Slashdot Mirror

This is speculation, but I bet this is some variant on the Cottonmouth model bug we saw a couple of weeks ago. How many people - even organizations like the Chinese military - are going to disassemble their USB cables and ports? If you're going to go to that far, you might as well build the device yourself out of off the shelf parts.

The ability for pretty much anybody to learn Excel, to interface it with a database (with, admittedly, a little help from their local friendly IT guy), to build An entire damned RPG inside a spreadsheet is a pretty good case for defining the most popular, user extensible, spreadsheeting application on the market as Microsoft's Excel. There are a number of reasons Microsoft is big in corporate - Excel is right up there with Active Directory and the OS GUI.

If you're going to directly copy and paste the words from an Ars Technica article (http://arstechnica.com/science/2014/01/as-part-of-budget-deal-congress-blacks-light-bulb-efficiency-standards), at least have the decency to credit it.

I can't say it enough.

Line sharing, line sharing, line sharing.

From a 2009 Ars Technica article:

"...mandating "open access" to broadband networks works really, really well as a way to boost speeds and lower costs."

Link

If ISPs want to experiment with data-caps and pay-to-play systems, let them. If there's 10 ISPs in town they can all offer different packages. Competition and market-forces will do the rest.

Actually, many digital cameras will pick up infra-red.

A much more interesting use of the IR capability of a camera is to test the output of your green laser pointers. Green is produced by using a high power IR laser and frequency doubling it into green. The process is not 100% efficient, and if the company saves money by leaving out an IR filter you get a laser pointer that is dangerous in the IR yet invisibly so (except for the green part).

Here is a summary; This has a more complete diagram of the testing setup.

If you read the plaintiff's pleading before the court (quoted here):

The decision below has far-reaching adverse consequences for the broadcast television industry, making the need for this Court’s review urgent and acute. The decision already is having a transformative effect on the industry. Industry participants will not and cannot afford to wait for something of this magnitude to percolate before responding to new business realities. And once Aereo’s technology is entrenched and the industry has restructured itself in response, a ruling by this Court in Petitioners’ favor will come too late. The disruption threatened by Aereo will produce changes that will be difficult, if not impossible, to reverse.

They are explicitly saying "our business is changing and we want the courts to stop things because creative destruction is unfair." They are not even pretending that they are trying to do something in the public's interest; they are nakedly asking the court to save the entrenched interest. Pathetic assholes.

http://arstechnica.com/information-technology/2014/01/red-hat-and-centos-become-voltron-build-free-operating-system-together/ sayus it will be a Voltron together! :P

- 3D chips are decades old and have never materialized.

24-layer flash chips are currently produced by Samsung. IBM works on 3D chip cooling. Just because it "never materialized" before, doesn't mean it won't happen now.

- Memristors do not enable any new approach to computing, as there are neither many problems that would benefit form this approach, nor tools. The whole idea is nonsense at this time. Maybe they will have some future as storage, but not anytime soon.

Memristors are great for neural network (NN) modelling. MoNETA is one of the first big neural modelling projects to use memristors for that. I do not consider NNs a magic solution to everything, but you must admit they have plenty of applications in computation-expensive tasks.

And while HP reconsidered its previous plans to offer memristor-based memory by 2014, they still want to ship it by 2018.

- Photonics is a dead-end. Copper is far too good and far too cheap in comparison.

Maybe fully photonic-based CPUs are way off, but at least for specialized use there are already photonic integrated circuits with hundreds of functions on a chip.

- Spintronics is old and has no real potential for ever working at this time.

MRAM uses electron spin to store data and is coming to market. Application of spintronics for general computing may be a bit further off in the future, but "no potential" is an overstatement.

- Quantum computing is basically a scam perpetrated by some part of the academic community to get funding. It is not even clear whether it is possible for any meaningful size of problem.

NASA, Google and NSA, among others, think otherwise.

So, no. There really is nothing here.

I respectfully disagree. We definitely have something.

This is as noted above is for embedded used. They also debuted a very small desk top:

"Smallness uber alles: Intel's tiny, Haswell-based NUC desktop reviewed: Diminutive desktop is a workstation, game console, and HTPC all rolled into one." by Andrew Cunningham on Jan 6 2014 at http://arstechnica.com/gadgets/2014/01/smallness-uber-alles-intels-tiny-haswell-based-nuc-desktop-reviewed/.

