TechSNAP - Episodes Tagged with “Intel”

429: Curious About Caddy

Jupiter Broadcasting — Fri, 15 May 2020 00:15:00 -0700

Jim and Wes take the latest release of the Caddy web server for a spin, investigate Intel's Comet Lake desktop CPUs, and explore the fight over 5G between the US Military and the FCC.

Links:

428: RAID Reality Check

Jupiter Broadcasting — Fri, 01 May 2020 00:15:00 -0700

We dive deep into the world of RAID, and discuss how to choose the right topology to optimize performance and resilience.

Plus Cloudflare steps up its campaign to secure BGP, and why you might want to trade in cron for systemd timers.

Links:

427: Gigahertz Games

Jupiter Broadcasting — Fri, 17 Apr 2020 00:15:00 -0700

Jim finally gets his hands on an AMD Ryzen 9 laptop, some great news about Wi-Fi 6e, and our take on FreeBSD on the desktop.

Plus Intel's surprisingly overclockable laptop CPU, why you shouldn't freak out about 5G, and the incredible creativity of the Demoscene.

Links:

425: Ryzen Gets Real

Jupiter Broadcasting — Fri, 20 Mar 2020 00:15:00 -0700

We take a look at AMD's upcoming line of Ryzen 4000 mobile CPUs, and share our first impressions of Ubuntu 20.04's approach to ZFS on root.

Plus Let's Encrypt's certificate validation mix-up, Intel's questionable new power supply design, and more.

Links:

424: AMD Inside

Jupiter Broadcasting — Fri, 06 Mar 2020 00:15:00 -0800

Cloudflare recently embarked on an epic quest to choose a CPU for its next-generation server build, so we explore the importance of requests per watt, the benefits of full memory encryption, and why AMD won.

Plus Mozilla's rollout of DNS over HTTPS has begun, a big milestone for Let's Encrypt, and more.

Links:

423: Hopeful for HAMR

Jupiter Broadcasting — Fri, 21 Feb 2020 18:00:00 -0800

We explore the potential of heat-assisted magnetic recording and get excited about a possibly persistent L2ARC.

Plus Jim's journeys with Clear Linux, and why Ubuntu 18.04.4 is a maintenance release worth talking about.

Links:

Ubuntu 18.04.4 LTS: here's what's new — It's not as shiny and exciting as entirely new versions, of course, but it does pack in some worthwhile security and bugfix upgrades, as well as support for more and newer hardware.
18.04.4 - Ubuntu Wiki
MobaXterm — Enhanced terminal for Windows with X11 server, tabbed SSH client, network tools and much more.
Linux distro review: Intel’s own Clear Linux OS — There's not much question that Clear Linux is your best bet if you want to turn in the best possible benchmark numbers. The question not addressed here is, what's it like to run Clear Linux as a daily driver? We were curious, so we took it for a spin.
Clear Linux* Project — Clear Linux OS is an open source, rolling release Linux distribution optimized for performance and security, from the Cloud to the Edge, designed for customization, and manageability.
swupd — Documentation for Clear Linux* project
clr-boot-manager: Kernel & Boot Loader Management
Cannot compile zfs for 5.5-rc2 · Issue #9745 · zfsonlinux/zfs
Persistent L2ARC might be coming to ZFS on Linux — The primary ARC is kept in system RAM, but an L2ARC device can be created from one or more fast disks. In a ZFS pool with one or more L2ARC devices, when blocks are evicted from the primary ARC in RAM, they are moved down to L2ARC rather than being thrown away entirely. In the past, this feature has been of limited value, both because indexing a large L2ARC occupies system RAM which could have been better used for primary ARC and because L2ARC was not persistent across reboots.
Persistent L2ARC by gamanakis · Pull Request #9582 · zfsonlinux/zfs — This feature implements a light-weight persistent L2ARC metadata structure that allows L2ARC contents to be recovered after a reboot. This significantly eases the impact a reboot has on read performance on systems with large caches.
LINUX Unplugged 303: Stateless and Dateless — We visit Intel to figure out what Clear Linux is all about and explain a few tricks that make it unique.
LINUX Unplugged Blog: Clear Linux OS 2019
HAMR don’t hurt ’em: laser-assisted hard drives are coming in 2020 — Although the 2012 "just around the corner" HAMR drives seem to have been mostly vapor, the technology is a reality now. Seagate has been trialing 16TB HAMR drives with select customers for more than a year and claims that the trials have proved that its HAMR drives are "plug and play replacements" for traditional CMR drives, requiring no special care and having no particular poor use cases compared to the drives we're all used to.
HAMR Milestone: Seagate Achieves 16TB Capacity on Internal HAMR Test Units
Western Digital debuts 18TB and 20TB near-MAMR disk drives
Previously on TechSNAP 341: HAMR Time — We've got bad news for Wifi-lovers as the KRACK hack takes the world by storm; We have the details & some places to watch to make sure you stay patched. Plus, some distressing revelations about third party access to your personal information through some US mobile carriers. Then we cover the ongoing debate over HAMR, MAMR, and the future of hard drive technology & take a mini deep dive into the world of elliptic curve cryptography.

