Tech News of the Week for 8/17/2023 [MTG005]

Posted on Thursday, Aug 17, 2023 | Series: Moar Tech Garbage
HashiCorp goes BSL, Intel SGX is feeling vulnerable, and Microsoft Teams loves Windows For Workgroups.


[00:00:01.410] Announcer: Welcome to Tech News of the Week. With your host, Cardi B.

[00:00:08.690] Ned: Welcome to Ricky Tiki tavi nosa ravi. News of the Samana?

[00:00:14.850] Chris: Wow.

[00:00:15.760] Ned: Nope, still not there. This is our ten minute dive into Tech News that caught our eye in the old RSS feed. That’s what the kids use these days. Right now, I’m Ned. With me is Chris. Let’s get into some more tech garbage. HashiCorp switching to Business Source Licensing, affectionately known as BSL Licensing, which is a license licensing, which is why initialisms and acronyms are terrible. Would you like some DRAM memory? How’s your CSP provider? What about your IAC code? Well, that brings me nicely back to the HashiCorp change. Since their most popular software is the IAC tool TerraForm, starting with the next release of their core software products, HashiCorp is switching from their current Mozilla public license 20 to the Business Source license One. One. What does this mean for the average user of TerraForm Vault or console? Nothing. Absolutely nothing. The source code will remain available on public repos and anyone is welcome to review, contribute or build from source if they’d like. The BSL specifically targets commercial applications of the software, where an independent software vendor has built a competing product without a partnership agreement with HashiCorp. So if you’re an ISV who has built a competitor to TerraForm Cloud or Hcp Vault using Open source TerraForm or Vault, HashiCorp would like a word with you.

[00:01:51.890] Ned: Everyone else can keep calm and carry on. Now if you’ll excuse me, I have to go get some USD dollars out of the ATM machine.

[00:02:02.150] Chris: ROFL out loud.

[00:02:07.450] Ned: Anyway. So big change. That’s not going to impact 99% of people now, you know?

[00:02:16.090] Chris: Yeah, I mean, I guess they’re trying to do the red hat thing without sounding like they’re doing the red hat thing.

[00:02:22.000] Ned: It’s more like they’re doing the MongoDB thing.

[00:02:27.870] Chris: I wasn’t listening. What did MongoDB do?

[00:02:30.020] Ned: They did the same thing. They changed from, I think it was the Mozilla license to the BSL license four or five years ago, mostly in response to Amazon.

[00:02:47.750] Chris: Intel CPUs found to be vulnerable to downfall, am I right?

[00:02:55.920] Ned: Yeah.

[00:02:57.290] Chris: Google security researchers have found an attack in certain Intel CPU families that allows information protected by the software guard extension memory encryption functionality to be stolen. This, as you’re probably guessing, is not supposed to happen. Yeah, as usual, the main problem seems to be speculative execution processes which utilize, quote, a temporal buffer shared across sibling CPU threads. Unquote. The full attack, demonstrated by Google, required separate virtual machines and a lot of complex machines, but it resulted in the theft of complete AES keys and the inevitable decryption of the SGX data. Like I said, this is a crazy complex hack that requires timing to be perfect the malicious code to be running on a prepped virtual machine that is running on the same core as the victim’s machine. So obviously this is virtual nature, but since the cloud. You can see where we’re going with this. Indeed, according to intel, this means that, quote, trying to exploit this outside of a controlled lab environment would be a complex undertaking, but then they would say that they would other sources make it look easier. The issue affects some variants of Skylake and Ice Lake and all Tiger Lake.

[00:04:29.340] Chris: So if you have one of these in your environment, there are software mitigations that can be implemented, all of which, of course, have a performance penalty. There’s also going to be a big discussion about this at Black Hat this week. We’ll probably bring it back up again once that presentation becomes publicly available, which I don’t remember their policy if that’s right away or a few months down the line.

[00:04:55.310] Ned: There are a lot of interesting things coming out of Black Hat this week, and I didn’t have time to go into them. So that might be next week tech news Thing arm is Poised to Go Over the Top With IPO SoftBank hold.

[00:05:12.970] Chris: On, what are we thinking? Percentage wise audience that got that.

