Gonna hang out my own shingle. Think I can change the world. I'm probably wrong. All the same, I'm willing to try my best.

Just try and stop me...

In light of the NIST complaint that there are so many applicants for their cryptographic hash challenge that a good evaluation cannot be given, I am curious as to whether they have adequately defined the challenge in the first place. If the criteria are too loose, then of course they will get entries that are unsuitable. However, the number of hashes entered do not seem to be significantly more than the number of encryption modes entered in the encryption mode challenge. If this is impossible for them to evaluate well, then maybe that was also, in which case maybe we should take their recommendations over encryption modes with a pinch of salt. If, however, they are confident in the security and performance of their encryption mode selections, what is their real objection in the hashing challenge case?

But another question one must ask is why there are so many applicants for this, when NESSIE (the European version of this challenge) managed just one? Has the mathematics become suddenly easier? Was this challenge better-promoted? (In which case, why did Slashdot only mention it on the day it closed?) Were the Europeans' criteria that much tougher to meet? If so, why did NIST loosen the requirements so much that they were overwhelmed?

These questions, and others, look doomed to not be seriously answered. However, we can take a stab at the criteria and evaluation problem. A strong cryptographic hash must have certain mathematical properties. For example, the distance between any two distinct inputs must be unconnected to the distance between the corresponding outputs. Otherwise, knowing the output for a known input and the output for an unknown input will tell you something about the unknown input, which you don't want. If you have a large enough number of inputs and plot the distance of inputs in relation to the distance in outputs, you should get a completely random scatter-plot. Also, if you take a large enough number of inputs at fixed intervals, the distance between the corresponding outputs should be a uniform distribution. Since you can't reasonably test 2^512 inputs, you can only apply statistical tests on a reasonable subset and see if the probability that you have the expected patterns is within your desired limits. These two tests can be done automatically. Any hash that exhibits a skew that could expose information can then be rejected equally automatically.

This is a trivial example. There will be other tests that can also be applied automatically that can weed out the more obviously flawed hashing algorithms. But this raises an important question. If you can filter out the more problematic entries automatically, why does NIST have a problem with the number of entries per-se? They might legitimately have a problem with the number of GOOD entries, but even then all they need to do is have multiple levels of acceptance and an additional round or two. eg: At the end of human analysis round 2, NIST might qualify all hashes that are successful at that level as "sensitive-grade" with respect to FIPS compliance, so that people can actually start using them, then have a round 3 which produces a pool of 3-4 hashes that are "classified-grade" and a final round to produce the "definitive SHA-3". By adding more rounds, it takes longer, but by producing lower-grade certifications, the extra time needed to perform a thorough cryptanalysis isn't going to impede those who actually use such functions.

(Yes, it means vendors will need to support more functions. Cry me a river. At the current scale of ICs, you can put one hell of a lot of hash functions onto one chip, and have one hell of a lot of instances of each. Software implementations are just as flexible, with many libraries supporting a huge range. Yes, validating will be more expensive, but it won't take any longer if the implementations are orthogonal, as they won't interact. If you can prove that, then one function or a hundred will take about the same time to validate to accepted standards. If the implementations are correctly designed and documented, then proving the design against the theory and then the implementation against the design should be relatively cheap. It's crappy programming styles that make validation expensive, and if you make crappy programming too expensive for commercial vendors, I can't see there being any problems for anyone other than cheap-minded PHBs - and they deserve to have problems.)

Found this interesting site, which is focussing on developing grid computing systems for gaming. The software they seem to be using is a mix of closed and open source.

This could be an important break for Linux, as most of the open source software being written is Linux compatible, and gaming has been the biggest problem area. The ability to play very high-end games - MMORGs, distributed simulators, wide-area FPS, and so on, could transform Linux in the gaming market from being seen as a throwback to the 1980s (as unfair as that is) to being considered world-class.

(Windows machines don't play nearly so nicely with grid computing, so it follows that it will take longer for Microsoft and Microsoft-allied vendors to catch up to the potential. That is time Linux enthusiasts can use to get a head-start and to set the pace.)

