Comments

Joe March 19, 2021 10:31 PM

@SpaceLifeForm

(+@h0t_max and @_Dmit) have found two undocumented x86 instructions in Intel CPUs which completely control microarchitectural state (yes, they can modify microcode)

Sounds interesting. Thank you for that info!

Oxford University, COVID19, open source, bill gates March 19, 2021 10:47 PM

When Oxford University was working on a COVID-19 vaccine it announced that it would be made “open source”, meaning that any pharmaceutical manufacturer would be able to produce it legally without infringement on any drug patent, which would make the vaccine more widely available and less expensive, enabling widespread vaccination of the economically destitute populations in developing countries. But after their announcement that they would make the vaccine free to produce, they received immense pressure from the Bill and Melinda Gates Foundation (wherein Oxford research staff were threatened with the reduction or elimination of all grants from the Foundation, not limited only to those for medical research) to patent the vaccine and partner with AstraZeneca to sell it. So, now, not only did AstraZeneca receive all the accolades for “developing” a vaccine (which the company did not do), it’s also being produced in limited quantities and sold for $4 per dose to the federal government, which is about 20 times more expensive than the estimated cost if the formula had been open source and allowed to be mass produced by any manufacturer with the required equipment. In addition, because it is patented, it can only be produced by AstraZeneca, and poor countries have no or limited access to inexpensive vaccines.

Why did you do that, Bill?

Clive Robinson March 19, 2021 10:48 PM

@ SpaceLifeForm, Bruce, ALL,

have found two undocumented x86 instructions in Intel CPUs which completely control microarchitectural state (yes, they can modify microcode)

Oh well it was to be expected eventually.

What was in theory, now anyone who can,

1, Get information on to your computer.
2, Can get the information run as code.
3, Owns the microcode interpreter in the CPU.
4, Can do anything the wiring between the registers alows.
5, Including those hidden test harnesses.

So those,”write only registers” you find tucked away in crypto co-pros etc now become read/write. I also hear that Intel are using RC4 to encrypt the info blocks not AES… In effect code signing on the very cheap.

So Major embarrassment for Intel, yet again.

What do you think is going to happen to their stock price this time 😉

But from a practical point of view I guess the cold hard reality is security of the average computer is not going to be realy effected by this.

And even those few computers Level III attackers are going to go after are not realy any worse off with respect to “being attacked”… But those writing ISA or above code to look for such microcode “root code” are going to have a much harder time of it.

I suspect the real winners if Intel do not close this problem out, are going to be games and specialised software writers who will be able to get algorithms one step closer to the hardware, but there will be all sorts of thermal managment issues involved.

Weather March 20, 2021 12:22 AM

@slf all
It just looks like reading from memory of the program, maybe kernel. DLL or ntdll,
Funny though 😉

MarkH March 20, 2021 2:17 AM

@Nick Levinson, Clive:

We’re flying pretty high with this speculation … or down in the weeds, not sure which … but I’ve thought about this a lot.

I expect that 45 (or should I call him .45?) will do absolutely anything to avoid prison, and I think he has options other than fleeing.

If he chose to flee, Russia would be (while Putin lives) a good option. It would be a tremendous coup for Putin’s reputational project: he could offer it as proof that he had owned the most powerful leader on Earth.

The refugee would receive one of the most magnificent houses in the Moscow region (which are very fine indeed), and a mild-weather palace by the Black Sea for winters. He would be feted, given medals and titles, and be (for a while at least) as much a celebrity as he’s always wanted to be. I shouldn’t be surprised if he were given the rank of General in one of the intelligence services.

There might be a pro forma diplomatic request to surrender him, but it wouldn’t mean anything to either Russia or the U.S.

The danger of his having any further influence on U.S. politics would be immediately and permanently ended.

On the other side, he would surely give up any and all national security secrets he hasn’t already disclosed.

The greatest risk of such a strategem would be that if he (a) outlives Putin, and (b) Putin’s successor wants to maximize constructive engagement with the West, he might be surrendered after all …

There’s no question at all concerning his Mrs. If he fled, he would go alone, which would be satisfactory to both sides of that marriage.

MarkH March 20, 2021 2:27 AM

PS

I’ve two reasons for believing that the risk of future surrender would be minor:

1, Russia (like a number of states with a history of vigorous intelligence operations, including the U.S.) prides itself on taking good care of defectors: any failure in this regard would severely deter future defections.

2, After such a debacle, the U.S. would have no pragmatic interest in his repatriation: best to leave him in situ — so there would be no actual pressure, notwithstanding some “empty formal gesture” to the contrary.

lurker March 20, 2021 4:02 AM

@Nick Levinson, Clive, MarkH
Just for reference the Chinese opinion of Mr.T is shown by what is not said on a TV doco broadcast in 2017. Originally for domestic consumption, this english voiceover version loses some of the flavour of the original.

https://youtu.be/lto7Q_83PxI?t=629 watch 4’30” from this start point

Curious March 20, 2021 4:47 AM

@SpaceLifeForm

I thought a comment in that twitter thread was interesting and also hilarious in a terrible way: “People who don’t work for Intel can now reprogram your CPU directly” (some guy in the comment field on twitter)

Anders March 20, 2021 9:30 AM

@SpaceLifeForm @Clive @All,

Rewriting the CPU microcode can actually be useful from the
security point of view.

I can make my CPU unique. I can write my own instruction set (ISA),
write my own Linux compiler and change all my software accordingly.
I can even change it daily. Today NOP is 90, tomorrow CC, day after
that EB. Old x86/x64 shellcode don’t work any more.

To get a foothold on the system they should first guess the ISA. No
universal high level language like Javascript.

JonKnowsNothing March 20, 2021 10:20 AM

@All

MSM article “Chinese military restricts use of Teslas over security concerns ”

The Chinese government is restricting the use of Tesla vehicles at military bases, some state-owned enterprises, and other sensitive facilities.

Tesla vehicles have eight cameras outside the vehicle and an internal camera facing the driver.

“The move follows a government security review of Tesla’s vehicles, which Chinese officials said raised concerns because the cars’ cameras can constantly record images, as well as obtain various data such as when, how and where the cars are being used.

“The government [China] is concerned that some data could be sent back to the U.S.”

The TechNoKing, wouldn’t do that would he? In a Heartbleed second….

ht tps://arstechnica.com/cars/2021/03/chinese-military-restricts-use-of-teslas-over-security-concerns/

ht tps://arstechnica.com/cars/2021/03/elon-musk-formally-declares-himself-technoking-of-tesla/

ht tps://en.wikipedia.org/wiki/Heartbleed

(url fractured to prevent autorun)

Winter March 20, 2021 10:27 AM

@Nick, All
“There are persistent reports that people close to him believe he would flee the country rather than go to prison. ”

Seeing is believing. I cannot see Mr T doing the USA such a favor.

Anders March 20, 2021 10:40 AM

How they fight with the Corona in Russia.

hxxps://aftershock.news/?q=node/956443

This is made from sticks and sh!t.
Then they burn it.

I guess medical masks doesn’t cut here,
gas masks are needed 🙂

XYZZY March 20, 2021 1:12 PM

I recall a marathon meeting with Intel senior CPU architects in which we tried to explain why a tiny change in the architecture was needed to better support multiprogramming and virtual memory (many ears ago). Obviously smart people only “came around” begrudgingly after 6 hours on the white boards. That they have a cavalier attitude toward security is not surprising. I doubt they will even connect any market pressures stemming from these issues with their designs, clinging to speed tests as the only important metric.
Does anyone remember physical “maintance mode” switches?

Weather March 20, 2021 2:40 PM

@anders others
If the fuse was not blown, I’m guessing you would have to write a boot loader fuzzer while the CPU was in 16bit real mode, cr0 & 0x00 ,you can still print to screen and access ram,HDD ,would be a fun challenge but a head ache.

SpaceLifeForm March 20, 2021 3:17 PM

@ Weather

The 0xf1f2f3f4f5f6f7 was the POC.

It appears the opcode is 0F OA or 0F 0E. not clear. Maybe one for Write, one for Read.

@ Curious

I immediately read it as a typo:

People who do work for Intel can now reprogram your CPU directly.

Or Microsoft. Years ago, Microsoft wrote their own AML Compiler and stopped using the Intel AML Compiler.

@ Anders

Interesting thought. See FPGA.

@ XYZZY

Yes. And it was approximately the same timeframe that eliminating the jumper from the motherboard was when it became possible that the BIOS could be updated via Windows instead of using the jumper and booting from floppy.

SpaceLifeForm March 20, 2021 4:09 PM

@ Per Plexed

You are not reading this correctly.

Russia does not want Trump in Russia.

Russia wants Trump in US. It is to their advantage to keep the misinformation and disinformation pipeline active on Facebook and other social media.

Clive Robinson March 20, 2021 6:18 PM

@ SpaceLifeForm,

RF. Signal. Noise.

Too little information given to say for certain, but… It’s almost certainly “Signal + Plan”.

To understand why you need to look at the broadcast spectrum of TV channels. Even modern digital ones have “holes in the spectrum” you can use.

The signal of choice to use oroginally is “Direct Sequence Spread Spectrum” (DSSS) due to “chipping/coding gain”.

In essence you create an artificial very broad band “noise signal” and “bi-phase” modulate it with your digital data[1]. The “coding gain is more or less the clock rate of the artificial noise signal divided by the data bit rate. Using modern codecs that are open source (see OGG) you can get very low data rates with inteligable audio so getting a coding gain of a thousand is not that difficult.

However what people forget is that the coding gain is reciprocal in nature. At the receiver the artificial noise signal would spread the TV signal by the same coding gain thus diminishing it and improving the wanted Signal to Noise ratio (Look up “Low Probability of Intercept” (LPI) systems).

The upshot is you can tuck a DSSS comms system under a TV channel and have it virtually undetectable by the majority of people watching TV broadcast in that channel. It’s a trick I used to use when sending “unauthorized” signals through satellite TV transponders back last century. You can still do this with little difficulty using US Navy geo-stationary satellites which is done by Brazilian and other South American criminals some of whom are very much into the drugs trade. Though they tend not to use DSSS systems for various reasons.

But using this spectrum this way in the TV broadcast bands is not of necesity “Gypsies, Tramps and Thieves” it’s actually approved and licenced in some parts of the world[2].

[1] You can do this at home with a few TTL gates. First ceate your noise signal with a Linear Feedback Shift Register”(LFSR) using clocked latches and a couple of XOR gates. Take this signal to one input of an XOR gate and apply your digital signal to the other gate. The output is a bi-phase modulated squarewave. You can clean it up and use it to drive a diode ring double balanced mixer with an RF carrier and that’s your DSSS transmitter…

[2] You might have heard of “TV White Space Broadcasting” which is the modern version of how to share Broadcast TV spectrum, much of which is empty. It’s been going on since the 1970’s one way or another. The original use of DSSS was to get around the problem of diferent parys of the spectrum being used or not in any given area. Back in the 1970’s and early 1980’s it was felt that using “guard channels” entirely would be to difficult. However with modern computer chips and Digital TV Broadcasting (DTB) the systems can just use the local “Matrix Channel” to find out what frequencies are and are not in use so using guard channels exclusively is now not a problem.

https://www.bbc.co.uk/rd/projects/tv-white-space-devices

SpaceLifeForm March 20, 2021 7:44 PM

@ Clive, Winter, Weather, Anders, ALL

After thinking about this more, I think I read the attack angle wrong, and my comment is totally incorrect.

With this instant microcode issue, it is very possible that an attacker can cause cache flushes.

And, therefore, timing attacks.

Even if the instruction fails.

We DO NOT KNOW the side effects of the DECODE AT MICROCODE LEVEL.

Even if the instruction will fail, but is DECODED at microcode level, even at non-privleged level, we do not know the side-effects at microcode level.

Not having RED-Level Unlock does not mean that there is is not a magic sequence of instructions that get you there.

But, even if the the instruction at non-priv userland fails, does not mean that a cache flush was not forced.

https://www.schneier.com/blog/archives/2021/03/exploiting-spectre-over-the-internet.html/#comment-371068

I seriously can not envision a scenario where I could bury a core and interrupt it enough to cause cache misses every time.

Weather March 20, 2021 8:09 PM

@slf
Use the instruction cache flush, search Google for ‘and x86 asmebly refence’ it about the first hit, there are multiple of them, doing it remotely by packet not so much.
It might be a system instruction, maybe inturupt request to windows and get it to run it, try fuzzing those insturuction its ‘int byte’ with eax normal output and edx,ECX possibility EDI input.

PS if you can find the instruction I’ll post later on phone

Weather March 20, 2021 8:23 PM

Asm(“clwb”)
Clflush,clflushopt
Inline asm, can be done in usermode, with byte 1-3 ,linear address ,copy it to virtual address in program, is 0x210000 or 0x41000000 in window ,opposite for Linux, 0x7b000000 for stack.

Anonymous March 20, 2021 9:04 PM

@ Clive Robinson

Satalite piggy backing: Doesn’t this get stripped out now a days with the digital conversion? Also, what’s the max amount one can carry this way? Can you over saturate and deny its use? What about increaseing the amount of data?

CarpetCat March 20, 2021 9:05 PM

@ Clive Robinson

Satalite piggy backing: Doesn’t this get stripped out now a days with the digital conversion? Also, what’s the max amount one can carry this way? Can you over saturate and deny its use? What about increaseing the amount of data?

Etienne March 20, 2021 10:58 PM

Per Plexed writes: Dear God. What the hell has happened to this blog?

The Weekend blog posts are complete spam for the most part.

XYZZY March 20, 2021 11:05 PM

@SpaceLifeForm – yes the “improvement” in BIOS updating removed the need for the jumper. I was actually think of way earlier when systems filled the room and the main computer had a small second computer for diagnostics.
Some may recall the diagnose (diag) instruction used by engineers on the 360 but then, because it was an otherwise unused opcode, used to signal communication with the hypervisor (in old CP/CMS days).
A program that tries all opcodes doesn’t find the undocumented function that are only triggered when some set of other conditions are present; register values, flags, and what is in the pipeline.
I suppose a microcode update could turn of the undocumented features…

Clive Robinson March 20, 2021 11:07 PM

@ CarpetCat,

Doesn’t this get stripped out now a days with the digital conversion?

It depends on what type of method the satellite uses for it’s function, which also depends on how old it is.

The simplest type of satellite and the one that was most reliable design for a very long period of time is the “linear transponder” that is “band inverting”.

That is you “block convert” the output of the receive filter to another frequency range without demodulating the signals, and push it through a Traveling Wave Tube (TWT) or similar high gain wide band amplifier and push that through filters before it goes to the TX antenna.

This sort of transponder satellite is the type you go for because other than turn the transponder off there is little the operator can do.

Also you need to know the birds orbit type that is if it’s geo stationary or orbiting and the relative velocities as that effects Doppler shift. Then there is the added wrinkle of if the transponder is band inverting or not as this not only effects Doppler shift it can effect some types of modulation. Because if it’s band inverting as you increase the frequency at the input the frequency decreases at the output. So Upper Side Band (USB) signals become Lower Side Band (LSB) signals.

As for limits yes there are many but like Cable Televison Cabinate Amplifiers provided you take care everyone gets a usefull slice of the cake.

The important thing to remember is it’s not the aggregate power of the individual signals that marks the first limit, but the sum of the peak voltages for each signal.

name.withheld.for.obvious.reasons March 20, 2021 11:14 PM

A video on a new resonant permalloy FeNi demonstrates a time-based material with a induced field which can be examined predictable. Think of it as a high resolution crystal with an induced time/space domain. A brief video explaining the fabricated material can be found on Youtube at:

hxx spt://www.youtube.com/watch?v=nDXU9hshlr8

(url mangled for your pleasure)

name.withheld.for.obvious.reasons March 20, 2021 11:18 PM

@ Clive
Surprised you’ve not mentioned the role of LNA’s in satellite comms, seems you addressed it indirectly. What gives? Why not reference the AARL and other sources for our friends?

