Google Launches Voter Info Tool

October 31, 2012

In a post on the Official Google Blog, the company has announced the availability of a new Voter Information Tool.   Obviously, its main current focus is on the upcoming US presidential election, but there is information on other countries as well.  I’ll focus on the US content, since that’s the part I know a little about.

The tool offers a Google Maps style lookup for your polling place, given your address as a registered voter.  In Virginia, where I live, this currently doesn’t produce anything useful; I suspect this is because, in Virginia, polling places are assigned by the local (county) Board of Elections, and Google hasn’t incorporated all that information.  It also shows a ballot summary of all the candidates, and their party affiliations, for the national election races (in this case, the races for President, one US Senator, and US Representative).  Once I had put in my address, it located me in the right election district without any trouble.   Helpfully, it gives the address, phone number, and Web link for the local Board of Elections, and also has links to candidates’ Web sites, and other sources of election information.

The tool, which is open-source, can be embedded on another Web site if desired; there is also a Civic Information API that can be used to develop new applications.

Mozilla Releases Thunderbird 16.0.2

October 30, 2012

Mozilla has released an updated version, 16.0.2, of its Thunderbird E-mail client for Linux, Mac OS X, and Windows.  This update fixes a bug that affected mail retrieval from IMAP accounts, as well as two security vulnerabilities (one of which is the same Critical vulnerability fixed earlier in Firefox 16.0.2).  More details are available in the Release Notes.

You can get the new version via the built-in update mechanism (Help / About Thunderbird / Check for Updates), or you can get a complete installation package from the download page.

Oak Ridge Powers Up Titan

October 29, 2012

The US Department of Energy’s Oak Ridge National Laboratory [ORNL] announced the start-up of a new supercomputer, called Titan, today.   The new machine, which is likely to displace the Sequoia computer at Lawrence Livermore National Laboratory as the world’s fastest supercomputer, has been in the works for two years.

Performance of these systems is ranked based on their speed in floating-point operations per second (FLOP/s), measured on the LINPACK benchmark, which involves the solution of a dense system of linear equations.  The Sequoia, ranked fastest in the world in June of this year, achieved over 16 petaflops (1.6 × 1016 flops); the new Titan system is rated at 27 petaflops (2.7 × 1016 flops).

The Titan system uses a hybrid architecture that includes both conventional 16-core Opteron 6274 CPUs, and NVIDIA Tesla K-20 GPUs.  It has a total of 18,688 compute nodes, each containing a GPU and a CPU, for a total of 299.008 CPU cores.  The system also has more than 700 terabytes ( 7 × 1014 bytes) of memory.  (Apparently 640KB is no longer enough for anyone.)  The hybrid architecture results in better energy efficiency; Titan gets about ten times the performance of its predecessor at ORNL, the Jaguar, at less than 30% more electricity consumption.  It is, however, rather large, requiring 4,352 square feet of floor space.

James Hack, Director of ORNL’s National Center for Computational Sciences, said “Titan will allow scientists to simulate physical systems more realistically and in far greater detail. The improvements in simulation fidelity will accelerate progress in a wide range of research areas such as alternative energy and energy efficiency, the identification and development of novel and useful materials and the opportunity for more advanced climate projections.”

The ORNL press release is here.

Internet Archive Celebrates 10 Petabytes

October 28, 2012

The Internet Archive, a non-profit organization dedicated to creating a digital archive and library of Internet content, has just celebrated its collection reaching 10 petabytes (10,000,000,000,000,000, or 1.0×1016 bytes).   The collection contains approximately 150 billion historical Web pages, as well as texts, images, audio, and video.  The Internet Archive provides the Wayback Machine to allow retrieval of archived pages, as well as more general search tools.

The Internet Archive also announced the availability, for research purposes, of 80-terabytes (8.0×1013 bytes) of archived Web crawl data from 2011.  The data set characteristics are:

  • Crawl start date: 09 March, 2011
  • Crawl end date: 23 December, 2011
  • Number of captures: 2,713,676,341
  • Number of unique URLs: 2,273,840,159
  • Number of hosts: 29,032,069

Interested researchers can get in touch with the Archive to arrange access.

If you would like access to this set of crawl data, please contact us at info at archive dot org and let us know who you are and what you’re hoping to do with it.  We may not be able to say “yes” to all requests, since we’re just figuring out whether this is a good idea, but everyone will be considered.

