Slashdot Mirror

A hefty handful of updates for you in tonight's Slashback, including: more information on how to make your plastic fish talk; more on the sounds-too-good-to-be-true Delux DVD player; and things that hopefully do not go boom in the woods. Also, shedding some more light on the Sun E10K review we ran a few days ago.

Make that fish say what you want it to say! vonmar writes: "Full details of the Boogie Bass Hack are now available, including schematics, sourcecode, and documentation. All the information should be there now for anyone with a soldering iron to make the Bass do their bidding!"

Here's the original story we ran about that crazy fish.

These are the things that go BOOM. Paul Jones of ibiblio writes: "To follow up on your nsa star hut story, take a look at this: a 40-year-old abandoned hydrogen bomb in eastern NC."

North Carolinians (Carolingians?) can sleep relatively easy though: according to the article, when a pair of hydrogren bombs went down with the plane which was carrying them, "Safety mechanisms designed to prevent unintended or unauthorized detonation served their function, and a historic nuclear catastrophe was averted. But published sources disagree on how close the people of Wayne County came to suffering fiery annihilation." Please don't retrieve this, anyone.

And EMlNEM writes with a cool addition as well: "Here are some pictures of the NSA station you had a story about."

Not so deluxe after all ... bluephone writes: "Well, it's been a while since the news of the Dulux DVD player hit Slashdot, and my question for my fellow /. inmates is can anyone post some FIRST HAND information about it? No more marketroid tripe, I'm talking about someone who ordered it, received it, played with it, etc. Was the company responsive? Did you actually get it? Is the playback quality good? Are the features promised actually there and functional? Currently, they claim to be out of stock, and will have more on the 15th of January, which could mena they've folded shop and run with the money, or that they sold like hotcakes. I want to know which it really is. A quick Google search revealed no actual post-testing reviews."

Adam Alexander writes: " Late in November, I read the ask slashdot article about the Dulux DVD/MP3/Game player and followed the link (http://www.gamedvdplayer.com) to purchase the item. I paid with PayPal (extremely hard to get a refund) and it turns out that I have never received the item, and although the company's web site is still up, they do not return phone calls or emails. I have set up a web site (http://oreo.donet.com/duluxhelp) for discussion between Dulux customers in order to trade information about (for example) ways to contact the company or success in getting refunds. I have a feeling that there may be many more Slashdot readers in the same position and I would like all of us to benefit from each other's experiences."

Well said. Who else can contribute words of wisdom (or chagrin) about what so far appears to be a non-deluxe player?

And now this newsflash with news ... on Flash! Peter Santangeli of Macromedia sent this email to the bugtraq mailing list, good reading for anyone interested in the Flash insecurity reported earlier.

As was posted earlier to BUGTRAQ, an issue has been discovered with the Macromedia Flash Player that shows a possible buffer overflow error when the player encounters a maliciously or incorrectly created SWF file. After an investigation, and consultation with the reporting engineer, Macromedia has determined the following:

• The data being accessed is located entirely in a dynamically allocated structure in the heap space of the application.
• The data access is limited to reading the information. At no time is the buffer in question ever written to. Neither the heap, nor the stack is written to during this processing, and at no time does this lead to the execution of arbitrary data as native instructions.

Given the above information, it is Macromedia's belief that the error in question, though unfortunate, does not constitute a significant security risk. The effects of this defect are limited to the crashing of the users client (denial of service).

On a personal note, I regret that the actual bug report did not reach the appropriate people at Macromedia in a timely manner. We do take security very seriously in the development of our products, and are looking in to mechanisms to ensure that this does not happen again. For a starter, we will be instituting a new email address by which these reports can be directly sent to the appropriate engineers.

Peter Santangeli
Vice President of Engineering, Flash and FreeHand
Macromedia Inc.

Credit where credit is due. Josh McCormick, who wrote this review on epinions.com of the heftily-priced Sun E10K server, was offered a call from Philip Ferreira, editor of Reviewboard Magazine, to discuss "what happened" with McCormick's review when a very similar review not crediting McCormick ran on the Reviewboard site, and was linked to by Slashdot (since removed, for reasons partly explained in this post from chabotc of Reviewboard). That message and the threads it spawned make clear what a big mess this was. Thanks to Josh for sticking up for his work. Here's his response to Reviewboard:

Phillip,

Considering the wild and numerous stories that were given to explain what has happened, you'll forgive me if I don't want to hear one more. I view the credibility of any explanation I would get as approaching zero.

Further, I pretty much already have what I wanted out of all of this. The article removed from your site (although it is still on the chabotc.com site), and recognition that I was the original author. There isn't much more that I can gain from having a conversation.

What I gained from this was an interesting story to share with my friends, and a better appreciation for what it takes to "prove" something online.

At this point, I'm satisified to drop it and go my seperate way.

Josh McCormick

A hefty handful of updates for you in tonight's Slashback, including: more information on how to make your plastic fish talk; more on the sounds-too-good-to-be-true Delux DVD player; and things that hopefully do not go boom in the woods. Also, shedding some more light on the Sun E10K review we ran a few days ago.

Make that fish say what you want it to say! vonmar writes: "Full details of the Boogie Bass Hack are now available, including schematics, sourcecode, and documentation. All the information should be there now for anyone with a soldering iron to make the Bass do their bidding!"

Here's the original story we ran about that crazy fish.

These are the things that go BOOM. Paul Jones of ibiblio writes: "To follow up on your nsa star hut story, take a look at this: a 40-year-old abandoned hydrogen bomb in eastern NC."

North Carolinians (Carolingians?) can sleep relatively easy though: according to the article, when a pair of hydrogren bombs went down with the plane which was carrying them, "Safety mechanisms designed to prevent unintended or unauthorized detonation served their function, and a historic nuclear catastrophe was averted. But published sources disagree on how close the people of Wayne County came to suffering fiery annihilation." Please don't retrieve this, anyone.

And EMlNEM writes with a cool addition as well: "Here are some pictures of the NSA station you had a story about."

Not so deluxe after all ... bluephone writes: "Well, it's been a while since the news of the Dulux DVD player hit Slashdot, and my question for my fellow /. inmates is can anyone post some FIRST HAND information about it? No more marketroid tripe, I'm talking about someone who ordered it, received it, played with it, etc. Was the company responsive? Did you actually get it? Is the playback quality good? Are the features promised actually there and functional? Currently, they claim to be out of stock, and will have more on the 15th of January, which could mena they've folded shop and run with the money, or that they sold like hotcakes. I want to know which it really is. A quick Google search revealed no actual post-testing reviews."

Adam Alexander writes: " Late in November, I read the ask slashdot article about the Dulux DVD/MP3/Game player and followed the link (http://www.gamedvdplayer.com) to purchase the item. I paid with PayPal (extremely hard to get a refund) and it turns out that I have never received the item, and although the company's web site is still up, they do not return phone calls or emails. I have set up a web site (http://oreo.donet.com/duluxhelp) for discussion between Dulux customers in order to trade information about (for example) ways to contact the company or success in getting refunds. I have a feeling that there may be many more Slashdot readers in the same position and I would like all of us to benefit from each other's experiences."

Well said. Who else can contribute words of wisdom (or chagrin) about what so far appears to be a non-deluxe player?

And now this newsflash with news ... on Flash! Peter Santangeli of Macromedia sent this email to the bugtraq mailing list, good reading for anyone interested in the Flash insecurity reported earlier.

As was posted earlier to BUGTRAQ, an issue has been discovered with the Macromedia Flash Player that shows a possible buffer overflow error when the player encounters a maliciously or incorrectly created SWF file. After an investigation, and consultation with the reporting engineer, Macromedia has determined the following:

• The data being accessed is located entirely in a dynamically allocated structure in the heap space of the application.
• The data access is limited to reading the information. At no time is the buffer in question ever written to. Neither the heap, nor the stack is written to during this processing, and at no time does this lead to the execution of arbitrary data as native instructions.

Given the above information, it is Macromedia's belief that the error in question, though unfortunate, does not constitute a significant security risk. The effects of this defect are limited to the crashing of the users client (denial of service).

On a personal note, I regret that the actual bug report did not reach the appropriate people at Macromedia in a timely manner. We do take security very seriously in the development of our products, and are looking in to mechanisms to ensure that this does not happen again. For a starter, we will be instituting a new email address by which these reports can be directly sent to the appropriate engineers.

Peter Santangeli
Vice President of Engineering, Flash and FreeHand
Macromedia Inc.

Credit where credit is due. Josh McCormick, who wrote this review on epinions.com of the heftily-priced Sun E10K server, was offered a call from Philip Ferreira, editor of Reviewboard Magazine, to discuss "what happened" with McCormick's review when a very similar review not crediting McCormick ran on the Reviewboard site, and was linked to by Slashdot (since removed, for reasons partly explained in this post from chabotc of Reviewboard). That message and the threads it spawned make clear what a big mess this was. Thanks to Josh for sticking up for his work. Here's his response to Reviewboard:

Phillip,

Considering the wild and numerous stories that were given to explain what has happened, you'll forgive me if I don't want to hear one more. I view the credibility of any explanation I would get as approaching zero.

Further, I pretty much already have what I wanted out of all of this. The article removed from your site (although it is still on the chabotc.com site), and recognition that I was the original author. There isn't much more that I can gain from having a conversation.

What I gained from this was an interesting story to share with my friends, and a better appreciation for what it takes to "prove" something online.

At this point, I'm satisified to drop it and go my seperate way.

Josh McCormick

A hefty handful of updates for you in tonight's Slashback, including: more information on how to make your plastic fish talk; more on the sounds-too-good-to-be-true Delux DVD player; and things that hopefully do not go boom in the woods. Also, shedding some more light on the Sun E10K review we ran a few days ago.

Make that fish say what you want it to say! vonmar writes: "Full details of the Boogie Bass Hack are now available, including schematics, sourcecode, and documentation. All the information should be there now for anyone with a soldering iron to make the Bass do their bidding!"

Here's the original story we ran about that crazy fish.

These are the things that go BOOM. Paul Jones of ibiblio writes: "To follow up on your nsa star hut story, take a look at this: a 40-year-old abandoned hydrogen bomb in eastern NC."

North Carolinians (Carolingians?) can sleep relatively easy though: according to the article, when a pair of hydrogren bombs went down with the plane which was carrying them, "Safety mechanisms designed to prevent unintended or unauthorized detonation served their function, and a historic nuclear catastrophe was averted. But published sources disagree on how close the people of Wayne County came to suffering fiery annihilation." Please don't retrieve this, anyone.

And EMlNEM writes with a cool addition as well: "Here are some pictures of the NSA station you had a story about."

Not so deluxe after all ... bluephone writes: "Well, it's been a while since the news of the Dulux DVD player hit Slashdot, and my question for my fellow /. inmates is can anyone post some FIRST HAND information about it? No more marketroid tripe, I'm talking about someone who ordered it, received it, played with it, etc. Was the company responsive? Did you actually get it? Is the playback quality good? Are the features promised actually there and functional? Currently, they claim to be out of stock, and will have more on the 15th of January, which could mena they've folded shop and run with the money, or that they sold like hotcakes. I want to know which it really is. A quick Google search revealed no actual post-testing reviews."

Adam Alexander writes: " Late in November, I read the ask slashdot article about the Dulux DVD/MP3/Game player and followed the link (http://www.gamedvdplayer.com) to purchase the item. I paid with PayPal (extremely hard to get a refund) and it turns out that I have never received the item, and although the company's web site is still up, they do not return phone calls or emails. I have set up a web site (http://oreo.donet.com/duluxhelp) for discussion between Dulux customers in order to trade information about (for example) ways to contact the company or success in getting refunds. I have a feeling that there may be many more Slashdot readers in the same position and I would like all of us to benefit from each other's experiences."

Well said. Who else can contribute words of wisdom (or chagrin) about what so far appears to be a non-deluxe player?

And now this newsflash with news ... on Flash! Peter Santangeli of Macromedia sent this email to the bugtraq mailing list, good reading for anyone interested in the Flash insecurity reported earlier.

As was posted earlier to BUGTRAQ, an issue has been discovered with the Macromedia Flash Player that shows a possible buffer overflow error when the player encounters a maliciously or incorrectly created SWF file. After an investigation, and consultation with the reporting engineer, Macromedia has determined the following:

• The data being accessed is located entirely in a dynamically allocated structure in the heap space of the application.
• The data access is limited to reading the information. At no time is the buffer in question ever written to. Neither the heap, nor the stack is written to during this processing, and at no time does this lead to the execution of arbitrary data as native instructions.

Given the above information, it is Macromedia's belief that the error in question, though unfortunate, does not constitute a significant security risk. The effects of this defect are limited to the crashing of the users client (denial of service).

On a personal note, I regret that the actual bug report did not reach the appropriate people at Macromedia in a timely manner. We do take security very seriously in the development of our products, and are looking in to mechanisms to ensure that this does not happen again. For a starter, we will be instituting a new email address by which these reports can be directly sent to the appropriate engineers.

Peter Santangeli
Vice President of Engineering, Flash and FreeHand
Macromedia Inc.

Credit where credit is due. Josh McCormick, who wrote this review on epinions.com of the heftily-priced Sun E10K server, was offered a call from Philip Ferreira, editor of Reviewboard Magazine, to discuss "what happened" with McCormick's review when a very similar review not crediting McCormick ran on the Reviewboard site, and was linked to by Slashdot (since removed, for reasons partly explained in this post from chabotc of Reviewboard). That message and the threads it spawned make clear what a big mess this was. Thanks to Josh for sticking up for his work. Here's his response to Reviewboard:

Phillip,

Considering the wild and numerous stories that were given to explain what has happened, you'll forgive me if I don't want to hear one more. I view the credibility of any explanation I would get as approaching zero.

Further, I pretty much already have what I wanted out of all of this. The article removed from your site (although it is still on the chabotc.com site), and recognition that I was the original author. There isn't much more that I can gain from having a conversation.

What I gained from this was an interesting story to share with my friends, and a better appreciation for what it takes to "prove" something online.

At this point, I'm satisified to drop it and go my seperate way.

Josh McCormick

The move to patent anything, everything, and all that remains after those categories are exhausted continues apace. rozzin writes: "ColorMax, who makes colour-blindness-compensatory lenses, has acquired a "patent for the human genes responsible for common, hereditary, red-green colorblindness"." Read below for a longer take on another disputed patent, which raises the all-important issue of actually determining what all those words in a patent application really mean. We can probably agree on whether something is a sphere, but what about whether something is "type data," or what constitutes the act of location? How patentable ought such things be? (I suggest browsing The League for Programming Freedom site for some cogent thoughts on this, including RMS's "The Anatomy of a Trivial Patent." Can anyone point to the best online apologia favoring software patents, or perhaps suggesting higher thresholds for them?)

