H1N1 Flu Shot: 3 Major Fears Debunked Magazine#&mbid=cnn#&mbid=cnn#&mbid=cnn#&mbid=cnn#&mbid=cnn
Attacks on the vaccine boil down to three major arguments, each playing on different fears. These arguments may seem persuasive on the surface, but they’re not supported by the science.
Wednesday, October 28, 2009
Monday, October 26, 2009
CouchDB Implements a Fundamental Algorithm : Daytime Running Lights
CouchDB Implements a Fundamental Algorithm : Daytime Running Lights: "To get to the core of how CouchDB provides these properties in a lockless way requires understanding the append-only file format, but I'll give you the basic picture: Each db file has a single writer process and multiple reader processes. Readers can proceed independently of the writer, getting a consistent snapshot of the data, even as changes are being made."
Friday, October 23, 2009
Technology Review: Vulnerability Seen in Amazon's Cloud-Computing
Technology Review: Vulnerability Seen in Amazon's Cloud-Computing
Ron Rivest, a computer science professor at MIT and pioneer in cryptography, says the four researchers have "discovered some troubling facts" about cloud-computing services, which rent out computing resources, including storage and processing power, on a by-the-hour basis. Specifically, the potential weaknesses were found in the basic computing infrastructure services that are provided by Amazon and Rackspace and are widely used within many in-house corporate datacenters.
These technologies involve "virtual machines"--remote versions of traditional onsite computer systems, including the hardware and operating system. The number of these virtual machines can be expanded or contracted on the fly to meet demand, creating tremendous efficiencies. But the actual computing is, of course, performed within one or more physical data centers, each containing thousands of computers. And virtual machines of different customers sit on the same physical servers.
The attack involves first figuring out which physical servers a victim is using within a cloud, then implanting a malicious virtual machine there, and finally attacking the victim.
Hunting down a victim who might be on any of tens of thousands of servers might seem a needle-in-haystack enterprise. But the paper concludes that with some simple detective work, "just a few dollars invested in launching [virtual machines] can produce a 40 percent chance of placing a malicious [virtual machine] on the same physical server as a target." They dub this mapping process "cartography."
Ron Rivest, a computer science professor at MIT and pioneer in cryptography, says the four researchers have "discovered some troubling facts" about cloud-computing services, which rent out computing resources, including storage and processing power, on a by-the-hour basis. Specifically, the potential weaknesses were found in the basic computing infrastructure services that are provided by Amazon and Rackspace and are widely used within many in-house corporate datacenters.
These technologies involve "virtual machines"--remote versions of traditional onsite computer systems, including the hardware and operating system. The number of these virtual machines can be expanded or contracted on the fly to meet demand, creating tremendous efficiencies. But the actual computing is, of course, performed within one or more physical data centers, each containing thousands of computers. And virtual machines of different customers sit on the same physical servers.
The attack involves first figuring out which physical servers a victim is using within a cloud, then implanting a malicious virtual machine there, and finally attacking the victim.
Hunting down a victim who might be on any of tens of thousands of servers might seem a needle-in-haystack enterprise. But the paper concludes that with some simple detective work, "just a few dollars invested in launching [virtual machines] can produce a 40 percent chance of placing a malicious [virtual machine] on the same physical server as a target." They dub this mapping process "cartography."
Wednesday, October 21, 2009
CommsDesign - Symbian opens source microkernel, ahead of schedule ....
CommsDesign - Symbian opens source microkernel, ahead of schedule ....
The release of the microkernel demonstrates three vital, guiding principles of the foundation: first, the commitment of many community members to the development of the platform - in this case, Accenture, ARM, Nokia and Texas Instruments Incorporated (TI) all made contributions; second, progress in fulfilling our commitment to a complete open source release of Symbian; and third, a tangible example of providing the most advanced mobile platform in the world," said Lee Williams, Executive Director, Symbian Foundation.
To enable the community to fully utilize the open source kernel, Symbian is providing a complete development kit, free of charge, including ARM's high performance RVCT compiler toolchain.
The release of the microkernel demonstrates three vital, guiding principles of the foundation: first, the commitment of many community members to the development of the platform - in this case, Accenture, ARM, Nokia and Texas Instruments Incorporated (TI) all made contributions; second, progress in fulfilling our commitment to a complete open source release of Symbian; and third, a tangible example of providing the most advanced mobile platform in the world," said Lee Williams, Executive Director, Symbian Foundation.
To enable the community to fully utilize the open source kernel, Symbian is providing a complete development kit, free of charge, including ARM's high performance RVCT compiler toolchain.