MK March 21, 2021 12:22 AM

If you pick linear transponders as your mode of transport, you should realize that lighting up multiple satellites allows finding your location via timing differences due to path length differences. Signals can be discovered by corrolating the output of two or more transponders.

Clive Robinson March 21, 2021 6:57 AM

@ MK, ALL,

you should realize that lighting up multiple satellites allows finding your location via timing differences due to path length differences.

You can do the same with a single satellite if it moves with respect to your transmitter, by building up a succession of “running fix lines”. The more lines the more accurate the fix.

It’s the principle used behind the COSPAS SARSAT (Search And Rescue SATellite) system agreed in the late 1970’s and up and working with it’s first rescue chalked up in the early 1980’s has helped rescue more than 50,000 people since from “Air, Land and Sea” accidents and incidents.

The network of satellites[1] pick up the so-called “406 beacons”[2] which after thirty years still function as intended. However improvments in technology and changing requirments for International Safty regulations has resulted in vastly more beacons required that due to accidental triggering and multiple personal beacons automatically activated in an incident has given rise to a second generation system with increased data capacity as well as GPS data [3].

It’s expected that this system will remain in use for atleast another century even with increasing deployment and usage.

[1] All four Global Satellite Navigation Systems, Chinese BeiDou (BDS), European Galileo, Russian GLONAS, and US Global Positioning System (GPS) now carry transponders. There are upper Low Earth Orbit (LEO ~100min Polar) satellites as well as geostationary satellites and it is also possible to put transponder units on aircraft that fly at altitude. The aircraft option has been untill recently only a “technical excercise”, however concerns over the likes of Elon Musk’s StarLink system has given rise to it being “dusted off” and reappraised.

[2] The “406 beacons” get their name from the frequency they transmit on (406MHz) to distinguish them from the earlier civil and military maratime and aeronautic rescue beacons on 121.5Mhz and 243MHz that were DF’d by aircraft.

https://en.wikipedia.org/wiki/Emergency_position-indicating_radiobeacon_station

[3] “Emergency Position Indicating Radio Beacon”(EPIRB) systems that put out just a few milliwats CW and have a battery life good for atleast several hours. The first generation beacons transmit ~90bits of ID and other information using binary phase-shift keying (BPSK) on one of many 3Khz wide channels in the 100KHz band assigned to the service by the ITU (under the UN Secretariat). Second generation systems will use Quad Phase Shift Keying (QPSK) on a Spread Spectrum (SS) carrier. This not only improves the sensitivity and resolution of the system it also alows many more beacons to operate at the same time in a localised area as it’s inherently a “Code Division Multiple Access”(CDMA) system. The amount of data will also be increased containing new sources of data. Due to the use of SS both generations will happily co-exist in the same spectrum.

Clive Robinson March 21, 2021 9:44 AM

@ name.withheld…,

What gives?

Living in a different time zone at the moment…

Somethings it makes easier, others tiring.

As for AMSAT and Co, yes they’ve done a fair bit over the years, the trouble is that in certain parts “politics with a capital P” have taken over. Both the ARRL and RSGB saw declining membership prior to COVID and for some involved, a few moments of ego food was the price for letting those they represented down and doing things that are going to cause lasting harm, to the benifit of others in various undesirable industries who would rather “slash and burn” in others territory rather than clean up the mess they have created in their own backyards.

Any way the less said the lower my blood preasure 😉

XYZZY March 21, 2021 1:51 PM

Found this old black hat interesting RE finding undocumented instructions.
h ttps://www.youtube.com/watch?v=KrksBdWcZgQ&ab_channel=BlackHat
You might already know of Domas from TED talks.

Clive Robinson March 22, 2021 1:57 AM

@ name.withheld…, ALL,

What gives?

Courtesy of the not so “minnie me” that is my son, a You-Tube link on Amateur / Ham “transponder” satellites

https://m.youtube.com/watch?v=sjKcID_R8bk

It has some history and science as well as a bit of communications theory, but nothing you can not do easily with a calculator or pencil and paper…

If folks want to know the more indepth knowledge of how frequency mixers work well…

All you are doing is using a nonlinear curve function such as y = x^2 or y = K(e^x -1) to multiply two sinewaves together to get four output frequencies. Most of the readers here I suspect remember trig identities from school without much fondness 😉

So… Rather than have me go through the derivation of sinA.sinB = (cos(AB)-cos(A+B))/2

I’ll let a Wiki page do the lifting,

https://en.m.wikipedia.org/wiki/Frequency_mixer

(but also note the current in a diode is (e^VD -1) and that e and logs are strongly related and adding the logs of two numbers is the equivalent of multiplying which is why slide rules and log tables work and why diodes make reasonable “mixers”).

Winter March 22, 2021 7:50 AM

@David
“My understanding has been that sterilizing immunity has always been the ultimate goal.”

I think you err on this one. The ultimate goal has always been to save the lives and health of as many people as possible. “sterilizing immunity” would be nice, if it could be achieved. But like in flu vaccines, it is not necessary to make a vaccine valuable.

@David
“I sincerely hope the Covid vaccines turn out to be everything we want and need them to be, but I don’t want to be fed bullshit in the meantime, and peer pressured into signing myself and my family up to be part of a medical trial.”

The trials have been run and all the data show that the vaccines save lives, and even the health of those who take it.

If you want to risk the lives and health of your loved ones because of some erroneous idea of what a vaccine should accomplish, I really feel sorry for your loved ones.

Winter March 22, 2021 7:59 AM

@Noah
“Literally everything has been a lie.”

Did they not explain to you the difference between “lying” and “being ignorant”?

When COVID-19 came to the scene, it was something nobody had ever seen. So, people gave advice based on what they knew. And, like all those who are responsible for human health and welfare should do, they changed their advice when they learned more.

I have not seen any evidence from you, or others, that the suggested policies did not work. Face masks are no panacea, but they help slow the spread when people refuse to keep a distance. Naturally, with so many infected Americans refusing to distance themselves from others, the epidemiologists advised face masks as a way to compensate for human stubbornness and stupidity.

The same with all the rest of the objections. Finally, Israel shows that vaccination of the population does stop the bad symptoms of the epidemic: Death and crippling illness.

I totally understand that there are people who want us all to die a natural death. But I, for one, rather live a long life using unnatural means than to die an early death, all naturally.

Winter March 22, 2021 10:27 AM

@-
“I’m sorry you appear to be the target, of choice currently for the reloaded auto ”

I must have been doing something right. It seems that if no one hates you online, you have not been read.

Clive Robinson March 22, 2021 3:47 PM

@ JonKnowsNothing,

Hmm it’s worse than I thought, thanks for the update.

What makes me very nervous is thr fact the “blue one” gets to collect, keep and do as they see fit with every Cal Citizens medical data, I can see oh so many ways that is going to get abused by them.

With regsrds the “buyers regret” yes I’ve seen the news, the clips I’ve seen are shall we say “feral at best”, and that is going to “go home USA” North, South, West, and East taking four of the VoC’s right along with them. Not so much Spring Break, but Easter Wake. It was bad enough with that motorbike rally last year, this “Fun in Florida” weekend has all the potential of “Super Spreader Event of the Decade” if not century.

SpaceLifeForm March 22, 2021 4:46 PM

@ XYZZY, Clive, Winter, Weather, Anders, ALL

Not having RED-Level Unlock does not mean that there is is not a magic sequence of instructions that get you there.

(double ‘is is’ my bad. mea culpa)

Rumour. There is. That you do not need access to the motherboard.

I absolutely despise variable length instructions.

Weather March 22, 2021 5:09 PM

@slf group above
32mb of nop, you patch the 5-10 bytes at 16mb above you have a long jmp down below at 32mb you have your fuzzer it modify the bytes 3c100:4141 cs it does HDD stuff at others, its like a VM that runs one instruction then checks stuff out

name.withheld.for.obvious.reasons March 22, 2021 5:29 PM

@ Clive
Sorry to hear about your temporal displacement! And,

would rather “slash and burn” in others territory rather than clean up the mess they have created in their own backyards.

So typical. How is it that doing the wrong thing first seems to be the preferable approach to problem solving?

Oh, and by the way; I still cannot forget the 32 trigonometric identities to this day–some 49 years later. I guess it is a sin(x) of the t(M).

Had a conversation with a chap from NSA some twenty years ago explaining the single point interpolation of signal processing to them and immediately received a bit of angry rhetorical messaging. Something like, “Don’t make me…”

Not the response I expected, speaking of blood pressure.

SpaceLifeForm March 22, 2021 5:51 PM

@ -, Clive

Make sure you know the name (hint).

I’ve been bit too.

Pay attention to the writing style.

Not sure? Ignore.

name.withheld.for.obvious.reasons March 22, 2021 6:18 PM

@ SpaceLifeForm
I remember working on a systems port with a Watcom assembler for the prerelease of the first P4 and in anticipation of the hardware employing this class of CPU’s. I ran into an opcode that was not documented, I far as I remember it was opcode 104 in the documented instruction set that seemed to be an oversight. Have to take the wayback machine to assert the original findings, it was out of the ordinary as I understood it at the time. Intel has a long history of similar behavior as do many fab companies. There was a really cool 2007 grand challenge that included hacking hardware and producing artwork from it, some really cool masks were developed that truly met the challenge.

Clive Robinson March 22, 2021 11:22 PM

@ SpaceLifeForm, XYZZY, Winter, Weather, Anders, ALL,

With regards the poll on “are there undocumented instructions?”

The answer is “Yes of course there are”

The real question is “Why?”.

A bit of history that goes back to the 1950’s as to why microcode exists in the first place and what it realy is.

The CPU consists of some very basic parts made by switching data paths “multiplexing” between collections of flip-flops and latches. The “language” used to talk about this is the “Register Transfer Language” or “RTL” and it generally used to be hardwired logic. It was messy, error prone and sucked loads of power.

So the trick was to make a form of instruction decoder, that is basically a counter and ROM wired up as a state machine. The ROM being an array or diode matrix was not just fast but easier to change than getting out a wire wrap tool and rewiring the logic. Trust me I know this I spent a chunk of my life I’m not going to get back doing exactly this sort of change on a very large computer design for a body scanner system.

The point is that Counter&ROM state machine is what computers realy are. They are an implicit part of RTL what we call microcode is just another Counter&ROM state machine that drives the RTL state machine. Depending on the architecture the Instruction Decode of what we call the Machine ISA is either another Counter&ROM around the microcode state machine or the state machine it’s self. Guess what at heart most interpreters are just another state machine and effectively just an abstraction of a Counter&ROM…

Computers are “Russian Dolls” of such state machines.

The important thing to remember is not all instructions into these state machines require the same number of steps, nore do all the potential instructions make sense. Thus a large chunk of the ROM is effectively empty. To stop them being an issue the are made into NOP’s that is they encode to “load next instruction”(LNI). Thus each potential instruction is a binary number that in effect is a start address to a space in the ROM that space is as long as the maximum number of steps expected for any instruction as it makes thing more efficient to do it that way.

Now where to put the LNI? At the begining of the available instruction space in ROM or the end of the available space in ROM? That is you have two types of NOP one that is a “do nothing fill” that might be all zeros or all ones and the instruction terminating LNI jump. For various reasons even if an instruction does nothing with regards the state or operations on data in registers, it still might still have to go through a number of steps before a LNI jump happens. One such is “instruction pipelining”

The result is you can end up with a lot of zeros/ones “fill” in the ROM. Some state machines do not have an LNI jump instruction just fill. What happens is when the counter gets to a certain sub-address that would be the start of the next instruction space, the state machine performs a default equivalent of the LNI. There’s not many such computers around these days, and if you see in the data sheet all the basic assembler instructions take exactly the same time, you might just have found one.

The upshot is this ROM gets full of cruft as the CPU gets developed that’s an artifact of trying to do things too quickly.

So some of those instruction slots contain undocumented instructions because they have not been cleaned up properly duringva rushed development cycle and nobody dares change things down the line unless managment order it.

But there are other reasons to have hidden instructions, one of which is to do with “test harnesses”. You need to be able to electrically test a chip before you even cut it out from the wafer. To do this you need to be able to put the chip into test mode and perform tests. A part of this is adding “test instructions” and a logical follow on of this if the ROM is actually RAM and loaded from ROM and updated from the chip busses is what both Intel and AMD do do. Yes they try to put a bit of security around things but the reality is people are not payed to clean up cruft.

So things get through. There is a joke about Intel’s “oh so secret” errata sheet being bigger than the public chip data sheet… Such jokes often have a founding in reality, so I would assume the errata sheet evenbif not bigger than the data sheet might well be a hefty document with hundreds if not thousands of entries.

As we all know or atleast should be aware of is that,

“Security is an afterthought”

Thus I would assume that the hidden instructions security mechanism is actually an “afterthought” and whilst apparently blocking the actuall instructions from the ISA interface, probably do not block it via some of that cruft in ROM in a state machine one or more steps below the security mechanism added as an afterthought…

I could go on at length about the dangers of CISC variable length instructions. These were brought in to get higher external data bus transfer rates. All they realy do is take a standard run of basic instructions and make them into a single instruction thus saving several bus reads. There are two ways to do this in the state machine, on is to make the instruction slot space bigger which is inefficient the other is to implement the equivalent of a call/return handler rather than a jump to Load Next Instruction mechanism at the end of each instruction. Having been involved with developing such a system I can tell you it’s the stuff of nightmares not just to develop, but also debug and actually test… Most state machines are designed not to be Turing Complete for very sound reasons unless you excercise care a call/return system becomes Turing Compleate unintentionally, and that can result in a “Ghost in the Machine” as has happened with Intel chips and the memory bus control system…

name.withheld.for.obvious.reasons March 23, 2021 12:05 AM

23 Mar 2021 — Where have all the…
A most alarming find concerns the dimunintion and complete whitewashing of the past, especially when it comes to the intelligence community. Yesterday it was revealing that upon a google search for a fairly specific issue little but government sites were listed. Okay, broaden the search by reducing the terms, done. By the time I was finished with my little experiment I was left with the following search terms:

2014 Intelligence Authorization Act HR 4681

What followed after 15 pages of search results were primarily two site references, one to EFF that is the referred source at mappingtheinternet.eu (not EFF’s site), an article on linustechtips.com, and a news site IVN.US that were critical of the particular bill. I have posted this “post haste” as it has some WTF implications and want to alert others that may be concerned about such issues.

Questions:
No reference to EFF’s sources, and of the number of news, blogs, and other sites reporting on such issues no listing at all. After the 19th result page the listings were language variants that get caught in the usual indexing.

Clive Robinson March 23, 2021 12:10 AM

@ name.withheld…,

Apologies for putting your offspring into the mix.

Not your fault, it’s mine. As you might remember I do not connect my computers to any external comms network, and even power gets special attention, through carefull selection of filters and UPS design (think of the “equivalent capacitance” of a 250AH battery in a lowpass filter configuration). Even the few machines in there that have browsers do not have cookies or javascript enabled…

So when it comes to talking to the world as you know the likes of YouTube do not work unless javascript is enabled, and other Google services demand both cookies and javascript as do nearly all social media. So I do not play their game, nor do I do personal email or social media, secure appes and other security tar pits.

