Slashdot Mirror

Banning the Scientologists is based entirely on the Whois database, which is so easily fooled it's silly.

They probably already have internet connections at facilities which are not registered under their official name. You have to go to some trouble, frankly, to show up as yourself rather than your ISP. Even still the church may not even realize which connections show up as them, and which don't. They will now.

If they don't feel like relocating some of their online hit squads to some of their vast real-estate holdings which are unaffected, they will effortlessly set up new internet connectivity that is not registered to them, right where they are.

Problem solved - for them. In addition, I suspect this action, in addition to being futile, will activate the vast Church of Scientology attack machine. If the IRS couldn't withstand them, one wonders how Jimmy Wales will do.

Now what they should have done is not said a thing, and written something that allowed the church addresses to see the church edits to the page, and the rest of the world to see the non-church version. This wouldn't work either, but instead of failing immediately, it might fool them for a few weeks. Plus, it would constitute a fun practical joke.

In the end, wikipedia cannot continue to allow anonymous edits - and unlike slashdot, there is no rating system for snippets of text, so there is no way to penalize anonymity in a "soft" way. It's all or nothing.

Scientology may be just the adversary that helps them realize it.

Given that NASA's competence extends to wacky stunts like patching mars rover code by radio, and further given that DeCSS is pretty damn short, when you come right down to it they could probably have just gotten somebody on the ground to read it to them.

The bigger, more serious, question remains: "You are in space! Why are you watching DVDs?"

IIRC, when the Church of Scientology Internationallost a major lawsuit by Steve Fishman, the church executives turned the CSI into a shell, transferring virtually all capital and IP to the Religious Technology Center(which licensed "its" IP back to the CSI), theoretically leaving the plaintiff with nothing from which he could collect.

They'll have to be very careful about doing that. If they transfer the ownership after the court case starts (and they lose) it's quite possible that the court will declare the transfer illegal and let the seizure of assets go ahead anyway. This is what stops normal corporations and people from doing things just as shady when they get into trouble (which isn't to say that the more stupid among them don't try; trying isn't the same thing as succeeding...)

IIRC, when the Church of Scientology Internationallost a major lawsuit by Steve Fishman, the church executives turned the CSI into a shell, transferring virtually all capital and IP to the Religious Technology Center(which licensed "its" IP back to the CSI), theoretically leaving the plaintiff with nothing from which he could collect.

I wouldn't be surprised to find that although the Paris center is incorporated independently of the mother church, and that it'll turn out that, like every Hollywood production, they've been "broke" all along.

Just as Prof. David Touretzky has his Gallery of DeCSS Descramblers, perhaps some other CS Prof would like to put up a website talking about the protocol?

I haven't looked at the code yet, but I'd assume that the bulk of it is considered acceptable by Adobe. So what small piece of it is the target of Adobe's DMCA takedown? Is it something that we can put on a T-shirt? :-)

The project's site is located here. There's quite a bit of information there (check out the first PDF at the bottom of the page).

nVidia's CUDA would have a drastically different method for paralleling, as well as a fundamentally different instruction set, which I assume is more appropriate for heavy computation. The cores are on the same die, for one thing, and I'm willing to bet it's easier to program out of the box. Of course, I'm just inferring, I've never worked with the architecture.

The project's site is located here. There's quite a bit of information there (check out the first PDF at the bottom of the page).

nVidia's CUDA would have a drastically different method for paralleling, as well as a fundamentally different instruction set, which I assume is more appropriate for heavy computation. The cores are on the same die, for one thing, and I'm willing to bet it's easier to program out of the box. Of course, I'm just inferring, I've never worked with the architecture.

Put some measurements in there and you are on your way towards PSP. You should describe the process for your manager and help to spread the method over the whole team. The bliss, that is the TSP, waits for the steadfast.

A summer camp I worked at was using software called gigapan. Basically a tripod with a servo on it and some custom software to take a shit load of ~4MP pictures and stitch them together to create an extremely high resolution panorama.

The CMU project page has more details, and the commercial arm of the project is here.

Fail.

They missed the chapter on how to encrypt DVD.

