Kibbles & Bytes Blog

Apple news, tech tips, and more…

KB Dog

  • Meltdown and Spectre, lots of Intel

    If you pay any attention to technology news, you’ve probably already heard of the recently discovered Meltdown and Spectre exploits that are reported to effect a majority of computer systems currently in operation, regardless of their operating system. Since the vulnerability is at it’s core, hardware-based, users of Macs, PC’s and some mobile devices are all at risk equally. The hardware in question are processors by Intel, AMD and ARM and the issue could be exploited in 3 ways known as Variants 1 and 2 (identified as Spectre) and Variant 3 (identified as Meltdown).

    The way the Spectre exploit works is by taking advantage of the way your computer processor’s architecture is wired to execute code. In a very basic way, the processor’s job is to make a series of decisions very quickly and pass along the results of those decisions. To speed things up, most modern processors use a technique known as “branch prediction” to guess what the next decision it’s going to have to make is. This “speculative execution” greatly improves the speed of a processor as it can always stay a few steps ahead of the game. It’s not always correct in it’s predictions, but that doesn’t matter because the speed at which it does these predictions allows it to perform many, many of these per second.

    In very simple terms, it’s all of these incorrect predictions that allow your sensitive data to be potentially revealed. When these bits of data are trashed, for just a moment, the state of your processor can be analyzed by some malicious agents and backtrack it’s way to what bits of data were used to arrive at it’s incorrect prediction. It can then exploit this method by making your processor arrive at incorrect predictions on purpose by injecting data far outside the bounds of what it expects and, in turn, grabbing more of your sensitive data with each execution.

    Patches to guard against this involve an extra step every time your computer executes these kind of instructions, double checking to see if the data it’s executing lies within the bounds of what’s expected as well as separating the code and predictions into separate areas of memory. Different processor models have slightly different architectures and the exploits work in slightly different ways across them, however this is generally how things work.

    Meltdown is much more clear-cut exploit. To run efficiently, data being run through different parts of your computer processor is stored in a cache as it’s passed between sections of your processor. Meltdown reads this cache and can take the information contained in it and send it off in another direction to be utilized for nefarious purposes. The fix for this involves splitting the address space for this shared memory so that the data is never complete and would appear as gibberish if it were captured, the downside to this fix is that it involves making your computer do twice the work for the same amount of processing. Fortunately, this type of shared memory space only occurs in an impactful way during specific I/O events such as disk-reads or network communication and has little effect on computationally-heavy computing such as video-editing or gaming.

    New chipsets and operating-systems should be affected very minimally by any patches to eliminate these exploits, however older systems and certain cloud and virtualization computing systems could take a pretty big performance hit as they rely heavily on I/O to operate.

    It’s not often that we see such a vulnerability so widespread and so tricky to fix. It’s something that has been baked into the core architecture of so many of our computer systems in slightly different ways and yet it exists almost universally between manufacturers. It’s like suddenly discovering that bare lightbulbs can steal your credit card number. Sure you can just say “use a lampshade” but lightbulbs come in different sizes and styles even though they all work pretty much the same way and even if you design a lampshade for every bare lightbulb out there, there will be slightly less light when fitted with a lampshade.

  • It’s a very rainy day here in Vermont, which is a little fitting for the way I feel today. Animals have a special way of taking hold in our hearts, and many of us find great comfort from having them in our lives. I think for anyone who has had pets in their life knows that unique bonds are formed with each one, and for some the bond runs deep. I’ve been around and owned horses for my entire life. I have bonded with several horses, but one horse holds a very special place in my heart, Skye. I am blessed to have been able to share 30 something years with this wonderful animal. I was able to grow as a rider thanks to him and in later years he helped my girls learn basic horsemanship. Yesterday I had to say goodbye to my lifelong friend and the grief over his loss is enormous. But, I have to keep moving forward. I have two other horses who need me and at the end of a long day, I can count on my pups, Piper and Tyson, to keep me company at night.

    Don’s been out this week at CES. I’ve seen a few Facebook posts from the show and it seems robots are the big theme this year! I’ve had a hard time accepting the idea of drones, I can only imagine how long it will take me to adjust to robots taking care of people or as a partner in a round of scrabble! Thankfully, I’m confident in saying it will still be sometime before I have to be concerned over the idea of robots in my life. Who knows, maybe by the time that happens I will have become a fan of drones! Robots are happening right now, so I guess I need to get used to the idea! I’m looking forward to Don’s report on new products that will expand our home automation offerings, as well as other new product offerings to add to our Small Dog line up.

    For this week’s Kibbles & Bytes exclusive I feel the need to crank it up! Music and movies really are a way to relax, focus or just take some time to distract your mind. I am a huge fan of my Sonos speakers for my music and movies. This week, I’m bundling a white Sonos Playbase with a pair of white Sonos Play 1’s. This trio of speakers normally costs $999.99. I’m making this bundle available to Kibbles & Bytes readers for $875.99!

  • Keep Your Passwords Safe!

    I’m never one for encouraging or promoting New Year’s resolutions unless it’s something practical and attainable. Ok, and something that you know you…

  • The Crypto Craze Part Three: Blockparty

    Greetings, fellow traders!

