Slashdot Mirror

slashdotmsiriv writes "This paper from Microsoft Research describes the issues and tradeoffs a typical garage innovator encounters when building low-cost, scalable Internet services. The paper is a more formal analysis of the problems encountered and solutions employed a few months back when Animoto, with its new Facebook app, had to scale by a factor of 10 in 3 days. In addition, the article offers an overview of the current state of utility computing (S3, EC2, etc.) and of the most common strategies for building scalable Internet services."

holy_calamity writes "New Scientist reports on worries that the OLPC's BitFrost security protocols could hand a ready-made surveillance system to controlling 3rd world governments. The laptops identify themselves regularly to a server that can disable individual machines reported stolen — a system that hands a government a kill switch for every unit. BitFrost also has the potential to have machines attach a unique ID to every internet transaction, helping out anyone wanting to track net internet use. A freely available paper from a recent USENIX conference spells out the concerns." Relatedly, an anonymous reader points out a story at Slate about a study which examined the impact that free PCs had on poor students in Romania, writing that "giving the kids machines without a corresponding level of parental supervision just resulted in distractions which ultimately damaged academic performance. By contrast, allowing children access to machines in a supervised setting, say an after school program via school labs, might mitigate some of the negative effects."

Via_Patrino writes "While having to distribute load between several servers, round robin, or any other technique that balances load equally, is the most common approach because of its simplicity. But a recent study shows that trying to accumulate load on some servers can improve energy efficiency because the other servers will be mostly unused during off-peak periods and then able to make better use of power saving methods. Specially, where load involves lots of concurrent power-consuming TCP connections, which was the case in the study, a new load-balancing algorithm resulted in an overall 30% power savings. Here's the paper (PDF)."

Via_Patrino writes "While having to distribute load between several servers, round robin, or any other technique that balances load equally, is the most common approach because of its simplicity. But a recent study shows that trying to accumulate load on some servers can improve energy efficiency because the other servers will be mostly unused during off-peak periods and then able to make better use of power saving methods. Specially, where load involves lots of concurrent power-consuming TCP connections, which was the case in the study, a new load-balancing algorithm resulted in an overall 30% power savings. Here's the paper (PDF)."

Last July, a research team from the University of Washington released an online tool to analyze whether web pages were being altered during the transit from web server to user. On Wednesday, the team released a paper at the Usenix conference analyzing the data collected from the tool. The found, unsurprisingly, that ISPs were indeed injecting ads into web pages viewed by a small number of users. The paper is available at the Usenix site. From PCWorld: "To get their data, the team wrote software that would test whether or not someone visiting a test page on the University of Washington's Web site was viewing HTML that had been altered in transit. In 16 instances ads were injected into the Web page by the visitor's Internet Service provider. The service providers named by the researchers are generally small ISPs such as RedMoon, Mesa Networks and MetroFi, but the paper also named one of the largest ISPs in the U.S., XO Communications, as an ad injector."

An anonymous reader writes "The USENIX LEET workshop held earlier this week in San Francisco offered neat insights into the Storm botnet, including two papers showing the difficulty of accurately measuring the botnet's size, and one on the way it conducts its spamming campaigns (down to the template language used). There was a bunch of other cool work too, so check out the papers."

An anonymous reader writes "The USENIX LEET workshop held earlier this week in San Francisco offered neat insights into the Storm botnet, including two papers showing the difficulty of accurately measuring the botnet's size, and one on the way it conducts its spamming campaigns (down to the template language used). There was a bunch of other cool work too, so check out the papers."

An anonymous reader writes "This year's Usenix security symposium includes a paper that implements a "cheat" utility, which allows any non-privileged user to run his/her program, e.g., like so 'cheat 99% program' thereby insuring that the programs would get 99% of the CPU cycles, regardless of the presence of any other applications in the system, and in some cases (like Linux), in a way that keeps the program invisible from CPU monitoring tools (like 'top'). The utility exclusively uses standard interfaces and can be trivially implemented by any beginner non-privileged programmer. Recent efforts to improve the support for multimedia applications make systems more susceptible to the attack. All prevalent operating systems but Mac OS X are vulnerable, though by this kerneltrap story, it appears that the new CFS Linux scheduler attempts to address the problem that were raised by the paper."

gholmer writes "Eric Van Hensbergen reports that Plan 9 has been successfully booted on IBM's Blue Gene supercomputer. A live demo will be attempted during a poster session at this year's Usenix. There is also the obligatory Space Glenda picture."

Tal Garfinkel writes "There has long been a disconnect between academic computer security and underground forums like Black Hat and Phrack. A new USENIX-sponsored workshop called WOOT (Workshop On Offensive Technologies) is looking to bridge that gap by providing a high-quality, peer-reviewed forum for attack papers, with top reviewers from the academic, open source, commercial IT, and information warfare communities. Got a great attack paper? See if it makes the cut at WOOT."

Tal Garfinkel writes "There has long been a disconnect between academic computer security and underground forums like Black Hat and Phrack. A new USENIX-sponsored workshop called WOOT (Workshop On Offensive Technologies) is looking to bridge that gap by providing a high-quality, peer-reviewed forum for attack papers, with top reviewers from the academic, open source, commercial IT, and information warfare communities. Got a great attack paper? See if it makes the cut at WOOT."

modapi writes "Google's wasn't the best storage paper at FAST '07. Another, more provocative paper looking at real-world results from 100,000 disk drives got the 'Best Paper' award. Bianca Schroeder, of CMU's Parallel Data Lab, submitted Disk failures in the real world: What does an MTTF of 1,000,000 hours mean to you? The paper crushes a number of (what we now know to be) myths about disks such as vendor MTBF validity, 'consumer' vs. 'enterprise' drive reliability (spoiler: no difference), and RAID 5 assumptions. StorageMojo has a good summary of the paper's key points."

modapi writes "Google's wasn't the best storage paper at FAST '07. Another, more provocative paper looking at real-world results from 100,000 disk drives got the 'Best Paper' award. Bianca Schroeder, of CMU's Parallel Data Lab, submitted Disk failures in the real world: What does an MTTF of 1,000,000 hours mean to you? The paper crushes a number of (what we now know to be) myths about disks such as vendor MTBF validity, 'consumer' vs. 'enterprise' drive reliability (spoiler: no difference), and RAID 5 assumptions. StorageMojo has a good summary of the paper's key points."

