Slashdot Mirror

• the MTTF is always much lower than the observed time to disk replacement
• SATA is not necessarily less reliable than FC and SCSI disks
• contrary to popular belief, hard drive replacement rates to not enter steady state after the first year of operation, and in fact steadily increase over time.
• early onset of wear-out has a stronger impact on replacement than infant mortality.
• they show that the common assumptions that the time between failure follows an exponential distribution, and that failures are independent, are not correct.

Wikipedia, http://en.wikipedia.org/wiki/Mary_Bono , reveals that her religion is Scientology.
Scientology uses copyright to attack heretics: http://www.cs.cmu.edu/~dst/Library/Shelf/atack/

Anonymous Coward, my friend, how long has it been since we cowered?

The reason for using a commercial RTOS is ... reliability. You want code that was heavily tested before. And if you write your own RTOS you will have to debug very mysterious problems for years. Better to grab code that already went through all that, and flew to Mars too. If you follow this link you will see that the good debugging capabilities of the VxWorks allowed the programmers to patch their bug remotely. A homegrown RTOS would be unlikely to have such a debugging interface just because it's out of scope; you'd need to bring the device into the lab and plug some JTAG cable in to reflash the board.

At least on /., the Google study is getting all of the press. But there were two large studies on disk failures this year at FAST: the one by Google, and the other by the Carnegie Mellon Parallel Data Lab. It won best paper. You can find it at http://www.pdl.cmu.edu/PDL-FTP/Failure/failure-fas t07_abs.html

Although the CMU group didn't have environmental data to see what correlations there were, they get results similar to Google in other areas; e.g. that drive "vintage" matters, the failures are not a Poisson distribution, etc. Since the two studies agree, it implies that both are reliable. Also, most people *don't* have a heat chamber to weed out flaky firmware behavior--the drives that almost everybody runs are drives that may have such firmware games enabled. The studies are on disk drives *as they are shipped from the manufacturer*; the correlations found, whatever their reasons, do exist.

75 percent of MIT students have at least a combined math/verbal SAT score of 1430. If you don't have that, chances are poor that you will get in unless you are "more equal than others", i.e. you are anything other than a White male.

Here's a homework assignment for you:

SAT score is a good enough proxy for IQ that most high IQ societies will accept it in lieu of an official IQ test. You can find out the mapping between SAT (and other tests) here:
http://www.iqcomparisonsite.com/GREIQ.aspx

1. Find out the 25th percentile SAT score of the top 5-10 schools. (They are very similar.)
2. Find out the freshman population of all these schools in total, times that by .75 to get the number above the 25th percentile. (You might want to subtract international students, or just estimate.)
3. Using US population pyramids and the IQ distribution (bell shaped curve), estimate the total number of US students who these schools can actually draw from to get such a student population.
4. From there, estimate the probability that they will accept you based on SAT score alone.

(Hint, it's pretty damn high).

As to your case, colleges stay pretty constant in their 25th or 75th SAT percentiles. I think the SAT may have been renormed recently, but it was still the same test around the early 2000 era.
http://www-tech.mit.edu/V122/N40/40usnews.40n.html
http://www.cmu.edu/ira/CDS/c_9900.html

MIT was 1410 versus 1270 for CMU (25th percentile). That means if you take a random sample of the population who would just make it into the 25th percentile of CMU, there would only be 1/6 of them who would just make it into the 25th percentile of MIT.

It amazes me how much people have picked up Field D*, given that it drops the optimality associated with A*/D*. Field D* tends to return shorter paths, but it is not guaranteed to do so. Since those were the exact reasons that groups like NASA would not touch randomized planners, I find that a little odd. I guess its the nice even upgrade path of A*->D*->Field D*. At any rate, having NASA pick up any recent work on autonomy is a success, given their conservative nature.

I remember an Air Force person once saying they would never fund any research using any randomized algorithms; The funny thing is I managed to make a version of the randomized RRT planner the primary route planner for a UAV research project. Grids simply break down as soon as you add any sort of additional dimensions to the problem, and randomized approaches are perfect for 3D worlds and/or kinematic constraints. Personally I am a bit biased though, as I am a big proponent or randomized RRT/PRM based methods, even in low dimensions.

Now if only game programmers would notice that there's been some advances since A*...

It is based on A*, in fact it stands for "Dynamic A*".

It's designed for efficient re-planning as costs change due to information collected as the robot moves. It leverages the fact that cost updates occur close to the vehicle, so it's really only necessary to replan "locally" back to the A* path.

That's a pretty dumbed down explanation. The original paper describing D* is here.

