Slashdot Mirror

I have no idea what a Blue Devil is, but if paper is anything like charcoal briquettes, you shouldn't ignite it after pouring on LOX. According to people who have experience clowning around with LOX one briquette is "approx equiv to 1 stick of dynamite".

I'm not even going mention your apostrophe, as that would be too easy.

Actually, I believe the apostrophe is ok here because it is pluralizing an abbreviation. For example, you can have one CD or several CD's.

Here's some interesting apostrophe info

IBM has a suite of programs called ViaVoice that allow you to do text to speech or vice versa. It has a full API and is fully programmable. You can emulate an adult male or female voice, and you can also do children's voices. It works remarkably well. Unfortunately, it's not on the IBM site anymore, but you can still get it here . I'm not sure how long it'll stay there, so I'd get it now... It allows you to set the spacing or cadence of the speech, but it has no facility to merge with a base beat. I suppose you could do that by saving a .wav and bringing it into your audio editor. For general TTS, you may just want to check out festival. I've never tried it, but I've heard good things.

• monocropping (easy spread of pests and diseases)
• soil degradation
• destroying of unique biotopes

David was the kind of guy that, if he got a different answer on a homework problem than I did, then I knew I was wrong!

His homepage, with lots of pretty pictures, is here.

They have made the renderer available, here (win 2000 only). I don't think I have the interest to see further than just trying whether it works for me, but if someone does, please let us know if you find anything worth commenting :)

While I for one am delighted to see that the usual low expectations of tax-dollar-funded research have in this case been confounded, I can't help but wonder how much genuine innovation has been stifled by the need for researchers to jump through the ususal hoops for their precious grant money, to say nothing of the frustration these researchers must feel as their hard work skips merrily off into the public domain.

All water under the bridge, I supppose. I wait with delighted anticipation for some hot for-profit startups to get ahold of this software and, with the invisible hand of the market as their guide, take this technology (and hopefully my mutual funds! ^_^) to astounding new heights.

Hey they got a Stippled image of Ebert's head!

This Stippling is exciting and refreshing! While like most modern Hollywood fare it suffers from thousands of tiny plot holes, the main concept remains evident throughout. The best stippling of the Summer! Take the kids!

I give it two thumbs up!

^nA

The actual papers are presented here.

CERIAS' Gene Spafford says overpowered, complex, general purpose machines that can do way more than people need are a big part of the problem.

A lot of the attacks that we're seeing now are coming from systems that have been subverted, sometimes by automated agents -- worms, break-in toolkits, massive denial of service tools -- that are taking over home computers [and] small business computers, and are using those as platforms to launch attacks. That's a big threat because those systems are not run by people who really understand anything at all about security...

Read the rest of this interview in which he discusses how increased, unnecesssary complexity combined with a lack of users' understanding of security vulnerabilities and issues, and manufacturers' lack of interest in building in security can make systems more vulnerable to attacks.

Completely untrue. I used to use it but stopped because it wasn't so great. I now use Acquisition for Gnutella, and though it's not perfect, Neo as a Kazaa shadow client. Both work quite well IMO.

No, it's secure because no one has ever found a flaw in tinydns. He has a *cash* reward for anyone who can prove that it is flawed. No one has taken then money, in several years of it being offered.

It's hard to believe that people are still trusting in software security, because no one has won some cracking contest yet. Gene Spafford, Sameer Parekh, Jon Wiederspan, Jeff Weinstein, Bruce Schneier... -- they have been writing about it for decades.

Please let me quote part of The Fallacy of Cracking Contests from the December 1998 issue of Crypto-Gram by Bruce Schneier:

You see them all the time: Company X offers $1,000,000 to anyone who can break through their firewall/crack their algorithm/make a fraudulent transaction using their protocol/do whatever. These are cracking contests, and they're supposed to show how strong and secure the target of the contests are. The logic goes something like this: We offered a prize to break the target, and no one did. This means that the target is secure.

It doesn't.

Contests are a terrible way to demonstrate security. A product/system/protocol/algorithm that has survived a contest unbroken is not obviously more trustworthy than one that has not been the subject of a contest. The best products/systems/protocols/algorithms available today have not been the subjects of any contests, and probably never will be. Contests generally don't produce useful data. (...)

