Slashdot Mirror

It's hard to say that UTF-8 always doesn't work well on Linux. I'm using a Latin alphabet and it's been years since I had UTF-8 problems. However that's not your case...

I don't like the direction this is heading in (i.e. guaranteed broken) - bah (this always happens)! You didn't say what type of printer you have though. I'm also worried that you are getting duff results from Windows too.

Some part of me is thinking that if the printer is a laser postscript thing then the font it has does not have an extended character set. On Windows you might be able to fudge this by saying something like "Send as Bitmaps" (this has drawbacks though). What should ideally be happening is that the font should be being uploaded to the printer so it knows how to print the letter "natively" as it were.

On Windows (yeah I know I keep mentioning but I've seen these things in passing) make sure you have the right fonts for the right country. I'm vaguely aware there are Asian languages packs for Acrobat that ships with different fonts. This might let you verify a PDF produced on one system is correct even if it is mangled when sent to the printer.

Does this happen for all non-latin alphabets you try and print or only ones that are using an UTF-8 encoding? Does printing Chinese UTF-8 websites also break? If you open the text files in a browser and print do you have the same issue?

vi and friends have heuristics for trying to guess the encoding of a file. UTF-8 patches went in a few years ago. Assuming your terminal font has the characters it should display most characters.

The information in UTF-8 and Unicode FAQ for Unix/Linux under the printing says CUPS should be able to correctly convert a UTF8 text file to postscript so I would be interested in seeing some sample files...

Could you put up some short example documents on the web and link to them so I can try them?

Late breaking news! It's looking bad for unicode PDFs

I apologize if this is a ridiculously simplistic question, but how do you have a LAN with IPv6? If I want to connect to my file server from my laptop now, I just use a local 192.x.x.x address now and it goes straight to my server. Is there something like that for IPv6 so that I don't have to go all the way out to the internet to get back to my file server? I'm assuming there is but I'm a novice when it comes to some of this networking stuff.

A Google search for "LAN over IPv6" turned up the following, but it's mostly a lot of technical jargon that I don't really understand:

http://www.rfc-editor.org/rfc/rfc2464.txt
http://www-uxsup.csx.cam.ac.uk/courses/ipv6_basics/x84.html

Many years ago, I had a minor disk failure. However, it resulted in the loss of the root directory inode. Everything within the directory (I think it was mounted as /var/) vanished... and mirroring would never have saved it.

sjmurdoch very kindly wrote python and debugfs magic that recovered about 95% of the structure and files, but it was a lesson learned against using mirroring as a form of backups...

That would be already made, and called Dasher. See an earlier post for a Youtube video, or try it out at their site. Works reasonably well, almost like magic. But then, so does ShapeWriter.

Do you mean Dasher?

Erm, you do know how to scroll through the list of suggested words on your phone

But if you try to type BASES (22737) and have to scroll through ACRES of irrelevant words, you're not likely to be someone who CARES about T9, and using that mode isn't likely to be in the CARDS for you. How many keystrokes does it take to scroll through this list?

There's some information about visiting students in Cambridge.
Very few students are accepted, especially in technical subjects, and they normally study the first or second year (so compsci part IA or IB, not II). Cambridge also has an established exchange program with MIT, where applications are somewhat less competitive for those coming to Cambridge.

Cambridge is where it's at. The original Cambridge that is, not the copycat in Massachusetts. ;)

Security Engineering: A Guide to Building Dependable Distributed Systems by Ross Anderson, professor at Cambridge University.

It replaces and expands upon Applied Cryptography by Bruce Schneier, and Practical Cryptography by Ferguson & Schneier to make a more holistic approach to security encompassing the entire system, not just using the latest (coolest) encryption techniques. Most real-life systems are broken by going around or ignoring the encrpytion.

Another classic is

TCP/IP Illustrated by the late Richard Stevens
Most people need/read only Volume I: The Protocols, but there is also Volume II: The Implementation which is wonderful albeit with a smaller following, though Volume III which is considered a big disappointment to many (I've never read the vol 3) isn't worry buying unless you're specifically interested in its contents.

The only serious alternative to TCP/IP Illustrated is Douglas Comer's series Internetworking with TCP/IP which is the series I learnt about TCP/IP programming with. Still highly recommended.

