Slashdot Mirror

Xen Team writes "The University of Cambridge Computer Laboratory Systems Research Group is pleased to announce the open source release of Xen, a virtual machine monitor for x86. Xen lets you run multiple operating system images at the same time on the same PC hardware, with unprecedented levels of performance and resource isolation. Even under the most demanding workloads the performance overhead is just a few percent --- considerably less than alternatives such as VMware Workstation and User Mode Linux. This makes Xen ideal for use in providing secure virtual hosting, or even just for running multiple OSes on a desktop machine."

The Xen team continues: "Xen requires guest operating systems to be ported to run over it. Crucially, only the kernel needs to be ported, and all user-level application binaries and libraries can run unmodified. We have a fully functional port of Linux 2.4.22 running over Xen, and regularly use it for running demanding applications like Apache, PostgreSQL and Mozilla. Any Linux distribution should run unmodified over the ported kernel. With assistance from Microsoft Research, we have a port of Windows XP to Xen nearly complete, and are planning a FreeBSD 4.8 port in the near future.

"Visit the project homepage to find out more, and download the project source code or the XenDemoCD, a bootable 'live iso' image that enables you to play with Xen/Linux 2.4 without needing to install it on your hard drive. The CD also contains full source code, build tools, and benchmarks. Our SOSP paper gives an overview of the design of Xen, and evaluates the performance against other virtualization techniques.

"Work on Xen is supported by UK EPSRC grant GR/S01894, Intel Research Cambridge, and Microsoft Research Cambridge via an Embedded XP IFP award."

Xen Team writes "The University of Cambridge Computer Laboratory Systems Research Group is pleased to announce the open source release of Xen, a virtual machine monitor for x86. Xen lets you run multiple operating system images at the same time on the same PC hardware, with unprecedented levels of performance and resource isolation. Even under the most demanding workloads the performance overhead is just a few percent --- considerably less than alternatives such as VMware Workstation and User Mode Linux. This makes Xen ideal for use in providing secure virtual hosting, or even just for running multiple OSes on a desktop machine."

The Xen team continues: "Xen requires guest operating systems to be ported to run over it. Crucially, only the kernel needs to be ported, and all user-level application binaries and libraries can run unmodified. We have a fully functional port of Linux 2.4.22 running over Xen, and regularly use it for running demanding applications like Apache, PostgreSQL and Mozilla. Any Linux distribution should run unmodified over the ported kernel. With assistance from Microsoft Research, we have a port of Windows XP to Xen nearly complete, and are planning a FreeBSD 4.8 port in the near future.

"Visit the project homepage to find out more, and download the project source code or the XenDemoCD, a bootable 'live iso' image that enables you to play with Xen/Linux 2.4 without needing to install it on your hard drive. The CD also contains full source code, build tools, and benchmarks. Our SOSP paper gives an overview of the design of Xen, and evaluates the performance against other virtualization techniques.

"Work on Xen is supported by UK EPSRC grant GR/S01894, Intel Research Cambridge, and Microsoft Research Cambridge via an Embedded XP IFP award."

Xen Team writes "The University of Cambridge Computer Laboratory Systems Research Group is pleased to announce the open source release of Xen, a virtual machine monitor for x86. Xen lets you run multiple operating system images at the same time on the same PC hardware, with unprecedented levels of performance and resource isolation. Even under the most demanding workloads the performance overhead is just a few percent --- considerably less than alternatives such as VMware Workstation and User Mode Linux. This makes Xen ideal for use in providing secure virtual hosting, or even just for running multiple OSes on a desktop machine."

The Xen team continues: "Xen requires guest operating systems to be ported to run over it. Crucially, only the kernel needs to be ported, and all user-level application binaries and libraries can run unmodified. We have a fully functional port of Linux 2.4.22 running over Xen, and regularly use it for running demanding applications like Apache, PostgreSQL and Mozilla. Any Linux distribution should run unmodified over the ported kernel. With assistance from Microsoft Research, we have a port of Windows XP to Xen nearly complete, and are planning a FreeBSD 4.8 port in the near future.

"Visit the project homepage to find out more, and download the project source code or the XenDemoCD, a bootable 'live iso' image that enables you to play with Xen/Linux 2.4 without needing to install it on your hard drive. The CD also contains full source code, build tools, and benchmarks. Our SOSP paper gives an overview of the design of Xen, and evaluates the performance against other virtualization techniques.

"Work on Xen is supported by UK EPSRC grant GR/S01894, Intel Research Cambridge, and Microsoft Research Cambridge via an Embedded XP IFP award."

Xen Team writes "The University of Cambridge Computer Laboratory Systems Research Group is pleased to announce the open source release of Xen, a virtual machine monitor for x86. Xen lets you run multiple operating system images at the same time on the same PC hardware, with unprecedented levels of performance and resource isolation. Even under the most demanding workloads the performance overhead is just a few percent --- considerably less than alternatives such as VMware Workstation and User Mode Linux. This makes Xen ideal for use in providing secure virtual hosting, or even just for running multiple OSes on a desktop machine."