The dimensions of the case are:
4.6 in. x 4.4 in. x 1.4 in.

"it launched last year as its attempt to muscle in on that other flavour-of-the-month market: the so-called Internet of Things."

I had to specifically point out to the Wired.com journalist writing about my "Right To Serve" issue that he was putting the phrase "Internet of Things" into my mouth in his first draft article. The "Internet of Things" from what I can tell is the establishment dipping its toes into the wonderous waters of IPv6, but finding a way to do it without allowing the residential user to _profit in any way_ from their "internet of things". Because all profit shall be reserved for the establishment. Or so goes the party line.

http://www.wired.com/threatlevel/2013/07/google-neutrality/
http://cloudsession.com/dawg/downloads/misc/kag-draft-2k121024.pdf
http://arstechnica.com/information-technology/2013/07/google-we-can-ban-servers-on-fiber-without-violating-net-neutrality/
https://www.eff.org/deeplinks/2013/08/google-fiber-continues-awful-isp-tradition-banning-servers
http://crossies.com/pissed.html
http://arstechnica.com/information-technology/2013/10/google-fiber-now-explicitly-permits-home-servers/
http://www.mcclatchydc.com/2013/08/01/198327/googles-call-for-open-internet.html

"it launched last year as its attempt to muscle in on that other flavour-of-the-month market: the so-called Internet of Things."

I had to specifically point out to the Wired.com journalist writing about my "Right To Serve" issue that he was putting the phrase "Internet of Things" into my mouth in his first draft article. The "Internet of Things" from what I can tell is the establishment dipping its toes into the wonderous waters of IPv6, but finding a way to do it without allowing the residential user to _profit in any way_ from their "internet of things". Because all profit shall be reserved for the establishment. Or so goes the party line.

http://www.wired.com/threatlevel/2013/07/google-neutrality/
http://cloudsession.com/dawg/downloads/misc/kag-draft-2k121024.pdf
http://arstechnica.com/information-technology/2013/07/google-we-can-ban-servers-on-fiber-without-violating-net-neutrality/
https://www.eff.org/deeplinks/2013/08/google-fiber-continues-awful-isp-tradition-banning-servers
http://crossies.com/pissed.html
http://arstechnica.com/information-technology/2013/10/google-fiber-now-explicitly-permits-home-servers/
http://www.mcclatchydc.com/2013/08/01/198327/googles-call-for-open-internet.html

http://arstechnica.com/gadgets/2013/10/googles-iron-grip-on-android-controlling-open-source-by-any-means-necessary/

http://arstechnica.com/gadgets/2013/10/googles-iron-grip-on-android-controlling-open-source-by-any-means-necessary/

3-D printing is now being used to make a modern version of the F1 rocket engines used in the Saturn V moon rocket.

http://arstechnica.com/science/2013/08/dynetics-reporting-outstanding-progress-on-f-1b-rocket-engine/

http://arstechnica.com/science/2013/08/nasa-test-fires-3d-printed-rocket-parts-low-cost-high-power-innovation/

3-D printing is now being used to make a modern version of the F1 rocket engines used in the Saturn V moon rocket.

http://arstechnica.com/science/2013/08/dynetics-reporting-outstanding-progress-on-f-1b-rocket-engine/

http://arstechnica.com/science/2013/08/nasa-test-fires-3d-printed-rocket-parts-low-cost-high-power-innovation/

http://arstechnica.com/science/2014/01/active-ingredient-in-pot-sets-off-a-feedback-that-reduces-intoxication/

If anyone is interested in the common carrier argument, I urge them to read the following as it relates to being able to treat your residential ISP as a 'common carrier' (so that for instance one could host their own server running an open source or commercial solution that provides an alternate to facebook messaging).

http://cloudsession.com/dawg/downloads/misc/kag-draft-2k121024.pdf
http://arstechnica.com/information-technology/2013/07/google-we-can-ban-servers-on-fiber-without-violating-net-neutrality/
https://www.eff.org/deeplinks/2013/08/google-fiber-continues-awful-isp-tradition-banning-servers
http://crossies.com/pissed.html
http://arstechnica.com/information-technology/2013/10/google-fiber-now-explicitly-permits-home-servers/
http://www.mcclatchydc.com/2013/08/01/198327/googles-call-for-open-internet.html

