Slashdot Mirror

Since the USSR wound down, GEODSS has also been used for finding near-earth asteroids. A few objects show up every month. Here's the list for December, 2002.

MIT's Lincoln Labs also operates an automated skywatch.

Here's an image from GEODSS. The objects that show as streaks are moving relative to the starfield.

If it's out there, one of these systems will pick it up within a few days.

Check the site out. Interesting tech publications.

The word "Institute" implies that it's a brain trust of qualified academic researchers, which is bullshit. As far as they've bothered to reveal to the rest of us, The Institute for Software Choice is simply a PR front group. They are in no position to speak authoritatively on any technical issue whatsoever. Their sole purpose for existence is to crank out press releases and hold press conferences if they can find any journalists inexperienced enough to show up. Declan should know better than to print their press releases as news.

The "Institute" would be called The Klingon Alliance or the Ku Klux Klan if MS thought it would help.

Reading the post reminded me of this document.

It doesn't have many hard dollar figures, could use some more recent data, and has a slight focus on the US military, but seems fairly thorough with lots of sources and is probably general enough to provide some insight for most businesses.

quoth the poster: How well is the MITRE Corporation regarded in general? How well are the thought of by the government in particular? How influential will their word on things be? You're kidding, right?

On the front page of MITRE's website: MITRE is a not-for-profit national resource that provides systems engineering, research and development, and information technology support to the government. It operates federally funded research and development centers for the DOD, the FAA, and the IRS, with principal locations in Bedford, Massachusetts, and Northern Virginia.

Trust me, they're extremely highly regarded and their analysis carries quite a bit of weight.

If it's that slow a news day, then we will shortly see another announcement to the effect that Apache v2.0.43 has been released as well. It fixes CAN-2002-0840 which is the bug that was previously covered on Slashdot here.

Actually, you are mistaken. Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN- 2002-0840

Apache release notes here: http://www.apache.org/dist/httpd/Announcement.html

It's also possible that mod_ssl and openssl may be build statically into your apache.

You should upgrade apache too, since you're at 1.3.23, which is before the chunked encoding bug. You generally need to updade apache and mod_ssl together, so plan on upgrading both of them.

Red Hat typically backports security fixes from later releases to the version they shipped with the distribution release to avoid introducing unrelated changes.

Note that RHSA-2002-155 is now superceded by RHSA-2002-160, which additionally addresses CAN-2002-0659.

Matt

According to the Symantec report cited in the story, the bug in openssl is this which is reported as RHSA-2002-155, for which the the fix is openssl-0.9.6b-24.i386.rpm for RedHat 7.3 i386 (plus some other RPMs for other versions, or other RPMS for other versions of RedHat). Maybe the 'g' build from openssh.org is necessary, but RedHat seems to think they've already fixed in in their "b-24" release.

Also, is a collection of links on mobile routing protocols, and mesh routing protocols that were originally designed for wired backbone links.

The stardard (802.11b) is fundementally flawed, though. Proprietary or not, someone will have to step in and do something about it, and if there is a financial incentive to do so, they will do it sooner.

<BLATENT PLUG>

Enter the company I work for =). We have a software overlay that sits on 802.11b and allows for multi-hop, etc. It uses feedback from the card to find the best path back to an AP through multiple hops, at the highest datarate possible. I've been deploying a beta version of our software in-house, and although I may be a bit biased, it really is a boon for WiFi. Seamless handoff, multihop, the works.

I might also point out we have a solution that supports mobility at highway speeds. From what little RF theory I know, doppler shift will kill 802.11b at anything over walking speeds. I routinely demo this technology to different companies on a local highway. And I can promise this, the tagline "T1 in your pocket" is all too apt. Even if driving around can be monotonous, reading /. while listening to internet radio (what's left, at least) at 70 MPH helps.

<BLATENT PLUG>

I might also point out that there is a project for Linux called MobileMesh that is doing a lot of this for Linux. There you go, open source and everything =).

