Slashdot Mirror

Could become a representative for Great Britian to the International Olympiad of Informatics next summer, to be held in Mexico.

If you're in northern Ireland, you'd compete in the Irish Schools' Programming Competition.

You can also compete in online contests such as USA Computer Olympiad (operated in the USA, but open to everyone), or a quick google search will yield more.

For the secondary school level, here.
http://www.christs.cam.ac.uk/bio/

And of course, if you're in University, the ACM ICPC is the way to go.

The bank must show that the customer acted fraudulently or without reasonable care, otherwise the customer is not liable. This text describes some of the potential problems with this.

Why ?

Natural Selection
from:
http://www.admin.cam.ac.uk/news/press/dpp/20041124 03

"Equipped with these new abilities, the Homo sapiens people who entered Europe in the middle of the last ice age would have been able to compete much more effectively with the local Neanderthals for food, hunting territories and the scarce fuel supplies that were essential to survival in the harsh, treeless landscapes of Europe."

This guy's publications list pretty much ends in 1997. http://www.arch.cam.ac.uk/~pam/publications.html Where is this work published? If it can't stand up to peer review, why is ABC reporting on it?

I'd like to see his methods, and find out how exactly they dated samples, and if they did a check on sample prep in order to verify their results. Until that can be shown, why should we believe the report?

Honestly, surfing at 4 and still nearly every post is brain dead, except the ones noting that the researcher is in the U.S., not Australia.

However it is at he University of Pennsylvania (U Penn), which I believe is a different school from Penn State which one person posted.

Google: Ellen Heber-Katz Wistar

You will note that a genome screen was conducted at some point in time finding genes on 5 different chromosomes involved in wound healing and regeneration. The regeneration takes place by a mass of cells forming at the wound site that can form into many different tissue types, i.e. like stem cells. Indeed it seems (from a cursory scan of a few links) that stem cells injected into other mice also work. And this facility can be inherited.

There is related research going on in different areas including observation of self-healing optical nerves, heart muscle, and even spinal cord once the scar tissue and scarring agents if that's what they are saying, are cleared away.

It is being reported at a conference in a week but already Nature and other publications seem to be involved at least in the past. Wistar is famous for vaccine development too.

If someone with real knowledge in the field could pop in now I'd sure appreciate it.

I can say one more thing. Humans can regenerate to a very limited extent already. I know because my mother chopped off the tip of her finger in a folding chair (shiver) when she was little. The tip grew back with the nail, though I'm not sure if a joint actually grew back the way these mice did.

The point is scientists never believed regeneration was possible even with such evidence, then views turned around, and now we have finally gotten to this amazing milestone. It is not an instantaneous thing. There is a paper cited about heart regeneration in the MRL mouse in 2002. They found the "healer" mouse in 1998. But it seems a milestone has obviously been met and it sounds like things are going to accelerate if more people can start working on the gene functions and biochemistry involved.

Heber Katz' talk
  will be given on Sept. 7 at Queens' College in Cambridge, England. The whole conference sounds very interesting, it would be nice if someone with a brain and some training could report on it to slashdot.

>Is that YOU, the computer OWNER is not trusted.

You hit the nail on the head, my friend.

Most people read the words "trusted computing" and they assume they know what it means. They think it means you, the user, can trust you computer to be secure. So, so wrong.

One of the seminal papers in the field of trusted computing is called "Programming Satan's Computer" (PDF file).

In that paper, the point is, when the user of the computer is as evil as, say, Satan, how do you protect the information on that computer?

In other words, the whole approach of trusted computing is looking at the user as the bad guy.

As bruce pointed out MS might have an own agenda.

I think this is a reason:

TC faq

The second, and most important, benefit for Microsoft is that TC will dramatically increase the costs of switching away from Microsoft products (such as Office) to rival products (such as OpenOffice). For example, a law firm that wants to change from Office to OpenOffice right now merely has to install the software, train the staff and convert their existing files. In five years' time, once they have received TC-protected documents from perhaps a thousand different clients, they would have to get permission (in the form of signed digital certificates) from each of these clients in order to migrate their files to a new platform. The law firm won't in practice want to do this, so they will be much more tightly locked in, which will enable Microsoft to hike its prices.