The actual variant being used by NASA is called "Field D*", and is able to interpolate costs and cross graph states in an arbitrary fasion (not just 8-connected).

Best dating site ever ?
http://women.cs.cmu.edu/Who/Profiles/Grad/index.ph p

All schools should have something like that.

http://www.cs.cmu.edu/~bianca/

I would love to give her my very large hard drive. For "performance evaluation and measurement", you understand. ;-P

The more and more RIAA acts like $cientology, the more and more people dislike them.

Well, actually, Bianca's paper at the same conference showed that even though everyone assumes a Poisson distribution that's not what disk drives actually do...see Figure 5. I have no idea whether Google's population is similar (the data in Bianca's paper is partly from SCSI drives) but what both papers say is that the vintage effect is very pronounced, which suggests that the distribution doesn't look fishy, if you pardon the pun.

C'mon, slashdot. There were about twenty other papers presented at FAST this year. Let's not focus only on the one with Google authors...

I was at the talk, and it was very interesting. CMU also had a paper (PDF) about disk failures in the same conference (in fact, they presented one after the other).

Like any worthy vision paper, it includes images of Lena!

http://www.cs.cmu.edu/~chuck/lennapg/lenna.shtml

There is (and always will be) an inverse relationship between security and usability

Speculation at best. UI design is hard just as security is hard. In fact, the difficulties of both are directly related IMO. The question is, "how can the user convey their intent to the system?", because surely the user doesn't intend to loose a virus which destroys their computer. The flip side is, "how can the system translate those intents into enforceable security properties?" In other words, it's a matter of proper user-system communication via a trusted path, ie. good UI design and a good security architecture are both necessary to achieve the desired effects. There has been some good research on secure user interfaces, the most successful of which are based on capability security principles [1],[2],[3],[4].

Compartmentalising the applications in such a draconian fashion would appear to be heavily leaning towards the security side, and not the usability side of the argument [...] The article talks about the picture-viewer not being able to access the web.

Only because you have a monolithic view of "the application". Let me make the distinction clearer by rephrasing the usefulness of the security property we're interested in: why should the image rendering component of the application have access to the web? Really, only a small portion of the application would need net access if it needs it at all, but surely not the component that accepts a PNG file and renders it into a bitmap for display to the screen. And yet, in all systems widely in use today, the image rendering library has exactly this authority, and more (authority to delete your personal files for instance). It'd be amusing if it weren't so sad.

Most of the apps I use daily require web/internet access. I think that's only going to increase over time.

I agree, but isolating components from wielding permissions they don't need is simply necessary for good security. Fortunately, it's also good software design. :-)

[1] http://www.ischool.berkeley.edu/~ping/sid/design.h tml
[2] http://www.ischool.berkeley.edu/~ping/sid/ideus.ht ml
[3] https://addons.mozilla.org/firefox/957/
[4] http://cups.cs.cmu.edu/soups/2005/2005posters/23-y ee.pdf

I get that you could measure all those distances and dimensions, using multiple photos -- one each of every flat surface, moving the target each time so it's the same distance from the camera as the surface being measured -- but I don't think it would work from a single photo.

There is something known as 'depth from defocus'. If you know the focal distance and depth of field, you can detect range by how out of focus things become. It sounds inaccurate, but some people report 1/200 accuracy. However, I gather you need at least two pictures at different distances to produce useful results.

It's just a believable, though, that it relies on parallel features (such as bricks or wall top+bottom) or only works on near-flat surfaces.

1) It doesn't
2) While it's not working; it's also not working the way they say it does.

It's a wheatstone bridge, it reacts to galvanic skin resistance (not 'measures'.)
According to Scientology, it 'reads' (meaning, shows a change) when something 'traumatic' is mentioned (an 'engram' or 'incident' etc.)
It's got an undamped needle, so it tends to wild swings and the 'auditor' constantly changes the baseline resistance to keep the needle on the dial.

In practice it's used like a Magic 8 Ball, or 'Hotter/Colder' game while the mooch is questioned.
This is the 'research' that Hubbard used to 'discover' the marvels of Xenu, the transtemporal, intergalactic 'Psych Conspiracy' and the 'Martian Implant Stations' all to within an accuracy of microseconds over gadzillion years (longer than the universe has existed anyway.)

Naturally, this is the short version. The 'Tech' has lots of names for various kinds of 'needle bounces', all of which supposedly have very special and specific meanings. If you get a 'Rockslam', it means you're having bad thoughts about Ron Hubbard or Scientology :)

See: http://www.cs.cmu.edu/~dst/Secrets/E-Meter/

Beyond that, the e-meter also serves as an analogue to the hypnotist's 'swinging watch'; as a distraction from what's actually being done to the victim.