JanMark writes "Prof. Andrew Tanenbaum and his student Melanie Rieback (who published the RFID virus paper in March) and 3 coauthors have now published a paper on a personal RFID firewall called the RFID Guardian. This device protects its owner from hostile RFID tags and scans in his or her vicinity, while letting friendly ones through. Their work has won the Best Paper award at the USENIX LISA Conference."

PMcGovern writes "Do you know a great sysadmin? Nominate them for OSTG's sponsored Sysadmin of the Year. The first 2500 sysadmins nominated receive a free ThinkGeek T-shirt. Your sysadmin can also win great prizes including an Apple MacBook, a trip to the LISA conference in Washington DC, Splunk Professional server, and cases of Bawls soda. Only two weeks left to nominate your sysadmin (Oct. 31, 2006). (Note: Slashdot is part of OSTG.)"

Danse writes "ZDNet reports that future worms could evade a network of early-warning sensors hidden across the Internet unless countermeasures are taken. According to papers presented at the Usenix Security Symposium, just as surveillance cameras are sometimes hidden the locations of the Internet sensors are kept secret. From the article: 'If the set of sensors is known, a malicious attacker could avoid the sensors entirely or could overwhelm the sensors with errant data.' A team of computer scientists from the University of Wisconsin wrote up the background in their award-winning paper titled 'Mapping Internet Sensors with Probe Response Attacks.'"

Danse writes "ZDNet reports that future worms could evade a network of early-warning sensors hidden across the Internet unless countermeasures are taken. According to papers presented at the Usenix Security Symposium, just as surveillance cameras are sometimes hidden the locations of the Internet sensors are kept secret. From the article: 'If the set of sensors is known, a malicious attacker could avoid the sensors entirely or could overwhelm the sensors with errant data.' A team of computer scientists from the University of Wisconsin wrote up the background in their award-winning paper titled 'Mapping Internet Sensors with Probe Response Attacks.'"

nickstoughton writes "The Linux Standard Base (LSB) project is holding its annual plenary meeting next week, Aug 8, in San Francisco, to coincide with LWE. The meeting is open to all, and the workgroup is seeking feedback on the next direction to take now that LSB 3.0 is out. But ... you must sign-up in advance since the meeting is to be held in IBM's San Francisco offices, and building securuty needs to know names for badges. At very least, this should be an opportunity to grill the developers of the standard as to why it is the way it is, what's happening with the ISO verion of the LSB, etc. If you are planning on going to Linux World Expo in San Franciso, this is worth adding to your itinerary!" Note that the room only holds 55 people, though!

An anonymous reader writes "At the fourth annual Linux Kernel Developers Summit, it was decided that there won't be a 2.7 Linux kernel development branch any time soon. Instead, Linux creator Linus Torvalds and the official 2.6 maintainer Andrew Morton have decided to continue working as a team, further enhancing the 2.6 kernel. Up to this point, kernels ending in an odd number (2.1, 2.3, 2.5, etc) were considered development kernels, and kernels ending in an even number (2.2, 2.4, 2.6, etc) were considered stable kernels. However, according to this KernelTrap article, active development will now continue in the mainline 2.6 tree, and the final stabilization will be left up to the companies that provide Linux distributions."

SonOfGates writes "Well, the Aussies have invaded Boston but at least they're not throwing tea into the harbor. AU-based nonprofit CAcert Inc has spent the last few days at USENIX '04 registering new users by the truckload. They bill themselves as a 'Community-Based CA.' Could this be the begining of a true 'open' certificate authority? See the O'Reilly story and press release."

ronys writes "The venerable USENIX organization has written a fine response to SCO's letter to Congress. As they point out, 'USENIX was here before SCO. USENIX was here before Linux.' Short and well written." And Reece Arnott writes: "As part of the NMap Press Release for the latest version of NMap, is a statement that explicitly revokes SCO's licence to redistribute it. From the press release: 'SCO Corporation of Lindon, Utah (formerly Caldera) has lately taken to an extortion campaign of demanding license fees from Linux users for code that they themselves knowingly distributed under the terms of the GNU GPL. They have also refused to accept the GPL, claiming that some preposterous theory of theirs makes it invalid (and even unconstitutional)! Meanwhile they have distributed GPL-licensed Nmap in (at least) their "Supplemental Open Source CD". In response to these blatant violations, and in accordance with section 4 of the GPL, we hereby terminate SCO's rights to redistribute any versions of Nmap in any of their products, including (without limitation) OpenLinux, Skunkware, OpenServer, and UNIXWare. We have also stopped supporting the OpenServer and UNIXWare platforms.'"

ronys writes "The venerable USENIX organization has written a fine response to SCO's letter to Congress. As they point out, 'USENIX was here before SCO. USENIX was here before Linux.' Short and well written." And Reece Arnott writes: "As part of the NMap Press Release for the latest version of NMap, is a statement that explicitly revokes SCO's licence to redistribute it. From the press release: 'SCO Corporation of Lindon, Utah (formerly Caldera) has lately taken to an extortion campaign of demanding license fees from Linux users for code that they themselves knowingly distributed under the terms of the GNU GPL. They have also refused to accept the GPL, claiming that some preposterous theory of theirs makes it invalid (and even unconstitutional)! Meanwhile they have distributed GPL-licensed Nmap in (at least) their "Supplemental Open Source CD". In response to these blatant violations, and in accordance with section 4 of the GPL, we hereby terminate SCO's rights to redistribute any versions of Nmap in any of their products, including (without limitation) OpenLinux, Skunkware, OpenServer, and UNIXWare. We have also stopped supporting the OpenServer and UNIXWare platforms.'"

caseih writes "The LinuxBIOS project has published a paper on using the open source bios code from bochs to help boot unmodified OSes such as Windows 2000, which was presented at the recent Usenix Conference. This was mentioned previously on Slashdot, but this paper gives more technical details on how they did it, some details about future possibilities, and their guiding philosophies behind this project."

BSD Forums writes "The ever increasing mobility of computers has made protection of data on digital storage media an important requirement in a number of applications and situations. GBDE is a strong cryptographic facility for denying unauthorised access to data stored on a 'cold' disk for decades and longer. GBDE operates on the disk(-partition) level allowing any type of file system or database to be protected. A significant focus has been put on the practical aspects in order to make it possible to deploy GBDE in the real world. FreeBSD's Poul-Henning Kamp says in an email to freebsd-current that he has uploaded this paper and slides which he presented at BSDcon 2003, California, USA."

robotdreams writes "Once again BSDCon showcases the BSD community's long history of innovative research, open exchange of ideas, and collaborative work. Tutorials this year feature: an intensive code walkthrough of the new FreeBSD 5.x release, debugging kernel problems on live systems, advanced BSD system and network security, and FreeBSD's new GEOM disk I/O subsystem." Since BSDCon runs from September 8th through 12th, you're probably either already going or out of luck ;) On the other hand, you're still early for OpenBSD 3.4, now taking pre-orders -- details below.

