DOCSLIB.ORG

Exploiting Microarchitectural Optimizations from Software Illustration Natascha Eibl Exploiting Microarchitectural Optimizations from Software

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Exploiting Microarchitectural Optimizations from Software Illustration Natascha Eibl Exploiting Microarchitectural Optimizations from Software MORITZMORITZ LIPPLIPP Exploiting Microarchitectural Optimizations from Software Illustration Natascha Eibl Exploiting Microarchitectural Optimizations from Software by Moritz Lipp Ph.D. Thesis Assessors Daniel Gruss (Graz University of Technology) Thomas Eisenbarth (University of Lübeck) August 2021 Institute for Applied Information Processing and Communications Faculty of Computer Science Graz University of Technology iii AFFIDAVIT I declare that I have authored this thesis independently, that I have not used other than the declared sources/resources, and that I have explicitly indicated all material which has been quoted either literally or by content from the sources used. The text document uploaded to TUGRAZonline is identical to the present doctoral thesis. Date, Signature Abstract With abstraction layers, the implementation details of software and hard- ware components are hidden away to deal with the complexity of modern computer systems. While the Instruction Set Architecture (ISA) serves as an interface between the CPU and the software running on it, the com- puter microarchitecture is the actual hardware implementation of the ISA. The clearly defined interfaces do not only cover up the complexity but also allow different variants of the microarchitecture to be built. While they all fulfill the contract defined by the ISA, they can differ inother aspects, such as performance, security, energy efficiency, or other physical properties. Microarchitectural attacks exploit these variations occurring on the microarchitectural level of modern CPUs. With side-channel at- tacks and fault attacks, there are different ways that allow learning from and tampering with the actual implementation. These attacks allow ad- versaries to extract sensitive information processed on the system, e.g., cryptographic keys or user behavior. In this thesis, we expand the landscape of software-based microarchi- tectural attacks and defenses. By exploring the security implications of different optimizations, we identify previously unknown attack vectors, allowing us to circumvent the most fundamental security guarantees of modern processors. We combine traditional physical side-channel analy- ses with software-based microarchitectural attack techniques to leak sen- sitive information processed on the CPU. We enlarge our understanding of which settings and circumstances facilitate different existing attacks and give new insights into developing effective and efficient mitigations. In the first part of this thesis, we discuss the contributions of this thesis and provide background on CPU architecture and memory organization, as well as side-channel attacks and fault attacks. Furthermore, we dis- cuss the state of the art of software-based microarchitectural attacks and defenses. In the second part, a selection of my peer-reviewed publications is provided without modification from their original versions. v Acknowledgements First and foremost, I want to thank my advisor, long-time office colleague and friend, Daniel Gruss, who initially sparked my keen interest in mi- croarchitectural attacks. While I have always considered side-channel attacks as black magic and, therefore, have been very reluctant to learn about them, working with Daniel on my master thesis ignited my fasci- nation for this research field. I want to thank you for your continuous support, the freedom you granted me in my research, the endless effort you invest in everything, and your openness for different opinions. I would especially like to thank Michael Schwarz for his friendship, tireless support, and ambition to work on all those different projects with me. I really enjoyed our time working together, discussing all kinds of ideas while keeping the caffeine level at a healthy high, and discovering parts of the world after conferences. I will miss the late-night debugging sessions, ambitious paper sprints, and presenting our work together. Looking back over the last years, I want to thank you both, Daniel and Michael, for this incredible journey. I really enjoyed sharing the office with you, all the discussions, and the endless effort we put in as a team. The ups and downs we faced together make this roller coaster ride unfor- gettable for me. I want to thank Thomas Eisenbarth for valuable feedback, interesting discussions and taking the time and effort to assess my thesis. Furthermore, I would really like to thank Stefan Mangard for giving me the opportunity to pursue a Ph.D. in the first place. Thank you for your support and advice over the years. Over the last couple of years, I had the honor to meet, work and make friends with incredibly kind and talented people worldwide. While the list would be endless, I