Jim Lochowitz writes "A friend of mine just sent me this ( posted with permission) :

I just looked at Judge Zagel's ruling from yesterday in Eolas Technologies, Inc. v. Microsoft Corporation, 99 C 0626, which is currently pending in federal court in the Northern District of Illinois. Eolas alleges that Microsoft has infringed its patent, #5,838,906, issued November 18, 1998. If memory serves, the gist of the suit is that both Windows and Internet Explorer infringe the patent.

If you want to look at the text of the patent again, it can be found on the PTO's website [here]. (Or search for the patent #5,838,906 from [this] page.)

At this point in the case, the court is trying to resolve exactly *what* the patent covers before it can consider whether or not whatever Microsoft did infringed it. Yesterday's ruling had to do with what was meant by the following key language in the patent (found in Claim 1 and Claim 6):
"wherein said object has type information associated with it utilized by said browser to identify and locate an executable application".

As Judge Zagel put it,
"What is an executable application? What is type information that must be associated with the object? What does it mean for the type information to be utilized by said browser to identify and locate the executable application?"

Experts testified as to the answers to these questions. Eolas' expert was Edward Felten, who is an Associate Professor of Computer Science at Princeton. Microsoft's experts were H.E. Dunsmore, Associate Professor of Computer Science at Purdue University, and Michael Wallent, Product Unit Manager for Internet Explorer.

Judge Zagel found that (as used in the patent language), an "executable application" is computer program code which is launched to enable an end-user to directly interact with data, and one which is not an operating system or utility. He found that "type information" "may include the name of an application associated with the object." Finally, he found that "utilized by said browser to identify and locate" meant that those functions are performed by the browser.

Now that Judge Zagel has determined what this key language in the patent means, the court is now in a position to determine whether Microsoft has, in fact, infringed the patent. Trial could be the next step. It will be interesting to see what happens! I suspect that no matter who wins at the trial court level, there is likely to be an appeal. It will be a while yet before we learn what the resolution will be.

If you want to read the text of the opinion yourself, you can find it on CourtWeb as [this] pdf file.

Many of the rulings thus far in the case are available online. Put in "Northern District of Illinois," hit the "proceed to CourtWeb" button, and then enter the case number on the next screen. (The case # is 99cv0626.) Put in the date range you want- note that the case was filed in February 1999.

"

The move to patent anything, everything, and all that remains after those categories are exhausted continues apace. rozzin writes: "ColorMax, who makes colour-blindness-compensatory lenses, has acquired a "patent for the human genes responsible for common, hereditary, red-green colorblindness"." Read below for a longer take on another disputed patent, which raises the all-important issue of actually determining what all those words in a patent application really mean. We can probably agree on whether something is a sphere, but what about whether something is "type data," or what constitutes the act of location? How patentable ought such things be? (I suggest browsing The League for Programming Freedom site for some cogent thoughts on this, including RMS's "The Anatomy of a Trivial Patent." Can anyone point to the best online apologia favoring software patents, or perhaps suggesting higher thresholds for them?)

Jim Lochowitz writes "A friend of mine just sent me this ( posted with permission) :

I just looked at Judge Zagel's ruling from yesterday in Eolas Technologies, Inc. v. Microsoft Corporation, 99 C 0626, which is currently pending in federal court in the Northern District of Illinois. Eolas alleges that Microsoft has infringed its patent, #5,838,906, issued November 18, 1998. If memory serves, the gist of the suit is that both Windows and Internet Explorer infringe the patent.

If you want to look at the text of the patent again, it can be found on the PTO's website [here]. (Or search for the patent #5,838,906 from [this] page.)

At this point in the case, the court is trying to resolve exactly *what* the patent covers before it can consider whether or not whatever Microsoft did infringed it. Yesterday's ruling had to do with what was meant by the following key language in the patent (found in Claim 1 and Claim 6):
"wherein said object has type information associated with it utilized by said browser to identify and locate an executable application".

As Judge Zagel put it,
"What is an executable application? What is type information that must be associated with the object? What does it mean for the type information to be utilized by said browser to identify and locate the executable application?"

Experts testified as to the answers to these questions. Eolas' expert was Edward Felten, who is an Associate Professor of Computer Science at Princeton. Microsoft's experts were H.E. Dunsmore, Associate Professor of Computer Science at Purdue University, and Michael Wallent, Product Unit Manager for Internet Explorer.

Judge Zagel found that (as used in the patent language), an "executable application" is computer program code which is launched to enable an end-user to directly interact with data, and one which is not an operating system or utility. He found that "type information" "may include the name of an application associated with the object." Finally, he found that "utilized by said browser to identify and locate" meant that those functions are performed by the browser.

Now that Judge Zagel has determined what this key language in the patent means, the court is now in a position to determine whether Microsoft has, in fact, infringed the patent. Trial could be the next step. It will be interesting to see what happens! I suspect that no matter who wins at the trial court level, there is likely to be an appeal. It will be a while yet before we learn what the resolution will be.

If you want to read the text of the opinion yourself, you can find it on CourtWeb as [this] pdf file.

Many of the rulings thus far in the case are available online. Put in "Northern District of Illinois," hit the "proceed to CourtWeb" button, and then enter the case number on the next screen. (The case # is 99cv0626.) Put in the date range you want- note that the case was filed in February 1999.

"

vonmar writes "A 20-second re-recordable message has been hacked into the "Boogie Bass" talking fish. The audio is stored on an ISD 1420P solid-state chipcorder voice record/playback chip. The head, tail, and mouth movements are also re-recordable, and are stored in EEPROM inside an ATMEL AT89S8252 microcontroller. Read more about it at the creator's site."

vonmar writes "A 20-second re-recordable message has been hacked into the "Boogie Bass" talking fish. The audio is stored on an ISD 1420P solid-state chipcorder voice record/playback chip. The head, tail, and mouth movements are also re-recordable, and are stored in EEPROM inside an ATMEL AT89S8252 microcontroller. Read more about it at the creator's site."

kryzx writes "MIT Technology Review has a piece on recent developments in flexible transistors. " The applicability of the flexible transistor, at least from the article's point of view, is the applications in everyday life - it's interesting to see how things are developing.

Here's another query from an Anonymous Coward with ringing ears: "I may be forced to spend a lot of time in a computer machine room soon, and was thinking of using some noise-cancellation headphones (like those made by Sony or BOSE). Unfortunately, I must spend a lot of time on the telephone. I can try and hack one of the airplane model units BOSE makes (which also has a built in boom microphone) to interface to a telephone, but it occurred to me maybe someone knew of something better that already exists? It would be nice to be able to listen to music when I'm not on the telephone..."

Stanford University held a workshop last Friday - The Policy Implications of End-to-End - covering some of the policy questions cropping up which threaten the end-to-end paradigm that serves today's Internet so well. It was attended by representatives from the FCC, along with technologists, economists, lawyers and others. Here are my notes from the workshop. I'm going to try to skip describing each individual's background and resume, instead substituting a link to a biography page whenever I can. (Part one of two.)

The summary provided by the conference organizers has a brief description of end-to-end:

"The "end-to-end argument" was proposed by network architects Jerome Saltzer, David Reed and David Clark in 1981 as a principle for allocating intelligence within a large scale computer network. It has since become a central principle of the Internet's design. End-to-end [e2e] counsels that "intelligence" in a network should be placed at its ends -- in applications -- while the network itself should remain as simple as is feasible, given the broad range of applications that the network might support."

Another way to view end-to-end might be as a sort of network non-interference policy: all bits are created equal. The problem is that there are substantial economic incentives to treat bits differently, and these incentives are changing the architecture of the Internet in ways which may be detrimental to public values.

The workshop covered a number of areas:

• Voice over IP
• Network Security
• Quality of Service
• Content Caching
• Broadband
• Wireless

Jerome Saltzer started off with a technical overview of the end-to-end argument. In summary: digital technology builds systems of stunning complexity, and the way to manage this complexity is to modularize. For networking, this resulted in the layer model that many slashdot readers are familiar with. He suggested that designers should be wary of putting specific functions in lower layers, since all layers above must deal with that design decision. For a longer explanation, one can always read the original paper. If you've never heard of end-to-end before, I do suggest reading this paper before continuing. It's short.

First, Scott Bradner described two competing architectures for voice-over-IP protocols: one which employs central servers to direct and manage calls (the Media Gateway Control model, or Megaco), and one which puts most of the intelligence in the end-points, with the phones/computers originating the calls (the Session Initiation Protocol, or SIP). One important difference: SIP phones can use a central server to direct calls, but Megaco phones have no capability to act independently. Building a great deal of intelligence into the central servers is less end-to-end-compliant than building it into phones at the edges of the network.

One member of the audience pointed out that Federal law requires companies to build wiretapping capabilities into phone switches and wireless network equipment, and wondered how that would be implemented if the phones initiated the connections themselves (SIP). Traditional wiretapping is predicated upon the idea that there is a central server which all communications pass through. The panel candidly replied that when no central server is used and encryption is employed, wiretapping is difficult. One audience member pointed out that wiretapping at centralized switches is not the most effective way to do it, anyway -- since switches can be routed around and communications can be encrypted, the only truly effective way to wiretap would be to build tapping capabilities all the way at the edge of the network -- the phone itself. While some of the audience laughed, I think most of the participants also realized the dark undertones of this suggestion.

Next the discussion turned to innovation. In one model, the central servers would be controlled by companies with a vested interest in managing them conservatively, suppressing competition, etc. In the other, individuals would be able to create/control their own phones on the perimeter of the network, and the only barrier to innovation would be finding someone else to adopt your improvement as well so that the two of you could communicate. In the first model, innovations which benefited the company would be the only ones permitted. In the second one, any innovation which benefited the end-user would be possible.

Finally the discussion moved to a rarely thought about side effect of voice over IP. Universal service -- phone service to (nearly) every resident of the United States -- is funded through access charges on your phone bill. In effect, people in cheap-to-service areas are subsidizing those in expensive-to-service areas, ranging from the badlands of Nevada to wilderness areas of Alaska. From a societal point of view, ubiquitous access to telephones has been a great boon, but providing it requires a societal commitment -- otherwise people living outside of major population centers might never have phone service. Suppose now that traditional telephony is replaced by voice over IP, and no central servers are involved -- there would be no easy way to collect the access charges which subsidize outlying areas. While lowering such taxes may have widespread appeal, completely abandoning the commitment to universal service would be a great loss to society.

The next focus was network security. Firewalls are probably the most obvious breaks in the end-to-end paradigm -- after all, these devices' sole purpose is to stand in the way of network connections, and decide which are permitted and which are not. Participants brought up (but thankfully, quickly moved past) the true-but-useless point that if all operating systems were secured properly, there would be no need for firewalls.

Hans Kruse pointed out that if security must be implemented at the end anyway -- as it must if any incoming traffic is permitted through the firewall -- then there's no reason to do it at the center as well. David Clark put forth the useful distinction between mandatory and discretionary access controls -- mandatory controls being ones put into place by someone else, discretionary ones put into place by you. Discretionary controls do not violate end-to-end, but mandatory ones generally do. Michael Kleeman noted that the reasons firewalls are put into place include the desire to control the actions of users inside the firewall as often as the desire to control access from outside.

Doug Van Houweling spoke regarding Network Address Translation (NAT). NAT allows two networks to be joined together, and is typically used to join a network of machines with non-routable IP addresses to the global internet. NAT is an outgrowth of the limited availability of IPv4 addresses, but is also employed in some cases as a poor man's security measure. Generally, Houweling described NAT as an affront to end-to-end, because any application which requires transparency of addresses breaks, making end-to-end encryption impossible. Added to which, applications sometimes transmit data in the TCP/IP headers which NAT alters. The group noted that NAT can be eliminated simply by putting more addresses into circulation. Later in the workshop, Andrew McLaughlin talked about the address allocation process for IPv6 and said that it is shaping up to be much better than that for IPv4.

The workshop moved on next to Quality of Service. QoS in this case covers a wide range of proposals (and a few working implementations) for selectively speeding up or slowing down network traffic -- a sort of nice for network data flows. The "benign" use of QoS is to ensure that traffic which is strongly time-sensitive like videoconferencing or telephony gets priority over the download of NT Service Pack 16. There are less-benign uses: Cisco's 1999 White Paper which encouraged cable Internet operators to use Cisco's QoS features to speed up access to proprietary (read: profitable) content while slowing down content from competitors was the red flag in the QoS realm, raising concerns about the role of ISPs in traffic delivery and abuses by telecom carriers which are also content providers.

This segment started with an overview of QoS. There are several ways to implement QoS on a network. The simplest is to build a network with a capacity great enough to never be maxed out; if the network has sufficient bandwidth, there's no need to worry about QoS in the first place. There are costs, though, to maintain sufficient excess capacity on the network. This is called "adequate provisioning" if it is your preferred method of managing traffic, or "over-provisioning" if you prefer one of the other QoS approaches. The other ways under consideration are an integrated service architecture and a differentiated service architecture. The former would monitor and track each individual data flow -- the call you place to your mother in Singapore could be treated differently from the call you place to your grandmother in Kracow. The latter would only allow differentiation between classes of services -- all videoconferencing would be treated similarly, for example. Of the three, adequate provisioning is fully end-to-end while DiffServ is less so, and IntServ is highly non-compliant.

Jerome Saltzer (from the audience) made the point that no QoS technique provides real guarantees of service, and any technique except having plenty of excess bandwidth available violates the principles of end-to-end. He emphasized that people should be aware of the trade-offs.

Jamie Love mentioned not only the Cisco white paper but pointed out that this situation lent itself to behavior like that which has landed Microsoft in hot water -- using one's control of a particular system to speed up one's own content and impede competitors' from flowing. A member of the audience countered QoS would allow companies to create different levels of service -- pay more for fast access, less for slow access -- and that this was a good thing.

There were two distinct classes of problems identified. The first is similar to the distinction among methods for carrying voice over IP: the companies that control the QoS-enabled servers get to control who gets to innovate in QoS-related areas. The second, related problem is that of carriers using QoS features to promote their own content. The second problem has traditionally been solved by requiring a separation of carriage and content -- keeping the owner of the lines and the provider of content over those lines separate. The current FCC and FTC are not enforcing that traditional check against monopolization of content in telecommunications; thus it's likely that unless governmental policies change, AOL/Time Warner will be a position to promote its own content through control of the cable Internet services it owns.