I've worked for MITRE for the past 11 years. We don't do spam. We do systems engineering, R&D, and IT support for the government: originally for the Air Force, then the other armed services, the FAA, and the IRS. MITRE is not an ordinary defense contractor; it comprises three Federally Funded Research and Development Centers. The idea is to provide expert, unbiased technical advice which the customers can't keep in-house and which they can't get from for-profit contractors.

We always have a bunch of part-time undergraduate co-op students around -- I had one working for me in 2000. The two people named in the Salon article were co-ops in the nanotech research department in 1999. I'm quite sure that their duties didn't include a "someone likes you" spam engine, and I imagine they'll get an earful -- if they are still working for us, three years later -- from their unlucky manager.

I don't think it was very nice of Salon to link MITRE into this story. If you google for Tseng and Schleier-Smith, you find the MITRE link. If you paste that link into your story, it looks like MITRE is somehow connected. But we aren't.

I've worked for MITRE for the past 11 years. We don't do spam. We do systems engineering, R&D, and IT support for the government: originally for the Air Force, then the other armed services, the FAA, and the IRS. MITRE is not an ordinary defense contractor; it comprises three Federally Funded Research and Development Centers. The idea is to provide expert, unbiased technical advice which the customers can't keep in-house and which they can't get from for-profit contractors.

We always have a bunch of part-time undergraduate co-op students around -- I had one working for me in 2000. The two people named in the Salon article were co-ops in the nanotech research department in 1999. I'm quite sure that their duties didn't include a "someone likes you" spam engine, and I imagine they'll get an earful -- if they are still working for us, three years later -- from their unlucky manager.

I don't think it was very nice of Salon to link MITRE into this story. If you google for Tseng and Schleier-Smith, you find the MITRE link. If you paste that link into your story, it looks like MITRE is somehow connected. But we aren't.

Security Update 2002-08-02

• This update addresses the following security vulnerabilities which affect current shipping versions of Mac OS X Server. These services are turned off by default in Mac OS X client, however if these services are enabled then the client becomes vulnerable. It is recommended that users of Mac OS X client also apply this update.
• OpenSSL: Fixes security vulnerabilities CAN-2002-0656, CAN-2002-0657, CAN-2002-0655, and CAN-2002-0659. Details are available via: http://www.cert.org/advisories/CA-2002-23.html
  
  
• mod_ssl: Fixes CAN-2002-0653, an off-by-one buffer overflow in mod_ssl Apache module. Details are available via: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN- 2002-0653
  
  
• Sun RPC: Fixes CAN-2002-039, a buffer overflow in the Sun RPC XDR decoder. Details are available via: http://bvlive01.iss.net/issEn/delivery/xforce/aler tdetail.jsp?oid=20823
  
  

As a consume.net node owner I have a particular interest in the idea of using mesh networks to provide an open wireless network based on the idea if it possible to creat bandwidth with every wireless connection, however this bandwidth is relativly limited in its use if it can only reach a fraction of the number of hosts on the Internet.

As far as I can see todays wireless standards are not capable of supporting enough users in a mesh based network to make the network useful. Beyond a certain number of hosts almost all of the available bandwidth will be used for routing information, especialy if the nodes are not online permanantly or are moving. Even with omni directional antenna 802.11a/b has a very short range, LOS is hard to come by esspecialy since 802.11b does not agree with trees not to mention the chronic shortage of spectra since only 3 802.11b networks can operate at maximum throughput within range of each other...

Mobile mesh is one of the leading mesh network protcols but tests by consume.net members have shown that Mobile Mesh strugles to scale past 20 nodes, not to mention the lack of windows support which is a realistic requirement if you expect every user to act as a router, esspecialy considering that 99% of the population (including several of my Comp Sci & Cyberentics course mates) consider the default state of a computer to be off.

Any mesh routing protocol must be able to cope with re-routing packets when a node is returned to its "default state" by its user, however the problem is acheving sufficient node density to maintain coverage when peoples computers are only on say 4 hours a day. This could be achieved by producing low cost, *nix based APs wether based on COTS or a dedicated AP solution such as the Musenki or the BAWUG board which was demoed to consume.net members by Matt Peterson of BAWUG as part of his round the world trip with Terry Schmidt of NYCwireless. (cheers guys, it was a very interesting presentation).