422: Multipath Musings

Jupiter Broadcasting — Fri, 07 Feb 2020 00:15:00 -0800

We take a look at a few exciting features coming to Linux kernel 5.6, including the first steps to multipath TCP.

Plus the latest Intel speculative execution vulnerability, and Microsoft's troubled history with certificate renewal.

Links:

410: Epyc Encryption

Jupiter Broadcasting — Fri, 23 Aug 2019 00:00:00 -0700

It's CPU release season and we get excited about AMD's new line of server chips. Plus our take on AMD's approach to memory encryption, and our struggle to make sense of Intel's Comet Lake line.

Also, a few Windows worms you should know about, the end of the road for EV certs, and an embarrassing new Bluetooth attack.

Links:

A detailed look at AMD’s new Epyc “Rome” 7nm server CPUs | Ars Technica — The short version of the story is, Epyc "Rome" is to the server what Ryzen 3000 was to the desktop—bringing significantly improved IPC, more cores, and better thermal efficiency than either its current-generation Intel equivalents or its first-generation Epyc predecessors.
AMD Rome Second Generation EPYC Review: 2x 64-core Benchmarked — Ever since the Opteron days, AMD's market share has been rounded to zero percent, and with its first generation of EPYC processors using its new Zen microarchitecture, that number skipped up a small handful of points, but everyone has been waiting with bated breath for the second swing at the ball. AMD's Rome platform solves the concerns that first gen Naples had, plus this CPU family is designed to do many things: a new CPU microarchitecture on 7nm, offer up to 64 cores, offer 128 lanes of PCIe 4.0, offer 8 memory channels, and offer a unified memory architecture based on chiplets.
AMD EPYC Rome Still Conquering Cascadelake Even Without Mitigations - Phoronix — Out of curiosity, I've run some unmitigated benchmarks for the various relevant CPU speculative execution vulnerabilities on both the Intel Xeon Platinum 8280 Cascadelake and AMD EPYC 7742 Rome processors for seeing how the performance differs.
Intel’s line of notebook CPUs gets more confusing with 14nm Comet Lake | Ars Technica — Going by Intel's numbers, Comet Lake looks like a competent upgrade to its predecessor Whiskey Lake. The interesting question—and one largely left unanswered by Intel—is why the company has decided to launch a new line of 14nm notebook CPUs less than a month after launching Ice Lake, its first 10nm notebook CPUs.
A look at the Windows 10 exploit Google Zero disclosed this week | Ars Technica — On Tuesday, Tavis Ormandy of Google's Project Zero released an exploit kit called ctftool, which uses and abuses Microsoft's Text Services Framework in ways that can effectively get anyone root—er, system that is—on any unpatched Windows 10 system they're able to log in to
Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182) – Microsoft Security Response Center — Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability (CVE-2019-0708), these two vulnerabilities are also ‘wormable’, meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction.
KNOB Attack — TL;DR: The specification of Bluetooth includes an encryption key negotiation protocol that allows to negotiate encryption keys with 1 Byte of entropy without protecting the integrity of the negotiation process. A remote attacker can manipulate the entropy negotiation to let any standard compliant Bluetooth device negotiate encryption keys with 1 byte of entropy and then brute force the low entropy keys in real time.
Troy Hunt: Extended Validation Certificates are (Really, Really) Dead — With both browsers auto-updating for most people, we're about 10 weeks out from no more EV and the vast majority of web users no longer seeing something they didn't even know was there to begin with! Oh sure, you can still drill down into the certificate and see the entity name, but who's really going to do that? You and I, perhaps, but we're not exactly in the meat of the browser demographics.
Google wants to reduce lifespan for HTTPS certificates to one year | ZDNet — Scott Helme argues that the security benefits of shorter SSL certificate lifespans have nothing to do with phishing or malware sites, but instead with the SSL certificate revocation process. Helme claims that this process is broken and that bad SSL certificates continue to live on for years after being mississued and revoked.