If anyone is interested in the common carrier argument, I urge them to read the following as it relates to being able to treat your residential ISP as a 'common carrier' (so that for instance one could host their own server running an open source or commercial solution that provides an alternate to facebook messaging).

http://cloudsession.com/dawg/downloads/misc/kag-draft-2k121024.pdf
http://arstechnica.com/information-technology/2013/07/google-we-can-ban-servers-on-fiber-without-violating-net-neutrality/
https://www.eff.org/deeplinks/2013/08/google-fiber-continues-awful-isp-tradition-banning-servers
http://crossies.com/pissed.html
http://arstechnica.com/information-technology/2013/10/google-fiber-now-explicitly-permits-home-servers/
http://www.mcclatchydc.com/2013/08/01/198327/googles-call-for-open-internet.html

http://arstechnica.com/information-technology/2014/01/windows-8-x-breaks-10-percent-internet-explorer-11-makes-a-splash/

That "stolen credentials" story seems to be widely circulated but not much anchored in evidence. In fact, probably was originated from some NSA insider to discredit Snowden. A more detailed report to what happened comes from an article from Ars Technica. A very good read, by the way:

The National Security Agency’s oversharing problem
http://arstechnica.com/information-technology/2013/12/the-national-security-agencys-oversharing-problem/

The silver lining seems to be that there's evidence no one has ever actually used Dual EC_DRBG in release versions of the OpenSSL module (though that in turn raises the question of why RSA's BSAFE crypto tool used the RNG by default). ...

The takeaway from Thursday's advisory is that Dual EC_DRBG has been formally banished from yet another widely used crypto platform (with RSA's BSAFE being the other one). Before bidding a formal farewell to the algorithm, it's worth mentioning that Dual EC_DRBG was suspiciously absent from Wednesday's report issued by President Obama's advisory panel on NSA surveillance. We would have expected to see at least passing mention of it in Appendix E of the full report, the section that disclosed the US government's role in forging encryption standards. Alas, there's none.

http://arstechnica.com/security/2013/12/nsas-broken-dual_ec-random-number-generator-has-a-fatal-bug-in-openssl/

These freetards are not going to the theaters or buying DVDs or whatever, and therefore it is not a lost sale.

Actually, there is evidence that people that share files buy more than the average public.

Please look at the scum who cut off children's heads in CAR to understand what real tyranny is.

Yea, good thing we don't have reactionaries calling for someone to be hanged without due process like this guy (Former CIA director James Woolsey) or this guy (Former U.S. ambassador to the United Nations John Bolton). (Yes, they're former ... do you really think their replacements are any better? That's what's really painful

Of course we have a problem with Canada. China's been using them as a backdoor into US military secrets for years.

I don't know why they bother with the back door when they just walk right in the front: G.E. to Share Jet Technology With China in New Joint Venture. Nor does it matter that it's supposedly for civilian applications - if ever there was a dual use technology it's jet engines. There's a reason why the three major Western jet engine companies (GE, Pratt-Whitney and Rolls-Royce) make both civilian and military engines. Also, all three of those companies have been in the business since the end of WWII, which shows what a barrier to entry there is in this field. It's also no secret that China's biggest stumbling block to making "all Chinese" high performance military aircraft is the engines.

Of course we have a problem with Canada. China's been using them as a backdoor into US military secrets for years.

This particular judge disallowed Samsung from showing the jury its prior art (phones that it had in the design pipeline before the iPhone was announced) because the Samsung lawyers missed a filing deadline. She let the letter of the law (a filing deadline) override the intent of the law (to get to the truth of the matter).

So you advocate letting Samsung drag out the whole affair by simply claiming to need a few more months to put together evidence they had from day one? Yeah, figures.

