Slashdot Mirror

theodp writes "Mary Lou Jepsen, who left her One Laptop Per Child CTO gig on Dec. 31st, has reemerged with her sights set on a $75 laptop that will be designed by her new company, Pixel Qi, which is described as a 'spin-out' from OLPC. In a Groklaw interview, Jepsen calls for 'a $50-75 laptop in the next 2-3 years' and says it's time to go Crazy-Eddie on touchscreen prices as well." This is probably good news to Bruce Perens, who thinks that the recent report of Microsoft's dual-boot XO project (with Windows as well as the Linux-based Sugar OS) is a feint driven by Microsoft's fear of "the entire third world learning Linux as children." Update: 01/10 21:22 GMT by T : ChelleChelle adds a link to an excellent interview with Jepsen in the ACM Queue, in which she discusses OLPC and some of the technologies it contains.

ChelleChelle writes "Paul Vixie of Internet Systems Consortium guides us on a journey into the sublime details of the domain name system. Although it contains just a few simple rules, DNS has grown into a system of enormous complexity. This article explores the supposed and true definitions of DNS, and shows some of the tension between the two definitions through the lens of the philosophy of Internet development protocol."

ChelleChelle writes "In a rare meeting, popular sci-fi writer and co-editor of the blog Boing Boing Cory Doctorow and Sun VP Hal Stern consider the open source approach. The resulting interview deals with the pros and cons of going open source, as well as the issues of security and privacy. From the article: 'It seems to me that one of the big problems with the filters you've just identified is who gets to set policy in the machine. As a science fiction writer, I am offended by sci-fi movies where it turns out that the rocket ship has a self-destruct button, it has been pressed by accident, and now the whole thing is going to explode. ... By the same token, I often wonder whether trusted computing architectures that allow remote parties to enforce policy on your hardware are a good idea. Although we can imagine beneficent examples of this, this is what spyware is, by definition, right? Spyware is remote parties setting policies on your computer against your wishes. Is it ever a good idea?'"

CowboyRobot writes "ACM Queue's current issue on Open Source Security includes a short article by Eric Allman of Sendmail on how to handle security bugs in your code. "Patch with full disclosure. Particularly popular in the open source world (where releasing a patch is tantamount to full disclosure anyway), this involves opening the kimono and exposing everything, including a detailed description of the problem and how the exploit works... Generally speaking, it is easier to find bugs in open source code, and hence the pressure to release quickly may be higher.""

CowboyRobot writes "ACM Queue's current issue on Open Source Security includes a short article by Eric Allman of Sendmail on how to handle security bugs in your code. "Patch with full disclosure. Particularly popular in the open source world (where releasing a patch is tantamount to full disclosure anyway), this involves opening the kimono and exposing everything, including a detailed description of the problem and how the exploit works... Generally speaking, it is easier to find bugs in open source code, and hence the pressure to release quickly may be higher.""

AlexGr points out an article in ACM Queue, "Open vs. Closed," in which Richard Ford prods at all the unknowns and grey areas in the question: is the open source or the closed source model more secure? While Ford notes that "there is no better way to start an argument among a group of developers than proclaiming Operating System A to be 'more secure' than Operating System B," he goes on to provide a nuanced and intelligent discussion on the subject, which includes guidelines as to where the use of "security through obscurity" may be appropriate.

ChelleChelle writes "'Cybercrime is pervasive, nondiscriminatory, and dramatically on the increase.' So states TEAM CYMRU, an altruistic group of researchers focused on making the Internet more secure. This article is a look into the root causes of Cybercrime, its participants, and their motivations, as well as suggestions on what we can do to stop this epidemic." From the article: "Many victims do not seem to draw the correlation between their losses and cybercrime; worse, they often view it as a crime that is impossible to investigate and prosecute. For cybercrime to be acknowledged as an important issue, the victims must report such incidents to a receptive law enforcement community with a well-informed judiciary. Attempts such as the president's National Strategy to Secure Cyberspace represent a significant first step in the right direction. To have the desired impact, however, the detailed provisions delineated as action/recommendations must be implemented."

