Slashdot Mirror

http://www.umich.edu/~engb415/literature/cyberzach /Asimov/naksun.html

The fundamental assumption is that just about all gas-engined cars run the same thermodynamic cycle and about the same compression ratio these days, so the non-ideal Otto cycle runs about 38 percent efficiency. Ross then presents an empirical model of both the manifold vacuum pumping loss and the mechanical friction losses in an engine as a function of speed and load; he also assumes that the transmission is 90 percent efficient, and there is a fixed power loss from engine accessories. Throw in the rolling resistance of a car, the aerodynamic drag, and voila, you get the steady-state highway cruise no-wind fuel economy.

Crunching the numbers on my 97 Camry 2.2 litre, using gas with 115,000 BTU/gal, 80 deg F air temp, no wind, I should get 41.7 MPG at 55 MPH, 40.1 at 60 MPH, and 37.5 MPG at 65 MPH. By comparison, I did a road test both ways on a short section of freeway at 55 MPH and averaged 41.1 MPG on a fuel mileage meter connected to the OBD-II, and I get about 36 MPG on trips where I travel 65.

You would think that the dominant loss at highway speed is the air drag, and going from 55 to 65 you are increasing in speed by 20 percent so your gas mileage should take a 40 percent hit. Well it does not, in large measure because the friction in your engine along with part-load manifold vacuum "pumping loss" in large measure tend to dominate. One way to manufacture vehicles with better highway mileage would be to use smaller engines turning over at slower speeds, and the formulas show that if I put a 0.8 litre engine in the Camry, I would get 47 MPG at 65 MPH but I would not have any reserve to climb a hill without downshifting.

The EPA has their Test Car List Data web page which gives car weight, engine displacement and final drive ratio, and drag coefficient values from which one can try out this model and make predictions of the steady-speed mileage of various cars. They give a coast down time from 55 to 45 MPG in seconds and they also give a dyno drag model of the form F = A + B V + C V^2 where A, B, C are numbers in their table and V is speed in MPH.

The funny thing about their A B C numbers is that some cars have anomolously low C numbers (the V^2 air drag) but suspiciously high B numbers (viscous drag of the transmission in neutral in a coastdown test?) and similar cars (like the Ford Taurus with two different 3 litre engines) have widely different ABC numbers and even noticably different coastdowns. I suspect the whole EPA testing procedures would not hold up to rigorous error analysis -- I wonder if anyone has done any sensitivity/numerical conditioning analysis on their procedure determining the ABC numbers used to program the dyno -- but like legislation and sausage making, you probably don't want to know what is going on.

http://www.eecs.umich.edu/virtual/papers/king06.pd f

Read this paper: SubVirt: Implementing malware with virtual machines (and my blog if it won't print for you). VMWare/Virtual PC won't necessarily prevent rookits from infecting the host OS (though to date I haven't heard of any VM Rootkits).. just a matter of time, most likely.

NetBSD has verified exec option, it doesn't prevent you from being exploited if the kernel is compromised though.
But NetBSD's kernel is extremely well written and as far as I've seen is the one with the best track record of all open source kernels.
Together with the Systrace (by NetBSD developer Niels Provos) you can build extremely secure systems that are super portable.

FreeBSD has similar functionality with its TrustedBSD framework.

I would say NetBSD or FreeBSD is your best bet.

Maybe you can make a Linux install with a subset of the same functionality through SELinux, but I dubt it will be as nice as the NetBSD route.

No, Barabasi really is a trained statistical physicist and originally published in that field. More like these "statistical physicists" have found that power laws and the Internet are trendy and you ought to connect the two whenever possible. (Something so trendy right now that many physicists imagine power laws where none exist.)

(Speaking as a physicist and former student of one of Barabasi's students.)

As others have said, reactors built today won't meltdown even at a rate of "one meltdown per 1000 years". Even if they did, there are far more containment structures in place to prevent it from getting off the plant grounds.

TMI was the USA scare that got us to pay more attention to disaster scenarios. Even IF we had a Chernobyl type explosion in the states, it wouldn't be the big deal it was in Chernobyl since all nuclear reactors are covered by a pressure rated dome. Basically, they're pre-enclosed in a sarcophagus already.

Basically, even with Chernobyl you can argue that coal has killed more people.

Nuclear Power deaths: 3 Japanese workers*
Chernobyl: 47 workers/accident responders, 9 children died of thyroid cancer, and IAEA/WHO estimate that 9000 more might die of cancer. Please excuse me for not using Greenpeace numbers, as they are both biased and known to exaggerate. 9000, in the last 20 years.

