Wednesday, September 20, 2006

I had a dream


Last night I had a dream, but I need to tell you a story before: At the beginning I was day trading very aggressively, leveraging with a lot of margin and short term options to invest in technology companies. That is as aggressive as it gets. When I did research on companies like AMD, Intel, Dell, Apple, Pacific Ethanol, Archer Daniels Midland, Sandisk, Google, Rackable, nVidia I felt as preparing for a hunting trip, it was an extraordinary game.

It seemed sohhhh bohhhriiiing (very boring) to do the normal stock market investment game of returns of 10% per year that I looked to long term investors with contempt, as prey to benefit from by controlling their shares with options.

I was making nice money, but as in everything that involves good luck, it has to end. I was also becoming exhausted of tracking so many details about companies to do trading, and wanted to invest in a more conventional way. It was then when I made the nearly disastrous move of shifting almost all my money to AMD positions; which then I saw reduced to a third, even taking into account that I unloaded most of my call options and wrote many many calls since April (yes!, it was *that* much my margin leverage), but that is another story.

The thing is that I self - imposed a "trade embargo" in which I prohibited myself to do more than one trade per month (or two trades that correspond to a complex trade such selling short and covering when appropriate), and began to seriously study the subject of (simple) investment. And I discovered on my own how superior investing is compared to trading, even though I made a lot of money trading and lost even more investing in what I thought was the best prospect, AMD.

By the way, the days before the last AMD conference call I was down more than a year's worth of wages, but I am not concerned. In my philosophy, investing in the stock market you can lose and you can win, but you must absolutely have a good reason for every trade you do. If the reason proved wrong, there is learning. If the reason was right, although it made you lose money, so be it, eventually good decisions impose over the wims of the market. I studied a lot, which was the key to make use of the opportunities that were showing up little by little. Remember the common saying "Success is when opportunity meets preparation"?. I am recovering all of that money faster with every new research project I succeed completing, and then it will be gains and more net gains.

The thing is that the money pump relies on a "Hippodrome" use of options: You are "the house", who sells the calls so that others may gamble, and pretty much no matter what, the house wins a bit. It is still possible that some very keen gambler may consistently win with the "gambling tickets" you sell, just like very hardcore horse racing fans may win, but that is rather exceptional. While I was in that mood, almost ashamed of my recent wins, recently Ron gave us a lecture in the message board about how options are not just a non-constructive game, but a rather destructive one, which set my concious and unconscious mind to work.

Thus I had this dream, when I remembered my days of a trading privateer raiding the bountiful unsuspecting investing public in my dutch sloop-o-war. If I thought a company was overvalued, I felt as taking the candy off the nilvestor purse. If it was an undervalued company, I felt that I was beating the Wall Street pros at their own game. Those were days of strong winds, looking for hurricanes and storms in which to ambush the ships; weeks of persecution of the bounty (research) followed by a feast of trading to capture it, and then the return home trip unloading the positions and accounting for the gains.

But ever since I started to put into practice the money pump, with its rather modest monthly returns, I began to feel like the captain of one of the Galleons full of treasures that I used to raid, but it feels so relaxed!, I can forget about the market not for an hour but for weeks at a time!. I can use my knowledge of piracy to steer my ship to avoid turbulences and navigate in tranquil waters...

But success is again leading to nasty greed. My Galleon is a perfectly fine vessel, but I overloaded it! I am once again at over 120% margin leverage, I already received a margin call (although actually making a bit of money, paradoxically), and have been very very close to another one...

For me, the interest rates of the FED are like coral reeves, I can naufrage with a rate hike that will crash the shares as well as the defensive puts while appreciating the written calls! speak of a triple-play!

But this time the captain knew his route across the reeves... so he was spared, but not of the scare!

Saturday, September 16, 2006

Who is Chicagrafo?


I came to Chicago for three days in 1994, all of which I was extremely busy.

But even then this city caused a deep and perdurable impression on me. Chicago has a visual personality where you readily perceive character and strong will. The skyscrappers here are not a crowd like in New York, make you think that they were not made for functional reasons, but as a pure expression of power, because it could be done. That's the city. Starting with the harsh climate, in many ways the city tells you that if you don't have the guts to stay here it is going to kick you out. At the same time it has inviting qualities. I love the sense of space and greatness.

