Spectre and Meltdown exploits

I’m trying to grok how these guys work. The white papers are posted by Google Project Zero.

General idea of what’s going on

The attacks are done by triggering speculative execution of code on out of bounds data, to access data you’re not allowed to run, and by using cache latency to detect if a condition about the out-of-bounds data is true or not. All good CPUs allow out of order speculative execution of code, and once the CPU knows if the code was ok to run it commits the results as having run, else it discards the results as if they were never computed in the first place. However the results don’t matter, what matters is that running the code may anyways have changed what’s loaded in the cache or removed. In other words it can make future accesses to data slower or faster. Timing these differences is what’s used by the attacks.

  • Flush cache so that load_something_slow() is slow
  • Run speculatively your code, such as:
    if (unknown_condition) { if (array[x] == y) load_something_slow(); }

    • array[x] == y can be run speculatively by the CPU because it tries to issue instructions past the unknown_condition just in case it saves time to already know the result.
    • Because it is speculative, the CPU will verify if that code needed to run, and if not will dispose of the result so the application never sees it was tried.
    • However the speculative execution was not invisible. It can change the time it takes for the program to run, in particular it may have been forced to do a slow memory I/O that you can time.
    • If the code was fast, the condition went one way, if it is slow, it went another way. In other words, if you monitor the time you can tell what the value you wanted to read is.
    • You have detected a data value from a side channel aka a byproduct of a physical property of the CPU.
    • You have accessed data indirectly via a covert channel, aka a hidden indirect means of communication.

 

I see 3 levels of risk:

  • sandboxed code spies on the program running it
    For example: javascript user code accesses information stored in the browser
    Property: the sandboxed code is run in the same virtual address space as the program
    How: the sandbox code can use speculative execution to access any data in the program. If the bounds are checked to avoid out of bounds access, it can still trick the CPU speculative execution to do the out of bound access.
  • program spies on OS
    For example: a user program tries to read passwords typed by other users
    Property: the program escapes its user virtual address space and is able to read information in inaccessible kernel address space.
    How: some kernel pages are mapped into user space (like the sys call table I would assume, and possibly other I/O pages). The same approach is done as above, but somehow you force the OS to run code and monitor its performance.
    Bigger deal: This breaks the ring isolation. The OS is in ring0, which is allowed to run privileged code. Your app runs in ring3, which is allowed only to mess with itself, or ask the OS permission to mess with other things via controlled system calls.
  • program spies on another program
    For example: your web browser runs code that accesses your 1password data
    How: I’m not sure, but I assume it uses libraries that are shared between programs. In that case it might find existing code to run with good timing properties, and hack the state of the caches or BTB to get infos. It might work with the BTB if it uses physical addresses to map the branch results because you could trigger a flush of a branch target to make it slow when it runs on the victim program.
    Even bigger deal: if that works is that it breaks Virtual Memory isolation. Both programs run ring 3, but they don’t know about each other because their data and code is in a different, unrelated virtual address space. The OS maps those virtual addresses to physical memory location as needed. For shared libraries, the same physical memory is mapped into the virtual address spaces of the programs.

 

Meltdown in a nutshell:

It allows a program to read any data from the kernel or any other process!

The issue is that modern Ones map their kernel address space into the address spaces of all their processes for convenience. The user process itself can’t normally access anything because the kernel addresses can only be accessed while in ring-0 privilege, and any attempt would trigger a fault.

Reading kernel data: By using speculative execution, the malicious user program set a physical state in the memory hierarchy, for example loading a cache line, based on a comparison of the value in any kernel address with any value of its choosing, without triggering a fault. It can then time the performance of accessing that part of the memory hierarchy, and get a true/false response to the comparison it performed, hence figure out its value.

Reading other processes data: Physical memory is limited and Linux and other Ones basically map all the physical address space in the kernel’s virtual address space (the virtual address space is pretty much infinite 2^64 bits so it’s cheap to cut out a fe gigabytes). This means the kernel actually holds all the user program data currently in memory in its virtual address space, hence the malicious program can access all the data of the kernel or any application, if it is held in memory. That includes all passwords in clear!