The San Francisco Chronicle recently had a front-page profile of the Internet Archive and its founder, Brewster Kahle.

Mozilla Updates Firefox to 16.0.2

October 28, 2012

Mozilla has released a new version of its Firefox browser, 16.0.2., for Windows, Linux, and Mac OS X.  This update fixes a single security vulnerability with Location objects, which  Mozilla rates as Critical.   The Release Notes have been updated to reflect this change.

You can get a copy of the new version via the built-in update mechanism (Help / About Firefox / Check for Updates), or you can get an installation package from the downloads page.

Raspberry Pi Gets More Open Code

October 24, 2012

Today, in a post on its Web site, the Raspberry Pi Foundation announced that the source code for the video drivers used in its $35 single-board Linux computer would be available under an open-source license.

As of right now, all of the VideoCore driver code which runs on the ARM is available under a FOSS license (3-Clause BSD to be precise).

According to Alex Bradbury, author of the post and lead Linux developer at the Foundation, all the software running on the Pi’s ARM processor is now open source.  (The post has a link to the source repository.)

This development will please advocates of free and open-source software.  It should also make it easier for developers to make use of the graphics acceleration capability that is part of the Pi, including those who are porting various OS environments to the device.

We’ve been excitedly following the progress of FreeBSD, NetBSD, Plan9, RISC OS, Haiku and others. All these projects could now potentially port these libraries and make use of the full hardware accelerated graphics facilities of the Raspberry Pi.

I have seen some grousing that some of the code that runs on the graphics chip itself has not been open-sourced.  I don’t know enough about the hardware to evaluate this claim, but it seems to me that half a loaf is preferable to none, especially since the original goal of the Raspberry Pi project was largely educational.  In any case, Broadcom, the chip vendor, has taken a significant step in the direction of openness, and deserves credit for that.

Ars Technica also has an article on this announcement.

Java Survey Results

October 24, 2012

Last Friday, I posted a note here about an article and informal survey at Ars Technica, on whether keeping Java on the desktop was a significant security risk; and, if so, whether the risk was worth running.  Ars has posted a follow-up article, summarizing the results of their survey.  The results are interesting, although likely to disappoint anyone expecting a clear-cut, black and white sort of answer.

There seems to be a consensus of sorts that the most risky part of the Java system is the browser plug-in.  Those respondents who had security concerns often focused on mitigating that aspect of risk,

Some users have disabled or uninstalled Java entirely. But the most common solution for those worried about security risks is to leave the Java Runtime Environment in place on the desktop while disabling the browser plugins that allow Java applets to run on websites. Those plugins are often vulnerable to attacks involving remote code execution.

This approach, which I mentioned in an earlier post on getting rid of Java, probably removes the most serious threat, while leaving the Java Runtime Environment available to support features of packages like the open-source office suite, Libre Office (the successor to Open Office).   Libre Office can still be installed without Java, but some features will not be available.

Not surprisingly, the responses also indicated that Java still enjoys substantial popularity among developers; one respondent wrote:

I use Java heavily at work because it has the killer combination of: being good enough as a programming language; being cross-platform; having a great set of libraries; running fast.

Java is also used extensively in enterprise environments.

Java has lots of real-world use cases, enough that uninstalling or disabling the platform isn’t realistic for many users. Numerous people report keeping Java enabled in browsers because of banking, government, work, and school-related websites.

For both the developers and enterprise users, a common theme seems to be that Java, while not being perfect for any particular application, offers a practical approach for many things.  That it is available and gives decent performance across a variety of platforms is an obvious selling point.   Beyond that, it is a reasonably structured language, and much better for sizable projects than a scripting language like Perl.

For the average individual user, I’d recommend the following approach:

  1. Look through the list of software and Web sites that you use regularly, and see if any of them require Java.
  2. If none does, then removing Java will reduce your risk at minimal cost.  (You can always re-install it if your situation changes, of course.)
  3. If you have application software, like Libre Office or Minecraft, that requires Java, you can leave the Java environment installed, but remove or disable the browser plugin.
  4. If you regularly use Web sites that require Java, you can leave the plugin enabled, or disable it, re-enabliing it when you need the Java-dependent site, depending on how frequently that occurs.

As always in security, there are trade-offs, but I hope that making this sort of information available will help people in making choices.

%d bloggers like this: