Schneier on Security
A blog covering security and security technology.
« Training Baggage Screeners |
| The Politics of Security in a Democracy »
May 24, 2013
Friday Squid Blogging: Eating Giant Squid
How does he know this?
Chris Cosentino, the Bay Area’s "Offal Chef" at Incanto in San Francisco and PIGG at Umamicatessen in Los Angeles, opted for the most intimidating choice of all -- giant squid. "When it comes to underutilized fish, I wish the public wasn't so afraid of different shapes and sizes outside of the standard fillet," he said.
"I think the giant squid is a perfect example of an undervalued ocean creature. Everyone isn't afraid of squid but the size and flavor of the giant squid scares people because it has a very intense flavor but it is quite delicious."
I am surprised he has tasted giant squid.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Posted on May 24, 2013 at 4:54 PM
• 45 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Giant squid has a ton of ammonia in its flesh for biological reasons I can't recall off the top of my head (Google says they use it for buoyancy control, but I thought it was also used for some kind of isotonicity/osmosis control function). A few other large sea creatures are similar, eg some sharks.
I think it's possible to wash/cook it out, yes, but not easy.
If giant squid is full of ammonia, what reaction would you get if you served it with lutefisk?
Here's a story of the war on the unexpected in Falcon Heights, MN:
A broken pedometer in a trash can.
OFF Topic :
As someone has already linked to the UK's Grauniad newspaper here's an InfoSec related one,
It is about the Dutchman Sven Olaf Kamphis arrested in Spain over the Spamhaus DDoS and the very much over stated claims of CloudFlare.
But it appears that there is a rather murky back story going on about CloudFlare and Spamhaus, apparently Spamhaus used to block CloudFlare IP addresses etc and that CloudFlare has been hosting some stuff for a murky "bullet proof hosting" organisation Brian Krebs has taken an interest in because the purson supposadly running it has encoraged others to DDos Brian's blog site,
Brian also has an article up on Microsoft's Skype 6.5 Beta which supposadly fixes a gaping security hole,
However this does nothing to get Microsoft out of the Dog House for their other Skype security breaches where IM text that should have been protected by SSH mysteriously gets sent to MS.
Some people are putting a "pro-spin" on this,
However they have (deliberatly?) ignored some aspects of the experiments carried out which contradict this "pro-spin" ( Dan Goodin can say more on this ).
And Microsoft is in the Dog House again this time from a Google Engineer who has found a significant "legacy bug" in MS code that alows an attacker to get system privs (equiv of *nix root) ON ALL Microsoft OS's going back pre NT...
And this is not the first time Tavis Ormandy (Google engineer) has found such legacy bugs. If you want to know more (it's about a failing in a memory allocator) you can read more on Tavis's blog,
The question now is if Microsoft will actually fix this legacy bug and in which patches --remember a lot of people still run XP and earlier MS OS's for good and proper reasons even though Microsoft has nixed the support on them-- and importantly when, I suspect some people are thinking "only when it is proven to be being used in real malware to the point it can not be ignored"....
Much as its surprising that he knows what giant squid tastes like....It's far more surprising that he knows enough other people who have tried it to form the generalisation that its intense flavour actually scares people that aren't, by and large, afraid of normal sized squid. That is a pretty unusual demographic from which to pluck a meaningful correlation from.
Mysterious interdiction and searches of private aircraft by teams combining local police and federal agents. The most any of them was told was that flying eastward from California looks suspicious.
And a followup with another story.
An important point from the first post:
I am not contending that the aviation world is being inordinately picked-upon. Overall it is a privileged part of society -- and demographically it skews toward older white males who are politically conservative, have money, and often have military experience. Ie, these are people who are not generally the object of police profiling for terrorist or other criminal tendencies. So if the security state is leaning heavily on them, you can extrapolate to other groups.
The Register in the UK has an article about AT&T rising 400M dollars a year via a new "mobility fee." At first I thought it was a typo, as I understand it this is a "nobility fee." Nobility holds the assets and market (via a monarchy, or is that monopoly) and the peasants pay nobility to use the land (airwaves) on which they live. I am in a rural area of the U.S. where chickens have been given tickets for crossing the road. We are being taxed several ways by virtue of the rural access subsidies--our company pays nearly 150 dollars a month to keep four client workstations operating--and one server that provides only for local client tasks.
One tax occurs with the delivery every month of Microsoft updates, we have to maintain best practices and cannot afford a coherent update strategy using a WSUS or inexpensive patch server available from some other vendors. So every month, the King and Queen ask me to pay about 25 percent of my digital peasant communication fees for updating a product, that by it's own admission, requiring frequent and large programmatic updates. So our operation pays AT&T (the King) a fee to allow us to patch a faulty product (sold to us by the Queen) that is not of our making.
It must be a "nobility fee!"
@Patréa: Very interesting... The stated "profile" in the articles would appear to target suspected marijuana smugglers, but is that really DHS domain?
The following was initially posted off topic because I was being too impatient for the squid... :-P
Would anyone like to discuss the real world security implications of ARGs (Alternate Reality Games)? See wiki's entry on Ingress_(game) if you are unfamiliar with the term. I mention Ingress because it's the only one that seems to have such a large cult following, but the only articles about it are PR fluff pieces with comment sections full of people begging for invites... I also recall reading a piece about a Pentagon ARG in operation, however I can't seem to find any references to it now. The article I did read would have me believe it was not really an ARG- but just a glorified messaging application.
What would you do with a digitally controllable army of foot soldiers with a good cover story? Keep in mind that all these players are also wielding Bluetooth, GPS, infrared, radio, and Wi-Fi capable mini-computers :-D Advertising is the obvious go to... Charge establishements a fee for putting a portal at their place of business and watch the revenue flow in! What else could you do? Crowd source walking trails maybe...
Now, same question again, but imagine you run a for profit company with close ties to intelligence agencies, and your decisions are influenced by shareholders whose sole concern is the bottom line. Could you timely manipulate traffic flows (both foot and road)? How about influencing where certain people set up residence? Think about the Streetview wifi scandal with potentially millions of discrete mobile devices... *evil grin*
but it is quite delicious
--If you checked out his site, I would probably beg to differ.
Peculiar that a few months earlier the same site says you can't eat it...
This chef seems to think nothing but public prejudice stands between us and a commercial giant squid fishing industry. Edibility aside, giant squid are very hard to come by. They'd have to command an extraordinary price before a commercial fishery would be viable. I also expect they're slow breeding and so vulnerable to overfishing.
And to M. Mitchell:
There was, not long ago, a widely publicized story about someone arrested for putting hidden compartments in trucks.
The alleged transport was entirely within the USA.
It wouldn't surprise me at all that many a local policeman got the news, started looking a little harder for hidden compartments, and the smugglers naturally said, "Heck with trucks, let's use something else".
Or at least the policemen thought the same, and hey, if you can seize an airplane, that's worth a lot more money.
Note the combination of agencies. If there's a valuable forfeiture in there, everyone has to have an agent on the ground to get their slice.
OFF Topic :
As some of you are aware I keep going on about how in InfoSec defense, our fundemental assumptions in based on our physical world perceptions either don't translate or translate fairly badly into the information world (unlike attacks).
Well it appears Markus Ramun agrees as well and has stood up and said that the US militarily obviously don't get it...
The questions not covered by this are,
1, Are the US Mil aware of this?
2, If they do are they likely to admit it to politicos?
3, Are they likely to admit it publicaly
4, Is there anything they can actually do about it?
5, Do we assume they are quite happy to keep taking the money under false pretences?
I'm assuming the answers are,
They should be, No, No, Not realy, Yes definatly.
Two things people should keep in their mind when deciding how to "go on the attack" are,
1, Be very aware that a sophisticated attack can be launched from any Internet connected point of the attackers choice.
2, The attacker has no reason to connect their development and test systems to any external network.
The implications of this are many and will lead the incautious into ill informed action. Which with some people talking up "going kinetic" and increasing remote offensive capabilities such as heavily armed long range drones is quite frankly very very scarey.
The simple fact is the minimum requirment to become a sophisticated Internet attacker is the right kind of mind a laptop and just one or two software tools...
Saul Timothy, a/k/a Dave Marx, dmarx, and deltmach, is some sort of famous net kook who spends his time posting links to semi-comprehensible screeds about atheism to blogs and forums all over the web. His posting pattern is that of a spammer, and I am going to treat him as one. So if you see any more posts about winning the James Randi challenge, "the culture industry the ideology of death," or the "Mayan Skeptic Apocalypse" on 12/21/2012 (he seems unaware this date is in the past), please ignore them until they are cleaned up.
So I just went to a big racing event, maybe it will give away my location to the less technically inclined, I don't hide; I thought Bruce would find this funny. I'd prefer to not make it explicit, but if you must I will return the favor in secret as I have experience w/ bullies.
