Interview: AMD on Mantle: We want our graphics API to become the industry standard

Mantle has been a story of fits and starts. But with this week's release of the Catalyst 14.1 beta driver and a pair of game patches, AMD's vision for a low-level, graphics-boosting API is finally starting to take flight.

There's plenty of work to be done - the driver is still in beta, after all - but with its release, the effects of Mantle can be implemented by anyone who likes (albeit with some limitations).

Mantle's benefits are promising, but right now its dependence on Graphics Core Next (GCN) architecture keeps it well within AMD's gates. With the company's talk of Mantle improving PC gaming not only for game makers, but for those who play them too, we wanted to know whether AMD would ever open the API to other companies, including its fiercest rivals.

The answer, it turns out, is yes.

Mantle, or something like it

AMD told TechRadar that it'd be willing to make Mantle, or an API based on it, available across the industry. Even, the company said, if it means Mantle is adopted by competitors like Nvidia.

"Mantle for now is straight up in a closed ecosystem, a closed beta, which you have to do in a complicated project like this to get it off the ground. It's us and a few key game developers," Robert Hallock, technical communications, AMD Graphics & Gaming, told us in a recent interview.

"After that phase is done, we do hope that Mantle becomes an industry standard. We'll be releasing a public SDK later this year, and hope that others adopt it. If they don't adopt it itself, then we hope they adopt APIs similar to it that become an industry standard for PC gaming."

How open can you go?

It's a nice sentiment, but does that mean AMD is willing to allow an entity traditionally viewed from behind enemy lines make use of Mantle?

"It's hard to say," Hallock said. "If we want it to be an industry-wide API or inspire an industry-wide API, that would mean adoption from Nvidia in some way, shape or form. I can't speak from an architectural level what that would require of them to change."

"But for the good of gamers, [we] would want one ultimate specification that is either Mantle itself or one similar to it. As Highlander said, 'There can only be one.'"

We asked Nvidia for its thoughts on Mantle and whether it would ever consider adopting the API, but were told that since Mantle isn't open and the company has never seen it, it couldn't comment.

Hallock explained that while it's currently dependent on GCN, Mantle "utilizes a certain level of meaningful hardware abstraction that could eventually allow it to be applicable to other architectures."

"Such applicability," he continued, "is necessary in an ecosystem we hope to grow as an industry standard in the years ahead."

PC thumbprint

AMD has maintained that Mantle will succeed because it was built with the in-put of game developers who wanted to nab better graphics performance with minimal overhead from the machines running their titles.

Hallock relayed some of the feedback developers have had around Mantle, and while he revealed it takes devs longer to bring up a game using the API, the perks quickly become evident.

"It's sort of a simpler, more obvious API with really robust error and obstruction tools," he said. "[Developers] can see what's going wrong [as they develop a game], and it saves time for them."

DICE was the first game dev on the good ship Mantle, but Oxide, Cloud Imperium, and Eidos-Montreal have since jumped on board. Hallock couldn't name future game developers who will join the Mantle march, but said AMD expects more will be announced as the year goes on.

And though a Mantle-enabled Battlefield 4 was supposed to be the API's big coming out party late last year, a hold-up on EA's end pushed back the release.

"We were all a little disappointed," Hallock said of the BF4 delay. "I think we all wanted it to come out in December, but software is a fickle thing. It's unfortunate, but in the grand scheme it's not a big blow. People will be happy and appreciate the extra time that was invested. It is what it is for us."

EA pushed out its Mantle renderer for BF4 last week, and in announcing the release, Frostbite Technical Director Johan Andersson wrote that thanks to the API, "we've significantly reduced CPU cost in our rendering, efficiently parallelized it over multiple CPU cores and reduced overhead in many areas," in addition to improvements to the GPU workload.

That, it seems, would be music to Hallock's ears.

"We hope to put our thumbprint on the industry to show that these lower level APIs for mid-range CPUs is the right way to do it on the PC," he said during our interview. Time, and more games, will tell if that thumbprint sticks.