Both the Musenk and the BAWUG APs are very compact and could be pre-configured for mesh networking requiring only to be pluged into the users LAN however they are still relavtivly expensive. (The Musenki M-1 is expected to be $299 and the M-3 $499)

In short Mesh networkng still has two major obstales to overcome until it can be considered for wide scale deploment..

1) Windows software is essential to acheive sufficent node density for complete coverage 24/7.

2) Scaleablity needs to be improved to 1000's of nodes. There is no way to write routing protols that will overcome the speed limitations of existing wireless hardware, even with QoS there will still be physical bottlenecks as there will only be a limited number of users who can connect to the NAP. Intelegent routing can cut down the number of request for routing data, from what I know of Mobile Mesh all the nodes will listen and cache routing information broadcasts which reduces the number of requests the have ot make for this information thus leaving more bandwidth for your data.

This paper was prepared as part of The MITRE Corporation?s FY00 Mission-Oriented Investigation and Experimentation (MOIE) research project "Open Source Software in Military Systems.. This paper analyzes the business case of open source software. It is intended to help Program Managers evaluate whether open source software and development methodologies are applicable to their technology programs. In the Executive Summary, the paper explains open source, describes its significance, compares open source to traditional commercial off-the-shelf (COTS) products, presents the military business case, shows the applicability of Linux to the military business case, analyzes the use of Linux, discusses anomalies, and provides considerations for military Program Managers. The paper also provides a history of Unix and Linux, presents a business case model, and analyzes the commercial business case of Linux.

Here

scientists announce webserver discovered running on GM mouse. Slashdot crowd stamp on mouse.

posting that had to be someone's idea of a joke, right?

I wonder how long before people combine this sort of thing with mesh networks? Then you could wander around getting your pockets slashdotted all day

While everyone was discussing the tautology of newspapers, including the Wash. Post being full of shit...

The report from Mitre Corp. discussed in Thursday's thread on the Washington Post's article contained one very interesting point regarding Assuring the Safety and Security of COTS Software Products very relevant to the DMCA:

The absence of source code precludes some analyses to certify the code, and it may be illegal to do reverse engineering of commercial products to deduce the code.

Awareness of the DMCA is creeping in to more trade journals. The February 2002 issue of Scientific Computing & Instrumentation features a special report on the DMCA (page 54 of the dead tree version):

Many scientists, librarians, and academics opposed the bill at the time, and the multiple provisions of the bill are now proving how real their concerns were.
...
Forget about Napster -- this law has the potential to halt your reserach work, or have you thrown into jail.

The 1700's saw a serious of protections from governmental abuses, it looks like the 2000's will see a series of protections against similar corporate abuses. It'll happen sooner than later if Europe decides to learn from the U.S.'s mistakes this time rather than emulated them.

> Maybe Denning hasnt heard of that report? I tried looking through Mitre's website, no luck in finding it. Anyone have a link to that?

Here is a link which might be it.

The following is an excerpt from the executive summary:

The Military Business Case
The military has different software needs than the commercial sector because of its
unique mission and environment. Software attributes most important to the commercial
sector include application choice, ease of use, service and support, price, reliability, and
performance. Most operationally significant attributes for software used in the military
include reliability, long-term supportability, security, and scalability. Additional attributes of
highest programmatic significance to the military include cost or price, availability or
multiple distribution sources, and popularity or brand/reputation.
While both the commercial and government sectors are concerned about price and
reliability, certain commercial customers generally have less stringent requirements for
security, availability, and long-term supportability. However, these features are becoming
more important in the private sector. E-commerce companies must have high levels of
security to protect personal financial information and transactions. Availability of software
from multiple sources increases competition, resulting in higher quality at low prices. Long-term
supportability is important to businesses needing to access legacy data. If a commercial
product or process, such as open source, is deemed suitable and offers the required
functionality, the military can take advantage of these to achieve significant cost savings.
There are other potential benefits to leveraging commercial products or processes, including
faster deployment time, improved quality and reliability, reduced development risks, and a
support system already in place.
Applicability of Linux to the Military Business Case
Linux has attracted a large group of highly trained developers, and "given enough eyeballs, all bugs are shallow."13
Over 120,000 programmers contribute to Linux, volunteering about 2 billion dollars worth of labor.14 This massive amount of technical
expertise could not be afforded by providers of traditional COTS products. As a result of the
open source process, highly reliable and stable software is produced. This comparative
advantage, along with its perceived low price, enables Linux to attract a large user base
worldwide.

