Slashdot Mirror

OK, that was a bad way of phrasing it. The 2-3 milliseconds is the rate at which the lag between UTC (earth) and UT1 (astronomical) time increases per day, not the change in length of each day relative to the last. The rest of what I said is still valid.

It's true... an earlier poster noted there was a more informative NIST article, which it turns out also refers to rotational speed, not orbital speed.

NIST

Ummm, guess again.

Why don't uou

This is why the Federal Information Processing Standards Publication 151-2 is important. The other "open" standards bodies don't hold as much legal weight as the federal standard, because the US Govenment requires all contributing parties to "sign off" on the standard. There are a number of Legislative acts past that mandated such open implementable interoperable standards for Federal Information Processing in Govt tenders ( just don't ask me to name them off the top of my head - It's well over a decade since I worked with Ada ).I'm sure that many Govt organizations would not look too kindly on the self claimed "inheritors of Unix" SCO Group attempt at such a U-turn.

For POSIX compatability all that is needed in reality is a semi successfull attempt at passing compatability and a roadmap. Microsoft got by for years claiming POSIX compatibilty in NT for federal tenders, dispite the fact the the native POSIX layer was not stable or trully functional until late 1998 with the release of Interix. Now The OpenGroup and the Linux Standard Base have a New RoadMap for providing a POSIX shell for Linux LSB.

'The SCO Group cannot expect to win any case based upon application interfaces which it's AT&T, USL and Novell predecessors relased in open standards specifically for the purpose of interoperability.

signal.h, errorno.h,and ioctl are all parts of many released standards including The Open Group and IEEE POSIX Base Specifications and the Federal Information Processing Standards Publication 151-2.

Note that The SCO Group does not own the copyrights on any of those standards and it does not own clear title to the copyrights on most of the AT&T Unix base.

From 1989, the then SCO activity pushed for the adoption of the iBCS Intel Binary Compatibility Specifications across *all* i386 Unix vendors

For the benefit of the entire user base, as well as the industry as awhole, SCO encourages all UNIX System vendors for Intel processors to join SCO, USL, Intel, ISC and OSF in supporting the iBCS-2 standard for x86 applications.

Even SCO admits, no requries these definitions to be present in order to be standards compliant.

'The SCO Group cannot expect to win any case based upon application interfaces which it's AT&T, USL and Novell predecessors relased in open standards specifically for the purpose of interoperability.

signal.h, errorno.h,and ioctl are all parts of many released standards including The Open Group and IEEE POSIX Base Specifications and the Federal Information Processing Standards Publication 151-2.

Note that The SCO Group does not own the copyrights on any of those standards and it does not own clear title to the copyrights on most of the AT&T Unix base.

From 1989, the then SCO activity pushed for the adoption of the iBCS Intel Binary Compatibility Specifications across *all* i386 Unix vendors

For the benefit of the entire user base, as well as the industry as awhole, SCO encourages all UNIX System vendors for Intel processors to join SCO, USL, Intel, ISC and OSF in supporting the iBCS-2 standard for x86 applications.

Even SCO admits, no requries these definitions to be present in order to be standards compliant.

I wonder, though... in those days, did they think that there was something special about the line through Paris as opposed to, say, a line through the Atlantic ocean? Or was mentioning Paris just a political gimme?

The French sponsored the effort to measure the distance from the pole to equator, so they got to decide where the line went.

Incidentally, many people of the time advocated defining the meter as the length of a pendulum with a half-period of one second, however scientists realized that'd only take a couple days to figure out, whereas measuring a quarter of the Earth's circumference would keep them employed for years.

The second is the duration of 9 192 631 770 periods of the radiation corresponding to the transition between the two hyperfine levels of the ground state of the cesium 133 atom.

The reason for this definition is that the old one was too imprecise. See Base unit definitions: Second.

