Connect with us


Winning over giants like Intel key to growth • The Register

Voice Of EU



Interview The CEO of RISC-V’s governing body says she wants to nothing less than “world domination” for the rising open-source processor technology, but to do that, the nonprofit needs buy-in from a variety of organizations, even those steeped in dominant, proprietary architectures, such as x86 giant Intel.

In an interview this week with The Register, RISC-V International CEO Calista Redmond reckons the buy-in, which comes in the form of paid memberships, is needed to support ongoing development of the royalty-free CPU instruction set architecture to better compete with x86 and Arm ISAs.

“We have to have a level of funding in order to operate and manage this special rodeo of ours,” she says.

Redmond, an IBM veteran, pitches involvement in RISC-V International, which gives paying members an extra level of say in the ISA’s future development, as a more even playing field for tech companies than what has been allowed with proprietary ISAs, namely x86 and Arm.

“What everybody gets from this is the vested collective interests of everyone involved to say, ‘My destiny isn’t pinned to any one or five companies. Everyone’s investing together, therefore, my level of risk is much lower’,” she says.

When Intel joined RISC-V International in February, it became a premium member, the top membership tier that gave the semiconductor giant a seat on the nonprofit’s board and the Technical Steering Committee, which determines new features and specifications for the ISA.

For those privileges, Intel and the other 19 premium members each chip in an annual fee of $250,000, according to the nonprofit’s website.

Redmond characterizes the interest of these premier members like this:

Besides Intel, other major companies with premier memberships include Alibaba Cloud, Google, Huawei, Unisoc, Western Digital, and ZTE.

The premier members also range from startups like StarFive, Ventana and Micro Systems, to SiFive, the latter of which is hoping to go public in the next two years with a RISC-V CPU licensing business.

There are many more RISC-V International members at the “strategic” level, which still gives them the ability to weigh in on the future development on the ISA but not at the same level as premier members.

These members, which include Canonical, Nvidia, and Samsung, pay as much as $35,000 for an annual membership. Smaller organizations pay half or less.

But it’s not just companies that are members. RISC-V’s more than 2,400 members also include universities, and government-related entities.

Just last week, India’s government announced that it had become a premier member and revealed a RISC-V roadmap for homegrown processors.

Another significant government-related entity with premium membership is the Chinese Academy of Sciences, which participates through its Institute of Software and Institute of Computing Technology. The academy is on the US Entity List of trade-restricted organizations, which underlines the unique position RISC-V is in with its open-source nature amid international tensions.

But Redmond says that, as with other countries, such as Russia, RISC-V International is “not required to block anybody from engaging and participating,” though the organization will make changes if needed.

“If things go the way of sanctions that are heavier on a country level, we may need to pivot, but at this point we are abiding by things and [are] in very close contact in understanding what are other open source and global organizations doing,” she says.

CEO has nuanced view of what RISC-V’s rise will look like

For member companies that have historically been associated with proprietary ISAs, such as x86 or Arm, Redmond tells us they are looking at RISC-V to diversify their risk. It also gives these companies another ISA to support their increasing heterogenous computing needs.

“It makes business sense to do it,” she says.

In the case of Intel, Redmond thinks the x86 giant’s involvement with RISC-V is helping support the company’s revitalized contract manufacturing business, which has vowed to make custom chips for others using x86, Arm or RISC-V ISAs as part of a larger comeback plan.

While Intel’s move to support RISC-V could seen as a conflict with the semiconductor giant’s traditional x86 business, Redmond admits that she doesn’t think RISC-V poses an existential threat.

“This isn’t inside information, but I’m pretty sure they’re not too worried about their x86 business. I mean, they’ve locked that in. They’ve got so many customers that have some millions into that already. People are not typically ripping out existing investments,” she says.

However, Redmond does see an opportunity for RISC-V to win business in new and emerging workloads, and she thinks over time devices and IT infrastructure will increasingly shift to the open-source ISA.  

“Now one or two generations down the line as you continue to advance and evolve your portfolio, I expect many of those may shift to RISC-V,” she says.

But Redmond has a more nuanced view of what a world filled with more RISC-V designs will look like. She doesn’t necessarily believe x86 and Arm will fall out of fashion. Instead, she suspects tech companies will increasingly see RISC-V, x86 and Arm ISAs as tools within the same toolbox. This will lead to a greater mix of ISAs used in devices and IT infrastructure, which is already starting to play out.

For instance, Intel uses Arm core designs for some products, including its Mount Evans infrastructure processing unit. AMD relies on Arm for hardware-based security within its processors, and its reportedly looking at incorporating RISC-V into future products. While Nvidia is expanding its use of Arm with upcoming server CPUs, it also uses RISC-V within its GPUs, as does Imagination, which backs the architecture.

