Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
When Does Powering Down Servers Make Sense?
snydeq writes "Powering down servers to conserve energy is a controversial practice that, if undertaken wisely, could greatly benefit IT in its quest to rein in energy costs in the datacenter. Though power cycling's long-term effects on server hardware may be mythical, its effects on IT and business operations are certainly real and often detrimental. Yet, development, staging, batch processing, failover — several server environments seem like prime candidates for routine power cycling to reduce datacenter energy consumption. Under what conditions and in what environments does powering down servers seem to make the most economic and operational sense, and what tips do folks have to offer to those considering making use of the practice?" -
When Does Powering Down Servers Make Sense?
snydeq writes "Powering down servers to conserve energy is a controversial practice that, if undertaken wisely, could greatly benefit IT in its quest to rein in energy costs in the datacenter. Though power cycling's long-term effects on server hardware may be mythical, its effects on IT and business operations are certainly real and often detrimental. Yet, development, staging, batch processing, failover — several server environments seem like prime candidates for routine power cycling to reduce datacenter energy consumption. Under what conditions and in what environments does powering down servers seem to make the most economic and operational sense, and what tips do folks have to offer to those considering making use of the practice?" -
Duplicating Your Housekeys, From a Distance
Roland Piquepaille writes "Some clever computer scientists at UC San Diego (UCSD) have developed a software that can perform key duplication with just a picture of the key — taken from up to 200 feet. One of the researchers said 'we built our key duplication software system to show people that their keys are not inherently secret.' He added that on sites like Flickr, you can find many photos of people's keys that can be used to easily make duplicates. Apparently, some people are blurring 'numbers on their credit cards and driver's licenses before putting those photos on-line,' but not their keys. This software project is quite interesting, but don't be too afraid. I don't think that many of you put a photo of their keys online — with their addresses." I wonder when I'll be able to order more ordinary duplicate keys by emailing in a couple of photos. -
Discuss the US Presidential Election & the War
With under a week to go, we're opening up discussions on the US Presidential Election. Yesterday we discussed the economy. Today we take on one of the other major election topics: The War. From the actual wars in Afghanistan and Iraq, to foreign policy issues related to potential threats like North Korea, Russia, and Iran, how do the candidates stack up? -
Google Adopts, Forks OpenID 1.0
An anonymous reader writes "Right on the heels of Microsoft's adoption of the OpenID protocol by announcing their intention to enable OpenID authentication against all Live IDs, Google has announced their intention to join the growing list of OpenID authentication providers. Except it turns out they're using their own version of OpenID that is incompatible with everyone else. It seems that Google will be using their own 'improved' version of OpenID (based upon research and user feedback of the OpenID system) which isn't backwards compatible with OpenID 1.0/2.0, in hopes of improving end-user experience at the cost of protocol compatibility and complexity." -
The IDA Pro Book
An anonymous reader writes "After attending DEFCON in August and seeing the overwhelming interest in this book, I was eager to dive into The IDA Pro Book by Chris Eagle. Chris Eagle's team, School of Root, won the 'Capture the Flag' event at DEFCON this year and Chris gave a presentation on CollabREate, a tool that integrates with IDA Pro to allow collaboration in reverse engineering (RE). All of that — together with the fact that the book sold out — screamed that this book should quickly make it to the top of my list." This review originally appeared on The Ethical Hacker Network. The IDA Pro Book author Chris Eagle pages 640 publisher No Starch Press rating 9/10 reviewer Ryan Linn ISBN 1593271786 summary An information-packed guide to IDA Once I had the book in-hand, the cover alone offered some insight into what was to come. The quote on the front of the book is an endorsement from the creator of IDA Pro. The image on the front is a throwback to the Operation game by Milton Bradley, which reminds me of how I felt when I got started doing reverse engineering. I am not a professional Reverse Engineer or Malware Analyst; however, my coding background and my current position as a security professional at SAS affords the opportunity to dabble. This puts me in the perfect middle ground of being able to understand the material as well as assess its ability to teach.
The IDA Pro Book is broken up into a number of different "Parts" each having several chapters and its own goal. Even if the content appears to be beyond your level of knowledge in a certain area, I highly recommend that you keep reading. It may also be handy to point out the fact that the book is 640 pages. So this lends itself to being more of a reference guide than a book read straight through from cover to cover.
I should also mention at this point that the book is about the 5.X tree of IDA Pro, and not the freeware version. There is a demo that you can download off of the IDA Pro Website if you aren't able to purchase the full version right away. In addition, there is a reference at the back discussing how the freeware version differs from the commercial version, so as long as you are ok with those restrictions while you are learning, this book still should be very handy.
One of the most important sections of Chris' book is found in "Introduction to IDA." The author discusses disassembly and the challenges that go with it, the tools involved with reverse engineering and disassembly, and a general breakdown of how these tools approach the binaries that they are analyzing. He also references other tools that are handy alongside IDA Pro, and outlines how they fit into the reverse engineering process. Finally information about IDA Pro licensing and installation is discussed, and the base information that you will need for the rest of your IDA Pro adventure is laid out.
Once the basics of RE have been covered, the author addresses the fundamentals of using IDA Pro. Unlike some other books, this book does a great job of letting you know where you should be looking when it lays out a block of assembly code. The references are well laid out as well. "Part II: Basic IDA Usage" progresses logically and eases you into the interface. It does a great job helping you figure out what all the new windows are doing, and how to get to the information that IDA Pro is providing. The content moves from basic skills such as finding the disassembly into manipulating the disassembly to be more meaningful then to optimizing the disassembly process. It shows you how to navigate the code, and how to incorporate other knowledge that you have about the binary you are disassembling, such as what headers or what libraries might have been used in order to obtain the most useful disassembly possible and facilitate the disassembly of the binary.
"Part III: Advanced IDA Usage" gets deeper into using IDA Pro, including utilizing the Fast Library Identification and Recognition Technology (FLIRT) signatures and custom files in order to suck the most information possible out of a binary before analysis. You also get a glimpse into how to modify the pieces of the application which can be modified only through config files. It concludes by explaining the patch capabilities of IDA Pro and discussing what the limitations and expectations should be. This Part provides insight into creating your own signatures for custom libraries that might not be available in IDA Pro, so, as you start working on real life applications, you can tailor IDA Pro to be able to recognize libraries that you frequently encounter.