Replying to self: broken link == missing link:

Ars Technica climate model coverage

As for concrete examples of how information can be abused, consider the Cannibal Cop. No, he wasn't from the NSA, but he did use a much less extensive Federal database to stalk women he planned to kill and eat (imagine what he could have done with NSA access). Being killed and eaten is an objectively negative consequence, as is being staked for such a dinner date. Secondly, his interest in killing and eating these women had nothing to do with how innocent they were of anything.

http://www.cnn.com/2013/03/12/justice/new-york-cannibal-cop/

Back to the NSA, we do know that people stalked love interests. Certainly much worse than that has happened, but anyone who thinks the NSA is going to reveal that information is nuts. Considering the breadth and scope of the NSA's illegal activities, the chances that innocent people have been harmed is staggeringly large.

http://arstechnica.com/tech-policy/2013/09/loveint-on-his-first-day-of-work-nsa-employee-spied-on-ex-girlfriend/

The US gov wants to keep it all for a legal, court usable replay over your lifetime.
Every call, email contact, a book buying list, travel arrangement, banking detail, friends, friends of friends, family, credit card use...
So if you become political, take up some issue in your State or federally, protest "the" next war, write to the press, write to political leaders, use your income for political issues, support charity events, support faith based groups - you end up on lists.
http://www.slate.com/articles/news_and_politics/frame_game/2013/06/surveillance_lockbox_why_can_the_nsa_search_your_phone_records_without_a.html
http://thelead.blogs.cnn.com/2013/06/18/nsa-whistleblowers-obama-administration-misleading-on-surveillance-programs/
From testimony to the Senate Judiciary Committee on March 30, 2011:
...."gotten together with the DOD where we've put together this technology database where I can go in, and I can, with one query, I can get all past and all future e-mails from a person,"
Parallel construction: https://www.eff.org/deeplinks/2013/08/dea-and-nsa-team-intelligence-laundering
The tracking seems to be keyword and new contacts to know people, organizations, voice prints, call data, email, postage use, internet logging.... been seen at a protest or been linked to one.
With 2 -3 hops from any person been considered - the numbers of people been looked from one individuals positive identification: 1 person to 10-100 friends/contacts and all their 100's of friends/contacts and beyond with any their issues been linked back down that one person...
http://arstechnica.com/information-technology/2013/07/you-may-already-be-a-winner-in-nsas-three-degrees-surveillance-sweepstakes/

The insecurity is on the side of the NSA.
They wouldn't go through such hoops if we didn't have the most powerful freedom tool ever, namely the Internet.

Use it properly and they shall vanish.

You are right. But the problem is that the ISPs will not allow you to use the internet properly (e.g. hosting your own data on your own server at home, thus giving it the strongest possible U.S. 4th ammendment 'papers' protection.

http://cloudsession.com/dawg/downloads/misc/kag-draft-2k121024.pdf
http://arstechnica.com/information-technology/2013/07/google-we-can-ban-servers-on-fiber-without-violating-net-neutrality/
https://www.eff.org/deeplinks/2013/08/google-fiber-continues-awful-isp-tradition-banning-servers
http://crossies.com/pissed.html
http://arstechnica.com/information-technology/2013/10/google-fiber-now-explicitly-permits-home-servers/
http://www.mcclatchydc.com/2013/08/01/198327/googles-call-for-open-internet.html

The insecurity is on the side of the NSA.
They wouldn't go through such hoops if we didn't have the most powerful freedom tool ever, namely the Internet.

Use it properly and they shall vanish.

You are right. But the problem is that the ISPs will not allow you to use the internet properly (e.g. hosting your own data on your own server at home, thus giving it the strongest possible U.S. 4th ammendment 'papers' protection.

http://cloudsession.com/dawg/downloads/misc/kag-draft-2k121024.pdf
http://arstechnica.com/information-technology/2013/07/google-we-can-ban-servers-on-fiber-without-violating-net-neutrality/
https://www.eff.org/deeplinks/2013/08/google-fiber-continues-awful-isp-tradition-banning-servers
http://crossies.com/pissed.html
http://arstechnica.com/information-technology/2013/10/google-fiber-now-explicitly-permits-home-servers/
http://www.mcclatchydc.com/2013/08/01/198327/googles-call-for-open-internet.html

Obviously, if you don't want the NSA to read your data, make sure they can't read them. Make sure your data is not stored outside your control by someone who could at least in theory read it (like Lavabit). Make sure the data is not stored in the USA at all if you can avoid it.