Taken at a conservative $125 an hour for a competent cryptanalyst, a $10K prize pays for two weeks of work, not enough time to even dig through the code. A $100K prize might be worth a look, but reverse-engineering the product is boring and that's still not enough time to do a thorough job. A prize of $1M starts to become interesting, but most companies can't afford to offer that. And the cryptanalyst has no guarantee of getting paid: he may not find anything, he may get beaten to the attack and lose out to someone else, or the company might not even pay. Why should a cryptanalyst donate his time (and good name) to the company's publicity campaign?

Cryptanalysis contests are generally nothing more than a publicity tool. Sponsoring a contest, even a fair one, is no guarantee that people will analyze the target. Surviving a contest is no guarantee that there are no flaws in the target. (...)

Contests, if implemented correctly, can provide useful information and reward particular areas of research. But they are not useful metrics to judge security. I can offer $10K to the first person who successfully breaks into my home and steals a book off my shelf. If no one does so before the contest ends, that doesn't mean my home is secure. Maybe no one with any burgling ability heard about my contest. Maybe they were too busy doing other things. Maybe they weren't able to break into my home, but they figured out how to forge the real-estate title to put the property in their name. Maybe they did break into my home, but took a look around and decided to come back when there was something more valuable than a $10,000 prize at stake. The contest proved nothing.

Bruce Schneier writes mostly about cryptanalysis contests but the situation is basically the same with the software security cracking contests. Let me also quote Hacker Challenges -- Boon or Bane? from the February 1996 issue of Electronic CIPHER. It's almost seven years old, but even today many people still seem to not understand it:

A Few Comments on "Hacker Challenges" by Eugene H. Spafford, COAST Laboratory Director, Purdue University

I note with dismay the increasing number of "hacker challenges" used in marketing security products. I think these are actually harmful to the profession and practice of security, rather than helpful. I believe the harm comes in two ways: (1) the challenges don't serve as any real test of the products, and it denigrates security professionals by suggesting that they should accept them as proof of security; and (2) it helps reinforce the image that there should be some form of reward for hacking through security measures. Neither of these are views we should responsibly seek to promote.

Consider the nature of showing the security of a product. Does a "challenge" meet the goal of testing, which is to increase one's confidence in the correct functioning of the artifact? It really doesn't, for a number of reasons:

• Few such "challenges" are conducted using established testing techniques. They are ad hoc, random tests. Thus, there is no way of determining final coverage. For instance, if 90% of all challenge attacks are of the same variety, what has the "test" really shown? (Consider testing a calculator. If you perform 10,000 tests, but 9000 of them are addition with zero, have you done a thorough job of testing?)
• That no problems are found does not mean that no problems exist. It may mean that the testers didn't expose them. Doing random, black-box testing remotely is not likely to really test much of the product. (Challenge testing is basically a form of black-box testing.)
• That no problems are reported does not mean that no problems exist. The "testers" might not have recognized them. (Look at how often software is released with bugs, even after careful scrutiny -- users don't always recognize anomalies.)
• That no problems are reported does not mean that no problems exist. How do you know that the "testers" will report what they find? How do you know the vendor is getting accurate data? If Jane Random Hacker found a way to penetrate the product in a manner that vendor monitoring didn't expose, it is possible she'd find more profitable uses (later) for that information than informing the vendor about it. Further, because of possible problems with the law, hackers might not want to report success and draw attention to themselves.
• Simply because the vendor does not report a successful penetration does not mean that one did not occur -- the vendor may choose not to report it because it would reflect poorly on its product, or not meet the narrow criteria for a "successful" penetration, or the vendor may not be able to detect it happened. (How can anyone outside prove otherwise?)
• Seldom do the really good experts, on either side of the fence, participate in such exercises. Thus, anything done is usually done by amateurs. (The "honor" of having won the challenge is not sufficient to lure the good ones into the fray. Good consultants command fees of several thousand $$ per day in some cases -- why should they donate their time and names for what amounts to free consulting and advertising?)

So, let me repeat: it is NOT necessarily secure just because no one has ever published a flaw in tinydns (we can't even assume no one has found it). There may be a cash reward for anyone who can prove that it is flawed, but even if no one has proven it yet, it doesn't mean it is not flawed. Remember that it doesn't mean that someone has proven it's secure -- it just means no one has proven it's insecure, which is something totally different. Hopefully, people will understand it some day.

My university is rolling out wireless using vpn to authenticate and secure the connection.

I've heard about some security issues with VPN but nothing like the issues with WEP. Seems like an elegant solution to me. I haven't pushed and prodded it too much but I didn't notice that there is some firewall protection available in the vpn client as well (not mentioned at the link above).

Not a perfect solution but possibly good enough for now.