“You start to look at technology and hardware differently as building blocks rather than a blind allegiance,” says the CEO.

RISC-V can move faster than Arm

It’s important to note that RISC-V, for the most part, is pretty far out from powering mainstream processors in servers and PCs.

Patrick Little, CEO of RISC-V designer SiFive, told us in March he doesn’t expect to see commercial processors using the company’s designs in PCs until late 2025, and server efforts will take longer than that.

It should be noted too that Arm has only just started to become a serious contender in PCs and servers over the past couple years.  

But Redmond says that Google and other so-called hyperscalers are working on RISC-V projects “under the covers” and pointed out that the ISA is also used in microcontrollers in storage devices from companies like Western Digital and Seagate.

She also highlights Alibaba Cloud’s XuanTie RISC-V processors, which have been marketed for networking devices, gateways and edge servers [PDF].


Intel joins RISC-V governing body, pledges $1bn fund for chip designers


Another company, Esperanto Technologies, is testing its 1,000-core RISC-V AI chip with Samsung’s IT services arm and other companies, Redmond noted. We also know of another startup, Ventana Micro Systems, that is building RISC-V server chips.

Redmond didn’t cite any examples of PC activities. We do know that SiFive launched a RISC-V development board for desktops in late 2020, for instance, while Microchip offers RISC-V boards, folks are recreating the TRS-80 Model 100 with a RISC-V system-on-chip… it’s safe to say various projects and products are on the go.

She promises we will see more examples of RISC-V implementations of both servers and PCs later this year.

“You’re going to see a laptop this year. You’re going to see more datacenter implementation stories this year,” she says.

The CEO also makes a bolder promise: whereas it took Arm about 20 years to get where it is today, she predicts it will take RISC-V roughly five years to make the same amount of progress. “Where are we in the adoption curve? We’re not halfway yet, but we are getting there very quickly,” she says.

The caveat, she adds, is that the five-year timeline is an “imprecise measurement,” as RISC-V International and its members need to fill out some additional capabilities on the instruction set side as well as software support to cover a broad spectrum of applications.  

But what makes Redmond confident in RISC-V’s ability to gain more traction over the next few years is the growing support the ISA has received from a plurality of organizations.

“The reason that we’re getting there faster is that we have a greater shared pool of investment across the community that is driving that,” she says. ®

Source link


Dublin’s Circit raises €6.5m for open banking platform

Voice Of EU



CEO David Heath told that Circit is to auditing verification what Stripe is to payments.

Irish open banking start-up Circit has raised €6.5m in funding for its financial auditing management platform.

The Dublin-based fintech has developed a platform for managing financial auditing used by banks, solicitors and brokers. Circit is regulated by the Central Bank of Ireland as an account information service provider under PSD2 – the EU regulation for open banking.

Future Human

Investment in this Series A round was led by New York-based Aquiline Technology Growth and Luxembourg-based MiddleGame Ventures, both of which are fintech-focused VC firms.

CEO David Heath told in an interview that a number of team members in Circit have come from auditing backgrounds in big firms who think the industry, which is going through its “biggest reform in decades”, could do with more digitalisation.

“We saw a lot of manual processes that were going on that we felt could be automated, which would free us up to do more valuable work for the client,” said Heath, who was previously an auditor with Grant Thornton and a director with E-Commerce Accounting.

“Rather than wait for regulators to prescribe the change, we proactively re-imagined and designed a platform that gives auditors a new way of obtaining independent audit evidence that both reduces risk and cuts verification time from weeks to minutes.”

Heath said the open banking platform frees up auditors from manual and time-consuming processes, providing automation for third-party confirmations and verified insights on bank and digital asset transactions.

“Our aim is to help auditors become highly skilled in addressing the future risks facing businesses and the economy,” he added. “In a way, what Stripe is for payments, Circit is for auditing verification.”

Founded in 2017, Circit counts more than 200 audit businesses including Deloitte and PwC among its clients. While headquartered in Dublin, it has operations in the UK and Spain, and clients all over Europe, the United States, Australia and the greater APAC region.

Circit grew significantly during the pandemic, which saw its workforce shoot up from just seven to a team of 35. It raised €1.1m in a July 2020 funding round to accelerate its international expansion and create 20 new jobs.

Last year, Circit acquired UK-based Audapio, a tech company that builds data analytics tools for financial auditing and fraud monitoring. In February, it signed a deal with Danske Bank UK to integrate its tech with the bank’s audit confirmation response operations.

Heath told that the latest funding will be used to invest in further developing the Circit platform and pushing for the company’s growth internationally.

Patrick Pinschmidt, general partner for MiddleGame Ventures, said that while Circit is addressing a “persistent pain point” by digitising the audit confirmation process, he sees broader use cases for the company’s tech.