My son though does have a mobile with more apps/games on it than there are names in the dictionary, as for the Win10 machine he is forced to use it’s full of the usual “spy-ware” higher education demands of both academics and learners/researchers. So asking him to do a quick search and SMS the link is not much of an issue, even though it sometimes feels like I’m pulling teeth… But name me an adult that has not said similar about their off spring at some point 😉

The real trouble me thinks, is how things have gone down hill since Dickensian times. That is apparently we don’t have the chimneys or coal mines anylonger due to central heating and the like. So we don’t send our children off to work 14hours a day on a bowl of gruel. Starting when they are seven years old, before they’ve developed those pesky “teenage attitides”. After all children are supposadly an investment, but you need a good ROI and you don’t want to be waiting a quater of a century for it, I guess it’s just another sign of the times 😉

SpaceLifeForm March 23, 2021 12:56 AM

Android System web view breakage. Bad update.

SolarWinds and Exchange did not impact as many users.

hxtps://www.reddit.com/r/GMail/comments/may197/gmail_app_crashing/

JonKnowsNothing March 23, 2021 1:26 AM

@Clive SpaceLifeForm All

re: UK Variant B.1.1.7 B117 Kent verified in Dogs and Cats.

MSM Report and Study confirms B117 has infected several dogs and cats. This is the first confirmed infections of the B117 variant in dogs and cats.

The animals were infected by their owners.

Wait… There’s more…

The animals showed No Signs of Respiratory Symptoms. No sniffles, sneezes as has has been noted in D614G pre-mut COVID.

What they did have is myocarditis, a heart condition. This heart condition is a known symptom of COVID-19 in humans but is not common in dogs or cats. The incidence of B117 triggered heart failure in dogs and cats is higher than normal levels.

The vets were able to trace the rise in B117 myocarditis in animals, by mapping the cases to the rise of B117 in the general population.

Of Note:

  • There is no indication that humans got COVID-19 from their pets.
    The transfer is still Human->Pet->Pet .
  • The animals were asymptomatic.
  • How long they were exposed, how long it took for the heart damage to be noticed may have some bearing on animal-animal transmission.
  • Dogs taken to dog parks or doggy-day-care maybe have some risk of nose-to-nose transfer like other canine diseases. Cats also can infect each other with nose to nose transfer of feline diseases. This has been noted in minks as a method of transfer within mink farms.

“We are now basically in a new pandemic.
The British mutation has become dominant [in Germany].”
Angela Merkel 03 23 2021

ht tps://www.theguardian.com/science/2021/mar/21/vets-warn-new-covid-variant-heart-problems-pets-cats-dogs

ht tps://en.wikipedia.org/wiki/Myocarditis

  • Myocarditis, also known as inflammatory cardiomyopathy, is inflammation of the heart muscle.

ht tps://www.biorxiv.org/content/10.1101/2021.03.18.435945v1.full.pdf
(url fractured to prevent autorun)

name.withheld.for.obvious.reasons March 23, 2021 3:36 AM

@ Clive
I’d thought you’d have a variac in your power stream, precision variable control with a bit of power filtering (at least inductive). I have some very specific power conditioners (constant load) that work prior to conventional AC conditioning via UPS and then through power filters. Totally separate Faraday cages between successive security layers. When online, mostly via command line and occasionally onto websites with a sacrifice system (air gap is enforced along with physical contact layering). Full spectrum isolation, except for gravitons and specific phonons. My main lab is three physical layers deep, if you see me here I am one layer in…

name.withheld.for.obvious.reasons March 23, 2021 4:52 AM

@ Clive
Obviously given the “times”, I don’t need to give you a decoder ring or the page numbers. Others, I am not so sure.

name.withheld.for.obvious.reasons March 23, 2021 4:59 AM

@ Clive
I have to admit that in the not too distant past I have used wire wrap tools as a program editor. A VME bus implementation for a test frame caused me to do some hardware level programming, though lucky nothing that required grid voltages and a warm tube to be up and running, I’d leave that to Microsoft hardware engineers.

Clive Robinson March 23, 2021 6:40 AM

@ Winter, ALL,

All the usual suspects, except pigs do not seem to get it.

The Nature article just says what has been said on this blog for those that have been reading it for the past year or so. As you will appreciate having your thoughts on risks happen but get confirmed is actually very far from enjoyable especially as it has also caused very unpleasant attacks by those who would prefer to be in denial for various reasons.

As for why farm stock swine may not get it, there may be a reason for that which the Nature article did not go into.

But it did gave a strong one liner clue to it with the mention of COVID suffering people with pet ferrets, where the ferreys did not get infected.

One anomaly of COVID was found via testing asymptomatic people. That is some people all pet owners if I remember correctly appeared to have high levels of natural immunity to SARS-CoV-2.

The assumption was that it was “the milk-maid effect” of natural immunisation from their pets to an animal beta coronavirus strain that did not reproduce in humans (as most beta corona viruses don’t, but can and do get into us).

That is the transfer of infection beyween pet and owner is two way and that the ferrets may have been infected but not infectious with one of the coronaviruses that reproduce in humans but not the ferret, but the ferrets have built up a natural immunity.

There is a joke about pig farmers and the flu, that they don’t get human flu but pass on pig flu, hence all flu is man flu… Whilst not entirely true there is a degree of natural immunization in those that deal with live-stock of various forms.

But the things we should all remember is,

Firstly viruses care not what species a host is, just that the virus can reproduce in it.

Secondly the virus mutation rate is broadly proportional to the size of the currently infected population of host creatures.

Thirdly if there is a virus of any sort in your environment in sufficient quantity your bodies immune system will respond even if the virus does not reproduce successfully.

Fourthly and importabtly hybrid-mutation which makes the big jumps in mutation, happens when a body has two or more viruses in it at the same time. It is more likely to happen when there are epidemic level infections such as “Winter flu season” in progress.

Thus pets and live stock both benifit or loose with close contact with humans, the same as humans do with their contact with pets and live stock. What happens and which way the dice role appears almost as random but guided as evolution does, which is kind of what you would expect.

However humans are more prey to pathogens than other species because we are “social” which is actually unusual in most carnivor and other apex species types. It’s why I’m worried about more social species especially omnivores. Which covers rodents such as mice and rats.

In the UK for instance issues to do with rodents such as mice, rats, squirrels, etc are very much on the rise because of the stupidity of “waste collection” policies. Thus weekly “bin collections” are at best once every two weeks and longer if they arbitarily change dates and times etc, due to people missing their time slot or the contracted out services companies decide to just not bother with arrangments for disabled people etc.

Such populations can rise quite suddenly and over run areas unavoidably bringing all sorts of disease with them. Such events usually follow “man made” events such as refuse collector strikes, policy changes, or physical disturbance of habitat etc.

We can realistically expect such man made nonsense to continue at an ever increasing pace so, I’m in the position of saying “the prognosis doe not look good”. Whilst this pandemic might have originated in China, it’s the neo-liberal driven Western First World that actually made it a pandemic and that sort of stupidity never learns and like cancer it can be hard to eradicate.

Winter March 23, 2021 7:34 AM

@Clive
“The Nature article just says what has been said on this blog for those that have been reading it for the past year or so. ”

Words and suspicions should be backed by observation. So gathering the facts in a single place is a good starting point for further work.

JonKnowsNothing March 23, 2021 11:25 AM

@Clive @Winter @SpacelifeForm @MarkH @All

re: COVID-19 infections in non-human animals

Pretty much everything in that article, including the science references have been posted previously in the blog. Kudos to all for the Advanced Thinking that happens when many people pool their knowledge base.

There is one anomaly in the article regarding Pet Ferrets:

@Clive

But it did gave a strong one liner clue to it with the mention of COVID suffering people with pet ferrets, where the ferrets did not get infected.

Lab Ferrets get COVID-19 very easily and they are used for all sorts of lab based COVID-19 experiments. Experiments, studies that required biopsy use COVID-19 infected mice.

The mouse version of COVID-19 is a lab engineered one but of concern in case of escaped mice carry it to the wild population. Mice are not the current natural harbors for COVID-19 so even a bunch of escaped mice with their lab-engineered COVID-19 might not be a problem, they will die faster than they can get out of the building.

The question is this:

  • IF the Pet ferrets do not get COVID-19 from their owners and do not test positive for COVID-19

and

  • IF Lab ferrets get COVID-19 directly nose-to-nose or by lab procedure

then

  • What is the difference between these two sets of blood lines?

Lab animals are often line breed (inbreed) and selected for specific traits and their genetics can be manipulated for lab uses. Lab ferrets are still ferrets in the same classification as Pet ferrets.

Ferrets/Mink get COVID-19 easily because their ACE2 receptors in their lungs are similar to Human ACE2 receptors and are located in similar orientation. Ferrets are used as lab animals for many Human Respiratory Tests because of this similarity.

Ferrets/Mink did not get COVID-19 from “the wild” they got it from their human handlers. They may have some other resistances that have not been published (afaik) but the Human-Mink-Mink chain was devastatingly fast. Only in places like Utah did Neoliberal-Libertarian concerns for money, restrict the full cull of the mink farms (Utah, Wisconsin, Michigan). There have been other reports of escaped mink in Europe and in Canada but the mortality rate is expected to be too high and a self-terminating mortality event will prevent further transmission.

China and other countries continue with their mink farming and the Human-Mink-Mink-Human transmission can be expected to recur. Greece had reports of spontaneous Mink-Type mutations in several genomes.

One concern with the coming COVID-Mut pandemics is this

  • If the animals remain asymptotic, the telltale mortality events that happen in mink farms, may no longer happen and therefore there are fewer triggers for test/cull.
  • If Human-Mink-Mink is left to mutate unnoticed, then spontaneous mutation of the Human-Mink-Mink-Human crossover may occur unnoticed.
  • The previous crossover was unnoticed until it was spotted by genome sequencing in the human population and found in areas where mink farming occurred.
  • Health officials did not spot the Antibody Escape Mutations (see B117 and others) until the Mink Mortality Events started to happen.

Farmers do not test healthy appearing animals. Good farmers take precautions to prevent disease outbreaks but even so outbreaks occur. Farming Corporations are only interested in money and have no day to day interaction with the animals (the entire operation is outsourced). Farming Corporations are not going to test seemingly healthy animals either.

Clive Robinson March 23, 2021 11:46 AM

@ name.withheld…,

I’d thought you’d have a variac in your power stream, precision variable control with a bit of power filtering (at least inductive)

Old school reliability but not enough inductance to close the bandwidth down enough. But also there is the IL EMP problem, in that variacs get slagged by lightning strikes. So they are not going to survive Solar Weather events, or god forbid some idiot with a modern Otto Marx generator. Or sometimes worse a HERF gun using either microwave generation (think oven valve/tube pulsed at a MW) or a dialectric transmission line and fast switch (remember those gas discharge avalanche switches that fire at upwards of twenty thousand volts, or even the now easy to make UV triggered spark gaps).

A little protection device to make is a foot long “line” made by two one inch wide copper bus bars 1/5th of an inch apart mounted in a two inch steel pipe or aluminium box section with lightning discharge tubes along the length and “transorbs” (semiconductor clamps) at the far end. You use it as a fast rise time clamp, as long as the immediate “load” is low impedence (drum of RG213 coax is ~1pf/cm at 2.5kV) you can get away with dumping very high power short duration (sub 1nS) pulses and time stretching the energy via reflections from load mismatch at much longer time periods. The trick is to eventually end up with a horribly over damped LPF that gives time for other much slower protection to kick in.

Whilst doing this for a “cage” with a few hundred Watts of computers or communications gear is not overly difficult or expensive, a whole house is a rather more interesting problem especially if the feeder voltage is low thus current high.

Weather March 23, 2021 3:21 PM

@all
I’ve been working on sha2 hash, the computer has been running for 5 days and displayed some sistacic which I graphed(having trouble uploading) ,it display patterns of if a char was used in the input a couple chars in the ASCII chart after score low values. If there’s are large gap on the ASCII chart between input it has a flat median picture.
At the moment on running the same input but select the first 16 bytes and run that through the hash again, it should take a week.
Nothing certain at the moment but it is leaking data from the input to the output.

FlightRecorderContingent March 23, 2021 4:38 PM

About the current stats quo of computer data integrity worldwide. abbreviated:

No time for all of this; download long-term backup copies of everything you browse; make some of them available without needing electricity; make sure many of them are not as volatile as paper and ink products; be creative with your backup techniques.

Consider the data integrity issues as well as the possibility that your tools will not be available in the near future; pack and plan for disaster; plan as if your life depended upon having all-weather backup copies.

Weather March 23, 2021 5:10 PM

@all
I’m testing the full byte ranch, but also testing weather it leaks through two chains,
Defense so far greater than 32 and 256 input length, 3 or chain, and distribution of password over the byte range, say 32 max chars 256/32 , but mix with over stuff

vas pup March 23, 2021 5:43 PM

Boulder shooting: Ten victims and suspect identified by police
https://www.bbc.com/news/world-us-canada-56501234

“Who is the suspect?

Acting US attorney Michael Dougherty stressed the investigation was “in its early stages” but Ahmad Al Aliwi Al Issa, 21, was the only suspect involved.

He said Mr Al Issa was from Arvada, Colorado, and had lived most of his life in the US.”

Read the whole article for further details.

vas pup March 23, 2021 5:58 PM

UK ‘heading towards digital skills shortage disaster’
https://www.bbc.com/news/business-56479304

“The Learning & Work Institute says the number of young people taking IT subjects at GCSE has dropped 40% since 2015.
Meanwhile, consulting giant Accenture says demand for AI, cloud and robotics skills is soaring.”

Yeah, liberal arts are more preferable unfortunately in US in particular, but until US and other members of 5 eyes understood the critical importance of STEM subjects in education, the only option would ‘be suck out’ brains, i.e. professionals from you India, China, S Korea – you name it through H1B visa, but is this the best solution in the long run?

Those IT/STEM should be primary subject for government financial support based on skills, not demographics – forgive my political incorrectness, but because it is national security issue, then we should accept 2+2=4 approach OR China will leave us far behind very-very soon.

Weather March 23, 2021 6:27 PM

@vas pup
Australia plus other country have a law about hacking tools, what would your opinion be on that?
@bruce,cr,slf though?

Clive Robinson March 23, 2021 6:57 PM

@ vas pup,

Yeah, liberal arts are more preferable unfortunately in US in particular

The reason is twofold,

1, For most jobs a “degree” is a HR requirment for hiring. Mostly the subject studied is irrelevant.

2, For many students it’s a question of risk of debt and chance of qualification.

So the aim is not “a degree in XXX” just “a degree” to get a job. The cost of a degree is not uniform in all places but even where it is you incure the debt regardless of if you qualify or not. So a sensible person goes for the lowest cost degree that is easy to pass.

So “liberal arts” is going to be high on the “low risk” chart.

One of the hardest degrees to get, harder even than straight hard science, is “engineering” and other “proffession” degrees. The risk of debt is actually higher with engineering and worse unlike the traditional proffessions the fiscal reward for engineers is generally a lot lot lower. Oh and proffessional indemnity insurance can be higher. Because generally a Surgeon can only kill one patient at a time, an engineer can kill several hundred if a plane drops out of the sky. More if it plows ibto a sky scraper. Then what about an off shore drilling rig turns turtle with a whole heap ot environmental damage to follow. Oh and just how many people get on cruise ships these days? One of those turning turtle or breaking it’s back mid ocean in a storm is a high risk no matter how many life boats and rafts.

If you want people in “technology and engineering” you need not just change the risk/reward on the qualifications, you also need to make the work have the same soet of rewards in professional remuneration.

Otherwise those doing STEM will become “quants” or equivalent in the finance industry where they can earn ten times as much as they can doing what they trained to do. Or almost as usless chase work in Silicon Valley at the likes of Google, Facebook, etc writing more or less meaningless software to grab more PII and package it up. A good mind with algorithms and some managment skills can pull, +$1,000,000 rewards. Look up what an engineer designing medical electronics or FMCE gets as a comparison.