Seems like this is a risk - a calculated risk - that everyone incharge of some IT decision takes and has taken for years now. We see it happen with certain standards all the time. A few solutions rise to meet a certain problem. Some succeed, some don't. That's why careful evaluation of adopting anything is necessary. You don't want to go one way while everyone else is going another.

NIST does this sort of evaluation on standards all the time with its Application Portability Profile.

Basically, I don't see how this "forking" is really something exclusive to open source. Society, as a whole, forks all the time. Which forks will be successful isn't without some level of predictability, however.

How arrogant were the designers to label it "Advanced"?

The designers called it "Rijndael", NIST gave it the name "AES".

Nope. Not since 1998.

IMHO, the most offensive is Pa for pascal. Why not P? To distinguish it from phosphorus?

Most especially, Kilo was capitalized - and indeed, kilobytes per second is still properly written Kbps, not kbps, isn't it?

No. it's kbit/s. The other abbreviations are dumbed-down gobbledygook. In tabloids such as the NYT "technology" section, maybe they write kbps or other aberrations. But in regular technical publications such as Electronic Engineering Times, you will almost always see the scientific kbit/s or Mbit/s. The only instances of "kbps" are press releases written by mostly clueless marketdroids. A search for kpbs in the EET archives revealed 8 hits, vs. 172 for kbit/s. Same for Mbps (13 bits) vs. Mbit/s (303 hits).

These days it would appear that all the above-unity multiplier prefixes higher than kilo are still capitalized, while kilo, hecto, and deka are not. All the below-unity ones are still lower case. Is this true, and if so, why on earth was this change made? It is so offensive to common sense of order. Well, the conventions are the same since at least the 70s (cannot vouch for earlier). The symbol for kilo has been k (not K) for as long as I can remember. Maybe you have pre-International System memories.

I don't know about any change in the capitalization convention. The only thing for sure is the list of standard prefixes, which I have learned at school in the 70s. According to the history of the Systeme International, these conventions have been unchanged since the 50s or so.

So if your memory predates this, then you, Sir, are certainly not usurping the Old Geezer title.

IMHO, the most offensive is Pa for pascal. Why not P? To distinguish it from phosphorus?

Most especially, Kilo was capitalized - and indeed, kilobytes per second is still properly written Kbps, not kbps, isn't it?

No. it's kbit/s. The other abbreviations are dumbed-down gobbledygook. In tabloids such as the NYT "technology" section, maybe they write kbps or other aberrations. But in regular technical publications such as Electronic Engineering Times, you will almost always see the scientific kbit/s or Mbit/s. The only instances of "kbps" are press releases written by mostly clueless marketdroids. A search for kpbs in the EET archives revealed 8 hits, vs. 172 for kbit/s. Same for Mbps (13 bits) vs. Mbit/s (303 hits).

These days it would appear that all the above-unity multiplier prefixes higher than kilo are still capitalized, while kilo, hecto, and deka are not. All the below-unity ones are still lower case. Is this true, and if so, why on earth was this change made? It is so offensive to common sense of order. Well, the conventions are the same since at least the 70s (cannot vouch for earlier). The symbol for kilo has been k (not K) for as long as I can remember. Maybe you have pre-International System memories.

I don't know about any change in the capitalization convention. The only thing for sure is the list of standard prefixes, which I have learned at school in the 70s. According to the history of the Systeme International, these conventions have been unchanged since the 50s or so.

So if your memory predates this, then you, Sir, are certainly not usurping the Old Geezer title.

What you wrote is meaningless. K is Kelvin, P is not a unit, H is Henry. KPH would be "kilo-Henry times whatever P would be".

This is science, not feel-good-improvisation and fluff, for crying out loud. Look at a unit tutorial for details.

Or better, avoid these pesky meters, grams and seconds entirely. Just stick to furlongs, fortnights and stones like a good American. :-)

I've heard this story with "The End is in Sight" with lots of things. For instance, they say we will run out of oil by the year 2048 (give or take a few decades), but we are already switching the fuel technology backbone to Hydrogen. This will dramatically decrease our dependance on oil and probably extend the life of oil until the year 2200 or something.