“The combination of open banking tools and the integration of financial institutions and corporates into Circit’s solution will lower costs and improve transparency as the company helps digitise a cross-section of workflows for a global customer base.”

Pinschmidt, along with Giovanni Nani of Aquiline Technology Growth, will join Circit’s board as a result of the investment to help scale the company’s international expansion.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Source link

Continue Reading


YouTube removes more than 9,000 channels relating to Ukraine war | YouTube

Voice Of EU



YouTube has taken down more than 70,000 videos and 9,000 channels related to the war in Ukraine for violating content guidelines, including removal of videos that referred to the invasion as a “liberation mission”.

The platform is hugely popular in Russia, where, unlike some of its US peers, it has not been shut down despite hosting content from opposition figures such as Alexei Navalny. YouTube has also been able to operate in Russia despite cracking down on pro-Kremlin content that has broken guidelines including its major violent events policy, which prohibits denying or trivialising the invasion.

Since the conflict began in February, YouTube has taken down channels including that of the pro-Kremlin journalist Vladimir Solovyov. Channels associated with Russia’s Ministries of Defence and Foreign Affairs have also been temporarily suspended from uploading videos in recent months for describing the war as a “liberation mission”.

YouTube’s chief product officer, Neal Mohan, said: “We have a major violent events policy and that applies to things like denial of major violent events: everything from the Holocaust to Sandy Hook. And of course, what’s happening in Ukraine is a major violent event. And so we’ve used that policy to take unprecedented action.”

In an interview with the Guardian, Mohan added that YouTube’s news content on the conflict had received more than 40m views in Ukraine alone.

“The first and probably most paramount responsibility is making sure that people who are looking for information about this event can get accurate, high-quality, credible information on YouTube,” he said. “The consumption of authoritative channels on our platform has grown significantly, of course in Ukraine, but also in countries surrounding Ukraine, Poland, and also within Russia itself.”

YouTube did not provide a breakdown of the taken-down content and channels but Mohan said much of it represented Kremlin narratives about the invasion. “I don’t have the specific numbers, but you can imagine a lot of it being the narratives that are coming from Russian government, or Russian actors on behalf of the Russian government,” he said.

Sign up to First Edition, our free daily newsletter – every weekday morning at 7am BST

YouTube has an estimated 90 million users in Russia, although it no longer allows advertising on the platform in the country. The decision by YouTube’s parent company, Google, has drawn protests from Navalny, who said well-targeted ads helped counteract Kremlin propaganda.

“YouTube remains the largest video-sharing site up and running in Russia itself,” said Mohan. “So YouTube is a place where Russian citizens can get uncensored information about the war, including from many of the same authoritative channels that we all have access to outside of the country. We remain an important platform for Russian citizens themselves as this crisis continues to evolve.”

Last week, the Russian minister for digital development, Maksut Shadaev, said the country would not block YouTube, despite disputes over content that have resulted in the platform being fined in court for not removing banned videos.

Shadaev indicated that blocking Russia’s most popular social media platform would affect users. “We are not planning to close YouTube,” the minister said. “Above all, when we restrict something, we should clearly understand that our users won’t suffer.”

YouTube has also placed a worldwide ban on channels associated with Russian state media, including Russia Today and Sputnik. Facebook and Instagram are banned in Russia and access to Twitter has been restricted, in response to the platforms’ own bans on Russian state-owned media.

Source link

Continue Reading


Russian-backed rulers of Costa Rican hacktocracy? • The Register

Voice Of EU



In brief The notorious Russian-aligned Conti ransomware gang has upped the ante in its attack against Costa Rica, threatening to overthrow the government if it doesn’t pay a $20 million ransom. 

Costa Rican president Rodrigo Chaves said that the country is effectively at war with the gang, who in April infiltrated the government’s computer systems, gaining a foothold in 27 agencies at various government levels. The US State Department has offered a $15 million reward leading to the capture of Conti’s leaders, who it said have made more than $150 million from 1,000+ victims.

Conti claimed this week that it has insiders in the Costa Rican government, the AP reported, warning that “We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power, you have introduced an emergency.” 

Experts who spoke to the AP said they doubt actual regime change is likely, or the goal; Emsisoft analyst Brett Callow told the newswire that the threats are simply noise, and not to be taken seriously.

Callow may be right: News unfolding late this week suggests that Conti has gone offline, and may be breaking into several subsidiary groups. Its political ambitions in Costa Rica may just be a distraction, albeit one that could also turn a tidy profit. 

NSA: Trust us, no post-quantum encryption backdoors

The NSA wants to ease everyone’s concerns now: Even though it’s been involved in the US government’s post-quantum encryption research, the spy agency won’t have a backdoor.

Speaking to Bloomberg while discussing the National Institute for Standards and Technology’s post-quantum encryption competition, NSA Director of Cybersecurity (and Christmas-tree hacker) Rob Joyce said the new standards being developed are so strong that “there are no backdoors.” 