Make any sense? :)

>What other books would people recommend for someone
>interested in network security

Definitely start out with TCP/IP Illustrated, Volume 1, W. Richard Stevens, ISBN 0-201-63346-9. I can't say enough good things about this book.

Internetworking With TCP/IP Volume 1, Douglas Comer, ISBN 0-13-01830-6 is another very good book, but Stevens' book is better.

That's right. I used the value of the eath's diameter for its radius. Substituting half of the value in my original calculations, I come up with: 11.294 KM/s.

Also, remember that I used an upper bounds; I said that an object would fall "less than 10 meters" in 1 second, since at the end of the second it would be going 9.8 m/s^2, so even if it acccelerated constantly at the greatest speed it will reach, it will only go less than 10 meters.

More precisely, this value is:
distance = initial distance + initial velocity * time + 1/2 g times time squared.

So, d = 1/2 (9.8), or 4.9. I guess if I'd had a better conceptual understanding, I would have realized initially that after 1 second, the total displacement is just half the acceleration, since I have enough calculus to know that the derivative of a quadratic is just twice linear, and at this point we start at 0, so the graph isn't translated at all.

Anyway, if instead of 0.01 for 10 meters, I add 0.0049 KM to the original 12756 KM (now 12756/2), my answer becomes: 7.905 KM/s.

In other words, almost precisely your "8.3 km/sec or thereabouts".

So, I had just two problems.
1. I used the diameter of the Earth for its radius.
2. I did not look up the simple formula to get a more precise value than my upper bounds, and did not have the conceptual framework to quickly realize that calculation isn't necessary.

Actually, I wonder now whether my answer isn't more correct than your 8.3 km/sec...I seem to be using more precise numbers, because you're using 7000 km, whereas 12756/2 is actually 6378 KM. (And the former number comes from NASA).
Actually, now that I think about it, when I put in 14000 for 12756 in my calculations, my answer is 8.282.
In other words: Our methods produce an equally correct result.

I do wonder though why you say something like "not a bad way to do the calculation, without access to calculus." I'm in calculus 1 now, and it might be helpful if you told me what in calculus would have helped me carry out the calculations.

-Robert.

PS. It occurs to me that "7.905 KM/s" is a number I arrived at using NASA's very precise "The diameter of the Earth at the equator is 12,756 kilometers (km)" [good, apparently, to 5 significant digits] and the accepted number 9.8 m/s for g, on average.

Googling "7.905 KM/s" returns two links, the second of which says:
" See if you can show that the orbital velocity at the Earth's surface (i.e. the speed required for a frictionless train moving through an Equatorial tunnel to be in free fall all the way around the Earth) is 7.905km/s."
This page is in the webspace of Jess Brewer, who appears to be a serious researcher at the University of British Columbia.

Googling /sec instead of /s, I get a page at Purdue University reading "Thus for Earth,
vc = 7.9 km/sec (~ 5 miles/second)
(to achieve a circular orbit about the Earth)" and another (cache) by a different professor carrying out the same calculations.
Both professors are physicists.
Searching "7.90 km/s" (ie with one fewer sigfig) returns "v_cir = [ G M_E/ R_E]^{1/2} = 7.90 km s^{-1} " here. This is also an academic site.
Rounding to 7.91 returns no relavant matches, but 7.9 (as many sig. fig.s as we had from g ~ 9.8) returns too many for me to look through. Adding "orbit" I find this page says "Remember: near earth orbital velocity is 7.9 km/s." Sounds authoritative.

So you see, my calculations are quite correct. :)

That's right. I used the value of the eath's diameter for its radius. Substituting half of the value in my original calculations, I come up with: 11.294 KM/s.

Also, remember that I used an upper bounds; I said that an object would fall "less than 10 meters" in 1 second, since at the end of the second it would be going 9.8 m/s^2, so even if it acccelerated constantly at the greatest speed it will reach, it will only go less than 10 meters.

More precisely, this value is:
distance = initial distance + initial velocity * time + 1/2 g times time squared.

So, d = 1/2 (9.8), or 4.9. I guess if I'd had a better conceptual understanding, I would have realized initially that after 1 second, the total displacement is just half the acceleration, since I have enough calculus to know that the derivative of a quadratic is just twice linear, and at this point we start at 0, so the graph isn't translated at all.

Anyway, if instead of 0.01 for 10 meters, I add 0.0049 KM to the original 12756 KM (now 12756/2), my answer becomes: 7.905 KM/s.

In other words, almost precisely your "8.3 km/sec or thereabouts".