People should protest outside the courthouse. It's time to go through the 42 ways to distribute DECSS again. What about a tie with the code on it?

Judge Patel sealed the court after DVD Copy Control Association lawyers "argued that public testimony of aspects of the CSS copy-control technology would violate trade secrets."

They almost let the cat out of the bag!

http://www.geocities.com/james_sager2/

and

http://www.geocities.com/james_sager_PA/

this one dissapeared:

http://www.contrib.andrew.cmu.edu/~sager/

but it's still on archive.org

Fascinating stuff James, to a clinical psychologist maybe!

Yes, move your 'crazy' pages - there must be loads of free hosting out there. In fact, that's quite apt - the internet NEEDS sites like yours! I'm fascinated anyway - did you ever build your AI?

Something that may be of interest to you is the Personal Software Process, see http://www.sei.cmu.edu/publications/books/process/psp-self-improvement.html

There are already several project to scan and/or make available ancient texts [see, for example,
http://gallica.bnf.fr/ or http://www.archive.org/ , not to say of the more specialist sites like http://www.etana.org/ (for ancient near-east history) or the impressive Posner Collection at
http://posner.library.cmu.edu/Posner/ ]
However, most of these (with the remarkable exception of gallica and cmu)
  mostly present late XIX
early XX century editions of the texts. This is good, but I feel it is definitely interesting to get also some "primary texts" online, which is what this project is doing [I don't quite like that la "Description de l'Egypte" is under 8000 BC- 499 AD, rather than 1800 AD - 1849 AD: the books are ABOUT Egyptian Antiquities, yet they were written after the Napoleonic expedition!]

I was going to complain about the need to use wget to get the books to browse off line, yet I have just seen that there actually is an option to download the texts as pdf files (alas not djvu); this is really a nice surprise; actually, I was expecting the donating libraries to try their utmost to prevent this [not that it would ever works]

I would say that this is really a worthy project.

P.S.
  There is a small editorial here as well, but I don't know if it requires subscription to be read:

http://www.nature.com/news/2009/090420/full/news.2009.377.html

Any time there is a broad new (read that as "poorly worded") piece of law drafted people always use it to the poorly worded maximum.

No knock warrants were originally to "fight terrorism" - now they're used as a judicial shortcut to bust drug dealers. Often times with horrific results.

Forfeiture laws were originally to return the goods from a crime to their rightful owners. Now, it's a cash grab by the government. They actually find property guilty. Or sometimes not even that much. Then they find the property (not the person carrying it, mind you) guilty and keep it.

Now we have the DMCA, which is being used to stifle competition and strangle free speech.

Why is anybody surprised?

We had precedents of poorly worded laws and what happens when we pass them into law. But when it's the government that benefits, it's hard to convince them to stop.

...throw in some business management courses

Agreed. I'm 55 and I've been writing software since 1972. I only have an AAS -- I don't think CS degrees even existed when I was in school. Life was good until Jan, but then I was RIFed (first time for me). Now I'm bobbing along in a sea of baccalaureal hammerheads. Ever see the movie "Open Water"? Feels like that. I'm also going to try to get some relevant education and a degree or certification, since I have access to govt Trade Adjustment Allowance (TAA) funding ($13k). That should cover .... um .... about 2 hours of first year art history at Carnegie-Mellon SEI. Yee-ha. And meanwhile the COBRA will be eating $1100/mo.

Some unrelated observations/opinions:

• Older IT workers are generally better compensated, either because they've been loyal to the company, or they've amassed a substantial base of industry-relevant knowledge.
• Expensive workers float to the head of the RIF list.
• The cost of hiring a full-time worker is considerable. Virtues like flexibility, the willingness to learn and adapt, and the ability to "fit" into the culture and infrastructure of a company can be far more important than a canned education. These traits can be the hallmarks of older workers; at least I hope they are for me. Granted, I have worked with some crotchety, stubborn, command-line, two-finger-hunt-and-peck old coots.
• Younger, agile brains can more easily think outside the box.
• Older, more experienced brains know there's more than one box.
• A previous post mentioned the "ten thousand hours" threshold to achieve competency on a subject (probably referring to the book "Outliers"). On how many chips, operating systems, languages, and applications can you claim that kind of proficiency? Multiply that by 6 the next time you see one of us old farts. I don't wish to be judgmental, pedantic or dismissive. To provide some balancing perspective, I'll acknowledge that 60% of my accumulated proficiency would only be demonstrable in a museum.
• I know the lyrics of every "Beach Boys" song, but I'll be damned if I remember where I parked the truck.
• Twitter? No thanks. You really don't want to get me started on my prostate....

