Most certificates certify nothing. The issuer guarantees nothing, and the "relying party agreement", if you can find it, promises very little, if anything.
Even Verisign's Relying Party Agreement, while it does offer some warranties, has a complicated scheme for weaseling out of Verisign's obligation to verify the certificate holder's identity. The relying party agreement refers you to the CPS Section 11, says "Issuing authorities (and VeriSign, to the extent specified in the referenced CPS sections) warrant and promise to... perform the application validation procedures for the indicated class of certificate as set forth in CPS Section 5, Validation of Certificate Applications." There, Verisign says "The IA shall confirm that... the information to be listed in the certificate is accurate, except for nonverified subscriber information (NSI)." The linked definition of "nonverified subscriber information" is "Information supplied to a certification authority as part of a certificate application". So Verisign doesn't actually stand behind any of the information in their certificates.
This is much weaker than a signature guarantee by a commercial bank, where the bank guarantees to other parties that the person was properly identified. But it costs more.
I'd like to see banks belonging to Visa International and MasterCard issue digital certificates, and require that their certificates had to be on a page that accepted their credit cards. Certificates from banks would actually be worth something.
Porno spams seem to have distinctive color schemes. Who else uses large areas of saturated yellow? And where else do you see multiple animated GIFs larger than icon size?
I don't think I would want to meet people that would want to become a member of something called 'PeopleAggregator'
Good point. That sounds like something the Direct Marketing Association would offer. ("Just fill out this form to opt into carefully targetted marketing messages.")
Still, "Orkut" sounds like a cheap scooter.
Why not? Monitors already run quite a bit of software, for configuration, on screen menus, and "digital rights management".
I'm surprised that the monitor vendors haven't tried to position the monitor as the center of the system. Plug keyboard, mouse, joystick, and USB gadgets into the monitor, and have one cable going back to a
featureless "compute box". Monitor makers control the visual "look" of the computer. The computer can be integrated into the monitor stand.
The USSR landed several rovers on the moon. Big rovers. The first, Lunokhod 1 worked for eleven months, exploring far more territory than the short-duration American manned missions. This vehicle was the size of an SUV, so it is clearly the first "mobile lunar base".
Why does Microsoft keep putting in these back doors?
Microsoft keeps adding "features" which consistently have the form of yet another way to cause a program to be loaded without user intervention. Windows has registry keys,.pif files, active-X controls, Universal Plug and Play, autostart files, "macros", and now this.
The whole Microsoft direction seems to be as friendly as possible to hostile code. That's a case for a neligence class action.
The FTC has already acted in a porn dialer case. In that case, the calls were addressed to a country code in Madagascar, but were actually routed to London. There was another case where high-rate calls were routed to Canada.
Usually, these scams involve some marginal "billing service" provider. Integretel, eBillit, Payment One, and Verity International are some of the names that come up.
The case documents are entertaining reading. See especially paragraph 11 of this filing, the "offer you can't refuse": "In fact Alex Rubenstein essentially asked me when I was going to give up, sell the business to him, and come to work for NAC".
Read the case documents. This is temporary, until the customer moves their 1500 servers to a new data center next weekend. Their colo site is being uncooperative, and a court had to intervene. By next week, this whole thing should be over.
Read the case documents before getting worried about this. It's not a general IP portability case.
It's an emergency court order to prevent an outage.
This is about a dispute between a 1500 server co-located hosting provider and their colo site operator. The colo site operator is competing with the hosting provider, and is making life miserable for the hosting provider. The hosting provider has built a new facility and is moving out. The temporary restraining order simply prevents their colo site operator from interfering with the transition, which is currently scheduled to occur on July 1.
Once they finish the move, the hosting provider will get rid of all connections with their (hated) former co-location provider. They're not taking the IP address space with them permanently. They're just using it during the transition to avoid downtime.
So this is a temporary situation.
Technically, stuff like this happens all the time during moves. Usually, both parties cooperate to provide a seamless transition. The unusual thing here is that the losing co-location provider is being so obnoxious that a court had to intervene. It's New Jersey, remember.
Over in the Boost sandbox, some of us are working on C++ classes to replace C strings in existing code. The usual C string operations (sprintf, strcat) work, but they're all protected against overflow. The idea is that you replace just the declarations, and the code either becomes safe or won't compile.