Although it's not considered 'auditing', the e-meter is also used in the 'Sec Check' (security check, also called the 'Scientology Confessional'.) There are number of different flavors, regular, ethyl, joberg, gang-bang and even one just for kids (which is pretty disgusting.)

My favorite is the 'Whole Track Sec Check' which 'locates' the targets 'crimes across the 'Whole Track', i.e. in past lives.

Did you come to Earth for evil purposes?
Have you ever smothered a baby?
Have you ever enslaved a population?
Have you ever destroyed a culture?
Have you ever torn out someone's tongue?
Have you ever zapped anyone?
Have you ever eaten a human body?
Have you ever made a planet, or nation, radioactive?

there are lots of funnier ones, but you can google them.

"The German Federal Government maintains that Scientology is an organization which has primarily economical interests. This idea has been reinforced by a ruling of the Federal Labour court (which is not connected to the government in any way). After having reviewed several Scientology books, the judges concluded that Scientology is not a religion, but a commercial enterprise"

For a long time, that was the conclusion of the IRS as well. The IRS and Scientology fought an ugly battle for 26 years before the IRS suddenly relented and gave Scientology its religious tax exemption.

http://www.cs.cmu.edu/~dst/Cowen/essays/irs.html

This reminds me of the Enron e-mail data that was released, with similarly "shocking" emails. Actually, in the Enron case, they really were illuminating because a lot of e-mails addressed to Ken Lay towards the end of the company's life included the words "you bastard". Also, you didn't have to look very hard to find rampant corporate nepotism (Ken Lay's daughter Elizabeth pimping her friends). The original dataset is at CMU, and a web-browsable version is at enronemail.com, although you have to register for the latter one. The first link lets you download the zipped contents of a bunch of executive's email boxes (sent items, deleted items, inbox, etc.)...it's really nuts.

If you're interested in a whole curriculum out of the box, then CMU's Robotics Academy might be something worth checking out.

The lesson plans involve either the LEGO NXT robotics kits, or the VEX robotics kits, and have been under development and used by school for several years now.

check out the cerebellum from Carnegie Mellon. personally, though, i think lego mindstorms toolkits can take a high school student very far. in high school a friend of mine used one and did some pretty cool stuff with it in C. we learned a lot about stacks (we overflowed that a couple times...recursion can be a bad idea ;) and we even learned about multi threading (yes, it can do it!) but if you're looking for something more advanced, i definitely recommend the cerebellum. its what a lot of first year CMU kids start using for their robotics projects.

http://www.cs.cmu.edu/~myrover/cerebellum/

disclaimer: i'm a CMU student.

Among academia, recognition is vital. If you don't publish you don't succeed. If academic security researchers could only publish their results anonymously then they would lose their jobs. The graduate school maxim is "publish or perish."

Proudly signing your full legal name is what distinguishes researchers from hackers.

Assuming I'm reading it correctly, if the Bosons don't bounce the right way, it means that string theory (as currently formulated) violates one of the fundamental assumptions (Lorenz invariance, analyticity or unitarity). If the string predicted scattering doesn't match the experimental observations, then string theory (in its current form) is "impossible" and at the very least "would have to be reshaped in a highly nontrivial way."

If the Bosons bounce within predicted limits, then string theory still isn't proven - it just survived this elimination round and moves on to next week's physical challenge...

Try do anything useful in 57 lines with today's languages.

Given that DeCSS can be written in six lines of illegible Perl, I shudder to think of what a Perl coder could accomplish with 57 lines...

-Stephen

The role played by DVD-Jon in the original exploit for decoding DVDs made for entertaining journalism but it was dependent on one particular carelessly handled player key that was subsequently revoked. What matters was the cryptanalysis performed by Frank Stephenson of CSS which exposed mistakes in the CSS algorithm (see this link: http://www.cs.cmu.edu/~dst/DeCSS/FrankStevenson/an alysis.html). It made the already inadequate 40 bit keyspace no more effective than a 25 bit space. Looping through 2^25 possible keys takes almost no time at all with a modern computer. In other words keys are found on the fly and there was no important role played by the mysterious German hackers assosciated with DVD-Jon. Of course the real "heroes" of this story are the poor engineers at Hitachi given the assignment of designing and implementing a secure system just because someone thought it should be possible and creating from scratch was "obviously" the way to proceed.

The moral again is that bumbling and incompetence are often the important explanatory factors rather than significant money or strategic brilliance.