Somebody's going to mention it so here it is: there was a BSD unix research project that ended as the soft-updates implementation (currently present in all modern free BSDs). It deals precisely with the ordering of metadata and data writes. The paper is here: http://www.ece.cmu.edu/~ganger/papers/softupdates.pdf. Regardless of what Linus says, soft-updates with strong ordering also do metadata updates before data updates, and also keeps tracks of ordering *within* metadata. It has proven to be very resilient (up to hardware problems).

Here's an excerpt:

We refer to this requirement as an update dependency, because safely writing the direc- tory entry depends on first writing the inode. The ordering constraints map onto three simple rules: (1) Never point to a structure before it has been initialized (e.g., an inode must be initialized before a directory entry references it). (2) Never reuse a resource before nullifying all previous pointers to it (e.g., an inode's pointer to a data block must be nullified before that disk block may be reallocated for a new inode). (3) Never reset the last pointer to a live resource before a new pointer has been set (e.g., when renaming a file, do not remove the old name for an inode until after the new name has been written). The metadata update problem can be addressed with several mecha- nisms. The remainder of this section discusses previous approaches and the characteristics of an ideal solution.

There's some quote about this... something about those who don't know unix and about reinventing stuff, right :P ?

There's a FireFox plugin called "Perspectives" which is designed to deal with this sort of thing. http://www.cs.cmu.edu/~perspectives/ Basically what Perspectives does is fill in when FF decides that a cert doesn't match. Perspectives then contacts a bunch of other hosts to check the certificate. If the cert is the same as everyone else sees, and hasn't changed in a "long time", then the assumption is that the cert is valid, even if it's self-signed, or doesn't match. Read the perspectives site for more details. (I am not affiliated with this plugin, but I do use it and like it.)

This is not news. Baboons do this too.

From: http://answers.google.com/answers/threadview?id=482576

The Austin Chronicle
http://www.austinchronicle.com/issues/dispatch/2001-07-27/cols_smartypants.html

"Stone-throwing baboons in Saudi Arabia waited three days on the side
of a mountain road to take revenge on a driver who had killed one of
their group.

Al-Riyadh reported on Saturday that the primates laid in wait and
ambushed the driver on the same mountain road in southwest Saudi
Arabia from Mecca to Taif where the baboon had been run down earlier
in the week.

After spotting the car responsible for the death, one of the apes
screamed out a signal to the rest to attack, provoking the frenzied
stone throwing. Although the driver was able to escape, the apes broke
out the windshield of his car.

At least 350,000 baboons live in the Gulf state."

LUSENET: STONE-THROWING BABOONS TAKE REVENGE ON DRIVER
http://www.greenspun.com/bboard/q-and-a-fetch-msg.tcl?msg_id=004CxB

"In Saudi Arabia, a man learned a lesson in baboon gang warfare.
Apparently, earlier in the week the man was driving through a
mountainous road where he ran over a baboon. Thinking nothing of it,
the driver got back in his car and resumed his life... Finally, the
grieving baboons implemented their revenge. They lay hiding on the
side of the exact mountainous road where their beloved pal had been
killed and waited for the driver. When the car was spotted, one of the
baboons screamed out a signal and the others began to bombard the car
with rocks and stones. The driver escaped, sporting newly soiled
underwear and a broken windshield."

Tablet Newspaper: Monkey Love
http://www.tabletnewspaper.com/vol2iss_21/features/monkeylove.htm

"Stone-throwing baboons waited three days for revenge on the side of a
mountain road in Saudi Arabia to take revenge on a motorist who had
killed one of their group. After finally spotting the car responsible
for the death, one of the apes screamed out a signal for the rest to
attack, provoking a frenzied bout of stone throwing. The baboons then
ripped out the windscreen of the car. The driver managed to escape the
attack, which took place on the same stretch of road, between Mecca
and Taif, where the baboon had been run down."

