skybrian's recent activity

  1. Comment on ArXiv is separating from Cornell University, and is hiring a CEO, who will be paid roughly $300,000/year in ~science

    skybrian
    Link Parent
    I don’t see any reason why they should be in New York City and from the point of view of an organization that needs to keep expenses down, it seems like a particularly bad choice. The cost of...

    I don’t see any reason why they should be in New York City and from the point of view of an organization that needs to keep expenses down, it seems like a particularly bad choice. The cost of living is much cheaper in Ithaca, for example, and there are places with better weather than either. It’s an Internet organization, so couldn’t they be based anywhere?

    8 votes

  2. Comment on Dabao evaluation board for Baochip-1x - what it is, why I'm doing it now, and how it came about in ~comp

    skybrian
    Link
    From the article: [...] [...] [...] [...] [...] [...]

    From the article:

    In my mind, the Baochip-1x’s key differentiating feature is the inclusion of a Memory Management Unit (MMU). No other microcontroller in this performance/integration class has this feature, to the best of my knowledge. For those not versed in OS-nerd speak, the MMU is what sets the software that runs on your phone or desktop apart from the software that runs in your toaster oven. It facilitates secure, loadable apps by sticking every application in its own virtual memory space.

    [...]

    This begs the question: if the MMU is such an obvious addition, why isn’t it more prevalent? If it’s such an obvious choice, wouldn’t more players include it in their chips?

    [...]

    The root cause turns out explicitly to be because MMUs are so valuable: without one, you can’t run Linux, BSD, or Mach. Thus, when ARM split their IP portfolio into the A, R, and M-series cores, the low-cost M-series cores were forbidden from having an MMU to prevent price erosion of their high-end A-series cores. Instead, a proprietary hack known as the “MPU” was introduced that gives some memory security, but without an easy path to benefits such as swap memory.

    [...]

    Thanks to the rise of open architecture specifications such as RISC-V, and fully-open implementations of the RISC-V spec such as the Vexriscv, I’m not bound by anyone’s rules for what can or can’t go onto an SoC. And so, I am liberated to make the choice to include an MMU in the Baochip-1x.

    This naturally empowers enthusiasts to try and run Linux on the Baochip-1x, but we (largely Sean ‘xobs’ Cross and me) already wrote a pure-Rust OS called “Xous” which incorporates an MMU but in a framework that is explicitly targeted towards small memory footprint devices like the Baochip-1x. The details of Xous are beyond the scope of this post, but if you’re interested, check out the talk we gave at 39C3.

    [...]

    Thus, while certain portions of the Baochip-1x SoC are closed-source, none of them are involved in the transformation of data. In other words, all the closed source components are effectively “wires”: the data that goes in on one side should match the data coming out the other side. While this is dissatisfying from the “absolute trust” perspective, one can’t definitively rule out the possibility of back doors in black-box wires, we can inspect its perimeter and confirm that, for a broad range of possibilities, it behaves correctly. It’s not perfect transparency, but it’s far better than the fully-NDA SoCs we currently use to handle our secrets, and more importantly, it allows us to start writing code for open architectures, paving a roadmap to an eventually fully-open silicon-to-software future.

    [...]

    Crossbar wanted to buck the trend and heed the call for open source transparency in security chips and approached me to help advise on strategy. I agreed to help them, but under one condition: that I would be allowed to add a CPU core of my own choice and sell a version of the chip under my own brand. Part of the reason was that Crossbar, for risk reduction reasons, wanted to go with a proprietary ARM CPU. Having designed chips in a prior life, I can appreciate the desire for risk reduction and going with a tape-out proven core.

    However, as an open source strategy advisor, I argued that users who viewed open source as a positive feature would likely also expect, at a minimum, that the CPU would be open source. Thus I offered to add the battle-tested CPU core from the Precursor SoC – the Vexriscv – to the tapout, and I promised I would implement the core in such a way that even if it didn’t work, we could just switch it off and there would be minimal impact on the chip’s power and area budget.

    [...]

    At the time of writing, wafers containing the Baochip-1x design have been fabricated, and hundreds of the chips have been handed out through an early sampling program. These engineering samples were all hand-screened by me.