I went back in 2003, but this time the images had matured inside me for 9 years almost to the day. I wasn't going to let the opportunity go this time to share these images that have been teasing me for so long. But there were no books of pictures that captured what I wanted to share, I figured that I had to do it on my own.

The problems were that I wasn't a photographer nor had the money to buy a camera. Very much in line with this city's spirit, not to be deterred by petty concerns, I used the money I didn't have to buy the camera and went out to try to capture this city's soul without any prior experience.

I became good at it. Friends from Chicago and the whole world were very enthusiastic about the pictures I took, and by the first time in my life I experienced what it was like to be a an appreciated artist.

Since I discovered a part of me because of this city's unique visuals, which led me to become a photographer, I thought that it was only natural that I used an artistic name that related to that serendipity and creativity birth, and Chicagrafo was the choice.

Thursday, September 14, 2006

Dell Contradicts Itself

About the batteries recall:

Dell blames the explosion of Laptops on Sony. They say that they "know exactly why there was a problem. Sony had contaminated its cells in the manufacturing process. The batteries were contaminated and were no good no matter what you did with them". One must assume that Dell discovered this problem after there were some (espectacular) explosions.

But then, the question remains: Why did all the explosions occurred with Dell laptops but not any other brand that also uses Sony batteries?

Was it bad luck? I don't think so. I think that more Vaio computers alone use Sony batteries than Dell, H-P is also a customer. Thus the fact that the explosions clustered in Dell laptops to a significant degree demonstrates that there is something wrong with Dell's usage of those batteries.

What is Dell doing? accepting their part of the responsibility for this mishap? No. They keep playing the game of blames, lies, and fraud that got them in the hole. It is not only I who is claiming this, the SEC has its doubts and has been investigating Dell, in California, a class action began against Dell. I wholeheartedly advise to read this filing because this may be history in the making. [The link as been corrected, thank you anonymous commentator]

Before going on with the class action, I want to tell an anecdote: Early in February I took bearish positions on Dell, fully aware of all the many problems that have become so patently evident these weeks, and by the way, I also participated very actively in the Dell message board under my former nick. Thus Dell's financial manipulation got to hurt the profits I should have made on that company. I am not angry at the money I didn't win, on the contrary, I feel vindicated because my calculations were rigth. But I still think that Dell is a company that deserves the severe punishment of bankruptcy. It doesn't matter that it now sells AMD processors, its products still stink big time, their customer service is customer disservice, they keep cooking the books, they keep applying smoke screens and mirrors to distract the observers off their problems, they still don't do any research and development but only screwdriver assembly and rebranding of Logitech, EMC, Lexmark, etc; no innovation, they have an absurd book value multiplier, and they still hide from everyone not to face tough questions. Enron LogotypeDell LogotypeHave you noticed how similar Dell's and Enron's logotypes are? --- InHell, Dellron, Dellusionals...

The thread of Dell badmouthing AMD is long. Incredibly, they now solve it with a simple: "We were overconfident in Intel and underestimated AMD".

If you want to know more about the inside of Dell, you may follow this link to a fantastic thread initiated by a Dell insider, take your time and digg.

It is a shame that I didn't write much about Dell for the blog, but Syndrome did:

About the "WeekX", and remember that Dell is hiding from everyone, there are so many questions not answered... The used to provide guidance, not anymore. They pumped in Febraury's Conference Call/Earnings Report their super duper Analysts Meeting in April, they deflected tough questions by delaying them to April, meeting which was postponed to September (this month), which was recently cancelled... The links and details at Syndrome's.

Note: For explanations about why I call Sharikou "Syndrome", refer to this article, a very good one

Tuesday, September 12, 2006

My letter to "The Inquirer" about the message board

We moved to "Investor Village". Trying to reach the fellows with whom we have lost contact, our fellow "Plantlife" contacted personnel of "The Inquirer", with a letter that you may read here. Following that initiative, I also contacted Mr. McGee, and this is what I said:

Hello.

I just wanted to contact you to commend you on your quick reply to the letter our fellow "Plantlife424", Tony, sent you, and to provide a bit of extra information and background on these news.

