Archive for December 2020
Apple M1 MacBook Air Review
Introduction
I received my new shiny golden ARM based MacBook Air a few days ago, so I thought I’d write this blog posting on my initial impressions. This replaces our aging 2012 MacBook Air which continues to be a good computer, but sadly it isn’t supported by the new Big Sur MacOS release. It is also a bit limited with only 4Gig RAM and a 128Gig SSD. The new MacBook Air has 16Gig RAM, a 512Gig SSD and has an 8 core GPU.
Same Old Mac
The first impression when you turn it on and perform the initial setup, is that it is the same MacOS as you are used to. Everything works the same and you wouldn’t know there is a new ARM based CPU running behind the scenes. The screen is really nice at a resolution of 2560×1600, the keyboard is the updated magic keyboard and is quite nice to type on. The laptop is relatively lite and the battery lasts a long time.
Installing Software
Using software natively compiled for the new Apple M1 ARM processor is the best and there is already a lot of software available this way. All the Apple software, of course, is compiled for ARM. I installed XCode, which took a little while since it is so large. As long as you don’t compile for Intel, you don’t need the Rosetta emulator to run this. I installed Microsoft Office and Google Chrome, both of which are natively compiled for ARM and run great.
Bigger companies all bought or were provided with the developer prototype hardware to get ready for the real release, however smaller developers and open source developers weren’t going to pay the $600 for the prototypes that you were contractually required to trade in when the real release happened. Now that the ARM based Macs are released and people are receiving them, we are seeing lots of projects with test native ARM builds posted. Further, Apple engineers are contributing to a number of open source projects to help them move a little quicker.
After all this, I needed some utilities that weren’t compiled natively yet, so I let Rosetta install. Then the utilities installed and worked seamlessly. I haven’t installed a great many non-native applications, but for the ones I have installed, I’m impressed that they just work and you can’t see any sign of all the magic working in the background to seamlessly emulate an Intel processor.
You Can Run iOS Apps
Besides running MacOS applications, you can run iOS Apps. From the App Store you can select most iOS Apps to install as well. When I heard about this, I didn’t think I’d really need this. However, it lets you do some things that I couldn’t do before. For instance, a complaint about EchoLink, a ham radio program, is that you need to run it on a phone. Now I can run it on my laptop, which I find handy.
There are actually a number of useful phone or tablet apps that are handy to finally be able to run on a laptop.
UPS Sucks
When I ordered the MacBook, I ordered from apple.ca, so I sort of expected it would ship from Canada. There were no options for shipping, it just said free shipping, so that is what I got. The website said to expect two to three weeks before it ships. OK fine. Then exactly two weeks later, I received the notification that it had shipped. I clicked on the track shipping button and found out it was shipping from Shanghai, China via UPS. Oh no, I’ve never had a good experience with UPS. It took three days to leave Shanghai and then showed up in Incheon, South Korea. Then the next day, tracking showed it in Anchorage, Alaska. What the heck, was it on a boat sailing around the Pacific? The next day, Louisville Kentucky, so it was flying. Sucks that UPS routes everything through this hub. Next day, Seattle Washington. Next day Richmond, BC. It then sat in Richmond for three days. Then it moved to Gibsons, BC and sat there for three days before being delivered. It seems to me that sending anything UPS is about the worst way you can ship things.
Apple sucks that they use UPS. For instance, my experience with FedEx is that it would have flown from Shanghai to Vancouver directly and then gotten here the next day, since FedEx does two deliveries each weekday and then also delivers on Saturdays. FedEx is the best, but Purolator and DHL aren’t far behind. Again UPS sucks, please Apple stop using them.
Summary
The MacBook Air is a very nice laptop. It is well made, light and fast. It’s easy to work on and the long battery life makes it ideal for a mobile workforce. There is tons of software available, naively compiled MacOS, Intel based MacOS and then all the iOS Apps. If you are looking for a new laptop or an upgrade to an old Mac Mini, then these new M1 based Apple Macs are a great choice.
Technology Predictions for 2021
Introduction
Last week, we discussed some of the remarkable technologies from 2020. This time, we are going to look at some of the technology trends that will influence life in 2021. Everyone is hopeful that now that vaccines are starting to roll out, that we can put the pandemic behind us. The pandemic will certainly continue to dominate life well into 2021, but hopefully as more people become vaccinated, the numbers will start to finally go down and the level of community infection will reduce. As always, predictions are highly inaccurate and you should always expect the unexpected, nevertheless, it is fun to speculate.