The question that interests me is - will they? Will Linux coders use this opportunity of big University research teams and big vendor interest to leapfrog the existing markets completely and go straight for the market after? Or will this be seen as not worth the time, the same way that a lot of potentially exciting projects have petered out (eg: Open Library, Berlin/Fresco, KGI, OpenMOSIX)?

Two hundred and sixty seven tapes of previously unheard electronic music by Delia Derbyshire have been found and are being cataloged.

For those unfamiliar with Delia Derbyshire, she was one of the top pioneers of electronic music in the 1950s and 1960s. One of her best-known pieces was the original theme tune to Doctor Who. According to Wikipedia, "much of the Doctor Who theme was constructed by recording the individual notes from electronic sources one by one onto magnetic tape, cutting the tape with a razor blade to get individual notes on little pieces of tape a few centimetres long and sticking all the pieces of tape back together one by one to make up the tune".

Included in the finds was a piece of dance music recorded in the mid 60s, examined by contemporary artists, revealed that it would be considered better-quality mainstream today. Another piece was incidental music for a production of Hamlet.

The majority of her music mixed wholly electronic sounds, from a sophisticated set of tone generators and modulators, and electronically-altered natural sounds, such as could be made from gourds, lampshades and voices.

Someone has trawled through YouTube and flagged not only the episodes of The Tripods, but also all fan productions, fan cine footage and fan photography of the series. How so, can't you buy it on DVD? Only the first season, the second exists only in pirated form at scifi conventions, and of course the fan material doesn't exist elsewhere at all. The third season, of course, was never made, as the BBC had a frothing xenophobic hatred of science fiction at the time. (So why they made a dalek their general director at about that time, I will never know...)

What makes this exceptionally annoying is that the vast bulk of British scifi has been destroyed by the companies that produced it, the vast bulk of the remainder has never seen the light of day since broadcast, and the vast bulk of what has been released has been either tampered with or damaged in some other way, often (it turns out later) very deliberately, sometimes (again it turns out later) for the purpose of distressing the potential audience.

I've nothing against companies enforcing their rights, but when those companies are acting in a cruel and vindictive fashion towards the audience (such as John Nathan Turner's FUD of audiences being too stupid to know what they like, or too braindead to remember what they have liked), and the audiences vote with their feet, on what possible grounds can it be considered justified for those companies to (a) chain the audience to the ground, and (b) then use the immobility of the audience to rationalize and excuse the abuse by claiming the audience isn't going anywhere?

I put it to the Slashdot Court of Human/Cyborg Rights that scifi fans are entitled to a better, saner, civilized explanation, and that whilst two wrongs can never make a right, one wrong is never better.

Well, it now appears the University of Manchester in England has built 1nm transistors on graphene. The article is short on details, but it appears to be a ring of carbon atoms surrounding a quantum dot, where the quantum dot is not used for quantum computing or quantum states but rather for regulating the electrical properties. This is still a long way from building a practical IC using graphene. It is, however, a critical step forward. The article mentions other bizare behaviours of graphene but does not go into much detail. This is the smallest transistor produced to date.

This has been the dullest April 1st Slashdot has ever had. Has its funny bone been surgically removed? For those who miss the days of OMG!!! PONIES!!!, I think I've found the only site that comes close in being very very strange.....

Hey! You can't just have a car accident and post something where we can't write in and let you know that we're thinking of you and that we're glad you're alive and not splattered across the side of a Semi Trailer somewhere.... well ok the truth is I'm just damn glad that you could post at all.

Get well and don't go jumping around early, make sure you give yourself a lot of time to recover. And sleep lots. See if you can get yourself hooked on daytime tv :)

Slashdot without you would be a grey place. Please take care of yourself and know that we love you.

Hugs,

Pixie

Update: um, nevermind. I interpreted the big white space after the JE to mean that there was no more content. I forget that the CSS here ain't exactly Zen Garden...

You know, I'm trying to be a better wife. I guess I just have to accept the Mars/Venus thing.

