The easy way to attack remote systems at the hardware level would be to preload a back-door key into Active Management Technology. All the hardware is already there to remote control the computer, without any help from the operating system. By default, this feature is supposed to be disabled. But a minor firmware change, initializing the AMT unit with a second hidden key instead of leaving it disabled, would make it possible to take over any corrupted machine from a level below the OS.
AMT is the latest form of this, but there's also ASF (AMD's version), and RCMP (works over UDP, while AMT is a web service).
This is tough to detect, short of cutting open the network controller chip and tracing the wiring with a scanning electron microscope. That's quite possible and tools for it exist, but it's not cheap.
Someone else commented "The solution to this mess would seem to be to trash everything unsourced or transwiki it to a place that doesn't care about reliability, but that's not going to happen."
It's happening. Wikia, which is Jimbo Wales' commercial operation, is the other place that "doesn't care about reliability". Wikia claims to be an encyclopedia and a search engine, but all they are is a hosting service for fancruft. They have the Star [Wars|Trek|Craft|Gate] wikis, the Yu-Gi-Oh wiki, the Marvel Comics wiki, and similar popular culture. They even have fan fiction. They don't have much else. The machinery is the same as Wikipedia, but the standards are far lower. Wikia has ads, but the reader demographic lives in their parents' basement, so the clicks may not be worth much.
There's now a push on Wikia (the "WP:FICT" debate) to move the fancruft to Wikia, where Wales can try to monetize it. Wales is still involved with Wikipedia, so this is a conflict of interest. It's probably good for Wikipedia to have a place to dump the cruft, but it's troubling that the nonprofit and profit-making sides have some of the same management. The IRS may have something to say about that.
Wikipedia was done around 2006. By then, almost all the subjects worth an article had one. New articles now tend to be self promotion (garage bands, mostly), minor historical figures ("member of the Ontario parliament 1936-1938"), atlas information ("State Route 152"), or utter junk ("I rule!!!").
Wikipedia's maintenance process is labor-intensive. It's the encyclopedia anybody can trash, and a sizable, ongoing effort is required to fight the trashing. That effort increases as the number of articles goes up, which is what limits the useful size of Wikipedia. If volunteers don't keep up the maintenance, the thing will turn to mush. The right size for Wikipedia is probably below 500,000 articles.
It's worth realizing that we've solved most of the problems with hostile sites on the Internet other than ones that involve Windows zombies. Nobody is spamming from an identifiable source any more; that gets spammers turned off fast, or arrested. Spamming is now done using Windows zombies.
Hosting of scams tends to involve Windows zombies or server break-ins. We track this on our "Major domains being exploited by active phishing scams" list. Notice that almost all the sites with multiple exploits listed are services that provide DSL connectivity. The single-exploit sites are usually break-ins. Most of the open redirectors have been fixed, so that hole has mostly been closed.
The malware problem is, again, an endpoint problem, with programs given all the privileges of the user running them. Again, that's mostly a Windows problem.
(Not that Linux is fundamentally better. Installs still typically have to be run as root. Few will run under a restrictive Secure Linux profile.) Of course, when Microsoft tightens things up, as they did minimally in Vista, people scream that their insecure apps won't run.
Fixing the problem requires a clean start, like the OLPC. If the OLPC technology gets some traction at the high school, college, and road warrior level, we might have a way out of the current mess.
Once we get past outright criminality, we're faced with the "bottom-feeders" - the Made for Adwords sites, the "landing pages", the directory sites, the typosquatting sites, the domain parks, and similar annoying dreck. We're doing our bit to choke that off. If you're willing to lump the bottom-feeders together with the crooks, it's easier to separate them from the sites with some degree of legitimacy.
Most of the bottom-feeders get their revenue from Google's advertisers, via Google.
Google is starting to do something about this with "landing page quality measurement". Their standards are very low, though, judging by what's still showing up in AdWords ads. (We have a free Firefox browser extension that rates AdWords advertisers, so we have a way to look at this. Advertiser quality varies drastically by site: advertisers on Bloomberg look legit, LinkedIn, mostly OK, Myspace, mostly bottom-feeders.)
There's a basic question here - how much of Google's revenue comes from bottom-feeders? Google recently tightened up their landing page
standards, and Google's revenue dropped for the first time ever. Can Google still afford "don't be evil"? We'll find out this year.
All of these things are endpoint problems. Down at the IP level, we're doing OK.