Just like "plant" (Tony) says, our community has been successful at deciphering the evolution of not only the stock price of AMD, but also Intel, Dell, and other related companies. We were able to do that because making use of the possibilities of the internet we managed to create a community that produced synergy of our individual skills. Our community members, that were already successful investors from all walks of life, leveraged the communication possibilities offered by message boards to eventually create this synergy of information and interpretation.

The purpose of Yahoo at offering free of charge this service of message boards, couldn't have been anything but to facilitate what we ourselves eventually created. Nevertheless, what was facilitated eventually became disencouraged by Yahoo itself through the imposition of a new graphical format and user interface that were an involution regarding our needs. Thus, we "moved" to another Yahoo message board that still operated in the old format the 17 of July. You may appreciate following this link:

link


that immediately after Jul 17 that message board had a stream of messages that ended up with the impressive number of 14,350 messages at Saturday Sept. 9, less than two months afterward, when Yahoo virtually destroyed our refuge by not only imposing the dreaded new format, but also breaking all the URLs that pointed to discussion threads we were participating, rendering all of our bookmarks inoperative

I hope that eventually someone will document this effort, because there are many projects that began with simple messages in a message board and went on to conquer the entire world such as the Linux operating system, and I guess that the audience of "The Inquirer" would find interesting that a Search company such as Yahoo, couldn't provide a half-decent service (because it also had brownouts and blackouts in the months previous to the imposition of the new format), and a company that supposedly cares about its users could have imposed these changes despite nearly unanimous rejection; and I hope also the funny aspect of a wandering nomad group of message boarders trying to find a place to keep their debates.

Our community is so very well organized, and so spontaneous, that in the matter of minutes we were already installed in the Investor Village site:

link

On which about two hundred of the regulars of our community have already said "present" by this Sunday's afternoon.

We received with joy your offering to run this on "The Inquirer".


I want to emphasize that the (in)famous "Money Pump" that is giving me so much money is a collective development of the AMD message board. That development has paid already, in my case, all the efforts that I have put into that message board.

In any case, we:
Have news tigers that bring to the board any piece of information in internet time. We have probably the best AMD news service available thanks to them. Our fellows live all over the world, literally, thus the issue of time zones is not an issue really.

Have financial experts that can dillucidate in seconds the significance of any number that comes in the reports; including which are the fishy numbers that are likely accounting manipulations or anything.

Have close followers of many other companies that have relation with AMD, which allows to put into perspective at once any information that happens in those companies; as a matter of fact, this is so effective that thanks to the guidance of the board I have taken successful positions (bearish or bullish) on Dell, Intel, Microsoft, Apple, and even Pacific Ethanol.

Have visionaries that can look very far ahead for current tendencies

Have closet historians that can tell you fascinating tales of what happened during the ancient Jerry Sanders III times and how those events express in the present.

Have ex-emploees of both Intel and AMD to give us better insider perspectives.

Have fellows very well acquaintanced with the who's who in the world of technologies. For example: We read that a member of the AMD board of directors, Morton Topfer, bought some shares. Then, in a matter of minutes the board was "flaming" with discussions about who M. T. was, that he comes from Dell, that he had bought such and such shares in such and such periods, that he personally knows such and such, etc.

Have an outstanding lineup of technologists that get to the core of the significance of every bit of technology discussion.

For those who like it, we have "Technical Analysts" (a.k.a. "Chartists")

Have an army of "alpha" and "beta" testers: Is there something interesting out there?: Most probably an AMD boarder is trying it.

Have contacts with decision makers in companies who may buy, develop, distribute AMD products, or to supply materials.

We even have entertainment.

The greatest guarantee that an investor may have that his investment is going to yield good results is to consistently take well informed decisions. This message board does that.

Historic initiatives such as Linux had humble message board beginnings.

Friday, September 08, 2006

The Coin has three Sides

NOTE TO THE AUDIENCE: My apologies to the audience. I took a long time before siting and doing this one. Actually, I am sacrificing a free Friday to do it, but i figured out that I either do it now or never. Besides, a promise is a promise..... So here it is!

WARNING: LOOOOONG POST!

