Does "The bias is in favor of clean athletes: that you can be clean and win' actually follow in any way from the discussion of various bike, itinerary, and diet optimizations that would presumably also be helpful to people shot full of veterinary hormones or whatever; or is this just Tygart saying what his job requires?

I'm definitely not a cycling strategist; but the various optimizations described sound like they are either neutral(like lower drag frames), or potentially even more helpful if you can find a way to sneak a few drugs in(like tighter diet control and better route planning that would potentially reward the ability to make quick metabolic adjustments under specific circumstances); none of those changes sound like they are skewed in favor of baseline users specifically.

Sharepoint is where documents go to die; so ransomware is more of a euthenasia policy than a real attack.

The only nice thing I can say about Broadcom's support portal(which is shit regardless of what 'entitlements' it thinks your account has) is that it treats the SHA hashes as being on the public side of the paywall for any downloads that require a signed in account and specific blessings of that account; rather than putting the SHA and the download link on the same paywalled page.

This makes getting the binary from someone more competent and then checking its legitimacy considerably easier.

Yeah, I was adding that note mostly because it is relevant to the "but what if they encrypted a hospital and people are dying right now?" case. If it were actually the case that you just needed a private key and 10 minutes to get things back up and running you would need to at least reckon with the "yes, we are in fact incurring more downtime now, with the consequences that probably entails, because we believe it will result in better ongoing results" issue. Since recovery tends to be fairly arduous even when people do pay up(and often relies in large part on the same capabilities you'd use for a rebuild or restore from backups) the questions about whether you'd really let patients die while the lab is down are often less compelling than they sound(not entirely fictitious, depending on the size of the population served by the lab and the urgency of their requirements even an hour's difference could easily be killing someone). It's still something you do because you think the ongoing equilibrium created by not paying will be better; but the option you are turning down is not necessarily particularly fast.

I'm really not sure why I'd want to risk helping fund a domestic authoritarian when I've got the option of spending less on a foreign one whose reach is less likely to include me.

There are absolutely Americans I could get behind buying hardware from; but, for some weird reason, naming your defense contractor after a Tolkien thing is a pretty reliable sign of being among the most degenerate flavors of reactionary techbro going.

That's true; I was speaking a bit too informally: my intended meaning was that, in terms of bandwidth, one of the contemporary Nvidia datacenter systems is very much set up to avoid bottlenecking on the CPU or the PCIe root complex. It's true that a lot of their marching orders have to be delivered from CPU to GPU; but the local NVLink and placement of RDMA infiniband or bluefield ethernet DPUs on the same PCIe switches as the GPUs is very much intended to minimize the amount of traffic where the GPU is directly in the critical path.

They don't seem to have done much in the direction of trying to cut the CPU out of the action entirely(I think some of their DPUs can act as PCIe roots if you really want them to; but that's kind of a niche thing); and it's probably not worth the effort when there are a competitive number of options for CPUs that have a big chunky memory controller for system RAM and enough PCIe and general maturity to handle miscellaneous peripherals and the housekeeping OS. They absolutely have done a fair amount of work to cut the CPU out of the critical path for high speed data transfer; with their NVLink-equipped parts being placed significantly higher up the performance ladder than the PCIe only ones(and even those aren't just sitting waiting for PIO all day); and GPUDirect RDMA on network interfaces for scaleout is considered an important feature.

They definitely don't exactly skimp on CPU in their own DGX units; so they aren't exactly vestigial; but the intent certainly appears to involve leaning as little on the CPU's capabilities as possible.

What seems most interesting about going RISC-V is that, while their attempt to buy the company didn't go so well, Nvidia already has pet ARM parts, both 'grace hopper' and in their DPUs. Not sure if that's a future option thing, or a china market thing.

"See how banning crime worked for you, lol" isn't quite false; but it's not really a terribly good analogy in this case. Banning stabbing is more of a parallel to banning cyberattacks; and obviously both of those bans neither prevent stabbings nor prevent cyberattacks.