want to especially thank Jo van Bulck and Daniel Moghimi for insightful discussions and the great teamwork. Likewise, I want to thank Anders Fogh, David Oswald, Berk Sunar, Julian Steck- lina, and Thomas Prescher for great discussions and fruitful collabora- tions. I am further grateful to all my (former) colleagues at the insti- tute for insightful discussions and for creating such an enjoyable work- ing environment, in particular, Martin Schwarzl, Claudio Canella, Lukas Giner, Catherine Easdon, Andreas Kogler, Clémentine Maurice, Robert vii viii Schilling, Mario Werner, Peter Pessl, Stefan More and Sebastian Ra- macher. I want to thank my parents, Peter and Michaela, and my siblings, Ilona, Lukas, and Nikolaus, for all their love and support throughout my en- tire life. I would like to thank my loving family, Gertraud, Eva, Helga, Gerhard, Heidrun, and Renate, for their support. A special thanks goes to all my friends; without their support, I could not have completed this thesis. Thank you for meaningful discussions, even late at night, and providing the necessary distractions to the working life. Furthermore, I want to thank Yuki, Rasputin, and my bees for always helping me to find tranquilness even in the most stressful times. Finally, I want to be grateful to my better half, Natascha, for her never- ending supporting love and patience. Thank you for tolerating all follow- ing deadlines and supporting me throughout all those years. This work could not have been done without you. Contents Affidavit iii Abstract v Acknowledgements vii Contents ix I. Exploiting Microarchitectural Optimizations from Soft- ware 1 1. Introduction and Contribution 3 1.1. Main Contributions . 7 1.2. Other Contributions . 12 1.3. Outline . 17 2. Background 19 2.1. Architecture and Microarchitecture . 19 2.2. Memory Organization . 34 2.3. Side-Channel Attacks and Fault Attacks . 44 3. State of the Art 49 3.1. Software-based Microarchitectural Side-Channel Attacks . 49 3.2. Transient-Execution Attacks . 60 3.3. Software-based Microarchitectural Fault Attacks . 71 3.4. Software-based Power Side-Channel Attacks . 74 4. Conclusion 77 References 79 II. Publications 105 5. Take A Way 107 6. Meltdown 149 ix x Contents 7. Nethammer 195 8. Keystroke Timing Attacks 225 9. PLATYPUS 251 10.KASLR is Dead: Long Live KASLR 301 Part I. Exploiting Microarchitectural Optimizations from Software 1 1 Introduction and Contribution In software engineering and computer science, interfaces are defined boundaries that are shared between two or more components enabling them to interact with each other. These components exist in software and hardware, can be a combination of both, or in fact, even peripheral devices or human beings interacting with a device [108]. By specify- ing how components are supposed to interact with each other, what the expected behavior of the other component is, interfaces grant great flex- ibility in the implementation of the component as long as the expected behavior is maintained. By abstracting away components of a system, simple interfaces do not only cover up the complexity of the system but allow different variants of a component to be implemented. For example, in a software project, a new, more performant algorithm is implemented for a defined interface. Conforming to the interface’s specification, this allows it to easily replace the old implementation without the need to modify the rest of the system. However, these interfaces do not only exist within software projects but also between applications and the operating system or between developers and the actual hardware. While the implementations all fulfill the same purpose, they can differ in other aspects like the performance. Architecture vs. Microarchitecture In computing, an architecture typically refers to the instruction set ar- chitecture (ISA), also called computer architecture. While the ISA serves as an interface between the CPU and the software running on it, the computer microarchitecture is the actual hardware implementation of the architecture [103]. Thus, the complexity of the implementation is abstracted away by the (less complex) architecture specification. With different microarchitectures implementing the same architectural specifi- cation, the same application can perform differently on them, i.e., while 3 4 Chapter 1. Introduction and Contribution the computed results are the same, the runtime performance, energy ef- ficiency, or other physical properties may vary. However, this viewis not limited to the central processing unit alone but can be applied to every abstraction layer. This includes other hardware interfaces, e.g., the DRAM, as well [154, 267]. As long as the memory module conforms to the specification, the manufacturer can carry out its implementation in different ways. Furthermore, this view
Load more

Recommended publications
  • IEEE Paper Template in A4
