Slashdot Mirror

Hat
Plane
Duck

Hat
Plane
Duck

Each day. Around the world. The future is born.

While NextFest seems to showcase some cool stuff, it does not seem to highlight the innovative underpinnings to these gadgets, which are often created/discovered by individuals, independent groups and academics. The science behind the gadgetry (i.e. The Robotics Institute) is often more interesting, IMHO.

While I know that's not the purpose of NextFest, it's just interesting to me to think that "the future is born" of smart individuals collaborating (obvious example == F/OSS), not necessarily from "leading visionary companies".

Is there anywhere in the world with a transportation system designed to make use of bicycles? (Bike paths, special lanes, showers at work, etc?)

> First, he argues: 'We find an intelligent civilization and there's no way in creation we can communicate with them because they're so alien to us. We can't talk to dolphins now. In which case, we'll never know.'

On that note, there's actually an on-going project as CMU's Language Technologies Institute to create technology to allow us to communicate with dolphins.

Different pairs of keys have different timings, so just looking at the timing difference gives you quite a bit of information. There's even a paper about this phenomenon which gives some numbers. It focuses on sniffing the network traffic, but the results should also apply for data that is gather accoustically.

-Matt

I did a bunch of tests like this, but in 2.6 instead of 2.4. My conclusions:

* Ext2 is still overall the fastest but I think the margin is small enough that a journal is well worth it
* Ext3, ReiserFS, and XFS all perform similarly and almost up to ext2 except:
o XFS takes an abnormally long time to do a large rm even though it is very fast at a kernel `make clean`
o ReiserFS is significantly slower at the second make (from ccache)
* JFS is fairly slow overall
* Reiser4 is exceptionally fast at synthetic benchmarks like copying the system and untaring, but is very slow at the real-world debootstrap and kernel compiles.
* Though I didn't benchmark it, ReiserFS sometimes takes a second or two to mount and Reiser4 sometimes takes a second or two to unmount while all other filesystem's are instantaneous.

Whole thing available here

I'd like to see how you...can handle 10,000 simultaneous connections!

Why, with CODA of course!

All 20 Bushes are recognized correctly. The only anomaly is a repeated recognition of one face; the system sees two faces at the same location. But on the other hand, only one chimpanzee face of 20 is recognized in full and one by its eyes. In 15 of the 19 chimpanzees, the system sees no face at all. The remaining two chimpanzees show a false positive.

The hard part is figuring out the little details that often get inexplicably omitted from journal papers. What are the particulars of the dataset? How are the training images preprocessed? What is the arbitration strategy for overlapping detections? These are the types of details that seperate the output quality of systems that use identical algorithms. In many cases, the researchers are happy to answer questions via email, unless they have plans to spin the research off into a private company.

The interesting thing about the chimp faces was that the area it identified was usually a smaller region of the chimp's face that it just mistook for a face.

-Matt

http://vasc.ri.cmu.edu/demos/faceindex/05062004/us ers/2250.html

apparently that wouldn't be of much use.

Finally! Proof that Bush is two-faced!
http://vasc.ri.cmu.edu/demos/faceindex/06272001/us ers/91.html

I don't think it can identify non-human faces. If you look at the results from May 26, 2004 (Submission #23) you'll see that someone uploaded an image from some sci-fi show. The 2 humans are identified, but the other guy is not.

Yes, even this particular project dates back to 2001 (mabye earlier, I didn't RTFA) - scroll down their gallery page.

somebody sent a load of pics regarding bush and the chimp!

here

Surprisingly, it did quite well!

Actually, no it didn't. Maybe it would on a cleaned-up version of the picture (the site is too hard navigate already, nevermind with the slashdot effect), but, like you said, it should be detecting it.

The algorithm only recognizes where the face is. It does NOT recognize the face to match it with another picture.
The algorithm is almost scary, watch this sample
http://vasc.ri.cmu.edu/demos/faceindex/05062004/us ers/2236.html

The problem is that even if you can recognize where this 80 pixel face is, it will be very hard to match it up against features of known people. Several [automated] face recognition systems implemented in Florida failed. In more than 3? months they failed to identify a single known offender.

The algorithm only recognizes where the face is. It does NOT recognize the face to match it with another picture.
The algorithm is almost scary, watch this sample
http://vasc.ri.cmu.edu/demos/faceindex/05062004/us ers/2236.html

The problem is that even if you can recognize where this 80 pixel face is, it will be very hard to match it up against features of known people. Several [automated] face recognition systems implemented in Florida failed. In more than 3? months they failed to identify a single known offender.

as the original.