KAISER patch: The patch being applied to Linux and other Ones is basically to NOT map the kernel address space in the user address space, since ring-0/ring-3 protection does not protect against speculative execution access to ring-0 addresses. The fix is not 100% effective because the kernel must map some parts in user space, like the interrupt table or the sys call page I would say, but that’s only kilobytes and none of the other user’s data. The risk left is that these addresses left contain enough information to devise other attacks via other means.

Spectre idk.

Advertisements

SQ11 Mini DV manual

 

An attempt to decrypt the manual of this device from chinglish:

hd-mega-lens-sq11-dv-hd-1080p-mini-spy-camera

  • Power button
  • Mode button
  • LED red/blue

Charging:

  • Red flashing: charge done
  • Red on: charging
  • Red+blue flashing: Protection shutdown mode or SD card missing

Modes:

  • Power -> standby
    • Mode-> 720P O -Mode-> 1080P -Mode-> 12MPix O ->
    • 720p: Power-> *** Record -Power-> standby
      • Long-Press-Power -> IR off **
    • 1080p: Power-> *** Record -Power-> standby
    • 3Sec-Mode-> *** Motion Record
    • 12MPix: Power-> * Photo -Power-> standby
    • Long-Press-Power -> IR on **
    • 6Sec-Power -> off

Details:

  • 720p: Press Power, standby mode, blue LED is on.
    • Press Power, blue LED flashes 3 times. Video will save in 5min segments. Press Power again to go back in standby.
  • 1080p: Press Power, standby mode, blue LED is on. Press Mode, purple(red and blue), LED stay on, 1080p standby mode.
    • Press Power, blue light turns off, red light blinks. Video will save in 5min segments. Press Power again to go back in standby.
  • 12Mpix: Press Power, standby mode, blue LED is on. Long-press Mode, for 2 red LED blinks.
    • Press Power or Mode, red LED blinks for each photo.
  • Infrared on: Press Power, standby mode, blue LED is on. Long-press Power for 2 red LED blinks.
  • Infrared off: Press Power, standby mode, blue LED is on, enter any recording mode. Long-press Power for 2 red LED blinks.
  • 720p Motion detection: Press Power, standby mode, blue LED is on.
    •  Long-press Mode, for 3 seconds. Red LED flashes. Blue light on motion detect, Purple flash while recording. Press any button to stop
  • 1080p Motion detection:
    • same

 