408: Apollo's ARC

Jupiter Broadcasting — Fri, 26 Jul 2019 00:15:00 -0700

We take a look at the amazing abilities of the Apollo Guidance Computer and Jim breaks down everything you need to know about the ZFS ARC.

Plus an update on ZoL SIMD acceleration, your feedback, and an interesting new neuromorphic system from Intel.

Links:

ZFS On Linux Has Figured Out A Way To Restore SIMD Support On Linux 5.0+ — Those running ZFS On Linux (ZoL) on post-5.0 (and pre-5.0 supported LTS releases) have seen big performance hits to the ZFS encryption performance in particular. That came due to upstream breaking an interface used by ZFS On Linux and admittedly not caring about ZoL due to it being an out-of-tree user. But now several kernel releases later, a workaround has been devised.
ZFS On Linux Runs Into A Snag With Linux 5.0
NixOS Takes Action After 1.2GB/s ZFS Encryption Speed Drops To 200MB/s With Linux 5.0+ — A NixOS developer reports that the functions no longer exported by Linux 5.0+ and previously used by ZoL for AVX/AES-NI support end up dropping the ZFS data-set encryption performance to 200MB/s where as pre-5.0 kernels ran around 1.2GB/s
Linux 5.0 compat: SIMD compatibility · zfsonlinux/zfs@e5db313 — Restore the SIMD optimization for 4.19.38 LTS, 4.14.120 LTS, and 5.0 and newer kernels. This is accomplished by leveraging the fact that by definition dedicated kernel threads never need to concern themselves with saving and restoring the user FPU state. Therefore, they may use the FPU as long as we can guarantee user tasks always restore their FPU state before context switching back to user space.
no SIMD acceleration · Issue #8793 · zfsonlinux/zfs — 4.14.x, 4.19.x, 5.x all have no SIMD acceleration, it is like a turtle. very slow.
Chris's Wiki :: ZFS on Linux still has annoying issues with ARC size — One of the frustrating things about operating ZFS on Linux is that the ARC size is critical but ZFS's auto-tuning of it is opaque and apparently prone to malfunctions, where your ARC will mysteriously shrink drastically and then stick there.
Software woven into wire, Core rope and the Apollo Guidance Computer — One of the first computers to use integrated circuits, the Apollo Guidance Computer was lightweight enough and small enough to fly in space. An unusual feature that contributed to its small size was core rope memory, a technique of physically weaving software into high-density storage.
Virtual Apollo Guidance Computer (AGC) software — Since you are looking at this README file, you are in the "master" branch of the repository, which contains source-code transcriptions of the original Project Apollo software for the Apollo Guidance Computer (AGC) and Abort Guidance System (AGS), as well as our software for emulating the AGC, AGS, and some of their peripheral devices (such as the display-keyboard unit, or DSKY).
The Underappreciated Power of the Apollo Computer - The Atlantic — Without the computers on board the Apollo spacecraft, there would have been no moon landing, no triumphant first step, no high-water mark for human space travel. A pilot could never have navigated the way to the moon, as if a spaceship were simply a more powerful airplane. The calculations required to make in-flight adjustments and the complexity of the thrust controls outstripped human capacities.
Brains scale better than CPUs. So Intel is building brains | Ars Technica — Neuromorphic engineering—building machines that mimic the function of organic brains in hardware as well as software—is becoming more and more prominent. The field has progressed rapidly, from conceptual beginnings in the late 1980s to experimental field programmable neural arrays in 2006, early memristor-powered device proposals in 2012, IBM's TrueNorth NPU in 2014, and Intel's Loihi neuromorphic processor in 2017. Yesterday, Intel broke a little more new ground with the debut of a larger-scale neuromorphic system, Pohoiki Beach, which integrates 64 of its Loihi chips.
Dancing Demon - YouTube — Written in 1979 by Leo Christopherson for the Radio Shack TRS-80 Model I computer. This is the best game ever for at that time.

