Slashdot Mirror

Well, Perspectives performs basically the same function and it's roughly free.

http://www.cs.cmu.edu/~perspectives/index.html

I'd like to encourage more folks to look critically at this system. You can think of it as an analog to public key servers, which are a free solution for associating public keys with persons.

Maybe Perspectives can help show that certs come from the right source.

http://www.cs.cmu.edu/~perspectives/index.html

Here's some research on 'A Privacy Algorithm for 3D Human Body Scans' for the no-no spots.

http://www.cylab.cmu.edu/research/techreports/2006/tr_cylab06001.html

Suppose it wouldn't be a stretch to adopt to issue at hand.

raid was not supposed to be about fault tolerance. Look at the name - redundant array of inexpensive disks. The idea was to make a bunch of cheap disks look like one big expensive disk - the "redundant" just happened to be a misnomer, because it really doesn't have a heck of a lot of redundancy with only one parity drive (or a mirror of one drive, or, worst-case - no parity in a jbod).

Actually, if you read the original Case for Redundant Arrays of Inexpensive Disks, you'll see that in the strictest sense, you assertion is completely wrong. Look at this quote from the authors' conclusions: "With advantages cost-performance, reliability, power consumption, and modular growth, we expect RAIDS to replace SLEDS in future I/O systems."

Even a few years ago, almost 20% of all raid failures resulted in total loss of the raid because a second drive would fail during rebuilding. "Silent failures" are only detected during the rebuild, so it doesn't matter how much you mix drives by manufacturer and batch and age - your risks of a total loss increase with individual disk size.

This is also false for any modern RAID implementation. Any decent RAID controller (including mdadm for Linux software RAID) will run periodic parity checks. For instance, mdadm on Debian runs a full parity check monthly on the first Sunday of the month. So if you have a bad block somewhere that doesn't ordinarily get accessed, it will be detected during the monthly check.

raid is not a backup, but people take the "redundant" part and think - "I can recover from a failure" when in many cases that's simply not true, especially if it's a controller failure and the company is no longer in business

Oh, I agree that many people get bitten by the "RAID is not a backup" issue. But an errant "rm" is orders of magnitude more likely to bite a "RAID=backup" adherent than multiple simultaneous disk failure.

Regarding proprietary hardware raid controllers, I've only ever used software RAID, but people who I know who use hardware controllers buy spares in case the company discontinues the product or goes out of business. This is good practice anyway, as even if the controller is still in production, who wants to wait for fedex delivery when a raid controller flakes out?

Large disks are incredibly cheap compared to historic prices. Keep multiple backups on a couple of machines instead of a raid.

I'll remind you, RAID is not backup. RAID is about high-availability, not about backup. It's great that you do multiple backups, but you'd still have to do that even with RAID.

If you have a disk failure with RAID, the situation is, "oh crap, I need to replace a failed disk sometime soon." If you have a disk failure with no RAID, the situation is, "oh crap, I have to restore from backup."

I realize you've had some nightmares with RAID. But your personal unluckiness does not make RAID a bad idea. Personally, I've had several instances of single disk failure, and I've been very happy to have had RAID. It meant I had an urgent situation instead of an emergency situation.

If either you or I have 4 disks fail simultaneously, we're pretty much in the same boat: restoring from backup. But if we both have 1 disk fail, you are restoring from backup. I am not.

And who writes this crap? Do they even proofread it? Seriously, try to parse this sentence:

GNU rewritten Unix utilities tool set were invented by through the purity in effort of Richard Stallman-- the pillar of free software.

No Problem! Parse a sentence

Cosma Shalizi rants a lot about scientists' (often physicists') claims about having found a power law description of some empirical phenomenon (upshot: finding a straight line on a log-log plot isn't enough). See the following:

http://cscs.umich.edu/~crshalizi/weblog/491.html
http://cscs.umich.edu/~crshalizi/notebooks/power-laws.html

I was intrigued by your comment about Indianapolis.
If anyone else is interested, a little searching (google: police street brawl Indianapolis) turned up http://www.cs.cmu.edu/~pshell/gammage/testimonies/indianapolis.html as a summary.