When I say it, it is obvious. I can hear the audience saying: "¡Well yes, of course, the coin has three sides! Head, tail, and the ..." and there the English speakers stop. They do not even have a name for it. The best they can come up with is "the edge" (I consulted with some native English speakers in my MBA program, from Britain AND the US). In Spanish, at least, we use the word "canto (de la moneda)" for that third side. You see, is rather obvious, but people tend to ignore it. Everybody talks about the other side of the coin, and all people think about the coin is flipping it. One day, I flipped a coin, and it landed on the canto, rolled to a small crevice, ¡and stood on its canto! (I was an undergrade at the time). Yes, the coin has three sides.

Imagine that I show you pictures of €1 and €2 coins, modified so that sizes and colors are the same, and ask you questions about the coin, depending on the question, you will be able to use one or mode of the sides to know the answer, for instance:

¿In which country the coin was minted? You will need the decorative side.
¿How much is it worth? You will need to look at the value side (the value is printed there), or to the "canto" (€1 is alternating stripes and smooth, €2 is all stripes).
¿Is it a collectors edition? Again, look at the decorative side.

But read again the conditions: «modified so that sizes and colors are the same». So, there are other aspects of coins, like color, size, material, or even weight, that are important when analyzing the coin.
Translate this to the blogsphere: many times, you see unidimensional analysis. I takes into account, one, perhaps two, exceptionally three, aspects of the coin. More often than not, the people restrict themselves to performance, and technical merits, and forget about other aspects, financial, marketing, or my favorite, strategy (we will talk A LOT more about strategy in future posts).

Before we begin, CORE2 is here, the benchmarks are here, and the thing is good. Or at least good enough. So, it seems easy for me to say this things now, but Chi is my witness, this is the same I was telling him in January 2006.

Let's revisit some popular and not so popular issues of the AMD vs. Intel debate, looking at some other aspects, strategic aspects. The idea here is that you see that there is more to the debate, and try to open your mind, and perhaps find other aspects for yourself (for instance, if you are a finances guy, we could use some insight there, get the sec reports and get to work!).

INTEGRATED MEMORY CONTROLLER: Lets get this out of the way: from a technical and performance point of view, having an IMC is better than using FSBs and NorthBridges. There, I said it, there is no denying of the truth, but there are other aspects to the coin than performance and technical merit ¿right? (think about it for a minute or two before continuing, you have read a lot already, you deserve a little break).


In the late 1990's, Intel was using RAMBUS RD-RAM all across the board, and working on a µProcessor codenamed Timna with an IMC. The idea here was not to get more performance, but to lower the cost, but that was the perfect opportunity to taste for real the benefits of an IMC. Intel figured that by the time Timna came out, the cost of RDRAM would be much lower. But, lo and behold, because of the "Cloak and Dagger" dynamics of the RAM market at the time (RAMBUS misappropriated patents, while the DDR manufacturers used predatory prices on RAMBUS, do not take my word, google for it; ArsTechnica, as usual, has a good summary on the issue) Timna ended up being a very inexpensive chip, tied up with a awfully expensive memory subsystem, and the chip was scraped. Ever since, Intel has been shy of tying the µProcessor to the Memory Architecture. AMD did, and by doing that (and getting a little lucky with the memory choice) reaped a huge payoff.

But now, AMD is at crossroads, while Intel is, believe it or not, in a better strategical position. As of now, AMD has to watch out for FOUR (4) Memory technologies. DDR1 in the value market, DDR2 in Mainstream and server markets, and the future FB-DIMM and DDR3 in the server space.

If you take any Supply Chain Management 101 book, they will tell you that the more you delay customization, the more efficient your production process becomes. As of today, when AMD has to tailor the memory the customer wants, they have to do it right in the very minute when the masks are put in the FAB. Intel tailors the memory when the chip is dropped in the motherboard. Who do you think has the most efficient supply chain, the less problems doing forecasting (think µprocessors only, not chipsets, at least, not for now), and can take out products faster to market? When Hector Ruiz tells you that they will introduce new memory technology when "it makes sense" he is telling you the truth, but not the whole truth. AMD introduces new memory technologies when it makes sense to the market AND TO AMD. And, to top it of, if this time around AMD picks the wrong technology (they are backing DDR3 instead of FB-DIMM) there will be hell to pay!

