Authentify|Register
is a new product that authenticates Internet users with a two-factor
technique that includes web interaction plus an automated outbound
telephone call to that user. During the call, the user must enter data
on the telephone keypad and have his or her voice data recorded.
Businesses can use this additional information to better authenticate
users and have a better audit trail.
Another Java draw/graph framework
JViews Component Suite
is made by ILOG. It has components for maps, graphs and gantt charts,
which in turn are based on their core graphics framework.
NSA's Security-Enhanced Linux
Apparently the NSA is working on Security-Enhanced Linux (SELinux). This came up in a Slashdot article about PGP working with NSA on secure linux.
"Castle", the movie
Saw Castle at Cliff's tonight. Very funny.
Microkernel OS vs. monolithic OS
Andy Tanenbaum (author of the Minix OS) and Linus Torvalds (author of Linux) had this interesting debate on comp.os.minix in Jan & Feb of 1992.
Andy had a nice definition of things:
the
whole [monolithic] operating system is a single a.out file that runs in
'kernel mode.' This binary contains the process management, memory
management, file system and the rest. Examples of such systems are
UNIX, MS-DOS, VMS, MVS, OS/360, MULTICS, and many more.In a
microkernel-based system, in which most of the OS runs as separate
processes, mostly outside the kernel. They communicate by message
passing. The kernel's job is to handle the message passing, interrupt
handling, low-level process management, and possibly the I/O. Examples
of this design are the RC4000, Amoeba, Chorus, Mach, and Windows/NT.
Minix
is micro-kernel and Linux is monolithic (at least as of 1992). It's a
very interesting discussion between two interesting guys.
Linus
brings up the issue of multithreading support in Linux vs. Minix. Andy
has a response that is funny until you realize what things were like
back in 1992:
When there is only one job active, the
normal case on a small PC, it [multithreading] buys you nothing and
adds complexity to the code.
Study: Few users reject cookies
A study by Web Side Story has found that only 7 out of 1000 Internet surfers reject or block cookies.
This
quote from Jason Catlett of the Junkbusters.com was amusing: "…
There's still the fact that when cookies are explained to [computer
users], they do not like them." I'm sure that statement is true given
the way Mr. Catlett probably explains cookies.
Browser cookies
are like sharp kitchen knives: most of the time they do a useful job,
but in the hands of the wrong person they can be use to harm others.
You may also be tempted to compare cookies to guns and the adage, "Guns
don't kill people, people kill people." But that comparison is too
extreme: improper use of guns has enormous consequence, unlike cookies.
And
the fact that this study shows only 7 out of 1000 block cookies seems
to say to me that the general public regards cookies in the same
category as knives, not guns.
Biometrics in hospitals
Another naive article about biometrics (5 Apr 2001) in hospitals to protect sensitive patient data. From MedcomSoft, a Canadian company.
How is this any better than a password? In fact, it's worse than a password for two reasons:
- If
your password is "cracked", you can change it. On the other hand, if
there's some kind of a bug in the software of the fingerprint reader
such that they can capture the digitized image of your fingerprint,
then your screwed. Hmm, actually that could work ten times. But then
what?- What about people with no fingers? What about people who loose fingers?
Sigh… Bruce Schneier has covered all this ground in his Crypto-Gram newsletter and his book, Secrets & Lies.
JHotDraw – java graphical layout engine
There was a JavaWorld article on JHotDraw in Feb 2001. Skip thought it looked interesting.
Layout Swing apps with XML
Bluestone provides XwingML free of charge.
Generating Java classes to parse XML
We want a system that will take a DTD and generate a Java class. This
class would hide all the DOM/SAX details. The user would say something
simple like getName() and you'd get the content of the
Patrick Carey pointed us to Breeze XML Studio
after the CTIA show. Proprietary, but looks pretty good. I hear it has
a nice GUI too, something that we probably would not be able to
implement here at TCS.
Sun has a proposed spec, XML Data Binding Specification (JSR 031),
also known as Adelard, that seeks accomplish the same thing. This JSR
is very early in it's life cycle. There's a good little white paper (pdf)about the general problem of data binding XML and Java.
BreezeFactor, the company that make Breeze XML Studio, has a FAQ on the relationship between their product and Adelard.