The Xen team continues: "Xen requires guest operating systems to be ported to run over it. Crucially, only the kernel needs to be ported, and all user-level application binaries and libraries can run unmodified. We have a fully functional port of Linux 2.4.22 running over Xen, and regularly use it for running demanding applications like Apache, PostgreSQL and Mozilla. Any Linux distribution should run unmodified over the ported kernel. With assistance from Microsoft Research, we have a port of Windows XP to Xen nearly complete, and are planning a FreeBSD 4.8 port in the near future.

"Visit the project homepage to find out more, and download the project source code or the XenDemoCD, a bootable 'live iso' image that enables you to play with Xen/Linux 2.4 without needing to install it on your hard drive. The CD also contains full source code, build tools, and benchmarks. Our SOSP paper gives an overview of the design of Xen, and evaluates the performance against other virtualization techniques.

"Work on Xen is supported by UK EPSRC grant GR/S01894, Intel Research Cambridge, and Microsoft Research Cambridge via an Embedded XP IFP award."

Xen Team writes "The University of Cambridge Computer Laboratory Systems Research Group is pleased to announce the open source release of Xen, a virtual machine monitor for x86. Xen lets you run multiple operating system images at the same time on the same PC hardware, with unprecedented levels of performance and resource isolation. Even under the most demanding workloads the performance overhead is just a few percent --- considerably less than alternatives such as VMware Workstation and User Mode Linux. This makes Xen ideal for use in providing secure virtual hosting, or even just for running multiple OSes on a desktop machine."

The Xen team continues: "Xen requires guest operating systems to be ported to run over it. Crucially, only the kernel needs to be ported, and all user-level application binaries and libraries can run unmodified. We have a fully functional port of Linux 2.4.22 running over Xen, and regularly use it for running demanding applications like Apache, PostgreSQL and Mozilla. Any Linux distribution should run unmodified over the ported kernel. With assistance from Microsoft Research, we have a port of Windows XP to Xen nearly complete, and are planning a FreeBSD 4.8 port in the near future.

"Visit the project homepage to find out more, and download the project source code or the XenDemoCD, a bootable 'live iso' image that enables you to play with Xen/Linux 2.4 without needing to install it on your hard drive. The CD also contains full source code, build tools, and benchmarks. Our SOSP paper gives an overview of the design of Xen, and evaluates the performance against other virtualization techniques.

"Work on Xen is supported by UK EPSRC grant GR/S01894, Intel Research Cambridge, and Microsoft Research Cambridge via an Embedded XP IFP award."

Xen Team writes "The University of Cambridge Computer Laboratory Systems Research Group is pleased to announce the open source release of Xen, a virtual machine monitor for x86. Xen lets you run multiple operating system images at the same time on the same PC hardware, with unprecedented levels of performance and resource isolation. Even under the most demanding workloads the performance overhead is just a few percent --- considerably less than alternatives such as VMware Workstation and User Mode Linux. This makes Xen ideal for use in providing secure virtual hosting, or even just for running multiple OSes on a desktop machine."

The Xen team continues: "Xen requires guest operating systems to be ported to run over it. Crucially, only the kernel needs to be ported, and all user-level application binaries and libraries can run unmodified. We have a fully functional port of Linux 2.4.22 running over Xen, and regularly use it for running demanding applications like Apache, PostgreSQL and Mozilla. Any Linux distribution should run unmodified over the ported kernel. With assistance from Microsoft Research, we have a port of Windows XP to Xen nearly complete, and are planning a FreeBSD 4.8 port in the near future.

"Visit the project homepage to find out more, and download the project source code or the XenDemoCD, a bootable 'live iso' image that enables you to play with Xen/Linux 2.4 without needing to install it on your hard drive. The CD also contains full source code, build tools, and benchmarks. Our SOSP paper gives an overview of the design of Xen, and evaluates the performance against other virtualization techniques.

"Work on Xen is supported by UK EPSRC grant GR/S01894, Intel Research Cambridge, and Microsoft Research Cambridge via an Embedded XP IFP award."

Xen Team writes "The University of Cambridge Computer Laboratory Systems Research Group is pleased to announce the open source release of Xen, a virtual machine monitor for x86. Xen lets you run multiple operating system images at the same time on the same PC hardware, with unprecedented levels of performance and resource isolation. Even under the most demanding workloads the performance overhead is just a few percent --- considerably less than alternatives such as VMware Workstation and User Mode Linux. This makes Xen ideal for use in providing secure virtual hosting, or even just for running multiple OSes on a desktop machine."

The Xen team continues: "Xen requires guest operating systems to be ported to run over it. Crucially, only the kernel needs to be ported, and all user-level application binaries and libraries can run unmodified. We have a fully functional port of Linux 2.4.22 running over Xen, and regularly use it for running demanding applications like Apache, PostgreSQL and Mozilla. Any Linux distribution should run unmodified over the ported kernel. With assistance from Microsoft Research, we have a port of Windows XP to Xen nearly complete, and are planning a FreeBSD 4.8 port in the near future.

"Visit the project homepage to find out more, and download the project source code or the XenDemoCD, a bootable 'live iso' image that enables you to play with Xen/Linux 2.4 without needing to install it on your hard drive. The CD also contains full source code, build tools, and benchmarks. Our SOSP paper gives an overview of the design of Xen, and evaluates the performance against other virtualization techniques.

"Work on Xen is supported by UK EPSRC grant GR/S01894, Intel Research Cambridge, and Microsoft Research Cambridge via an Embedded XP IFP award."