So, I had just two problems.
1. I used the diameter of the Earth for its radius.
2. I did not look up the simple formula to get a more precise value than my upper bounds, and did not have the conceptual framework to quickly realize that calculation isn't necessary.

Actually, I wonder now whether my answer isn't more correct than your 8.3 km/sec...I seem to be using more precise numbers, because you're using 7000 km, whereas 12756/2 is actually 6378 KM. (And the former number comes from NASA).
Actually, now that I think about it, when I put in 14000 for 12756 in my calculations, my answer is 8.282.
In other words: Our methods produce an equally correct result.

I do wonder though why you say something like "not a bad way to do the calculation, without access to calculus." I'm in calculus 1 now, and it might be helpful if you told me what in calculus would have helped me carry out the calculations.

-Robert.

PS. It occurs to me that "7.905 KM/s" is a number I arrived at using NASA's very precise "The diameter of the Earth at the equator is 12,756 kilometers (km)" [good, apparently, to 5 significant digits] and the accepted number 9.8 m/s for g, on average.

Googling "7.905 KM/s" returns two links, the second of which says:
" See if you can show that the orbital velocity at the Earth's surface (i.e. the speed required for a frictionless train moving through an Equatorial tunnel to be in free fall all the way around the Earth) is 7.905km/s."
This page is in the webspace of Jess Brewer, who appears to be a serious researcher at the University of British Columbia.

Googling /sec instead of /s, I get a page at Purdue University reading "Thus for Earth,
vc = 7.9 km/sec (~ 5 miles/second)
(to achieve a circular orbit about the Earth)" and another (cache) by a different professor carrying out the same calculations.
Both professors are physicists.
Searching "7.90 km/s" (ie with one fewer sigfig) returns "v_cir = [ G M_E/ R_E]^{1/2} = 7.90 km s^{-1} " here. This is also an academic site.
Rounding to 7.91 returns no relavant matches, but 7.9 (as many sig. fig.s as we had from g ~ 9.8) returns too many for me to look through. Adding "orbit" I find this page says "Remember: near earth orbital velocity is 7.9 km/s." Sounds authoritative.

So you see, my calculations are quite correct. :)

Can you use apostrophes in acronyms when pluralizing them? Some people say yes, some people say no. I say yes! Here's why:

Purdue University has a nice blurb on how to properly use apostrophes. One of the uses is "Forming plurals of letters, numbers, and symbols" to avoid confusion.

This page says you can us an apostrophe when the acronym ends in S to avoid confusion. Their example was if you said "The DHSSs of Europe are getting together next week" it would look strange so you can use "The DHSS's of Europe are getting together next week"

This says use an Apostrophe whenever there is punctuation in the acronym. Many other publications say you can't.

Since acronyms and codes are getting more popular they have to get more complex to be unique. You wouldn't want someone getting confused between multiple Non-Maskable Interrupts and a Navy Manpower Information System. Why not make it NMI's instead of NMIs so it doesn't get confused with a NMIS.

Many people seem to agree that you shouldn't use apostrophes to pluralize acronyms but I don't. I think the "ends in S" rule is good but what about the "could be confused with another acronym which is this one with an s on the end" rule. How do you know there isn't an acronym out there that is that one with an S on the end? How do you know there won't be one tomorrow?

You cant!

The bottom line is that the purpose of language is to communicate effectively. If I can do that using 31337 sp33ch then that's ok. It's like the whole stupid he/she vs they thing. (They has always been acceptable as a singular gender neutral pronoun despite many people's assertions otherwise).

To sum it up:

Language rules are here to help us communicate and any rule that restricts our ability to do so effectively is invalid by definition no matter how much some know-it-all wants to convince you otherwise. It's the way it always has been and the way it always will be.

See the photos here!

AFAIK, there is no such "binary switch" known or currently suspected in bioligical systems. Rather, the switching of genetic activity is dependent upon the right "actors" being available at the right time, at the right place and at the right concentration. You might think that all you need to find is the lead actor, then all the others would step into place in some binary way. But the catch is, the is _no lead actor_, as there are maternally transcribed genes, for example Dorsal Group of D. melanogaster, and many others, that start their activity though mRNAs contained within the ovum. This is the classic "chicken and the egg 'problem'". The maternal RNAs contain the information to get the developmental ball rolling, but only the developed organism is capable of making ova that carry the "matenal RNAs." IOW, the system is not binary in its very base, and things become less binary-like from there.

I made this to show to my students.