Ananova: Revenge attack by stone-throwing baboons
http://www-2.cs.cmu.edu/afs/cs/academic/class/16741-s05/www/baboons09122000.pdf

"Stone-throwing baboons in Saudi Arabia waited three days on the side
of a mountain road to take revenge on a driver who had killed one of
their group. Al-Riyadh reported on Saturday that the primates laid in
wait and ambushed the driver on the same mountain road in southwest
Saudi Arabia from Mecca to Taif where the baboon had been run down
earlier in the week. After spotting the car responsible for the death,
one of the apes screamed out a signal to the rest to attack, provoking
the frenzied stone throwing. Although the driver was able to escape,
the apes broke out the windshield of his car. At least 350,000 baboons
live in the Gulf state. Who says animals have no emotions? If you can
plot revenge, you must be able to feel anger."

The Jekyl Archives
http://www.jekyl.com/jekyl/arc_2000.htm

"Saudi Arabia is particularly baboon prone these days, with tales of
baboons raiding farms, houses, and even schools. But probably the
strangest report was where a troop deliberately wait in ambush.
According to newspaper accounts,

You've pretty much summed up many of the challenges Linux desktop distributions have to overcome to be in a fit state to pitch for a place on the desktop of most corporations. And while many of the tools to do some of these reside on isolated islands of innovation, there is no unifying management interface. A detailed description of how to do all this would probably be enough material to put in a book.

Here are some little gems you might want to check out:

You'll want to keep an eye on freeIPA. When it hits V2 it'll become very useful to you.

The CODA Filesystem is the only one I know of that provides disconnected operation for mobile computing.

And I'll throw my weight behind Nomachine NX too. Definitely the best MSTCS equivalent in the Linux space.
 

From the robots that the intel guy had it looks more he was refering to the claytronics project ( http://www.cs.cmu.edu/~claytronics/index.html ) and if so it has a much broader use than just cellphones.

And it's people like you that PHEVs are designed for.

Once again, Slashdot does its best to continue ignorance by leaving out the core criticism of the study: that the study's authors assume a battery pack price of $1000 per kilowatt hour, and that's not even close to they cost today, let alone 5-10 years from now. And that's hardly their only mistake. I'll list their assumptions, and make a few quick comments on them:

* A 2004 Prius with varying size packs
* They upgrade the size of the motor to be sufficient to operate as series, but still keep the parallel configuration (why...?)
* 52 kW motor (70hp), yet weighs 40kg (huh...? The Tesla Roadster does 185kW with a 31kg motor)
* The main assumption that 1kg of batteries requires an additional 1kg of structure (Um.. really?). They also test 0kg and 2kg per 1kg of battery mass.
* Li-ion (unspecified chemistry). 100Wh/mi -- similar to LiP and some spinels -- and a 25% packaging weight penalty (on top of the 1kg weight for every 1kg of batteries)
* Only 50% depth of discharge (i.e., they're only using half of their pack)
* Charging at $0.11/kWh (US residential average)
* Gasoline at $3.00/gal (probably a reasonable long-term value)
* Assumption of $1,000/kWh battery cost (Um, no. I can get Thunderskys at non-bulk rates for a fraction of that. I can almost get A123s at non-bulk rates for that. The Th!nk's pack is $500/kWh, and they think they can cut that in half with production rates of several hundred thousand per year. Conventional li-ion, like Tesla uses, is ~$300/kWh currently. In short... no.). They justify their number by pointing out that it's cheaper than the original price of the Prius's battery pack (ignoring that small HEV battery pack prices don't scale linearly to BEV or PHEV packs or linear with capacity in general)
* GHG emissions of the grid are assumed to be fixed over time (Um, no)
* Vehicle lifespan of 12 years (the average vehicle *on the road* today is nearly 10 years old, and that number is increasing, so... no)
* 12,500 miles/year (reasonable)
* Vehicle base purchase cost, excluding the battery pack, of $17,600
* Assuming by default no carbon tax, both on electricity and gasoline, but considering it under alternative scenarios
* No tax credits assumed
* No battery replacement (in the base case; an alternative scenario includes replacement)
* A 5% "consumer discount rate", No clue what that is, but they state that the higher it is, the less competitive PHEVs are. So it's some sort of penalty. (Perhaps purchase interest rate on the auto loan? If so, too expensive.)