Considerations for Military Program Managers
OSS provides more options than traditional COTS for life-cycle supportability,
particularly for long-lived systems. It can be used in the form of pure COTS, "modifiable
COTS," or custom code. Program Managers' requirements for operating systems differ
considerably depending on their particular environmental and mission requirements. Command and Control (C2) Program Managers are operationally-driven. For these
managers, the cost of failure is very high. Reliability and performance are essential. C2
Program Managers use traditional COTS unless the system requires more customization, and
system upgrades tend to be frequent. C2 Program Managers should consider using Linux
because it provides the highest level of reliability with good performance. NT is weakest for
both of these metrics.

Federal Linux Award
The MITRE Corporation recently received a Leadership Award from the non-profit
Potomac Forum for showing that OSS can provide substantial advantages over commercial
software, particularly when reliability and long-term support are key requirements. The
award was recently presented jointly to MITRE and the Office of the Secretary of Defense at
the first Federal Linux Users Group conference at Crystal City, Virginia. MITRE earned the
award for investigating the technology and economics of OSS in its research project, "Open
Source for Military Systems." According to Mark Norton, Office of the Assistant Secretary
of Defense, "This MITRE study is the first study of Linux and other OSS that addresses both
the technical advantage and the business case for using open source in Department of
Defense." The MITRE research team included technical staff members Frank McPherson,
David Emery, Terry Bollinger and Carolyn Kenwood. MITRE's work included
demonstrating the use of Linux in embedded systems such as the Abrams Tank and for
information assurance within Army Tactical Operations Centers. ...

This interview is definitely a fake. He throws around real sub-contractor names in an effort to sound believable. However, NSA doesn't contract out the honest-to-God engineering and research work. They contract out the IT-sorta stuff. Thus, there's no way this could be true. How do I know? Mostly because I'm friends with people who work at CSC and NSA. -Erwos

No offense, but you have no clue what you are talking about. NSA contracts research out to companies like Mitre, and they fund academic research as well.

It's mostly common sense, but common sense is forgotten too often. Since that which goes without saying often goes unsaid, it's useful to see these published. That Mitre has published is extra useful because of their reputation and weight.

Assuring the safety and security of COTS products is difficult because:

• The rush to market means end users become testers.
• COTS products have an unknown pedigree (who developed it, what process was used).
• The absence of source code precludes some analyses to certify the code, and it may be illegal to do reverse engineering of commercial products to deduce the code.
• Systems may not use all the features of COTS software but the unused features may have an undesirable effect on the behavior and resource consumption of the product.

Suggestions for managing these risks include:

• Determine if the vendor publishes all errors reported by users.
• Tap into user communities that do disseminate information on errors, problems, and solutions.
• Design the system to be defensive about COTS products performing critical functions by creating checks and bounds on the damage they can do if they perform incorrectly.
• Use open source products in order to be able to obtain and analyze the source code.

Mitre may have a reason they want to encourage Linux in the gov't.

http://www.mitre.org

My company lists their open source projects here. No missile guidance systems, just stuff like virtual workspaces, and I haven't worked on any of these projects so I can't vouch for their quality/usefulness. But hey, if you're a US taxpayer you paid for them, so have at it.