The "new paradigm" for the internet is figuring out ways to make it look good on tiny screens. Current web design usually involves a small bit of content surrounded by banners, ads, menus, and similar dreck. None of that stuff fits on the small screen.
The big screen is forgiving of bad layout. The small screen is not.
Navigation probably needs to be popup-based. You can't afford the screen real estate for keeping menus on screen all the time. A unified grammar for popup behavior is needed in web browsers. Users need to know what to expect when they ask for something to change on screen.
I suspect we'll see a migration to laptops with smaller screens, with better use of screen real estate. Big laptops may go the way of the shoulder-carried boom box.
Big, corrupted PST files? No problem. Just get Stellar Phoenix PST Repair. "Stellar Phoenix can repair PST files in all scenarios including the common issues listed below... Oversized PST files with 2Gb problem.
Recovers from encrypted files. Recovers deleted e-mails." U.S. Government price $249 with CD. Immediate download available. Recommended by PC Magazine.
This little problem can be overcome. Just get some image copies of those tapes out to the Internet Archive or Wikileaks, and all the technical problems will be quickly dealt with, the data will go on line, and it will all be indexed.
Much of the problem with Wikipedia and Craigslist comes from anonymity. Wikipedia carries anonymity to the point of absurdity - not only are individual contributors anonymous, the "admins" and "sysops" are anonoymous. Craigslist is drowning in a flood of spam because they don't do anything to validate accounts.
One of the simplest ways to cut down on the problem is to require a cell phone number to get an account. The signup system then texts a password to the phone. GMail used to do that, when they were trying to be be less evil than Hotmail. Craigslist desperately needs it. Yes, you can buy more SIM cards and create multiple identities, but each new identity will cost $50 or so, which tends to throttle spammers.
What happened to the plutonium glut? According to the World Nuclear Association, the US has 38 tons of surplus plutonium as of 2007. The USSR had even more, because they kept their production plant going even when there was no demand. The UK has surplus plutonium. What's NASA's problem?
Radiosity does more for indoor scene quality than does raytracing. Radiosity gives you the visual cue of a dark band at an inside corner, which is subtle and a basic part of the human visual mechanism for resolving depth. Raytracing makes shiny things look cool.
I've seen the thing. Right now, it's a nice teleoperator, but can't do much if anything autonomously. Great platform, though. There's also Anybots, which does beautiful mechanical engineering. That, too, is a teleoperator right now.
It's nice to see the mechanical engineering problems of mobile robots being solved. The mechanics need to be done in the private sector to move research forward. University CS departments are terrible at cutting metal.
This will go mainstream for Xmas 2009, when the first dynamic self-balancing legged toy robots appear.
The legal system worked. As soon as Wikileaks got involved in the case, the judge reversed himself almost immediately.
The real problem here is with Dynadot, the domain registrar. Like most domain registrars, Dynadot tries to wriggle out of the concept that domains are the property of the registrant, substituting one-sided terms of service which give them discretionary power over the domain. That's the problem.
They made a deal with Bank Julius Baer to shut down the site, and got the court to sign off on the deal, without even notifying the registrant. That was Dynadot's doing. That's where the problem started.
Interestingly, Dynadot has one of those indemnification clauses in their agreement that everyone ignores. This time, it matters. It reads:
You agree to release, indemnify, defend, and hold harmless Dynadot... against any losses, liabilities, claims, damages or costs,... relating to or arising out of Your registration, application, transaction request, resale, or use of services provided by Dynadot and Your account with Dynadot....
Should Dynadot be threatened with a lawsuit or receive notice of a filed or pending lawsuit by a third party, Dynadot may seek written assurances from You concerning Your promise to indemnify Dynadot. Your failure to provide such written assurances may be considered a material breach of this Agreement.
One could argue that Dynadot's insertion of such a clause created an obligation on Dynadot to promptly notify the registrant of any threatened litigation. Dynadot has claimed in their contract that the registrant has responsibility for claims against Dynadot by third parties. Yet Dynadot did not properly notify the registrant of such a claim. Instead, they apparently went to court before notifying the registrant. That's usually considered negligence or worse.
Visit
No-Dig 2008, April 27 through May 2, the trade show of the microtunneling industry. This is routine construction technology; if you need to put a pipe under a busy street, it's quite possible to do so. Small diameter pipes with short runs are installed by "pipe jacking", where the pipe is simply forced through dirt with hydraulic cylinders. For larger pipes and longer runs, there's "horizontal directional drilling", which is derived from oil well technology.
