The Geek’s Reading List – Week of February 12th 2016
I have been part of the technology industry for a third of a century now. For 13 years I was an electronics designer and software developer: I designed early generation PCs, mobile phones (including cell phones) and a number of embedded systems which are still in use today. I then became a sell-side research analyst for the next 20 years, where I was ranked the #1 tech analyst in Canada for six consecutive years, named one of the best in the world, and won a number of awards for stock-picking and estimating.
I started writing the Geek’s Reading List about 12 years ago. In addition to the company specific research notes I was publishing almost every day, it was a weekly list of articles I found interesting – usually provocative, new, and counter-consensus. The sorts of things I wasn’t seeing being written anywhere else.
They were not intended, at the time, to be taken as investment advice, nor should they today. That being said, investors need to understand crucial trends and developments in the industries in which they invest. Therefore, I believe these comments may actually help investors with a longer time horizon. Not to mention they might come in handy for consumers, CEOs, IT managers … or just about anybody, come to think of it. Technology isn’t just a niche area of interest to geeks these days: it impacts almost every part of our economy. I guess, in a way, we are all geeks now. Or at least need to act like it some of the time!
Please feel free to pass this newsletter on. Of course, if you find any articles you think should be included please send them on to me. Or feel free to email me to discuss any of these topics in more depth: the sentence or two I write before each topic is usually only a fraction of my highly opinionated views on the subject!
This edition of the Geeks List, and all back issues, can be found at www.thegeeksreadinglist.com.
Click to Subscribe
1) U.S. can’t ban encryption because it’s a global phenomenon, Harvard study finds
This pretty much states the obvious, but sometimes the obvious needs stating. We live in a world where you can do a Google search for malware and launch a DDoS attack without even knowing what a DDoS attack actually is. It is, frankly, stupid to assume that laws in the US, EU, or anywhere else are going to prevent ready access to encryption technology. As I’ve written before, the promoters of such nonsense are shooting themselves in the foot: the NSA is going to penetrate systems whether they are legally allowed to do so or not, and blathering on about it just makes people suspicious of US technology.
“After a two-year campaign from the FBI, U.S. intelligence officials, and powerful politicians calling for backdoor access into Americans’ encrypted data, a new Harvard study argues that encryption is a worldwide technology that the United States cannot regulate and control on its own. The study, titled “A Worldwide Survey of Encryption Products,” aimed to catalog all the encryption products available online today. Researchers identified 546 encryption products from developers outside the U.S., a number representing two-thirds of the 865 that are available worldwide. The point of the research is clear: There’s a whole world of cryptography outside the United States. Any U.S. law that mandates so-called “backdoors” in encryption technology—Sen. Richard Burr (R-N.C.) is currently writing a bill that may do just that—will just push the business outside American borders.”
2) New Software Can Actually Edit Actors’ Facial Expressions
This is really impressive technology which demonstrates how far image processing has come. Essentially the software allows a special effects technician to blend facial expressions from multiple shots, and to even vary that blending as desired. The video does a much better job at explaining it than I ever could. I don’t know how significant this will be for the post-production world, but it is still very impressive work.
“Shooting a scene in a movie can necessitate dozens of takes, sometimes more. In Gone Girl, director David Fincher was said to average 50 takes per scene. For The Social Network actors Rooney Mara and Jesse Eisenberg acted the opening scene 99 times (directed by Fincher again; apparently he’s notorious for this). Stanley Kubrick’s The Shining involved 127 takes of the infamous scene where Wendy backs up the stairs swinging a baseball bat at Jack, widely considered the most takes per scene of any film in history. A new software, from Disney Research in conjunction with the University of Surrey, may help cut down on the number of takes necessary, thereby saving time and money. FaceDirector blends images from several takes, making it possible to edit precise emotions onto actors’ faces.”
3) Flash memory’s density surpasses hard drives for first time
This only speaks to the number of bits per unit volume but it is pretty impressive. The density, speed, and power efficiency of SSDs is much better than HDDs but the real problem is price: SSDs are much more expensive. Nonetheless, I have predicted than as the price of 256GB SSDs approach $50, there will be a whole transition from HDDs to SSDs which will devastate the HDD industry. This should happen in the next 12 to 18 months and after than it’ll all be downhill as SSD pricing gets closer to HDD pricing.
