Weekly recap

Weekly Tech Recap - № 248 - Android 11 Developer Preview, 96-core processor on six chips, vulnerabilities in medical devices, etc.

By Laurent Gloaguen,

February 21, 2020.

Android 11 Developer Preview

Google has released the first developer preview for Android 11, the next version of its mobile operating system. It comes fully loaded with big promises: improved support for 5G, better privacy features and new messaging interfaces. This first preview is coming to the Pixel 2, 3, 3a and 4, and it can only be installed with a full flash that will wipe all your data. But remember: the current Android 11 developer beta is a very early version of what we’ll be getting later this year, so don’t get your hopes up for any major new features or big redesigns just yet — expect Google to have plenty more to say on that front when Google I/O rolls around in May. Google is planning on releasing a new preview every month.

⇨ YouTube, “Android 11 developer preview first look.”

⇨ The Verge, Chaim Gartenberg, “The most interesting new Android 11 features so far.”

⇨ Ars Technica, Ron Amadeo, “Google launches the Android 11 Developer Preview today.”

⇨ Ars Technica, Ron Amadeo, “Android 11 Preview hands-on—Notification changes, dark mode options, and more.”

96-core processor on six chips

For decades, the trend was for more and more of a computer’s systems to be integrated onto a single chip. Today’s system-on-chips, which power smartphones and servers alike, are the result. But complexity and cost are starting to erode the idea that everything should be on a single slice of silicon. Already, some of the most of advanced processors, such as AMD’s Zen 2 processor family, are actually a collection of chiplets bound together by high-bandwidth connections within a single package. This week at the IEEE Solid-State Circuits Conference (ISSCC) in San Francisco, French research organization CEA-Leti showed how far this scheme can go, creating a 96-core processor out of six chiplets.

⇨ IEEE Spectrum, Samuel K. Moore, “96-Core Processor Made of Chiplets.”

Go around the world

Engineers love Python, JavaScript, and Java. Employers, on the other hand, shine their light on Go. That’s the takeaway of the Hottest Coding Languages section of job site Hired‘s annual State of Software Engineers report. Engineers experienced with Go received an average of 9.2 interview requests, making it the most in-demand language. Worldwide, Go’s popularity among employers was followed by Scala and Ruby. That’s not great news for engineers, who ranked Ruby number one in least loved languages, followed by PHP and Objective-C. (To compile its data, Hired reviewed 400,000 interview requests from 10,000 companies made to 98,000 job seekers throughout 2019.)

⇨ IEEE Spectrum, Tekla S. Perry, “Go language tops list of in-demand software skills.”

Medical devices in critical state

Medical devices, like any other device, include numerous embedded software components that are vulnerable to security bugs. URGENT/11, the subject of a Cybersecurity and Infrastructure Security Agency advisory issued last July, is one of those. The vulnerability affects the Interpeak Networks (IPNet) TCP/IP stack, which was licensed out to multiple vendors of embedded operating systems. IPNet also became the main networking stack in Wind River VxWorks, until Wind River acquired Interpeak in 2006 and stopped supporting IPNet. But the end of support didn’t stop several manufacturers from continuing to use IPNet. When critical bugs were discovered in IPNet, it set off a scare among the numerous medical device manufacturers that run it as part of their product build.

The average medical or Internet of Things (IoT) device relies on multiple pieces of open source software. For many devices, software gets adapted, not really patched, and not really maintained when the device is used by health care organizations. And many open source projects do not have the resources to anticipate problems and react quickly. These pieces of software are maintained by any number of third parties—often by just one or two people. In the case of Network Time Protocol (ntp), software that is in billions of devices, its code is maintained by a single person. And when the OpenSSL Heartbleed vulnerability came out in 2014, the OpenSSL project had two developers working on it.

⇨ Ars Technica, Mitch Parker, “Why fixing security vulnerabilities in medical devices, IoT is so hard.”

No network, no Prius

When a car’s basic function (i.e. rolling forward) relies on network connectivity, you can end up as roadkill on the information superhighway. This is what happened to the tech reporter at the English daily The Guardian. Kari Paul had planned on spending the weekend in rural California, about three hours north of Oakland. She had rented a car through a local car-sharing service, GIG Car Share, which offers a fleet of hybrid Toyota Priuses and electric Chevrolet Bolts in the Bay Area and Sacramento. But on Sunday, the hapless reporter was left stranded on an unpaved road when the car’s telematics system lost its cell signal. Without being able to call home, the rented Prius refused to move.

⇨ Ars Technica, Jonathan M. Gitlin, “Driver stranded after connected rental car can’t call home.”