The DHTML is old, so it won't work with DOM, EXCEPT for the stars which should be whizzing by, which use normal dhtml. Does that work?

For a java example, try this. It uses signed applets to allow you to save and load a game. When I tried it, it opened another window to contain the applet, and I couldn't get it to save for anything.

I tested these with Konqeror v. 3.0.3 for these negative results. This version also doesn't have tabbed browsing built-in. As for extra media types, plugger is a fairly simple and small install, and it has given me all the media types I use, at least (everything that ghostview, adobe, mplayer, abiword, gnumeric, image magick, and xmms are capable of playing).

If all I want is what konqeror can do, I'll just use links in graphical mode.

Principles? Every other word has a different way to spell a single common sound.

"I before E, except after C ... and excepting words such as seize, either, weird, height ..."

History? A history of words taken from other languages and other words butchered to such a degree that they don't even conform to basic rules that are taught in grade school!

The English language is a mess--don't try to defend it.

As an (un)interesting side note, undelete was done two different ways at Purdue until the mid '90s. The entomb system was written by the Computing Center folks IIRC. Over at the Engineering Computer Network (ECN), we had /zap. Any file you removed with rm was copied to the/zap/login (where login was the user's login) directory before complete removal. Every night a cron job would clean everything out of /zap that was more than 24 hours old. Unfortunately /zap wasn't as advanced as entomb and fat-fingered cp and mv mistakes were not recoverable. The folks at ECN (ghg, davy, jrs, et al) had only modified rm but they did not create a comprehensive library to link against. I believe ECN switched from /zap to entomb when they moved from SunOS to Solaris. One thing I can't recall was whether entomb could help you recover from using > instead of >>... (That was one I dealt with a lot as a site consultant...) Does anyone remember?

--zawada

Purdue had an unrm package when I was a sysadmin there in 1995, and it was old then. It worked by having a new unlink() that could then be merged in with libc (if you were brave) or linked to separately so you could have /usr/local/bin/rm instead (if you weren't), along with tools that understood how to read the filesystem tomb and restore files from it, and a daemon (preend) that cleaned the tombs of old files. Unfortunately, it has never been extremely portable, since it involves rewriting unlink(). It had pretty much everything you could want in an entombing package; but I don't know if anyone has picked up the ball with it. Last I heard they were having trouble porting it to the newer versions of FreeBSD; check out this note from Purdue ECN.

My main machine is a 1GHz Athlon, with 512MB of PC133 cas2 RAM. My other machine is a 233Mhz PII, with 144MB of PC66 cas3 RAM. For email and web surfing, they are about equal. I really don't care about the difference, when I notice it.

For doing big simulations, or for big symbolic math problems, the slower machine is too slow. That's mainly because the smaller RAM get it started swapping too soon. On symbolic math, the faster machine is about three times quicker than the slower, for problems which don't get into swap on either machine. I suspect that has as much to do with the speed of the RAM as it does with the CPU speed.

>>If you're buying a system in the near future, drop 500-1000 Mhz in CPU speed and buy faster disks or more memory with the money you saved.

This is almost good advice. Buy the slowest CPU which will run the fastest front side bus available, and use the money you save by not getting the highest clockspeed CPU to buy the fastest RAM available. Buy enough of it that you will never have to swap. For most folks purposes, the difference between 1GHz and 2GHz is no more significant than the difference between cas2 and cas3. The 233MHz machine will look FAST if the 2.3GHz machine has too little RAM and is swapping.

>... "CPUs are faster than we'll ever need" nonsense is as tired of an argument as it was a decade ago when contrarians were assuring us that a 386 was more power than any reasonable man would ever need.

I also have a 486 which I use for email and web surfing. It is too slow, but again, the problem is largely too little RAM: it only has 12MB. Once the broweser (Dillo) is loaded, it can render a web page fast enough. Of course, Pine is lightning-fast on it. Here is some advice I have found useful about building a fast computer.

revrdist is a free (public domain) program with the same basic function. Its setup is a bit more involved and it doesn't have all of Assimilator's features, but it's a well-tested program that definitely works. Use it if you can handle the extra administration and prefer a free solution. The reverdist home page also has links to other Mac administration programs.

Boy am I glad that the netadmins at Purdue University have publicly told us that they're "not in the business of watching packets... what you do is your business."

the pills people take today aren't really insulin... they just help your body use the insulin that you do produce, or coax more out of you. they only work for people who have relatively functional pancreases.

real oral insulin instead of insulin injections/pump would be a major breakthrough, and there is much work in the field. There seems to be some very promising work on this at Purdue, which may be related to the current Nobex clinical trials. Israeli researchers have a line on it, too. Shots may well soon be a thing of the past!