An anonymous reader writes "Pre-orders for the OpenBSD project's latest release, 3.4, are now being taken. This release will ship around November 1st. Significant enhancements have been made in this release, including i386 switch to ELF executable format, further W^X improvements for i386, ld.so on ELF platforms now loads libraries in a random order for greater resistance to attacks, inclusion of a static bounds checker to the compiler for basic checks on functions which accept buffers and sizes, strcpy/strcat function audit to replace with safer strlcpy/strlcat, ProPolice stack protection in the kernel, further manual page cleanups, large number of bug fixes and optimizations to the packet filter (PF) including packet tagging, stateful TCP normalization, passive OS detection, SYN proxy, and adaptive state timeouts, and many other improvements to the rest of the system.

Order a CD from the OpenBSD store. Ordering a CD helps support the project, as a bonus you get cool stickers, artwork, and an audio track!"

The same reader sent links to more information on this release, including new features, and the changelog between 3.3 and 3.4.

welloy writes "In a mail to freebsd-announce Robert Bruce writes that "during the week of September 7th to September 13th, all revenue from purchases at the FreeBSD Mall will be donated to the FreeBSD Foundation to support work being done to improve the fine grained threading in the FreeBSD Kernel, and other improvements needed to make the upcoming 5.2 release a success." The offer also applies to their table at BSDCon. This is a great way to support the FreeBSD project and ensure they have funding to keep up their great work."

BSD Forums writes "Dustin Puryear attended the USENIX Annual Technical Conference (ATC) this year in San Antonio, Texas and presents this report. USENIX offers attendees an interesting mix of papers and talks by academia, well-known industry professionals, and researchers working for companies across the world. What exactly did he really learn from this conference? He says research is as strong as ever within USENIX and open source communities. Samba is making significant progress with the ever emerging Active Directory networks. FreeBSD is emerging as one of the few key OSes of choice for web hosting. Finally, he says that Microsoft is competing for server business with their Microsoft Windows Services for UNIX products."

porkrind writes "No Starch Press and The USENIX Association co-sponsored a discussion on the SCO vs. IBM case at the USENIX Annual Technical Conference. Now you can listen as Chris DiBona, Don Marti, Jon "maddog" Hall, and others explain the nuances of the case. Click here for the MP3."

Major Byte writes "Rob Kolstad's MOTD (pdf) column in Usenix login; passes along a few distilled factiods from a CAIDA analysis of the 'Sappire/Slammer' Worm. When it was at full blast it was scanning over 3 billion systems per hour--a speed that 'a "better" vulnerability would have enabled infection of the entire internet in 15 minutes, a "flash worm" or a "Warhol Worm."' I think 'better' to mean 'able to infect across a lot of platforms.'"

Major Byte writes "Rob Kolstad's MOTD (pdf) column in Usenix login; passes along a few distilled factiods from a CAIDA analysis of the 'Sappire/Slammer' Worm. When it was at full blast it was scanning over 3 billion systems per hour--a speed that 'a "better" vulnerability would have enabled infection of the entire internet in 15 minutes, a "flash worm" or a "Warhol Worm."' I think 'better' to mean 'able to infect across a lot of platforms.'"

Major Byte writes "Rob Kolstad's MOTD (pdf) column in Usenix login; passes along a few distilled factiods from a CAIDA analysis of the 'Sappire/Slammer' Worm. When it was at full blast it was scanning over 3 billion systems per hour--a speed that 'a "better" vulnerability would have enabled infection of the entire internet in 15 minutes, a "flash worm" or a "Warhol Worm."' I think 'better' to mean 'able to infect across a lot of platforms.'"

HardcoreGamer writes "An Oregon amateur rocket group, the Portland State Aerospace Society, plans to launch a Linux-powered rocket weighing 12 pounds to 55,000 feet at a speed of Mach 3 in September, Wired News reports. The rocket's onboard computer is an AMD 586 processor and a Jumptec MOPS/520 PC/104+ board along with a power supply, a PCMCIA card carrier for an 802.11b card to transmit data to the ground, and a carrier board for a 128-MB CompactFlash card for long-term storage. The flight computer runs a stripped-down version of Debian Linux, with the 2.4.20 Linux kernel. The group will present a paper (HTML | PDF ) on the use of free software in rocketry at Usenix 2003. The real question is whether their network card will survive 10 seconds at 15 Gs!"

An anonymous reader writes "Some folks at Stanford have been looking at an alternative architecture for doing trusted computing (ala Palladium) based on using Virtual Machines. They presented a brief paper describing their work a couple weeks ago at the USENIX Workshop on Hot Topics in Operating Systems . In their paper they also discuss a bunch of non-DRM applications of Trusted Computing such as distributed firewalls, improving P2P security, preventing DDOS, and even strengthening civil liberty protections."

An anonymous reader writes "Some folks at Stanford have been looking at an alternative architecture for doing trusted computing (ala Palladium) based on using Virtual Machines. They presented a brief paper describing their work a couple weeks ago at the USENIX Workshop on Hot Topics in Operating Systems . In their paper they also discuss a bunch of non-DRM applications of Trusted Computing such as distributed firewalls, improving P2P security, preventing DDOS, and even strengthening civil liberty protections."

Dan writes "Usenix's Alex Walker announces that BSDCon 2003 Program Committee invites you to contribute original and innovative material on BSD and Open Source topics ranging from embedded BSD application development & deployment, BSD kernels & desktop, internet, security and network services, systems administration and much more. You can check here for more information and submission guidelines."

Dan writes "Usenix's Alex Walker announces that BSDCon 2003 Program Committee invites you to contribute original and innovative material on BSD and Open Source topics ranging from embedded BSD application development & deployment, BSD kernels & desktop, internet, security and network services, systems administration and much more. You can check here for more information and submission guidelines."