Doug Van Houweling then spoke and noted that the Internet2 project is taking a very strong stance promoting QoS, because that stance is seen as necessary to promote investment in Internet2 architecture.

An audience member spoke up and suggested that the best regulatory course would be regulation with a light touch -- regulation could provide the minimum necessary controls to provide really necessary QoS while disallowing abusive uses. At this point Deborah Lathen asked the $64,000 question: how would the FCC make this fine regulatory distinction? No one had a good answer to that question.

In Part two tomorrow: transparent caching, broadband and wireless access, and capitalism.

Stanford University held a workshop last Friday - The Policy Implications of End-to-End - covering some of the policy questions cropping up which threaten the end-to-end paradigm that serves today's Internet so well. It was attended by representatives from the FCC, along with technologists, economists, lawyers and others. Here are my notes from the workshop. I'm going to try to skip describing each individual's background and resume, instead substituting a link to a biography page whenever I can. (Part one of two.)

The summary provided by the conference organizers has a brief description of end-to-end:

"The "end-to-end argument" was proposed by network architects Jerome Saltzer, David Reed and David Clark in 1981 as a principle for allocating intelligence within a large scale computer network. It has since become a central principle of the Internet's design. End-to-end [e2e] counsels that "intelligence" in a network should be placed at its ends -- in applications -- while the network itself should remain as simple as is feasible, given the broad range of applications that the network might support."

Another way to view end-to-end might be as a sort of network non-interference policy: all bits are created equal. The problem is that there are substantial economic incentives to treat bits differently, and these incentives are changing the architecture of the Internet in ways which may be detrimental to public values.

The workshop covered a number of areas:

• Voice over IP
• Network Security
• Quality of Service
• Content Caching
• Broadband
• Wireless

Jerome Saltzer started off with a technical overview of the end-to-end argument. In summary: digital technology builds systems of stunning complexity, and the way to manage this complexity is to modularize. For networking, this resulted in the layer model that many slashdot readers are familiar with. He suggested that designers should be wary of putting specific functions in lower layers, since all layers above must deal with that design decision. For a longer explanation, one can always read the original paper. If you've never heard of end-to-end before, I do suggest reading this paper before continuing. It's short.

First, Scott Bradner described two competing architectures for voice-over-IP protocols: one which employs central servers to direct and manage calls (the Media Gateway Control model, or Megaco), and one which puts most of the intelligence in the end-points, with the phones/computers originating the calls (the Session Initiation Protocol, or SIP). One important difference: SIP phones can use a central server to direct calls, but Megaco phones have no capability to act independently. Building a great deal of intelligence into the central servers is less end-to-end-compliant than building it into phones at the edges of the network.

One member of the audience pointed out that Federal law requires companies to build wiretapping capabilities into phone switches and wireless network equipment, and wondered how that would be implemented if the phones initiated the connections themselves (SIP). Traditional wiretapping is predicated upon the idea that there is a central server which all communications pass through. The panel candidly replied that when no central server is used and encryption is employed, wiretapping is difficult. One audience member pointed out that wiretapping at centralized switches is not the most effective way to do it, anyway -- since switches can be routed around and communications can be encrypted, the only truly effective way to wiretap would be to build tapping capabilities all the way at the edge of the network -- the phone itself. While some of the audience laughed, I think most of the participants also realized the dark undertones of this suggestion.

Next the discussion turned to innovation. In one model, the central servers would be controlled by companies with a vested interest in managing them conservatively, suppressing competition, etc. In the other, individuals would be able to create/control their own phones on the perimeter of the network, and the only barrier to innovation would be finding someone else to adopt your improvement as well so that the two of you could communicate. In the first model, innovations which benefited the company would be the only ones permitted. In the second one, any innovation which benefited the end-user would be possible.

Finally the discussion moved to a rarely thought about side effect of voice over IP. Universal service -- phone service to (nearly) every resident of the United States -- is funded through access charges on your phone bill. In effect, people in cheap-to-service areas are subsidizing those in expensive-to-service areas, ranging from the badlands of Nevada to wilderness areas of Alaska. From a societal point of view, ubiquitous access to telephones has been a great boon, but providing it requires a societal commitment -- otherwise people living outside of major population centers might never have phone service. Suppose now that traditional telephony is replaced by voice over IP, and no central servers are involved -- there would be no easy way to collect the access charges which subsidize outlying areas. While lowering such taxes may have widespread appeal, completely abandoning the commitment to universal service would be a great loss to society.

The next focus was network security. Firewalls are probably the most obvious breaks in the end-to-end paradigm -- after all, these devices' sole purpose is to stand in the way of network connections, and decide which are permitted and which are not. Participants brought up (but thankfully, quickly moved past) the true-but-useless point that if all operating systems were secured properly, there would be no need for firewalls.

Hans Kruse pointed out that if security must be implemented at the end anyway -- as it must if any incoming traffic is permitted through the firewall -- then there's no reason to do it at the center as well. David Clark put forth the useful distinction between mandatory and discretionary access controls -- mandatory controls being ones put into place by someone else, discretionary ones put into place by you. Discretionary controls do not violate end-to-end, but mandatory ones generally do. Michael Kleeman noted that the reasons firewalls are put into place include the desire to control the actions of users inside the firewall as often as the desire to control access from outside.

Doug Van Houweling spoke regarding Network Address Translation (NAT). NAT allows two networks to be joined together, and is typically used to join a network of machines with non-routable IP addresses to the global internet. NAT is an outgrowth of the limited availability of IPv4 addresses, but is also employed in some cases as a poor man's security measure. Generally, Houweling described NAT as an affront to end-to-end, because any application which requires transparency of addresses breaks, making end-to-end encryption impossible. Added to which, applications sometimes transmit data in the TCP/IP headers which NAT alters. The group noted that NAT can be eliminated simply by putting more addresses into circulation. Later in the workshop, Andrew McLaughlin talked about the address allocation process for IPv6 and said that it is shaping up to be much better than that for IPv4.

The workshop moved on next to Quality of Service. QoS in this case covers a wide range of proposals (and a few working implementations) for selectively speeding up or slowing down network traffic -- a sort of nice for network data flows. The "benign" use of QoS is to ensure that traffic which is strongly time-sensitive like videoconferencing or telephony gets priority over the download of NT Service Pack 16. There are less-benign uses: Cisco's 1999 White Paper which encouraged cable Internet operators to use Cisco's QoS features to speed up access to proprietary (read: profitable) content while slowing down content from competitors was the red flag in the QoS realm, raising concerns about the role of ISPs in traffic delivery and abuses by telecom carriers which are also content providers.

This segment started with an overview of QoS. There are several ways to implement QoS on a network. The simplest is to build a network with a capacity great enough to never be maxed out; if the network has sufficient bandwidth, there's no need to worry about QoS in the first place. There are costs, though, to maintain sufficient excess capacity on the network. This is called "adequate provisioning" if it is your preferred method of managing traffic, or "over-provisioning" if you prefer one of the other QoS approaches. The other ways under consideration are an integrated service architecture and a differentiated service architecture. The former would monitor and track each individual data flow -- the call you place to your mother in Singapore could be treated differently from the call you place to your grandmother in Kracow. The latter would only allow differentiation between classes of services -- all videoconferencing would be treated similarly, for example. Of the three, adequate provisioning is fully end-to-end while DiffServ is less so, and IntServ is highly non-compliant.

Jerome Saltzer (from the audience) made the point that no QoS technique provides real guarantees of service, and any technique except having plenty of excess bandwidth available violates the principles of end-to-end. He emphasized that people should be aware of the trade-offs.

Jamie Love mentioned not only the Cisco white paper but pointed out that this situation lent itself to behavior like that which has landed Microsoft in hot water -- using one's control of a particular system to speed up one's own content and impede competitors' from flowing. A member of the audience countered QoS would allow companies to create different levels of service -- pay more for fast access, less for slow access -- and that this was a good thing.

There were two distinct classes of problems identified. The first is similar to the distinction among methods for carrying voice over IP: the companies that control the QoS-enabled servers get to control who gets to innovate in QoS-related areas. The second, related problem is that of carriers using QoS features to promote their own content. The second problem has traditionally been solved by requiring a separation of carriage and content -- keeping the owner of the lines and the provider of content over those lines separate. The current FCC and FTC are not enforcing that traditional check against monopolization of content in telecommunications; thus it's likely that unless governmental policies change, AOL/Time Warner will be a position to promote its own content through control of the cable Internet services it owns.

Doug Van Houweling then spoke and noted that the Internet2 project is taking a very strong stance promoting QoS, because that stance is seen as necessary to promote investment in Internet2 architecture.

An audience member spoke up and suggested that the best regulatory course would be regulation with a light touch -- regulation could provide the minimum necessary controls to provide really necessary QoS while disallowing abusive uses. At this point Deborah Lathen asked the $64,000 question: how would the FCC make this fine regulatory distinction? No one had a good answer to that question.

In Part two tomorrow: transparent caching, broadband and wireless access, and capitalism.

Tavern alerts us to this CNET story which indicates that AT&T will soon offer GSM service to U.S. customers, noting "Maybe US companies are figuring out it's time not to compete in infrastructure, but to compete in services." The article also mentions the investment of Japanese wireless giant DoCoMo into AT&T's wireless service; you may recall that they're the creators of the finger-in-ear phone mentioned a few months back. I got to demo this phone in October, and I hope they speed up the development -- it was fun to say "Hi, Mom. I'm talking with my finger in my ear!"

alexhmit01 asks: "One of my classes requires us to write a system that will deal with accessing huge amounts of random data. The catch? The project must be done in scheme. Storing the data in a Database would make indexing and searching the data MUCH easier than manually creating hash tables and other ugliness for which scheme is AMAZINGLY inefficient at. Does anyone know of ODBC, Postgres or MySQL bindings for Scheme (preferably MIT Scheme, but we could use a different Scheme if need be)?" While perusing around, I found this page which which contains some information about Scheme and Databases. Are there any other bindings for Scheme that will allow you to connect to various database backends?

ContinuousPark writes: "The folks at the MIT Media Lab have been working on a $50 handheld Linux computer. 900MHz, 1mW, 200Kbps peering or hub-and-spoke internet gateways for wireless mode and a RS-485 wired LAN: 1Mbps multidrop. Loads of software on less than 1Mb footprint. They've called it the Pengachu Project: Cheap Wireless Linux for Everyone. Read about it here, an article on the kickoff event for the Digital Nations project."

The word is that the Florida recount will be completed later today (before 5 EST). In the meantime, a couple of interesting bits related to math (which seems much more appropriate to Slashdot ;) The big one is of course the 'Voting Irregularity' in Palm Beach where supposedly thousands of seniors voted for Buchanan due to a badly designed ballot. this report (unfortunately, its a PDF) breaks down the returns on various counties and pretty much proves that something was wrong. Any math folks out there interested in doing their own take on the numbers? bwoodard sent in a mathematical argument for the electoral college written by MIT Prof, Alan Natapof. Hopefully we'll have more word later today. Update: 11/09 01:55 PM EDT by C :For those of you interested in seeing why there is such controversy over the Palm Beach County ballot, you can take a look at the ballot to see for yourself if it might be a bit unintuitive. If you'd like more food for thought, you can check out this article which talks a bit about the usability issues behind the ballot's design.

In Take 1 of this two-part series, I described some of the current technology in wearable computing as seen at ISWC 2000, this year's just-finished iteration of the International Symposium on Wearable Computers, from head-mounted displays to intelligent jackets. In this round, a little more speculation about where the future of wearability lies, with a peek in the door at some of the things being done in top university labs. What forces will shape the future of wearable computing? Hint: GeForce 2's are still hard to carry, and there's never enough power.

In square circle, with realtime 3-D overlay Professor Steve Feiner heads a Columbia University / Naval Research Laboratories joint project called Battlefield Augmented Reality System (BARS), one of the more graphically ambitious projects on view at ISWC 2000. He and graduate students Drexel Hallaway and Tobias Hoellerer demonstrated how, using transparent overlays representing maps and other data entered offline, allows the user to interact with others in 3-D environments, and to view information intelligently superimposed on real-world objects as they walk around. On the second day of the conference, the team was demonstrating maps they had entered over the course of the first day using the show-floor itself. One caveat: instead of a tiny metal box tucked discreetly out of sight, these systems approach the limit of wearability while in their design phase. The two systems on display, built separately, resemble backpacking rucksacks stripped of their bags to reveal a Rube Goldberg symphony of batteries, cables, video cards, and nondescript boxes which turn out to be GPS revievers and dead-reckoning devices.

"Because for what we're using, there's nothing you can buy off the shelf, or build really easily, that would be lightweight, low-power consuming and capable of doing the sthings that we want to do. But because we want to be able to go outside do some of the things that we want to do, we put these backpacks on. ... So we're building things that are bigger than they would have to be if they were built by a real oomputer company. It's mostly the fact that we need less the processor power -- because, as you know, the processing power of a high-end end laptop is damned close to the processng power of a high-end desktop -- the important thing to us is that the graphics card is a real desktop [card], basically the fastest PCI card you can get right now."

All that video power is still not enough for the taste of Feiner or his grad students, but it does present a dazzling display of rapidly-updated, colorful information on the monitors scattered around their exhibit. It looks like a video game, until you relaize that it's done in real-time.

In keeping with it's military funding and applications, these semi-wearables use centimeter-accurate GPS receivers ("Which is a waffling way of saying they can be accurate to within a couple of centimeters," says Feiner, "given that you have good satellite tracking performance."), and "in a lot of our current systems, the computer weighs less than the GPS." When GPS coverage is spotty or non-existent, the system uses its included dead-reckoning device to augment the GPS measurements.

"We like to call these bearables, rather than wearables," he grins. "This whole system weighs something like 20-odd pounds. Compared to a camping backpack, that may be pretty good, but for doing real everyday work? It's totally unacceptable."

"What are it's applicatons? At this size, and this level of kludginess? Research. The question is, what happens when it becomes small enough and rugged enough -- truly, they run sort of hand-in-hand -- to be truly wearable? And by truly wearable, I think less of Lizzy and it's predecessors, something that's bigger than my camera for example -- and more in terms of somethng like this --" he indicates the clamshell cell phone on his belt --"and this is even pushing it in terms of size. That's going to happen, in my prediction, sometime by the end of the decade. that prediction is based on technological feasibility and a lot of it is people, companies, whether they get it or not."