    However, that’s about to change. There’s currently a pod of wafers hustling through a fab in Hsinchu, and two of them are earmarked to become fully production-qualified Baochip-1x silicon. These will go through a fully automated screening flow. Assuming this process completes smoothly, I’ll have a few thousand Baochip-1x’s available to sell. More chips are planned for later in the year, but a combination of capital constraints, risk mitigation, and the sheer time it takes to go from blank silicon to fully assembled devices puts further inventory out until late in 2026.

    4 votes

  4. Comment on Helium prices soar as Qatar LNG halt exposes fragile supply chain in ~finance

    skybrian
    Link
    From the article: [...] [...] [...] [...]

    From the article:

    State energy giant QatarEnergy, the world's second-largest LNG exporter, announced a production halt at its 77 ‌million tons per annum (mtpa) facility last week and declared force majeure on LNG shipments, amid the conflict.

    Because helium is extracted as a byproduct of natural gas processing, any disruption to LNG output directly cuts helium supply.

    [...]

    "If those conditions (supply disruption) persist, the market is ⁠effectively missing about 5.2 million cubic meters of helium per month," said Aleksandr Romanenko, CEO of market research firm IndexBox.

    The disruption is reverberating through a market with little ​spare production capacity and limited storage, leaving buyers with few short-term alternatives.

    Japan's top helium supplier Iwatani (8088.T), opens new tab said it had so far maintained stable supply to customers including semiconductor ​manufacturers, partly because it also sources helium from the United States and maintains stockpiles in both Japan and the U.S.

    [...]

    Helium markets operate very differently from most commodities.

    Most supply is sold through long-term contracts rather than a transparent spot market, meaning price signals often emerge slowly even as supply tightens.

    That opacity makes price discovery difficult, but signs of tightening supply have ​already begun to emerge.

    "Early indications show about 50% spot price increases already," said Anish Kapadia, CEO of market research firm AKAP Energy.

    "In a sustained disruption, prices could ​rise sharply and potentially retest past shortage peaks of more than $2,000 per thousand cubic feet."

    [...]

    Helium's physical properties add another constraint. The gas is typically shipped in liquid form and gradually evaporates during transport.

    "It's a commodity, but it also has a shelf life," said Chris Bakker, CEO of helium developer Avanti (AVN.V), opens new tab.

    "So when you liquefy it, and that's how they tend to ship it worldwide, you've got notionally 45 days to get it to the end-user."

    [...]

    Kornbluth said industries such ​as medical MRI systems and rocket ships would ⁠probably get 100% of their needs, while semiconductor manufacturers might receive 95%.

    Lower-priority uses, including welding, diving equipment and party balloons, would likely face deeper cuts.

    5 votes

  6. Comment on The billionaire ‘buccaneer’ braving the Strait of Hormuz in ~transport

    skybrian
    (edited )
    Link Parent
    Yes, sometimes the oppressed become oppressors themselves. History is terrible! But that historical context shouldn't be used to whitewash murder. Sometimes if you know the full story it might be...

    Yes, sometimes the oppressed become oppressors themselves. History is terrible! But that historical context shouldn't be used to whitewash murder. Sometimes if you know the full story it might be understandable as someone acting in a terrible system.

    Piracy is a system built on using violence to achieve financial gain. Sometimes even with a veneer of state sponsorship.

    Sometimes, there were no good guys; both sides were oppressors by modern standards.

    2 votes

  7. Comment on Hackers expose the massive surveillance stack hiding inside your “age verification” check in ~tech

    skybrian
    Link
    Age verification is being done badly because the Internet standards don't exist to do it well. It should be trivial for parents to give their kids devices with child locks turned on. The browsers...

    Age verification is being done badly because the Internet standards don't exist to do it well. It should be trivial for parents to give their kids devices with child locks turned on. The browsers on these devices could tell websites that they have a child lock on, and websites could act accordingly. This of course requires cooperation, but cooperation should be available - most porn sites probably don't want kids to be there? It solves 90% of the problem without invading anyone's privacy.

    This should just be a config parameter. When setting up a website, you should be able to configure what it should do when getting requests from child-locked devices. Outsourcing to sketchy third-party firms to do age verification shouldn't be necessary.

