Microsoft Research heard about it through the grapevine and asked someone to come to my office and ask me if I would release it as open source, so I did. Maybe they didn't want to write an email to me endorsing an open source project on record? I don't know. Now this thing is everywhere: it is taught in the Stanford and Berkeley software engineering classes and the gcc people use it. See the website.

Our implementation is based on the Delta Debugging algorithm: http://www.st.cs.uni-sb.de/dd/

In the summer of 2005, I had just founded Fairpath, and I was looking for a quick demo to get into expensive VoIP industry conferences. I quickly realized that what I wanted to do--reordering menu options in voice menu, by popularity--was impossible in Asterisk. In fact, the problem was deeper than I thought. The halting problem was implicated.

I ended up creating Dido, a radically new system that makes use of declarative XML templates, interspersed with Perl code that generates more XML. The result is a programming model that mimics the way dynamic Web pages are written. I hope this homology will help more programmers begin writing IVRs.

In the meantime, my "quick demo" turned out to be innovative enough to make the main focus of Fairpath. I offer custom and turnkey IVRs using Dido.

I plan to use Dido as part of a future GUI system that lets naive users build IVRs.

Djinni is an extensible, heavily documented framework for the efficient approximation of problems generally thought to be unsolvable. It doesn't give you the optimal solution, but generally gives you very close to it, and in a very reasonable time frame.

The backend was reimplemented by Rob Johnson to do a polymorphic dataflow analysis as part of his thesis (still unpublished): http://www.cs.sunysb.edu/~rtjohnso/

Elsa is a C/C++ front end designed, maintained, and mostly implemented by Scott McPeak with some help from Daniel Wilkerson: http://www.cs.berkeley.edu/~smcpeak/elkhound/sources/elsa/

Daniel Wilkerson hooked Elsa and Cqual together to make Cqual++. It resides in a kind of super-project called Oink which is designed to allow multiple backends for Elsa to cooperate (the only example of which presently is Cqual++). For example, the dataflow analysis is pretty generic and other dataflow-based C++ analyses could be written using it and added to Oink.

    char $tainted *getenv(char const *name);
    int printf(char const $untainted *fmt, ...);
    int main(void) {
      char *s, *t;
      s = getenv("LD_LIBRARY_PATH");
      t = s;
      printf(t);
    }

    ./cc_qual -config ../qual/config/lattice taint.cc
    taint.cc:2 warning: vararg function does not have polymorphic type
    taint.cc:2 WARNING: fmt'' treated as $tainted and $untainted

    fmt'': $tainted $untainted
    taint.cc:5      $tainted <=  ( (getenv) ( ("LD_LIBRARY_PATH")))'
    taint.cc:5               <=  (s)''
    taint.cc:6               <=  (t)''
    taint.cc:7               <= fmt''
    taint.cc:2               <= $untainted

• Elsa continues to be maintained and become closer to a full C++ front-end.
• Cqual++ will be used to find bugs in lots of popular open-source programs. We will attempt to make it a standard tool in the developer world so as to raise the level of software quality (the mission of the OSQ group).
• Oink will perhaps become home to more analyses of C and C++ which can hopefully co-operate with one another. Or it may be simply merged into Elsa.

We will present OASIS, a locality-aware server-selection infrastructure. At a high level, OASIS allows a service to register a list of servers, and then, for any client IP address, answers the question, ``Which server should the client contact?'' Server selection is primarily optimized for network locality, but also incorporates factors like liveness and, optionally, load. Currently, we have implemented a DNS redirector that performs server selection upon hostname lookups, thus supporting a wide range of unmodified legacy client applications.

OASIS was developed as a general replacement for the DNS system currently employed by CoralCDN, a publicly-deployed content distribution network. Over the past 18 months, CoralCDN averaged more than 20 million requests per day from millions of unique clients.

QBE is therefore the first database/data-mining project to support nonlinear classification and ranking operations tightly coupled to the database backend (as opposed to, e.g., Microsoft's Data Mining Extensions, which sit on top of SQL Server, only support decision trees for classification, and don't support ranking at all).

At the top is Rhizome Wiki, a wiki-like content management system that let users create structured data with explicit semantics in the same way you create pages in a wiki.

Rhizome Wiki runs on top of Raccoon, a simple application server that uses an RDF model as its data store. Raccoon presents a uniform and purely semantic environment for applications. This enables the creation of applications that are easily migrated and distributed and that are resistant to change.

Raccoon uses two novel technologies to getting RDF in and out of the system: First, "shredding", which extracts RDF out of content such as HTML, wiki text, and various microcontent formats. Second, RxPath, a deterministic mapping between RDF's abstract syntax and the XPath data model which lets developers treat RDF as regular XML and allows them to use standard XML technologies such as XPath, XSLT, and Schematron to query, transform, present and validate RDF data.

We realized we couldn't always judge the safety of Web sites on our own, either. So we built an army of robot testers which click around the net looking for Web forms, downloads, exploits, pop-ups, etc. We automatically download, install and test every program in a fresh virtual machine. We submit unique e-mail addresses on forms so we can track any resulting spam. We run kernel hooks that look for new processes or executables that may indicate an exploit. A workflow system routes the test to a human operator if the bots detect an error.

The code is a mixture of Java, Python, JavaScript, Perl and C++. We use VMWare's Player application to run the virtual machines, MySQL as the data store and Apache/Tomcat/mod_python to serve it all up. And it runs on Dell servers running Centos 4.2.

2) A live interactive simulation will be performed as part of the presentation to demonstrate the inner workings of the protocol under simulated failure conditions.