    Vasantha.N.S. et al, International Journal of Computer Science and Mobile Computing, Vol.6 Issue.6, June- 2017, pg. 302-306 Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology ISSN 2320–088X IMPACT FACTOR: 6.017 IJCSMC, Vol. 6, Issue. 6, June 2017, pg.302 – 306 Enhancing Performance in Multiple Execution Unit Architecture using Tomasulo Algorithm Vasantha.N.S.1, Meghana Kulkarni2 ¹Department of VLSI and Embedded Systems, Centre for PG Studies, VTU Belagavi, India ²Associate Professor Department of VLSI and Embedded Systems, Centre for PG Studies, VTU Belagavi, India 1 [email protected] ; 2 [email protected] Abstract— Tomasulo’s algorithm is a computer architecture hardware algorithm for dynamic scheduling of instructions that allows out-of-order execution, designed to efficiently utilize multiple execution units. It was developed by Robert Tomasulo at IBM. The major innovations of Tomasulo’s algorithm include register renaming in hardware. It also uses the concept of reservation stations for all execution units. A common data bus (CDB) on which computed values broadcast to all reservation stations that may need them is also present. The algorithm allows for improved parallel execution of instructions that would otherwise stall under the use of other earlier algorithms such as scoreboarding. Keywords— Reservation Station, Register renaming, common data bus, multiple execution unit, register file I. INTRODUCTION The instructions in any program may be executed in any of the 2 ways namely sequential order and the other is the data flow order. The sequential order is the one in which the instructions are executed one after the other but in reality this flow is very rare in programs.
    [Show full text]
  • Effective Virtual CPU Configuration with QEMU and Libvirt
    Effective Virtual CPU Configuration with QEMU and libvirt Kashyap Chamarthy <[email protected]> Open Source Summit Edinburgh, 2018 1 / 38 Timeline of recent CPU flaws, 2018 (a) Jan 03 • Spectre v1: Bounds Check Bypass Jan 03 • Spectre v2: Branch Target Injection Jan 03 • Meltdown: Rogue Data Cache Load May 21 • Spectre-NG: Speculative Store Bypass Jun 21 • TLBleed: Side-channel attack over shared TLBs 2 / 38 Timeline of recent CPU flaws, 2018 (b) Jun 29 • NetSpectre: Side-channel attack over local network Jul 10 • Spectre-NG: Bounds Check Bypass Store Aug 14 • L1TF: "L1 Terminal Fault" ... • ? 3 / 38 Related talks in the ‘References’ section Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications What this talk is not about 4 / 38 Related talks in the ‘References’ section What this talk is not about Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications 4 / 38 What this talk is not about Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications Related talks in the ‘References’ section 4 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) libvirtd QMP QMP QEMU QEMU VM1 VM2 Custom Disk1 Disk2 Appliance ioctl() KVM-based virtualization components Linux with KVM 5 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) libvirtd QMP QMP Custom Appliance KVM-based virtualization components QEMU QEMU VM1 VM2 Disk1 Disk2 ioctl() Linux with KVM 5 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) Custom Appliance KVM-based virtualization components libvirtd QMP QMP QEMU QEMU VM1 VM2 Disk1 Disk2 ioctl() Linux with KVM 5 / 38 libguestfs (guestfish) Custom Appliance KVM-based virtualization components OpenStack, et al.
    [Show full text]
  • Intel® IA-64 Architecture Software Developer's Manual
    Intel® IA-64 Architecture Software Developer’s Manual Volume 1: IA-64 Application Architecture Revision 1.1 July 2000 Document Number: 245317-002 THIS DOCUMENT IS PROVIDED “AS IS” WITH NO WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR ANY PARTICULAR PURPOSE, OR ANY WARRANTY OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE. Information in this document is provided in connection with Intel products. No license, express or implied, by estoppel or otherwise, to any intellectual property rights is granted by this document. Except as provided in Intel's Terms and Conditions of Sale for such products, Intel assumes no liability whatsoever, and Intel disclaims any express or implied warranty, relating to sale and/or use of Intel products including liability or warranties relating to fitness for a particular purpose, merchantability, or infringement of any patent, copyright or other intellectual property right. Intel products are not intended for use in medical, life saving, or life sustaining applications. Intel may make changes to specifications and product descriptions at any time, without notice. Designers must not rely on the absence or characteristics of any features or instructions marked "reserved" or "undefined." Intel reserves these for future definition and shall have no responsibility whatsoever for conflicts or incompatibilities arising from future changes to them. Intel® IA-64 processors may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. Copies of documents which have an order number and are referenced in this document, or other Intel literature, may be obtained by calling 1-800- 548-4725, or by visiting Intel’s website at http://developer.intel.com/design/litcentr.
    [Show full text]
  • Investigations on Hardware Compression of IBM Power9 Processors
    Investigations on hardware compression of IBM Power9 processors Jérome Kieffer, Pierre Paleo, Antoine Roux, Benoît Rousselle Outline ● The bandwidth issue at synchrotrons sources ● Presentation of the evaluated systems: – Intel Xeon vs IBM Power9 – Benchmarks on bandwidth ● The need for compression of scientific data – Compression as part of HDF5 – The hardware compression engine NX-gzip within Power9 – Gzip performance benchmark – Bitshuffle-LZ4 benchmark – Filter optimizations – Benchmark of parallel filtered gzip ● Conclusions – on the hardware – on the compression pipeline in HDF5 Page 2 HDF5 on Power9 18/09/2019 Bandwidth issue at synchrotrons sources Data analysis computer with the main interconnections and their associated bandwidth. Data reduction Upgrade to → Azimuthal integration 100 Gbit/s Data compression ! Figures from former generation of servers Kieffer et al. Volume 25 | Part 2 | March 2018 | Pages 612–617 | 10.1107/S1600577518000607 Page 3 HDF5 on Power9 18/09/2019 Topologies of Intel Xeon servers in 2019 Source: intel.com Page 4 HDF5 on Power9 18/09/2019 Architecture of the AC922 server from IBM featuring Power9 Credit: Thibaud Besson, IBM France Page 6 HDF5 on Power9 18/09/2019 Bandwidth measurement: Xeon vs Power9 Computer Dell R840 IBM AC922 Processor 4 Intel Xeon (12 cores) 2 IBM Power9 (16 cores) 2.6 GHz 2.7 GHz Cache (L3) 19 MB 8x 10 MB Memory channels 4x 6 DDR4 2x 8 DDR4 Memory capacity → 3TB → 2TB Memory speed theory 512 GB/s 340 GB/s Measured memory speed 160 GB/s 270 GB/s Interconnects PCIe v3 PCIe v4 NVlink2 & CAPI2 GP-GPU co-processor 2Tesla V100 PCIe v3 2Tesla V100 NVlink2 Interconnect speed 12 GB/s 48 GB/s CPU ↔ GPU Page 8 HDF5 on Power9 18/09/2019 Strength and weaknesses of the OpenPower architecture While amd64 is today’s de facto standard in HPC, it has a few competitors: arm64, ppc64le and to a less extend riscv and mips64.
    [Show full text]
  • Computer Science 246 Computer Architecture Spring 2010 Harvard University
    Computer Science 246 Computer Architecture Spring 2010 Harvard University Instructor: Prof. David Brooks [email protected] Dynamic Branch Prediction, Speculation, and Multiple Issue Computer Science 246 David Brooks Lecture Outline • Tomasulo’s Algorithm Review (3.1-3.3) • Pointer-Based Renaming (MIPS R10000) • Dynamic Branch Prediction (3.4) • Other Front-end Optimizations (3.5) – Branch Target Buffers/Return Address Stack Computer Science 246 David Brooks Tomasulo Review • Reservation Stations – Distribute RAW hazard detection – Renaming eliminates WAW hazards – Buffering values in Reservation Stations removes WARs – Tag match in CDB requires many associative compares • Common Data Bus – Achilles heal of Tomasulo – Multiple writebacks (multiple CDBs) expensive • Load/Store reordering – Load address compared with store address in store buffer Computer Science 246 David Brooks Tomasulo Organization From Mem FP Op FP Registers Queue Load Buffers Load1 Load2 Load3 Load4 Load5 Store Load6 Buffers Add1 Add2 Mult1 Add3 Mult2 Reservation To Mem Stations FP adders FP multipliers Common Data Bus (CDB) Tomasulo Review 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 LD F0, 0(R1) Iss M1 M2 M3 M4 M5 M6 M7 M8 Wb MUL F4, F0, F2 Iss Iss Iss Iss Iss Iss Iss Iss Iss Ex Ex Ex Ex Wb SD 0(R1), F0 Iss Iss Iss Iss Iss Iss Iss Iss Iss Iss Iss Iss Iss M1 M2 M3 Wb SUBI R1, R1, 8 Iss Ex Wb BNEZ R1, Loop Iss Ex Wb LD F0, 0(R1) Iss Iss Iss Iss M Wb MUL F4, F0, F2 Iss Iss Iss Iss Iss Ex Ex Ex Ex Wb SD 0(R1), F0 Iss Iss Iss Iss Iss Iss Iss Iss Iss M1 M2