So
which will truncate the string at the specified length. Note that the "sprintf" line hasn't changed. So you don't have to rewrite complex formatting code. Changing the declarations does the job.
The new "sprintf" is actually an overload on fixed_string.
OK, all we've got here is one card doing the even scan lines and the other doing the odd scan lines.
That only helps if you're bottlenecked in fill or shader programs. If you were limited by geometry processing or geometry memory or texture memory, it won't help at all, because both cards have to redo those jobs.
For 3D applications like Maya, Softimage, etc., a few gigs of memory on the graphics board would be more useful than this. For games, putting a TV-type resolution doubler on the back end, and rendering at half resolution when things are busy, would probably look as good. When you're running at some huge resolution, moving images would have a bit less resolution, but when the image stabilizes, you'd get full resolution.
Any treatment of options that requires estimating their present value is bogus. That's so speculative that it distorts the numbers. I' go for expensing them at exercise, while reporting the outstanding options. And for much longer required holding periods, like 3 to 5 years, at least for top executives.
Basically, this is just a release of source for abandonware. Java 3D was a dud. I looked at it once because it offered collision detection. But the collision architecture was terrible, with no support for temporal coherence. That costs you orders of magnitude in performance. (Done right, collision detection is incredibly cheap. Done wrong, it's incredibly expensive. Java 3D did it wrong.)
Newer work seems to be based on calling OpenGL from Java. With widespread OpenGL support in hardware, that makes sense. There are at least five incompatible OpenGL bindings for Java, though. Sun has an "official" one, but they couldn't resist crudding it up with all their "technologies", so you have to download Ant, Antlr, and Java Web Start. This last tangles you up in some Sun licensing restrictions. This is a bit much for what's no more than a shim.
He's in a strong position because they are using the program without the right to use it. He owns all the rights, and the user has to come to terms with him to use the code. Otherwise, he can drop the big "anti-piracy" law hammer on them, going after them for DMCA violations and such.
And the answer to that is "you can no longer use Outlook Web Access because of the security risks".
As I've been saying for a while, major sites must make sure that they work with JavaScript off, no Active-X controls, and in browsers other than IE. Maybe some of the gimmicky features won't work right, but the core functionality has to work.
I expect corporate firewalls to start blocking IE soon. Be prepared. Do you want your E-commerce site locked out?
The problem is not that IE has bugs. It is that, by design and intent, it gives the web site too much power over the browser, and the browser too much power over the operating system. This is a fundamental design flaw, and cannot be easily fixed.
Because IE hasn't changed much for a few years now, the other browsers have solved most of the compatibility problems. You don't really need IE any more. There are still sites that won't work with Mozilla or Firefox, but there are usually competing companies with compatible browsers.
Washington "Mutual" isn't a mutual. It's a stock company listed on the NYSE. They haven't been depositor-owned since 1983.
They just call themselves a mutual because it sounds good.
There used to be a tax break for being a real mutual loan association, but that disappeared under Reagan, and most of the mutuals "privatized", screwing the depositors out of their equity ownership.
under a written agreement to negotiate the license for that code from us once they got it working with their system.
An agreement to agree is not an agreement. You're in a really strong position. But you may have trouble convincing the other party of that.
When you need to do some heavy-duty convincing, go with one of the major intellectual property law firms. I use Townsend and Townsend and Crew. I've spent about $50K with them over the last decade, and it's been worth many times that.
Read their Acceptable Use Policy. This is a "Christian" college. "We trust that all who use the College network and associated
computer systems will behave in ways that demonstrate
convincingly to the world that we are a community
seeking to honor Christ and His Kingdom in all we do." "Trust", as Wheaton College defines it, involves running all web access through a proxy server that censors pornography and other "objectionable material". E-mail is monitored for
"material which is defamatory, abusive, obscene, profane, sexually
oriented, threatening, racially offensive, or illegal."
The AUP disallows all servers. Students aren't even allowed an Ethernet switch or network hub in their dorm room. One computer per outlet, one outlet per student, enforced by MAC address.