Unfortunately quite a few engineers see their jobs as more than a vocation but an entire reason to exist. Which unfortunately makes them easy targets for those that are unscrupulous or see them as being of less value than the “blue collar” or “oily rag” type “pump jockeys” that put gas in the tank and give the windscreen a rub down.

Similar is now happening in academia as well where almost the least important part of their job is doing research. As for teaching increasingly it’s being done by TA’s that in reality are other students a year or two ahead trying to earn money to pay the bills.

Those who work in STEM related employment are increasingly seen as “unimportant” in the neo-liberal view point. Even though they are the people that make it possible for there to be a society above third world subsistance farming.

SpaceLifeForm March 23, 2021 8:13 PM

@ Weather

Tools are tools. Can be used for good or for bad.

The distinction that everyone should try to apply, is to be clear as to whether it is an attack or not.

So, in that vein, be clear. If it is an attack, then say they are attackers. Do not use the term hackers when you really mean attackers.

Almost all hackers are NOT attackers.

But the media, oh my!

lurker March 23, 2021 8:13 PM

@Armchair_Epidemiologists
A year since the start of the pandemic, microbiologist expresses dismay UK (& Europe) still hasn’t found their clue[1]; and wonders what sort of experiment is being done on the population with mix’n’match vaccines, and stretching the second dose out to 12 weeks?

https://www.rnz.co.nz/national/programmes/ninetonoon/audio/2018788833/dr-siouxsie-wiles-on-a-year-since-lockdown-4

[1] Amongst the finger pointing going on I don’t yet see anyone blaming the spread of the virus on the Shengen Protocols…

JonKnowsNothing March 23, 2021 9:20 PM

@Clive @ vas pup @All

re: University Degrees / Liberal arts vs the Hard Stuff

As we are rounding out the first year of the pandemic and in the USA (various parts) schools are opening up full tilt, some have already opened and there is a serious concern about the “lost year” of education, perhaps it’s time to re-think what actually is important to learn, why and why not.

I’ve been though a good number of low-grade State Universities and did a stint in Europe which given the age, time and background was a complete failure from a degree point of view but has paid enormous dividends personally over my lifetime.

I got the Big Shock in Europe, the system there is/was needlessly mind numbing, completely dependent on rote-thinking and memorization of arcane topics. What it had was tremendous discipline, about particular topics. Subjects weren’t “over view” courses, they were deep dives. Many of my fellow students drowned, long before they could find their way through the rigid system: they went Home to Sweet Alabama.

US Universities with liberal arts don’t care too much about the deep dive but more about putting things together from various disciplines. Many foreign students here find the courses far too easy but they also cannot connect two completely different concepts into one thread.

Europe studies are what is called in video games: A rail shooter game. Follow the rails and don’t stray.

US Universities have no rails and you can fall into the Debt Pit and be 100% Unemployable even after advanced degrees.

Something needs to change, it likely will but exactly how it will change and what will be gained/lost is in question.

I’ve always admired French Penmanship. Everyone writes exactly the same way with their nice fountain pens, the letters are lined up perfectly, the spacing impeccable.

We don’t do cursive any more in the US. Our penmanship skills do not exist and were never that good in modern times.

name.withheld.for.obvious.reasons March 23, 2021 10:23 PM

I’d like to extend a thank you to Bruce for his platform and in promoting a multidisciplinary subject matter cross pollination ; coalescing disparate technology realms and expanding the scope of subject knowledge domain in the process. Kind of like AI, without the A.

The additional benefit, the ability to enhance our understanding of topics and provide or allow for deeper insights and expand the knowledge domain; information may or may not have a direct relationship with other off-topic information found at Bruce’s house, but that’s the point. An open, secret, rave.

As in a marriage formed by individuals coming from completely foreign and different cultures, it is the bond between two individuals that allow us all to see anew–through their eyes. A pairing as such can lead to a breakout of peace, or sadly, war (The human EULA).

Weather March 24, 2021 12:02 AM

@slf
The hardware used is old, new 1 hour to get displayed the chars used in the password, you then just have to sort out the order.
As before but the range has increase to 32 bytes.
Sending it to cert type of.

What question do you want to ask? Its not to crackers.

MarkH March 24, 2021 4:08 AM

@Clive:

You are an inexhaustible fount of learning for me. Until today, I’d not heard of the Marx generator — what a clever gadget!

It would be interesting to compare the performance of the personal safeguards you described to military facilities designed to resist nuclear EMP.

On a personal note, either your different time zone is a metaphor, or you’ve traveled a significant geographic distance … given concerns you’ve expressed, I’ve been supposing you’d want to stay close to home. For my own part, I’ve kept within about 120 km of my house since the pandemic started, and only traveled in family automobiles.

Whatever your space-time coordinates may be, I hope it’s working well for you!

Clive Robinson March 24, 2021 4:29 AM

@ SpaceLifeForm, Bruce, ALL,

Evergreen performance problem.

Has potentially turned into a major supply chain failure, that could cause hundreds of ships to be delayed and potentially some cargos lost. Though it’s mainly oil that moves through the Suez canal currently in tankers almost as big.

Whilst there is a some amount of slack in international shipping to alow for bad weather, it can quickly be used up. So after a relatively short time of a week or less the delays caused by this incident will like the ripples on a pond from a stone thrown in the middle, spread out and continue for quite some time after the blockage is cleared. But, as cargos will stack up on docksides and backwards into road, rail, and other infrastructure in many countries there is one heck of a lot of money at risk in what is a fairly cut throat business (as I’ve mentioned before, some things like oil pipe lines can not just have the tap turned off as they will cool and start to become quite viscous).

On the plus side COVID has reduced shipping volumes of late as countries in lock down are not oroducing trade goods (but they are still importing).

However when you look at the problem, it’s one of those things that looks easy on paper (or in this case electronic chart). But that’s rarely the case with groundings.

As to why it happened, my first guess would be around the minor problem that to maintain stearage way such a large vessel needs to move above a certain minimum water speed (not ground track speed). Get below that speed and things become unstable, and a fully laden ship that size has quite a bit of sail area and inertia to contend with[1]. It’s why in ports large vessels are moved around by tugs that pull from the bows and hold back from the stern etc, as even minor changes in wind direction or force can have big issues.

Also the bottom of the canal is not exactly going to be flat so as the bow and stern aproach the sides they are going to ride up, over, and dig in. Which will make it almost like a latching motion. If the bottom is silt/mud, as the vessel settles water gets squeased out and as anyone who has had to contend with two sheets of glass that have got water in between the level of suction can quickly get to the point where breaking things is likely to happen.

If memory serves correctly the navigation is a pilot way, which means that a pilot who is very experienced in navigating the canal from the “port authority” is brought on board and is effectively in charge and any orders they give should be obayed by the helmsman…

Unless a clear cause as to what has happened is shown such as mechanical failure or unexpected adverse weather or similar, then “things will get legal real fast”… And probably quite political as well…

In a normal “grounding” which this is not, you generally wait for a change of tide, and move or remove cargo over the part of the vessel that is grounded. However movment of any cargo needs to be done with considerable care. As big though the vessel is, it’s not realy that strong and the wrong strain could permanently damage the vessel if not cause it to buckle and “spring plates” and start to take on water.

All though the canal is tidal I can not remember what the range is but I don’t think it’s that large. We are just past the first quater (neep tides) and approaching full moon (spring tides). Which means the high tide hights are increasing and will be highest around Tue next week.

Lets put it this way, I’m glad I’m not the one who has had this land on their door step it’s going to take a lot more than “shovels and brooms” to clean the mess up.

[1] There are other interesting effects to contend with as well, caused by hydrodynamics. One of which is when a vessel is in a flow of water as it gets close to another ship or dockside it can be “sucked” towards it, which makes obtaining stearage way harder.

Clive Robinson March 24, 2021 5:01 AM

@ MarkH,

On a personal note, either your different time zone is a metaphor, or you’ve traveled a significant geographic distance

You missed the other option which is “working with” pepole or objects in a different time zone for their conveniance or as they dictate…

As they say “time is relative” and whilst on the earth most but not all things are locked to the Earths rotation, not everything is, the tide for instance which is important for “wave power” and to a lesser extent “wind power” is effected by the moon.

But “Solar weather” is a biggie for me as it effects radio propagation, and as some will know things are starting to settle down after solar winds from a coronal hole, the past few days,

https://www.metoffice.gov.uk/weather/specialist-forecasts/space-weather

A side effect of such holes is fast solar winds thus higher numbers and energy of charged particles effecting the ionization of the upper atmosphere. So Sat Comms from mid HF through VHF/UHF and into the microwaves are negatively effected and even the likes of GPS gets a little bit more flaky[1].

As it looks like we are finally entering solar cycle 25 and the sun will get more frisky we can expect somethings to get better like HF skipping around the globe more easily, but comms working through the ionosphere to get worse hence degraded sat comms.

[1] https://www.barrettcommunications.com.au/news/does-solar-wind-have-an-effect-on-hf-radio-propagation/

Clive Robinson March 24, 2021 5:24 AM

@ ALL,

I’m hearing news that several Danish health agencies think we are giving the COVID injections wrong, and that this may be the cause of the extreamly rare blood clots.

So whilst they investigate further they are recommending a change of procedure, which will slow things down a bit.

As a general rule vaccines are injected onto muscle not blood vessels. In the past when volumes of injections were larger, the recomnended proceadure was to “aspirate”.

Put simply when you’ve drawn up the vaccine, you push the needle into a suitable muscle (which used to be your back side for those a little older than others). Importantly even though the odds of having the needle in a blood vessel is low, you pull back on the syringe plunger. If blood appears in the syring you resite the needle to ensure it’s in muscle.

However for various reasons the pull back on the plunger appears to have stopped being taught some time after the 1980’s (when I was taught how to give people the needle when wearing the green 😉

So yes there are reasons why vaccines should not go into blood vessels and thrombotic events are one of them.

If that is the cause or not nobody knows, but it would appear to be a wise precaution anyway.

Other concerns have already been voiced by others about people being injected to low on the deltoid muscle thus hitting it where it is thin or not hitting it at all. A part of this is down to the clothes people wear. Rolling up a longish or tight sleeve is going to make the job a lot harder for those giving the injections to do it right…

Nik March 24, 2021 7:00 AM

Very timely information here. I still have a house in Evergreen CO and read some headlines that evergreen is in trouble, I was concerned. Then I read up on the ship. Apparently the MV Denver ( The city of denver is close to the city of evergreen ) got cut off by the ship (named EVER GIVEN) which got stuck in front of them; supposadly due to a power outage….. Now the nose of the ship under water is rammed UNDER the quay and they are using a tiny (relative in size to the 400m long vessel) excavator to dig it out and all the tug boats available. Still Stuck. For a chuckle look at the route of the ship before entering the canal

In parallel I also had a ligthning strike hit and disrupt the power. A broadband antenna (30m tall) I rely on is not functioning. Thus I was researching lighning protection and saw that @Clive was talking about it.

(The internet is still down there; supposadly one has to unplug the POE for the antenna in a box at the bottom. There is a $2 combo lock that refuses to open. My wife was not able to cut it with bolt cutters. The technician also was not able to open it. Good that she has a POTS – the only way to communicate Since we have not set up a HAM / antenna tower.

The roof is copper and shields very well. Thus I was looking into external antennas / radio/tv and how to protect the roof (and power) from lightning.

Synchronicity !

Clive Robinson March 24, 2021 12:01 PM

@ Weather, Winter, ALL,

I’m sorry certain “not suitable for work” behaviours are still going on.

The intent appears not to be at individuals as such, but at anyone, as it gives the attacker the excuse for their apparently childish and idiotic behaviour.

I suspect the real target as such, is by making this blog unusable to many, getting at the blog owner our host @Bruce.

What the motivations for that are could be many / any / none but mostly not comprehensable to anyone of normal sensabilities or reason. So look on the behaviours as in effect the childish scrawl of bad graffiti without purpose.

In effect behaving as a scavergibg mange ridden mutt[1] widdling up against every lamp post if for no better reason than to advertise “An unhouse broken idiot has been this way and left it’s malodorous outpourings”.

The sad thing though when you think about it, is that they need some “automated assistance” to appear to be anything other than a “spoiled brat” having an endless “terrible twos hissy fit”…

[1] https://en.m.wikipedia.org/wiki/File:Street_dog-Gianyar_Bali-2009.jpeg

Scrutinizer March 24, 2021 12:14 PM

@All:

Neither am I, nor do I think people of different cultures should be jammed together into a homogenous mass. For each ounce of ‘protection’ a governing body offers, it takes a pound of flesh. The beast grows fat and wanton quickly; maybe it takes about 2 or 3 generations. Quite possibly less.

I don’t think this world offers unending peace at any juncture, but government is a tool best kept in the shed until there is a situation that demands unity at the price of extinction. Otherwise it will tend to create such events to justify it’s own continued existence.

Look at what we have, a planet full governments so in need of a purpose, the most recent enemy isn’t halfway across the globe, but a truly invisible boogeyman lurking in your neighbor’s every exhalation. This they can all unite over, until the jig is up.

What do you think the next cardboard cutout enemy will be? Personally I’m not sure, but I think the CCP will be the last. And that’s a hefty damn bite for a chubby piggy

NickPick March 24, 2021 12:16 PM

@ALL:

In January 2018, the U.S. Embassy in Beijing took the unusual step of repeatedly sending U.S. science diplomats to the Wuhan Institute of Virology (WIV), which had in 2015 become China’s first laboratory to achieve the highest level of international bioresearch safety (known as BSL-4). WIV issued a news release in English about the last of these visits, which occurred on March 27, 2018. The U.S. delegation was led by Jamison Fouss, the consul general in Wuhan, and Rick Switzer, the embassy’s counselor of environment, science, technology and health. Last week, WIV erased that statement from its website, though it remains archived on the Internet.

https://www.washingtonpost.com/opinions/2020/04/14/state-department-cables-warned-safety-issues-wuhan-lab-studying-bat-coronaviruses/

Summertime oh so warm and nice Summertime March 24, 2021 12:21 PM

@ Clive the ad hominem one and zoonotic one:

Why bother with the source if you actually can smear the poster to justify your ignorance instead, right? You clandestine CIA-NSA operative.

Lol, it was purely a coincidence that the epicentre was a couple blocks from the only BSL4 lab in China. Purely coincidence also that the lab was doing gain-of function researchvon bat coronaviruses. Purely coincidence that the Wuhan lab had a past record of viral leaks and poor containment procedures. Purely coincidence that Fauci and Gates were funding this same research. Purely coincidence that the closest viral match is a bat coronavirus native to bats who live 1300km from Wuhan. Purely coincidence that the virus cobtains an HIV clamping protein that has never evolved in any other coronavirus. Purely coincidence that they did a dry run (Event 201) just before the “pandemic” kicked off. Purely coincidence that leaders from around the world – in an unprecesented display of uniformity- were reading from the same playbook from the start. Purely coincidence that these same oligarchs and politicians have gained an unprecedented amount of wealth in one year.

In short, it’s all just coincidence. No wonder people thing conspiracy theorists are nuts.

MarkH March 24, 2021 1:10 PM

What I learned from the story of the container ship jammed in the Suez Canal, is that there’s a website — vesselfinder.com — which not only shows the real-time position of nearly all commercial craft, but does so in such detail that you can see the angle of Ever Given to the course of the canal, and count how many tugboats are adjacent to it in the effort to get it freed.

I suppose I should be used to this by now … there’s a comparable site for commercial aviation.