    [Show full text]
  • Undocumented CPU Behavior: Analyzing Undocumented Opcodes on Intel X86-64 Catherine Easdon Why Investigate Undocumented Behavior? the “Golden Screwdriver” Approach
    Undocumented CPU Behavior: Analyzing Undocumented Opcodes on Intel x86-64 Catherine Easdon Why investigate undocumented behavior? The “golden screwdriver” approach ● Intel have confirmed they add undocumented features to general-release chips for key customers "As far as the etching goes, we have done different things for different customers, and we have put different things into the silicon, such as adding instructions or pins or signals for logic for them. The difference is that it goes into all of the silicon for that product. And so the way that you do it is somebody gives you a feature, and they say, 'Hey, can you get this into the product?' You can't do something that takes up a huge amount of die, but you can do an instruction, you can do a signal, you can do a number of things that are logic-related." ~ Jason Waxman, Intel Cloud Infrastructure Group (Source: http://www.theregister.co.uk/2013/05/20/intel_chip_customization/ ) Poor documentation ● Intel has a long history of withholding information from their manuals (Source: http://datasheets.chipdb.org/Intel/x86/Pentium/24143004.PDF) Poor documentation ● Intel has a long history of withholding information from their manuals (Source: https://stackoverflow.com/questions/14413839/what-are-the-exhaustion-characteristics-of-rdrand-on-ivy-bridge) Poor documentation ● Even when the manuals don’t withhold information, they are often misleading or inconsistent Section 22.15, Intel Developer Manual Vol. 3: Section 6.15 (#UD exception): Poor documentation leads to vulnerabilities ● In operating systems ○ POP SS/MOV SS (May 2018) ■ Developer confusion over #DB handling ■ Load + execute unsigned kernel code on Windows ■ Also affected: Linux, MacOS, FreeBSD..
    [Show full text]
  • Fact Sheet: the Golden Age of Esports
    The Golden Age of eSports The eSports market promises a lot of emotions and spectacular business opportunities. Worldwide, there are an estimated 1.2 billion gamers1 and 160 million fans of electronic entertainment. By 2017, these figures will double. The revenues associated with eSports are constantly growing. According to Newzoo* forecasts, they will reach $463 million in 2016 and $1 billion by 2019. The origins of eSports can be traced back to the end of 80s and beginning of 90s. Since then, not only the eSports scene, but the whole gaming market has undergone tremendous changes. In the heyday of Commodore 64 and games loaded from cassette decks, no one had ever imagined that the value of the gaming market would grow to billions of dollars, while professional players would salaried and earn five-figure prizes in a single tournament. The Golden Age of eSports According to Newzoo research agency, in 2015 the electronic entertainment market has reached $91 billion in terms of revenues. In 2014, the global revenues totaled slightly more than $83.5 billion, and that represents growth by almost 10 percent. Assuming constant growth rate, we can anticipate global revenues in this sector to reach about $107 billion in 20172. The PC segment constitutes as much as 37 percent of this market, or about $34 billion3. Intel estimates that the amounts spent on gaming hardware have also reached unprecedented levels. It is anticipated that by 2018 the figures may reach $100 billion. 40 Percent of eSports Fans Are Viewers Average gamers do not necessarily understand the significance of numbers related to the market growth.