Dare I say it on /. but ... for movies, DRM worked.

(Yes I know there are exceptions to what I'm about to say. I'm trying to make a point, not write a voluminous tome of completeness.)

A CD contains the complete content, uncompressed, with no DRM. Save for a few technical arguments that make most peoples' eyes roll, nothing in audio is better. CD drives are ubiquitous. You can take any CD and pop it into any computer and with few, if any, clicks it is copied into your computer and you never need touch that CD again. Thanks to no DRM, it's so easy to copy/rip a CD it's almost hard not to.

A DVD contains a fraction of the content, with DRM. Until we can distribute uncompressed UDTV-format video content for pennies, we'll keep getting upgrades. DVD drives are close to ubiquitous. While you can take any DVD and pop it into any computer to view, copying that DVD onto your computer requires non-trivial technically-illegal software with the user understanding technical obscurities. Thanks to DRM, most people are incapable of copying/ripping DVDs.

Yes, many on /. know how to beat DVD DRM. Some of us even have the T-shirt to prove it. ...but it's not trivial, it's not something so easy that it's almost unavoidable. The vast majority of users not only don't have a "video jukebox" set up on their PC, they wouldn't have a clue how to start.

Upshot is: DRM worked. DVD CSS did its job. And the reason "movies are not exactly like music", for purposes of this thread, is that thanks to DRM, DVDs resist ripping, while CDs practically encourage it.

Carnegie Mellon is not a state school. Their tuition is $40,300 per year. http://www.cmu.edu/hub/sa/sa_tuition.html

It's often best to know what you're talking about before opening your mouth.

I completely agree with you, it is a very real engineering problem that requires serious academic examination. This is a good candidate for something like that Software Engineering Institute. The issue is one of writing software and managing a code base. It is a logistics problem. Maybe it can only be solved by a new language or method of source control or verification. In that area, yes, it's open to computer science to explore. But in general, it's a code architecture, testing, development methodology problem, which is the concern of software engineering.

Having taken several courses on AI, I never found a contributor to the field that promised it to be the silver bullet -- or even remotely comparable to the human mind.

Not today, after the "AI Winter". But when I went through Stanford CS in the 1980s, there were indeed faculty members proclaiming in print that strong AI was going to result from expert systems Real Soon Now. Feigenbaum was probably the worst offender. His 1984 book, The Fifth Generation (available for $0.01 through Amazon.com) is particularly embarrassing. Expert systems don't really do all that much. They're basically a way to encode troubleshooting books in a machine-processable way. What you put in is what you get out.

Machine learning, though, has made progress in recent years. There's now some decent theory underneath. Neural nets, simulated annealing, and similar ad-hoc algorithms have been subsumed into machine learning algorithms with solid statistics underneath. Strong AI remains a long way off.

Compute power doesn't seem to be the problem. Moravec's classic chart indicates that today, enough compute power to do a brain should only cost about $1 million. There are plenty of server farms with more compute power and far more storage than the human brain. A terabyte drive is now only $199, after all.

Having shifts in the address calculation is fine for ARM7 where you're trying to squeeze every possible functionality out of a tiny number of gates, and don't really care about performance. But for even a reasonably high-performance design, you need to have a consistent pipeline.

Probably the most important pipeline is the Decode->RegRead->AddressFormation->Dcache->Writeback pipeline. The latency of this pipeline is critical for performance. ARM has some advantages here: uniform (or, somewhat less so, semi-uniform, a la Thumb2) is easier to decode than variable-length at the byte level x86. Most architectures have an adder in the AddressFormation part (though notably not ia64). If you add two registers (which you can't in MIPS) you probably want to be able to shift by the access size because you're doing something like indexing into an array. So a small left shifter before the adder isn't uncommon, and it's usually about a 4:1 mux in terms of delay.

