Stories by Lamont Wood

Malware: War without end

Ceaselessly, with no end in sight despite outlays that amount to a tax on doing business, the decades-long struggle against malware drags on.

Phones become electronic wallets

In a recent pilot project, about 30 regular guests at a Clarion Hotel in Stockholm were given smartphones enabled with Near Field Communication technology, enabling them to bypass the check-in counter and access their rooms by tapping their phones on an NFC reader, which replaced the typical card-swipe door lock.

Analysis: Got cyber insurance?

Heartland Payment Systems figured it was in pretty good shape when it took out a $30 million cyber insurance policy. Unfortunately, the credit card transaction processor was the victim of a massive data breach in early 2009 that resulted in losses estimated at $145 million. The insurance company did pay Heartland the $30 million, but the company was on the hook for the remaining $115 million.

The clock is ticking for encryption

In the indictment that led to the expulsion of <a href="">10 Russian spies</a> from the U.S. last summer, the FBI said that it had gained access to their encrypted communications after surreptitiously entering one of the spies' homes, where agents found a piece of paper with a 27-character password.

Multiple cores pose challenges for software

Until recently, you could reasonably expect this year's software to run faster on next year's machines, but that is not necessarily true going forward. For the foreseeable future, significant performance improvements are likely to be achieved only through arduous reprogramming.
Some time ago, computer vendors passed the point of diminishing returns concerning processor clock speeds, and could no longer keep hiking frequency rates. To maintain ongoing performance improvements, suppliers turned to installing multiple instances of the processor &#8211; multiple cores &#8211; on a processor chip, and as a result, multicore processors are now mainstream for desktops. But to realise any performance improvements the software has to be able to use those multiple cores.
And to do that, most software will need to be rewritten.
&quot;We have to reinvent computing, and get away from the fundamental premises we inherited from von Neumann,&quot; says Burton Smith, technical fellow at Microsoft, referring to the theories of computer science pioneer John von Neumann (1903 to 1957). &quot;He assumed one instruction would be executed at a time, and we are no longer even maintaining the appearance of one instruction at a time.&quot;
But software cannot always keep up with the advances in hardware, says Tom Halfhill, senior analyst for the Microprocessor Report newsletter in Scottsdale, Arizona. &quot;If you have a task that cannot be parallelised and you are currently on a plateau of performance in a single-processor environment, you will not see that task getting significantly faster in the future.&quot;
New law in town
For four decades, computer performance progress was defined by Moore's Law; that the number of devices that could economically be placed on a chip would double every other year. A side effect was that the smaller circuits allowed faster clock speeds, meaning software would run faster without any effort from programmers. But overheating problems on CPU chips have changed everything.
&quot;The industry has hit the wall when it comes to increasing clock frequency and power consumption,&quot; says Halfhill. There are some chips edging above 4GHz, &quot;but those are extreme cases,&quot; he says. The mainstream is still below 3GHz. &quot;The main way forward is through multiple processors.&quot;
By adding more cores to the CPU, vendors offer the possibility of higher performance. But realising higher performance through multiple cores assumes that the software knows about those cores, and will use them to run code segments in parallel.
Even when the software does that, the results are gated by Amdahl's Law. Sometimes called Amdahl's Curse, and named for computer pioneer Gene Amdahl, it lacks the upbeat outlook of Moore's Law. It says that the expected improvement from parallelisation is one divided by the percentage of the task that cannot be parallelised, plus the improved run time of the parallelised segment.
In other words, &quot;It says that the serial portion of a computation limits the total speedup you can get through parallelisation,&quot; says Russell Williams, chief architect for Photoshop at Adobe Systems in San Jose, California. &quot;If 10 percent of a computation is serial and can't be parallelised, then even if you have an infinite number of infinitely fast processors, you could only get the computation to run 10 times faster.&quot;
People in the know often refer to Photoshop as a model desktop application in terms of multi-core support and parallelisation. Williams says that Photoshop has been supporting multi-processor operations since about 1995, but adds that, even so, much of Photoshop's code is devoted to opening and closing dialog boxes, and therefore is not subject to parallelisation.
Lots of algorithms have &quot;significant chunks&quot; of serial code, Williams notes. &quot;People with PhDs have been working on this problem for 20 years &#8211; it is not a matter of solving it by sitting at your desk and thinking hard for a few minutes. Typically, the way around Amdahl's Law is to simply find embarrassingly parallel problems, but you can't escape the fact you're limited by the serial portion of your calculations.&quot;