The report (PDF 767kB) deals with the type of PIN mailers where the PIN is printed on the top layer of the paper, but there is a "scramble pattern" underneath it which prevents you from reading the PIN. The scramble pattern is either peeled away or scratched off. If you can pick out the difference between the toner and the scramble pattern you can read the PIN.

I guess what you are talking about is where the data is printed then covered with a scratch off layer. This technology is common for lottery cards but I have never heard of it being used for PINs. Here you need to see through this layer to get at the data underneath, so the tricks mentioned in the report won't work.

(I am one of the authors of the report)

this is the paper

I am one of the researchers involved. Initially we used PIN mailers which we received for our own accounts. Later on, when the PIN mailer manufacturers were co-operating with us, they sent us test samples. However I think all but one image in the report (PDF 767kB) are from live accounts, but the PINs are obviously now changed.

Of course, you have someone mentioning getting windowed envelopes to repost it...what, is that guy like 12 years old or something? PIN numbers don't come in standard envelopes; they are more like wage slips in that they have to be torn open and that there is no way you are putting them back together.

I am one of the authors of the report (PDF 767kB) which the BBC article is about. The report is not about looking through the envelope to read the PIN, but to read the PIN off paper which is designed to be tamper evident.

The envelopes that PINs in the UK are sent in are deliberately indistinguishable from ordinary bank letters. This is to help prevent criminals from being able to easily pick them out from the rest of the mail. Being able to read through these is not very helpful, since they are easy to obtain and so you just open the letter and replace it with another.

I think you are talking about the type of mailer which came in a special envelope, either pressure-sealed or printed using carbon-paper. These are quite rare in the UK and have been replaced by laser-printed PIN mailers, which are the subject of our report.

With these, the PIN is printed on specially designed paper which should hide the PIN until a tab is removed or a coating scratched off. Doing this leaves evidence, so you cannot simply put this back into the mail in a new envelope. What our report showed is that it is possible to read the PIN in some cases, without tampering it.

I am one of the authors of the report (PDF 767kB) which the BBC article is about. It deals with tamper-evident PIN mailers, which try to stop people who intercept PINs in the mail from reading the PIN without the legitimate recipient from knowing.

Shredding or otherwise destroying the PIN mailer after you receive it is a good idea, but this attack is about what happens before you receive it. If you don't destroy the mailer before throwing it out, you don't need to use any tricks like scanning since, once tampered, it is easy to read. You only need to use these if you want to read someone's PIN then put it back in the mail, without disturbing the tamper detection.

The atmospheric pressure on mars is only ~10 millibars, whereas earth's atmospheric pressure is ~1000 millibars. That drops water's boiling point to around ~70 celcius [sic].

The boiling point of water is 100 C (212 F) at standard pressure. On top of Mount Everest the pressure is about 260 mbar (26 kPa) so the boiling point of water is 69 C.

I've been hoping something like this would come along, as it will sort out those who support the freedom of open platforms from those who support their own freedom to steal copyright material.

You can think all you want that DRM will just prevent pirating, but that's not the case. If the big companies get what they want, you won't be able to open up Word documents in OpenOffice anymore, you won't be able to rip a cd and then transfer it to a second computer. Your computer might randomly decide to delete anything it thinks is pirated. If your computer isn't DRMed, you won't be able to watch DVDs on it or do internet banking or anything else that you can possibly be prevented from doing. They're even trying to make hardware that will not allow nonDRMed OSs to run on it. While there will be a DRMed Linux (unfortunetly) whether through Sun's initiative or someone elses, if DRM hardware is too widespread then say goodbye to small groups coming out of nowhere to make kick-ass distros like Ubuntu. Hell, you'll probably have to say goodbye to Ubuntu itself. There's probably a lot more that DRM could or will do, but the point is that it is not compatible at all with the idea of Free/Open Source Software. DRM is about putting into practice the crazy idea that you don't own music, software, movies, you just license it and they can take it away from you anytime they want. To think that it will just hurt the pirates is being naive.

