Thursday, November 15, 2012

SC2012: Top500 expects exascale computing by 2020


If the increase in supercomputer speeds continue at their current pace, we will see the first exascale machine by 2020, estimated the maintainers of the Top500 compilation of the world's fastest systems.
System architects of such large computers, however, will face a number of critical issues, a keeper of the list warns.
"The challenges will be substantial for delivering the machine," said Jack Dongarra, a University of Tennessee, Knoxville, researcher who is one of the principals behind the Top500. Dongarra spoke at the SC2012 conference, being held this week in Salt Lake City, during a presentation about the latest edition of the list, released Monday.
We still have a way to go before exascale performance is possible. An exascale machine would be capable of one quintillion FLOPS (floating point operations per second), or 10 to the 18th FLOPS. Even today's fastest supercomputers offer less than 20 percent of the capability of an exascale machine.
In the most recent edition of the Top500 list of supercomputers, released Monday, the fastest computer on the list was the Oak Ridge National Laboratory Titan system, a machine capable of executing 17.59 petaflops. A petaflop is a quadrillion floating point calculations per second, or 10 to the 15th FLOPS.
But each new Top500 -- the list that is compiled twice a year -- shows how quickly the speeds of supercomputers grow. Judging from the list, supercomputers seem to gain tenfold in power every 10 years or so. In 1996, the first teraflop computer appeared on the Top500, and in 2008, the first petaflop computer appeared on the list. Extrapolating from this rate of progress, Dongarra estimates that exascale computing should arrive around 2020.
The High Performance Computing (HPC) community has taken on exascale computing as a major milestone. Intel has created a line of massively multicore processors, called Phi, that the company hopes could serve as the basis of exascale computers that could be running by 2018.
In his talk, Dongarra sketched out the characteristics of an exascale machine. Such a machine will likely have somewhere between 100,000 and 1,000,000 nodes and will be able to execute up to a billion threads at any given time. Individual node performance should be between 1.5 and 15 teraflops and interconnects will need to have throughputs of 200 to 400 gigabytes per second.
Supercomputer makers will have to construct their machines so that their cost and power consumption do not increase in a linear fashion along with performance, lest they grow too expensive to purchase and run, Dongarra said. An exascale machine should cost about $200 million, and use only about 20 megawatts, or about 50 gigaflops per watt.
Dongarra expects that half the cost of building such a computer would be earmarked for buying memory for the system. Judging from the roadmaps of memory manufacturers, Dongarra estimated that $100 million would purchase between 32 petabytes to 64 petabytes of memory by 2020.
In addition to challenges in hardware, designers of exascale supercomputers must also grapple with software issues. One issue will be synchronization, Dongarra said. Today's machines pass tasks among many different nodes, though this approach needs to be streamlined as the number of nodes increases.
"Today, our model for parallel processing is a fork/join model, but you can't do that at [the exascale] level of a parallelism. We have to change our model. We have to be more synchronous," Dongarra said. Along the same lines, algorithms need to be developed that reduce the amount of overall communication among nodes.
Other factors must be considered as well. The software must come with built-in routines for optimization. "We can't rely on the user setting the right knobs and dials to get the software to run anywhere near peak performance," Dongarra said. Fault resilience will be another important feature, as will reproducibility of results, or the guarantee that a complex calculation will produce the exact same answer when run more than once.
Reproducibility may seem like an obvious trait for a computer. But in fact, it can be a challenge for huge calculations on multinode supercomputers.
"From the standpoint of numerical methods, it is hard to guarantee bit-wise reproducibility," Dongarra said. "The primary problem is in doing a reduction -- a summing up of numbers in parallel. If I can't guarantee the order in which those numbers come together, I'll have different round-off errors. That small difference can be magnified in a way that can cause answers to diverge catastrophically," he said.
"We have to come up with a scenario in which we can guarantee the order in which those operations are done, so we can guarantee we have the same results," Dongarra said.
Joab Jackson covers enterprise software and general technology breaking news for The IDG News Service. Follow Joab on Twitter at @Joab_Jackson. Joab's e-mail address is Joab_Jackson@idg.com

Read more »

Logitech introduces Mac-based video surveillance


Logitech on Wednesday introduced new software that turns Mac computers into video surveillance command centers.
Once installed, the Logitech Alert system can be viewed on a variety of devices.
Logitech Alert Commander for Mac allows users to tie six Logitech Alert security cameras into a single HD dashboard, viewed live or in playback, giving them full surveillance over households and small offices. (Users can also set up motion alerts that send text or images to your phone or email.) And once set up, the feed can be viewed privately but remotely at Alert.Logitech.com or via the company's iPad app.
It works with systems including the $350 Logitech Alert 750e Outdoor Master System and the Logitech Alert 700i Indoor Add-On Camera, for either external or internal views of the premises.
Until Wednesday, Logitech's security products had been compatible only with PCs running Windows software.
Logitech Alert Commander for Mac is free; it is compatible for users running Mac OS 10.6.8 and later.

Read more »

Skype disables password reset after security flaw exposed


Microsoft has disabled the option for users to reset their Skype passwords after security experts uncovered a serious flaw in the software that allowed anyone who knows your email address to hack your Skype account.
The vulnerability allowed people to sign up to Skype with email addresses already in use by others and then force password resets for accounts associated with that address in order to gain access to your account. Basically, anyone who knew your email address could sign up for a new Skype account with it and then reset the password for your current account, thus hacking in.
The exploit first appeared on several Russian forums, and has been actively exploited since, Costin Raiu, a senior security researcher at Kaspersky Lab, said in a blog post. To protect against this vulnerability, Raiu advises that users change the email address associated with their Skype account to a new, never-before-used address.
Rik Ferguson, director of security research & communication at Trend Micro, explainedhow easy it was to hack into someone's Skype account: "In essence the procedure is so simple it could be carried out by even the most inexperienced of computer users. [...]This would lock the victim out of their Skype account and allow the hacker to receive and respond to all messages destined for that victim until further notice. I tested the vulnerability and the entire process took only a matter of minutes."
Skype also said in a statement that it is aware of the new security vulnerability issue. "As a precautionary step we have temporarily disabled password reset as we continue to investigate the issue further. We apologize for the inconvenience but user experience and safety is our first priority," the statement said.

Read more »

Nine security controls to look for in cloud contracts


To help ease the concerns of cloud security, which Gartner says is still a chief inhibitor to enterprise public cloud adoption, buyers are looking to contracts and service-level agreements to mitigate their risks.
But Gartner cloud security analyst Jay Heiser says SLAs are still "weak" and "unsatisfying" in terms of addressing security, business continuity and assessment of security controls.
"A lot of these things are getting a lot of attention, but we're seeing little consistency in the contracts," he says, especially in the infrastructure-as-a-service (IaaS) market. Software-as-a-service (SaaS) controls are "primitive, but improving."
Below are some of the common and recommended security provisions in cloud contracts and how common and effective they are.
Customer audits on demand
These clauses allow customers to audit vendors.
Effectiveness: Partial, depending on how much the vendor allows the customer to inspect
How common? Sometimes
Data deletion certificate
Proof that data is deleted when service expires.
Effectiveness: High, legally defensible
How common? Never
Disaster Recovery
Many vendors claim cloud services, by their nature, equate to disaster recovery, but that cannot always be the case. If, for example, data is only stored in a single location of a cloud provider without an offline backup, that creates a single point of failure.
Effectiveness: High, but difficult to verify. While vendors may claim they have robust systems, they are often reticent to provide evidence, citing security concerns.
How common? Not typically in contract clauses.
Downtime credits
These provide the user credits or some sort of reimbursement in case of downtime.
Effectiveness: Partial. While a credit may be helpful, it is a post-factor remedy and does not prevent an outage from happening in the first place
How common? Often found in contracts
Encryption
Effectiveness: Varies. There are multiple encryption methods. If encryption is done by the vendor when the data reaches the provider's cloud, it is less expensive and less secure compared to if the user encrypts the data before sending it to the cloud. Important factor is who stores and has access to the encryption keys. The more copies of the keys, the less secure it is. Beware of vulnerabilities related to losing keys.
How common? Varies by provider. Third-party tools can also be used to provide encryption as a service
Evaluations
Many buyers use third-party security services to verify their providers' security controls, such as ISO27001 or SOC1 and SOC2 audits. But, a vendor simply reporting that it complies with these audits in many cases does not provide end users with the information they need to evaluate the provider's system for their specific security needs.
Effectiveness: Believed insufficient
How common: Common
Full indemnification for security failure impact
In this situation, a contract would outline that if there is a security breach that the provider would be responsible for losses of the customer.
Effectiveness: Theoretically high
How common? Never
Hacking insurance
Insurance by a third party, or by the vendor could help displace costs resulting from a security or data loss issue.
Effectiveness: Potentially helpful, but like the downtime credits, does not necessarily create incentive for provider to avoid a breach
How common? Rare, but growing
Negotiate security clauses
These allow customers to negotiate higher levels of security for certain programs or data.
Effectiveness: Potentially high
How common? Mostly for large customers only
Network World staff writer Brandon Butler covers cloud computing and social collaboration. He can be reached at BButler@nww.com and found on Twitter at @BButlerNWW.

