Welcome to DJ's Junk Drawer.
Monday, September 26, 2011
Saturday, September 24, 2011
If you see NASA’s falling satellite today, remember to duck
Good news: If you are reading this story on Friday evening or Saturday morning, it means that you have yet again survived the momentous (but incredibly common) impact of a meteorite here on Earth. If you’re reading this on Friday morning, though, on your way to work perhaps, be sure to keep an eye out for NASA’s 20-year-old, 6.5-ton, bus-sized Upper Atmosphere Research Satellite which is scheduled to begin its fiery descent through our planet’s atmosphere some time today.
UARS, which was deployed by Space Shuttle Discovery on STS-48 back in 1991, was originally tasked with studying the Earth’s ozone layer. Its mission was only meant to last three years, but by the time it was finally decommissioned in 2005, six out of its 10 instruments were still operational. Now, six years after it was (intentionally) placed into an orbit that would impact the Earth, UARS is heading home.
The satellite will splinter into hundreds of pieces as it tumbles towards Earth, and much of it will burn up during re-entry, but 26 larger metal chunks — fuel tanks, support struts, and so on– will survive the friction and strike the Earth at around six miles per second, or 21,000mph. Needless to say, if you end up on the wrong end of a hundred-pound fuel tank moving at 20 times the speed of sound, you are unlikely to emerge the victor; on the other hand, the meteorite will be moving so quickly that you won’t even see it coming, so at least your messy, fragmented death will be relatively peaceful.
The good news is that no one — at least in recorded history — has ever been killed by a meteorite, a happy statistic that is made positively amicable by the fact that over 3,000 meteorites slam into Earth every day. 75% of the Earth’s surface is water, you see — and out of the remaining 25%, we humans only occupy a few percent. “Earth’s City Lights,” a photo of the Earth’s surface at night (and ironically enough, captured by a satellite), shows just how sparsely spaced our settlements are.
Still, the most worrying thing is that NASA doesn’t know where the satellite debris will strike; it only knows that it will hit between Friday evening and Saturday morning, that the meteorites will stretch across a 500-mile path, and that it won’t hit North America; good news if you want to see tomorrow’s dawn, but bad news if you were hoping for a glimpse of the firework display that will occur when the satellite begins to burn up — or if you happen to be outside North America…
Overall, NASA says there’s a 1-in-3200 chance of someone being struck by the satellite — and if you extrapolate that out to the actual chance of you being hit by it, it’s something like 1-in-a-few-trillion. In other words, you have more chance of winning the lottery tomorrow than being struck by the satellite.
Read more at Space and The New York Times (which includes a hilarious quote from a rabbi…), or the BBC (which has a video of the satellite falling)
Thursday, September 22, 2011
Demystifying UEFI, the long-overdue BIOS replacement
After more than 30 years of unerring and yet surprising supremacy, BIOS — the IBM PC’s Basic Input Output System — is taking its final bows and shuffling into the theater’s wings. Taking its place in the limelight is UEFI, a specification that begun its life as the Intel Boot Initiative way back in 1998 when BIOS’s antiquated limitations were hampering systems built with Intel’s Itanium processors. Later, the Initiative became EFI, and in 2005 Intel donated EFI to the newly-formed UEFI Forum, a consortium made up of the usual suspects: AMD, Apple, IBM, Intel, Microsoft, and so on.
UEFI, or Unified Extensible Firmware Interface, is a complete re-imagining of a computer boot environment, and as such it has almost no similarities to the PC BIOS that it replaces. While BIOS is fundamentally a solid piece of firmware, UEFI is a programmable software interface that sits on top a computer’s hardware and firmware (and indeed UEFI can and does sit on top of BIOS). Rather than all of the boot code being stored in the motherboard’s BIOS, UEFI sits in the/EFI/ directory in some non-volatile memory; either in NAND on the motherboard, on your hard drive, or on a network share (more on that later).
