Shameless plug

My son Mihael finally made a proper web page for his latest software project, the one he won the 3rd place in the national competition with. What’s actually more impressive is that the competition is for all four high school years, which means he competed against the 3rd and 4th year students, as the only 1st year student in the competition, and most of the projects were done by whole teams while he did this one himself.

He put it up on both Apple and Android stores, but making a paid version on the Android store was too complicated for some reason that I already forgot because it was months ago, so that one is free. The iOS version costs some money and is well worth it if you ask me, because I use it whenever I have to buy something that contains tiny e-codes on the label and I want to find out what kind of shit I’m about to eat. So yeah, buy it so that you don’t end up eating poison, and Mihael learns that writing software beats making YouTube videos about playing video games as a career path. 🙂


Mining asteroids for gold

I recently saw articles speculating about asteroids with high metal content and feasibility of mining gold, platinum and similar expensive stuff there. The calculations is basically that there must be a zillion tons of gold there and if we bring it to Earth the price of gold would plummet because the supply would suddenly increase.

I agree with Schiff’s analysis. However, I would also explore the details, as I once used the “gold is a discovery of a golden asteroid away from being worthless”. At first, this argument is sound, since the value of gold is based on restricted supply, and all the gold ever mined on Earth would fit in a cube with a side of 20 meters.

However, another argument is that gold is extremely abundant on Earth. Earth is unique among the planets because of its extraordinarily high metallicity. That’s why we have a magnetic field at the time where other rocky planets have cooled down and no longer have a core floating in a molten mantle. We have so much heavy elements, that nuclear fission and radioactive decay create over half of the temperature that keeps Earth’s interior molten. A significant portion of that are the elements we would deem precious, such as gold and the platinoids. Also, Earth’s crust contains quite a lot of gold. It’s quite easy to create heavy machinery assisted by human labour here on Earth, and create mining shafts and what not. Despite all that, mining gold is barely profitable.

Now let’s imagine we really do find out that there are significant amounts of gold on some asteroid. You know what would happen to the price of gold on the market? Nothing. Why? Because we still haven’t managed to bring home a sample of material from an asteroid. In comparison to mining asteroids, having a steady population on Mars is child’s play.

Operating a mine, which basically means crushing millions of tons of iron ore into dust, separating what you want to keep from what you want to discard, all in micro-gravity, high radiation and no atmosphere, no food for the workers, it’s such an enormous task, it could realistically be imagined by a Kardashev type II civilization, and we are not yet type I. You can realistically imagine us crushing asteroids for mining when it’s easy for us to terraform Venus and have six billion people living there, and have cities on Titan and Europa. However, at that point adding all the gold in the solar system still wouldn’t be enough to cover a GDP of the size necessary to run a civilization that mines the asteroid field for minerals and creates a Dyson sphere with the remaining material, just because they need the solar energy to operate the thing. Mining asteroids for minerals isn’t something that would be done by Earth. It would be done as a joint endeavour of Mars, Europa and Ganymede, by the Russians and the Chinese who would make up the population of the colonies; Earth would be too busy talking about genders to take part.

A Delta IV rocket launch costs $17,400 per kg delivered to lower Earth orbit (LEO). Falcon Heavy is supposed to reduce the cost to $1700 per kg. Essentially, you have to pay at least an ounce of gold to get a kilo of anything into orbit. This includes an entire asteroid-mining spacecraft, with human crew because a mine can’t be safely operated over more than half an hour delay due to light speed. If an AI could operate a mine in the asteroid field independently, then it would have a Kardashev type II civilization and you would be either apes in a zoo, or fossils. If remote operation is impractical because of the speed of light, AI operation is possible but then you have bigger problems, it leaves you with the simplest and the most practical option of maintaining a manned space station in the asteroid belt, supplying it from Earth, shielding it from radiation and impact in an area full of high-speed debris, dealing with rock and metal dust produced by crushing ore, in microgravity conditions, mining gold, shaping it into a sun sail in order to slowly reduce its orbital velocity and send it to Earth, catch it there by the second crew somewhere in Earth or Moon orbit, melt it into gold bullion and send it to Earth to be recovered.

In short, gold is going to become cheap once the AI running the solar system finds no use for it, but until then, or other cause or extinction, it’s the best place to store your life savings.