But ARM allows you to do full rotations in front of the adder. This means you need more levels of logic in front of the address calculation adder, which hurts your memory latency. You can make it a multicycle instruction or split it up into multiple instructions (and many implementations do), but that of course adds significant complexity.

The page table formats are kind of kooky. Most 32 bit architectures choose 4K pages as the minimal page size. 4K L1 translation and 4K L2 translation translates all 20 bits you need. The page tables are a multiple of the page size, which is handy. It's so clean, it's pretty obviously the "right" thing to do.

ARM has a 16KB l1 translation, because they used to support 1KB pages, but no longer do. They have strange attributes that move around the format, which makes it more difficult to manipulate the page table entries. They also have no free bits, which makes it a pain in Linux to keep information like how new or clean the page is.

I will say that the page tables are getting cleaner as they deprecate things like 1KB pages, but they're still pretty painful compared with other architectures.

The Alpha Architecture Handbook is a good read, and Alpha is my very favorite RISC. Not that it's magical, either, but it's a lot cleaner than ARM. And it's less than half the length of the ARM Architecture Reference Manual (ARM ARM, which I must admit is a clever acronym).

I am an atheist. I have many friends and family (including my wife) who subscribe to one of the many Christian variants. Also friends and colleagues who are Hindu, Sikh, Islam etc etc.

Once upon a time I had lots of close friends who are now Scientologists. They actively, passionately, and publicly hate me and consider me to be a deeply immoral person. A SP in their own language.

The gulf between your 'typical' Scientologist and how they view the world and other mainstream faiths is in my own very direct experience, is an extra-ordinary gulf.

You can trot out the religious atrocities of the past, but your typical theist today is as likely as a non theist to be a decent, social, community minded person. Scientology followers, by virtue of their extremist and uncompromising doctrine, are very much an anti social vector, and the only community they respect is their own Scientology community. As for your uninformed comments about only 'retards' being attracted to Scientology - cults like Scientology are actually quite nuanced and sophisticated in their recruitment - and attracting educated white collar folk is their bread and butter. Read this book if you have the inclination. A piece of blue sky

I don't know why this is considered censorship. They brought the case before a judge who made a legal decision which can be appealed (and is).

France did not ban the organization from the country (although it seems as though they wanted to). Had they done that then I could understand the censorship tag, but really... Being tried for a crime in this case does not mean censorship.

In the US, $cientology gained its recognition as a "religion" through its members filing numerous lawsuits against the IRS in all fifty states, bugging government offices, stealing files, etc... . There is a secret agreement between $cientology and the IRS that hasn't been released to the public. (It has since been leaked, but never formally released.)

Essentially, $cientologists get to deduct the costs of their "courses" from their taxes. No other religious group in the US gets to do this. (see Sklar v. IRS)

I don't know why this is considered censorship. They brought the case before a judge who made a legal decision which can be appealed (and is).

France did not ban the organization from the country (although it seems as though they wanted to). Had they done that then I could understand the censorship tag, but really... Being tried for a crime in this case does not mean censorship.

In the US, $cientology gained its recognition as a "religion" through its members filing numerous lawsuits against the IRS in all fifty states, bugging government offices, stealing files, etc... . There is a secret agreement between $cientology and the IRS that hasn't been released to the public. (It has since been leaked, but never formally released.)

Essentially, $cientologists get to deduct the costs of their "courses" from their taxes. No other religious group in the US gets to do this. (see Sklar v. IRS)

Right about now, I'm sure their loving the guy who decided they needed a 5.5mb background jpeg on their page.

1. Set up a website with a 5.45 MB background image
2. Submit it on Slashdot
3. You're done

What use is encryption if you can't guarantee that there's not a man in the middle? This is why self-signed certs are a bad idea. That is, unless you want your users calling you up to manually verify your key.

Or using something like Perspectives to get much the same effect.

That's pretty damn cool. It reminds me of scene completion, which is another take on the same idea - combining images from Flickr to create new images according to a brief sketch.