As a result, UEFI almost resembles a light-weight operating system. A computer boots into UEFI, an arbitrary set of actions are carried out, and then it triggers the loading of an operating system. Further reinforcing its OSness, the UEFI spec defines boot and runtime services, protocols for communication between services, device drivers (UEFI is designed to work across all platforms), extensions, and even an EFI shell, where you can run EFI applications. On top of all this is the boot loader, which executes an operating system’s boot loader.
UEFI, being a pseudo-operating system, can access all of the hardware on the computer — you can surf the internet from the UEFI interface, or backup your hard drives — and it even has a full, mouse-driven GUI (below right). The fact that all of this boot data is stored on NAND flash or on a hard drive means that there’s a lot more space for things like language localization, boot-time diagnostics (begone meaningless POST beeps!), utilities (backup, restore, malware scanners), and so on.
As a corollary, the fact that UEFI is entirely software-based is what makes it unified. So far UEFI has been used by almost every combination of 32- and 64-bit ARM, Intel, and AMD chips, and in each case the boot code just had to be compiled for the target platform. Every major desktop (OS X, Windows) and server OS (Linux) supports UEFI boot today — and Windows 8, when it rolls out, will have features that only work with UEFI (though it will still run on conventional, BIOS-booted computers).
Underneath this crazy, extensible, software-driven interface, UEFI also specifies a few standard features that must be implemented. Windows 8′s ability to detect rootkit and malware infections (and rogue Linux installations), for example, relies on UEFI’s secure boot functionality. Low-level cryptography, network authentication, universal graphics drivers, and more, are all provided as standard. Update: Microsoft now has an excellent article about UEFI, Windows 8, and secure boot (Linux will be able to run just fine!)
Finally, it’s worth noting that UEFI is still incredibly young, and very few operating systems actually take advantage of any of the features listed above. Linux certainly supports UEFI, but no Linux distro really utilizes it. Mac OS X makes slightly better use of UEFI with the Bootcamp boot manager. Windows 8, when it launches in 2012, will probably be the first major OS to take extensive advantage of UEFI, with Restore, Refresh, secure boot, and possibly more.
Read more about UEFI on Wikipedia, UEFI Forum website, or How-To Geek
If you know how to pronounce UEFI, do let us know in the comments. We want to pronounce it “you-eff-eye,” but it could also be “you-fee,” or even “oo-fee”…
Wednesday, September 21, 2011
The search for Snoopy, Apollo 10′s 42-year-old lunar module
Mark Thompson of Discovery writes about a group of amateur astronomers who are embarking on an "epic quest to track down the 42-year-old lunar module that's adrift in the solar system." They think it is orbiting the sun.
How technology is changing business [Infographic]
Updated. The society as we know it is going through a radical makeover, thanks to constant connectivity everywhere. This is creating a need for a digital makeover of everything – from retail to our postal system. It is changing our infrastructure needs and it is also increasing the velocity of business. The Economist Intelligence Unit have Progress Software has crafted an infographic that captures this change based on research from the Economist Intelligence Unit.
Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.
- Flash analysis: lessons from Solyndra’s fall
- Millennials in the enterprise, part 1: strategies for supporting the new digital workforce
- From car to cloud: the future of the in-vehicle app landscape
DigiNotar goes bust
Digital certificate authorities everywhere be warned: Hackers can destroy you. Today parent company VASCO Data Security announced that DigiNotar has been declared bankrupt. The action comes after weeks of controversy, following an intrusion that allowed a hacker to distribute more than 500 rogue digital certificates. Browser makers like Google and Microsoft responded by blocking DigiNotar certificates, thus cutting off the company's lifeline. The question now: Who's next?
DigiNotar's problems started in late August, when the first rogue certificates appeared. After Google and Microsoft suspended -- that is "untrusted" -- DigiNotar, the CA suspended issuing certificates. Two weeks ago, a hacker using the handle COMODOHACKER took responsibility for the security breach, claiming to have distributed 531 rogue certificates and to have breached five other certificate authorities. Now that he (or she) has essentially destroyed DigiNotar, will COMODOHACKER move on to the others? Or perhaps other CAs have tightened security since the DigiNotar breach.