Let's take a look at coal.
Wiki says:2004 alone cost China 6,000 workers, though some estimate as high as 20,000. US Coal mining is far safer, with only about 30 deaths/year. Still, we have yet to cover the health effects. 23,600 per year due to air pollution, in the USA alone.

If you figure 1 nuclear meltdown/worst case disaster every thousand years, that kills the same # as chernobyl, that's an average annual death toll of 9 people. Meanwhile, coal mining in the US kills 30, even if you figure in that pollution controls eventually stops all the air pollution.

There's a reason I'd love to shut down every coal plant and replace it with a nuclear one. Preferably breeders that allow us to take all the 'waste' piling up around current reactors and burn it as more fuel again.

*who violated every safety reg in the book, mixing many times the amount of nuclear materials in a steel bucket rather than using the provided shielded equipment meant to do it in limited, but safe, quantities.

The damning report correctly states that most research in computer architecture (unlike research topics in the medical sciences) is almost never reproduced because most researchers in CA do not care about reproduction.

I daresay that the failure of the Itanium was to due to depending on wild and unreproducible claims by numerous professors seeking to build their academic careers. When reality hit the fan, Itanium collapsed under the weight of the fraudulent results.

If you doubt the report or if you doubt what I am saying, just select some often cited CA papers and try to find follow-up papers that actually verified the results in the often cited papers. You can try, but you will fail.

The fundamental question of systems administration: once you have had a root compromise, what can you do to the machine to get it back up and running, in a known good configuration, with all chances of future compromise as a result of the initial compromise removed?

Answer: either compare the system (booted from known good media) to a known good set of files, or reinstall from known good media.

There's no other answer.

There is another answer: Backtracking Intrusions. Basically, the idea is to keep your own virtual machine monitor (VMM) running on the bare hardware that logs everything that happens to a system. If you detect that a system is compromised, you can rewind the execution of the system to any point in the past to see every action the malware took.

If a VMM-based malware were to try and take control of a system, it would really be taking control of a virtual machine. It would still be logged, so all its actions could be discovered and concievably undone.

Any tools you run on the compromised system are by definition suspect; they might be good, or they might be compromised. You have no way of knowing; anything they tell you is suspect.

If you're already running a VMM to log the system, you could put intrusion detection tools above the operating system, where no malware could touch it. This is the idea behind virtual machine introspection. Tools at this level can examine the virtualized operating system to detect whether the OS is compromised (or has been previously compromised) through a specific vulnerability without any chance that malware (inside the virtual machine) will interfere.

The fundamental question of systems administration: once you have had a root compromise, what can you do to the machine to get it back up and running, in a known good configuration, with all chances of future compromise as a result of the initial compromise removed?

Answer: either compare the system (booted from known good media) to a known good set of files, or reinstall from known good media.

There's no other answer.

There is another answer: Backtracking Intrusions. Basically, the idea is to keep your own virtual machine monitor (VMM) running on the bare hardware that logs everything that happens to a system. If you detect that a system is compromised, you can rewind the execution of the system to any point in the past to see every action the malware took.

If a VMM-based malware were to try and take control of a system, it would really be taking control of a virtual machine. It would still be logged, so all its actions could be discovered and concievably undone.

Any tools you run on the compromised system are by definition suspect; they might be good, or they might be compromised. You have no way of knowing; anything they tell you is suspect.

If you're already running a VMM to log the system, you could put intrusion detection tools above the operating system, where no malware could touch it. This is the idea behind virtual machine introspection. Tools at this level can examine the virtualized operating system to detect whether the OS is compromised (or has been previously compromised) through a specific vulnerability without any chance that malware (inside the virtual machine) will interfere.

This is old news. SubVirt by Peter Chen's group at UMich is the original system which proposed this idea. FYI.

Now, the only way this would be interesting would be if the worm / virus / trojan installed the virtualization software, moved the existing OS to a virtual machine

Implementing malware with virtual machines

Dave Barr has been there, done that,years ago. He placed four marble tetrahedra at points on the globe (New Guinea, South Africa, Greenland and Easter Island) so that they describe a giant tetrahedron inside the earth itself.

Or worse yet, what about them gathering info about merely suspected bad guys? I recall several years back there was a serial rapist in Ann Arbor, and the police requested that men fitting the general description of the suspect ("black male") submit DNA samples to ensure their innocence. After the culprit was caught, police intending on retaining those DNA samples for future use. It took years before the resulting lawsuits from the innocents forced the police to give up that information, but even back in 1994, there was an intention towards building a broad-based DNA pool built not on convicted criminals, but on the broader public...