True robotic tunnel boring machines for small tunnels are being talked about, but they're not moving dirt yet.
Tunnel boring machines don't just drill a hole; they build the tunnel. TBMs have a cutter head in front, which is jacked forward as it cuts. The TBM's jacks push against the previous tunnel rings for support, or against the tunnel walls in hard-rock tunneling. This creates a gap between the front and back of the TBM. Once enough space has been opened up for another tunnel ring, the jacks are retracted and another tunnel ring is installed, in segments. Tunnel ring segments can be metal or concrete; the London Underground, especially the Jubilee Line, uses metal tunnel rings bolted together.
Behind the cutting head of the TBM is a big construction project compressed into a small space. There's machinery for erecting the ring segments, which can weigh tons. There's usually a two-track narrow gauge rail line behind the TBM, with muck cars taking away the dirt, segment cars delivering more ring segments, track cars carrying more construction rail track, and the occasional tool or worker car. So the back end of a TBM may have a hundred feet or more of materials handling
equipment.
Here's a video of an animation of a TBM. This is a hard-rock TBM, used in the Alps. Somewhat different designs are used in soft rock (like the chalk of Eurotunnel) and in wet ground.
Cramming all this into a small robotic package is a tough job that hasn't been done yet. There's considerable automation in these things, but not yet enough to run them in places where people can't go.
MailRail, in London, came closest to the proposed system. Little automated electric trains carried mail since 1928. It was shut down in 2003. (It's still intact, though; it might be restarted some day.)
MailRail gives a sense of the constraints of a realistic system. The tunnels are 9 feet in diameter and double-tracked, so it's possible to get repair crews and equipment into the tunnels without much trouble. For small-tube systems, breakdowns are tough to deal with. MailRail was a railroad in miniature, with stations, sidings, switches, repair shops, and work trains. Even rails wear out and have to be reground or replaced, so MailRail had the gear to do "maintenance of way" work. All those things are needed, and many of them are labor intensive.
The operating cost on MailRail was quite high, even though all the capital costs had long since been paid for. Cost was 3x to 5x the cost of using trucks. But the real problem was that it didn't go to the right places; over the decades, post offices had been moved to locations off the MailRail line, and only three of the nine stations were still in use.
The Chicago tunnel system had a different problem. It was designed when long-haul freight was by rail and local delivery was horse-powered. Bear in mind that trains were routinely hauling heavy loads by 1850, but trucks didn't appear until the 1920s and didn't work well until the 1930s. (1920s trucks had power comparable to that of a small car today.) So for a seventy-year period, local delivery was badly matched to long-haul transport. Early attempts to deal with this problem involved breeding very large horses. This was the period of pneumatic tubes, underground freight rail systems, and similar attempts to fix the local delivery problem. Once truck engines and drivetrains become powerful enough to do the job, those local delivery systems were no longer needed.
Werner von Braun's plan for going to Mars was published in the 1950s. It's worth reviewing it.
Build a two-stage rocket that can lift reasonable loads to Earth orbit. The first stage, the big booster, is recoverable with parachutes. The second stage can re-enter on wings.
Build a large number of these rockets, hundreds of them. This is the big difference from NASA's current one-off thinking.
Build a big wheel-type space station in Earth orbit, using several hundred launches of the big boosters. This is the base for the Mars shot.
Use about 400 launches (!) to move the Mars fleet of 14 rockets into
Earth orbit, along with the necessary fuel.
14 rockets take off for Mars, with about a hundred people.
The rockets land on Mars on wings. (This wouldn't work. Von Braun didn't have data on Mars' atmosphere. Back then, it was thought that Mars had maybe 20% of Earth's atmospheric pressure. The actual number is about 0.6%. This is a serious problem. We do not, in fact, know how to land a big load on Mars. The combination of heat shield and parachute used for small robotic craft isn't enough. Power is required, which means lugging fuel for landing.)
A sizable base is built, exploration takes place.
Some of the rockets return to Earth, to dock at the Earth space station.
Ah, the good old days of industrial production. If China does a Mars program, it might look like that.
Online auctions are a business which tends towards market concentration. The biggest auction is the most valuable, and the auction systems are closed. eBay objects if you write a search engine for eBay auctions, or a system to manage auctions across multiple auction sites.
In contrast, e-mail systems are today open - Hotmail can mail to Gmail, and vice versa.