    [Show full text]
  • SIMD Extensions
    SIMD Extensions PDF generated using the open source mwlib toolkit. See http://code.pediapress.com/ for more information. PDF generated at: Sat, 12 May 2012 17:14:46 UTC Contents Articles SIMD 1 MMX (instruction set) 6 3DNow! 8 Streaming SIMD Extensions 12 SSE2 16 SSE3 18 SSSE3 20 SSE4 22 SSE5 26 Advanced Vector Extensions 28 CVT16 instruction set 31 XOP instruction set 31 References Article Sources and Contributors 33 Image Sources, Licenses and Contributors 34 Article Licenses License 35 SIMD 1 SIMD Single instruction Multiple instruction Single data SISD MISD Multiple data SIMD MIMD Single instruction, multiple data (SIMD), is a class of parallel computers in Flynn's taxonomy. It describes computers with multiple processing elements that perform the same operation on multiple data simultaneously. Thus, such machines exploit data level parallelism. History The first use of SIMD instructions was in vector supercomputers of the early 1970s such as the CDC Star-100 and the Texas Instruments ASC, which could operate on a vector of data with a single instruction. Vector processing was especially popularized by Cray in the 1970s and 1980s. Vector-processing architectures are now considered separate from SIMD machines, based on the fact that vector machines processed the vectors one word at a time through pipelined processors (though still based on a single instruction), whereas modern SIMD machines process all elements of the vector simultaneously.[1] The first era of modern SIMD machines was characterized by massively parallel processing-style supercomputers such as the Thinking Machines CM-1 and CM-2. These machines had many limited-functionality processors that would work in parallel.
    [Show full text]
  • POWER® Processor-Based Systems
    IBM® Power® Systems RAS Introduction to IBM® Power® Reliability, Availability, and Serviceability for POWER9® processor-based systems using IBM PowerVM™ With Updates covering the latest 4+ Socket Power10 processor-based systems IBM Systems Group Daniel Henderson, Irving Baysah Trademarks, Copyrights, Notices and Acknowledgements Trademarks IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. These and other IBM trademarked terms are marked on their first occurrence in this information with the appropriate symbol (® or ™), indicating US registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at http://www.ibm.com/legal/copytrade.shtml The following terms are trademarks of the International Business Machines Corporation in the United States, other countries, or both: Active AIX® POWER® POWER Power Power Systems Memory™ Hypervisor™ Systems™ Software™ Power® POWER POWER7 POWER8™ POWER® PowerLinux™ 7® +™ POWER® PowerHA® POWER6 ® PowerVM System System PowerVC™ POWER Power Architecture™ ® x® z® Hypervisor™ Additional Trademarks may be identified in the body of this document. Other company, product, or service names may be trademarks or service marks of others. Notices The last page of this document contains copyright information, important notices, and other information. Acknowledgements While this whitepaper has two principal authors/editors it is the culmination of the work of a number of different subject matter experts within IBM who contributed ideas, detailed technical information, and the occasional photograph and section of description.
    [Show full text]
  • Download Android Os for Phone Open Source Mobile OS Alternatives to Android
    download android os for phone Open Source Mobile OS Alternatives To Android. It’s no exaggeration to say that open source operating systems rule the world of mobile devices. Android is still an open-source project, after all. But, due to the bundle of proprietary software that comes along with Android on consumer devices, many people don’t consider it an open source operating system. So, what are the alternatives to Android? iOS? Maybe, but I am primarily interested in open-source alternatives to Android. I am going to list not one, not two, but several alternatives, Linux-based mobile OSes . Top Open Source alternatives to Android (and iOS) Let’s see what open source mobile operating systems are available. Just to mention, the list is not in any hierarchical or chronological order . 1. Plasma Mobile. A few years back, KDE announced its open source mobile OS, Plasma Mobile. Plasma Mobile is the mobile version of the desktop Plasma user interface, and aims to provide convergence for KDE users. It is being actively developed, and you can even find PinePhone running on Manjaro ARM while using KDE Plasma Mobile UI if you want to get your hands on a smartphone. 2. postmarketOS. PostmarketOS (pmOS for short) is a touch-optimized, pre-configured Alpine Linux with its own packages, which can be installed on smartphones. The idea is to enable a 10-year life cycle for smartphones. You probably already know that, after a few years, Android and iOS stop providing updates for older smartphones. At the same time, you can run Linux on older computers easily.