MOD PARENT UP!

OT III is an *excellent* choice. It's the Scientology doctrine that shows the world it's actually a UFO cult.

You might want to make sure your students have health insurance; OT III has been suggested to cause pneumonia and death.

http://www.cs.cmu.edu/~dst/OTIII/

You can download a PDF version of the book here for free. It is out of print.

http://www.cs.cmu.edu/~dst/Library/Shelf/atack/

With legal chicanery I mean e.g. leveling a barrage of nuisance lawsuits at an opponent with the objective of bankrupting the victim by forcing him to expend ruinous sums on legal counsel, or alternatively by securing unfounded convictions against the victim where he has been unable to mount an adequate legal defense (See e.g. http://www.cs.cmu.edu/~dst/Fishman/Declaration/exhibg.html).

An additional form of chicanery is to drop charges against a victim who does mount an adequate defense in order to avoid unfavorable precedents from being set against the sect (see http://www.rechtspraak.nl/Gerechten/HogeRaad/Actualiteiten/Hoge+Raad+verwerpt+het+cassatieberoep+in+de+zaak+Scientology+providers+en+Spaink.htm (in Dutch)).

Of course the wave of counter-harassment and even threats (see http://en.wikipedia.org/wiki/Project_Chanology) goes too far. But what the Cult now pleads for is to introduce a totally ambiguous definition of "Websites created with primary purpose of inciting religious vilification" (read: "anybody who says something to the effect that the Scientology sect is a nasty, dangerous, for-profit outfit") and strip those of anonymity or even the right to exist at all. In plain text: anyone who writes anything against the Scientology cult will now be exposed to harassment lawsuits, career wrecking, and intimidation (see the Fishman affidavit in one of the links above).

The full text of the "recommendations" I reproduce below:

SUMMARY OF RECOMMENDATIONS

Recommendation 1: The implementation of Criminal and Civil Restrictions on Religious Vilification.

Recommendation 2: Restriction on Anonymity on acts of Religious Vilification:

2.1 Websites created with primary purpose of inciting religious vilification shall be removed or their access to the Australian public restricted.

2.2 Creators of websites whose primary purpose is the incitement of religious vilification shall be prevented from concealing their identity.

Recommendation 3: Restriction on Religious Misinformation and Misrepresentation known or reasonably known to be untruthful in the Media

Recommendation 4: Include a form of Bill or Charter of Rights into the Australian Constitution, which prevents the Commonwealth from making any law, which 'directly, indirectly or incidentally' prohibits the free exercise of religion to the extent of such prohibition

What part of this looks as if it provides any safeguards against the most appalling abuse? Where are the checks and balances? Who determines what is "misinformation", or "incitement of religious vilification"? Would quoting court documents that state the Scientology sect pr

Mods, you've just blown a point on some GNAA flamebait.
For the real version of "Understanding Scientology" by Margery Wakefield, see http://www.cs.cmu.edu/~dst/Library/Shelf/wakefield/us-07.html

Netapp released a study as well that included enterprise targeted drives, and in some cases the fiber-channel drives had significantly better error rates. The other interesting studies here are from Google and Carnegie Mellon

A 9-foot vertical won't be enough to clear the university's new 40-foot artificial geyser.

The problem with this sort of article is that it doesn't say how the thing actually works. They are trying to solve the 'SLAM' or Simultaneous Localization and Mapping problem. The best approaches have recently been particle filter based. See the work by Sebastian Thrun at Stanford or Montemerlo's dissertation at CMU. I would have to guess that they are using a similar approach.
But of course this has been done before. The discussed project looks very similar to Minerva.

The problem with this sort of article is that it doesn't say how the thing actually works. They are trying to solve the 'SLAM' or Simultaneous Localization and Mapping problem. The best approaches have recently been particle filter based. See the work by Sebastian Thrun at Stanford or Montemerlo's dissertation at CMU. I would have to guess that they are using a similar approach.
But of course this has been done before. The discussed project looks very similar to Minerva.