Dan writes "Usenix's Alex Walker announces that BSDCon 2003 Program Committee invites you to contribute original and innovative material on BSD and Open Source topics ranging from embedded BSD application development & deployment, BSD kernels & desktop, internet, security and network services, systems administration and much more. You can check here for more information and submission guidelines."

edsonw writes "In this paper presented at the 11th USENIX Security Symposium, Feamster et alii presented a method that provide access to censored sites while continuing to host normal uncensored content, using covert communication and steganographic techniques." The Infranet webpage has some more information. No public code yet, though.

edsonw writes "In this paper presented at the 11th USENIX Security Symposium, Feamster et alii presented a method that provide access to censored sites while continuing to host normal uncensored content, using covert communication and steganographic techniques." The Infranet webpage has some more information. No public code yet, though.

edsonw writes "In this paper presented at the 11th USENIX Security Symposium, Feamster et alii presented a method that provide access to censored sites while continuing to host normal uncensored content, using covert communication and steganographic techniques." The Infranet webpage has some more information. No public code yet, though.

an_mo writes "A link to a google cached document is floating around some mailing lists containing some info about microsoft software engineering. In particular the document contains juicy bits about the development of a large project like NT/2K. Some examples: Team size went from 200 (NT3.1) to 1400 (Win2k). Complete build of win2k time is 8hrs on 4way PIII and requires 50GB of hard drive space. Written/email permission required for checkins by the build team." The HTML version on Usenix's site is much nicer than Google's auto-translated version.

RiverWolf asks: "As a Systems Administrator (a.k.a. 'paranoid security freak') I spend much of my time tightening down systems, loading patches, and just generally making sure no one does what they're not supposed too. While tools like ssh have become a staple for file transfer and terminal sessions, I recently began looking at all the little print servers we have throughout my offices and wondered "hmm, can those things be sniffed?". Until now, my focus for printing has always been 'just get it working', but if someone can sniff the print jobs (like payroll and other confidential information) as they go across the network, then it doesn't matter how locked down eveything else is. Is there a standard for secure (encrypted transmission) network printing, or does anyone know of a way to do this? I found this document that deals with it in a round about fashion, but with dozens of printers spread throughout multiple locations, I don't see it as an option."

Amy Rich writes: "If you're are, or want to be, a professional sysadmin, buy this book! I've been doing UNIX system administration for nearly ten years now, and I've never seen another book like this on the market. Limoncelli and Hogan do a fantastic job of describing the 'whys' behind many of the best practices in the systems and network administrator world. I wish this book had been around when I started out; it would have saved so many headaches as I 'learned the hard way.' Read on (below) for the reasons Amy is so enthusiastic about this book, and to see if it might fit your situation. The Practice of System and Network Administration author Thomas A. Limoncelli and Christine Hogan pages 773 publisher Addison Wesley rating 9.5 reviewer Amy Rich ISBN 0-201-70271-1 summary Fantastic high level book about successfully administrating computer systems and networks. Learn the best practices of the pros, developed through years of trial and error.

Though not a nitty gritty technical book, this volume is a must have for every professional sysadmin, regardless of skill level or the technology she uses. The book focuses on the methods used by successful system administrators to build, support, and grow their networks. For the novice admin, it offers a good big-picture look at the most important "whys" of system administration. For the intermediate admin, it has great advice on how to balance fire fighting with project work that will help strengthen the infrastructure and lead to less emergency handling. For the senior admin, there are gems of design wisdom and sections on how to deal with being in a managerial or team leader role. Because it's more high level, this book is even a good buy for people who manage sysadmins but are not themselves technical.

What's Covered

The book is broken down into four major parts, The Principles, The Processes, The Practices, and Management. The chapters in each section are conveniently split into the "basics," the "icing" (things to concentrate on after all of the basics have been accomplished), and some exercises at the end to help the reader apply the covered information to her own situation. The authors back up their sound advice with many case studies and, often tragically humorous, war stories that really drive home the salient points. The BOFHs among us will certainly love some of the follies that the book recounts.

The Principles

This chapter deals with fundamental issues sysadmins encounter and how to define a site-wide infrastructure. The topics range from desktop and server setup, to security, debugging, and ethics. Of particular interest to me were the latter three. I was hoping that the security section would give a bit more detail about a layered security approach as part of the policy. The authors offered good pointers on developing a site security policy without going into specifics, though. The debugging section was spot on, and something that even your help desk people should read. Instead of the hit-or-miss technique that so many inexperienced people use to diagnose problems, this gave a thorough outline of how to methodically determine and fix a problem. In light of the current Enron fiasco, the ethics section was quite timely. How do you do the right thing (or even determine what that is) and then not get stuck as the scapegoat? Though they're not lawyers, Limoncelli and Hogan offer some sound advice and quote from the SAGE Code of Ethics.

The Processes

This section entails how to create the framework for making successful changes to your infrastructure. Topic highlights include change management and revision control, server upgrades, maintenance windows, and service conversions. Change management is one of the most perilously neglected portions of the system administration field today. How should changes be made to the systems so that they are as seamless as possible? Who changed what, when? How do you get back to a known state? My one nit is that I would have liked to see a bit more about automation (rsync, cfengine, et al) discussed in this chapter, especially in dealing with upgrades and service conversions.

The Practices

The authors choose a few important services to discuss in detail here:

• The helpdesk
• Customer care
• Data centers
• Networks
• Email service
• Print service
• Data recovery
• Remote access
• Software depots
• Service monitoring

These topics were well covered, but the one omission from this section was web service (and possibly a section on Usenet, though that's waning in popularity these days). The namesapces chapter from the Principles section would have also flowed better as part of a DNS chapter in this section. One especially amusing story in the monitoring chapter describes an alarm system in a machine room calling the on-duty sysadmin in the wee hours of the morning to tell him, in a sultry female voice, I'm hot. I'm wet. Too bad his wife answers and thinks it's a prank call when it's really a broken HVAC system!

Management

This section covers how to best deal with the human side of system administration and really explores how people can actually like their jobs instead of just slogging through them every day. There's some outstanding advice on how to deal with difficult situations (time management, difficult people, professional development, keeping people motivated and managing them well, etc). This is also the first book that I know of that includes salary negotiating tips for sysadmins. The management section could almost stand alone as a book geared towards the particular problems that many sysadmins experience.

Other bits

Unlike most other books, the introduction and the appendices are also very worthwhile reads. The introduction covers the three fundamental things that ever site should already be doing: using a ticketing system, handling quick requests right, and starting every host in a known state. The first two appendices cover the various hats that sysadmins wear and "what to do when..." situations. The latter is extremely valuable, and is also available from the book's web site.

