Re: [camram-spam] Re: Microsoft publicly announces Penny Black PoW postage project
At 01:43 PM 12/29/03 -0500, Eric S. Johansson wrote:
Bill Stewart wrote:
At 09:37 PM 12/26/2003 -0500, Adam Back wrote:
The 2nd memory [3] bound paper (by Dwork, Goldber and Naor) finds a flaw in in the first memory-bound function paper (by Adabi, Burrows, Manasse, and Wobber) which admits a time-space trade-off, proposes an improved memory-bound function and also in the conclusion suggests that memory bound functions may be more vulnerable to hardware attack than computationally bound functions. Their argument on that latter point is that the hardware attack is an economic attack and it may be that memory-bound functions are more vulnerable to hardware attack because you could in their view build cheaper hardware more [....]
Once nice thing about memory-bound functions is that, while spammers could build custom hardware farms in Florida or China, a large amount of spam is delivered by hijacked PCs or abused relays/proxies, which run on standard PC hardware, not custom, so it'll still be slow.
The Microsoft Penny Black system (not to be confused with the IBM Penny Black paper) is supposedly limited by memory /speed/ not memory size. The only nice thing about that is that memory speed doesn't vary as much between machines. About 5 to 1 vs. 100 to 1.
do the math.
d*b --- s
where: d = stamp delay in seconds s = spam size in bytes b = bandwidth in bytes per second
I don't understand this equation at all. It's the rate limiting factor that counts, not a combination of stamp speed + bandwidth. Assuming 128Kbps up, without a stamp it takes about .6 seconds to send a typical 10K spam. If it takes 15 seconds to generate the stamp, then it will take 15 seconds to send a stamped spam. It won't even take 15.6 seconds, because the calculation can be done in parallel with the sending.
assuming unlimited bandwidth, if a stamp spammer compromises roughly the same number of PCs as were compromised during the last worm attack (350,000) at 15 seconds per stamp, you end up with 1.4 million stamps per minute or 2 billion stamps per day. When you compare that to the amount of spam generated per day (high hundred billion to low trillion),
Not according to the best estimates I have. The average email address receives 20-30 spams a day (almost twice what it was last year) and there are only 200-400 million email addresses, which works out to less than 10 billion spams per day. But there's a much easier way to do the math. If 1% of the machines on the internet are compromised, and a stamp takes 15 seconds to generate, then spammers can send 50-60 spams to each person. (86400 seconds per day / 15 seconds per stamp * 1% of everybody = 57.6) You can reduce that by factoring in the average amount of time that a compromised machine is on per day. I fully expect that stamps will rise in "price" to several minutes, if camram actually gets any traction.
they are still a few machine short of what is necessary to totally render stamps useless. Yes, maybe one spammer could muster a few machines to be a nuisance but that's the extent of it.
When dealing with hardware acceleration, it becomes a hardware war. If they can make a custom hardware, Taiwan can make us USB stamp generators, postage goes to a period of rapid inflation, and the world goes back to where was before with no advantage to spammer's.
Custom hardware? I can buy a network ready PC at Fry's for $199. If it takes that machine 30 seconds to generate a stamp, and I leave it running 24/7, and replace it after 5 months, then the cost of a hashstamp is still less than 1/500 of a snail-mail stamp. Granted it's a significant increase in costs over current email, and therefore potentially a vast improvement, but it's still not expensive. Scott Nelson <scott@spamwolf.com> --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
Scott Nelson wrote:
d*b --- s
where: d = stamp delay in seconds s = spam size in bytes b = bandwidth in bytes per second
I don't understand this equation at all.
It's the rate limiting factor that counts, not a combination of stamp speed + bandwidth.
well, stamp speed is method of rate limiting. This equation/formula gives you the ratio of performance degradation. So, Given d=15, b=49152 (aka 384kbps) and s=1000 the slowdown ratio or factor is 737.28 times over what an unimpeded spammer can send. But as you increase spam size, the slowdown factor declines.
Assuming 128Kbps up, without a stamp it takes about .6 seconds to send a typical 10K spam.