I'm surprised that the blogger has given in so easily. I understand that he can't afford a lot of legal expenses, but my understanding is that at this point all he needs to do is file a counter-notification with his ISP certifying that to the best of his knowledge his use of copyrighted material falls under Fair Use, which it almost certainly does. Here's a how-to. This puts the ball back in ABC/Disney's court and doesn't require a lawyer at all.

GIF, not JPEG!
http://www.cs.cmu.edu/~dst/DeCSS/Gallery/Stego/ind ex.html

Your prior post is interesting, detailed, and well-informed reading, but you fail to address an existing, published study stating that cellphone use on aircraft may be dangerous.

I'll address this again then.

The study says there is an 'increased risk', 'higher than was previously thought'. What they did, was find that more often than thought before people's cellphones were on during critical parts of flights. They also found that laptop wifi and bluetooth were emitting RF. All they actually did was log the spectrum from these emissions on some flights. That is all their research found.

Now, what they imply is that this is somehow more significantly dangerous then we previouly thought. My essay I think covered most of the things why this is not so dangerous.

However I want to stress here the fact that any potential emissions from consumer RF-devices in the cabin will have a hard time competing with all the structures and shielding between the device and the antenna outside the aircraft or inside in the avionics bay. And no such device can dream of competing the awesome power of the spectrum from a fairly common natural sources, such as static build-up and lightning, under which such avionics have to perform on a daily basis.

And if people are already leaving their cellphones and laptops on during flights by accident, where's the harm in allowing them to use them during flights in a controlled and tested environment. This might actually help people remember to turn them off more often during takeoffs and landings.

Your prior post is interesting, detailed, and well-informed reading, but you fail to address an existing, published study stating that cellphone use on aircraft may be dangerous.

Wait. UID support requires that I write my inbox spool files out in mbx format, right? I can't do that because I'm NFS exporting the mail spool to a bunch of other 'nix clients along with IMAP. Which is why I'm still using traditional sendmail appended spool files. Is this what you were talking about?

Yeah, that would do it. I don't use wuimapd, so I'm not familiar with mbx format, but the traditional appended message format is horrible:

• Inefficient - not only is there no standard place to put uidvalidity and uid information (and other clients couldn't be trusted to maintain the invariants if you came up with a nonstandard one), but there are no persistent indexes at all. I guess you could keep at least the byte offsets of each message cached externally with validity keyed by the mtime of the mail file, but it can't keep it locked for the whole session or no mail would be delivered. A single external access (whether by sendmail delivering a new message or by one of these NFS-based clients) would force it to recompute. It would just know that the file changed; it doesn't have any way of knowing if the only change was appending a new message.
• Unreliable - The only way in Unix to replace the middle of a file with a different-length segment (as when marking a message read or moving it between folders) is to write out the whole new file on the same filesystem then rename() it into place. Your over-NFS clients probably don't even have permission to create files anywhere on the same filesystem, so instead they just overwrite all data later in the file and ftruncate() to the correct new size. If there's a network outage while that operation is underway, the file will be corrupted. At best, there will be a chunk that's skipped or written twice. At worst, it will be a total jumble of old and new blocks - it can't put a fdatasync() barrier between each write because it'd be way too slow.

I use Cyrus IMAPd. It's a different approach - all the mail on the system is owned by user cyrus. It has its own quota system. Email is stored in basically maildir format (one file per message), but with extra Berkeley DB stuff in each directory (uidvalidity/uid, full-text search indexes, imap flags, etc.). The SMTP daemon (Postfix in my case) hands the mail off to it for delivery. You only access mail through IMAP.

It works well for me. My worst problem is that Mail.app will occasionally go into this slow "synchronization" procedure where it retrieves the flags of every message to see if they've changed - that's the situation RFC 4551 should fix.

I'd suggest getting rid of the NFS export. It's holding you back, and just about every client out there (even many text-based ones like Pine and mutt) speak IMAP. Even ones which don't support the UID stuff (like really old mutt versions) should be faster, since they can at least retrieve a single message later in the session without causing it to iterate through everything before. Not corrupting the mailbox should be a nice plus, too.

I think you're describing something between CORBA and CMIP.

SOAP was simpler to setup (no broker and associated config), easier to grasp publication of servants, and the data packet can be debugged on-the-wire, so you can code-test-debug until it goes. CORBA is a binary format that is more optimal on the wire, but harder to debug. There's Other Issues, but These issues are Mine.

Even thought I can sit in my figurative armchair and say "seen it before", in truth these concepts co back and forth (or iterative cycles, take yer pick) and feed off each other to evolve. Maybe Son-of-CORBA is on our horizon: a better, leaner, easier RPC.