This is an attempt to change the incentives: on the org side by removing "just pay up" as an implicit alternative to "do better DR", and hopefully getting IT more attention for security and DR work; and on the attacker side by creating a group of potential victims who are legally forbidden to pay; so hopefully are seen as less worth the trouble.

Purely malicious or political wipers won't give a damn; but the guys looking to get paid may well be influenced by the fact that the people they are looking to negotiate with can only get fired for bad IT; but could potentially see actual charges for paying them, and will be evaluating accordingly.

One thing to remember is that, depending on the attacker and the details of the attack, it's often the case that paying also doesn't allow a particularly quick restore(even if you are doing the crazy risky thing of just slapping what got owned back into production and calling it good).

Some threat actor groups are pretty sophisticated in offensive operations; but the quality of their decryptor tools and the 'support' side of the equation is often pretty variable; and, no matter the tools, the logistics of shoving updated config and data into a whole lot of broken endpoints is always going to suck; especially when IT staffing is pretty much universally cut right down to the number of people who can keep the fires to a minimum when all the RMM tools are working and it's mostly break/fix.

Given how absolutely terrible motherboard vendor software support tends to be(both timeliness, existence, and quality of firmware and BMC updates, and any of the awful OS-level utilities they provide) I'd be deeply unnerved at the thought of bringing them any further into the process; but you could probably get a lot of the same benefits by taking advantage of the fact that hypervisor support can be pretty safely assumed even on consumer tier hardware of late.

A sufficiently sophisticated attacker could probably do things that you could only stop if you did add some dedicated hardware control buttons(ideally not run through the same EC that handles OS-visible peripherals; those sorts of embedded processors are more obscure than hardened) to manipulate the hypervisor state; but (especially if it was a niche configuration) you could probably get a considerable percentage of the benefits on standard hardware with just one teeny guest that owns the SSD and presents a virtual disk to the primary guest that owns everything else and talks to the virtual disk; especially in environments where there's enough IT admin that "just don't let the user touch the hypervisor config" is a viable option; rather than the self-serve case where you would need an interface that the user can reach interactively but OS malware cannot.

Sort of a Qubes-like; but storage focused.

It's definitely interesting that Nvidia thinks RISC-V is big enough to be worth the port; but describing the CPU as 'central' to Nvidia's preferred design is deeply overselling it. The recommended layout is basically a bunch of GPUs chatting with one another over NVLink within the chassis; and using GPUDirect RDMA on Nvidia infiniband cards located on the same PCIe switch that the GPUs are for scaleout; with Nvidia ethernet DPUs handling the remaining high speed networking; and the CPU doing housekeeping.

Given that porting and maintaining on another ISA isn't free the fact that Nvidia bothered is certainly a vote of confidence is at least middling RISC-V options actually being attractive to enough potential buyers to be worth it; but the CPU is not intended to be a major player in a CUDA-oriented system, especially one of the larger ones.

Even if we take the claims about the quality of 'AI' tools at face value; it seems fundamentally contradictory to talk about the situation as though they can just keep making engineers more productive.

The exact multiple of the baseline 1x engineer isn't entirely clear; but at some point the ability of a human to act on outputs and provide further prompts in response is reached. Any further improvements in productivity would then have to come from they system being reliable enough that much of its output simply doesn't need a close look and it can complete much larger chunks without being talked through it repeatedly. That's certainly not inconceivable; but if the tool is reaching those levels of semi-autonomy the need for a hotshot engineer is now declining because you can mostly get away with just letting the bot do its thing.

It seems sort of like saying that machine tools and heavy industrial equipment will produce "100x blacksmiths". If you just look at nail output per person per hour it's probably more like 100,000x blacksmiths; but the secret to producing more nails was not better power hammers; it was the fact that we don't really use blacksmiths to produce nails anymore.

I wanted to like GATTACA; but it really ended up being almost the opposite of what it professed to be about(admittedly, in a way that seems very much like something we would do): the premise is supposedly that genetic engineering has allowed all men to not be created equal, and there are some lightweight examples of that being true(none of the engineered characters require corrective lenses; some of the naturals are identifiable by being contact lens users); but in important areas it just never actually seems to matter; the main character is supposed to have a serious cardiac condition that, um, never actually stops him from out-swimming his modified brother through the power of the human spirit or conducting astronaut training as long as he plays back the cardiac data from the suicidal athlete whose identity he assumed(apparently genetic optimization doesn't extend to psych coverage?)