That wasn't always the case. There was a time when MCImail, GEnie and AOL didn't talk to each other; eventually, the open e-mail system of the Internet wiped them all out.
Search is open from the consumer side; all search engines can look at all sites. But it's not open from the advertiser side, not since Google bought DoubleClick.
So there's an inherent tendency towards monopoly in the auction area. It's a legitimate subject for antitrust enforcement.
I own a.com domain which is the same as the ".co.uk" domain of a religious school in England. The kids mostly just mis-subscribed to mailing lists; I was getting multiple copies of promotional junk from bands. The e-mails between
the staff were interesting, though.
I had to turn off the catchall addresses about five years ago. Dictionary attacks were overloading the spam filters.
I've seen several gadgets like this at SIGGRAPH, although not this "maglev" version. There are better haptic input devices, which are more like robot arms in reverse.
Very nice. It's sad, though, that Microsoft is making it available as open source, because that means it's not going to become a Microsoft product.
Singularity is an interesting system. Most of the individual ideas aren't new, but the combination of them is well chosen. It's a message passing microkernel, like VM and QNX, the OSs that actually work reliably. The storage management and of enforcement of process separation at compile time comes from the ALGOL compiler for the Burroughs 5500, circa 1960, for example. They recognized the problem of interaction between interprocess communication and the scheduler and dealt with it; QNX probably has a better solution, but the one in Singularity is OK. Singularity tries a bit too hard to avoid interprocess copying; so did Mach, and it made things worse.
There's a reasonable design-by-contract language. The language knows about marshalling for interprocess communication, which encourages its use. That's borrowed from Mesa. In most languages, a subroutine call is much easier to code than an interprocess call, which encourages bloat of individual processes.
Drivers aren't in the kernel and aren't trusted, although drivers that can do DMA still present a security problem. This is a problem with insecure PC hardware; IBM mainframe channels have DMA that goes through MMU checking. That could be fixed, especially since most new peripherals are on USB or FireWire ports. Add-on boards are on the way out.
Last year, I was living in an area of Silicon Valley that was covered by Google's van. There's good coverage of my house. Really good coverage. You can see both cars in
the driveway and read the license plates. You can, just barely, see me in profile through a window.
Linux has this same bug. It's in "ohci1394.c". I reported this to the Linux kernel mailing list years ago, and the reaction of the kernel developers was to make it a "feature" for "remote debugging" that's enabled by default.
Technically, here's how it works. First, see the OHCI specification, section 5.15, "Physical Upper Bound register". This determines the highest memory address into which an external device can store directly by sending a packet. If set to zero, this feature is disabled. That feature is intended for slave devices, like peripherals. On computers with an operating system, it should be zero. It's not.
In the Linux kernel, that security hole was installed in "ohci1394.c" with the comment: /* Turn on phys dma reception.
*
* TODO: Enable some sort of filtering management.
*/
In early kernels, it was unconditionally enabled. In 2.6, it's enabled by default, but can be turned off.
Also, This patch indicates that this security hole may have been designed into some FireWire controllers, so that the "upper bound register" didn't really do anything, but read back zero.
Ultracapacitors or double layer capacitors (DLCs) are
energy storage devices whose operation is based on the double
layer effect [1]. By utilizing highly porous carbon material with a
surface area up to 2000m2/g as electrodes (as in Fig. 3) commercial
DLCs can achieve a energy density (6Wh/kg) much greater than the
energy density of a conventional capacitor. However, this figure is
much lower than the energy density reached by Lithium-Ion batteries
(120Wh/kg).
Project Goals Design and Implement an Ultracapacitor cell (see
Figs. 1 and 3) based on Carbon nanotubes (CNTs) that can
enhance the performance achievable by batteries. Our analysis
shows that the utilization of a matrix of vertically aligned CNTs (see
Fig. 2 - right) as electrode structure, can lead to an ultracapacitor
characterized by a power density greater than 100kW/kg (three
orders of magnitude higher than batteries), a lifetime longer than
300,000 cycles, and an energy density higher than 60Wh/kg.
So they're trying to make a capacitor with half the energy density of lithium-ion batteries. That's an achievement, but it won't replace batteries.
Great power supply for a dragster, at 100kW/kg. You only need a quarter mile of range, and you can get a few megawatts for a few seconds from a modest ultracapacitor bank.
(When posting Slashdot articles, please try to get better sources. And link the original paper, not some blog, please.)
Judging by my freaking freezing ears, MIT is in the North.
