Well, outside of Duke of Hazard type of jumps, accelerating at such a speed for a *very limited* amount of time would not directly mean you are screwed I suppose.
You might also be able to deploy a parachute after acceleration, but I suppose you'll have to drive for quite a bit using a very interesting route to get into that situation.
Multos seems to have an E6 and EAL 4 at the moment. I wonder how you could create a smart card OS that does EAL 7 actually, but maybe it is possible, even though the functionality of a smart card OS is already pretty large.
But this is on a rather restricted system. The problem comes when you get to PC software. There are just too many things that may come in contact with the part you are trying to certify, so it gets a lot harder that way. You can see from this project how many things are, for instance, to do with the user interface.
Even then you are on questionable ground: with any actual PC software you will rely on libraries. Going for EAL 7 seems to be a waste of resources to me.
Although I fully agree with almost everything you say, I do think that the current problems are very high indeed. I don't think we've been so close to destroying the earth (as we know it). So if there is a direct budget decision on what to spend money on, I would definitely go for alternative energy and trying to combat overpopulation of this planet.
Just finished browsing through their Formal Spec (117 pages) and Formal Design (171 pages) - all in Z, and although initially it seems at least understandable, it is a bit much. I wanted to post a piece of spec to show you all what it means, but unfortunately ASCII just doesn't capture the idea in full (shudders).
Basically you've got the requirements -> formal spec -> formal design -> informal design -> code -> code verification -> testing (for the software side, then you got the formal user manuals etc).
Some idea of the SPARK code, this is matched with the Z code as far as I understood.
pre ( ( Latch.IsLocked(Latch.State) and
Door.TheCurrentDoor(Door.State) = Door.Open and... post ( ( Latch.IsLocked(Latch.State) and
Door.TheCurrentDoor(Door.State) = Door.Open and
Clock.GreaterThanOrEqual(Clock.TheCurrentTime(Clock.CurrentTime),
Door.prf_alarmTimeout(Door.State)) )
Some stuff cut because of "Filter error: Please use fewer 'junk' characters." says it all really:)
This is basically a proof of concept piece of code. It shows that Common Criteria EAL 5 (and possibly further) is not out of reach for a software program. EAL 5 and further require (semi) formal proof that a system is correct:
* EAL-1: Functionally tested
* EAL-2: Structurally tested
* EAL-3: Methodically tested and checked
* EAL-4: Methodically designed, tested, and reviewed
* EAL-5: Semi formally designed and tested
* EAL-6: Semi formally verified, designed, and tested
* EAL-7: Formally verified, designed, and tested
Now anybody who is in software engineering knows that this is not a very light requirement. You can write tests until you die of old age, but even then you won't be able to prove anything is fully conform demands.
The system itself is pretty "simple": the hardware consists of a biometric device, two smart card readers and a display device. That's all. Oh, and a door of course, since that is the basic function. It's about opening a door:)
But that's not important at all. What's important that this is a development environment with which you can build *very* secure software, that can be verified against EAL 5. In that respect this is indeed a sales pitch. A rather interesting one, I don't think there are many EAL 5 certified *software* products.
It's a Biometric Token system. I haven't been able to find out any more, so I'm now downloading all of their software, just to find this out.
It's a lot about ADA, about contract based design, about checking invariants, and NOTHING about the actual functionality. As somebody who is in security and knows about Common Criteria first hand I must say this might be a very interesting thing. EAL 5 is not something to be sneered at.
If the software actually does something, that's another matter. I'll try right away. I'll let you know when I got it running, if it ever does. Now lets hope the website has not been hacked and that it doesn't contain a virus:)
Where's the secure hash stored on an offsite SSL page?
It also has a price tag of 8K for a complete version including 2x gigabit & 4 GB of RAM. This is serious stuff, not something you would want to put into, say, a media streaming PC of under 10K.
Personally the thing that is really new is the price point and the preinstalled codecs (if any). This would be pretty usefull for e.g. surveillance, where you might want to put a lot of security camera's onto one PC.
OK, that's practically a given. Now, could it age wine that was good to start with? I presume that the aging process will take quite a lot of money. Changing a bad whiskey into a good one? Nah, won't work. But I would not be surprised if you could create a good whiskey much faster given the right ingredients.