Unfortunately there are large hypocritical corporations as well as governments colluding to prevent people from being more in control of their data by hosting it on residential servers.

http://arstechnica.com/information-technology/2013/07/google-we-can-ban-servers-on-fiber-without-violating-net-neutrality/

I would tend to view this as a shot across the bow to MS. They have messed with everyone and everything for years now and finally the market has broken there utter stranglehold. That being said is anything, including MS's Win8 clusterfuck, being done the best way? Hell no.

And that is for a number of reasons which tend to be interwoven. There was a good article at Ars, kinda pro-MS (especially at the end), about how MS was able to win the OS war vs IBM. And to me the message was more about IBM's failures than MS's triumphs, it illustrated how such things can go down.

Getting to the technical aspect of this I am waiting for the market/fever/whatever to break about trying to force mobile UI's onto the desktop. Yes the desktop market is diminishing but there is more to it than just the rise of mobile devices. Desktop systems have been quite powerful enough for years now to web/email/office/and other nominal things. The market is just going to react to THAT as well as the rise of the mobile devices.

Trying to force mobile alone onto desktops is just foolish. No matter how glitzy it is made to look in the movies. I've yet to see any of those movie/TV "OSs" that would last to 5 minuets of real use beyond the flashes of whatever super specialized task they are meant to represent doing.

This particular judge disallowed Samsung from showing the jury its prior art (phones that it had in the design pipeline before the iPhone was announced) because the Samsung lawyers missed a filing deadline. She let the letter of the law (a filing deadline) override the intent of the law (to get to the truth of the matter).

A deadline that Samsung knew about 6 months in advance, with designs that, as you note, Samsung knew about for years. It's not like they suddenly found these designs - they sat on them in secret and did not put them in their evidence lists, so that Apple and it's expert witnesses couldn't prepare. Contrary to Hollywood's presentation of the legal system, you don't actually get to call in surprise witnesses or bring up new evidence on the eve of trial. And preventing wins through trickery and last-minute maneuvers is both the letter and the intent of the law.

http://www.tomshardware.com/news/Android-Rooted-best-apps-superuser,18313.html
Users who have rooted are comparatively very less, so it's an uphill battle if you're trying to make money from your apps that need root.

http://arstechnica.com/gadgets/2013/10/googles-iron-grip-on-android-controlling-open-source-by-any-means-necessary/

Archive.org: MAME 0.151 ROMs (November 2013) 42.8GB zip/torrent

#

that's the jingle bell
that's the jingle bell
that's the jingle bell rock!

https://archive.org/details/MAME_0.151_ROMs
https://archive.org/download/MAME_0.151_ROMs/MAME_0.151_ROMs.zip

MAME 0.151 ROMs (November 2013)

MAME (an acronym of Multiple Arcade Machine Emulator) is an emulator application designed to recreate the hardware of arcade game systems in software on modern personal computers and other platforms. The intention is to preserve gaming history by preventing vintage games from being lost or forgotten. The aim of MAME is to be a reference to the inner workings of the emulated arcade machines; the ability to actually play the games is considered "a nice side effect".

This item is part of the collection: MESS and MAME
https://archive.org/details/messmame

Identifier: MAME_0.151_ROMs
Date: 2013-11
Mediatype: software
Year: 2013
Publicdate: 2013-11-23 12:59:45
Addeddate: 2013-11-23 12:59:45
Language: English

#

Internet Archive releases hundreds of classic game console ROMs

http://arstechnica.com/gaming/2013/12/internet-archive-releases-hundreds-of-classic-game-console-roms/

Archive.org: MAME 0.151 ROMs (November 2013) 42.8GB zip/torrent

#

that's the jingle bell
that's the jingle bell
that's the jingle bell rock!

https://archive.org/details/MAME_0.151_ROMs
https://archive.org/download/MAME_0.151_ROMs/MAME_0.151_ROMs.zip

MAME 0.151 ROMs (November 2013)

MAME (an acronym of Multiple Arcade Machine Emulator) is an emulator application designed to recreate the hardware of arcade game systems in software on modern personal computers and other platforms. The intention is to preserve gaming history by preventing vintage games from being lost or forgotten. The aim of MAME is to be a reference to the inner workings of the emulated arcade machines; the ability to actually play the games is considered "a nice side effect".

