King's Strong Speech Gives Polisario an Opportunity

 

 

Along with the Arab-Israeli conflict, the struggle between Morocco and the separatist Polisario Front over the southern half of Morocco's territory is one of the longest in the history of diplomacy. The United Nations has an office devoted to mediating the conflict and American, European and Arab diplomats have spent decades trying to find a solution.

So whenever someone in authority steps forward with a solution, it is worth paying attention. Is one of the modern world's oldest territorial disputes about to come to an end?

Morocco's King Mohammed VI has just given a surprising and strong speech that could be the key to peace in that ever-volatile corner of North Africa. His words were measured and powerful and established a framework for rethinking this thorny diplomatic conundrum.

In the southern region of Morocco -- which the Sahrawi separatists refer to as "Western Sahara -- the facts on the ground are changing. Billions of dollars in investment has poured in from the king and kingdom's coffers to build airports, marine ports, highways and public housing. The private sector has followed with hotels and offices and jobs. Dakhla, the southernmost major city in Morocco, has gone from being a small Spanish garrison town in 1975 to a bustling city and busy port today. Leaders in neighboring countries point to it as example.

Critics who say that Morocco is stealing the wealth of the southern peoples have got the math backwards. For every dirham that the south produces, seven more dirhams pour in from the north in trade, investment, subsidies and government spending.

The north is showering the south with money, the king said, out of sense of national solidarity. The king said: "The Sahara is not the only cause of the Saharawi [the people of the Sahara]. The Sahara is the business of all Moroccans." As a result of this solidarity philosophy, what was once one of the poorest parts of Morocco (and, indeed, one of the poorest parts of the world) is now equal or slightly ahead of the north on a per-capita income basis. That is quite an achievement in 40 years. While the separatists have built bombs and diplomatic roadblocks, Morocco has built a modern economy in the disputed lands.

The economic miracle could not have been performed by the south alone, but only the sacrifices of the north. The king made this point clearly. "And I say frankly: Moroccans have supported the development costs of the southern provinces. They gave out of their pockets, and levied on the livelihood of their children so that their southern brethren can live with dignity." the king said.

Calls for secession on the basis that the south was somehow economically abused run counter to reality.

The king, with perhaps his strongest words to date on the future of the south: "Morocco will remain in its Sahara, Sahara will remain in Morocco until the end of time."

Then the king announced a vision of devolution, designed to meet his critics more than halfway.He described a new legal framework to allow the southern provinces to be self-governing on local matters, much as individual states in the United States govern on local issues of law and order, education, highway construction and so on.

While the vision is clear and beautiful, the king did not want to dictate the details. Instead, he called for opening a "national dialogue and a responsible and serious debate on different ideas and possible designs in order to develop clear answers to all the questions and concerns of populations the region, and within the framework of national unity and territorial integrity of the country."

The king said he would be willing to negotiate with any party (including the United Nations, the separatists) and cited his meetings with separatist officials in Tindouf, Algeria, when he was crown prince. "I have no problem with that because I was negotiating with Moroccan citizens, and because it was a question of defending the rights of Morocco."

He offered only one precondition: "We must insist on the fact that Morocco's sovereignty over all its territory is immutable, inalienable and non-negotiable."

Short of dividing his country, the king is willing to consider any proposal. "The autonomy initiative is the maximum that Morocco has to offer as part of negotiations to find a definitive solution to this regional conflict."

He urged the American and European diplomats to lay aside certain tired misconceptions. The most common one is that Morocco is somehow a "colonial" power. Morocco reclaimed the lands from Spain, which was the colonial power. The southern region of Morocco has been recognized as part of the kingdom for many centuries. Indeed, that is why Spain returned it to Morocco and not some other nation.

Another misconception is that Morocco, a member state at the United Nations, is diplomatically equivalent to a separatist movement that is runs a one-party dictatorship on borrowed land in southern Algeria. Indeed, the lawlessness present in the separatist camps--drug-running, arms dealing, exploitation and denial of basic human rights outlined in the U.N. Charter--raises serious questions about the future that the Polisario Front offers to the people they seek to represent. This false equivalency simply slows down any negotiated peace and overlooks the other nation-state that must be brought to the table for peace to be made.