In all, this book receives an enthusiastic thumbs up!"

You can purchase The Practice of System and Network Administration from bn.com. Want to see your own review here? Just read the book review guidelines, then use Slashdot's handy submission form.

Oink.NET writes "The O'Reilly Network reports on an unannounced BOF session at BSDCon 2002 regarding Rotor, a shared souce implementation of Microsoft's Common Language Infrastructure that currently runs on Windows and FreeBSD. It relies on a Platform Adaptation Layer, similar to Apache's Portable Runtime, that simplifies porting to other OS's. As to the licensing terms, the Rotor FAQ says "Microsoft intends to provide very liberal non-commercial licensing terms and is interested in gathering community input on the design of the license." Wonder if that includes Slashdot community input..."

ackthpt writes "SuSE has this press release as they are submitting enhancements to the Linux kernal particular to the AMD's x86-64 processor instruction set. Anticipated for 2.6 kernel, some enhancements may appear in 2.4, as development is only beginning on 2.5. AMD's take on the announcement as well.". nik notes that SuSE join NetBSD in having ports to Hammer. Usenix members can see the paper Wasabi's Frank van der Linden wrote about the porting effort.

Dare Obasanjo contributed this followup to an article entitled The Myth of Open Source Security Revisited that appeared on the website kuro5hin. He writes: "The original article tackled the common misconception amongst users of Open Source Software(OSS) that OSS is a panacea when it comes to creating secure software. The article presented anecdotal evidence taken from an article written by John Viega, the original author of GNU Mailman, to illustrate its point. This article follows up the anecdotal evidence presented in the original paper by providing an analysis of similar software applications, their development methodology and the frequency of the discovery of security vulnerabilities." Read on below for his detailed analysis, especially relevant with the currency of security initiatives in the worlds of both open- and closed-source software.

The Myth of Open Source Security Revisited v2.0 The purpose of this article is to expose the fallacy of the belief in the "inherent security" of Open Source software and instead point to a truer means of ensuring the quality of the security of a piece software is high.

Apples, Oranges, Penguins and Daemons

When performing experiments to confirm a hypothesis on the effect of a particular variable on an event or observable occurence, it is common practice to utilize control groups. In an attempt to establish cause and effect in such experiments, one tries to hold all variables that may affect the outcome constant except for the variable that the experiment is interested in. Comparisons of the security of software created by Open Source processes and software produced in a proprietary manner have typically involved several variables besides development methodology.

A number of articles have been written that compare the security of Open Source development to proprietary development by comparing security vulnerabilities in Microsoft products to those in Open Source products. Noted Open Source pundit, Eric Raymond wrote an article on NewsForge where he compares Microsoft Windows and IIS to Linux, BSD and Apache. In the article, Eric Raymond states that Open Source development implies that "security holes will be infrequent, the compromises they cause will be relatively minor, and fixes will be rapidly developed and deployed." However, upon investigation it is disputable that Linux distributions have less frequent or more minor security vulnerabilities when compared to recent versions of Windows. In fact the belief in the inherent security of Open Source software over proprietary software seems to be the product of a single comparison, Apache versus Microsoft IIS.

There are a number of variables involved when one compares the security of software such as Microsoft Windows operating systems to Open Source UNIX-like operating systems including the disparity in their market share, the requirements and dispensations of their user base, and the differences in system design. To better compare the impact of source code licensing on the security of the software, it is wise to reduce the number of variables that will skew the conclusion. To this effect it is best to compare software with similar system design and user base than comparing software applications that are significantly distinct. The following section analyzes the frequency of the discovery of security vulnerabilities in UNIX-like operating systems including HP-UX, FreeBSD, RedHat Linux, OpenBSD, Solaris, Mandrake Linux, AIX and Debian GNU/Linux.

Security Vulnerability Face-Off

Below is a listing of UNIX and UNIX-like operating systems with the number of security vulnerabilities that were discovered in them in 2001 according to the Security Focus Vulnerability Archive. AIX 10 vulnerabilities[6 remote, 3 local, 1 both] Debian GNU/Linux 13 vulnerabilities[1 remote, 12 local] + 1 Linux kernel vulnerability[1 local] FreeBSD 24 vulnerabilities[12 remote, 9 local, 3 both] HP-UX 25 vulnerabilities[12 remote, 12 local, 1 both] Mandrake Linux 17 vulnerabilities[5 remote, 12 local] + 12 Linux kernel vulnerabilities[5 remote, 7 local] OpenBSD 13 vulnerabilities[7 remote, 5 local, 1 both] Red Hat Linux 28 vulnerabilities[5 remote, 22 local, 1 unknown] + 12 Linux kernel vulnerabilities[6 remote, 6 local] Solaris 38 vulnerabilities[14 remote, 22 local, 2 both] From the above listing one can infer that source licensing is not a primary factor in determining how prone to security flaws a software application will be. Specifically proprietary and Open Source UNIX family operating systems are represented on both the high and low ends of the frequency distribution.

Factors that have been known to influence the security and quality of a software application are practices such as code auditing (peer review), security-minded architecture design, strict software development practices that restrict certain dangerous programming constructs (e.g. using the str* or scanf* family of functions in C) and validation & verification of the design and implementation of the software. Also reducing the focus on deadlines and only shipping when the system the system is in a satisfactory state is important.

Both the Debian and OpenBSD projects exhibit many of the aforementioned characteristics which help explain why they are the Open Source UNIX operating systems with the best security record. Debian's track record is particularly impressive when one realizes that the Debian Potato consists of over 55 million lines of code (compared to RedHat's 30,000,000 lines of code).

The Road To Secure Software

Exploitable security vulnerabilities in a software application are typically evidence of bugs in the design or implementation of the application. Thus the process of writing secure software is an extension of the process behind writing robust, high quality software. Over the years a number of methodolgies have been developed to tackle the problem of producing high quality software in a repeatable manner within time and budgetary constraints. The most successful methodologies have typically involved using the following software quality assurance, validation and verification techniques; formal methods, code audits, design reviews, extensive testing and codified best practices.