More information on DRM and its newest form, "Trusted Computing": http://en.wikipedia.org/wiki/Digital_rights_manage ment http://www.gnu.org/philosophy/can-you-trust.html http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

You're a raving loony. "They" are out to get you. Go find a bunker somewhere, and leave us in peace, ok?

I really don't get where you're coming from. The 'trusted computing' storm has been on the horizon for years.

For an official description, why don't you read the Trusted Computing FAQ? The first paragraph of the second section, entitled "The Trusted Platform Module (TPM) and Implementation" has pertinent information.

For a description from the outside, try this link. Just the first paragraph under the first question is sufficient. Note also the date on the FAQ. It was written two years ago, when the Trusted Computing group was formed. These issues have been known for years, and have been discussed publicly many times.

If you are not aware of the music and movie industries' desires to distribute their collective assets using technologies that prevent unlicensed use, mention the words 'CDs', 'movies', and 'copy protection' to anyone on the street, and ask them how they are connected. For bonus points, you could find someone to point you to information about the RIAA's and MPAA's views on people sharing copyrighted works over the internet.

So... to bring this to a close, you could, perhaps, read the articles about trusted computing, or at the very least the paragraph in each which I mentioned specifically. After that, you could consider the opinions of powerful industry groups concerning the need for DRM-like technology to protect their assets. Finally, you could put two and two together. Maybe then you could stop bothering someone who actually reads things. I found the articles by typing 'trusted computing' into google. You could have tried it, too, but instead you trolled. Good bye.

1. Get mouse or mouse driver that averages input.
2. Use big, clear monitor.
3. Install dasher, plus some scripts for the tasks that need to be done.
4. ???
5. No profit, but it should work well.

The GNOME project has some open source accessibility tools that are very easy to set up and use; the major Linux distributions such as Mandriva already include them. See the Gnome Accessibility Project pages for a good overview.

There is an on-screen keyboard; there's also Dasher a predictive text entry system which some people find useful and which can be used via a pointer device.

I'll also mention that there are pointer devices that use a dot on your forehead, so you move your head, which can be useful for people who have tremors in their hands; another option can be foot pedals. The Dasher page mentions use of an eye-tracker.

As others have mentioned, voice-over-IP can be useful, and tools like gnome-meeting and an always-on webcam might be worth considering.

The World Wide Web Consortium also has some resources about accessibility.

The GNOME project has some open source accessibility tools that are very easy to set up and use; the major Linux distributions such as Mandriva already include them. See the Gnome Accessibility Project pages for a good overview.

There is an on-screen keyboard; there's also Dasher a predictive text entry system which some people find useful and which can be used via a pointer device.

I'll also mention that there are pointer devices that use a dot on your forehead, so you move your head, which can be useful for people who have tremors in their hands; another option can be foot pedals. The Dasher page mentions use of an eye-tracker.

As others have mentioned, voice-over-IP can be useful, and tools like gnome-meeting and an always-on webcam might be worth considering.

The World Wide Web Consortium also has some resources about accessibility.

http://www.inference.phy.cam.ac.uk/dasher/

In June 2002, Microsoft released information regarding its new "Palladium" initiative. Palladium is a system that combines software and hardware controls to create a "trusted" computing platform. In doing so, it would establish an unprecedented level of control over users and their computers.

Palladium could place Microsoft as the gatekeeper of identification and authentication. Additionally, systems embedded in both software and hardware would control access to content, thereby creating ubiquitous Digital Rights Management schemes that can track users and control use of media. Microsoft expects to have elements of the system in place by 2004.

Professor Ross Anderson has written an extensive FAQ on the Palladium system. Seth Schoen of EFF has published a detailed summary of a meeting about Palladium.

Known Elements of the Palladium System

• The system purports to stop viruses by preventing the running of malicious programs.
• The system will store personal data within an encrypted folder.
• The system will depend on hardware that has either a digital signature or a tracking number.
• The system will filter spam.
• The system has a personal information sharing agent called "My Man."
• The system will incorporate Digital Rights Management technologies for media files of all types (music, documents, e-mail communications). Additionally, the system purports to transmit data within the computer via encrypted paths.

In June 2002, Microsoft released information regarding its new "Palladium" initiative. Palladium is a system that combines software and hardware controls to create a "trusted" computing platform. In doing so, it would establish an unprecedented level of control over users and their computers.