Xen Team writes "The University of Cambridge Computer Laboratory Systems Research Group is pleased to announce the open source release of Xen, a virtual machine monitor for x86. Xen lets you run multiple operating system images at the same time on the same PC hardware, with unprecedented levels of performance and resource isolation. Even under the most demanding workloads the performance overhead is just a few percent --- considerably less than alternatives such as VMware Workstation and User Mode Linux. This makes Xen ideal for use in providing secure virtual hosting, or even just for running multiple OSes on a desktop machine."

The Xen team continues: "Xen requires guest operating systems to be ported to run over it. Crucially, only the kernel needs to be ported, and all user-level application binaries and libraries can run unmodified. We have a fully functional port of Linux 2.4.22 running over Xen, and regularly use it for running demanding applications like Apache, PostgreSQL and Mozilla. Any Linux distribution should run unmodified over the ported kernel. With assistance from Microsoft Research, we have a port of Windows XP to Xen nearly complete, and are planning a FreeBSD 4.8 port in the near future.

"Visit the project homepage to find out more, and download the project source code or the XenDemoCD, a bootable 'live iso' image that enables you to play with Xen/Linux 2.4 without needing to install it on your hard drive. The CD also contains full source code, build tools, and benchmarks. Our SOSP paper gives an overview of the design of Xen, and evaluates the performance against other virtualization techniques.

"Work on Xen is supported by UK EPSRC grant GR/S01894, Intel Research Cambridge, and Microsoft Research Cambridge via an Embedded XP IFP award."

Xen Team writes "The University of Cambridge Computer Laboratory Systems Research Group is pleased to announce the open source release of Xen, a virtual machine monitor for x86. Xen lets you run multiple operating system images at the same time on the same PC hardware, with unprecedented levels of performance and resource isolation. Even under the most demanding workloads the performance overhead is just a few percent --- considerably less than alternatives such as VMware Workstation and User Mode Linux. This makes Xen ideal for use in providing secure virtual hosting, or even just for running multiple OSes on a desktop machine."

The Xen team continues: "Xen requires guest operating systems to be ported to run over it. Crucially, only the kernel needs to be ported, and all user-level application binaries and libraries can run unmodified. We have a fully functional port of Linux 2.4.22 running over Xen, and regularly use it for running demanding applications like Apache, PostgreSQL and Mozilla. Any Linux distribution should run unmodified over the ported kernel. With assistance from Microsoft Research, we have a port of Windows XP to Xen nearly complete, and are planning a FreeBSD 4.8 port in the near future.

"Visit the project homepage to find out more, and download the project source code or the XenDemoCD, a bootable 'live iso' image that enables you to play with Xen/Linux 2.4 without needing to install it on your hard drive. The CD also contains full source code, build tools, and benchmarks. Our SOSP paper gives an overview of the design of Xen, and evaluates the performance against other virtualization techniques.

"Work on Xen is supported by UK EPSRC grant GR/S01894, Intel Research Cambridge, and Microsoft Research Cambridge via an Embedded XP IFP award."

Matthias_305 writes "The New York Times has an article about a new court document in which SCO critizes Linus Torvalds touting the 'inability and/or unwillingness of the Linux process manager, Linus Torvalds, to identify the intellectual property origins of contributed source code.' They claim to have got evidence from a conversation on the kernel mailing list in which Torvalds advocates programmers shouldn't care about patents. According to the article he stands by his view which is at least 'candid'." On a related note, BobDowling points to a proposal at The Inquirer ("Shutting down SCO's FUD machine") regarding SCO's claims. "SCO won't let people see the contested source code without signing an outrageous NDA but the article gives a mechanism for publishing appropriate MD5 checksums which allow code trees to be compared without anyone else seeing the code. This is offered as a means to locate the source of SCO's contested code. ... This mechanism gives a concrete procedure that SCO can be challenged to follow as part of the community's "put up or shut up" response. There would be no threat to SCO's claimed IPR."

Fluffy the Cat writes "Dasher is an innovative predictive text input system that can be driven entirely by the mouse. It's been around for Windows and Linux for a while now, but a beta version for Mac OS X has just been released. Check it out, and take a look at that transparency option in the preferences! Next on the feature list is entering text directly into other applications ..."

Fluffy the Cat writes "Dasher is an innovative predictive text input system that can be driven entirely by the mouse. It's been around for Windows and Linux for a while now, but a beta version for Mac OS X has just been released. Check it out, and take a look at that transparency option in the preferences! Next on the feature list is entering text directly into other applications ..."

Fluffy the Cat writes "Dasher is an innovative predictive text input system that can be driven entirely by the mouse. It's been around for Windows and Linux for a while now, but a beta version for Mac OS X has just been released. Check it out, and take a look at that transparency option in the preferences! Next on the feature list is entering text directly into other applications ..."

Mark Grant writes "Cirocco have developed a liquid cooled rack of AMD Duron 1.1Gs in a Beowulf cluster. The rack has been installed in Cambridge University, England and has been under trial since Christmas. The system is being put through its paces running chemical research algorithms. Critical to Cirocco's liquid cooling system are the hot swappable quick couplings. These allow servers to be disconnected whilst the cooling system is in operation." The graph with live temperature readings is pretty neat.

