Earlier this week, Jessica Mauerhan found herself in possession of two commodities that have recently grown scarce: a box of antiviral masks and a Logitech webcam.
Mauerhan, a software engineer based in McKinney, Texas, donated the masks to her local midwife’s office so they could continue delivering babies. She gave the webcam to a neighbor so he could begin working from home.
“Both offered to bring me toilet paper as payment,” she tweeted. “What a world we live in now.”
Logitech webcams and other cheap video conferencing devices have largely sold out worldwide as millions work and study from home because of the coronavirus pandemic. In many cases, buyers placing orders today will have to wait one month or longer to receive the equipment. Dell is telling U.S. customers it won’t be able to deliver one popular Logitech model until early July.
Headsets designed for workplace communications are also harder to come by than usual. On Microsoft’s online storefront, several popular Poly and Logitech headsets are currently on back order.
The shortage of these devices is frustrating students as they begin taking classes from home and healthcare providers as they look to set up virtual appointments with patients. Many businesses have been unable to equip their newly remote workforces with the webcams and headsets they need to participate in online meetings fully.
After many staffers began working from home earlier this month, Chapman University accelerated its rollout of Microsoft Teams. Webcams and headsets suddenly became essential tools for its workers. Fortunately, the school ordered a limited number of devices before they began selling out. But obtaining additional equipment has become nearly hopeless.
At first, the school thought it could merely reimburse employees who found the gear themselves. “But the reality is that’s almost impossible,” said Phillip Lyle, Chapman’s assistant vice president of enterprise and research infrastructure.
The shortage is doubtlessly tied to a surge in the usage of cloud-based video conferencing apps. Microsoft said its Teams collaboration app added 12 million daily active users between March 11 and March 18, a 37% increase. Cisco, meanwhile, said last week traffic to its Webex meeting service had tripled in the United States.
The current pandemic has disrupted IT supply chains because many electronic manufacturers are in China, where the epidemic started. China has stopped the spread of the virus, but manufacturers are recovering slowly. IDC recently reported that factories won’t be operating at full capacity until May or June.
Logitech, a leading provider of inexpensive webcams, wouldn’t say whether it was having a hard time getting its manufacturers to fulfill orders. In a statement, the company said it was attempting to increase production as quickly as possible in response to “extremely high demand” for its products.
Some resellers have started jacking up the prices of webcams. On Amazon, one merchant was selling a Logitech C920 high-definition webcam for $339.95 on Wednesday. The vendor’s suggested retail price is $79.99.
“It’s just like hand sanitizer in a lot of ways,” Lyle said.
A HashiCorp Nomad beta release this week could help it encroach on Kubernetes’ territory with advanced IT automation for legacy applications and a simpler approach to container orchestration.
Hashicorp first released the open source workload orchestrator in 2015, a year after Kubernetes arrived in the market. But since then, Kubernetes has become the industry-standard container orchestrator, while Nomad Enterprise is HashiCorp’s least-used commercial product in a portfolio that also includes Terraform infrastructure as code, Vault secrets management and Consul service discovery.
These products are also commonly used in Kubernetes environments, and HashiCorp officials typically prefer to frame Nomad as complementary to Kubernetes, rather than a competitor. In the past, HashiCorp’s documentation has pointed out that past versions of Nomad orchestrated only compute resources, scheduling workloads on separately managed underlying resources. This made for a simpler but less complete approach to workload automation, as previous versions of Nomad did not handle networking and storage for application clusters, as Kubernetes does.
However, with version 0.11, released in beta this week, HashiCorp Nomad’s storage features draw closer to those offered by Kubernetes. The new capabilities include support for shared storage volumes through the open source Container Storage Interface (CSI), a set of APIs supported by most major storage vendors. CSI is most commonly used with Kubernetes, but any CSI plugins written to work with Kubernetes will also work with HashiCorp Nomad as of version 0.11.
HashiCorp Nomad version 0.11 also introduces horizontal application autoscaling capabilities, as well as support for task dependencies in cases where application components must be deployed in a certain order on a container cluster.
“[Nomad] can still coexist with Kubernetes, especially for legacy applications when customers prefer to use Kubernetes for containers,” said Amith Nair, VP of product marketing at HashiCorp. “But the [new] features make it a more direct comparison, and we’re starting to see increased usage on the open source side, where some customers are downloading it to replace Kubernetes.”
In the last six months, open source downloads of HashiCorp Nomad have doubled each month to reach 20,000 per month, Nair said. A hosted Nomad cloud service also remains on the company’s long-term roadmap, which would likely compete with the many hosted Kubernetes services available.