Likewise, with "Moore's law", we will definately steamroll right past the 16 nanometer limit with Nanotechnology by dealing with stuff in picometers(!).

Now, whether something is technically feasible and whether it is cost effective are two different stories. As long as we continue to pour the billions of dollars into this advancement of technology, we will continue to blow past any barrier placed in front of us. Because we have been interested in what is done, rather that how something is done (read:Rome falling), we will continue to develop technologies at the rate we are going at.

Now, everyone is afraid that Moore's Law will fail. I don't think enough people have realized how it will fail. I believe that Nanotechnology will actually break Moore's law in an unusual way -- by increasing the rate of advacement. Instead of the usual eighteen months between advancements, I believe that we will rapidly see shorter and shorter advacement rates.

Here's to the future!

Its pretty well common knowledge in the security community that Microsoft paid for that certification.

Actually, in todays model, ALL VENDORS pay for their certification. All the government provides is oversight to the commercial labs that do the actual evaluation.

It is the vendor's responsibility to (a) pick a scheme (i.e., in which country will evaluations be done: US, UK, France, Germany, etc.) -- differing countries have different forms of oversight, but supposedly the same level of rigour; (b) pick an evaluation facility in that country (for the US, you can see the list by visiting the CCEVS webpage). The vendor also gets to develop the claim of what security features are present (i.e., the security target).

This is VERY different from the older "Orange Book" evaluation paradigm, where the government wrote the criteria (TCSEC), and the government evaluated against the criteria (TPEP).

Daniel

Certification is not a question of technical merit, it's also based on a lot of paperwork as well as a lot of money that needs to be "given" to a certification laboratory that validates all that paperwork

I've been pushing for a Debian CC certification myself, but it's not probable that this will come to pass unless it's sponsored.

You do have a Debian-derived product that is currently CC certified EAL4: Stonesoft's Stonegate (security target available at NIST's NIAP, the Common Criteria site seems to have been discontinued unfortunately). It is certified versus a firewall-specific Protection Profile, though, so it should not be used as a comparison metric against others that are certified against an operating system PP.

Exactly right. Security, in wireless sensor networks, means more than just encryption (for privacy), however. In many applications it's more important to have message integrity and sender authentication, meaning that the recipient is guaranteed that the message hasn't been altered, and that it was from who it says it was from. For example, having an encrypted message from a short-range wireless light switch is often of little utility; people around can see the light come on (perhaps through a window), so you're not really protecting anything. However, as the parent poster says, you really don't want some car of script kiddies driving through your neighborhood randomly turning lights on and off at 2 AM. The wireless lights need to know that the messages they receive are from their associated switches, not from some 3l33t d00dz; that's the function of message integrity and source authentication checking.

Recognizing the importance of these types of security, the IEEE 802.15.4 standard, available here, employs the Advanced Encryption Standard for encryption, message integrity, and sender authentication. The ZigBee Alliance specifies key transport protocols, key management, and other higher layer security functions.

Note that EAL2 is something that provides essentially no assurance of security. You can find details of this in Google's cache (www.commoncriteria.org is no longer alive).

"Still, its mainly a diligence measure for getting into Govt purchasing schedules, and has little to do with a practical or useful evaluation of the actual security of an OS."

Sure, doesn't have a thing to do with the actual security of an OS. Next time, why not take the time to read about the spec for Common Criteria certification before making such an idiotic suggestion.

you can read about the Common Criteria here.

Unfortunately, the other site has been shut down.

Right. But well, some people have attempted to develop quantum authentication protocols like this one, this one, and this one. Dunno if the device in question does any of them, or even if any of them are actually practical to use with today's technology. If the device in question doesn't use quantum authentication of some kind, well, they're selling snake oil, but I wouldn't dismiss the whole concept of quantum cryptography out of hand totally the way you seem so ready to.

This is not the first controlled-not gate for a quantum computing system but rather the first in this solid state system.