Even with parallelisation, Williams explains, performance does not scale linearly &#8211; two cores can give nearly 2X acceleration, but four cores gives less than 4X acceleration. This is due to memory bandwidth issues (ie the RAM being slower than the processor) and delays imposed by inter-processor communications.
&quot;We can't take advantage of eight cores without improved memory bandwidth, and I know of no application that could take advantage of 16 cores,&quot; he says. &quot;Memory bandwidth is a huge issue, because after a while you are just waiting for the memory.&quot; New processors with on-board memory controllers are offering some help, he adds. On-board memory controllers speed up RAM access; however, they also lock the CPU into using a specific type of memory.
Parallelisation progress, or lack thereof
References to Amdahl's Law may be somewhat premature, however. Aside from high-end games and video software, it may be years before parallelisation for desktop applications is the norm.
When Microsoft first shipped Windows, most programs were still written for DOS, and it was a good 10 years until the industry saw more Windows than DOS software. Similarly, &quot;most of the software on the shelf now is not parallel and some, like word processors, never will be,&quot; says Halfhill.
On the other hand, &quot;We are talking about a similar thing here. But the presence of parallelisation APIs in Windows 7 and in the Macintosh Snow Leopard operating systems will speed up the process, and the low-hanging fruit may be done in three to five years,&quot; Halfhill says. Further, not every program needs to be rewritten.
Microsoft's Smith agrees. &quot;Not all software will be converted in five years, but we will have made significant progress. This is a more profound change than has ever been seen before in computing.&quot;
Microsoft's current desktop operating systems, Windows XP and Vista, &quot;like most other systems,&quot; use the kernel to schedule threads on the multiple cores of the system, Smith explains. A thread is a code segment that the computer will execute entirely before executing another thread, which may be from another application entirely.
&quot;When a thread needs to wait for something, like I/O or another thread's output, the kernel runs some other ready-to-go thread on the freed-up core,&quot; Smith explains. &quot;When the first thread's wait is over and it becomes eligible to run again, it will eventually get a core assigned to it.&quot;
In general, consumer operating systems &quot;don't do anything very smart&quot; with multiple cores, says Jim Turley, head analyst with Silicon Insider, a consulting service and newsletter in Pacific Grove, Calif. Vista is &quot;reasonably aware&quot; of multiple cores, and is &quot;fairly smart about dividing up background tasks and foreground tasks.&quot; Vista can run games on one or two cores while housekeeping tasks run the other cores.
Rob Enderle, principal at the Enderle Group in San Jose, California, says that Windows 7 does an even better job of it. &quot;Windows 7 is designed to use as many cores as the machine has, and will partition an application among the multiple cores but that does not give as much benefit as if the application used the cores directly.&quot;
Windows 7 has an alternative mechanism called User Mode Scheduling (UMS), which lets thread multiplexing onto cores take place within the application itself instead of in the kernel. Multiplexing of threads is the process of deciding which thread is executed next. Handling this multiplexing within the application instead of in the operating system kernel &quot;makes thread scheduling more efficient,&quot; Smith says.
A Microsoft blog link he supplied indicates that programmer access to UMS is possible through Visual Studio 2010, currently in beta, and involves use of the operating system's Concurrency Runtime facility. Windows 7 will also be able to use 256 cores, arranged in four groups of 64.
Meanwhile, most applications will run on only one core, &quot;so you get the benefit of having multiple cores only when running multiple applications,&quot; Enderle says. Virus checkers and utilities that run in the background &quot;tend to not visibly drag down your machine, whereas on a single-core processor they definitely do,&quot; he says. Two cores seem to be optimum and a third &quot;gives you headroom&quot;. When watching the performance metre in Windows &quot;you can light up two cores really easily, three occasionally and four hardly ever. Four cores are for video games, heavily threaded applications or DNA analysis.&quot;
Some Intel processors additionally offer a form of on-chip dual processing, called Hyper-Threading Technology, where each core can run two threads in parallel, so the software sees twice as many cores as there really are. It is not as good as having two separate cores, and the boost you get varies greatly, but most people get a 20 to 30 percent boost through Hyper-Threading, according to George Alfs, an Intel spokesman.
Enderle notes that the Windows performance metre displays each core with Hyper-Threading as if it were two cores.
&quot;What we'd all like is a magic compiler that takes yesterday's source code and spreads it across multiple cores, and that is just not happening,&quot; Turley says. &quot;There are C compilers that make a modest dent, but a lot of research indicates that C will never take you very far since the fundamental problem is C itself &#8211; it is inherently serial. There is no easy way to program in parallel; it's like writing poetry in Klingon.&quot;