If it takes 15 seconds to generate the stamp, then it will take 15 seconds to send a stamped spam. It won't even take 15.6 seconds, because the calculation can be done in parallel with the sending.
actually, it would take 15 but only because you can be sending one stamped piece of spam at the same time as you're generating the next stamp. But using your spam size, , the slowdown factor becomes roughly 73 times. So they would need 73 machines running full tilt all the time to regain their old throughput. It's entirely possible that one evolutionary response to stamps would be to generate larger pieces of spam but that would also slow them down so we still win, kind of, sort of...
assuming unlimited bandwidth, if a stamp spammer compromises roughly the same number of PCs as were compromised during the last worm attack (350,000) at 15 seconds per stamp, you end up with 1.4 million stamps per minute or 2 billion stamps per day. When you compare that to the amount of spam generated per day (high hundred billion to low trillion),
Not according to the best estimates I have. The average email address receives 20-30 spams a day (almost twice what it was last year) and there are only 200-400 million email addresses, which works out to less than 10 billion spams per day.
actually, I'm hearing that there are roughly one billion addresses but unfortunately have lost the source. The numbers for spam I'm hearing are on the order of 76 billion to 2 trillion ( 2 tril spams /day http://www.pacificresearch.org/press/clip/2003/clip_03-05-08.html 76 bil http://www.marketinglaw.co.uk/open.asp?A=703 ) If you have a better source (and I am sure there are some), I would like to hear it.
But there's a much easier way to do the math.
If 1% of the machines on the internet are compromised, and a stamp takes 15 seconds to generate, then spammers can send 50-60 spams to each person.
(86400 seconds per day / 15 seconds per stamp * 1% of everybody = 57.6)
unfortunately, I think you making some assumptions that are not fully warranted. I will try to do some research and figure out the number of machines compromised. The best No. I had seen to date was about 350,000.
You can reduce that by factoring in the average amount of time that a compromised machine is on per day.
I fully expect that stamps will rise in "price" to several minutes, if camram actually gets any traction.
well, that might be the case but I must have a who cares attitude about that. For the most part I rarely send mail to strangers and the stamp generation process is in background. So if it take several minutes to queue up and send a piece of mail a few times a month. What's the problem? (yes, I know I'm being cavalier)
Custom hardware? I can buy a network ready PC at Fry's for $199.
If it takes that machine 30 seconds to generate a stamp, and I leave it running 24/7, and replace it after 5 months, then the cost of a hashstamp is still less than 1/500 of a snail-mail stamp. Granted it's a significant increase in costs over current email, and therefore potentially a vast improvement, but it's still not expensive.
wrong unit of costs. The stamps still take 15 seconds (give or take) which means approximately 5760 stamps per day. Hardware acceleration is an attack against stamps by using dedicated hardware to shrink the cost in time of a given size stamp. so, if and evil someone can build an ASIC to shrink the cost of a stamped by 100 times, then mercenary somebody else can build the same functionality and performance as well. Plop it onto a USB interface chip, sell for $15 and balance is restored ---eric -- Speech recognition in use. Incorrect endings, words, and case is closer than it appears
On Tue, 30 Dec 2003, Eric S. Johansson wrote:
But using your spam size, , the slowdown factor becomes roughly 73 times. So they would need 73 machines running full tilt all the time to regain their old throughput.
Believe me, the professionals have enough 0wned machines that this is trivial. On the flipside, it means the machines are "burned" faster.
unfortunately, I think you making some assumptions that are not fully warranted. I will try to do some research and figure out the number of machines compromised. The best No. I had seen to date was about 350,000.
It's at least an order of magnitude higher than this, possibly 2 orders, thanks to rampaging worms with spamware installation payloads compromising cablemodem- and adsl- connected Windows machines worldwide. AB
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 30 Dec 2003, Eric S. Johansson wrote:
But using your spam size, , the slowdown factor becomes roughly 73 times. So they would need 73 machines running full tilt all the time to regain their old throughput.
Believe me, the professionals have enough 0wned machines that this is trivial.
On the flipside, it means the machines are "burned" faster.
only if the professionals are dumb enough to use the machines that are "making" the stamps to actually send the email (since it is only the latter which are, in practice, traceable)
unfortunately, I think you making some assumptions that are not fully warranted. I will try to do some research and figure out the number of machines compromised. The best No. I had seen to date was about 350,000.
