The Market Ticker
Commentary on The Capital Markets
2017-06-27 13:21 by Karl Denninger
in Technology , 133 references
[Comments enabled]  

We have yet another "ransomware" game going on globally.

Let me point out that this is driven by idiocy in corporate America.

Ransomware attacks only work because the computers in question are not properly backed up, they do not have a decent plan to keep data safe, they are interlinked including the ability for data to be corrupted "on storage" (such as "in the cloud") and the entire bubble economy in tech is based on more, not less, of this.

Run your "backups" to the cloud?  That's nice -- how fast is your connection and their throughput if you have to restore every machine in the office?  Will it take hours, days or weeks?

That assumes it works too.  When was the last time you verified that?

I know the answer for myself: I verified that my backup system worked this week.  How?  I ran a restore to my laptop.  It took 20 minutes from a cold start off a USB key to being back where it was on a "new" disk.  I didn't do this "in extremis", I did it as part of my regular prove-up that the infrastructure I constructed still works.

That's what competent IT departments do.

Further, I have multiple backup versions available, so if I have to go back to an earlier copy due to some sort of infection I can.  I can also go back to just before the bad thing happened, copy off any changes somewhere else, then restore the earlier one if I have reason to suspect there's a latent problem and then layer over that.

On my servers I can literally go back to a snapshot taken a few hours ago, a few days ago, or a few months ago at any time within seconds.  A full restore of those systems takes quite a bit longer just due to the size of the data store involved but provided the hardware is ok I can revert on a snapshot basis in seconds, making a corrupt file or even entire corrupt filesystem a minor, no-big-deal annoyance.

If you have me install infrastructure in your office I can put that same capability on your network.  Now a "ransomware" attack means nearly nothing other than a (moderately severe) annoyance since once we determine in which hour and which day it hit I can simply revert the snapshot to the one prior to that time and your files are all back to where they were before they got encrypted.  Then we restore the system in question from load media and you're back in business inside of 20 minutes.  Yes, the file you were editing at that moment in time is destroyed, but everything else is fine. We then talk about the recommendation to ****can the idiot who was downloading porno or whatever on his work computer and got infected by doing so, and yes, I can usually figure out who it was.

If your enterprise cannot do this then your IT people have traded off your corporate data security for some ****headed "buzzword" like "cloud."

For this they should be stuffed in the career wood chipper -- feet first -- and if your firm is publicly traded it should be a zero as should those public companies that have advanced and promoted such stupidity.

How many times does this have to happen before the stupid stops?

Apparently the answer is "at least once more."

View this entry with comments (opens new window)
 

2017-06-27 09:05 by Karl Denninger
in Musings , 249 references
[Comments enabled]  

Just..... read it.

Oh, and watch the video.

Damn, there are days...... (good days.)

Today is one of them.

View this entry with comments (opens new window)
 

2017-06-27 07:00 by Karl Denninger
in Market Musings , 159 references
[Comments enabled]  

You know you're in a bubble when...... smiley

Seriously folks, true "automatic" cars are five, ten, maybe 20 years off.

The issue isn't so much processing power, it's visualization and the speed with which rules systems must operate.  This is where the so-called "machine learning" reality hits the asphalt, so to speak.

Over a relatively short (~40 hours in most states) period of time behind the wheel and operating the controls a human acquires enough ability to process their environment and interaction with the controls of a vehicle to be considered "minimally competent" to safely operate said thing.  We then call them "licensed" (which is bull****, by the way; if travel is a  right then so is the use of machines common to the day for that purpose whether they be carriages or cars.)

So-called machine learning (ha!) has ingested millions of miles of vehicle operation via their various "sensor systems" and yet are incapable of fully autonomous operation.  Simply put a machine is not capable of synthesizing "out of scope" of whatever it started with and the parameters it began with.

As I have repeatedly noted so-called "artificial intelligence" is no such thing in reality.  I challenge anyone to show me just one instance of "out-of-scope" (that is, demonstrating true synthesis and thought) output from a so-called "learning machine."

Given enough data and a fast enough sieve you can probably produce a vehicle that is materially safer than humans -- 99% of the time.  The other 1% they can probably pull off the road and stop, so you wind up with a "five nines" reliability -- in other words, materially better than we have with people, and definitely "good enough."

However, this isn't going to happen tomorrow.  Or next year.  Or three years hence.

20 years hence, sure.  Will the first units be (well) before then?  Yes, but they'll be $200,000 devices, and nobody will be able to afford them.  This makes them engineering curiosity pieces and it won't be until the price comes down by a factor of 100 that you'll see them in what were formerly "rental" fleets.

Do I look forward to "hailing" what amounts to a robot cab, or renting one that I can get in the back of with a full bottle of scotch and drink it while it takes me "wherever"?  Yeah, that sounds kinda nice.  But until that vehicle is $20,000 it will not find mass acceptance nor does it work for "fleets" and that means the machine's cost has to be in the hundreds of dollars including sensors, not tens of thousands.

In other words you have to be able to buy the computer for $100 and the sensors for $500 -- and we're a hell of a long way from there.  Like a factor of 100 away.

Yes, it will happen.  Look at computer hardware from the 1990s to today.  But we're talking about the same sort of time and expansion of capability-for-dollar-spent before it happens, and anyone who thinks that these companies entering into "deals" today will mean anything 20 years from now has rocks in their head.

Or helium in their "investment" thesis.......

View this entry with comments (opens new window)
 

2017-06-26 14:03 by Karl Denninger
in Technology , 272 references
[Comments enabled]  

If you do and you have not verified that your vendor has patched this through a BIOS microcode update (you would have had to load said update) go into the BIOS and turn off hyperthreading immediately.