And the society itself seems to realize that at some level: theoretically the premise is deeply troubling because what of a society where people are profoundly unequal by birth; but in implementation there's precious little sign of 'meritocratic' squeeze-out (there's the one woman in the astronaut training program who isn't going to make the cut because she uses glasses; but is still in the training program for some reason?): just people getting hired based on a genetic test and the ongoing battle by the protagonist to carefully cover all traces of his DNA with replacements from the guy he is impersonating because his job performance won't actually matter if the geneticops enforcing the haves/have-nots distinctions aren't doing performance based evaluations.

As noted; using relatively weak scientific evidence to justify treating people with wealthy parents as though they are better than the rest is absolutely something we would do; we'd love a blood test for legacy admits; but as a movie about genetic engineering making people unequal, rather than a movie about people running a caste system loosely justified by genetic engineering, it really doesn't go much of anywhere.

I suspect that the "I made a lot of money selling enterprise resource data munging cloud solutions or something; therefore I am very smart" crowd is more susceptible than average to the specific "Now, I'm not going to say 'eugenics'; but clearly you want your children to be just plain better, like you..." sales pitch; but the genre of hope-and-hype 'this will make life better for your child' seems to have more or less universal appeal. The upmarket techie flavor leans a bit GATTACA, and probably has a lot more literature that is the layman's idea of what good scientific papers look like; but it's basically the same impulse that has people taking prenatal wellness supplements of deeply dubious efficacy and experimenting with prenatal classical music and stuff.

I'm not particularly inclined to be trusting of someone squeezing PCR until it bleeds and then shoving what comes out into their proprietary risk model until they've shown some pretty solid results; but it's not like 'prospective parents who want healthy babies' are a weird niche audience. Especially if it's an IVF-related intervention; which presumably means that most of your customers are coming in the door with some combination of fertility issues, an atypically high number of miscarriages or stillbirths, or one of the relatively well characterized and dire heritable conditions that are closer to "25%, maybe 50-50 in males if it's X-linked" than to "well, meta-analysis suggests that these 853 genes can nudge the risk of the autism by an amount that was technically statistically significant".

"Right now, at $2,500 per embryo-screening on top of the average $20,000 for a single cycle of IVF, Siddiqui's social network in Silicon Valley and other tech hubs is an ideal target market..."

Selling upmarket sounds like it's more about the lack of validation than about the actual cost. If you actually knew that it worked a one time $2,500 to mitigate, or even moderately depress the incidence on average, of "bipolar disorder, cancer, Alzheimer's disease, obesity and schizophrenia" would be stupid cheap. If you spread appointments out and are mostly on older drugs with generics $2,500 might cover a year of outpatient psychiatry, ignoring the costs and unpleasantness of having a psych condition to deal with; and if there's a cancer you can deal with for at or under that amount it'd probably be a nice clean presentation of an early stage skin cancer that the dermatologist can deal with; definitely not one that gets punted to the oncologists.

It's just that if you are currently at the Theranos "we can totally do stuff with PCR that stuffy 'scientists' say is statistically troublesome"; then we grind it up with our proprietary models, you are basically left selling to the anxiety of the cost-insensitive. If the method were actually validated not paying ~10%more to have your IVF round QAed would look like reckless negligence; but that 'if' is very load bearing.

Allegedly this was a permitted practice; but the speed with which they said that they will be abandoning it once it became public knowledge; and the number of federal IT people ProPublica was able to find who had never heard of it, suggests that either the proposal that was approved was not entirely candid about what the plan was; or the approver was too low or obscure to actually approve.

This certainly wouldn't be the first time that something perfectly on the up and up was abandoned for PR reasons; but MS would probably be loathe to give up the ability to whitewash whoever into sensitive projects by having an $18/hr copy-paste pal in the loop; so they must see the exposure as potentially serious.