People keep repeating this and yes it's true you can emulate everything real easy, except for one tiny itsy-bitsy little thing -- The private key inside the chip.
Remote attestation has been pretty much given a solid design. Platform Configuration Registers (PCRs), Attestation Identity Keys (AIKs), Endorsement Certs, RSA, SHA-1 are all part of the formula.
The Linux kernel already has smp, numa, and hyperthreading support in it; so it is already written in a way that could take advantage of multicore designs.
Also right now the userland part of the equation already has is somewhat threaded(actually split into cooperative processes). There is the X11 Server, the Window Manager, maybe a font server, then your application(s). So there will exist times when more than one thing will be available to run.
Of course most desktop machines are mostly idle most of the time. So the only things you would care about are peak performance, and responsiveness. Without threading some programs you might not notice a great change in peak performance. You may see some more responsiveness in some stress cases. The people who will probably be very pleased is the real-time people.
I haven't seen formal proof but I have seen people use templates to compute the gcd(greatest common denominator) of two numbers at compile time for example. boost has a lot of interesting things that use advanced template kung-fu.
gnomoradio has music sharing, playback, and recommendation program for Creative Commons licensed songs.
peer-to-peer, legal, and free -- what could be better?
You are right API's aren't copyrightable but implementation of said API's sure are. And it's not the Java trademark issue at all; if it was then you are right they could do exactly what you suggest. They want to make it so that you must met the compliance test or you can't distribute it whether you call it Java(TM) or Kjella's Ball o'Wax -- that is exactly the issue.
I believe that Bruce Perens got a Trademark for Open Source. I don't know whether Bruce, OSI, or The Board of Software in the Public Interest, or nobody has the Trademark now. So if the trademark is still valid then Sun could be barred from calling their license an "Open Source" license if the trademark owner disagreed.
Further I believe that the definition and criteria is valuable to help people know with certain confidence what kind of license they are dealing with. Lots of people would like the positive association with being "open source", so we should be critical of what we allow licenses that claim to be that get away with.
Rational people should in many cases like more definitive terms when discussing things, then just dealing with fuzzy concepts. So it's better to have a fairly objective procedure to discriminate licenses into various classes like Open-source, free, gpl-compatable -- then it let the terms devolve into merely sensating. I know it when I see it -- but I can't tell you how. The OSI definition hopefully gives enough that indepedent people uses the same procedure can reliable come up with the same results.
If Bob Scheifler had read the Open Source definition he would have noticed that maybe
criteria 8 and 10 contends with what he wanted to accomplish.
8. License Must Not Be Specific to a Product: The rights attached to the program must not depend on the program's being part of a particular software distribution.
His test suite would be another program.
10. License Must Be Technology-Neutral:No provision of the license may be predicated on any individual technology or style of interface.
The environment to be tested might not support all of the I/O that his suite might need in order to pass. IE maybe it has some combination of no writable filespace, no gui, no network connection, no terminal....
I wish the definition was more clear that the license itself shouldn't restrict the kinds of modifications that can occur. If that is impied then criteria 3 is abused as well. The license must allow modifications and derived works, and must allow them to be distributed under the same terms as the license of the original software.
You are allowed to make modification as long as the md5sum of the resultant file is cc4e48a5fe0ba15b13a98b3fd34b340e;->
Yep it's seeks that hurt. Tim Bray observed something interesting from the reiser4 benchmarks. That within 1 Gig of data you can do about 120 to 130 random seeks. Within 3 Gigs of data you can only do about 90 to 105 random seeks a second. Thats why having good readahead sizes and ordering your seeks can be really helpful.
At 10,000 RPM it's 166.7 RPS -- thats 6 milliseconds to do a complete revolution. So the latency from that is on average 3 milliseconds. Reading 150K Bytes at a time would be another 3 milliseconds so the other 4 should be the track shifting time and other overhead. Upping the RPMs should decrease the rotational latency and read time even if it didn't effect track switching.
Of course if you don't also increase track seeking time than you can only double the amount of seeks you can do in second even if you make a 100,000 RPM or faster drive...
I dare you to find a list implementation in any type-strong language that doesn't require an upcast in this situation. You need it to be able to store objects of an anonymous type on a list.
c++ using the stl doesn't need it, because their lists are stronger typed than java's.
std::vector<char * > l;
l.push_back("A String");
char *s=l[0];
Look no casts required -
anonymous type doesn't sound like strong type to me.