This was a reference on the RedHat advisory [RHSA-2002:027-22] Vulnerability in zlib library (powertools):

Mitre
Gnome

The Mitre page says it's still under review.

According to the ChangeLog, vulnerability CAN-2001-0731 is present in Apache 1.3.20, and fixed in 1.3.21. Has anyone managed to reproduce this vulnerability? If so, how? The examples given in the vulnerability report don't seem to work.

We use 1.3.20 at work. It works very well, and I don't want to upgrade unless I really have to, but this is a potentially bad security hole for us.

Just in case, I've disabled MultiViews for now. We'll have to turn it on again in a month or so, unless I can code up a fix for some of our instruments so that they no longer rely on it.

This is the link to CAN-2001-0731

-- Guges --

It sounds like a second-hand description of "quantum dot" technology. This is where you create a potential well in a conducting material and confine an electron within the well. Because the well is small, you get only certain energy levels permitted for the electron, just as in an atom. By changing the properties of the well, you change the properties of this "fake atom".

Just out of curiousity, do you any more info on this, or on applications for it? I buy that you can do this, but it seems hard to control this sort of potential except using nuclei?

It's actually quite easy to control the resulting energy configuration. The "allowed" energy levels depend on the size of the well (controlled when you etch it) and the electric potential between the inside and the outside of the well (which you can get "for free" by making the well on a semiconductor wafer and doping the inside and outside differently, or which you can fine-tune by having an electrode next to the well).

A decent introduction into quantum dots is here:

http://www.sciam.com/specialissues/1097solidstate/ 1097corcoran.html

Scientific American has a few other articles on quantum dots, which you can find through their search page.

A collection of more in-depth articles is here:

http://www.mitre.org/research/nanotech/quantum_dot .html

Applications include quantum computing (if you put multiple dots on a chip close enough together to interact with each other), and building semiconductor lasers with any frequency you like (even tunable frequency). More applications will undoubtedly arise; we've only just started to play with these things.

Instead of trying to use the latest, most trendy technologies (e.g. using web based controls and XML to create the Joint Battlespace Infosphere Infrastructure) or opting for the cheapest method of getting things done, we should think about how these things might be attacked and design them to be infrastructure, and should design them to be resistant to attacks.

Sun has released a technical bulletin on this. It doesn't appear to be NDA or confidental, but then again, they don't always label their stuff. (I had a problem with that once. Not even a copyright notice. They screamed and yelled when the document hit the net.)

They do, however, reference the following URL at the end of the bulletin --

http://www.mitre.org/research/y2k/docs/TIME_T.html

Just an errant thought as I read the article. Could it be the old giant, IBM has shown us some of the blue-fu that has kept this company around near or on the top for so many years ? For example:

Bird 1 - undercutting Sun high-end
"SIAC's Artmail applications previously ran on Sun Microsystems Inc. servers that used Unix. But they will now run on IBM Linux servers linked to an IBM mainframe system."

IBM's girthieness has been a liability in the past. Not so much for the hardware itself; though expensive. Rather, much of the rub has been on the expense and limitations of its operating system, as anyone using MVS will attest. Linux literally flips that around against it's competitors, forcing companies such as Sun's high-end to compete chip-to-chip with IBM's mid to low end iron.

Stone 2 - Microsoft's cost of Open Source argument
"Though basic Linux software is free, IBM makes money by selling the middleware that links Linux with existing software and computer systems at places like SIAC. It also makes money by selling Linux servers and services for Linux-based systems."

Here IBM parlays one of its biggest, and most enduring strengths ... selling services. Let's face it, there's not much in the way of COTS that Microsoft can FUD with when it comes to Wall Streeters, and their propensity to roll and re-roll their own apps.

Kudos to someone where at Itty Bitty Machines for figuring this one out.

If you look at the author list, they're all from MITRE or JPL. (read Defense Department sponsored.)

This is likely as important and visionary as (Rand Corporation) Paul Baran's 1964 "On Distributed Communications" series, and I would take it as a look at the near future.

