax on profits to generate identical revenue -- most industries don't sustain a margin much about 2%. So if we are talking average corporate profit tax rates of 25%, an equivalent gross revenue tax would be 0.5% or lower: not enough to destroy a fledgling firm.
Second, it's quite easy to make a consumption tax arbitrarily progressive. For instance, let's say, 33%, rebated up to the first $7,000 taxed. That means if you spend $21,000 a year on taxable consumption (I derived this by taking 1/2 of the median $42K salary, figuring you spend 1/3rd on non-taxables like rent & food and 1/6th on savings, YMMV) you pay no tax at all, and if you spend less then it's a net tax credit (fully refundable).
That would be massively progressive, actually it's a secret-UBI for anyone consuming less that $21K/yr in taxable consumption. And it would seriously hurt the entire conspicuous-consumption-class with a 33% tax on their $50K BMWs and $1000 iPhone Xs, while not harming the responsible folks that live modestly and save for the future.
A corporate profit tax is also a tax on consumers, since it either raises the price of goods (in an inelastic market) or decreases their volume (in an elastic market).
The continued machinations that everyone has gotten into with respect to taxing profits feels just like the epicycles used in the heliocentric models -- continued added complexity to make something work that at base doesn't make sense.
At base, the truth is that profit is an interpretive value. It's not a basic arithmetic concept like gross revenue or net revenue -- it's a derived value that requires subjective judgment to assign to the inputs. As such, you can create more and more complicated rules that never really continues. Like epicycles, the corrections and adjustments continue forever.
It would seem totally logical that the simplest and least-subject-to-perversion method of taxation would be to chose to tax a value that requires the absolute minimum subjective interpretation: either a gross revenue tax or a consumption tax. Both can be made arbitrarily progressive and both are virtually impossible to game.
Instead we go on and on trying to tax an elusive concept . . .
Mostly right, but in the US and the various States, there are laws that limit manufacturers' ability to having vertical pricing arrangements. Specifically, an agreement in restraint of trade is unlawful even though a unilateral (and universal) vertical pricing policy is lawful. Also lawful are manufacturer-imposed "territories", which is a bit confusing.
But they already need to know that because they need to know whether to send a high capability ambulance right the fuck away or whether it might have to wait.
The entire emergency medicine system is critically centered around triaging each patient in order to have a clear sense of priorities.
Doesn't this scream out for some kind of service for non-life-threatening conditions that's significantly less capable (and cheaper) than our existing ones?
I mean, I can understand why it's not socially optimal to send two trained EMTs and a ambulance full of cutting edge equipment for a caller that cut his hand while slicing a bagel and needs to go to the ER for stitches. The caller isn't going to die in the next 2 hours (note: if the ER is busy they'll logically wait while more dire cases are handled first), all they need is gauze (or if they already grabbed a t-shirt, it'll be fine).
What's more, sending them in a low-capability ambulance frees up the kitted one with a defibrillator and full set of drugs for someone that really needs it. That is, allocating resources efficiently saves money but it also can save lives.
Sadly, I guess we can't get our shit together here so we ad-hoc a solution with Uber, lmao.
Second, an ambulance ride costs around 150$ if some uninsured foreigner ordered one.
No. It costs much more than that. There is no way you can pay for for EMTs and equipment for $150 a ride.
I'm not saying this because I oppose the idea that society should pay for healthcare. I am in favor of a strong social safety net. But a strong safety net doesn't magically make ambulance rides cost less by helping to pay for it.
So dude makes a statement in general, and your complaint is that he didn't account for a niche set of businesses?
No one is gong to dispute that the porno shop and titty bar are going to accept cash, not least because tipping a dancer with a card is awkward. That only leaves the other 99% of the retail economy...
What is left unsaid, however, is they're hiring experienced individuals who don't expect compensation commensurate with that experience.
Which is counterweighted by the possibility that the experienced worker will jump ship to another job (or even another position in the same company) that is a closer fit.
High turnover is one of the greatest threats to the stability and productivity of an engineering group. Heck, engineering is in large part the accumulation of knowledge and methods, much of which can be put into code and documents but for which there always some portion stored in meatbrains.
This is not what Net Neutrality means. Net Neutrality means that ISPs may not discriminate based on the origin/destination/contents of a packet. It does not mean that ISPs have to treat 1000GB the same as 1GB.
A byte is a byte is a byte, and Verizon ought to have the right to demand more money to transfer more bytes, so long as they do so in a neutral fashion. Cogent should pay the same rate to transfer a byte from Netflix as one from Hulu or iTunes or Amazon Streaming. That's neutrality over content.