It's at least an order of magnitude higher than this, possibly 2 orders, thanks to rampaging worms with spamware installation payloads compromising cablemodem- and adsl- connected Windows machines worldwide.
the easynet.nl list (recently demised) listed nearly 700K machines that had been detected (allegedly) sending spam... so since their detection was not universal it would certainly be more than 700K :(
--------------------------------------------------------------------- The Cryptography Mailing List
and in these schemes, where does our esteemed moderator get _his_ stamps from ? remember that not all bulk email is spam by any means... or do we end up with whitelists all over the place and the focus of attacks moves to the ingress to the mailing lists :( <moan> I never understand why people think spam is a technical problem :( let alone a cryptographic one :-( </moan> - -- richard Richard Clayton They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. Benjamin Franklin -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBP/HWBhfnRQV/feRLEQIyoACgrWwhmPJJYbD7elJL1D7OMOQ5HV4AoIUL 5L3wNC2PEdE3BYlUiwMBps27 =jp2y -----END PGP SIGNATURE-----
At 7:46 PM +0000 12/30/03, Richard Clayton wrote:
where does our esteemed moderator get _his_ stamps from ?
A whitelist for my friends, etc... Whitelist cryptography@metzdowd.com... Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
On Dec 30, 2003, at 1:01 PM, R. A. Hettinga wrote:
At 7:46 PM +0000 12/30/03, Richard Clayton wrote:
where does our esteemed moderator get _his_ stamps from ?
A whitelist for my friends, etc...
We're not moderated. Get used to it. Or are people _again_ spamming the Cypherpunks list with crap from half a dozen of their "moderated" lists? As for white lists, I'm all for them, though the coloreds keep trying to get government to force them out of business. --Tim May
At 07:46 PM 12/30/2003 +0000, Richard Clayton <richard@highwayman.com> wrote:
[what about mailing lists] Obviously you'd have to whitelist anybody's list you're joining if you don't want your spam filters to robo-discard it.
<moan> I never understand why people think spam is a technical problem :( let alone a cryptographic one :-( </moan>
The reason it's partly a cryptographic problem is forgeries. Once everybody starts whitelisting, spammers are going to start forging headers to pretend to come from big mailing lists and popular machines and authors, so now you'll not only need to whitelist Dave Farber or Declan McCullough if you read their lists, or Bob Hettinga if you're Tim (:-), you'll need to verify the signature so that you can discard the forgeries that pretend to be from them. You'll also see spammers increasingly _joining_ large mailing lists, so that they can get around members-only features. At least one large mailing list farm on which I've joined a list used a Turing-test GIF to make automated list joining difficult, and Yahoo limits the number of Yahoogroups you can join in a day, but that's the kind of job which you hire groups of Indians or other English-speaking third-world-wagers to do for you. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
(I have removed the various other mailing lists. People, please stop cross-posting to all of Hettinga's lists, plus Perrypunks, plus this CAM-RAM list.) On Dec 30, 2003, at 7:11 PM, Bill Stewart wrote:
At 07:46 PM 12/30/2003 +0000, Richard Clayton <richard@highwayman.com> wrote:
[what about mailing lists] Obviously you'd have to whitelist anybody's list you're joining if you don't want your spam filters to robo-discard it.
<moan> I never understand why people think spam is a technical problem :( let alone a cryptographic one :-( </moan>
The reason it's partly a cryptographic problem is forgeries. Once everybody starts whitelisting, spammers are going to start forging headers to pretend to come from big mailing lists and popular machines and authors, so now you'll not only need to whitelist Dave Farber or Declan McCullough if you read their lists, or Bob Hettinga if you're Tim (:-), you'll need to verify the signature so that you can discard the forgeries that pretend to be from them.