That would be a departure from previous encryption standards, which the NSA is believed to have had ready access to – until foreign spies acquired a copy of the backdoor software for their own use. The Biden administration recently announced additional funding for post-quantum encryption research, which aims to develop a form of protecting sensitive data so secure that even a quantum computer couldn’t crack it. 

The US has been actively working to develop encryption standards able to stand up to quantum computers for some time; Joyce claimed to Bloomberg that the NSA has had its own post-quantum encryption algorithms for several years, but those aren’t part of the NIST competition or available to the public. 

Despite spending tens of millions to address the security problems posed by quantum computers, the NSA also readily admits that it has no idea when, or even if, quantum computers able to crack modern public key cryptography will be realized. 

Frustrated IT admin gets seven years for deleting company databases

A former database administrator from China who wiped out his employer’s financial records has been sentenced to seven years in prison as a result.

Han Bing, who managed databases for Chinese real estate brokerage Lianjia, allegedly used his administrator access and root privileges to log in to two of Lianjia’s database servers, and two application servers, where he wiped financial data and related applications that took the company’s entire finance system offline, said Chinese news sources. 

Bing was reportedly disgruntled with his employer. He repeatedly warned them of security flaws in Lianjia’s finance system but felt ignored and undervalued, Lianjia’s ethics chief testified in court. Bing’s actions directly cost the company around $27,000 to recover data and rebuilt systems, but that doesn’t include the impact of lost business.

Bing was caught when Lianjia questioned everyone with access to the financial systems who had permissions to do what Bing did, of whom there were only five. The company claims that Bing acted suspiciously when asked to present his laptop for inspection, refusing to provide his password and claiming privacy privileges. 

The company said it suspected none of the laptops would show traces of the attack, but wanted to see how those it questioned would react. Investigators were later able to recover logs that pointed to Bing’s laptop’s IP and MAC addresses, and crosschecking logs against security footage put Bing in the right place at the right time to be the guilty party.

Apple patches a whopping 98 separate vulnerabilities

Apple has had a busy week: In a series of security updates released Monday and Wednesday, the iMaker patched 98 separate vulnerabilities out of its various software platforms.

The updates in question cover most every bit of software Apple makes: WatchOS, iOS and iPad OS, macOS Monterey, Big Sur and Catalina, Xcode, tvOS, Safari and iTunes for Windows were all included. Most of the vulnerabilities are from the past few months, but one common vulnerability and exposure (CVE) number covered by the updates dates back to 2015.

A few of the vulnerabilities covered by this week’s glut of Apple patches were rolled out previously for one system, but not others, as was the case with CVE-2022-22674 and -22675, which were patched in macOS Monterey, but not older versions, in April. Those vulnerabilities were reportedly being actively exploited at the time. 

Malicious applications executing arbitrary code with kernel privileges appears to be the most common type of hole being closed in this round of patches, though some do stand out, like Apple Watch bugs that could let apps capture the screen and bypass signature validation.

On iOS, vulnerabilities patched include websites being able to track users in Safari private browsing mode, while macOS users are being protected against apps being able to bypass Privacy preferences and access restricted portions of the filesystem.

Russian-backing Chaos ransomware variant is pure destruction

Cybersecurity firm Fortinet has discovered a variant of the Chaos ransomware that professes support for Russia’s invasion of Ukraine, but appears to have no decryption key to rescue victims in Putin’s regime. 

The variant appears to have been compiled with Chaos’ GUI customization tool as recently as May 16, Fortinet said. The researchers said they’re unsure how the Chaos variant infects its victims, and said the variant doesn’t act any differently than typical Chaos ransomware. 

Like other forms of Chaos, it enumerates files on infected systems, and irrevocably damages any larger than around 2MB by filling it with random bytes. Anything smaller is encrypted, but recoverable with a key. Chaos also typically attacks commonly used directories like Desktop, Contacts, Downloads and Pictures, which are encrypted entirely. 

Here’s where this Chaos variant differs: It’s overtly political, and instead of offering contact info and a ransom demand, the malware simply says “Stop Ukraine War! F**k Zelensky! Dont [sic] go die for f**king clown,” along with a pair of links to sites claiming to belong to the Information Coordination Center, but offering no information otherwise. Files are also encrypted with a “f**kazov” extension, likely referring to the Ukrainian Azov Battalion.

Fortinet said that this Chaos variant appears unique in the sense it appears designed to be file-destroying malware. “This particular variant provides no such avenue as the attacker has no intent on providing a decryption tool … clearly, the motive behind this malware is destruction,” Fortinet said. 

The FortiGuard team behind the research warns that with its GUI, Chaos ransomware has become a commodity product, and it expects additional attacks of this variety to emerge. ®

Source link

Continue Reading


Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!