Actually even under the old Net Neutrality rules, ISPs could engage in network management by throttling or deprioritizing the data of very heavy users. In many cases, this is necessary to maintain service for everyone else.
What they should not be allowed to do is discriminate based on the destination of that data. A byte is a byte is a byte. But if you are using up way more than all your neighbors, and the link is congested, it makes sense to put your bytes last in line. That's the only fair way to manage a network. I've implemented this on a constrained campus network, it was widely discussed/reviewed as totally uncontroversial. Usage was measured on a 1 hr window, meaning that even if you were put in the 'penalty box' (implemented as a lower QoS bucket) you would quickly be off it. Also the lower QoS bucket never kicked in unless our outbound pipe was more than 70% full.
It was actually a canard from the anti-NN folks that NN preventing network management. It never did. A byte is a byte is a byte . . .
First, you can do whatever you want with what you buy, but you didn't buy a supercharger. You can decide when you have the right to fill up on your own charger or use someone else's charger according to their rules.
Second, you didn't RTFA because it said for vehicles purchased after December 15th, the new rules shall apply. Meaning that no one that already purchased a Tesla is having the rules changed after the purchase.
Finally, the rule makes a lot of sense to me. If superchargers are getting contested and if a significant fraction are used by a small percentage of users, it's reasonable to makes rules to ensure they are more readily available.
If VMWare doesn't distribute it that way, it's probably because most of their revenue/license is corporate rather than individual and app stores tend to be a poor fir for those arrangements.
Except when you look at some industries/rackets, you wonder why is this so expensive. And if you look, it's completely crooked. For example caskets, which somehow have a 500% markup -- charged the families of the recently deceased too.
So yeah, I agree with you -- some things are cheap because someone along the line isn't getting a fair deal. Other things are expensive because some rich asshole along the way is lining his pockets and paying off the right folks.
Clinton got played (and I say this as someone that's voted 'Clinton' 5 times already), and so did South Korea. North Korea never dismantled their nuclear program, as was obvious from being ready for tests. They never stopped counterfeiting US dollars or using their 'credentialed' diplomats to run drugs and ivory.
Their MO is pretty clear: do bad things, expect to be rewarded for stopping them, then do them again in order to extract more concessions. Most of the world is wise to this game after this many iterations . . .
Maybe someday America will learn that you don't convince your adversary to stop being paranoid by threatening to attack them.
Well, every attempt to negotiate or appease North Korea has also lead to paranoia and weapons development.
Maybe someday we'll all learn that not every situation is like a school exam or a video game where there is a right answer that resolves things cleanly.
Slashdot Mirror
Why should people be forced to send perfectly usable hardware to a landfill simply because it's not the latest shiny thing on the market?
This is a bit of an overreaction. No one is forced to send usable hardware to a landfill. No one at Microsoft intentionally ruined any machines, they just have a bug somewhere and, more important, an inadequate testing system.
Please don't make a software bug into a conspiracy.
And shame on both the LA Times and /. for not ensuring that there was a link to the original article or at least a DOI.
User code cannot read the content of protected kernel memory. If it does, the chip will raise the appropriate signal as defined by the ISA. Neither Spectre nor Meltdown change that. What they do is show that user code can create measurable effects on the state of the L2 cache based on the state of arbitrary memory. Those are two very different statements.
Finally, the Intel documentation is about what's guarantee by the chip -- specifically, that if speculative execution takes a 'wrong path', then the results are never visible in registers/memory. In other words, the chip guarantees that the code running on the CPU has the same result as in the abstract machine model (note, this is the same guarantee that OOO makes: that the program runs as if it was run in the order specified, not that it will be run in the order specified).
It's not sloppy cheating, it's following the machine model. The way we all understood this 3 weeks ago is that speculative execution can have no visible side effects on the program-observable state of registers/memory. Now we've changed the model to extend the idea that speculative execution across privilege boundaries must also not have any observable side-channels.
This really is a change to the x86 machine model.
Well, I never insulted your credentials or insinuated you had no experience in the matter, so it's a bit of a different story there.
Anyway, substantively, if you really care so much about HIPPA users, partition them off so that they occupy a node exclusively with no other cluster jobs running concurrently with them. The unused partial nodes there seem like a much better tradeoff than a 10% penalty for all the regular HPC users (MD, CFD, QED, QCD, ....).
