Slashdot Mirror

storagedude writes "Google could go the way of the dodo if ultra intelligent electronic agents (UIEA) make their way into the mainstream, according to technology prognosticator Daniel Burrus. Siri is just the first example of how a UIEA could end search as we know it. By leveraging the cloud and supercomputing capabilities, Siri uses natural language search to circumvent the entire Google process. If Burrus is right, we'll no longer have to wade through '30,000,000 returns in .0013 milliseconds' of irrelevant search results."

storagedude writes "Time writer Joel Stein spent three months learning what data mining companies know about him. After learning everything the companies had profiled about him (some of it inaccurate) — social security number, age, marital status, religion, income, debt, interests, browsing and spending habits — he had a surprising reaction: complacency. '... oddly, the more I learned about data mining, the less concerned I was. Sure, I was surprised that all these companies are actually keeping permanent files on me. But I don't think they will do anything with them that does me any harm. There should be protections for vulnerable groups, and a government-enforced opt-out mechanism would be great for accountability. But I'm pretty sure that, like me, most people won't use that option. Of the people who actually find the Ads Preferences page — and these must be people pretty into privacy — only 1 in 8 asks to opt out of being tracked. The rest, apparently, just like to read privacy rules."

storagedude writes "This article suggests that most RAID controllers are completely unprepared for solid state drives and parallel file systems, all but guaranteeing another I/O bottleneck in data centers and another round of fixes and upgrades. What's more, some unnamed RAID vendors don't seem to even want to hear about the problem. Quoting: 'Common wisdom has held until now that I/O is random. This may have been true for many applications and file system allocation methodologies in the recent past, but with new file system allocation methods, pNFS and most importantly SSDs, the world as we know it is changing fast. RAID storage vendors who say that IOPS are all that matters for their controllers will be wrong within the next 18 months, if they aren't already.'"

storagedude writes "The WSJ has a cool article on how the race to digitize literary treasures has led to a trove of new discoveries. Quoting: 'Improved technology is allowing researchers to scan ancient texts that were once unreadable — blackened in fires or by chemical erosion, painted over or simply too fragile to unroll. Now, scholars are studying these works with X-ray fluorescence, multispectral imaging used by NASA to photograph Mars and CAT scans used by medical technicians ... By taking high-resolution digital images in 14 different light wavelengths, ranging from infrared to ultraviolet, Oxford scholars are reading bits of papyrus that were discovered in 1898 in an ancient garbage dump in central Egypt. So far, researchers have digitized about 80% of the collection of 500,000 fragments, dating from the 2nd century B.C. to the 8th century A.D. The texts include fragments of unknown works by famous authors of antiquity, lost gospels and early Islamic manuscripts.'"

storagedude writes to tell us that a storage geek has an interesting article on why ancient Egyptians were better than us at data preservation — and what we need to do to get caught up. "After rocks, the human race moved on to writing on animal skins and papyrus, which were faster at recording but didn't last nearly as long. Paper and printing presses were even faster, but also deteriorated more quickly. Starting to see a pattern? And now we have digital records, which might last a decade before becoming obsolete. Recording and handing down history thus becomes an increasingly daunting task, as each generation of media must be migrated to the next at a faster and faster rate, or we risk losing vital records."

njcoder writes "Netbeans 4.1 was released a few days ago. Though it is only a short time since 4.0 was released and only a minor version number increase, the new Netbeans 4.1 contains a number of significant enhancements. New features include enhanced support for J2ME (mobile) projects, a new Navigator component, enhancements to the Ant based project system, ability to define multiple source roots, enhanced support for J2EE applications including EJB support for creating Session, Entity and Message Driven Beans, bundled J2EE application server, bundled Tomcat server upgraded to the 5.5 series, Web Services support, Eclipse project import tool, and more. The days of a slow and ugly Netbeans seem to be over. Using the new Metal look and feel in Java 5 brightens things up a bit as well. More information can be found in the release info and go here to download the new version. Java boutique has a review, with screenshots, of the new released titled IDE Wars: Has NetBeans 4.1 Eclipsed Eclipse?."

Thanks to the L.A. Daily News for its story discussing new safety-related restrictions for cybercafes in Los Angeles, including "restricted hours for children, video surveillance and interior waiting areas." Apparently: "Council members voted 11-0 to place rules on roughly 30 cybercafes in Los Angeles that draw a primarily teenage clientele to play video games on high-speed computers linked to the Internet", following "a melee outside the NetStreet Cafe in Northridge [that] left two people injured in December 2002 [and was linked to Counter-Strike in some stories]." Councilman Greg Smith commented: "Cybercafes are not inherently bad or troublesome, it's the attractive nuisance that they provide to children... It's just the nature of the beast that they draw people late at night and provide a place to go that may attract problems." Update: 07/08 23:56 GMT by S : A commenter points to a detailed analysis of the requirements from someone involved in the negotiations, who concludes: "This is actually a victory for the nascent and struggling [cybercafe] industry."

cmj writes "Internet.com reports 'Looking to attract households that still aren't online, AOL is offering new customers a $299 PC system if they sign a one-year $23.90 dial-up Internet service contract.' A click through AOL's ecommerce site reveals the the specs as 1.7 GHz Celeron with 256 MB RAM, 40 GB hard drive, 56K modem, 10/100ethernet card, 17" monitor and Lexmark printer. The PC is running Windows XP, and includes 'AOL Office Powered by Sun'. Also of note is the fact that the $299 appears to be financed at around 22%. The math ( (12*23.90)+299 ) seems to suggest that you can get a $699 computer for $585.80 plus any finance charges. Setting aside the question of whether this is a good deal or not, one has to wonder whether AOL is desperate for new customers and resorting to bribery, or just progressing to the next step of branding. With this action AOL controls everything from the OS to the Word Processor to the web sites their customers browse."

Ridgelift writes "Microsoft has settled with the state of Tennessee to the tune of $64 million dollars. This comes on the heels of more settlements with North and South Dakota, and will likely be similar to the settlement with North Carolina in issuing vouchers. Hopefully there will be more websites to help customers receive their refunds, or help donate their vouchers to help the Free Software Foundation."

Ridgelift writes "The Open Source Development Labs have released a paper entitled SCO: Without Fear and Without Research [PDF, HTML version at the FSF] where Eben Moglen debunks SCO's claims to copyright infringement, and also discusses how they contradict themselves by citing that the GPL is both invalid and provides them legal protection. More information at the OSDL site and via an Internet.com article."

securitas writes "The Federal Communications Commission (FCC) will hold its first hearings on Internet telephony and VoIP regulation on Dec. 1 and plans to regulate VoIP by late 2004. A public comment period will follow the Dec. 1 meeting. Some say that it is overly ambitious to regulate VoIP by 2004, especially since FCC Commissioner Michael Powell does not have a strong reputation for clarifying complex issues - instead he has a reputation for confounding them. More at Internet.com and InternetWeek . FCC press release (PDF1|DOC1) and attached letter (PDF2|DOC2) to VoIP proponent Senator Ron Wyden, who sits on the Commerce, Science and Transportation Committee."

Slashback brings you updates tonight on Diebold's attempts to bring undisclosed-source, unauditable black-box voting to a ballot box near you, John Carmack's search for (rocket-fuel, not hair) peroxide, AT&T's (withdrawn) request for its customers' mail server addresses, open source goings on at Comdex, and more -- read on for the details.

Diebold Election Systems Round 2 in MD zznate writes "Looks like Diebold is not going to get off the hook so easily in Maryland after all. For anyone local, feel free to contact delegates Hixson or Hollinger to express your support. Perhaps they could even receive a copy or two (or fifty ;-) of the documents listed here."