After the basics of using the application have been covered, the author explains how to extend the capabilities of IDA Pro in Parts III and IV. He discusses in depth the scripting engine and how to build plug-ins and modules. Throughout this Part numerous examples are given of how the scripting and plug-ins fit into the application. Short detailed examples are used to illustrate how to accomplish some tasks that would be useful for a reverse engineer including listing out function information. The beginning of the chapter was great. As a beginning Reverse Engineer, I was able to clearly see how this information would apply. For the stuff that was beyond my current knowledge level, it was easy to see that as my knowledge progresses in the future, I would be back to re-visit this information.
Throughout the entire fifth Part are goodies focusing on the real-world applications of IDA Pro. It goes into the different types of binaries that you might encounter while doing reverse engineering. This chapter also goes into two large areas where IDA Pro is used such as obfuscated code analysis and vulnerability analysis. After reading this Part, you should have some handy scripts and a series of applications and plug-ins to aid in your RE adventures. The author discusses a number of those plug-ins in-depth including adding in bindings for Python and Ruby. At the end of this chapter, I hadn't learned an incredible amount more about IDA Pro; however I definitely knew more about how to approach the problems I might encounter and how to extend IDA Pro's capabilities in order to tackle real world tasks.
The final Part of the book is on the IDA Debugger. The debugging features of IDA Pro were an afterthought and aren't the primary focus of IDA Pro. Chris Eagle goes into what to expect from the debugger, how it's used, and then finally how to integrate the information obtained from the debugger into the overall RE process. He concludes with a discussion of how to automate debugging tasks with scripts and plug-ins and discusses some of the real-world problems that people might encounter, such as dealing with UPX packing that has been modified. This chapter also goes into remote debugging, where you can be running a binary on one machine and having it come back to a GUI on another. Knowing this information is especially useful if you are doing analysis across multiple platforms. The Windows GUI is the only non-console GUI in the IDA Pro supported platforms.
Chris Eagle's The IDA Pro Book provides a significantly better understanding not of just IDA Pro itself, but of the entire RE process. There are little gems littered throughout the book that bring in real-life experience and knowledge that you don't always get from other books instructing you in the use of an application. Although it is impossible to absorb everything in this book due to its size, it helped greatly in overcoming some of the initial hurdles of understanding a highly technical topic. As I continue down my reverse engineering path, I'm confident that I will use this book repeatedly as a reference.
If you are interested in getting deep into the assembly and figuring out what applications are doing when you don't have the source, then I would highly recommend this book to get you started with IDA Pro; it won't turn you into a reverse engineering expert, but it certainly will provide you with a major tool that will help you along the way.
You can purchase The IDA Pro Book from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
The IDA Pro Book
An anonymous reader writes "After attending DEFCON in August and seeing the overwhelming interest in this book, I was eager to dive into The IDA Pro Book by Chris Eagle. Chris Eagle's team, School of Root, won the 'Capture the Flag' event at DEFCON this year and Chris gave a presentation on CollabREate, a tool that integrates with IDA Pro to allow collaboration in reverse engineering (RE). All of that — together with the fact that the book sold out — screamed that this book should quickly make it to the top of my list." This review originally appeared on The Ethical Hacker Network. The IDA Pro Book author Chris Eagle pages 640 publisher No Starch Press rating 9/10 reviewer Ryan Linn ISBN 1593271786 summary An information-packed guide to IDA Once I had the book in-hand, the cover alone offered some insight into what was to come. The quote on the front of the book is an endorsement from the creator of IDA Pro. The image on the front is a throwback to the Operation game by Milton Bradley, which reminds me of how I felt when I got started doing reverse engineering. I am not a professional Reverse Engineer or Malware Analyst; however, my coding background and my current position as a security professional at SAS affords the opportunity to dabble. This puts me in the perfect middle ground of being able to understand the material as well as assess its ability to teach.
The IDA Pro Book is broken up into a number of different "Parts" each having several chapters and its own goal. Even if the content appears to be beyond your level of knowledge in a certain area, I highly recommend that you keep reading. It may also be handy to point out the fact that the book is 640 pages. So this lends itself to being more of a reference guide than a book read straight through from cover to cover.
I should also mention at this point that the book is about the 5.X tree of IDA Pro, and not the freeware version. There is a demo that you can download off of the IDA Pro Website if you aren't able to purchase the full version right away. In addition, there is a reference at the back discussing how the freeware version differs from the commercial version, so as long as you are ok with those restrictions while you are learning, this book still should be very handy.
One of the most important sections of Chris' book is found in "Introduction to IDA." The author discusses disassembly and the challenges that go with it, the tools involved with reverse engineering and disassembly, and a general breakdown of how these tools approach the binaries that they are analyzing. He also references other tools that are handy alongside IDA Pro, and outlines how they fit into the reverse engineering process. Finally information about IDA Pro licensing and installation is discussed, and the base information that you will need for the rest of your IDA Pro adventure is laid out.
Once the basics of RE have been covered, the author addresses the fundamentals of using IDA Pro. Unlike some other books, this book does a great job of letting you know where you should be looking when it lays out a block of assembly code. The references are well laid out as well. "Part II: Basic IDA Usage" progresses logically and eases you into the interface. It does a great job helping you figure out what all the new windows are doing, and how to get to the information that IDA Pro is providing. The content moves from basic skills such as finding the disassembly into manipulating the disassembly to be more meaningful then to optimizing the disassembly process. It shows you how to navigate the code, and how to incorporate other knowledge that you have about the binary you are disassembling, such as what headers or what libraries might have been used in order to obtain the most useful disassembly possible and facilitate the disassembly of the binary.
"Part III: Advanced IDA Usage" gets deeper into using IDA Pro, including utilizing the Fast Library Identification and Recognition Technology (FLIRT) signatures and custom files in order to suck the most information possible out of a binary before analysis. You also get a glimpse into how to modify the pieces of the application which can be modified only through config files. It concludes by explaining the patch capabilities of IDA Pro and discussing what the limitations and expectations should be. This Part provides insight into creating your own signatures for custom libraries that might not be available in IDA Pro, so, as you start working on real life applications, you can tailor IDA Pro to be able to recognize libraries that you frequently encounter.