Have you heard that upcoming AM3 processors will fit in AM2 boards, and will support both DDR2 and DDR3 memory (but not in the same board). That is AMD trying to get out of this bad strategy position. Right now, some clever engineers at Intel are trying to get CSI done, and I guess that a lot of their thoughts are on ¿How much of the memory controller can we put inside the µProcessor AND STILL remain Memory Architecture Independent?

MULTICORES: Up until now, whenever we move to a higher number of cores (one to two, two to four), Intel puts two slabs of silicon in the same package, and only later comes with a real multicore, while AMD comes out with real multicores from day one. Again: from a technical and performance angle, having a real multicore is better than having two slabs of silicon. But, as usual ¿are there other angles to the issue? (¡WOW! ¿You are still here? Think about it while you fetch a snack, a glass of water or a take a pee break, before continuing).

Nowadays, Software licenses for big apps are paid per socket, not per core. That includes things like DB2, MS-SQL (Oracle uses a very weird pricing scheme, and world + dog is complaining about it), HP-UX, ExchangeServer, or SAP (some of those have (F)OSS alternatives, other do not). That means that, as long as one does not use more sockets, no matter how is done, is better, because a µProcessor price is in the range of a $1000,oo range, while a SW licenses is in the many tens of thousands of Dollars PER SOCKET.

So, for example, if one is running a one socket Intel server with a single core proc, and needs more processing power (electricity and cooling aside; sometimes those are important, sometimes they are not; in many large organizations, the budget for air conditioning and electricity does not come out from the IT people, so, as long as this is not the server that breaks the camel's back, the IT people have not much incentives in taking that into account), one can:

* Get an Intel Crippled Dual Core now and get a 1.7 performance boost on the same server, and replace that with an Intel RealDualCore latter on, getting in the end a 2.2 performance boost over the initial configuration for a couple of grand.
* Do a forklift upgrade to a dual socket AMD config now for around 10 grand + SW certification costs (you are changing the configuration), with a 2.6 performance boost and DOUBLE the SW price.
* Wait a few months (if you can, and you not always can) do a forklift upgrade to a single socket AMD with 2.5 performance boost over the old configuration for around 10 grand + SW certification costs.

Of course, you can construct an scenario where is better to use AMD, but AMD has been 0 to 26% of the server market, so I guess that case is more frequent than the alternatives. The same case can be extrapolated to dual or quad socket machines, or machines with free sockets. But the important thing with the example is to force you to think and grasp another side of the coin.

If one is in the market for QuadCore servers is not because QuadCores are cool, or perform better, but because one wants A GIVEN LEVEL OF PERFORMANCE WITH MINIMUM SW COST. The first one to market with QuadCores, is the one which will give us that. And, lo and behold, even Crippled, the first ones to market with that are the guys from Intel.

There is another issue. Every time one gets to a new increase in performance, the market for it is the upper tail of the bell curve. Intel slaps together two cores, not much R&D expenses there, and satisfies (more or less) that market. When that market becomes more mainstream, Intel invests the resources in making it right (finances 101, Time Value of Money, delayed investments are better). AMD, on the other hand, has to make the sizable investment in designing "yet another set of masks" right here right now.

Finally, we run again into the Supply chain 101 issue. The more you delay customization, the more efficient you are. At least in the beginning, Intel delays customization (¿two cores or four?) up until the testing and packaging steps of the fabrication process, while AMD does it right when the µProcessor is made. If there is an error in demand forecasts, ¿who will get in trouble (obviating for a second packaging issues, like the one AMD faced in December 2005 ;-))?. And no, APM will not save AMD from bad forecasting.

Of course, ¡AMD is not stupid! ¿Why don't they do the same and pack two slabs of silicon in the same package and call it a Quadcore? Aside from Hector Ruiz's reasons (which are true, but not the whole truth) I can think of two reasons (sure the audience can think of more):

* AMD lacks the expertise. Putting to slabs of silicon in the same package is easier said than done. Intel has been doing it since the PentiumPro, and probably, to get to the point of being confortable doing it with a mass market part, they were doing R&D on the subject long before that. By the way, since this is the second time I mention R&D, head to the IEEE Spectrum website and see the survey of R&D expenditures for 2005 (Jan. 2006 issue). See where is Intel and where is AMD.