See Spot run! See spot compile the Linux kernel! Carnegie Mellon has a long history of wearables research, going back to the Vu-man series of computers in 1991. The current forefront of research at CMU is represented by Spot, a StrongArm-based research wearable in initial fabrication right now. "We'll get metal in November, and that means I'll be able to do the kernel bring-up around New Year's. Essentially, once you have an electronic layout, when you essentially just say what components are connected to what, with wires, there's an issue of trying to cram it into a box this big." That according to Spot's originator and designer, CMU doctoral student John Dorsey. Dorsey is also the ARM Linux kernel hacker for the board that Spot is based on. "This big," in this case, means a tiny card with the footprint of a PCMCIA card, itself enclosed in a 6"x3"x1" oblong pod, designed to snuggle in any of several spots on the human body. That tiny box holds up to 256MB of SDRAM, as well as up to 64MB of Flash RAM, and a CompactFlash slot. "And that's pretty incredible considering the amount of stuff that's actually on the board, so we hired an outside firm to design that for us, who will lay things out so they will fit in that area."

Spot is not destined to hit The Sharper Image anytime soon, though. "I guess our immediate deisre is to make it available to other resarch labs and universities," says Dorsey. "It's a little bit feature filled for it to be [the basis of] a cheap commercial product at this point."

What about the research that went into Spot -- will you be able to raise your own? I asked Dorsey about the possibility of the plans for Spot being put on the Web for public consumption, and his answer was uncertain, but optimistic. "There's an issue of [rights] when an outside funding agency gives the money to design something like that, they have first dibs on the intellectual property. There's a trend that I see at this conference, probably the most exciting thing I've seen, which is that a lot of companies are trying to make their designs available on the web, and that's the kind of thing I would like to see happen. At least for people who are in the research community, there's no reason not to do that. It's cewrtainly saves horrendous duplication of effort, and really helps us to make progress. The important thing is that you just want to get the platform done, and out there."

Thanks to the GPL, though, Dorsey says it's not as important whether Spot's schematics are available, becauses the clue that a home-builder would need will be in public view: "There's a really strange dichotomy when it comes to what people will permit for software, and what they will permit for software. People don't even blink when I say I want to GPL stuff that I write for research, my thesis or whatever -- but for hardware I think there's just a different mindset. What Ithink is funny when it comes to hardware is that I'm allowed to GPL the kernel port for this board. And any reasonably intelligent person could look at the code for the various drivers and support, and sort of back out what's actually in the box. So it's a little bit silly to say you can't say what the schematic looks like."

Like most of the academic reasearchers in Atlanta, CMU uses Linux heavily in its wearables development. Dorsey does have a short wishlist for future developments in the Linux kernel, though: "Power management, that's the big one. I know that the WRL folks over at Compaq are working on that noe for the SA-11 family [the processor which runs Spot] in particular. I would like to see it show up more often in networking research applications. BSD really does own the game as far as that goes right now, and I need to do all my thesis stuff on Linux, so I'd like to see that happen."

Also with CMU and living proof that it takes more than kernel hackers to build computers onto the human body, Francine Gemperle has a background in industrial design, and now is a graduate student with the CMU Design Studio. Gemperle was hired when she finished her undergraduate degree a few years ago, to help make small computers truly comfortable to the users. Now the only designer working with the group, Gemperle has been working since last February on the conference's organization. "They actually thrust the job of exhibits on me, and it's been fun, I've enjoyed coordinating it."

She's coordinated a group of about 25 volunteers who helped put this conference together, and has spent the last year arranging sponsorships, speakers and exhibitors. "Getting people involved in this conference is a tricky thing, because there are a lot of people who are doing resarch in wearables [not in attendance], but having it cleared through their lawyers and PR departments is another story. So there are many big companies that we know of that are actively pursuing wearables, but who aren't here. I think there were some people here from Motorola beofer, and everybody knows that IBM is pursuing wearables, but they don't really show up here." (IBM was demonstrating their Linux-equipped wristwatches, in fact, but did not exhibit any results of their wearable Thinkpad project.)

Charmed, I'm sure Brad Singletary, a PhD candidate at Georgia Tech, was one of the several poster exhibitors, explaining to passers by his current research project, which is one likely to have an impact on other wearable endeavors as well. Singletary is building a database of faces (which now includes a mugshot of me), recorded with a pair of helmet-mounted video cameras (one color, one black and white) onto a pair of DV decks worn in his clothing, to be used later as the basis of a recognition program.

Pointing to small white "X"s on the visor of his Glasstron display, Singletary says "I can line these X's up with your eyes, and then I push a button which records audio along with the video track, to tell me where your face is in the video stream. I push the button and then it just starts firing automatically."

He's trying to create a simple recognition algorithm rather than the unweildy multi-point ones currently in use. "It's differnet from the traditional face recognition; that's what the military wants, they want full 3-D recognition. I also want to help people with prosophagnosia - face blindness ... I'd like to help those people, give them some way to recognize people."

In addition to that disparate pair of users, he says, "Another is police, regular police ... infrared will allow them to function in the dark. But there are also more prosaic uses: " A typical businessman who walks into a conference, he wants to know 'Who do I know?' Who they are, and if he's met them before."

Of the odd-looking yellow piece on the back of his helmet, Thompson sheepishly admits "The dumbell is for balance. I built this thing as quickly as possible."

Singeltary's graduate advisor, Thad Starner, along with fellow graduate student Daniel Ashbrook and long-time wearables enthusiast and hobbiest (and Vassar College employee) Greg Priest-Dorman, are now not only academics, but entrepreneurs. All are part of Tharner's brainchild, Charmed Technology. Charmed's approach to wearable computers is different from that of well-known commerical producers VIA and Xybernaut: rather than invest in ultra-miniaturized cases and custom motherboard designs, they decided to go with commodity PC-104 boards, contained in a case which gains in affordability what it compromises in size. Designed by Priest-Dorman, the case features a slight bend for greter body conformance, and is designed to be worn either in a vest or carried in a hip-hugging bag.

Perhaps most exciting is that in addition to their plans to start shipping in November kit-based systems based on these designs for about $2,000 (a pittance in the wearables market), they're also making the plans available to anyone who cares to download them. "So we have these plans, and they're actually on the Web site, you can download them and build them yourself, you can take them to a metal shop and have them build it," says Ashbrook. "It's totally open source."

One polyfleece vest to bind them all! One of the few places with a strong claim as the birthplace of wearable computing, MIT remains perhaps the most famous breeding ground. While Charmed makes low-cost and easy assembly a priority,resulting in a slightly larger box, a project spearheaded by graduate student DeVaul called Mithril, out of MIT's Media Lab, takes a completely different tack, pushing the components of its wearable system into near invisibility. While nanotechnology hasn't yet advanced to the point where processor, memory and battery can simply be miniaturized and placed in the wearer's navel, the Borg Lab researchers (yes, they really call it the Borg Lab) are convinced that until wearable computers are nearly forgettable, they'll never catch on. To gain the benefits of ubiquitious computing, in other words, the annoyance can't outweigh the rewards.

I got the scoop on Mithril first from Media Lab Research Scientist Steven Schwartz, who started by showing me the "Smart Vest" of an earlier project. "It comes out the Human Design Group, which used to be called Vision and Modelling. It's professor Sandy Pentland's group, and it's the group where wearables first started at the MIT Media Lab.

"The system started off as PC-104 configuration. And that resulted in system that were medium sized boxes with stacked PC-104 architecture, mostly X86 machines, and primarily running Linux. These machines were used with a variety of sensors, including cameras. But as the wearables project has evolved, we've seen a couple of different needs. Power is one -- power is the real battlefield. Batteries are expensive, they're burdensome, they're heavy. In a big pciture sense, batteries are expensive, right? Not just cost, the whole inconvenience. So we're working on a low-power platofrm. And in order to conduct our own research, we wanted it to look a little more "everyday" like. We wanted to be able to dress and act as we normally dress and act, so that the wearable computers we're using to research were actually integrated with our lives and non-interfering with the actions that we take as mobile individuals."

"For instance, we didn't want the computer to interfere by covering our eyes, or requiring too much unser interaction, or simply be buly or odd-lookingm because because you want to go out and see where wearable computing can help you in your conversatons with people, you certainly don't want that kind of distraction. So we started working on a clothing computer, essentially -- but with one variant. We didn't want people to have to buy a specific outfit, or let's say have to throw out the old outfit because they've upgraded their computer. So we dicided to make a lining, essentially a detatchable, soft chassis. And because we didn't want it to be uncomfortable, we got rid of the boxes, the hard packaging. So we went to soft packaging, distributed the electronics in a sort of very wide area over the upper body, went to very small modules, and started to implement some of the very low power RISC architectures. StrongArm, PowerPC."

"We started building these, and engineering them to work with MicroOptical's displays, so you could have very small clip-on displays that don't cover much of your vision, yet provide lots of rich information. WHen we think of rich content for wearables, we don't thnk of walking down the street oozing through a UXGA screen, because with tat kind of content you'd probably trip right down the street. Cyborgs don't like this. So the idea is that the type of informatino that you want as a wearable user is stuff that's compatibile with high mobility, and high levels of interaction, unexpected physical events taking place."

"So we built the system called Mithril -- it's a new platform that all the research will be done on. It started over a year ago, when we did the smart vest project," Schwartz says as he steps into a vest from that project. "PowerPC, WaveLan, Linux, Apache. Samba as a remote server. We did it to show that we could put a high performance machine intoo clothing that could be worn summer or winter by a man or a woman. ... my advice to people is that the ultimate geek is chic. When you can hide all that big artillery, heavy metal that we carry around -- the ultimate wearable computer is being able to blend in with the people down the street. To walk down the most expensive block in New York, to see the most incredible radio on display, try it out, hold it, feel it, decide I want to buy it -- and on my eyeglasses is flashes where I can get it on the Internet for the best price."

DeVaul and fellow graduate student Josh Weaver explained their computer-in-vest concept. Each wore a custom-made vest outfitted with special pockets, some visible, some hidden. (That by the way, is the entire world's supply of Mithril systems right now."We'll go home on separate planes," DeVaul joked.) Displaying the the 200Mhz StrongArm processor in one pocket (part of the central core, called Brightstar), then the IBM microdrive and reader in another, DeVaul asks "You want to know how much this draws? Around 4 watts, for the whole system." In another pocket, two smallish batteries (like most projects on the floor, the MIT group swears by lithium-ion camcorder batteries, which in the words of one builder "have the energy density of a hand grenade"). But those are not the only components. Wireless networking lives in yet another pocket, and a small board with three IR LEDs (and one green one, so the wearer can know it's functioning) is worn like a campaign button. Those IR LEDs are used to uniquely identify people or objects, to aid the computer system in knowing where it is, or "remembering" the identity of a similarly equipped person you encounter.

The whole system is tied together with a home-brewed cabling system, part of DeVaul calls the "Mithril Body Network," which integrates power and data delivery (USB and I2C) over a flat braided cable designed to wrap smoothly around the wearer. DeVaul invited me to try on his vest, and it really does feel natural.

"Feeling Natural" in fact, is one big element of the design of Mithril. "One way to think about what [wearable computers] can do is to think of them as personal assistants -- helping you remember information or accomplishs tasks in everyday life," says DeVaul. Context-awareness and scaleability are the driving forces behind his designs, and from the looks of it, building a computer that can not only communicate well with the devices beyond its immediate reach, but do so while remaining unobtrusive is a heroic task. "You only want the computer to give a response, say, if it's appropriate for it to do so at the time. If you're asking me a question, you don't want the computer to answer you instead."

And though perhaps a tricker project to assemble the parts and skills to complete, than Charmed's PC-104 kit, DeVaul promises that anyone with the desire will be able to build a Mithril system. "I believe in Open Source software -- continuing the tradition of Thad Starner, everything, including the PCB designs, will end up on a web site."

When will the future arrive? Never soon enough, maybe, but the future does have a way of creeping up on us. The conventional wisdom at ISWC 2000 is that honest-to-goodness wearable computing affordable to all and with many of the current bugs shaken out, is about 10 years away. One person familiar with MicroOptical's displays said that their plans call for a drastic reducton in price over the next two years, to perhaps as low as one or two hundred dollars. Processor power, meanwhile, marches on. When a 600MHz Transmeta chip is old hat, it will still be enough to run the same applications it does today. I'm looking forward to joining the cyborgs when that day arrives.

Oddly enough, Hemos and I are speaking at MIT tonight, but at different times and places. I'm speaking at 7pm at the lecture hall about whatever comes to mind (bring questions because my agenda is wide open). Hemos is speaking at Bartos Theater in the MIT Media Laboratory at 20 Ames St. on campus at 5pm as part of their Media In Transition series. Normally we tend not to plug stuff like this, but this should be fun, so if you happen to be in the area, swing by either talk. I promise to embarrass myself by stuttering and rambling, proving that I speak just as badly as I write!

Oddly enough, Hemos and I are speaking at MIT tonight, but at different times and places. I'm speaking at 7pm at the lecture hall about whatever comes to mind (bring questions because my agenda is wide open). Hemos is speaking at Bartos Theater in the MIT Media Laboratory at 20 Ames St. on campus at 5pm as part of their Media In Transition series. Normally we tend not to plug stuff like this, but this should be fun, so if you happen to be in the area, swing by either talk. I promise to embarrass myself by stuttering and rambling, proving that I speak just as badly as I write!

Temporary staffing positions have tripled in the last decade, according to an MIT/CDI study, which suggests IT workpractices are mainstreaming, spreading well beyond Silicon Valley.

Long ago and far away, the idea was that stable, long-term employment once meant a bond between employer and employee. You found a good company and worked there, possibly for decades, and the company paid your bills, took care of your health, and saw you into a secure retirement. That didn't always happen, but it was the ideal of the modern industrial age, also know as the pre-Internet era. The system was both secure and paternalistic.

It's also over.

Scholars, technologists and economists have been saying for years now that we're making a transition from an industrial to an information age. Information is becoming the most valuable single commodity in the world, and the Net and the Web are the vehicles bringing more of it to more people at less cost every day.

For tech workers, according to a new study by the CDI Corporation and MIT's Sloan School of Management, new kinds of companies and new technologies like the Net are sparking a reinvention of work, a flexible kind of workplace that the study's authors call "me-commerce."

Their report shows that the number of positions filled by temporary staffing companies expanded from 1.35 million to 3.23 million between l988 and l998 -- the fastest employment growth of any industry sector during that decade.