All the extra "security" held up everyone (people who came for years said the lines to get in were never this bad); well, me and my friends were able to "sneak" (ha, not even we we're drunk beyond and merely carried it in) a cooler beyond the size that's allowed (an arbitrary 18"X14"X14"). Not to mention gaining access to other sites just so stupidly easy.
The event's over and guess what, no terrorist attacks. Drunk people made sure to wave to the chopper and made sure to tell the cop golf carts to "spin tha' tires!!" lol.
I seriously could not contain my laughter at times, just how so f**king weak the security was, even w/ it "elevated". Just don't try, christ; the event would be so much better if people could just have fun, let nature weed out itself. If someone wants to kill a bunch of randoms, they're going to do it. The area OUTSIDE the perimeter would've made a much better target b/c of the f**king lines caused by the "security". \endrant
The attacker has no reason to connect their development and test systems to any external network.
--Yeah, this is an important point; anyone who's confident about digital/network security needs to consider it. And basically, if you're paranoid enough...you can fool some of the best attackers in the world; not all attacks but you will dwell in them which is a nightmare.
Re:The Mod smacking another spammer
--We have the Schneier memes, does anyone wonder who the Mod is? Is it some sick authentication joke where Bruce is in fact the mod? lol, I don't seek out of respect...
You know, there's a comedian, Rémi Gaillard, he carried out an epic penetration at a sporting event. It gave me tears of joy if you haven't seen.
Here's a video report (runs 10:10 plus an ad in front) looking back at the "crack baby" scare and touching on various security topics. One not mentioned is the belief in some circles that the kids would grow up to be mutant super-criminals, which was one of the reasons used to justify building new prisons at the time. Instead, the overall drop in violent crime started right around the time this generation was hitting its teen years.
@Moderator - this reminds me of the rest areas along a turnpike in PA. One after the other, someone had gone into all the restrooms and slapped big atheist stickers all over the stall doors. One after the other.
Eating squid raw (sashimi) is very common in Japan. According to someone who ate fresh giant squid, the meat contains ammonia in order to float itself and is not very suitable for eating without processing. He also said it's very salty. Probably we wouldn't need to put soy sauce on it.
OFF Topic :
As some of you might know Steve Bellovin "Went to Washington" for a year and as a result his blog has gone virtualy "silent key".
Well he's managed to find something to post about that is not realy related to his Gov work, but is going to be of interest to readers of this blog,
Whilst doing a bit of Crypto History style research he came across the Lyman Morehouse patent for the "two tape" version of the Vernam system we now call the One Time Pad (OTP). Interestingly though unlike the Vernam patent which is based on claims relating to physical communications, the Morehouse patent appears to be one of the first if not the first to patent an algorithm (it was granted in 1920).
How about this article from the WP:
Confidential report lists U.S. weapons system designs compromised by Chinese cyberspies
Interesting little article on cryptography gotchas
I mainly like the categories of competence and the Matasano challenges, which I didn't know about.
Wired article on cryptocurrencies competing with (or complementing) BitCoin. The Freicoin's Demurrage trick to force focus on long-term economic stability is interesting. So many issues stateside result from focus on short-term profits or stockpiling. A variant of Freicoin's trick might help us.
@ Nick P,
One of the problems with "digital currancy" is that history shows that the systems don't work or get used for money laundering so the principles get bankrupt or jail time...
Which might account for why bitcoin's inventor designed a system with no real central system thus they would not go either bankrupt or go to jail...
With regards the crypto "How-not-To" there are Peter Guttman's missives on the subject.
Firstly one that looks at the problem from a code cutter's perspective kind of a "usefull tools have sharp edges that cut",
Secondly one for the Crypto bods who's many failings give rise to many of the problems,
Also as many know PKI / X.509 is to put it bluntly not what people want and the commity behind it appear either suffering from extream NIH syndrom or are simply not bright enough to ask. So what do you get when you do ask,
But why stop there Peter's monumental Godzila Crypto Guide covers all manner of things Crypto,
And if you go look on his home page you will find all sorts of interesting links, including his thesis and how to get hold of the updated version.
Call me reactionary if you wish, but I realy don't think Giant Squid is either viable or sustainable as a food source.
However the "red devil" is way easier to catch even by hand line from small boats (for the brave), and is due to their prolific breeding a very sustainable source of protien. Each mature adult weighs in around 50Kg and they live in shoals of upto 1200 adults which unlike most other marine preditors compleatly devistate shoals of fish when they come across them.