• AMD and Nvidia are tackling FPS, but in distinctly different ways

Interview: AMD on Kaveri: trumping Richland, beating Intel and Steam Machines

AMD's latest APU is heading into the wild today, and among its touted features is the ability to perform high-end functions with low power sap.

Testing is needed to determine if Kaveri really pushes higher performance per watt while saving battery life, particularly in smaller form factors (AMD is targeting notebooks with the APU).

But until then - and trust us, testing is on the way - AMD gave TechRadar a few cases in point where Kaveri trumps the APU and processing options we've seen to date.

We even get a little insight on possible usage in Steam Machines, too.

Sorry, Richland. There's a new APU in town

We caught up with AMD's Adam Kozak at CES 2014, and the senior product marketing manager noted a key difference between Kaveri and the company's APU before it, called "Richland."

"[Kaveri is] much more power efficient than anything we've had before," Kozak said. "If you actually get a chip and you watch it run during benchmarks, you see in some cases that it actually down clocks the CPU during a benchmark. Richland never did that before.

"Richland would go down to its default clock and sit there while the benchmark was running. Kaveri will even go lower if it can see that the CPU or GPU isn't needed during that benchmark.

"So the guys have worked really hard at optimizing the power states and detecting where it's needed and it'll just crank it right down. It's much more efficient then Richland ever was."

Intel dig

Kozak also called to mind a demo AMD performed a few weeks ago to not only show Kaveri's compute prowess but also how it compares efficiency-wise to rival Intel. AMD is gunning after Haswell - specifically its Core i5 - with the Kaveri stack, even undercutting Intel's low-power chip on the price tag.

As Kozak recalled, the AMD team was showing off Kaveri's ability to frame rate convert Blu-rays.

"Some TVs run [Blu-rays] at 24 frames, but your monitors definitely run at 60 frames," he explained. "If you ever watch a Blu-ray on your monitor, what it has to do is copy all those extra frames to duplicate them from 24 so it equals 60. A lot of frames are repeated. When you're watching something go across, it actually stutters because it's the same frame being shown several times.

"What we do now with Kaveri is we actually interpolate. We use compute to say, 'Here's the next frame, let's figure out that maybe the difference is ...' and we create a new frame. And it's much smoother when it goes across. We can use Kaveri to all this compute computation.

"While we were doing this, we had it plugged into a wall meter, and the whole system itself was generating about 50 Watts," he said of the demo. "That's the whole system - hard drive, memory, everything. And the system beside it, an Intel system, generated well over 100 Watts with a graphics card in it.

"So Kaveri can not only do these really high-end features, but it can do them at very low power, and that's what you want in an HTPC or a home theater type environment."

Kaveri's Steam Machine future?

Though Kozak couldn't comment on unannounced partner products, the question arose whether the Kaveri and its low wattage would ever find its way into Steam Machines.

"I can tell you that Kaveri is actually a very unique part because of this feature [called] configurable TDP," Kozak said. "There's a setting in the BIOS [where] you can change your processor to run at 65 Watts or 45 Watts just with the click of a button.

"That's something where if you want a very small form factor, like a Steam Box, you could have the SI automatically do that at the start. And it would allow you to put in a better graphics card if you wanted and use that TDP elsewhere. Or you could just reduce the form factor and use it."

TDP stands for thermal design power, or the amount of power a chip will dissipate in Watts. A low TDP means easier cooling and fanless and small fan designs with more room for graphics, ideal for machines like Ultrabooks and, yes, Steam Machines.

Both AMD and Intel have made their way into announced Machines, but perhaps a new chapter in their ongoing silicon war will heat up if Kaveri shacks up with a Box? Kaveri seems primed for the fight.

• Kaveri isn't AMD's only APU planned for 2014.

Interview: Perzo: a military-grade messaging service that keeps the NSA at arms' length

Perzo chief David Gurle knows a thing or two about communications. A messaging expert who previously founded Microsoft's Lync video conferencing service and once ran Skype's Business division, Gurle's latest app is a military-grade messaging system designed to keep private communications away from prying eyes.