After the basics of using the application have been covered, the author explains how to extend the capabilities of IDA Pro in Parts III and IV. He discusses in depth the scripting engine and how to build plug-ins and modules. Throughout this Part numerous examples are given of how the scripting and plug-ins fit into the application. Short detailed examples are used to illustrate how to accomplish some tasks that would be useful for a reverse engineer including listing out function information. The beginning of the chapter was great. As a beginning Reverse Engineer, I was able to clearly see how this information would apply. For the stuff that was beyond my current knowledge level, it was easy to see that as my knowledge progresses in the future, I would be back to re-visit this information.
Throughout the entire fifth Part are goodies focusing on the real-world applications of IDA Pro. It goes into the different types of binaries that you might encounter while doing reverse engineering. This chapter also goes into two large areas where IDA Pro is used such as obfuscated code analysis and vulnerability analysis. After reading this Part, you should have some handy scripts and a series of applications and plug-ins to aid in your RE adventures. The author discusses a number of those plug-ins in-depth including adding in bindings for Python and Ruby. At the end of this chapter, I hadn't learned an incredible amount more about IDA Pro; however I definitely knew more about how to approach the problems I might encounter and how to extend IDA Pro's capabilities in order to tackle real world tasks.
The final Part of the book is on the IDA Debugger. The debugging features of IDA Pro were an afterthought and aren't the primary focus of IDA Pro. Chris Eagle goes into what to expect from the debugger, how it's used, and then finally how to integrate the information obtained from the debugger into the overall RE process. He concludes with a discussion of how to automate debugging tasks with scripts and plug-ins and discusses some of the real-world problems that people might encounter, such as dealing with UPX packing that has been modified. This chapter also goes into remote debugging, where you can be running a binary on one machine and having it come back to a GUI on another. Knowing this information is especially useful if you are doing analysis across multiple platforms. The Windows GUI is the only non-console GUI in the IDA Pro supported platforms.
Chris Eagle's The IDA Pro Book provides a significantly better understanding not of just IDA Pro itself, but of the entire RE process. There are little gems littered throughout the book that bring in real-life experience and knowledge that you don't always get from other books instructing you in the use of an application. Although it is impossible to absorb everything in this book due to its size, it helped greatly in overcoming some of the initial hurdles of understanding a highly technical topic. As I continue down my reverse engineering path, I'm confident that I will use this book repeatedly as a reference.
If you are interested in getting deep into the assembly and figuring out what applications are doing when you don't have the source, then I would highly recommend this book to get you started with IDA Pro; it won't turn you into a reverse engineering expert, but it certainly will provide you with a major tool that will help you along the way.
You can purchase The IDA Pro Book from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Hellgate: London To Be Closed, Possibly Saved?
Namco Bandai recently announced that Hellgate: London would be shut down on January 31, 2009. They'd been supporting the game's servers since Flagship Studios saw massive layoffs in July. Now, a fansite has located an announcement on the game's Korean site suggesting that it may be picked up by a Taiwanese company called Redbana. The English version of the announcement says, "In the meantime, stay alert: the Hellgate will soon re-open, and your valor will be needed again." -
Attack Code Found For Recent Windows Bug
CWmike writes "Just a day after downplaying the vulnerability that caused it to issue an out-of-cycle patch last week, Microsoft warned customers late yesterday that exploit code had gone public and was being used in additional attacks. 'We've identified the public availability of exploit code that now shows code execution for the vulnerability addressed by MS08-067,' said Mike Reavey, operations manager of Microsoft's Security Response Center, in a post to the MSRC blog. 'This exploit code has been shown to result in remote code execution on Windows Server 2003, Windows XP, and Windows 2000.'" -
Microsoft Unveils Browser-Based Office Apps
snydeq writes "Microsoft followed up its Windows Azure unveiling by announcing that it will deliver lightweight versions of Word, Excel, PowerPoint, and OneNote through the browser, a la Google Apps. Surprisingly, Office Web applications will run in Firefox and Safari, not just Internet Explorer. Far less shocking: You won't get Office Web apps free and clear as you do Google apps. The apps are meant to be an extension to locally installed instances of the next version of Microsoft Office, the same way Outlook Web Access provides access to mail without the fat Outlook client." -
Researchers Decentralize BitTorrent
A Cow writes "The Tribler BitTorrent client, a project run by researchers from several European universities and Harvard, is the first to incorporate decentralized search capabilities. With Tribler, users can now find .torrent files that are hosted among other peers, instead of on a centralized site such as The Pirate Bay or Mininova. The Tribler developers have found a way to make their client work without having to rely on BitTorrent sites. Although others have tried to come up with similar solutions, such as the Cubit plugin for Vuze, Tribler is the first to understand that with decentralized BitTorrent search, there also has to be a way to moderate these decentralized torrents in order to avoid a flood of spam." -
LittleBigPlanet Sequel Already In the Works
Now that the delay caused by a rogue song has come and passed, the LittleBigPlanet servers have been turned on, and creations are beginning to filter in. A BBC feature on the game revealed that plans are already underway for a sequel. Another report suggests that they're looking at other methods for expanding the game as well: "With the game just hitting stores, it's too early to start talking about sequels, but Media Molecule already is looking into how they can get more creative tools into the hands of their users. 'We can release new levels, new stickers, new content,' Evans said. 'It's pretty clear to me that we have to move in a fluid direction about what's a sequel and what's not a sequel.'" -
Nintendo Already Anticipating Holiday Wii Shortages
As we approach the holiday season, Nintendo has already said that they don't expect to keep up with demand for the Wii console. In an interview with the LA Times, Nintendo president Reggie Fils-Aime said they're ramping up production by 33% already, with further increases planned. They're hoping to avoid the scarcity of Wii's that occurred last year, which cost them a great deal of money in potential sales. "We're now producing 2.4 million units a month worldwide. Last year, we made 1.6 million a month. So we've made a 33% increase. One of our competitors projects they will sell 10 million consoles worldwide this year. For us, that's three months of production. We're producing an unprecedented level of hardware to try to meet demand." -
Nintendo Already Anticipating Holiday Wii Shortages
As we approach the holiday season, Nintendo has already said that they don't expect to keep up with demand for the Wii console. In an interview with the LA Times, Nintendo president Reggie Fils-Aime said they're ramping up production by 33% already, with further increases planned. They're hoping to avoid the scarcity of Wii's that occurred last year, which cost them a great deal of money in potential sales. "We're now producing 2.4 million units a month worldwide. Last year, we made 1.6 million a month. So we've made a 33% increase. One of our competitors projects they will sell 10 million consoles worldwide this year. For us, that's three months of production. We're producing an unprecedented level of hardware to try to meet demand." -
