As we near the end of
SeptemberOctober I realize that I haven't updated this blog in a bit. Sometimes my entries are inspired by recent events or material I bump into, such as https://spectrum.ieee.org/tech-history/cyberspace/todays-internet-still-relies-on-an-arpanetera-protocol-the-request-for-comments. This format is refreshingly simple when I compare the effort in curating the https://www.rfc-editor.org/rfc/rfc5970.txt versus some of the more painful processes in other venues.
Speaking of ipv6, I remember visiting Facebook in 2011 or 2012 to help with some UEFI ipv6 network boot issues. Since we didn't retrofit IPV6 boot to legacy PXE, datacenter folks going all ipv6 https://www.datacenterknowledge.com/archives/2010/06/10/facebook-deploys-ipv6 UEFI was the only game in town for deployment. I still recall the rough, open interior of the Facebook campus https://www.theregister.com/2011/02/08/facebook_in_menlo_park/, but the best memory was when I was leaving. My host walked me through a courtyard and a recall passing a building with a windowed corner office where I saw Zuckerberg leaning back in a chair in his T-shirt with a phalanx of suited men standing in front of his desk. It was as if a king of yore was holding court with his many knights and vassals. Fascinating stuff.
People may decry the "Fall of silicon valley" https://www.robrhinehart.com/the-fall-of-silicon-valley/, but from my first trip there in 1997, to that 2012 trip, to the training session http://www.chromium.org/chromium-os/2014-firmware-summit/2014%20Chrome%20OS%20Firmware%20Summit-%20Overview.pdf at the CHM https://computerhistory.org/, to my last trip to Intel HQ last year....
including catching a glimpse of Grove http://vzimmer.blogspot.com/2014/02/anniversary-day-next-next.html
Speaking of Grove and his collected wisdom
such as "disagree and commit," there has always been a battle to enforce this, including folks who might "disagree and de-commit." Regrettably, for '20 a new one has crept in. namely, "agree and ignore. But as always, a culture is only as strong as the folks who continually fight to uphold it.
Regarding values I now find myself often using the triple of 'business first, team second, and career third' to explain to engineers the priority they should use in their career. Namely, focus on solving business problems first, even if the issues are outside of your organization. Next ensure that you have a healthy team and support your organization. Finally, worry about your career. Mistakes often happen when engineers put their career's as a first priority. In the latter case it may yield a small local victory but in the end is corrosive to both the business and the team.
In addition, the I found the value of 'always leaving' to be of interest from the Google culture https://www.oreilly.com/library/view/software-engineering-at/9781492082781/. It doesn't mean that you should always be switching jobs but instead it argues that employees always ensure that they provide sufficient documentation and collateral such that they can 'leave' a role for a more important mission and easily have someone take their place. Someone once remarked "I guess that I have job security since my code is so complicated." That's not demonstrating 'always leaving' but instead a more pernicious 'always nesting.' And in fact the reply to that person was that such a type of code will lead to disruption because long term the business cannot sand for that state of affairs.
Beyond Grove's book and recent musings in the Google text, some of the insights from Amazon are quite interesting. These include the role of PE's in their organization https://deloitte.wsj.com/cio/2020/09/16/at-aws-engineers-drive-architecture-shape-products/ to the Builders' Library https://aws.amazon.com/builders-library/?cards-body.sort-by=item.additionalFields.customSort&cards-body.sort-order=asc. The latter is interesting in that it solves many problems - a scalable way for PE's to mentor, and by providing the material publicly, demonstrates the expertise and competence of their technical leads to customers along with their internal population.
Beyond 'ignoring' and other things, I do like the quote "Innovation takes something that people use and improves upon it. "from the above-cited "Fall of Silicon Valley" article. I should reprise my thoughts http://vzimmer.blogspot.com/2013/12/invention-and-innovation.html on this topic.
On the subject of improvements, we are also trying to enhance the workflow across many different firmware technologies, such as slimboot, coreboot, and PI-based implementations like EDKII - the span of which we discuss a bit in chapter 1 of https://www.springer.com/us/book/9781484261057, too. This work includes an effort to allow for interoperability between these environments via a more standardized 'payload' We have a draft specification at https://universalpayload.github.io/documentation/spec/spec.html and various implementations of payloads, including Linux https://github.com/universalpayload/linuxpayload and EDKII https://github.com/universalpayload/edk2, alongside various bootloaders like slimboot https://github.com/universalpayload/slimbootloader and coreboot https://github.com/universalpayload/coreboot to invoke the payload. The latter will grow to EDKII Min Platform, Oreboot, and the former to U-Boot and potentially Skiboot or Hostboot.
In addition to curating works on the universal payload above, the earlier-promised 'FSP SDK' mentioned in slide 20 of https://2018.osfc.io/uploads/talk/paper/1/OSFC_Keynote-005.pdf is being developed in https://github.com/universalpayload/fspsdk.
Regarding additional improvements, we continue to explore Rust for firmware, including the talk https://www.youtube.com/watch?v=dCu0-frSURE and presentation https://uefi.org/sites/default/files/resources/Enabling%20RUST%20for%20UEFI%20Firmware_8.19.2020.pdf. We elaborate on these points in chapter 20 of the upcoming https://www.springer.com/us/book/9781484261057, too.
In addition to improving code through language based security, the boothole vulnerability led to some interesting exchanges on Twitter https://twitter.com/vincentzimmer/status/1290377140223934465, including a curation of the various defense-in-depth activities underway for EDKII https://github.com/jyao1/SecurityEx/blob/master/Summary.md. This work is something that the tianocore infosec https://github.com/tianocore/tianocore.github.io/wiki/Reporting-Security-Issues can help drive, along with tightening up the CVE allocation process https://cve.mitre.org/news/archives/2020/news.html#September182020_TianoCore_Added_as_CVE_Numbering_Authority_CNA. Writing CVE's appears to be as much art as science.
The NSA also weighed in on UEFI Secure boot usage in https://www.nsa.gov/news-features/press-room/Article/2347822/nsa-releases-cybersecurity-technical-report-on-uefi-secure-boot-customization/, including https://trustedcomputinggroup.org/wp-content/uploads/TCG_EFI_Platform_1_22_Final_-v15.pdf. The latter has an interesting list of contributors who have moved on - Lee and Wooten and Springfield retired, Shiva at HPE, Bill at Amazon, Monty at GE....
I guess that I've been on this project too long. I even saw a reference in the TPM dev miniconference to figure from https://people.eecs.berkeley.edu/~kubitron/courses/cs194-24-S14/hand-outs/SF09_EFIS001_UEFI_PI_TCG_White_Paper.pdf. This was before Brogan became master of Mu https://github.com/microsoft/mu_tiano_platforms and when I had a lot more hair.
Ironically I even find people who sometimes try to explain to me the intent behind some thing I created 20 years ago. Recently it was some nuance of the PEI infrastructure. I didn't have the heart to tell them that I invented the item in question, wrote the initial implementation and the specification on the topic, too. Or mention why the Terse Executable (TE) image has the 'VZ' signature. I just smiled and nodded by head. Ah, youth.
As a final thought, the Intel logo change inspired a trip down memory lane http://vzimmer.blogspot.com/2014/01/.
is pretty compelling.
And on that I think I'll close on this, a happy note.
Happy & safe continued quarantine to those in geo's with restrictions.