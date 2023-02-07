This month’s news seems to have been derailed by the three-ring circus: Musk and Twitter, Musk and Tesla, and SBF and FTX. That said, there are a lot of important things happening. We usually don’t say much about computing hardware, but RISC-V is gathering steam. I’m excited by Ion Stoica’s vision of “sky computing,” which is cloud-independent. A similar but even more radical project is Petals, which is a system for running the BLOOM large language model across a large number of volunteer hosts: cloud-free cloud computing, which the authors liken to Bittorrent. There’s been a lot of talk about decentralization; this is the real thing. That model for large-scale computation is more interesting, at least to me, than the ability to run one specific language model.

Artificial Intelligence

Data

How do you use the third dimension in visualization? Jeffrey Heer (one of the creators of D3) and colleagues are writing about “cinematic visualization.”

SkyPilot is an open source platform for running data science jobs on any cloud: it is cloud-independent, and a key part of Ion Stoica’s vision of “sky computing” (provider-independent cloud computing).

Security

An annotated field guide to detecting phishing attacks might help users to detect phishes before they do damage. According to one study from 2020, most cyber attacks begin with a phish.

Docker security scanning tools inspect Docker images for vulnerabilities and other issues. They could become an important part of software supply chain security.

Browser-in-browser phishing attacks are becoming more common, and are difficult to detect. In these attacks, a web site pops up a replica of a single sign-on window from Google, Facebook, or some other SSO provider to capture the user’s login credentials.

We’re again seeing an increase in advertisements delivering malware or attracting unwary users to web sites that install malware. Ad blockers provide some protection.

Amazon has announced that AWS automatically encrypts all new objects stored in S3. Encrypted by default is a big step forward in cloud data security.

The Python Package Index (PyPI) continues to suffer from attacks that cause users to install packages infected with malware. Most notably, the PyTorch nightly build was linked to a version that would steal system information. Software supply chain problems continue to plague us.

Messaging provider Slack and continuous integration provider CircleCI were both victims of attacks and thefts of software and data. The companies haven’t been forthcoming with details, but it seems likely that CircleCI has lost all customer secrets.

Programming

Chips and Chip Design

A new generation of processors could use vibration to generate a flow of air through the chip, providing cooling without the need for fans. The developers are collaborating with Intel and targeting high-end laptops.

Google wants RISC-V to become a “tier-1” chip architecture for Android phones, giving it the same status as ARM. There is already a riscv64 branch in the source repository, though it’s far from a finished product.

Ripes is a visual computer architecture simulator for the RISC-V. You can watch your code execute (slowly). It’s primarily a tool for teaching, but it’s fun to play with.

Things

Boston Dynamics’ humanoid robot Atlas now has the ability to grab and toss things (including awkward and heavy objects). This is a big step towards a robot that can do industrial or construction work.

Matter, a standard for smart home connectivity, appears to be gaining momentum. Among other things, it allows devices to interact with a common controller, rather than an app (and possibly a hub) for each device.

Science fiction alert: Researchers have created a tractor beam! While it’s very limited, it is capable of pulling specially constructed macroscopic objects.

A new catalyst has enabled a specialized solar cell to achieve 9% efficiency in generating hydrogen from water. This is a factor of 10 better than other methods, and approaches the efficiency needed to make “green hydrogen” commercially viable.

Web

A not-so private metaverse: Someone has built a “private metaverse” (hosted on a server somewhere for about $12/month) to display his art and to demonstrate that a metaverse can be open, and doesn’t have to be subject to land-grabs and rent-taking by large corporations.

Twitter has cut off API access for third party apps. This was a big mistake the first time (a decade ago); it’s an even bigger mistake now.

GoatCounter is an alternative to Google Analytics. It provides “privacy-friendly” web analytics. It can be self-hosted, or used as a service (free to non-commercial users).

Google is developing a free tool that websites can use to detect and remove material associated with terrorism, as an aid to help moderators.

Biology

Where do we go next with mRNA vaccines? Flu, Zika, HIV, cancer treatments? The vaccines are relatively easy to design and to manufacture.