My husband is really, really susceptible to stress. His health tanks when he's stressed, he just can't handle it. This winter break, my sled wouldn't start (right after we took the damn thing in for maintenance due to a recall). Hubby spent 2 days doing everything he could think of, and was generally angry and miserable, refused to go snowmobiling himself, and so forth. We took it in, they fixed it -- and the first ride out, the nut came off the A-arm of my right ski. The a-arm is what keeps the ski pointed forward - the only other piece connected to the ski is the main strut, which is on a ball-joint. Had the a-arm separated while I was moving at speed, the ski could have jacknifed, and well - that would have been bad.

Chances are, the snowmobile shop forgot to tighten the nuts after they did the recall work. My hubby is absolutely determined to sue the shop.

Why? Why why why why? Why take on that stress. Why not just be happy that all is well that ends well and move on?

I can't say that though. If I encourage him to drop it, he will accuse me of siding against him, that I don't support him.

Sigh. I'm not very good at remaining silent on things like this. I can only hope that he will tire of this whole plan and give it up. My dog walker thinks that this is about control -- he can't control so many things that happen to him - but dammit, he's going to control this one thing, make these people pay if it kills him...

One of the most fascinating things I've observed in searching for Open Source projects available for whatver I'm doing at the time is the huge disparity of what is available, how it is used and who is interested.

An obvious place to start is in the field of electronics. Computer-based tools are already used to build such stuff, so it's a natural replacement, right? Well, almost. There are tools for handling VHDL, Verilog and SystemC. There are frameworks for simulating both clock-based and asychronous circuits. You can do SPICE simulations, draw circuit diagrams, download existing circuits as starting points or places of inspiration, simulate waveforms, determine coverage and design PCBs. OpenCores provides a lot of fascinating already-generated systems, SUN provides the staggering T1 and T2 UltraSPARC cores, and the Sirocco 64-bit SPARC. This field has probably not got anywhere near what it needs, but it has a lot.

Maths is another obvious area. Plenty of Open Source tools for graphing, higher order logic, theorum provers, linear algebra, eigenvalues, eigenvectors, signal processing, multiple-precision, numerical methods, solvers for all kinds of other specific problem types, etc.

What about astronomy? That requires massive table data crunching, correlation of variations, moving telescopes around with absolute precision - things computers tend to be very good at. There are a few. Programs for capturing images are probably the most common, although some telescopes provide software for controlling telescopes, obtaining data and performing basic operations. Mind you, how much more than this does one need in software? Some things are better done in hardware (for now, at least) because the software hasn't the speed. Yes, the control software seems a little specialized, but it'd be hard to make something like that general-purpose.

Chemistry. Hmmm. Lots of trivial stuff, more educational than valuable - periodic tables, 3D models of molecules, LaTeX formatting aids. There's a fair amount on the study of crystals and crystallography, which is as much chemistry as it is physics, but there's not a lot else. Chemistry involves a lot of tables (which would be ideal for a standardized database), a lot of mathematical equations, formulae, graphing, measuring and correlating all sorts of data, the consequences of different filtering and separation techniques, the wavelength and intensity of energies, analysis of the results of atomic mass spectrometry or other noisy data, etc. I see the underlying tools for doing some (but not all) of these things, but I don't see the heavy lifting.

Archaeology has very few non-trivial tools. Some signal processing for ground-penetrating RADAR, but there are virtually no tools out there that could be useful for helping with interpretation. In fact, most RADAR programs don't interpret either but display the result on a small LCD screen. Nor do any tools exist for correlating interpretations (other than manually via an extremely naive - for this purpose - GIS database). There's a few scraps here and there, but signal analysis and GIS seem to be about it, and those were mostly developed for mining companies and tend to show it.

Biology has plenty of DNA sequencing code. By now, Slashdotter should be able so sequence eith own DNA, not pay someone a thousand to do it. You mean, those aren't enough, that you need more hardware? And a lot more software? It's an important step, but it's not unique.

Mechanical Engineering. I haven't seen anything of any significance.

Geology. Not really, beyond the same software for Archaeology, but using it for find seams in rock.

Psychology: Nada.

Psychiatry: None.

Sports: Lots of software getting used, but little of it is open source.

Result - those who gain with the least to lose and the most to win make the change. Those who feel like there's no benefit from changing what they're doing will continue doing what they're doing. My suggestion? There are gaping holes in Open Source. Fill them in.