The final misconception, cited by the king, is explosive--but peace often requires the saying of hard truths. The king said that as long as Algeria fails to play its part, the conflict will continue.

Algiers may just shrug this off, as another olive branch to ignore. America's first African-American president famously likes to say that he has "a pen and a phone." He should phone Algiers and ask their leaders not to miss this opportunity for peace. Later he could use the pen to sign a peace treaty, much as President Carter did with the leaders of Israel and Egypt. Peace is worth taking another chance.

King's Strong Speech Gives Polisario an Opportunity |

Morocco Grabs Limelight as Companies Focus on Frontiers

 

Renault’s $1.2 billion investment in its factory in Morocco is prompting other multinational companies to look for opportunities in the North African country.

Agence France-Presse/Getty Images

Corporate sentiment toward frontier markets has improved noticeably over the past three months, according to the latest WSJ Frontiers/FSG Frontier Markets Sentiment Index. Based on a sample of around 200 multinational companies, the index, created exclusively for WSJ Frontiers by Washington-based consultancy Frontier Strategy Group, suggests companies are sharpening their focus on key frontier countries such as Kenya, Saudi Arabia and Morocco.

Africa continues to attract more attention than any other region, contributing five of the countries in the top 10, and 12 of the countries in the top 20. But the data demonstrated a noticeable increase in corporations’ interest in North Africa. In the previous survey, published in June this year there were nine sub-Saharan African countries among the top 20 and only two—Morocco and Algeria—from North Africa.

WSJ Frontiers Newsletter

• Enter your email to be notified when we launch the new WSJ Frontiers weekly email newsletter

The FM Sentiment Index is compiled from data gathered by FSG detailing which countries its multinational companies are watching for potential future investment. The data provide two key metrics: absolute sentiment, measured by the number of companies including a particular country on their watch lists, and the change in sentiment over the past quarter.

In the third-quarter survey, Tunisia joined its North African neighbors in the top tier and Morocco jumped from 12th to 6th. Morocco and Tunisia also saw the greatest positive change in sentiment as changing global dynamics encouraged firms to take a renewed interest in North Africa.

David Wickham, London-based director for global frontier and emerging markets at HSBC, attribute’s Morocco’s increasing popularity among corporations to its “relative political stability, its favorable legal environment for foreign investment, the availability of skilled workers with wages much lower than those in the European Union, and its close proximity to Europe.”

Mr. Wickham believes multinationals have also taken note of the fact that in 2012 auto manufacturer Renault invested $1.3 billion in 300-hectare car assembly plant in coastal city of Tangier.

According to Mamoune Bouhdoud, Morocco’s minister delegate for industry trade investment and the digital economy, the automotive sector is experiencing double-digit growth and represents one of the key elements of the country’s export mix. But, he says, the production of complete cars is just the “visible part of the iceberg. There is a whole range of SMEs working in this sector—suppliers for Renault in Tangier—and also huge exports of parts for factories in Europe.”

While Morocco’s proximity to Europe and its free-trade agreements with Europe and the U.S. are key factors in attracting foreign investment, Mr. Bouhdoud believes its relationship with Africa is an increasingly important factor. “Everyone believes Africa is the next area of growth,” he notes. “The problem is, there are a lot of countries in Africa and if you want to make your investment valuable you need to find a place where you can put your headquarters. You need to manage your risk. You need a strong country with great connectivity. Morocco could be this for foreign companies.”

Those foreign companies are clearly looking for opportunities in Africa. Sub-Saharan Africa has tightened its grip on the FM Sentiment index, with Nigeria retaining its leading role as the frontier-market country most corporations are watching, and Kenya leaping into second place from fifth in the previous survey.