Palladium could place Microsoft as the gatekeeper of identification and authentication. Additionally, systems embedded in both software and hardware would control access to content, thereby creating ubiquitous Digital Rights Management schemes that can track users and control use of media. Microsoft expects to have elements of the system in place by 2004.

Professor Ross Anderson has written an extensive FAQ on the Palladium system. Seth Schoen of EFF has published a detailed summary of a meeting about Palladium.

Known Elements of the Palladium System

• The system purports to stop viruses by preventing the running of malicious programs.
• The system will store personal data within an encrypted folder.
• The system will depend on hardware that has either a digital signature or a tracking number.
• The system will filter spam.
• The system has a personal information sharing agent called "My Man."
• The system will incorporate Digital Rights Management technologies for media files of all types (music, documents, e-mail communications). Additionally, the system purports to transmit data within the computer via encrypted paths.

I don't know what I'm talking about? http://www-burton.ch.cam.ac.uk/group.htm#PHD

There are a small set of (14?) instructions on x86 that can't be easily trapped. You have two choices, paravirtualisation (like Xen) or emulating an entire system but passing through all of the non-privileged instruction. VMWare does the second, and takes a significant (20%+) performance hit from it. In SPEC99, VMWare is under 30% of the speed of the host machine (source).

"A port of Windows XP was developed for an earlier version of Xen, but is not available for release due to licence restrictions."

MS was involved in the development of Xen as were other industry heavyweights. As usual MicroSoft decided to take its toy Virtual PC home and play with itself.

Perhaps OS will win out because by way of an evolutionary analogy OS relies on a sort of sexual cross pollinization to evolve; whereas corporations are like giant eunuchs that only feed the growth of others when they are cannabilized by their own kind.

just a thought

It has indeed been ported. (Was some time ago.)

http://www.cl.cam.ac.uk/Research/SRG/netos/xen/ states "A port of Windows XP was developed for an earlier version of Xen, but is not available for release due to licence restrictions."

I personally think that hypervisors are overhyped (pun fun!), and that the most practical and useful form of "virtualization" is actually separation as is achieved by Solaris Zones, FreeBSD jails and (the most advanced of them all IMO) Linux Vservers. A pretty good article on it here.

Separtion carries nearly zero overhead, simplifies administration because there is one kernel and one filesystem. It allows for simple "entry" into a virtual server from the main server, and there are other subtle advantages that I can't think of right now probably....

• 1 sample for every cm^2 of document
• A4 sized documents.
• Capability to register up to 1 trillion documents

Now, on with the math. First, we figure out how many samples we're going to possibly accomodate, as an address space:
Total surface area (21.0 cm * 29.7 cm * 10 E^12) * 1 Sample / cm^2 --> 623,700,000,000,000 Samples

This results in a 50 bit address space, if we were able to just sequentially number the samples. Since we have to work with what we're given, lets just assume we can get by with 256 bits/sample.

This results in the need to store (256 bits sample) * (1 byte / 8 bits) * (21 cm * 29.7 cm / document) * (1 sample / cm^2) --> 19958.4 bytes/ document.

So, in order for this to work we need to store about 20k/page. In order to authenticate documents, your stored database would be approximately 20 Gigabytes/ million documents, and indexing isn't going to help much.

That's a lot of work, and it seems to me it would be quicker, easier, and far more efficient in general to store duplicates of the originals in a secure location.

--Mike--

No Xen cannot virtualize/host any OS.

Instead the OS must be modified to support it. If you look at the Xen homepage you'll see more details.

Whilst this doesn't diminish the usefulness of the project it does mean you cannot host an XP installation - like you can with Qemu , or the commerical software VMWare.

I have used Qemu extensively in the past to host installations of Windows upon my Debian machine - whilst it is not as fast as Xen promises to be it is the best around at the moment (short of spending cash!)

It looks like the author's already experimenting with negative information...