testA


DEALERS ROOM EAST ALPHABETICAL
 87a 3eyedfeline  123 4th Dimension Entertainment   88 Aisu Art   71 Ajin Arts  79b Al Neun   89 Art-Kour   58 Balaa  104 Bearcoffee   51 Brainfarto   76 CFStudios  120 CloverPuff   74 Con Store (satellite)   67 ConTact Soap and Scent   95 CoonerArts! 103a Creatureneer LLC  115 Cryptovolans 117b D. Bruin’s Art and Prints   74 Dealer Services   60 Etuix   80 Fabric Mountain   53 Fandom Fashions  121 FeretStudios  64a Foxes & Peppers LLC  113 FurPlanet   55 Fursuit Supplies   96 Gideon’s Corral  50b Glopossum 103b Hannah Diaz  87a Houndsteeth 116 Hybrid Night Creations   72 Hyena Agenda   92 INKtiger   57 Idess Art   68 InkedFur  107 Iris Jay Super Comics  79a J3T  108 Jonathan Vair Duncan   98 Kacey Miyagami 118b Kaijukat  125 Kawaii Doggo   49 Kazplay   90 Kenket   52 Kihu & Werewolf Boyfriend  105 Kitsumi   62 Lady Ducky   83 Lagarto   59 Laura Garabedian   82 Lemonbrat Inc.   61 Likeshine  106 Mary Mouse – Certified Tags  64b Menagerie Workshop 117a Milkteatown  125 Muttmix   63 Myrtle’s Monsters  107 Nero O’Reilly   85 Nomad Complex  79b Non-Newtonian Gender Fluid   99 Nut Case Art 103b OhMyMangos 100b Pacific Autumn  126 Paw to Press   70 Phoebe and Her Unicorn   51 Pizza Day Comics   66 RHPotter Light and Shadow  65a Ransom   93 RedCoatCat  50a RicoShae  118a RomeTwin Illustration  65b Ryuu Daiga   97 Santa Clara County Office of LGBTQ Affairs  109 Sasha R. Jones Illustration  101 Sassypants   94 Shinigami Girl   47 Sixth Leaf Clover  111 Sofawolf  108 Stigmata  125 Sunny Valley Creations   56 Tail Kiss Studio  122 Talenshi Illustration & Design   78 TentArt  119 The Gilded Beetle  87b Vermillion XVII  100a Waffle Wishes   81 Warhorse Workshop & Soap Pony  102 Whinges   58 Wicked Sairah   91 Zardis Art
DEALERS ROOM WEST ALPHABETICAL
 39 @pointedfox  13 Agent Elrond  26 Ahro 36 Aycee Art 42b CINAMONCUNE 42a Chu Kazoo Studio   9 Chu  40 Creative Mochi 30b Crunchy Dom Fam  27 Dagger Leonelli  15 Dark Natasha  28 Dead Dragon Designs 31a Delicious Disguises  25 DiZZiNESS  18 Diana Stein  43 Don Simpson  29 Eligecos Art  6b Golden Druid  17 Heather Bruton  13 Heliopause Productions 30a Herr Kater 32a HidingMonster 24b Hopeful Monster Studios   7 Inki-Drop  6a Inkmaven Art  5a Ishaway  38 Kawaiidog Arts   1 Keovi   3 Kikidoodle 11a Kimba Snowpaw  41 Kipper Arts  12 Kiriska  10 Kory Bing  14 LightBright Studios  33 Luna Starbright Illustrations  22 Lydiarts and Crafts   2 Mango Island  16 Marci McAdams  23 Matrices.net  13 Moth Monarch  20 NONSTOPPUP  21 Naomi Romero Art 11b NightlineZ  46 Onnnoko  45 PMoss  16 PacifiersRUs 31b Painteddog  44 Plush Hearts Inc.  35 Redrusker  44 Royaldog12 Studios  19 Sandy Schreiber   4 Skulldog  5b Space Cat Creations 32a TKG Studios  34 Thay Rustback  20 Unagi 24a YAAAAAAS!!!
ARTIST ALLEY BY TABLE ORDER
A1 tbd A2 tbd A3 tbd A4 tbd A5 tbd A6 tbd A7 tbd A8 tbd A9 tbd A10 tbd A11 tbd A12 tbd A23 tbd A34 tbd A15 tbd

IBM Model M PS/2 keyboard to USB conversion

I’m glad to see that a simple eBay purchase allowed me to revive my old IBM keyboard from 1984. Online the fan sites indicate the need to hack the wire with an expensive ($25 ~ $50) bulky adapter because of the logic levels and the power consumption of these old keyboards.

I’m on a MacBook Pro 8.2 (2011) – one of those I restored, on Lion, and the adapter works like a charm. I’m just missing the command/windows key.

Want yours? On eBay look for “PS/2 Male to USB Female Converter Adapter Adaptor For MOUSE KEYBOARD PS2” $1 !

To be honest the more I look the more I’m impressed with the diversity of stuff coming out of China. Drones, 3D printers, robots, mechanical hands.

