This weekend's NYT carried an alarming feature article on the gross wastefulness of the data-centers that host the world's racks of server hardware. James Glanz's feature, The Cloud Factory, painted a picture of grotesque waste and depraved indifference to the monetary and environmental costs of the "cloud," and suggested that the "dirty secret" was that there were better ways of doing things that the industry was indifferent to.

In a long rebuttal, Diego Doval, a computer scientist who previously served as CTO for Ning, Inc, takes apart the claims made in the Times piece, showing that they were unsubstantiated, out-of-date, unscientific, misleading, and pretty much wrong from top to bottom.

First off, an “average,” as any statistician will tell you, is a fairly meaningless number if you don’t include other values of the population (starting with the standard deviation). Not to mention that this kind of “explosive” claim should be backed up with a description of how the study was made. The only thing mentioned about the methodology is that they “sampled about 20,000 servers in about 70 large data centers spanning the commercial gamut: drug companies, military contractors, banks, media companies and government agencies.” Here’s the thing: Google alone has more than a million servers. Facebook, too, probably. Amazon, as well. They all do wildly different things with their servers, so extrapolating from “drug companies, military contractors, banks, media companies, and government agencies” to Google, or Facebook, or Amazon, is just not possible on the basis of just 20,000 servers on 70 data centers.

Not possible, that’s right. It would have been impossible (and people that know me know that I don’t use this word lightly) for McKinsey & Co. to do even a remotely accurate analysis of data center usage for the industry to create any kind of meaningful “average”. Why? Not only because gathering this data and analyzing it would have required many of the top minds in data center scaling (and they are not working at McKinsey), not only because Google, Facebook, Amazon, Apple, would have not given McKinsey this information, not only because the information, even if it was given to McKinsey, would have been in wildly different scales and contexts, which is an important point.

Even if you get past all of these seemingly insurmountable problems through an act of sheer magic, you end up with another problem altogether: server power is not just about “performing computations”. If you want to simplify a bit, there’s at least four main axis you could consider for scaling: computation proper (e.g. adding 2+2), storage (e.g. saving “4″ to disk, or reading it from disk), networking (e.g. sending the “4″ from one computer to the next) and memory usage (e.g. storing the “4″ in RAM). This is an over-simplification because today you could, for example, split up “storage” into “flash-based” and “magnetic” storage since they are so different in their characteristics and power consumption, just like we separate RAM from persistent storage, but we’ll leave it at four. Anyway, these four parameters lead to different load profiles for different systems.

a lot of lead bullets: a response to the new york times article on data center efficiency (via Making Light)

Here's a thought:

"It takes about the same amount of computing to answer one Google Search query as all the computing done — in flight and on the ground — for the entire Apollo program."

(Quote from Seb Schmoller’s "Learning technology – a backward and forward look," attributed to Peter Norvig and Udi Mepher of Google on hearing of the death of Neil Armstrong)

I remember hearing that the processor in a singing greeting card had more capacity than all the electronic computers on Earth at the time of Sputnik's launch, though I can't find a cite for it at the moment. Exponential processor improvements are pretty wild.

Learning technology – a backward and forward look (PDF)

(via Memex 1.1)

"Stress Relief: Improving Structural Strength of 3-D Printable Objects," a paper presented at SIGGRAPH 2012 from Purdue University's Bedrich Benes demonstrated an automated system for predicting when 3D models would produce structural weaknesses if they were fed to 3D printers, and to automatically modify the models to make them more hardy.

Findings were detailed in a paper presented during the SIGGRAPH 2012 conference in August. Former Purdue doctoral student Ondrej Stava created the software application, which automatically strengthens objects either by increasing the thickness of key structural elements or by adding struts. The tool also uses a third option, reducing the stress on structural elements by hollowing out overweight elements.

"We not only make the objects structurally better, but we also make them much more inexpensive," Mech said. "We have demonstrated a weight and cost savings of 80 percent."

The new tool automatically identifies "grip positions" where a person is likely to grasp the object. A "lightweight structural analysis solver" analyzes the object using a mesh-based simulation. It requires less computing power than traditional finite-element modeling tools, which are used in high-precision work such as designing jet engine turbine blades.

New Tool Gives Structural Strength to 3-D Printed Works

Rudy Rucker has launched a new novel, Turing & Burroughs, which he describes as a "beatnik SF novel." It's available direct from his site as an ebook, or from the Kindle store, or as a print-on-demand book.