IBM tackles the virtual data center | The Pervasive Data Center - CNET News
IBM tackles the virtual data center The Pervasive Data Center - CNET News
The new product, IBM Systems Director VMControl Enterprise Edition, is focused on virtualized environments. It supports IBM's PowerVM and z/VM as well as x86 virtualization technologies such as VMWare, Hyper-V and open x86 virtualization solutions. IBM plans to first offer it on IBM Power Systems running AIX in December, 2009 with other platforms coming next year
The new product, IBM Systems Director VMControl Enterprise Edition, is focused on virtualized environments. It supports IBM's PowerVM and z/VM as well as x86 virtualization technologies such as VMWare, Hyper-V and open x86 virtualization solutions. IBM plans to first offer it on IBM Power Systems running AIX in December, 2009 with other platforms coming next year
Cloud Testing Comes to the Fore
Cloud Testing Comes to the Fore
CSC also provides "Testing as a Service" (TaaS) within its Trusted Cloud Services offering. Testing as a Service is available on-demand in public, private and hybrid cloud networks to meet customers' business requirements, security needs and regulatory standards."
CSC also provides "Testing as a Service" (TaaS) within its Trusted Cloud Services offering. Testing as a Service is available on-demand in public, private and hybrid cloud networks to meet customers' business requirements, security needs and regulatory standards."
Monday, October 19, 2009
Colleagues Finger Billionaire - WSJ.com
Colleagues Finger Billionaire - WSJ.com: "Some of the allegations describe trading based on advance knowledge of developments at Intel Corp., where the federal criminal complaint alleges Mr. Rajaratnam boasted of having a source. One of those facing conspiracy and securities-fraud criminal charges, as well as civil insider-trading charges, is Intel executive Rajiv Goel, an executive in Intel's treasury department. The SEC complaint alleges he gave Mr. Rajaratnam information about impending Intel earnings releases and also information related to Intel's dealings with Clearwire Corp. That wireless Internet carrier was recapitalized as part of a transaction that included an Intel investment. Clearwire declined to comment.
The criminal complaint says that in a call intercepted in 2008, Mr. Goel asked Mr. Rajaratnam to get him a job 'with one of your powerful friends,' as he was 'tired' of working at Intel."
The criminal complaint says that in a call intercepted in 2008, Mr. Goel asked Mr. Rajaratnam to get him a job 'with one of your powerful friends,' as he was 'tired' of working at Intel."
Federal Bureau of Investigation - The New York Division: Department of Justice Press Release
Federal Bureau of Investigation - The New York Division: Department of Justice Press Release: "From approximately March 2008 until around October 2008, RAJARATNAM and GOEL engaged in insider trading schemes involving the stock of Clearwire. GOEL obtained Inside Information regarding investments in Clearwire made by his employer in Spring 2008, and provided it to RAJARATNAM in violation of duties of trust and confidence he owed to Intel. RAJARATNAM caused Galleon to trade on the basis of this Inside Information, earning a total profit of approximately $579,000. In exchange for the Inside Information RAJARATNAM received from GOEL, RAJARATNAM placed profitable trades for the benefit of GOEL in a personal brokerage account maintained by GOEL at Charles Schwab."
Friday, October 09, 2009
Cloud Standards are Misunderstood | Cloudscaling
Cloud Standards are Misunderstood | Cloudscaling: "the short term standards that matter are the simple control & management APIs for the lower layers of the ‘cloud stack’. Obviously, that means standards for controlling infrastructure are of pre-eminent importance with platforms (PaaS) following right behind. Standards for control of applications (SaaS) will be difficult and probably vertical driven."