For Software development, The Mythical Man-Month by computing pioneer Frederick Brooks should be required reading, and Peopleware: Productive Projects and Teams by Tom DeMarco and Timothy Lister should be handed to every new IT/IM or software manager with their promotion or hiring (if they haven't read it already). Computing would suck so much less if we all held ourselves accounting to the basic ideas in these two books.

For historic, 3 books + bonus item that would have to be included are:

Algorithms + Data Structures = Programs by Niklaus Wirth

Cybernetics: Or the Control and Communication in the Animal and the Machine in 1948 by Norbert Wiener

Computing Machinery and Intelligence, by Alan Turing and published in 1950 in Mind

Computer Lib/Dream Machines by Ted Nelson in 1974, is most often pointed to as the "birth" of hypermedia.

The January 1975 issue of Popular Electronics, which featured the Altair 8800 on its cover.

Security Engineering: A Guide to Building Dependable Distributed Systems by Ross Anderson, professor at Cambridge University.

It replaces and expands upon Applied Cryptography by Bruce Schneier, and Practical Cryptography by Ferguson & Schneier to make a more holistic approach to security encompassing the entire system, not just using the latest (coolest) encryption techniques. Most real-life systems are broken by going around or ignoring the encrpytion.

Another classic is

TCP/IP Illustrated by the late Richard Stevens
Most people need/read only Volume I: The Protocols, but there is also Volume II: The Implementation which is wonderful albeit with a smaller following, though Volume III which is considered a big disappointment to many (I've never read the vol 3) isn't worry buying unless you're specifically interested in its contents.

The only serious alternative to TCP/IP Illustrated is Douglas Comer's series Internetworking with TCP/IP which is the series I learnt about TCP/IP programming with. Still highly recommended.

For Software development, The Mythical Man-Month by computing pioneer Frederick Brooks should be required reading, and Peopleware: Productive Projects and Teams by Tom DeMarco and Timothy Lister should be handed to every new IT/IM or software manager with their promotion or hiring (if they haven't read it already). Computing would suck so much less if we all held ourselves accounting to the basic ideas in these two books.

For historic, 3 books + bonus item that would have to be included are:

Algorithms + Data Structures = Programs by Niklaus Wirth

Cybernetics: Or the Control and Communication in the Animal and the Machine in 1948 by Norbert Wiener

Computing Machinery and Intelligence, by Alan Turing and published in 1950 in Mind

Computer Lib/Dream Machines by Ted Nelson in 1974, is most often pointed to as the "birth" of hypermedia.

The January 1975 issue of Popular Electronics, which featured the Altair 8800 on its cover.

"Security Engineering" by Ross Anderson http://www.cl.cam.ac.uk/~rja14/book.html/.
The best book ever, truly enlightening.
If you're young enough it will change your life.

This guy wrote a book using Latex, and he provides the source too!

http://www.inference.phy.cam.ac.uk/mackay/itprnn/book.html

If I ever had to write a book, I'd be learning by example from above. I wrote my thesis and some IEEE papers using Latex too, not quite as amitious as a book, the learning curve at first is high, but eventually you can use cut and paste of complex formatting saving many mouse clicks. Plus a lot of wysiwig editors don't show the formatting, so you end up trying to fix something that's not visible. Everything in latex is explicit. I ended up using winedt for my Latex editor.

Latex is good for subversion since it's text based, subversion just stores the differences between check in's. Plus it's easier to see what changed between two revisions using the graphical diff.

Look, along with porn, coffee machines have been driving our network tech for some time: Trojan Room Coffee Pot.

What you're missing here is that this is just some geeky project that nobody cares about except the creators.

Gee, geeks put ridiculous amount of technology into the problem of making a cup of coffee. Film at 11.

I mean, when web cams first came out, people were putting them next to coffee machines to be able to know if there's a pot on.

This isn't exactly a new phenomenon. :-P

Cheers

Reminds me of the world's first webcam at Cambridge University.

• David MacKay, Information Theory, Inference, and Learning Algorithms free online version available as PDF (Written by a Cambridge physicist who hails from the Cavendish Lab.)
• Pawel Lewicki and Thomas Hill, STATISTICS: Methods and Applications order here (Depite its title, it contains statistical machine learning methods like decision tree induction, Bayes classifiers and neural networks)

Good luck with your studies! ~ Jochen

David MacKay's Book Information Theory, Inference, and Learning Algorithms. It written at a high level and is an extremely difficult read (MacKay puts more information on a page than most do in half a dozen).