Here is the answer! Nothing!

This was actually directed to the parent article, not necessarily to you in vain -- it was the first post that remotely related to what I was going to say, so I replied. As for the presentation, it didn't just casually mention "van der Waals forces" --- it had two slides that were specifically talking about the gecko... in fact, it had the exact same picture that is on CNN (the Gecko hanging upside down).

Oh wait, here it is. Last page, slides 17 and 18, check it out (in MSWord format w/ embedded pictures). This was written 8 months ago.

Like I said, this doesn't seem to be much of a "revolutionary discovery" any more, does it? :-)

Sorry. Here's the link again.
http://www.cs.purdue.edu/homes/apm/listen.html

Spaff is pretty well known in the Internet, but I am affraid I can't think of a major contribution to computer security from him since tripwire.

Start coals and pour liquid oxygen on them: ready in 3 seconds

Well these Seminars are free, and sponsered by the CERIAS (Center for Information Assurance and Security) here at Purdue. Many are webcast to.. so even cheeper then flying out to a conference.

Memories from Xinu days make me think that such a name for another OS would upset Dr.Comer.

Or they can steal a little bit of Apple history and go with: Mac OS XIa aIX.

In this case it's IBM who'd get upset. Were you thinking of another Apple OS?

This ranks right up there with using liquid oxygen as charcoal lighter. The mpeg is quite impressive, though.

This ranks right up there with using liquid oxygen as charcoal lighter. The mpeg is quite impressive, though.

When I built mine, I figure that I about made wages, IF I compared the cost of the box I built to the cost of a similar machine, ready-made. The key word here is similar! Dell doesn't make non-intel machines, and I wanted athlon, both for the floatingpoint and for general bang-for-the-buck. I wanted to spend lots on ram, and little on cpu. Hard to get what you want with Dell; they sell you what THEY want. I put in ram that runs reliably with two waitstates, and the motherboard lets me run it that way. Can't get that from Dell.

Finding similar computers isn't easy, but look here, and here. HP's stuff is close, but uses pentium 4, which I don't like. The similar products don't start at $499, or even $899. I figured that a year ago, when I spent $800 building mine, it would have cost about $1100 to buy something comparable from one of the suppliers of linux workstations (with no monitor). That's roughly $300 savings. That came partly because I was able to get exactly what I wanted, partly because I took advantage of specials and partly because I already had a really nice monitor, keyboard, mouse, et cetera. That $300 or so paid for about 15 hours of shopping, ordering, assembling and installing. I'd bill my time considerably higher than that, but this was fun, so it was ok.

The reason for building your own isn't saving money, though you might be able to. The reason is to make sure that you have a good quality machine that will last, and be good value for money. If you compare the cost of a machine you built yourself from high quality parts to the cost of a similar quality machine from Sun, I think that you'll find you've saved some money. Here are some further thoughts on that.

If you only care about price, might as well go to Walmart and get one of those Lindows machines.

Is/are X consistent with our experimental knowledge of nature?

Where "X" is any hypothesis you wish to check. It can be the "hydrino hypothesis", or it can be the Schrodinger equation.

Now, it is a very simple and straightforwards matter to set up an experimental apparatus to observe the emission lines from hydrogen. Many of us have done it in college or even high schools labs. Each transition is seen in the spectrum.

The result? Completely consistent with the Schrodinger equation (or even the previous simpler Bohr model). If there were an energy state lower than the n = 1 quantum state, it would produce a very visible emission line, which is not seen. This is a very glaring inconstency which is not apparently addressed by this speculative work. Where is all of that supposed "UV" radiation going? Why don't we see it? I believe one can only conclude the fellow is a crank . And before someone trots his degrees out for us again, I must note that academic pedigree does not render one immune to academic senility).

While I think we do need some portion of research devoted to cutting-edge ideas, I think a minimum requirement for any serious effort is some nominal level of consistency with well-established work. Extraordinary claims require extraordinary evidence, and it seems apparent that hydrinos do not supply such evidence. In my own opinion, NASA would be far better off devoting their research efforts towards cutting-edge propulsion technologies with a much greater likelihood of success (ie, ion drives, MHD drives, solar sails...)

Bob

It's a common misconception that Einstein's theories prohibit FTL travel - they do not.