Dr. Dobb's | Protecting Critical Applications on Mobile Platforms | July 10, 2009
Dr. Dobb's Protecting Critical Applications on Mobile Platforms July 10, 2009
P-MAPS is a processor-measured service layer that reduces the trusted computing base and improves the runtime security of user applications
The authors are research scientists and engineers for Intel Labs. They can be contacted at ravi.sahita@intel.com, ulhas.warrier@intel.com, and prashant.dewan@intel.com, respectively. Copyright (c) 2009 Intel Corporation. All rights reserved
P-MAPS is a processor-measured service layer that reduces the trusted computing base and improves the runtime security of user applications
The authors are research scientists and engineers for Intel Labs. They can be contacted at ravi.sahita@intel.com, ulhas.warrier@intel.com, and prashant.dewan@intel.com, respectively. Copyright (c) 2009 Intel Corporation. All rights reserved
Tuesday, October 06, 2009
Linux and the Trusted Platform Module (TPM) - The H Open Source: News and Features
Linux and the Trusted Platform Module (TPM) - The H Open Source: News and Features
You can check a Linux machine for its level of TPM support with the following command line –
ls -la /lib/modules/$(uname -r)/kernel/drivers/char/tpm
You can check a Linux machine for its level of TPM support with the following command line –
ls -la /lib/modules/$(uname -r)/kernel/drivers/char/tpm
Linux and the Trusted Platform Module (TPM) - The H Open Source: News and Features
Linux and the Trusted Platform Module (TPM) - The H Open Source: News and Features
You can check a Linux machine for its level of TPM support with the following command line –
ls -la /lib/modules/$(uname -r)/kernel/drivers/char/tpm
You can check a Linux machine for its level of TPM support with the following command line –
ls -la /lib/modules/$(uname -r)/kernel/drivers/char/tpm
PGP/GPG for GMail « The Life of a Silicon Valley Rockstar
PGP/GPG for GMail « The Life of a Silicon Valley Rockstar
It’s a Firefox extension and pushes itself right into Gmail. I wish they’d make a solution for IE7 as well since for better or worse it’s still the de facto standard web browser. You’ll note I said it’s a firefox extension. It’s not a key manager. For that you’ll need to download GNUPG or my preference, GPG4Win which also has a file encryption plugin GPGee and an Outlook 2003 plugin, GPGol.
It’s a Firefox extension and pushes itself right into Gmail. I wish they’d make a solution for IE7 as well since for better or worse it’s still the de facto standard web browser. You’ll note I said it’s a firefox extension. It’s not a key manager. For that you’ll need to download GNUPG or my preference, GPG4Win which also has a file encryption plugin GPGee and an Outlook 2003 plugin, GPGol.
Getting an SMIME certificate - MozillaZine Knowledge Base
Getting an SMIME certificate - MozillaZine Knowledge Base
Certificate Authorities
Sources of Free SMIME Certificates
Free certificates usable for S/MIME are available from:
Thawte
Verisign
InstantSSL / Comodo
TC TrustCenter and ChosenSecurity
ipsCA
CAcert (CAcert is NOT one of the trusted authorities built-in to FireFox and ThunderBird)
StartCom
Certificate Authorities
Sources of Free SMIME Certificates
Free certificates usable for S/MIME are available from:
Thawte
Verisign
InstantSSL / Comodo
TC TrustCenter and ChosenSecurity
ipsCA
CAcert (CAcert is NOT one of the trusted authorities built-in to FireFox and ThunderBird)
StartCom
LYSP
"result is LYSP: is a tiny, lightweight
Lisp interpreter following closely the tradition of the earliest Lisp
implementations."
http://www.piumarta.com/software/lysp/lysp-1.0/00_README
Lisp interpreter following closely the tradition of the earliest Lisp
implementations."
http://www.piumarta.com/software/lysp/lysp-1.0/00_README
"The Silicon Age: Virtual I/O
Since 2005, VMware and Xen have gradually reduced the performance overheads of virtualization, aided by the Moore’s law doubling in transistor count, which inexorably shrinks overheads over time. AMD’s Rapid Virtualization Indexing (RVI – 2007) and Intel’s Extended Page Tables (EPT – 2009) substantially improved performance for a class of recalcitrant workloads by offloading the mapping of machine-level pages to Guest OS “physical” memory pages, from software to silicon. In the case of operations that stress the MMU—like an Apache compile with lots of short lived processes and intensive memory access—performance doubled with RVI/EPT. (Xen showed similar challenges prior to RVI/EPT on compilation benchmarks.)
Some of the other performance advances have included interrupt coalescing, IPv6 TCP segmentation offloading and NAPI support in the new VMware vmxnet3 driver. However, the last year has also seen two big advances: direct device mapping, enabled by this generation of CPU’s (e.g. Intel VT-D first described back in 2006), and the first generation of i/o adapters that are truly virtualization-aware.
Before Intel VT-D, 10GigE workloads became CPU-limited out at around 3.5GB/s of throughput. Afterwards (and with appropriate support in the hypervisor), throughputs above 9.6 GB/s have been achieved. More important, however, is the next generation of i/o adapters that actually spin up mini-virtual NIC’s in hardware and connect them directly into virtual machines—eliminating the need to copy networking packets around. This is one of the gems in Cisco’s UCS hardware which tightly couples a new NIC design with matching switch hardware. We’re now at the stage that if you’re using this year’s VMwar"
Since 2005, VMware and Xen have gradually reduced the performance overheads of virtualization, aided by the Moore’s law doubling in transistor count, which inexorably shrinks overheads over time. AMD’s Rapid Virtualization Indexing (RVI – 2007) and Intel’s Extended Page Tables (EPT – 2009) substantially improved performance for a class of recalcitrant workloads by offloading the mapping of machine-level pages to Guest OS “physical” memory pages, from software to silicon. In the case of operations that stress the MMU—like an Apache compile with lots of short lived processes and intensive memory access—performance doubled with RVI/EPT. (Xen showed similar challenges prior to RVI/EPT on compilation benchmarks.)