But our new Universe of Surveillance still has the power to startle me.

MarkH March 24, 2021 1:22 PM

@Clive et al:

A few days ago, I wrote on the Commenting Policy thread that the recent eruption is like a Denial-of-Service attack, and proposed a discussion of how the more active constructive commenters might participate in keeping things in order … my observation and suggestion seem to have been deleted by the mods.

I’m sad to see this “poisoning attack” continue.

What can be the impressions, of people looking in on the blog who haven’t visited before, or return after a long time? If I were a new visitor, I’d probably decide not to look again.

JonKnowsNothing March 24, 2021 2:31 PM

@Clive SpaceLifeForm MarkH Weather The Real Winter @Bruce @All

re: The effects of regurgitated postings

TBH it’s rather daunting the effects of the attacks on the blog and that’s precisely the point of them. They are by all measures repugnant and add nothing to the exchange of information other than to show how difficult it is to have global conversations over topics that encompass many views without descending to the worst common denominators.

The overarching problem is exactly how to deal with such intrusion and of course, once one path is blocked another method will be attempted.

Some of the video games I play deal with this on a moment to moment basis, where they have EULA/TOS and COC (Code of Conduct Rules). They also have control of the login accounts but that’s not actually a great block as the Game Spammers have scripts to create many accounts. These pests are of two types: one is like our current groundhog with salacious, libelous posts; the others are for the most part prisoners located in countries that use such labor for “income streams” (aka gold farmers). If the prisoner-labor player activities are within game CoC (leveling a toon) they can often pass beneath notice; once they try to sell their farmed-level-toons or objects the moderators block, ban and hammer that account. The main method of instant action is “report and ignore” which blocks view of the offenders texts and sends a report to moderators.

Such systems though won’t work in this context as they require a ticketing system, notification, method of ignoring accounts, validations of handles (no duplicates allowed) and full time hired persons to verify and click the Ban Hammer.

The saving grace of our current system, is that it’s still text based. Over on FB/Twit and the other social media, those moderators end up with PTSD after viewing the worst images and videos; the depravity is beyond comprehension.

It maybe a condition of the our society, connected strongly with HIPers, NoMaskers, NoVaxers and all the other NIMBY groups.

I hope our host finds a suitable solution rather than pulling the plug.

Winter March 24, 2021 2:44 PM

@JonKnowsNothing
“I hope our host finds a suitable solution rather than pulling the plug.”

I see only two solutions:
1) Crowd sourcing
2) Machine learning

2) ML required shiploads of data. This would only be feasible if many websites could pool their efforts.

1) Could take the form of random Captchas. You have to rate comments to be allowed to post a comment. Comments rejected by, say, 4 out of 5 taters would be removed. Rated comments can then be used for ML, like Captchas are used.

This has all downsides, I know. Moderating too has its own downsides.

However, if it was this easy, FB, Twitter etc al. would have introduced it by now.

SpaceLifeForm March 24, 2021 3:35 PM

@Clive JonKnowsNothing MarkH Weather The Real Winter @Bruce @All

Consider: User gens a keypair. User announces Pubkey. When commenting, User creates a signed blob included that is verifiable via previously announced Pubkey.

Must track Pubkeys with handles.

There are other issues that I am intentionally not adressing here.

Not simple, not easy. Just a thought.

MarkH March 24, 2021 3:46 PM

@All:

For what it’s worth, I have visualized a two-part response:

1, Provide special logins for a couple of constructive commenters who have a long history of checking in frequently (Clive is the most obvious candidate) providing the ability to delete comments — subject to the agreement that this power be used only for limited (absolutely out-of-bounds) categories of transgression. Any “gray area” comments would be left to the usual moderation process.

2, There are plenty of capable software geeks here who could contribute to the creation, refinement and hosting of a bot that could flag pollution (with an intensity rating), and send out notices to a list of moderators.

If the worst comments had a mean lifetime of a few minutes (abusive comments often persist for hours, and obvious ad spam is sometimes permanent), that would both (a) present much cleaner comment threads on average viewing, and (b) likely deprive the offenders of much of the “payoff.”

IMHO, this:

• could significantly mitigate the problem
• would require little or no change to the platform software
• would add nothing to the burden of time and money borne our generous host

Whatever form it might take, I hope that something can be done.

Chris March 24, 2021 3:56 PM

Long time not see
I decided to cut down schneier since i was adicted to it
so its now more than a year i have been here.

Last time i remember someone called anders telling what every you do dont fly
I was thinking the opposite, not because of a virus but since i thought it was a hoax destroing everything, easy for me to say now you say, but i did say it.

Any which way forget about the politics
I have done somet progress to my personal “security” i stopped using mint and went arch based manjaro all the way, it was my newyears resolution, i thought actually it was going to end really bad since look at my fstab for starters
/dev/mapper/luks-616b3be2-a2f7-46da-82f5-bfc07637b3cc / ext4 defaults,noatime 0 1
/dev/disk/by-uuid/3f11ba67-49e4-4a17-97b2-de1297dfa707 /home auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=HOME 0 0
/dev/disk/by-uuid/498506f6-a3a5-4a6a-acbe-d1d10fd79a8d /data1 auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=DATA1 0 0
/dev/disk/by-uuid/7906fd6d-59f3-4ce4-9db4-0b27acb05686 /data2 auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=DATA2 0 0
/data2/swapfile none swap sw 0 0

But it went ok, i didnt even bother to reinstall it from scratch i just migrated to my /home/user directory directly and voila, power of making right decicions earlier payed of it worked fine. I used cinnamon in mint and i migrated to cinnamon in manaro, fine almost.. some hichups but not much

Part from that, one year has passed and ive made new newyear resolutions, last year i thought i would say going from manjaro to arch would be it, but naa too easy, what i did instead was White Lists only

And 2 days ago i finaly took the step to DNS whitelist my whole environment
Thank good for dnsmasq
Yeah its not for everyone, i put my bookmarks as dns entries and i went from there, it took less than 4 hours to figure all out

Then we have the normal surf and turf
My search base is local hosted searx nu that also goes throuh a whitelisted firewall towards TOR using a tor based polipo chain

And then that old shitty going to stuff not in your bookies
i have now started to use the Normie based Brave, which has a rightclick to TOR and that comes in handy there

Oki doky what more do we want, ARCH based linuxes and Whitelist everything
Hurray for freedom 🙂

//Cheers
//C.L//

Weather March 24, 2021 4:33 PM

@mark h group above
I’m apprensive to mention this, but say the server records port number and seq/ack and say by time delay works out a VPN client is in Australia, you can send multiple connection to au range, the ISP route will happily forward the packet, as long as the VPN host doesn’t change those headers.
Its not like the old days were you got the street number and a picture map of the area.
IP network is basic its the stuff above that does the processing.

SpaceLifeForm March 24, 2021 5:18 PM

@ ALL

Ever Given is seriously stuck.

You can tell from the pics and paint vs waterline.

Looking at minimum of weeks.

If the extraction is not properly managed some real bad things can occur.

Years long disruption.

Should be a rule that length of ship can not be greater than two thirds of width of canal.

That does mean to imply that this ‘accident’ would not have happened. Just that there would be more ‘room to work’.

SpaceLifeForm March 24, 2021 5:50 PM

@ MarkH, Clive, Bruce, Moderator, –

I’ve brought this up previously.

The WP software has a spam folder, and we could drop the obvious junk there.

If someone complains, we have two weeks (default) to pull it back from spam folder.

It’s still a PITA, and no one really wants to do it.

Also, there are spammers posting to years old articles. So, you have to pay attention to the recent comments page too.

vas pup March 24, 2021 6:15 PM

@Weather • March 23, 2021 6:27 PM

Technology is neutral. Application is making it good or evil.
If you want my point – that is just my personal opinion – banning is required to anything which higher probability to be used for evil than for good.

Responsibility should be not for possession, but for malicious usage. When punishment is hard (like in US Justice system – many years in prison for non-violent crime), then cost benefit analysis should be in favor of NOT using such tools for evil, but you need to have them available for LEAs (based on court order), IC for their legitimate purpose and any other citizen for research and training IT security professionals.

@Clive Robinson • March 23, 2021 6:57 PM
Thank you for your input. Agree with you on multiple points.

E.g. China: kids must learn at school STEM + music (piano or violin) because those two develop both hemisphere of the brain (each targeted other part of the brain). As result you get harmonious brain development and synergetic result of brain power as a whole.

Government should provide FINANCIAL incentive to go to STEM field rather than liberal arts: grants, cancellation of student debts, etc.

Another issue, in US it a lot conversation about liberty and freedom, but substantially less about RESPONSIBILITY. And one could not be viable without other.

@ALL – thank you for your inputs on my post.

MarkH March 24, 2021 6:27 PM

@SpaceLifeForm, re Suez Canal clog:

A 2/3 of width limitation would be a practical impossibility.

Look up Suezmax, Panamax, Neopanamax and Seawaymax to get a picture of how vessel sizes are related to the dimensions of narrow waterways which carry large volumes of seaborne commerce.

I hope that your “minimum of weeks” proves to be too pessimistic.

My resolutely uninformed vision is that when the appropriate equipment has been brought to the site, it will be a matter of a dozen to a few dozen hours — not a comparable number of days — before Ever Given resumes its merry way.

My fearless non-authoritative forecast, is clear by Saturday.

MarkH March 24, 2021 6:49 PM

PS re Suez:

The vesselfinder site also shows quite clearly the dozens of ships idling at either end of the Suez canal.

I didn’t attempt an actual count, but estimate 50 to 60 are “parked up” pending resumption of canal traffic.

The pressure’s on …

Clive Robinson March 24, 2021 6:50 PM

@ SpaceLifeForm, ALL,

Should be a rule that length of ship can not be greater than two thirds of width of canal.

Desirable as that might be, I can tell you it’s unlikely to happen.

The resason is the upgrade to the canal which apparently cost around 8billion dollars equivalent, needs to be paid back from earnings.

That might have started happening pre-COVOD, but the demand for oil which is one of the primary cargos has dropped significantly, as have other cargos.

It’s hard to put figures together from disparate reports but as I inderstand it they need between a hundred and fifty and two hundredd large vessels a day each way and they are barely managing fifty before this event.

It’s been reported in the press that the cause was a strong wind… Yes the vessel has a very large sail area on the beam as I’ve mentioned, but the vessel would also have to have been moving dangerously slowly or slower not to have had sufficient stearage way to correct for it.

The other thing we need to know is at what state of the tide the accident happened. As far as I can see for Suez current tide tables it would have happened just after the neep tides but I don’t have sufficient information to apply the twelfths rule and multiply it out to find the grounding hight when it happened. Hopefully it happened shortly after the low tide point thus the stress on the ships hull will be a lot less.

But every day that ships are not moving through the canal the more effective debt is being built up…

name.withheld.for.obvious.reasons March 24, 2021 9:54 PM

@ Clive

remember those gas discharge avalanche switches that fire at upwards of twenty thousand volts, or even the now easy to make UV triggered spark gaps

Reminds me of the Tektronics scopes that were buried in the Nevada desert during hydrogen bomb testing, primarily for shielding. There have been several variations on avalanche switches that are quite effective at producing/withstanding high current and voltage emissions. One type of switch control that is robust is mercury based. But again, I’m not telling you anything you don’t already know. But, I do have a story to share about a stage 2 research project that failed due to political manipulation, and it is worthy of a U.S. Senate investigation.

Seventeen stage cyclical pulsed Marx generator with a one second cycle time. Point the balum forward, stand behind the edge of the balum deflection between the end-gap. Start triggering the device, can achieve a rep-rate of 1 per 100ms with rotating switch producing an average E field reaching about 1MW effectively (oh yeah, who wants to hold on to the d-dot in front of the emissive portion of the antenna–say standing at a harmonic component of the integrated cycle of the triplet? The bench version of this gun looks straight out of a Flash Gordon movie, the contours and edges of the antenna for example resembles nothing like what one might expect. And to call it an antenna is a misnomer, no ones going to want to have a receiver anywhere near it.

Imagine this device is portable, like the old analog cellular phones. Backpack and a funny looking wand (well kind of, just unwilling to detail the device). Dielectric breakdowns are rapid on the balum/gap edges. Haven’t tried tungsten coating by way of vapor deposition yet. And someone keeps dropping our d-dot probe one the floor.

SpaceLifeForm March 24, 2021 10:35 PM

@ MarkH, Clive

Suez Canal issue may be worse than I thought.

Clearly, the bulbous bow is really stuck. Massive tonnage of weight resting on rocks and sand.

But, reports are the stern is grounded also. Hence my two thirds rule.

It looks like the plan now is crane barges to lift off containers and reduce the weight. How soon can the crane barges can arrive on scene? How many crane barges can operate at the same time? Maybe 4 per side? If they can safely move 2 containers to shore per hour per crane barge, looking at 16 containers per hour. I think I am being optimistic.

This must be done VERY CAREFULLY or bigger problems can result.

I will not be surprised that after removing half of the containers, it will remain stuck.

If this gets resolved in 4 weeks, I will be surprised. If it takes 4 months, that will not surprise me either.

All involved are checking their contracts for force majeure.

The consumers will ultimately bear all of the costs.

SpaceLifeForm March 24, 2021 11:02 PM

@ MarkH, Clive

Best high tide is sunday monday. But I have found no one that is optimistic.

Next good high tide will be two weeks later.

MarkH March 25, 2021 12:57 AM

Re Suez:

About an hour ago, the number of bottled-up ships was estimated at 150.

Reportedly, Ever Given had two pilots aboard from the canal authority at the time of its grounding, and speed just before the grounding was 12.8 knots, compared to the 16 knot maximum speed limit imposed by the authority.

Winds were gusting just above 30 mph, and sandstorm conditions might have contributed to difficulty for the crew.

From some cocktail-napkin figuring, I estimate that removing 250 containers along the ship’s length would reduce its draft about 30 cm, both bow and stern.

It still seems plausible to me that once the appropriate equipment is on hand, resuming canal traffic will need not more than a day or two.

Salvage crews, tugboat captains, and nautical engineers have a lot of experience (probably, in general, more experience than they might have wished) in solving giant-scale mechanical problems related to shipping, and there’s a lot of impressive equipment afloat.

================

News outlets are now reporting that the concentration of idled shipping at either end of the canal may be a worrisome target of opportunity for attacks.

Maritime insurance companies are bracing for a heavy hit from compensation of delay-caused financial losses.

quantry March 25, 2021 1:02 AM

cheers @all. great discourse, as always: worth filtering manually by eye at this end, IMO. It seems it should be obvious to anyone what to ignore, given all the practice. Just need a lowball / humble volunteer who is suitably anal and interested in panoramic subject areas. Pick me. Hate WP. (I’m an HTML/CSS purist.) Almost off-grid tho; vis current haters…

@Winter, no malice intended but, re:”COVID conspiracy thinking”, perhaps I mistook your “CRISPR/CAS” comment as inferring that there is more potential for tailor made viruses? Almost seems like a given. I’m looking for 2bn deaths by edit #4. Inconceivable?

SpaceLifeForm March 25, 2021 1:35 AM

@ MarkH, Clive

Apparently, ships that are stuck on the south end are being tugged backwards.

So, they know this is going to be some time.

I have a plan, but no one will like it. It would require 2-3 months of closure. But, after a couple of months, maybe my plan would make sense. It would be the safe plan. Very expensive, but would work. Probably could do in two months with lots of manpower and equipment.

Hull breach or safe plan? Re-open Suez Canal in months, or risk canal blockage until next year or more? Your call.