* If you put two AMD dual cores in the same package, each dual core will have its own memory controller, but the pinout should be the same as that of the DualCore parts (otherwise, you loose the drop in replacement market). Therefore, one of the DualCores (lets call it A) will talk to memory directly, while the other one (B) will, essentially, have an external memory controller (the IMC of B will talk to the IMC of A which will, in turn talk to the memory; if that is not an external memory controller, tell me what it is). Therefore, for two of your four cores, the IMC advantage is gone, without the corresponding increase in bandwidth (pin compatible, remember). Evidently, since their design is inferior, for Intel this is not an issue ;-)


MICROCODE UPDATES: (Thanks for getting here. I saved the best for last. This is the last one).

Engineers are humans, and humans make mistakes. In the mid 1990's Intel made two mistakes with the original Pentium. The FDIV bug, and the F0:0F bug. Intel learned their lesson, and, ever since the PentiumPro, they have something called Microcode Update. Basically, is a way to patch the microprocessor on the fly to correct errors. You can put it in your machines BIOS, or you can run a piece of SW to do it for you. But you have to do it each time you boot your machine. The point is, you patch in just one point, not in every single OS AND/OR Application known to man.

Some ten years latter the innovative and technologically leading AMD has nothing similar. And yes, AMD chips have bugs too (google for them). OK, so far so good, is easier for Intel to patch the chips that it is for AMD. Are there other implications. This is my post, so you bet there are!!!

What this means is that AMD has to take longer to weed errors out of their chips (because having severe errors for them implies costly patches in many applications, or even worse, a recall), while Intel can go a tad faster. So, when Mr. Otellini enter the design room and says "we are moving forward the launch of the CORE2" the engineers grumble and move on, but if Mr. Ruiz ever tell his engineers they need to move a launch forward, there will be a riot!

I remember, in the month preceding the launch of CORE2, having a grin whenever Chicagrafo and Sharikou denounced that CORE2 would be unstable and buggy. I thought: "¡Well of course it will be unstable and buggy! The question is ¿for how long?. How could Chicagrafo and our respected Ph.D. overlook the Microcode update feature is beyond me....

This feature is part of the reason why Intel could pledge to roll a new architecture every two years, and AMD can not match those stakes. And that (architecture every two years) issue will be discussed in more depth in a future (shorter) post.



Thanks for bearing with me. I wait now for your comments... Contrarian comments are welcome, but lets keep the thing on a high level, no flames!

Thursday, September 07, 2006

Apple up like a rocket, Parallels and Virtualization

The hottest news in "digg.com" is that Parallels is providing support for Mac OS X 10.5 "Leopard".

And the second hottest is that Apple debuts a major advertising campaing in print.

Mac OS X is excellent
See this excellent clip from the advertising that explains it all:

I have no positions on AAPL, nor Microsoft, and I do have only bearish positions on Intel, thus I am not trying to further my investments with this gratuitious publicity for Apple computers.

But everything they say in this excerpt is true. I have explained the many defficiencies that a Windows system has. Mac OS X, on the other hand, is based on Berkeley Software Development UNIX (BSD), and those roots make it several orders of magnitude more robust than any Windows, but yet the user interface has the characteristic good taste of Apple products.

That Mac computers work the way they should guarantees that Apple will multiply its market share this year.

To further convince the skeptics to at least give it a try, they now have a Virtualization offering, Parallels, to run inside a Mac any "PC" operating system such as Windows XP with is Microsoft Office and all while at the same time enjoying all the benefits of "Leopard". In my circle of acquaintances, those who have been exposed to Mac OS X and the excellent Mac computers get hooked, including "Yours, truly".

Also, the iPod market seems healthy and there are rumours about an iPhone which would combine cellular telephony with iPod functionality; a product that well done (not as the "Rokr", the "underwhelmer") pretty much gives Apple stock a very bullish outlook.

