Thursday, June 22, 2000, 4:00pm - 5:30pm

Perl on the Itanium by Murray Nesbitt, ActiveState

I will briefly discuss ActiveState's experiences in getting Perl working well under Windows, Linux, and Monterey on the 64-bit Intel Itanium; from the challenge of working with beta operating systems on beta hardware, to the way in which Perl's source level abstractions make the task of porting Perl to a new architecture less daunting than you might think.

ttf2pt1: a TTF to Adobe Type 1 Font Converter by Sergey Babkin, Santa Cruz Operation

ttf2pt1 is a font converter (TTF to Adobe Type 1) that also attempts to clean the outlines from defects and automatically generate Type 1 hints (all kinds, including hint substitution). The hint generator is the most advanced I know of, at least in Open Source Software.

lodd: A Pipelining and In-Pipe Data Manipulation Tool by Joseph Pingenot, Kansas State University

lodd, or "logical dd", is a replacement for the ubiquitous dd. It will contain code to behave like dd, but extended arguments give it added functionality. It has the ability to manipulate multiple "channels", which is simply a name for the route data takes from one file descriptor to another. Its original purpose was to enable some basic pipe combination and elementary encryption ability from the command line. However, as things do, it grew beyond that. It would be a handy tool for more advanced pipelining. It will route messages from two pipes (or more) to another and the converse, as well as simple rerouting (which could be done in the shell). Full utilization of its possibilities will require more advanced shell pipelining capabilities, however. In order for lodd to be able to route between multiple pipelines, it needs also to have multiple pipelines connected to it. Naturally, it would have the ability to manipulate the "channels" in transit. The manipulations I have in mind are conversions from one system to another, as well as bit-, byte-, and block-level manipulations such as rotations, xor, and other logic functions.

vstack: Easily Catch Some Buffer Overrun Attacks by Craig Metz, University of Virginia

Buffer overrun attacks are a classic security problem that won't go away. They work by overwriting a function's return address on a program's execution stack with a new value that causes the function's "return" to jump somewhere else. Most normal C functions are called with a particular return address and expect that the return address initially on the stack is the same as the return address finally on the stack. For these functions, why not check to ensure that this is actually the case?

The vstack software keeps a parallel "virtual" stack containing copies of the saved return addresses and frame pointers. It edits the entry and exit code of normal C functions and inserts code to maintain this stack and to perform this check. If the check fails, instead of jumping through the suspicious return address, it transfers control to a fault handler. An x86 sample implementation is a few hundred lines of Perl that uses GCC to compile. It introduces a very small performance overhead, but easily catches and defeats the most common buffer overrun attacks.

kq: Kernel Queues in FreeBSD by John-Mark Gurney, FreeBSD

Kernel Queues are a stateful method of event notification. Instead of passing which events to monitor each time as done with select(2) and poll(2), the program tells the kernel of which events it wants notification. The kernel will queue the events for the program to process and can include a pointer to data specified by the program for identification. Kernel Queues currently support events for file descriptors, processes, signals, aio and vnodes. This interface will be in forthcoming FreeBSD releases after 4.0.

Autonomous Service Composition on the Web by Laurence Melloul, Stanford

The goal of our research is to build large-scale applications through Web service composition. Web services reside at service provider sites and are autonomous. Therefore, in order to compose them, client programmers need not integrate the code of the services. In fact, they can dynamically specify their composition requests as Web users currently fill in Web forms. I will talk about the advantages of autonomous service composition in general and explain why it is worth investigating on the Web.

The Hummingbird File System by Liddy Shriver, Bell Labs, Lucent Technologies

Today, caching web proxies use general purpose file systems. Server software such as Squid or Apache, when running on a UNIX system, typically use some derivative of the 4.2BSD Fast File System (FFS). FFS was designed 15 years ago for workload demands which are very different from that of a caching web proxy. Some of the differences are high temporal locality, relaxed persistence and a different read/write ratio. We have designed a file system for caching web proxies which we call Hummingbird. The design of this file system is motivated by the characteristics of web proxy workloads such as files being accessed in their entirety, small files on average, and repeatable reference locality sets. Results comparing Hummingbird to FFS, EFS, XFS, and FFS mounted asynchronously using web proxy access logs show that Hummingbird is 6-10 times faster.

The Self-Certifying File System by Kevin Fu, MIT LCS

The Self-Certifying File System separates key management from file system security. SFS file names effectively contain public keys, making them self-certifying pathnames. Applications of SFS and its read-only dialect include a secure replacement for NFS, online certification authorities, and secure software distribution. SFS works on UNIX operating systems that implement NFS3 correctly. See https://www.fs.net/ for more information. NFS Version 4 Open Systems Project Andy Adamson, CITI, University of Michigan Short presentation of features and implementation of NFS version 4 on Linux and OpenBSD.

Alfa-1: a Simulated Computer with Educational Purposes by Alejandro Troccoli and Sergio Zlotnik, University of Buenos Aires

The theoretical study of computer architecture and organization usually give the students an incomplete and sometime erroneous view of how a computer system works. The lack of practical experience can make that the underlying complexity of the subsystems and their interaction could not be completely understood. The main problems are related with the existence of several levels used when studying computer organization. The levels usually analyzed include assembly language, instruction set, microprogramming and digital logic. The introduction of higher levels (programming languages, Operating Systems) makes the task even more difficult. The tool GAD was used as a basis to develop a simulated computer, allowing to experiment with the formal approach defined by the DEVS formalism. The model's architecture is mainly based in the specification of the Integer Unit of the SPARC processor. The tool is intended to be used in undergraduate courses, and its use allowed the students to obtain a complete understanding of computer organization.

Tellme Studio by Jeff Kellem, Tellme Networks

Tellme Studio is Tellme's development environment that we just announced. It makes it easy to develop new voice applications using VoiceXML and JavaScript and requires only knowledge of VoiceXML and JavaScript--no special hardware or software is required. Tellme Studio is currently available to anyone.

Interesting Passwords Found on a Conference Wireless Network by Dug Song, CITI, University of Michigan