I'll come back to this point, but notice that you have no evidence for this broad and inflammatory claim. So far, I've argued that (a) existence of the supernatural cannot be proven by natural means; and (b) that you've made several factual errors in your posts. The first point is broadly agreed to by both atheist and theist scientists and philosophers. The second point is a matter of fact: either one of us is correct, or else neither of us. No blind zealotry. No misunderstanding of science; in fact, I've shown a very standard understanding of science consistent with the "two spheres" approach of Stephen J. Gould.

So at this point, faced with evidence that contradicts your hypothesis, you should retract your accusation according to your own dictum:

Good scientists start questioning their assumptions as soon as there is ANY evidence contradicting them.

I humbly await your apology.

By way of analogy, wouldn't you agree that I'm "anti-religious" if I claim that worship of any kind is a sin?

Yes, I would agree that your claim is anti-religious, because it is a broad rejection of all religion (with the possible exception of Buddhism, a sort of "non-religious religion").

But now, consider the actual beliefs of creationist Christians. Some accept the astronomical evidence for the age of the universe, some don't. Most accept the idea that species evolve, but reject the notion that all species evolved from a common ancestor; others reject both notions. None of them reject, wholesale, the results of chemistry and physics. In short, their beliefs aren't "anti-science", but anti-evolution. They don't reject all of science, but a specific claim of a specific branch of science. Some, but not all, are inconsistent in their understanding of science. I think that's a fair charge to lay at the feet of many creationists. But inconsistency is simply not the same as being "anti-".

If you want to make the broader point, that a good scientist can't be a theist, then you're simply wrong. Historically, many eminent scientists were theists, and that trend continues. Many of my friends and colleagues are Christian professors in various spots around the country: Princeton, USAF Academy, Redlands, Hopkins.

So what's the prize? Well, I hope to persuade you to turn your back on a certain flavor of atheism which holds that atheism is the only possible rational belief. We can call this the "smarter than thou" disease. Those who are afflicted by the disease belief, against the evidence, that all theists are foolish or deluded, and that the smart people are atheists because the evidence for atheism (which amounts to a lack of evidence for theism) is overwhelming.

The problem with this disease is that it is firmly based in unreality. Many bright people are theists; many stupid people are atheists. But those afflicted with the disease cannot handle this uncomfortable fact, so that when one of their own (such as Anthony Flew) becomes a theist, they turn on him and accuse him of senility -- which is, I suppose, the only accusation that makes sense if you believe that atheism is a matter of intelligence.

The most egregious example of the "smarter than thou" disease is the comment made by Dawkins, "religion is a virus of the mind." You might think, in light of the historic examples of very bright religious people, and in light of the foolishness of speaking o

SETI has that pesky 'I' there, meaning intelligence. It's looking for signs of radio communications, based on assumption that only intelligent beings might communicate with radio. Though if a non-intelligent life communicating with radio was found, I don't think anybody would be majorly disappointed ;-).

TFA is talking about finding planets that have *any* life that can significantly change the atmosphere of a planet. Earth could have been discovered like this probably at least since we've had O2 (regular oxygen gas) and O3 (ozone) in our atmosphere, starting from about 2 billion years (*) ago. Contrast this time with the time we've used radio communications, less than 100 years.

(*) reference:
http://www.globalchange.umich.edu/globalchange1/cu rrent/lectures/first_billion_years/first_billion_y ears.html

Even if you could sythesize anything that nature can make, there isnt enough matter in the universe to make every small molecule that might be of interest to medicinal chemists. So how do you screen out the useless molecules and find ones that might have an effect on a druggable target? You use millions of years of evolution to your advantage and isolate compounds made by organisms. These "natural products" can be used to do high-throughput screening on your drug target.

Here is a lab that does this.
http://www.umich.edu/~lsi/institute/labs/sherman/s ponge.html

Domestic dogs have been reclassified as a supspecies of wolves - Canis lupus familiaris . Mainly *because* they can reproduce. Of course, coyotes can also reproduce with dogs and still are a separate species, so the whole thing still isn't clear. But dogs and wolves are now the same species.

Probably because Ivy League schools are almost exclusively focused on Accounting, Economics, Business, Law, etc. They're not hard-numbers schools. Our policy makers and politicians and lawyers and fortune-500-scandal-hiding accountants go to Ivy League schools, along with a number of kids from American dynasty families that are still here from the 1800's. Ivy league schools are hard to get into like Country Clubs are hard to get into. You need to be white anglo, rich, and have connections. Academics rarely has anything to do with it.