Depressed Astronauts Might Get Computerized Solace
alphadogg writes "Clinical tests on a four-year, $1.74 million project for NASA, called the Virtual Space Station, are expected to begin in the Boston area by next month. The effort is designed to address the onset of depression in astronauts while they are in outer space. In the project, sponsored by the National Space Biomedical Research Institute, a recorded video therapist guides astronauts through a widely used depression therapy called 'problem-solving treatment.'" Here's a related story from a few weeks ago. Those astronauts got it rough. -
Nintendo's Homebrew-Blocking Update Hacked
ElementC writes "Team Twiizers, the group behind almost all of the Wii Homebrew scene, has released an update to the Homebrew Channel (and installer) that allows for installation on a Wii with the most recent update installed. While the team still recommends against installing the Nintendo update, those who accidentally updated or purchase games that require the update are no longer left out to dry. This update to the Homebrew Channel also adds SDHC support, a feature Nintendo has not implemented in vanilla Wiis. The community has also created an app that updates just the Wii Shop Channel — allowing users to purchase Wiiware and Virtual Console games without losing their homebrew. It took the team only two days to get the fix out." -
Russian Regulators Block Google Online Advertising Acquisition
An anonymous reader writes "Russian regulators will not let Google buy a local online advertising company, halting a $140 million deal agreed to in July. Google had planned to acquire Zao Begun, which has a search and contextual video and text advertising business. Begun is owned by Rambler Media, a Russian company that own various Web sites and runs a search engine. Google said it is reviewing the decision of Russia's Federal Antimonopoly Service (FAS) and hasn't decided how to react. Slashdot has previously covered some of the issues surrounding Google's muscle in the advertising market." -
Second Penny Arcade Game Due Out This Week
Hothead Games has announced that the second episode of the Penny Arcade: On the Rain-slick Precipice of Darkness series is coming out this Wednesday, and they've released a trailer showing off some of the gameplay. ACG has an interview with Hothead's Joel DeYoung discussing the series and explaining some of the decision-making that went into its development. The game will launch for Linux, Mac, PC, and Xbox Live, with a PS3 version coming later. Feedback from players of the first game in the series inspired a $5 decrease in price this time around. -
Modern Methods For Sharing Innovation
The New York Times is running a story about Johnny Chung Lee, a hardware hacker made famous for his projects which modified the Nintendo Wiimote to do things like positional head tracking and multi-touch display control. The article focuses on the suggestion that Lee's use of YouTube to demonstrate his innovations has done a better job of communicating his ideas than more traditional methods could. Quoting: "He might have published a paper that only a few dozen specialists would have read. A talk at a conference would have brought a slightly larger audience. In either case, it would have taken months for his ideas to reach others. Small wonder, then, that he maintains that posting to YouTube has been an essential part of his success as an inventor. 'Sharing an idea the right way is just as important as doing the work itself,' he says. 'If you create something but nobody knows, it's as if it never happened.'" -
Modern Methods For Sharing Innovation
The New York Times is running a story about Johnny Chung Lee, a hardware hacker made famous for his projects which modified the Nintendo Wiimote to do things like positional head tracking and multi-touch display control. The article focuses on the suggestion that Lee's use of YouTube to demonstrate his innovations has done a better job of communicating his ideas than more traditional methods could. Quoting: "He might have published a paper that only a few dozen specialists would have read. A talk at a conference would have brought a slightly larger audience. In either case, it would have taken months for his ideas to reach others. Small wonder, then, that he maintains that posting to YouTube has been an essential part of his success as an inventor. 'Sharing an idea the right way is just as important as doing the work itself,' he says. 'If you create something but nobody knows, it's as if it never happened.'" -
Australian Government Ignoring Problems With Proposed Filters
halll7 writes with an update to the proposed Australian national firewall we discussed recently. According to the BBC, "The official watchdog, the Australian Communications and Media Authority (ACMA), has been conducting laboratory tests of six filtering products, and the government plans a live trial soon. ... After its recent trials, ACMA reported significant improvements on earlier studies. The network degradation on one product was less than 2%, although two products were in excess of 75%." Now, Ars Technica reports that "an Australian newspaper has uncovered documents showing that the government minister responsible for the program has ignored performance and accuracy problems with the filters, then tried to suppress criticism of the plan by private citizens." The EFA has a great deal to say in opposition of these plans. -
PC Makers Try To Pinch Seconds From Their Boot Times
Some computers are never turned off, or at least rarely see any state less active than "standby," but others (for power savings or other reasons) need rebooting — daily, or even more often. The New York Times is running a short article which says that it's not just a few makers like Asus who are trying to take away some of the pain of waiting for computers, especially laptops, to boot up. While it's always been a minor annoyance to wait while a computer slowly grinds itself to readiness, "the agitation seems more intense than in the pre-Internet days," and manufacturers are actively trying to cut that wait down to a more bearable length. How bearable? A "very good system is one that boots in under 15 seconds," according to a Microsoft blog cited, and an HP source names an 18-month goal of 20-30 seconds. -
NASA's New Lunar Rover, Now Testing In Arizona
MarkWhittington writes "NASA has unveiled a new prototype lunar rover, called the Chariot, a production version of which is hoped to be operational on the lunar surface by 2019. NASA is now testing the Chariot lunar rover in Arizona, on terrain that resembles the lunar surface." Perhaps Arizona's an even closer match to the moon's surface than is Texas, or Moses Lake, WA where NASA was testing the last time we mentioned Chariot. (Here's a bit of video from the Texas round.) -
NASA's New Lunar Rover, Now Testing In Arizona
MarkWhittington writes "NASA has unveiled a new prototype lunar rover, called the Chariot, a production version of which is hoped to be operational on the lunar surface by 2019. NASA is now testing the Chariot lunar rover in Arizona, on terrain that resembles the lunar surface." Perhaps Arizona's an even closer match to the moon's surface than is Texas, or Moses Lake, WA where NASA was testing the last time we mentioned Chariot. (Here's a bit of video from the Texas round.) -
White Space Debate Intensifies As Vote Approaches
Ars Technica reports that the debate between broadcasters and white space supporters has intensified after each side recently made inflammatory comments and suggested that science would vindicate their position. Several organizations are pushing to delay the upcoming white space vote, in part because it takes place on the same day as the US presidential election. We recently discussed Google's claim that a test of this system was rigged to fail. From Ars: "The broadcasters contend that adjacent channel interference would be significant even at the 40 mW level proposed by Kevin Martin. In fact, they claim that such a device would interfere with digital television signals when the viewer is 25 miles from the television tower and the whitespace device is 10m or less from the TV set. At 50 miles from the television tower, a whitespace device within 50m from a set could allegedly cause interference. The broadcasters also want several safeguard requirements put on the technology that go beyond the new, lower-power transmission levels." -