Some of the other performance advances have included interrupt coalescing, IPv6 TCP segmentation offloading and NAPI support in the new VMware vmxnet3 driver. However, the last year has also seen two big advances: direct device mapping, enabled by this generation of CPU’s (e.g. Intel VT-D first described back in 2006), and the first generation of i/o adapters that are truly virtualization-aware.
Before Intel VT-D, 10GigE workloads became CPU-limited out at around 3.5GB/s of throughput. Afterwards (and with appropriate support in the hypervisor), throughputs above 9.6 GB/s have been achieved. More important, however, is the next generation of i/o adapters that actually spin up mini-virtual NIC’s in hardware and connect them directly into virtual machines—eliminating the need to copy networking packets around. This is one of the gems in Cisco’s UCS hardware which tightly couples a new NIC design with matching switch hardware. We’re now at the stage that if you’re using this year’s VMwar"
The Black Art of Optimising -- www.volker-lanz.de
The Black Art of Optimising -- www.volker-lanz.de: "static unsigned int itoa(char* p, unsigned int n)
{
char tmp[MAX_DIGITS + 1];
char* s = tmp + MAX_DIGITS;
*s = 0;
do
{
*--s = '0123456789'[n % 10];
n /= 10;
} while (n > 0);
strcpy(p, s);
return tmp + MAX_DIGITS - s;
}"
{
char tmp[MAX_DIGITS + 1];
char* s = tmp + MAX_DIGITS;
*s = 0;
do
{
*--s = '0123456789'[n % 10];
n /= 10;
} while (n > 0);
strcpy(p, s);
return tmp + MAX_DIGITS - s;
}"
Win32_Tpm Class (Windows)
Win32_Tpm Class (Windows): "Win32_Tpm Class
The Win32_Tpm class represents the Trusted Platform Module (TPM), a hardware security chip that provides a root of trust for a computer system."
The Win32_Tpm class represents the Trusted Platform Module (TPM), a hardware security chip that provides a root of trust for a computer system."
Windows Trusted Platform Module Management Step-by-Step Guide
Windows Trusted Platform Module Management Step-by-Step Guide: "Windows Trusted Platform Module Management Step-by-Step Guide"
Monday, October 05, 2009
Rewriting the rules: Intel's software chief challenges convention | Oregon Business News - - OregonLive.com
Rewriting the rules: Intel's software chief challenges convention Oregon Business News - - OregonLive.com
Even so, Intel has repeatedly sought to branch out in software as a complement to its chips and as a tool for breaking into new technologies. “The results have been very consistent,” Grove, now 73 and retired, says. “They amounted to nothing.” It’s James’ job to break that losing streak.
Even so, Intel has repeatedly sought to branch out in software as a complement to its chips and as a tool for breaking into new technologies. “The results have been very consistent,” Grove, now 73 and retired, says. “They amounted to nothing.” It’s James’ job to break that losing streak.
Saturday, October 03, 2009
Share your favourite nerd, geek, science jokes! : funny
Share your favourite nerd, geek, science jokes! : funny
The past, the present, and the future walk into a bar. It was tense
The past, the present, and the future walk into a bar. It was tense
Improbable Research
Improbable Research: "'Are Full or Empty Beer Bottles Sturdier and Does Their Fracture-Threshold Suffice to Break the Human Skull?' Stephan A. Bolliger, Steffen Ross, Lars Oesterhelweg, Michael J. Thali and Beat P. Kneubuehl, Journal of Forensic and Legal Medicine, vol. 16, no. 3, April 2009, pp. 138-42. DOI:10.1016/j.jflm.2008.07.013."
Bertrand Meyer's technology blog » Blog Archive » The CPU Clock principle of software releases
Bertrand Meyer's technology blog » Blog Archive » The CPU Clock principle of software releases: "CPU Clock principle: release at fixed frequency."
Amicus Curiae: Bilski v. Kappos - Software Freedom Law Center
Amicus Curiae: Bilski v. Kappos - Software Freedom Law Center: "In Microsoft v. AT&T, this Court recognized that “[a]bstract software code [uninstalled in a machine] is an idea without physical embodiment.” 550 U.S. 437, 449(2007). The court below correctly decided that, on the basis of this Court’s prior holdings, such abstract ideas without physical embodiment cannot be the subject of a statutory patent monopoly."
Subscribe to:
Posts (Atom)