If you want hard sciences, you go to a school that focuses on hard science. Try sending the same people to MIT, or Cal Tech, or the University of Michigan.

In the same token, if you send your kid to MIT for Piano performance, or Business Management, don't be surprised when that isn't the focus of the school.

~W

Looks like it's the appropriately named "Hero Shrew"

Cool, now all we have to do is train these mice to go in and shut down the main reactor and we will all be saved, with no bad side effects or sacrificial Vulcans!

I remember when PointCast hit our network - every dingdong was running it to look 'kewl', instead it just sat there sucking up our (then) expensive bandwidth day & night.

Later on we became a "PointCast Partner" which never seemed to amount ot much.

What I want is a combination of news.google.com headlines & After Dark's Headlines module, just to keep me on my toes of real-news vs. fake-news (aside from Fox News)

The search http://www.google.com/search?hl=en&q=%22core+of+mo lten+iron turned up:
http://www.globalchange.umich.edu/globalchange1/cu rrent/lectures/first_billion_years/first_billion_y ears.html
which states:
The Earth's core is composed of two portions, an inner core of solid iron and an outer core of molten iron.
Seems that the responses seem to only know the second half of that.

Liberals insist you think the way they think because they are smarter than you.

"Pluralities of suburbanites, Protestants, married people, and those from households with incomes of $30,000 or more also self-identify as Republican. This reflects the Republican party's "main street" advantage. In contrast, the Democratic party is more attractive to less wealthy and minority segments of the electorate" http://people-press.org/reports/display.php3?Repor tID=124

There isn't a singluar chart to draw the comparison form, but you can see here http://www.umich.edu/~nes/nesguide/gd-index.htm the conservative vote consolidates with wealth and education. Educators may be more inclined to be liberal, but that's hardly a suprise, considering they went from living with their parents, to going to university on student loans, to going to a teaching position at the university, to tenure. Wow, straight from mom's tit to the government's tit, I'm impressed.

"and thus necessitate giving up fundamental freedoms we have never given up before) than during the Revolutionary War, Civil War, 1812, WWI, WWII, Cold War..."

From that quote alone, I can tell you bypassed the 'individual thinking' and 'higher education' you so loftily exhalt. For starters, it doesn't even make sense. (before than during???) Regardless, I tried to respond.

World Wars = Oh, your parents are japanese? You're under arrest. Whoops! Come back here Mr. Free press, you can't run that story. Almost thought you'd get away from the Office of Propaganda and Censorship didn't you? Hey you across the street, come grab a rifle and travel around the world for a war, there's even a 32% chance you'll survive!
Oh yeah, we're really sacrificing for this war because the NSA could *GASP* intercept your phone call when you talk about how much you support Hamas.

Nope is the work of the satanic Democrat controlled party :p Look at the election results!!!! Google for Red/blue states. http://www-personal.umich.edu/~mejn/election/

You mean something like this?

http://rsug.itd.umich.edu/software/radmind/

AT&T is complying (as the article mentions in passing) with the
Communications Assistance for Law Enforcement Act of 1994, which was pushed for by the Clinton Administration in 1994.

http://www.askcalea.net/
and more detailed:
http://web.si.umich.edu/tprc/papers/2004/335/TPRC2 004%20Paper%20html.htm

The Democrats controlled the US Senate and House in 1994 as well as the executive branch. Pay attention to the role of the EFF in supporting the passage of this law over the objections of other privacy advocacy groups like EPIC.

CALEA passed the US Senate on Oct. 7, 1994 by *unanimous* consent. John Kerry has been in the US Senate since 1985. President Clinton signed the bill on October 25, 1994.

AT&T is following the law - time for a class action lawsuit!!

And maybe as a side effect, the real time data capture and semantic analysis of IP-based traffic helps AT&T and other carriers locate and stop the source of massive DDoS attacks.

OMG, the recklessness of George Bush. Impeach! Impeach!

For extra credit, remember the Clipper Chip? The Blue Ribbon Campaign?

BTW, Have you heard of Plash or Systrace?

Unfortunately I don't think that many Linux systems are set up the way you describe, though I intend to make it my personal quest to make sure they are.

Also, have you come across a way of stopping GUI applications taking over other GUI application via the X protocol?

I know that it is possible to run X applications in untrusted mode, but I understand that is still possible for untrusted applications to snoop on other untrusted applications via X, so we cannot simply run all applications in untrusted mode.

Sure, not a problem. I had this very discussion yesterday. I'll repost with I did then:

According to this article the amount of greenhouse gases that man puts out in one year is ~30 billion tons. Unfortunately the article doesn't have a date but judging by the references it is somewhere around 2000.