    For non-cooperating websites, child-locked devices can use whitelists or blacklists to handle the rest, like they often do now. Also, governments can pass laws saying what businesses should do and hold the bigger businesses accountable for configuring their website correctly.

    Then the question is what to do about devices without child locks turned on getting into the hands of kids, but this should be a lot easier for parents to deal with. It's not going to be done perfectly - sometimes kids will have a non-child-locked device stashed somewhere. But perfect enforcement isn't necessary to change community norms.

    17 votes

  8. Comment on AI companies try to pay staff in AI tokens, not money in ~tech

    skybrian
    Link Parent
    Yes, AI executives sometimes prefer talking about science fiction to talking about what their company is actually doing. I see this sort of freeform speculation as a distraction and articles like...

    It's no indication at all about how serious or unserious he is.

    Yes, AI executives sometimes prefer talking about science fiction to talking about what their company is actually doing. I see this sort of freeform speculation as a distraction and articles like this one take it way too seriously, as if it had some straightforward connection with the AI company’s actual plans.

    I’m not sure it even works as a “trial balloon.” Like, how do they gauge the public reaction and what do they then do about it? There’s no concrete answer there.

    Sometimes powerful people will just bullshit in public.

    3 votes

  9. Comment on Executing programs inside transformers with exponentially faster inference in ~comp

    skybrian
    Link
    This seems like a neat trick, but they don’t discuss the larger implications at all. Can this model read and write English as well or is it just a weird interpreter? How would the the language...

    This seems like a neat trick, but they don’t discuss the larger implications at all. Can this model read and write English as well or is it just a weird interpreter? How would the the language model and the computing model interact?

    Maybe they haven’t figured that out yet?

    4 votes

  10. Comment on The billionaire ‘buccaneer’ braving the Strait of Hormuz in ~transport

    skybrian
    Link Parent
    I try to remember that, despite the way they come across in fiction, pirates were actually murdering thieves.

    I try to remember that, despite the way they come across in fiction, pirates were actually murdering thieves.

    2 votes

  11. Comment on Ukraine can now manufacture mostly China-free drones in ~society

    skybrian
    Link
    From the article: [...] [...] [...] [...] [...]

    From the article:

    Ukraine is prioritizing self-sufficiency in the production of drones as they increasingly dominate the battlefield. They now account for more than 90 percent of Russian casualties, according to Maj. Robert Brovdi, commander of Ukraine’s Unmanned Systems Forces.

    [...]

    Two companies in Ukraine that have built “China-free” drones were picked to compete for contracts in a Pentagon “drone dominance program” under which the United States plans to buy thousands of low-cost attack drones. One of the companies, Ukrainian Defense Drones Tech Corporation, where the men were soldering circuit boards in the basement workshop, was among 11 in all selected last week for possible American drone orders.

    [...]

    Ukraine Defense Drones makes most of its own components, and European suppliers fill most of the gaps.

    That reflects a sea change over the course of the war. In the first year after the Russian invasion in February 2022, nearly all of Ukraine’s drones came from China.

    [...]

    By 2024, the vast majority of drones that Ukraine sent to the front were assembled domestically — but still almost entirely with Chinese components. A year later, however, the share of parts from China in Ukraine’s drones had fallen to about 38 percent, according to the Ukrainian Council of Defense Industry and the Snake Island Institute, a think tank in Kyiv.

    [...]

    According to a Ukrainian official who asked for anonymity to discuss sensitive procurement issues, Ukrainian and Russian companies often buy parts from the same factories in China. Chinese bosses, the official said, keep a precise schedule at production sites so that Ukrainian and Russian buyers do not cross paths.

    [...]

    By 2025, Ukrainian Defense Drones had expanded to produce flight controllers, speed regulators, radio modems and video transmission systems. Essentially, all its components were made in Ukraine except for the cameras.

    The company has since gained technology for cameras, too, which it hopes to produce in Europe. For now, it buys cameras from another Ukrainian company that imports parts from Europe.

    Mr. Buyakin described the limits to “China-free” production. While his company makes carbon frames for drones, for example, the carbon itself is imported, usually from China, because that is cheaper.