Obviously, it won't sell. Many bottles of whine are still sold with a cork, even though that does nothing for the quality of the wine (one thing the ausies got right, just use a turning cap). But generally, this industry is *extremely* turned against change.
I've been counting a few things lately, and I was surprised to find I've got far over 70 ethernet connector ports on various devices - on of which is a now unused 24 port 100 Mbit switch. I am keeping the hub (8 port + coaxial) because I could use it when I'm running into networking problems. Hubs (and managed switches) can be used to send all ethernet packets to a PC with ethernet tools on it.
Anyway, my company is really reluctant in giving away stuff to employees. Also because we are very security minded, and you need a lot of paperwork to take things out of the office. The changes of me donating to the company is much higher than the other way around. Some things just won't be managed: I used my own USB to HDD connector to remove data from the disk of my laptop for instance.
I didn't say all companies work that way. Especially smaller ones will give stuff away frequently. The problem for big companies is that if they started to give away stuff to people, other people will start to complain. An unequal salary is not as visible as giving away equipment to people - people *will* get angry over it.
Giving it away to charity would be a very good option I guess.
It seems to me that he did clear out the archive of old and useless equipment. Think about it: 20K of stuff worth 120K in US dollars? That's an average of 6 dollars per item, and you can rest assured that it won't be the minimum that they are quoting. Also, how can you be missing 20K of equipment? Well, easy, since it was probably collecting dust anyway.
But stealing is dangerous stuff, because you will upscale as long as you can get away with it. Once you've started it, it's more difficult to stop, since you've already taken the moral hurdle. And at some time someone is going to miss something, either because of bad luck or because the person taking the stuff is moving upwards.
I've got an old passive AGP Matrox dual head card laying around the office. It would be a perfect fit for one of my older computers. But I won't take it, even though I'm sure it won't be used anymore. That said, the way companies handle old equipment could be considered criminal as well.
Weight Size Battery life Bluetooth (or mobile connectivity such as GPRS/UMTS) Sound Ruggedness
True, some netbooks don't include battery life enhancements or mobile connectivity. Those are not true netbooks in my opinion and are much more useless than the counterparts that do include it.
Yes, there is overlap, especially on cost, but there are still some differences to make the distinction. And of course I've only listed the advantages of netbooks here.
Bollocks. As long as I'm using a wired service using my trusted ISP, then I would be pretty safe against any attacks on my IP packets. Not so with an open door, everybody can walk in. And even if I'm just using unsecured wifi, I don't think many hackers will physically go out of place just to hack my Yahoo account. Then there is the gain to be had, which is a lot less. Also less risk, but the comparison is completely flawed, whichever way you look at it.
It's dead in the water because it runs a system that is to be used with a keyboard, and you can not easily use a keyboard while on the move. Clam-shells without touch screens are pretty easy to make and not easy to break. People do not trust or like pen-based devices (I don't mind too much, but this seems to be the general feeling).
If you run another OS, you will miss the familiarity and you will have to rely on proprietary software. eInk cannot be used with any familiar GUI system: the updates are about.3 second minimum - and normally they seem to use fade out/fade in.
They are compatible with the mayor operating systems, and have a screen large enough to run normal applications on (that people *know*). They have a keyboard that, with a bit of trouble, you can actually type on. People like mice, and you can connect them. They all have at least wifi, and with a bit of luck, bluetooth as well. They are affordable and have adamant running time and they are rather quiet. You can do presentations with them.
The only real trouble with them is that they don't fit into your breast pocket of your suit.
Slashdot Mirror
Well, I was just about to mod you informative, but the next Slashdot story:
http://mobile.slashdot.org/article.pl?sid=08/10/10/209209
tells me they are trying for a merger instead. (Verizon to charge providers $0.03 per SMS).
Any reason why there are no responses here? Have they been obfuscated somehow?
Well, outside of Duke of Hazard type of jumps, accelerating at such a speed for a *very limited* amount of time would not directly mean you are screwed I suppose.
You might also be able to deploy a parachute after acceleration, but I suppose you'll have to drive for quite a bit using a very interesting route to get into that situation.
Multos seems to have an E6 and EAL 4 at the moment. I wonder how you could create a smart card OS that does EAL 7 actually, but maybe it is possible, even though the functionality of a smart card OS is already pretty large.