Mark Grant writes "Cirocco have developed a liquid cooled rack of AMD Duron 1.1Gs in a Beowulf cluster. The rack has been installed in Cambridge University, England and has been under trial since Christmas. The system is being put through its paces running chemical research algorithms. Critical to Cirocco's liquid cooling system are the hot swappable quick couplings. These allow servers to be disconnected whilst the cooling system is in operation." The graph with live temperature readings is pretty neat.

Matthew Garrett writes "You've covered dasher before, but the source code is now available for download under the GPL. There's also now documentation for developers who want to port Dasher to other platforms - there's currently Windows and GTK front ends, plus experimental GTK2 code and ports to the GPE and Opie Linux PDA environments being worked on, and optional integration with the Gnome accessibilty framework is on the cards. Anyone fancy a MacOS port?"

Matthew Garrett writes "You've covered dasher before, but the source code is now available for download under the GPL. There's also now documentation for developers who want to port Dasher to other platforms - there's currently Windows and GTK front ends, plus experimental GTK2 code and ports to the GPE and Opie Linux PDA environments being worked on, and optional integration with the Gnome accessibilty framework is on the cards. Anyone fancy a MacOS port?"

Matthew Garrett writes "You've covered dasher before, but the source code is now available for download under the GPL. There's also now documentation for developers who want to port Dasher to other platforms - there's currently Windows and GTK front ends, plus experimental GTK2 code and ports to the GPE and Opie Linux PDA environments being worked on, and optional integration with the Gnome accessibilty framework is on the cards. Anyone fancy a MacOS port?"

Matthew Garrett writes "You've covered dasher before, but the source code is now available for download under the GPL. There's also now documentation for developers who want to port Dasher to other platforms - there's currently Windows and GTK front ends, plus experimental GTK2 code and ports to the GPE and Opie Linux PDA environments being worked on, and optional integration with the Gnome accessibilty framework is on the cards. Anyone fancy a MacOS port?"

An anonymous reader asks: "Microsoft is going to be giving a lecture on Palladium for my Computer and Network Security class at MIT this Thursday. We're told that it's going to be the most technically detailed lecture publically given to date, and that we should be armed with questions as a result. Any suggestions from the Slashdot crowd? What technical details have you been dying to know about Palladium?" It would be interesting to hear back from someone who is planning on attending this. For those who wish they were, but can't for one reason or another, what would you have asked by proxy?

Neill_Smith writes "Following on from Microsoft forcing automatic updates on their users if they want to stay secure, Sun seems to be trying to be trying something similar. They have given themselves permission to 'automatically download, install, and execute applets, applications, software extensions, and updated versions' in the license agreement (hit download) for the JDK on linux (and possibly other platforms)."

hof writes: "Ever wanted to enter text by just looking at the screen? Take a look at Dasher. You enter text by looking or pointing to letters or words which the program thinks you are about to enter. I wonder how this can be optimized for coding -- a break for your wrists, and the code is available under GPL."

hof writes: "Ever wanted to enter text by just looking at the screen? Take a look at Dasher. You enter text by looking or pointing to letters or words which the program thinks you are about to enter. I wonder how this can be optimized for coding -- a break for your wrists, and the code is available under GPL."

hof writes: "Ever wanted to enter text by just looking at the screen? Take a look at Dasher. You enter text by looking or pointing to letters or words which the program thinks you are about to enter. I wonder how this can be optimized for coding -- a break for your wrists, and the code is available under GPL."

PineGreen writes: "As Michael Steil, the Xbox Linux project leader says:'On the Xbox Linux website, you can download "linuxpreview," an application that runs on modded Xboxes and is completeley legal, because the XDK was not used for development, and it does not contain any Microsoft code.'. See the X-box logo and Tux on the same screen. More information here."

lrose writes "Check out this story over at ZDNet -- Microsoft is developing a secure operating system to be combined with hardware doing public key cryptography. The DRM aspect reminds me of something I read about an imaginary day in the not-too-distant future, where you can no longer install Linux on your own box because you don't have the necessary rights." Coursey's column is quite interesting, bringing a lot more of the backstory behind Palladium into public view. While geeks have been following and worrying about the TCPA, Microsoft has been working to spin the story with assorted columnists and journalists, so that when it broke it would be in the context that Steven Levy bought into hook, line and sinker: a scheme to protect you rather than one to prevent you from using your computer in unapproved ways.

apeir0 writes "The Register has a story which proposes an ulterior motive to Microsoft's new Palladium: a GPL-killer. 'It's the very fact that this appears insoluble to me that helps me realize that MS has put tremendous, careful thought into it. To make the commons Linux-hostile, MS is taking dramatic steps to make it GPL-hostile. Very clever and admirably diabolical.' Is this a valid point or just paranoia?" Ross Anderson has been writing about this recently; we covered his paper a few days ago, and he's now got a Palladium FAQ up. Another submitter sent in this interview with the Microsoft manager in charge of Palladium. The Washington Post has a column. Update: 06/27 22:43 GMT by T : Bob Cringely also has a column on Palladium up, in which he says that several of his fears have been realized by it.

