China still holds over 1 trillion in debt. If China decides to reduce its stake - that means more debt on the market, while the US is adding another trillion debt in the last few months. So supply goes up, demand goes down - and interest rates have to go up to make the new debt more attractive than the other supply of debt that China throws into the market.

The economies are so interlinked that any real trade war could create unstable and unpredictable times.

The US owes so much debt now, that if China starts dumping accumulated debt they could force a spike in interest rates that basically throw the US into a hard recession.
It could lead to a currency war as China could hit back with devaluation equivalent to the tariffs.
The Chinese banks are not very transparent - and if the current swoon turns into a worldwide stock market crash - could be the start of another Asian crisis (we just cannot know) if it is prolonged.
Companies cannot just turn on a dime and change manufacturing (i.e. move it to other locations), so it could spike inflation and it could also disrupt major American companies supply.
Or it could just be taken in stride. The problem is that the markets were already overly exuberant, and there are many bubbles that could be popped ... that anything could happen... the problem is it may not be able to be predictable.
Anyone that claims to know what will happen ... is more than likely just pretending to know and guessing.

What Florida is voting for is to move from EST/EDT to AST (no daylight savings). They are not exempting themselves from Standard Time, they are voting to adopt a different standard timezone. They are voting to eliminate daylight savings time. Standard time in most of the world follows political borders not some raw calculated mean position every 60 minutes apart.

Extremely well said and concise. Bringing into how we relate to people because of their personal politics (conservative vs liberal vs progressive vs socialist) is extremely toxic. If we cannot talk or do business with people that hold differing political views - the civility of society will only continue to decline.

The firmware update comes from your PC manufacturer or motherboard manufacturer.

Your PC maker or motherboard maker should have a patch for firmware / microcode. To completely mitigate the vulnerability on Intel based computers - you will have to patch both the OS and the firmware. I believe the firmware patch is required as part of Spectre (probably 2nd variant). Without both, your computer will be still vulnerable. Unfortunately I believe there is a chance that the patch could fail silently - but there is a powerscript that will tell you the status of the vulnerability patches.

There should be at least some attempt at reparations. Any processor currently being manufactured (3 years or younger) -- you would have the option of opting to get a replacement for the CPU if it is socketed by sending it into Intel (or taking it to a service centre of Intel's choosing to replace) and then getting a fixed CPU (probably timeline at least 9 months). Manufacturers could opt to replace the board at cost with new CPUs for computers that are currently in use. If you opt to keep it you would get a reimbursement of about 25% of the tray price of the CPU - which would be funnelled through manufacturers/retailers.

I think you would find that a small minority would opt to have the CPU replaced or the board replaced -- costing much less than what might be feared. It would however give the impression that the manufacturer (Intel) stands behind their products.

It is about the protection barrier between the kernel data and user space melting down... Meltdown is as good as any other name.

If some non-techies get the wrong idea -- great -- I can have fun with that .... scaring non-techies with technobabble is always fun. Besides, maybe I can convince my non-technical manager that I need a new computer since my old one melted down before the patch was installed.

It is my understanding that Meltdown is Intel only, Spectre affects AMD/ARM/Intel (though not the same impact). I don't believe either of these exploits affect POWER or SPARC. Basically Meltdown is caused by being overly aggressive in that it does not check permissions to access -- until after it has moved it to cache, AMD checks this before. Using this and the ability to get timing information (only really needed for debugging) - a clever algorithm can basically access and piece together kernel (protected data) on the processor from user space processes. To me if one architecture has issues with something and all others don't it leads me to the conclusion that it is an architectural (CPU) design defect.

I am not familiar with the internals of it and it has been a good 30+ years since I have written x86 assembly code (and I am sure it has changed a lot, but they do keep backwards compatibility). Memory segmentation in Intel chips is a legacy that dates back to not being able to address the entire memory space because the limitation of memory being larger than addressable space due to the limitations of 16 bits. The memory had to be addressed by using a segment register and then offset from that register (a segment at that time would be limited to 64K). It was never designed as a way to protect the kernel address space. This memory addressing scheme is both costly and reduced the ability to usefully use the address space. Today 64 bit processors can address 16 exabytes, and the segmentation is a legacy left over from the early days. Use of segmented memory to protect the kernel is IMHO a hack that only serves to duct-tape over the defect and the downside is that it affects performance. I thought most other architectures (that are not affected) -- have flat and not segmented memory?

At that rate, you probably are not using the phone very much at all and probably don't even need a smart phone. You are more the exception in this society today.

Here almost every store (carrier or retailer) will favour a specific manufacturer - it could be as simple as they commission that they make is higher for a given manufacturer because of incentives -- or it could just be what they are familiar with and are therefore more comfortable selling. Bias is normal and pretending it does not exist -- just makes you an easy target.

First, when pricing phones and doing comparisons -- include the total cost of ownership of each of those models. People often get hung up on a device costing $100 or $200 more as being 15% to 25% more. I am use to not having a plan in the country I am living in (and total cost is considerably less than my home country of Canada). Phones should typically last 4 years (even sell the phone and get a new one; or recycle it through the family) with being reasonably useful - so that is typically what I use for total cost. In Canada where the market is very costly this could mean over those 4 years you are spending $4,000 on a plan for that phone.... so if a phone costs $600 - your total cost of ownership is $4,600, or more. So in the end being cheap about the actual device is not saving a whole lot of money.

Most people usually have a strong preference (Android or iPhone) -- my case I prefer my iPhone. If you are an Android user I would probably give preference to a Pixel phone just because a lot of vendors are slow (at most) on updating the phone with the new version or security updates.

At this point you have probably narrowed down your choice - and you probably know what you use your phone for. If you use your phone alot and it is a very important device, just chose the best phone that you can buy at the time that suits your needs.

All sales people have their own preferences and unfortunately most are swayed by choices other than what the consumer is actually telling them (be it higher commission for a given supplier, or their own device preferences). If they sound like they are not making sense -- it is probably because they are not thinking of what your needs are.

1 If the patch is in software, in the OS, can't malicious code (e.g. after privilege escalation exploit) undo any OS patch and then go wild on other people's memory? Basically yes, but you have to have another OS based exploit to piggyback on -- but in reality the privilege escalation by itself would probably be sufficient in itself - so the chip level one would more or less be overkill. 2 Does this also bypass Intel SGX isolation? I don't think you would say bypass, but it would likely impact the security of SGX as well -- since your leaking kernel data into user spaces.

In this case the CPU cannot be patched. This defect is permanent, it can never be fixed in the current processors. When new processors come out (assuming the next gen uses the same socket -- a crap shoot) you could replace the CPU. The fix is for the OSes to basically compensate and work around the defects - which may have moderate to severe performance penalties depending on CPU and what you are doing. What Intel is saying is actually a lie, they are helping the OS or "bios" vendors basically duct tape over the defect and hide it. Intel has indicated the earliest you will see "patched" CPUs is the end of the year - which depending on the CPU - could be end of the year or end of the follow year if they follow any type of release cycle (likely to be next gen CPUs only). So updating your motherboard to the latest firmware and installing the latest version of the OS is all that you can do for now.

Oh, it is even later than that - since that is the photo I setup facebook with almost a decade ago. It is the same photo until I die... though I don't feel threatened at all... since there are always two guards at the gate to protect me :o