Despite the fact that much of the news emerging from Africa over the past three months has been negative, says FSG’s global head of advisory and analytics, Matt Lasov, multinational corporations are staying the course in sub-Saharan Africa. “While the unprecedented and tragic outbreak of Ebola is affecting short-term headline growth rates, it is also temporarily changing the structure of affected economies, boosting certain sectors,” Mr. Lasov explains. “In Nigeria, for example, aviation, hospitality and tourism are suffering, but e-commerce has benefitted as more people shop online instead of in public markets.”

Two East African nations that traditionally have failed to attract much investor attention joined the top 10 this quarter. Tanzania, which has seen some huge discoveries of natural gas off its Indian Ocean coast, and Ethiopia, with its near-100 million population and stable government, are both attracting more attention from multinationals.

At the same time, sentiment toward Central and Eastern Europe (CEE) declined sharply as the region was hobbled both by the continuing torpor in Western Europe’s economy and the turmoil in Ukraine. Of the 68 countries included in the index, the three worst performers over the past three months are all in Central Europe. Croatia, which had seen a revival in corporate interest earlier this year, fell hardest with a 7.45 percentage point slump in the index, followed closely by Romania and Slovakia.

Multinationals showed less interest in 20 of the 68 countries in the index, of which 11 were in the CEE region. FSG’s Mr. Lasov believes companies are taking less notice of Central European countries because they’re small. “More multinationals are putting Central Europe and the Balkans into their own organizational structure, grouping the larger Russia/CIS division into a separately managed unit that gets more corporate attention. Central European markets are small, and well-penetrated across industries, reducing corporate attention there,” he adds.

Asia’s frontier markets saw some improvement in sentiment, with Bangladesh, Sri Lanka and Laos all finding a place among the 20 countries that saw the sharpest increase in attention. Pakistan, which experienced the greatest rise in attention in June’s results, attracted only slightly more interest from companies. Vietnam experienced only a modest increase in the number of companies tracking it but retained its status as the only Asian frontier market in the top 10.

Argentina and Venezuela are also still resolutely among the top 10 frontier countries that companies are focused on, but Mr. Lasov attributes that partly to the fact that many multinationals have substantial investments in the two troubled Latin American economies and are anxious to understand developments there.

WSJ Frontiers will be reviewing the FM Sentiment Index on a quarterly basis.

Write to Dan Keeler at dan.keeler@wsj.com.

Morocco Grabs Limelight as Companies Focus on Frontiers - Frontier Markets News - Emerging & Growth Markets - WSJ

Your iOS 8 Data is Not Beyond Law Enforcement’s Reach… Yet. | Jonathan Zdziarski's Domain

 

In a recent announcement, Apple stated that they no longer unlock iOS (8) devices for law enforcement.

“On devices running iOS 8, your personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, notes, and reminders is placed under the protection of your passcode. Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data. So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.”

This is a significantly pro-privacy (and courageous) posture Apple is taking with their devices, and while about seven years late, is more than welcome. In fact, I am very impressed with Apple’s latest efforts to beef up security all around, including iOS 8 and iCloud’s new 2FA. I believe Tim Cook to be genuine in his commitment to user privacy; perhaps I’m one of the few who can see just how gutsy this move with iOS 8 is.

It’s important to take a minute, however, to note that this does not mean that the police can’t get to your data. What Apple has done here is create for themselves plausible deniability in what they will do for law enforcement. If we take this statement at face value, what has likely happened in iOS 8 is that photos, messages, and other sensitive data, which was previously only encrypted with hardware-based keys, is now being encrypted with keys derived from a PIN or passcode. No doubt this does improve security for everyone, by marrying encryption to the PIN (something they ought to have been doing all along). While it’s technically possible to brute force a PIN code, that doesn’t mean it’s technically feasible, and thus lets Apple off the hook in terms of legal obligation. Add a complex passcode into the mix, and it gets even uglier, having to choose any of a number of dictionary style attacks to get into your encrypted data. By redesigning the file system in this fashion (if this is the case), Apple has afforded themselves the ability to say, “the phone’s data is encrypted with a PIN or passphrase, and so we’re not legally required to hack it for you guys, so go pound sand”. I am quite impressed, Mr. Cook! That took courage… but it does not mean that your data is beyond law enforcement’s reach.