I don't have to whitelist anyone. If mail doesn't get to me, less junk to read. I certainly won't be running some "Pennyblacknet" scam promulgated by Microsoft. This "pennyblack" silliness fails utterly to address the basic ontological issue: that bits in transit are not being charged by the carriers (if by their own choice, fine, but mostly it's because systems were set up in a socialist scheme to ensure "free transport"...now that the free transport means millions of e-mails are charged nothing, they want the acapitalist system fixed, they hope, with either government laws or silliness about using memory speeds to compute stamp numbers...silliness). I haven't looked closely at the Pennyblack scheme, but I expect cleverness with caches and background tasks will fix things. For example, maybe people with idle CPU/memory time will sell their time to spammers, at suitably close-to-zero rates. (Essentially equivalent to Joe Sixpack selling his machine as a spam machine, which is probably likely, and still cheap for the sender.) Fixing the fundamental market distortion is the best approach to pursue. Not my problem. --Tim May
At 07:58 PM 12/30/03 -0800, Tim May wrote:
This "pennyblack" silliness fails utterly to address the basic ontological issue: that bits in transit are not being charged by the carriers (if by their own choice, fine, but mostly it's because systems were set up in a socialist scheme to ensure "free transport"...now that the free transport means millions of e-mails are charged nothing, they want the acapitalist system fixed, they hope, with either government laws or silliness about using memory speeds to compute stamp numbers...silliness).
The cost in machine resources to transmit one more e-mail is *really* small. The cost I care about is my time, specifically my time spent leafing through my likely-spam folder checking to see if someone I actually want to hear from sent me something worth seeing. (This is a hassle, because sometimes people e-mail me with questions or comments about papers I've written, and I'd like to see those e-mails. And those e-mails can come from all over the world, can have oddly-worded subject lines, etc.) If spammers had to pay for the true cost of transferring all their e-mails, spam might slow down a bit, but it wouldn't stop; bandwidth is too cheap. If they had to pay for the true cost of all the time they wasted, spam would be seriously rare. (So would telemarketing calls, and probably even junk mail; those are businesses built on shifting many of the real costs of their marketing effort onto their targets.) The only way to make spammers pay for the cost of my time is to set up some scheme where your initial e-mail to me costs some amount I set, and then I can let you in after that. But that's a lot harder to set up than hashcash or the memory-bound schemes. And certainly, doing something that takes one second on a reasonably fast machine won't make sending e-mail unusable even for fairly slow machines, while it will make spamming require getting access to lots of other peoples' machines, either by paying them or by taking them over remotely. ...
--Tim May
--John Kelsey, kelsey.j@ix.netcom.com PGP: FA48 3237 9AD5 30AC EEDD BBC8 2A80 6948 4CAA F259
On Tue, 30 Dec 2003, Bill Stewart wrote:
At 07:46 PM 12/30/2003 +0000, Richard Clayton <richard@highwayman.com> wrote:
[what about mailing lists] Obviously you'd have to whitelist anybody's list you're joining if you don't want your spam filters to robo-discard it.
<moan> I never understand why people think spam is a technical problem :( let alone a cryptographic one :-( </moan>
It has always been mostly a technical problem, and only partially a social problem.
The reason it's partly a cryptographic problem is forgeries. Once everybody starts whitelisting, spammers are going to start forging headers to pretend to come from big mailing lists and popular machines and authors, so now you'll not only need to whitelist Dave Farber or Declan McCullough if you read their lists, or Bob Hettinga if you're Tim (:-), you'll need to verify the signature so that you can discard the forgeries that pretend to be from them.
I had to change my (admittedly simple) whitelisting recently, when spammers started using the same domain name we do business under, or the name of partners.
You'll also see spammers increasingly _joining_ large mailing lists, so that they can get around members-only features. At least one large mailing list farm on which I've joined a list used a Turing-test GIF to make automated list joining difficult, and Yahoo limits the number of Yahoogroups you can join in a day, but that's the kind of job which you hire groups of Indians or other English-speaking third-world-wagers to do for you.
Yep. Spam rates have been creeping up on Debian lists, lately. Another list I'm on having to do with Oracle has been having similar problems. "Who is a meaningful member?" That's a tough question, if you don't charge, and if you do, you miss quite a bit, thus lowering the value. Commons, tragedy, etc. -j -- Jamie Lawrence jal@jal.org "Those who make peaceful revolution impossible will make violent revolution inevitable." -John F. Kennedy --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
On Tue, 30 Dec 2003, Bill Stewart wrote:
The reason it's partly a cryptographic problem is forgeries. Once everybody starts whitelisting, spammers are going to start forging headers to pretend to come from big mailing lists and popular machines and authors, so now you'll not only need to whitelist Dave Farber or Declan McCullough if you read their lists, or Bob Hettinga if you're Tim (:-), you'll need to verify the signature so that you can discard the forgeries that pretend to be from them.