Other implementations of a controlled-not gate (or its close relative, a controlled-phase gate) include:

Caltech Quantum Optics implemented a controlled-phase gate between photons using a strongly coupled atom in a cavity.

Serge Haroche's group implemented a controlled-phase between an atom and a photon using microwave cavities and atomic Rydberg states.

NIST Ion Storage Group: implemented a two qubit gate (which could be turned into a controlled-not) and a four qubit gate using trapped ions.

NMR quantum computing has been implemented by various groups including the biggest quantum computation to date, factoring 15, done by Isaac Chuang's group (IBM and now MIT.)

A proof of principle implementation of a controlled-not in the linear optics quantum computing scheme has been implemented at the University of Queensland.

I'm leaving out quite a few other cool experiments: but the above links should give you a good idea of the what early steps have been taken in quantum computing.

That's one mighty fine DSP chip they've got there!
I know some people should find it really useful.

From their Q&A:

14. Is NIST concerned that the algorithm is of foreign origin?

No. The complete algorithm specification and design rationale have been available for review by NIST, NSA, and the general public for more than two years. From the beginning of the AES development effort, NIST has indicated that the involvement of the international crypto community has been necessary for the development of a high-quality standard.

# of high and medium vulnerabilities, last 3 months:
Windows2000 = 11
RedHat -- Linux = 4

# of high and medium vulnerabilities, last 6 months:
Windows2000 = 13
RedHat -- Linux =11

# of high and medium vulnerabilities, last year:
Windows2000 = 24
RedHat -- Linux = 11

This guy's really a goofball trying to make the argument against diversity as a tool to gain fault tolerance. NASA makes the argument for diversity in life-critical software systems and NIST studies show it's value in High Assurance Systems. KLabs has found the use of diverse and redundant systems on spacecraft offers high protection against failures due to design deficiencies and that it can offer lower cost where the backup system is used as a lifeboat for the primary system.

I just checked the filesize on this mod: 277 mebibytes. WTF?? I have a fairly fat pipe going to my house, but since when did it become a good idea to create demos and/or mods regularly exceeding 100 megs?

I recently downloaded the demo for Tron 2.0, weighing in at about 200 megs. Now, I might almost think this reasonable if it weren't for a few crucial facts:

• The demo only included three maps,
• There were only three or four enemy models,
• Tron, if you'll recall, is a flat shaded universe. The textures, such as they are, are dead simple, and should compress down to nothing.

Yet, despite this, the download was 200 megs. It should have been no more than half that.

There has to be more efficient ways to handle this stuff.

Schwab

I agree the prefix should be changed since kilo as been established for years to mean 1000, mega 1000000, etc. Apparently there was a standard established in 1998 for a binary kilo called the kibi (kilobinary) covered here. Maybe they should have used something more distinct like the Engelbyte (EB) after computing pioneer Douglas Engelbart (60's inventor of the mouse, windows and more) ;)

Do you mean three international feet or three U.S. survey feet? Note that even the NIST is confused: table 2 and table 4 in this document contradict each other.

It's the operating systems that would need to change their labels to "GiB" not the hard drive manufacturers. As far as IEC standards, the hard drive manufacturers are correct. The prefix "G" stands for 1 billion or 10^9. It's the prefix "Gi" that operating systems need to start using which stands for 2^30. See the second link in the post to learn more about the binary prefixes.

If you're blaming SI for the wonderful new kibi/mebi/gigglybyte thing, don't: they're the fault of the IEC and the USA's very own NIST.

Maybe you can call it 'imperial' system because some people will categorize America as an empire.

While I can see some valid points in that argument, the whole system with inches-feet-yards, quarts-pint-gallons and ounces-pound-stones are know as the imperial system because it was the system used by the british empire, while the metric system is know as the metric system because it was developed by the french...