DippyOz writes: "Ever wanted to speedily enter text into your palm and hate those 'look ahead' features? Dasher is a research project from Cambridge that presents an innovative way to speed up text entering by predicting and allowing you to choose from a number of choices by flying over them with your stylus (or mouse). There's Linux, Windows and PocketPC versions to download and try."

morhoj writes "Cambridge University researcher Ross Anderson just released a paper concluding that open source and closed source software are equally secure. Can't find a copy of the paper online yet, but I thought this would make for an interesting morning conversation. You may not agree with him, but anyone who's on the BugTraq List can tell you that open source software isn't as bug free as we would all like to think." I found Anderson's paper, so read it for yourself. There are some other interesting papers being presented at the conference as well.

morhoj writes "Cambridge University researcher Ross Anderson just released a paper concluding that open source and closed source software are equally secure. Can't find a copy of the paper online yet, but I thought this would make for an interesting morning conversation. You may not agree with him, but anyone who's on the BugTraq List can tell you that open source software isn't as bug free as we would all like to think." I found Anderson's paper, so read it for yourself. There are some other interesting papers being presented at the conference as well.

dowobeha writes: "The Des Moines Register is reporting that thousands of Windows 98 users in Iowa could get $40 refunds from Microsoft. The Iowa Supreme Court has found the big boys from Redmond guilty of price fixing in violation of a 1976 Iowa law. According to the report, this is the first antitrust ruling in any state that favors 'indirect purchasers' (regular consumers who got Windows preinstalled on their newly purchased computer) rather than "direct purchasers" (manufacturers who license Windows to distribute on new machines)."

bje2 writes "Rememeber this story from a couple months ago about reconstructing data from the blinking LEDs of modems...well, CNet is running a story about reconstructing the display of a computer by using special hardware and the reflected glow of the monitor." Kuhn's paper (400k PDF) is available.

PortalCell writes "LED status monitors may potentially leak data in a few applications, but worse: Markus Kuhn has now revealed (pdf) that it's possible to read your monitor indirectly just by observing how the blue flicker lights up the room! Forget taping up LEDs or living in a metal box - now you might have to do without sunlight to be secure!" Hopefully people will also stop submitting the LED story now.

PortalCell writes "LED status monitors may potentially leak data in a few applications, but worse: Markus Kuhn has now revealed (pdf) that it's possible to read your monitor indirectly just by observing how the blue flicker lights up the room! Forget taping up LEDs or living in a metal box - now you might have to do without sunlight to be secure!" Hopefully people will also stop submitting the LED story now.

nut writes: "The BBC are carrying this story of new type of LED so precise that it can emit just one photon of light each time it is switched on. It has been developed by scientists from Toshiba Research Limited and the University of Cambridge. It is described in the journal Science, although I can find no mention of it on their website. One of the applications of this is supposedly uncrackable encryption, due to the law of indeterminacy. This application is described fully in 'The Code Book', by Simon Singh, although the method was only theoretical at the time the book was first published."

It's been a long time coming, so lets start off the quickies with some acts of senseless damage. Old Wolf sent us a link to a bunch of pictures of someone Defrosting a Freezer in the best way ever, and an anonymous reader sent in a site that shows what happens if you put a CD in Microwave. Don't use AOL CDs., send them to this lady who collects them (from gr8fulnded). On to the sex! An anonymous reader submitted a story about the Robot Pet Vibrator which is I guess AIBO gone wrong. elkm discovered Computerized Contraception. And with all this digital doin' it going on, its good know that MITs Erotic Computation Group is here to research it (thanks Chris Moon) The world is full of strangeness, but little of it is as scary as MissNachos's link to the Hello Kitty laptop, srini's link to the Single Pixel Webcam, and aneanti's link to a collection of the strangest canned foods you'll ever see. Finally, since it is the holidays, check out mrv's link to LED Christmas Lights which sure beats the hell out of finding the broken bulb.

An Anonymous Coward writes: "BBC Newsnight have tonight shown an article about a groups of hackers who are about to release details of the vulnerability of the IBM Cryptographical processors. ( Details here.) The BBC article can be watched online here. Alan Cox makes a starring role ;)" windowlicker adds some detail: "Mike Bond and Richard Clayton, from Cambridge University, have cracked IBM's 4758 crytoprocessor running the 'Common Cryptographic Architecture' (CCA). You can do the same with $1000-worth of hardware and the info from here. Many banks use this system for protecting PINs." The video file requires Real software; here's the BBC's article online for those of us without.

Christoph Zrenner asks: "I'm a UK medical student with a serious research interest in "how to interface neurons with computers". We do a major project in our third year and I'm interfacing an eel spinal cord (8 analog inputs, 12 analog outputs) to simulate the eel's movements on a computer. The processing needs to happen in real-time (1ms delay) so that the cord can get feedback from the computer. Having spent two days foraging through the Internet I still haven't come up with a decent solution - does anyone have any experience with this kind of thing? I was hoping to use the Matlab/Linux combination but only found an (expensive!) Realtime Windows Target Toolkit for Matlab!"

PineGreen writes: "Alllinuxdevices.com has a story today about Metrolink porting their Micro-X server to Playstation2. Sony still refuses to sell their Linux kit outside Japan, and the Blockman Trading version works on PSOne only. Now, when will I have an excuse to buy a PS2?"