Gurle believes that communications tools should evolve to bring email, text and instant messaging together under a smart and intuitive interface while placing security high on the agenda. Perzo, which encrypts every message end-to-end using a three-layer encryption system, also brings collaborative features to the table - and it's free.

Launched in December 2013, the service has more than 7,000 active users, racked up 60,000 sent messages, seen more than 2,000 files exchanged and adds on average around 100 users per day.

TechRadar Pro spoke to Gurle to find out more.

TechRadar Pro: The communications space is a crowded one. How does Perzo stand out from the crowd?

David Gurle: It certainly is and the need for more secure communications has become a mainstream one in the wake of the NSA spying revelations. The security policies for existing communications platforms are upside down.

The likes of Microsoft, Google and Yahoo have all built their services first and then added security on as an afterthought and for many service providers it's an inverse relationship between increased levels of security and convenience. To have more of one you get less of the other.

Perzo is the natural evolution of communication tools where email, text and instant messaging come together into an intuitive and smart interface. We built security as the foundation of the product in this next era of communications - new technologies but also new behaviours, which will bring new problems once again.

TRP: Perzo sounds like a Whatsapp equivalent but with military-grade security. Is that a fair description?

DG: No, it's much more.Perzo is a secure communications application that integrates the best of email, Instant Messaging and SMS into an easy to use and viral web application. Perzo guarantees privacy and reliability of user's data whether they are messages, files or pictures.

Perzo encrypts every message end to end. We use a three-layer encryption system along with a random key generator that encrypts each message with a different key. This ensures that there are no men-in-the-middle attacks.

TRP: What collaborative features does Perzo offer?

DG: You can think of Perzo like a privacy layer, sitting above all your existing communications tools and integrating them into one secure UI.

We also have features like Off the Record messages that enable the content of the sent message to disappear after a set timer or Private Messages that enable further encryption to prevent a 3rd party from reading the content of a critical message 'over the shoulder' and ability to request a Read Receipt for each message if needed.

TRP: Perzo is free. How is the company going to make money?

DG: Perzo will always be free. Our roadmap will see us introduce contextual intelligence, which we call smart parsing, to Perzo users.

When Perzo users decide to go to a movie, or have lunch or dinner they will turn on smart parsing and this will allow the end user to receive relevant information about the upcoming event they are talking about. It is like having search come to you at the most relevant time.

So, for example when sending a meeting invitation you can choose for Perzo to also show you recommended locations from various sites likes Yelp, Zagat or Google along with local deals coming from Amazon Local, Yipit or Foursquare, etc… If and when the user selects one of these deals, Perzo will receive an affiliate fee from the site that offers that deal.

TRP: Is Perzo aimed at consumers, businesses, or both?

DG: We designed Perzo so that it can be used for personal and professional communications. Perzo has all the reliability, security and power to be used for making communications effective in businesses while it has all the features individuals will like to be used with friends and family.

Perzo excels in business to business communications and business to consumer communications thanks to its ability to work on multi-operating system and multi-browser environments.

TRP: How pleased are you with Perzo's reception since launching a month ago?

DG: We are extremely pleased with the reception we are getting from users and from the industry. Since launch we've attracted 7000 active users, over 60000 messages sent, over 2000 files exchanged, and we're adding about 100 users a week on average.

TRP: How has your time at Skype and Microsoft helped you with Perzo?

DG: Yes significantly. I have not only learned the craft of building communication software that scales to massive number of users but I also realized that it is only outside of such big companies that I can develop a concept like Perzo which brings the best of email, sms and IM into an easy to use interface and offer true end to end security.

Interview: Mozilla's web security guru talks open source

Mozilla is about more than just web browsers - it's an organisation committed to making the web a better place for users. As part of this, it's funding development of a tool to help web developers make their sites more secure: the Zed Attack Proxy (or ZAP).

Our sister magazine Linux Format met lead developer and security campaigner Simon Bennets to talk about ZAP, Mozilla and black hats.

LXF: Can you let us a little bit about how you started using open source software?

SB: I've been using open source for many years as a developer. I really like it, and I like the principals behind it, but I'd never had the opportunity to contribute to any. I'd tried to convince previous companies that some of our products should be open, but to no effect. Those are commercial decisions, which I typically don't get involved in. I wanted to have a project to work on, and I wanted to learn about security, so I decided to start work on ZAP, as it became. It all came from there, really.

• 50 best Linux distros: find the best one for you

LXF: And you're now working for Mozilla. What's the culture like?

SB: Completely bizarre. Really strange. I've come from a commercial background, and the discussions we have are completely different. You have discussions about whether you should have the discussions in public or not. It's all about what's best for the users - what's best for people who use the internet. It's a very accepting culture and it's a very supportive culture. It's all about doing the right thing, which is really nice to be part of.

LXF: Can you tell us a bit about ZAP. What's it for? Who is it aimed at?

SB: I'm trying to aim it at as wide an audience as possible. It's a tool for finding vulnerabilities in web applications. It's used by security teams - professional penetration testers - but my focus is to get developers, functional testers and quality assurance using it because I think it's important that they understand security.

I believe that you can't create secure web applications unless you have some understanding of web application security. This is a way of understanding that. It allows you to hack your own web applications and get some understanding of what the bad guys are going to do.

• What went wrong with MeeGo? 'Nokia lost faith in the project'

LXF: What's the thing that's surprised you most about working on an open source project?

SB: I suppose the willingness of people to help. I wanted ZAP to be a community project because I think the strength of open source comes from when anyone can contribute. It's been great getting people involved, people to helping out and people doing some really great work. Dealing with the people has been a real pleasure.

LXF: How many contributors are there?

SB: Quite a lot. We have a list of credits on the website that's included with ZAP as well. There are 30 or 40 names on there. About half a dozen contribute code regularly, and some people as and when. It is a community project, so I want people to get involved.

We're very supportive of new people, so whether you're a developer who wants to learn about security or an expert in security who wants to learn more, then we're happy to help you. I'm happy to spend an hour helping someone do something that would take me 20 minutes to do myself, because that means that the person can do more in the future.

LXF: Are there any skills shortages you've found in the open source community?

SB: Documentation! I haven't found a shortage of security skills; surprisingly. ZAP has taken off in the security community, so there's people working on ZAP that know a lot more about security than I do. I'm still learning. I guess we all are!

I suppose there's less of a testing background, but Björn Kimminich has just joined the team and he's from a QA background. He pointed out that there aren't many ZAP regression tests. He's right, and he's started writing them. So we're finally getting some unit tests, which I'd been meaning to do for some time. We could use more people working on the tests, working on the documentations and working on it generally, but that's always the case.

LXF: If there was one piece of advice for people to develop secure web apps, what would it be?

SB: Start learning about security. If you don't know anything about security, you can't build secure web apps. Something like the Open Web Application Security Project (OWASP) top ten risks to web applications is a great place to start. You can start learning about cross-site request forgeries and things like that, which a lot of developers don't know about.

LXF: How do you deal with the issue that ZAP will be used by some bad guys?

SB: That was something I worried about before releasing ZAP. The justification I've got, and the one I still think is valid, is that the bad guys already know how to do all this. The bad guys know the techniques, and they've got their own tools.

A lot of it is knowledge - the bad guys have it and the good guys don't - so I'm aiming this at the good guys. I'm trying to make it as easy as possible with things like integrating ZAP in a continuous integration environment - things that the bad guys aren't interested in. We focus on things that the good guys can use, and it's levelling the playing field to give them a fighting chance.

LXF: Have you made any design decisions that make it harder for black hats to use?

SB: There are certain things that people have asked for that I don't really want to develop - other people can develop them - so there are definitely things that I can think of (which I won't mention) that I would not be comfortable implementing. But in the end, the bad guys will have the tools, and theywill use them to attack your web applications. They're attacking your web applications right now.

• What on earth is Gnome OS?