Marines: I expect a good chunk of your R&D budget for this design.

The base R&D has been done. They clearly say in the article they want something like Dragon Runner with more capability.

I know a bit about Dragon Runner. Trust me, it's seriously cool and very well engineered. If you don't believe it has the "throwable" part down, watch this movie.

That's exactly what makes the predictabiltiy of SSNs very scary.

Then I guess this gallery should be useful for a lot of people.

Yup, this is exactly what Tekkotsu does, for example, here is the tutorial page and the event class reference page

So for instance, there are events for obvious things like button presses, but also for seeing an object, sensor updates, power status, etc. Further, there are events for individual stages of vision processing so only the stages which actually have subscribers are computed, and those computations are only performed once per frame regardless of how many behaviors want to use that data.

To be fair, a lot of robotics frameworks do something like this, at the least for expensive processing units like vision.

1. What revision control software are you using?
2. What system do you use for tracking bugs?
3. Are you familiar with Capability Maturity Model Integration (CMMI)? If so, what level certification have you achieved?

If they respond to #1 with a blank stare or "huh?" I'd advise running for the door. If they are not using any kind of revision control software, and don't know what it is, the place is very poorly managed and will cause you some serious nightmares. All of the places where I've worked, which didn't use revision control, went out of business within a couple years.

Personally, I prefer Subversion, and I converted my prior employer to using it. They didn't understand why I wanted to use it, but they weren't averse to trying something new. After it saved our butts a couple times, they understood perfectly well why I wanted to use it and continue to use it after I left.

The job before that, I used StarTeam. Borland bought StarBase (the maker of StarTeam) while I was with that employer.

My current employer uses CVS. It has its warts, but it works.

For question #2, my current employer uses Bugzilla. It works reasonably well. My prior employer didn't have a bug-tracking system. The second or third web app they had me write was a bug-tracking system, not oriented toward software development but toward the larger company (hospitality). We ended up using a wiki for bug-tracking. StarTeam had a "Change Control" system built into it, so that employer had excellent bug-tracking software.

I've had only one employer who knew what CMMI was (question #3). They could've passed a level 3 certification if necessary. If you're going to develop for the DoD, you used to need a level 4 cert; not sure if that's the case any more.

For those who don't know, CMMI is merely a methodology for ensuring that:

• coding standards are in place
• development documentation is in place
• the project is well-managed on, time, responsibilities and risks
• there is a reasonable probability of delivering on-time

It can be tedious, consistent, or both. The better places are the latter, not so much the former.

In short, they should have good, solid answers for #1 and #2, while #3 is a nice-to-have.

\0 isn't a legal character in DNS protocol

Say, that's a pretty good idea. Start by limiting the input to DNS-valid characters.

Geez.

For anyone who thinks "Well, I guess there might be some bad CAs out there," please keep in mind that it only requires one of the CAs (or their delegates) that your browser recognizes to make a mistake and you're hosed. Now go look at how many CAs are listed in your browser.

Damnit, it's time to flog this again:

Every time this topic comes around I feel like I should share this thing I've run across:
  Perspectives.

Basically, "network notaries". Decentralization of (a kind of) authentication.

This is one thing that makes self-signed certs viable for a popular audience.

The issue of public self-signed certs seems best resolved by using Perspectives (http://www.cs.cmu.edu/~perspectives/firefox.html), which solves the man-in-the-middle problem using a distributed set of auditing servers to verify you are getting the same certificate others on the internet are.

This method has advantages over paying for a certificate from a CA vendor. It is possible for a determined man-in-the-middle attack to succeed without any errors on the client using social engineering or other measures to get a validly signed copy of the certificate for a site without being the actual site owner due to the lax verification measures used by some of these vendors.

Another common issue, companies should be creating their own CA certs and deploying them to clients in situations where the client is controlled (for example intranet sites), but most instead train their users to ignore these errors. See this example, (http://www.debian-administration.org/article/Creating_and_Using_a_self_signed__SSL_Certificates_in_debian) note that these basic instructions work on any operating system, not just Debian, using openssl at the command line.