Others have done it... here's a 3-way speaker reported on /. years ago, and here's another.

Why are all these people suddenly making projects that have been done over and over, and reporting them as "new ideas"? Just like the jet engine made out of a turbo-charger the other day... that's been done hundreds of times! Heck, it's even been done on Junkyard Wars!

not sure if this is the same, cos i obviously can't be bothered the RTFA, but here are some clips for you...

Here.

The song "YATTA" will get into your brain and it won't leave. Except that in the hard disk video you can't quite hear it all that well.

Half of what you want is cpu documentation, Intel makes nice free guides to their 32 bit x86 cpus. Sometimes they even will send out the manuals free in book format, right now it looks like you can download them or order a free cd. Check back often because the free books(shipping free too) come and go. http://developer.intel.com/design/pentium4/manuals /index2.htm

The other main half is BIOS info, check our Ralf Brown's int list: http://www-2.cs.cmu.edu/afs/cs.cmu.edu/user/ralf/p ub/WWW/files.html

For the rest you just need lots docs about various hardware like floppy controllers and such, check out my site for OS developers since I probably have more links listed then anyone else. Besides this stuff you might want to re-include java in your google searches because most of the research into virtual machines that I've seen uses java but alot would still apply.

Nope, she's right, there are no tunnels at CMU. Nothing. Not at all. Nothing to see here. Move along.

An operating system allocates resources (memory, processor time, et cetera) that are requested by applications. In OS X, the kernel is mach you may be interested in how it works.

Anyway, Cygwin is not an OS, its a set of development tools according to the authors. While it is a neat trick that win can be made to act like *nix.

BTW, my favorite NT thing... win2k claims to be built on "nt technology" which is very funny since "nt" means "new technology". I'll let you spell it out.

Well, I'm sure glad that CMU dosn't have any tunnels..........

Many of the previous posters have cited the importance of math in areas like graphics, databases, etc. I heartily agree. Allow me to cite another example: computational neuroscience.

So I'm in general incredibly interested in various combinations of brain and CS studies, so last year I audited a course on computational neuroscience. This was a course which dealt with understanding neural systems from a computational perspective.

Unfortunately, my math skills are somewhat sub-par for a CS major. I somehow managed to get a 5 on the AP Calc exam, but forgot everything afterwards. This ended up hurting me significantly in the course. Although I could understand the neuroscience concepts, whenever we started with analysis my head started swimming. Modeling things like ion channels require some pretty hardcore understanding of differential equations, which I understood next to nothing about. I learned a bunch of neat facts, but without a strong mathematical background, I wasn't able to fully comprehend what was going on.

There are many other examples of my poor math knowledge causing me pain. As it stands, I'm going to be joining a PhD program to study neuro/CS stuff in the fall. Since I'm going to need to have a good grasp of things like differential equations, I'm going to be spending a lot of quality time with calculus books this summer. Being in a position like this sucks -- I really recommend learning math, regardless of what you want to do. It's amazing how often math comes up, and how much the symbolic processing skills math teaches you helps in other areas.

From the looks of the code examples in this page,
I feel that Tom Mitchell's Machine Learning book contains more useful/practical AI algorithms.

And yes, you do need to learn math.

Here's the source to qrpff.pl:

s''$/=\2048;while(<>){G=29;R=142;if((@a=unqT="C*", _)[20]&48){D=89;_=unqb24,qT,@
b=map{ord qB8,unqb8,qT,_^$a[--D]}@INC;s/...$/1$&/;Q=unqV,qb2 5,_;H=73;O=$b[4]<<9
|256|$b[3];Q=Q>>8^(P=(E=255)& (Q>>12^Q>>4^Q/8^Q))<<17,O=O>>8^(E&(F=(S=O>>14&7^O)
^S*8^S<<6))<<9,_=(map{U=_%16orE^=R^=110&(S=(unqT ,"\xb\ntd\xbz\x14d")[_/16%8]);E
^=(72,@z=(64,72,G ^=12*(U-2?0:S&17)),H^=_%64?12:0,@z)[_%8]}(16..271) )[_]^((D>>=8
)+=P+(~F&E))for@a[128..$#a]}print+qT ,@a}';s/[D-HO-U_]/\$$&/g;s/q/pack+/g;eval