Critical Mass: The perl/python/php/ruby/etc/etc extensions didn't come for CORBA quickly enough :)

For me, there's the SOAP-to-CORBA bridge. Maybe someday I'll have time to hack on that a bit :)

CMIP-to-SOAP-to-CORBA bridge? That would be fun. More hack, less Slashdot. Don't need to find a hidden cache of German tanks to realize even that might be a bridge too far...

Oh, and here's a link to the full text of the original article in case anybody's interested.

1) As far as I can tell, Player/Stage/Gazebo is limited to flat earth. (MSRS is not, arbitrary terrain)

Yes it does. First two hits when you google "gazebo terrain".

2) Part of the .NET framework there is a wealth of functionality: mathematics functions, quaternions, etc.

2b) Loss of portability to other operating systems.
This is not something to be overlooked, given the prevalence of Linux for headless embedded devices (i.e. robots). If you like object-oriented development, Player has bindings for C++, Java, Ruby, and Python.

Especially when you are simulating discrete objects. The ability to have TableObject *table and Robot *robot, instead of a bunch of c-calls, is a blessing and speeds up your development time.

Well, if you want to argue the simulator sucks, then I won't necessarily disagree with you. That's not the interface a robot *user* would be dealing with however, only the creator of a custom robot. A C++ interface for the robot "driver" would be nice, but I can understand the portability reasons for choosing plain C. In my graduate-level course on physical simulation, I did use C++ for my simulator. I don't think it was a huge advantage however, since everything was implemented as a large system of ODEs anyway, and the object oriented view was just translating to and from that (following the Baraff/Witkin approach).

(I know, this is my day job)

Guess what my day job is?

This is also why a lot of people choose DirectX over OpenGL.

It seems to me that the only people who prefer DirectX are game programmers. Scientific/visualization/engineering apps are still largely OpenGL. This is partly due to inertia, of course, but I'm sure they appreciate the portability too, since important scientific and engineering apps tend to work on more than one OS.

If you mean this, it's not surprising. Closed-source tools cannot be assumed to provide any security at all. DBAN was not tested in that report, nor even a simple use of dd.

(warning: shameless plug) Have you looked at Carnegie Mellon University's Entertainment Technology Masters program? I am about to graduate with my class in May, and many of us already have jobs already lined up. The program has a good relationship with majors companies such as EA, Activision, Sony, and Disney for internships. Plus, you get to take graduate level electives from other departments (e.g. Computer Science, Design, Engineering, and Drama). All classwork is done in teams, and many projects work with industry clients. After graduation, you have a large network of hundreds of previous graduates from the program that can help you throughout your career. Lastly, if you don't like the cold, you can always study on a beach in Australia. Here is the link: http://www.etc.cmu.edu/ Hope that helps!

Any quantum teleportation scheme requires the receiver to know what state the sender measured when the sender applied his measurement.

Thus, the receiver certainly has some information about the *particle*, but has no information about the message until a classical channel carrying the state the sender measured catches up. So what's the value of this scheme? It's highly secure! If an eavesdropper intercepts the classical particle on the tandem channel, it's useless to them since the quantum-teleported state is effectively a one-time pad, being repeated ad nauseum!

In fact, if you're a physicist, maybe you'd appreciate seeing the Dirac notation of the process from my Quantum 2 class last year:
http://www.andrew.cmu.edu/user/bsauerwi/Problems/2 006QUA2HW5b.pdf (problem 5)--note that Bob needs to know which unitary state to measure on his quantum-teleported particle in order to complete the process.

~Ben

So what you're left with is not much of an idea of what is going on outside academia other than perhaps "really large programs." That is why everybody that I interviewed with coming out of school in the 90s asked if I had taken a projects class.

If I were to design a curriculum to get people ready for how things are after school, I'd make a two semester course requirement:

The first semester I would have the students go through a survey-type class where different types of methodologies were explained, along with the advantages and disadvantages of each, with an example of representative types of applications that used each method. Perhaps a telephone switch used with a Waterfall methodology. And go on from there. This would go up to whatever the latest fad was. This would also include the prerequisites for starting a project, which hopefully are common to all projects -- you would use something like the material from The Software Project Survival Guide. You'd also look at different maturity measurement methods, such as SEI CMMI levels. And then a dose of the real-world with mistakes that people make during software projects, such as excessive "tailoring" of the process, giving up the process during mid-iteration to code like mad, etc., and ways to get out of such software development mistakes.

You would also get taught concepts such as Configuration Management (with a survey of different tools, such as CVS, Subversion, ClearCase), unit- versus integration- versus system-testing and tools to perform each.