Diebold is having an easier time at Swarthmore. yoshi_mon writes "Previously reported on /. was the Swarthmore Students Effort to keep the Diebold leaked memo's online. However that effort has been quashed by one Dean Bob Gross. To quote the dean, "We can?t get out in front in this fight against Diebold." BlackBoxVoting.com reports that '[Swarthmore College] is not willing to take a strong stand against Diebold, and is systematically disabling the network access of any student who hosts the files.'"

AT&T says Ha, just kidding! An anonymous reader writes "In an update to an earlier Slashdot article, Telco giant AT&T rushed to withdraw two notices sent to business partners and customers asking for the IP addresses of all outbound SMTP servers because of a 'human error' gaffe."

All this and cheap shrimp cocktail. blackbearnh writes "While the topic has been raised, I thought I'd mention a few other things going on at COMDEX Open-Source wise.

First off, the Open Source and Linux track has been expanded from a half-dozen sessions last year to nearly twenty this year. These will cover everything from the basics of Open Source (taught by folks like Ken Coar of Apache) to an intro to PHP led by Rasmus Lerdorf.

On the show floor, a massive 2500 sq foot Open Source Innovation Center will serve as the site for hourly talks by Open Source evangelists on business-related topics such as case studios proving the benefits of Open Source. There will also be a staffed "clinic" area where attendees can get advice on what Open Source technologies would work well in their business. There will also be install parties held at noon each day, where attendees can bring their laptops to get help installing MySQL or Debian. And lastly, a .ORG village inside the center will host representitives from more than a dozen prominent Open Source organizations, including OpenOffice and Mozilla.

Also, the COMDEX/ApacheCon exchange program continues this year. COMDEX members can get access to the ApacheCon expo floor and BOF sessions, while ApacheCon member can visit the COMDEX show floor and the Open Source keynotes. Shuttle service will link the two conventions.

James Turner
Co-Chair, Open Source, Fall 2003 COMDEX"

It's a crapshoot, eh. Dick Faze writes " Royal Bank of Canada is part of a $50 Million investment in SCO: Has our communist neighbor to the north finally flipped completely?" (We know Mr. Faze is being facetious, here ... don't we?) This is the same $50,000,000 investment deal in which some people suspected Microsoft's involvment.

Patent Office Cancels Swing Patent An anonymous reader writes "Remember the swing patent issued last year covering the method of swinging a swing? Well, the Patent Office must've taken offense at the amount of criticism it received over this patent. It initiated a reexam proceeding and after a year's worth of reexamination, they cancelled the patent on July 1, 2003."

But all the other patents are up to snuff, don't worry.

Carmack's Peroxide Troubles Over? Rob Jellinghaus writes "John Carmack's aerospace company has had problems getting enough concentrated 90% peroxide for their engines. So they have been working on mixed monoprop engines that would need only 50% peroxide, which would pretty much end their fuel troubles for good. They have had many failures, but they may have just succeeded. In his words: 'This is Very Good.'"

Remember, most of the world is still dial-up, at best. Anothermouse Cowered writes "It's a router, it's a firewall, it's a home gateway it's a... In another giant leap for the Open Source community, you can now hack on your own embedded Linux system for under $70. The source code for the ActionTEC Dual modem previously mentioned on Slashdot ('Hacking the Actiontec 56k Modem/Gateway') in September has now been released under the GPL. Downloads available here."

securitas writes "The Department of Defense has launched Phase I of its delayed IPv6 interoperability test (mirror) in a six-month project dubbed Moonv6. It is the largest North American IPv6 test ever and its goal is to evaluate IPv6 for 'network-centric military operations.' Phase II was originally scheduled to begin in January 2004 but may be delayed due to the late start of the current test. 'IPv4 addresses are 32 bits long, enough for around 4 billion unique addresses.' In contrast, the IPv6 address length is '128 bits, or 340 billion billion billion billion unique addresses.' Experts hope this will solve a predicted IP address shortage as more devices are created to use the Internet."

prostoalex writes "Federal Communications Commission opened up 90 MHz of previously reserved bandwidth for next-generation wireless services. The FCC news release (MS Word, PDF, apparently no HTML) specifies the following ranges to be available for commercial exploitation: 1710-1755 MHz and 2110-2155 MHz. Currently the licenses are issued to the business capable of providing "substantial service by the end of the license term", later on the licenses will be sold to the highest bidder. There's also this announcement about millimeter wave broadband frequencies."

fermion writes "The FTC has settled with the Austin, Texas-based company, ClickForMail.Com, Inc, on a charge of deceptive trade practices. The FTC charges that ClickForMail promised a preapproved credit card through AllPreApproved.com but failed to deliver the product. We all have heard that such spam and schemes can be very profitable, but do we ever believe a large number of people will fall for it? In this case, thousands took the bait. The victims allowed AllPreApproved.com to deduct $49.95 from their bank accounts. In return the victims received not a credit card, but a list of hyperlinks which could be used to get credit cards." (Read on for more.) "As is usual, the settlement does not assign blame. The FTC made ClickForMail pay $815,000 and promise not to lie about its services in the future. Apparently ClickForMail is not prohibited from sending out future UCE. This investigation is part of an FTC task force which is filing actions against 45 companies. One of the scams is an update of the eternal scholarship con.

If anyone gets spam from Texas, or if you live in Texas, make sure to use the new Texas Spam Law. Individuals can sue for $10 per UCE, up to $25,000 a day."

Matthew Skala writes "As reported in SiliconValley.internet.com, filtering-software vendor Websense has received US Patent 6,606,659 on a "System and method for controlling access to internet sites". The new features in the patented system seem to revolve around using time limits instead of filtering sites out entirely; offering users a choice of viewing a site and having it logged, or not viewing it; and a scheme for automatically categorizing sites that looks very much like the "Bayesian filters" we've heard so much about in recent weeks. You may be interested in the filtering company's press release about their patent, or my own view."

Matthew Skala writes "As reported in SiliconValley.internet.com, filtering-software vendor Websense has received US Patent 6,606,659 on a "System and method for controlling access to internet sites". The new features in the patented system seem to revolve around using time limits instead of filtering sites out entirely; offering users a choice of viewing a site and having it logged, or not viewing it; and a scheme for automatically categorizing sites that looks very much like the "Bayesian filters" we've heard so much about in recent weeks. You may be interested in the filtering company's press release about their patent, or my own view."

Thanks to the TNL forum regulars for pointing to an Internet.com interview with Micro Forté CEO, John De Margheriti. This Australian company has an original, as yet unannounced Microsoft-published MMORPG for Xbox Live in development, and the CEO (overconfidently?) says "Our technology could very well be the killer app for the Xbox. I think the Xbox killer app is online games in general, and I hope that the BigWorld Technology will play a strong part in that." Interestingly, BigWorld Technology is being pitched as middleware for multiple MMORPG titles on PC and console, but no further deals have been announced apart from the Microsoft game. So.. revolutionary or 'just another MMO engine'? Update: 06/25 14:46 GMT by S : Here's a preview and some screenshots of Citizen Zero, Microforte's dormant PC MMO title that the Xbox game may be somewhat based on.

Bootsy Collins writes "Last Thursday in the U.S. Congress, H.R. 2517 was quietly introduced and referred to the House Judiciary Committee. The bill, authored by Lamar Smith (R-TX) and co-sponsored by Howard Berman (D-CA), directs the FBI to develop methods of deterring copyright violation through use of peer-to-peer networks, including efforts to facilitate sharing information about suspected violators amongst law enforcement agencies. It also directs the Justice Department to develop programs to educate the American public on why copyright violation is bad. Berman, you may remember, introduce a bill last year that would give the RIAA and MPAA wide latitude to crack suspected violators' computers. " Update: 06/23 17:03 GMT by S : We also covered a variant of this story on Saturday.

ovrclokd writes "As a followup to the recent court ruling in their favor: through June 13th, the FCC is still taking comments on the CTIA petition for relief from the cell phone number portability deadline in November. Wireless carriers are apparently claiming that inability to keep from changing phone numbers when changing carriers isn't inhibiting competition - let's let the FCC know we don't agree!"