Here's the source to qrpff.pl:

s''$/=\2048;while(<>){G=29;R=142;if((@a=unqT="C*", _)[20]&48){D=89;_=unqb24,qT,@
b=map{ord qB8,unqb8,qT,_^$a[--D]}@INC;s/...$/1$&/;Q=unqV,qb2 5,_;H=73;O=$b[4]<<9
|256|$b[3];Q=Q>>8^(P=(E=255)& (Q>>12^Q>>4^Q/8^Q))<<17,O=O>>8^(E&(F=(S=O>>14&7^O)
^S*8^S<<6))<<9,_=(map{U=_%16orE^=R^=110&(S=(unqT ,"\xb\ntd\xbz\x14d")[_/16%8]);E
^=(72,@z=(64,72,G ^=12*(U-2?0:S&17)),H^=_%64?12:0,@z)[_%8]}(16..271) )[_]^((D>>=8
)+=P+(~F&E))for@a[128..$#a]}print+qT ,@a}';s/[D-HO-U_]/\$$&/g;s/q/pack+/g;eval

Look it up. :)

Hard drive speakers, with nice /.'abble movies.
Enjoy. And give 'em slashdot's best.

DeDRMS? I wrote a song about it. Want to hear it? Hear it goes... *da dum da dum*... slash asterisk bla bla asterisk slash... *da dum da dum*... Using System; *bah bum bah bum*...

--

The original article starts:

The U.S. Senate is slated to vote this week whether or not to renew a ban that keeps state and local governments from taxing Internet access.

This is a violation of the interstate commerce clause of the US Constitution which grants the Federal government only the power:

To regulate commerce with foreign nations, and among the several states, and with the Indian tribes;

lyrics
mp3

An on-topic reply with 'pirated' lyrics and audio. hah :)

My advice to you would be to drop the whole CET idea and get a real CS or a real engineering degree. They will be worth a whole lot more in the long run. Or do a dual major with CS/EE and NOT a CET. A CET will cover the basics for CS and EE, but nothing more, you will have lots of general concepts but little hard core, real knowlege. Most high ranked Universities don't offer CET programs, the only ones I know that offer things like CET are 2 year programs, mid-low ranked state schools or ITT Tech trade school type places. A real technical institution like MIT/RPI/CMU etc will only offer REAL enginneering and REAL computer science. Not some strange cross CET that really doesn't explore the nuances of either.

Personally I have a dual major with CS and Electronic Art/Communication. Again, I would highly reccomend a dual major over a major that claims to combine two others. It will be more work but it will pay off in the long run.

No mod chips were used in the book, at least from what I can see. So maybe you should stop jumping to conclusions and do some research before spouting your mouth off.

The creator of aibohack.com, who uses the pseudonym "AiboPet", was distributing modified versions of Sony's software for the AIBO robot pet. Clearly this was a copyright violation that Sony had the right to protest. But he was also publishing some basic information about the protection scheme for the AIBO's memory stick. In their letter to him, Sony claimed this little essay violated the DMCA and asked that the file be taken down.

Similarly, your response regarding the copy protection protocol does not justify your actions. Your discontinuation of "Format AIBO" is certainly a step in the right direction. However, your site still contains information providing the means to circumvent AIBO-ware's copy protection protocol constituting a violation of the anti-circumvention provisions of the Digital Mellennium Copyright Act.

No mod chips were used in the book, at least from what I can see. So maybe you should stop jumping to conclusions and do some research before spouting your mouth off.

The creator of aibohack.com, who uses the pseudonym "AiboPet", was distributing modified versions of Sony's software for the AIBO robot pet. Clearly this was a copyright violation that Sony had the right to protest. But he was also publishing some basic information about the protection scheme for the AIBO's memory stick. In their letter to him, Sony claimed this little essay violated the DMCA and asked that the file be taken down.

Similarly, your response regarding the copy protection protocol does not justify your actions. Your discontinuation of "Format AIBO" is certainly a step in the right direction. However, your site still contains information providing the means to circumvent AIBO-ware's copy protection protocol constituting a violation of the anti-circumvention provisions of the Digital Mellennium Copyright Act.

C++ itself is undergoing a revision. But the plans for it aren't that good.

The big problem with the C++ committee is that most of the members don't want to admit the language has major problems. Neither does Strostrup, who has written that only minor corrections are needed. If that was really true, we wouldn't need all those variants on C++ (Java, D, C#, Objective-C, Managed C++, etc.)

The committee is dominated by people who like doing cool things with templates. Most of the attention is focused on new features for extending the language via templates. It's possible to coerce the C++ template system into running programs at compile time (see Blitz). Painfully. LISP went down this dead end, where the language was taken over by people who wanted to extend the language with cool macros. (See the MIT Loop Macro.) We all know what happened to LISP.