Just had my top two wisdom teeth out.

While talking to the Dentist, he said that from the X-rays this looked like an easy extraction, although sometimes it turns out that there is a root that is facing directly away from the X-ray that can give trouble.

Ya. Well turns out there's one other thing that can cause your dentist to pull and pull and rock and lift and pull and remark in wonder that your tooth could be failing to yield to the pressure exerted by a full-grown man with surgical instruments...

Turns out that the roots of my upper wisdom teeth, which looked so nice and conical on the X-rays, were corkscrew shaped. On one side, the corkscrew had grown around the bone, and couldn't be extracted until that small piece of bone came away...

(grossed out yet?)

On the other side, I have some kind of nerve connection between the front and back nerve in my upper jaw. As a result, the dentist had to basically freeze the entire right side of my face, with more than twice the freezing than was needed on the other side.

The good news is that I'm numb right now. The bad news is, I won't be forever. The fact that they have sent me home with 600mg ibuprofen tablets tells me that life is going to suck for a few days. Scariest of all is that I have to take the tablets with food, and food is not something that I can imagine actually ingesting in the next 2 days....

The worst part is -- the lower wisdom teeth are in much worse shape. I hope they never have to come out.

Has anyone out there seen a case where vi inserts ever more tabs into a pasted piece of code in insert mode?

The following two octal dumps were made by pasting the same copied code twice - first into a redirected cat file called shorttest1, and later into vi, saved as shorttest2

Right around line 0000060 in each file, although slashdot takes it out and moves the whole line to the left, there is a place in the pasted content where there are 8 spaces. On line 0000200, there are also 8 spaces - but in the vi file, a tab has been prepended. The next time there are 8 spaces, 2 tabs are prepended. After that, 3 tabs are prepended. And so on... Always the 8 spaces remain.

I have to assume this is a botched attempt at replacing the 8 spaces with a tab.

Anyone been here seen this and can help?

Thanks for your time.

Pixie

ps - I can't find a fixed-width font that will show the code in columnar form. Sigh. Perhaps if you paste it somewhere fixed width, it will make sense.

$ vi -h
VIM - Vi IMproved 6.3 (2004 June 7, compiled Aug 29 2007 17:32:14)

$ od -c shorttest1
0000000 f u n c t i o n w f A d d C u
0000020 s t o m V a r i a b l e ( & $ m
0000040 a g i c W o r d s ) { \n
0000060 f o r e a c h ( $ G L
0000100 O B A L S [ ' w g C u s t o m V
0000120 a r i a b l e s ' ] a s $ v
0000140 a r ) $ m a g i c W o r d s [
0000160 ] = " M A G _ $ v a r " ; \n
0000200 r e t u r n t
0000220 r u e ; \n } \n
0000240 \n f u n c t i o n w f A d d C
0000260 u s t o m V a r i a b l e I D (
0000300 & $ v a r i a b l e s ) { \n
0000320 f o r e a c h ( $
0000340 G L O B A L S [ ' w g C u s t o
0000360 m V a r i a b l e s ' ] a s
0000400 $ v a r ) $ v a r i a b l e s
0000420 [ ] = c o n s t a n t ( " M
0000440 A G _ $ v a r " ) ; \n
0000460 r e t u r n t r u e ; \n
0000500 } \n
0000512
$ od -c shorttest2
0000000 f u n c t i o n w f A d d C u
0000020 s t o m V a r i a b l e ( & $ m
0000040 a g i c W o r d s ) { \n
0000060 f o r e a c h ( $ G L
0000100 O B A L S [ ' w g C u s t o m V
0000120 a r i a b l e s ' ] a s $ v
0000140 a r ) $ m a g i c W o r d s [
0000160 ] = " M A G _ $ v a r " ; \n
0000200 \t r e t u r n
0000220 t r u e ; \n \t \t
0000240 } \n \t \t \t \n \t \t \t f u n c t
0000260 i o n w f A d d C u s t o m V
0000300 a r i a b l e I D ( & $ v a r i
0000320 a b l e s ) { \n \t \t \t
0000340 f o r e a c h ( $ G L
0000360 O B A L S [ ' w g C u s t o m V
0000400 a r i a b l e s ' ] a s $ v
0000420 a r ) $ v a r i a b l e s [ ]
0000440 = c o n s t a n t ( " M A G
0000460 _ $ v a r " ) ; \n \t \t \t \t
0000500 r e t u r n t r u
0000520 e ; \n \t \t \t \t \t
0000540 } \n \n

Holy MediaWiki crash course!