Turley says that the world does not need yet another programming language. &quot;Any third-year student worth his salt has invented one, but the trouble is getting people to adopt it &#8211; no one wants to learn a new language.&quot; Since there are so many alternative approaches, &quot;no one wants to commit,&quot; he says. If some authority would declare for one approach people would rally around it, but in the meantime there is widespread confusion and competing claims. &quot;We may have to wait for the current generation of programmers to die off and be replaced by programmers brought up on a new paradigm,&quot; Turley laments.
The easiest way to add parallelism is to call code that is already parallelised, from a library, says Williams at Adobe. The next easiest is to use bottleneck routines, or separate little routines that only know about specific pixels. &quot;That is the way we did it for a long time,&quot; he says. A third way is to write a parallel version of a complicated algorithm. But &quot;that can easily take twice as much work [as writing a non-parallel version]. We're not talking about 10% more work here.&quot;
A fourth approach is functional parallelism, &quot;where you let the user do different things simultaneously, such as getting thumbnail images while changing meta-images,&quot; Williams explains. &quot;Photoshop was written before system software supported that, so we don't do a lot of that. Modern operating system facilities let you do functional threading without a huge amount of effort &#8211; maybe 50% more &#8211; but converting a large algorithm written before such stuff was available is a big effort,&quot; he says.
What is needed is not more code but different code &#8211; and a different way to organise the application, adds Smith at Microsoft. &quot;You must understand parallelism and that is not always obvious.&quot;
A first step is to minimise the use of variables. &quot;Variables are artifacts of sequential execution,&quot; Smith says. &quot;If it is always true that A+B=C, what if someone gets in the middle of that and adds something to B so that the equation no longer holds true? You must have a consistent state where that is prevented.&quot; Traditionally this prevention is done by locking the variables, but he advocates the use of transactional memory, which does much the same thing automatically by isolating the variables from other code that is running at the same time.
Market shift
If the application vendors have been slow to adjust to multicore, the public has not. According to the hardware vendors, buyers these days are counting cores instead of gigahertz.
&quot;In the past, people really cared about the frequency of the processor and about making sure they had the latest speed,&quot; says Bob Grim, an AMD marketing executive. &quot;Now we see them being more concerned about what kind of visual experience they will get.&quot;
(Perhaps for old time's sake, a few hobbyists and gamers still try overclocking, ramping their processor clock speeds from, typically, about 3.2GHz to 3.8GHz or even 4.5GHz, using ordinary heat sinks. If overclocking doesn't work, the system typically just reboots and the owner can try again at a lower speed, Grim explains. The record he was aware of was a 3.2GHz processor boosted to 6.9GHz, using liquid helium as a coolant.)
&quot;Gigahertz used to be the metric for buyers, but now there is tiering,&quot; agrees Glenn Jystad, senior manager at PC vendor Acer in Irvine, California. &quot;Single-core processors are limited to entry-level systems, while dual-core is a step up, and you really start to realise performance in the quad-core category, which is now mainstream.&quot; He predicts that three-core processors, promoted by AMD, will fade away by the end of the year, as there is little price difference compared to the more powerful quad-core systems.
Meanwhile, performance issues aside, vendors favor multicore processors for their ability to help reduce system power consumption. If the other three heads of a quad-core system have nothing to do, &quot;you can put them to sleep&quot;, Turley says. &quot;Being able to throttle back is one of the charming side-effects of multi-core processing.&quot;
&quot;Using multiple cores will let us get more performance while staying within the power envelope,&quot; agrees Acer's Jystad. &quot;Today's 95-watt Intel quad-core processor is substantially more powerful than the 95-watt Pentiums of three years ago.&quot;
But regardless, notes Alfs at Intel, &quot;Moore's Law continues. We continue to integrate more and more capability onto the processor and the computer&quot;. But the chief result, he indicates, will be more cores.

Restoring lost lunar images after 40 years

Liquid nitrogen, vegetable steamers, Macintosh workstations and old, refrigerator-size tape drives. These are just some of the tools a new breed of Space Age archeologists is using to sift through the digital debris from the early days of NASA, mining the information in ways unimaginable when it was first gathered four decades ago.

3D printing: The next big thing?

Heading a start-up after leaving his position as head of Microsoft Game Studios, Ed Fries thought that he might be able to sell 10,000 units of his product &#8212; personalised online game figurines &#8212; the first year.

Networking certifications — are they worth it?

It&#8217;s not hard to write the initials after your name: CCIE (Cisco Certified Internetwork Expert); CNE (Certified Novell Engineer), or dozens of others. They mean you have professional certification. The question is, for a networking professional, are those initials worth the effort necessary to acquire them?