You'll also see spammers increasingly _joining_ large mailing lists, so that they can get around members-only features.
This has already happened: Krazy Kevin pulled this stunt 5 years ago on at least one list I was on, joining the list to harvest the most common posters, then spamming using them as sender envelopes after he'd been kicked off.
At least one large mailing list farm on which I've joined a list used a Turing-test GIF to make automated list joining difficult,
...discrimination against blind users - this is legally actionable in several countries. There is a blind group in the UK taking action against a number of companies for this and the Australian Olympic committee ended up being fined several million AU$ for the same offence in 1999.
and Yahoo limits the number of Yahoogroups you can join in a day, but that's the kind of job which you hire groups of Indians or other English-speaking third-world-wagers to do for you.
To underscore that point, I've _watched_ cybercafes full of SE asians(*) doing exactly this kind of thing for the princely sum of US$5/day - twice the average wage of the area, even after the cafe fees were deducted. (*) Philippines and east Malaysia. AB --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
Richard Clayton wrote:
and in these schemes, where does our esteemed moderator get _his_ stamps from ? remember that not all bulk email is spam by any means... or do we end up with whitelists all over the place and the focus of attacks moves to the ingress to the mailing lists :(
He uses the stamp that you generated. Each subscruber adds cryptography@metzdowd.com as an address they receive mail at. Done. Trivial. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
Ben Laurie wrote:
Richard Clayton wrote:
and in these schemes, where does our esteemed moderator get _his_ stamps from ? remember that not all bulk email is spam by any means... or do we end up with whitelists all over the place and the focus of attacks moves to the ingress to the mailing lists :(
He uses the stamp that you generated. Each subscruber adds cryptography@metzdowd.com as an address they receive mail at. Done. Trivial.
take a look at my headers and you'll see a real example. ---eric (No. 1 generator of stamps on the Internet) -- Speech recognition in use. Incorrect endings, words, and case is closer than it appears
Eric S. Johansson writes:
Ben Laurie wrote:
Richard Clayton wrote:
and in these schemes, where does our esteemed moderator get _his_ stamps from ? remember that not all bulk email is spam by any means... or do we end up with whitelists all over the place and the focus of attacks moves to the ingress to the mailing lists :(
He uses the stamp that you generated. Each subscruber adds cryptography@metzdowd.com as an address they receive mail at. Done. Trivial.
take a look at my headers and you'll see a real example.
---eric (No. 1 generator of stamps on the Internet)
It seems like one risk for hashcash is that, when mailing lists are whitelisted, a spammer can then use the lists to amplify spam (which I think is what Richard Clayton was suggesting above). For instance, you generated a single hashcash stamp for cryptography@metzdowd.com of the same value as the stamp you generated for richard@highwayman.com. That stamp would hypothetically induce metzdowd.com to send your message to _all_ of the cryptography subscribers, all of whom have hypothetically whitelisted the list. That means that, if your message were spam, you delivered it to the whole subscriber base at very low cost. Or does hashcash only help moderated mailing lists (where it "pays" the moderator for her time)? My current impression is that it will benefit individual e-mail recipients but not help subscribers to large unmoderated mailing lists. -- Seth David Schoen <schoen@loyalty.org> | Very frankly, I am opposed to people http://www.loyalty.org/~schoen/ | being programmed by others. http://vitanuova.loyalty.org/ | -- Fred Rogers (1928-2003), | 464 U.S. 417, 445 (1984)
Richard Clayton wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 30 Dec 2003, Eric S. Johansson wrote:
But using your spam size, , the slowdown factor becomes roughly 73 times. So they would need 73 machines running full tilt all the time to regain their old throughput.
Believe me, the professionals have enough 0wned machines that this is trivial.