    Batteries that power drones are also still largely produced in China, which dominates supply chains for battery materials like lithium and rare-earth metals.

    8 votes

  13. Comment on Iran-backed hackers claim wiper attack on medtech firm Stryker in ~tech

    skybrian
    Link
    From the article: [...] [...] [...]

    From the article:

    A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker’s largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker’s main U.S. headquarters says the company is currently experiencing a building emergency.

    Based in Kalamazoo, Michigan, Stryker [NYSE:SYK] is a medical and surgical equipment maker that reported $25 billion in global sales last year. In a lengthy statement posted to Telegram, an Iranian hacktivist group known as Handala (a.k.a. Handala Hack Team) claimed that Stryker’s offices in 79 countries have been forced to shut down after the group erased data from more than 200,000 systems, servers and mobile devices.

    [...]

    Stryker’s website says the company has 56,000 employees in 61 countries. A phone call placed Wednesday morning to the media line at Stryker’s Michigan headquarters sent this author to a voicemail message that stated, “We are currently experiencing a building emergency. Please try your call again later.”

    A report Wednesday morning from the Irish Examiner said Stryker staff are now communicating via WhatsApp for any updates on when they can return to work. The story quoted an unnamed employee saying anything connected to the network is down, and that “anyone with Microsoft Outlook on their personal phones had their devices wiped.”

    [...]

    Wiper attacks usually involve malicious software designed to overwrite any existing data on infected devices. But a trusted source with knowledge of the attack who spoke on condition of anonymity told KrebsOnSecurity the perpetrators in this case appear to have used a Microsoft service called Microsoft Intune to issue a ‘remote wipe’ command against all connected devices.

    Intune is a cloud-based solution built for IT teams to enforce security and data compliance policies, and it provides a single, web-based administrative console to monitor and control devices regardless of location. The Intune connection is supported by this Reddit discussion on the Stryker outage, where several users who claimed to be Stryker employees said they were told to uninstall Intune urgently.

    Palo Alto says Handala’s hack-and-leak activity is primarily focused on Israel, with occasional targeting outside that scope when it serves a specific agenda. The security firm said Handala also has taken credit for recent attacks against fuel systems in Jordan and an Israeli energy exploration company.

    [...]

    Stryker is a major supplier of medical devices, and the ongoing attack is already affecting healthcare providers. One healthcare professional at a major university medical system in the United States told KrebsOnSecurity they are currently unable to order surgical supplies that they normally source through Stryker.

    “This is a real-world supply chain attack,” the expert said, who asked to remain anonymous because they were not authorized to speak to the press. “Pretty much every hospital in the U.S. that performs surgeries uses their supplies.”

    John Riggi, national advisor for the American Hospital Association (AHA), said the AHA is not aware of any supply-chain disruptions as of yet.

    8 votes

  15. Comment on The billionaire ‘buccaneer’ braving the Strait of Hormuz in ~transport

    skybrian
    Link Parent
    I believe "buccaneer" is another word for "pirate." It seems inaccurate even for the "dark fleet" (smuggling is not piracy), but it's not a positive term either. I think its use in this story is...

    I believe "buccaneer" is another word for "pirate." It seems inaccurate even for the "dark fleet" (smuggling is not piracy), but it's not a positive term either. I think its use in this story is just careless.

    9 votes

  16. Comment on Shadow fleet dominates Hormuz crossings as Iran ramps up bypass loadings in ~transport

    skybrian
    Link
    From the article: [...] [...] [...]

    From the article:

    SHADOW fleet* vessels are dominating tanker and gas carrier transits through the Strait of Hormuz as compliant tonnage — aside from several Dynacom tankers and less than a handful others — largely avoids the besieged waterway.

    About half of all tanker and gas carrier over 10,000 dwt that have transited the Strait of Hormuz between March 1-8 were part of so-called shadow fleet, according to Lloyd’s List analysis, which included suspected dark transits.

    [...]

    Meanwhile, Iran has also been utilising a rarely used terminal south of Hormuz to load vessels.

    A very large crude carrier was seen loading at the Jask terminal near Kooh Mobarak last week, which marked only the fifth time in as many years that a ship has loaded there, according to TankersTrackers.com co-founder Samir Madani.