In short: stupid assumptions in, stupid results out. Note this paragraph that they just skim over:

Cheap battery costs of $250 per kWh would significantly increase competitiveness of PHEVs, making them similar to or less expensive than HEVs and CVs across all distances driven between charges. A battery technology with an increased SOC swing, which would allow more of the battery's physical capacity to be used in operation, would also improve PHEV competitiveness, making moderate ranged PHEV20s cost competitive with the HEV and CV.

In short: "If we pick more reasonable numbers, PHEVs are great. But with the bad numbers we picked, they're not."

The temporary H1-B visa was supposed to be good for seven years. The average age at which H1-Bs come to this country is fresh out of college, so 22-23 years old plus seven years is about thirty.

You are wrong on both counts.

Firstly, H1 visas are considered a "dual intent" visa. It is expected that some people on H1s will transition to Green Cards and then to citizenship.

Secondly, if the average age of H1s is "fresh out of college", that would imply that half the H1s come into the country before graduating. Since having a degree is usually required for an H1-b visa, this seems rather unlikely, so I conclude that you pulled that figure out of your ass.

Our programming languages professor, Robert Harper, recently talked about this concept in class. Although he argued that there was "no such thing" as a null pointer, what he actually meant to say was either there shouldn't be such a thing, or that a properly designed language would not have such a notion.

Consider SML (which, incidentally, he helped design). There are of course basic types, ints and bools etc, but it also has the notion of an "option" datatype. A foo option can either be NONE, or SOME of foo. For example, if you are doing some calculation that returns an int but may somehow fail to calculate its result, it will return an int option, with either SOME(result) if there was success, or NONE if it failed. Due to SML's strong type system, the function using that result would have to do case analysis on the result -- you can't use an int option as if it were an int; you need to pattern match and grab the int out of the SOME case and otherwise handle the NONE case.

Java (and C and...) doesn't do this properly. Take an ArrayList, for example. When you say "ArrayList foo", what you actually have is an ArrayList option, he argued, since you really either have SOME(an actual ArrayList) or NONE, representing the null pointer. Except Java has no notion of option types. There's no way to actually get an ArrayList -- you always have an ArrayList option. You have to check for NULL every time.

Thus his argument for why Java et al are badly designed, and how you can properly design a programming language without a need for a NULL pointer -- you use a different type altogether, upon which you can properly case analyze.

According to the CMMI process http://www.sei.cmu.edu/pub/documents/06.reports/pdf/06tr008.pdf (p.63):

The Process and Product Quality Assurance process area supports all process areas by providing specific practices for objectively evaluating performed processes, work products, and services against the applicable process descriptions, standards, and procedures, and ensuring that any issues arising from these reviews are addressed.

While "evaluating work products" certainly SOUNDS like this means QA is software testing, it is far from it. It means something completely different when you complete the sentence..."evaluating work products against the applicable process descriptions". Thus, it is QAs job to ensure the software test engineers are doing the job the way the process states they should be, not conducting any sort of software tests themselves.

So no, somebody in QA doesn't say, "hey, this button doesn't work". Instead, they say, "hey, Bob the software tester didn't follow process 4a" and because of that, nobody caught the fact that button didn't work. Then QA tells you your processes suck and makes you write new ones (even thought that's their job).

And yes, I realize my expertise in CMMI fully qualifies me to be a great Dilbert character.

Yes, really. Try http://www.sei.cmu.edu/cmmi/ . They are far more authoritative on QA processes than monster.com

Well, I guess there are now forty-three ways to generate power from a hamster.

I'm kind of hoping that this research is in reference to that old list ... my favourite was always number 41.

Yes such amazing quality control that led to this problem, where "a Debian packager modified the source code of OpenSSL back in 2006 so as to remove the seeding of OpenSSL random number generator, which in turns makes cryptographic key material generated on a Debian system guessable".