Security of Linux

I was thinking a bit lately, running Linux as my daily driver for the last few days, at least on my desktop PC, about the rationale behind Linux as a secure OS.

Linux is secure because it’s open source so anyone can inspect it and find the back doors and insecure features. That’s the story.

However, a while ago they discovered an open-ssl vulnerability called “heartbleed”, which was there for years, in an open source library, that theoretically everybody could inspect, and yet apparently that didn’t help the slightest bit. How is that possible?

The explanation is quite easy. Yes, there is a huge number of people working on open source projects, but the trick is in how they are grouped. The largest majority is working on redundant high-level stuff, while the “invisible”, low-end, critical features are so obscure, that they are often maintained by either a single developer or a handful of them, and although people could in theory read some cryptographic c library, almost nobody does, because it’s obscure, difficult and unrewarding work. People who maintain those libraries need to have immense expertise, and yet they are usually paid nothing for their work. Nobody really competes for a job that requires a PhD in mathematics, a wizard-level knowledge of c, uses up lots of time, and pays nothing.

Which brings me to the main security issue in Linux: its critical security features are written and maintained by a few unpaid experts, are too obscure to read and understand by the vast majority of Linux developers, and the likely attacker can literally print billions of dollars that will never be tracked or accounted for, and has infinite means of intimidation.

This means Linux is in fact extremely vulnerable. It was proven to have “heart-bleeding” vulnerabilities out there in the open for years, and nobody actually bothered to read the open source code and find them. The vulnerability can be extremely obscure, and you’d need to be a professional cryptanalyst to be able to identify it, and there would be no incentive for you to go through all those mountains of code and find it, because you would assume it’s already been done, which is an easy and pleasant assumption to make, if somewhat unwarranted.

So, what am I saying here? Basically, I’m saying nothing is secure if those attacking the system have control of the hardware design, firmware design, operating system design, and can pay the best experts infinite amounts of money if they comply with their demands, or have them and their families disappear in darkness if they don’t. The idea, that you can simply install Linux instead of Windows and you’re secure, is incredibly naive.

New Raspberry Pi

Raspberry Pi 4B has been released recently, and it’s the first such device that might actually be usable as a general-purpose desktop PC.

I don’t know yet what the Geekbench score is, but it has 4GB RAM, can drive two 4K monitors, is 2+ times faster than the 3B+ model, has gigabit Ethernet and USB3, essentially making it an ideal cheap and secure device for running general purpose office/school applications.

I ordered one and will report how it does running Linux desktop and my typical workload. In theory, it’s the first one that actually has enough power to rival a NUC for lightweight HTPC and desktop tasks.

Update after receiving and briefly testing the 4GB unit:

Geekbench 2 (ARM build) is 4830. The score of the 3B+ is 2266.

Subjective speed is comparable to my media player, Core2Duo E6500@2900MHz, which means it’s quite usable, since that used to be my desktop machine; the speed is not up to today’s standards, but it’s not stone age. I’m using it to write this article and the speed is fine, it’s a normal desktop computer.

kde-plasma-desktop package in raspbian made a mess, and is unusable, so I’m using the default raspbian window manager. Raspbian is incredibly breakable; after attempting to install multiple window managers, everything broke in many different ways, for instance raspi-config fails to set a valid boot to GUI or boot to CLI configuration; it just does whatever, and when I startx, it complately bypasses lightdm/sddm and opens whatever (at first Raspbian default GUI, but later Mate desktop, without the ability to switch between the two. It’s simply not ready for “normies”. Window manager switching should either not work at all, or work well, without conflicting daemons/applets, and reliably selectable through either GUI or CLI. I can’t believe I have to even say this.

The video works marginally OK when I use the legacy open-gl driver in raspi-config. 720p video works ok, only 9 dropped frames of 2800. Everything above 720p is not smooth. The mouse moves better now too.

Mate desktop is much, much better than the default Raspbian GUI. Normal things such as the volume buttons actually work. This machine should have Ubuntu Mate as the desktop OS, and Raspbian should be left for tinkering with hardware and emergency use only. Mate desktop, however, is good enough for normal desktop use. For instance, I couldn’t make Raspbian GUI make my mouse work non-sluggish; in mate-desktop-environment it just works. That also goes for the volume control buttons on both keyboards I tested. I could get used to this.