In fact from an environmental impact assessment point of view if every US citizen ate it once a week the 1.5million metric tons of it consumed would only be 2-3 times the amount currently landed . And possibly still not be sufficient to redress the imbalance caused by over fishing of other fish stocks which has made the "red devil" such a significant problem that it is now going well outside of it's traditional ranges and ravaging other fish stocks.
OFF Topic :
Pay Pal has a bad reputation for in effect stealing money from people. What they do is find any excuse to "withold from an account" for as long as they can get away with, whilst also "charging back" on any flimsy pretext (but as it turns out not crediting the charge back again for as long as they can).
Well guess what they have a new one...
A security researcher found a cross site script error and submitted it to the PayPal bug bounty scheme. Well guess what PayPal have not paid on the excuse he is under 18 but have also failed to give the researcher any kind of credit for his work...
So is PayPal mean or what?
OFF Topic :
Jeremy Hammond one of the Hacktavists "ratted out" by Sabu after the Stratfor hack has pled guilty after the Federal prosecutor deliberatly inflated the damages figures to increase any potential sentance to 30years.
@ Moderator, Bruce,
The above post #c1442566 uses a vulnerability in a US Gov site (NOAA) to redirect users to another site altogether.
I noticed this bug / vulnerability some time ago (when following a news worthy storm that did significant damage to NYC) and informed NOAA. But it appears to have been disregarded and it would appear others have discovered it and are using it to hide behind...
Nice to see the first female African-American dean of Harvard make a graceful exit from the helm and what happens when journalists actually stick their neck out to get real stories.
Another great story where coppers tears just don't cut it. Put your trigger fingers in your pocket or jam 'em up your...
GRC Fingerprints - "Is your employer, school, or Internet provider eavesdropping on your secure connections?
Custom Site Fingerprinting – GRC’s web server can obtain and display the “fingerprint” of any HTTPS-capable public web server’s secure connection certificate.”
Here's a neat looking application to fight random shoulder surfing and probably can confuse TEMPEST monitor readers as claimed. I doubt it would stop a smart attacker, as I already have bypass ideas. It does make for an interesting video, though.
OFF Topic :
A little more salt for the password wound,
Basicaly single commodity PC's with one or two graphics cards ripped through a 16,000 password in an hour to get over 60% and half a day to get 90%.
The reason was two fold,
1, Human memorable passwords lack entropy.
2, The file was of "single pass MD5" protected passwords.
@ Nick P,
Towards the top of this page I said,
One of the problems with "digital currancy" is that history shows that the systems don't work or get used for money laundering so the principles get bankrupt or jail time...
It looks like I spoke at just the right time... It appears that the US Gov has taken down "Liberty Reserve" and many carders and other Internet based criminals have lost their (stolen / extorted / etc) money.
Brian Krebs has just posted up a nice piece on the reactions on some of the carder forums,
@ Clive Robinson
Yes, Liberty Reserve did get taken down. I've already commented on both Krebs pages. The others' comments on those pages have been entertaining, to say the least. I tried to be a little bit constructive with mine.
The takedown was one of the reasons I re-looked into digital currency. Also, I had recently enjoyed reading the book The Machine That Kills Secrets which covers wikileaks, Pentagon papers, cypherpunk tech/philosophy, etc. The book got me looking into cryptocurrency again in general and the Liberty Reserve takedown got me looking at remaining cryptocurrencies, which i posted.
Take note, though, that Liberty Reserve is a digital currency, not a crypto currency. That's important. Liberty Reserve was really just an account that held a multiple of regular currency and allowed money moving. The cryptocurrencies are more involved and often more decentralized. So, whatever happens to liberty isn't necessarily directly relevant to them.
However, any alternative currency used primarily for crime and that resists regulation will be dealt with by the US govt. That's such a reasonable assumption I'd call it a fact. The US govt hates currencies it can't control.
@ Nick P,
Oddly I was "slow on the news" with LR, I guess because I take little interest in such organisations these days due to previous looking into the subject. Basicaly I formed the opinion that they are not going to be alowed to succeed irrespective of their other merits (as you likewise appear to think).
And yes the difference between "a token you hold" (crypto-token / cash / commodity) and "a record you don't control on someones computer" (account balance) is not lost on me.