What isn't happening is any serious attempt to make C++ a safer language. C++ is the the only major language that provides abstraction without memory safety. That's why it causes so much trouble. C++ objects must be handled very carefully, or they break the memory model. This usually results in bad pointers or buffer overflows. Java, etc. are protected against that. This is the basic reason that writing C++ is hard.

It's not fundamentally necessary to give up performance for memory safety. I've written a note on "strict mode" for C++, an attempt to deal with the problem. I'm proposing reference counts with compile-time optimization, rather than garbage collection. The model is close to that of Perl's runtime, which handles this well.

Garbage collection doesn't really fit well to a language with destructors, because the destructors are called at more or less random times. Microsoft's Managed C++ does that, and the semantics of destructors are painful. With reference counts, destructor behavior is repeatable and predictable, so you can allocate resources (open files, windows) in constructors and have things work. The main problem with reference counts is overhead, but with compiler optimization support and a way to take a safe non-reference-counted pointer from a reference counted object, you can get the overhead way down and reference count updates out of almost all inner loops.

C++ itself isn't that bad. The language could be fixed. But I don't see it happening. Microsoft has gone off in a different direction with C#. SGI, HP, DEC, Bell Labs, SCO, and Sun are defunct or in no position to drive standards any more.

What C++ needs is some hardass in a position to slam a fist on the table and say "Fix it so our software doesn't crash all the time". It doesn't have one.

This is off-topic. Further, it is most likely a waste of my time. But what the heck, I'll reply this once.

The Supreme Court has already ruled that criminals don't have to register their guns

You call it idiotic distortion, the Supreme Court called it a Fifth Amendment issue. Since convicted criminals have lost their right under the law to have firearms, they would be incriminating themselves to register them, thus convicted criminals are exempt from registration laws.

Haynes v. U.S. 390 U.S. 85 (1968)

Did it ever occur to you that "law abiding folks" sometimes become criminals?

Sure. And some of them are stupid enough to commit a crime that can be easily traced back to them. That's why I conceded that registration would catch a few really dumb criminals.

If not, do you get out from under your rock often?

This is why I am probably wasting my time. You are talking like a person who isn't interested in a debate, just interested in "scoring points" with your mind already made up.

Do you really think that ballistics experts would be fooled by the effects from some grit-smeared bullets?

A fired-bullet database would not be searched by ballistics experts, but by computers. The computers already have trouble matching bullets correctly:

"When cartridges from the same manufacturer were test-fired and compared, computer matching failed 38 percent of the time. With cartridges from different manufacturers, computer matching failed 62 percent of the time."

"The experts concluded it's unknown whether cartridges fired after typical firearm break-in and wear can at all be matched to the cartridge fired when the gun was new."

How Reliable Is Ballistic Fingerprinting?

If you worked in a machine shop and some street thug showed up with a Glock and wanted you to change out a perfectly good barrel, wouldn't you get suspicious?

Unless you have some way of keeping criminals from buying machine tools, criminals could put together their own machine shop. That news story I quoted, above, suggested that a file is all you really need to change the barrel enough to make a bullet not match the database.

You wouldn't make much of a cop, would you?

I'll concede that more data is always better than less data, and it might sometimes help to know from whom a weapon was stolen. But it won't help that much. Criminals already buy stolen guns on the street, and a gun might change hands more than once before it's used in a crime.

And remember, this is all assuming the fired-bullet database actually produces reliable matches.

Maybe if one of the "few really dumb criminals" shoots your father, mother, wife, or child, you will get a better perspective on the value of catching them.

If a proposed anti-crime measure caught only a few really dumb criminals, and had no other side effects, I'd be in favor of it, even if it was a bit on the expensive side. But this isn't that simple. If you want to convince me that firearm registration is a good idea, you will need to show evidence that the good outweighs the harm.

And given the special status of firearms -- people use them to defend their families, and they are the last resort against a tyrannical government -- you will need to show exceptional evidence to convince me. Because registration, while it may not inevitably lead to confiscation, certainly paves the road for it.

I don't care about hand-picked statistics since they are normally flawed, skewed, and cooked.

