Software Transaction Memory Risks

Output stream has a detailed and entertaining review of handling concurrency with software transaction memory (STM).

Suppose I have a small bank with only two accounts, and all that can happen at this bank is money can be transferred from one account to the other. A “correct” program…[is] when a single thread is performing the transfers, but when multiple threads are performing the transfers, bad things happen.

Imagine standing in a queue in England before WWII. Everyone would fight and pick their way to the teller in order to get service. Any group approaching a crowd in size would get so wildly out of control even the French and Italians complained about barbaric behavior of the English. During the hard times of war, however, the orderly queue was introduced with much propaganda to prevent inefficient riots and fights over scarce resources.

English orderly queuing behavior evolved into a common rule still present today, enforced by others waiting their turn. What happens if people decide to abandon the rule? The old race conditions, incorrect sync, and deadlock would return, as explained in a presentation by Brian Goetz.

STM, instead of trying to enforce concurrency controls offers an isolation boundary for transactions, like moving transactions from an open teller queue into a private office at a bank. Transactions are behind a closed door instead of subject to interruption and blocking.

STM is an alternative to lock-based synchronization. In essence it places a guard around a specified memory location (in our example we’ve placed it around the “accounts” map). The guard is called a Ref. You can only gain access to the memory location by initiating a transaction with an atomic block. Once inside the atomic block, you can gain access to the data in the memory location through the Ref and make modifications. Modifications are isolated, so changes can only be seen within the scope of the atomic block. When the transaction ends, an attempt is made to update the memory location atomically. However, it may be that another thread has committed a transaction before the attempt. If this is the case, the logic inside of an atomic block is retried until an update can be made.

Of course the boundary also has rules to reduce risk for STM. Once inside, bad things can still happen from dependencies, races and interruptions:

  • disallow side-effects
  • disallow changes
  • use independent business logic

Audio Triggers for Surveillance Cameras

I see more and more surveillance camera systems mention that they have an option for multiple microphones. Adding sophisticated ears to the eyes (perhaps smell is next) is an obvious evolution of surveillance. If you accept the argument that a camera helps a security team expand their presence, more data is useful to them to interpret a situation that they see. Parents with baby monitors might be the leading market for this technology. Prison and ship IP-based intercoms also come to mind. Perhaps I should not talk about parents and prison guards in the same paragraph…

Two people standing and yelling at each other on camera could look like just two people standing; yelling is an audio data point so adding audio allows a human responder to capture better detail and pick up on urgency and relevancy. Adding a voice through speakers it also gives the responder a tool to engage remotely more quickly than in person. The trigger mechanism of the audio is also evolving. Systems already attempt to trigger an alert on tones of anger or fear. I haven’t seen a dictionary-based trigger yet, but it’s probably available.

Of course, expanding the amount of data collected raises the question of security management to protect privacy. Use of the trigger/alert system can reduce some concern about privacy by removing the need for the system to record or expose all data. However, that does not mean you can trust that secure procedures will be used, as illustrated in a Zenitel video about an IP-based system. Why is “unsecure” even an option?

Edison of Rootkits

A CFO.com interview with Mark Russinovich is funny. Mark’s done a lot of really stellar work on technical issues but the interview reveals more about his social and economic philosophy. They introduce him by comparing him to Edison. They probably meant this as a compliment.

Russinovich is to rootkits as Edison was to electricity

Edison was a ruthless marketing hack who electrocuted animals to death publicly to falsely convince people of the risks from his competitors products.

In order to make sure that [the elephant] emerged from this spectacle more than just singed and angry, she was fed cyanide-laced carrots moments before a 6,600-volt AC charge slammed through her body. Officials needn’t have worried. [The elephant] was killed instantly and Edison, in his mind anyway, had proved his point.

Edison proved that power can be dangerous in the hands of the wrong man. And I’m not even going to rant here about how he copied others’ ideas and tried to patent them as his own.

If I were Mark I’d be insulted. They should have used Westinghouse, Tesla or some other more notable engineer and inventor. Anyone but Edison.

The bottom line is that unless Mark is going to start launching rootkits on Apple computers to convince people to buy Microsoft, he shouldn’t be compared to Edison. Now to the interview:

Does the Internet make the world a more dangerous place?
It’s the complete dependence on the Internet. Even small businesses. Think about it. You go to your doctor or your dentist. What would happen if their computer wasn’t working? What would happen if their data was destroyed? They’d be out of business.

Scary. But strangely enough I have been in doctor and dentist offices when their computer is not working and they do not seem panicked about going out of business. If anything they seem content to say something like “damn Microsoft systems are always broken”.

Where is this complete dependence Mark speaks about? Maybe my experience is behind the times and he goes to a more modern clinic with robots and all. Does Roomba make a dental unit yet? He certainly is not speaking about “the world” of doctors and dentists I know. They embrace technology while keeping it at arms length.