Mozilla demanded they do. The open-source browser maker issued an ultimatum to all CAs, which must provide certain assurances and also make changes to restore the organization's trust in them and the certificates they issue. Mozilla set a September 16 deadline, and now may block non-compliant CAs. The aggressive posture is meant to restore trust, and for good reason. Once afraid, people aren't quite to trust. Digital Certificates are all about establishing and maintaining trust -- that websites are safe, secure and who they say they are.
DigiNotar's problem was broken trust and difficulty posed re-establishing it. Google, Microsoft, Mozilla and other browser makers have to be concerned as much about their reputations -- who will trust them -- even more than DigiNotar's ability to secure its site from future intrusion.
The bankruptcy filing is also about protecting VASCO's trust, as CEO T. Kendall Hunt alludes in a statement: "Although we are saddened by this action and the circumstances that necessitated it, we would like to remind our customers and investors that the incident at DigiNotar has no impact on VASCO's core authentication technology. The technological infrastructures of VASCO and DigiNotar remain completely separated, meaning that there is no risk for infection of VASCO’s strong authentication business".
Guilt by association is the risk facing VASCO, something the company has clearly decided to avoid. Hunt says that the bankruptcy filing will bring DigiNotar to an "appropriate conclusion" and that VASCO would "cooperate with the Dutch government in its investigation of the person or persons responsible for the attack on DigiNotar".
VASCO executives can't seem to say enough how much its business and technology is separate from DigiNotar's. In a separate statement, VASCO President Jan Valcke says the bankruptcy "does not involve VASCO’s core two-factor authentication business". However, "we expect that we will be able to integrate the PKI/identity verification technology acquired from DigiNotar into our core authentication platform. As a result, we expect to be able to offer a stronger authentication product line in the coming year to our traditional customers". In other words, a new VASCO certificate authority will soon replace DigiNotar.
DigiNotar's bankruptcy filing was yesterday, and the subsidiary declared bankrupt today. Not being an expert on Dutch law, I make presumptions now based on yet another statement, this one from VASCO CFO Cliff Bown. In the United States, companies sometimes use bankruptcy as a means of shielding against damages in legal claims. I presume VASCO is taking a similar approach here by ending DigiNotar operations through a bankruptcy filing. Surely someone will sue.
"We are working to quantify the damages caused by the hacker’s intrusion into DigiNotar’s system and will provide an estimate of the range of losses as soon as possible", Bown says. "While the losses associated with DigiNotar are expected to be significant, we do not expect, given the manner in which the acquisition of DigiNotar was structured, that the value of all of the intangible assets acquired will be fully impaired".
As part of the damages assessment, VASCO clearly hopes to preserve DigiNotar's core value for future products: "We expect that a significant portion of the value assigned to the intellectual property acquired from DigiNotar to continue to have value as we incorporate the technology into our existing product line", Bown said.
Photo Credit: Jimmi/Shutterstock
Wednesday, September 14, 2011
The Definitive SF Works of Chris Foss: exclusive preview
Titan Books gave me permission to present samples from the new art book, The Definitive SF Works of Chris Foss. It's available in a standard edition for $21.14, and a special edition for $75 that comes in a slipcase with an alternate cover, an extra 8-page cover gallery and a signed Chris Foss print in an envelope.
Foss’s groundbreaking and distinctive science fiction art revolutionized paperback covers in the 1970s and 80s. Dramatically raising the bar for realism and invention, his trademark battle-weary spacecraft, dramatic alien landscapes and crumbling brutalist architecture irrevocably changed the aesthetic of science fiction art and cinema.
Featuring work for books by Isaac Asimov, E. E. ‘Doc’ Smith, Arthur C. Clarke, A. E. Van Vogt and Philip K. Dick, and film design for Ridley Scott and Stanley Kubrick, this volume brings together many rare and classic images that have never been seen or reprinted before. The first comprehensive retrospective of Chris Foss’s SF career.