This is probably true unless the number of confidential jobs approaches 20% or more of the total job-hours, at which point it's probably best to just create KPTI+ and KPTI- nodes and have the scheduler assign the confidential jobs only to the KPTI+ nodes. Anyway, the regular jobs can also run on the KPTI+ nodes at a modest penalty, so it's basically free performance.
Just some thoughts. I haven't "done" HPC in a decade, but security engineering gives one a view for mitigating risks while still delivering the needful.
I mean, I have a doctorate in computational physics. We had a half million dollar grant for our own HPC cluster. I had many thousands of hours of jobs run on other university systems. There's no need to suggest that I have no idea what I'm talking about. It's beyond rude.
If I were still at my old job, I would without a doubt recommend disabling KPTI on our cluster.
[ Amusingly enough, my current job is security engineering. ]
Why in the world would you patch a HPC cluster? The security issue described is completely not applicable in this case -- these aren't processing TLS connections, dealing with sensitive data or whatnot. I used to do computational physics (albeit in a different decade/life) but I can't imagine what use I would have had snooping the entire memory of our cluster nodes. At worst, I guess I could game the quota to get free hours, but that's hardly the end of the world.
The most it seems you should be upset at Intel for is a few days of support time to reconfigure the kernel builder to disable KPTI and be done with it.
Well spotted on the typo. I did mean before the heliocentric model.
As to whether it's corporatist or collectivist or any other-ist, a consumption tax can be made arbitrarily progressive or regressive to suit your political fancy. From my perspective, the important thing is to chose a non-distortionate tax that cannot be gamed by those with fancy lawyers and creative accounting. Once chosen, I'll gladly let someone else turn the progressively dial.
Remember that a tax on gross revenue could be at 50x lower rate than a tax on profits to generate identical revenue -- most industries don't sustain a margin much about 2%. So if we are talking average corporate profit tax rates of 25%, an equivalent gross revenue tax would be 0.5% or lower: not enough to destroy a fledgling firm.
Second, it's quite easy to make a consumption tax arbitrarily progressive. For instance, let's say, 33%, rebated up to the first $7,000 taxed. That means if you spend $21,000 a year on taxable consumption (I derived this by taking 1/2 of the median $42K salary, figuring you spend 1/3rd on non-taxables like rent & food and 1/6th on savings, YMMV) you pay no tax at all, and if you spend less then it's a net tax credit (fully refundable).
That would be massively progressive, actually it's a secret-UBI for anyone consuming less that $21K/yr in taxable consumption. And it would seriously hurt the entire conspicuous-consumption-class with a 33% tax on their $50K BMWs and $1000 iPhone Xs, while not harming the responsible folks that live modestly and save for the future.
A corporate profit tax is also a tax on consumers, since it either raises the price of goods (in an inelastic market) or decreases their volume (in an elastic market).
The continued machinations that everyone has gotten into with respect to taxing profits feels just like the epicycles used in the heliocentric models -- continued added complexity to make something work that at base doesn't make sense.
At base, the truth is that profit is an interpretive value. It's not a basic arithmetic concept like gross revenue or net revenue -- it's a derived value that requires subjective judgment to assign to the inputs. As such, you can create more and more complicated rules that never really continues. Like epicycles, the corrections and adjustments continue forever.
It would seem totally logical that the simplest and least-subject-to-perversion method of taxation would be to chose to tax a value that requires the absolute minimum subjective interpretation: either a gross revenue tax or a consumption tax. Both can be made arbitrarily progressive and both are virtually impossible to game.
Instead we go on and on trying to tax an elusive concept . . .
Mostly right, but in the US and the various States, there are laws that limit manufacturers' ability to having vertical pricing arrangements. Specifically, an agreement in restraint of trade is unlawful even though a unilateral (and universal) vertical pricing policy is lawful. Also lawful are manufacturer-imposed "territories", which is a bit confusing.
Here's some guidance from the Federal Trade Commission and a recent Supreme Court Ruling.
But they already need to know that because they need to know whether to send a high capability ambulance right the fuck away or whether it might have to wait.
The entire emergency medicine system is critically centered around triaging each patient in order to have a clear sense of priorities.
Doesn't this scream out for some kind of service for non-life-threatening conditions that's significantly less capable (and cheaper) than our existing ones?
I mean, I can understand why it's not socially optimal to send two trained EMTs and a ambulance full of cutting edge equipment for a caller that cut his hand while slicing a bagel and needs to go to the ER for stitches. The caller isn't going to die in the next 2 hours (note: if the ER is busy they'll logically wait while more dire cases are handled first), all they need is gauze (or if they already grabbed a t-shirt, it'll be fine).