Today, more than 25% of American workers are part-timers, independent contractors or temps, the authors explain. When contract and on-call work is included, the share of the nation's workforce operating outside traditional, full-time jobs has mushroomed to nearly 30%. In high-tech employment sectors, those numbers run much higher. Only one in three Californians holds a permanent, full-time, day-shift job working on-site.

While this shift may benefit better-educated, high-end professionals in terms of earnings, job flexibility and creative work, skilled workers have a tougher time, the study warns. They face stagnant and declining wages, alienation from their employeers and a less-certain job market.

Over the past several decades, as large amounts of capital, increased competition, new information technologies and new management philosophies and techniques have downsized large companies and created a favorable environment for start-ups, Americans have come to feel less attachment to their employers. High-tech workers don't really seem to mind; they aren't interested in lifetime employment, but creative working environments and good pay.

That suggests the boundaries between the tech and non-tech work forces are becoming more distinct, even as the former grows increasingly influential. If you know computing and technology, work in IT industries, and use the Net and the Web, you're much more likely to enter this new, affluent, mobile workforce. If you don't, you're not -- and you probably won't be nearly as content with the "flexible" work environment you've been thrust into.

The study also reminds us again that parents, educators and politicans ought to be demanding that all their kids have access to the net, rather than obsessing about pornography and pummeling schools and libraries to install blocking software.

New kinds of organizations (the MIT study calls them "guilds") are emerging to look after the needs of increasingly-mobile workers: professional associations, labor unions and staffing companies, as well as new businesses like Web-based talent brokers and headhunters, along with local employers and some government agencies.

This matters particularly because the work practices of the IT sector are setting the patterns for many kinds of work in the future, one of the ways in which the Net is driving profound and largely unacknowledged social change. Silicon Valley and the tech industry are still seen as a culture apart. But the truth is, as high-tech districts sprout all over the country -- Boston, Austin, Minneapolis, Boise, Portland, Denver, San Diego, Silicon Alley in Manhattan -- their work practices are clearly becoming the mainstream.

We're entitled to mixed feelings about whether this is a healthy trend or not. Much-in-demand mobile tech workers think it's great. They have personal freedom, full employment and a kind of rolling job security. But what if the economy were to turn downward? What if companies sharply scale back on innovation and new directions?

And what about the growing social divisions between tech and non-tech workers? Won't the latter become increasingly disconnected and angry as they're pushed into a job market where they earn less, where their job security and opportunity and benefits may evaporate at any time?

The retreat of the traditional firm and the rise of the guilds definitely mark a new phase in the history of work. What nobody knows yet is whether this new flexibility is a great step forward for individualism or another heartless Darwinian profit-making tool of the new corporation. If history is any guide, it's probably a bit of both.

[Note: to read the study yourself, CDI requires registration.]

Reader tewl points to this Wired article about a collaboration between the OpenMind project headed by Push Singh of MIT's Media Lab and Chris McKinstry's Mindpixel project. Neat to see these complementary projects getting along despite criticism each might have for the other. From the article: "The OpenMind and the Mindpixel projects will tie their databases together 'at the back end.' This means that any user data entered into either of the projects will be accessible by the other."

Reader tewl points to this Wired article about a collaboration between the OpenMind project headed by Push Singh of MIT's Media Lab and Chris McKinstry's Mindpixel project. Neat to see these complementary projects getting along despite criticism each might have for the other. From the article: "The OpenMind and the Mindpixel projects will tie their databases together 'at the back end.' This means that any user data entered into either of the projects will be accessible by the other."

e_lehman asks: "Software development is increasingly subject to corporate legal harassment. Suppose I want to write a program that I know corporate America won't like without being sued or arrested. How do I covertly find collaborators? How do I distribute the code? How can I distribute patches? How can I get user feedback and contributions? How can I prevent someone with a lot of resources from tracking me down? Producing "subversive software" must appeal to a lot of frustrated Slashdotters these days. How would you really go about it?"

"Examples of the problem are familiar: development of DeCSS brought police to Jon Johansen's home (Interestingly, Jon's two collaborators remain safely anonymous). Distribution of DeCSS brought onerous MPAA litigation down on 2600 and others. Development of CPHack landed Matthew Skala and Eddy Jansson with a suit from Mattel. Distribution of a driver for a barcode reader has put Michael Rothwell under legal duress. Openly defying corporate bullying is important, but grueling. Coding shouldn't always risk martyrdom.

Here are some stray ideas and questions in this vein:

• A program could be introduced to the net via a public access terminal. How common are these? Where are they? Is it easy to upload code? How do you then anonymously publicize your program?
• Code could initially be distributed in encrypted form with its function only loosely described. Lawyers would have no solid target until the key was released, which could happen once that cat was safely out of the bag-- say, after a hundred downloads.
• Do compilers slip information into binaries that could be used to identify the author? For example, do MS compilers sneak a registration number in there somewhere?
• Version 1.0 could include a cryptographic hash of a text message included in version 1.1, version 1.1 could inclue a hash of a message appearing in 1.2, and so on. This would let users know that that a newly posted version was indeed from the original authors, without identifying those authors.
• Gnutella and Freenet are obvious distribution models. But surely RIAA and the MPAA are scrutinizing them for vulnerability to legal bombardment. Will they really hold up? A sort of free-for-all model worked for distributing DeCSS; could that work routinely?

How would you go about developing, distributing, and maintaining 'subversive software'?"

A few words from HP on the Linux-based but Linux-unfriendly print server (read gently, and be thankful for small blessings); happy news from the "the NSA secretly controls PGP and its creator" front; more detail on the sordid, awful things that the MPAA used to say about VCRs, and an online Linux magazine for those who like read in 5 languages at once. (phew!)

Sheesh! All the guy ever promised was pretty good security! :) zenith744 writes: " Now available here is PGP v6.5.8, which appearently "...corrects a security-related bug with Additional Decryption Keys (ADKs) that may allow sophisticated attackers to add unauthorized ADK key IDs to the unhashed areas of PGP public keys...". This bug was previously brought to light about a week ago and reported on slashdot. A little more security, a little less stress. A happily balanced equation."

And an unnamed reader points to a story on Network Fusion about Zimmerman's response to the hubbub. Paraphrased: "It was a bug. We're embarrassed about it. Now it's fixed." In an imperfect world, you gotta admit that PGP is one of the bright spots.

It's always "wait a minute," isn't it? Tjisana M. Lewis, Product Manager, Emerging Products World-wide Business Management at Hewlett Packard (and who hopefully doesn't have many middle names to remember) wrote in response to the article on Slashdot recently about HP's new print server which runs Linux internally but does not support LDP client printing: "I've read some of the responses and (understandably) there is much speculation on WHY we did not support LPD client printing in the product's first release." She sent the following response, which strongly hints at better Linux support in the future for this product.

"The JetDirect 4000 Print Appliance can send print jobs to any LPD enabled destination whether such destination is a Linux box, JetDirect print server, or any other vendor's print server. Currently the JetDirect 4000 does not receive LPD print jobs, however in a few months, this [and other features] will be available in a free firmware upgrade.

As a vendor with a Linux based product, HP is extremely committed to supporting the Open Source community. We support developers in the Samba team including Jeremy Allison and Andrew Tridgell by contracting with both VA Linux and Linuxcare to develop features for the print appliance. These features are part of the Samba project and will be available to everyone under the GPL. An example is NT Printing functionality that will enable the use of native NT tools and features such as "point and print." Point and print enables automatic downloading of a print driver to a Windows client when the client adds a printer.

Furthermore, HP, in working with SAMBA, adds testing resources during the development process of the release thereby increasing the final quality of the release."

Care for some salt with your wound, Mr. Valenti? Master of Kode Fu writes: "The New York Times has an article quoting MPAA President Jack Valenti saying this: "[it] is to the American film producer and the American public as the Boston Strangler is to the woman alone." He wasn't talking about DeCSS, Napster, Scour, FreeNet or Gnutella -- he said it in 1982 and he was talking about VCRs. He didn't see that VCRs would eventually become as important an income stream for films as box-office sales. Will the MPAA (and similarly, the RIAA) learn from historical precedent, or is file sharing over the 'Net a completely different case with different circumstances?"

Isn't it funny how the fight to prevent consumer taping went away when the companies involved realized that what VCRs really represented was a whole new way to make money? Hmmm. Extend, project, extrapolate ... I smell money here, too. Don't they?

Contribute to the death of excuses! The excuses not to at least try Free software keep dwindling, and it's nicer than strangling dodo birds. Remember when "But there aren't any books!" was a valid complaint about Linux? How about "I can hire MSCEs and know they have at least some knowledge of the systems they purport to administrate -- but there aren't Linux equivalents!"? That one's gone too, for better or for worse. And now, if your boss (or spouse) grouses that there aren't any free, multilingual Linux journals online, not only do you know their excuse barrel is near empty, but you can point them to ... well, let Atif Ghaffar explain:

"LinuxFocus (LF) is a multilingual magazine about the operating system Linux.

LF is managed and produced by Linux volunteers, fans and developers. There is no subscription necessary to read LF, it is freely available on the web with mirrors all over the world.

Lf is published almost every two months. The master website for Linuxfocus is at http://www.linuxfocus.org

Articles this month include pieces on Rebol, a presentation application for X Window, distro reviews, a book review and more. Get it while it's Free!

Alien54 writes: "The fine folks at the MIT Sound Media Lab have come up with a cheap and practical way to focus sound: "A beam of light can be controlled in many ways - it can be aimed at one person in a crowd, spread to fill a room, or projected to create rich, distant imagery. We can now do these very same things with sound. The Audio Spotlight can be used in two major ways: As directed audio, sound is directed at a specific listener or area, to provide a private or area specific listening space. As projected audio, sound is projected against a distant object, creating an audio image. This audio image is literally a projected loudspeaker - sound appears to come directly from the projection, just like light." While still under development, they are testing applications of the device in collaboration with several of their media lab sponsors in preparation for eventual commercial release."

Alien54 writes: "The fine folks at the MIT Sound Media Lab have come up with a cheap and practical way to focus sound: "A beam of light can be controlled in many ways - it can be aimed at one person in a crowd, spread to fill a room, or projected to create rich, distant imagery. We can now do these very same things with sound. The Audio Spotlight can be used in two major ways: As directed audio, sound is directed at a specific listener or area, to provide a private or area specific listening space. As projected audio, sound is projected against a distant object, creating an audio image. This audio image is literally a projected loudspeaker - sound appears to come directly from the projection, just like light." While still under development, they are testing applications of the device in collaboration with several of their media lab sponsors in preparation for eventual commercial release."

Alien54 writes: "The fine folks at the MIT Sound Media Lab have come up with a cheap and practical way to focus sound: "A beam of light can be controlled in many ways - it can be aimed at one person in a crowd, spread to fill a room, or projected to create rich, distant imagery. We can now do these very same things with sound. The Audio Spotlight can be used in two major ways: As directed audio, sound is directed at a specific listener or area, to provide a private or area specific listening space. As projected audio, sound is projected against a distant object, creating an audio image. This audio image is literally a projected loudspeaker - sound appears to come directly from the projection, just like light." While still under development, they are testing applications of the device in collaboration with several of their media lab sponsors in preparation for eventual commercial release."

sonofpan writes: "About 18 months ago I heard about a few guys at MIT who developed a process for creating a (near) perfect mirror that could reflect many different frequencies at any angle with almost no loss of strength (something that was said to be theoretically impossible). Apparently, they have finally gotten their patents and used the technology to create a dielectric coaxial cable that can transmit light across vast distances and around tight turns with virtually no loss of signal. Read about it at: http://web.mit.edu/newsoffice/ nr/2000/waveguide.html and the company they started at: http://www.omni-guide.com. And the original link that described the process and the huge possibilities for its uses is a very interesting read as well: http://web.mit.edu/newsoffi ce/tt/1998/dec09/mirror.html."

sonofpan writes: "About 18 months ago I heard about a few guys at MIT who developed a process for creating a (near) perfect mirror that could reflect many different frequencies at any angle with almost no loss of strength (something that was said to be theoretically impossible). Apparently, they have finally gotten their patents and used the technology to create a dielectric coaxial cable that can transmit light across vast distances and around tight turns with virtually no loss of signal. Read about it at: http://web.mit.edu/newsoffice/ nr/2000/waveguide.html and the company they started at: http://www.omni-guide.com. And the original link that described the process and the huge possibilities for its uses is a very interesting read as well: http://web.mit.edu/newsoffi ce/tt/1998/dec09/mirror.html."

gary.flake asks: "I've long accepted that I am always going to receive more spam than real e-mail. However, in the past 48 hours I've recieved over 9000 (that's NINE THOUSAND) spam messages from the same spammer. I've sent complaints to every postmaster whose IP address appears in the header. I have also set up a filter to delete the remaining influx (but ~1,700 still got by in the early stages). What now? One would think that this behavior would be outright illegal. But it also appears that the sender and the advertised spam Web site are outside of U.S. jurisdiction. Any suggestions on how to proceed?" Aside from filtering the problem address in question, what can one do?

"Here is a sample header (with my email adress DELETED):

From - Sat Jul  1 10:11:08 2000
Return-Path:(DELETED)
Received: from h11.mail.home.com ([24.0.95.45]) by mail.rdc2.pa.home.com
(InterMail vM.4.01.03.00 201-229-121) with ESMTP id

          for (DELETED)
          Sat, 1 Jul 2000 06:46:51 -0700
Received: from mx11-rwc.mail.home.com (mx11-rwc.mail.home.com [24.0.95.29])
	by h11.mail.home.com (8.9.3/8.9.0) with ESMTP id GAA25694
	for (DELETED); Sat, 1 Jul 2000 06:46:51 -0700 (PDT)
Received: from mx04.netaddress.usa.net
(mx04.netaddress.usa.net [204.68.24.141])
	by mx11-rwc.mail.home.com (8.9.1/8.9.1) with SMTP id GAA20861
	for (DELETED); Sat, 1 Jul 2000 06:46:50 -0700 (PDT)
Received: (qmail 4654 invoked by uid 0); 1 Jul 2000 13:46:00 -0000
Received: from gsnonweb.com [194.90.101.35] by mx04 via mtad (34FM1.5.01)
	with ESMTP id 143egaNtx0454M04; Sat, 01 Jul 2000 13:45:58 GMT
Received: (apparently) from localhost ([216.8.12.174])
by gsnonweb.com  with Microsoft SMTPSVC(5.5.1877.197.19);
	 Sat, 1 Jul 2000 10:29:50 +0300
X-Mailer: Microsoft Outlook Express 5.00.2014.211
Date: Sat, 01 Jul 2000 00:30:14 -0800
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7BIT
From: auto65686@hushmail.com
Message-Id: 
Subject: You are invited to join our private club!
To: buddapest@LoadMail.com
X-Mozilla-Status: 8001
X-Mozilla-Status2: 00000000
X-UIDL: "

A few weeks ago you asked the multi-talented Chris McKinstry questions, about the telescope projects he's involved with (ESO's Very Large Telescope -- VLT -- and the OverWhelmingly Large telescope -- OWL), about his project to synthesize AI by collecting a database of answers to questions common and obscure, and about the possibilities of discovering extraterrestrial life. Read what he has to say on everything from humans leaving the solar system to telescopes staying here on Earth. [Updated 5 Aug by t:] Chris notes for the record: "The opinions expressed are my own and not necessarily the opinions of the European Southern Observatory."