What also is not lost on me is the "to big to fail" attitude also had an asspect of "to big to prosecute" about it, which might have tempted the Telco's to have got involved with "micro-payment" as their systems are set up to do the accounting / billing. However they appear to have backed off this since the First Financial Crisis even though governments did come out as "insurance of last resort" in most cases when banks were about to go "belly up".
Unfortunatly "Banking Law" like company and taxation legislation is an overly complex area of which it has been observed that "due to the complexity of the legislation all banks break the law every day". Which means that various governments could prosecute any bank at any time just as a measure of keeping others in line or to prevent new players entering the market.
I cann't see any government with such power giving it up, and the existing banks don't want to inovate for various reasons, thus the Western Banking market is in effect a closed market or in effect a cartel which would in any other sector be illegal. We are thus forced to use their inadiquate, expensive and insecure services regardless of our wishes to do otherwise or have a banking sector where the inovation is of use to those outside of the banking sector.
@ Clive Robinson
"Unfortunatly "Banking Law" like company and taxation legislation is an overly complex area of which it has been observed that "due to the complexity of the legislation all banks break the law every day". Which means that various governments could prosecute any bank at any time just as a measure of keeping others in line or to prevent new players entering the market."
I know of some reg's but not much about banking law. I'll take your word for it. That's one of their main strategies anyway.
"I cann't see any government with such power giving it up, and the existing banks don't want to inovate for various reasons, thus the Western Banking market is in effect a closed market or in effect a cartel which would in any other sector be illegal."
Seems true. I was going to cite the rise of Western Union's popularity eating away at banks. Then, I looked them up to check my facts and saw that they've been in business since the 1800's. I guess your claim stands. ;)
There are only a few countries where alternative schemes could even survive. The new Iceland, Hong Kong, and Panama come to mind. The latter two have maintained much independence against very powerful nations trying to control them. If you also have the baksheesh, then they seem to be good places to set up something like a cryptocurrency. (Even so, American elites have more money.) I was flabbergasted when I heard Liberty Reserve operated out of Costa Rica. That's anything but a safe haven. IIRC, US military even has a protective agreement with them and we're a major (or No1) customer for their exports. Why wouldn't they cooperate?
One thing I keep thinking about is transoceanic cabling. The thing that may bite Iceland big is that they have one major pipe to use. If they angered US govt too much, then "something" might happen to that link. Repeatedly. These cables are much cheaper to disrupt than to duplicate. The same might be doable against the likes of Panama or Hong Kong if they aimed at being data havens. I don't see them doing that, though. Unlike Iceland, they're already well-established havens for taxes, corporations and smaller amounts of data. My multijurisdiction scheme + cloud-like hopping/failover still seems to be the best bet.
@ Nick P,
It's not just sub sea cables.
Because the cables are easy to cut deliberatly (it's been alledged the Chinese Navy have done this a number of times) but also accidently, as was news worthy recently with the dragging of ships anchors nearly putting a middle east nation "off grid" many places have some kind of telecoms backup via satelite.
Unfortunatly most commercial telecoms sats have a couple of little known problems attached to them. Firstly they are fairly easy to jam by people with a moderate amount of technical sophistication. Secondly most are controled by companies and corporations that "know which side their bread is buttered" and thus will carry out requests of certain governments without blinking an eye.
Even where certain governments cann't apply preasure directly to the SatOp organisation, usually the ground stations can be down stream issolated by other telcos and equipment over which they can apply preasure.
As China Telecom (accidently?) proved the various boarder gatway protocols are very very fragile and a cleverly thought out set of route adverts would enable any subnet to get diverted / tarpited etc etc.
Further few people write down IP addresses of their service providers, as has been shown a number of times the DNS system can be easily subverted by the US Government.
Further you have to look not just at the Tier 1 backbone providers but also who they get their level 0/1 service from and the bottle necks this creates. Put simply the US directly or at best one step removed "own the International Internet backbone".
Whilst there are ways around this that small secretive organisations could work around and these and happily function, the minute they started getting customers then they would be investigated and their work around methods found and negated (highly dynamic behaviour only gets you so far unless you are a significant resource controler).
As you may of heard Australia which is in effect a major international telecommunications hub for Asia and the Southern hemisphere has decided to enact laws to alow more draconian behaviour than it's alleged the US NSA are upto .
To be honest I'm not surprised, back in the days of Louis Freach the US tried lots of secret briefings in Europe to get the Europeans to put in place legislation that at the time would just not have been acceptable in the US. Various bits of info comming out of NZ indicates that this "malign US influance" is quite happily still happening and unlike Europe still just as happily being KowTowed to by the Auz&NZ governments .