What's more, sending them in a low-capability ambulance frees up the kitted one with a defibrillator and full set of drugs for someone that really needs it. That is, allocating resources efficiently saves money but it also can save lives.
Sadly, I guess we can't get our shit together here so we ad-hoc a solution with Uber, lmao.
Second, an ambulance ride costs around 150$ if some uninsured foreigner ordered one.
No. It costs much more than that. There is no way you can pay for for EMTs and equipment for $150 a ride.
I'm not saying this because I oppose the idea that society should pay for healthcare. I am in favor of a strong social safety net. But a strong safety net doesn't magically make ambulance rides cost less by helping to pay for it.
So dude makes a statement in general, and your complaint is that he didn't account for a niche set of businesses?
No one is gong to dispute that the porno shop and titty bar are going to accept cash, not least because tipping a dancer with a card is awkward. That only leaves the other 99% of the retail economy ...
What is left unsaid, however, is they're hiring experienced individuals who don't expect compensation commensurate with that experience.
Which is counterweighted by the possibility that the experienced worker will jump ship to another job (or even another position in the same company) that is a closer fit.
High turnover is one of the greatest threats to the stability and productivity of an engineering group. Heck, engineering is in large part the accumulation of knowledge and methods, much of which can be put into code and documents but for which there always some portion stored in meatbrains.
This is not what Net Neutrality means. Net Neutrality means that ISPs may not discriminate based on the origin/destination/contents of a packet. It does not mean that ISPs have to treat 1000GB the same as 1GB.
A byte is a byte is a byte, and Verizon ought to have the right to demand more money to transfer more bytes, so long as they do so in a neutral fashion. Cogent should pay the same rate to transfer a byte from Netflix as one from Hulu or iTunes or Amazon Streaming. That's neutrality over content.
Actually even under the old Net Neutrality rules, ISPs could engage in network management by throttling or deprioritizing the data of very heavy users. In many cases, this is necessary to maintain service for everyone else.
What they should not be allowed to do is discriminate based on the destination of that data. A byte is a byte is a byte. But if you are using up way more than all your neighbors, and the link is congested, it makes sense to put your bytes last in line. That's the only fair way to manage a network. I've implemented this on a constrained campus network, it was widely discussed/reviewed as totally uncontroversial. Usage was measured on a 1 hr window, meaning that even if you were put in the 'penalty box' (implemented as a lower QoS bucket) you would quickly be off it. Also the lower QoS bucket never kicked in unless our outbound pipe was more than 70% full.
It was actually a canard from the anti-NN folks that NN preventing network management. It never did. A byte is a byte is a byte . . .
First, you can do whatever you want with what you buy, but you didn't buy a supercharger. You can decide when you have the right to fill up on your own charger or use someone else's charger according to their rules.
Second, you didn't RTFA because it said for vehicles purchased after December 15th, the new rules shall apply. Meaning that no one that already purchased a Tesla is having the rules changed after the purchase.
Finally, the rule makes a lot of sense to me. If superchargers are getting contested and if a significant fraction are used by a small percentage of users, it's reasonable to makes rules to ensure they are more readily available.
I don't know why you think that VM host software cannot be hosted on the App Store.
If VMWare doesn't distribute it that way, it's probably because most of their revenue/license is corporate rather than individual and app stores tend to be a poor fir for those arrangements.
Except when you look at some industries/rackets, you wonder why is this so expensive. And if you look, it's completely crooked. For example caskets, which somehow have a 500% markup -- charged the families of the recently deceased too.
So yeah, I agree with you -- some things are cheap because someone along the line isn't getting a fair deal. Other things are expensive because some rich asshole along the way is lining his pockets and paying off the right folks.
Which you can then pay Elsevier $55 to download!
Clinton got played (and I say this as someone that's voted 'Clinton' 5 times already), and so did South Korea. North Korea never dismantled their nuclear program, as was obvious from being ready for tests. They never stopped counterfeiting US dollars or using their 'credentialed' diplomats to run drugs and ivory.
Their MO is pretty clear: do bad things, expect to be rewarded for stopping them, then do them again in order to extract more concessions. Most of the world is wise to this game after this many iterations . . .
It's a no-win situation.
Maybe someday America will learn that you don't convince your adversary to stop being paranoid by threatening to attack them.
Well, every attempt to negotiate or appease North Korea has also lead to paranoia and weapons development.
Maybe someday we'll all learn that not every situation is like a school exam or a video game where there is a right answer that resolves things cleanly.