If you're willing to work for a company that contracts with the federal government, you should have little trouble finding work in Europe. Particularly if the contract is for the Department of Defense, you may fall under the Status of Forces Agreement (SOFA). If so, the first $75K of your income is exempt from US taxes and it is possible not to be taxed by the host nation either.

Specific companies I know of include Logitech, Mitre, and SAIC.

The class was quite a bit of work, but was very rewarding. The final research project was very cool, as Prof. Edwards was very flexible about methods of submission (paper, video, web site, etc.) and topics ranged from women in computing to digital music to a brief history of Soviet computing (and yes, you can write a 3500-4500 word paper about the history of Soviet computing).

We learned about more than just the history of computers, however. This class forced me to think about how technology affects society, long before such musings became as popular as they are today. We learned about the role that census machines played in the Holocaust, about how a military boondoggle supplied some of the key components to today's computing technology, how women who played such a key role in the early years of computing were pushed aside, and finally the role of technology in other countries.

Of course, this class holds a special place in my heart since I met my finac&eacute while researching my paper, so I might be a little biased :)

Anyway, here's one set of Top 10 Recent achievements in Nanoelectronics

And a set of Top 10 Hard Problems.

In recent years the Feynman Prize in Nanotechnology has been awarded for experimental work as well as theoretical. Some people have been designing cool devices at the molecular level, other people have been building them, and they work. There's no reason to think progress of this sort will stop any time soon.

For all the revolutionary talk about how [the computer] will free us from the burdens of work, now all we do is spend more time working, because computers have enabled us to do more!

Anyway, here's one set of Top 10 Recent achievements in Nanoelectronics

And a set of Top 10 Hard Problems.

In recent years the Feynman Prize in Nanotechnology has been awarded for experimental work as well as theoretical. Some people have been designing cool devices at the molecular level, other people have been building them, and they work. There's no reason to think progress of this sort will stop any time soon.

For all the revolutionary talk about how [the computer] will free us from the burdens of work, now all we do is spend more time working, because computers have enabled us to do more!

One possible way around this is to work for a contractor who provides services to the U.S. military as a tech worker in Germany.

If you qualify (and this is getting more difficult) as a technical expert, your pay is not taxed by the German government and in addition, your first $75K is free from U.S. income taxes as well. The only catch is that your employment must be temporary and that you must not be "ordinarily resident". There are a number of firms who have workers there under this status including Mitre, Logicon, and others.

Its a well kept secret but you can qualify.

While you will find some of the bureucratization in these organizations that you find in government, you will also find people who would be sympathetic to open source. Being as these are well-establined outfits that regularly win contracts, these are good allies for the open source movement.

Being one of Uncle Sam's current wage slaves (except that I wear a uniform) I can say without a doubt that this will have little to no effect because any techie worth his salt won't work very long for the government. Why is that, you may ask? Because government projects that involve computers are almost always administered by someone who knows nothing about them and is more interested in servicing their own career at the expense of the system they're dealing with.

For example, I'm currently a sysad for a system that's had $25 Million dollars poured into it and we're still not even close to being fully operational and we're lucky that this thing works at all. If you want a good example of the people that the government listen to for their computing needs, check out Mitre. These guys are renown for designing crap (they're the ones who came up with the brilliant idea of keep all the user directories on our busiest file server, not to mention running 900GB through a single OC-12 card on a shitty ATM network under WinNT).

The government mismanges ever piece of silicon they have and until the culture of management changes, even money won't be enough to keep talented people around.

http://cvw.mitre.org/

Network Security Library

Common Vulnerabilities and Exposures

SecurityFocus

You can find everything you want to know (and more) at these sites.

I like OpenBSD but your assertion is bogus. There are closed-source operating systems that are very secure, Multics, MLS versions of UNIX, SCOMP, MVS. See the list here and look for operating systems with A or B class security ratings.

• The GNU General Public License (GPL);

• The GNU Library or `Lesser' Public License (LGPL);

• The BSD license;

• The MIT license (sometimes called called the `X Consortium license');

• The Artistic license;

• The Mozilla Public License (MPL);

• The Qt Public License (QPL).