1. Formal Methods: One can use formal proofs based on mathematical methods and rigor to verify the correctness of software algorithms. Tools for specifying software using formal techniques exist such as VDM and Z. Z (pronounced 'zed') is a formal specification notation based on set theory and first order predicate logic. VDM stands for "The Vienna Development Method" which consists of a specification language called VDM-SL, rules for data and operation refinement which allow one to establish links between abstract requirements specifications and detailed design specifications down to the level of code, and a proof theory in which rigorous arguments can be conducted about the properties of specified systems and the correctness of design decisions.The previous descriptions were taken from the Z FAQ and the VDM FAQ respectively. A comparison of both specification languages is available in the paper, Understanding the differences between VDM and Z by I.J. Hayes et al.
   
   
2. Code Audits: Reviews of source code by developers other than the author of the code are good ways to catch errors that may have been overlooked by the original developer. Source code audits can vary from informal reviews with little structure to formal code inspections or walkthroughs. Informal reviews typically involve the developer sending the reviewers source code or descriptions of the software for feedback on any bugs or design issues. A walkthrough involves the detailed examination of the source code of the software in question by one or more reviewers. An inspection is a formal process where a detailed examination of the source code is directed by reviewers who act in certain roles. A code inspection is directed by a "moderator", the source code is read by a "reader" and issues are documented by a "scribe".
   
   
3. Testing: The purpose of testing is to find failures. Unfortunately, no known software testing method can discover all possible failures that may occur in a faulty application and metrics to establish such details have not been forthcoming. Thus a correlation between the quality of a software application and the amount of testing it has endured is practically non-existent.
   
   There are various categories of tests including unit, component, system, integration, regression, black-box, and white-box tests. There is some overlap in the aforementioned mentioned testing categories.
   
   Unit testing involves testing small pieces of functionality of the application such as methods, functions or subroutines. In unit testing it is usual for other components that the software unit interacts with to be replaced with stubs or dummy methods. Component tests are similar to unit tests with the exception that dummmy and stub methods are replaced with the actual working versions. Integration testing involves testing related components that communicate with each other while system tests involve testing the entire system after it has been built. System testing is necessary even if extensive unit or component testing has occured because it is possible for seperate subroutines to work individually but fail when invoked sequentialy due to side effects or some error in programmer logic. Regression testing involves the process of ensuring that modifications to a software module, component or system have not introduced errors into the software. A lack of sufficient regression testing is one of the reasons why certain software patches break components that worked prior to installation of the patch.
   
   Black-box testing also called functional testing or specification testing test the behavior of the component or system without requiring knowledge of the internal structure of the software. Black-box testing is typically used to test that software meets its functional requirements. White-box testing also called structural or clear-box testing involves tests that utilize knowledge of the internal structure of the software. White-box testing is useful in ensuring that certain statements in the program are excercised and errors discovered. The existence of code coverage tools aid in discovering what percentages of a system are being excercised by the tests.
   
   More information on testing can be found at the comp.software.testing FAQ .
   
   
4. Design Reviews: The architecture of a software application can be reviewed in a formal process called a design review. In design reviews the developers, domain experts and users examine that the design of the system meets the requirements and that it contains no significant flaws of omission or commission before implementation occurs.
   
   
5. Codified Best Practices: Some programming languages have libraries or language features that are prone to abuse and are thus prohibited in certain disciplined software projects. Functions like strcpy, gets, and scanf in C are examples of library functions that are poorly designed and allow malicious individuals to use buffer overflows or format string attacks to exploit the security vulnerabilities exposed by using these functions. A number of platforms explicitly disallow gets especially since alternatives exist. Programming guidelines for such as those written by Peter Galvin in a Unix Insider article on designing secure software are used by development teams to reduce the likelihood of security vulnerabilities in software applications.

Projects such as the OpenBSD project that utilize most of the aforementioned techniques in developing software typically have a low incidence of security vulnerabilities.

Issues Preventing Development of Secure Open Source Software

One of the assumptions that is typically made about Open Source software is that the availability of source code translates to "peer review" of the software application. However, the anecdotal experience of a number of Open Source developers including John Viega belies this assumption.

The term "peer review" implies an extensive review of the source code of an application by competent parties. Many Open Source projects do not get peer reviewed for a number of reasons including

• complexity of code in addition to a lack of documentation makes it difficult for casual users to understand the code enough to give a proper review
  
  
• developers making improvements to the application typically focus only on the parts of the application that will affect the feature to be added instead of the whole system.
  
  
• ignorance of developers to security concerns.
  
  
• complacency in the belief that since the source is available that it is being reviewed by others.
  
  

Also the lack of interest in unglamorous tasks like documentation and testing amongst Open Source contributors adversely affects quality of the software. However, all of these issues can and are solved in projects with a disciplined software development process, clearly defined roles for the contributers and a semi-structured leadership hierarchy.

Benefits of Open Source to Security-Conscious Users

Despite the fact that source licensing and source code availability are not indicators of the security of a software application, there is still a significant benefit of Open Source to some users concerned about security. Open Source allows experts to audit their software options before making a choice and also in some cases to make improvements without waiting for fixes from the vendor or source code maintainer.

One should note that there are constraints on the feasibility of users auditing the software based on the complexity and size of the code base. For instance, it is unlikely that a user who wants to make a choice of using Linux as a web server for a personal homepage will scrutinize the TCP/IP stack code.

References

1. Frankl, Phylis et al. Choosing a Testing Method to Deliver Reliability. Proceedings of the 19th International Conference on Software Engineering, pp. 68--78, ACM Press, May 1997. < http://citeseer.nj.nec.com/frankl97choosing.html >
   
   
2. Hamlet, Dick. Software Quality, Software Process, and Software Testing. 1994. < http://citeseer.nj.nec.com/hamlet94software.html >
   
   
3. Hayes, I.J., C.B. Jones and J.E. Nicholls. Understanding the differences between VDM and Z. Technical Report UMCS-93-8-1, University of Manchester, Computer Science Dept., 1993. < http://citeseer.nj.nec.com/hayes93understanding.ht ml >
   
   
4. Miller, Todd C. and Theo De Raadt. strlcpy and strlcat - consistent, safe, string copy and concatenation. Proceedings of the 1999 USENIX Annual Technical Conference, FREENIX Track, June 1999. < http://www.usenix.org/events/usenix99/full_papers/ millert/millert_html/ >
   
   
5. Viega, John. The Myth of Open Source Security. Earthweb.com. < http://www.earthweb.com/article/0,,10455_626641,00 .html >
   
   
6. Gonzalez-Barona, Jesus M. et al. Counting Potatoes: The Size of Debian 2.2. < http://people.debian.org/~jgb/debian-counting/coun ting-potatoes/ >
   