PineGreen writes: "Tomorrow, MAP Satellite is to be launched. MAP is the first space mission to measure Cosmic Microwave Background (CMB) fluctuations after the famous COBE who was first to detect fluctuations in the CMB. It is supposed to do the job with an unprecedented accuracy. There were several successful balloon experiments (Boomerang, Maxima) and interferometer experiments (VSA, DASI, CBI), some of which still haven't published their data. But of course, we are all waiting for the big European Planck mission in 2007. Measuring CMB fluctuations can tell us a lot about the universe in which we live, its constituents and its geometrical properties."

PineGreen writes: "Tomorrow, MAP Satellite is to be launched. MAP is the first space mission to measure Cosmic Microwave Background (CMB) fluctuations after the famous COBE who was first to detect fluctuations in the CMB. It is supposed to do the job with an unprecedented accuracy. There were several successful balloon experiments (Boomerang, Maxima) and interferometer experiments (VSA, DASI, CBI), some of which still haven't published their data. But of course, we are all waiting for the big European Planck mission in 2007. Measuring CMB fluctuations can tell us a lot about the universe in which we live, its constituents and its geometrical properties."

Markus Kuhn writes: "Linux and other Unices are well on the way of making UTF-8 their single main character encoding. Replacing ASCII with UTF-8 is now one of the hottest Linux developer topics. Soon gone will be the annoying restrictions that Latin-1 imposes currently on even English language Linux users (no en/em dashes, no smart quotes, no math symbols, etc.). Counted are the days of the bewildering number of different regional ASCII extensions such as ISO 8859-1/2/3/5/7/9/13/15, KOI8-R/U, GBK, CP1251, VISCII, TIS-620, EUC-JP/KR, SJIS. Pioneered by the fathers of Unix in Plan 9 a decade ago, the ASCII-compatible UTF-8 encoding of Unicode / ISO 10646 (UCS) has emerged as the final way-to-go out of the current character-set chaos. With glibc 2.2.x and XFree86 4.x, the basic infrastructure for UTF-8 support is now well in place. To get started, read the UTF-8 FAQ and look at some of the UTF-8 example files listed there with xterm, emacs, vim, etc. Then think about whether running in a UTF-8 locale and using UTF-8 files, filenames, terminals and stdin/stdout has any consequences for software that you use or maintain. Join the linux-utf8 mailing list if you need advice. In two years from now, it should be possible to recommend every Linux user to switch over to UTF-8 permanently."

Markus Kuhn writes: "Linux and other Unices are well on the way of making UTF-8 their single main character encoding. Replacing ASCII with UTF-8 is now one of the hottest Linux developer topics. Soon gone will be the annoying restrictions that Latin-1 imposes currently on even English language Linux users (no en/em dashes, no smart quotes, no math symbols, etc.). Counted are the days of the bewildering number of different regional ASCII extensions such as ISO 8859-1/2/3/5/7/9/13/15, KOI8-R/U, GBK, CP1251, VISCII, TIS-620, EUC-JP/KR, SJIS. Pioneered by the fathers of Unix in Plan 9 a decade ago, the ASCII-compatible UTF-8 encoding of Unicode / ISO 10646 (UCS) has emerged as the final way-to-go out of the current character-set chaos. With glibc 2.2.x and XFree86 4.x, the basic infrastructure for UTF-8 support is now well in place. To get started, read the UTF-8 FAQ and look at some of the UTF-8 example files listed there with xterm, emacs, vim, etc. Then think about whether running in a UTF-8 locale and using UTF-8 files, filenames, terminals and stdin/stdout has any consequences for software that you use or maintain. Join the linux-utf8 mailing list if you need advice. In two years from now, it should be possible to recommend every Linux user to switch over to UTF-8 permanently."

Markus Kuhn writes: "Linux and other Unices are well on the way of making UTF-8 their single main character encoding. Replacing ASCII with UTF-8 is now one of the hottest Linux developer topics. Soon gone will be the annoying restrictions that Latin-1 imposes currently on even English language Linux users (no en/em dashes, no smart quotes, no math symbols, etc.). Counted are the days of the bewildering number of different regional ASCII extensions such as ISO 8859-1/2/3/5/7/9/13/15, KOI8-R/U, GBK, CP1251, VISCII, TIS-620, EUC-JP/KR, SJIS. Pioneered by the fathers of Unix in Plan 9 a decade ago, the ASCII-compatible UTF-8 encoding of Unicode / ISO 10646 (UCS) has emerged as the final way-to-go out of the current character-set chaos. With glibc 2.2.x and XFree86 4.x, the basic infrastructure for UTF-8 support is now well in place. To get started, read the UTF-8 FAQ and look at some of the UTF-8 example files listed there with xterm, emacs, vim, etc. Then think about whether running in a UTF-8 locale and using UTF-8 files, filenames, terminals and stdin/stdout has any consequences for software that you use or maintain. Join the linux-utf8 mailing list if you need advice. In two years from now, it should be possible to recommend every Linux user to switch over to UTF-8 permanently."