FYI I also tried this simpler $0.75 connector below, but it doesn’t work:

ps2usb

Apple Macbook Failures and Fixes

For some reason I have now have a bunch of apple products, and more than half is messed up. So here’s a few things I’ve come across trying to RCA what’s going on…

Known issues I encountered and fixed…

Macbook Pro (specifically 2011)

  • Broken Video card, MacBook Pro 8,2 2011, 4 core i7: Known issues with video card overheating and going bad (screen with stripes, refuses to boot). Since there’s a built-in Intel video card and the Radeon HD 6750M, you get video when the intel runs but it goes bad when you get to high res. Also the default thermal paste used is terrible.
    Force the internal Intel video card (try at the EFI level)

    • Reheating/Reballing is not recommended, but a fix can be done reheating at 150C/5min. The reason it’s not recommend is mostly that the video card is expected to overheat again and die some time after the repair.
    • Fix: I did the reheating: I pulled the board out, removed the heat sink, removed the old hardened thermal paste, dusted the chips, boards, case, fans etc. at the same time. I put the bare board on a metal tray after removing the heat sinks and used a heat gun to heat the CPU and video chip for 7 minutes. For temp control, I just used a bit of solder in a cup next to the board and saw it melt and ball. I cleaned and put everything back together with fresh thermal paste.
      Since the worry is overheating I used the best thermal paste I found on the market, Grizzly Conductonaut. It’s hard to apply but the macbook heat sink is copper and compatible. The CPU and video cards barely reach 40-50C so they should not fail anymore.
      Amazing! The screen went back to normal and I have no issues so far. I’ve even loaded Kev’sdeep sea html 5 3D demo to check the temperature, and it stabilized around 75C, and 20fps for my 2.3GHz CPU. The 2GHz CPU does 9fps.
    • Warning: Taking appart a macbook pro requires being careful to remove connectors. I actually broke the keyboard and trackpad connectors by accident. I should have watched a video on how to take it appart first.
  • Non genuine battery: They seem to cause issues
    • AHT 4xxx/4/40000005 error: The battery will throw a AHT error, and may or not prevent charging. The error doesn’t seem to be an issue for me. It charges etc. but AHT still has that warning
    • kernel_task CPU problem: The macbook may feel super sluggish, and maybe the fan kicks in. This seems to be related to sensor issues with the battery. You should try a few times to see if this goes away.:
      • first try to reset your NVRAM (opt-cmd-P-R at boot)
      • then SMT (ctl-shift-opt-power, starting machine turned off AND plugged into a charger). The SMT reset did for me ♥.
    • There are many posts about this issue and no real solution, except this one: Rhys Oxenhams explaining the issue. It seems a new battery ma cause MacOS to trigger Intel SpeedStep to under clock the CPU when there’s potential for overheating which shows up as kernel_task CPU usage shooting from 2% to %750 when looking at all processes in Activity Monitor (Menu: View – All processes), or at ps on a terminal (sort by cpu with “o cpu [enter]”).
    • Note you can also look at other tweaks like maxing out your GPU.
  • Upgrading to High Sierra: It’s become hard to do from Lion. In order to do so you need to go via an install of Yosemite. It’s actually not necessarily available in the Apple store for you unless you have a direct link! If that fails check macDrug.
  • LaunchPad: The old keyboard have the Dashboardand new keyboards have  the LaunchPad mapped to F4. Of course there’s F4 and fn-F4 and you can’t easily remap the F4 behavior. The fix is to install FunctionFlip which toggles those function and alt-function commands key by key. Install it and flip the F4 key. Now you still have to map the AppLauncher to F4 and you’re done (System Preferences – Keyboard – Shortcuts – Launchpad & Dock – Show Launchpad –  fn-F4)

Cinema Display 27″

  • Intermittent screen shut off or not coming on linked to faulty Mini DisplayPort wire.
    On newer models (which only have power and miniDisplay cables), it is possible to plug in a separate Mini DisplayPort in the back, since there are usb and mini display ports there. I must try the secondary DisplayPort cable.
    Unfortunately I also have an older model (usb, power and mini display cable and no ports in the back). i could try to replace the combo wire ($70 cable on ebay, make sure it’s the right one, the cheap $20 one doesn’t have USB and is not for this display and might be compatible with the new display). 