Weather March 25, 2021 2:17 AM

@slf
Yeah a hull breech would fix the situation and stop future groundings.
I recommend getting a couple 4*4 and chains and pull the ship onto shore, the Ford ranager has a couple ton tow capacity 🙂

MarkH March 25, 2021 2:42 AM

@SpaceLifeForm:

A prosaic explanation for clearing vessels to the south, is to make way for (a) needed equipment and (b) removal of the stranded ship once free.

Time being of the essence, rapid measures are surely at the top of the list.

As far as public info goes, the hull is intact, the ship is substantially upright, its mechanical systems are functional, and it’s in a situation of minimal wave impact. Also, most of the hull seems to be sitting 8 or 9 meters above a flat bed.

With some combination of dredging, lightening and high tides, there will probably be little or no “progress”. The thing will be stuck right up to the moment it begins to move. Typical modern tugs can exert a steady force of about 50 tonnes — each.

JonKnowsNothing March 25, 2021 3:01 AM

@SpaceLifeForm MarkH Clive @All

re: Overstuffed Boat Sausage in the Suez

The immediate fix for those boats able to be pulled out of the canal is:

  • The Cape Route

It’s Old Tech and Still Works.

They best get a move on if they hope to get anywhere near their ports of destination soon. Too bad they gave up sails for petrol, or they could do the whole exercise for no energy costs.

If it’s not a stuck boat sausage, it’s a lock failure, silt up and Beelllions of Dollars, shackling the canal countries with enormous debt with little or no benefit to their own population.

Since the Suez Canal opened, the Cape Route has been used when passage through Suez is refused, or by Capesize ships. In the 1904-05 Russo-Japanese War, the Dogger Bank incident forced the Russian fleet to sail around Africa.

Maritime insurance companies are no doubt aware of the classic passage and will be directing boats to go that way to mitigate claims.

ht tps://en.wikipedia.org/wiki/Cape_Route#Use_during_Age_of_Sail
ht tps://en.wikipedia.org/wiki/Cape_Route#Suez_Canal
(url fractured to prevent autorun)

SpaceLifeForm March 25, 2021 3:11 AM

@ Weather, Clive, ALL

Silicon Turtles again. Yes, another Rabbit Hole.

I failed to mention sequences of NOPs previously, because I thought that would distract.
Here you can see they are useful.

This is amazing digging.

hx tps://blog.can.ac/2021/03/22/speculating-x86-64-isa-with-one-weird-trick/

If storks are busy delivering babies, where do micro-instructions come from?

Clive Robinson March 25, 2021 3:36 AM

@ SpaceLifeForm, MarkH, Weather, ALL,

Clearly, the bulbous bow is really stuck. Massive tonnage of weight resting on rocks and sand. But, reports are the stern is grounded also.

Yes it’s not hard to visualize a likely senario in your mind.

First think of a cut through of the canal. In essence you have one simlar to if you cut through a “pizza box”. The big difference is instead of nicely square at the sides that would erode, you have a slope of rocks/sand/mud that absorb much of any damaging wave energy caused by not just tide induced movments but ship movments as well (think in terms of “equall and opposit forces). If you want to push X tons forwards a minimum of X tons has to push backwards at the same effective rate, thus the screws on those vessels are very large very powerfull water jets in such a constrained channel hence a maximum speed.

So you have a vessel moving forward at around 20kph or 5.5m/S with a very large underwater proboscis –gives better efficiency– with a fully loaded tonnage behind it. That is one heck of a lot of energy.

Now for some reason unknown the vessel skews of to starbord and that proboscis syarts to “trench in” and becomes a pivit point around which a vector to it’s left the stern has no choice but to come around and ride up on the side slope on the port side of the canal.

You now have the entire ships mass in effect supported by just the bow and stern as the tide hight drops.

Now if you do a quick triangle of forces calculation with the assumption that the entire ships mass is downwards at the center of the ship and you then do a tension calculation for the keel and a compression calculation at the deck level you can see why they are going to be worried about buckling of those welded segments that make up the vessels hull.

A marine architect will have to do the finer calculations but Ever Given may now be an insurance write-off. As well as bring stuck tighter than a barnacle…

Thus do not be surprised if they start unloading from midships first and move incrementally to the bow and stern.

Whilst crane barges are common, I doubt there are many of the size required. Or that of those that are available are either close or can get up / down the canal.

So step one is locating and contracting, and whilst that is in progress “clear the canal” of all non related vessels.

It would probably be easier to build a gantry on the vessel to start the unloading process. But that involves getting the metal work on site and jury-rig up other gantries first.

Which is whilst in the mean time they will try to re-float her.

Then of course will be the interesting “salvage cost claims” to be argued by lawyers for the next half dozen years or so… It’s going to be a long and expensive journey in a time of shipping recession…

Anyone remember why a Beruit warehouse blew up half the port in August last year?

Yup because a judge decided that was where a seized cargo of amonium nitrate should be stored for “good and propper legal reasons” but not “good and propper safety reasons”…

MarkH March 25, 2021 4:22 AM

Re Suez:

I’ve been doing a little more reading.

It seems that along the whole length of the canal — nearly 200 km — not more than about 100 m required rock blasting during the canal’s construction. The rest is sand, clay, and some gravel.

For this reason, almost all canal construction and expansion has been accomplished by dredging machines: it’s a matter of scoop and dump.

There may be some stone or concrete facing on the banks, brought in for erosion protection, but that would be neither thick nor structural.

The geology of the canal route near the town of Suez (where the ship is aground) is reportedly all clay.

This might ameliorate the “broken back” stresses Clive envisions as the tides shift, if the beached ends cut down into the clay as the tide ebbed. In any case, there seems to be no plan for Ever Given to go out under its own power; it will be towed, and I suppose must be presumed to have some damage.

It seems to me that removing clay from the ends of the stranded vessel will be fairly safe and easy, once the appropriate equipment is onsite.

Elaborate / exotic / lengthy strategems? I see no need for them. Digging and transporting a few thousand cubic meters of clay is the sort of thing people have been doing for thousands of years. Probably it can be done even in 2021, unless we lost the formula!

Goat March 25, 2021 8:25 AM

@All,
re:”reading from memory ”

Strangely reminds me of the never ending argument of Human Memory and its relevance in the digital age…. Moonwalking with enistien was the book name I suppose though i forgot the author 😉

Weather March 25, 2021 9:00 AM

@clive all
What do you make of tps://blog.can.ac/2021/03/22/speculating-x86-64-isa-with-one-weird-trick/ that slf posted?

Clive Robinson March 25, 2021 10:17 AM

@ MarkH,

Probably it can be done even in 2021, unless we lost the formula!

Funny you should say that but in many ways we have…

A couple of weeks back I eas explaining the “S-Plane” and Laplace transforms to my son.

Who naturally asked
“What’s the point of doing them?” was. Which is a fair point. So I explained that before computers to do number crunching for us and take the time and the drudge out of doing longhand maths we had shorthand techniques not involving mechanical calculators. Part of the explanation was “Slide Rules” of which I have several and still use as for some things they can be extrodinaraly fast[1] even beating asking a computer or pocket calculator.

I went on to explain that slide rules were just a way of replacing log table look ups. Which we had to learn how to do when young. It’s also the reason we have the Decibel calculations in electronics, because just by memorising a few things you can do ratios, multiplication and division using just addition and subtraction and even the square and square root and other powers and importabtly roots by just using simple multiplication and division (that you can do using the tables and addition and subtraction).

But who remembers what came before log antilog tables?

Well astronomers had very carefully calculated tables of sin cosin etc to 1 part in ~1.3million (360degrees times 60 minutes times 60 seconds). Or about 6 significant digits.

Which brings us to “trig identities”

SinA.SinB = 0.5(cos(AB)-cos(A+B))

You can multiply A and B by a sub, add and look up in the tables.

This method is called “Prosthaphaeresis” and for a quater of a century befor log tables was in Europe the only way to do multiplication and division quicker than long hand[2],

https://en.m.wikipedia.org/wiki/Prosthaphaeresis

We later had hundreds of printed tables and mechanical equivalents for all sorts of things from Navigation through probability for life expectancy and similar Actuarial purposes. All of these were calculated by humans[3] and which Charles Babbage claimed to be able to replace with a more accurate more reliable and above all much faster mechanical calculating machine. That if he had finished building it would have given us the first progamable computer, as was shown when the UK Science Museum actually built both the difference engine and Analytical engine. However whilst Babbage failed to compleate the device, his work gave rise to one of the most important things to the world without which almost nothing man made you see around you could have been built. What he gave us through his mechanical contractor Joseph Clemant and his journyman Joseph Whitworth (later Sir Joseph) was the “Standard thread” on nuts and bolts so bringing about the ending the supremacy of the “artisan” craftsman and the birth of the precision “engineer” and forever changing the meaning of “Manufacturing”.

[1] When you are biasing electronic circuits for instance you are looking mostly for a ratio that is R = y/x you set the slide rule up to the ratio R and just look down the scale looking at standard resistor values. If the one above is close to another standard value you are done in maybe 10-15 secs you’ve checked all the possible values with just a sweep of the eye. Which is not much diferent to the time to check just one standard resistor on a pocket calculator. Likewise you can sanity check other calculations just as fast.

[2] There is an argument to be made that a primative form of mechanical calculator the “abacus” in skilled hands is still faster than electronic calculators. Thus would have been faster than longhand by a very long way.

[3] The term “Computer” like “typewriter” does not mean what most of us think thrse days. They were infact “job titles” of people that did a specialised job. In the case,of “Computer” it refered to someone who sat there all day long twelve hours a day, six days a weak doing computation for others. About the only job title you might still find related to this is “Comptroller” who would be the equivalent of the chief accountant in a modern company.

Winter March 25, 2021 11:01 AM

@Clive
“A couple of weeks back I eas explaining the “S-Plane” and Laplace transforms to my son.”

These are the fundament of analog linear filters. The Z plane is the digital equivalent of the S plane. You need the S plane and Laplace transform to calculate how digital filters result in real signals that you can hear, see and measure.

Clive Robinson March 25, 2021 11:03 AM

@ Weather, SpaceLifeForm, ALL,

What do you make of [LINK] that slf posted?

I’ve had a quick read through it.

Basicaly the author Can Bölük, has used high precision timers/counters that Intel provide in their hardware for profiling to build “time based side channels” as precision instrumentation to probe the internal function of the hardware interpreter state machine that expands and serialises CISC op codes presented at the ISA into basic ALU and RTL instructions.

Thereby determaning if the undocumented op codes have function.

Like all good ideas it is deceptively simple whilst apparently more powerfull in effect than even the hardware designers realised. Further it has the “Bleading obvious with hindsight hallmark” which marks it out as worthy of a decent “hat tip” of recognition.

Whilst it reveals these undocumented op codes, what it does not answer is if they are deliberate or accidental in origin. Thus you have to make an educated guess by the “extra functionality if any” they add to the published ISA op codes.

But more importantly it is in effect a new investigatory technique revealed to the public, that hardware designers and manufacturers now know is going to get used against their designs, thus it will have an effect on them of either,

1, Taking more care to hide what they have not documented. Especially if it’s a deliberate “bug door”…

2, Take more care in how they design things and clean up any side effects.

Clive Robinson March 25, 2021 11:35 AM

@ Winter,

You need the S plane and Laplace transform to calculate how digital filters result in real signals that you can hear, see and measure.

Back in the 1960’s and through the 80’s a very large chunk of an engineering degree, was the use of the S-Plane and the Laplace transforms. Because they were such usefull short cuts.

But the truth is just like log tables you do not need them to design electronic circuits, machines or systems. They belong in the “Shutup and calculate” sub group with almost as much powere as the Teamsters Union used to have. It’s something the quantum physics community has fallen into. The basic fallacy is that somehow they will improve “insight”… Realy they do not, I challenge anyone to get real insight by staring at an S-plane plot or a set of tables derived from them.

In fact one of the biggest use of them, to design filters and check circuit stability can be done by the use of tables that I’ve several books of.

If you want insight these days especially with digital filters, you’d be better off writing a program in Python and pushing the numbers out to something like GNU Plot or even Excell. You can then fiddle with the weightings in real time and see what effects you get.

Winter March 25, 2021 12:52 PM

@Clive
“You can then fiddle with the weightings in real time and see what effects you get.”

Numerical simulations have their limits 😉

I think the difference between the real expert and the just-so professional is an understanding of the underlying mathematics.

vas pup March 25, 2021 3:11 PM

Boulder shooting: Mental health hearing granted for suspect
https://www.bbc.com/news/world-us-canada-56527681

“The man suspected of shooting dead 10 people at a grocery store in Boulder, Colorado, has made his first appearance in court.

The presiding judge said Ahmad al-Aliwi Al Issa, 21, would remain held without bail as he granted a mental health hearing requested by a defense lawyer.

The Syrian-born US citizen is charged with 10 counts of first-degree murders. He did not enter a plea in court.”

vas pup March 25, 2021 3:29 PM

Google, Facebook Twitter grilled in US on fake news
https://www.bbc.com/news/technology-56523378

“Tech bosses Mark Zuckerberg, Sundar Pichai and Jack Dorsey are being grilled by US politicians over the proliferation of disinformation on YouTube, Twitter and Facebook.

This latest hearing is the first since the storming of the US Capitol.

Politicians believe that was a tipping point for greater regulation.

==>They have said they plan to change the legislation that protects online platforms from liability for content posted by third parties.

!!!More generally, Congress is considering scrapping Section 230, the legislation that was crafted in the early days of the internet so that website owners could moderate sites without worrying about legal liability, by effectively saying that they are not publishers.

Facebook boss Mr Zuckerberg proposed limited reforms, going further than his two peers.

“We believe Congress should consider making platforms’ intermediary liability protection for certain types of unlawful content conditional on companies’ ability to meet best practice to combat the spread of this content,” he wrote.

On disinformation more generally, he said hateful content made up only a small fraction of what Facebook users saw – with political posts accounting for 6% of what US users saw in their news feeds.

He also outlined the efforts his team had made to counter disinformation, including working with 80 fact-checking organizations and labeling debunked stories. Facebook had removed more than 12 million pieces of false content relating to Covid-19, he said.

He [Mr Pichai -Google] also mentioned Section 230, saying ===>repealing it “would have unintended consequences – harming both free expression and the ability of platforms to take responsible action to protect users in the face of constantly evolving challenges”.

At the time the chairs [two Senate subcommittees and the Energy and Commerce Committee]said:
!!!!!!!”Industry self-regulation has failed. We must begin the work of changing incentives driving social media companies to allow and even promote misinformation and disinformation.”

Finally, I hear voice of reason from Senators – see above!!!
My opinion is: Federal Government should establish basic regulation on security, privacy, editing on content of posts on platforms, and platforms could establish more strict, not less rules by self-regulation.

And as usually, in many issues forest is nor seeing behind the trees.

SpaceLifeForm March 25, 2021 3:34 PM

Hopefully by now, Smit Salvage and Nippon Salvage have made it very clear to Suez Canal Authority to STOP DIGGING.

Because they may be digging a bigger hole for everyone.

They are digging on the wrong side of the bow.

AMANAPLANACANALPANAMA

vas pup March 25, 2021 3:42 PM

Facial recognition beats the Covid-mask challenge
https://www.bbc.com/news/technology-56517033

“Anyone with a smartphone that uses facial recognition will know it does not really work with a mask on.

That can be frustrating – but although masks have undoubtedly thwarted the facial-recognition industry, the technology has also adapted.

It may sound strange but wearing a mask does not necessarily stop a computer from identifying someone.

And there are even examples of the pandemic being used as an excuse to use facial recognition.

…some facial-recognition technologies still work pretty well on those wearing a mask.

In January, a US Department of Homeland Security “controlled-scenario test” found one with a 96% success rate – although the results “varied greatly between systems”.