While I would like to agree that Open Source allows for greater auditing of the software, it has been proven incorrect.

Read the paper, Reflections on Trusting Trust, here or the PDF here.
 

The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code.

The presence of a Google Lab in Pittsburgh, right across the parking lot from Carnegie Mellon (their alma mater) didn't hurt.

The presence of a Google Lab in Pittsburgh, right across the parking lot from Carnegie Mellon (their alma mater) didn't hurt.

How to Think like a Mathematician:
http://www.amazon.com/How-Think-Like-Mathematician-Undergraduate/dp/0521895464
Online here (for how much longer?):
http://www.maths.leeds.ac.uk/~khouston/httlam.html

I bought this in the discount bin for $1 somewhere, I think it's (Playthinks) really good to develop logic and just try a little bit of every mathematical discipline:
http://www.amazon.com/Big-Book-Brain-Games-Mathematics/dp/0761134662

This isn't pure math, but lisp, but since Lisp is inspired by lambda calculus, perhaps it'll inspire more programming (shrugs):
http://www.cs.cmu.edu/~dst/LispBook/index.html

Yes, Outlook does support that craptastic IMAP protocol.

IMAP is the best remote email reader protocol that currently exists.

And indeed, it is one of the worst IMAP clients of them all.

Only because Outlook is among the worst email clients with any protocol. I don't recommend using Outlook unless you have to deal with Exchange, and even then Thunderbird with Exchange IMAP is better as long as you don't have to respond to the calendar crap.

However, my point was in support of the original post I was replying to, where it was posited that "You will almost never ever be able to get a company to drop Microsoft Exchange/Outlook or Windows Server if they use it currently."

And it's about as relevant as any other "support" post that exists purely to provide an impression that the idea being pushed is already popular.

Now your quote: "So his argument to support Exchange proprietary protocol instead of IMAP is that supposedly different clients don't act like Outlook does when talking to Exchange server."

Precisely, that there will be tough time had by all trying to migrate from an Outlook/Exchange solution. I merely added details of why one might find it difficult to make that happen. Because things are different. Because there is a mix of different behaviors. Because the experience is not as "nice".

Nope. You tried to promote the point of view that you favor, and failed miserably.

Now, if you said that Exchange is a terrible IMAP server, so everyone who wants to use IMAP, or any other mail server, at the scale of university should ditch Exchange and install Cyrus, mail server that was developed precisely for this application, you would have a point. But that's the very opposite of your goal, promoting the use of Microsoft software.

That will certainly help, but it's a tiny part of the real problem. The real problem is a coherent process where people can manage changes to such a system of interdependencies, track API contracts and assumptions, rules for modifications, etc. The most coherent treatment of this sort of approach I'm aware of is laid out by the SEI in Software Product Lines literature.

And I suspect that's the sort of thing that would satisfy both camps. It's just got a big initial cost and depends on adhering to relatively strict process controls.

I'm pretty sure that the late CMU CS Professor, Randy Pausch, talked about doing one of these proposals in the vomit comet during this last lecture,...

What you need to do if you want real security is give everybody only the data they're allowed to get, and check their input for validity when you get it.

Well that is one way to do it. You can also have something along the lines of an RSA-blessing algorithm that Netrek uses. Essentially, you have a set of clients that are white-listed and are allowed to connect to certain servers. So while there is nothing from stopping you from compiling your own client with whatever hacks you decide you want, you won't be able to play on most of the "official" servers. The same could be said for any game. Have trusted servers only allow trusted clients. Sure, it might fragment the community into hacked-server and legit-server groups, but it's a good setup to have.

This one? Not trying to be obtuse, but AI is not my field and I don't know people by their last name only. :-)

And the other thing I want (aside from the pony) is for fonts to (optionally) travel with documents.

That's for the font file's copyright and design patent owner to decide, not you. A TrueType font's OS/2 chunk contains flags to forbid all embedding or to forbid embedding in editable documents. Software that edits these flags has drawn copyright threats from type foundries. I would imagine that the fact that so few font files are set to allow embedding discourages software developers from even implementing embedding. Of course, if you use only Free fonts such as the DejaVu series, you can work around lack of embedding by putting the fonts in a zip file.