I've been using the Perspectives addon for a while, and have been quite satisfied with it.
http://www.cs.cmu.edu/~perspectives/firefox.html

If it (or similar functionality) could be built into Firefox (with some obviously necessary UI changes), I think it could go a long way towards solving the certificates problem. In all my time using it (well over a year now), I've only had one case where it told me things were awry but they were actually fine, and it was where the site had changed their certificate sometime in the last 30 days, and the graphs from the notary results represented that quite clearly to someone who knows what it means, but making that an easy call for someone who doesn't would be more difficult. That particular issue could be solved in software, though. If any changes were seen pretty much simultaneously by all notaries then they're probably safe changes. (They might have even added this in the latest version, since it's been a while since I've seen that particular problem.)

Every time this topic comes around I feel like I should share this thing I've run across: Perspectives.

http://www.cs.cmu.edu/~perspectives/

Basically, "network notaries". Decentralization of (a kind of) authentication.

This is one thing that makes self-signed certs viable for a popular audience.

She now realizes that Ken Thompson's paper:

"Reflections on Trusting Trust"

http://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf

- is the basis of ANY hardware firmware or re-flashing of hardware.

I can't wait for next month and hopefully the bombshell we've been waiting for.
Brilliant Joanna indeed.

Coda, and before that, AFS. Oh, and Lustre.

It's not a new idea. The only real difference here is that it's associated with BitTorrent and The Pirate Bay, and is designed to handle a whole set of problems you won't have, like untrusted machines communicating over the Internet, and how to compensate people for using their hard drive to store your stuff.

Every few months, the Mac web is bombarded with open pleas to Apple, askingnay, demandingthat Apple swap out the Mach-based kernel that Mac OS X runs on, XNU/Darwin, with Linux. This, of course, ends in with Apple stoically continuing development of XNU/Darwin while fanboys dry their eyes and limp home after their flamewars. The cycle then repeats itself again a few months later like clockwork. The truth of the matter, however, is that Apple will never replace XNU/Darwin with Linux.

Tearing XNU/Darwin out from OS X and replacing it with Linux would be winding the clock back almost twenty-five years. Mach, which comprises a large percentage of XNU/Darwin's XNU kernel, was a microkernel research project developed at Carnegie-Mellon University in the Eighties, overseen by Avie Tevanian, who usually worked on it while playing Depeche Mode and Tears For Fears and ushered it through various revisions at NeXT and, ultimately, Apple.

This continuity of development has given Apple a tight integration between the kernel, libraries, utilities, and higher-level frameworks. Linux would throw that synergy right out the window, making Apple dependent on an entirely unregulated development team, and forcing Apple to play catch-up with their specific needs after every major upgrade to Linux. Apple would have to hire Linus Torvalds in order to recreate the creator/creation dynamic they have now. And as Linus has stated several times, he'll never go work for a company doing Linux.

Perhaps one reason Linux users bleat so unceasingly for Apple to switch kernels stems from a pre-NeXT project the company ran called MkLinux. MkLinux was a version of Mach running Linux as a process. The project was sponsored by both Apple and OSF/1 and ran on Apple's first generation Power Macs and some early second-generation Power Macs. Performance was about 20% less than a native Linux would have been, but that wasn't the point; Apple was looking at different ways to create a modern operating system in the dark times of Copland before NeXT was even a gleam in their eyes.

After Apple's operating system woes came to a head in 1997, MkLinux was all but forgotten by everyone except the long-time Apple engineers tasked with updating OPENSTEP alongside their NeXT counterparts. It was a non-starter, but it was the first taste of Linux anywhere near a Mac; it would be years later that Linux/PPC or the swatch of PowerPC versions of more popular distributions like Debian, Fedora, SUSE, and YellowDog came to Apple motherboards.