Slashback tonight with a round of corrections and updates to recent (and not recent) Slashdot postings. Read on to find out more on the fate of Larry Ellison's thin-client Linux machine, OpenTV vs. GNU, getting satisfaction instead of defective hard drives, and more. Enjoy!

Was it ahead of its time or vice versa? BreadMan writes "After limping along for years, the New Internet Computer (NIC) company finally went under. Founded by Larry Ellison, NIC sold a diskless workstation running Linux targeted at home users that wanted internet access. From the spec sheet it looks like this would be fun as a hacking platform if you can get one on the cheap."

Way to GNU! xarium writes "Seems that in response to pressure from the FSF OpenTV has released the source code to all of its compilers. You can download the full package here (~18meg)."

Because a hard drive should not be a rhythm section. Dynamoo writes "As previously noted in Slashdot, Fujitsu MPG3xx series hard drives have been failing in huge numbers. The U.S. law firm, Shepherd Finkelman Miller & Shah is currently conducting a class action against Fujitsu and HP for knowingly distributing faulty drives. According the this article in The Register, Gateway has now been lined up as a defendant.

The fault appears to impact MPG3102AT, MPG3204AT, MPG3307AT and MPG3409AT units manufactured in early 2001. If you have one of these, then it has probably failed already, if not you should replace it asap. If you're a customer of HP/Compaq you can visit the HP Hard Disk Drive Replacement Program site.
We had about 40 of these things fitted to Compaq DeskPro EXDs, and I can assure you the failure rate is pushing 100%."

In the public domain, no one knows you're a dog. smiff writes "United Press International reports on Dastar v. Twentieth Century Fox. Reversing lower court rulings, the Supreme Court unanimously ruled that Dastar did not violate the origin-of-work provision of the Lanham act. Dastar had taken public domain video, made some modifications, and sold it as its own product. Twentieth Century Fox sued claiming they should have been given credit for the video. According to Antonin Scalia, Dastar would have violated the Lanham Act if it had simply repacked the material and sold it as its own. But since Dastar made some minor changes, the Lanham Act doesn't apply.

While Dastar has been cleared under the Lanham Act, the Supreme Court sent the case back for a rehearing. The Fox video entered the public domain in 1977, but the book it was based on is still protected by copyright."

... or get off the pot. Brazilian Joe writes "The LinuxTag folks, as you may know, are responsible for a restraining order against SCO's claims in Germany. As a result, SCO has shut down its Germany web site. Story here."

PCOL writes "The Washington Post is reporting on testimony before the Senate Committee on Commerce, Science and Transportation by Ronald Scelson, an eighth-grade dropout and self-taught computer programmer from Louisiana, who claims that he sends between 120 million and 180 million e-mails every 12 hours, that he can break sophisticated software filters 24 hours after they are deployed, and that he has no choice but to resort to forging the sender information in his bulk e-mail so he can be anonymous and maintain his connection to the Internet. He added that he obtained all his addresses legally and that AOL gladly sold him the company's entire customer directory which Ted Leonsis, vice chairman of AOL, did not deny." It's a tough life. Here's another story about the Senate committee meeting.

Grant Erickson points to this internet.com story, which says "On Thursday, the California state Senate approved a bill that requires businesses with stores in the state to charge their customers sales tax for purchases made over the Internet." The state's huge ($35 billion) budget deficit is named as a driving force for the measure.

fwc writes "This has to be the story which will never end. Back in 1996, Steven Cohen "stole" sex.com from its original owner (Gary Kremen) by forging a letter to Network Solutions asking for the domain to be transferred to him. Subsequently Kremen sued to get the domain name returned. Through what seemed to be a neverending parade of lawsuits and judgements (Documented on slashdot here, here, here and here, and also in several other places), Kremen finally got his domain back and Cohen was ordered to pay $65 million in damages. In the latest twist, Cohen is asking the US Supreme Court to overturn the verdict of the lower courts by claiming that he owned the sex.com trademark prior to Kremen registering the domain. This should prove interesting since it looks like the filing at the USPTO occured two years after the domain was originally registered."

securitas writes "Today Palm released their latest in the PDA arms race: the Zire 71 and the Tungsten C. The Zire gets a color screen, digital camera and multimedia capabilities such as MP3 playback and 640x480 VGA video playback -- interesting since the screen is 320x320. The Tungsten C gets 802.11b (WiFi) connectivity and a VPN client to protect your data while in transit. More at InternetNews, PC World and Business Week/CNet."

An anonymous reader submits: "Congressman Darrell Issa (R-CA) is pressing congress to favor CDMA over GSM for mobile phone service in U.S.-funded reconstruction plans. One reason for pushing this is that a CDMA system would benefit American companies, such as California-based Qualcomm, while GSM would favor European companies. Currently, GSM is the most widely used mobile standard in surrounding countries."

maxentius writes "InternetNews.com has an article on not-broadband-but-still-faster telephone internet access premiering soon in more than one commercial ISP venue. Compression and other techniques will improve speed by up to five times, so they say. Hi-tech or hogwash?"

Slashback updates tonight on sky-diving cars, Microsoft's new code Glasnost (guess who's signed up to see the code?), the fate of the PCI-SIG list, the SCO and Linux licensing brouhaha, music royalties in Finland, and more. Read on for the details.

Not like that un-American GPL. agentZ writes "The first Microsoft government customer to buy access to the Windows source code is Russia according to this CNet story. Interesting to note FAPSI, one of their intelligence agencies, authorized the purchase. Perhaps they're looking for vulnerabilities in the U.S. Government's dependence on Microsoft?"

The difference between Chapter 11 and The End. prostoalex writes "In regards to a recent heated discussion on whether tech companies can make it out of Chapter 11 bankruptcy protection, XO Communications, the telecom company of the dot-com era, seems to be doing quite well after filing Chapter 11. The article on Internet.com also mentions another company, Covad Communications, picking up customers and more business after filing for Chapter 11."

There's hope in PCI Land. Regarding the Slashdot post of a few days ago about the PCI-SIG ("The End of the Free PCI Device List"), PCI-SIG Chairman Tony Pierce writes

"YourVote.com Supporters:

Thank you for making us aware of your concerns regarding Jim Boemler's online Vendor and Device Lists for the PCI technology.

There has been a misunderstanding between PCI-SIG and Jim - PCI-SIG officers are currently working with Jim to resolve the issues as quickly as possible. We respect Jim Boemler's work and are committed to support the PCI specification efforts industry-wide. We are confident that we will come to an amicable resolution.

We are pleased to see the strong industry support for PCI technologies and value your response to the issues. We understand this site has been a very valuable tool and are working together to find a solution to make sure that the tool is available to the public in some way.

Thank you for your support over the years. We will be sure to keep you informed as we come to resolution in this situation."

This lowers Finland on my list of vacation spots. E-Tray writes "It seems that Finnish equivalents of American RIAA, Teosto, which represents songwriters and publishers, and Gramex, which represents music producers and artists, want to force Finnish day nurseries to pay royalties every time nursery staff sings along with kids. Previously Teosto enforced a law that taxi drivers have to pay royalties if they play music while a customer is in the backseat."

Would still rather see a statement signed in blood. Error27 writes "Earlier this week, Slashdot linked to a Maureen O'Gara article that claimed SCO was probably going to try charge Linux users $96 per CPU. More than one person thought SCO's denial was, "Awfully ambiguous". Hopefully this article clears up any doubts. Essentially, SCO will continue to charge IBM but not RedHat or SCO's UnitedLinux partners."

Perhaps I can volunteer my dad's Suburbans? Finally, joe jennings writes

"A few months ago you ran a story about the cars my team and I skydived with and crashed into the desert. This is a bit of an update.