+1 for the book by Bishop (don't know about the others). In addition, have a look at Information Theory by David Mackay which I found stunningly good. There is a free on-line version available, but you should buy it: http://www.inference.phy.cam.ac.uk/itprnn/book.html

A vacancy has just opened up. Apply by December 15.

1) You didn't read what I wrote in what you first quoted of mine. Please actually read before replying to someone.

La la la la, I'm not listening... *plugs ears and sticks out tongue*

2) I'll paraphrase from the Tao: Though a program be but 3 lines long. Some day, someone will have to maintain it. Similarly, no matter how small a program is, it will contain bugs.

Oh really? Here's a three line program in the simply typed lambda calculus with algebraic data:

data Nat where
Zero : Nat
Succ : Nat -> Nat

two = Succ (Succ Zero)

Where's the bug? Oh, that's too trivial for you? Let's try another:

data Nat where
Zero : Nat
Succ : Nat -> Nat

add : Nat -> Nat -> Nat
add m Zero = m
add (Succ m) n = Succ (add m n)

I can *prove* my add function correct here by induction on the second argument. Similarly, I can *prove* that it's an associative and commutative operation. Where's the bug? Oh, you didn't realize you can prove properties about software? Oh, you mean you were full of shit all along? Oh, I see.

By the way, purity (look it up) in proofs and proof irrelevance (look it up) mean that you don't have to "maintain" a proof in the same way you have to maintain some toy piece of software written by some amateur hacker.

3) Having to go in a check the checker defeats the purpose of the checker.

Just like checking your proof defeats the purpose of you having written it, right? Oh wait, have you ever actually written a proof of anything? Have you ever written a *formal* proof of anything? Personally, I doubt either case is true. I think you're the kind of person that sits there and reads about mathematics in popular science articles and then comes on slashdot and tries to act like you're some sort of expert. Maybe I'm wrong though. Perhaps you would be so gracious as to give us some details on your past conquests in formal proofs, or the formal, axiomatic, correct mathematics you referred to earlier.

4) It isn't my job to check the checker. Nor is it any Mathematicians job to check the checker.

Really? I happen to know several mathematicians whose paychecks are causally related to their work on ensuring that various proof assistants are correct. Here are a few of them:

INRIA TypiCal Team

Isabelle at Cambridge

Programming Principles and Tools at MSR

This is only a very, very small sampling of some of the people involved in working on proof assistants and related technology. There are hundreds, potentially thousands of others that use them in secondary projects such as in industry.

These people range from being traditional classical "working mathematicians", to logicians, to computer scientists.

Your claim about mathematicians here is a bit laughable, in part because you have zero credibility -- you haven't responded to a single claims of mine, probably because you can't. You haven't demonstrated how you are in any way representative of the so-called "Mathematician".

5) Re: well defined "A sufficiently well behaved function": You're taking what I wrote completely out of context (see (1)). Note the ()'s after that in which you quote: rigorous within context

I could go on, but I won't waste my time with someone that clearly hasn't actually read what I wrote.

I don't think you personally are capable of even giving a definition of a "well-behaved function" in ANY context, so it's a moot point. Most competent mathematicians, logicians, or computer scientists would have no problem giving such a definition, if it were sensible to do so, but they also wouldn't make the asinine cla

On most other setups you'd have to shut the VM down and then restart it on the other machine for it to work correctly

Do you? I first saw Xen demo live migration in 2005, and I don't think it was new then. Their demo had a Quake server being thrown around a cluster without clients noticing. Downtime was well under 100ms. You can read the paper for more information.

They were claiming that you can move between processor types, but they didn't specify how much different they could be. If it's just a matter of SSE or 3DNow! support disappearing then that's not a hard problem - just trap-and-emulate any of the old instructions. Relaunching programs that use these will cause the new values of CPUID to be picked up.

I never managed to complete Nethack until I found the spoilers, which include helpful advice about the best way to approach the game. The dungeons are random, but the structure of the game is not, and the same things will appear in approximately the same places (with different names). Once you have got to a certain depth, you've cracked the game and a win is almost certain.