Just imagine... MacOS/Windows/Linux all running once on your computer virtually.

http://www.cl.cam.ac.uk/Research/SRG/netos/xen/

I also gave a presentation of leap second issues in distributed
computing, presented the UTS proposal and argued that something like it,
together with more carefully implemented NTP software, would in practice
eliminate computer worries about leap seconds, without a need to change UTC
arising from this area. I also argued that the message formats of
pre-GPS time broadcast services such as the various LF and HF time
stations leave much to be desired and that work on a globally
standardized state-of-the-art signal format would be a timely and
important project.

http://www.cl.cam.ac.uk/~mgk25/c-time/torino2003/u tc-torino-slides.pdf

Finally, on the afternoon of the second day (Thursday, 29 May), the
agenda moved to writing up a draft conclusion of the colloquium, which
was then to be refined and phrased out more carefully by the
invitation-only SRG meeting on Friday.

Ron Beard with William Klepczynski drafted in PowerPoint on the
presentation laptop a list of objectives and conclusions for the
meeting. They started out with a few very pro-change statements, that
quickly attracted criticism from the audience as perhaps not being a
quite adequate reflection of the discussion at the colloquium.
Throughout the subsequent discussion, I had the impression that they
were rather happy to include pro-change arguments and statements that
were proposed by participants into the draft, but were very reluctant to
include any of the more sceptical/conservative statements that were, as
far as I could tell, proposed equally often. In the following coffee
break, a number of participants noted on their impression that the
organizers of the colloquium probably had already made up their mind on
the death of UTC and would push this through ITU in any case.

See relevant web pages from the UK Medical Research Council, the UK Department of Health, the NIBSC and Cambridge University's Stem Cell Institute.

Research in this area is also being conducted by the UK universities of Bath and Liverpool, in collaboration with the Wellcome Trust and Smith & Nephew.

The Centre of Mathematical Sciences building in Cambridge, UK has grass on the roof of the central building, and even flowers sometimes.

http://www.cms.cam.ac.uk/news17/

I think there's a very, very good chance that all these printers have in-the-field-upgradeable firmware in Flash, so all you need to do is reverse engineer one printer's firmware, find the "download new firmware" command in it, and use that to produce a software-only printer crack which updates any printer of that model so that it won't print the tracking dots. Instead, it will just print goatse on every third page.

Re currency detectors, check out the "EURion constellation": PDF, etc. (slashdot, freedom to tinker)

Read up on Trusted/Treacherous Computing

these be scary times
-m

What's wrong with the PC BIOS anyway? ... On a more sinister note, there's no mention in TFA of DRM and the idea of "trusted" computing.

According to the Overview page, Microsoft's listed as the only OS maker. First, why isn't Apple among the lineup? Novell? Red Hat Linux? Perhaps it's because they're not part of the real circle of friends...

Enter Microsoft's Trusted Computer Platform. According to the TCPA FAQ, the companies belonging to the alliance are: "Microsoft, Intel, IBM, HP and AMD". And let's take a look here...yep, they're all there. But what are they really planning?

According to the specifications page, nothing's listed as far as features that are to be included (" The UEFI specification is in development"). But currently, since there is no mention as to the true intent of this new technology, and right now the BIOS isn't broken, why reinvent the wheel? Load times are now less than three seconds, which is a tremendous step from BIOS beginnings. New equipment continues to be supported through new BIOS updates. So what do these companies need that the current BIOS can't give them?

Enter DRM. According to Microsoft's Patent on their DRM-supported OS, Microsoft has a few issues with the current BIOS...This AEGIS model requires a tamper-resistant BIOS that has hard-wired into it the signature of the following stage. This scheme has the very considerable advantage that it works well with current microprocessors and the current PC architecture, but has three drawbacks.

1) First, the set of trusted operating systems or trusted publishers must be wired into the BIOS.

2) Second, if the content is valuable enough (for instance, e-cash or Hollywood videos), users will find a way of replacing the BIOS with one that permits an insecure boot.

3) Third, when obtaining data from a network server, the client has no way of proving to the remote server that it is indeed running a trusted system.

So, Microsoft admits that there are flaws that prevent them from using the BIOS in their Trusted Computing platform. But create a new way of booting a computer, protect the technical details from public view, and put the power of the DMCA behind it, and you have a nice foundation into the DRM frontier.