Next month, we're going to blow up my Nissan Pathfinder. Its twisted remains will be welded to a steel beam and planted on a plot of land in the mojave desert. We're starting "suv ranch," a tribute to gas guzzlers, a dying trend (we hope).

I intend to thoroughly document the project and will post images and quicktime videos on gaspig.com."

We ran the "Call for questions" Monday, January 13, under the headline, Discuss BIOS and Palladium Issues With an AMIBIOS Rep. Note that Brian Richardson, AMI sales engineer, is a real engineer, not just a salesperson, and is also a staunch Slashdot reader who knows we have low tolerance for PR whitewashes around here. Brian's answers are real, not laundered, and he responded not only to the 10 questions we sent him but also to some he felt deserved answers even though they weren't moderated all the way up. Please note that in much of this interview he is speaking as "Brian Richardson, individual," and that his opinions do not necessarily reflect those of AMI's management. With that said, be prepared to learn a lot about the BIOS business, and how TCPA and Palladium relate (and don't relate) to it.

Preface:

I thought it might be handy for the audience to know who's handling their questions ...

My name is Brian Richardson. I work for American Megatrends, Inc . (AMI). AMI is a privately held company located in Norcross, GA (just north of Atlanta). We employ approximately 400 people worldwide (about 200 in the United States).

I am a "BIOS Sales Engineer", responsible for handling technical issues related to selling and marketing the AMIBIOS8 , our latest BIOS code revision. This includes writing whitepapers, demonstrating products, answering technical sales questions, speaking at industry conferences and handling requests from the press that may require more than a passing knowledge of technology (like this one).

I started at AMI in 1996. I've been in this job for two years. Before that I wrote BIOS code for our notebook team and helped design our Software Quality Automated Testing (SQuAT) system. I also maintain several company intranets and our Bugzilla server, used for tracking bugs during BIOS development.

In spare time, I serve on the board of directors of Tech Corps Georgia. I also managed the Hardware section of linux.com (old articles are archived at linux.omnipotent.net).

This interview covers BIOS in general, but the questions have a heavy slant towards TCPA & Palladium. I'm sure I won't address everybody's TCPA related questions here. AMI has a "TCPA and AMIBIOS8" whitepaper at our website which discusses AMI's implementation. There are also links to other information on TCPA.

To answer some of the more unusual questions that didn't make it into the Top 10:

• You use XOR to clear a register instead of a simple MOV instruction because of the instruction size (XOR uses a two byte opcode, MOV uses three bytes). The savings in space really adds up after a while.

• We haven't finished 1394 boot yet, but we do have USB & USB 2.0 boot support

• I don't know, I've never met Satan ... but I have been to WinHEC

Now on to the questions ...

1) On the Exclusionary Uses of TCPA

by the-banker

Is it (will it be) possible to use TCPA to effectively lock-out certain operating evironments from various services (software, media, etc) solely because the operating environment is not backed by a company, and has no mechanism for paying certification fees and licenses? Specifically, could TCPA be used against free OS's like Free/Open/netBSD and Linux to prevent those users from accessing the same content users of commercial OS's can?

Let me start out by reminding the audience I am not a security expert. I have been reading specs like a madman the past week, expecting such a question from the /. audience. I'm also not a professional TCPAadvocate ... my understanding of TCPA is in relation to what AMIBIOS must do to enable the TPM(a hardware component required by the spec). I'm going to refer toTCPA specifications & FAQ a lot, so verifying my answers will be an exercise left to the reader.

Your question brings up a lot of common issues people seem have with TCPA:

1. What does TCPA do?

2. What does AMIBIOS have to do with TCPA?

3. What is the licensing structure?

4. Can open-source software make use of TCPA?

5. Does this have anything to do with Digital Rights Management (DRM)?

Let's see if Brian can hash his way through these items in some sort of order ...

a) What does TCPA do? TCPA is an industry specification that defines mechanisms for "trusted" client/server interaction ("trust" and "security" are two different things).

TCPA works in a very similar fashion as other key-based security mechanisms (SSH, PGP, SSL). Transmissions are secured by hashing against a key. Keys tend to be very long (128 bits or more), so it is difficult for "bad people" to guess your key. In many mechanisms, the key also serves to identify the user (proof that they are who they say they are). This key is often contained in a file or some sort of removable media, like a smart card.

TCPA adds a few elements to this security scheme:

1. More keys and longer keys (some keys are 160 bits, most are 2048 bits)

2. A crypto-processor to speed key computations

3. Secure key storage on the system mainboard

4. Establish platform "trust". The two excerpts below are taken from the TCPA FAQ:
   12. What do you mean by trust?
   The ability to feel confident that the software environment in a platform is operating as expected. This is done by reliably measuring and reliably reporting (using aliasing) information about the platform.
   
   Another such benefit is improved control of access to data. Previously such access has depended upon authorization or authentication. Now such access can also be linked to the state of the software in the platform. This enables the denial of access to data if rogue software, such as a virus, is introduced into a platform, because such introduction necessarily changes the software state of the platform.

The crypto-processor and key storage are provided by the Trusted Platform Module (TPM). A TCPA enabled system will have a TPM on the motherboard. This TPM can be disabled, as per TCPA specification, if the user wants to opt-out.

One concern is that TCPA is equivalent to a unique identifier on your computer, which causes a large number of privacy concerns. There's a large section of the FAQ (Item #13) that covers this topic:

The solutions support privacy principles in a number of ways:

1. The owner controls personalization.

2. The owner and user control the trust relationship.

3. Provides private object storage and digital signature capability.

4. Private personalization information is never exposed.

5. User keys are encrypted prior to transmission.

6. Supports multiple certificate authorities giving the user choice.

It is also important to know what the solutions are not:

1. They are not global identifiers.

2. They are not personalized before user interaction.

3. They are not fixed functions - it can be disabled permanently.

4. They are not controlled by others (only the owner controls).

b) What does AMIBIOS have to do with TCPA? The TPM requires initialization during BIOS POST. This allows what they refer to as "metrics" to be stored that help establish that the BIOS & OS can be trusted (i.e. haven't been h4x0r3d). Our "TCPA & AMIBIOS8" whitepaper has more information.

c) What is the licensing structure? There isn't one. From the TCPA FAQ:

10. What are the licensing and/or royalty arrangements for the technologies outlined by the TCPA specification?

The TCPA spec is currently set up as a "just-publish" IP model.

d) Can open-source software make use of TCPA? Yes. From the TPM FAQ:

18. Does the TCPA support open source systems?

Yes. The ability to use the TPM functionality is available to all developers of software. An open source project could determine to use TPM functionally today. The concepts of measurement, protected storage and attestation of measurements are fundamental concepts that hold true for any type of OS or application. The platforms that support TCPA today are not limited to only one OS and if open source developers provided applications that used the TPM functionality they would find support.

Remember ... SSH, GPG and SSL aren't any less secure because they're open-source. The whole point of key-based security is that you can't see the data without the key, even if you know the decryption mechanism.

e) TCPA & DRM? This question wasn't directly asked, but it's on everybody's mind ...

TCPA has been connected to proposed legislation that would require "content protection" on most digital media devices (including PCs).

While somebody could write a DRM application using the TPM, they could also write one without it. Non-DRM applications can be developed under TCPA. The example I thought of is an improved VPN for companies that are super-paranoid about their data (think about it ... 2048 bit keys, no hash load on the system CPU, ability to tie accessibility to a unique platform).

Adding TCPA & a TPM to a system doesn't automatically add DRM to a platform. Some application has to tie the TPM to the "media" being "protected". Merely adding TCPA to AMIBIOS doesn't constitute DRM:

Captain: What happen?
Mechanic: Somebody set up us the DRM.
Cats: How are you gentlemen !! All your BIOS are belong to us.

2) Advantage

by TedCheshireAcad

What is the advantage to me, a Linux using consumer, to buying your product over those of your competitors?