Macbook Air

  • Water damage creeps up fast on macbook air, and can destroy the SSD too.
    I need to revisit this to see if I can fix the macbook. Repair is $750.

All MacBooks

  • Flaky Wifi: Not quite figured it out, but my macs seem to stay on the wifi but the web browsers loose connectivity and I have to turn off/on the wifi. This is with Comcast Motorola DOCSYS v3 and macbook pro, macbook air of multiple generations OS X El Capitan to High Sierra.
    I don’t know if it’s just some DNS bug or something. One thing could be some wifi power save.

Macbook boot options

  • D-Power or Option-D-Power: The Apple Hardware Test (AHT) is built-in most macbooks. It will scan the hardware and report error codes.
  • Command-R-Power or Command-Option-R-Power: Recovery mode allows you to re-image the macbook
    Also in terminal: “csrutil disable/enable” to allow editing /System plist files (ls -lO /System to see if you’re allowed to write them)
  • Shift-Control-Option-Power: Resets the System Management Controller (SMC)
  • Command-Option-P-R-Power: Reset the parameter random access memory (PRAM or NVRAM). When holding keys wait for the second beep.
  • Shift-Power: Safe-mode boot, skips some boot items to help troubleshoot software issues
  • Command-V-Power: Verbose safe mode boot, lists on screen what is done during boot
  • Command-S-Power: Boot single user mode command line
  • Option-Power: Startup Manager, to choose boot device (Option-N-Power boot on network, Option-C-Power boot on removable device)

In MacOS

  • System Information(Profiler)>Power
  • Activity Monitor

Great resources

 

 

C++ is such a contrived language

I’ve moved from C to C++ for a couple of years now, and every time I try to do something a little bit fancy I reach the limitations of the language, where I have to waste time to do really contrived things to make it work, because “architected” language features are actually hacked solutions more than a design with intent. It looks OK in a textbook, not so much when you try to work.

If the web search engines and Stack Overflow were not readily available, it would be nearly impossible to figure out the arcane behavior of the compiler.

C++ always promise to allow me to do something and in the end the little devil comes out and makes it all super complicated and forces me to give up or write some obscure, hard to parse solution.

Right now I want to make a simple macro that prints into a JSON format into a stream, and pass any type numeric, string or class object, and have it properly pretty printed. It almost works except char is printed as a character value, not an integer value, so it’s screwed up. I can use the unary + to print it properly, but it’s not defined for all types so it can’t be used in a macro that doesn’t differentiate the input type. And it’s impossible to special case char, use to_string(), reinterpret_cast<> or any other hack without being a master of C++ arcane-bullshit.
Here’s an example of C++ BS.

Another example is the irksome declaration of classes in headers that must include private sections, which breaks makefile dependency checks and trigger full rebuilds in large projects. Leeching shortcomings of the compiler into the language is a fallacy. I don’t care if the private section entries are needed by the compiler to properly handle linking. Hide that shit. And same with templates, which force you in some cases to declare source code in headers.

C++ is powerful, but also obscure and with obscure side effects that are artifacts of piling up features on top of a language over time without working them properly to become seamless.

With all the clutter of features and piles of standard libraries more or less optimized and leaking memory and corner case behaviors, C++ still compile code that is faster and more efficient than all the newer languages. The bar is not very high…

It’s amazing we’re able to build massive projects in C++.

We need a genius to revisit C and make it object again, but without all the failures of C++ or Java or other interpreted languages.

Buck converters

I’ve become more aware of buck converters, and started buying a crap ton of different ones for multiple projects where I need to change the voltage. They are super easy to use, Connect Vin, Vout and ground. Often there’s 2 ground pins to help you wire your load and your battery.