This article (which uses figures from 2000) indicates that the U.S. alone produced 1,583 million metric tons of carbon from burning fossil fuels.

Now, consider that in 1815 Mount Tambora (Indonesia) produced an estimated 400 million tons of sulfurous gases and ash and that caused the year without a summer (i.e. global cooling), it is quite easy to suggest that mans dumping of multiple times that amount of gases into the atmosphere could cause an increase in world temperatures.

As far as what NOAA has to say, you can read and make your own judgements. They seem to agree with my assertion that the global increase in temperatures seem to be the result of both natural and man-made factors. The page in question was last updated on Feb 3, 2006.

Then of course there is the Wiki entry which indicates the volume of atmospheric carbon dioxide has increased from around 280 parts per million in 1800 to around 315 in 1958, 367 in 2000 (a 31% increase over 200 years), and about 380 in 2006. In other words, despite the huge quantity of atmosphere that exists around the planet, the concentration of carbon dioxide in the atmosphere has been increasing. Not remaining the same, not decreasing. Increasing. That's just CO2. In trying to find numbers to justify my claims I saw the same increase in other gases during the same timeframe (which is what the Wiki entry says in the next sentence).

After all that I found another source which says that on a yearly basis volcanoes contribute 100 million tons of CO2 whereas other sources of CO2 produce about 10 billion tons a year. It's under the section marked 'Influence on the Greenhouse Effect' halfway down the page.

As far as my quote about the amount of gases and such from Mt. Tambora, I left out a zero in my posting and didn't catch it during preview. The correct number is 400 million tons (as shown in this posting) of sulfuours gases though various sources differ. One says 200 million tons while another indicates 400 million tons.

Despite my mistake and even using the higher figure of 400 million tons, comparing that figure to the sources I listed in the beginning it still shows that what man produces is substantially more, every year, than what Mt. Tambora produced in a 3-month period. In the case of Tambora after the eruption stopped nature had a chance to recover. In the case of us burning fossil fuels, nature never gets a breather. We are always pumping out more and more gases.

I must state that I am not an uber-treehugger. I do, however, try to minimize to an extent my footprint. That said, there is not reason NOT to try and reduce our CO2 and other emissions if for no other reason than our health. Think LA and how wonderful it must be sucking in that brown atmosphere. For a better example think Mexico City. I don't know about you but I prefer to look through a clear atmospher, not a brown one.

According to this article the amount of greenhouse gases that man puts out in one year is ~30 billion tons. Unfortunately the article doesn't have a date but judging by the references it is somewhere around 2000.

This article (which uses figures from 2000) indicates that the U.S. alone produced 1,583 million metric tons of carbon from burning fossil fuels.

Now, consider that in 1815 Mount Tambora (Indonesia) produced an estimated 400 million tons of sulfurous gases and ash and that caused the year without a summer (i.e. global cooling), it is quite easy to suggest that mans dumping of multiple times that amount of gases into the atmosphere could cause an increase in world temperatures.

As far as what NOAA has to say, you can read and make your own judgements. They seem to agree with my asserttion that the global increase in temperatures seem to be the result of both natural and man-made factors. The page in question was last updated on Feb 3, 2006.

Then of course there is the Wiki entry which indicates the volume of atmospheric carbon dioxide has increased from around 280 parts per million in 1800 to around 315 in 1958, 367 in 2000 (a 31% increase over 200 years), and about 380 in 2006. In other words, despite the huge quantity of atmosphere that exists around the planet, the concentration of carbon dioxide in the atmosphere has been increasing. Not remaining the same, not decreasing. Increasing. That's just CO2. In trying to find numbers to justify my claims I saw the same increase in other gases during the same timeframe (which is what the Wiki entry says in the next sentence).

So my original statement stands. The increase in global temperatures is probably caused by both natural and man-made actions. How much mans contribution to the effect is debatable but it does exist. The issue now is what, if anything, can we do to at least stabilize our contribution.

If you don't want to believe that man contributes to global warming, fine. That's your right. However, rather than sit around and do nothing I prefer to take some measures to reduce my impact. Think of it like getting kids vaccinated. You don't know for sure if they'll get the mumps (like what is now appearing in Iowa) or any other disease. However, you're willing to spend the money now to prevent them from getting something in the future. Same thing with global warming. Take a few preventitive measures now to curtail our influence in the future.

Besides, controlling greenhouse gases is a job creation package. Think of the industries that will need to expand or be created to produce new equipment to reduce gases. What about the people who will have to service that equipment? It's a win-win situation.