Perspectives is an excellent add-on for Firefox 3 that checks pages with self-signed certs from several locations and then bypasses the terrible Firefox 3 warning page if everything checks out. This is pretty effective at negating man-in-the-middle attacks.

General Dynamics offers a product called CoMotion that allows you to visually explore your data and find interesting patterns and trends.

http://www.gdc4s.com/content/detail.cfm?item=32341561-76f9-40f8-8ad5-0f0d66dd240e

CoMotion is a commercial fork of Visage, a collaborative visualization platform designed at Carnegie Mellon University and MAYA Design:

• http://www.cs.cmu.edu/~sage/visage.html
• http://www.maya.com/visage/base/papers/mayaDemo.htm
• Google: "visage site:maya.com"

Allow me to add a few, since I might know a thing or two about this subject. Some of you might remember Flame, a robot designed at the TU Delft, and being used to further understand human walking (he walks like we do, as opposed to for example Asimo...)

http://www.3me.tudelft.nl/live/pagina.jsp?id=c4fa06f1-b767-4a67-a19e-ea3356400f06&lang=en

The nice people at DBL (Delft Biorobotics Laboratory) have built a next generation robot called TUlip

http://www.dutchrobotics.net
for those interested. That's one I worked on a little, so I might be a little biased in terms of how cool it is :-)

Some more cool robots we saw in China and elsewhere are:

The Cornell Ranger's record for longest distance walked
http://ruina.tam.cornell.edu/research/topics/locomotion_and_robotics/papers/CornellRanger/index.html

or maybe nexi?

http://robotic.media.mit.edu/projects/robots/mds/overview/overview.html

Or take your pick from a variety in this list:
http://www.ri.cmu.edu/research_project_view.html?menu_id=261

or this one

http://www.rec.ri.cmu.edu/project/index.htm

Allow me to add a few, since I might know a thing or two about this subject. Some of you might remember Flame, a robot designed at the TU Delft, and being used to further understand human walking (he walks like we do, as opposed to for example Asimo...)

http://www.3me.tudelft.nl/live/pagina.jsp?id=c4fa06f1-b767-4a67-a19e-ea3356400f06&lang=en

The nice people at DBL (Delft Biorobotics Laboratory) have built a next generation robot called TUlip

http://www.dutchrobotics.net
for those interested. That's one I worked on a little, so I might be a little biased in terms of how cool it is :-)

Some more cool robots we saw in China and elsewhere are:

The Cornell Ranger's record for longest distance walked
http://ruina.tam.cornell.edu/research/topics/locomotion_and_robotics/papers/CornellRanger/index.html

or maybe nexi?

http://robotic.media.mit.edu/projects/robots/mds/overview/overview.html

Or take your pick from a variety in this list:
http://www.ri.cmu.edu/research_project_view.html?menu_id=261

or this one

http://www.rec.ri.cmu.edu/project/index.htm

I used the Crayon Physics demo to try Johnny Lee's whiteboard hack. I was primarily interested in the whiteboard hack and wanted something interesting running so I could watch different people using the IR pen I had built to see what limitations it had. The game drew enough people into it that they completely forgot about how they were interacting with it that I figured the hack as a win.

fwiw, I used a key ring led to house the IR Led and battery. It took about 5 minutes to swap the white light led with an IR led. My cell phone could see the IR led light up which told me I had done that part of the hack right later on when I had problems with a Broadcom Bluetooth driver.

I also think that this could be anything related to Microsoft and you wouldn't like it

Huh? It's not like I'm making unfounded accusations here. I quoted Microsoft's policy, and provided linkage back to the source so you can read it yourself in-context. They come right out and say that they're going to data-mine your personal information. That's a quote, not anti-Microsoft sentiment.

One of the ways to download the phone application is to enter your phone number, and they'll send you a link on the mobile device. Once you provide your phone number, they can reverse lookup your name, address, and anything else associated with you.