Random comparisons of buck converters to other solutions

A buck converter is a lot more efficient (up to 96% efficient) than a linear LM78Lxx voltage regulator (LM13700N, LM78L05…) though the efficiency curve is often unclear: 80% to 96%, with the heat dissipation issue implications when it is not on its efficiency curve. A buck converter basically charges capacitors and switches them  with a clock to the output to dump a lower voltage (340kHz). The output current is smoothed/regulated using a choke and capacitors.

I believe an LM chip burns the watts you don’t use into heat. Wdissipated = (Vdd-Vload) * Iload. If your chip uses more than a few milli amps, it runs your batteries and becomes hot. For reference, a 50mW controller uses 10mA at 5V. With a 12V supply the LM78L05 wastes 70mW. That is the example of an AtTiny85 driving 12V WS2811 LEDs.

An LM voltage controller is still better than using a plain resistor bridge to lower the voltage. Vload = Vdd (R1 / R1 + R2), because that relation holds only if Iload is negligible vs Ibridge, and the current in the bridge is just wasted energy.

Other bad alternatives: Connecting your controller to Vdd directly with a resistor but if the current draw of your chip varies a lot, its voltage would too and could blow the chip if the current drops (because Vload = Vdd – R * Iload). Connecting your controller to Vdd with diodes, since each one drops 0.6V: You’d need 12 diodes in series to connect your 5V controller to a 12V power supply and would waste energy (Vdd – Vload) * Iload.

Cool buck converters

There’s a couple of tiny buck converters that pack a punch:

  • AMS1117
    Perfect to power a micro controller or something low power piggy backed on a high power higher voltage setup.
    Those support up to 1A,  and come either in adjustable voltage (you use a resistor bridge on the outputs knowing Vref is 2.25V), or in multiple voltage, 3.3V and 5V are common, which means you wire the ref pin directly to ground to get that output voltage, which is super convenient, precise and stable. They come pre-wired on mini boards for a dime with the required capacitors (SMD 104 and 106 caps in parallel on each side).
    If you have a 3.3V board, you can use 3 diodes to connect its ground to your main ground to allow it to regulate to 5V if you don’t have a 5V board.
    Vin is limited at 17V. However with the trick above, for 5V regulation that can become 18.8V
  • Mini 360
    It is higher power at 1.8A. It does 3A peak, but heats up real fast and may do a thermal shut down to not melt.
    It is adjustable (1 – 17V) via a tiny rheostat you tweak (so maybe more prone to de-tuning over time).
    The board is about as wide as an AMS117, but is shorter, so it is super tiny (1/2 a postage stamp if that)! It costs about 30cts/piece.

It’s too bad, you can’t wire buck converters in parallel to get more amps. This causes instability. However even 5A buck converter boards are relatively small and cheap still (a couple of dollars).

So many programmable LED types!

As time goes by, I’m discovering more and more types of programmable LEDs!

Do you know of any other kind and their specificity or compatibility? Please comment on those!

  • Non-programmable, analog (not supported by FAB_LED)
    • Standard single color LED, requires a resistor, usually (Vdd – Vdiode) / Idiode, and Vdiode, often 3.4V, Idiode often 20mA (regular) or 30mA (bright), sor for 5V power, 68 Ohm to 86Ohm.
    • RGB with 4 pins, one pin per color plus common ground, which may have different voltage requirements from 2.2V to 3.6V, aka different resistors on each pin.
    • Fast or slow blink RGB LED, wired the same way as above, super convenient for quick color fun. You can’t dim them because it would reset their sequence.
  • One wire (all have compatible clocks, but different color orders)
    • WS2812 / WS2812B
    • WS2811 (often 12V power, with 5V signal)
    • SK6812 (supports up to 4 colors, commonly GRBW)
    • APA104
    • APA106
  • SPI (data+clock pins, easy to control, faster, but more wires)
    • APA102 (first byte has 3 top bits set, plus low 5 bits is global brightness using a different PWM rate superimposed)
    • WS2801 (no first byte)
    • P9813 (first byte has 2-bit checksum of the other color bytes)

Since I will need those for projects, I plan to support WS2801 and P9813 in FAB_LED. That requires me revisiting the SPI support I have, as part of my overhaul of the library.