Because XXX means the same thing in every langauge.

Triple X syndrome? It does look like ICANN has it:

http://www.med.umich.edu/1libr/yourchild/xxxsyn.ht m

"# Speech and language delays and learning disabilities
# Delayed development of certain motor skills"

It's all about delays.

Systrace (assuming you're talking about this systrace; the link you gave me was broken) looks very impressive. I'd worry that there may be applications for which slowing double checking every system call would be a real performance hit, but the worst-case example the systrace developers benchmarked was a find command where running through ~60,000 files took 42 seconds instead of 30, and a web browser doesn't need to access ten thousand files per second.

I hope systrace gets taken up by more Unixes and Linux distributions soon, though; any sort of capability-reduction policy is best written by the programmers of the software it applies to, but that won't happen until systrace is as common as chmod. Remember my example of letting an application create a new subuser to run as? It wouldn't be hard for any system administrator to make that possible, but because it's not a standard Unix feature there aren't any programs written to utilize it.

If performance and memory usage are among your biggest concerns, maybe Wyrd would be a better fit. It's built on top of Remind, a Unix console calendar with powerful scripting capabilities.

Disclaimer: Yes, I wrote Wyrd, and am therefore thoroughly convinced of it's awesomeness. But in all seriousness, it's extremely fast and runs in under 2MB. Textmode applications have their advantages.

Mostly correct. The additional UV contributes a trivial increase in surface recieved energy, which in turn contributes a trivial amount to retained energy near ground level. The ozone depletion in itself does not make CFC's a global warming concern. The problem of CFC's is that the C-F bond is a better infrared absorber than even the C=O bond, meaning CFC's have a much higher global warming potential (GWP) than CO2: easy-to-find Web page with CFC GWP table.

The good news is that increases in CFC GW contribution are falling since the ban of R-12 and others of the worst suspects; the bad news is that the CFCs put out before the ban will be contributing to global warming for a long time to come. The gripping hand is that the sheer volume of CO2 levels has always made it the #1 global warming contributor.

Disclaimer: I have skimmed the fine article as found on ArXiv, and apart from the obligatory and tiresome small-word references found little to get excited about either way. This rant merely applies to the entire field.

...To install a VMBR on a computer, an attacker must first gain access to the system with sufficient privileges to modify the system boot sequence.
...When targeting Linux systems, we modify the boot sequence using user-mode code. We modify the shutdown scripts so that our installation code runs after all processes have been killed but before the system shuts down. We overwrite the disk master boot record using the Linux hard-drive block-device so that our VMBR loads at system boot instead of the target OS.
...Our VMware-based VMBR image is 95 MB compressed and occupies 228 MB of disk space uncompressed.
...The VMware-based VMBR takes 52 seconds to boot the host OS and load the VMM and another 93 seconds to boot the target Linux OS.
...This research was supported in part by National Science Foundation grants CCR-0098229 and CCR-0219085, by ARDA grant NBCHC030104, by Intel Corporation, and by Microsoft.

http://www.eecs.umich.edu/virtual/papers/king06.pd f

I read the original article. It's interesting but not earth shattering. Essentially; your system is only as secure as the base it's built on. Operating systems with mandatory access controls (MAC) and well designed hardware would mitigate this kind of shenanigan. A larger concern is whether can you trust your OS provider not to build in this kind of back door into their product.

Here is a link to the actual paper the article references:
    http://www.eecs.umich.edu/virtual/papers/king06.pd f

The authors make an interesting point -- users and rootkits are about control. Whichever one controls the outer layer wins. If the user is in a protected environment, a rootkit running as root can win. If the user is root, then the rootkit must be a kernel-level root-kit and run in the kernel. If the user can control the kernel, the rootkit must control the machine, in this case, put the user kernel in a VM.

My take is: in this game of cat and mouse, you'll stop only at the hardware -- it is hard for a rootkit to control the hardware short of the rootkit script kidde being able to get physical control. So yes, the user can win this game, if he controls the hardware that controls the software. How does the hardware control software? You guessed it: trusted computing ala TCPA ala Palladium etc etc.

Can you think of a way to win against rootkits without TCPA?

Original Paper

Abstract

Attackers and defenders of computer systems both strive to gain complete control over the system. To maximize their control, both attackers and defenders have migrated to low-level, operating system code. In this paper, we assume the perspective of the attacker, who is trying to run malicious software and avoid detection. By assuming this perspective, we hope to help defenders understand and defend against the threat posed by a new class of rootkits.