"But wait!" whine the Linux zealots, "Apple uses the BSD kernel in Mac OS X, and that's not under their control!" And so it is not. But the portions of the FreeBSD kernel are only used to fill out Mach, and as such does not constitute a significant portion of the kernel. In fact, Apple's use of BSD code is so minute that it amounts to being a charity project that allows Apple a way of keeping FreeBSD solvent. So Apple is simply not using the FreeBSD kernel, and asking to replace XNU with the Linux kernel is therefore asking something dispropor

Every few months, the Mac web is bombarded with open pleas to Apple, askingnay, demandingthat Apple swap out the Mach-based kernel that Mac OS X runs on, XNU/Darwin, with Linux. This, of course, ends in with Apple stoically continuing development of XNU/Darwin while fanboys dry their eyes and limp home after their flamewars. The cycle then repeats itself again a few months later like clockwork. The truth of the matter, however, is that Apple will never replace XNU/Darwin with Linux.

Tearing XNU/Darwin out from OS X and replacing it with Linux would be winding the clock back almost twenty-five years. Mach, which comprises a large percentage of XNU/Darwin's XNU kernel, was a microkernel research project developed at Carnegie-Mellon University in the Eighties, overseen by Avie Tevanian, who usually worked on it while playing Depeche Mode and Tears For Fears and ushered it through various revisions at NeXT and, ultimately, Apple.

This continuity of development has given Apple a tight integration between the kernel, libraries, utilities, and higher-level frameworks. Linux would throw that synergy right out the window, making Apple dependent on an entirely unregulated development team, and forcing Apple to play catch-up with their specific needs after every major upgrade to Linux. Apple would have to hire Linus Torvalds in order to recreate the creator/creation dynamic they have now. And as Linus has stated several times, he'll never go work for a company doing Linux.

Perhaps one reason Linux users bleat so unceasingly for Apple to switch kernels stems from a pre-NeXT project the company ran called MkLinux. MkLinux was a version of Mach running Linux as a process. The project was sponsored by both Apple and OSF/1 and ran on Apple's first generation Power Macs and some early second-generation Power Macs. Performance was about 20% less than a native Linux would have been, but that wasn't the point; Apple was looking at different ways to create a modern operating system in the dark times of Copland before NeXT was even a gleam in their eyes.

After Apple's operating system woes came to a head in 1997, MkLinux was all but forgotten by everyone except the long-time Apple engineers tasked with updating OPENSTEP alongside their NeXT counterparts. It was a non-starter, but it was the first taste of Linux anywhere near a Mac; it would be years later that Linux/PPC or the swatch of PowerPC versions of more popular distributions like Debian, Fedora, SUSE, and YellowDog came to Apple motherboards.

"But wait!" whine the Linux zealots, "Apple uses the BSD kernel in Mac OS X, and that's not under their control!" And so it is not. But the portions of the FreeBSD kernel are only used to fill out Mach, and as such does not constitute a significant portion of the kernel. In fact, Apple's use of BSD code is so minute that it amounts to being a charity project that allows Apple a way of keeping FreeBSD solvent. So Apple is simply not using the FreeBSD kernel, and asking to replace XNU with the Linux kernel is therefore asking something dispropor

And no, I haven't yet heared of "web daemons", "NNTP daemons" or "IRC daemons".

Uh, what do you think, exactly, the 'd' in httpd, nntpd and ircd stands for?

There are better ways to generate the actual 3d point cloud if you are taking pictures of all sides of the object. Voxel Carving for one.

I would prefer the headline to stay as it is, or perhaps to be changed to "Daily Receipt of Fellatio Helps Improve Fertility".

Well, here you go:
Oral sex makes pregnancies safer and more successful - study
http://www.cs.cmu.edu/~chuck/infopg/mirrors/repro/sm_514317.html

Carnegie Mellon's NetReg is an open source system that provides a pretty complete IP Address Management toolset, including management of DNS & DHCP configurations for ISC bind/dhcpd. It can manage ISC dhcpd's failover configuration, and multiple server groups, etc.