Yes. I'm a Stanford grad, live in Silicon Valley, and some years back someone from MIT was trying to
recruit me for the Media Lab to work on physically-based animation. We're walking across the MIT campus to the T station. It's sleeting, with light hail. He says "and there are fewer distractions out here".
The easy way to attack remote systems at the hardware level would be to preload a back-door key into Active Management Technology. All the hardware is already there to remote control the computer, without any help from the operating system. By default, this feature is supposed to be disabled. But a minor firmware change, initializing the AMT unit with a second hidden key instead of leaving it disabled, would make it possible to take over any corrupted machine from a level below the OS.
AMT is the latest form of this, but there's also ASF (AMD's version), and RCMP (works over UDP, while AMT is a web service).
This is tough to detect, short of cutting open the network controller chip and tracing the wiring with a scanning electron microscope. That's quite possible and tools for it exist, but it's not cheap.
Nice demo. The link for this article leads to an ad page which won't close if you have AdBlock installed.
Someone else commented "The solution to this mess would seem to be to trash everything unsourced or transwiki it to a place that doesn't care about reliability, but that's not going to happen."
It's happening. Wikia, which is Jimbo Wales' commercial operation, is the other place that "doesn't care about reliability". Wikia claims to be an encyclopedia and a search engine, but all they are is a hosting service for fancruft. They have the Star [Wars|Trek|Craft|Gate] wikis, the Yu-Gi-Oh wiki, the Marvel Comics wiki, and similar popular culture. They even have fan fiction. They don't have much else. The machinery is the same as Wikipedia, but the standards are far lower. Wikia has ads, but the reader demographic lives in their parents' basement, so the clicks may not be worth much.
There's now a push on Wikia (the "WP:FICT" debate) to move the fancruft to Wikia, where Wales can try to monetize it. Wales is still involved with Wikipedia, so this is a conflict of interest. It's probably good for Wikipedia to have a place to dump the cruft, but it's troubling that the nonprofit and profit-making sides have some of the same management. The IRS may have something to say about that.
Wikipedia was done around 2006. By then, almost all the subjects worth an article had one. New articles now tend to be self promotion (garage bands, mostly), minor historical figures ("member of the Ontario parliament 1936-1938"), atlas information ("State Route 152"), or utter junk ("I rule!!!").
Wikipedia's maintenance process is labor-intensive. It's the encyclopedia anybody can trash, and a sizable, ongoing effort is required to fight the trashing. That effort increases as the number of articles goes up, which is what limits the useful size of Wikipedia. If volunteers don't keep up the maintenance, the thing will turn to mush. The right size for Wikipedia is probably below 500,000 articles.
It's worth realizing that we've solved most of the problems with hostile sites on the Internet other than ones that involve Windows zombies. Nobody is spamming from an identifiable source any more; that gets spammers turned off fast, or arrested. Spamming is now done using Windows zombies.
Hosting of scams tends to involve Windows zombies or server break-ins. We track this on our "Major domains being exploited by active phishing scams" list. Notice that almost all the sites with multiple exploits listed are services that provide DSL connectivity. The single-exploit sites are usually break-ins. Most of the open redirectors have been fixed, so that hole has mostly been closed.
The malware problem is, again, an endpoint problem, with programs given all the privileges of the user running them. Again, that's mostly a Windows problem. (Not that Linux is fundamentally better. Installs still typically have to be run as root. Few will run under a restrictive Secure Linux profile.) Of course, when Microsoft tightens things up, as they did minimally in Vista, people scream that their insecure apps won't run. Fixing the problem requires a clean start, like the OLPC. If the OLPC technology gets some traction at the high school, college, and road warrior level, we might have a way out of the current mess.
Once we get past outright criminality, we're faced with the "bottom-feeders" - the Made for Adwords sites, the "landing pages", the directory sites, the typosquatting sites, the domain parks, and similar annoying dreck. We're doing our bit to choke that off. If you're willing to lump the bottom-feeders together with the crooks, it's easier to separate them from the sites with some degree of legitimacy.
Most of the bottom-feeders get their revenue from Google's advertisers, via Google. Google is starting to do something about this with "landing page quality measurement". Their standards are very low, though, judging by what's still showing up in AdWords ads. (We have a free Firefox browser extension that rates AdWords advertisers, so we have a way to look at this. Advertiser quality varies drastically by site: advertisers on Bloomberg look legit, LinkedIn, mostly OK, Myspace, mostly bottom-feeders.)