We evaluate a new type of malicious software that gains qualitatively more control over a system. This new type of malware, which we call a virtual-machine based rootkit (VMBR), installs a virtual-machine monitor underneath an existing operating system and hoists the original operating system into a virtual machine. Virtual-machine based rootkits are hard to detect and remove because their state cannot be accessed by software running in the target system. Further, VMBRs support general-purpose malicious services by allowing such services to run in a separate operating system that is protected from the target system. We evaluate this new threat by implementing two proof-of-concept VMBRs. We use our proof-of-concept VMBRs to subvert Windows XP and Linux target systems, and we implement four example malicious services using the VMBR platform. Last, we use what we learn from our proof-of-concept VMBRs to explore ways to defend against this new threat. We discuss possible ways to detect and prevent VMBRs, and we implement a defense strategy suitable for protecting systems against this threat.

Which is why she is trying to find evidence that video games are bad, than, for example, campaigning to stop children from watching television, when there is plenty of evidence and an existing consensus that TV does a lot of harm to children:

http://www.med.umich.edu/1libr/yourchild/tv.htm http://www.stanford.edu/dept/bingschool/rsrchart/b andura.htm http://www.apa.org/releases/childrenads.html

Even reseachers who say TV can be good, emphasise that only applies to VERY restricted viewing:

http://www.aap.org/family/tv1.htm http://news.bbc.co.uk/1/hi/education/3506854.stm

Just a nit, but Prolog (in Abstract State Machines) and Scheme (in denotational semantics) also have formal specifications. However, I agree that it's disappointing that so few languages (3 is still a tiny number) use such an approach.

Damn straight. While better visual systems help a lot, it's still the act of doing another task that causes many of the problems. The proof in the pudding is the recent article saying that simply talking to passangers while driving can be as bad as talking on a cellphone.

University of Michigan Art School
http://art-design.umich.edu/it/laptop.html

Northern Michigan University
http://www.nmu.edu/academics/tlc.htm

I was directly involved in the distribution process at one school. I didn't think it would work, but it did.

To address some of the comments from other posts:

-Most freshmen are buying laptops anyway. These programs provide a structured method for all incoming students to buy a machine that meets their needs. They are informed well in advance so they don't go off and buy a different machine.

-People complain, but it all works out in the end. Some don't like the vendor/price/model/etc. but it's just one more thing about college to complain about.

-IBM and Apple are the best companies to get machines from. They are reliable and have good support systems in place

-Computers are a part of life for any college student. So long as financial aid considers it part of the base expense, it isn't a hardship for anyone.

-Theft is a problem whether all students have the same laptop or not. You have to take the same steps (documenting MAC Addresses, having system passwords, using a physical lock) as you would with any notebook

To answer some of the original questions:

-For software, contact each vendor and they will usually work out a good educational license deal for each machine (No server/key setup). You can cite the above schools' programs.

-Make sure the machines have adequate RAM for the job. Get RAM from a 3rd party if the laptop company won't give you a good deal. Get small, fast HDs rather than huge slow ones. Uses external 3.5" drives for backup

-Make antivirus/antispyware part of the base load/image. Have all updates automatic

-Port block and track IP/MAC addresses for bandwidth usages. Have graduated punishments for connection misuse

-Use a student staff for technical/question support. They are cheaper and more knowledgable that trying to train middleaged staff. Use a mixture of students and fulltime staff for physical support issues. You can't trust kids to do all the warranty work by themselves.

Good luck!

When you push on a wall, the force from your arm does no work. However, you grow tired because work is being done at the cellular level in you body. Your muscles require energy to remain contracted.

You would have us believe that there is a difference in the expense of energy related to the success of moving the object or not? Are you listening to yourself?

Please provide any example of how one body can compress another body without the continual expense of energy, without resorting to other suspect forces (such as molecular bonds via rubber bands or bracing, or gravity, etc..). One example. You will actually find that there are other equations in physics that relate energy to compression (such as a spring). These equations will be more useful to you than the force x distance one in this argument. It is also important, when makiing this analogy, to assume that any thought experiment must be constrained to not depend on any bracing at any time in the experiment. Doing so simply hands over to the molecular bonds of the brace all work required to continue the compression. It becomes hand-waving the problem away.

A compressed rigid (or non-rigid) body is only going to generate heat while it is being compressed. After that it cools. If that were not the case, I could heat my apartment by stacking up a pile of rocks.