Markus Kuhn writes: "Linux and other Unices are well on the way of making UTF-8 their single main character encoding. Replacing ASCII with UTF-8 is now one of the hottest Linux developer topics. Soon gone will be the annoying restrictions that Latin-1 imposes currently on even English language Linux users (no en/em dashes, no smart quotes, no math symbols, etc.). Counted are the days of the bewildering number of different regional ASCII extensions such as ISO 8859-1/2/3/5/7/9/13/15, KOI8-R/U, GBK, CP1251, VISCII, TIS-620, EUC-JP/KR, SJIS. Pioneered by the fathers of Unix in Plan 9 a decade ago, the ASCII-compatible UTF-8 encoding of Unicode / ISO 10646 (UCS) has emerged as the final way-to-go out of the current character-set chaos. With glibc 2.2.x and XFree86 4.x, the basic infrastructure for UTF-8 support is now well in place. To get started, read the UTF-8 FAQ and look at some of the UTF-8 example files listed there with xterm, emacs, vim, etc. Then think about whether running in a UTF-8 locale and using UTF-8 files, filenames, terminals and stdin/stdout has any consequences for software that you use or maintain. Join the linux-utf8 mailing list if you need advice. In two years from now, it should be possible to recommend every Linux user to switch over to UTF-8 permanently."

sidetrack writes: "According to an article in The Times, Cambridge University Computer Laboratory's famous coffee pot camera - allegedly the world's first web cam (indeed, it predated the web by a few years in its original form) is to be retired, when the department moves to a new building. I think I remember looking at this some time in '95 - a piece of internet history that really should be saved, IMHO ;-)." Bits and pieces of history guys. It frightens me to realize that all this stuff we thought was so cool just a few years ago is now part of the net's history and lore. Tell your grandkids that you were there when...

We'll start this off with Ant's submission -- a hilarious story about The Endor Holocaust which no doubt follows the destruction of the 2nd Death Star. After reading something so clear, confuse your mind confuse your mind (thanks to The Musician). Now that you are adequately confused, cardoso sent us a ridiculous flash app where you can control dancers. This will put you in the mood to enjoy the most retro homepage ever, sent in by mvw Got some money to burn? Check out the Spinal Tap Guitar which features among other things, chrome exhaust pipes and a tachometer that (of course) goes to 11. If you're not a musician, maybe you'd be interested in Randy Rathbun's link to personalized action figures: I could send in my mugshot and be immortalized in plastic, standing forever atop my monitors with Darth, Goku, and Trinity! Or maybe you wanna buy a Dalek? If you're on more of a budget, Jay Novak sent us a great t-shirt from copyleft considering all the layoffs around the net companies. With all of these great things to waste cash on, you might need some cash: geekguy sent in a funny list of ways to cash in on Doom without wasting time making a game (like for example, Doom breakfast serial! Free BFG inside!) Just get id to license ya! For you do-it-yourselfers, mr100percent submitted what might be the most impressive automotive MP3 player ever. The Pathintosh is a beautifully integrated Mac complete w/ steering wheel controls, and a custom bezel. And finally, the eycandy. First up is davco9200's link to Daily Astronomy Astropix which is actually pretty sweet: today is Mars Dunes. Second and last of all, the pr0n: Jeff K sent in Unix-Sex which features sysadmins getting it on w/ Sun Hardware. Thats why we don't let them work 3rd shift.

Jason Bennett, frequent reviewer of books, now regales you with this great piece on the background and development of the new encryption standard to replace the pretty-good-till-now DES. It's full of linked information you'll want to digest, too. Update: 02/23 12:32 AM by T : Note: The links I borked are better now; mea culpa (and beware copying in Mozilla).

Since it was officially approved by the U.S. Government in November of 1976, most of the world's sensitive commercial traffic has been secured through the use of the Data Encryption Standard (DES). In its twenty-five year lifetime, it has become the most widely used, most widely trusted, and most widely studied encryption algorithm in existence. Alas, in the same way that your Atari 2600 ^[?] is currently sitting on the floor of your closet, DES' lifetime has come to an end as well. This was most dramatically demonstrated in the three DES Challenges sponsored by RSA Labs between January of 1997 and January of 1999, with a DES-encrypted message eventually being broken in less than 24 hours. This challenge also witnessed the birth of a DES-specific cracking computer, a machine widely theorized about, but never before (publicly) built. Although variants of DES (most notably Triple DES) are still widely used, it became clear that a new algorithm would be needed for the next twenty-five years.

Thus was born the Advanced Encryption Algorithm Development Effort. Beginning in January, 1997 (just before the RSA challenges finally broke DES), the National Institute of Standards and Technology announced its intent to begin the Advanced Encryption Standard (AES) process. The initial AES workshop was held in April, with the official call for algorithms going forth in September. Importantly, this call specified that the algorithms submitted have a key length of 128 bits, and be free of intellectual property constraints. Algorithms would be accepted from domestic and international submitters, and the resulting algorithm would be completely public. The con test would also consider both the hardware and the software implementation -- a divergence from DES, which was specifically designed for use in hardware. Importantly, the hardware that the AES had to operate in could vary from the largest supercomputer to a ROM-based smart card or other embedded ed environment. A candidate algorithm might well be optimized for one or the other, but had to perform at least reasonably well on all to have a real chance of being selected. Finally, this algorithm would be designed from the ground up to use the long key length, and thus would be faster and more secure than Triple-DES is at that length.