There's a basic question here - how much of Google's revenue comes from bottom-feeders? Google recently tightened up their landing page standards, and Google's revenue dropped for the first time ever. Can Google still afford "don't be evil"? We'll find out this year.
All of these things are endpoint problems. Down at the IP level, we're doing OK.
The "new paradigm" for the internet is figuring out ways to make it look good on tiny screens. Current web design usually involves a small bit of content surrounded by banners, ads, menus, and similar dreck. None of that stuff fits on the small screen. The big screen is forgiving of bad layout. The small screen is not.
Navigation probably needs to be popup-based. You can't afford the screen real estate for keeping menus on screen all the time. A unified grammar for popup behavior is needed in web browsers. Users need to know what to expect when they ask for something to change on screen.
I suspect we'll see a migration to laptops with smaller screens, with better use of screen real estate. Big laptops may go the way of the shoulder-carried boom box.
Big, corrupted PST files? No problem. Just get Stellar Phoenix PST Repair. "Stellar Phoenix can repair PST files in all scenarios including the common issues listed below ... Oversized PST files with 2Gb problem.
Recovers from encrypted files. Recovers deleted e-mails." U.S. Government price $249 with CD. Immediate download available. Recommended by PC Magazine.
This little problem can be overcome. Just get some image copies of those tapes out to the Internet Archive or Wikileaks, and all the technical problems will be quickly dealt with, the data will go on line, and it will all be indexed.
Much of the problem with Wikipedia and Craigslist comes from anonymity. Wikipedia carries anonymity to the point of absurdity - not only are individual contributors anonymous, the "admins" and "sysops" are anonoymous. Craigslist is drowning in a flood of spam because they don't do anything to validate accounts.
One of the simplest ways to cut down on the problem is to require a cell phone number to get an account. The signup system then texts a password to the phone. GMail used to do that, when they were trying to be be less evil than Hotmail. Craigslist desperately needs it. Yes, you can buy more SIM cards and create multiple identities, but each new identity will cost $50 or so, which tends to throttle spammers.
It usually costs more to win such prizes than it's worth.
What happened to the plutonium glut? According to the World Nuclear Association, the US has 38 tons of surplus plutonium as of 2007. The USSR had even more, because they kept their production plant going even when there was no demand. The UK has surplus plutonium. What's NASA's problem?
Radiosity does more for indoor scene quality than does raytracing. Radiosity gives you the visual cue of a dark band at an inside corner, which is subtle and a basic part of the human visual mechanism for resolving depth. Raytracing makes shiny things look cool.
Oh, right, this is for gamers.
I've seen the thing. Right now, it's a nice teleoperator, but can't do much if anything autonomously. Great platform, though. There's also Anybots, which does beautiful mechanical engineering. That, too, is a teleoperator right now.
It's nice to see the mechanical engineering problems of mobile robots being solved. The mechanics need to be done in the private sector to move research forward. University CS departments are terrible at cutting metal.
This will go mainstream for Xmas 2009, when the first dynamic self-balancing legged toy robots appear.
The legal system worked. As soon as Wikileaks got involved in the case, the judge reversed himself almost immediately.
The real problem here is with Dynadot, the domain registrar. Like most domain registrars, Dynadot tries to wriggle out of the concept that domains are the property of the registrant, substituting one-sided terms of service which give them discretionary power over the domain. That's the problem.
They made a deal with Bank Julius Baer to shut down the site, and got the court to sign off on the deal, without even notifying the registrant. That was Dynadot's doing. That's where the problem started.
Interestingly, Dynadot has one of those indemnification clauses in their agreement that everyone ignores. This time, it matters. It reads: You agree to release, indemnify, defend, and hold harmless Dynadot ... against any losses, liabilities, claims, damages or costs, ... relating to or arising out of Your registration, application, transaction request, resale, or use of services provided by Dynadot and Your account with Dynadot ....
Should Dynadot be threatened with a lawsuit or receive notice of a filed or pending lawsuit by a third party, Dynadot may seek written assurances from You concerning Your promise to indemnify Dynadot. Your failure to provide such written assurances may be considered a material breach of this Agreement.
One could argue that Dynadot's insertion of such a clause created an obligation on Dynadot to promptly notify the registrant of any threatened litigation. Dynadot has claimed in their contract that the registrant has responsibility for claims against Dynadot by third parties. Yet Dynadot did not properly notify the registrant of such a claim. Instead, they apparently went to court before notifying the registrant. That's usually considered negligence or worse.