Continuing CPU Wars
Intel will continue to have trouble with their new chip process technologies and as a result the wolves are circling. Both AMD and ARM will aggressively target Intel in all CPU categories. Both AMD and ARM will exploit newer process technologies from TSMC and Samsung to produce faster chips with higher transistor counts that use less power. Apple will accelerate their transition from Intel to ARM and it is likely they will finish their transition in 2021 a year ahead of schedule. Apple has proven the ARM processor is fully capable of competing in the laptop and desktop markets and expect other manufacturers to produce similar products running the ARM version of Windows which Microsoft will put more effort into as it gains market share. Similarly, the Apple M1 brought down a high bandwidth memory bus from the expensive server market into the mainstream. Expect to see better memory buses and technologies starting to appear in the consumer market. RISC-V will still struggle for relevance unless they can produce a Raspberry Pi board with similar performance for a similar price.
Self Driving Cars
There are dozens of companies working on self-driving cars. Honda plans to release a level 3 autonomous car by summer that will allow the driver to take their eyes off the road in a number of conditions. Already we are seeing self-driving taxis in some Asian cities. Expect to see more autonomous trucks driving the highways in the US. Expect the driver assist features in regular cars to be far more advanced this year going beyond simple lane control on highways.
We won’t see mainstream flying cars or jetpacks, these will remain dangerous toys, but expect cars to drive themselves more and more and suddenly we’ll wonder why we didn’t let cars always drive themselves.
Hackers and Virtual War
2020 is finishing with a major attack by a Russian state sponsored hacking group on the US government, infrastructure and corporations. We blogged on the ransomware attack against our own Translink, which is just one of dozens of successful attacks on various companies. IT departments everywhere are now under constant attack from private freelance hacking groups like the Translink case, but worse they are now faced with well funded state backed attacks from foreign countries, especially Russia, China, Iran and North Korea. All the labs developing COVID vaccines have been attacked as other countries have tried to steal their secrets for their own vaccine development.
In 2021, this is only going to get worse. The COVID pandemic made most IT departments short staffed and this will continue. The US government hasn’t made any investments in strengthening cyber security as any attempts to do so are stalled in a deadlocked congress. Similarly, corporations have gone cheap on their defenses as they just see these as a cost that should be reduced to increase profits.
There have been no real penalties for carrying out these attacks and this failure of law enforcement is going to embolden others to jump in and try to profit.
In 2021 things are going to get worse before they get better. Companies and governments will start to respond. Hopefully, the US can get past the dysfunction of the past four years and start to show some leadership again. Sadly, so far governments have been more interested in weakening encryption standards and providing backdoors for law enforcement. These moves have made communications easier to hack. Keeping backdoors secret from hackers never works, they always figure them out. Making it so law enforcement can eavesdrop on drug dealers sounds good, but the reverse is that it allows criminals to eavesdrop on our banking transactions.
In many ways, warfare between nations has gone virtual. While the US continues to buy more planes and tanks, Russia and China are investing in cyberwarfare and so far they are winning.
Computers Get Faster and More Powerful
This is an easy prediction as it is always the case. Expect more RAM, bigger SSDs and faster CPUs. Towards the end of 2021, I would expect a standard mid-range laptop or desktop to have 32Gig DDR5 RAM, a 2TB SSD and a 10+ core CPU. Further it will be standard to have GPU functionality built into the CPU chip. You can buy such systems now, but they are quite high end, just expect that as prices come down, what used to be high end becomes mainstream. There is currently a RAM surplus so look for more inexpensive RAM and SSD for this spring.
Summary
These are a few of the technology trends to watch in 2021. Of course AI will continue to improve, but only look for incremental improvements. The Raspberry Pi will go fully 64-bit, but don’t look for a new RP 5 until 2022. Will there be something unexpected? Probably. As always participating in the technology world is exciting.
2020’s Best New Technologies
Introduction
2020 has been a terrible year for nearly everyone due to COVID-19. People have been locked down, getting sick and losing their jobs and businesses. However, if you strip away all the COVID bad news, I think it has been quite a good year in the technology industry. Tech has the advantage that most people can work from home and in isolation. The tech industry was already set up for a mobile workforce and was able to keep its R&D going through the pandemic. Similarly as people have been locked down, they have been buying tech products like mad, including new laptops, phones, gaming equipment and all sorts of high-tech gadgets.
In this article I’m going to quickly look at a number of notable technological achievements from the last year. Many of these were years in the making, but we saw the first real results this past year.
mRNA Vaccines
Traditional vaccines inject you with weakened or inactivated germs to stimulate an immune response that will ready your body to instantly attract the real viruses or bacteria if they appear, preventing you developing the full disease. Messenger RNA (mRNA) vaccines train your body to produce parts of the germ and then that triggers the same sort of immune response.