Whether it is cheating to look at the spoilers is a philosophical question. Cheating is copying a save file or modifying the game - reading spoilers is no more cheating than looking at the source code.

There were ideas to make sending email "expensive", would it be possible to apply this here? Use a calculation that is expensive to solve but where the solution is easy to test, such as factoring a large number. The biggest problem with the scheme is that a solver has to be added to the browser somehow.

That's proof of work. Proof of work doesn't work unless you use the equivalent of price discrimination. To do price discrimination, you'll need a trust network, so proof of work may work with mail, but not with web services unless the website is very popular.

If you're going to use proof of work, use something that's memory bound instead of CPU bound - the acceleration rate (Moore's law constant) for memory access times is longer than for CPU processing speed, so you don't hurt old computers as much.

That won't work, because Javascript interpreters use some processing power of their own. Say there's a 9x slowdown from native code. Then the spammer can just write a C implementation of the hashcash mechanism, and then have the effective power of nine computers. Even if, by some miracle, Javascript interpreters become as fast as compilers (but without the compilation stage), the hashcash solution has two drawbacks. First, it'll hurt ordinary users that don't upgrade their computer every Moore's law cycle (and if there was a way to signal that "I have an old computer, give me an easier problem", spammers would spoof that). Second, it wouldn't actually help, since the spammers would just use their zombie network to calculate the hashcash. See Proof of Work Proves Not To Work.

There's a way around the zombie problem: you can have a reputation network and then make known "bad apples" pay more, but that would be hard to set up for websites. For the application to mail, see Proof of Work Can Work. The Moore problem can be somewhat mitigated by using a function bound by memory access time (since that improves more slowly), but the problem will still be there.

The group working at Cambridge has a detailed description: http://www-sp.phy.cam.ac.uk/research/mirror.php3 I was a little surprised to read this as being new. Although the He microscope, as it is envisioned, has not yet been built, the Cambridge group has been working on the idea for a while. I'm not sure how much of an improvement the techniques of the group in the story are - for producing flat mirrors - than what is already being used at Cambridge. The Si surfaces they use are already pretty flat. As far as I understood it the most critical area for development was the detector.

This is a good idea. Base it on a standard description of each concept like an old fashioned text book, but also allow:

- Discussion threads with students and teachers. (moderated, Slashdot style?)

- Contributed examples, again by students and teachers. You could do something like the PHP documentation, where the best contributed examples are prominently displayed at the bottom of the relevant page.

- Interactive tools to illustrate particular concepts.

- Copious linkage to similar resources.

A successful project like this could easily spawn similar projects for the other sciences.

We're trying to do just this sort of thing with the intelligent book, but not just with examples but also exercises that actively help you work through them. (The demo at that link should come live next week, though in a pre-alpha state for an early publicity event.)

Essentially, it's me gradually turning my PhD thesis from a PhD into a publically available tool, and for all subjects, not just maths.

I guess that makes this post a shameless plug, but it is at least for something that is directly on-topic.

Traditional depackaging attacks are carried out by depackaging the chip, attaching probes to the interesting testpoints, and then powering the circuit. No power also means that it is hard for the attacker to read the value, as it depends on how good (i.e. low leakage) the transistors are that make up the RAM (usually they will leak the value in a few milliseconds). The key for encryption is typically 128 - 512 bits, which is very easy to clear.

You can read more about coating based PUFs here
Basically, I simplified it, but what actually happens is that the key (the signature from the PUF) is generated, used and deleted as one step. For the additional step of deletion of data on the chip, that can be easily accomplished by using gating transistors on the reset line of the SRAM.

If you are interested in what phorm /webwise actually does here is a technical paper: Richard Claytons technical paper: http://www.cl.cam.ac.uk/~rnc1/080518-phorm.pdf

If you leave them plugged in they will continue to use electricity even when they are not charging (or even connected to) a device.

Citation needed.

Damn it.

Three edits later, and it still makes no sense. I obviously meant to say "If not even the editor posting a stroy is interested".

[Goes to hide in a corner until he's able to type again.]