Read more »

Online tool 'PlagSpotter ' allows for plagiarism checks


A Ukraine-based startup, Devellar, has launched an online plagiarism tool that checks online content to see whether it has been duplicated.
The beta version of PlagSpotter features an algorithm that "enables bloggers, journalists, writers, priests, politicians, or any type of public figure to track if someone posts any of their material online," the company said in a statement.
PlagSpotter offers free unlimited individual URL checks as well as three paid subscription plans for automated scanning and monitoring of web content for plagiarism.
For $49.95, the "Guru" plan allows up to 50 URLs to be checked for plagiarism daily, offers email notifications and day-by-day weekly reports. For $10.95, the "Master" plan offers 25 URL checks and email notifications, and for $7.95, the beginner plan offers 10 URL checks and email notifications.
Currently, the beta version of PlagSpotter offers free unlimited individual URL checks.
Devellar, which was originally founded in 2004 to develop products for its own use, is pitching its duplicate content checker as an important tool for preventing Internet copyright infringement, avoiding Google ranking penalties and improving search engine optimization.
Devellar said the tool can also be used by websites to ensure that they use only original content, thus avoiding any problems by easily identifying whether their content is truly original. Additionally, anyone who has written any original material can find out whether their material has been duplicated online without permission.
"Google constantly tries to provide the most relevant websites a searcher is looking for. If a website has too much duplicate content, then its SEO is compromised and can be put last in a Google search or removed entirely," Devellar said.
Computerworld tested PlagSpotter on one of its stories and the tool found 21 other sources that had quoted sections of the story.
"Duplicate content is becoming more important and relevant for websites as a result of Google's latest penalties and algorithm updates," Devellar said. "This means that websites that copy and paste stolen content unto their website risk not only poor SEO but copyright infringement as well."
Lucas Mearian covers storage, disaster recovery and business continuity, financial services infrastructure and health care IT for Computerworld. Follow Lucas on Twitter at @lucasmearian or subscribe to Lucas's RSS feed. His e-mail address is lmearian@computerworld.com.
Read more about internet in Computerworld's Internet Topic Center.

Read more »

Google adds intelligent voice search to Google TV


Google added intelligent voice search to Google TV Wednesday. Not only can you jump to a channel by saying its name, but the software can also intelligently respond to statements.
For example, if you say, "how to tie a bow tie," you will be taken to an instructional video on YouTube explaining how to do that.
"Just speak to watch TV shows and movies, start playing a YouTube video, open applications, go to websites, do a Google search and much more," the company said in a blog.
You can also do voice searches with the product. So if you say, "Search movies with John Wayne," a search page with movies with The Duke in the cast will appear on your TV.
The new voice feature makes finding what you want on Google TV faster and easier than ever, the company said.
TV & Movies app updated
This latest edition of Google TV also updates its TV & Movies app introduced last year that allowed users of the product to browse and watch more than 100,000 movies and TV episodes. The new version is called PrimeTime, and it allows you to browse and watch TV simultaneously.
Google recently addedGoogle TV support to its Google Play store, so that Google TV users could buy or engage with movies, TV shows, and music from the online outlet.
PrimeTime is available from anywhere inside Google TV, and it allows you to coast through the best stuff on live TV, check out your favorite channels, see what you've watched recently, and get suggestions about what to watch based on what you've watched in the past.
Google also updated its YouTube app for Android and Google TV. The update allows a device to automatically pair itself with a TV so anything being watched on the device can be mirrored on the TV with the activation of a single button, along the lines of Apple AirPlay.
Google said that the updates for its TV product will first appear on LG products that support Google TV, followed by updates to second-generation hardware in the coming months.
First-generation devices won't get the new Google TV update, but they can have the PrimeTime and YouTube apps from the Google Play store downloaded to them.