First, the short answer: a proven and stable product based on nearly two decades in the PC industry, with support for the latest technology.

Now, the long answer: Let me give a little background on how BIOS gets onto your average motherboard. I know that's not what you asked, but it will explain product design and benefits to the end user.

AMI markets AMIBIOS directly to the motherboard manufacturer, who we see as the actual "BIOS customer". So many of our features are oriented to motherboard manufacturers or BIOS developer. The end result of using our codebase is to produce a stable BIOS for the motherboard manufacturer's customer (that's you, the end user).

You can break these down three major areas:

1. Code structure (ease of development, tools, source management, etc.)

2. Technology support (OS, chipsets, processors, peripherals, etc.)

3. Support after the sale

a) The "BIOS core" is a different code component from silicon support code. The same applies to our technology support modules (ACPI,USB, TCPA, ASF, SMBIOS, APM, etc.). This allows board developers to pick just the code they need for their system. An embedded Linux board for an industrial controller has different BIOS requirements than the typical "white box" motherboard (OS compatibility, supported hardware, power management, etc.).

AMI also developed a custom GUI to make BIOS development easier (Visual eBIOS, or VeB). Believe it or not, most BIOS development happens at the DOS prompt in x86 assembly code. We found it harder to get new engineers comfortable with DOS-based development (DOS is 22 years old, so is the average college graduate). VeB also incorporates source control, so engineers manage the code from the same place they edit the code.

b) Technology support is pretty broad. We have to work on new chipsets, technologies and devices while keeping backwards compatibility for older hardware we'd rather forget about. This involves a lot of work with hardware vendors (Intel, AMD, ServerWorks, nVIDIA, etc.), software companies (Microsoft, RedHat, etc.) and technical specification groups (there's one for most every acronym out there). As you might imagine, there's a lot of testing to make sure all these things play well together.

Technology support also applies to features that don't have cool three letter acronyms. One example of this is "Fast POST" (POST is Power On Self Test, BIOS execution from power-on to OS bootloader). There was customer demand to boot the PC faster. This pressure came from Microsoft for a better overall user experience (yes, the obvious joke is "boot speed doesn't matter when you don't have to reboot so often" ... but I'm taking the high road). So now Fast POST is standard in AMIBIOS8.

c) "Service after the sale" sounds like something you hear in a men's clothing store, but it applies to BIOS as well. Customers expect bugs to be fixed, new features to be added, and a voice on the phone when they can't quite figure out which bit goes where. Some customers develop using our source code (as a licensee), while others use our engineers to create their BIOS (as contractors).

That might have been more of a sales pitch than you were expecting (sorry). There's more product information at the AMIBIOS website.

3) Performance hit

by oliverthered

I assume that data pathways will be signable or encrypted in some way. What performance hit will the [operating system] take when using trusted system? e.g. How much extra data is added to form a signature, what methods are used for signing. and how will this benefit the end-user?

A: I assume this is in reference to TCPA, so I'll use what I know of that spec to answer the question.

Everybody who's used SSH or SCP has experienced computation overhead from data encryption. That's the main reason TCPA has the Trusted Platform Module (TPM). Along with storing keys, it had a dedicated crypto-processor to handle random number generation, hashing and digital signatures. Due to the size of a security key, these hash computations add overhead (overhead == delay).

In TCPA, the hash/generation stuff is offloaded to the TPM. Since this dedicated processor does the work, the main system processor doesn't have to. The TPM is also a function specific processor, meaning it's optimized for security tasks (translation: faster than your general purpose x86 CPU). This is a good thing, since most of the TPM keys are 2048 bits.

If you look at Transmeta's recent security press release, you see the same functionality. Although this story was reported as Transmeta releasing DRM, they are actually providing an integrated crypto-processor in the TM5800. This function-specific processor is accessible through an extension to the x86 instruction set (similar to MMX or 3DNow!). The difference between this & the TPM is how you access the functions.

Sidenote: does any open-source developer want to check if these extensions could be used to improve SSH, SCP or GPG performance?

The signing methods and potential benefits are outlined in the TCPA specification and FAQ.

4) Why are BIOSes closed source?

by mcelrath

Having recently had a lot of trouble with my laptop's BIOS, on an issue that I could most certainly fix if I had access to the code... I started wondering what benefit AMI and other vendors have by keeping BIOS code secret? I can think of none whatsoever.

An open-source TCPA BIOS might go a long way to alleviating the fears of the open source community, since we could see exactly what it is you're forcing on us. And hey, no doubt you'd get a few bug-fixing patches in return for your efforts.

So, is an open-source BIOS a possibility? (TCPA or otherwise)

Just to get this out of the way:

1. AMI isn't forcing anybody to take any product offering, TCPA or otherwise.

2. TCPA doesn't block open-source (see #18 in the TPM FAQ @ trustedpc.org).

3. The TPM Memory Present (MP) driver BIOS uses during POST isn't open-source (it's provided by the TPM manufacturer).

This was the focus of a linux.com article several years back. There's plenty of advantages to open-source, but there are two main reasons for closed source BIOS: Legal Restrictions & Economics.

The creation of an open-source BIOS isn't limited by the BIOS itself, but by the information required to create the BIOS. Let me take a second and explain how the BIOS works at a programming level. This may seem like a tangent, but it helps explain issues faced by open-source BIOS developers (just think of it as Good Eats for BIOS).

There's three major components of any BIOS:

1. Core Routines

2. Silicon Support Routines

3. Board Specific Routines

The core can be equated to the kernel of an operating system, except that it comprises a larger percentage of the codebase (both in functionality and actual code size). This is everything that's generic from one BIOS to the next.

Silicon Support applies to the chips on the board initialized by the BIOS (processor, northbridge, southbridge, I/O, flash). BIOS core routines will call silicon routines when hardware configuration is required. These routines are created according to an API, so swapping any of these code modules doesn't affect the structure of the core.

Board Specific Routines represent the motherboard manufacturer's configuration. If you look at motherboards from two manufacturers that use the exact same silicon components, you might expect the BIOS from one board to work on the other ... but you'd be wrong. The small hardware changes that differentiate Board Vendor A from Board Vendor B have a large impact on the BIOS. PCI Interrupt routing, chipset General Purpose I/O pins and other parts of vendor's "secret sauce" go into this BIOS layer.

"Fine," you say, "but what does this have to do with open-source BIOS?"

I'm sure you've noticed that there's a BIOS ready for a chipset the day it is announced. AMI and other BIOS companies don't just come along the day of the silicon release and slap a BIOS together. We work hand-in-hand with the chipset vendor for months before the release. They send us an alpha board, we boot it ... they send us a beta board, we add more features ... they send us final silicon, we validate it.

Now remember that this hardware isn't public when AMI gets it. AMI has to sign a has to sign a Non-Disclosure Agreement (NDA) to get a development board or advance specifications, which means we can't tell anybody what we know about the product. Vendor-supplied reference code (memory detection, bridge configuration, etc.) is also covered under NDA. AMI also signs NDAs to cover the motherboard manufacturer's confidential information.

So the BIOS that ends up on those motherboards is constructed using information we can't release to any party not covered by NDA. You might be able to understand how this doesn't fit into to the open-source model.

So an open-source BIOS developer has a big dilemma ... they need access to information, but legally can't include it in open-source code. Many chipset vendors provide information after their chipset is released, but not many board vendors hand out schematics. Reverse engineering might reveal this information, but some items controlled by the BIOS can damage the system if not set properly (data corruption, overheating, smoke, flame, etc.) ... so random bit flipping may not be the answer. And nobody wants to get into the legal issues of using disassembled code in place of reverse engineering.

I think the closing statement from the linux.com LinuxBIOS article still applies ... "The real question isn't if an open source BIOS will ever work on a handful of platforms, but if it will ever become viable for mass market across many platforms."

There's another issue that comes into keeping AMIBIOS source code closed (or for that matter anycommercial source code). This has to do with economics.