Hvae you seen taht rscheearch at Cmabrigde Uinervtisy taht syas it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoetnt tihng is taht the frist and lsat ltteer be at the rghit pclae. The rset can be a toatl mses and you can sitll raed it wouthit porbelm. Tihs is bcuseae the huamn mnid deos not raed ervey lteter by istlef, but the wrod as a wlohe.

http://www.mrc-cbu.cam.ac.uk/~mattd/Cmabrigde/

This research is based upon the individual already have an accessible stored copy of the correct version of the word. The greater the person's vocabulary the more capable they are of reading garbled words and still capture their proper spelling. This goes to explaining that the human brain is capable of graphing various languages and spellings to equate the same context of any situation.

Hvae you seen taht rscheearch at Cmabrigde Uinervtisy taht syas it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoetnt tihng is taht the frist and lsat ltteer be at the rghit pclae. The rset can be a toatl mses and you can sitll raed it wouthit porbelm. Tihs is bcuseae the huamn mnid deos not raed ervey lteter by istlef, but the wrod as a wlohe.

http://www.mrc-cbu.cam.ac.uk/~mattd/Cmabrigde/

You know firefox has a build in spell check these days, you might want to look into that.

Damn it.

Three edits later, and it still makes no sense. I obviously meant to say "If not even the editor posting a stroy is interested".

[Goes to hide in a corner until he's able to type again.]

Hvae you seen taht rscheearch at Cmabrigde Uinervtisy taht syas it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoetnt tihng is taht the frist and lsat ltteer be at the rghit pclae. The rset can be a toatl mses and you can sitll raed it wouthit porbelm. Tihs is bcuseae the huamn mnid deos not raed ervey lteter by istlef, but the wrod as a wlohe.

http://www.mrc-cbu.cam.ac.uk/~mattd/Cmabrigde/

You might give credit where credit is due:

http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-500.pdf

I have yet to see a university with half-way decent network security, given that the network has to be usable by clueless non-CS students (and worse, professors).

The computer lab at Cambridge University certainly used to have a policy (not sure if it still applies) that if you rooted one of their boxes, they would buy you a beer, if you rooted another one, they would buy you a whole evening of beers (at the legendary Eagle pub), and if you rooted a third one, they would offer you a job.

Their IT security was way, waaaaaaay better than any commercial company I have worked at. Full-time security staffers with PhDs, pro-active scanning, keypad entry to server rooms with CCTV, and so forth. I suppose with folk like Markus Kuhn and Ross Anderson in the department, they have to make a bit of an effort. :o)

I have yet to see a university with half-way decent network security, given that the network has to be usable by clueless non-CS students (and worse, professors).

The computer lab at Cambridge University certainly used to have a policy (not sure if it still applies) that if you rooted one of their boxes, they would buy you a beer, if you rooted another one, they would buy you a whole evening of beers (at the legendary Eagle pub), and if you rooted a third one, they would offer you a job.

Their IT security was way, waaaaaaay better than any commercial company I have worked at. Full-time security staffers with PhDs, pro-active scanning, keypad entry to server rooms with CCTV, and so forth. I suppose with folk like Markus Kuhn and Ross Anderson in the department, they have to make a bit of an effort. :o)

Read & Learn, And Legalize Marijuana

Since the article is often pulled from websites, the first article you should read and burn into your mind is this, Google for the title and archive a copy for yourself:

"A break-in to end all break-ins"
"In 1971, stolen FBI files exposed the government's domestic spying program"

It's an amazing story, and in 2008, how much has this expanded into every corner of our lives? The majority of Americans are brainwashed sheep consumers with a limp wet noodle for a brain, thrashing around with their Wii and Paris Hilton media like a fat dinoasaur in a tar pit. Stay informed, we have no privacy, encryption is good but useless with acoustic monitoring, reflections in the eye and objects in your environment, etc.! If it's electronic, there's always a loophole. You shine brighter with each electronic device you use, in many ways. Don't trust Hushmail or any web based mail service to keep anything of yours secure or to provide any reasonable degree of security. Secure your computer room and rig your computer to shut down if you use encryption like Truecrypt or other when your environment is entered by someone other than you or those you permit and trust (you shouldn't trust anyone, everyone has a price)

Compromising Reflections or How to Read LCD Monitors Around the Corner
http://www.infsec.cs.uni-sb.de/~unruh/publications/reflections.pdf [uni-sb.de]