All images © Chris Foss courtesy ChrisFossArt.com
Microsoft, Intel chart separate paths in the post-PC era
Microsoft and Intel both unveiled initiatives on Tuesday that, while unrelated, show how the Wintel partners are trying to separately navigate a new “post-PC” world. Microsoft unveiled Windows 8 to developers, showing off a new operating system that will work on both tablets and computers and will play nicely with ARM processors. Meanwhile, at a separate developer event, Intel strengthened its commitment to Android, announcing a new partnership with Google that will help optimize Intel mobile chips on Android mobile devices.
Wintel partners adapt to a smartphone and tablet world
It’s interesting to see the fraying relationship between Intel and Microsoft, which has been tested after Microsoft announced support for ARM chips. Intel’s embrace of Android could be seen as the reaction of a spurned partner. But in the larger picture, the announcements underscore how both are forced to work hard to navigate a new post-PC era in which neither of them are guaranteed success. And since the cozy Wintel relationship doesn’t carry the same clout it did when PCs were king, both are having to scramble and figure how to best position themselves in a world where smartphones and tablets dominate.
The fact is that mobile devices, wireless broadband and the cloud are changing what we expect computers to do. And the old paradigm of powerful laptops and desktops leading the way increasingly doesn’t make as much sense with consumers, who are embracing these new computing models. Indeed, in the fourth quarter of last year, smartphone shipments hit 100 million units, outpacing PC shipments for the first time. And iPad sales are booming while a credible rival has yet to emerge.
Microsoft embraces ARM, Intel partners with Android
At its Build conference on Tuesday, Microsoft showed its hand with the Windows 8 operating system that builds off its Metro-style, tile-based interface, which began on Windows Phone 7 and is now moving across Microsoft’s products such as the Xbox. The interface works just as well for fingers as mouses and showcases Metro-style apps at the heart of the experience. The new operating system will work off ARM-based chips from Nvidia, Qualcomm and Texas Instruments as well as existing x86 processors from Intel and AMD. Microsoft is promising ultrathin PCs and tablets that will run Windows 8, turn on instantly and run all day on a single charge. Windows 8 will appear in about a year’s time.
Meanwhile, Intel used its Intel Developer Forum to announce a new partnership with Google to optimize its Intel Atom architecture for Android mobile devices, from the OS kernel to multimedia and graphics. The two will work together to speed the time to market for Intel-based Android devices. Google Senior VP Andy Rubin appeared alongside Intel CEO Paul Otellini, who showed off prototypes of an Android tablet and phone. Intel had previously promised dozens of Android tablets built with Intel processors and had hoped to have a smartphone available through Nokia this year, a plan that was quashed when Nokia partnered with Windows Phone 7. The chipmaker said to expect Intel-based devices by early 2012.
Succeeding outside the Wintel partnership
Intel has partnered with Google before, on Google TV, so it’s not completely surprising that it will be extending its relationship around Android. Otellini is also on Google’s board. But the partnership is a good sign for the world’s largest chipmaker, which has struggled to compete in the market for smartphones and tablets. The company has said that its chips are getting a lot more efficient and will be more popular as these post-PC devices demand more performance. Getting Google on its side could help its chips shine on Android, which is an opportunity Intel desperately needs to make good on as PC sales slow.
Microsoft’s support of ARM is not new, and that support is understandable, because the Windows maker needs a presence on post-PC devices. Right now, Windows Phone 7 is having minimal effect on the smartphone market. But the announcement on Tuesday again underscored how it will need power-sipping chips to compete in the market against the iPad. It’s touting all-day battery life for laptops and tablets, and that’s more likely to come from ARM chips, which are still more power-efficient than Intel’s and are the dominant architecture for mobile devices.
A lot to prove
Both companies are facing struggles ahead as they navigate this new terrain. Microsoft needs to show that one operating system can serve both tablets and PCs and not alienate either audience. It also needs to win over developers and show them how their apps will shine on Windows 8. Intel has to prove that it can actually deliver both power and efficiency in its mobile chips. Android devices already suffer from bad battery life in most comparisons to iOS devices, so Intel has its work cut out for it.