   
7. Wheeler, David A. More Than A Gigabuck: Estimating GNU/Linux's Size. < http://www.counterpane.com/crypto-gram-0003.html >
   
   

Acknowledgements

The following people helped in proofreading this article and/or offering suggestions about content: Jon Beckham, Graham Keith Coleman, Chris Bradfield, and David Dagon. © 2002 Dare Obasanjo

As promised chrisd back with his report from the expo floor at MacWorld and a brief note about what Linux can learn from the Macintosh. Walking the show floor at MacWorld, I'm beginning to feel a little sorry for people who are Windows boosters. Where do they go for their community? The Mac folks have MacWorld and WWDC, we have LinuxWorld, O'Reilly and Usenix, but they have what? Comdex? There is no MicrosoftWorld. Whether this is a result of their size or what, I couldn't tell you. But there is a similar feel that the "Linux Faithful" and "Apple Faithful" share and that is that we are clearly part of a user and developer community.

Yesterday, I reported on the Jobs keynote and his ability to expand his reality field to encompass and entire ballroom. Today, do people still feel energized by his talk? Some were still pumped just to a part of the show, gasping and oo'ing and enjoying the melodrama of it all, but the next day there was a collective vibe of "well, was that it?". This is not to say that they were disappointed by it, but they perhaps wanted something more. The rumors had been flying for months about a flat screen iMac, and since that was what Apple brought forward, it was going to been seen as an evolutional, and thus anti-climactic, step, even if it was daringly packaged.

Many noted that they were expecting a speed bump for the G4 towers, but with Seybold coming up in February, many expect Apple to announce their tower update then to a more professional audience.

At the Tuesday keynote "The Power of X", Phil Shiller and Avie Tevanian talked about OS X and what it means to apple and to the future of the Macintosh platform. Apple is stressing how stable and crash proof OS X is and what this can means to the "Apple Faithful". They discussed the kernel, the media layers, security and the user interface and how it all works together. What they've done with their BSD derived core is really impressive. As part of the keynote, Tweak Films showed off an OS X based deep ocean wave visualization app that they assert they ported from Unix in weeks, with significant functionality gains.

The show floor itself was bouncy fun. For me it was a nice change from the austerity of a Linux exposition and it's focus on sheer functionality, capability and commerce. Large exhibitors included Alias|WaveFront, Adobe (not having anyone at this conference arrested, I noted), FileMaker pro, Microsoft and a number of other software development houses. As I walked the floor, I made a mental note of applications that were available for both Windows and the Macintosh. The reality is that there isn't much that is specifically for the Mac intosh, with the obvious exception of the hardware from apple, with all the vendors one ends up asking, what is unique here?

What Apple has that is unique, and sadly Windows and Linux both lack, is cohesion. Everyone with devices and software for the Mac seem to work so well with each other and the OS. We should strive to emulate that cohesion whenever practical for open source software. Before, the apple story was cohesion without stability or power. Now, with BSD at it's core, you can bet that Apple will be able to attack Windows, SUN and Linux on the power front. A year from now it will be interesting to see how many people are running apache to serve pages from their Apple machines, and I will be unsurprised if someone is giving an apache serving presentation at the next Apple WWDC.

Please note that I have posted some pictures of my trip to MacWorld, with some pictures of the new iMac and of the keynote.

On Wednesday I attended a hearing in Felten vs. RIAA, the lawsuit filed by Professor Felten, other Princeton researchers, and USENIX against the RIAA, SDMI, Verance, and the Department of Justice. As you already know, the judge dismissed the case. But taking a look at the hearing might provide some insight into how the judicial system works.

An incredibly brief review of the case: SDMI created an open challenge to break various forms of technical restrictions they had designed to allow music publishers to control how people use legitimately purchased music. A team led by Felten participated and was mostly successful at breaking them. The team wrote a paper, intending to publish it at a scientific conference. The RIAA/SDMI sent a letter to Felten, his employer, and the conference threatening them with legal action. Private legal discussions and a very public flap broke out. Felten filed a pre-emptive lawsuit, seeking to have his right to publish vindicated without waiting for a suit from the RIAA or SDMI. Immediately afterward, the RIAA publicly and repeatedly withdrew their threat to sue. Eventually the paper was, in fact, published, but the suit has continued.

Or just read through the Slashdot stories.

On to yesterday's hearing. The judge has before him a request from the defense to dismiss the case - they state that there is no real issue since the threat has been withdrawn. The Plaintiffs oppose this - they feel the threat is real, even if the RIAA has now withdrawn it.

Each side is represented by a half-dozen attorneys. Felten and several of the other plaintiffs are present as well. There are four or five press representatives. Other than that, the courtroom is empty. The first thing the judge does is take care of some routine business - the plaintiffs have requested that a C program, tinywarp.c, be filed under judicial seal with the court. The judge accepts this. He then goes briefly over the case so far, saying that he feels fully briefed by the papers submitted by both sides. He invites the plaintiff's lawyer, Gino Scarselli, to speak and respond to the last set of papers filed by the defense, but cautions him to avoid repeating any of the arguments set forth already in the many papers filed.

Scarselli emphasizes that the plaintiffs are in court for more than just the single threatening letter - he notes that the threat of legal action was considered quite real by the universities, who assigned lawyers to deal with the threat. He notes that Felten's paper was described as a "recipe for circumvention" by the defendants. He says that Felten also fears criminal prosecution due to his desire to publish a paper on SDMI in Scientific American - since Scientific American pays for papers, unlike the conference, this makes publication of the paper a commercial enterprise which might be charged as a criminal violation of the DMCA.

The judge is rather skeptical. He states that the difference between Felten and Sklyarov is "night and day". Sklyarov's actions are clearly criminal to the judge - Felten's actions not at all.

Scarselli and the judge spar a bit over a possible amendment to the complaint, regarding what exactly the plaintiffs were seeking in the lawsuit, and Scarselli retires from battle. Next up is David Kendall for the RIAA, responding to Scarselli.

Kendall starts off by talking about a stipulation (an agreement on facts) that both parties were negotiating over. Apparently both sides had almost been able to reach an agreement, except that the RIAA wanted the agreement to include dismissing the lawsuit and the plaintiffs did not. Kendall moves on to emphasize the argument they are making - that the suit should be dismissed because there is no conflict between the RIAA/SDMI and Felten. There are three reasons why a suit might be dismissed in this fashion - for mootness, because the plaintiffs lack standing to bring the suit, or because the issue isn't ripe. The judge asks Kendall which of the three would apply to this case - Kendall disclaims mootness (because that implies there once was an issue, but no longer), and states that this could be dismissed under either of the other reasons.