Based on this I can see that any non Government protected Internet Bank is going to have problems not being brought down on the whim of the US Government. And as the US has shown it is more than happy to throw sanctions against Governments or Invade when they can not muster sufficient UN support for sanctions the protection of anything but a super power level government is probably not going to help either...
Thus a token based system is likely to be the only route forward currently which is why the trials and tribulations of BitCoin are going to provide much food for thought.
 This appears to be the latest reporting on the "Madness that is Aus Agency wants",
 Quite a bit of dirt is comming out due to the Kim Dotcom case which forced the NZ premia much political embarisment and an investigation which has revealed much else,
@ Clive Robinson
Re Wall St Journal Currency article
Yes, the government is getting wiser to their act. If they are "compliant," they will be OK. What constitutes compliance, though? That's a question without a definitive answer. Bank-grade compliance and security costs a bunch of money. The banks make a bunch of money on their activities and the compliance is a mandatory cost of doing business. The bitcoin exchanges, on the other hand, don't seem like they can afford such compliance. Also, with the definition of compliance open, the reality is that any one of them can be arbitrarily fined or shutdown. If I were them, I'd make a reasonable standard for baseline compliance, get input from regulators in it, and have it tested in a federal court so it was added to case law. That would be better than nothing.
(Now for some stuff I forgot to answer you on before)
Re Rendevous Code Search at Lightbluetouch paper
Another improvement in reverse engineering. They said it can help find duplicated code, GPL violations, plagiarism and [ominously] new instances of previous vulnerabilities. Currently, most of this is being done with manual code reviews. The latter part is also manually done by the OpenBSD team I know for sure. Automating, indexing and providing search for these activities will make the job easier. It's a nice project idea. I'm not concerned about potential malicious uses because the malice is already happening and finding defects in our code bases is A Good Thing.
Re High Scalability Link
Secret to 10 million concurrent connections - the kernel is the problem, not the solution
First claim. UNIX handles both control and data plane. They say let UNIX handle former, let app manage the latter, and the specialization/efficiency this allows results in great scalability. I think it's entirely true. The IBM mainframes use dedicated IO processors for this and other reasons. I used to use TCP/IP offload cards for gaming and HPC purposes to take transport out of the main CPU. I also posted design ideas on this blog doing the same for security reasons. So, I'd agree with letting the app manage it and I'd go further to say reverse the integration trend, put IO in a dedicated device(s).
Second claim. Use a custom driver to bypass network stack and packet directly to application. They claim a 80-1 performance speedup in Linux for UDP on basic hardware. I agree with this idea too b/c we already learned this lesson in High Performacne Computing applications. About a decade or so ago I was trying to make homemade supercomputer clusters, Beowulf-Style. Networking performance was a huge bottleneck in terms of latency and throughput. Killed the whole idea of adding CPU's for many applications. One university developed Active Messages where they basically did what this article is suggesting: bypassed the network stack with custom drivers and simple communications protocols. The latency/performance improved by over ten orders of magnitude. So, there's experimental evidence to support Claim 2.
Third claim. Solve multicore scalability with core-specific data structures, CPU-backed atomics (sparingly used), lock-free data structures, careful choice in threading model, and use of processor affinity to separate OS/app threads. Ive used all of these except core-specific data structures. I also found the core affinity helpful in a MILS-like design to reduce cache-related timing channels. These are good ideas. I'd probably add to his list that the messaging model has found plenty of use too. Tech such as ZeroMQ use messaging and lock-free structures to give concurrency, scalability and few bugs waiting to show up in production.
Fourth claim. Allocating a bunch of memory per connection is fine for massive RAM, but cache isn't massive: cache misses will result. They say chunk data together, use cache efficient structures, preallocate memory on startup, and reduce page table size. Good advice once again. Chunking data together in memory and preallocations have long been used by wise system programmers to boost performance w/out racking their brains for clever algorithms.
Overall, a very good article with plenty of good recommendations for common uses of systems. People will be better off if they act on the recommendations.
I've also been researching alternative methods. I recently saw a paper on a processor with modications that allowed effecient and pretty safe concurrency. I mentally added that to my list of what we needed on a nearly ideal processor. So far, it includes object/tag engine to enforce typing to beat access/integrity issues in one swoop, concurrency primitives, TRNG/crypto support, IOMMU, and at least one ROM firmware w/ trusted boot. It seems like many very secure applications could be built on such a SoC w/out too many headaches.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.