    The previous time a vessel loaded there was a suezmax in December, Madani told Lloyd’s List.

    Part of the reason for the terminal’s low usage may be the long time it takes vessels to load.

    “Nothing happens quickly there,” said Madani.

    “Last time a VLCC loaded there, it took about 10 days.”

    [...]

    The gamble by shadow fleet vessels to transit the strait may stem from an assessment they are less likely to be targeted by Iran given that they serve its energy exports.

    However, at least two shadow fleet tankers have been struck so far since the war began.

    [...]

    While shipowners await further details of US naval escorts, first raised as a possibility by Trump last week, European leaders have also been discussing the possibility of European Union-backed escorts.

    French President Emmanuel Macron said on Monday that he was working on the launch of a joint maritime mission to escort ships in an effort to reopen the Strait of Hormuz once the initial phase of the war has calmed down.

    1 vote

  18. Comment on The billionaire ‘buccaneer’ braving the Strait of Hormuz in ~transport

    skybrian
    Link
    https://archive.is/dEtyl From the article: [...] [...] [...]

    https://archive.is/dEtyl

    From the article:

    As Iranian missiles streaked over the Strait of Hormuz on Sunday, bringing traffic across one of the world’s most vital trade lanes to a near halt, one Greek billionaire was steering his ships straight into the turmoil.

    Dynacom Tankers, owned by 79-year-old George Prokopiou, has sent at least five tankers through the narrow waterway at the mouth of the Gulf since the outbreak of war with Iran on Saturday, making it one of a handful of legal operators willing to brave the journey.

    [...]

    There are big rewards on offer. Freight rates for tankers leaving the Gulf have more than doubled since Friday, hitting record highs. A single very large crude carrier (VLCC) making the perilous voyage across the strait and into China would earn about $500,000 in revenue per day, excluding the cost of additional war-risk insurance, according to price-reporting agency Argus.

    While the risks for the owners are money and tankers, the sailors onboard are putting their lives on the line. Iran has threatened to set any ships attempting the passage “on fire”, hitting at least nine since the conflict began with at least three seafarers killed.

    All of Dynacom’s vessels turned off their transponders, devices that automatically transmit a vessel’s location and identity, for their passage through the strait.

    [...]

    “He’s an industry legend and one of those people that does what we call ‘premium’ business,” said one ship broker who has worked with Prokopiou’s companies in recent years, using a euphemism for trades that are legal but carry much higher risks.

    Prokopiou’s Dynacom Tankers has moved tens of millions of barrels of Russian crude oil over the past year and is one of the biggest lifters of the cargo since Moscow launched its assault on Ukraine in early 2022, according to FT analysis of Kpler data and ship ownership records.

    [...]

    Ukraine’s National Agency on Corruption Prevention put Dynacom Tankers on its list of “international sponsors of war” for its role shipping Russian crude, accusing it of “replenishing the budget of the aggressor country and financing the Russian invasion”. However, in 2023 it withdrew Dynacom from the list and in 2024 withdrew the list altogether, following pressure from its overseas partners.

    6 votes

  20. Comment on I don’t know if my software engineering job will still exist in ten years in ~comp

    skybrian
    Link Parent
    Garmin's Autoland is pretty cool, but it's an emergency system. The air traffic controller had to shut down the airport (not allowing other planes to take off or land) while the plane using the...

    Garmin's Autoland is pretty cool, but it's an emergency system. The air traffic controller had to shut down the airport (not allowing other planes to take off or land) while the plane using the autoland system landed.

    Also, coordinating traffic around major airports is done by air traffic control and I don't think much of that is automated? It's air traffic control talking to pilots on the radio.

    So in the end I'm basically agreeing with you that few jobs in aviation are likely to be automated away just because the LLM's are good now. The automation that's been done already is around the edges with things like reservation systems (largely replacing travel agents) and self-service kiosks.

    An example of a task that might be automated, assuming the vision models are good enough, is screening carry-on luggage. It would reduce TSA agents' workloads if they didn't have to watch the screens. But if the AI sees something, it's going to alert a TSA agent and they would take it from there.

    It would take a major government initiative to even do that much.

    3 votes