Dr. Dobb's Journal April, 2005
Sun has announced its intention to release an open-source version of the Solaris 10 operating system under its Common Development and Distribution License (CDDL). While a date has not been set for the OpenSolaris release ("Expect to see buildable Solaris code...in Q2 2005," Sun declared), the company has opened the source to the performance profiling component DTrace as a gesture of goodwill (http://www.opensolaris.org/).
While Sun claims that the OpenSolaris release provides access to 1670 Sun patents, questions have been raised by open-source developers. The nonprofit Public Patent Foundation warned that "the legal nitty-gritty behind the announcement shows that Sun has retained the right to aim its entire patent portfolio at GNU/Linux or any other free and open-source operating system, except, of course, for their soon to be released version of Solaris."
A team of security researchers at RSA and Johns Hopkins University, including noted cryptographer Avi Rubin, is questioning the security of RFID systems used today in antitheft car keys and the ExxonMobil SpeedPass electronic payment program (http://www.rfidanalysis.org/DSTFAQ .htm). "Although RFID technology has venerable roots, it is one that has only recently begun to see widespread deployment," the researchers explain. "RFID is being increasingly employed for user and device authentication, areas [that] have well-established, secure techniques in the 'wired' world. But a much lower level of security is being offered initially for these purposes in the wireless world. Arguably, wireless devices ought to have higher security because they are so readily available to unauthorized parties due to their ubiquitous and highly mobile nature."
Specifically, the team tested Texas Instruments' Digital Signature Transponder, which they estimate is used in "more than 7-million cryptographically enabled keychain tags accepted at 10,000 locations worldwide." They found that the TI DSTs use an unpublished, proprietary encryption algorithm with key lengths of only 40 bits. Using commercially available FPGAs, the researchers were able to crack the encryption in under two hours.
The PHP Security Consortium (PHPSC), a group whose mission is to promote secure programming practices within the PHP community, has been officially launched. PHPSC (http://phpsec.org/) provides a variety of security resources for PHP developers, including the group's flagship project the PHP Security Guide, an online book for PHP developers that covers some of the most common security concerns.
Intel is rolling out its new virtualization technology, code named "Vanderpool," a year earlier than planned. It will be included in new desktop processors later this year. Preliminary specifications are available at http://www.intel.com/technology/computing/vptech/. The current specs address IA-32 and Itanium architectures; next year, Intel plans to incorporate Vanderpool technology into Xeon servers and mobile chips. Intel claims the new technology "will allow a platform to run multiple operating systems and applications in independent partitions..." Vanderpool will also support other Intel initiatives, such as "LaGrande," the code name for the trusted computing architecture that Intel is developing in partnership with Microsoft.
Investments in technology start-up companies are on the rise. Venture capital firms pumped nearly $21 billion into new high-tech companies in 2004, according to one estimate. The MoneyTree Survey (http://www.pwcmoneytree.com/ moneytree/index.jsp), a quarterly report on venture capital investment activity in the U.S. compiled by PricewaterhouseCoopers, Thomson Venture Economics, and the National Venture Capital Association, found that 2004 saw the first increase in technology start-up investments since 2000.
Another survey, the U.S. Venture Capital Report from Ernst & Young and VentureOne (http://www.ey.com/global/content.nsf/US/Media_-_Release_-_01-21-05DC) corroborated those results. "After three consecutive years of decline, U.S. venture-capital investment increased in 2004—with $20.4 billion invested in 2067 deals," Ernst & Young announced. "By region, the San Francisco Bay area continued to garner the most venture-capital activity in the nation, with 638 deals and $7.1 billion invested in 2004, or about 31 percent of all deals and 35 percent of the capital invested."
After countless appearances in science-fiction movies, books, and TV shows, weaponized robots are now a reality. Eighteen remote controlled, track wheeled, three-foot tall robots are to be deployed by the U.S. Army in Iraq. The SWORDS (Special Weapons Observation Reconnaissance Detection Systems) can be configured with M240, M249, or Barrett 50 caliber guns, and also come with alternate mounts for a 40-mm grenade launcher or rocket systems. According to manufacturer Foster-Miller (http://www.foster-miller.com/lemming.htm), the robots can operate day or night in sand, snow, mud, rocky ground, or underbrush at speeds of up to four miles per hour. Their lithium ion batteries are good for up to four hours. The robots are controlled through radio-frequency remote control or a fiber-optic link from a 30-pound, briefcase-sized operator control unit.
IBM, Sun, Hewlett-Packard, and Intel have joined forces to promote open-source grid development efforts by forming the Grid Consortium (http://www.globusconsortium.com/), which will define specifications for the Globus Toolkit. A major goal of the Globus Consortium is to work with industry, de- velopers, and Standards bodies to define the Grid.
The group is also committed to making the software infrastructure of the Grid available under an open-source license. As a vendor-neutral, not-for-profit organization, the Globus Consortium will act as a central clearinghouse where vendors, customers, and developers can collect, organize, and prioritize requirements to define the Globus Toolkit.
For information on the Globus Toolkit, see "Creating Java Grid Services," by Aaron E. Walsh (DDJ, September 2003).