1) GAC
by Dungeon Dweller

I have an active interest in artificial intelligence. I study it as part of my major, and hope to do research in it in the future. As a young man coming up in the world, I am hoping to enter into research eventually, am entering into research at my university (WVU).

Your project reminds me of several projects/theories that have been discussed before. In the psychological debate, your system depends entirely upon nurture, it would seem. I like that kind of system and research. I do have a few questions.

1. What separates this from other projects in the field?
2. Where did you draw your inspiration for this project?
3. What kind of support staff do you recommend to an individual who has never led research before, but would like to? (I ask this of many of my professors who conduct research)
4. Where are you getting the bulk of your input for this project?
5. What do you hope to learn from this project?
6. At what time will you consider this project a success?

I know that I posed a lot of questions, but several could be answered in combination, I just didn't want to ask 2 questions at the same time.

Chris McKinstry:

Question 1-1:

There are three primary features of the MindPixel Digital Mind Modeling Project (also known by GAC -- for Generic Artificial Consciousness -- which is public interface to the project) that distinguish it from other large scale knowledge projects such as CYC.

1. The first phase is a completely public, internet based effort. All the data it will be collecting will come from average people, with no specific training in AI or psychology. It is like seti@home in many respects, except that we're not after your CPU's cycles, but rather your humanness. We're actually seeking to extract the entire content of an average person's mind bit by literal bit from millions of different internet users. We're not trying to write the algorithm for consciousness, but rather create the world's most rigorous fitness test (a Dawkinsian continuous variable) and get it into the hands of researchers who will attempt to make systems that will learn or evolve into consciousness by feeding back against this fitness test. Not only will we be collecting consensus fact, but also consensus emotion. (When the project is fully operational, in addition to collecting information about each MindPixel's truth or falsity, we will also collect emotional data based on Mehrabian's PAD model of emotion.)
2. The second phase of the project involves releasing the data collected to the scientific community and providing those researchers with some funds (generated by advertising to the people supplying the data) to conduct their research. As a side note, Jeff Elman's page contrains information about recurrent neural networks that are very good at processing just the kind of data that this project will collect and distribute. Specifically his 1990 article, Finding Structure in Time (PDF) is one of the most important neural network papers ever written; it strongly influenced me.
3. Finally, the project is a meritocracy. People will gain voting rights that will give them a say in every aspect of how the project is run, from data collection and use to the distribution of data and research funds, based entirely on the amount of data they have contributed to the project. The more work you do, the stronger your voice becomes.

Question 1-2:

My primary inspiration for the project comes from observation: I observed that computers are stupid and know nothing of human existence. I concluded a very long time ago that either we had to write a "magic" program that was able to go out in the world and learn like a human child, or we just had to sit down and type in ALL the data. When I was studying psychology in the late 80's I wanted to begin to gnaw the bullet and start getting people to type in ALL the data. It was my plan then to get people to enter data as part of an intro psych course, or get the university to allow me ask people for data when they logged on to the university's computer system. I was never able to get permission for either and the idea sat on the shelf until I downloaded my first copy of NCSA's Mosaic in 1994. I saw in following my first hyperlink, a different path.

I decided to collect my data via the internet. But, the problem was, that I needed to think of a standard format for the data; some way of representing human knowledge that an average person could learn quickly. That idea didn't come to me until I was preparing an entry for the 1995 Loebner Prize. Jackie, my program, was a stimulus response creature. You would ask her a full text question, and she scan her database for a canned full text response. My idea for the Loebner competition was to have her talk to a lot of people a get a lot of canned responses (at the time I was consulting for a large insurance company and brought Jackie to work everyday where she could talk to my colleagues) As well, I stored the responses in a number of different ways: phonetically using soundex, again with all the words in each stimulus sorted alphabetically, and also with a primitive concept token system. So, if there was no direct match, she would look for a phonetic match or sorted or conceptual match. Essentially I was breaking down each stimulus and standardizing it like a Fourier transform breaks down a waveform.

Then suddenly Hugh Loebner changed the rules. No longer was passing a text based Turing Test good enough for him. Now he would only award his prize if the system passed a full audio/video Inquisition. I hit the roof! Hell, there were tens of thousands of people on the planet that couldn't pass that kind of test! Anyone blind or deaf are just two obvious examples. I withdrew Jackie in a loud protest, stating that intelligence didn't depend on the bandwidth of the communication channel; intelligence could be communicated with one bit! If you locked a person in a box I could detect them with a series of yes/no questions and nothing more. And there all of a sudden, I had my answer (and a quick paper - The Minimum Intelligent Signal Test - An Objective Turing Test in Canadian Artificial Intelligence, issue 41.) There was a minimum intelligent signal, and it was just one bit. I would store my model of the human mind in binary propositions. I would make a digital model of the mind.

I realized within minutes that a giant database of these propositions could be used to train a neural net to mimic a conscious, thinking, feeling human being! I thought, maybe I'm missing something obvious. So, I emailed Marvin Minsky and asked him if he thought it would be possible to train a neural network into something resembling human using a database of binary propositions. He replied quickly saying "Yes, it is possible, but the training corpus would have to be enormous." The moment I finished reading that email, I knew I would spend the rest of my life building and validating the most enormous corpus I could.

Question 1-3:

Support staff! I recommend using the entire planet as support staff! Seriously, don't even dream about it. Almost every researcher I know works on their own or with a handful of collaborators. When you're a big cheese you might get a student or two, but other than that you'll get nothing more than shared use of a departmental secretary. You'll definitely be writing all your own code for a very long time.

Question 1-4:

I can't tell you that yet because at the time I wrote this, the project was not yet online (should be now though.) What I can tell you is that in 1995 I did try to collect this same data, using a web based form that sent an email back to me. I managed to collect some 450,000 items. This time, I expect to collect more and higher quality data and I expect it to come from a wide cross section of the internet public. I should also note MindPixels will be collected in multiple languages, which opens up the future prospect of mapping the sampled human languages to each other concept by concept. It will be very interesting to see exactly how an artificial consciousness trained in English differs at the conceptual level from one trained in say, Spanish.

Question 1-5:

I hope to learn what the human conceptual network looks like. I hope that in a few years I will be able to access a map of all the concepts in the head of an average person or to have learned why I can't.

Question 1-6:

I will consider the project a complete success when the cover of Science announces that for the first time in history there exists an artificial system that has passed a scientifically strong form of the Turing Test known as the Minimum Intelligent Signal Test.

2) How do you guys do it?
by pc486

With exptremely high magnification, how in heck do you keep the telescope still enough to take photos?

The slightest movement ought to mean millions of miles so thoes pesky little earthquakes should be a problem. Not to mention how you guys move the telescope accurately?

Chris: You're quite right about the system being very sensitive; if I walk on the azimuth platform of a VLT telescope while we're observing, I will destroy the observation. For normal tracking we use a software system called Tpoint written by a well known telescope genius named Pat Wallace (Pat has a wonderful and detailed article about telescope pointing that anyone seriously interested in telescope pointing should read); the same system is in use on telescopes all over the world. Basically what we do is build a pointing model for each of our telescopes. This involves pointing each telescope to a number of different points uniformly covering the sky. At each sample point, we observe a guide star and record how it moves from the center of the field over about one minute of tracking time. After we have collected enough data, we build a computer model of the telescope's tracking error. Then we basically run the model backwards into the telescope control system and thus apply corrections that try to cancel out the tracking errors of the telescope. This of course can't correct for any unusual vibrations, we rely on normal guide star tracking and hydraulic isolation of the telescope for that. And baring a large earthquake, Tpoint, automatic guide star corrections and the isolation work pretty well (In the event of a large earthquake, there are giant airbags that inflate to protect the mirror from damage.)

3) How can we help?
by Mignon

You probably know about SETI At Home, which lets people volunteer spare CPU time to processing radio-telescope data, in a (so far vain) attempt to find extra-terrestrial intelligence. Is there a similar way that we can help process some of the data that you gather?

As a simple example, one could compute the differences between a sequence of pictures of the same portion of the sky, looking for anomalies like giant asterioids on their way to wiping us all out.

Chris: seti@home is one of the most impressive demonstrations of how the world of science has changed. There are now over 2 million average people working together for a common scientific goal. I just wish they sold advertising to raise funds for other worthy (meritocratically determined) projects. It really bugs me that my Pentium III 450 which has done over 7000 hours of seti@home processing since last June, hasn't shown me a single science supporting ad. What a waste!

Now as for your idea of doing the same thing in optical wavelengths, I think in it there is a great deal of merit. There are a whole pile on new survey telescopes coming online soon that will be useful for just what you proposed. And if you read ahead to my answer to question 11, you'll see I do think it is a problem we have to pay attention to. (As well, I know of at least two virtual telescope projects; the NRC's National Virtual Telescope. See NVO White Paper (PDF) and ESO's ASTROVIRTEL which seek to allow data mining of previously collected telescope data.

In general, I think the future will see a lot more distributed processing projects doing useful science. The question remains whether or not it is more cost effective to build supercomputers for critical projects or harness the CPU's of private citizens, and I think the answer will need to be determined on a case by case basis. As well, there will be some projects (my own for example) where the CPU cycles are incidental; where what we want to harvest is not your electricity and capital equipment, but actually your humanity.

4) Division between Science and Spirituality
by ParticleGirl

I am continuously frustrated that people's general perception seems to be that science and art, spirituality, and so forth are divided by an uncrossable schism. People feel the need to pit science against spirituality; logic against intuition. It is a rare thing that people accept the idea that these are different ways of approaching the same reality. As a dreamer and artist as well as a respected scientist, what do you say to people who doubt that scientists can be spiritual and artistic people?

Chris: Science for me at least, is concerned with the external, the measurable; while art is concerned with the internal and immeasurable. Every scientist knows measurement can only go so far; that nature at its most fundamental is immeasurable. Unfortunately many scientists turn away from what they can't measure (and conversely, many artists turn from measurement) instead of finding some way, any way to express it. It is this turning away or fear of the immeasurable (or many artist's converse fear of reduction to measurement) that creates doubt; that separates science from art. The scientist can learn that one does not become any less of a scientist for attempting to express the inexpressible or attempting to measure the immeasurable, just as the artist can learn that because we are neurons and our neurons atoms, doesn't mean we are any less human.

5) CCD or what?
by paRcat

What kind of imaging does a telescope of this scale use? Is it an OWLCCD or something else? What kind of resolution? And how far away would an object need to be before the resolution becomes a shortcoming?

Chris: I actually can't answer this question. I am only aware of one discussion regarding instrumentation for the OWL and I haven't read it yet. See FROM ISAAC TO GOLIATH, OR BETTER NOT!? INFRARED INSTRUMENTATION CONCEPTS FOR 100M CLASS TELESCOPES (PDF) on the OWL project page.

6) Yeah, they're big ...
by viper21

But what do you do with them?

What kind of work do the telescopes at your facility generally do? Do local astronomers get to come in and do research or are the scopes reserved for some large project?

Chris: There is a very wide spectrum of observing programs for the VTL; from the study of comets in our solar system to the detection and measurement of objects on the edge of the observable universe. The VTL operates in two primary modes: visitor and service. In visitor mode, scientists actually travel to Chile and execute their observing program interactively with the support of operations personnel like myself who know the telescope and control system intimately and staff astronomers that know the instruments and science. Visitor mode is best utilized when the program contains interactive components, for example when what the observer does next depends on the results of what he has just completed. In service mode, observers don't travel to Chile but instead submit observing programs that don't have a large interactive component. Service programs are executed by staff astronomers and the data is automatically returned to the observer upon completion. Service mode is much like the old batch mode of mainframe computers. In both service and visitor modes, the programs that get time are determined by an observing program committee made up of scientists from all over the world based on scientific merit. And yes, a portion of the time (I believe it is 10%) automatically goes to Chilean astronomers in exchange for Chile's donation of the land for the project.

7) How parellelizable?
by Omnifarious

How parallelizable is the problem of micro-adjusting small portions of a large deformable mirror to correct for atmospheric distortion?

I remember a Scientific American article stating that you'd have to devote a top-of-the-line Cray to continuously recalculate the deformations needed given data from the guide star, or laser simulated guide star. If this problem is highly parallelizable, you may be able to get away with _much_ cheaper hardware.

I'm sure the idea has occured to you, but I want to know what your thoughts are on it.

Chris: My experience with deformable mirrors is entirely practical and I'm really not qualified to comment on the theory behind them. However, speaking from a practical standpoint, the VLT's 450 force actuators (150 per operating telescope) are each activated about 1000 times per night, night after night almost without error (7 non-critical electronic failures up to May of this year). I see no obvious reason why it shouldn't scale smoothly to 130 or 150 meters with current computer technology. And we certainly don't have any supercomputers doing the deformation calculations.

8) Why single-mirror?
by jd

I could have been mis-reading the article, but it seemed to me as though the idea was to build a single-mirror system. On the other hand, in radio astronomy, and in the insect world, arrays are considered the norm. Is there some advantage that a single mirror gives that cannot be duplicated using multiple smaller mirrors? (Simpler optics is an obvious one, paradoxically. :) Or is this (at least in part) NerdTrek III: The Search for Sponsors, where a record-setting single telescope is going to get more interest than a comparable array?

(A supplementary question, to go along with this. Let's say, for the sake of argument, that optical arrays are practical. Do you see any possibility of optical astronomers adopting the same line as radio astronomers, in trying to build an effective 1Km+ optical telescope, using an array?)