The second semester would be the actual project where you would use the appropriate methodology for the size, number of people, and time to work on the project. You would try to make it as realistic as possible, including requirements gathering with inadequate requirements, bad business contracts, interacting with QA for getting a test plan up and running, etc. Then halfway through the project you could have additional requirements added by the customer and see how to successfully manage such changes.

Another course or portion of a projects course would be doing what most of us end up doing anyway: modifying other people's code. This would also go over the different types of code modification: new features addition, optimizing code for better speed, user interface changes, etc. It would also survey different tools, such as debuggers and profilers. It would also look at the hows and whys of refactoring.

All of these are necessary to successful real-world software development, IMHO. Unless you go to an underfunded start-up ("OMG, why aren't you coding!!!), or you work at Google.

Without this, I think a lot of people are going into software development thinking it's all fun, with this rosy picture of working on original code, and thinking that testing what you do after it all works.

DT

Have a look at this article: http://www.linuxplanet.com/linuxplanet/reports/436 1/1/ then choose amongst the more mature projects: Coda http://coda.cs.cmu.edu/ and OpenAFS http://www.openafs.org/. Intermezzo looked promising but hasn't been updated in a long while so it's probably dead.

Hope this helps.

There are a shitload of entry level jobs in IT. I went to the career fair at my alma mater last September (CMU) for my current employer (who is hiring a boatload of CS graduates). The CMU career fair was the single largest that they've ever had; more employers were exhibiting there than anytime in history. Even more than 1999, in the height of the dot com boom. Technical career fairs at other universities all over the country have also been exhibiting similarly high amounts of traffic. You might have trouble finding a job if you are one of these people that looks and acts like a professional student, or has their parents managing every step of the process, but not if you are reasonably competant.

What you are saying was true in 2002 and 2003, but certainly not true now.

Hundreds of comments and not a single one mentions that NASA is a CMMI Level 5 organization. For those that don't know (and apparently, that's a lot of you), CMMI, aka Capability Maturity Model Integration, is software ENGINEERING methodology for developing processes and technologies around IT systems. It is a very in-depth methodology for developing software and comes about as close to "engineering" as you can get in software development.

Here is a list of participants in this program.

And here is a general overview of what CMMI is.

And just to put it into perspective, when I was last working with CMMI, there were only 3 companies certfied at level 5. Nasa, Motorola, and another one I can't remember. I am sure that has changed but nonetheless, it's a big deal and shows a serious effort to do things in a controlled, measureable, testable, way.

I only bring this up to counter the ridiculous "solutions" that some have proposed on this site.

"I can fix that in 3 lines of code".

Well, great. That might work at YOUR company. But please don't do that at NASA. Despite what many think here, NASA is a top-notch software development house. And I would expect nothing less given what is at stake.

Hundreds of comments and not a single one mentions that NASA is a CMMI Level 5 organization. For those that don't know (and apparently, that's a lot of you), CMMI, aka Capability Maturity Model Integration, is software ENGINEERING methodology for developing processes and technologies around IT systems. It is a very in-depth methodology for developing software and comes about as close to "engineering" as you can get in software development.

Here is a list of participants in this program.

And here is a general overview of what CMMI is.

And just to put it into perspective, when I was last working with CMMI, there were only 3 companies certfied at level 5. Nasa, Motorola, and another one I can't remember. I am sure that has changed but nonetheless, it's a big deal and shows a serious effort to do things in a controlled, measureable, testable, way.

I only bring this up to counter the ridiculous "solutions" that some have proposed on this site.

"I can fix that in 3 lines of code".

Well, great. That might work at YOUR company. But please don't do that at NASA. Despite what many think here, NASA is a top-notch software development house. And I would expect nothing less given what is at stake.

This will mean that Large Enterprises who do hardware virtualization for security are deluding themselves.

http://www.andrew.cmu.edu/user/crd/qemu_openbsd_no te.html

The Gigapan material says it can reach 30 gigapixels with the right camera. The preview images don't say what their resolutions are, but they are clearly pretty big.

The Gigapan device, being developed by CMU and NASA, is a low-cost way to generate 1-40 gigapixel panoramas using off-the-shelf digital cameras. Soon it will be available to the general public. See some panoramas taken with the device or find out more about the commercial version. (Disclaimer: I'm part of the Global Connection project, which is developing the device)

The Gigapan device, being developed by CMU and NASA, is a low-cost way to generate 1-40 gigapixel panoramas using off-the-shelf digital cameras. Soon it will be available to the general public. See some panoramas taken with the device or find out more about the commercial version. (Disclaimer: I'm part of the Global Connection project, which is developing the device)

This past year, I was accepted into Carnegie Mellon's [cmu.edu] School of Computer Science [cmu.edu]. It has been a remarkable experience that I would lik e to share with the Slashdot community. Here's an account of my experience.