Gaze control is important, but far more useful in earth-bound systems. A good application would be to use it with surveillance cameras and traffic monitoring cameras, so that the interesting stuff is presented to humans, while endless pictures of empty rooms and smoothly flowing traffic are ignored.
Brooks did some great insect-level AI. It's purely reactive, with no world model. That was good work, and a reasonable reaction to the logic-based planning crowd then running MIT AI. But then Brooks started going around saying that the reactive model was far more powerful, and started making human-level AI noises. From this came Cog.
When Brooks came by Stanford to talk about his plans for Cog, I asked him "Why don't you go for mouse-level AI", something that didn't seem totally out of reach. He said "Because I don't want to go down in history as the man who created the world's greatest robot mouse". As one of the grad students on the Cog project said, "It just sits there. That's what it does. That's all it does". And, years later, it still doesn't do very much.
The model-free approach is just too dumb.
With no world model, you can't get beyond insect-level AI. That approach works mostly for creatures in environments where inertia doesn't matter much. For insects, banging a feeler into something is fine. For large animals, you get bruises or worse. As creatures get bigger, faster, and stronger, they need models with some predictive power, so they can avoid mistakes before damaging themselves.
I tell people in academia that you need to be "less formal than Latoumbe (who formerly headed Stanford's robotics operation) and more formal than Brooks". The game development community has absorbed this lesson, but it's only starting to get through to the robotics community.
Raibert's work on legged locomotion was very impressive. I'm very familiar with that work; I've done some improvements on it. Raibert had one great insight - balance is more important than gait. People have been studying locomotion for a century, and almost all the studies center on gait. Raibert realized that balance was more important, and built a one-legged hopper to force the issue.
But, in fact, the way Raibert does locomotion is very simple. There are two controllers, both simple hand-tuned PID loops, and a state machine that swiches between them. This can handle simple locomotion on the flat, and some preprogrammed moves like flips, but it doesn't generalize. I'd expected the adaptive control people to pick up from where Raibert left off, but so far, nobody has really done that.
My insight there was that slip control is more important than balance. On the flat, traction control isn't a big deal, but on hills or rough terrain, traction control dominates balance control. That's what legs are really for.
If you add automatic traction control to Raibert's approach, legged running on hills becomes possible. Otherwise, you slip out climbing hills.
Raibert himself left MIT and did a startup company, Boston Dynamics. But they ended up selling products to DoD which are game-like kinematic simulations. They don't seem to stress dynamics work any more.
The MIT Leg Lab was taken over by Gill Pratt, who was more of an actuator and controls guy. He didn't accomplish much. The next head of the Leg Lab was some guy who was into prosthetics. The Leg Lab now seems to be defunct. Their web site hasn't been updated since 1999.
With most spam already coming from zombies, all this does is insure that those zombies are compute-bound.
They'll all be frantically computing the cryptographic hash required for each send. This will slow down spam runs a bit. But it means that spammers need more zombies. Since spammers buy zombies from virus distributors, this should result in even more aggressive viruses, as the number of zombies needed for a spam run increases.
When he was 19, Werner von Braun joined a rocketry club, the Verein für Raumschiffahrt (VfR). A few years later, his terror rockets were bombing London.
If it hadn't been for the rocket club, the V-2 wouldn't have been built.
Microsoft needs to provide an uninstaller for Internet Explorer. Big Microsoft customers need to demand this. If you have responsibility for thousands of PCs, beat on your Microsoft rep for an IE uninstaller. If a dozen or so Fortune 500 companies start asking for this, it will happen.
For example, see the TrueSite Relying Party Agreement. "The Service is provided on an as-is basis without warranties of any kind".
Even Verisign's Relying Party Agreement, while it does offer some warranties, has a complicated scheme for weaseling out of Verisign's obligation to verify the certificate holder's identity. The relying party agreement refers you to the CPS Section 11, says "Issuing authorities (and VeriSign, to the extent specified in the referenced CPS sections) warrant and promise to ... perform the application validation procedures for the indicated class of certificate as set forth in CPS Section 5, Validation of Certificate Applications." There, Verisign says "The IA shall confirm that ... the information to be listed in the certificate is accurate, except for nonverified subscriber information (NSI)." The linked definition of "nonverified subscriber information" is "Information supplied to a certification authority as part of a certificate application". So Verisign doesn't actually stand behind any of the information in their certificates.