“At last year’s ISSCC, Samsung white papers indicated that its 3D NAND flash products had reached 1.19Tbits per square inch (Tbpsi) and said in 2016 they would reach 1.69Tbpsi. This year, Micron revealed it had demonstrated areal densities in its laboratories of up to 2.77Tbpsi for its 3D NAND. … Because of 3D NAND’s greater density, manufacturers such as Micron and Intel are opening new plants or are revamping older NAND facilities to increase their 3D production, which is driving prices down. According to a recent report by DRAMeXchange, a division of market research firm TrendForce, the plummeting prices of SSDs have also driven their recent adoption in laptops. This year, SSDs will be used in around one-quarter of laptops. Next year, SSDs are expected to be in 31% of new consumer laptops, and by 2017 they’ll be in 41%, according to DRAMeXchange senior manager Alan Chen.”
4) Tesla Will Get Trampled by the Mass Market
Tesla reported weak financial results the other day but, as usual, the CEO was able to get investors to ignore the targets he missed and focused on the future (he’ll worry about those targets when he misses them). I find Tesla’s financial statements amusing: they are one of the only companies I’ve seen with “non-GAAP” revenue. Mind you they are nothing compared to Solar City’s financials. In any event, this article does a good job pointing out that the transition from selling heavily subsidized, unreliable, and expensive status symbols to somewhat less expensive cars will be challenging. Unlike real car companies like GM, why can afford to sell a small number of cars at a loss, Tesla will need ever greater amounts of capital just to stay in business.
“Even with an ambitious goal of building 500,000 cars a year by 2020, Tesla would only have a fraction of the scale enjoyed by its competitors in terms of global products and platforms. And a huge amount of each unit’s cost would still be tied up in expensive batteries, where savings are going to be very difficult. Tesla will have to cut costs to the bone to reach the targeted price for Model 3, meaning all the features that surprised and delighted consumers in the Model S — long range, rapid acceleration, a high-tech interior and innovative design– will be lost.”
5) Rooftop Solar Providers Face a Cloudier Future
I think people are confusing cause and effect: solar has never been cost effective way of generating power and it is unlikely it ever will be (that is a 10,000 word essay in itself). The transition from coal generation to natural gas has had a massive favorable impact on CO2 emissions and saves money to boot. The political will to subsidize a fundamentally non-viable scheme (solar) is weakening, and since that is the only reason these companies existed, they are now in deep trouble. Since few of the companies were profitable they relied on gullible investors to keep things going. Reality bites.
“Solar panels have been around for decades, but the businesses and methods that have propelled their fast spread across rooftops in the last five or six years are still new and untested. Many of the assumptions that underpin the financial models are far from certain, analysts and experts say, and as market conditions, public policies and technologies evolve, the risks are becoming more evident. Cheap natural gas doesn’t help, making it harder for rooftop solar energy to compete in markets with low electric rates. SolarCity’s troubles have attracted strong interest from short-sellers, who make money by wagering that a stock price will fall. Prominent among them is James S. Chanos, the hedge fund manager who, more than a decade ago, was one of the first to question Enron and make millions betting against it.”
6) Metel Bank Robbers Borrowing from APT Attacks
There seems to be no limit to the imagination of criminals. Here we have a very carefully planned and executed hack which netted $1B in cash money from ATMs in Russia. In many ways it’s a pity this sort of skill couldn’t be put to better use, but then again I doubt it would pay as well.
“Today at the Security Analyst Summit, researchers from Kaspersky Lab Global Research & Analysis Team unveiled details on two new criminal operations that have borrowed heavily from targeted nation-state attacks, and also shared an update on a resurgent Carbanak gang, which last year, it was reported, had allegedly stolen upwards of $1 billion from more than 100 financial companies. The heaviest hitter among the newly discovered gangs is an ongoing campaign, mostly confined to Russia, known as Metel. This gang targets machines that have access to money transactions, such as call center and support machines, and once they are compromised, the attackers use that access to automate the rollback of ATM transactions. As the attackers empty ATM after ATM—Metel was found inside 30 organizations—the balances on the stolen accounts remained untouched.”
7) Power Grid Honeypot Puts Face on Attacks
We carried an item on the hacking of Ukrainian power plants a few weeks ago along with a follow up which noted that the damage wasn’t actually caused as much by the hacking as plain old vandalism. This article talks about some of the challenges associated with a real hack of the grid. It turns out it’s a lot easier to say than to do. Still, state actors or even insiders would have the resources.
““The grid is designed for self-preservation at all costs,” Chowdhury said. “Knocking down one substation can be remediated within seconds. It would take a massive amount of resources to attack high-voltage substations to disrupt the bulk grid.” Chowdhury cautioned, however, that there are state actors who do target grids and critical infrastructure with a measure of success. The motivation for the honeypot his group built was to understand attackers’ behaviors once they and wormed their way onto a critical industrial network. The honeypot is a virtualized environment designed to mimic an EMS, a SCADA device that controls the grid. Access to an EMS could give a hacker complete access to an electric grid. Lures varied according to geographies and were tailored in some cases to particular APT groups known to chase power grid intrusions. Chowdhury said the honeypot’s file systems were loaded with dummy transmission diagrams, mundane engineering documents, AutoCAD documents, data related to locations and transmission information.”
8) Trane thermostat is a hot spot for viruses on home networks
I’ve written about the vulnerabilities of Internet of Things devices in the past: they are typically companies who lack the network security expertise of a Microsoft or Apple. In fact, many are made by nameless subcontractors and simply branded by familiar companies. The issue is not so much somebody might fiddle with your thermostat setting but they might instead install malware which snarfs up confidential information, etc.. As more and more of these types of low priced, insecure products are installed, more people will be victimized.
“The Talos team sent Trane a warning in April, then another in June, and yet again in August and September. Nothing was heard from the firm. In April 2015, one year after the first alert, Trane fixed the hardcoded password issue with a new release of the ComfortLink’s firmware. Cisco then tipped off US CERT about the remaining issues. Trane eventually addressed the flaws in its code in January 2016, but didn’t tell its customers that new firmware is available. The security fixes aren’t installed automatically, either: you need to download the update to an SD card, and then plug said card into the thermostat to perform the installation.”
9) Apple under pressure as lawyers pledge action over ‘Error 53’ codes
This problem mention in last week’s Geek’s Reading List: Apple decided the best course of action if you get your phone repaired elsewhere was to unilaterally destroy your phone. As this article notes (and as we suggested last week) this is probably criminal and is almost certainly grounds for a significant lawsuit. Affected Apple owners are understandably outraged while the predictable chorus of Apple fanatics are justifying the move as reasonable within the context of security. This is yet another reason to avoid Apple products in general.
“At least one firm of US lawyers said it hopes to bring a class action against the technology giant on behalf of victims whose £500 phones have been rendered worthless by an Apple software upgrade. In the UK, a barrister told the Guardian that Apple’s “reckless” policy of effectively killing people’s iPhones following the software upgrade could potentially be viewed as an offence under the Criminal Damage Act 1971. The act makes it an offence to intentionally destroy the property of another.”
10) Apple takes its eye off the ball: Why Apple fans are really coming to hate Apple software
I swore off Apple products a while back and refuse to install abominations like iTunes on any of my computers. This article looks at some of the complaints Apple users have regarding the how the quality of the company’s software products seems to be slipping. I obviously have no idea how accurate the article is, but investors might be interested in the implications of a deteriorating franchise – especially when the company has a reputation for high quality products at high prices.
“There always have been two great virtues in Apple’s policy of keeping the development of hardware and core software in-house: their seamless integration with each other and their quality. Lately, however, these virtues have started to disappear. The last few weeks have seen an explosion of discontent with the quality of the core apps of Apple’s iPhones, iPads and Mac computers — not only its OS X and iOS operating systems, but programs and services such as iTunes, Music, iCloud and Photos. Not only do the programs work poorly for many users, but they don’t link Apple devices together as reliably as they should. These complaints aren’t coming merely from users but several widely followed tech commentators who used to fit reliably in the category of Apple fans.”
11) New Device Could Help Get Paralyzed People Back on Their Feet
This looks like a potentially impressive development but it is hard to assess how real that potential is. It is one thing to develop a gizmo which can be installed in the brain and yet another to get it to work and interpret the results. Above all, I’d be concerned about the potential for stroke. Nonetheless, you can’t help but wish them well.
“The brain machine interface consists of a stent-based electrode (stentrode), which is implanted within a blood vessel in the brain, and records the type of neural activity that has been shown in pre-clinical trials to move limbs through an exoskeleton or to control bionic limbs. The new device is the size of a small paperclip and will be implanted in the first in-human trial at The Royal Melbourne Hospital in 2017. The participants will be selected from the Austin Health Victorian Spinal Cord Unit. The results published today in Nature Biotechnology show the device is capable of recording high-quality signals emitted from the brain’s motor cortex, without the need for open brain surgery.”
12) HBO Now slow to catch on with ‘cord-cutters’
The predictions of subscriber growth might have been lofty, but HBO probably has a challenge in terms of pricing. The service is not available in Canada, but in the US it is $15/month, about double Netflix, and that is simply too high for the content. HBO has some of the best content on TV, especially in its own series, however Netflix is gaining on them. The problem is that HBO can’t undercut the pricing it charges cable providers without disrupting that industry so it is in a bit of a bind.
“People seem to love HBO’s “Game of Thrones” and “Girls.” But maybe not that much if they have to pay to watch them. HBO Now, the premium channel’s online-only subscription service, was expected to be a big hit with people who are cutting back on cable subscriptions, but adoption of the new service for now looks to be underwhelming. The channel’s CEO mentioned on a call with analysts Wednesday that HBO Now has brought in about 800,000 subscribers so far, well below the lofty predictions for the service.”
13) Moore’s law really is dead this time
If so then what? Whether Moore’s Law is slowing now or not we are running into limits imposed by behaviour of devices on quantum scale. Regardless, the semiconductor industry has been growing at GDP +/- a few percent for about a decade now because the end markets are mostly mature and that has little to do with Moore’s Law. The real challenge for the industry is that no new sizeable markets are emerging to make up the difference. Perhaps robotics and self-driving cars might, but until then expect industry news to be dominated my mergers and acquisitions.
“But even these new techniques were up against a wall. The photolithography process used to transfer the chip patterns to the silicon wafer has been under considerable pressure: currently, light with a 193 nanometre wavelength is used to create chips with features just 14 nanometres. The oversized light wavelength is not insurmountable but adds extra complexity and cost to the manufacturing process. It has long been hoped that extreme UV, with a 13.5nm wavelength, will ease this constraint, but production-ready EUV technology has proven difficult to engineer. Even with EUV, it’s unclear just how much further scaling is even possible; at 2nm, transistors would be just 10 atoms wide, and it’s unlikely that they’d operate reliably at such a small scale. Even if these problems were resolved, the specter of power usage and dissipation looms large: as the transistors are packed ever tighter, dissipating the energy that they use becomes ever harder.”
14) Researchers Discover a Cheap Method of Breaking Bitcoin Wallet Passwords
This is a little about Bitcoin, a bit more about encryption, and a lot about how cheap cloud services are. Back in the olden days, intelligence agencies had exclusive access to super computers because the things were so darned expensive. That meant a secure cypher was secure unless you had a smart cryptography team and a super computer. Now you can rent the equivalent of a supercomputer for next to nothing. Of course, you still need the smart guy but there are plenty of PhDs in encryption graduating every year.
“Unfortunately, this is not a safe method to create Bitcoin private keys, which White Ops security researcher Ryan Castellucci proved last summer at the DEFCON 23 security conference in Las Vegas, USA. Expanding on his work, two researchers from the University College London have targeted the secp256k1 elliptic curve algorithm used in Bitcoin’s internal make-up. … The researcher also revealed that, by using a run-of-the-mill Amazon EC2 account, an attacker would be able to check over 500,000 Bitcoin passwords per second. For each US dollar spent on renting the EC2 server, an attacker would be able to check 17.9 billion password strings. To check a trillion passwords, it would cost the attacker only $55.86 (€49.63).”
15) New 1-Terabit internet satellites will deliver high-speed internet to remote areas
Broadband from geostationary satellites has a lot for problems: it is slow (a typical ping time is 600 milliseconds) and easily disrupted by weather. Plus there are typically data caps and limited speeds. Nonetheless, it is a good way to deploy coverage to specific and large parts of the planet without wasting infrastructure spending on parts you don’t cover as is the case with proposed satellite constellations. Significant advances in capacity mean the price of satellite broadband should drop and broadband caps and speeds should increase over the near future, making it a practical solution for more people in rural or underdeveloped areas.
“US-based satellite company ViaSat is teaming up with Boeing to create and deliver three new satellites that will deliver high-speed internet to remote areas around the world. The partnership was announced yesterday, months before the company is scheduled to launch its previous generation satellite, ViaSat-2, on a SpaceX Falcon 9 rocket. The new ViaSat-3 satellites will be capable of much more. Each satellite will carry with it a total network capacity of 1 Tbps (yes, Terabit per second), about triple what ViaSat-2 is capable of. That will allow ViaSat to deliver 100 Mbps service to remote residential properties in the Americas, Europe, the Middle East, Africa, and Asia. The company claims that work is already underway on the first two satellites, and that Boeing is already preparing them for launches by the end of 2019.”
16) Terahertz wireless technology could bring fiber-optic speeds out of a fiber
This sure sounds impressive as they are using wireless technology to move data at a rate similar to fiber optic. The devil, as always, is in the details not provided, namely the conditions under which this was done. The higher the frequency of radio, the more it behaves like light, and you can bet some pretty fancy waveguides and antennas were needed to do this. There is a good chance the environment was carefully controlled and was likely extremely short range.
“Now THz wireless technology is armed with very wide bandwidths and QAM-capability. The use of QAM was a key to achieving 100 gigabits per second at 300 GHz,” said Prof. Minoru Fujishima, Graduate School of Advanced Sciences of Matter, Hiroshima University. “Today, we usually talk about wireless data-rates in megabits per second or gigabits per second. But I foresee we’ll soon be talking about terabits per second. That’s what THz wireless technology offers. Such extreme speeds are currently confined in optical fibers. I want to bring fiber-optic speeds out into the air, and we have taken an important step toward that goal,” he added.”
17) iOS Date & Time Bug Bricks 64 bit Apple Devices
This is a pretty obscure bug and it is not surprising that Apple didn’t find it however it is pretty amazing somebody did. I’m not dumping on Apple in this article, but I’m putting this here to let people know NOT to replicate these steps in case they read about a “neat trick” in an email or web page. Yeah, people will happily do that.
“Users have recently uncovered a rare bug that can brick an iPod, iPhone, or iPad. The bug is known to effect iOS devices that contain A7, A8, A9, and A9X chipsets. All versions of the OS are affected. Trolls around the web are attempting to trick unsuspecting individuals into replicating this process, utilizing fake infographics and other tools to their advantage. If anyone tells you to complete the steps listed below, don’t listen to them!”
18) Billion-dollar mistake: How inferior IT killed Target Canada
It is hard to believe this degree of incompetence was exclusively confined to Target’s IT. It’s not like you go down a path and keep going on auto-pilot: there are basic responsibilities associated with running a business, especially a publicly traded one, and it seems pretty clear the people running Target at all levels are prime examples of the “Peter Principal”. How much incompetence does it take not to realize that your shelves are empty and you need to do something about it?
“But Target Canada couldn’t keep track of their products. At first, there was too little coming into the distribution centers. Therefore, store shelves were left bare. Canadian customers who visited these first Targets found ghost towns in the form of large, cavernous stores with barely anything on the shelves. It was like a real-life Fallout 3 Super-Duper Mart. Later, the distribution centers became overwhelmed. The company managed to order goods, so they came into the distribution centers. But because they couldn’t properly compute shelving locations (that conflict between imperial units and the metric system), items backed up so much in the distribution centers that Target Canada management had to offload stock to additional area warehouses. So they had way too much stock in storage and not enough on the shelves.”
19) Artificial Intelligence May Hold Key to Radiology’s Future
AI is probably going to be a major factor in the analysis of medical tests and imaging in the future. That doesn’t mean there won’t be doctors because the results of a test have to be evaluated within the context of a number of other factors and false positives can be as problematic as false negatives. Nonetheless, AI will probably have an important role as a failsafe to make sure nothing has been missed by the person making the decision.
“In one study, published in the Public Library of Science, 1 a collective intelligence of radiologists reduced false positives and false negatives when interpreting mammograms. This swarm AI overcame “one of the fundamental limitations to decision accuracy that individual radiologists face,” the authors concluded. The study demonstrated that this swarm intelligence could improve mammography screening and has the potential to improve many other types of medical decision-making, “including many areas of diagnostic imaging.” In another study, a dozen radiologists increased their ability to diagnose skeletal abnormalities correctly. The researchers concluded at the ninth international conference on swarm intelligence in 2014 that the “algorithm’s accuracy in distinguishing normal versus abnormal patients was significantly higher than the radiologists’ mean accuracy.””
20) Deep Learning Makes Driverless Cars Better at Spotting Pedestrians
I suspect self-driving cars will use a combination of imaging technologies ranging from radar to LIDAR, to simple video to work their magic. This article has another cool video which demonstrates the technology in action. I don’t think the frame rate is that important, especially for driving. There are doubtless other applications such as security monitoring, which can probably use this as well.
“Today’s car crash-avoidance systems and experimental driverless cars rely on radar and other sensors to detect pedestrians on the road. The next improvement may come from engineers at the University of California, San Diego (UCSD), who have developed a pedestrian detection system that can perform in close to real-time based on visual cues alone. This video-only detection could make systems for spotting pedestrians both cheaper and more effective.”