And more:

http://www.eff.org/wp/detecting-packet-injection
http://en.wikipedia.org/wiki/Anonymous_remailer
http://cryptome.org/tempest-law.htm
http://seclab.uiuc.edu/pubs/LeMayT06.pdf
http://www-users.cs.umn.edu/~dfrankow/files/lam-etrics2006-security.pdf
http://cryptome.org/nsa-vaneck.htm
http://www.alobbs.com/macchanger
http://lifehacker.com/software/ssh/geek-to-live--encrypt-your-web-browsing-session-with-an-ssh-socks-proxy-237227.php
http://www.nononsenseselfdefense.com/five_stages.html
http://csrc.nist.gov/publications/nistpubs/800-92/SP800-92.pdf
http://csrc.nist.gov/itsec/guidance_WinXP_Home.html
http://csrc.nist.gov/publications/nistpubs/800-84/SP800-84.pdf
http://all.net/books/document/harvard.html
http://www-128.ibm.com/developerworks/library/l-keyc.html
http://www-128.ibm.com/developerworks/library/l-keyc2/
http://www-128.ibm.com/developerworks/library/l-keyc3/
http://www.cl.cam.ac.uk/~mgk25/emsec/optical-faq.html
http://www.cs.washington.edu/education/courses/csep590/06wi/
http://www.wiley.com/legacy/compbooks/mcnamara/links.html
http://lifeha

Since the article is often pulled from websites, the first article you should read and burn into your mind is this, Google for the title and archive a copy for yourself:

"A break-in to end all break-ins"
"In 1971, stolen FBI files exposed the government's domestic spying program"

It's an amazing story, and in 2008, how much has this expanded into every corner of our lives? The majority of Americans are brainwashed sheep consumers with a limp wet noodle for a brain, thrashing around with their Wii and Paris Hilton media like a fat dinoasaur in a tar pit. Stay informed, we have no privacy, encryption is good but useless with acoustic monitoring, reflections in the eye and objects in your environment, etc.! If it's electronic, there's always a loophole. You shine brighter with each electronic device you use, in many ways. Don't trust Hushmail or any web based mail service to keep anything of yours secure or to provide any reasonable degree of security. Secure your computer room and rig your computer to shut down if you use encryption like Truecrypt or other when your environment is entered by someone other than you or those you permit and trust (you shouldn't trust anyone, everyone has a price)

Compromising Reflections or How to Read LCD Monitors Around the Corner
http://www.infsec.cs.uni-sb.de/~unruh/publications/reflections.pdf

And more:

http://www.eff.org/wp/detecting-packet-injection
http://en.wikipedia.org/wiki/Anonymous_remailer
http://cryptome.org/tempest-law.htm
http://seclab.uiuc.edu/pubs/LeMayT06.pdf
http://www-users.cs.umn.edu/~dfrankow/files/lam-etrics2006-security.pdf
http://cryptome.org/nsa-vaneck.htm
http://lifehacker.com/software/ssh/geek-to-live--encrypt-your-web-browsing-session-with-an-ssh-socks-proxy-237227.php
http://www.nononsenseselfdefense.com/five_stages.html
http://csrc.nist.gov/publications/nistpubs/800-92/SP800-92.pdf
http://csrc.nist.gov/itsec/guidance_WinXP_Home.html
http://csrc.nist.gov/publications/nistpubs/800-84/SP800-84.pdf
http://all.net/books/document/harvard.html
http://www-128.ibm.com/developerworks/library/l-keyc.html
http://www-128.ibm.com/developerworks/library/l-keyc2/
http://www-128.ibm.com/developerworks/library/l-keyc3/
http://www.cl.cam.ac.uk/~mgk25/emsec/optical-faq.html
http://www.cs.washington.edu/education/courses/csep590/06wi/
http://www.wiley.com/legacy/compbooks/mcnamara/links.html
http://lifehacker.com/software/home-server/geek-to-live--set-up-a-personal-home-ssh-server-205090.php

divide it in half like they are integers

integer 7 plus integer 7 is 14, but since you can't have half an integer (that is what floats are for), int 15 divided by 2 is 7.
http://www-mdp.eng.cam.ac.uk/CD/engapps/ctutor/assignment.html

• Are you worried about insiders stealing customer data?
• Or outsiders hacking in from the InterWeb?
• Or a nutter changing your admin passwords and blackmailing you?
• Or someone in the next office logging your network traffic?

Start with "Security Engineering" by Ross Anderson. The first edition is online.