But this is on a rather restricted system. The problem comes when you get to PC software. There are just too many things that may come in contact with the part you are trying to certify, so it gets a lot harder that way. You can see from this project how many things are, for instance, to do with the user interface.
Even then you are on questionable ground: with any actual PC software you will rely on libraries. Going for EAL 7 seems to be a waste of resources to me.
Although I fully agree with almost everything you say, I do think that the current problems are very high indeed. I don't think we've been so close to destroying the earth (as we know it). So if there is a direct budget decision on what to spend money on, I would definitely go for alternative energy and trying to combat overpopulation of this planet.
Just finished browsing through their Formal Spec (117 pages) and Formal Design (171 pages) - all in Z, and although initially it seems at least understandable, it is a bit much. I wanted to post a piece of spec to show you all what it means, but unfortunately ASCII just doesn't capture the idea in full (shudders).
Basically you've got the requirements -> formal spec -> formal design -> informal design -> code -> code verification -> testing (for the software side, then you got the formal user manuals etc).
Some idea of the SPARK code, this is matched with the Z code as far as I understood.
pre ( ( Latch.IsLocked(Latch.State) and ...
Door.TheCurrentDoor(Door.State) = Door.Open and
post ( ( Latch.IsLocked(Latch.State) and
Door.TheCurrentDoor(Door.State) = Door.Open and
Clock.GreaterThanOrEqual(Clock.TheCurrentTime(Clock.CurrentTime),
Door.prf_alarmTimeout(Door.State)) )
Some stuff cut because of :)
"Filter error: Please use fewer 'junk' characters."
says it all really
There I am replying to myself.
This is basically a proof of concept piece of code. It shows that Common Criteria EAL 5 (and possibly further) is not out of reach for a software program. EAL 5 and further require (semi) formal proof that a system is correct:
* EAL-1: Functionally tested
* EAL-2: Structurally tested
* EAL-3: Methodically tested and checked
* EAL-4: Methodically designed, tested, and reviewed
* EAL-5: Semi formally designed and tested
* EAL-6: Semi formally verified, designed, and tested
* EAL-7: Formally verified, designed, and tested
Now anybody who is in software engineering knows that this is not a very light requirement. You can write tests until you die of old age, but even then you won't be able to prove anything is fully conform demands.
The system itself is pretty "simple": the hardware consists of a biometric device, two smart card readers and a display device. That's all. Oh, and a door of course, since that is the basic function. It's about opening a door :)
But that's not important at all. What's important that this is a development environment with which you can build *very* secure software, that can be verified against EAL 5. In that respect this is indeed a sales pitch. A rather interesting one, I don't think there are many EAL 5 certified *software* products.
It's a Biometric Token system. I haven't been able to find out any more, so I'm now downloading all of their software, just to find this out.
It's a lot about ADA, about contract based design, about checking invariants, and NOTHING about the actual functionality. As somebody who is in security and knows about Common Criteria first hand I must say this might be a very interesting thing. EAL 5 is not something to be sneered at.
If the software actually does something, that's another matter. I'll try right away. I'll let you know when I got it running, if it ever does. Now lets hope the website has not been hacked and that it doesn't contain a virus :)
Where's the secure hash stored on an offsite SSL page?
In case somebody missed it: this is the same as phase change memory.
EETimes has the following interesting view on it. It seems that it's not for tomorrow yet.
http://www.eetimes.com/news/semi/showArticle.jhtml?articleID=191900450
Hmm, guess I did. Darn that. I'll drink more coffee.
I don't know why they need such a big grid, according to the inquirer they only create about 15 Gigs of data each year. Whatever that means.
They were bad, but now I'm 100% sure that they are nothing but a big gig themselves, and I've removed them from my bookmarks.
Source:
http://www.theinquirer.net/gb/inquirer/news/2008/10/03/lhc-spews-15million-gb
It also has a price tag of 8K for a complete version including 2x gigabit & 4 GB of RAM. This is serious stuff, not something you would want to put into, say, a media streaming PC of under 10K.
Personally the thing that is really new is the price point and the preinstalled codecs (if any). This would be pretty usefull for e.g. surveillance, where you might want to put a lot of security camera's onto one PC.
Slashdot, where we will chop you up when you don't get it. All those limbs!
OK, that's practically a given. Now, could it age wine that was good to start with? I presume that the aging process will take quite a lot of money. Changing a bad whiskey into a good one? Nah, won't work. But I would not be surprised if you could create a good whiskey much faster given the right ingredients.
Obviously, it won't sell. Many bottles of whine are still sold with a cork, even though that does nothing for the quality of the wine (one thing the ausies got right, just use a turning cap). But generally, this industry is *extremely* turned against change.
Bad joke, since these batteries (at least according to the info on the internet) won't do such a thing.
I've been counting a few things lately, and I was surprised to find I've got far over 70 ethernet connector ports on various devices - on of which is a now unused 24 port 100 Mbit switch. I am keeping the hub (8 port + coaxial) because I could use it when I'm running into networking problems. Hubs (and managed switches) can be used to send all ethernet packets to a PC with ethernet tools on it.
Anyway, my company is really reluctant in giving away stuff to employees. Also because we are very security minded, and you need a lot of paperwork to take things out of the office. The changes of me donating to the company is much higher than the other way around. Some things just won't be managed: I used my own USB to HDD connector to remove data from the disk of my laptop for instance.
I didn't say all companies work that way. Especially smaller ones will give stuff away frequently. The problem for big companies is that if they started to give away stuff to people, other people will start to complain. An unequal salary is not as visible as giving away equipment to people - people *will* get angry over it.
Giving it away to charity would be a very good option I guess.
It seems to me that he did clear out the archive of old and useless equipment. Think about it: 20K of stuff worth 120K in US dollars? That's an average of 6 dollars per item, and you can rest assured that it won't be the minimum that they are quoting. Also, how can you be missing 20K of equipment? Well, easy, since it was probably collecting dust anyway.
But stealing is dangerous stuff, because you will upscale as long as you can get away with it. Once you've started it, it's more difficult to stop, since you've already taken the moral hurdle. And at some time someone is going to miss something, either because of bad luck or because the person taking the stuff is moving upwards.
I've got an old passive AGP Matrox dual head card laying around the office. It would be a perfect fit for one of my older computers. But I won't take it, even though I'm sure it won't be used anymore. That said, the way companies handle old equipment could be considered criminal as well.
You mean like bootstrapping a patent?
Yikes.
Dang, that means we will waste more energy just discussing the difference.
With sound I meant noise of course. I'm rather spent after spending two days with my nephews (3 & 6 years of age).
Advantages over cheap laptops:
Weight
Size
Battery life
Bluetooth (or mobile connectivity such as GPRS/UMTS)
Sound
Ruggedness
True, some netbooks don't include battery life enhancements or mobile connectivity. Those are not true netbooks in my opinion and are much more useless than the counterparts that do include it.
Yes, there is overlap, especially on cost, but there are still some differences to make the distinction. And of course I've only listed the advantages of netbooks here.
Bollocks. As long as I'm using a wired service using my trusted ISP, then I would be pretty safe against any attacks on my IP packets. Not so with an open door, everybody can walk in. And even if I'm just using unsecured wifi, I don't think many hackers will physically go out of place just to hack my Yahoo account. Then there is the gain to be had, which is a lot less. Also less risk, but the comparison is completely flawed, whichever way you look at it.
Then again, SSL is certainly to be preferred.
It's dead in the water because it runs a system that is to be used with a keyboard, and you can not easily use a keyboard while on the move. Clam-shells without touch screens are pretty easy to make and not easy to break. People do not trust or like pen-based devices (I don't mind too much, but this seems to be the general feeling).
If you run another OS, you will miss the familiarity and you will have to rely on proprietary software. eInk cannot be used with any familiar GUI system: the updates are about .3 second minimum - and normally they seem to use fade out/fade in.
They are compatible with the mayor operating systems, and have a screen large enough to run normal applications on (that people *know*). They have a keyboard that, with a bit of trouble, you can actually type on. People like mice, and you can connect them. They all have at least wifi, and with a bit of luck, bluetooth as well. They are affordable and have adamant running time and they are rather quiet. You can do presentations with them.
The only real trouble with them is that they don't fit into your breast pocket of your suit.
Otherwise: what's not to like?