Unfortunately for us, Parallels, although is a true hypervisor that seems to make use of Pacífica (AMD-V) (at least suports something I don't know about called "AMD Secure Virtual Machine", AMD-SVM "that drives unmatched virtual machine speed, performance, stability and isolation on SVM-powered computers"), doesn't seem to support any AMD64 host nor guest operating system, at least according to the official web site (s). I think that I will be contacting Parallels to let them know that they are missing a large potential market, because today the best way to run an AMD64 operating system is relying on Virtual Machines with an OS at 32 bits with the drivers the AMD64 OS lacks, just like described in "AMD64 Practical".

Hewlett-Packard welcomes Dell to the AMD market

Mark Hurd, CEO of HP speaking at Citigroup's 13th Annual Global Technology Conference in New York, was quoted here referring to the Dell decision to do AMD computers the following:

"It's a good thing for AMD to get critical mass"
This brief statement has very significant implications. For me, it is as if he was saying:
"We are pleased to see that AMD is gaining traction in all market segments because we, HP, are the undisputed leaders of AMD consumer computers thanks to all the years of experience and research and development that we have accumulated with AMD. Any company marketing AMD processors ultimately helps our own AMD marketing efforts because we are perceived to be the leaders today and for the foreseeable future in AMD computers. Being Dell in particular, with its size and notorious previous exclusivity of Intel processors, the company who is behind this marketing push, our worst obstacle to market AMD, consumer skepticism, may be dissipated. This also means that we have Intel by the gonads and not the other way around, which is a "good thing" for everyone"
Intel, ladies and Gentlemen, is in a world of hurt.

Mark Hurd's words were brought to our attention by the message board here, and I posted this idea here. In our blogosphere neighborhood, Sharikou also covered these news.

Tuesday, September 05, 2006

Autofool

Do you use any Windows XP version?

You most probably are vulnerable to a very simple attack that may make your life miserable.

1) Have you heard of the "Sony Rootkit Scandal"?

2) Do you know what the "autorun" feature is?

3) Do you always do your normal work in windows in a restricted user account?

If your three answers are negative, you belong to the highest risk group of autorun infections. If it serves of any consolation, it seems that your high risk group is majoritary.

Last year, a very smart guy at "Sysinternals.com", Mark Russinovich, discovered that Sony basicly put a malicious trojan horse software in audio cds. That malicious software automatically ran if the victim put the audio CD in a computer drive to play it. If the user had administrative privileges, then the virus corrupted the operating system configuration and sent over the internet some private information about the system that we, the public, still don't know exactly what it was. All of this supposedly with the intention of restricting the number of CD copies the user could do in the computer. The rootkit also was designed in such a way that if the victim deleted the rootkit files, then the system would be rendered unusable. That is, using the excuse of preventing piracy Sony hijacked the computers of its customers.

The very successful spread of this attack tells us the following, besides that Microsoft Windows sucks and that Sony doesn't have any kind of ethics:

  1. You can not rely on antivirus. A trojan horse as the Sony rootkit is trivial to detect by any antivirus. But they don't detect it:
    1. First, because if the design of windows security is brain-damaged, the "security" software design is brute force stupidity:
      1. The Sony Rootkit goes on to modify operating system drivers, and all kinds of delicate configurations, and on top of Windows itself not even noticing the user, the antivirus, that supposedly adds extra checks also keeps mum
      2. The SW that is doing the configuration changes is running off removable media, which should tag it as non-trustable
      3. The changes themselves are no simple "configuration change" but a "diservice pack", an antivirus should understand that this is not peanuts.
    2. Second, cry and weep, because Symantec itself, the maker of "Norton Antivirus" installs its own rootkit that hides files and messes with the system, supposedly to "protect" the users from their own folly [more details]. This mess can and has been exploited by viruses. Thus, this "security guard" company makes holes in your computer security but forgets to tell the guards to check them.
    3. Third, The existence of viruses is actually a subject in the highest interest of antivirus providers. The more paranoid and ignorant the users are, the greater profits they make. What I am saying is that the attitude of "security software providers" is to tell their users/customers: "Be as ignorant as you have always been; we will magically solve the problem for you, provided that you give us handsome money". As you may see in this article, that attitude only leads to user/consumers abused by triplicate: By Microsoft, that provides them an inherently faulty and insecure Operating System, and also puts pressure on the customers to use antivirus (see the "security notification" in XP SP2 that complaints that the computer doesn't has an antivirus); they are abused by the Antivirus providers that take money providing worthless, if not worse, software, which is not subject to any accountability of efficacy; and of course, by the hackers/crackers themselves.
    4. There are rumours that some Antivirus providers discovered the Sony rootkit, but after contacting Sony, they thought that it was Ok. This rumor, in other words, means that the antivirus companies do not simply protect your computers, but they may decide which companies' softwares are allowed to hijack them.
  2. Demonstrates that far too many users run day to day tasks such as listening to music in accounts with far too excessive administrative priviledges
  3. Demonstrates that the "autorun" feature is a grave security concern.
In Windows, there are no other ways, but to sometimes use an "Administrator" account to do otherwise mundane tasks. Some SW for Windows abusively requests the user to have administrative rights. Why? If it is for installation, most probably to install some form of a rootkit; that is, to hijack the computer. If it asks for administrative rights for day-to-day usage, then most probably the software does a task that the operating system does or should do, that reflects, either bad Windows design, that the application is not well designed to request from the Operating System the services it requires, or that the application doesn't want to use Operating System services, perhaps because the application has something to hide from the auditing tools of the O.S. services. Although this may be argued as "consensual"