Considering how anti-british and pro-french the US was in it's infancy, it's surpricing that they didn't adopt the SI (System International) the second it came out - when all is said and done, Thommas Jefferson did propose a decimal based system in 1790, five years before france adopted the first metric system. In 1875, the US was one of the first nations to sign the The Convention of the Metre, which was nine years after the metric system was made legal (but not mandatory) in the US. Even so, 213 years after a US stateman suggested a system close to todays metric system, the US remains the only industrialized country in the world that does not use the metric system, but instead insist on using an outdated system of measurements inherated from their earlier cononial overlords...

No, dummy. He is talking notation, not numbers. We have to change the words we use to describe numbers in computer science, not the numbers themselves.

The "kilo" in kilobytes is an abuse of SI metric notation. "kilo", "mega" and "giga" mean 1000, 1 000 000, and 1 000 000 000 to physicists, engineers, chemists, and the general scientific community. How arrogant or short-sighted were computer scientists to think that they could simply re-define these prefixes to mean 1024, 1024 * 1024, and 1024 * 1024 * 1024?

The real solution is to stop abusing widely accepted terminology and switch to the suggested "kibibytes", "mebibytes" and "gibibytes". Yes, it sounds stupid, but that's only because it's unfamiliar. It's not as stupid as using one set of prefixes for two different purposes. In fact, it's that very usage that led to this stupid conflict between "hard drive manufacturer gigabytes" and "operating system gigabytes".

From a consumer standpoint it makes sense to make 1K = 1000 bytes and so on, but from a computer viewpoint, it's best to leave it as is. All in all, people should research what a kilobyte is (in terms of how many bytes it is) before they become experts in storage capacities for computers.

Geez. Repeat after me: Computer are intended to be used by PEOPLE, not the other way around. Nobody, I repeat, nobody, outside of the CS community uses kilo, mega, or giga to mean anything but 10^3 (10 to the power of 3), 10^6 or 10^9. Why should Joe Sixpack on the street, or even a Physics professor with no CS knowledge, have to "research" what "gigabyte" means in the context of computer science? It should mean 1 000 000 000 bytes, plain and simple. If someone wants to express the number 1024^3, they should make up a new word such as "gibi-" instead of using existing terminology.

Of course, this will NEVER happen, because in any given community, the majority of people would rather stick with widely accepted and entrenched mistakes than bother to change their behaviour or ideas. Just witness the ridiculous C notation for assignment:

a = a + 1

In many other programming languages and mathematics "=" means "equality" NOT assignment; saner languages use ":=" for assignment. Yet, because of C's popularity, we will be stuck with this abuse of notation forever, especially since any new languages (such as Java) will try to cater to C programmers.

If you can't see why this is a mistake, consider this. In a language with "=" for equality and ":=" for assignment, you only have learn one new thing: that ":=" means assignment. In C, you have to learn two things: "=" means assignment, NOT equality and "==" means equality. How stupid is that? Everyone already knows that "=" means equality; why change that? Everyone already knows that "kilo" means 1000; why change that?

Now, thanks to the "grandfathers of CS" or whoever, I have to remember my standard SI prefixes (okay, that's no problem), I need to know that in most CS applications kilo, mega, giga, etc. mean 1024, 1024^2, 1024^3, etc. and I need to remember that in CERTAIN CS applications kilo, mega, giga, etc. have their standard meanings.

Oh sorry, but what was I thinking? It's the hard drive manufacturers who are stupid.... (sarcasm). Did you ever think that one of the reasons they use the standard definition of "giga-" to calculate drive sizes is that most NORMAL PEOPLE (i.e. the majority of computer users) don't know that giga means 1024^3? More to the point, how many ordinary people care to calculate (or memorize) the exact value of a gigabyte? (Of course, I'm sure another reason is that they get to "inflate" their hard drive sizes).

To summarize my overly long post, one of the main reasons computer consumers are constantly being ripped off, misled and confused is that CS geeks like us keep forgetting or never cared that computers are nothing more than tools for people. Maybe you need to take a Human-Computer Interaction course or something, if you can't understand that.

The real units joke is starting to get old...