This is much weaker than a signature guarantee by a commercial bank, where the bank guarantees to other parties that the person was properly identified. But it costs more.
I'd like to see banks belonging to Visa International and MasterCard issue digital certificates, and require that their certificates had to be on a page that accepted their credit cards. Certificates from banks would actually be worth something.
Oh yeah, here
Good point. That sounds like something the Direct Marketing Association would offer. ("Just fill out this form to opt into carefully targetted marketing messages.") Still, "Orkut" sounds like a cheap scooter.
I'm surprised that the monitor vendors haven't tried to position the monitor as the center of the system. Plug keyboard, mouse, joystick, and USB gadgets into the monitor, and have one cable going back to a featureless "compute box". Monitor makers control the visual "look" of the computer. The computer can be integrated into the monitor stand.
The USSR landed several rovers on the moon. Big rovers. The first, Lunokhod 1 worked for eleven months, exploring far more territory than the short-duration American manned missions. This vehicle was the size of an SUV, so it is clearly the first "mobile lunar base".
The whole Microsoft direction seems to be as friendly as possible to hostile code. That's a case for a neligence class action.
Usually, these scams involve some marginal "billing service" provider. Integretel, eBillit, Payment One, and Verity International are some of the names that come up.
The case documents are entertaining reading. See especially paragraph 11 of this filing, the "offer you can't refuse": "In fact Alex Rubenstein essentially asked me when I was going to give up, sell the business to him, and come to work for NAC".
This is all so New Jersey.
Read the case documents. This is temporary, until the customer moves their 1500 servers to a new data center next weekend. Their colo site is being uncooperative, and a court had to intervene. By next week, this whole thing should be over.
Read the case documents before getting worried about this. It's not a general IP portability case. It's an emergency court order to prevent an outage.
This is about a dispute between a 1500 server co-located hosting provider and their colo site operator. The colo site operator is competing with the hosting provider, and is making life miserable for the hosting provider. The hosting provider has built a new facility and is moving out. The temporary restraining order simply prevents their colo site operator from interfering with the transition, which is currently scheduled to occur on July 1.
Once they finish the move, the hosting provider will get rid of all connections with their (hated) former co-location provider. They're not taking the IP address space with them permanently. They're just using it during the transition to avoid downtime. So this is a temporary situation.
Technically, stuff like this happens all the time during moves. Usually, both parties cooperate to provide a seamless transition. The unusual thing here is that the losing co-location provider is being so obnoxious that a court had to intervene. It's New Jersey, remember.
-
char s1[80];
...
which has a risk of buffer overflow, becomesvoid foo(char* out, char* in)
{ sprintf(s,"In = %s\n",in); }
-
char_string<80> s1;
...
which will truncate the string at the specified length. Note that the "sprintf" line hasn't changed. So you don't have to rewrite complex formatting code. Changing the declarations does the job.void foo(char_string_base& s)
{ sprintf(s,"In = %s\n",in); }
The new "sprintf" is actually an overload on fixed_string.
For 3D applications like Maya, Softimage, etc., a few gigs of memory on the graphics board would be more useful than this. For games, putting a TV-type resolution doubler on the back end, and rendering at half resolution when things are busy, would probably look as good. When you're running at some huge resolution, moving images would have a bit less resolution, but when the image stabilizes, you'd get full resolution.
Any treatment of options that requires estimating their present value is bogus. That's so speculative that it distorts the numbers. I' go for expensing them at exercise, while reporting the outstanding options. And for much longer required holding periods, like 3 to 5 years, at least for top executives.
Newer work seems to be based on calling OpenGL from Java. With widespread OpenGL support in hardware, that makes sense. There are at least five incompatible OpenGL bindings for Java, though. Sun has an "official" one, but they couldn't resist crudding it up with all their "technologies", so you have to download Ant, Antlr, and Java Web Start. This last tangles you up in some Sun licensing restrictions. This is a bit much for what's no more than a shim.
This is when you need the intimidating law firm.
I expect corporate firewalls to start blocking IE soon. Be prepared. Do you want your E-commerce site locked out?