HashiCorp Nomad seeks app modernization niche
Most of HashiCorp Nomad’s workload orchestration features can be used to modernize legacy applications that run on VMs. Nomad’s scheduler, when used with Consul service discovery, can optimize how applications on VMs and containers use underlying resources. With version 0.11’s CSI support, HashiCorp Nomad can perform non-disruptive rolling updates of both container-based and VM-based applications.
Such features may put HashiCorp Nomad in closer competition with IT vendors such as VMware, which offers Kubernetes container orchestration alongside VM management. HashiCorp has an uphill battle in that market as well, given VMware’s ubiquity in enterprise shops. But as with Kubernetes, HashiCorp Nomad could capture some attention from IT pros because of its simplicity, analysts said.
Roy IllsleyAnalyst, Omdia
“Nomad can infiltrate the same market as VMware’s Project Pacific and Tanzu with a low-cost alternative for users that want to manage traditional workloads and cloud-native workloads with one entity,” said Roy Illsley, analyst at Omdia, a technology market research firm in London. “The challenge is that HashiCorp hasn’t been great at marketing — tech people know it, but tech people don’t necessarily sign the checks.”
With a recent $175 million funding infusion for HashiCorp, however, that could change, and HashiCorp could play a role similar to Linkerd, a service mesh rival to Google and IBM’s Istio that has held its own in the enterprise because many consider it easier to setup and use.
HashiCorp Nomad vs. Kubernetes pros and cons
Two HashiCorp users published blog posts last year detailing their decision to deploy Nomad over Kubernetes. The on-premises IT team at hotel search site Trivago moved its IT monitoring workloads to the public cloud using Nomad in early 2019. Trivago’s IT staff already had experience with HashiCorp’s tool and found Kubernetes more complex than was necessary for its purposes.
“The additional functionality that Kubernetes had to offer was not worth the extra efforts and human resources required to keep it running,” wrote Inga Feick, a DevOps engineer at Trivago, based in Dusseldorf, Germany. “Remote cloud solutions like a managed Kubernetes cluster or [Amazon ECS] are not an option for our I/O-intense jobs either.”
Another freelance developer cited Nomad’s simplicity in a November 2019 post about porting a project to Nomad from Kubernetes.
“Kubernetes is getting all the visibility for good reasons, but it’s probably not suitable for small to medium companies,” wrote Fabrice Aneche, a software engineering consultant based in Quebec. “You don’t need to deploy Google infrastructure when you are not Google.”
Both blog posts noted significant downsides to HashiCorp Nomad vs Kubernetes at the time, however.
“Nomad is one binary, but the truth is Nomad is almost useless without Consul,” Aneche noted in his post. This adds some complexity to HashiCorp Nomad for production use, since users are required to use Consul’s template language to track changes to the Nomad environment. Version 0.11 adds more detailed insights and alerts to a Nomad remote execution UI to make service management easier. Aneche did not respond to requests for comment about the version 0.11 release this week.
Meanwhile, Trivago’s Feick noted the lack of support for autoscaling in January 2019 made HashiCorp Nomad cumbersome to manage at times.
“You need to specify the resource requirements per job,” she wrote. “Give a job too much CPU and memory and Nomad cannot allocate any, or at least not many, other jobs on the same host. Give it not enough memory and you might find it dying… It would be neat if Nomad had a way of calculating those resource needs on its own. One can dream.” Feick didn’t respond to requests for additional comment this week.
HashiCorp Nomad version 0.11 takes the first step toward full autoscaling support with horizontal application autoscaling, or the ability to provide applications with cluster resources dynamically without manual intervention, a company spokesperson said.
Subsequent releases will support horizontal cluster autoscaling that adds resources to the cluster infrastructure as necessary, along with vertical application autoscaling, which will add and remove instances of applications in response to demand. Autoscaling features will work with VM workloads but are primarily intended for use with containers.
Zoom has struggled to keep some of its services online this week amid a spike in remote work because of the global coronavirus pandemic.
Users have had to wait significantly longer than usual to access recordings of Zoom meetings in the cloud. The company said its engineering team was working to resolve the issue, attributing the backlog to “excessive demand.”
Zoom’s dial-in numbers have also faltered several times this month. Elevated traffic has so far clogged audio lines in Japan, New York and Hong Kong, forcing users to connect to a meeting’s audio using the internet. A dial-in number in Australia was also inaccessible at times this week.
Meanwhile, some users were intermittently unable to make and receive calls through Zoom Phone, the vendor’s cloud telephony service, for extended periods of time this week.
Users have now dealt with 18 non-scheduled Zoom service disruptions in March. There were no such incidents in January and just one in February (an issue that affected only subscribers in Brazil).