...the WWV radio clock? :-)

I used Google to try to learn what "mandatory access control" means, and unless I'm reading this result wrong, it seems to have something to do with digital restrictions management.

But what does electrical conductance have to do with boot times? 100 mS is 100 milliSiemens. Milliseconds is abbreviated ms.

I liked this link on his site.
Toward a metric America. That is funny for so many reasons.

Additionally, you obviously know nothing about cryptography, otherwise you'd not make such a stupid assumption about Rijndael, an OPEN algorithm developed outside the United States. It's been out for years and many people have failed miserably when trying to cryptanalyze it.

Anybody who actually read and understood the AES proposal would know, that it is highly unlikely there could be any backdoor. Every design decision had a reason. Wherever multiple choices where available and no technical reason made one better than another, the final decission would be the one giving the least possibility for hiding any kind of backdoor. And BTW it was developed in Belgium.

WILDCAT IS ON TEH SPOKE

Fortran is used in science and engineering because of the vast # of free numeric libraries available. These libraries are often of very high quality written for meteorology, fluid dynamics, etc. See: GAMS.
The number of available libraries makes it easier to solve problems without having to repeatedly "reinvent the wheel". Object oriented F90/F95 is a very good language for scientific problems.

Well if you look at the original description of the project it used data from TIGER and
FIPS , which are US centric, so if that's the way it's still being done, I guess they'd need that data for the rest of the world.

Time to get you Americans onto to the international system of units (SI-system)?
Stop arguing about kilometres all the time and get rid of "feet", "inches", "miles" and "pounds", "fahrenheit" etc. Or learn the transformation calculations. The US always has to be non-standard about everything (Haven't forgot Great Britain).
Don't you use SI-units when dealing with physics? Then it shouldn't be to difficult.

Right, the "for good reason" part. (sigh)

1
1,024
1,048,576
1,073,741,824
1,099,511,62 7,776

There's a progressive distance from the number you think in your head when you hear "giga" and from the number that comes up for Gibi. By tera, the error is just shy of 10%.

Right: I should also mention that the US Government has already settled the issue, more than a decade ago: a gigabyte is 1,000,000,000 bytes; the number 1,073,741,824 is a gibibyte; there's kibi, mebi, gibi, etc. Mathworld, everything2, and Wikipedia all have good explanations. The IEEE, ASTM, ANSI, IEC, and NIST all have officially ratified the words (IEC 60027-2, www NIST, etc)

So, I wonder, is there a formal proceeding for being laughed out of court?

>No! They are not even close to being in the same galaxy as "more >correct". Within the context of the computer world,
>1K = 1024 or 2^10
>1M = 1048576 or 2^20
>1G = 1073741824 or 2^30
>1T = 1099511627776 or 2^40

Where have you been?

1KB = 1000 bytes
1MB = 1000000 bytes
1GB = 1000000000 bytes
1TB = 1000000000000 bytes

1KiB = 1024 bytes
1MiB = 1048576 bytes
1GiB = 1073741824 bytes
1TiB = 1099511627776 bytes

This "new" standard is from December 1998 (when it was adopted by the IEC).

Check here or here for reference.

Google for "SI binary prefix" for many more references if you care to.

Unit Prefix Abbreviation
2^10 kibi Ki
2^20 mebi Mi
2^30 gibi Gi
2^40 tebi Ti
2^50 pebi Pi
2^60 exbi Ei

Examples and comparisons with SI prefixes

1 Kibit = 2^10 bit = 1024 bit
1 kbit = 10^3 bit = 1000 bit
1 MiB = 2^20 B = 1 048 576 B
1 MB = 10^6 B = 1 000 000 B
1 GiB = 2^30 B = 1 073 741 824 B
1 GB = 10^9 B = 1 000 000 000 B

This units issue has been covered before. There's even an actual standard.

Be very good at searching large key spaces, ie brute forcing encrypted material by testing every possible key.

If they're cheap and you can get the density up high enough maybe AES won't last as long as we thought.