And this is hardly paranoia. Your local grocery stores do the same thing. They correlate credit cards with customer discount and gift cards. They cross-link that information with other companies' databases. This has been going on for years. Here, read this 2005 paper from Carnegie Mellon University [warning PDF]. Pay special attention to Section 3 - Tracking and Price Discrimination.

Well actually, because these NVIDIA glasses are already using an infrared connection to synchronize the shutter glasses with the monitor, you could also implement the head tracking solution as demonstrated by Johnny Chung Lee with the Wii-remote

If you were living under a rock around 2 years ago, for more information visit his website

Would having a conversation with a computer that was capable of understanding conversational english be awesome? I imagine it would be. But what would we talk about? What would I do with such a computer that I couldn't do with my current PC?

You are thinking too narrowly about "computers". I agree that talking to your desktop is largely inefficient compared to using a keyboard and mouse but natural language processing in robotics is another story.

The idea is that we may have hundreds of computers within our immediate environment all around us most of the time. See Intel's work on Claytronics http://www.cs.cmu.edu/~claytronics/ and MIT's work in robotics http://robotic.media.mit.edu/projects/projects.html. These technologies will be miniaturized and have some degree of natural language processing. Since you are not necessarily siting down at a desk with a keyboard and mouse, one of the most convenient ways of communicating with them will be through speech, gestures and eventually thoughts. Emotive and others are already making good progress in the thoughts category. http://emotiv.com/

Yeah, that'd be awesome. but that's nowhere near being on the horizon yet, and I don't know that we'll ever get there, because where's the demand for the intermediary steps that would lead us there, and what would those intermediary steps even be??

There is indeed a great demand for first generation, speech enabled robots and embedded computers. Think of the money that can be made for a robot that cleans using even a very limited amount of AI. Add in some speech recognition and I bet someone from http://store.irobot.com/shop/index.jsp?categoryId=2804605 would be very interested in talking with you.

...find companies such as MS behind universities going this direction.
The who gets first crack at profiting from research done at universities.
In exchange the companies sponsor such programs.

Here is an example

Note that it is abusive and contradicts the whole purpose of the patent system. Patents are intended, as is copyrights, to provide incentive for the creators of the works via granting a limited monopoly so to profit from their works, to do such works.

Additionally software is not of patentable such matter, a provable matter. (software patents are frauds).
 

Well then, okay, a solid A. I get the general idea of the non-criticality of the incident, and that mitigates the disclosure time delay. (I still recommend putting good effort towards coordinated disclosure with the vuln finder, if just for PR purposes.) And I like hearing about predetermined procedures for handling (major) events. (I bet you even have specific plans for how to notify "all software vendors, subscribers, and the general public", i.e., in which forums or to which lists or email addresses reporting must be done.)

That said, I'm not very familiar with the intricacies of the CA business and am probably not the best grader. Still, from a layman's perspective, it looks to me like StartCom's behavior in this scenario is sufficient for trust in the organization's procedures and operation.

Now if only the entire SSL PKI model weren't so iffy, what with any trusted CA (out of dozens) being able to subvert the whole system. I get the impression for this model to continue to "work", such as it might, things will have to change. Primarily the stringency of CA performance (and auditing) requirements. And so I don't mind you raising hell when you see shoddy (or even negligent, or even malfeasant) practices. And I am glad to see efforts like Sotirov et al.'s "Creating A Rogue CA Certificate" project, even if it makes me scared. Better frighteningly informed than blithely insecure.

I don't know how feasible this idea is, but I'd rather have a genuine web of trust rather than a commercial one or an institutional one (like what Mozilla corp. or MS or Apple or Opera provide). A real web of trust based on keys vouching for other keys ... vouching for CA performance, thus defining my browser's CA list. Maybe this is a dream and there's no way a system like this would survive gaming or no way it could be practical because people are lazy, but I like the dream. Here's a related project that leans in a democratic direction, Perspectives. Have you seen this?

Your Tier 1 may be functionally available already. Plus some.

Check out Perspectives.

If you would rather not read, this page may give you the idea at a glance.

Your Tier 1 may be functionally available already. Plus some.

Check out Perspectives.

If you would rather not read, this page may give you the idea at a glance.