Your body produces proteins from our DNA, by using a segment of DNA to produce a matching piece of mRNA, then your cells have mechanisms (ribosomes) to use this mRNA to produce proteins. This vaccine technique has been many years in the development and builds on years of genetic engineering research. We were able to quickly sequence the COVID-19 DNA, find the part that produces the distinctive spiky part on the surface of COVID-19 and then create an industrial scale process to manufacture a matching mRNA sequence for the spiky bit.
The ability to produce a vaccine within a year of a new virus appearing is a huge technological breakthrough.
A Shakeup in the CPU Market
Every year we have new CPUs being released that are faster and more powerful than last year’s. What is notable this year is that Intel is stuck as they are having trouble moving to their new technology generation and the delays have allowed others to move ahead. AMD released a series of new CPUs that are faster and more powerful than Intel CPUs, notably the AMD 5900X. Now all of a sudden AMD is leading and commanding higher prices for their CPUs while Intel is having to offer steep discounts to keep sales going.
Meanwhile, the fierce competition in the cell phone market has spawned incredibly powerful ARM based CPUs. This year we saw these cross over to traditional laptops with Apple releasing their M1 chip powering a number of new Macintosh computers. These are notable for being as fast as all but the most expensive Intel or AMD CPUs, but using one tenth the power. Could this be the start of the end for the Intel instruction set? Even AMD is considering producing an ARM based CPU to compete.
A New Generation of Graphics Cards
Every year we see faster and more powerful graphics cards. As a result video games are becoming even more realistic with higher levels of detail. This year we saw major leaps ahead as both nVidia and AMD released the first cards in their next generation architectures. The nVidia Ampere architecture as contained in their RTX 30x graphics cards are amazing in the amount of processing power they contain. Not to be left behind, AMD released their RDNA 2 architecture and released their Radeon RX 68x graphics cards. All these cards are in extremely high demand and sold out instantly on release.
These days, GPUs are used for more than games and graphics. They are also ideal for AI processing and often the more powerful the graphics card, the more powerful the machine learning applications a computer can run. The nVidia cards are especially good at running these machine learning algorithms along with other highly parallel numerical computations.
Great New Games
With people staying home, there have been a great number of new games released. The most notable for me is the new Microsoft Flight Simulator where you can fly anywhere in the world, land and take off at any airport as well as having realistic simulations of weather, flight and controls. For pure fun, I enjoy Doom Eternal which takes Doom’s goryness to the next level.
There are now several services vying to be the Netflix of gaming, such as XBox Game Pass and these are a great way to play lots of games. Especially since games are often 100gig big these days and quickly fill up your SSD. As new versions of games are released, often the publisher first makes the older version available for free as a promotion, it was fun to play Borderlands 2 and GTA V for free for instance. CyberPunk 2077 is the current talk of the town, but I haven’t tried it yet.
The Privatization of Space
2020 marks the first year that a private enterprise based rocket took crew up to the ISS. Elon Musk’s SpaceX had a good 2020, in spite of their recent catastrophic landing. The US can now visit the ISS without relying on the Russian space agency. Several other billionaires aren’t far behind and we could soon see lots of private companies sending people up into space. I think we are a long way away from returning to the moon and Musk’s talk of visiting Mars soon is a good motivational stretch goal for his employees, but not happening soon.
Still I see the first private company to send people to the ISS as a major accomplishment and expect to see quite a few people up in orbit shortly.
Summary
This article is just a small selection of all the technological accomplishments of 2020. I feel it has been a good year for tech, even though it has really sucked for so many others. A lot of these technologies are foundational and we’ll see the real benefits of the coming years. Looking forward to an even better 2021.
BC Transit’s Ransomware Attack
Introduction
This past week it was revealed that BC Transit was the victim of a ransomware attack. People on their way to work showed up at transit and found they couldn’t pay by credit or debit card, transit was only accepting cash. This was a big problem, since during the pandemic we are told not to use cash, and most people didn’t have what was required on them. There were further disruptions caused by the failure of Transit’s other backend computer systems. Service is mostly restored today and they are taking credit and debit cards again, but their computer systems are not fully restored and Transit’s IT workers are madly working behind the scenes trying to restore their various systems.
A ransomware attack is where hackers infiltrate a computer system and then encrypt all the data, so the victim can’t access it. They then threaten to delete or make public all this data if the victim doesn’t pay a ransom. In this article we’ll look at how this happened, some details of how these attacks go and what can be done about them.
