Xilinx software is licensed by subscription that has to be renewed annually. Even WebPack. It's also single seat, so you can't install it on both a desktop and laptop. The license is tied either to the hard drive or PHY MAC. Even though free, it's not clear whether they will grant you more than one 'free' license, and the shrinkwrap EULA isn't stated in advance. For instance, even though highly implausible they would, there's no guarantee they can't extort payment from you at a later time, gratuitously cancel your license, or simply cease their 'free' WebPack program. I personally chose to avoid Xilinx for my uses, in favor of Altera. Not because I dislike Xilinx or anything, but simply because the last thing I wanted is more licensing complexity to deal with.

Just remove the excess forwarding buffers; there's no point buffering more than what's required for the internal forwarding jitter, which should really be no more than a few datagrams at most. TCP is based on a model where congestion = loss, not congestion = pileup. Other UDP based protocols - DNS, etc, all have their own retransmission mechanisms, also based on the same model of congestion = loss. What happens when routers have ridiculous quantities of buffer - several seconds' worth - is that entire TCP windows' worth get piled up, and _then_ TCP fast retransmit piles it up _again_. When the congestion eases and the router is draining its massive buffer including all the piled up retransmits, the source TCPs are still polynomially backing off. The culprit really isn't the congestion control, but the excess buffering. Some experimental congestion control mechanisms attempt to get around this by continuously measuring one-way latency and in this way detect intermediate buffer pileups - and stop piling up more until the buffer is drained - but it's really silly to add complexity to work around something that shouldn't be in the datagram path in the first place. These methods of congestion control however tend not to work as well where congestion is actually caused by loss, but this tends to be pretty rare these days where loss is indicative of buffer overflow or traffic shaping. (E.g. the common ethernet collision domain is gone due to switched full-duplex infrastructure.)

It wasn't expressed with a high rate of accuracy.

Try Safari 4 - it seems to be part of the software updates now. It's so much faster that all the scripting and rendering is inconsequential.

Does this include the verbal open offers for officials who helped secure the deal?

Me too! This is totally, positively, awesome. I looked through the code and it should port super easy to any system that can provide a libusb-like host interface to the USB bus. Which isn't exactly tough. First I'm going to use it to drive a display using an Olimex LPC-E2468 running plain uCLinux just to check it out; then I plan to port it to my own (MIT license) networking RTOS. This is exactly what I have been looking for!

Perhaps they're trying to change this and find glibc an obstacle.

This is no guarantee against datajacking. No one keeps their backups forever. If I know the retention policy is one year, then after I break in I make sure to install something, like an encrypting driver, that makes tapes and disks look fine for backup/restore - until I remove the key. I then wait a year until all backups currently retained are polluted. Then I pull the plug and make my demand. I can even do it by trigger, so when the first polluted backup is the oldest in the set the key is automatically wiped, immediately putting every bit they own on wrote from any of the infected servers up for ransom. This way, all the network traces, addresses, etc, available to track me down would also be a year old.

...is that the estate of Gene Roddenberry hasn't gotten involved yet.

I agree with the sentiment - however, it's one of policy, not mechanism. NAT is a pretty poor substitute for a router that implements policy (known as a firewall). NAT has literally an all-or-nothing granularity. For instance, I might want to specify that an internal host can enable BitTorrent via UPnP, but under no circumstances can CIFS be allowed through - in either direction. An internal host sending a CIFS solicitation out does not mean a pinhole should be opened and some set of hosts (depending on cone of restriction) free to respond. NAT is just not a practical policy tool. It's an address space recovery tool. Reverse NAT, however, has some redeeming qualities for load balancing and failover - I'm not versed well enough in IPv6 to understand how they'd be implemented without NAT. (Anycast addressing, I suppose.)

But you can implement NAT in IPv6 just as much as in IPv4 if you wish. A router could appear to have a single interface ID and translate to/from that. It's largely unnecessary though since instead of a handful of IPv4 addresses you have an entire 64-bit space to yourself (and maybe even the SLN prefix, not sure about that).

IPv6 really is a major cleanup and simplification from IPv4. I'm slightly disconcerted by the increased dependency on DNS however.

0. Evil Bolivian liberals start talking about using the proceeds from sale of lithium for things like national defense, highways, electricity, water plants, schools, research facilities, health care, a functional judicial system - all this first-world stuff they could only dream of affording previously
1. Coup
2. Generals clean out subversives who think Bolivians should own their own natural resources, and make country safe for U.S. and European mining co's
3. Generals sell off complete and exclusive rights for pennies on the dollar - no taxation or local businesses involved; Generals get rewarded with nice personal kickbacks
4. Generals provide local labor for cheap. Very cheap. After all, they have a virtually infinite supply of desperate people willing to work for subsistence wages
5. After 10-20 years as the locals revolt because of the total sell-out, generals escape to a first-world life in luxury
6. As the locals refuse to accept the previous BS deal they kick out foreign mining co's and nationalize the resources
7. U.S. decries evil commies and does its best to destabilize said evil commie government, by interfering with elections, supporting "freedom fighters" (read: insurgents and terrorists), and generally attempt to turn back the clock. The pretext is demanding "free elections", which of course can be rigged to practically restore the previous order
8. After a generation everyone eventually gets tired of conflict, forget what they were fighting over in the first place, and things are allowed to return to some semblance of where they should have been at point 0. Only with a lot of bad history.

Been there, done that. Got the t-shirt.

Without use of Kazakhstan, Russia has only a narrow strip of land that stretches far enough south to be worth launching from - and landing at. And this is not a flat desert wasteland. The reason for the rockets is to allow for a controlled landing. Parachutes are more suited for an ocean or desert landing where a few miles of accuracy doesn't make much difference. Presumably they figured that the weight of the landing system is outweighed by the benefit of launching (and landing) at a more southern latitude. Ocean landings aren't exactly free, either.

This was my initial reaction too... As in what, that thing is still around? Does it still use 8086 segment registers for memory management? I figured someone must have done an excellent sales job to fund work on Minix!!!

But then, it's about security research and Minix is presumably only used as the vehicle. This makes more sense. Today a hodge podge of security models are used, all inadequate in one way or another.

Say you want to grant libpcap the ability to put an interface into promiscuous mode, but limit use of libpcap to ethereal, then limit the users who can run ethereal, and maybe even allow them to do different things with it. In addition, you want to authenticate executable and library signatures. And you want all this to be done without significant implementation in the libraries and executables themselves - you want them to implement functionality, not security. The security part is orthogonal and needs to intersect all functionality. A microkernel like Minix seems like a good vehicle for this, because so much system functionality is implemented in userland. VAX/VMS was pretty good about finely granular privileges, but it didn't really have a generalized model that was extensible or even all that suited for non-monolithic kernels. In fact, part of what keeps us with monolithic kernels is the difficulty of securing microkernel based systems. (Not really including single server ones, like OS X.) Of course, performance is another problem but I think that can be overcome. (Mach just screwed it up by making it too high level.)

So, weird as it may seem at first glance, it does make some sense. I think. I would welcome a research system that demonstrates a generalized - and practical - model for capability management.