Chris: Actually, it isn't a single mirror. It is "filled aperture" telescope. The aperture is filled with many smaller mirrors, just like Keck. And as for optical arrays (interferometers), the VLT (called VLTI in this mode) will be the first real large scale test of such a system. But that stage of the project is still a few years away. In short, we'll have to wait and see how effective it is before we even consider giant optical interferometers.

9) funding
by jmayes

What's the biggest hurdle to hop over in getting funding for projects like OWL? And how did you pull it off?

Chris: The biggest hurdle for getting funding for projects like OWL, is getting funding for construction! Construction of OWL hasn't been funded, so nothing has really been pulled off, yet. But, if the public really wants projects like this to go ahead, then they need to be active about it. If you're in Europe, write your representatives and mention OWL by name and direct them to the OWL project page. If you're not in Europe, urge your representatives to find some way to participate in this project or projects like it.

10) Terrestrial Optical Telescopes
by pb

What are the benefits of having an Earth-bound, optical telescope? Or rather, what can a larger optical telescope find better from Earth that we can't already find on other wavelengths and from other venues (i.e. The Hubble)?

If there are no advantages here, is it more cost-effective, or what?

Chris: What you should actually ask is what advantage does a space based telescope have over a ground based telescope? The only thing you gain from being in space for an optical telescope is better image quality due to lack of atmospheric turbulence. By for every other measure (maintenance, support, materials, etc.) being in space is much, much more expensive and limited. Which is why the Hubble and it's 2.4 meter primary cost a number of times more than the projected cost of of the 100 meter OWL. Recent advances in computer technology (adaptive and active optics) have greatly reduced the advantage that being in space provides at optical wavelengths. For some non-optical telescopes (x-ray, IR, gamma ray) there will always be an advantage to being in orbit.

11) might as well ask it now..
by Blue Lang

I noticed in your 'fave books' section that you have the blind watchmaker, et al.

so, with an eye towards dawkins' views on evolution, what's your personal take on the probability (not the possibility) of humans locating extraterrestrial life without going outside the solar system?

Chris: Actually I'm quite pessimistic about the prospects of us locating ETL, AND independently about leaving the solar system. My main reason for this is that I doubt our civilization can last long enough. Not that I think we're going to self-destruct, but rather I think that nature is going to do it for us. It is my opinion that it is much more PROBABLE that we are driven into or close to extinction by an asteroid collision, than it is we will detect ETL or travel outside the solar system. This is one of the major reasons I strongly support construction of self-supporting Lunar and Martian colonies (and sky survey telescopes!) I just don't like us having all our eggs in the one basket called Earth. Having said all that, if we survive, I am confident we will eventually detect ETL, and that we will leave the solar system.

AndrewD writes: "Picked this up from the print edition of New Scientist. It's about the development of web browsers for animals, in this case a 17-month-old african grey parrot. Here is the researcher's site." This does explain all that aol.com traffic.

martin writes: "Here's an interesting article on 32bitsonline writing up one of Apple's chief O/S engineers talk at Usenix2000 on how they produced Mac OS X. Interesting to see how the design elements of Mac OS have been merged into BSD to produce a hybrid of the the two OSs."

Back for more already? Good. Today's early dinner of information includes humble pie baked by NASA, quantities of penguins rescued from roiling in oil, a morsel about sex discrimination in the computer world, and a take-out order of XF86 for the diners in our Slackware booth.

Absolutely no danger whatsoever at all. Contradicting the BBC story reported last week on Slashdot, NASA officials deny that a 1997 shuttle mission was ever in danger because of communication interruptions. Signal 11 writes: "NASA has a press release out which refuses a previous story from the BBC stating that an unknown 'hacker' was able to disrupt communications between mission control and the shuttle." Aardwolf64 pointed to MSNBC coverage of the NASA denial.

The NASA release reads, in part:

"NASA's Inspector General's office found that during the STS-86 mission in September of 1997, the transmission of routine medical information was slightly delayed due to a computer hacker. However, the transmission was successfully completed.

At no time was communication between NASA and the astronauts compromised. The communication interruption occurred between internal ground-based computer systems."

Fly away little birdies! Fly away! Errr, swim away, little birdies! Swim away! Errr ... come back later! An unnamed correspondent writes: "follow up on recent story about penguins caught in oil spill. After being cleaned, the penguins were flown to Port Elizabeth and released to swim the +/- 800 km's back to Cape Town. This will give enviromnetal cleaners a short space of time to clean the oil from the beaches where they live. Two of the penguins are being tracked. This site tracks their progress via satellite. Can't someone novelize this rescue attempt under the title "Penguin's Progress"?

Sir, please stop hitting me with the 'No Discrimination' sign. fegg writes: "Emmett recently posted a story in which there was a reference to an AP article which discussed gender bias as regards women and computer science. This was put -- I thought cavalierly --i nto the "this-has-nothing-to-do-with-gender-dammit dept." Unfortunately, the evidence suggests that it has everything to do with gender or, at least, how the world is presented to young boys and girls.

This is a rather important topic to me, especially now that I have two daughters (not to mention a wife who is a professional computer scientist). I view this as a must read for anyone who wants to develop a reasonable understanding of why there is such an imbalance of men and women in computing.

The gender bias situation is real, and it has been known for quite a while by many in education and technology circles. I would like to refer the Slashdot community to Ellen Spertus, who, in 1991, wrote "Why Are There So Few Female Computer Scientists?" Particularly compelling, IMHO, is the piece therein on stereotyping.

Spertus's "Women and Minorities in Science and Engineering" provides an excellent set of pointers for people interested in this topic."

Isn't this what killed John Belushi? strredwolf writes "If you haven't heard, XFree86 4.0.1 is out in full force, with binaries and docs online. Slackware users can get the "Slackballs" via the Linux Mafia, along with other goodies." (Here's the direct link to the 4.0.1 files, but linuxmafia.org is worth exploring anyhow. Warning: it is an unabashed Pro-Slack Zone.)

This would be worth more than my car. Dredd13 writes "Empeg, Ltd., a UK company, shipped the first of its Mark 2 MP3 car-stereo to customers this past week. This is the same stereo that runs Linux and has won awards. The Mark2 is expected to be a full production run, (as opposed to the initial Mark1, which only had about 300 units) with enough to satisfy ample demand. As a former MkI owner (and one of the guys who got a Mark2 today from Mr. FedEx), I can say its worth every penny!" Slashdot's been following the Empeg saga for a while now; check out this item Rob posted in 1998. I hope they can bring the price down a bit, to better compete with the various mainstream MP3 players now emerging.

Back for more already? Good. Today's early dinner of information includes humble pie baked by NASA, quantities of penguins rescued from roiling in oil, a morsel about sex discrimination in the computer world, and a take-out order of XF86 for the diners in our Slackware booth.

Absolutely no danger whatsoever at all. Contradicting the BBC story reported last week on Slashdot, NASA officials deny that a 1997 shuttle mission was ever in danger because of communication interruptions. Signal 11 writes: "NASA has a press release out which refuses a previous story from the BBC stating that an unknown 'hacker' was able to disrupt communications between mission control and the shuttle." Aardwolf64 pointed to MSNBC coverage of the NASA denial.

The NASA release reads, in part:

"NASA's Inspector General's office found that during the STS-86 mission in September of 1997, the transmission of routine medical information was slightly delayed due to a computer hacker. However, the transmission was successfully completed.

At no time was communication between NASA and the astronauts compromised. The communication interruption occurred between internal ground-based computer systems."

Fly away little birdies! Fly away! Errr, swim away, little birdies! Swim away! Errr ... come back later! An unnamed correspondent writes: "follow up on recent story about penguins caught in oil spill. After being cleaned, the penguins were flown to Port Elizabeth and released to swim the +/- 800 km's back to Cape Town. This will give enviromnetal cleaners a short space of time to clean the oil from the beaches where they live. Two of the penguins are being tracked. This site tracks their progress via satellite. Can't someone novelize this rescue attempt under the title "Penguin's Progress"?

Sir, please stop hitting me with the 'No Discrimination' sign. fegg writes: "Emmett recently posted a story in which there was a reference to an AP article which discussed gender bias as regards women and computer science. This was put -- I thought cavalierly --i nto the "this-has-nothing-to-do-with-gender-dammit dept." Unfortunately, the evidence suggests that it has everything to do with gender or, at least, how the world is presented to young boys and girls.

This is a rather important topic to me, especially now that I have two daughters (not to mention a wife who is a professional computer scientist). I view this as a must read for anyone who wants to develop a reasonable understanding of why there is such an imbalance of men and women in computing.

The gender bias situation is real, and it has been known for quite a while by many in education and technology circles. I would like to refer the Slashdot community to Ellen Spertus, who, in 1991, wrote "Why Are There So Few Female Computer Scientists?" Particularly compelling, IMHO, is the piece therein on stereotyping.

Spertus's "Women and Minorities in Science and Engineering" provides an excellent set of pointers for people interested in this topic."

Isn't this what killed John Belushi? strredwolf writes "If you haven't heard, XFree86 4.0.1 is out in full force, with binaries and docs online. Slackware users can get the "Slackballs" via the Linux Mafia, along with other goodies." (Here's the direct link to the 4.0.1 files, but linuxmafia.org is worth exploring anyhow. Warning: it is an unabashed Pro-Slack Zone.)

This would be worth more than my car. Dredd13 writes "Empeg, Ltd., a UK company, shipped the first of its Mark 2 MP3 car-stereo to customers this past week. This is the same stereo that runs Linux and has won awards. The Mark2 is expected to be a full production run, (as opposed to the initial Mark1, which only had about 300 units) with enough to satisfy ample demand. As a former MkI owner (and one of the guys who got a Mark2 today from Mr. FedEx), I can say its worth every penny!" Slashdot's been following the Empeg saga for a while now; check out this item Rob posted in 1998. I hope they can bring the price down a bit, to better compete with the various mainstream MP3 players now emerging.

illuin writes: "There's an interesting article over on BetaNews with a potential take on Microsoft's vision of the future internet, and internet based applications. Of course, it sounds quite a bit like Project Oxygen (press release,) currently being pursued by MIT's Laboratory for Computer Science." The recent "dot-Net" announcement by Microsoft throws a new light on Oxygen, and on other distributed projects like Gnutella and Freenet. Project Oxygen and Microsoft may have radically different views on how all this diffuse computing ought to act and be organized (read "Who pays, how much, to whom?"), but the fact of widely disseminated files and an increase in ASP-style distribution seems inevitable.

illuin writes: "There's an interesting article over on BetaNews with a potential take on Microsoft's vision of the future internet, and internet based applications. Of course, it sounds quite a bit like Project Oxygen (press release,) currently being pursued by MIT's Laboratory for Computer Science." The recent "dot-Net" announcement by Microsoft throws a new light on Oxygen, and on other distributed projects like Gnutella and Freenet. Project Oxygen and Microsoft may have radically different views on how all this diffuse computing ought to act and be organized (read "Who pays, how much, to whom?"), but the fact of widely disseminated files and an increase in ASP-style distribution seems inevitable.

illuin writes: "There's an interesting article over on BetaNews with a potential take on Microsoft's vision of the future internet, and internet based applications. Of course, it sounds quite a bit like Project Oxygen (press release,) currently being pursued by MIT's Laboratory for Computer Science." The recent "dot-Net" announcement by Microsoft throws a new light on Oxygen, and on other distributed projects like Gnutella and Freenet. Project Oxygen and Microsoft may have radically different views on how all this diffuse computing ought to act and be organized (read "Who pays, how much, to whom?"), but the fact of widely disseminated files and an increase in ASP-style distribution seems inevitable.

illuin writes: "There's an interesting article over on BetaNews with a potential take on Microsoft's vision of the future internet, and internet based applications. Of course, it sounds quite a bit like Project Oxygen (press release,) currently being pursued by MIT's Laboratory for Computer Science." The recent "dot-Net" announcement by Microsoft throws a new light on Oxygen, and on other distributed projects like Gnutella and Freenet. Project Oxygen and Microsoft may have radically different views on how all this diffuse computing ought to act and be organized (read "Who pays, how much, to whom?"), but the fact of widely disseminated files and an increase in ASP-style distribution seems inevitable.

illuin writes: "There's an interesting article over on BetaNews with a potential take on Microsoft's vision of the future internet, and internet based applications. Of course, it sounds quite a bit like Project Oxygen (press release,) currently being pursued by MIT's Laboratory for Computer Science." The recent "dot-Net" announcement by Microsoft throws a new light on Oxygen, and on other distributed projects like Gnutella and Freenet. Project Oxygen and Microsoft may have radically different views on how all this diffuse computing ought to act and be organized (read "Who pays, how much, to whom?"), but the fact of widely disseminated files and an increase in ASP-style distribution seems inevitable.

Schemer writes: "Wilfredo Sánchez, the lead developer on Darwin has posted his usenix paper, 'The Challenges of Integrating the Unix and Mac OS Environments' on the Web. In it he describes the difficulties and solutions to the problems encountered while trying to adapt BSD Unix for use with MacOS X. It's a very good read, even if you aren't a fan of the Macintosh." The OS X team have been dealing with the serious complications of mixing one established, beloved interface with another -- this is a thoughtful look from the inside at how they've dealt with it, and a good explanation of some underlying assumptions and conventions of each OS.

Krotus asks: "I've been looking for information on user shares of popular e-mail clients, and am really surprised at how hard it is to find anything beyond vague speculations. I suspect that lots of us could use these numbers, but has anyone been able to find out about what percentages of users are using Eudora, Outlook's various versions, mutt, pine, mh, Notes, etc.? Almost as useful would be numbers on what percentage of clients can parse HTML, vs. plaintext or something proprietary. Forrester, Jupiter, and IDC have all come up blank. The question has been asked at Abuzz with no luck. Maybe the collective knowledge of Slashdot will be more fruitful?"

Roger writes: "The New York Times is reporting that MP3.com and Warner Music have reached a settlement, after a few weeks of rumors that a settlement with the RIAA was near. My.mp3.com should come back soon. NYT; free registration required."

The idea drives the intelligentsia nuts, but it's becoming clearer all the time that culture isn't being destroyed online but re-invented here. This sensibility is behind a new Web site that takes the culture of gaming as seriously as it deserves to be. (Read More)

"The spirit of the hacker is one of the great creative wellspings of our time, causing the inanimate circuits to sing with ever more individualized and quirky voices; the spirit of the bard is eternal and irreplaceable, telling us what we are doing here and what we mean to each other." -- Janet Murray, Hamlet On The Holodeck

What will it take, wondered MIT Professor Murray in her classic 1997 book, for authors to create rich, satisfying stories that exploit the charactertistic properties of digital environments and deliver the aesthetic pleasures that cyberspace seems to promise?