What if Alan Turing, founder of the modern computer age, escaped assassination by the secret service to become the lover of Beat author William Burroughs? What if they mutated into giant shapeshifting slugs, fled the FBI, raised Burroughs’s wife from the dead, and tweaked the H-bombs of Los Alamos? A wild beatnik adventure, compulsively readable, hysterically funny, with insane warps and twists—and a bad attitude throughout.

Turing & Burroughs Out in Ebook and Paperback!

Ed Felten presents and argues for the idea of "accountable algorithms" for use in public life -- that is, "output produced by a particular execution of the algorithm can be verified as correct after the fact by a skeptical member of the public."

He gives a great example of how to run a securely random TSA checkpoint where, at the end of each day, the public can open a sealed envelope and verify that the TSA was using a truly fair random selection method, and not just picking people they didn't like the look of:

Now we can create our accountable selection method. First thing in the morning, before the security checkpoint opens, the TSA picks a random value R and commits it. Now the TSA knows R but the public doesn’t. Immediately thereafter, TSA officials roll dice, in public view, to generate another random value S. Now the TSA adds R+S and makes that sum the key K for the day.

Now, when you arrive at the checkpoint, you announce your name N, and the TSA uses the selection function to compute S(K, N). The TSA announces the result, and if it’s “yes,” then you get searched. You can’t anticipate whether you’ll be searched, because that depends on the key K, which depends on the TSA’s secret value R, which you don’t know.

At the end of the day, the TSA opens its commitment to R. Now you can verify that the TSA followed the algorithm correctly in deciding whether to search you. You can add the now-public R to the already-public S, to get the day’s (previously) secret key K. You can then evaluate the selection function S(K,N) with your name N–replicating the computation that the TSA did in deciding whether to search you. If the result you get matches the result the TSA announced earlier, then you know that the TSA did their job correctly. If it doesn’t match, you know the TSA cheated–and when you announce that they cheated, anybody can verify that your accusation is correct.

This method prevents the TSA from creating a non-random result. The reason the TSA cannot do this is that the key K is based on result of die-rolling, which is definitely random. And the TSA cannot have chosen its secret value R in a way that neutralized the effect of the random die-rolls, because the TSA had to commit to its choice of R because the dice were rolled. So citizens know that if they were chosen, it was because of randomness and not any TSA bias.

Accountable Algorithms: An Example

A team of computer scientists at the University of Southampton in the UK created a supercomputer out of 64 Raspberry Pi matchbox Linux-on-a-chip computers and Lego. The team included six year old James Cox, the son of project lead Professor Simon Cox, "who provided specialist support on Lego and system testing."

Here's a PDF with instructions for making your own Raspberry Pi/Lego supercomputer.

Professor Cox comments: “As soon as we were able to source sufficient Raspberry Pi computers we wanted to see if it was possible to link them together into a supercomputer. We installed and built all of the necessary software on the Pi starting from a standard Debian Wheezy system image and we have published a guide so you can build your own supercomputer.”

The racking was built using Lego with a design developed by Simon and James, who has also been testing the Raspberry Pi by programming it using free computer programming software Python and Scratch over the summer. The machine, named “Iridis-Pi” after the University’s Iridis supercomputer, runs off a single 13 Amp mains socket and uses MPI (Message Passing Interface) to communicate between nodes using Ethernet. The whole system cost under £2,500 (excluding switches) and has a total of 64 processors and 1Tb of memory (16Gb SD cards for each Raspberry Pi). Professor Cox uses the free plug-in ‘Python Tools for Visual Studio’ to develop code for the Raspberry Pi.

Professor Cox adds: “The first test we ran – well obviously we calculated Pi on the Raspberry Pi using MPI, which is a well-known first test for any new supercomputer.”

Engineers Build Supercomputer Using Raspberry Pi, Lego [Parity News]

Southampton engineers a Raspberry Pi Supercomputer [Press release]

(Images: Simon J Cox 2012)

Alex Churchill has posted a way to implement a Turing complete computer within a game of Magic: The Gathering ("Turing complete" is a way of classifying a calculating engine that is capable of general-purpose computation). The profound and interesting thing about the recurrence of Turing completeness in many unexpected places -- such as page-layout descriptive engines -- is that it suggests that there's something foundational about the ability to do general computation. It also suggests that attempts to limit general computation will be complicated by the continued discovery of new potential computing engines. That is, even if you lock down all the PCs so that they only play restricted music formats and not Ogg, if you allow a sufficiently speedy and scriptable Magic: The Gathering program to exist, someone may implement the Ogg player using collectible card games.