BC Transit Was Warned This Would Happen
BC Transit wasn’t the first transit authority to be attacked and there was a big article in Mass Transit News here, which detailed an attack on Fort Worth’s Transit system and warned all other Transit authorities to be extra vigilant. Besides hackers targeting transit authorities in the past few months, ransomware has been an ongoing problem in many enterprises, the big ones making the news have been hospitals having to shut down during the pandemic.
BC Transit’s IT people should have reiterated to staff about precautions to take as well as hardened their security systems.
How Do These Attacks Happen?
Theoretically, Transit should have secure IT systems and their staff should be trained in general best practice security awareness. How did hackers break into Transits systems to encrypt and steal all their data? BC Transit says they are conducting an internal investigation, and not giving any details, but we can see from past cases how this usually works. The hackers figure out the work emails of as many BC Transit employees as they can and then send them phishing emails. These emails either contain an attached Microsoft Office document or spreadsheet or a link to one that will download from the web. This MS document then contains malicious macros that will take over control of the employee’s computer. Most basic security systems won’t allow receiving an EXE file, but MS Office macros are sufficiently powerful to do the job. Another approach is to look for weak passwords used by employees and exploit that most companies have to allow remote access in these days of COVID-19 and allow remote login for users working at home.A third approach is to phone employees pretending to be the IT department and to trick them into either revealing their password or changing their password to something simple.
Once the hackers have access to this one computer, they take it over and use it as a staging ground to attack the corporate network. A typical employee shouldn’t have much access to the network, but the hackers will search for things that are misconfigured or running something with known security vulnerabilities. The original ransomware attacks were automated and just infected the one computer, these new attacks are directed by real hackers who personally login to these systems and do everything they can to compromise the systems.
At BC Transit, the hackers got full access to the corporate network, encrypted and downloaded all BC Transit’s corporate data and had every printer at BC Transit continuously print out their ransom demands.
Recovering from these attacks is difficult because the real hackers are still in the system and actively working against the IT staff. As the IT staff fix something, the hackers undo it. Basically the IT staff have to disconnect all their systems from the outside world while they clean and restore the systems. Even then it can be hard to find and remove all the hidden hooks, backdoors and programs that the hackers have hidden around their network.
BC Transit has stated that they will not pay the ransom, which is good as paying the ransom will encourage the hackers to keep doing what they are doing. It is rumoured that the ransom is several million dollars. BC Transit claims their system doesn’t contain any customer payment data as these are processed by a secure third party payment processor. However this could be dangerous for employees where these systems may contain all their payroll and other personal information which could be used for identity theft and other malicious purposes. Usually if you do pay the ransom, the hackers will give you the decryption key so you can access your data again; however, there have been many cases where the data later appeared for sale on the darknet, so expect your data to be public regardless.
How Can You Protect Yourself?
Here are a number of things corporations can do to protect themselves against these sort of attacks:
- Don’t use Microsoft Office or Internet Explorer. Use an alternative such as Google Chrome and Google Docs and Sheets. So many of these attacks are caused by malware embedded in Microsoft Office files that a good case could be made to replace these.
- If you do use Microsoft Office, use group policy to disable macros and any other active content across your whole organization.
- Do not let employees connect to your network from a home computer, only from a work computer where group policy has severely restricted what the user is allowed to do. Further the computer will always use VPN for all internet access. Tightly restrict the computer to only allow what they need to do their job.
- Train and reinforce over and over not to reveal their password over the phone or to change their password when instructed over the phone. Plus implement some sort of two factor authentication technology to reduce the risk, even if the passwords are known.
- Isolate your servers. Do not have all your servers interconnected and allow everything to access everything else. For instance, put the ERP system on a completely separate domain and don’t let the domains trust each other. Having multiple networks is a pain, but it will limit the damage when part is compromised.
- Follow all best practice security measures and ensure all updates are installed right away and forced on all your uses. Keep regular backups of everything, and make sure you practice restoring them. There have been many cases of companies who failed to restore from backup because they never tested this.
- Pay attention to what is happening to other companies. BC Transit should have been prepared for this.
Summary
Security is hard. Hackers are smart and resourceful. However, the IT staff at an enterprise as large as BC Transit should be capable of preventing this sort of attack and should be capable of restoring quickly from an attack if it happens. Hopefully, BC Transit and other BC crown corporations learn from this experience and prevent a worse attack happening in the future, especially to something like our hospital systems.
Stephen Smith's Blog 