Yep I immediated thought of the book Fooled By Randomness by Nassim Nicholas Taleb.
He has some very good insights about the markets and human behavior.
See Taubman sucks for a domain name dispute that was heavily documented. Hank Mishkoff fights off Taubman over an issue over "The Shops at Willow Bend". Has lots of good stuff on "safe distance", Lanham Act, Trademarks, etc.
He wins in the end but it's quite the battle.
Add a phaser, and I'm sold!
They had a model like that for awhile, but in field use they had too many star fleet personnel accidently activating the phaser while it was pointed at their head;->
...philosophy that the only kind of software is the kind that you can not only have the rights to change and republish but also to tinker with in any way is directly in contrast with the philosophy of Capitalism...
Actually Adam Smith in the Wealth of Nations was strongly against people like trade guilds from having a monoppoly on knowledge -- the rational
actors with equal knowledge/information assumption was meant to reflect ideal capitalistic competition.
In fact he spoke strongly about trade guilds restricting know-how to menbers only. It doesn't seem that much of a stretch that he'd be against the current situation that exists in the software industry dominated by secretcy and restrictive licenses.
The article made it sound like they selected a few critical files(but not all or even most) -- "...sequester the critical parts of the source code so they would not be modified in the course of routine maintenance.".
It also sounds like the used MD5 or SHA1 to validate what exactly must not change -- "...produce a mechanism by which cryptographic fingerprints could be chained from the original source code all the way to the final runtime executable.".
And nope they did not test gcc or validate that the code had unspecified or undefined behavior spots in it that could even legitimately cause a compiler to generate binaries that produce different results.
Well I think that fedora might be the first of many distros that use SELinux. So it really doesn't make much sense for SELinux to have it's "own distro"; just like it doesn't make sense for the O(1) scheduler to have it's own distro. It's something that lots of them with just use.
Yep and the Manhatten project used old style "computers" -- a bunch of people(usually women) in a room that had simple tasks of add, sub, mult, and div.
The current thought is that making an ineffiecient relatively "low-yield" weapon is easy. You need lots of computer power to get the most bang for the kilogram or to make a fusion weapon.
Slashdot Mirror
People keep repeating this and yes it's true you can emulate everything real easy, except for one tiny itsy-bitsy little thing -- The private key inside the chip. Remote attestation has been pretty much given a solid design. Platform Configuration Registers (PCRs), Attestation Identity Keys (AIKs), Endorsement Certs, RSA, SHA-1 are all part of the formula.
Secure Platform Attestation with TPMs One frequent system attack involves making unauthorized changes to a platform's configuration. This allows misuse of the device and its contents as well as access to the networks to which the device is connected. In devices that use TPM chips, platform integrity is protected by secure storage of the platform configuration values and by secure reporting of the values. This enables attestation of the device by verifying that its configuration is intact. The mechanism is based on the chain of trust used in creating the hash values of the pre-boot information of the platform. It is common industry practice to check the integrity of a platform by comparing configuration settings when a platform is rebooted against the settings when it was set up. A "hash" algorithm is used to calculate a value from information stored in the Platform Configuration Registers (PCRs) when the platform is setup. When the platform is re-booted, a new hash value is calculated and compared against the original. If the values match, the computer or cell phone or other platform starts up and login proceeds. In unprotected systems, PCRs are accessible and the hash values are stored in system memory that is subject to compromise. In TPM-capable platforms, the hash value is calculated using the SHA-1 algorithm, access to the PCRs requires trusted authorization, and the hash values are stored within the TPMs in secure, non-volatile memory. These values are used to create Attestation Identity Keys (AIKs) that cannot be used unless a hash value is the same at the time of use as when the AIK was created. This makes it possible to determine if trusted-state configuration parameters are corrupted. If they are corrupted, use of the device may be denied. TPM-Protected digital signatures: Protect the private signature keys. Keys are stored inside the TPM and are not exposed in system memory during signing operations. A true Random Number Generator (RNG) is used to create RSA key pairs internal to the TPM. The TPM chip's RNG generates the seed numbers for the cryptographic processor's encryption, decryption, and key generation functions. Performing the RSA calculations in the TPM instead of in the general system processor improves both system and encryption performance. The TPM generates, stores, and manages cryptographic keys in hardware, which "hardens" applications that originally relied on software-only encryption algorithms.