ChelleChelle writes, "In an interview in ACM Queue, Douglas W. Jones and Peter G. Neumann attempt to answer the question: Does technology help or hinder election integrity?" From the article: "Work in this area is as politically loaded as work on evolution or stem cells. Merely claiming that research into election integrity is needed is seen by many politicians as challenging the legitimacy of their elections... One of the problems in public discussions of voting-system integrity is that the different participants tend to point to different threats. Election-system vendors and election officials generally focus on effective defense against outside attackers, usually characterized as hackers. Meanwhile, many public interest groups have focused on the possibility of election officials corrupting the results."

ChelleChelle writes with a link to IBM research on the limits to and lessons learned from two context-aware computing projects: "As the researchers Moran and Dourish put it, 'Context awareness is fine in theory. The research issue is figuring out how to get it to work in practice.' The article lays out two attempts by IBM to do just this. Grapevine and Rendezvous are services offered to IBM employees as a means of looking into the promise and perils of context-aware computing. From these two experimental services the authors have drawn several valuable lessons." From the article: "What computer scientists commonly call context often has more to do with technology than with work situations, people, or frames of mind."

ChelleChelle writes "Starting with the Xerox Alto and the Star, ACM Queue briefly covers the history of human-computer interaction from past to present. It doesn't stop there, however. Using a hypothetical situation involving context-awareness in cellphones, the author lays out his thoughts on the future of HCI, offering opinions, advice, and examples."

ChelleChelle writes "Rather than focusing so much on an explanation of ubiquitous computing and its history, this article presents an actual experimental system designed to operate within a cell biology lab. The application, known as Labscape, was intended to function as an 'invisible assistant,' using context to organize and record information and predicting what would be needed by the researchers as any point in time. The author nicely sums up the article at the end by providing several important lessons about building proactive applications."

ChelleChelle writes "In an entertaining yet well thought-out article, software architect Alex E. Bell of The Boeing Company lashes out at the so-called 'Silver Bullets' and those who rely on them to solve all their software development difficulties. From the article: 'the desperate, the pressured, and the ignorant are among those who continue to worship the silver-bullet gods and plead for continuance of silver-fueled delusions that are keeping many of their projects alive.'"

ChelleChelle writes "When it comes to managing and deploying large scale systems and networks, discipline and focus matter more than specific technologies. In a conversation with ACM Queuecast host Mike Vizard, Amazon CTO Werner Vogels says the key to success is to have a 'relentless commitment to a modular computer architecture that makes it possible for the people who build the applications to also be responsible for running and deploying those systems within a common IT framework.'"

ChelleChelle writes "Chief scientist of ZeroC, Michi Henning, has an interesting look at the story behind CORBA a once-promising distributed computing technology. Henning provides more than a brief history, in addition to several reasons pinpointing why CORBA fell short, focusing specifically on the OMG's technology adoption process itself. Most interesting is the final discussion on what we can learn from CORBA's decline, particularly in reference to web services."

Don420 writes "Jim Gray has an interview with Amazon CTO Werner Vogels for ACM Queue. It is filled with a lot of details about the Amazon architecture that we have not seen before: 'If you hit the Amazon.com gateway page, the application calls more than 100 services to collect data and construct the page for you.' But also quite a strong statements about developing software at Amazon: 'Developers of our services can use any tools they see fit to build their services. [...] Whatever tools are necessary, we provide them, and then get the hell out of the way of the developers so that they can do their jobs. [...] Developers are like artists; they produce their best work if they have the freedom to do so, but they need good tools.'"

ChelleChelle writes "'The two burdens that are probably most annoying to the user are a complex and difficult control interface and lack of reliability.' So says TiVo cofounder Jim Burton as he describes the challenges of designing and delivering an easy-to-use yet highly effective and reliable DVR service. The article is quite broad in focus, providing information on the design aspects of TiVo (hardware, security, source code, etc) yet also taking into consideration the human element, with a large section devoted to service design principles. Overall, a good read for anyone interested in purpose-built systems." Update: 04/21 18:54 GMT by Z : Tim Burton no longer cofounding Tivo.