===>”Based on these results” the department said, “organizations that need to perform photo ID checks could potentially allow individuals to keep their masks on, thereby reducing the risk of Covid-19 infection.”

And although some police forces are using facial recognition less – London’s Metropolitan Police, for example, has not conducted a facial-recognition test for over a year – it is still being used, even, reportedly, at Black Lives Matter protests last summer.

“Even if the use of this technology is temporarily interrupted… that doesn’t obviate the threat that this technology poses both in the short and the long term,” Michael Kleinman, from Amnesty International, told BBC News.”

Even before the pandemic, research had been under way on how facial recognition could work with masks.

In Japan, NEC had been working on a system for people who wear masks because of allergies.

And in January, it announced one it said was 99.9% accurate.

==>It works out whether someone is wearing a mask and then focuses on the uncovered areas, such as the eyes and forehead.

And the company wants to sell it for security checks in office buildings and other facilities.”

“Touchless verification has become extremely important due to the impact of the coronavirus,” NEC told Reuters.”

SpaceLifeForm March 25, 2021 3:57 PM

AMANAPLANACANALPANAMA

I have a plan, but no one will like it. 2-3 months. It is the safe plan versus risk of canal blockage for year or more. Your call.

There are no crane barges big enough to lift off containers due to height of stacking.

https://www.cnn.com/2021/03/25/middleeast/suez-canal-ship-blockage-intl-hnk/index.html

The source added that SMIT is considering unloading the fuel on board the vessel, but that such a move risks capsizing the ship.

“Reducing the loads in such cases must be done from the top, and Egypt does not have a floating crane capable of reaching the height of the containers in the ship,” the source said.

MarkH March 25, 2021 4:35 PM

@SpaceLifeForm:

I agree with you, no one will like it!

Two observations:

[1] There is a crucial difference between:

There are no crane barges big enough to lift off containers due to height of stacking”

and

Egypt does not have a floating crane capable of reaching the height of the containers”

Do you see it?

The world has quite a variety of giant sea-going equipment, much of it in Europe. Unfortunately, it might need a couple of weeks to get the needed machinery on site.

[2] I propose that one or more of the following might be done more quickly than the 2-3 month time frame:

• dredge a short bypass channel around the blockage site

• build temporary dams around the ship, and bring in giant pumps to raise the water level sufficiently to float it

• erect tower cranes (the kind used in building construction) on the Ever Given, and use them to offload containers (strange though it may sound, I estimate that a dozen or so tower cranes could be up and running within a week)

Note that none of these are mutually exclusive. Smarter people than me can doubtless propose other concepts that could be carried out significantly faster than 2 months.

MarkH March 25, 2021 5:01 PM

@Clive:

I couldn’t help smiling at your family story.

There comes a time for an engineer father, when he must steel himself for that awkward conversation with his son … about the analysis of linear system dynamics.

I suppose it must sometimes happen that the lad interrupts, “I already know this Dad, I learned it on the internet.”

I actually provided a thumbnail sketch of the s-plane to my unofficial “second son,” starting with complex exponents. My own boy wasn’t geeky enough to take an interest.

Part of my motivation for showing this to the other lad, was to show him that math could be far more interesting and useful than his school had shown him.

Clive Robinson March 25, 2021 5:14 PM

@ SpaceLifeForm,

There are no crane barges big enough to lift off containers due to height of stacking.

Err not true, there are specialised platforms with cranes that have both the height and lift capacity (I’ve designed electronics for some of them).

What is true however is “Eygpt” does not have any such platforms, nor do any countries in the region have any that I’m aware of.

So the question is are there any such platforms free to be able to travel to the site? And secondly just how long would it take them to get there.

There are other posibilities… In general the containers at the top are going to be the lightest. Now I’ve no idea how heavy or light each container is, but it might be possible to use a heavy lift helicopter which the Egyptian armed forces has one or two..

SpaceLifeForm March 25, 2021 5:25 PM

AMANAPLANACANALPANAMA

Every ship that is waiting, just buy a vowel. You are not moving. And do not even think about the Cape Route. It’s not safe. Forget it. Especially this time of year. Go back to home port. Re-think your situation.

The Ever Given would never survive Cape Route. Never. Even what is considered good wx conditions there in southern summer. The Ever Given would never make it.

Clive Robinson March 25, 2021 5:36 PM

@ MarkH,

Part of my motivation for showing this to the other lad, was to show him that math could be far more interesting and useful than his school had shown him.

Maths is not just interesting and useful, it can be fun as well.

So why so many schools teach it in such a deadly dull way escapes me. Back in the 1960’s I got taught what was called “Modern math” at the time thst included the likes of basic set theory, something half a century later I still use quite a lot of the time.

As for Laplace transforms, well… I think I’ve wasted a year or so of my life on them that I’m not going to get back 🙁

The time in my life when I needed them to design RF amps (1980’s) is kind of over. The performance of modern semiconductors compared to price is such you save money by using more expensive higher spec devices, than trying to stabilize lower spec parts.

SpaceLifeForm March 25, 2021 6:04 PM

@ Weather, Clive

Yet more Silicon Turtles, yet more Rabbit Holes

Just say NO to NFS

hx tps://igor-blue.github.io/2021/03/24/apt1.html

Weather March 26, 2021 12:04 AM

@slf Clive
Interest story about NFS, 3 months to mount a attack? They really wanted to get in.

Cheers

JonKnowsNothing March 26, 2021 1:53 AM

@SpaceLifeForm MarkH Clive All

re:AMANAPLANACANALPANAMA

It seems the Old Mariners haven’t forgotten the Old Tech Cape Route after all.

[boats are] being diverted towards the longer route around Africa, via the Cape of Good Hope…

So they have to calculate if they think the delays will last longer, and if they want to risk waiting another 3-4 days potentially to get through or instead go around Africa. This takes 7-10 days longer but there is less risk and certainty of getting to Europe.

Now… if the Egyptians will just remember that they built the pyramids without gantries and mega machines, using string, wood dowels and copper chisels, they could solve this problem quickly.

Think: Obelisk

Old Tech Rules and the Pharaoh’s knew how to use string.

MarkH March 26, 2021 2:26 AM

@JonKnowsNothing:

At present, the apparently leading plan focuses on much older tech than that: digging soil and dumping it elsewhere.

I just saw an estimate that up to 200,000 cubic meters might need to be dug, before the stranded ship is freed.

It’s a tough choice for shippers. I wouldn’t be surprised if some southbound ships turn back north when the canal situation becomes clearer.

I worry about pirates.

SpaceLifeForm March 26, 2021 2:35 AM

AMANAPLANACANALPANAMA

Apparently, they did stop digging. Sent divers down to assess situation.

Looking at dredging up to 20,000 Cubic Meters of sand (and rock).

So, yes, weeks.

Must be done VERY CAREFULLY.

Weather March 26, 2021 2:47 AM

Most of the way through ,the input was ‘Tempest1’ the first 16bytes were then run through again.
There’s still valleys were the second input is, working on automatic it, a 32 byte input should have 32-96 search range, the signal for the first input byte is still there as well as the last input byte.
A GPU can do 200 million Hash’s a second, not sure what time that works out too.

name.withheld.for.obvious.reasons March 26, 2021 4:00 AM

26 Mar 2021 — Powell Leaves License and Toilet, Forgets to Flush
In the annuals of professional licensure, the ABA can take an example from Sidney Powell, lawyer representing and self representing office of the court for the former President, 45, in multiple baseless lawsuits (read frivolous). The ABA must be so proud. Now that the self defense claim reaches to the absurdity of “No reasonable person would believe I was telling the truth.” Here’s how I respond…

And no reasonable person would believe that Sidney Powell has an actual law degree from a reputable university or college, or that she has a license to practice law in any other country or state of than Bullshitistan. The ABA sure needs to clean up its act, is Powell the shining example they wish to build their portfolio from? Hope 5 dead people in D.C. gets an honorable mention in the organizations “Intergovernmental Cooperation” and on Powell’s resume/CV. Guess she could be hired at the firm Liers, Cheats, and Charlatans (A BS LLP).

name.withheld.for.obvious.reasons March 26, 2021 4:03 AM

@ Weather

Interest story about NFS, 3 months to mount a attack?

Hilarious, was that…

/bin/mount -t nfs -r 127.0.0.1/Attack

Clive Robinson March 26, 2021 4:20 AM

@ SpaceLifeForm, Weather, ALL,

Just say NO to NFS

The article is an interesting start but, incomplete, so a degree of guessing has to be used.

The design sounds like one I’ve used in various forms in the past, the big problem was the designer did not apparently understand the concept of “use immutable memory” for the boot-ROM.

Unlike USB thumb/card drives which use Flash-ROM, CD/DVD disks can be immutable, as can EPROMs as NetROMs on network cards.

As for NFS it’s more secure than TFTP used in BootP but less secure than other more modern protocols like the proverbial Stunnel etc through to TLS.

Many do not realise that Intel’s “Preboot eXecution Environment”(PXE) that still uses the older insecure protocols was back in 2015 added to and as far as I’m aware still forms part of the “Unified Extensible Firmware Interface”(UEFI) standard, found on most motherboards these days.

Thus I suspect the use of the USB memory device as a boot-ROM was used by someone with a little more knowledge to get past the use of PXE in UEFI. Though potentially they did not go far enough and stopped at NFS instead of going to TLS.

In short they may have followed an old recipie found in one or two books on how to build Linux “Clusters”, “Thin-Clients”, “Kiosks”, “Net-Appliances” or Embedded devices (which have become very popular again with the Raspberry Pi being so cost effective and available).

But what is far from clear is how the “root of trust” was established on each of the net-appliances. Mention is made of using “signed code” which implies that some kind of PKI was implemented but potentially at a point to late in the chain as the author only mentions it with respect to the final application code.

But as @Weather has noted,

3 months to mount a attack? They really wanted to get in.

Not just that, the article also mentions both alarms and deadman’s switches. This is a level III+ attacker and it’s fairly certain from the alarm that they have their tenticles in in other parts of the infreastructure in or around that of the authors client.

As I’ve noted in the past on this blog the ICTsec industry tends to think of attacker profiles as,

1, Opportunistic Criminals.
2, APT SigInt or other IC.

That is a sound bite “managment view” for the C suits. With the follow on argument of “The Criminals are low hanging fruit attackers and it’s just a matter of time before they get in, and APT you can do nothing about because of zero-days”.

The point every one appears to ignore is that the attackers form points in a spectrum and by focusing on Crims-v-IC is leaving most of that spectrum not looked at…

Potentially this may be a case of something on the far side of APT, that is as thoughtfully put to gether an attack as you would expect from the likes of GCHQ and other High end European SigInt agencies, who we know are upto things but just don’t get caught doing it, unlike other nations SigInt agencies.

So very definately worth a bowl of popcorn or two and the comfy chair to watch this one.

MarkH March 26, 2021 4:25 AM

@SpaceLifeForm:

Thanks for the correction, I overstated the maximum soil volume estimate by a factor of 10.

20,000 cubic meters is about the dirt to excavate for two dozen large house basements.

I don’t know where you found rock … if you read my post above, you would know that the region is clay, with perhaps a little sand and gravel. No solid rock. As I wrote, there may be a few cm of rip-rap or concrete to prevent erosion, though I didn’t notice any in photos. If there is, excavators can easily move it out of the way.

No rocket science required, insofar as I can see.

Clive Robinson March 26, 2021 4:47 AM

@ SpaceLifeForm, JonKnowsNothing, MarkH, ALL,

Looking at dredging up to 20,000 Cubic Meters of sand (and rock).

Remember Egypt taught the Israelis a thing or two about “hydro-mining” when they used very powerfull fire hose systems to wash the Israeli troops out of their dug in positions.

Also that modern “dredging” is not “digging” where harbour and shipping channel “silt up” is concerned, they use water pumps.

As some may remember from the news not far back Egypt has spent a considerable sum of money widening parts of the canal, thus probably still have silt removing dredging platforms still around doing tidy up and stabalisation.

If they have moving 20,000 cubic meters of canal bed is not going to take very long.

I guess the real question is where they are going to remove it from and how to do it safely. Whilst the vessel is not broadside on to the canal there is still one heck of a lot of “wetted area” of the hull presented to any movment of water in the canal. Which as the canal is tidal means a fair old rate of water movment more than twice a day. So only about six hours of sufficiently “slack water” to work in unlike ordinary dredging that can go on 24×7.

MarkH March 26, 2021 5:37 AM

@Clive:

When I took a look at the history of the canal, I was surprised to discover that it has been expanded a bewildering number of times, most of them in recent decades.

Presumably, the Canal Authority has a great store of dredging experience and know-how, along with a flotilla of equipment.

I’d be surprised if they don’t also have a formidable engineering department.

The machines which do most of the work need a “lane” a fair number of meters wide along the near embankment, and so aren’t useful in the present circumstance.

On the other hand, water-flow equipment like you described might be very well suited to this problem. I remember hearing decades ago that “treasure hunters” (an often despised category, not without reason) were using flow apparatus in efforts to recover valuables from sunken vessels, and that it worked very effectively at Hoovering up anything near its inlet at considerable depths.

Though I expect the crisis to be resolved too quickly for it to be necessary, I wonder how long it would take the Authority to create a mile or two of bypass canal. If I were a participant, it would be my inclination to delegate some engineers for site survey and design work, for contigency purposes.

Clive Robinson March 26, 2021 10:29 AM

@ MarkH,

I wonder how long it would take the Authority to create a mile or two of bypass canal.

I’m not sure. But one thing that is most likely is that it will not be on the West bank, as there is a large village / small town there, and they won’t want that becoming an island as the bridges would be a significant issue, as would ferries.

But from memory the canal is a bit over a tenth of a mile wide at that point with a usable width of 120meters or so. It does not give an indication of the required navigation angles for ships 450m or more in length and 70m or more in the beam (which are what people are talking about moving up through (if the canals become wider).

But if you assume 5 degrees or less you can see just how long a bypass stretch would be. You would be looking at millions of cubic meters of soil to move.

As for getting dredgong equipment into the vessel, I kind of assumed they would do a main cut followed by steadily smaller cuts, thus using equipment that goes down in size as you get closer to the vessel.

But what ever they do to the canal it’s self, I think they will still want to “lighten the load” at some point if possible, as it potebtially gives not just the greatest gain for effort, if done properly it’s also the least risky up to a point.

But… Unloading is kind of “moving the problem” rather than solving it, as at some point people are going to want their cargo. So anything “off loaded” will have to be “loaded up” again somewhere. Which is why the fuel and balast water would prove more attractive, even though it will increase the risk.

JonKnowsNothing March 26, 2021 12:41 PM

@Clive, SpaceLifeForm, MarkH, ALL

re: Unloading is kind of “moving the problem” rather than solving it, as at some point people are going to want their cargo. So anything “off loaded” will have to be “loaded up” again somewhere.

Of Historical Note:

During the Age of Sail, ships came into Monterey Bay, California for trading. The Customs Building is part of the local museum complex.

Every ship was required to unload 100% of it’s cargo and store it in the Customs Building pending the payment of various fees/taxes.

Once some of the cargo had been sold and new goods purchased, the goods were re-loaded into the ship, which headed to it’s next destination. Where the process was repeated.

The sailors were quite good at it. They could unload/reload the ships by hand, using manual oars to row to/from the ship anchored in the harbor and make sail by the next tide.

It’s all like those TV series where they take a bunch of folks and give them Old Time Tools and ask them to make something Old Time. Quite fun to watch, very inventive, rarely historically accurate.

You cannot unlearn modern methods and modern methods preclude knowledge of old time methods, as was recently noted.