Yes, this will cost you some performance.

If you don't you are running a small but real risk of likely random but possibly malicious data corruption/destruction.

The problem will only occur under certain heavy-load situations but you cannot predict those and if you get bit by it the results are undefined -- which means possible random data destruction that then gets written to your disk(s).

I'm unaware of a realistic means of using this to break into your machine but crafting a malicious executable that attempts to run the instructions that cause the problem in a tight loop would not be all that difficult and the possible consequences include a system crash or, much worse, silent corruption of data that winds up being written back to disk.

This is not a joke folks -- it's a serious microcode bug, arguably far more serious than the infamous Pentium "floating point" problem in that it can impact anyone, at any time, in any workload whenever the CPU gets busy.  In addition since it cannot be accurately predicted or mitigated by user code (e.g. an operating system, etc) there is no fix other than to shut off the hyperthreading capability until your system vendor provides a microcode fix.

You've been warned.

BTW, these are the latest two revisions of Intel chips so if you have a new(ish) machine you are probably at risk.

View this entry with comments (opens new window)
 

2017-06-26 09:39 by Karl Denninger
in Corruption , 407 references
[Comments enabled]  

You'll have to look to find it, and the articles are behind paywalls.

They're not being trumpeted all over financial media -- but they should be.

What article?  That Unilever is threatening to pull online ad campaigns stating that they believe half or more of the "clicks" are fraud. It was in the UK media -- quietly -- this weekend.

In other words, robots click them -- not humans, who actually watch the ads.

This story ought to be front-page news.  It's not, and the financial media will not cover it the way it should.

Here's why it should be:

1. This is not new.  These issues have been known and talked about for more than a year.  It was news last year, and then it quietly "went away."  Gee, you don't think Zuckerpig laid into the financial media, do you?  Naw, nobody would ever to do that when if their little ad game blew up in their face the stock price of Facepig would be zero.  Consider that if half of the online advertising revenue is false then the actual value of said platforms is nil since their cost of operation exceeds the true human-generated revenue.  That makes all of these so-called "businesses" worthless.

2. Nobody has an incentive on a platform like Facebook, where posters do not get a cut of the revenue, to stick an army of robots out there and click the ads, except for Facebook itself.  This is decidedly not true for Google's "Adsense" platform of course, or Youtubes, or whoever else where publishers get a piece of pie.  There, if your traffic is high enough, there's an economic incentive to cheat.  For someone like me it's not because the amount of money involved is too small, but for someone with a site that's garnering tens or hundreds of thousands a month in payouts you can easily cover the cost of a robot or three (hundred) to generate some false traffic.

The problem of course is that there aren't that many people with a big enough take to be worth employing robots, other than those who deliberately set up sites to do this and have no organic traffic at all.  Those people ought to be easily identified and shut down within days, making such a strategy worthless since you won't get paid, if the sites in question cared to do so.

The problem is that all the incentives run the wrong way for the so-called "online advertising industry", unless they get caught and all of their businesses are destroyed.  Otherwise the incentive is to cheat or at least look the other way on purpose while others cheat especially if, as is being alleged and has been alleged for over a year the "cheats" are half or more of all of the clicks.

In that case the incentive to cheat is not just clear it's an imperative because without the "false" clicks none of these firms have a viable business at all, except for possibly Google, and even Google is selling at 3x any sort of rational valuation.

The others, if there's any truth to this, are literal zeros.

ALL OF THEM.

Ask your friends -- how many "real" ads do they view and click on any of these sites?  Can you find one person among your friends who actually does so and finds value in these ads?  Tell me folks -- isn't it true that essentially all of the ads you see are for things you already bought and thus don't need again?

"Machine learning" my ass.

You know what the truth is, but by God the "industry" and media will do their level damndest best to hide it, especially given the bubble valuations of everyone in this "business."

Before you say "oh, you can't be right about this; it would never go on that long" let me remind you about the late 1990s.  In 1997 multiple "DSL" providers were leasing "dry loops" from the telcos, putting in DSLAMs, and pulling backhauls from there to enable DSL to companies and homes.  Every single one of them wanted to "partner" with us, of course, with my company getting a cut of the revenue and providing the Internet service.  They all came in and made their pitches and I threw every one of them out after examining the numbers.  Why?  Because every single one of them had no prayer in Hell of ever making a profit and when they blew up it was going to blow back on my company since the customer would associate their loss of service with us, not them.  Every one of them, a few years later, blew up.  Every. Single. One.  It was instantly obvious on any sort of analysis of their businesses and cash flow that it was impossible for them to make a profit.  Yet not one was called out in the financial media or anywhere else and all were "strong buys" in the stock market.

And gee, look at the "online ad revenue based" stocks this morning -- all up, as is the market.  Isn't that fancy..... I wonder how they'd be doing this morning if CentralNevertruthBullCrap was to run a quick pencil-and-whiteboard analysis on the fact that if you cancel half the ad revenue all these so-called "ad revenue driven businesses" have negative operating cash flow and thus are zeros?

View this entry with comments (opens new window)
 

Main Navigation
MUST-READ Selection:
A One-Sentence Bill To Force The Health-Care Issue

Full-Text Search & Archives
Archive Access

Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions.

NO MATERIAL HERE CONSTITUTES "INVESTMENT ADVICE" NOR IS IT A RECOMMENDATION TO BUY OR SELL ANY FINANCIAL INSTRUMENT, INCLUDING BUT NOT LIMITED TO STOCKS, OPTIONS, BONDS OR FUTURES.

The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.

Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be sent unmodified to lawmakers via print or electronic means or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media, to republish full articles, or for any commercial use (which includes any site where advertising is displayed.)

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.