A series of Ally tokens controlled by Alex represent the tape to the right of the current head: the creature one step to the right of the head is 1 toughness away from dying, the next one over is 2 toughness from dying, etc. A similar chain of Zombie tokens, also controlled by Alex, represent the tape to the left. The colour of each token represents the contents of that space on the tape.

The operation "move one step to the left" is represented in this machine by creating a new Ally token, growing all Allies by 1, and shrinking all Zombies by one. The details are as follows:

When the machine creates a new 2/2 Ally token under Alex's control, four things trigger: Bob's Noxious Ghoul, Cathy's Aether Flash, Denzil's Carnival of Souls, and Alex's Kazuul Warlord. They go on the stack in that order, because it's Bob's turn; so they resolve in reverse order. The Kazuul Warlord adds +1/+1 counters to all Alex's Allies, leaving them one step further away from dying, including making the new one 3/3. Then Carnival of Souls gives Denzil a white mana thanks to False Dawn (he doesn't lose life because of his Platinum Emperion). Then Aether Flash deals 2 damage to the new token, leaving it 1 toughness from dying as desired. And then the Noxious Ghoul, which has been hacked with Artificial Evolution, gives all non-Allies -1/-1, which kills the smallest Zombie. Depending on whether the smallest Zombie was red, green or blue, a different event will trigger. The machine has moved one step to the left.

If the new token had been a Zombie rather than an Ally, a different Kazuul Warlord and a different Noxious Ghoul would have triggered, as well as the same Aether Flash. So the same would have happened except it would be all the Zombies that got +1/+1 and all the Allies that got -1/-1. This would effectively take us one step to the right.

Magic Turing Machine v4: Teysa / Chancellor of the Spires (via /.)

(Image: Magic the Gathering, a Creative Commons Attribution Share-Alike (2.0) image from 23601773@N02's photostream)

Last year, I wrote about the hand-drawn Monopoly board that Alan Turing and friends played with at Bletchley Park. Now it's an official set. Chris from Bletchley Park sez,:

Bletchley Park is delighted to officially launch the Alan Turing Monopoly board, developed from a unique original board in the Bletchley Park Museum, hand-drawn by William Newman, son of Turing’s mentor, Max, over sixty years ago.

In this special edition of Monopoly, the squares around the board and revised Chance and Community Chest cards tell the story of Alan Turing’s life along with key elements of the original hand-drawn board, which the great mathematician played on with a young William in the early 1950s – and lost. The board has been developed by the Bletchley Park Trust, William Newman and Winning Moves, which creates new editions of Monopoly.

"On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces," a paper presented by UC Berkeley and U Geneva researchers at this summer's Usenix Security, explored the possibility of adversarial mind-reading attacks on gamers and other people using brain-computer interfaces, such as the Emotiv games controller.

The experimenters wanted to know if they could forcefully extract information from your brain by taking control of your system. In the experiment, they flashed images of random numbers and used the automatic brain-response to them to make guesses as which digits were in their subjects' ATM PINs. Another variant was watching the brain activity of subjects while flashing the logo of a bank and making a guess about whether the subject used that bank.

I suppose that over time, an attacker who was able to control the stimulus and measure the response could glean a large amount of private information from a victim, without the victim ever knowing it.

Brain computer interfaces (BCI) are becoming increasingly popular in the gaming and entertainment industries. Consumer-grade BCI devices are available for a few hundred dollars and are used in a variety of applications, such as video games, hands-free keyboards, or as an assistant in relaxation training. There are application stores similar to the ones used for smart phones, where application developers have access to an API to collect data from the BCI devices.

The security risks involved in using consumer-grade BCI devices have never been studied and the impact of malicious software with access to the device is unexplored. We take a first step in studying the security implications of such devices and demonstrate that this upcoming technology could be turned against users to reveal their private and secret information. We use inexpensive electroencephalography (EEG) based BCI devices to test the feasibility of simple, yet effective, attacks. The captured EEG signal could reveal the user’s private informa- tion about, e.g., bank cards, PIN numbers, area of living, the knowledge of the known persons. This is the first attempt to study the security implications of consumer-grade BCI devices. We show that the entropy of the private information is decreased on the average by approximately 15 % - 40 % compared to random guessing attacks.

On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces

Defective by Design -- the Free Software Foundation's campaign against DRM -- has cooked up a new badge for technology, media and devices that are provided without DRM, a kind of "certified organic" logo that lets you know when you're getting stuff that doesn't try to use technology to limit your choices.

New DRM-Free Label (via /.)