Wicket looks good but it is component based. It has a lot of components, but that isn't the same as being able to do anything that javacript can. What would be really cool is a combination of the two, so that custom components can be written in Java, debugged as Java, and compiled to Javascript.

Wicket and rsf are HTML-centric systems, you design your pages in HTML and the framework adds the components. This is good, you can use dreamweaver or any XHTML-compliant editor to get a nice look and feel, but it is only one way of doing it. The alternative is the GUI designer type interface, like the GWT eclipse plugin or JSF. Here you design your page like a GUI application. This is good where you want "web applications" rather than smart web pages.

It will be interesting to see which way tools go, I think there will be a divergence into the two ways of designing.

You are wise to be skeptical but he was awarded a PhD from Cambridge.

http://www.gen.cam.ac.uk/About/News/news.htm
http://www.circa.cam.ac.uk/pages/degrey.html
http://www.admin.cam.ac.uk/news/dp/2003090402

Also note, he isn't claiming to have solved it, and he isn't selling 'Anti-aging' Herbs.

He makes all his data available for all.

None of his claims propose new or undetectable, laws of the Universe.

He has none of the seven warning signs.
Could be still be a charlatan? Sure, but he would be a very poor one.

Also, Cambridge should be slapped for not calling him on his credentials if he is lying.

Yes, the world is full of people believe stupid crap for a longer life(isn't that what religion is really abuot? living forever?)

You are wise to be skeptical but he was awarded a PhD from Cambridge.

http://www.gen.cam.ac.uk/About/News/news.htm
http://www.circa.cam.ac.uk/pages/degrey.html
http://www.admin.cam.ac.uk/news/dp/2003090402

Also note, he isn't claiming to have solved it, and he isn't selling 'Anti-aging' Herbs.

He makes all his data available for all.

None of his claims propose new or undetectable, laws of the Universe.

He has none of the seven warning signs.
Could be still be a charlatan? Sure, but he would be a very poor one.

Also, Cambridge should be slapped for not calling him on his credentials if he is lying.

Yes, the world is full of people believe stupid crap for a longer life(isn't that what religion is really abuot? living forever?)

You are wise to be skeptical but he was awarded a PhD from Cambridge.

http://www.gen.cam.ac.uk/About/News/news.htm
http://www.circa.cam.ac.uk/pages/degrey.html
http://www.admin.cam.ac.uk/news/dp/2003090402

Also note, he isn't claiming to have solved it, and he isn't selling 'Anti-aging' Herbs.

He makes all his data available for all.

None of his claims propose new or undetectable, laws of the Universe.

He has none of the seven warning signs.
Could be still be a charlatan? Sure, but he would be a very poor one.

Also, Cambridge should be slapped for not calling him on his credentials if he is lying.

Yes, the world is full of people believe stupid crap for a longer life(isn't that what religion is really abuot? living forever?)

There's a theory that people can read words correctly just as long as the first and last letters are correct.

On that basis.. anybody else read the headline as "Scouts To Hear Small ISPs' Case Against AT&T"?

There's a theory that people can read words correctly just as long as the first and last letters are correct.

On that basis.. anybody else read the headline as "Scouts To Hear Small ISPs' Case Against AT&T"?

Like this one?

http://www.cl.cam.ac.uk/coffee/coffee.html

The compare-and-swap approach is backed up by academic research: http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-579.pdf [Practical Lock Freedom]

Trusted Computing Platform Alliance FAQ, as of 2003. This is ooooold news.

Sure. That would be Josephson's group.

Actually, you're wrong. As Struppi says, all this shows is that exposing one interesting problem to a large group is (on this occasion) a good way of solving it. One data point is not enough to make any more general statements.

When you increase the number of problems (e.g. all the bugs in all the code) without increasing the number of people significantly (how many people looked at this problem as opposed to each bug in an open source project?) you get a very different result.

"Many eyes make all bugs shallow" is not the full story. A good article by Ross Anderson can be found here. The key quote being:
"So, other things being equal, we expect that open and closed systems will exhibit similar growth in reliability and in security assurance. This does not of course mean that, in a given specific situation, proprietary and open source are evenly matched. But we have to look at second-order effects, asymmetries, transients and nonlinear effects to determine which is better where. This is where we expect the interesting economic and social effects to be found."