Armadillo Aerospace Takes Level 1 Lunar Lander Prize
jedibfa writes "Las Cruces International Airport came alive with applause and cheers yesterday afternoon as John Carmack's Armadillo Aerospace took the first place prize for the Level 1 challenge of the Northrop Grumman Lunar Lander Challenge, winning $350,000 and bragging rights. Adding to the excitement of the day, shortly before completing their second qualifying flight, Armadillo Aerospace and The Rocket Racing League announced a joint program to develop a sub-orbital tourist vehicle that will fly out of the New Mexico-based Spaceport America and cost less than $100,000 per ticket. On Sunday, the team will have three opportunities to go for the Level 2 challenge that more closely approximates the required performance for a real lunar landing. Good luck, Armadillo Aerospace, both on Sunday and in your new endeavor!" We discussed preparations for the challenge last week. Several other readers have contributed additional coverage, including the Space Fellowship's live blog of the event, the website for Truezer0, another team participating in the challenge, and a VentureBeat article discussing the economic downturn in space exploration, and how the X-prize competitions figure in. Today's Level 2 challenge will be covered live via webcast. -
DRM-Free Classic Games Store Opens To Public
arcticstoat writes "With all the controversy surrounding DRM in games at the moment, one games store has decided to buck the trend, proudly proclaiming that all its games are DRM-free. First announced back in July, Good Old Games is now in the public beta stage, which means that anyone can now access the site's archive of classic PC games, and you can do what you want with your game when you've bought it, too. 'You won't find any intrusive copy protection in our games; we hate draconian DRM schemes just as much as you do,' says the site. 'Once you download a game, you can install it on any PC and re-download it whenever you want, as many times as you need, and you can play it without an internet connection.'" In related news, Stardock, the company responsible for the Gamer's Bill of Rights, is apparently working on a new copy-protection solution that will be friendlier to consumers than current schemes. -
DRM-Free Classic Games Store Opens To Public
arcticstoat writes "With all the controversy surrounding DRM in games at the moment, one games store has decided to buck the trend, proudly proclaiming that all its games are DRM-free. First announced back in July, Good Old Games is now in the public beta stage, which means that anyone can now access the site's archive of classic PC games, and you can do what you want with your game when you've bought it, too. 'You won't find any intrusive copy protection in our games; we hate draconian DRM schemes just as much as you do,' says the site. 'Once you download a game, you can install it on any PC and re-download it whenever you want, as many times as you need, and you can play it without an internet connection.'" In related news, Stardock, the company responsible for the Gamer's Bill of Rights, is apparently working on a new copy-protection solution that will be friendlier to consumers than current schemes. -
Further Details On the Star Wars MMO
Now that the recent announcement about Star Wars: The Old Republic has had time to sink in, specific details about the game are beginning to come to light. Massively, in particular, has a variety of interviews and in-depth looks at the classes, the combat, and the setting of the game. "When you play like a Jedi from 1 to max, and then decide to start as a Sith, you won't see any content that will be the same." They also discuss the leveling, questing and companion characters. "We want you to think of them as actual companions on your journeys throughout the game. Your actions are going to change how your companion characters develop." Eurogamer is running a preview of the game, and a wiki has sprung up to catalog all of the new information. Other tidbits: support for Star Wars Galaxies will continue; the new game will be PC only; and LucasArts is hoping to snipe some of the World of Warcraft customer base. -
Cobol Job Market Heating Up
snydeq writes "Developers seeking job security in the years ahead could find an unlikely edge in Cobol. According to an InfoWorld report, demand for Cobol skills is surging, with salaries on the rise. More importantly, the short supply of offshore Cobol programmers and the fact that mainframes aren't going away anytime soon are spurring longevity for big-iron skills, with many companies looking to hire in-house Cobol pros to bridge mainframe Cobol apps to the rest of the enterprise. The report provides further evidence that Cobol may indeed be primed for a comeback, with new kinds of Cobol integration jobs emerging to prove old-guard skills are critical to some of the hottest areas of software development today." -
Cobol Job Market Heating Up
snydeq writes "Developers seeking job security in the years ahead could find an unlikely edge in Cobol. According to an InfoWorld report, demand for Cobol skills is surging, with salaries on the rise. More importantly, the short supply of offshore Cobol programmers and the fact that mainframes aren't going away anytime soon are spurring longevity for big-iron skills, with many companies looking to hire in-house Cobol pros to bridge mainframe Cobol apps to the rest of the enterprise. The report provides further evidence that Cobol may indeed be primed for a comeback, with new kinds of Cobol integration jobs emerging to prove old-guard skills are critical to some of the hottest areas of software development today." -
US's First Internet Votes To Be Cast This Friday
longacre writes "If you thought online voting in America was a distant pipe dream (nightmare?), think again: the nation's first Internet-based voting system goes online this Friday, just days after the release of the Damning Report On Sequoia E-Voting Machine Security we discussed yesterday. In the first real world run of the Okaloosa Distance Ballot Piloting (ODBP) test program, election officials from Okaloosa County, Florida have set up kiosks in Germany, the UK and Japan where 600-700 absentee voters — mostly military personnel — are expected to cast ballots. Security experts still have many questions, of course, particularly on the potential for interception of voting data while it travels across oceans (via 'secure VPN'), the security of the kiosks ('hardened laptops' with no hard drives and other sensitive components disabled) and the security of the three data centers (one of which is itself housed overseas, in Barcelona, Spain), not to mention the fact that Florida doesn't exactly have a stellar record when it comes to vote counting. Florida's Dept. of State also has a fairly detailed outline of ODBP's components and processes [PDF]." -
US's First Internet Votes To Be Cast This Friday
longacre writes "If you thought online voting in America was a distant pipe dream (nightmare?), think again: the nation's first Internet-based voting system goes online this Friday, just days after the release of the Damning Report On Sequoia E-Voting Machine Security we discussed yesterday. In the first real world run of the Okaloosa Distance Ballot Piloting (ODBP) test program, election officials from Okaloosa County, Florida have set up kiosks in Germany, the UK and Japan where 600-700 absentee voters — mostly military personnel — are expected to cast ballots. Security experts still have many questions, of course, particularly on the potential for interception of voting data while it travels across oceans (via 'secure VPN'), the security of the kiosks ('hardened laptops' with no hard drives and other sensitive components disabled) and the security of the three data centers (one of which is itself housed overseas, in Barcelona, Spain), not to mention the fact that Florida doesn't exactly have a stellar record when it comes to vote counting. Florida's Dept. of State also has a fairly detailed outline of ODBP's components and processes [PDF]." -
Keeping Up With IT Developments In Education?