Thus came the warriors to the joust. On August 20-22, 1998, the first AES conference was held, with fifteen different algorithms being presented. Over the next seven months, these algorithms were tested in laboratories around the world to probe for weaknesses and to test the their speeds. There is a huge selection of papers on these tests at the AES1 site for your perusal, so I will not try and detail those tests here. Suffice to say, several of the algorithms had serious problems identified, while others came through with flying colors. The next March, the second AES conference was the forum for the presentation of these results, and a subsequent discussion of which algorithms should thus advance to the final round. These finalists were announced in August of 1999, thus beginning the second round of competition. NIST subsequently issued an excellent report detailing their rationale about each algorithm, including the problems and benefits associated with each.

The AES finalists were:

• MARS (IBM) (their case)
• RC6 (RSA) (their case)
• Rijndael (their case) (how to pronounce it)
• Serpent (their case)
• Twofish (Counterpane) (their case)

Obviously, each candidate comes to the conclusion that their cipher is the best. Nevertheless, there are some shared criticisms of the various ciphers that show patterns in each one. Serpent, for example, is universally named the slowest algorithm (in software), even by its creators. Nevertheless, they make their case based on being the most secure algorithm of the bunch. RC6 and MARS are both very fast on certain processors, but terrible on others. As noted above, any serious AES candidate had to perform well across all platforms, and thus this variable performance tended t o compromise these candidates. None of the algorithms were ever broken by a practical attack, however, and all should be considered secure enough for serious encryption work. Thus was held the third AES conference in April of 2000. This was the final conference before the official AES selection, and the last chance for each algorithm to make it s case. The statements above were presented at the end of this conference in an effort to make that case. Once the conference ended, it was up to NIST to make its selection. The candidates could only wait.

Finally, on October 2, 2000, NIST released their final decision, that R ijndael was to be the AES selection. Simultaneously, NIST released a paper detailing their rationale for the selection. In sum, this paper says that any of the finalists could have been selected (an opinion echoed by man y in the industry), but that Rijndael proved to have the proper balance necessary between speed in hardware, speed in software, and security. To quote from NIST's statement:

Rijndael appears to be consistently a very good performer in both hardware and software across a wide range of computing environments regardless of its use in feedback or non-feedback modes. Its key setup time is excellent, and its key agility is good. Rijndael's very l ow memory requirements make it very well suited for restricted-space environ environments, in which it also demonstrates excellent performance. Rijndael's operations ons are among the easiest to defend against power and timing attacks. Additionally, it appears that some defense can be provided against such attacks without significantly impacting Rijndael's performance. Rijndael is designed with th some flexibility in terms of block and key sizes, and the algorithm can accommodate alterations in the number of rounds, although these features would require e further study and are not being considered at this time. Finally, Rijndael's internal round structure appears to have good potential to benefit from instruction-level parallelism.

At this point, it's all over but the shouting. At some point later this year, the Secretary of Commerce will officially designate Rijndael the Advanced Encryption Standard, and a new era will have begun. AES was specified (and is expected) to remain a standard for at least as long as DES, and to protect data for even longer, and barring a major development (such as faster-than-forseen developments in quantum computing), this standard will likely be met. No one expects research into new algorithms to die, however. There will continue to be parallel algorithms developed and used, just as there are today. Thanks to be combined efforts of NIST and the community, however, there will always be the bedrock of AES available.

In conclusion, I'd like to point out the positive role that the U.S. Government, as represented by NIST, has played in this process. The Free Software/Open Source community has taken its share of shots at the government over patents, copyright and crypto export over the past several years, and deservedly so. The AES process, however, was lauded throughout the encryption community as a fair and open process that brought together the best minds available to select the algorithm for the next century (as NIST likes to say). Making an algorithm a FIPS standard gives it a legitimacy that cannot be obtained in any other way, especially given the way that this standard was arrived at. The algorithm is completely free of any IP hurdles, as was specified at the beginning of the process, and since the code is open, it can be downloaded by anyone in the world (and since it was designed outside of the U.S., any attempt to regulate its export from the U.S. would be silly). It is reasonable to criticize when a situation is bad, but it is only fair to praise when something is good.

Bibliography

I used a great number of sources from print and the web, so it's only fair to list them here. I also put many links in the body itself, most of which go into much more detail than I did.

• NIST's main AES site is the place to start. It links to most of the technical information I linked to above.
• RSA's crypto FAQ has been around for many years, and the latest edition only gets better. Covers all sorts of ground on cryptography, both general and specific. If you're trying to learn more about crypto, this is the definitive place to go.
• SANS InfoSec has a good overview of the process and the finalist algorithms.
• A Cryptographic Compendium has a good AES section
• SecurityPortal has an excellent perspective on what AES means
• Everyone's favorite IT rag The Register has a solid overview of the process
• Bruce Schneier publishes a crypto newsletter through his company, Counterpane Internet Security. See especially the issues from May 15, 1998, March and August 15, 1999, and April and October 15 of 2000.
• Simon Singh's The Code Book provided some excellent background

Schwarzchild writes "Robert Park's book "Voodoo Science" came out last year with the appearance that all science that did not suit him was bad science. Here is a review by Nobel prize winning Physicist Brian Josephson questioning some of the claims made in Park's book."

Schwarzchild writes "Robert Park's book "Voodoo Science" came out last year with the appearance that all science that did not suit him was bad science. Here is a review by Nobel prize winning Physicist Brian Josephson questioning some of the claims made in Park's book."