In a recent blog post, I outlined a number of measures Apple took with iOS 8 to prevent many forensic artifacts from being dumped off of the device by existing commercial forensics tools. These services had completely bypassed the user’s backup encryption password, affording the consumer virtually no protection from the many law enforcement forensics tools that took advantage of these vulnerabilities. Apple closed off many of these services in iOS 8. This was a great start to better securing iOS 8, but not everything has been completely protected.

In addition to what’s been fixed, I also outlined some things that haven’t yet been. What’s left are services that iTunes (and Xcode) talk to in order to exchange information with third party applications, or access your media folder. Apple wants you to be able access your photos and other information from your desktop while the phone is locked – for ease of use. This, unfortunately, also opens up the capability for law enforcement to also use this mechanism to dump:

• Your camera reel, videos, and recordings
• Podcasts, Books, and other iTunes media
• All third party application data

Existing commercial forensics tools can still acquire these artifacts from your device, even running iOS 8. I have tested with my own private forensics tools, as well, and confirmed this. I dumped all of my third party application data (including caches, databases, screenshots, etc), as well as my camera reel and other media… all within a few minutes and from my locked iPhone running iOS 8 GM.

There is one big caveat though, but it’s not a big problem for law enforcement. This technique requires access to a trusted pairing record on a desktop / laptop machine that is paired with your phone, and as of iOS 8 requires physical access to the phone. What does this mean? This means that if your’e arrested, the police will seize both your iPhone and all desktop / laptop machines you own, and use files on the desktop to dump and access all of the above data on your iPhone. This can also be done at an airport, if you are detained.

How does it work? While your photos and messages might indeed now be encrypted with a key derived from your PIN, the pairing records stored on your desktop have a “backup copy” of your keybag keys (the escrow bag), which can be used to unlock the encryption on your phone – without a PIN. Again, this was added so that iTunes could talk to your phone while it is still locked.

Fortunately, there are some precautions you can take to ensure your privacy. One small trick is to shut down your iPhone whenever you go through airport security or customs. Why? Because Apple has included a kill switch that prevents your pairing records from being able to unlock your iPhone if it’s been shut down. The pairing record vulnerability only works if you’ve used your phone since it was last rebooted. Secondly, make sure you’re using strong encryption on your desktop / laptops, and make sure your computers are all shut down when not in use… especially when going through airport security. There are a number of forensics tools capable of dumping the memory (and therefore, encryption keys) of your encrypted disk if you’ve left your computer asleep or in hibernate mode. Shut it down.

While setting a backup password is critical to protecting the rest of your private data on an iPhone, it won’t help you here, because none of these interfaces honor the consumer’s backup password. Your data is not encrypted when dumped from these services. If you don’t lock your device with a PIN, of course, all of this data is at risk all of the time, so be sure to use a PIN too.

Apple could stand to greatly improve this by either requiring the user enter their backup password for iTunes to talk to it while the device is locked (and encrypt all of this with that password), or to simply offer the user the option (via iTunes) to prevent the iPhone from being accessible at all while locked. Many users would gladly check that box for improved security.

Apple has done a great job of breaking a number of law enforcement forensics tools and features with the release of iOS 8. Some existing features are still likely to work, however, and your third party application data and media folder are still potentially at risk from anyone with access to these commercial tools, or someone with the know-how to use open-source tools such as libimobiledevice.

On a philosophical note, some seem genuinely upset about Apple’s latest decision, arguing law enforcement is “entitled” to your data, in order to fight crime. The other side of the coin is this: should manufacturers be required to weaken the strength of their encryption (and the security of their products) just to make law enforcement forensics possible? Wouldn’t that amount to engineering back doors into all products? If you still feel this way, consider also that by improving the security of their products, Apple has improved it for everyone – CEOs, the President (who’s been seen using an iPad to receive daily briefings), congressmen, judges, our own military and many others. If you’re going to weaken security to make forensics possible, you’re also weakening it for everyone, opening the door for foreign governments and cyber criminals to attack all of us. For the sake of privacy and overall security, the only logical solution is to make products as secure as possible, and let good detective work do the crime solving, rather than an easy button.