This is where I change hats from "AMI company representative" to "average techno-Joe". The next few paragraphs are my feelings, not necessarily those of my employer or anybody else on the planet.

I personally like the idea of open-source, and I use a lot of open-source programs at home and work (Mozilla, OpenOffice, RedHat, Mandrake, ClarkConnect, PostNuke, perl, php, Bugzilla). But I also buy and use regular closed-source programs (my DV editing and VCD/DVD authoring tools). The choice isn't whether or not the source is accessible, but if the tool fits my needs.

In either case, those programs are the product of somebody's time (in most cases, a large group of bodies). They're a conglomeration of people's ideas, a manifestation of their talents, and monetary investment (open-source isn't free to develop, somebody bought that computer hardware). Those people, and whatever company funded their efforts, have the choice to distribute their product anyway they choose.

If a company wants to go open-source, then they can't make money selling source or seat licenses. RedHat doesn't make money selling code, they make money selling a code package and support for that package. My company doesn't operate that way ... in the realm of BIOS, money is made licensing source and selling per-board licenses. That's the way every BIOS vendor makes money.

That doesn't mean there's no open-source within AMI (perl/php/PostNuke/apache intranets, Bugzilla bug tracking, ucLinux on our MegaRAC G2 management card). But the choice to go open-source is done product by product, company by company.

In an industry driven by innovation, many companies feel they loose competitive advantage by opening their source ... if everybody has access to their ideas, then why buy their product over another? That mentality may not fit well with open-source, but these inexpensive computers we currently enjoy are the product of market forces. If there was no profit in computing, would Intel and AMD even exist?

Thus ends my personal views ... back to the actual interview ...

5) Technical Explanation of BIOS Settings

by doppleganger871

I have been doing research on BIOS settings for many years, and I have found good articles on what the settings do, and how to tweak them for the best performance/stability mix. But, I would like to know if the BIOS manufacturer itself would be able to provide an in-depth manual of all the BIOS settings, and what exactly they do. All the manuals that come with motherboards are very short on explanations, and I would like to see someone within the company actually explain to us hardware enthusiasts the down 'n dirty, nitty gritty, dirt under the rug, needle in a haystack type of information that we could use to make our computers run the absolute best they can. Because, as we all know, optimizing software and firmware is a lot cheaper than upgrading parts.

A: I wish I had a great answer for this. Despite my verbose nature, there's not enough room in this interview to discuss every setting that is or will be in the BIOS. Some of the basic settings are covered in BIOS setup manuals, and a few websites do a good job of explain the ugly details. The problem is that those "cryptic" options change for every chipset on the market.

We're always looking at product improvements, and that includes documentation. Our setup manual is a generic template, designed for the motherboard customer as a starting point for their manuals. The "chipset specific setup information" is part of a new documentation effort within AMI (we talked about in meetings this week).

Outside of that, optimizing settings for a specific combination of board, memory and processor is still trial and error (tweak, reboot, benchmark, swear ... tweak, reboot, benchmark, swear ...). I don't know if better documentation will change that.

6) "Trusted" computer

by michael

A few related questions:

a) Isn't the goal of "trusted computing" to allow entities other than the owner of the computer to control what the owner does with his/her hardware? For example, "trusted computing" applied to music implies that the music publisher gains control over what the computer owner can do with the music data files. Isn't this the exact opposite of "trust" as that word is normally used - a trusted computer is one that can't be trusted by the computer's owner to perform the tasks asked of it, because other entities have veto power over the computer's actions?

b) Companies like AMI have repeatedly claimed that they aren't part of Palladium. However, isn't it true that without AMI's trusted BIOS (and all the other components necessary to build a "trusted computer"), Palladium wouldn't work? Why does AMI think they shouldn't be held responsible for enabling Palladium and similar schemes?

c) In what way does AMI benefit, financially or otherwise, from introducing a BIOS designed to make the computer it is installed in less useful to the purchaser of the computer? Please avoid saying that this is "optional"; AMI wouldn't create this BIOS if it wasn't intended to be used.

A: Let's take these in order ...

a) The Goal Of Trusted Computing: Despite the fact my company is a TCPA member company, the concept of trusted computing wasn't created by AMI (we're not even a founding member).

As far as the goals of the specification, I'm not the designated defender of TCPA. I'll let theTCPA speak to their own goals. You seem to automatically equate "trust" to DRM, but that's not what I get from reading the specifications and related materials (see part (e) of my answer to the first question).

b) Palladium & AMIBIOS: You are correct in understanding that Palladium will require some amount of BIOS support. The reason we keep saying "we're not a part of Palladium" is because Palladium doesn't exist in the marketplace ... it's a Microsoft initiative being developed under guarded care in a small circle of developers. It's not a public specification like TCPA, so our role in this scheme is unknown. My understanding is that we'll get a specification from Microsoft whenever they're ready to involve the BIOS developers, but I don't know under what terms it will be made public (my Magic 8 Ball says "Ask Again Later").

c) Financial Benefit: Yes, there is a financial benefit to supporting a technology that our customers ask for ... they continue to be our customers. Not every customer has asked for TCPA yet, but enough large customers have asked to make it financially reasonable. Keep in mind that this is just one more feature we offer, which the customer may or may not want to take.

So when a customer (or customers) comes to AMI and says "Our next motherboard will support TCPA, and we need a BIOS module", AMI has two choices:

1. Say yes, develop the code, make the customer happy

2. Say no

If we select option #2 (for whatever reason), our customer has one of two responses:

1. "No problem, we licensed your code ... we'll add the support ourselves."

2. "Too bad, you have a competitor who offers this support ... it was nice doing business with you."

Option B is an obvious downer, because customers give us money. Money can be exchanged for goods and services, like food ... and I find food to be an important part of a nutritious breakfast.

Option A presents another series of problems. Yes, we kept the customer, but now we have a forked version of our code floating around. If only one customer wants this feature, then it's not a big deal. If twenty customers want this feature, then there's twenty code forks. They're still our customers, so they expect support ... and this is a support nightmare.

Our decision to develop a TCPA option was driven by sufficient demand for the technology. We're not the only company in the marketplace offering TCPA. Phoenix, our largest competitor, has been working on TCPA for quite sometime. IBM is already shipping notebooks with TPM hardware (which run Linux, according to LinuxCare Labs). If AMI customers don't ship TCPA, they we spent time developing a feature nobody wanted (it wouldn't be the first time, but that's happens in cutting edge development), but we have customer goodwill because we're responsive to their needs. It's the same in our eyes as developing support for a chipset ... if nobody likes the chipset, then they don't buy the code to support it.

What we have done by choosing TCPA over any number of proprietary security solutions is present an option that isn't closed to third parties. If we enable TCPA on a board and you want to make use of it, read the spec and develop accordingly.

7) Hardware vendors

by cybermace5

Since a BIOS is only part of a motherboard: what steps will hardware vendors have to take, in order to incorporate your BIOS? Will they have to adhere to certain hardware design rules or controls in order to maintain the TCPA? Is there going to be a licensing procedure for hardware manufacturers?

A: Hardware vendors don't have to do much for AMIBIOS to support TCPA. The TCPA code module gets included as an add-on. The hardware manufacturer has to obtain a TPM to place on the motherboard, but that's available from a third party vendor.

The TCPA specification doesn't mandate licensing (see point #10 in the TCPA FAQ). It's not an AMI specification, so it's not our job to check for compliance. Third-party labs will most likely perform platform certification based on TCPA specifications.

8) Windows override

by Forkenhoppen

I have a question; on previous occassions on VIA hardware I've owned, I've noticed that occasionally, Windows will enable a feature even though I have turned it off in the BIOS.

My question is this; if I have TCPA disabled in my BIOS, will Windows drivers abide by this? Or will they still be able to use aspects of the BIOS originally put in place for use by TCPA even though I have it shut off?