Week 1, Sunday: I moved in today. My roommate, a sophomore CS student, had already moved in tw o days before me. The floor is already completely covered with garbage. He also smells. I think he might be gay too. He's already asked me if I like the color he painted his toenails. This should be interesting. I am almost completely settled in. Techno music is playing in every room in every floor of my dorm. There are computers and other types of trash out in the common areas. What a mess. Tom orrow, I am going to go sign up to get my network connection.

Week 1, Monday: I got hooked up to the CMU network today! I jacked into the network, only to f ind that the hostname and address assigned to me were colliding with another system. I'll just increm ent the network numbers a few times. I am really eager to get on.

Week 1, Tuesday: I am still looking for a free IP address. Can't anybody here properly configu re their systems?

Week 1, Friday: I finally found a free IP! It's mine! You sons of bitches can't have i t, I found it, I keep it, it's mine! To hell with all of you! Head hurts really bad. I've slowly be en developing a headache since I first arrived. Everywhere I look there are these Lucent Technologies wireless access points. I wonder if that's the problem.

Week 1, Saturday: I sat down at my computer today. My desktop wall paper is now the goatse.cx guy. Pleasant. Scattered over every directory on my C: drive are thousands, possibly millions, of fi les titled "J00AR30WN3DBITCH-phj33r-" and then some random hacker's name. Don't these people have liv es? Maybe they need laid or something. It'd take days to clean this out. I mentioned to my roommate that I needed to reinstall Windows, and immediately he jumped up and shouted: "NO! Do NOT use Window s!" Suddenly, two dozen other guys (all of them possibly homosexuals) appeared at the door, each tout ing an operating system called Linux. Half of them got into a fight over which was better, Debian, Re dHat, Slackware, and a bunch of others I couldn't recognize. Some kid who appeared to not have shower ed since he was born was touting "Linux From Scratch", saying that only losers used pre-made distros. A crowd of people in the back kept quiet about how I'd be sorry if I used Linux instead of BSD on the network. Who the fuck are these people? Classes start next week. Hope I have my computer working s o I can do my assignments.

Week 3, Friday: People are still trying to get Linux to work on my system. They keep telling m y that my hardware sucks. We go through about four or five distributions a day. Every now and then, I notice a little devil on my screen. Stickers for every of these distributions have been plastered o n my case. Suddenly, my room stinks a lot more with these people in here. I ask them why they never shower, and the usual response is something along the lines of "showering is like rebooting" and "I do n't want to lose my uptime."

Week 3, Saturday: There's a troop of men running naked in a circle around McGill Hall. I am no t even going to ask.

Week 4, Wednesday: Linux is FINALLY working on my computer! I have a pretty slick desktop too. I think I might like this. I can finally work in my room instead of the labs, although considering the every increasing layer of garbage on the floor...

Week 4, Thursday: My computer flashes messages about how I am "0WNX0RED" and how I should "PHJ3 3R" whoever and how "L4MEX0R" I am for having an insecure box. A kid suggests we reinstall Linux afte r discovering about 17 rootkits.

Week 5, Friday: Someone got BSD work

This past year, I was accepted into Carnegie Mellon's [cmu.edu] School of Computer Science [cmu.edu]. It has been a remarkable experience that I would lik e to share with the Slashdot community. Here's an account of my experience.

Week 1, Sunday: I moved in today. My roommate, a sophomore CS student, had already moved in tw o days before me. The floor is already completely covered with garbage. He also smells. I think he might be gay too. He's already asked me if I like the color he painted his toenails. This should be interesting. I am almost completely settled in. Techno music is playing in every room in every floor of my dorm. There are computers and other types of trash out in the common areas. What a mess. Tom orrow, I am going to go sign up to get my network connection.

Week 1, Monday: I got hooked up to the CMU network today! I jacked into the network, only to f ind that the hostname and address assigned to me were colliding with another system. I'll just increm ent the network numbers a few times. I am really eager to get on.

Week 1, Tuesday: I am still looking for a free IP address. Can't anybody here properly configu re their systems?

Week 1, Friday: I finally found a free IP! It's mine! You sons of bitches can't have i t, I found it, I keep it, it's mine! To hell with all of you! Head hurts really bad. I've slowly be en developing a headache since I first arrived. Everywhere I look there are these Lucent Technologies wireless access points. I wonder if that's the problem.