It’s prone to overheating. I got a high temperature icon repeatedly while working at the Raspbian desktop while performing apt-get install of a large dependency tree. The temps were above 80°C with alu heatsink glued to the CPU but plastic top of the case closed. I opened it now and the temps while just typing this are 66°C.
I plugged the USB3 powered hub from the desktop to the Pi and it just worked, plug&play, with all the devices.

There’s some super-weird shit going on with overheating. For instance, I forgot a Kingston USB drive in the device, and when I wanted to remove it, it was hot, like, incredibly hot. I can’t remember whether that was the case with 3B+ but this isn’t normal, since the drive was idling, and not copying the universe. 
The CPU temperature is now 62-66°C, which is about ten degrees more than 3B+ in similar workloads. This CPU needs stronger cooling, and that’s normal since it has the power of an E6500 which has a regular PC heatsink with a fan, and this has a small passive heatsink. 
The video drivers are generally the weakest spot of the OS so far, from what I can tell. All kinds of artifacting is going on while video is playing; mouse pointer hiding and showing, browser randomly redrawing, that kind of crap. It’s alpha release. I don’t think the hardware acceleration is turned on at all. There needs to be a Raspbian update having the 4B in mind, because from what I recall 3B+ actually has better YouTube video.

To repeat myself, there needs to be an OS fork for Pi devices: one for tinkering with hardware, for which Raspbian is great, and one for desktop use, for classrooms or similar, and that one needs to be polished. Ubuntu-Mate seems like an awesome candidate, although I would also like to see kde-plasma-desktop working.

I am testing it on a 4K 43″ monitor, with a mechanical keyboard and Logitech G602 wireless mouse plugged into a powered USB3 hub, and it’s a very comfortable desktop experience, until I get an idea of playing video. That part just doesn’t work well and needs to be fixed in a Raspbian update. This hub also provides the power for the Pi; I also tried a 45W USB-C Asus laptop brick, and Apple iPad brick. The iPad brick was the only one not providing enough power; I had constant undervolt notifications and at one point device actually crashed during a power peak when starting Mate. Have this in mind; this requires a netbook-level power brick, not a phone or tablet-level one. This is not your old Raspberry Pi that could run from a computer’s USB socket and be fine. The power demands are still nowhere near any kind of a x86 desktop computer, but it matches the small and frugal laptops. The overheating has apparently been resolved once I removed the top cover on the case. It would actually make good use of a slow case fan blowing on it, but a high-RPM small fan would be terribly counterproductive. The solution I would prefer would be this:

Aluminium case design where the entire top part of the case is a heatsink would be quite appropriate for a machine of this power, because if you close it inside an un-ventilated plastic enclosure it will melt itself to death, and if it’s left open it can be damaged in all sorts of ways in a classroom environment. Essentially, I’d install it in a VESA mounted enclosure with a large heatsink, and either extend the GPIO with a flat cable to some accessible spot on the monitor stand, or just forget about GPIO for desktop use; have a 4B model for driving a desktop environment, for coding and web/office stuff, and one small, cheap A-type unit for driving sensors and robotics. You’ll do the development/deployment/testing over a ssh connection in any case, it’s just a matter whether you do the development on a “proper” desktop PC, or a desktop-level Pi. As far as I’m concerned, 4B needs a software update that will fix its video problems, and make a mate-desktop-environment a default option in Raspbian: well tested, polished and not conflicting with the unnecessary LXDE and whatever GUI that used to make sense on the older generations. This one needs a choice between Mate, XFCE and KDE, not between SHIT and CRAP. Yes, this is high praise coming from me, and means the device itself is quite excellent for the intended purpose. With proper cooling, properly implemented video codecs and some OS polishing, this could be the ideal classroom computer: cheap, small, integrated into the monitor for robustness, and fast enough to run everything kids would need to learn. And it’s cheap enough you can equip classrooms with it even in the financially not so well off schools that can’t afford i3 or i5 desktops. So, thumbs up, but with a caveat regarding the OS which is obviously an alpha-release considering the needs of this device. I can hardly wait for Ubuntu Mate to be compiled and tweaked for 4B.