On the flipside, it means the machines are "burned" faster.
only if the professionals are dumb enough to use the machines that are "making" the stamps to actually send the email (since it is only the latter which are, in practice, traceable)
actually, we mean burned literally. the stamp creation process raises the temperature of the CPU. Most systems are not build for full tilt computational load. They do not have the ventilation necessary for reliable operation. So, they may get by with the first 8-12 hours of stamp generation (i.e. roughly 2000-3000 stamps per machine) but the machine reliability after that time will degrade as the heat builds up. Feel free to run this experiment yourself. Take a cheat machine from your local chop shop, run hashcash in an infinite loop, and wait for the smoke detector to go off. there is nothing quite like waking up to the smell of freshly roasted Intel.
the easynet.nl list (recently demised) listed nearly 700K machines that had been detected (allegedly) sending spam... so since their detection was not universal it would certainly be more than 700K :(
that is a nasty bit of news. I'll run some numbers based on that and see what the ratio of spam to stamp engines would be. gut sense is that it's still not horrible, just not as advantageous. but you never know until you run the numbers. thanks for the information and the source. -- Speech recognition in use. Incorrect endings, words, and case is closer than it appears
On Thu, 1 Jan 2004, Eric S. Johansson wrote:
the easynet.nl list (recently demised) listed nearly 700K machines that had been detected (allegedly) sending spam... so since their detection was not universal it would certainly be more than 700K :(
that is a nasty bit of news. I'll run some numbers based on that and see what the ratio of spam to stamp engines would be. gut sense is that it's still not horrible, just not as advantageous. but you never know until you run the numbers.
Intelligence from DSBL indicated that there were _at least_ 350k compromised machines in the USA Roadrunner network alone at one stage. They are currently tracking around 1.5 million compromised machines. The Swen and blaster worms install various spamware and backdoors. These have been estimated to have infected millions of machines worldwide and later versions removed characteristics which removed tellltale compromise signs when scanned - now they mostly "phone home", instead of listening for commands. The pool of infected machines is huge. I just hope you're right about the CPUs burning up - it doesn't happen when machines are running OGR calculations, so I suspect that you just ran into a particularly badly built example. AB
Alan Brown wrote:
They are currently tracking around 1.5 million compromised machines.
*ouch*. on 24x7 both power and connectivity?
The Swen and blaster worms install various spamware and backdoors. These have been estimated to have infected millions of machines worldwide and later versions removed characteristics which removed tellltale compromise signs when scanned - now they mostly "phone home", instead of listening for commands.
and nobody has noticed. That's mine bogglingly astounding. A friend of mine just bought an XP machine and insisted on grabbing updates herself over her modem. yes, she has soft firewalls and virus protection in place but I'm willing to bet she's one of the compromised now so I should probably investigate detection/removal tools. you do need to give Microsoft credit, after all, they are the world leader in zombie friendly software. I figured they probably have at least a three-year head start over Linux in this arena.
The pool of infected machines is huge. I just hope you're right about the CPUs burning up - it doesn't happen when machines are running OGR calculations, so I suspect that you just ran into a particularly badly built example.
no, it was a stock Intel motherboard, CPU, CPU fan in a standard (i.e. not cheap) case with reasonably sized power supply (i.e. 300 watts). It has the standard number of fans. I think this makes it even more imperative to develop the kit ability of dynamically increasing postage process based on what your peers say. what a way to start the new year. ;-) Alan, I do appreciate you carrying the message as it were. ---eric -- Speech recognition in use. Incorrect endings, words, and case is closer than it appears
-- Alan Brown wrote:
I just hope you're right about the CPUs burning up - it doesn't happen when machines are running OGR calculations, so I suspect that you just ran into a particularly badly built example.
Eric S. Johansson
no, it was a stock Intel motherboard, CPU, CPU fan in a standard (i.e. not cheap) case with reasonably sized power supply (i.e. 300 watts). It has the standard number of fans.