407: Old School Outages

Jupiter Broadcasting — Wed, 10 Jul 2019 22:00:00 -0700

Jim shares his Nagios tips and Wes chimes in with some modern tools as we chat monitoring in the wake of some high-profile outages.

Plus we turn our eye to hardware and get excited about the latest Ryzen line from AMD.

Links:

Third parties confirm AMD’s outstanding Ryzen 3000 numbers | Ars Technica — AMD debuted its new Ryzen 3000 desktop CPU line a few weeks ago at E3, and it looked fantastic. For the first time in 20 years, it looked like AMD could go head to head with Intel's desktop CPU line-up across the board. The question: would independent, third-party testing back up AMD's assertions?
The Internet broke today: Facebook, Verizon, and more see major outages | Ars Technica — Last week, Verizon caused a major BGP misroute that took large chunks of the Internet, including CDN company Cloudflare, partially down for a day. This week, the rest of the Internet has apparently asked Verizon to hold its beer.
It was a really bad month for the internet | TechCrunch — In the past month there were several major internet outages affecting millions of users across the world. Sites buckled, services broke, images wouldn’t load, direct messages ground to a halt and calendars and email were unavailable for hours at a time.
Cloudflare outage caused by bad software deploy (updated) — For about 30 minutes today, visitors to Cloudflare sites received 502 errors caused by a massive spike in CPU utilization on our network. This CPU spike was caused by a bad software deploy that was rolled back.
How Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Today — Today at 10:30UTC, the Internet had a small heart attack. A small company in Northern Pennsylvania became a preferred path of many Internet routes through Verizon (AS701), a major Internet transit provider.
Getting started | Prometheus — This guide is a "Hello World"-style tutorial which shows how to install, configure, and use Prometheus in a simple example setup.
prometheus/node_exporter — Prometheus exporter for hardware and OS metrics exposed by *NIX kernels, written in Go with pluggable metric collectors.
Using netdata with Prometheus — Prometheus is a distributed monitoring system which offers a very simple setup along with a robust data model. Recently netdata added support for Prometheus.
prometheus/nagios_plugins — Nagios plugin for alerting on prometheus query results.
RobustPerception/nrpe_exporter — The NRPE exporter exposes metrics on commands sent to a running NRPE daemon.
m-lab/prometheus-nagios-exporter — The Prometheus Nagios exporter reads status and performance data from nagios plugins via the MK Livestatus Nagios plugin and publishes this in a form that can be scrapped by Prometheus.
Comparison to alternatives | Prometheus — Prometheus is a full monitoring and trending system that includes built-in and active scraping, storing, querying, graphing, and alerting based on time series data.
Quality server monitoring solution using NetData/Prometheus/Grafana — I’m going to quickly show you how to install both netdata and Prometheus on the client and server. We can then use grafana pointed at Prometheus to obtain long-term metrics netdata offers.
Monitoring stack by using Grafana + Prometheus + Netdata — This monitoring stack you can monitoring in real-time by Netdata and see the history by using Grafana.
Monitoring Agent · NCPA — New to NCPA? See some of the awesome features present in the Web GUI and API, available on any operating system.
Nagios 101: Understanding the Fundamentals - Nagios
Nagios Documentation

Episode 380: Terminal Fault

Jupiter Broadcasting — Thu, 16 Aug 2018 16:30:00 -0700

Microsoft’s making radical changes to Windows 10, and a new type of speculative execution attack on Intel’s processors is targeting cloud providers.

Episode 376: Google Don’t Front

Jupiter Broadcasting — Thu, 26 Jul 2018 15:15:00 -0700

Google and Amazon recently shutdown Domain Fronting. Their abrupt change has created a building backlash.

We’ll explain what Domain Fronting is, how activists can use it to avoid censorship, and why large organizations are compelled to disable it.

Plus how road navigation systems can be spoofed with $223 in hardware, and another bad Bluetooth bug.