Apple's iOS 7 is secure against hackers, but not law enforcement

 

 

Forensic scientist and author Jonathan Zdziarski has some mixed news for privacy advocates. Apple’s iOS 7 is “reasonably secure” from attack from a malicious hacker.

However, though the use of backdoor security mechanisms, Cupertino has “worked hard to ensure that it can access data on end-user devices on behalf of law enforcement,” according to Zdziarski.com (via MacRumors).

According to Zdziarski:

I am not suggesting some grand conspiracy; there are, however, some services running in iOS that shouldn’t be there, that were intentionally added by Apple as part of the firmware, and that bypass backup encryption while copying more of your personal data than ever should come off the phone for the average consumer. I think at the very least, this warrants an explanation and disclosure to the some 600 million customers out there running iOS devices. At the same time, this is NOT a zero day and NOT some widespread security emergency. My paranoia level is tweaked, but not going crazy. My hope is that Apple will correct the problem. Nothing less, nothing more. I want these services off my phone. They don’t belong there.

Zdziarski says that it is possible to limit access to these backdoor services — at least to block third-party forensic software. His solution will not protect the device contents if it is sent to Apple for analysis.

To do so, users should enable a complex passcode in iOS and use the enterprise Apple Configurator application to set Mobile Device Management (MDM) restrictions and enable Pair locking, which will delete all pairing records.

Last month, the United States Supreme Court ruled 9-0 that police need a warrant to search cell phones. Therefore, I don’t have a problem with Apple making it easier for law enforcement officials to check user devices — once they get a warrant to do so.

When it comes to net neutrality, either the FCC thinks we’re idiots, or it just doesn’t care

 

 

The proposed network neutrality rules the FCC is settling on don’t appear neutral at all. Here’s the conversation we should be having if the FCC really thinks our network policies need a rewrite.

 

With its latest plan to twist the concept of network neutrality into something that appears to be the opposite of neutral, the Federal Communications Commission has revealed that it believes the public can’t understand the issues — or that it is so in thrall of the companies it regulates that it doesn’t care what ordinary people think.

The FCC’s plans for implementing network neutrality came to light Wednesday in a Wall Street Journal article. The plans took the hallmark of network neutrality — the notion that ISP shouldn’t discriminate between the traffic flowing over their networks — and turned it on its head. Under the proposed framework for so-called net neutrality, the FCC does away with the concept of non discrimination and instead offers up a new standard designed to prohibit “commercially unreasonable” practices.

Is this the pay-to-play internet model?

Tom Wheeler, pictured standing to the right of the president.

Most net neutrality advocates have understood the FCC’s decision to mean that the agency will allow ISPs to charge content companies for better traffic flow provided it isn’t “commercially unreasonable.”

It’s important to note that the FCC Chairman Tom Wheeler came out a few hours after the Journal article (and others) appeared to respond that the media has his policy plans “flat out wrong.” The statement, offered below, neglects to address the crucial aspect of his proposed change: the idea that there’s room for any commercial practices in delivering a customer’s network packets.

Here’s Wheeler’s statement:

“There are reports that the FCC is gutting the Open Internet rule. They are flat out wrong. Tomorrow we will circulate to the Commission a new Open Internet proposal that will restore the concepts of net neutrality consistent with the court’s ruling in January. There is no ‘turnaround in policy.’ The same rules will apply to all Internet content. As with the original Open Internet rules, and consistent with the court’s decision, behavior that harms consumers or competition will not be permitted.”

Whether or not you think this is a good idea, inserting any sort of commercial relationship into delivering last mile web content –outside of what the end-consumer pays the ISP — is not network neutrality. So let’s stop calling it that.

Turning a technical argument into a commercial one

The FCC should man up and say exactly what it is doing here: It is implementing a double-sided market for the internet that could allow businesses to enter into commercial relationships with ISPs — who do not operate in a competitive market in the U.S. — for faster delivery of their content. And because capacity on broadband networks is limited, the flip side is that companies that don’t pay will see their content delivered more slowly.