antgiant writes "I work for a college in the IT department, and I've been having a hard time finding quality resources that cover IT topics with relationship to education. So I ask you: outside of Slashdot, what listservs, newsgroups, fourms, etc. should I be participating in? In particular, I am interested in resources that tend to cover more legal topics such as the now-approved anti-peer-to-peer law." -
Dojo: Using the Dojo JavaScript Library
stoolpigeon writes "The number and functionality of web based applications has exploded recently. Many of these applications rely heavily on AJAX to provide a more desktop-like experience for users. As the number of people using JavaScript grew, libraries were developed to assist with commonly encountered issues. Jim Harmon's new book Dojo: Using the Dojo JavaScript Library to Build Ajax Applications aims to introduce readers to one of those libraries, the Dojo Toolkit." Keep reading for the rest of JR's review. Dojo: Using the Dojo JavaScript Library to Build Ajax Applications author James E. Harmon pages 316 publisher Addison-Wesley Professional rating 7/10 reviewer JR Peck ISBN 978-0-13-235804-0 summary a complete example rich developer's guide to Dojo The Dojo Toolkit, is a JavaScript library, created to increase the speed of writing JavaScript applications. It provides developers with widgets, themes, wrappers for asynchronous communication, client side storage and more. It does all this across various browsers and platforms without requiring the user to worry about differences in browsers.
The book follows an interesting pattern. It begins with a five chapter tutorial. The tutorial launches immediately into taking a straight html form and using Dojo widgets to add functionality. All of the code used in the tutorial is available at the book's web site. This tutorial moves quickly, introducing a number of available widgets and giving the reader a nice feel for how Dojo integrates with html markup.
What does not take place in the tutorial is the normal introductory material on just what Dojo is, how it is installed, or what it can do. I'm guessing that this will be a welcome change to those used to quickly brushing past the first chapter, or more, of any programming book. Harmon takes advantage of the fact that Dojo is available via the AOL Content Delivery Network, so the examples will work any javascript capable browser connected to the internet. He does give a quick explanation of what would need to be different to use local files.
All of the introductory material that I'm use to seeing is still in the book but it does not appear until chapter ten. There Harmon covers the motivation to develop Dojo, explains the history of the project, provides a bit of information regarding the dual-licensing of Dojo. (It is available under the BSD and Academic Free Licenses.) This leads into the last seven chapters, that cover the 'deeper' material in the book.
Between the tutorial and chapter ten, there are four chapters of widget documentation with examples and some explanation. Of the three sections this is the longest, though this is in part due to sometimes large sections of white space, as each widget begins on it's own page. The documentation covers each widget and provides a visual representation where applicable. There is some repetition as this section covers widgets that were used in the first section's tutorial.
The third section is entitled "Dojo in Detail." It's the level of detail that marks this book as more of an overview, rather than an in-depth treatment of Dojo. Harmon is true to the title, this book is an extremely pragmatic guide to getting started with Dojo as a means of adding Ajax to applications. It is not however going to take the reader to any great depth into the toolkit. There is plenty here to get started, and enough to hit the ground running, but anyone to get really in-depth coverage of the library will be disappointed.
The person who will get the most out of this book is someone with some knowledge of mark-up and programming but not to an advanced level. The developer with a lot of experience will probably be frustrated with the amount of explanation and repetition of simple material combined with the lack of depth. The reader with no programming experience may struggle, though they could keep up if they are willing to look outside the book for a few resources to get a good grasp of web technologies. They may become extremely frustrated with some of the later chapters where the code examples skip steps and leave the reader to assume what has happened in between what is shown and the output.
That said, this book allows the reader to dive in quickly, get a quick overview and move immediately to making use of the Dojo Toolkit. If one is not concerned with gaining insight on every aspect of the library but would rather just get into it immediately with a little guidance, this may be just right.
With this in mind, it would have been nice if the book had provided less time on documentation and more on examples and ideas for how to best use the capabilities of Dojo. It is nice to have a book that isn't so huge that it is overwhelming and difficult to find anything. But if something had to be given up to keep things compact, I'd have much rather lost things that are easy to find in the on-line documentation and subject to change as the toolkit develops. This keeps the book from being excellent, but it is still a solid introduction and primer.