CowboyRobot writes "FreeBSD's Kirk McKusick has a long interview with Enron's former SysAdmin, Jarod Jenson, where he describes the nuts and bolts of working in and managing such a large-scale operation." From the article: "EnronOnline was a Web-based trading application. We had several hundred, even thousands of commodities that we would price in realtime, the same way that equities are priced. We were trying to push realtime pricing information out to clients who could do instantaneous transactions on them. People who are familiar with financial markets--the commodity markets--would recognize EnronOnline as sort of the same thing. We had a lot of the same issues that the markets had trying to push out realtime data--not only within our local network but also to the customers--as quickly as we could globally, and trying to make sure that what every trader saw on the screen matched what every company in the world had on theirs."

mallumax writes "ACM Queue interviews Hotmail engineer Phil Smoot on how they manage more than 10,000 servers spread around the globe. Between them, they process billions of emails per day and are overseen by hundreds of administrators. To do that they have returned to the command line. From the article: 'Our operations group never wants to rely on any sort of user interface. Everything has to be scriptable and run from some sort of command line'. The overriding philosophy seems to be KISS. Also: tape backups are out and spam levels have stabilized."

CowboyRobot writes "ACM's Queue magazine interviews David P. Anderson, a research scientist at the U.C. Berkeley Space Sciences Laboratory, who directs the SETI@home and BOINC (Berkeley Open Infrastructure for Network Computing) projects. SETI@home uses hundreds of thousands of home computers in the search for extraterrestrial intelligence. FTA: "volunteer computing arose because projects such as SETI@home needed $100 million worth of computing power but didn't have the money. But there's no free lunch--a project must give participants something in return for their computer time.""

CowboyRobot writes "Relational databases were developed in the 1970s as a way of improving the efficiency of complex systems. But modern warehousing of data results in terabytes of information that needs to be organized, and the growing prevalence of mobile devices points to the increasing need for intelligent caching on the local hardware. According to the ACM, the future of database architecture must include more modularity and configuration. Although no concrete solutions are included, the article is a good overview of the problems with modern data systems."

gManZboy writes "Ever wonder where database technology is going? This is something that Turing award winner Jim Gray from Microsoft has given a lot of thought to. He recently published an article in which he looks at the many forces pushing database technologies forward, and what those new technologies will look like. Gray writes, 'the greatest of these [research challenges] will have to do with the unification of approximate and exact reasoning. Most of us come from the exact-reasoning world -- but most of our clients are now asking questions that require approximate or probabilistic answers.'"

CowboyRobot writes "I was going through some code from 2002, frustrated at the lack of comments, cursing the moron who put this spaghetti together, only to realize later that I was the moron who had written it. An essay titled Comments Are More Important Than Code goes through the arguments that seem obvious only in hindsight - that 'self-documenting' code is good but not enough, that we should be able to write code based on good documentation, not the other way around, and that the thing that separates human-written code from computer-generated code is that our stuff is readable to future programmers. But I go through this argument with my colleagues, who say that using short, descriptive variable names 'should' be enough as long as the code is well-organized. Who's right?"

gManZboy writes "Developers who want a flexible, configurable, IDE have long preferred plug-in architectures such as Eclipse over what they might view as the bloated, monolithic alternatives. Ever wondered how it all works? Well, ACM Queue just posted an article by someone who has worked on Eclipse since its inception, Dorian Birsan. He gives a great explanation of the Eclipse architecture as well as a thorough analysis of things to watch out for when developing or working with pure plug-in architectures."

gManZboy writes "Queue just posted an interview with XML co-inventor Tim Bray (currently at Sun Microsystems). Interestingly enough the interviewer is none other than database pioneer Jim Gray (currently at Microsoft). Among other things, in their discussion Tim reveals where the idea for XML actually came from: Tim's work on the OED at Waterloo."

gManZboy writes "Queue just posted an interview with XML co-inventor Tim Bray (currently at Sun Microsystems). Interestingly enough the interviewer is none other than database pioneer Jim Gray (currently at Microsoft). Among other things, in their discussion Tim reveals where the idea for XML actually came from: Tim's work on the OED at Waterloo."

gManZboy writes "In part 2 of its special report on Quality Assurance (part 1) Queue magazine is running an article from Keith Stobie, a test architect in Microsoft's XML Web Services group, about the challenges one faces in trying to test against large codebases."

gManZboy writes "In part 2 of its special report on Quality Assurance (part 1) Queue magazine is running an article from Keith Stobie, a test architect in Microsoft's XML Web Services group, about the challenges one faces in trying to test against large codebases."

gManZboy writes "Original author of Make and IBM Researcher, Stu Feldman has written an overview of what should be (but is sadly perhaps not) familiar ground to many Slashdotters: Quality Assurance. He argues that QA is not equivalent to 'testing', and also addresses the oft-experienced (apparent) conflict between QA-advocates and 'buisiness goals.'"