What plans are in place to keep a Windows driver from hijacking TCPA-related information for it's own purposes?

A: A lot of that depends on how the motherboard vendor implements the TPM disable option mandated by the TCPA specification.

The TCPA specification has many options for disabling the TPM. It can be a BIOS setup question, jumper or software driven. The first two would be really hard to override in software (unless there's a robotic hand attached to the USB port). The third option could present a software override, but you would have to reboot to have the TPM enabled at power-on to set proper "root of trust" (you can't just turn it on midstream, since a TCPA system is supposed to hash the BIOS & bootloader).

9) TCPA & Palladium

by ignipotentis

Perhaps you can clarify the differences between the two (TCPA & Palladium). After reading up on both of them, i still find that they seem to be pretty much the same, just marketed differently.

A: From the information that's been made public concerning Palladium, I can try to elaborate on this. As I understand it, the major differences are listed below:

• Curtain Memory

• Control of Specification

• Intellectual Property (IP) Rights

The last two points are pretty self explanatory. Palladium it not a public specification, there may be licensing issues. TCPA is a public document created and reviewed by a number of different companies, with no licensing demands.

The first point is technical in nature. Here's how the Microsoft's Palladium FAQ describes "curtain memory":

The ability to wall off and hide pages of main memory so that each "Palladium" application can be assured that it is not modified or observed by any other application or even the operating system

This type of mechanism doesn't exist in TCPA, and would probably require some sort of support at the chipset level (which means it couldn't be implemented using current northbridge hardware). The total system impact isn't known, and it's any body's guess what this does to application development.

10) What do you think about Linux BIOS?

by lanner

At first, I was going to ask you about how you have cooperated, if at all, with the Linux BIOS project. After all, you often have historically cooperated with Microsoft and Novell. What are you doing to help Linux?

But then it occurred to me, if Linux BIOS was successful, it would put AMI out of the BIOS software development business. Linux BIOS is a competitor of AMI.

What is your personal perspective about Linux BIOS, and what does AMI think about it?

A: There's a lot of overlap with question #4 here. But there are two points I'd like to touch on:

1. Cooperation with Microsoft, Novell & Linux

2. Perspective on LinuxBIOS

a) Saying that we "cooperate" with Microsoft and Novell is misleading. AMI creates AMIBIOS for maximum hardware and software compatibility. For years, Microsoft and Novell were the primary OS vendors used by our customers. Microsoft also drives many PC specifications, and the majority of our customers use Microsoft operating systems. Development and testing are focused based on customer demand.

In the past few years, that situation has changed. Novell isn't a major consideration for our customers, but we still test compatibility. Linux is demanded by more customers, and our testing efforts have been increased to match that demand. We test RedHat, SuSe, Mandrake, Xandros, Lindows and FreeBSD by default (along with various beta distros).

Microsoft is still key to our testing and development (we test everything back to Win98). Customers still need that "Designed for Windows" sticker. But Linux is a major focus in our testing and development ... not just because we develop for compatibility, but because our customers ask for it by name.

b) In some areas, people see LinuxBIOS as competition to the other BIOS vendors.

• As far as the source licensing (open vs. closed), see my answer to question #4.

• In features, LinuxBIOS does some things that our BIOS doesn't (mostly in the areas of cluster management) ... AMI has advantages over LinuxBIOS as well (boot from USB/USB2, JPEG graphics as boot logo, broader chipset support, ACPI/APM power management, etc.).

• LinuxBIOS was developed for a specific application, but has broadened ... AMIBIOS aims to offer broad support in many market segments.

• AMIBIOS has been tested against a larger number of system configurations, works with a larger variety of hardware, and has a longer product history.

I'm not sure how others at AMI feel about LinuxBIOS, but all I have to say is "go for it". There's some neat stuff coming out of that project, and it's interesting to see what they've accomplished. Competition in the market is what makes technology improve ... one notch better than the last thing, one step ahead of the next guy.

Thus ends the interview. Thanks to Slashdot for the opportunity, and thanks to the readers for wading through the text.

smiff writes "Silicon Valley is reporting that Transmeta will embed 'security' features in its TM5800 Crusoe processor. 'Transmeta said its Crusoe processors...would be slightly altered to tackle security and address requirements for securing sensitive data and intellectual property.' With everyone looking out for security, why don't I feel all warm and fuzzy inside?"

smiff writes "Silicon Valley is reporting that Transmeta will embed 'security' features in its TM5800 Crusoe processor. 'Transmeta said its Crusoe processors...would be slightly altered to tackle security and address requirements for securing sensitive data and intellectual property.' With everyone looking out for security, why don't I feel all warm and fuzzy inside?"

mmol_6453 writes "Now, not only are hospitals groaning under the combination of Microsoft and the HIPAA, but banks are having issues relating to federal privacy laws. Favorite line: 'Microsoft has told...that it plans eventually to eliminate users' ability to disable Microsoft's access to their systems.'"

Shea O'Brien Foley, a former production assistant at LucasFilm, has been arrested on 13 counts of theft of Star Wars material from LucasFilm worth $450,000. The police investigation was launched after an early Attack of the Clones cut was leaked to and reviewed by Aint It Cool News in March, two months before it hit theaters. Other than the fact that Ain't It Cool News and Harry Knowles aren't being charged with anything, police aren't saying much. Apparently, Jedi mind tricks didn't work on the arresting officers. Update: 10/14 23:51 GMT by T : Michael Singer points to an article on internet.com with more depth.

Karl writes "The RIAA announced today their intention to appeal the royalty rates for internet radio decided on by the Librarian of Congress. Today was the very last day to file for an appeal." The webcasters put out of business by the royalties include SomaFM, Monkeyradio, KPIG, and many others. At least a few Congressional representatives support revising CARP to give small webcasters a chance to survive.

mlinksva writes: "Safeweb cancelled their free service late last year, but their P2P anonymizing proxy, Triangle Boy, has been spotted in the wild (south of Fort Worth, Texas). 'Because of its stealth nature, the P2P software does not show up in reports from many filtering products and the administrator doesn't even know the problem exists and has no way to check it.'(via UniteTheCows)."

Slashback tonight with word on what you can use instead of JPEG, the return of AdCritic.com as payware, NCR vs. Handspring, and more. Read on for the details.

Prepare the JPEG bonfire. Moderator writes: "Here is an open alternative to the JPEG file format. I tried posting it in the JPEG patent article but it got buried under all the comments about "THEY CAN'T DO THIS!" and stuff."

This project is called DjVuLibre and encompasses "a set of compression technologies, a file format, and a software platform for the delivery over the Web of digital documents, scanned documents, and high resolution images."

I hope the judge has a big "WITHOUT MERIT" stamp. theodp writes "A U.S. District Court has issued a summary judgement in the patent infringement lawsuit filed against Palm and Handspring by NCR, dismissing NCR's suit as having no merit. Praising the decision, Handspring's CEO said 'Settlement of this case was never an option,' while Palm's CEO remarked 'We refuse to succumb to intimidation by companies that use charges of patent infringement to bully others.' One of the NCR patents in question was for 'a portable terminal small enough to fit in the user's hand,' and the complaint went on to claim that NCR's researchers, 'recognized an unsatisfied need for a portable, handheld device which would allow the user to information such as appointments, to-do lists, and addresses, and execute financial and shopping transactions by connecting to networks using an interface module.'"

This is sure to bring out the AdCritic critics. thebus writes: "The good news. AdCritic is Alive! The bad news. You gotta pay!"

An annual subscription for $69.95 looks like something worth paying for if you're in the advertising industry, but it would be nice to get a less expensive "interested viewer" option as well. Oh well.