Read more »

Use Facebook's new Social Jobs app to find work


Looking for a job? Now you can leverage one of the sites that you use the most, Facebook, to help in your hunt.
Facebook on Wednesday rolled out its long-awaited Social Jobs app for U.S. users, which has aggregated more than 1.7 million job listings from job search sites that were already using Facebook to reach recruits, including Jobvite, BranchOut, Work4Labs, and Monster.com.
The social network first announced plans for a jobs app last October as a joint venture with the Labor Department. The two launched the Social Jobs Partnership, a group that includes the National Association of Colleges and Employers, the National Association of State Workforce Agencies, and the Direct Employers Association.
U.S. Secretary of Labor Hilda Solis in a statement said "the foundation of an industry-supported open-source job-posting schema" is "helping America get back to work."
The national unemployment rate in October dipped below 8 percent for the first time since January 2009.
Facebook says the app is a natural progression in social networking. NACE research indicates that 50 percent of employers already use Facebook to find new hires. Those employers said potential recruits can better use Facebook to find jobs by liking company pages and networking with contacts.
"Facebook is all about connecting people, and we're thrilled to see developers leveraging our platform to connect job seekers and prospective employers," Marne Levine, Facebook's vice president for global public policy, said in a statement. "By allowing job seekers to view and share job openings based on personalized criteria, like location and industry, the Social Jobs Application builds on our broader effort to help people use social media to find jobs in the U.S."
LinkedIn competitor?
It's unclear whether Facebook intends to ramp up competition with professional networking site LinkedIn, which has 175 million users compared to Facebook's 1 billion. LinkedIn offers paid accounts for both job hunters and recruiters. For now, Facebook's jobs app serves as a marketplace of other sites' listings.
LinkedIn recently revamped its user profiles to make the site more visually appealing in an effort to compete with other social networks.

Read more »

Samsung releases smaller, faster 64GB smartphone memory


Samsung on Thursday announced a new 64GB memory chip for smartphones and tablets, which it says is 20 percent smaller and a third faster than current technology.
The company said its new 64GB eMMC (embedded multimedia card) reads data sequentially at up to 260 megabytes per second and writes at up to 50 megabytes per second, 10 times faster than Class-10 rated external memory cards.
The chips are made using Samsung's 10-nanometer class fabrication, and the company said it began production late last month. Shrinking the size of components allows for more efficient manufacturing and parts that draw less power.
Smartphones with 64GB of memory are still relatively rare, and most phones have an external memory slot for more storage. High-speed data networks are also allowing more data to be stored online, although most high-definition content is still downloaded and viewed locally.
For phone manufacturers, adding more memory is a way to increase margins. Apple's top-end iPhone has 64GB of memory, and in the U.S. costs US$200 more than its 16GB version. Samsung recently released a version of its flagship Galaxy S3 with 64GB of built-in memory.
Samsung said the latest memory chip is called the "64GB eMMC Pro Class 2000," a level up from the current "Pro Class 1500" chips. The slower class reads data at up to 140 megabytes per second and writes it at up to 50 megabytes per second.
The new memory chip measures 11.5mm by 13mm, compared to 12mm by 16mm for previous iterations.
In September, Samsung announced a massive 128GB eMMC chip for smartphones and other mobile devices, which is expected to begin appearing in phones for next year. That chips is part of its Pro Class 1500 lineup.
The company said it can manufacture the latest chips on its existing factory lines used for previous generations of chips, making its operations more efficient.

Read more »