Google Releases Chrome 24.0.1312.57

January 30, 2013

Google has released a new version, 24.0.1312.57, of its Chrome browser, for Windows, Linux, Mac OS X, and Chrome Frame.  This appears to be a bug fix release, focused on two bugs (renderer crashes and microphone problems) on the Mac OS X platform, and a renderer problem with Chrome Frame.  There do not appear to be any security fixes in this release; more details are in the Release Announcement.

Unless you are suffering from one of the bugs fixed in this release, I don’t think there is any reason for rushing to get the upgrade.  (I do think that there is a lot to be said for keeping your system’s software up to date, within reason.)  Windows and Mac users can get the new version via the built-in update mechanism; Linux users should check their distribution’s repositories for the new version.

Open-Access Mathematics Journals

January 29, 2013

I have written here a number of times before about the movement toward providing open access to scholarly research.  I’ve noted before the decisions by a number of different organization, including Princeton University, the Royal Society, the JStor research archive, and the World Bank, to provide open access to some or all of their research publications.  There have been launch announcements from some new open-access journals, notably in particle physics and in the life sciences.

Now Nature is reporting, in a recent news article, that a new series of open-access journals in mathematics is being put together.  The plan is that these journals will have a peer review process similar to traditional print journals, but will post their articles on the arXiv pre-print site, hosted by the Cornell University Library.

The initiative, called the Episciences Project, hopes to show that researchers can organize the peer review and publication of their work at minimal cost, without involving commercial publishers.

“It’s a global vision of how the research community should work: we want to offer an alternative to traditional mathematics journals,” says Jean-Pierre Demailly, a mathematician at the University of Grenoble, France, who is a leader in the effort. Backed by funding from the French government, the initiative may launch as early as April, he says.

The “epijournals” would provide Web directories to the articles approved by their review processes, along with editorial reviews, and possibly forums for comments.   Readers might have to give up something; for example, reviewed articles might not follow formatting standards to the same extent as articles in traditional journals.   On the other hand, the general availability of articles would be substantially increased.

One of the supporters of this project is the Cambridge University mathematician Timothy Gowers, a recipient of the Fields Medal (often referred to as the “Nobel Prize of mathematics”).   He has a blog post that explains the idea of these “overlay journals” in more detail.

What is an arXiv overlay journal? It is just like an electronic journal, except that instead of a website with lots of carefully formatted articles, all you get is a list of links to preprints on the arXiv. The idea is that the parts of the publication process that academics do voluntarily — editing and refereeing — are just as they are for traditional journals, and we do without the parts that cost money, such as copy-editing and typesetting.

There was a time when the typesetting and copy editing function provided real economic value (although, of course, not necessarily what the publishers were charging for it).  Today, though, better technology (think MathML or LaTeX) allows authors to prepare publishable drafts with reasonable effort.

Mr. Gowers was also a prime mover in the Elsevier boycott movement, launched early in 2012.  He’s apparently done some “sounding out” regarding the possibilities in one of his areas of interest:

Apparently, the plan is for the whole thing to start this April. Because I have known about the project for some time, I have quietly sounded out a few people in additive combinatorics, and it seems that there is enough enthusiasm that we will be able to start an epijournal broadly in that area …

I’m glad to hear of this development, and I hope that the new journals will be a success.   As I’ve said, one of the most important potential benefits of the “Internet Age” is the wider availability of knowledge, particularly to a large chunk of humanity that would otherwise, for reasons of geography, politics, or economics, never have had a chance.

Fuel Cell Development Agreement Signed

January 28, 2013

The BBC News has a report that a new agreement to develop fuel-cell technology has been reached by three major auto manufacturers: Ford, Daimler AG, and the Renault-Nissan alliance.   The aim of the joint project is to speed up the development of fuel cells as an automotive power source, and also to encourage the development of supporting infrastructure (e.g., hydrogen filling stations).