Today you can find out about this by seeing the site on another connection or proxying around the block.

In a few years most computers will have "trusted computing" hardware enabling a "protected mode" where only signed programs will run. If this takes hold and ISPs start requiring "protected mode" as a condition of getting online, you will never know whether a site is really there or not, or whether what you're seeing is the genuine version of a web page (intended by the authors), or an altered version.

With the TC scheme fully in place, if the holders of the keys of the "trusted" browsers so chose, they could make any content disappear from everyone's point of view, or falsify it undetectably. In this example, you'd have to resort to offline sources for the information the union was trying to get out.

Fortunately we have things like StegFS. But I really shouldn't be disclosing such information, some people in the govA*$%#)D$@#$NO CARRIER

Although Trusted Network Connect (TNC) is being created under the auspices of the Trusted Computing Group (TCG), formerly TCPA, TNC is really not "trusted computing" as it is known and hated on the net.

Trusted Computing is a technology where user computers can be configured to report what programs the user is running in an unspoofable way, and to keep the user from being able to hack on various programs and data that he has downloaded. Many people object to this because of the need to give up control over their own computers in exchange for being allowed to download certain data. It has many uses for DRM.

I don't think TNC has these properties. It is a way of authenticating on a network. Yes, it can use the same TPM chip that is used in the regular TCG specification, but the protocol is not nearly as all-encompassing and doesn't have those features that are so objectionable, limiting what people can do on their computers.

So the whole conspiracy-theory angle loses one of its key selling points, namely that this is all tied into DRM and restrictions on user actions. TNC is completely different and there is no tie in to the kinds of things that conspiracy theory fans are interested in.

I thought the final phase of the UN sanctions process was a sternly written letter (on UN letterhead).

Yes, but it has to be ISO A4 paper, according to ISO 216 and related norms and regulations.

Anyway, the web server is melting :) I have coralized it

The coffee pot webcam was not in MIT, actually, but in University of Cambridge - and was actually the very first webcam ever (invented before the Web itself, formerly they used an X11 application on LAN...)

An alternative to the Virtual Keyboard shown in the article is Cambridge University's Dasher:

http://www.inference.phy.cam.ac.uk/dasher/

Predictive text for your mouse, very cool. Could be disorientating on the move though.

Sorry! The second link goes to The Xenoserver project.

Microsoft isn't willing to open up its source but by flying the flag of interoperability it's suggesting FOSS people can "seamlessly" move data across platforms.

Recently I've been doing alot of reading about The Xen virtual machine monitor and The Xen virtual machine monitor, interestinly MS is/was involved in both projects. There's never any doubt in my mind that the wet dream of every large corporation is to own everyone from the cradle to the grave. I've no doubt MS will never give up the idea of owning the web, and, further that interoperability is just another way to say "come into my web said the spider to the fly."

Behind it all, I suspect, is a gameplan that has MS software as a utility piped into thin clients in each and every household and business.

Microsoft isn't willing to open up its source but by flying the flag of interoperability it's suggesting FOSS people can "seamlessly" move data across platforms.

Recently I've been doing alot of reading about The Xen virtual machine monitor and The Xen virtual machine monitor, interestinly MS is/was involved in both projects. There's never any doubt in my mind that the wet dream of every large corporation is to own everyone from the cradle to the grave. I've no doubt MS will never give up the idea of owning the web, and, further that interoperability is just another way to say "come into my web said the spider to the fly."

Behind it all, I suspect, is a gameplan that has MS software as a utility piped into thin clients in each and every household and business.

• FAR (false acceptance rate) is 10^-78 (earth population 10^10 at max)
• For most of the work this guy, John Daugman is responsible. He identified 400(!!!) different and measurable(!!!) parameters on the iris and gave the statistical error model for them.
• The iris' patterns form in young age and then it doesn't really change.

• Quite expensive at the moment (partly due to patent problems).
• The infection factor: it has to be kept really hygienic. There is the story of the american military base, where one guy had an eye infection and they used an iris scanner. The guy infected around half of the total personnel at that base, through the iris scanner.

No, contact lenses don't defeat it. Cf John Daugman's homepage, the inventor of the iris scan recognition algorithm.