You can purchase Dojo: Using the Dojo JavaScript Library to Build Ajax Applications from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Dojo: Using the Dojo JavaScript Library
stoolpigeon writes "The number and functionality of web based applications has exploded recently. Many of these applications rely heavily on AJAX to provide a more desktop-like experience for users. As the number of people using JavaScript grew, libraries were developed to assist with commonly encountered issues. Jim Harmon's new book Dojo: Using the Dojo JavaScript Library to Build Ajax Applications aims to introduce readers to one of those libraries, the Dojo Toolkit." Keep reading for the rest of JR's review. Dojo: Using the Dojo JavaScript Library to Build Ajax Applications author James E. Harmon pages 316 publisher Addison-Wesley Professional rating 7/10 reviewer JR Peck ISBN 978-0-13-235804-0 summary a complete example rich developer's guide to Dojo The Dojo Toolkit, is a JavaScript library, created to increase the speed of writing JavaScript applications. It provides developers with widgets, themes, wrappers for asynchronous communication, client side storage and more. It does all this across various browsers and platforms without requiring the user to worry about differences in browsers.
The book follows an interesting pattern. It begins with a five chapter tutorial. The tutorial launches immediately into taking a straight html form and using Dojo widgets to add functionality. All of the code used in the tutorial is available at the book's web site. This tutorial moves quickly, introducing a number of available widgets and giving the reader a nice feel for how Dojo integrates with html markup.
What does not take place in the tutorial is the normal introductory material on just what Dojo is, how it is installed, or what it can do. I'm guessing that this will be a welcome change to those used to quickly brushing past the first chapter, or more, of any programming book. Harmon takes advantage of the fact that Dojo is available via the AOL Content Delivery Network, so the examples will work any javascript capable browser connected to the internet. He does give a quick explanation of what would need to be different to use local files.
All of the introductory material that I'm use to seeing is still in the book but it does not appear until chapter ten. There Harmon covers the motivation to develop Dojo, explains the history of the project, provides a bit of information regarding the dual-licensing of Dojo. (It is available under the BSD and Academic Free Licenses.) This leads into the last seven chapters, that cover the 'deeper' material in the book.
Between the tutorial and chapter ten, there are four chapters of widget documentation with examples and some explanation. Of the three sections this is the longest, though this is in part due to sometimes large sections of white space, as each widget begins on it's own page. The documentation covers each widget and provides a visual representation where applicable. There is some repetition as this section covers widgets that were used in the first section's tutorial.
The third section is entitled "Dojo in Detail." It's the level of detail that marks this book as more of an overview, rather than an in-depth treatment of Dojo. Harmon is true to the title, this book is an extremely pragmatic guide to getting started with Dojo as a means of adding Ajax to applications. It is not however going to take the reader to any great depth into the toolkit. There is plenty here to get started, and enough to hit the ground running, but anyone to get really in-depth coverage of the library will be disappointed.
The person who will get the most out of this book is someone with some knowledge of mark-up and programming but not to an advanced level. The developer with a lot of experience will probably be frustrated with the amount of explanation and repetition of simple material combined with the lack of depth. The reader with no programming experience may struggle, though they could keep up if they are willing to look outside the book for a few resources to get a good grasp of web technologies. They may become extremely frustrated with some of the later chapters where the code examples skip steps and leave the reader to assume what has happened in between what is shown and the output.
That said, this book allows the reader to dive in quickly, get a quick overview and move immediately to making use of the Dojo Toolkit. If one is not concerned with gaining insight on every aspect of the library but would rather just get into it immediately with a little guidance, this may be just right.
With this in mind, it would have been nice if the book had provided less time on documentation and more on examples and ideas for how to best use the capabilities of Dojo. It is nice to have a book that isn't so huge that it is overwhelming and difficult to find anything. But if something had to be given up to keep things compact, I'd have much rather lost things that are easy to find in the on-line documentation and subject to change as the toolkit develops. This keeps the book from being excellent, but it is still a solid introduction and primer.
You can purchase Dojo: Using the Dojo JavaScript Library to Build Ajax Applications from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
A Look At Google's Newest Data Center
miller60 writes "Google doesn't allow the public inside its secret data centers. But a recent groundbreaking event at the company's new South Carolina data center provided glimpses of the exterior of the facility, which shows a design that has evolved since Google's Oregon data center made front page news. A new feature: an open, lighted area resembling a parking deck (containers?). Still missing: moats filled with sharks with friggin' laser beams on their head." -
A Look At Google's Newest Data Center
miller60 writes "Google doesn't allow the public inside its secret data centers. But a recent groundbreaking event at the company's new South Carolina data center provided glimpses of the exterior of the facility, which shows a design that has evolved since Google's Oregon data center made front page news. A new feature: an open, lighted area resembling a parking deck (containers?). Still missing: moats filled with sharks with friggin' laser beams on their head." -
Geoengineering To Cool the Earth Becoming Thinkable
johkir writes "As early as 1965, when Al Gore was a freshman in college, a panel of distinguished environmental scientists warned President Lyndon B. Johnson that CO2 emissions from fossil fuels might cause 'marked changes in climate' that 'could be deleterious.' Yet the scientists did not so much as mention the possibility of reducing emissions. Instead they considered one idea: 'spreading very small reflective particles' over about five million square miles of ocean, so as to bounce about 1 percent more sunlight back to space — 'a wacky geoengineering solution.' In the decades since, geoengineering ideas never died, but they did get pushed to the fringe — they were widely perceived by scientists and environmentalists alike as silly and even immoral attempts to avoid addressing the root of the problem of global warming. Three recent developments have brought them back into the mainstream." We've discussed some pretty strange ideas in the geoengineering line over the last few years. -
Geoengineering To Cool the Earth Becoming Thinkable
johkir writes "As early as 1965, when Al Gore was a freshman in college, a panel of distinguished environmental scientists warned President Lyndon B. Johnson that CO2 emissions from fossil fuels might cause 'marked changes in climate' that 'could be deleterious.' Yet the scientists did not so much as mention the possibility of reducing emissions. Instead they considered one idea: 'spreading very small reflective particles' over about five million square miles of ocean, so as to bounce about 1 percent more sunlight back to space — 'a wacky geoengineering solution.' In the decades since, geoengineering ideas never died, but they did get pushed to the fringe — they were widely perceived by scientists and environmentalists alike as silly and even immoral attempts to avoid addressing the root of the problem of global warming. Three recent developments have brought them back into the mainstream." We've discussed some pretty strange ideas in the geoengineering line over the last few years. -