Next example:

How much damage can a virus realistically do?
It’s pretty well accepted that the Stuxnet virus, which was spread by USB keys, was created by Israel and the U.S. for the sole purpose of destroying the Iranian centrifuges that enriched uranium for its nuclear program.

Pretty well accepted? That sounds like he’s not convinced. I know I’m not convinced. The world was pretty well accepted as flat. Very different from saying that it has been proven.

Mark, who is known for providing tools that are meant to offer hard evidence, is offering us a vague and unconfirmed statement when it comes to Stuxnet authors and purpose. Why does he lower the bar? Imagine if Sysinternals released a tool that said “this virtual memory region is pretty well accepted to be unusable”.

And how much damage did Stuxnet really do? The report I read from nuclear investigators who know the risk/threat model says the centrifuges were already expected to fail at a high rate. Rust is said to have been a major source of centrifuge problems for the Iranian program. Oxidation is apparently causing more failures than Stuxnet, so the answer is…?

I could go on about his answers on the cloud and a bank versus house model of risk but I’ll skip to the conclusion.

What’s the endgame?
We’re not going to take cybersecurity seriously enough until something real bad happens, and then we’ll overreact. That’s the way things usually happen, isn’t it? When something real bad happens, the government will step in and say now we’ve got to do something, and they’ll put in all these bizarre regulations that won’t really do much and will result in a big loss of productivity.

That’s like describing a doctor who treats you after you break your legs as the cause of your mobility loss. The doctor will regulate your ability to get up and walk around to protect your body from further harm — increasing your chance of long-term recovery and regaining productivity. What is so bizarre about that?

After the “something real bad happens” (e.g. breaking your legs) a loss of productivity is already in play, long before any regulator shows up to help. In other words, a huge gain in productivity from regulations is also conceivable if we’re just going to talk theory. Basel II comes to mind… Now, if Mark wants to mention a specific “bizarre” regulation and how it hurts productivity, then we can really talk about technical details instead of just some socioeconomic philosophy.

The End of the Economist

I admit I used to be a huge fan of the Economist. There were days when I would sit in the library and pore over editions from the early 1940s and marvel at the lengths they would go to offer analysis without bias. If you ever have a chance to do it I recommend it highly. It was spooky to see how accurate their writers were in predicting the future.

Things have changed a lot for them in the past twenty years let alone over sixty. I find their writing less compelling and less informed as time goes on, as if they are looking at the world through a shrinking scope. They seem to just be lazily writing their opinion, without any bother to research or read the data available. Take the recent article “Coming Full Circle“, for example.

They make a fair point about the impact of big media and industrialization in the West, but they also give a lopsided history of print and social networks from a pseudo-Western lens:

Until the early 19th century there was no technology for disseminating news to large numbers of people in a short space of time. It travelled as people chatted in marketplaces and taverns or exchanged letters with their friends. This phenomenon can be traced back to Roman times, when members of the elite kept each other informed with a torrent of letters, transcriptions of speeches and copies of the acta diurna, the official gazette that was posted in the forum each day. News travelled along social networks because there was no other conduit.
[…]
In early 1518 Martin Luther’s writings spread around Germany in two weeks as they were carried from one town to the next. As Luther and his supporters argued with his opponents over the following decade, more than 6m religious pamphlets were sold in Germany.

Uh, ok, a timeline from the Romans to the Germans?

That does not sound like a proper student of British education. Perhaps it is an American writer, unfamiliar with the Schoyen collection in London. I mean how ironic and strange for a British publication to glorify the technology of the Romans and the Germans!

Moreover, they completely miss the obvious fact that the Song (960-1279) dynasty China was widely distributing inexpensive printed books made with movable type. This, of course, was possible due to block printing used previously during the Tang (618-906) dynasty when printing cloth shifted to making Buddhist scrolls.

How do these fit the Economist’s “there was no technology” claim for information dissemination until the 19th century? Perhaps they are using a very specific and narrow definition of “dissemination” and a very specific and narrow definition of “short space of time”? Yes, Twitter did not exist until Twitter existed. Great analysis of “little distinction between producers and consumers of information” — social media.

The Economist missed a great opportunity to reference the “Diamond Sutra” (“stolen” by the British), which was printed on the 11th May 868 AD according to the British Library and starts with the words

“Reverently made for universal free distribution…”

They also missed the opportunity to explain the rapid transition in technology from elite use to common, such as the period soon after Empress Shotuku of Japan in 764 AD printed a million scrolls of the Hyakumanto Darani and distributed them to celebrate the suppression of Rebellion led by Emi no Oshikatsu.

I guess I also could go on and bring up pre-historic fire/smoke non-elite communication systems (that influenced Bronze Age relics still evident in Ireland and England), or birds like the Pigeon Post, or the hydraulic semaphore system used in Britain by Francis Whishaw in the 1800s, not to mention the talking drum…but I guess for the time being I’ll just have to seek other sources of news to find an informed and introspective analysis.