Ford, Renault-Nissan and Daimler have agreed to jointly develop a fuel cell system to try to speed up the availability of zero-emission vehicles.

The carmakers hope to launch “the world’s first affordable, mass-market fuel cell car” by 2017.

Fuel cells, which produce electricity by combining hydrogen and oxygen, are an environmentally attractive technology because their “exhaust” product is water.  To date, though, they have not seen widespread use, except in specialized applications like the space program, because the cost of manufacturing the devices is too high,  But Daimler, at least, has been interested for some time; back in 2009, I wrote about the development of prototype fuel-cell vehicles by Mercedes-Benz.  Work on the project will be carried out at several locations around the world.  The partners hope that their combined global presence will also increase the visibility and impact of the project.

The companies have issued a joint press release.

Update Monday, 28 January, 21:55 EST

Wired also has an article on this development, focused especially on the infrastructure issues involved.

Alfred Russel Wallace’s Letters Online

January 26, 2013

Back in the summer of 2011, I posted a note here about the anniversary of the first presentation of the theory of evolution by natural selection, made to the Linnean Society of London on July 1, 1858.   That initial presentation was a composite of work by Charles Darwin, author of On the Origin  of Species by Means of Natural Selection, published in 1859,  and Alfred Russel Wallace, a young English naturalist, working in Malaysia, who wrote to Darwin in June, 1858, enclosing a short paper in which he outlined essentially the same theory as Darwin’s.  Darwin consulted the geologist Charles Lyell, and the botanist Joseph Hooker; they arranged for the composite paper to be presented, along their letter explaining the circumstances of the parallel development by Darwin and Wallace.

Although Wallace was well known during his lifetime, and received the Copley Medal from the Royal Society, in 1908 his work on developing the theory was to a considerable extent forgotten following his death in 1913.

Now, according to an article at Ars Technica, the Natural History Museum in London has put together a new Web site, Wallace Letters Online, that contains a digital archive of more than 4,000 of Wallace’s letters; his correspondents include many well-known names from 19th century science:

Wallace’s correspondents read like a “Who’s Who” of 19th century science and society, Charles Darwin, Thomas Henry Huxley, Joseph Dalton Hooker and Gertrude Jekyll, to name just a few.

The site is part of a larger project at the museum, Wallace 100, marking the centenary of Wallace’s death.  The project also includes a series of events throughout the year, sponsored by the museum and partner institutions.

As both Darwin and Wallace anticipated, the theory of evolution by natural selection was quite controversial when it was proposed.  Darwin ended up primarily being associated with the theory, probably because he was more directly connected with some of the controversy, and Wallace’s contribution was neglected.  It’s good to see that his work is being recognized.

Update Sunday,  27 January, 14:30 EST

The New Scientist has an imaginary “interview” with Wallace, with the answers taken from his letters.

Google Updates Chrome to 24.0.1312.56

January 22, 2013

Google today released a new version, 24.0.1312.56, of its Chrome browser for all platforms: Windows, Linux, Mac OS X, and Chrome Frame.  This is a bug fix release, and includes fixes for three specific problems:

  • Performance of mouse Wheel scrolling
  • Visited links bug
  • Windows installation as admin

The new version also includes fixes for five identified security vulnerabilities, three of which Google rates as High severity.  More details on the changes are available in the Release Announcement.

Because of the security content of this release, I recommend that you update your systems as soon as you conveniently can.   Windows and Mac users can get the new version via the built-in update mechanism; Linux users should check their distribution’s repositories for the new version.

TSA Pulls Plug on “Porno Scanners”

January 21, 2013

I have written several times about the ongoing controversy over the US Transportation Safety Administration’s [TSA] use of full-body scanners (which the TSA calls “Advanced Imaging Technology”[AIT]) as part of its security protocol for screening air travelers.   The machines began to be introduced in the fall of 2010, and immediately created controversy.  One criticism, voiced by many security professionals, was that the effectiveness of the machines was questionable.  Another issue was the very detailed anatomical images produced by the devices, which led some privacy advocates to dub them “Porno Scanners”.  There was also a safety concern with one type of scanner, which uses backscatter X-ray technology, since it would expose the passenger to a small dose of ionizing radiation.  (A second type of scanner, which uses millimeter-wavelength radio waves, does not involve radiation exposure.)

