The Geek’s Reading List – Week of August 19th 2016
Welcome to the new abbreviated Geek’s Reading List. I have decided to cut back to a maximum of 10 articles per week as it is becoming harder and hard to find interesting tech or science articles which are not puffery, billionaire worship, or other nonsense.
These articles and the commentary are not intended to be taken as investment advice, nor should they today. That being said, investors need to understand crucial trends and developments in the industries in which they invest. Therefore, I believe these comments may actually help investors with a longer time horizon. Not to mention they might come in handy for consumers, CEOs, IT managers … or just about anybody, come to think of it. Technology isn’t just a niche area of interest to geeks these days: it impacts almost every part of our economy. I guess, in a way, we are all geeks now.
Please feel free to pass this newsletter on. Of course, if you find any articles you think should be included please send them on to me. Or feel free to email me to discuss any of these topics in more depth: the sentence or two I write before each topic is usually only a fraction of my highly opinionated views on the subject!
This edition of the Geeks List, and all back issues, can be found at www.thegeeksreadinglist.com.
1) Did The NSA Continue To Stay Silent On Zero-Day Vulnerabilities Even After Discovering It Had Been Hacked?
Once upon a time the NSA would advise companies on security and even help create standards. I strongly believe US companies are “guided” to insert obscure weaknesses in their equipment the NSA can exploit (see item 2). Of course, the Russians, Chinese, and others are not complete idiots so they know those weaknesses are there: they just have to find them. The reason I figure NSA didn’t inform the tech companies is because either they already knew about them or were ignorant they had been installed. I am not sure which is worse.
“The NSA’s exploit stash is allegedly for sale. As mentioned earlier this week, an individual or a group calling themselves Shadow Brokers claims to be auctioning off parts of the NSA’s Tailored Access Operations (TAO) toolkit, containing several zero days — including one in Cisco’s (a favorite NSA TAO target) Adaptive Security Appliance which allows for remote code execution. The thing about these vulnerabilities is that they aren’t new. The exploits being hawked by Shadow Brokers date back to 2013, suggesting the agency has been sitting on these exploits for awhile. The fact that companies affected by them don’t know about these flaws means the NSA hasn’t been passing on this information. Back in 2015, the NSA declared that it passed on information about vulnerabilities to affected companies “90% of the time.” Of course, this statement contained very few details about how long the NSA exploited vulnerabilities before allowing them to be patched.”
2) Cisco confirms NSA-linked zeroday targeted its firewalls for years
A number of months back Juniper announced a series of “weakness” had been “discovered in its firewalls. There were strong suggestions these were installed by state players. Not coincidentally those announcements were well timed with respect to third party disclosure. Now it is Cisco’s turn: shortly after the announcement that NSA hacking tools were available Cisco announced it has “discovered” a vulnerability in its equipment. I sure they were shocked. They will get around to providing a patch but chances are their gear has other, as yet undisclosed problems, along with the new ones it will introduce in due course. That’s the great thing about a free market: you might not be able to buy equipment secure from spies but you can choose whose spies you want to use.
“Cisco Systems has confirmed that recently-leaked malware tied to the National Security Agency exploited a high-severity vulnerability that had gone undetected for years in every supported version of the company’s Adaptive Security Appliance firewall. The previously unknown flaw makes it possible for remote attackers who have already gained a foothold in a targeted network to gain full control over a firewall, Cisco warned in an advisory published Wednesday. The bug poses a significant risk because it allows attackers to monitor and control all data passing through a vulnerable network. To exploit the vulnerability, an attacker must control a computer already authorized to access the firewall or the firewall must have been misconfigured to omit this standard safeguard.”
3) Bacteria coaxed to deliver chemo drugs right inside tumours
This is an interesting approach: take magnetotactic bacteria and load it up with chemo drug. Inject close to the tumor and use a magnetic field to direct the bugs toward the spot. It’s a bonus that they also like low oxygen levels such as those around tumor. The short life might be a problem or a feature: you don’t want long lived bacteria crawling around your body. Nevertheless perhaps they can engineer the bugs to last an hour or so, extending their “range”.
“The bacteria were then ready to test on mice with colorectal tumours. The drug-loaded bacteria were injected a few centimetres from the tumour. The researchers used weak magnetic fields to direct the bacteria to the tumour, then relied on the bacteria’s low-oxygen navigation to bring them to the most active part of the tumour. … Once the experiment was over, the researchers examined the tumour under a microscope. Special dyes allowed them to distinguish between the bacteria, the drugs and different regions of the tumour. They found that on average, about 55 per cent of the 100 million bacteria they injected into each mouse made it to the low-oxygen areas of the tumour, they reported in the journal Nature Nanoscience this week.”
4) Tech IPO Clog Poised to Burst
Time was companies did an IPO because they needed capital to finance their expansion. Maybe that still happens but in the case of “Unicorns” (privately owned tech companies with a valuation of $1B or more) it is because the investors have decided the lamb is ready for slaughter. They want the ability to sell their shares to an unsuspecting public and have individuals fund their losses. You know a deal is a bad deal when the people who know most about a company would rather you buy it from them. Fortunately for “Unicorn” owners investment banks are very polished and investors are very gullible. Stay away.
“Some unicorns like Dropbox may not like what they hear as they start talking to advisers and investors about going public. Dropbox’s similarly named public rival, Box, trades at about four times the company’s expected revenue for next year, according to Bloomberg estimates. The Wall Street Journal last year cited a source who said Dropbox’s revenue was likely to hit $500 million in 2015. If Dropbox’s sales double this year, and do so again in 2017, Dropbox could be valued at about $8 billion at Box’s revenue multiple. If Dropbox does go public at a valuation below its current one, it will have plenty of company. Box did it, too.”
5) Verizon Offered to Install Marketers’ Apps Directly on Subscribers’ Phones
Crapware installation has become a big business for the PC industry and it is emerging in the wireless device business as well. This isn’t exactly new: “locked” phones have included crapware for some time now. I think Verizon’s rumored pricing is whacko and it seems the market agrees. What is a bit odd is that Verizon has done away with contracts so there is no reason to buy a phone from them. Get an unlocked phone directly from the manufacturer, probably save money, and have less garbage installed on it.
“The wireless carrier has offered to install big brands’ apps on its subscribers’ home screens, potentially delivering millions of downloads, according to agency executives who have considered making such deals for their clients. But that reach would come at a cost: Verizon was seeking between $1 and $2 for each device affected, executives said. Verizon started courting advertisers with app installations late last year, pitching retail and finance brands among others, agency executives said.”
6) Walabot lets you see inside your walls or floors
As a guy engaged in never ending construction jobs I can see a lot of potential for this gizmo. As near as I can tell it is a radar unit, and, if so, lots of similar product could come on the market and make priced a bit more mainstream. I am a bit skeptical though. Most of the demonstration videos don’t really look like the video they show on the article.
“WalabotDIY is a 3D imaging device that works along with your Android smartphone using an app that is available for download at no cost. Once the app is installed, the device can be used to scan the wall and images are projected onto the screen of the smartphone. The idea is to allow the user to know how far they need to drill or cut to avoid hitting any pipes, wires, or other items inside the walls.”
7) Why Drones Actually Can’t Deliver Packages to Homes
I am glad somebody finally bothered doing the math. Of course, it could be that gasoline powered drones would be the solution nevertheless I can’t wait for the first fatality associated with a heavy drone dropping from the sky so somebody could get a book a day faster.
“My first investigation was aimed at understanding why the drone flight time was limited to 20 minutes. Being an engineer, I developed the math for it. It is based on a few known characteristics of the current state of technology. Most drones use electric motors and batteries. In my research, I found that a battery typically holds a capacity of 65Wh (Watt-Hour) for every 1 pound of battery weight. The “hover” or cruise speed power requirement for a drone is 100W for every 1 pound of overall weight (drone + batteries + payload), while it requires 200 W/lb to climb or fly at speed. Finally, the power system (motor + speed controller) delivers 1,000W for every 1 pound of drone weight (not including batteries or payload). I checked the performance specifications for many different sizes and manufacturers of electric motors and batteries, and found that the numbers above were very consistent. I don’t want to bore you with the math, so I’ll skip right to the conclusion. When you do the calculations, you find that it results in the following: For a 30-minute flight, a drone’s overall weight (drone + batteries + package) must be 20 times that of the package alone. The batteries’ weight accounts for most of that. For a five-minute flight, the overall weight has to be only 1.5 times that of the package.”
8) The LTE Apple Watch 2 is dead, but the new model may still have GPS
Well, duh. A big part of a smartphone’s battery consumption is the display but the rest is the radio. The power consumption of the receiver is subject to some Moore’s Law related improvement but the transmitter is pretty much a matter of physics. No kidding you can’t get enough power in a watch sized battery. As for the GPS, well, golly, that would give the Apple Watch the same capability as a wrist mounted Garmin product I had a decade ago.
“That LTE Apple Watch you’ve been wishing for is probably not coming any time soon — but the new version will have GPS tracking as previously rumored, so at least there’s that. According to a report from Bloomberg, Apple ran into trouble with battery life for a version of the incoming Apple Watch 2 with cellular connectivity. All that data transferring decimated the wearable’s small battery.”
9) Popular Internet of Things Forecast of 50 Billion Devices by 2020 Is Outdated
I wish more people understood that IDC and Gartner are in the business of selling industry research, not making accurate predictions. Selling industry research is predicated on making it sound exciting: no investor or entrepreneur is going to fork over big bucks unless you are forecasting sunny skies and huge growth. The *lowest* forecast for the IoT market I was able to uncover is $4T which is about 22% of the GDP of the US, and fully 4% of global GDP.
“Still, it would seem the practical utility of IoT estimates is limited if they have the potential to be revised by many billions of units. Turner at IDC says such variation and fluidity of these numbers is typical of early estimates focused on nascent markets. The point, he suggests, is to think of the estimates as a general signal, rather than focus on the specific numbers. There are many reasons why projections from different firms may change over time, or simply not match up in the first place. Each company starts with its own definition of IoT and refines its methods over time.”
10) With SolarCity Cuts, Elon Musk’s Magic May Be Wearing Thin
What I find remarkable is not the content of the article (seriously: no s—t, Sherlock) but that articles like these are becoming more and more common. Some “business plans” revolve around telling louder and ever more elaborate versions of stories people want to hear. Whether the stories are grounded in reality is moot provided investors are willing to provide the money. This works perfectly until it stops working. Once the money supply dries up the whole thing comes crashing down and the first signs the money supply is going to dry up is when people start thinking rationally.
“Musk’s grand vision for an integrated solar-plus-electric-vehicle behemoth, meanwhile, looks increasingly like a reality distortion field. The opening of the massive solar-panel factory the company is building in Buffalo, New York, has already been pushed back to mid-2017. Some analysts have estimated that the factory is likely to lose as much as $150 million a year once it reaches full production. What’s more, there is little indication that huge numbers of people are clamoring for the ability to equip their homes with SolarCity panels, a Tesla Powerwall battery, and a charging system for their Teslas. In short, SolarCity’s latest moves could be a signal that merging two companies with combined 2015 losses of $1.6 billion might not be such a great idea after all.”