gManZboy writes "Original author of Make and IBM Researcher, Stu Feldman has written an overview of what should be (but is sadly perhaps not) familiar ground to many Slashdotters: Quality Assurance. He argues that QA is not equivalent to 'testing', and also addresses the oft-experienced (apparent) conflict between QA-advocates and 'buisiness goals.'"

gManZboy writes "Four computer scientists have done a formal analysis of five Open Source software projects to determine how being "Open Source" contributes to or inhibits source code maintainability. While they admit further research is needed, they conclude that open source is no magic bullet on this particular issue, and argue that Open Source software development should strive for even greater code maintainability." From the article: "The disadvantages of OSS development include absence of complete documentation or technical support. Moreover, there is strong evidence that projects with clear and widely accepted specifications, such as operating systems and system applications, are well suited for the OSS development model. However, it is still questionable whether systems like ERP could be developed successfully as OSS projects. "

gManZboy writes "Four computer scientists have done a formal analysis of five Open Source software projects to determine how being "Open Source" contributes to or inhibits source code maintainability. While they admit further research is needed, they conclude that open source is no magic bullet on this particular issue, and argue that Open Source software development should strive for even greater code maintainability." From the article: "The disadvantages of OSS development include absence of complete documentation or technical support. Moreover, there is strong evidence that projects with clear and widely accepted specifications, such as operating systems and system applications, are well suited for the OSS development model. However, it is still questionable whether systems like ERP could be developed successfully as OSS projects. "

CowboyRobot writes "Developer of Smalltalk Alan Kay has an interview on ACM Queue where he describes the history of computing and his approach to designing languages. Kay has an impressive resume (PARC, ARPAnet, Atari, Apple, Alan Turing Award winner) and has an endless supply of memorable quotes: 'Perl is another example of filling a tiny, short-term need, and then being a real problem in the longer term,' 'Once you have something that grows faster than education grows, you're always going to get a pop culture,' 'most undergraduate degrees in computer science these days are basically Java vocational training,' 'All creativity is an extended form of a joke,' and 'nobody really knows how to design a good language.'"

gManZboy writes "Two researchers in China has taken a look at the steganography vs. steganalysis arms race. Steganography (hiding data) has drawn more attention recently, as those concerned about information security have recognized that illicit use of the technique might become a threat (to companies or even states). Researchers have thus increased study of steganalysis, the detection of embedded information."

gManZboy writes "Two researchers in China has taken a look at the steganography vs. steganalysis arms race. Steganography (hiding data) has drawn more attention recently, as those concerned about information security have recognized that illicit use of the technique might become a threat (to companies or even states). Researchers have thus increased study of steganalysis, the detection of embedded information."

gManZboy writes "In an article that's sure to p/o Fortran programmers, Donn Seeley has assembled a rant that posits there are characteristics of good coding that transcend all programming languages, except Fortran. Seriously though, his point is that early FORTRAN made coding ugly. Thus the joke 'Don't write FORTRAN' was applied to anyone with ugly code. Though Fortran has in recent years overcome its early challenges, the point -- 'Don't write FORTRAN' (i.e. ugly stuff) -- still applies."

gManZboy writes "In an article that's sure to p/o Fortran programmers, Donn Seeley has assembled a rant that posits there are characteristics of good coding that transcend all programming languages, except Fortran. Seriously though, his point is that early FORTRAN made coding ugly. Thus the joke 'Don't write FORTRAN' was applied to anyone with ugly code. Though Fortran has in recent years overcome its early challenges, the point -- 'Don't write FORTRAN' (i.e. ugly stuff) -- still applies."

gManZboy writes "Programming writer and instructor Greg Wilson is proposing that the next generation of programming languages will use XML to store not only such things as formatting (so you can see indentation your way, and I can see it my way, via XSLT) but even programmatic entities -- like: <invoke-expr method="myMethod"><evaluate>record</evaluate></invoke-expr>. Wacky, but perhaps wacky enough to be possible?"

gManZboy writes "Programming writer and instructor Greg Wilson is proposing that the next generation of programming languages will use XML to store not only such things as formatting (so you can see indentation your way, and I can see it my way, via XSLT) but even programmatic entities -- like: <invoke-expr method="myMethod"><evaluate>record</evaluate></invoke-expr>. Wacky, but perhaps wacky enough to be possible?"

gManZboy writes "Everyone knows that some software development projects succeed and other fail -- the question has always been 'why'? I'm sure we all have our favorite (likely anecdotal) explanations. Well, these guys decided to actually go out there and do a formal survey, and they've got some real data on why projects actually fail (as reported by development project managers -- care to guess where 'changing requirements' ranks?). They've developed a diagnostic formula people can use to gauge the likeliness that the project they're working on right now is (or isn't) going to fail."

gManZboy writes "Everyone knows that some software development projects succeed and other fail -- the question has always been 'why'? I'm sure we all have our favorite (likely anecdotal) explanations. Well, these guys decided to actually go out there and do a formal survey, and they've got some real data on why projects actually fail (as reported by development project managers -- care to guess where 'changing requirements' ranks?). They've developed a diagnostic formula people can use to gauge the likeliness that the project they're working on right now is (or isn't) going to fail."

gManZboy writes "We've been hearing about self-healing systems for a while, but (as is usual), so far it's more hype than reality. Well it looks like Mike Shapiro (from Sun's Solaris Kernel group) has been doing a little actual work in this direction. His prognosis is that there's a long way to go before we get fully self-healing systems. In this article he talks a little bit about what he's done, points out some alternative approaches to his own, as well as what's left to do."

gManZboy writes "We've been hearing about self-healing systems for a while, but (as is usual), so far it's more hype than reality. Well it looks like Mike Shapiro (from Sun's Solaris Kernel group) has been doing a little actual work in this direction. His prognosis is that there's a long way to go before we get fully self-healing systems. In this article he talks a little bit about what he's done, points out some alternative approaches to his own, as well as what's left to do."

CowboyRobot writes "ACM Queue has an interview by Steve Bourne with Bruce Lindsay, responsible for a lot of the SQL and RDBMS we use today, in which they discuss error detection and recovery. My favorite part other than the photos is the definition of Heisenbugs - those problems that disappear only when you explicitly look for them."

CowboyRobot writes "In an article subtitled, "And you think *your* operating system needs to be reliable." Queue has an interview with the developer of the OS that runs on the Mars Rovers. Mike Deliman, chief engineer of operating systems at Wind River Systems, has quotes like, 'Writing the code for spacecraft is no harder than for any other realtime life- or mission-critical application. The thing that is hard is debugging a problem from another planet.' and, 'The operating system and kernel fit in less than 2 megabytes; the rest of the code, plus data space, eventually exceeded 30 megabytes.'"

gManZboy writes "Brad Meyers (and co) of the Human Computer Interaction Institute at Carnegie Mellon have written an interesting paper about the state of natural language programming. They point out that well understood HCI principles aren't finding their way into relatively new languages like Java and C#."

gManZboy writes "Brad Meyers (and co) of the Human Computer Interaction Institute at Carnegie Mellon have written an interesting paper about the state of natural language programming. They point out that well understood HCI principles aren't finding their way into relatively new languages like Java and C#."

gManZboy writes "Roy Want, principal engineer at Intel Research, has a pretty meaty technical overview of RFID up at Queue. If you ever wondered how these little things actually work it's worth a read. For instance, I was intrigued to find out how the tags (which are generally battery-free) can absorb enough energy from RFID readers to then power up and transmit their own signal back to the reader."

gManZboy writes "Roy Want, principal engineer at Intel Research, has a pretty meaty technical overview of RFID up at Queue. If you ever wondered how these little things actually work it's worth a read. For instance, I was intrigued to find out how the tags (which are generally battery-free) can absorb enough energy from RFID readers to then power up and transmit their own signal back to the reader."

CowboyRobot writes "The inimitable Gordon Bell has a 5-page article at ACM Queue on the difficulties and necessities of standards adoption, in which he lays out 11 axioms on how to best establish and adopt standards. He quotes MIT's Dave Clark, 'Standards setting sits in a boring trough between two exciting peaks. The first is the peak of technical innovation, and the second is the billion-dollar investment or market.' It's often the rush for money that makes us move to fast to do the job right."

CowboyRobot writes "The inimitable Gordon Bell has a 5-page article at ACM Queue on the difficulties and necessities of standards adoption, in which he lays out 11 axioms on how to best establish and adopt standards. He quotes MIT's Dave Clark, 'Standards setting sits in a boring trough between two exciting peaks. The first is the peak of technical innovation, and the second is the billion-dollar investment or market.' It's often the rush for money that makes us move to fast to do the job right."