With modern CPUs one needs a great deal of care installing the heat sink to avoid overheating. A standard CPU fan is not equivalent to a competently built computer. A modern bios has the capability to switch the computer off if it detects overheating. Unfortunately this capability is often off by default, or is deliberately switched off by shoddy assemblers who do not care whether they have installed functional CPU cooling -- and they usually have not. I recently built a computer for my son. Went through two CPU cooling systems before I got satisfactory cooling with the third system Then after the a few months the rather small and fragile plastic motherboard clip that held the extremely massive cooling system against the CPU cracked, impairing cooling efficiency, and I had to take the system apart and McGyver a clip out of inductor wire. Since it has worked fine. Modern cpu cooling systems are so massive that we need metal to metal clips all the way through the mother board, but today's motherboards still come with these frail little crappy plastic clips suitable only for old style fans. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG jd8twQqu33IqobCtWRsiI82DmRPHLLGBFHtty1eK 44/TTa0hL/CvVpbKSadQPFrmPhdPmSiuxBQEal47m
On Jan 1, 2004, at 8:13 AM, Eric S. Johansson wrote:
actually, we mean burned literally. the stamp creation process raises the temperature of the CPU. Most systems are not build for full tilt computational load. They do not have the ventilation necessary for reliable operation. So, they may get by with the first 8-12 hours of stamp generation (i.e. roughly 2000-3000 stamps per machine) but the machine reliability after that time will degrade as the heat builds up. Feel free to run this experiment yourself. Take a cheat machine from your local chop shop, run hashcash in an infinite loop, and wait for the smoke detector to go off.
there is nothing quite like waking up to the smell of freshly roasted Intel.
I'm skeptical of this claim. A lot of Intel and AMD and similar machines are running full-tilt, "24/7." To wit, Beowulf-type clusters, the Macintosh G5 cluster that is now rated third fasted in the world, and so on. None of these machines is reported to be burning up literally. Likewise, a lot of home and corporate users are running background tasks which are at 100% CPU utilization. (Examples abound, from render farms to financial modeling to... Friends of mine run a bunch of 2 and 3 GHz Pentium 4 machines in CPU-bound apps, and they run them 24/7. (Their company, Invest by Agents, analyzes tens of thousands of stocks. They use ordinary Dells and have had no catastrophic "burned literally" failures.) Further, junction-to-case temperature in a ceramic package has a time constant of tens of seconds, meaning, the case temperature reaches something like 98% of its equilibrium value (as wattage reaches, say, 60 watts, or whatever), in tens of seconds. (For basic material and physics reasons...I used to make many of these measurements when I was at Intel, and nothing in the recent packaging has changed the physics of heat flow much.) We also used to run CPUs at 125 C ambient, under operating conditions, for weeks at a time. Here the junction temperature was upwards of 185 C. Failures occurred in various ways, usually do to electromigration and things like that. Almost never was there any kind of "fire." Just "burnout," which is a generic name but has nothing of course to do with "burning" in the chemical sense. Now I grant you that I haven't tested CPUs in this way in many years. But I am skeptical that recent CPUs are substantially different than past CPUs. I would like to see some actual reports of "burned literally" CPUs. By the way, I have run some apps on my Macintosh 1 GHz CPU which are CPU-bound. No burn ups. I'd like to see some support for the claim that running a stamp creation process is more likely to burn up a modern machine than all of these apps running financial modeling, render farms, and supercomputer clusters are doing. Until then, render me skeptical. --Tim May
-- On 1 Jan 2004 at 10:44, Tim May wrote:
Further, junction-to-case temperature in a ceramic package has a time constant of tens of seconds, meaning, the case temperature reaches something like 98% of its equilibrium value (as wattage reaches, say, 60 watts, or whatever), in tens of seconds.
The time constant for the CPU+plus cooling system is a good deal longer, and in modern CPUs the large mass of the cooling system can result in quite long periods, for example a quarter of an hour, before CPU load results in heat related shut off.
We also used to run CPUs at 125 C ambient
Today's CPUs will generally fail a bit above seventy centigrade. They frequently fail in ways that cause them to draw increased current, eventuallly incinerating the motherboard. To prevent this, always look for the bios option to shut down the motheroboard in the event of CPU overheating. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG Uw0lUnQOu8bBc6kOrcDpYZKS0DjzIgrXM9AJSVh2 49rBlWsHg9Teys0ELS5pT26g56P8tEMtp/mQ3eihl
Tim May <timcmay@got.net> wrote:
Now I grant you that I haven't tested CPUs in this way in many years. But I am skeptical that recent CPUs are substantially different than past CPUs. I would like to see some actual reports of "burned literally" CPUs.