Rather then just repeating what I've said before when the subject of IP Address Management came up on slashdot, I'll just link to it.

Note: While the project has been pretty quiet for quite some time now, thats mostly because its the system is very stable and there hasn't been a lot of major new development in the last couple of years. I used to be one of the core developers of the system before I moved on to another job, but its still in active use by many sites.

You keep hearing, but you not watching? A preview of Data Parallel Haskell is a part of GHC 6.10. I guess they just need more time, people and/or money - the scope of their project seems to be much broader. Oh, and BTW, the `par` operator has been a part of GHC for quite some time. The very idea, though, is much older, and as the link claims, in 1996, a language with these features had been already in use for three years.

Microsoft is only doing here something they are good ate: shrink-wrapping a technology for the average consumer. I would argue that many developers *can* be classified as consumers. While there is nothing inherently bad with this, it is does not exactly made these patent applications right, either.

I just recently graduated from the electrical and computer engineering program at Carnegie Mellon. The IT policy was pretty solid, open to all platforms, no headaches. Data integrity and personal privacy are held very highly. Student data stored on CMU servers may not be access unless there's an emergency, or if there's a valid warrant.

Getting caught by the RIAA/MPAA/BSA with copyright violation gets you 45 days loss of connectivity on that MAC address, but there's a solid intra-CMU file sharing network.

Plenty of bandwidth available to students (average 1-3MB/sec up and down -- yes, megabyte). Limited to rolling average of 2GB up/down a day over 5 days for wired connections. 750MB for wireless.

More general information can be found here: http://www.cmu.edu/policies/documents/Computing.htm

I'm proud to point out to the peanut gallery that at the "real" CMU, people are responsible for their own computers. The University makes virus scanners available, and will kick you off the network if spyware is detected by remote scans, but it's your machine and they're not going to tell you to bend over and install some piece of spyware on it for them.

We also have public IP addresses and no campus-wide filters or firewalls (other than opt-in spam filters and such voluntary measures). This is what you get when you have professionals running your network and not a bunch of Microsoft Certified corporate knee jerkers. Professionals like ours do their jobs to provide a service, so users can do their jobs with minimal interruption.

Non-professionals like apparently at CMich (and a number of others I won't try to list) get in everyone's way and make the users do their jobs for them -- might as well just unplug the uplink, I'm sure that would greatly reduce malware on campus, and make their jobs easier too. Win win!

Hugs to the Carnegie Mellon IT and net admin for not pulling this kind of crap! Too bad we have to hear stories like this to appreciate how much you all rock! :)

Not that disingenuous.

They were created before Carnegie Mellon, also, Carnegie Mellon University did not get that name until 1965. Central Michigan University got its name in 1959.

And central Mich called themselves CMU pretty much from the beginning. So Carnegie Mellon has no more right to the name than they have.

Also, Carnegie Mellon, in their identity guideliness specifically say not to use "CMU". Instead they use CarnegieMellon as in WikiText or C++ CamelCase.

In other words, Central Michigan University calls them that, Carnegie Mellon does not say they are CMU. The only thing they need to fix is their domain name...

However, it's a 3 letter domain name, and pretty darn cool to have one. Noone wants to have to type http://carnegiemellon.edu/

I attended the other CMU, graduating just over a year ago, and I have to disagree - your network access policy seems especially draconian.

All my registered machines had a publicly-accessible IP address, and if a machine was found in violation of policy, the MAC address was banned for a period of time.

They did suggest installing Norton corporate AV, and supposedly windows machines lacking certain MS updates were disconnected after some period of time, but I never ran into that.

In fact, my friends (mostly CS and ECE) and I (MechE) chose to stay on-campus all four years to maintain access to the network

I found Verizon (provider of my parent's DSL) to be a much more restrictive ISP than CMU.

In short, regarding the original poster: Sucks, dude.

Is it me, or is calling Central Michigan University confusing at best, and disingenuous at worst? (And yes I notice they refer to themselves as CMU.)