Geoengineering To Cool the Earth Becoming Thinkable
johkir writes "As early as 1965, when Al Gore was a freshman in college, a panel of distinguished environmental scientists warned President Lyndon B. Johnson that CO2 emissions from fossil fuels might cause 'marked changes in climate' that 'could be deleterious.' Yet the scientists did not so much as mention the possibility of reducing emissions. Instead they considered one idea: 'spreading very small reflective particles' over about five million square miles of ocean, so as to bounce about 1 percent more sunlight back to space — 'a wacky geoengineering solution.' In the decades since, geoengineering ideas never died, but they did get pushed to the fringe — they were widely perceived by scientists and environmentalists alike as silly and even immoral attempts to avoid addressing the root of the problem of global warming. Three recent developments have brought them back into the mainstream." We've discussed some pretty strange ideas in the geoengineering line over the last few years. -
Damning Report On Sequoia E-Voting Machine Security
TechDirt notes the publication of the New Jersey voting machine study, the attempted suppression of which we have been discussing for a while now. The paper that the Princeton and Lehigh University researchers are releasing, as permitted by the Court, is "the same as the Court's redacted version, but with a few introductory paragraphs about the court case, Gusciora v. Corzine." What's new is the release of a 90-minute evidentiary video — the researchers have asked the court for permission to release a shorter version that hits the high points, as the high-res video is about 1 GB in size. See TechDirt's article for the report's executive summary listing eight ways the AVC Advantage 9.00 voting machine can be subverted. -
Damning Report On Sequoia E-Voting Machine Security
TechDirt notes the publication of the New Jersey voting machine study, the attempted suppression of which we have been discussing for a while now. The paper that the Princeton and Lehigh University researchers are releasing, as permitted by the Court, is "the same as the Court's redacted version, but with a few introductory paragraphs about the court case, Gusciora v. Corzine." What's new is the release of a 90-minute evidentiary video — the researchers have asked the court for permission to release a shorter version that hits the high points, as the high-res video is about 1 GB in size. See TechDirt's article for the report's executive summary listing eight ways the AVC Advantage 9.00 voting machine can be subverted. -
Microsoft Calls Today Global Anti-Piracy Day
arcticstoat points out an article at Custom PC, according to which: "Microsoft has announced that today is Global Anti-Piracy Day. Launching several global initiatives, the aim is to raise awareness of the damage to software innovation that Microsoft says is caused by piracy. ... As well as educating people about piracy, Microsoft has also initiated a huge list of legal proceedings that it's taking out against pirates. Microsoft isn't messing about when it says 'global' either. The list of 49 countries that Microsoft is targeting spans six continents, and ranges from the UK and the US all the way through to Chile, Egypt, Kuwait, Indonesia and China." Interestingly enough, unauthorized copies of Vista might not be harming the company all that much: reader twitter was among several to contribute links to a related story at Computer World which highlights Microsoft attorney Bonnie MacNaughton's acknowledgement that pirates prefer Windows XP over Vista and Office 2003 over 2007. -
Kentucky Judge Upholds State's Gambling-Domain Grab
JohnHegarty writes "A Kentucky judge has upheld that state's seizure of some of the world's most popular online casino domain names, ruling they constitute a 'gambling device' that is subject to Kentucky's anti-gambling laws." Wasn't it surreal enough on the first round? -
Cray's CX1 Desktop Supercomputer, Now For Sale
ocularb0b writes "Cray has announced the CX1 desktop supercomputer. Cray teamed with Microsoft and Intel to build the new machine that supports up to 8 nodes, a total of 64 cores and 64Gb of memory per node. CX1 can be ordered online with starting prices of $25K, and a choice of Linux or Windows HPC. This should be a pretty big deal for smaller schools and scientists waiting in line for time on the world's big computing centers, as well as 3D and VFX shops." -
Microsoft, Google Battle Over Energy Efficiency
1sockchuck writes "Microsoft and Google have opened a new front in their battle for global domination: data center energy efficiency. Just weeks after Google published data on the extreme efficiency of its previously secret data centers, Microsoft says it has achieved similar results with shipping containers (despite Google's patent) packed with up to 2,500 servers. The geeky benchmark for the battle is Power Usage Effectiveness (PUE), a green data-center metric advanced by The Green Grid. Microsoft says its containers tested at a PUE of 1.22, while Google reported an average PUE of 1.21 for its data centers, which apparently are also now using containers." -
E3 Coming Back Big In 2009
Newsweek reports that next year's E3 will be expanding its attendance cap to 40,000 in an attempt to return as the premiere large-scale gaming expo. E3 scaled back its operations over the last few years, leading some to speculate that it was outliving its usefulness. This year, according to E3's organizers, we can "expect a boat load of press conferences on Monday during the day and on Tuesday morning." Newsweek also claims E3 will be opening to the public for the first time, allowing fans inside for the last two days of the event. However, G4's coverage says that while the vetting process for attendees will be eased, the event still won't be open to the public. An official announcement will be made tomorrow by the Entertainment Software Association. -
The State of Piracy and DRM In PC Gaming
VideoGamer sat down with Randy Stude, president of the PC Gaming Alliance, to talk about the state of piracy and DRM in today's gaming industry. He suggests that many game studios have themselves to blame for leaks and pre-launch piracy by not integrating their protection measures earlier in the development process. He mentions that some companies, such as Blizzard and Valve, have worked out anti-piracy schemes that generate much less of a backlash than occurred for Spore . Stude also has harsh words for companies who decline to create PC versions of their games, LucasArts in particular, saying, "LucasArts hasn't made a good PC game in a long time. That's my opinion. ... It's ridiculous to say that there's not enough audience for that game ... and that it falls into this enthusiast extreme category when ported over to the PC. That's an uneducated response." Finally, Stude discusses what the PCGA would like to see out of Vista and the next version of Windows. -
Spam Flood Unabated After Bust
AcidAUS writes "Last week's bust of the largest spam operation in the world has had no measurable impact on global spam volumes. The spam gang, known by authorities and security experts as HerbalKing, was responsible for one-third of all spam, the non-profit antispam research group Spamhaus said." The article speculates that the operators of HerbalKing simply passed on to associates the keys to the automated, 35,000-strong botnet, and the spam flow didn't miss a beat.