In any case, my advise is to strongly prefer software that can be installed and run in very restricted accounts over software that requires too many privileges. If you like that software, then you may install it "System-Wide" using the administrative account. That kind of software exists, and tends to be Open Source. If it is Open Source, try to enjoy compiling it yourself. Then, you know that if some day you want a feature, in the worst case scenario you will very probably be able to hire someone to program it for you.

Second: TURN OFF THE AUTORUN. Right now, there are some guys developing the concept of malware that picks up the private information such as passwords and credit card numbers from a system with the autorun enabled in which a simple USB flash drive is inserted. If the user, on top of having the autorun enabled also has administrative priviledges, then the computer may get infected for good. Microsoft is so negligent about security, that XP doesn't provide any User Interface applet to completely disable the autorun, there is no reliable way other than doing it through the registry:

"NoDriveTypeAutoRun" registry key, I here reproduce the values for convenience:
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Value Meaning

0x1

Disables Autoplay on drives of unknown type.

0x4

Disables Autoplay on removable drives.

0x8

Disables Autoplay on fixed drives.

0x10

Disables Autoplay on network drives.

0x20

Disables Autoplay on CD-ROM drives.

0x40

Disables Autoplay on RAM drives.

0x80

Disables Autoplay on drives of unknown type.

0xFF

Disables Autoplay on all types of drives.

[note: This information is official documentation of Windows 2000, probably applies identically to XP]
Autorun
AutoRunAlwaysDisable
NoDriveAutoRun (in HKLM)
NoDriveAutoRun (in HKCU)
NoDriveTypeAutoRun (in HKLM)

If you are not an "administrator", you are still vulnerable, because the program may lift all the data that your user account is able to read, including *your* passwords or credit card numbers...

If you look on the internet about how to disable the many autorun features, you will come across many tools such as TweakUI that do this kind of system tweaks hiding the complexities of managing the registry. Well, if you think it is acceptable to use "TweakUI" or any of its equivalents without caring to research how it is done without any tool, then you haven't get the principal idea of this post: You can not become dependent on software that you don't know exactly how it works, what it does, what it doesn't; you can not remain ignorant about the security problems that Windows has. It is very similar to do your own Due Dilligence about the stockmarket to get interested in the security of your computer.

Windows Operating Systems must be approached by you with a lot of distrust for your own sake.

Let's say that you follow the advise of rather than relying on antivirus, antispam filters, antispyware, antiworms, popup blockers; you opt to research how the computers get infected, and how it is possible to prevent the infections: Then you not only get out of the vicious cycle of malware -> paranoia -> expense -> anti-malware -> false sense of security -> malware; then you start to really understand that most antimalware is complete bullshit; that Windows sucks so much that one really has to try to use alternatives such as Mac OS X, Linux, Solaris, or any other reasonable Operating System, that tools such as Virtualization are not geek ways to lose time, you learn how to really take control of nearly indomitable Windows Operating Systems; and above all you liberate yourself from lots of frustrations, making your computing experience more enjoyable and productive.