In a statement, Zoom said it was working to find a “long-term, sustainable solution” to the issues affecting Zoom Phone. The company thanked customers for their “patience and understanding” during an “unprecedented and challenging time for everyone.”
Zoom is not the only collaboration vendor struggling to cope with a sudden surge in usage. Many users of Microsoft Teams were unable to send messages and perform other tasks on Monday. Some Teams users in Europe were affected by another chat outage on Tuesday.
Last week, experts said they didn’t expect any of the major collaboration vendors to suffer outages that forced their services completely offline for multiple days. So far, that prediction has held. Nevertheless, the influx of remote workers is having some impact.
Zoom has not said how many new users it has gained in recent weeks, but its mobile client is now the most popular free download on Apple’s App Store. Notably, countless schools and universities worldwide have begun to hold virtual classes on Zoom.
Statistics shared by other vendors provide clues to the surge in traffic Zoom is likely dealing with. Microsoft Teams gained 12 million daily active users between March 11 and March 18, a 37% increase. Slack added paid customers at nearly three times its typical rate between Feb. 1 and March 18.
Zoom’s support team is also likely fielding complaints related to factors outside of the vendor’s control, such as the quality of a user’s home Wi-Fi. Residential connections are often less reliable than corporate networks.
The steady stream of side channel attacks on microprocessors continued last week, and this time it’s AMD chips that are at risk.
Academic researchers published research Friday that revealed two new side channel attacks, dubbed Collide+Probe and Load+Reload, affect AMD chips manufactured between 2011 and 2019, including those that use the company’s current Zen microarchitecture. The attacks allow threat actors to access and steal confidential data from the chip’s memory.
In their white paper, titled “Take A Way: Exploring the Security Implications of AMD’s Cache Way Predictors,” the researchers analyzed AMD’s way predictor for the L1-data (L1D) cache, which was introduced in 2011; the feature predicts which cache way a specific address will be located in so that the chip’s power consumption is reduced. The research team reverse-engineered the L1D cache way predictor and discovered two different side channel attacks, which were disclosed to AMD on Aug. 23.
“With Collide+Probe, an attacker can monitor a victim’s memory accesses without knowledge of physical addresses or shared memory when time-sharing a logical core,” the team wrote. “With Load+Reload, we exploit the way predictor to obtain highly-accurate memory-access traces of victims on the same physical core.”
The attacks, which can be conducted remotely and do not require physical access, could be used in a variety of ways to leak or steal data from systems with vulnerable chips, according to the white paper. The researchers demonstrated how they used the attacks to recover the encryption key, create a covert data exfiltration channel, and break address space layout randomization (ASLR) and kernel ASLR implementations, which enables additional attacks on the CPU.
The researchers stressed the chip hardware wasn’t leaking data; instead, the L1D cache way predictor allows attackers to infer the access pattern of data and exploit that information for malicious purposes. The new side channel attacks are exclusive to AMD chips, as Intel and ARM do not have a cache way predictor.
The research team includes Moritz Lipp, Vedad Hadžić, Michael Schwarz and Daniel Gruss of Graz University of Technology in Austria; Clémentine Maurice of the French National Centre for Scientific Research and IRISA [Research Institute of Computer Science and Random Systems] in France; and Arthur Perais, an independent security researcher. Lipp, Schwarz and Gruss were part of the Meltdown and Spectre discovery teams and have been researching side channel attacks such as ASLR bypasses since 2016. Maurice was also involved in discovering and researching early side channel attacks such as Rowhammer variant Nethammer.
AMD pushes back on research
While Collide+Probe and Load+Reload pose serious threats to vulnerable systems, several of the researchers said via social media that the side channel attacks are not a severe as Meltdown and Spectre. For example, Gruss said on Twitter Collide+Probe and Load+Reload impact far less data than Meltdown and ZombieLoad.
In a security advisory posted Saturday, AMD appeared to downplay the new side channel attacks. “We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities,” the security advisory stated. “AMD believes these are not new speculation-based attacks.”
AMD has not released any microcode patches to mitigate Collide+Probe and Load+Reload and instead recommended customers follow “best practices” such as keeping operating systems, firmware and applications up to date and running antivirus software.
Gruss contested AMD’s characterization of the attacks and noted via Twitter that Collide+Probe and Load+Reload are side channel attacks, not “speculative execution attacks.”
Selling this gaming router due to change of circumstances.. Was brought in July 2019 from Very.. Opened up over the weekend to set it up forgotten I had it to be honest was due to have my front room Extended why the delay is setting it up.. but loft is now getting done first so item has not even been turned on yet took pics and put back in box. Had a little. Accident with one the anttanas must of been lose wire has come out and little clip will need gluing. Price adjusted for the antanna