For Murray, one of the first academics to take seriously the evolving digital world as culture, there's no doubt that the next Shakespeare will come from cyberspace.

Her prediction was especially bold at a time when the Net had already become almost synonymous with obsession, addiction, bomb-making, gun-buying, and porn. But day by day, it's clearer that she was right. Culture isn't being destroyed online, but re-invented. The next Shakespeare is probably clacking away on some Weblog or messaging system. In our time, the Net is where smart, curious, freedom-seeking and restlessly creative minds go to express themselves, experiment, and create a new kind of culture.

Wherever he or she is, her work will probably pop on a Web site something like MyVideoGames.com, launched a few months ago by Neil Morton and Steve Park, two former editors of the culture-savvy Canadian magazine Shift.

MyVideoGames is already an important site, just by dint of its existence. It acknowledges, implicitly and explicitly, that games are no longer simple forms of entertainment, but increasingly creative, complex -- even political -- expressions of the new culture forming online. It's the gaming equivalent of the newsmagazine in the media world of yore - stylish, literate, interesting.

The site offers breaking vid news, reviews, profiles of game heroes and heroines, and essays. One recent edition featured reports on the sleazy days of gaming, and the controversial "tits-and-ass game" Panty Raider, as well as ruminations on the sometimes-addictive nature of creative games. Such a site, almost inconceivable even five years ago, now seems a benchmark of the way new media evolve to recognize and shape new culture. The mainstream press, as usual, gets left behind, clucking about the new world like Temperance Ladies outside a bar.

It makes sense that this new kind of medium is forming around a complex community of gamers who seek not only amusement but intellectual challenge, stimulation, role-playing and community. Gaming is becoming a bigger part of the cultural lives of more and more people all the time. On eBay, some game characters are auctioned for tens of thousands of dollars. Barely recognized off-line at all, gamers number in the tens of millions, a following as large or larger than that which follows many traditional forms of culture -- opera, classical music. Gaming, given the storytelling inherent in video and computer games, is perhaps the most vital new cultural form emanating from cyberspace. Many games have evolved far beyond mind games like chess and Scrabble. Their characters, storylines and intellectual challenges are demanding and highly evolved.

This isn't by accident. The formulaic nature of storytelling, Murray points out, makes it especially suitable for the computer, so skilled at modeling and reproducing patterns of all kinds.

The idea of cyberspace as culture is a particularly bitter pill for many of the shapers of thought and opinion -- educators, academics, journalists, writers, members of the clergy, the so-called intelligentsia -- to stomach. In fact, Murray still has few colleagues supporting her contention that networked computing is re-shaping culture in diverse and highly creative ways.

Undaunted, Murray began teaching a course in electronic fiction in l992. "These stories cover every range and style, from oral histories to adventure tales, from the exploits of comic book heroes to domestic dramas." She is, she writes in her book, drawn more and more each year to imagining "a cyberdrama of the future ... I see glimmers of a medium that is capacious and broadly expressive, a medium capable of capturing both the hairbreadth movements of individual human consciousness and the colossal crosscurrents of global society. Just as the computer promises to re-shape knowledge in ways that sometimes complement and sometimes supercede the work of the book and the lecture hall, so too does it promise to reshape the spectrum of narrative expression, not by replacing the novel or the movie but by continuing their timeless bardic work within another framework."

Murray's idea will remain bitterly controversial for some time, especially among the guardians of conventional culture. But that's exactly the sensibility that pervades MyVideoGames.com, from Sean Monkman's essay on the physical challenges of videogames on the hands to Jonathan Kay's heartfelt -- and very truthful -- essay on how vid-games became the "ultimate scapegoat" after the Columbine High School massacre in l999.

Morton and Parks got the idea for MyVideoGame last October after they noticed half the workers in the Shift offices playing and talking constantly about games, and organizing get-togethers to play after work.

"So, I thought, heck, I gotta start a site that focuses on nothing but that," he e-mailed. "Videogames are a new mass medium. So let's do real videogame journalism like [Jann] Wenner did with music when he started Rolling Stone." Morton and Parks noticed that while a number of sites were devoted to cheats and reviews, hardly any focused on gaming's growing importance as a cultural force. "So we made a quick adjustment ... Let's focus on implications, not just applications of gaming." The site began soliciting contributions from academics and journalists, game addicts, designers and players.

With the result, Norton and Parks have made a bit of media history, once again demonstrating how mainstream journalism has napped through many significant, if less sensational, parts of the digital revolution. MyVideoGame.com recognizes precisely what Janet Murray describes so convincingly in Hamlet On The Holodeck, now out in paperback from MIT Press.

One of the most vigorous, rapidly expanding forms of popular culture, games are growing astonishingly inventive, creative, challenging and complex. Some, without question, are works of art both graphically and conceptually. For growing numbers of Americans and people elsewhere in the world, gaming is intrinsically conected to story-telling, mental stimulation and recreation, for all that school administrators, politicians and many parents still don't get it -- or fear it.

Murray's notion of the transformative power of computing as an advance in the history of narrative also is reflected on the discussions and editorial agenda of myvideogames.com.

"Computers offer us countless ways of shape-shifting," writes Murray. "Using 'morphing' software, we can transform faces so seamlessly that a grinning teenage boy melts into a haggard old woman, as if under a magic spell. The transformative power of the computer is particularly seductive in narrative environments. It makes us eager for masquerade, eager to pick up the joystick and become a cowboy or a space fighter, eager to log onto the MUD and become ElfGirl or BlackDagger."

alexhmit01 asks: "So my friend's father bought a new set of machines for his office from Gateway, and they included with it this little cube called a Micro Server, which he gave to his son. Naturally, the first thing that we did was crack it open, and saw that it includes a PCI slot (some expandability, currently has a modem that we'll yank), and 10 GB hard drive. We're flipping through the manual, assuming that it is an NT machine when I notice they talk about SMB shares, so I'm assuming SAMBA. I get to the back and see two documents, the BSD license and the GPL. We check out the specs, it runs a 64-bit RISC processor (I'm assuming Arm), and Linux 2.0! So how many IT people have gotten one of these and decided to actually put it to use? Any suggestions? "

"They include some easy-to-use utilities, which is nice as someone else can administer the thing when we're done setting it up.

Now, their firewall support, etc., is lacking (as it is Linux 2.0) compared to the stuff that Linux 2.2 supports, but I don't want to give up the flexibility of their tools.

Has anyone done much work on one of these? We're planning to stick on sshd and hack around with it (after imaging the drive) and I was wondering what others have done with this device. It seems like a great piece of hardware, it's tiny... it's adorable."

It would be nice to get more stats on these. Do they come with a network card? What kind of video do they support? What processor options are there?

Paul Boutin writes "The Industry Standard talked to Kerberos' principal author and all-around ubergeek Clifford Neuman about his proposed rewrite of the IETF Kerberos standard (RFC 1510) to close the loophole Microsoft has been using to create a non-interoperable version. " It also looks like Apple will be bringing Kerberos to OSX, in partnership with MIT.

Remember Michael Chaney? He's the Nashville-based Linux consultant who saved Microsoft's Hotmail service from a Christmas 1999 outage by kindly paying a $35 NSI registration fee for them. Michael has always humbly maintained that this little act of bacon-saving was more of a Slashdot thing than a personal act on his part. Now, in the same spirit of generosity, Michael has some suggestions for the World's Largest Software Company about how to back gracefully away from its most recent attempt to keep its proprietary Kerberos Protocol extensions secret while still appearing to "publish" them.

On Microsoft, Kerberos, Slashdot, and Trade Secrets

A few months ago at an NLUG meeting, I jokingly asked a presenter to reveal his root password to the assemblage, adding "it's just us, we won't tell anybody." The "us" in this case referred to the 50 or so people in the room, and we had a chuckle while the presenter wisely decided against giving us his password.

The point of this story is something that we all know to be obvious: the level of secrecy afforded a piece of information by a recipient of that information is directly related to the way in which the secret piece of information is passed along. A password freely given to all in a user group meeting wouldn't be held in much confidence by the people present; they wouldn't really consider it a secret.

Likewise, it's difficult for anyone to consider a document to be a trade secret if it's posted on a website for anybody to freely download. Yet this is precisely the manner in which Microsoft is distributing their "Microsoft Authorization Data Specification v. 1.0 for Microsoft Windows 2000 Operating Systems," which we know is nothing more than a slightly modified version of Kerberos.

In a click-through (aka "ignorable") license, Microsoft states that their specification is "confidential information and a trade secret," and that "you must take reasonable security precautions... to keep the Specification confidential." Who, exactly, must I keep from knowing this "secret" information? Presumably someone without internet access.

Contrary to [what seems to be] popular opinion within Microsoft, they have nothing to lose from making their products compatible with existing standards. As a matter of fact, strict compatibility actually raises the value of all products, including those from Microsoft. Given that fact, it makes no sense for Microsoft to create an incompatible version of Kerberos. And if they do make an incompatible version of Kerberos, it makes even less sense to restrict access to documentation concerning your "extensions." (I can imagine a Microsoft internal memo: "Embracement achieved, on to step two.")

So the situation as it stands is that Microsoft has released a document that they're claiming is a trade secret and copyrighted, parts of it have been posted to Slashdot, and Microsoft is pulling out the DMCA to get those posts removed. Given that Microsoft has made the information freely available, I can't imagine what this can gain for them.

But I really take offense to the fact that they go a step farther and request that a link be removed, and that instructions on bypassing their goofy EULA be removed. First, we've had plenty of discussions on here about the dangers of sites being forced to remove links; specifically at what level do we decide that a chain of links is no longer offensive. If I link to the Slashdot article that links to an "Unauthorized Copy of the Specification," is that a "crime?" How about a link to a link to a link? At some level, I'm sure I could find a chain that I could follow from Microsoft's own website to the offending Slashdot post (for those of you who wish to try, search for "samba" on Microsoft's site, it'll link to www.samba.org, try to find Slashdot from there).

As for posts "Containing Instructions on How to Bypass the End User License Agreement and Extract the Specification," I'd like to see someone from Microsoft explain how that constitutes a copyright violation, as J.K. Weston has stated (under penalty of perjury, no less). Self-extracting zip files are nothing new, J.K. Weston, nor is the concept of using WinZip to extract their contents.

The most offensive part of this whole ordeal, though, is that it's just been five months since Slashdot bailed Microsoft out when Network Solutions mistakenly shut off the passport.com domain on Christmas Eve. How soon Microsoft forgets! If it wasn't for Slashdot, it's likely that Hotmail would have been down for another day or more after Christmas, and that surely would have been a bigger blow, in terms of PR, than a bunch of Linux advocates solving their problems for them.

It's my not so humble opinion that Microsoft is in the process of making yet another major PR blunder. The company is famous for them, and it couldn't come at a worse time than as the Justice Department is trying to get them split up for doing exactly what they're doing right now: changing the specifications of an open protocol to reduce interoperability with other products.

Here's my advice to Microsoft: drop the silly EULA and make your Specification freely available under the terms of the new GNU Free Documentation License, or something like it. You'll gain some PR points, which you desperately need. This provides you with a way out that allows you to save face.

And my advice to anyone who talks to the press regarding this issue: remind them that it was Slashdot that saved Hotmail over Christmas.

- Michael Chaney

I spent some of yesterday and part of today (Saturday) on the phone with our law firm's intellectual property specialist dicussing Microsoft's attempt to get us to remove reader posts about Kerberos. We're lucky to have a lawyer who "gets it." We're also lucky to have gotten some very favorable press about all of this.

But, sadly, I can't really tell you much more right now than "we're still working on it" for two reasons:

• We're exploring a lot of angles and doing a lot of research, and in order to maintain attorney-client privilege we must keep all discussions with our lawyer *extremely* private.
• Microsoft's legal people (obviously) read Slashdot.

I have scanned every single reader post on this subject, and some of them have contained *very* helpful suggestions. It hurts me not to be able to share more, especially with those of you who have given us useful advice.

Meanwhile, Andover.net's management has been totally supportive. Our President, Bruce Twickler, deserves special thanks for his staunch backing and general coolheadedness. And our VP of Corporate Communications, Janet Holian, has done an excellent job of getting information out to other media while letting us work (comparatively) undisturbed.

There are also rays of light from the other end. I've gotten a small but steady trickle of e-mailed support messages from Microsoft workers who are embarrassed by their employer's actions both in rudely extending Kerberos and their attempt to "publish" their proprietary Kerberos extensions while still trying to keep them hidden behind a non-disclosure agreement.

Please bear in mind that many Microsoft employees are perfectly nice people. For all we know, the nice people at Microsoft may yet persuade the not-so-nice ones that there are times when it's better to work with others to establish industry-wide standards than it is to act as if the freedom to innovate belongs only to Microsoft.

(Special message to nice Microsoft people: Here's a quote you may wish to call to your bosses' attention: "...Kerberos is a multivendor standard, so it allows secure interoperability and the potential for single sign-on between the Microsoft world and other vendor environments." If they ask where you got these words, please refer them to this Microsoft.com page.)

Anyway, once again, please accept my personal apology for not being able to share more information with you right now. This is an uncomfortable situation for everyone involved, and we hope that Microsoft chooses to give this story a happy ending as soon as possible.

- Robin "roblimo" Miller

Remember the plan, in the U.S. and Canada, to tax DAT and send the profits to the music labels? Bubblehead writes "GEMA successfully sued HP over the fact that music CDs can be copied with CD-Rs. Now HP has to pay DM17 (US$8) for each CD burner sold since February 1998. So far I only found a German article on this (AP). You can translate with Babelfish. I think this is going too far - it's like adding a surcharge to a camera, because you might take a photo of an expensive painting."

Brian Demsky wrote to us regarding the release from the White House stating that the United States government will no longer purposely degrade civilian-use GPS signals. This mean more accurate data for people working with GPS, as "national defense concerns" had kept civilian results less accurate for years.

Philip Greenspun, whose name you may recognize from photo.net or Philip and Alex's Guide to Web Publishing, is founding a tuition-free program in computer science that's intended to provide the equivalent of four years' worth of CompSci in a single, 6-day-a-week, 12-hour-a-day year. You heard it right: tuition-free. And they're accepting applications. There are a few catches: you'll need a bachelor's degree already, and you'll need to be so bright that people put on sunglasses when you walk into a room. But even the rest of us can eavesdrop with lectures and course notes to be made available online. See this column about the program, or visit ArsDigita University.