Visit No-Dig 2008, April 27 through May 2, the trade show of the microtunneling industry. This is routine construction technology; if you need to put a pipe under a busy street, it's quite possible to do so. Small diameter pipes with short runs are installed by "pipe jacking", where the pipe is simply forced through dirt with hydraulic cylinders. For larger pipes and longer runs, there's "horizontal directional drilling", which is derived from oil well technology.
True robotic tunnel boring machines for small tunnels are being talked about, but they're not moving dirt yet.
Tunnel boring machines don't just drill a hole; they build the tunnel. TBMs have a cutter head in front, which is jacked forward as it cuts. The TBM's jacks push against the previous tunnel rings for support, or against the tunnel walls in hard-rock tunneling. This creates a gap between the front and back of the TBM. Once enough space has been opened up for another tunnel ring, the jacks are retracted and another tunnel ring is installed, in segments. Tunnel ring segments can be metal or concrete; the London Underground, especially the Jubilee Line, uses metal tunnel rings bolted together.
Behind the cutting head of the TBM is a big construction project compressed into a small space. There's machinery for erecting the ring segments, which can weigh tons. There's usually a two-track narrow gauge rail line behind the TBM, with muck cars taking away the dirt, segment cars delivering more ring segments, track cars carrying more construction rail track, and the occasional tool or worker car. So the back end of a TBM may have a hundred feet or more of materials handling equipment.
Here's a video of an animation of a TBM. This is a hard-rock TBM, used in the Alps. Somewhat different designs are used in soft rock (like the chalk of Eurotunnel) and in wet ground.
Cramming all this into a small robotic package is a tough job that hasn't been done yet. There's considerable automation in these things, but not yet enough to run them in places where people can't go.
MailRail, in London, came closest to the proposed system. Little automated electric trains carried mail since 1928. It was shut down in 2003. (It's still intact, though; it might be restarted some day.)
MailRail gives a sense of the constraints of a realistic system. The tunnels are 9 feet in diameter and double-tracked, so it's possible to get repair crews and equipment into the tunnels without much trouble. For small-tube systems, breakdowns are tough to deal with. MailRail was a railroad in miniature, with stations, sidings, switches, repair shops, and work trains. Even rails wear out and have to be reground or replaced, so MailRail had the gear to do "maintenance of way" work. All those things are needed, and many of them are labor intensive.
The operating cost on MailRail was quite high, even though all the capital costs had long since been paid for. Cost was 3x to 5x the cost of using trucks. But the real problem was that it didn't go to the right places; over the decades, post offices had been moved to locations off the MailRail line, and only three of the nine stations were still in use.
The Chicago tunnel system had a different problem. It was designed when long-haul freight was by rail and local delivery was horse-powered. Bear in mind that trains were routinely hauling heavy loads by 1850, but trucks didn't appear until the 1920s and didn't work well until the 1930s. (1920s trucks had power comparable to that of a small car today.) So for a seventy-year period, local delivery was badly matched to long-haul transport. Early attempts to deal with this problem involved breeding very large horses. This was the period of pneumatic tubes, underground freight rail systems, and similar attempts to fix the local delivery problem. Once truck engines and drivetrains become powerful enough to do the job, those local delivery systems were no longer needed.
Werner von Braun's plan for going to Mars was published in the 1950s. It's worth reviewing it.
Ah, the good old days of industrial production. If China does a Mars program, it might look like that.
Online auctions are a business which tends towards market concentration. The biggest auction is the most valuable, and the auction systems are closed. eBay objects if you write a search engine for eBay auctions, or a system to manage auctions across multiple auction sites.
In contrast, e-mail systems are today open - Hotmail can mail to Gmail, and vice versa. That wasn't always the case. There was a time when MCImail, GEnie and AOL didn't talk to each other; eventually, the open e-mail system of the Internet wiped them all out. Search is open from the consumer side; all search engines can look at all sites. But it's not open from the advertiser side, not since Google bought DoubleClick.
So there's an inherent tendency towards monopoly in the auction area. It's a legitimate subject for antitrust enforcement.
Would you happen to know how Singularity does multiprocessing?
RTFM.
Ah, the good old days of catchall addresses.
I own a .com domain which is the same as the ".co.uk" domain of a religious school in England. The kids mostly just mis-subscribed to mailing lists; I was getting multiple copies of promotional junk from bands. The e-mails between
the staff were interesting, though.