Oh Steve, ya big tease! Maïdjeurtam writes: "In this Yahoo finance article, Reuters asked Apple's CEO Steve Jobs about the possible abandonment by Apple of Motorola and IBM's processors (PowerPC G3's & G4's), and the possibility of Intel processor-equipped Macs. Steve Jobs didn't exclude the possibility. He noticed that, during the year 2002, Apple had to finish the OS X transition and, this done, there would be a lot of amazing possibilities, which he finds exciting."

Most of the content of this article was covered in yesterday's coverage of Jobs' keynote, and the bit at the end about other processors may be only a throwaway line, but it certainly is intriguing.

randomErr writes: " Australia.Internet.com reports here that 'Of the $130 million Unwired Australia raised from the likes of Credit Suisse First Boston, Bruckman Rosser Sherrill and The Invus Group, $110 million was spent on licensing space on the 3.4Ghz spectrum. Yesterday it launched its first trial of the technology at no cost to the people of Paddington, a cosmopolitan suburb in Sydney's inner east.'" Of course, wireless broadband with cast-off satellite dishes sounds more fun ...

Zadig writes "It appears as if Dell, Oracle, and Red Hat CEOs have decided to make 'Unbreakable Linux'. Could a giant arise amidst today's insecure and constantly patched linux world that could hold the title of Unbreakable Linux? I doubt it, but it will be fun to try, what are your thoughts?" There's a similar article on CNet.

NikiScevak writes "As telco's around the world move from government hands to private investors the incentive for them to create compeition at the wholesale DSL level drops dramatically. The CSIRO in Australia are investigating the use of Wireless LAN technology 802.11b as a means through which to provide alternative broadband access, achieving range of up to 7km with standard components."

mgrimes writes "According to this story on Internet.com, the California Public Utilities Commission has ruled that it has the authority to regulate DSL-based Internet services in addition to the FCC. Could be a good step in creating more competition in the broadband market... but then again given the PUC's track record, maybe we're all in for rolling DSL blackouts."

mgrimes writes "According to this story on Internet.com, the California Public Utilities Commission has ruled that it has the authority to regulate DSL-based Internet services in addition to the FCC. Could be a good step in creating more competition in the broadband market... but then again given the PUC's track record, maybe we're all in for rolling DSL blackouts."

An Anonymous Coward writes: "Just received this letter from my ISP, one of the oldest in existence. A study here lays out the basics on the bill and why it's a bad idea. The bill retracts the telecommunications act of '96 which forces the phone giants to share the nation's phone lines (which are in public trust). Looks like it's time to write those pesky congressmen again." Too late to write. Call. Tauzin-Dingell, up for vote on Wednesday, would eliminate all the requirements on the four remaining Baby Bells to play fair with competing telecom providers. "Sure Covad, you can co-locate your DSL equipment in our switching offices - our deregulated rate is only $10,000/day/piece of equipment." It's instant death for all DSL providers except Verizon, SBC, Qwest and BellSouth.

Llywelyn writes: "The C.I.A. has evidently written up a contract with the group Northern Light Technology to develop a search engine that can sort through the C.I.A's increasing mound of unprocessed data. Unfortunately, one of the consequences of this is that Northern Light's public search engine is fated for destruction later this month. " It's inevitable, IMHO, that some of this happen - the search engine world is overpopulated right now, and with the economic downturn, more and more companies will move to where they can survive.

jluxe writes: "CNN reports that a new language, Curl, was presented at the Software Development Forum in Palo Alto. This language works via a plug-in to browsers, and attempts to merge the gap between HTML, javascript, java, and even C++. It also supports the Macromedia Flash plug-in. Interesting to note that Tim Berners-Lee is listed as a financial backer of this venture, as well as an adviser." Here's the Curl Corporation's official website as well.

jessemersonuy asks: "Multicasting plays an important role in the design, development, operation, and application of next generation networks that rely on the efficient delivery of packets to their destinations. Due to the advent of broadband, wireless and web-based system design technologies, it has become possible and feasible to design and construct large scale, heterogeneous and complex wireline and wireless communication networks that can support multimedia conferencing, streaming media distribution, distributed data sharing, distance learning, 'push'- oriented, and QoS for wired-cable and wired-wireless applications. Now, we have a small High Performance Computing system in our university campus and I would really like to use that system for testing multicasting applications. However, I do not know what would be the best way to use the cluster for multicasting purposes. Has anyone experimented with this before? What might be the best multicasting application to use to be able to fully utilize the power of the cluster?"

jessemersonuy asks: "Multicasting plays an important role in the design, development, operation, and application of next generation networks that rely on the efficient delivery of packets to their destinations. Due to the advent of broadband, wireless and web-based system design technologies, it has become possible and feasible to design and construct large scale, heterogeneous and complex wireline and wireless communication networks that can support multimedia conferencing, streaming media distribution, distributed data sharing, distance learning, 'push'- oriented, and QoS for wired-cable and wired-wireless applications. Now, we have a small High Performance Computing system in our university campus and I would really like to use that system for testing multicasting applications. However, I do not know what would be the best way to use the cluster for multicasting purposes. Has anyone experimented with this before? What might be the best multicasting application to use to be able to fully utilize the power of the cluster?"

jessemersonuy asks: "Multicasting plays an important role in the design, development, operation, and application of next generation networks that rely on the efficient delivery of packets to their destinations. Due to the advent of broadband, wireless and web-based system design technologies, it has become possible and feasible to design and construct large scale, heterogeneous and complex wireline and wireless communication networks that can support multimedia conferencing, streaming media distribution, distributed data sharing, distance learning, 'push'- oriented, and QoS for wired-cable and wired-wireless applications. Now, we have a small High Performance Computing system in our university campus and I would really like to use that system for testing multicasting applications. However, I do not know what would be the best way to use the cluster for multicasting purposes. Has anyone experimented with this before? What might be the best multicasting application to use to be able to fully utilize the power of the cluster?"

jessemersonuy asks: "Multicasting plays an important role in the design, development, operation, and application of next generation networks that rely on the efficient delivery of packets to their destinations. Due to the advent of broadband, wireless and web-based system design technologies, it has become possible and feasible to design and construct large scale, heterogeneous and complex wireline and wireless communication networks that can support multimedia conferencing, streaming media distribution, distributed data sharing, distance learning, 'push'- oriented, and QoS for wired-cable and wired-wireless applications. Now, we have a small High Performance Computing system in our university campus and I would really like to use that system for testing multicasting applications. However, I do not know what would be the best way to use the cluster for multicasting purposes. Has anyone experimented with this before? What might be the best multicasting application to use to be able to fully utilize the power of the cluster?"

jessemersonuy asks: "Multicasting plays an important role in the design, development, operation, and application of next generation networks that rely on the efficient delivery of packets to their destinations. Due to the advent of broadband, wireless and web-based system design technologies, it has become possible and feasible to design and construct large scale, heterogeneous and complex wireline and wireless communication networks that can support multimedia conferencing, streaming media distribution, distributed data sharing, distance learning, 'push'- oriented, and QoS for wired-cable and wired-wireless applications. Now, we have a small High Performance Computing system in our university campus and I would really like to use that system for testing multicasting applications. However, I do not know what would be the best way to use the cluster for multicasting purposes. Has anyone experimented with this before? What might be the best multicasting application to use to be able to fully utilize the power of the cluster?"

jessemersonuy asks: "Multicasting plays an important role in the design, development, operation, and application of next generation networks that rely on the efficient delivery of packets to their destinations. Due to the advent of broadband, wireless and web-based system design technologies, it has become possible and feasible to design and construct large scale, heterogeneous and complex wireline and wireless communication networks that can support multimedia conferencing, streaming media distribution, distributed data sharing, distance learning, 'push'- oriented, and QoS for wired-cable and wired-wireless applications. Now, we have a small High Performance Computing system in our university campus and I would really like to use that system for testing multicasting applications. However, I do not know what would be the best way to use the cluster for multicasting purposes. Has anyone experimented with this before? What might be the best multicasting application to use to be able to fully utilize the power of the cluster?"