Namespaces, Categories, Templates, Subpages...

Who knew wikis could be so complicated? It wouldn't be so fricking brutal to learn either, except Amazon has backordered the MediaWiki book I bought, so I have no choice but to read (shudder) a wiki in order to learn to use the wiki...

Bleh. It's a miracle I can find anything. There are probably other useful concepts that I just haven't been lucky enough to know to search for or to stumble across in the game of link roulette that is my attempt to learn enough to properly construct a rather large interconnected page structure...

I think what I'll end up being able to do will be cool, but getting there has been a bit of an exercise in uncertainty. I'm not sure if I'll still be a wiki hater after this, but if I am, at least I'll be a qualified wiki hater...

Update: Wow, now I understand why big wiki sites are so cool while little wiki sites always suck so much... I did not understand just what you can do with this stuff.

This is an interesting (to me) piece of work that I've been asked to do. Using open-source software to analyze data from both ground-penetrating radar and magnetometers, open-source GIS software for tracking archaeological finds, open-source modeling software to produce archaeologically and technically sound reconstructions, and then use a mix of open-source virtual reality software and open-source web technology to provide both the raw and the visually interpreted data in a form that is of practical use to experts and non-experts alike.

If that sounds like a complex task, it is. The site is extremely convoluted, there is a wealth of data that is currently in a highly unusable form, and what is meaningful to an expert is not necessarily the least bit useful or usable to a non-expert (and vice versa). Currently, there is a lot of skepticism by The Powers That Be that such a project would even be possible. My first task, then, is to produce an example. My impossible mission is to convert the few scraps of information published on medieval aisled halls, along with the very limited archaeological finds from the site in question, into the dual format of raw information and virtual reality.

On the one hand, the limited information means that the first part is relatively easy. An online archaeological GIS-enabled database may not be trivial, but all the software needed can - at least - be found on Freshmeat and the amount of data entry is relatively small. The second part is tougher. Again, open-source VR software does exist, but it is one thing to enter known values that can be verified into a database, it is entirely another to derive values that are implied and logically required but for which there is no direct evidence at all.

There is a catch. Virtual reality is great for producing models you can walk through, but it's generally pretty lousy at telling you if said model violates the laws of physics. Given that I can hardly build my own medieval aisled hall, I know of no other method besides hand-cranking through the numbers for validating the predicted structure. Suggestions would be extremely welcome, as would any idea on how I could either use the open-source approach for the hall design, or how I could use something like BOINC to automate the validation of a virtual landscape.

Technically, this is fun - I'm getting to do some reasonably original work - but original work is necessarily far more demanding in terms of research and application than run-of-the-mill work. Mind you, I only have myself to blame - the archaeologists have been satisfied so far with producing a web-based diary of major finds, plus entering the data on a completely unusable regional database. Such are the hazards of pointing out that you can do better! :)

So I went to get my teeth cleaned yesterday, and I have to go back in the near future to (a) get my top wisdom teeth pulled, and (b) get something called "invisalign" which seems to be a marginally more humane version of braces.

Sigh.

The funniest part of the visit was the part where they scraped and polished and fluorided me. I had a *messy* dental assistant - and I do mean messy. There was stuff flying everywhere, all over my face, running down my neck... I swear she was having a water fight with someone in the next cubicle.... then when it got to the fluoride treatment, she put WAY too much foamy stuff into the trays, and stuffed the whole thing into my face anyways... foam erupted all over the place... and the whole time she's cheerfully regaling me with all sorts of stories in which she seems to want me to participate, despite the fact my mouth is otherwise occupied :)

She was a bit of a yard sale, but I still had fun. Which is saying a lot for a dental visit...