Last summer, there were also developments in a court case, brought by a group of plaintiffs led by the Electronic Privacy Information Center [EPIC], challenging the use of the AIT devices, and asking the court to force the TSA to follow the normal review process for new government regulations.  On July 15, 2011, the US Circuit Court of Appeals for the District of Columbia had ruled that the TSA had to follow the normal procedure for issuing new regulations, as specified in the Administrative Procedures Act of 1946.  The TSA has now begun to comply with the review process, and has commissioned the National Academy of Sciences to look at the question of radiation exposure from the X-ray devices. It has also, as ordered by Congress, moved to replace the “anatomically correct” scan images with generic body images generated by software.

Now, according to an article at the Washington Post, the TSA has decided to remove 174 of the backscatter X-ray scanners from airports, because the vendor has not managed to equip them with the new generic-imaging software.

The Transportation Security Administration will remove 174 full-body scanners from airport security checkpoints, ending a $40 million contract for the machines, which caused a uproar because they revealed spectral naked forms of passengers.

TSA Administrator John S. Pistole issued the order this week after concluding that new software that made the machines less intrusive could not be developed by a June 1 deadline mandated by Congress.

The new software has apparently been successfully developed for the millimeter-wave scanners, which will continue to be used, and which will replace most of the X-ray machines that are being removed.

I have felt all along that the most disturbing part of this story was not the “porno” images, or even the safety questions, but the TSA’s apparent attitude that, because the machines were being used to “prevent terrorism”, it could just ignore inconvenient laws and regulations.  So this climb-down is a good thing, though it will doubtless be “spun” as something else.

There are also brief articles on this story at Ars Technica and Wired.

More Java-Induced Jitters

January 20, 2013

I’ve written here several times before (most recently last October) about some of the security issues with Oracle’s Java software.   Lately, Java has been in the news again, because of a new, serious security vulnerability recently discovered in the latest version of the software.

Java has proved to be, over the years, a rich source of security vulnerabilities, at least in part because it is widely installed across multiple platforms (including Windows, Mac OS X, and Linux), making it an attractive target.   Also, unlike a typical application software package, installing a new version  of the Java environment did not necessarily remove older versions that had been installed previously.  (This was done, I think, because the definition of the language was evolving, and a new version was not guaranteed to be 100% compatible with an older one.)  This meant that, although the updated software might fix security flaws, the old version, complete with flaws, was still there to be exploited.

I won’t take the time and space here to relate the history of the latest vulnerability.  (If you are interested, Brian Krebs has a good summary at his Krebs on Security blog.)  Oracle issued a Security Alert  for this problem, together with a new version of the Java Runtime Environment [JRE], version 7 update 11.  (You can download the new version, for all platforms, here.)  However, subsequent to that release, testers discovered that the new version fixed only part of the vulnerability, so that an exploit was still possible.

US-CERT has issued a Vulnerability Note (VU#625617) concerning the situation at present.  Their recommendation, which I endorse, is that users who require Java should update to version 7 update 11 immediately, and should also disable the Java browser plugin(s).   Instructions for doing this are available at the Java site.  The Vulnerability Note also contains links to more technical information.

As I wrote in last October’s post (and in another post a couple of years before that), there is a good case that the average individual user is better off without Java on his or her system.   I won’t bore you by going through all of it again.  If you do decide to install or keep Java, though, please be careful to keep it up to date.

Update Monday, 21 January, 11:13 EST

The SANS Internet Storm Center has a diary post with links to some additional technical information on the latest vulnerability.

%d bloggers like this: