Month: October 2016

WebAssembly

Today we’re happy to announce, in tandem with Firefox and Edge, a WebAssembly Browser Preview. WebAssembly or wasm is a new runtime and compilation target for the web, designed by collaborators from Google, Mozilla, Microsoft, Apple, and the W3C WebAssembly Community Group.

2018-08-16: WebAssembly Attacks

WebAssembly is a format that allows code written in assembly-like instructions to be run from JavaScript. It has recently been implemented in all 4 major browsers. We reviewed each browser’s WebAssembly implementation and found 3 vulnerabilities. This blog post gives an overview of the features and attack surface of WebAssembly, as well as the vulnerabilities we found.

2023-01-19: While I still think node.js is a dumb joke, this makes a good point for using wasm instead of containers

The following are a few of the reasons WASM is worth keeping an eye on.

  1. It’s Getting Faster
    Speed is a feature, and those behind the WASM specification have been hard at work. A little over 3 years ago we spoke to some of the core dev team, and their estimation was that WASM came with approximately a 20% performance hit versus native code. They speculated that within 2 years that difference could be erased, or at least made negligible enough to not matter. Today, depending on platform and workload, that has proven to be the case; one provider even claimed recently to run faster within WASM than natively. The performance limitations, therefore, that have held WASM back in the past are largely subsiding, making it viable for more and more workloads.
  2. It’s Quick
    If WASM has been compelled to work on its overall performance, there’s no such need with respect to its latency. Even from cold start situations, WASM’s latency is measured in milliseconds, not actual seconds as is typical with other application platforms from containers to function-as-a-service providers. This makes it highly suitable for workloads that are latency-sensitive, which is more and more workloads – and certainly the event-based workloads that are becoming more common within the enterprise.
  3. It’s (Relatively) Secure
    Granting that no software is immune to vulnerabilities, WASM is nevertheless distinguished in this area. Designed from day one to be secure enough to run executables within the context of an individual’s browser, it is based on sandbox principles, with no access to or from the outside by definition. At a minimum, the historical priority placed on security has been higher than other platforms, a fact likely to be appreciated by security-sensitive enterprise buyers.
  4. It’s Lightweight
    Relative to something like V8 isolates, WASM executables are sizable. But just as containers were much lighter weight than the virtual machines they supplanted, so too is WASM dramatically lighter weight than containers. This means that, properly orchestrated (a subject we’ll come back to), WASM deployments can be fantastically dense relative to their container based peers; one provider reports 20X-30X more WASM sandboxes than Kubernetes containers, for example, on a given piece of hardware. Similarly, Cloudflare has talked about their usage of Isolates to achieve the same goal.

    This density is, in part, why the popular assertion that a growth in WASM deployments will enable something of a renaissance of PaaS platforms seems correct. The unit economics of running platforms – potentially more safely – at dramatically higher densities than container-based alternatives make WASM-based PaaS platforms more viable not only technically but economically as well. Both in terms of their overall end user pricing, but also potentially making free or lower cost tiers possible that have previously been deemed cost prohibitive by vendors such as Heroku.

  5. The Language Support is Improving
    For enterprises used to working with container-based platforms, or virtual machines before that, language limitations are non-existent. Whatever the language and runtime, a given application is wrapped in a container and then run on platforms like Kubernetes alongside hundreds or thousands of other workloads, covering a multitude of languages. But as Fermyon’s language support page indicates, WASM’s support for various programming languages varies, and widely. But this is unlikely to be a fatal flaw for WASM-based providers. First, because the support for new languages is improving, and at an accelerating pace as more attention is focused on the technology. Second, because the set of core languages supported already (C/C++. C#, Go, Kotlin, Rust, Swift etc) cover a large number of potential workloads. And lastly because abstract models like PaaS have always imposed such constraints, and if anything that’s likely to become more common rather than less as more and more abstract models emerge.

Chromatin Loops

“It’s quite spectacular that the structure of an entire chromosome would rely on a small DNA sequence somewhere in the middle”. Scientists have long suspected that abnormal genome folding may cause diseases, and several new studies have identified links between genome architecture and biological development. A rearrangement of DNA in a noncoding region of the genome causes limb malformations during development by changing chromatin folding. Other researchers are using CRISPR to investigate whether changes to genome architecture affects the ability of parasites like Trypanosoma, the cause of African sleeping sickness, to evade the immune system. It’s becoming apparent that in the genome, “nothing makes sense except in 3D.”

Trump Bunker

The final ignominy for a Republican Party brought low by Trump is that its own digital efforts may undermine its future. The data operation in which Priebus and the RNC invested so heavily has fed into Project Alamo, helping Parscale build Trump’s base. “They brought to the table this movement and people who were willing to donate and activate, and we brought to the table a 4-year investment and said we can process that for you. That willingness to embrace what the RNC built allowed them to harness that movement.” If the election results cause the party to fracture, Trump will be better positioned than the RNC to reach this mass of voters because he’ll own the list himself—and Priebus, after all he’s endured, will become just the latest to invest with Trump and wind up poorer for the experience.

Bit-Flipping Attacks

An app containing the researchers’ rooting exploit requires no user permissions and doesn’t rely on any vulnerability in Android to work. Instead, their attack exploits a hardware vulnerability, using a Rowhammer exploit that alters crucial bits of data in a way that completely roots name brand Android devices from LG, Motorola, Samsung, OnePlus, and possibly other manufacturers.

30 days to Mars

ProjectRho has round trip space mission times based on 3 types of rocket missions and 3 levels of constant acceleration. Constant acceleration could be achieved with an antimatter catalyzed fusion propulsion system like Positron Dynamics is developing

15 days 1 way to Mars with a constant 0.01 G acceleration and deceleration.
6 days 1 way to Mars with a constant 0.1G acceleration and deceleration.
2 days 1 way to Mars with a constant 1G acceleration and deceleration.


2022-02-19: It is also possible to get to Mars in 45 with Laser Thermal Propulsion: A Earth-based Laser heats up onboard propellant. This has very promising characteristics:

For lower velocity missions within the solar system, coupling the laser to the spacecraft via a reaction mass (i.e., propellant) is a more efficient way to use the delivered power than reflecting it off a lightsail. Reflecting light only transfers a tiny bit of the photon’s energy to the spacecraft, but absorbing the photon’s energy and putting it into a reaction mass results in greater energy transfer. The greater power that can be delivered results in greater thrust, so a more intense propulsive maneuver can be performed nearer to Earth. The closer to Earth the propulsive burn is, the smaller the laser array needs to be in order to keep the beam focused on the spacecraft, making it more feasible as a near-term demonstration of directed energy propulsion. The scaled-up version of our design (Mission Mars 2a) intended for crewed missions used a 40-ton spacecraft derived from the Orion capsule and European Service Module. The greater payload requires a more powerful (4 GW) laser to effectuate the same 45-day transit to Mars, but the laser array occupies the same 10-m footprint on earth.
The other mission we considered was a cargo mission (Mission Mars 2b). Robert Zubrin often makes the point that—even if advanced propulsion capable of high thrust and high specific impulse was available—he would still opt for a 6-month free-return trajectory and use the enhanced propulsion capability to bring more payload. So, the Mars 2b mission uses the performance of laser thermal propulsion to maximize the amount of cargo that could be brought to Mars with a Hohmann-like transfer, and shows that the payload could be increased by a 10x over what a Centaur upper stage—with the same mass of propellant—could throw to Mars.

40 shipwrecks

The Black Sea Maritime Archaeology Project wasn’t looking for shipwrecks. Its brief is to survey the Bulgarian coast of the Black Sea for data about the rise water levels after the last Ice Age 20 ka ago. To accomplish this aim, marine archaeologists have been scanning the seabed using cutting edge Remotely Operated Vehicles that can detect land surfaces underneath what is now the Black Sea but in prehistory were on dry land. They’ve also taken core samples, laser scanned and filmed the sea bed both in video and with high resolution 3D photogrammetry. A felicitous but entirely unplanned side-effect of this exceptionally thorough geophysical survey is the discovery of more than 40 historic shipwrecks, including ancient Byzantine, medieval and Ottoman ships. Some of them may even be the first of their kind ever found, previously known only from documentary sources. Such a large, varied group of shipwrecks from different periods will give archaeologists a whole new understanding of trade and maritime links between towns on the coast of the Black Sea.

this is unprecedented, and very awesome