The hidden math of extra mortgage payments

Don’t pay by anticipation to shorten the loan, and invest the money!

It’s good to lock a 30Y fixed because interest rates are going to go up and up, and the bank allows you to repay more principal than the mortgage premiums to end the mortgage early. But is it to your benefit?

One thing I was told AFTER is that paying by anticipation DOES NOT change your payment schedule… So what does that mean? It means that if you’re paying by anticipation, you’re loaning money to the bank for free. You would be better off holding onto that money (possibly invest it), and using it only at the end to close your mortgage a few years early.

If I’m right then mortgage calculators like this nice one don’t tell you the truth about early payments.

It turns out that when you ask around, your realtor or other folks supposedly here to help you purchase a house won’t really help you, they may not even know where the trickery is, it’s hidden in the pudding, but it’s simple if I figured it out correctly.

Here’s some generic loan numbers, for a $500K loan at 3.5%:

$500K, 30Y fixed 3.5% = 2,245.22/month, for 360 months,
$308,280.34 interest paid total (61.65% total)

Now what about shortening the loan by a decade?

$500K, 20Y fixed 3.5% = $2,899.80/month, for 240 months,
$195,951.66 interest paid total ( 39.19% total)

So with a 20Y fixed, you save $112K. Fact is you would likely have had a lower 3.25% or 3% loan ($180,634.91 or $165,517.12 interest, so that was another 30K in savings).

What about paying by anticipation same monthly sum as a 20Y monthly payment?Well silly me I thought you could just pay in anticipation and get the same math, just at the cost of a slightly higher interest rate of a longer loan… So let’s do the math: What if you pay every month $2,899.80 on the 30Y loan? That’s $654.58 per month extra…

Instead of ending in 2047 the loan end in Nov 2039, two years after the 20 year mortgage, paying $284,226.20 in interest (that’s because the schedule is fixed!), $88.6K more to the bank.

Ok so if you over pay 2 more years, you should compare to a 22 year loan then! Well that loan would have cost $217,657.34. Still 67K less.

To make it clear:

I think a loan schedule calculates the 3.5% interest you owe every year and splits the interest by 12… 500K * (3.5% / 12) = $1458 for the first month interest. Now we want the loan to last 30 years so you have to pay a given principal amount.

This generates  a schedule like so. Now the schedule is fixed. This means that if you pay early, the interest you owe at that time is not recalculated (it should since you now owe less premium), it stays the same just following the schedule, you only reduced the principal, without changing the interest you pay monthly.

If you kept the money in the bank and just plunked these $176,736.60 to close the mortgage on Nov 2039, you would not have given the lender a penny more…

In fact if you kept that money invested at 3.5% you would break with a 20Y mortgage, gaining $91,538.79 of interest for a total of $268,275.39 in oc 2039. My math must be wrong because it shows you could end the loan in April 2027, not Dec 2037…

Windows hidden tricks

I came across this old article and discovered few things:

  • Microsoft Virtual Wifi Miniport allows a PC to be a wifi access point by installing Connectify.
  • Erase free disk space on C: with “cypher /w:c”
  • Move active window with Window-Arrow keys
  • Pin folders on taskbar folder with righ-click + drag to task bar. Access them with right click on task-bar file-explorer folder
  • Get power efficiency report by searching & launching cmd.exe as admin (right click), then run “powerconfig -energy”, move \windows\system32\energy-report.html and open it.
  • Record steps you take in windows to send to someone, search and run”psr” which creates a mhtml file to share.
  • Verify reliability of apps by searching and launching “view reliability history”. It shows a score graph with the issues listed.
  • Wordpad supports .docx and OpenOffice .odt files.
  • Calculator has units conversion, date calculation, mpg and mortgage.
  • Create a godmod directory anywhere and it will list all the windows configuration options.

GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}