Week 1, Saturday: I sat down at my computer today. My desktop wall paper is now the goatse.cx guy. Pleasant. Scattered over every directory on my C: drive are thousands, possibly millions, of fi les titled "J00AR30WN3DBITCH-phj33r-" and then some random hacker's name. Don't these people have liv es? Maybe they need laid or something. It'd take days to clean this out. I mentioned to my roommate that I needed to reinstall Windows, and immediately he jumped up and shouted: "NO! Do NOT use Window s!" Suddenly, two dozen other guys (all of them possibly homosexuals) appeared at the door, each tout ing an operating system called Linux. Half of them got into a fight over which was better, Debian, Re dHat, Slackware, and a bunch of others I couldn't recognize. Some kid who appeared to not have shower ed since he was born was touting "Linux From Scratch", saying that only losers used pre-made distros. A crowd of people in the back kept quiet about how I'd be sorry if I used Linux instead of BSD on the network. Who the fuck are these people? Classes start next week. Hope I have my computer working s o I can do my assignments.

Week 3, Friday: People are still trying to get Linux to work on my system. They keep telling m y that my hardware sucks. We go through about four or five distributions a day. Every now and then, I notice a little devil on my screen. Stickers for every of these distributions have been plastered o n my case. Suddenly, my room stinks a lot more with these people in here. I ask them why they never shower, and the usual response is something along the lines of "showering is like rebooting" and "I do n't want to lose my uptime."

Week 3, Saturday: There's a troop of men running naked in a circle around McGill Hall. I am no t even going to ask.

Week 4, Wednesday: Linux is FINALLY working on my computer! I have a pretty slick desktop too. I think I might like this. I can finally work in my room instead of the labs, although considering the every increasing layer of garbage on the floor...

Week 4, Thursday: My computer flashes messages about how I am "0WNX0RED" and how I should "PHJ3 3R" whoever and how "L4MEX0R" I am for having an insecure box. A kid suggests we reinstall Linux afte r discovering about 17 rootkits.

Week 5, Friday: Someone got BSD work

What amazes me is how many tools are out and available online regarding this sort of pattern recognition development. Since a lot of people know Java, I'm would encourage you to use the Java Media Framework (free from Sun). Once you have those libraries installed, it's quite easy to start editing sound, images & video. You might need to grab and install codecs if you're doing video analysis but I think almost all image codecs are supported.

I'm not going to lie, the video computation can be quite heavily but thankfully that framework is implemented such that the entire video doesn't have to be loaded into memory, just a one frame buffer analysis can be used if you want.

The last thing you would need is simply the know-how on programming these analysis algorithms. There are sites out there with a large wealth of up-to-date algorithms. An example would be the text book style site of pattern recognition or image processing. While this doesn't teach you how to do things, it does contain the raw resources and algorithms. General resources like the computer vision homepage exist that serve as links to all kinds of resources. Unfortunately, I know of no real solid books that contain everything out there because this field is so rapidly developing. My professors taught me from hand printed slides in a large compendium they had accumulated over the last couple years.

The last piece missing is the data to analyze. While you might not have the ultra high resolution Van Gogh images to do this yourself, it may be possible to visit museums with 6 MP cameras to obtain your own data. Failing that, there are repositories online that sometimes contain image information you can start with. While this may not satisfy your specific needs, it sure is great for the lazy developer like myself.

Lastly, I will mention citeseer and Google Scholar for cutting edge papers that you might want to try implementing. Distributing these algorithms and building a good GUI can be tricky but really anyone can build the backend. I heavily recommend experimenting with this if it interests you.

While I can completely understand that you would be very unlikely to have evidence showing CAGW took money from the COS, what information do you have that suggests that CAGW basically ran with an article / story of the COS? Did they parrot a criticism weighed against you by the COS elsewhere, for example?

Yes, the articles's main themes come directly from the material the Scientologists were circulating: (1) that CMU's cybersecurity initiative was somehow incompatible with my free speech work -- a nonsensical attack they also successfully shopped to WPXI-TV, and (2) that CMU President Jared Cohon's service on the Homeland Security Advisory Council was also incompatible with my free speech work. This latter point had been made previously by the Scientologists and no one else.

I also noticed that your site, scientologywatch.org, isn't up anymore. Is that a result of the COS attempt to take your domain name down for infringing on their trademark, or is there some other problem?

I still own that domain, but it apparently is no longer functional after my colleagues and I moved a bunch of sites to a new hosting company. We didn't have time to keep it updated, so it's not a big loss. My main anti-Scientology web site is here. And yes, I did receive trademark infringement threats from Scientology over the ScientologyWatch.org domain; I simply told them to get stuffed.

This piece from your website is incredibly revealing. I knew the "Scientology" freaks were crazy, but this is a little too much. Their association with groups like the one in this story is alone quite a blow.