Richard Phillips is called to speak for the Department of Justice. Phillips states that his argument has been covered by the papers submitted and sits back down.

At this point only 40 minutes or so has elapsed. Normally, the judge might now take the case for decision, then some time later issue a written decision - instead, he decides (obviously he planned to do this in advance, since he has notes prepared) to render his decision in the case orally and immediately. He notes that he's doing so to save both parties further time and trouble, which indicates that he agrees with the defense that the case should be dismissed.

The judge starts off with the basics, which must have been rather boring to the lawyers involved. Under the Constitution, courts are limited to deciding cases where there is an actual case or controversy. He states flat-out that he sees no case or controversy here, in case anyone in the courtroom missed the hint he's already given.

He now takes a deep breath and begins going through his notes. He recaps the case from the beginning. I'll spare you that, read the documents if you wish.

Finally we get to his analysis. There are two separate issues - is there a case against the private entities? Is there a case against the Federal Government? The judge looks at the private entities first.

Again he discusses the requirement that cases be limited to actual controversies, that judges can't rule on abstract, theoretical, or speculative cases. He uses the word "speculative" approximately 20 times during his opinion, always referring to the plaintiffs' case. He relates a rambling analogy about bank fraud, essentially saying that the plaintiffs were asking for blanket immunity against ever being sued or prosecuted, which was impossible. He covers in great detail the RIAA's retraction of their threatening letter, how they've plainly denied any desire to sue Felten or anyone else over Felten's original paper.

The judge now looks at the First Amendment considerations relating to the suit against the RIAA/SDMI. He notes that the courts are required to avoid Constitutional questions if at all possible. He also notes that according to case law on the subject, there must be a real and immediate threat, that must remain throughout litigation, in order for the courts to consider the Constitutional questions around a non-criminal law (that is, the part of the DMCA that doesn't involve criminal penalties, only the possibility of civil lawsuits). Since the threat has not remained throughout litigation, he sees no Constitutional questions relating to the non-criminal part of the DMCA. He also notes that Plaintiffs do not allege they intend to violate the statute [ed. note: I'm not sure which part of the DMCA the judge was talking about right now - he may have been getting ahead of himself and talking about the criminal penalties.] and thus proceeding further would be "pre-enforcement review", which is not permitted. He closes this section by saying that he finds the Step-Saver and Salvation Army cases (referred to in the briefs submitted by both parties) instructive.

Somewhere during this speech, one of the attorneys for SDMI starts grinning, hugely, as if his team has just won the Super Bowl. He continues grinning and looking over at the attorneys for the plaintiffs until the hearing is over. None of the other attorneys for either side show any particular reaction.

The judge now continues with the suit against the Federal Government for Constitutional violations. He notes that the plaintiffs have not been directly threatened by the Government, nor prosecuted. He contrasts Felten's situation with that of Dmitry Sklyarov - the plaintiffs don't sell their program to the public, they do it for scientific purposes. Again he mentions the Step-Saver case. He quotes from the DMCA extensively. He states that the Government and plaintiffs have no adverse legal interests - that is, there is no possible criminal threat to Felten for doing what he's doing, in the judge's opinion. He notes that in the Sklyarov case there is such an adverse legal interest - obviously, Sklyarov was imprisoned! - and suggests that the Sklyarov case is a better way to get any First Amendment consequences of the DMCA adjudicated by the courts. The plaintiffs are not "manufacturing", according to the judge; nor are they offering their code for sale. The judge segues to what he sees as deficiencies in the plaintiff's legal complaint - they did not assert they planned to fully violate the criminal sections of the DMCA, mainly their assertions were that the Act is unclear and vague. Finally he closes - the plaintiffs must have an "objectively reasonable fear" of prosecution in order for the required legal conflict to exist, and the judge sees no such objectively reasonable fear.

A few more sentences and he's done. He reminds everyone that he may revise his written/final opinion from what he just dictated. He doesn't provide a time-frame for when the written opinion might be expected.

And that's it. My impression is that the most important phrase in the decision is "night and day". Judge Brown saw Sklyarov as a pirate, well-deserving of a long imprisonment term, and Felten as a goodie-two-shoes scientist who didn't have a care in the world. The very factors that made Felten a "good" subject for a civil liberties case allowed the judge to rule that there wasn't a case at all. Both the Justice Department and the RIAA prefer to have their test cases with suitably unsavory defendants - Russian pirates and shady hacker magazines are much preferred over all-American Princeton professors. The RIAA won't make the mistake of sending threat letters to professors again - not until the DMCA issues have been well-settled in the courts, anyway. Some people have criticized the EFF for over-reaching - trying to make a case out of nothing. But to a great extent the civil liberties groups have to play with the hand they're dealt. Felten was legitimately threatened, and even if the RIAA saw their mistake and starting trying to weasel out of it, I can't fault the civil liberties groups for trying to pursue this. They plan to appeal, of course.

mvw writes: "Here is an interview with OpenBSD's Theo de Raadt. Interesting is his comment on Soft Updates and the comparison to the rivaling Journaling file systems technology. Further he links to a very interesting paper by some Soft Updates researchers." And although OpenBSD 3.0 has an "official" release date of December 1 for whatever reason, it seems to be available by FTP or CD already. Lots of changes since 2.9.

Dr. Edward Felten is in a funny position -- or perhaps not so funny. He's the Princeton researcher who took up the challenge posed by the music industry to find flaws in the SMDI watermarking scheme, but didn't enter into the 'no-telling' bargain (here's the click-through agreement [pdf]) which would have made him eligible for a reward, so wasn't bound by non-disclosure terms. When a scheduled academic presentation on the weaknesses [pdf] that he and his colleages found in SDMI became the object of lawsuit threats from the RIAA, and caused him to cancel the planned presentation, Felten decided to turn the tables, and in cooperation with the EFF, sue them instead, for interfering with his scholarly research. Though he did eventually get to present his research, the legal action is still going. Dr. Felten is at a hearing today in Trenton, NJ, but he's agreed to answer questions from Slashdot readers. Please confine your questions carefully (one per post), and we'll pass the highest-moderated ones on for his answers.