    As always, it’s been quite an unpredictable last few weeks in the world of Crypto. While Bitcoin has remained somewhat stagnant around ~$14k, Ethereum hit an ATH (an all-time high) of $1000 per coin! This was an especially happy moment for me as ETH was actually the first cryptocurrency I chose to invest in several months ago. Other big news too – relative newcomer altcoin Ripple (XRP) briefly unseated ETH for the number 2 spot on the Cryptocurrency Market Cap before settling down to the #3 position when ETH edged closer to that $1k mark. Not everyone is pleased with XRP, however. Ripple has been catching some flack for not being a “true” cryptocurrency. Some folks out there believe that in order to be considered an alternative currency, the currency must be decentralized. As you might’ve guessed, XRP is a centralized currency. It has an organization, a CEO, employees, etc. and rumor has it it’s being bought up in droves by US banks. It certainly seems like it’s here to stay regardless of the widespread consensus. While it does go against the grain of the definition, and drumming up controversy among would-be traders, that’s not keeping me from investing in it! As anyone who trades coins spends their time sifting through pages and pages of “white papers” and forums or checks their phone religiously for price updates, etc. will tell you: it’s quite a fun ride.

    In the last week’s Techtails, we touched briefly on Bitcoin transactions, but HOW does this transaction occur?

    Let’s backtrack and break it down step by step.

    Connor sends Don 1 BTC in exchange for a real nice, real sweet 15” MacBook Pro, (again, the current value of 1 BTC as of today’s writing stands at ~$15k.) He does this by essentially going to his BTC wallet, grabbing his wallet address or “private key”, (the input) where his BTC is stored. (An address/public key resembles a random string of alphanumeric characters that identifies where to draw the BTC from. Every wallet address or public and private key is different.) He then designates the deposit total of 1 BTC to Dons “public key”, (the output), and confirms the payment. Within a few moments, Don will receive 1 BTC and Connor walks out with the Holy Grail of MacBook Pros.

    So that explains how the transition works, but doesn’t tell us what exactly happens on the backend of that transaction. Cryptocurrency at its core is supposed to be about transparent financial dealings, right?

    Yes!

    Once Connor hits that “Send” button on his phone (yes, you can do these transactions right on your phone), so begins a process that is truly the magic of blockchain technology.

    The MacBook Pro transaction is then broadcast to the Bitcoin network where “miners” verify that Connor’s keys are able to access the inputs (the address from where he withdrew his BTC) he claims to control. This process is known as “mining” because it requires resource intensive computational labor and actually rewards miners in BTC per block solved. The protocol behind mining BTC is dense, but to put it in terms that are easy to digest, mining is a peer-to-peer computer process used to secure and verify BTC transactions. Each group of transactions is called a block. Blocks are secured by BTC miners and build on top of each other forming a chain. Block. Chain. Blockchain. And the blockchain contains a ledger of every single BTC transaction that has ever taken place. While that sounds distressing, there are no names or identities tethered to these transaction blocks. So, if you were to download the entire BTC ledger to your computer, and yes it can be done, you would theoretically be able to track down the transaction record we described above. Pure. Transparency. Blockchain!

    This was a refresher on last edition’s BTC transaction., Next week we’ll pickup where we left off and delve further into the process and function of mining.

    ‘Til next time, fellow traders!

  • Yes it can be too cold to compute

    Winter is here and if you are not lucky enough to live in a milder climate, you need to take extra precaution when using your computer. I am sure some of you have left your computer in the cold car overnight. Leaving your computer or iPhone in cold temperatures below 32 degrees Fahrenheit for an extended period of time can cause damage. This could be dangerous if extra steps are not taken in the care of your device.

    Cold temps affect most batteries as they will lose their charge quicker in the cold. It is not uncommon to see temporary poor battery performance in your computer when using it in colder conditions. Once you resume working in warmer temperatures (approximately 50-90° Fahrenheit) you should have normal performance. But why? Due to higher internal impedance, the external temperature affects the battery’s ability to create the chemical reactions to produce a charge. Short term this does not have lasting damage, but if you use your computer in the cold on a regular basis you will start to see long term poor battery performance.

    Poor battery performance is only a minor effect of extreme cold exposure. Condensation can cause liquid damage. We’ve all seen someone who wears glasses come in from cold temperatures and have their glasses immediately fog up. That’s essentially what could be happening inside your computer. If your computer warms up too quickly it can trigger the LCI or liquid contact indicators within your computer to signal your computer has been exposed to water and, if you don’t have AppleCare+, potentially a costly repair. So what do you do? If bringing your Mac in from an overnight stay in the cold, let the machine sit for at least 30 min before powering on. This should prevent any condensation issues and allow your computer to gradually adjust back to the warmer indoor temperatures.

  • The sun is out here and other than the people walking by with coats on you could not tell it was in the 50s. On the other hand, Emily tells me that the snow is coming down, the temperatures dropping, and we are getting notifications from UPS of delivery and pick-up delays.

    I will be heading out to Las Vegas for the Consumer Electronics Show this week. I have a number of meetings but I am mostly going to see the new stuff and get a handle on what the future of technology might be. I remember several years ago when the first drones appeared at the show and now there is literally a complete hall for drones. I wonder what will be new this year. Okay, I am also going to place my annual $50 bet at the sports book on the Cubs and the Celtics.

    Jezebel loves the dog park so much that she strained a muscle playing with all the other dogs. When we get to the park she immediately runs to greet every dog and then runs all out with the dogs until she is so tired she asks to leave. Well, a little too much roughhousing got her a strain, some pain and she can’t see her buddies for a few weeks while she heals.

    Thank you so much for reading this issue of Kibbles & Bytes!

    Your Kibbles & Bytes Team,

    Don & Emily