The problem is not that IE has bugs. It is that, by design and intent, it gives the web site too much power over the browser, and the browser too much power over the operating system. This is a fundamental design flaw, and cannot be easily fixed.
Because IE hasn't changed much for a few years now, the other browsers have solved most of the compatibility problems. You don't really need IE any more. There are still sites that won't work with Mozilla or Firefox, but there are usually competing companies with compatible browsers.
There used to be a tax break for being a real mutual loan association, but that disappeared under Reagan, and most of the mutuals "privatized", screwing the depositors out of their equity ownership.
An agreement to agree is not an agreement. You're in a really strong position. But you may have trouble convincing the other party of that.
When you need to do some heavy-duty convincing, go with one of the major intellectual property law firms. I use Townsend and Townsend and Crew. I've spent about $50K with them over the last decade, and it's been worth many times that.
The AUP disallows all servers. Students aren't even allowed an Ethernet switch or network hub in their dorm room. One computer per outlet, one outlet per student, enforced by MAC address.
The IRS web site seems to work just fine from Mozilla.
Gaze control is important, but far more useful in earth-bound systems. A good application would be to use it with surveillance cameras and traffic monitoring cameras, so that the interesting stuff is presented to humans, while endless pictures of empty rooms and smoothly flowing traffic are ignored.
Brooks did some great insect-level AI. It's purely reactive, with no world model. That was good work, and a reasonable reaction to the logic-based planning crowd then running MIT AI. But then Brooks started going around saying that the reactive model was far more powerful, and started making human-level AI noises. From this came Cog.
When Brooks came by Stanford to talk about his plans for Cog, I asked him "Why don't you go for mouse-level AI", something that didn't seem totally out of reach. He said "Because I don't want to go down in history as the man who created the world's greatest robot mouse". As one of the grad students on the Cog project said, "It just sits there. That's what it does. That's all it does". And, years later, it still doesn't do very much.
The model-free approach is just too dumb. With no world model, you can't get beyond insect-level AI. That approach works mostly for creatures in environments where inertia doesn't matter much. For insects, banging a feeler into something is fine. For large animals, you get bruises or worse. As creatures get bigger, faster, and stronger, they need models with some predictive power, so they can avoid mistakes before damaging themselves. I tell people in academia that you need to be "less formal than Latoumbe (who formerly headed Stanford's robotics operation) and more formal than Brooks". The game development community has absorbed this lesson, but it's only starting to get through to the robotics community.
Raibert's work on legged locomotion was very impressive. I'm very familiar with that work; I've done some improvements on it. Raibert had one great insight - balance is more important than gait. People have been studying locomotion for a century, and almost all the studies center on gait. Raibert realized that balance was more important, and built a one-legged hopper to force the issue.
But, in fact, the way Raibert does locomotion is very simple. There are two controllers, both simple hand-tuned PID loops, and a state machine that swiches between them. This can handle simple locomotion on the flat, and some preprogrammed moves like flips, but it doesn't generalize. I'd expected the adaptive control people to pick up from where Raibert left off, but so far, nobody has really done that.
My insight there was that slip control is more important than balance. On the flat, traction control isn't a big deal, but on hills or rough terrain, traction control dominates balance control. That's what legs are really for. If you add automatic traction control to Raibert's approach, legged running on hills becomes possible. Otherwise, you slip out climbing hills.
Raibert himself left MIT and did a startup company, Boston Dynamics. But they ended up selling products to DoD which are game-like kinematic simulations. They don't seem to stress dynamics work any more.
The MIT Leg Lab was taken over by Gill Pratt, who was more of an actuator and controls guy. He didn't accomplish much. The next head of the Leg Lab was some guy who was into prosthetics. The Leg Lab now seems to be defunct. Their web site hasn't been updated since 1999.
Next!
When he was 19, Werner von Braun joined a rocketry club, the Verein für Raumschiffahrt (VfR). A few years later, his terror rockets were bombing London. If it hadn't been for the rocket club, the V-2 wouldn't have been built.
Microsoft needs to provide an uninstaller for Internet Explorer. Big Microsoft customers need to demand this. If you have responsibility for thousands of PCs, beat on your Microsoft rep for an IE uninstaller. If a dozen or so Fortune 500 companies start asking for this, it will happen.