If you pay with “Chip and PIN” in the UK you might be interested in the fact that Steven Murdoch published a successful attack that breaks the security scheme of “Chip and PIN”.

Prof. Ross Anderson’s response to the UK Cards Association’s request to a takedown request of the academic paper describing the attack explains the basics of responsible disclosure and academic freedom.

I was fascinated by J Strother Moore’s presentation at the International Lisp Conference 2005. Especially because he gave a live demo of the ACL2 program verifier. It was used to verify the AMD Athlon floating point unit before it went into production:

The ACL2 proofs uncovered bugs that had remained hidden through hundreds of millions of test cases in RTL simulators. The bugs were fixed and the new RTL verified before the Athlon was fabricated. This work was done primarily by David Russinoff and Art Flatau, of AMD.

The Croquet Project is a novel approach on how to do distributed programming and the first implementation of David P. Reed’s thesis NAMING AND SYNCHRONIZATION IN A DECENTRALIZED COMPUTER SYSTEM from 1978. Object state is versioned and you always reference a named version of an object. A named version of an object is immutable. Lots of good stuff in the original thesis.

Croquet’s time-based synchronization capabilities enable real-time, identical interactions between groups of users while dramatically reducing the need for server infrastructures to support virtual world deployment. Croquet’s architecture makes it easy to develop deeply collaborative applications without having to spend a lot of effort and expertise in understanding how replicated applications work.

TeaTime is a scalable real-time multi-user architecture that is the basis for Croquet’s object-object communication and synchronization. It is designed to support multi-user applications that can be scaled to massive numbers of concurrently interacting users in a shared virtual space. The most directly visible part of this architecture is the TObject class which is used to define and construct subclassed Tea objects. All of the interesting objects inside of Croquet are constructed from subclasses of TObject.

A Tea object acts with the property that messages sent to it are redirected to replicated copies of itself on other users’ participating machines in a peer-to-peer network. This messaging protocol supports a coordinated distributed two-phase commit that is used to control the progression of computations at participating user sites. In this way messages may be dynamically redirected to large numbers of users while maintaining the appropriate deadline-based scheduling. Thus, TeaTime is designed to allow for a great deal of adaptability and resilience and works on a heterogeneous set of resources. It is a framework of abstraction that works over a range of implementations and that can be evolved and tuned over time, both within an application and across applications.

Croquet was succeeded by Open Cobalt which was used to create the conferencing platform Teleplace. By now Teleplace is probably one of the largest Smalltalk installations ever.


Found an interesting paper about doing cloud computing without an OS in between the virtual machine and the app.

The wide availability of cloud computing offers an unprecedented opportunity to rethink how we construct applications. The cloud is currently mostly used to package up existing software stacks and operating systems (e.g. LAMP) for scaling out websites. We instead view the cloud as a stable hardware platform, and present a programming framework which permits applications to be constructed to run directly on top of it without intervening software layers. Our prototype (dubbed Mirage) is unashamedly academic; it extends the Objective Caml language with storage extensions and a custom run-time to emit binaries that execute as a guest operating system under Xen. Mirage applications exhibit significant performance speedups for I/O and memory handling versus the same code running under Linux/Xen. Our results can be generalised to offer insight into improving more commonly used languages such as PHP, Python and Ruby, and we discuss lessons learnt and future directions.

Portions of the code are available on github.