Technically, no they don't. Practically, they might, because the transformation of time/space coordinates screws up causality. For example, we send a spaceship from Earth to Neptune faster than light. It leaves Earth at 1:00pm and arrives at Neptune at 1:06pm (Central Daylight Time, before you complain about time zones - we're launching from my backyard). In the frame of reference of an alien spacecraft moving past Earth at a high sublight speed, 1:06pm at Neptune occurs earlier than 1:00pm at Earth. This is because of the transformation of space-time coordinates. If the aliens have to wait for light from Neptune to get to them to see it, we're OK, but if they have some kind of subspace sensors that can see the event as it happens (in their reference frame), they can prevent the launch after they've seen the arrival at Neptune. Oops.

A good space-time diagram is worth a thousand words, so look here for more. The example he uses is different, but the idea is the same.

His site also has an explanation of how FTL might work without these paradoxes. It hypothesizes a special reference frame (subspace, of course) for objects traveling faster than light. This reference frame would match that of nearby massive objects (planets, stars, etc). In this model, the information that our ship had arrived at Neptune could not go backward in time relative to our solar system, so the aliens could not know the ship arrived at Neptune in time to stop it.

Incidentally, this means that a ship moving at sublight speed through a solar system would be able to use its subspace sensors to see things that have just happened in our reference frame, but are actually in the future in theirs. But, they can't do anything with the information to prevent the event before it happens.

Unfortunately, we have no way to verify any of this sort of speculation, and probably won't for the foreseeable future. It's clear that if relativity as we understand it is correct, then FTL travel can violate causality. Whether this means it's impossible, no one knows.

It's a common misconception that Einstein's theories prohibit FTL travel - they do not.

Technically, no they don't. Practically, they might, because the transformation of time/space coordinates screws up causality. For example, we send a spaceship from Earth to Neptune faster than light. It leaves Earth at 1:00pm and arrives at Neptune at 1:06pm (Central Daylight Time, before you complain about time zones - we're launching from my backyard). In the frame of reference of an alien spacecraft moving past Earth at a high sublight speed, 1:06pm at Neptune occurs earlier than 1:00pm at Earth. This is because of the transformation of space-time coordinates. If the aliens have to wait for light from Neptune to get to them to see it, we're OK, but if they have some kind of subspace sensors that can see the event as it happens (in their reference frame), they can prevent the launch after they've seen the arrival at Neptune. Oops.

A good space-time diagram is worth a thousand words, so look here for more. The example he uses is different, but the idea is the same.

His site also has an explanation of how FTL might work without these paradoxes. It hypothesizes a special reference frame (subspace, of course) for objects traveling faster than light. This reference frame would match that of nearby massive objects (planets, stars, etc). In this model, the information that our ship had arrived at Neptune could not go backward in time relative to our solar system, so the aliens could not know the ship arrived at Neptune in time to stop it.

Incidentally, this means that a ship moving at sublight speed through a solar system would be able to use its subspace sensors to see things that have just happened in our reference frame, but are actually in the future in theirs. But, they can't do anything with the information to prevent the event before it happens.

Unfortunately, we have no way to verify any of this sort of speculation, and probably won't for the foreseeable future. It's clear that if relativity as we understand it is correct, then FTL travel can violate causality. Whether this means it's impossible, no one knows.

I wonder if he took into account the difference between remotely exploitable and locally explotable vulnerability?

I also wonder if he took into consideration the Window of Exposure between the discovery of the vulnerability and the release of the patch?

See Closing the Window of Exposure by Bruce Schneier , the security section of David Wheeler's "Why Open Source Software / Free Software (OSS/FS)? Look at the Numbers! and also again visit the disproportionately high number of open vulnerabilities in its Internet Explorer.

As stated here I think Sun should consider adding something along these lines:

An additional benefit of the agreement allows each Purdue faculty and staff member and each Purdue student to install and use the selected Microsoft products on one computer that he or she owns, for University-related work.

For additional effect. Ah, well, it's a step in the right direction. I should also add, that SO has been on all of our lab computers for several years. Now we just need to get rid of / replace the rest of that junk :)

My first semester freshman engineering class was all about Matlab, so buying a copy of that (or whatever software package they teach in her studies) would be useful. Of cousre, that's only a good idea if they aren't allowed to buy software at a discounted price. If she's in an apartment, you can always use more dishes/cookware. Food is also good. Or Tae-bo tapes, or running shoes, something along that line. Many students don't get any exercise, so get something to push her away from the frosh 15 (I lost 3 pounds freshman year :-P). I've found that a bike to ride to class is very useful (I go to a large university, mind you). A $100 wal-mart bike would do for that (get a lock, too). Ok, all I can think of.