At what point does gravity stop exerting force on a body? During compression, heat is generated as molecular bonds in the compressed body are broken. This process will continue with some half-life in a body experiencing constant compression, albeit at a much slower rate than during a change in compression. But even this doesn't matter much - you are looking for ways to balance the equations of conservation of energy (as you were taught). My assertion is that there is none at the level of the basic wheel-works of nature. In fact, I am stating that there is always an expense in energy when one body experiences a force (even if that force is in equilibrium). This is really self evident if you think about it. We are taught to believe that conservation of energy is a fundamental law and therefore don't question whether it applies to forces such as gravity. But upon inspiction, it becomes very clear that it does not. Gravity can and does act to accelerate other bodies without ever diminishing in effectiveness. Once you accept that fact, you must then consider the work it is performing on stationary objects as well. Consider Fusion in the sun. Consider black holes. Then think about the surface of the planet and tension on molecular bonds. Think outside the box.

And yes, absolutely, you could heat your house with gravity. Take a look here and here.

You can read them in context if you like. Go to here to browse the koran. It seems to go on and on in similar fashion (at least 9., I didn't check other sections).

Can't see anything wrong in University of Michigan putting its books online...

However, I fail to see why US taxpayers should be burdened with the cost of facilitating the cost of educating Chinese students at a time when American students are suffering severe reductions and the American workforce is lagging in educational resources. China can afford to pay to educate its own students.

http://www.umich.edu/pres/china/university-of-mich igan-and-china-history/
(or try googling digital library, China, Michigan)

If the University of Michigan is recieving ANY public funding, ANY information from those books should NOT be available outside the United States and protected territories and the consequences to the University should be very severe if that happens, including a loss of all public funding and requirement to pay back any funding it has already recieved during the period when it was exporting material paid for by US taxpayers.

PLASH is a hack that allows you to do something similar under Linux. E.g. it passes in rights to file opened with the GTK file open dialog so that you don't have to confirm that you want to open a files that you have already "passed in" by selecting them in a dialog box.

We are not exactly dealing with The New England Journal of Medicine here. The first thing you see on the site is an invitation to visit the LiveScience store. It would appear that the purpose of this article is to sell something.

The arteries in the retina are the only arteries directly visible in the human body and physicians have been looking at them ever since von Helmolzvon Helmholtz invented the direct ophthalmoscope in 1851. This is the unit with which your doctor peers into your eye using one of his own. Unfortunately, due to the intractability of Snell's LawSnell's Law less than 10 degrees of retina can be seen. A good explanation of the exam is located here.here.. Should the doctor use both eyes with an indirect ophthalmoscope such as is used during retinal surgery considerably more retina can be seen but the image is aerial and cannot be photographed directly. Nevertheless a good retinal camera, taking multiple views which are then pieced together can provide a map of the retinal vessels. The gold standard for this sort of thing in diabetes was the Airlie House Classification developed in 1968.1968.. A modern study modern study might involve 7-field stereoscopic color photographs to get an accurate map. Accurate results cannot be produced with a single picture through an undilated pupil in an aging population suspected of disease. The way to diagnose hypertension is with a blood pressure cuff. The way to diagnose diabetes is with a blood test.

Systrace will satisfy your needs
http://www.citi.umich.edu/u/provos/systrace/

Although it is safe in normal operation, things can always go wrong, and they do. Even if the risks are small, a largescale accident could wipe out populations and make huge areas uninhanitable for decades.

While I agree with the latter part of your argument, the former part is incorrect. The worst nuclear accident in history (Chernobyl) failed to "wipe out" even the population of the local city. A total of 56 people have died to date, with an expected final death rate of 4,000 due to Chernobyl-related illnesses. There were about 1,800 documented cases of Thyroid cancer from the event. FAQ/Findings

Current radiation levels are actually lower than the natural background levels for areas like Norway. However, the higher content of radioisotopes in the soil makes it unwise to live there. Despite this, many residents have moved back into the area.

The Chernobyl event is quite comparable to the 5-day, 1952 London incident where 3,000 people died from coal pollution.

The radiation released by coal is not that significant, and blends into background levels.

It's not the radiation you should be concerned about. It's breathing the radioisotopes into your lungs and blood stream. Once there, the radioisotopes have a chance to do the MOST damage by hitting the soft tissues with direct doses of radiation. Normally your skin provides a great deal of protection, but large internal doses tend to circumvent that protection.

But the way it's handled is what makes nuclear power so dangerous, and that's the reason so many people oppose it.

The way it's handled is what makes coal so dangerous. That's the reason why so many people should be opposed to it.

From the University of Michigan: "Since air pollution from coal burning is estimated to be causing 10,000 deaths per year, there would have to be 25 melt-downs each year for nuclear power to be as dangerous as coal burning."

I think the results are clear. Coal is FAR more dangerous than nuclear.