[00:05:19.910] Ned: Low? Tens, I’d say. SoftBank owned Arm is preparing to float an IPO on the Nasdaq. According to multiple sources collected by the Register, the chip designer and licensee is estimated to be worth some $60 to $70 billion, which will cause quite the splash when it hits the open market. Chipmakers like Samsung and Apple have invested heavily in the Arm platform, and one would assume that they will invest just as heavily in Arm stock in a bid to influence the future of the company. It’s as yet unknown how much of a share SoftBank intends to retain. Their vision fund has been a bit of a disaster as of late, and they could use the Arm IPO as a way to infuse the fund with cash, or they could take the long view and continue to own a controlling share in the company. Arm was originally acquired by SoftBank back in 2016 for $32 billion, and SoftBank tried to sell the company to Nvidia for 40 billion in 2020. But that deal fell apart due to regulatory issues. I e nvidia is big enough already. Goddamn. It seems like that might have been the best thing for SoftBank as the additional $20 billion in valuation in a few years.

[00:06:37.620] Ned: That’s kind of nice. Honestly, this is a much better outcome than Arm being owned by Nvidia or any other chipmaker. Now they can all jockey for position on the board and cancel each other out. Ain’t capitalism grand?

[00:06:52.050] Chris: Well, it would be if the three major players trying to get a controlling stake weren’t Apple, Samsung, and AWS.

[00:06:59.670] Ned: Don’t forget about Nvidia.

[00:07:06.090] Chris: Microsoft Teams has a lot of seemingly antiquated requirements around setting up teams and channels. Wait. Did I start already? I wasn’t listening. Let’s just breathe right on by the fact that calling product teams and calling the base label organizational unit a team was a terrible idea, and everyone on the 40 person committee that inevitably greenlit this dumb idea should feel bad. Do you know how impossible this setup makes it to Google things about this product? Or even talk about it without making yourself dizzy? Anyway, there are other oddities. Like, for instance, did you know that old Dos rules about forbidden directory names still apply to themes channels? Wow. Words that cannot be the name of a channel should sound familiar to anyone who’s worked on computers since we had computers. And I quote, forms con, con in, con out. PRN a UX n u One through nine. LPT one through LPT nine. Desktop ini and underscore VTi underscore. End quote. Wow. And why is this simple? Because everything in teams is backed by SharePoint, and SharePoint is backed by all of the backwards compatibility that Windows is famous for. Yeah, it seems. OD, that a modern product there with those air quotes again.

[00:08:47.400] Chris: Like SharePoint shouldn’t care or even be allowed to speak to devices like One or LPT One. But here we are. At least we’re in prime position for someone to backboard teams to run on Windows 3.1. Oh, my God. Why did I speak that monstrosity of an idea out into the world now someone’s going to do it.

[00:09:13.090] Ned: They will.

[00:09:14.610] Chris: And we thought that Skynet was the biggest problem.

[00:09:17.970] Ned: Windows for work groups, baby. For life. That’ll do it for Tech news of the week. Enjoy the rest of your week. Bye. We’re out.


Chris Hayner

Chris Hayner (He/Him)

Our story starts with a young Chris growing up in the agrarian community of Central New Jersey. Son of an eccentric sheep herder, Chris’ early life was that of toil and misery. When he wasn’t pressing cheese for his father’s failing upscale Fromage emporium, he languished on a meager diet of Dinty Moore and boiled socks. His teenage years introduced new wrinkles in an already beleaguered existence with the arrival of an Atari 2600. While at first it seemed a blessed distraction from milking ornery sheep, Chris fell victim to an obsession with achieving the perfect Pitfall game. Hours spent in the grips of Indiana Jones-esque adventure warped poor Chris’ mind and brought him to the maw of madness. It was at that moment he met our hero, Ned Bellavance, who shepherded him along a path of freedom out of his feverish, vine-filled hellscape. To this day Chris is haunted by visions of alligator jaws snapping shut, but with the help of Ned, he freed himself from the confines of Atari obsession to become a somewhat productive member of society. You can find Chris at coin operated laundromats, lecturing ironing boards for being itinerant. And as the cohost on the Chaos Lever podcast.

Ned Bellavance

Ned Bellavance (He/Him)

Ned is an industry veteran with piercing blue eyes, an indomitable spirit, and the thick hair of someone half his age. He is the founder and sole employee of the ludicrously successful Ned in the Cloud LLC, which has rocked the tech world with its meteoric rise in power and prestige. You can find Ned and his company at the most lavish and exclusive tech events, or at least in theory you could, since you wouldn’t actually be allowed into such hallowed circles. When Ned isn’t sailing on his 500 ft. yacht with Sir Richard Branson or volunteering at a local youth steeplechase charity, you can find him doing charity work of another kind, cohosting the Chaos Lever podcast with Chris Hayner. Really, he’s doing Chris a huge favor by even showing up. You should feel grateful Chris. Oaths of fealty, acts of contrition, and tokens of appreciation may be sent via carrier pigeon to his palatial estate on the Isle of Man.