I've never seen a "burned literally" CPU, but I have tracked the demise of an AMD K6 (or K6-2, can't remember now) from hot carrier effects. If all processors were made like that one, you would see a lot more load-induced failures. -- Riad Wahby rsw@jfet.org MIT VI-2 M.Eng
On Jan 1, 2004, at 11:56 AM, Riad S. Wahby wrote:
Tim May <timcmay@got.net> wrote:
Now I grant you that I haven't tested CPUs in this way in many years. But I am skeptical that recent CPUs are substantially different than past CPUs. I would like to see some actual reports of "burned literally" CPUs.
I've never seen a "burned literally" CPU, but I have tracked the demise of an AMD K6 (or K6-2, can't remember now) from hot carrier effects. If all processors were made like that one, you would see a lot more load-induced failures.
Just so. A lot of games are close to being CPU-bound, plus the screensavers used as Mersenne prime finders and the like, and there are few reports of house fires caused by the CPU being smoked. When I did reliability stuff for Intel, CPUs failed, but mostly not in ways that had them catching on fire, as the stamp guy is suggesting is common for stamp generation. --Tim May #1. Sanhedrin 59a: "Murdering Goyim (Gentiles) is like killing a wild animal." #2. Aboda Sarah 37a: "A Gentile girl who is three years old can be violated." #3. Yebamoth 11b: "Sexual intercourse with a little girl is permitted if she is three years of age." #4. Abodah Zara 26b: "Even the best of the Gentiles should be killed." #5. Yebamoth 98a: "All gentile children are animals." #6. Schulchan Aruch, Johre Deah, 122: "A Jew is forbidden to drink from a glass of wine which a Gentile has touched, because the touch has made the wine unclean." #7. Baba Necia 114, 6: "The Jews are human beings, but the nations of the world are not human beings but beasts."
(The use of memory speed leads to an interesting notion: Functions that are designed to be differentially expensive on different kinds of fielded hardware. On a theoretical basis, of course, all hardware is interchangeable; but in practice, something differentially expensive to calculate on an x86 will remain "expensive" for many years to come.) In fact, such things are probably pretty easy to do - as was determined during arguments over the design of Java. The original Java specs pinned down floating point arithmetic exactly: A conforming implementation was required to use IEEE single- and double-precision arithmetic, and give answers identical at the bit level to a reference implementation. This is easy to do on a SPARC. It's extremely difficult to do on an x86, because x86 FP arithmetic is done to a higher precision. The hardware provides only one way to round an intermediate result to true IEEE single or double precision: Store to memory, then read back. This imposes a huge cost. No one could find any significantly better way to get the bit-for-bit same results on an x86. (The Java standards were ultimately loosened up.) So one should be able to define an highly FP-intensive, highly numerically unstable, calculation all of whose final bits were considered to be part of the answer. This would be extremely difficult to calculate rapidly on an x86. Conversely, one could define the answer - possibly to the same problem - as that produced using the higher intermediate precision of the x86. This would be very hard to compute quickly on machines whose FP hardware doesn't provide exactly the same length intermediate results as the x86. One can probably find problems that are linked to other kinds of hardware. For example, the IBM PowerPC chip doesn't have generic extended precision values, but does have a fused multiply/add with extended intermediate values. Some machines provide fast transfers between FP and integer registers; others require you to go to memory. Vector-like processing - often of a specialized, limited sort intended for graphics - is available on some architectures and not others. Problems requiring more than 32 bits of address space will pick out the 64-bit machines. (Imagine requiring lookups in a table with 2^33 entries. 8 Gig of real memory isn't unreasonable today - a few thousand dollars - and is becoming cheaper all the time. But using it effectively on a the 32-bit machines out there is very hard, typically requiring changes to the memory mapping or segment registers and such, at a cost equivalent to hundreds or even thousands of instructions.) -- Jerry --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
participants (14)
-
Alan Brown
-
Ben Laurie
-
Bill Stewart
-
Eric S. Johansson
-
jal@jal.org
-
James A. Donald
-
Jerrold Leichter
-
John Kelsey
-
R. A. Hettinga
-
Riad S. Wahby
-
Richard Clayton
-
Scott Nelson
-
Seth David Schoen
-
Tim May