But if Intel can get its mobile act together and Microsoft can nail its execution with Windows 8, who knows? Maybe these two will forge a tight relationship down the line. But right now, they both have to prove to the world and each other that they are each well prepared to compete in this new era.
Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.
- Mobile Q2: Smartphone growth surges; iPad’s rule continues
- Mobile Q2: Smartphone growth surges; iPad’s rule continues
- The Case for Increased M&A in 2011: Actions and Outlooks
Lego Star Destroyer Is 8-Foot of Gorgeous Turgid Brickwork [Video]
At a whooping 43,000 bricks, the 8-foot-long and 180-pound Lego Venator Class Star Destroyer could actually kill you without even firing one of its fake turbolaser. It's a stunning creation with only one defect: It's from the prequel trilogy. More »
Windows 8 hardware: touchscreens, sensor support and robotic fingers
Microsoft showed off a broad new range of hardware today at the Windows 8 developer preview, including touchscreen tablets and monitors, which will benefit from greater support for sensors like accelerometers, gyrometers, and compasses. To make sure the Windows 8 touch interface works across multiple devices from different manufacturers, Microsoft said it is using technologies such as robotic fingers to test the responsiveness of touchscreens.
A new API that ties together accelerometers, gyrometers, and compasses will make it easier for developers to use all three types of sensors while building applications.
Intel shows solar-powered CPU
List of If This Then That recipes
ifttt.com is like Yahoo's Pipes, but easier to use. Here's a list of 728 useful "recipes" sorted by popularity.
Understanding the security story of the year: “Iranian” hack attack on SSL
In short, one of the companies that is authorized to create SSL certificates that your browser trusts -- the certificates that let you make trusted, private connections to your bank, your Gmail, your government -- was terminally compromised. The most likely culprit is a boastful "Iranian hacker" who claims to be a patriot who compromised the CA in order to allow the Iranian government to forge certs from Gmail and other companies to facilitate spying on dissidents.
Now, Electronic Frontier Foundation staffers Eva Galperin, Seth Schoen and Peter Eckersley have written a timely postmortem on the attack, explaining what's known, what's speculated, the risk it presents to you, and what you can do to make yourself safer now and in the future. This is the kind of analysis I was hoping for when I interrupted my net.fast last week -- it's pretty crucial stuff to know.
SSL certificates are the glue that holds the encrypted portions of the Internet together — they are how your browser knows that the website you visit is the website you intended to visit. The official report on the attacks from Fox-IT includes data from DigiNotar that suggests that over 300,000 (primarily Iranian) Internet users may have been had their communications intercepted, but the danger to Internet users extends well beyond Iran.
The problem we face with Certificate Authorities is not just that there are particular vulnerabilites in any one CA. Rather, the massive structural crisis is that, as the SSL Observatory has shown, there are many hundreds of certificate authorities and an attacker only needs to break into one of those order to start issuing fraudulent certificates. Furthermore, these CAs appear to exist within around fifty countries' jurisdictions. Any one of these countries could conceivably compel a CA to create fraudulent certificates for purposes of espionage or for spying on that country's citizens. The DigiNotar hack has merely underlined how fragile the certificate authority system really is. Anyone who values the privacy and security of their communications and financial transactions online should take steps to protect themselves.
Statements have appeared strongly suggesting that the DigiNotar attacker is the same person who attacked Comodo earlier this year. The Tor Project has published extensive updates on the scope of the attack, including the list of the 531 fraudulent certificates issued by DigiNotar. This list shows that the attacker was prepared to facilitate spying against many major Internet sites. The attacker claims to be an individual Iranian who has chosen to help the government monitor individuals' communications. Additionally, he claims to have compromised four additional as-yet-unspecified certificate authorities. If true, the Iranian government may still have the power to forge new certificates in the name of these other authorities.
A Post Mortem on the Iranian DigiNotar Attack
Enraged star is destroying planet with super-powerful X-ray blast [Space Porn]
The huge gas planet CoRoT-2b is losing five million tons of matter every second, thanks to massive X-ray bursts coming from its parent star. The worst part? CoRoT-2b might actually be the architect of its own destruction. More »