Many will see this as a battle between the Netflix’s of the world and the smaller video providers who might not be able to pay. But this is actually about differentiating between different classes of content. For example, if you are a streaming video provider, those faster speeds will probably affect the user experience. You’ll need to pay up, because your competitors certainly will and eventually the best effort access isn’t going to cut it — especially as traffic on networks increase.

Photo by Thinkstock/wx-bradwang

However, if you are a backup company like Dropbox or Carbonite that can train users to send their files overnight, then you may not care about slower speeds. Because this is true: Not all web content is created equal. As we put more content online, many people knowledgeable about network infrastructure point out the ridiculousness of trying to build out an ever-expanding network that’s capable of handling Netflix traffic as if it were the same as a downloading software.

It’s like trying to build a highway that can handle Lamborghinis, Chevy Volts and bicycles all driving in the same lane. Instead, these network experts argue that we need to figure out how to divide the lanes of traffic while ensuring that all vehicles can travel on the road without discrimination. That’s actually a completely fair and legitimate debate to have, but I’m not sure that is the debate we’re going to be having if the FCC’s plans go through.

Where is the burden of proof in this standard?

That’s because instead of discussing the real challenges of managing the growing amount of traffic on the web that has different delivery requirements, the FCC is going to let the ISPs decide — not just how those lanes are divided, but also the rules that govern who can travel where and how much they should pay. It has said it will not allow blocking and that ISPs must be transparent, but this “commercially unreasonable” framework strikes me as putting the burden of proof on the consumer or injured party to complain to the FCC long after the horse has left the barn — or their packets have failed to reach the user.

I don’t think that’s the way this conversation should play out. The FCC and ISPs may argue that because the ISPs built the original roads (their underlying network infrastructure) that it is the ISP’s right to decide the rules of that road and how much people will pay to access it. But at some point since the FCC first declared that broadband was an information product and not subject to the common carrier rules at the heart of today’s network neutrality fight, broadband has become a utility for consumers and businesses.

The idea that we would let ISPs make decisions that could lead to ISPs setting commercial terms that would impose taxes on startups and existing companies all without ensuring any sort of lowered price for consumers or network upgrades from the ISPs, is ridiculous. Broadband networks are not a public utility, but they are the foundation for our economy.

And as such we owe it to all participants to have a real debate about how we’re going to deliver the exponential increase in network traffic over our private networks. That’s a debate that the FCC must referee, not after the damage has been done, but in advance. Instead of calling its efforts net neutrality when they clearly aren’t, it should be honest and point out that it thinks neutral networks won’t work given the technical demands we’re placing on the internet. Then we can have a conversation about if that’s the case, and then what we should do about it.

We can’t let ISPs operating in a duopoly just set the rules for us.

Absent competition, the proposed rules look like a way for ISPs to get more money, set rules that will affect the shape of what is developed on the internet, and do all of these things with no guarantees that consumers or the broadband economy get anything in return. I don’t find that reasonable at all.

IBM unveils Power8 and OpenPower pincer attack on Intel’s x86 server monopoly

 

IBM has taken the wraps off the first servers that are powered by its monstrously powerful Power8 CPUs. With more than 4 billion transistors, packed into a stupidly large 650-square-millimeter die built on IBM’s new 22nm SOI process, the 12-core (96-thread) Power8 CPU is one of the largest and probably the most powerful CPU ever built. In a separate move, IBM is opening up the entire Power8 architecture and technical documentation through the OpenPower Foundation, allowing third parties to make Power-based chips (much like ARM’s licensing model), and to allow for the creation of specialized coprocessors (GPUs, FPGAs, etc.) that link directly into the CPU’s memory space using IBM’s new CAPI interface. You will not be surprised to hear that Nvidia, Samsung, and Google — three huge players among hundreds more who are beholden to Intel’s server monopoly — are core members of the OpenPower Foundation. The Power8 CPU and the OpenPower Foundation are the cornerstones of a very big, well-orchestrated plan to finally put an end to x86′s reign, and place a fairer, more powerful architecture at the head of the server table.