Digging out might be the best method but I’d fill it in and make a ramp, you need 60-100ft for a cargo container semi-truck to maneuver up to the top of rank of boxes. Most cargo semi-trucks have a crane big enough to handle one box. A good number of containers are empty. Some cargo semi’s can handle extra heavy full containers.

No shortages of cargo semis and they can move the boxes cheaper and faster than a helicopter and can haul them all the way to the other end of the canal for reloading. Maybe on another ship.

The fun part is the ramp. Egypt’s Pharaohs knew all about ramps and loading heavy goods on wood barges. The blueprints are painted and etched on the walls.

MarkH March 26, 2021 3:26 PM

@Clive, JonKnowsNothing:

Probably excavation alone will get that monster moving again. If it doesn’t, and some unloading is required, what to do with the containers will be among the easiest of the problems.

It’s actually common practice to transport moderate numbers of containers by barge along waterways where great ships can’t go. There are even luxury container barges with their own cranes.

Containers offloaded to barges on the starboard side could then be ferried by tugboats to the Suez port (Port Tawfik) about a dozen km distant. Containers from the port side could be parked on the Bitter Lakes awaiting disposition, or even taken to Port Said.

I estimate that the offloading of less than 1000 containers would be sufficient to cut one meter from the ship’s draft.

================

@Clive:

Surely digging a bypass would be a huge project … I just think it implausible that any circumstance could keep the canal closed for more than a few months!

Bearing in mind that the project I envision would be an emergency bypass — not intended for normal navigation — a width at bottom as little as 75 meters would probably suffice; the present beam limit is 50 meters. Angle of navigation need not be a constraint; keeping a dozen or so tugboats on hand would enable careful shepherding of vessels one at a time. If the process added two or three hours to mean transit time, that would be a modest cost compared to complete blockage.

For a tug-operated bypass, the angle of meeting to the main channel could be as acute as the mechanics of dredging will allow. I suppose that a bypass along these lines might be as short as 2 km.

Clive Robinson March 26, 2021 4:00 PM

@ MarkH,

Bearing in mind that the project I envision would be an emergency bypass

There is a joke that says “The only thing that is permanent in the universe is temporary”.

More often than we would like in fact sometimes more often than not a “temporary fix” is still there when a system gets decommissioned.

Thus I could see arguments made that the cost of such a temporary channel would need to be recovered… So it might become a “passing zone” or “wait up point”. But one thing that is almost certain is no one would pay to fill it in…

It’s just the way life works, it would quite literally be a “sunk cost” of enormous book value thus a valuable asset… Thus would have to be monetised in some way, even if it is only on paper…

I’ve actually seen tree stumps get “grubbed out” from a thined out wood in Oxford UK, and as nobody could think what to do with them they just lined them up on the side of a road hoping some one would just take them away. The next thing you know they are on the books as ecological fencing…

MarkH March 26, 2021 4:39 PM

@Clive:

First, I want to correct an error I made above: although the Suezmax standard has a 50 m beam limit, Ever Given is 60 m wide, so the Canal Authority is obviously no longer enforcing Suezmax.

Probably the hypothetical bypass structure would be permanent, but its usage for navigation would presumably be temporary. Anyway, it’s just dirt!

Sometimes, even temporary structures are removed … back when I often visited Russia, I was dismayed to see an ugly modern bridge erected alongside a lovely bridge of great historic significance. It was an expedient while the old bridge was restored, and was gone within a year or two. The historic bridge was dismantled right down to the stone piers, and later completely reconstructed.

Both bridges were more than 300 m long, carrying four lanes of road traffic, and drawbridges to boot, cycling twice daily. The construction needed to connect the temporary bridge to the busy traffic networks at either end was also formidable.

================

I’ve just read that winds at the time of Ever Given’s grounding were at 40 knots, or about 50% faster than the number I saw previously. If the angle of wind was perpendicular to the canal, my estimate of peak lateral force on Ever Given is seven or eight hundred tons.

Obviously, the Canal Authority will want to prevent the recurrence of such a shutdown. One measure they may consider is the restriction of entry based on wind forecasts — they already have wind rules, but perhaps will choose to tighten them up.

Ships can spend up to three consecutive hours in the narrow parts, but hopefully modern forecasting is good enough to manage that.

Another (very expensive) protection would be the construction of more bypasses. Already, more than half of the length of the canal is either doubled, or through the Bitter Lakes, and so can’t be blocked by a single mishap.

A much cheaper — and eminently practical –safeguard will be to evaluate what kind of equipment is best for resolving such a grounding (for example, “firehose” type water excavators), and to arrange that it can be brought to bear within a few hours of a ship running aground.

Accidents can’t be altogether prevented. In economic terms, it’s sufficient to be prepared so that a rare accident can be cleared within a few dozen hours.

Anders March 26, 2021 5:00 PM

@Chris

“Last time i remember someone called anders telling what every you do dont fly”

Check your source!!!

Clive Robinson March 26, 2021 5:01 PM

@ JonKnowsNothing,

The fun part is the ramp. Egypt’s Pharaohs knew all about ramps and loading heavy goods on wood barges. The blueprints are painted and etched on the walls.

Fun historical note, somewhere in NASA’s archives is an informal paper I wrote about the fact that the Egyptians did not have the capstan or windlass nor do they appear to have ever used the pully as a way to gain lifting advantage. Oh and the mathmatics says they could not have built ramps beyond a certain size because sand behaves like a liquid under pressure (as far as I’m aware nobody has yet solved the issue of “rocks rising through sand” when you agitate the mixture).

It was back in the mid 90’s a UK Prof was asked to look into how the Egyptians “project managed” the building of the great pyramids.

As part of his talk he mentioned the lack of ability to get the stone blocks up due to not having what we recognise as lifting gear. He and I ended up having a chat over a coffee and I casually mentioned that they did not need a series of pullies as a block and tackle or a windlass or capstan to get a ten to one or more mechanical advantage. He looked some what dubious especially when I mentioned that Pythagoras would have realised how to do it.

So he asked me how… To which I replied four lift ropes four binding posts and a set of pull ropes on each lift rope. The speed with which I answered made him realise I had actuall knowledge even though he still looked puzzeled. So he asked me how it would work…

The answer is actually simple and “bleeding obvious” once you have been told 😉

The four lift ropes are used as two pairs of ropes. When you pull a pair appart by a short distance as they can not shorten the weight suspended has to go up a small amount. This makes the other pair slack and you wrap them around the binding posts. Now you pull that pair appart and the weight rises a little more and you wrap the now slack first pair around their binding posts. You just continue inching the weight up that way.

You can work out the mechanical advantage by assuming two back to back 90 degree triangles with the rope forming the two hypotenues. As H^2 = A^2 + B^2 where A is the horizontal distance you pull out to form the triangle thus B must get shorter B = sqr(H^2 – A^2) you can see that if H is 50 and A is 2 then B goes from 50 to 49.96 or shortens by 0.04. So for a movment of 2 you’ve lifted 0.04 or a mechanical advantage of 50 on each triangle or 25 overall.

He asked me to write it up and I stuffed in some stuff that my mother who was a historian had done on Egyption models of sailing vessels found in a tomb and he forwarded it on with his stuff to NASA.

Obviously for some medium weight items using ropes in such a way is going to be a lot faster than using a capstan or windlass and not far off of that of a block and tackle pully system.

Now I have no idea if the Egyptions did this or not, but that is not the point. What it proved is that there were other ways to get mechanical advantage that had not been considered by modern historians.

As it turns out, you get an interesting mechanical advantage profile, which I’ll let others consider for other things seeing as I will probably get a “yellow card” from the Moderator if I say 😉

lurker March 26, 2021 5:42 PM

@JonKnowsNothing: No shortages of cargo semis…

In reliable working order, in Egypt? Just askin’…

JonKnowsNothing March 26, 2021 6:50 PM

@Clive

re: Alternate Lifts with No Pulley

That description of thinking beyond default modern tech is fab.

Lots of times on farms you have to do stuff and you don’t have all the right gear and tackle do it. If you have a truck with a (must be high rated) good bumper, you can use the hitch ball same as your binding post. You can get creative after that.

One handy tip using the same dynamic solves a common problem in California with fencing. We use T-Posts for fencing, metal posts driven into the ground and the wire tied to the post.

When you want to reset the posts or move them, you have to pull them out of the ground. There are loads of methods, tools, hookups to tractors and tire jacks used for this.

A very simple method uses a flat edged shovel.

1, Turn the shovel upside down and place the handle part on the ground or on a 2×4 next to the post
2, Push the top of the metal post which will flex
3, Stick the flat end of the shovel under one of the metal tabs that line the post
4, Let go.

The post will spring back to it’s previous position, the shovel is rigid and something has to “give”: the post inches up. Repeat as necessary, requires no strength and not much time as the posts are not driven that far into the ground.

ht tps://en.wikipedia.org/wiki/Steel_fence_post
(url fractured to prevent autorun)

quantry March 26, 2021 10:53 PM

@vas pup: thanks for the stories.

regards to 99% success now with
facial recognition working with masks:

Then its time to add ultraviolet and infrared flood light to bigger masks and hats “to kill bacteria, and other intrusive vermin”.

SpaceLifeForm March 27, 2021 1:36 AM

@ Clive

As it turns out, you get an interesting mechanical advantage profile, which I’ll let others consider for other things seeing as I will probably get a “yellow card” from the Moderator if I say 😉

Large scaffolding stones do slide back downhill. Removal of scaffolding was clearly in the contract.

Clive Robinson March 27, 2021 4:08 AM

@ JonKnowsNothing,

… a common problem in California with fencing. We use T-Posts for fencing, metal posts driven into the ground and the wire tied to the post.

Funny that you should mention that, a friend of mine owns a company that makes those “fencing robots” that automate the putting up process.

He asked me to look into solving a particular problem (not the one you mention) that happens with all such systems… Let’s just say watch this space for an improved system.

It kind of brings new meaning to “field trials” 😉

JonKnowsNothing March 27, 2021 12:26 PM

@Clive

re: a friend of mine owns a company that makes those “fencing robots” that automate the putting up process.

I have 5,000 linear feet of perimeter fence and a lot of cross fence to install. If your friend has a solution that doesn’t require a tractor (steep terrain), can solo-install, I will be interested in how his designs workout.

Most automated solutions require a tractor with PTO shaft, hydraulic connections or air compressors. These work fine if you have flat land and either own/rent the required equipment.

T-Posts are cheap, used T-Posts are cheaper, manual, spring loaded or battery powered hammers/impact wrenches are within most budgets.

The expensive part is labour. Someone has to hike out there, haul in the posts, know how to set livestock fence (bracing) and do the work.

ht tps://en.wikipedia.org/wiki/Power_take-off
(url fractured to prevent autorun)

markky March 27, 2021 5:39 PM

@Clive

So the question is are there any such platforms free to be able to travel to the site? And secondly just how long would it take them to get there.

Well the Saipem 7000 is out of question as it’s up in the north sea, however the Saipem 3000 is one of the ships stuck waiting to enter the Suez canal from the south and not at all that far from the site.

MarkH March 27, 2021 7:54 PM

@markky, Clive:

I looked up Saipem 3000 — a prodigious machine!

It’s probably a poor fit to the needs of the Suez blockage. I estimate that it could lift about 100 containers at one time — from the far side of the ship! — if there were a way to rig them.

It might even be able to help lift the nose out of the clay, if there were a way to rig the bows safely.

I’m guessing that a monster like Saipem 3000 is not designed for speedy operation, more’s the pity.

For unloading, I still propose that tower cranes might be a practical option. Most likely some serious welding to Ever Given would be necessary, but it seems to me that once in place, they could get the job done quickly and safely.

Clive Robinson March 27, 2021 8:05 PM

@ markky,

the Saipem 3000 is one of the ships stuck waiting to enter the Suez canal from the south and not at all that far from the site.

Looks like the old Sun God still shines down on the Kingdom of the Pharaohs 😉

Assuming of course, the crane can work across the stricken vessel and more importantly some one is prepared to draw up a contract that some one else is prepared to sign.

As for the 7000 I saw it years ago, it must have been the late 1980’s back when it was new and doing pipe laying. It is enormous, and about 100m at the narrowest. I also remember it had a deepish draft and could only be moved at some ridiculously slow speed like 5cm/sec or 180m/h, not sure if that was the actual top speed it could be moved at or the speed it laid pipe at. The last I heard of it, it had stoped doing pipeline work and was now an off shore factory floor for assembling wind turbines for off shore wind farms.

In size comparison from memory it’s about four times the area of the SpaceX barges and many times taller, lets just say I’ve sailed around smaller islands, that had people living on them.

MarkH March 27, 2021 8:59 PM

@Clive, markky:

If I’m not getting everything confused, then depending on the boom configuration (I don’t know what the reality is for Saipem 3000), it might be able to reach most of the way — or even all the way — across the container ship, with a capacity of at least 250 short tons.

But even if I’m not getting my stats all mixed up, the boom configuration might only be set up for the 40 meter heavy-lift (with a comically huge capacity of 2,400 short tons) … and in any case, the operator has modified the Clyde crane with which it is fitted (to make it capable of transiting Suez!), which could also invalidate my reach-length estimates.

Though it would save a lot of time that it’s to the south of Ever Given, coming from the north would give much better access to the bow (for removing containers nearest the nose, for example).

If nothing else, Saipem 3000 might be useful as a “bootstrap” helper for deploying other equipment.

markky March 28, 2021 4:14 PM

@Clive

As for the 7000 I saw it years ago, it must have been the late 1980’s back when it was new and doing pipe laying. It is enormous, and about 100m at the narrowest. I also remember it had a deepish draft and could only be moved at some ridiculously slow speed like 5cm/sec or 180m/h, not sure if that was the actual top speed it could be moved at or the speed it laid pipe at. The last I heard of it, it had stoped doing pipeline work and was now an off shore factory floor for assembling wind turbines for off shore wind farms.

The Saipem 7000 is an amazing vessel to see. I’ve been fortunate enough to see it fairly close a couple of times when they have been doing crew rotations.

The vessel has same impressive stats, check out https://en.wikipedia.org/wiki/Saipem_7000 (note thrust, pumps, and weight)

It can actually travel at 9.5 knots.

name.withheld.for.obvious.reasons April 2, 2021 2:06 AM

There appears to be little that penetrates the U.S. psyche, the propaganda is working. Just to reiterate…

14 Jul 2020 — Nils Melzer — Interview with Consortium New

“The real purpose of torture most of the time is intimidation. And it is not necessarily intimidation of the victim, it’s intimidation the intimidation of everybody else. That’s why people are being tortured in public spaces. That’s why women are being raped on the village square in an armed conflict. That’s why people are being executed publicly and punished and flogged because you want to intimidate everybody else.

That’s the power of torture, and that is what’s happening to Julian Assange. It’s not about punishing him, it’s not about interrogating him and finding the truth or something, but it’s about intimidating all other journalists and publishers. Making sure that no one does what he has done because that’s states are afraid of. That’s what this is about and this purpose has already been achieved, it’s not that states think they have only achieved their goal once he is extradited they can take as much time as they want.

As long as Julian Assange is holed up in a high security prison just to prevent his escape in case of extradition, as long as he cannot work, as long as he’s isolated they make an example of him. You can see the effects already, how the mainstream media is intimidated and cannot even report about this case objectively because they’re so afraid that they might end up in the same place.

You can see that the New York Times publicly acknowledges they submit their own national security relevant articles to the government before releasing them so they’re basically being censored already by the government. The New York Times, I mean who would have thought that, so this is already working. Everybody’s already intimidated, let’s acknowledge it. So this fight is really to re-establish press freedom rather than just protecting them.”

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.