My first semester freshman engineering class was all about Matlab, so buying a copy of that (or whatever software package they teach in her studies) would be useful. Of cousre, that's only a good idea if they aren't allowed to buy software at a discounted price. If she's in an apartment, you can always use more dishes/cookware. Food is also good. Or Tae-bo tapes, or running shoes, something along that line. Many students don't get any exercise, so get something to push her away from the frosh 15 (I lost 3 pounds freshman year :-P). I've found that a bike to ride to class is very useful (I go to a large university, mind you). A $100 wal-mart bike would do for that (get a lock, too). Ok, all I can think of.

At my school, we used lego mindstorms for class projects. This was for honors freshman engineering classes. In the first semester class (a general engineering education class), we had to make them go through a maze, using the lego programming language. In the second semester class, a C/FORTRAN programming class, we had to make them go to assigned spots in specified amounts of times, programming them in C. Certainly wasn't easy. Biggest problem was that the lego parts weren't dependable to perform the same every time.

I am an assistant network engineer at a large midwestern university. Currently, like you we're in the process of figuring out how to deploy wireless access points. Our campus's Engineering Computer Network let us borrow a mobile testing appratus that has a WAP and an Antenna on it (looks like a camera tripod). We take it to different parts of our residence halls and, with a laptop, we take SNR readings from different parts of the surrounding rooms and record our measurements on the building blueprints. We figure we need about 6 WAP's to sufficiently cover the lounge areas of the older dormitories (with their steel and concrete infrastructure), but for your sake 2 WAP's should sufficiently cover a medium-sized apartment building and more. We also plan to cover several large outdoor areas, a library, and our Union right off the bat. The equipment we are using is Enterasys Roamabouts ($1000 a pop), [link] and they are highly configurable and have a ton of management features. We figure each WAP will get connected to a switch port on the Cisco Catalysts in our buildings. So far, we haven't done much in terms of the deployment because it is a long process, where the Physical Facilities department has to do the actual installation of the equipment, data jacks, etc. I assume in your case you can better coordinate this without all the red tape. We figure that by the time these are all installed and our userbase is well-informed of the network, we will have a great system that will scale to thousands of students and staff in the future.
http://www.purdue.edu/ITaP/projects/wireless.shtml

There are pleny of other open p2p products.

Freenet scaleable, not vaporware, very much beta.

Alpine.
based on trust
Gnunet. Sounds very open. based on electonic money. also seach for gnet.

chord Very efficient to find files.

distrinet At this stage: vaporware.(there is code....) But if you look at the description it beats any p2p software!

But in the end the network with the most data (gnutella/kazaa) will be used. Note that users will switch networks very quickly. Look what happened to napster.

1) It's a fact of life that no matter how good you are at what you do, some folks will require you to have that piece of paper. Having a degree will almost certainly provide you more opportunities than not having a degree. Today it may seem you have "enough" opportunities at your feet, but you never know what the future holds.

2) CompSci and EE are not your only options if System Administration is what seems to interest you. Consider a good "Computer Technology" program that not only teaches how to write shell scripts, configure, servers, etc., but also emphasizes a systematic approach to the "big picture." i.e. One that covers things like meeting business requirements and building integrated systems. The world needs EEs and CompSci folks to design specific hardware and software solutions, but it also needs people who can take diverse systems and make them work together. My alma mater Purdue has a fine Computer Technology program and I'm sure there are many others.

3) College is about more than learning a specific skill set. It's also about learning more about life and interacting with others. It's about meeting people with diverse backgrounds. Some people don't need or are not suited to college, but for others it provides a good transition from living with parents (and siblings) to the real world.

4) Some of the most technically knowledgeable and adept people I know come from military backgrounds. Not having been in the military myself, I can't speak about all the pluses and minuses, but it appears that the military does provide lots of opportunity for folks. Certainly the fact one may end up in a military conflict is a big minus, but at the same time they seem pretty good at taking care of themselves. Might be an option worth looking into...

5) Some of the best stepping stones into a career are the student employment opportunities that exist at larger universities. In many cases they provide valuable experience in leading-edge research or technology environments. The student consulting and programming jobs I had in college were the number one reason I was hired into my first full time job out of college. I haven't slowed down since then...

6) If you go to college, don't just focus on computers. Take a history class, learn a little about music... When you get older you'll appreciate having at least been exposed to subjects outside your prime area of focus.

-z