The main thing to get out of all that is that you never get the private keys.. Ever....
And the hash values can only be reset by rebooting.
the process of acquiring AIKs. 1. Owner bundles into an ID (request: New ID PubKey Endorsement Cert, Platform Cert, Conformance Cert) 2. Owner sends ID request to TTP 3. TTP verifies Certificates 4. TTP signs ID 5. Signed ID sent to TPM AIKs are created using Certificates (also called Credentials) available within the TPM. AIKs do not have any direct association with the EK or the credentials. AIKs are always bound to the platform and can be used to provide attestation to the platform's identification and configuration. It is important to note that the service provider (or challenger) trusts the Trusted Third Party (TTP) to do its due diligence before issuing AIKs to a platform.
FTA by George R(aymond) R(ichard) Martin, Analog May 1974. Faster than Ants.
http://dmoz.org/Bookmarks/P/pollei/Maps_and_Geogra phy/
http://sourceforge.net/projects/qpegps/
http://sourceforge.net/projects/virtualhiker/
http://sourceforge.net/projects/roadnav/
orbitz
orbitz
If you use rel="nofollow" then can you link and not give them google juice.
http://slashdot.org/~squiggleslash/journal/97860 says it got resolved. He created lots of criticism because of his statements on his blog, that's for sure.
Impeach Bush seems to have a lot of reasons to impeach him.
Including:
6) Violations and subversions of the Charter of the United Nations and international law, both a part of the "Supreme Law of the land" under Article VI, paragraph 2, of the Constitution, in an attempt to commit with impunity crimes against peace and humanity and war crimes in wars and threats of aggression against Afghanistan, Iraq and others and usurping powers of the United Nations and the peoples of its nations by bribery, coercion and other corrupt acts and by rejecting treaties, committing treaty violations, and frustrating compliance with treaties in order to destroy any means by which international law and institutions can prevent, affect, or adjudicate the exercise of U.S. military and economic power against the international community.
7) Acting to strip United States citizens of their constitutional and human rights, ordering indefinite detention of citizens, without access to counsel, without charge, and without opportunity to appear before a civil judicial officer to challenge the detention, based solely on the discretionary designation by the Executive of a citizen as an "enemy combatant."
So I think part of 7 they might mean signing the US Patriot act.
The Linux kernel already has smp, numa, and hyperthreading support in it; so it is already written in a way that could take advantage of multicore designs.
Also right now the userland part of the equation already has is somewhat threaded(actually split into cooperative processes). There is the X11 Server, the Window Manager, maybe a font server, then your application(s). So there will exist times when more than one thing will be available to run.
Of course most desktop machines are mostly idle most of the time. So the only things you would care about are peak performance, and responsiveness. Without threading some programs you might not notice a great change in peak performance. You may see some more responsiveness in some stress cases. The people who will probably be very pleased is the real-time people.
You might want a text to speech system like maybe freetts. Or it could just page or text message you.
Yep I went to your page. Nice use of switching css via cookie -- I tried all three styles.
I haven't seen formal proof but I have seen people use templates to compute the gcd(greatest common denominator) of two numbers at compile time for example. boost has a lot of interesting things that use advanced template kung-fu.
gnomoradio has music sharing, playback, and recommendation program for Creative Commons licensed songs. peer-to-peer, legal, and free -- what could be better?
Thank you for your correction. I had forgotten how that turned out.
You are right API's aren't copyrightable but implementation of said API's sure are.
And it's not the Java trademark issue at all; if it was then you are right they could do exactly what you suggest. They want to make it so that you must met the compliance test or you can't distribute it whether you call it Java(TM) or Kjella's Ball o'Wax -- that is exactly the issue.
I believe that Bruce Perens got a Trademark for Open Source. I don't know whether Bruce, OSI, or The Board of Software in the Public Interest, or nobody has the Trademark now. So if the trademark is still valid then Sun could be barred from calling their license an "Open Source" license if the trademark owner disagreed.
Further I believe that the definition and criteria is valuable to help people know with certain confidence what kind of license they are dealing with. Lots of people would like the positive association with being "open source", so we should be critical of what we allow licenses that claim to be that get away with.
Rational people should in many cases like more definitive terms when discussing things, then just dealing with fuzzy concepts. So it's better to have a fairly objective procedure to discriminate licenses into various classes like Open-source, free, gpl-compatable -- then it let the terms devolve into merely sensating. I know it when I see it -- but I can't tell you how. The OSI definition hopefully gives enough that indepedent people uses the same procedure can reliable come up with the same results.
If Bob Scheifler had read the Open Source definition he would have noticed that maybe criteria 8 and 10 contends with what he wanted to accomplish.
;->
8. License Must Not Be Specific to a Product: The rights attached to the program must not depend on the program's being part of a particular software distribution.
His test suite would be another program.
10. License Must Be Technology-Neutral:No provision of the license may be predicated on any individual technology or style of interface.
The environment to be tested might not support all of the I/O that his suite might need in order to pass. IE maybe it has some combination of no writable filespace, no gui, no network connection, no terminal....
I wish the definition was more clear that the license itself shouldn't restrict the kinds of modifications that can occur. If that is impied then criteria 3 is abused as well.
The license must allow modifications and derived works, and must allow them to be distributed under the same terms as the license of the original software. You are allowed to make modification as long as the md5sum of the resultant file is cc4e48a5fe0ba15b13a98b3fd34b340e
Yep it's seeks that hurt. Tim Bray observed something interesting from the reiser4 benchmarks. That within 1 Gig of data you can do about 120 to 130 random seeks. Within 3 Gigs of data you can only do about 90 to 105 random seeks a second. Thats why having good readahead sizes and ordering your seeks can be really helpful. At 10,000 RPM it's 166.7 RPS -- thats 6 milliseconds to do a complete revolution. So the latency from that is on average 3 milliseconds. Reading 150K Bytes at a time would be another 3 milliseconds so the other 4 should be the track shifting time and other overhead. Upping the RPMs should decrease the rotational latency and read time even if it didn't effect track switching. Of course if you don't also increase track seeking time than you can only double the amount of seeks you can do in second even if you make a 100,000 RPM or faster drive...
I dare you to find a list implementation in any type-strong language that doesn't require an upcast in this situation. You need it to be able to store objects of an anonymous type on a list.
c++ using the stl doesn't need it, because their lists are stronger typed than java's.
std::vector<char * > l;
l.push_back("A String");
char *s=l[0];
Look no casts required - anonymous type doesn't sound like strong type to me.
They should tick off both, by listing it as a disputed territory.
Yep I immediated thought of the book Fooled By Randomness by Nassim Nicholas Taleb.
He has some very good insights about the markets and human behavior.
See Taubman sucks for a domain name dispute that was heavily documented. Hank Mishkoff fights off Taubman over an issue over "The Shops at Willow Bend". Has lots of good stuff on "safe distance", Lanham Act, Trademarks, etc.
He wins in the end but it's quite the battle.
Add a phaser, and I'm sold!
They had a model like that for awhile, but in field use they had too many star fleet personnel accidently activating the phaser while it was pointed at their head;->
...philosophy that the only kind of software is the kind that you can not only have the rights to change and republish but also to tinker with in any way is directly in contrast with the philosophy of Capitalism... Actually Adam Smith in the Wealth of Nations was strongly against people like trade guilds from having a monoppoly on knowledge -- the rational actors with equal knowledge/information assumption was meant to reflect ideal capitalistic competition. In fact he spoke strongly about trade guilds restricting know-how to menbers only. It doesn't seem that much of a stretch that he'd be against the current situation that exists in the software industry dominated by secretcy and restrictive licenses.
The article made it sound like they selected a few critical files(but not all or even most) -- "...sequester the critical parts of the source code so they would not be modified in the course of routine maintenance." .
It also sounds like the used MD5 or SHA1 to validate what exactly must not change -- "...produce a mechanism by which cryptographic fingerprints could be chained from the original source code all the way to the final runtime executable.".
And nope they did not test gcc or validate that the code had unspecified or undefined behavior spots in it that could even legitimately cause a compiler to generate binaries that produce different results.
Most of this is just "red-tape".
Well I think that fedora might be the first of many distros that use SELinux. So it really doesn't make much sense for SELinux to have it's "own distro"; just like it doesn't make sense for the O(1) scheduler to have it's own distro. It's something that lots of them with just use.
Yep and the Manhatten project used old style "computers" -- a bunch of people(usually women) in a room that had simple tasks of add, sub, mult, and div.
The current thought is that making an ineffiecient relatively "low-yield" weapon is easy. You need lots of computer power to get the most bang for the kilogram or to make a fusion weapon.