First, we should talk about the new Power8 chip. There are 12 CPU cores, each with 512KB of L2 SRAM and 8MB of L3 EDRAM, for a total of 6MB L2 and 96MB L3 cache respectively. There is then a further 230GB/sec of bandwidth to 1TB of DRAM. Whereas each Intel Xeon core is capable of two-way simultaneous threading, and Power7+ cores can do four threads, Power8 ups the ante to eight simlutaneous threads (SMT). As you’d expect, other parts of the chip have been similarly expanded to cater for the Power8′s massive parallelism: There are eight decoders (up from 6), six dispatches per clock cycle, a doubling of load units (4), the data cache can now process four 128-bit transactions per cycle, and the bus width between the L2 and data cache is now 512 bits. Take a look at the block diagram below and be awed by its massive parallelism and throughput.

IBM Power8 microarchitecture block diagram [Image credit: The Linley Group]

We expect the Power8 will eventually be capable of clock speeds around 4.5GHz, with a TDP in the region of 250 watts. At this speed, the Power8 CPU will be around 60% faster than the Power7+ in single-threaded applications, and more than two times faster in multithreaded tasks. In certain cases, IBM says the Power8 is capable of analyzing Big Data workloads between 50 and 1,000 times faster than comparable x86 systems (the same amount of RAM, the same number of cores).

Compared to its competitors (Power 7+, the Oracle Sparc T5, the Intel Xeon), the Power8 is anywhere between two and three times more processing power per socket. This is mostly due to the massive thread count (96 vs. 30 for the latest 15-core E7-8890 v2 Xeon), and utterly insane memory bandwidth (230GB/sec vs. 85GB/sec). In terms of performance per watt, though, the Xeon (~150W TDP) is probably just ahead of the Power8 — but in general, when you’re talking servers, power consumption generally plays second fiddle to performance density (how many gigaflops you can squeeze out of a single server).

IBM Power8 CPU die, labeled

Beyond raw SPECint and SPECfp performance, Power8 also introduces CAPI (Coherence Attach Processor Interface). CAPI is a direct link into the CPU, allowing peripherals and coprocessors to communicate directly with the CPU, bypassing (substantial) operating system and driver overheads. CAPI is similar to Intel’s QPI, but where QPI is closed and proprietary, IBM is opening up CAPI to third parties. IBM’s Power Systems CTO, Satya Sharma, told me in an interview that in the case of flash memory attached via CAPI the overhead is reduced by a factor of 20. More importantly, though, CAPI can be used to attach coprocessors — GPUs, FPGAs — directly to the Power8 CPU for some truly insane workload-specific performance boosts. It is due to these CAPI-attached coprocessors that a Power8 system can be 1,000 times faster than a comparable x86 system.

 

The OpenPower Foundation

While the Power8 chip is veritably beastly, it will take a lot more than a fancy piece of hardware to dislodge Intel x86 as the undisputed king of servers (Intel chips currently power somewhere in the region of 95% of all servers.) What IBM needs is a full top-to-bottom Power architecture stack, from first-party and third-party hardware, through to a broad, healthy ISV (independent software vendor) ecosystem. This is where the OpenPower Foundation comes in.

Basically, IBM is making the Power8 architecture and detailed technical documentation open to members of the Foundation. Currently, the foundation consists of Altera, Google, Nvidia, Micron, Samsung, Tyan, ZTE, and others. Each of these members will use the Power documentation in different ways. Altera is developing FPGAs that connect directly into the Power8 chip via CAPI, to provide stupendous speed-ups for specific tasks. Tyan, with help from Google, will create third-party motherboards that are compatible with the Power8 chip, with the goal of producing cheap, Power8-based machines for internet-scale server farms. Nvidia, like Altera, will develop a Tesla-like GPU coprocessor that connects directly to the CPU via CAPI. Suzhou will license the Power architecture to make its own Power8-compatible chips for China’s domestic server market.

Taking down Intel

IBM’s giant Power8 chip, being held in a normal-sized hand.