    [Show full text]
  • Laptops Portfolio
    PREMIUM THE COMMERCIAL ThinkPad X1 Yoga (5th Gen) Thinkpad X1 Extreme (2nd Gen) ThinkPad X1 Carbon (8th Gen) ThinkPad X Series ThinkPad T Series ThinkBook Series LAPTOPS ThinkPad X13, X13 Yoga ThinkPad T14, T14s, T15 ThinkBook Plus, 13s PORTFOLIO MAINSTREAM ThinkPad L Series ThinkPad E Series ThinkBook 14, 15 ThinkPad L13, L13 Yoga, L14, L15 ThinkPad E14, E15 BUDGET FRIENDLY ThinkPad 11e Lenovo™ V Series 11e (5th gen), Lenovo V14, V15, V17 11e Yoga (6th Gen) Lenovo recommends Windows 10 Pro for business Lenovo™ Chromebooks Lenovo™ Winbooks 100e, 300e, 500e 100e, 300e 8 9 Premium Computing ThinkPad Laptops and Ultrabooks ThinkPad X1 Extreme (2nd Gen) ThinkPad Laptops & Ultrabooks: Legendary business tools Powerhouse performer for computing and gaming • Comes with Windows 10 Pro Since launching in 1992, the philosophy behind ThinkPad® has been to build products to suit • Up to 9th Generation Intel® Core™ i9 Processor the human nature of the business user and enable them to be more productive. Superior • NVIDIA® GeForce® GTX 1650 (MaxQ w/4GB GDDR5) thinking in technology and engineering has made ThinkPad a leader in innovative features, • Up to 64GB DDR4 (2666MHz); Non ECC Dual DIMM thoughtful design, reliability and performance. • Up to 14 hours*, 80Whr battery It was this ‘extraordinary thinking’ that took inspiration from a lunch box to design the iconic ThinkPad, a machine that changed the way people do business. KEY DIFFERENTIATORS Award-winning keyboard: The most silent and Thin and light with With larger keys and more efficient cooling system maximum protection: Our space between them, it ever made: ThinkPad’s Owl ThinkPad range of products ensures a high quality Wing fan is 23% lighter, 10% are made of carbon fiber, a ThinkPad X1 Carbon (8th Gen) ThinkPad X1 Yoga (5th Gen) all-day comfortable smaller, has 38% increased light weight material which Marries premium performance & mobility Ever accommodating, it bends over backwards for typing experience.
    [Show full text]
  • Download a PDF Version of the 2017 Annual Review
    Front Back Cover for Avisan.qxp_Layout 1 11/15/17 1:27 PM Page 1 Secure Technology Alliance 191 Clarksville Road Princeton Junction, New Jersey 08550 Annual Review 2017 Alliance A Secure Publication Technology 7 Volume www.securetechalliance.org Annual Review 2017 SCA-ad 2017 resized.indd 1 10/30/2017 10:40:22 AM EXECUTIVE DIRECTOR’S LETTER: A MESSAGE FROM RANDY VANDERHOOF Delivering Value to a Diverse Market Thank you for taking the time to read the 2017 Annual Review. This publication captures the best aspects of the membership experience for 2017 that hundreds of individual members and their organizations helped to provide. This year was especially sig- nificant, as the organization expanded its mission beyond smart cards and was re-branded as the Secure Technology Alliance. The new name and scope allows the Alliance to include embedded chip technology, hardware and software, and the future of digital security in all forms. The vast number of deliverables and member-driven activities recorded in the publication illustrates the diversity of the markets we serve and the commitment of all the industry professionals who contribute their knowledge and leadership toward expanding the market for smart card and related secure chip technologies. CHANGE COMES WITH NEW OPPORTUNITIES The decision to expand the mission and rebrand the organization was driven THE DECISION TO EXPAND by the changes in the secure chip industry, mostly from mobile technol- ogy and the growth of Internet-connected devices. This does not mean the THE MISSION AND REBRAND market for smart cards has disappeared. In fact, over the last few years, the THE ORGANIZATION WAS U.S.
    [Show full text]