• The IBM Public License.

• The MITRE Collaborative Virtual Workspace License (CVW License).

• The Ricoh Source Code Public License.

• The Python license.

• The zlib/libpng license.

-tim

> Correct me if I'm wrong

Consider yourself corrected.

Leap years occur when the year is divisible by 4, except when the year is divisible by 100, unless the year is also divisible by *400* (not 1,000).

I remember watching a number programs displaying the date 29 FEB 1990 to me a decade ago. That wasn't a leap year. Fortunately for the vendor, who responded quite quickly, the dates were stored internally in Julian format and converted for display, so no data was corrupted. The bug was introduced during some maintenance on some old software. I suspect that they were among the first to start Y2K fixes.

This particular problem arose from the fact that far few programmers completely understand the leap year rules, and the code that does the calculations is rarely touched, usually for some reason not directly related to leap year calculations, such as Y2K remediation. It is all wound up in the reasons why software maintenance gets expensive in nearly every case. The specs were either never written down to the level of individual functions, or they are out-of-date. Comments are incomplete or misleading. There's no automated regression tests to give assurance that nothing has been broken.

Why should we care about this? This particular instance was probably due either to Y2K work or a latent bug from some programmer who over-applied the century portion of the leap year rules. Once it gets fixed, this code won't need to be touched for ages. First of all, Y2K was just a single instance of a justification for going through bodies of code making huge numbers of small changes. Porting is another one. And any programmer with a bit of experience can name at least one or two others.

Earlier, I provided a link to the description of the Extreme Programming practice of automated unit tests. Doing that might not have caught these bugs before they got loose. Testing generally only catches the bugs you know to look for, and the tests can be wrong too. But I'm lobbying here to try to overcome the natural resistance many programmers feel toward testing. I know I'd certainly rather be writing code. The reason I've started automating it is because I have no such aversion to building tools to take that dull task away from me. Larry Wall pointed out that laziness is a virtue for programmers. Use it.

Here is a link to a site with the leap year rules for the Gregorian calender. Or, if you prefer:

Years divisible by four are leap years, unless they are divisible by 100 (1900, for example). However, years divisible by 400 (such as everone's favorite, Y2K) are leap years.

The Department of Defense has already made a large commitment to using an Open Source groupware package called CVW, that was developed as an internal research project by MITRE. There's an article in the latest Linux Journal about it.

The Department of Defense has already made a large commitment to using an Open Source groupware package called CVW, that was developed as an internal research project by MITRE. There's an article in the latest Linux Journal about it.

[ There are shareware products that have better groupware features than those of Microsoft products, he said, drawing applause from the audience. ]

Ok then, give some shareware developer out there an early christmas present and buy his software. If not, then basically...shutup. Or was he hoping to get some beanie points by bashing Microsoft?

The Department of Defense has already made a large commitment to using an Open Source groupware package called CVW, that was developed as an internal research project by MITRE. There's an article in the latest Linux Journal about it. My guess is that Undersecretary Hultin was referring to CVW, and confused shareware with open source.

OSS trivia item: Eric Raymond was instrumental in helping convince MITRE (and their legal department) to release CVW as Open Source Software.

[ There are shareware products that have better groupware features than those of Microsoft products, he said, drawing applause from the audience. ]

Ok then, give some shareware developer out there an early christmas present and buy his software. If not, then basically...shutup. Or was he hoping to get some beanie points by bashing Microsoft?

The Department of Defense has already made a large commitment to using an Open Source groupware package called CVW, that was developed as an internal research project by MITRE. There's an article in the latest Linux Journal about it. My guess is that Undersecretary Hultin was referring to CVW, and confused shareware with open source.

OSS trivia item: Eric Raymond was instrumental in helping convince MITRE (and their legal department) to release CVW as Open Source Software.

This type of combinatorial bio-computing was first done in 1994 by Adelman. He solved a Hamiltonian path problem by evolving a solution in DNA.

More info about bio-computing in general here.