I picked the state where I live. I pointed out that despite the lack of a training requirement, my state has no problems with the folks who get concealed carry licenses. You were the one arguing that people should be required t

Just think of all the awful things you've never done:

"Have you ever ordered, or yourself committed, genocide?" "That's clean." "Have you ever annihilated a population?" "That's clean." "Have you ever upset an ecology?" "That's clean." "Have you ever practiced terrorism?" "That's clean." "Have you ever bred bodies for degrading purposes?" "That's clean." "Did you come to Earth for evil purposes?" "That's clean." "Have you ever made a planet, or nation, radioactive?" "That's clean." "Have you ever caused a planet to disappear?" "That's clean." "Have you ever torn out someone's tongue?" "That's clean." "Have you ever blinded anyone?" "That's clean." "Have you ever smothered a baby?" "That's clean." "Have you ever participated in a sexual relationship between a doll body and a human body?" "That's clean." "Have you ever made love to a dead body?" "That's clean." "Have you ever tortured another with electrical, or electronic devices?" "That's clean." "Have you ever been a professional executioner?" "Clean."

Have you ever enslaved a population?, part of The Road to Xenu, the story of a woman caught up in Scientology.

This here talks about CMU's wireless initiative, one of the oldest in the country (started even before 802.11 was out).
Security sucks though. No encryption, only MAC authentication for registered cards. Of course, all campus email, grade servers are encrypted (even our library requests are!). But you could just snoop anyone's yahoo mail off the air for example. Maybe they should have criteria like how secure the network is, in the criteria for judging as well.

I really don't see how you could improve Carnegie Mellon's wireless network. I have never been anywhere on campus where I couldn't get a strong signal. There are even power outlets everywhere - even outside - for the "weak-batteried". Bringing your laptop to class is as normal as bringing a pencil. Check out CMUSky, it gives great statistics about Andrew in real-time.

Someone had to do it. Get your .torrent here

This is x86 specific since I'm talking about the stack frame and specific registers, etc. but can be "ported" to other architectures with similar ideas

foo.c
#include <string.h>

int main(int argc, char *argv[])
{
char buf[5];
strcpy(buf, argv[1]);
return 0;
}

> make foo && ./foo AAAAAAAAAAAAAAAAAAAAAAAAAA

This is an example of a trivial buffer overflow. These types of attacks happen due to the nature of the stack. All local variables are stored on the stack - along with the saved ebp AND the return address. strcpy doesn't do any sort of bounds checking on the buffers it is copying between. In this case, buf is filled with the first 5 A's, but then the other n-5 A's must go somewhere else as well. What will happen is that eventually the saved value of ebp will be corrupted and become 0x65656565 ("AAAA") and the RETURN ADDRESS (this is the location that will be jumped to upon exiting the function) will be corrupted and become 0x65656565 ("AAAA"). If the malicious user is crafty enough in the creation of the exploit string he will specify an actual address somewhere relatively close to the current buffer and to jump to. Since that memory will have been copied by the call to strcpy, after completing this function, the program will jump to the attackers code and happily execute it. Thus allowing arbitrary code to be executed.

For a more detailed explanation of how these things work check out "Smashing the Stack for Fun and Profit" in phrack #49. Actually, reading old phracks is a good way to get an idea about lots of different issues in security :)

You can also check out these slides from an introductory systems course at Carnegie Mellon University. (OK, its a shameless plug of sorts since I'm TAing it, but they actually are pretty good slides. :-P)

This is x86 specific since I'm talking about the stack frame and specific registers, etc. but can be "ported" to other architectures with similar ideas

foo.c
#include <string.h>

int main(int argc, char *argv[])
{
char buf[5];
strcpy(buf, argv[1]);
return 0;
}

> make foo && ./foo AAAAAAAAAAAAAAAAAAAAAAAAAA

This is an example of a trivial buffer overflow. These types of attacks happen due to the nature of the stack. All local variables are stored on the stack - along with the saved ebp AND the return address. strcpy doesn't do any sort of bounds checking on the buffers it is copying between. In this case, buf is filled with the first 5 A's, but then the other n-5 A's must go somewhere else as well. What will happen is that eventually the saved value of ebp will be corrupted and become 0x65656565 ("AAAA") and the RETURN ADDRESS (this is the location that will be jumped to upon exiting the function) will be corrupted and become 0x65656565 ("AAAA"). If the malicious user is crafty enough in the creation of the exploit string he will specify an actual address somewhere relatively close to the current buffer and to jump to. Since that memory will have been copied by the call to strcpy, after completing this function, the program will jump to the attackers code and happily execute it. Thus allowing arbitrary code to be executed.

For a more detailed explanation of how these things work check out "Smashing the Stack for Fun and Profit" in phrack #49. Actually, reading old phracks is a good way to get an idea about lots of different issues in security :)

You can also check out these slides from an introductory systems course at Carnegie Mellon University. (OK, its a shameless plug of sorts since I'm TAing it, but they actually are pretty good slides. :-P)