The hope is that, by cultivating a broad hardware and software ecosystem, Power will be able to challenge Intel in the server space. IBM wants to be the ARM of servers, basically: In much the same way that ARM’s open architecture and licensing model allowed it to squash Intel in the mobile and embedded spaces, IBM wants to do the same thing in servers.

Usually I would say that it’s a fool’s errand to challenge Intel, but if anyone can do it, it’s IBM. There is a lot of antipathy towards Intel and the strategies it has used to dismantle everyone and everything that has threatened to disrupt its dominion over the computing industry. Server vendors (IBM, HP, Dell) and internet-scale service providers (Google, Facebook) use x86 chips, but only because Intel has ensured that there’s no other viable option. I don’t think there’s a single company that doesn’t want to get out from underneath the choking heft of Intel x86 — and now, at long last, IBM might be offering a way out. If the surge in mobile computing has taught us anything it’s that Intel isn’t unbeatable — that there’s a chink in its armor that IBM and the rest of the OpenPower Foundation think it can exploit. “We are entering some new spaces,” Sharma told me. “It’s a transformational event for Power. It’s going to take Power to new spaces we haven’t gone before.”

New Power8 servers, being tended to by a couple of IBMers

IBM also announced today that Canonical’s Ubuntu Server will be available for all Power8-based systems, and that it will continue to invest in Linux (IBM/Power is historically Unix-focused, not Linux). “Now is the time to expand into the Linux space,” Sharma said as our interview was wrapping up. “Ubuntu is now one of the primary targets for Power.”

The first Power8 servers will be available from June 10, with a range of 1- and 2-socket 2U and 4U models. The Power S812L and Power S822L (both 2U) will exclusively run Linux. The flagship of the Power8 line is the Power S824, a 4U design with two CPU sockets, maxing out at 24 cores (192 threads) and 1TB of RAM. The low-end Linux-powered S812L server starts at $8000. (IBM wouldn’t tell us the exact pricing of a standalone Power8 CPU, but it’s probably in the region of $5,000.)

Change Your Passwords: A Massive Bug Has Put Your Details at Risk

 

The little lock icon (HTTPS) signaling that we were on a secure website and that all our passwords, personal emails, and credit card information was safe, was making that private information accessible hackers.KTSDESIGN—Getty Images

Internet users are advised to be on the alert as security experts race to assess the damage done by Heartbleed — a newly discovered bug in technology that runs encryption for two-thirds of the Internet

A newly discovered bug in software supposed to provide extra protection for thousands of the world’s most popular websites has exposed highly sensitive information such as credit card numbers, usernames, and passwords, security researchers said.

The discovery of the bug, known as Heartbleed, has caused several websites to advise their users to change their passwords.

“This might be a good day to call in sick and take some time to change your passwords everywhere — especially your high-security services like email, file storage, and banking, which may have been compromised by this bug,” Tumblr wrote in a note to its many users.

“The little lock icon (HTTPS) we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible to anyone who knew about the exploit.”

Yahoo, the owner of Tumblr, confirms that its users’ passwords have been compromised.

The bug was discovered late last week in the OpenSSL technology that runs encryption for two-thirds of the Internet. The researchers who discovered it said that most Internet users “are likely to be affected either directly or indirectly.”

It was found simultaneously by a Google security researcher and a small security firm named Codenomicon and disclosed Monday night.

Experts are now scrambling to asses the extent of the security breach, because the bug remained undiscovered for two years. Hackers may have exploited it without leaving footprints.

“We have tested some of our own services from attacker’s perspective. We attacked ourselves from outside, without leaving a trace,” Codenomicon wrote on their newly created website about the bug.

According to several security experts, it is one of the most serious security flaws uncovered in many years.

“Heartbleed is like finding a faulty car part used in nearly every make and model, but you can’t recall the Internet and all the data you put out on it,” Jonathan Sander, vice president of research and technology for Stealthbits Technologies, a cybersecurity firm, told the Los Angeles Times.

The U.S. government’s Department of Homeland Security has advised all businesses using the vulnerable versions of the software to review their servers.