I had to turn off the catchall addresses about five years ago. Dictionary attacks were overloading the spam filters.
The linked video is from 1998.
I've seen several gadgets like this at SIGGRAPH, although not this "maglev" version. There are better haptic input devices, which are more like robot arms in reverse.
Very nice. It's sad, though, that Microsoft is making it available as open source, because that means it's not going to become a Microsoft product.
Singularity is an interesting system. Most of the individual ideas aren't new, but the combination of them is well chosen. It's a message passing microkernel, like VM and QNX, the OSs that actually work reliably. The storage management and of enforcement of process separation at compile time comes from the ALGOL compiler for the Burroughs 5500, circa 1960, for example. They recognized the problem of interaction between interprocess communication and the scheduler and dealt with it; QNX probably has a better solution, but the one in Singularity is OK. Singularity tries a bit too hard to avoid interprocess copying; so did Mach, and it made things worse.
There's a reasonable design-by-contract language. The language knows about marshalling for interprocess communication, which encourages its use. That's borrowed from Mesa. In most languages, a subroutine call is much easier to code than an interprocess call, which encourages bloat of individual processes.
Drivers aren't in the kernel and aren't trusted, although drivers that can do DMA still present a security problem. This is a problem with insecure PC hardware; IBM mainframe channels have DMA that goes through MMU checking. That could be fixed, especially since most new peripherals are on USB or FireWire ports. Add-on boards are on the way out.
Makes me wish I was still doing OS R&D.
This is sort of a last-year issue.
Last year, I was living in an area of Silicon Valley that was covered by Google's van. There's good coverage of my house. Really good coverage. You can see both cars in the driveway and read the license plates. You can, just barely, see me in profile through a window.
I don't really mind.
Linux has this same bug. It's in "ohci1394.c". I reported this to the Linux kernel mailing list years ago, and the reaction of the kernel developers was to make it a "feature" for "remote debugging" that's enabled by default.
Technically, here's how it works. First, see the OHCI specification, section 5.15, "Physical Upper Bound register". This determines the highest memory address into which an external device can store directly by sending a packet. If set to zero, this feature is disabled. That feature is intended for slave devices, like peripherals. On computers with an operating system, it should be zero. It's not.
In the Linux kernel, that security hole was installed in "ohci1394.c" with the comment:
/* Turn on phys dma reception.
*
* TODO: Enable some sort of filtering management.
*/
In early kernels, it was unconditionally enabled. In 2.6, it's enabled by default, but can be turned off.
Also, This patch indicates that this security hole may have been designed into some FireWire controllers, so that the "upper bound register" didn't really do anything, but read back zero.
Let's look at the actual paper from MIT:
Ultracapacitors or double layer capacitors (DLCs) are energy storage devices whose operation is based on the double layer effect [1]. By utilizing highly porous carbon material with a surface area up to 2000m2/g as electrodes (as in Fig. 3) commercial DLCs can achieve a energy density (6Wh/kg) much greater than the energy density of a conventional capacitor. However, this figure is much lower than the energy density reached by Lithium-Ion batteries (120Wh/kg).
Project Goals
Design and Implement an Ultracapacitor cell (see Figs. 1 and 3) based on Carbon nanotubes (CNTs) that can enhance the performance achievable by batteries. Our analysis shows that the utilization of a matrix of vertically aligned CNTs (see Fig. 2 - right) as electrode structure, can lead to an ultracapacitor characterized by a power density greater than 100kW/kg (three orders of magnitude higher than batteries), a lifetime longer than 300,000 cycles, and an energy density higher than 60Wh/kg.
So they're trying to make a capacitor with half the energy density of lithium-ion batteries. That's an achievement, but it won't replace batteries.
Great power supply for a dragster, at 100kW/kg. You only need a quarter mile of range, and you can get a few megawatts for a few seconds from a modest ultracapacitor bank.
(When posting Slashdot articles, please try to get better sources. And link the original paper, not some blog, please.)
The linked story just displays a popup: "Click here or wait 12 seconds" over and over.
Judging by my freaking freezing ears, MIT is in the North.
Yes. I'm a Stanford grad, live in Silicon Valley, and some years back someone from MIT was trying to recruit me for the Media Lab to work on physically-based animation. We're walking across the MIT campus to the T station. It's sleeting, with light hail. He says "and there are fewer distractions out here".
I'm still in California.