This item is part of the collection: MESS and MAME
https://archive.org/details/messmame

Identifier: MAME_0.151_ROMs
Date: 2013-11
Mediatype: software
Year: 2013
Publicdate: 2013-11-23 12:59:45
Addeddate: 2013-11-23 12:59:45
Language: English

#

Internet Archive releases hundreds of classic game console ROMs

http://arstechnica.com/gaming/2013/12/internet-archive-releases-hundreds-of-classic-game-console-roms/

This particular judge disallowed Samsung from showing the jury its prior art (phones that it had in the design pipeline before the iPhone was announced) because the Samsung lawyers missed a filing deadline. She let the letter of the law (a filing deadline) override the intent of the law (to get to the truth of the matter).

Apple's tablet infringement claims were thrown out because of the copious amounts of prior art which the jury saw. The $1 billion judgement likely would've been thrown out too if they'd seen Samsung was working on iPhone-like designs before anyone outside Apple even knew what an iPhone was. In this particular case, the prejudice is in the jury, not the general public which got to see the documents the judge disallowed because of a technicality.

The GCHQ found time for Slashdot http://arstechnica.com/tech-policy/2013/11/uk-spies-continue-quantum-insert-attack-via-linkedin-slashdot-pages/

As Ars explained, "RSA's defense seems to be that officials didn't know the NSA-influenced deterministic random bit generator had weaknesses that could be exploited to crack adversaries' cryptographic keys."

Whether bribery was involved or not, RSA used an algorithm without validating the math.

[...] a coincidence that this happened just before XP is retired.

Yes and No.

The protocol and server source code is open. I hear Google's partnering with them too.

I'm not quite sure that's a bullet point, especially if they're doing sentence 2 to stop sentence 1.

They're just claiming again that they assumed the NSA were good people.

This all happened in 2006. RSA adopted DUAL_EC. RSA was sold to EMC. NIST released the standard. Microsoft researchers showed the flaws in DUAL_EC. The flaws in DUAL_EC have been known since 2006, the only thing we didn't know was that they were deliberate.

Also it's interesting to note that an anonymous organization paid for the same DUAL_EC algorithm to be added to Open SSL. With Open SSL at least they didn't make it the default but it's not far off from what RSA did.
http://arstechnica.com/security/2013/12/nsas-broken-dual_ec-random-number-generator-has-a-fatal-bug-in-openssl/

and our enemies don't trust them either:

http://arstechnica.com/business/2013/11/cisco-attributes-part-of-lowered-earnings-to-chinas-anger-towards-nsa/

Do yourself a favor and get yourself a PC white box and start routing with a LINUX source code stack.

At least then you can pick the hardware you want to trust and you can have a choice as to how far you want your security to go into the software stack audit.

But all of this is pointless.

As I pointed out before, it is IMPOSSIBLE to build a secure system anywhere NATO or its allies are operating.

Any claim of data protection by any company in this domain is FALSE.

We now know if you refuse to turn over any encryption information or fail to give your customers or your private data to the NSA you will get butt f*cked in prison.

So it is pointless to even consider TRYING to build a secure system, it cannot be done as a goal or even as a business benefit towards your customers.

My personal opinion as I have watched my friends and other companies literally go to jail or go under due to NSA activities is this: It has nothing to do with security, it has everything to do with funding NSA mischief.

That means industrial and financial espionage operations to insure information is known ahead of the game in the financial markets.

So the entire issue is that we are dealing with just common criminals and thungs.

The NSA is not even particularly smart, but they ar elike a large gang of wolves cornering the beast we call freedom and liberty and they are going to take it down.

-Hack

As far as I'm concerned, a hardware router...

There is no such thing. A device that moves data from one location to another, using some policies to examine and transform it, is not just a "hardware" device. It's also software. And if it interfaces with software, then it can be compromised. Or haven't you noticed the news about D-Link routers? A lot of these routers have 2MB or less of flash, which makes it difficult to find a useful exploit, but "difficult" doesn't mean "impossible."

It's pretty unlikely that anyone will come up with a useful attack on a device that's just doing port blocking, NAT, and basic routing. At worst, somebody might DOS it or turn it into a well-connected zombie to aid in DDOSing somebody's server, but neither of those is compromising your data.

With just a little paranoia, I can imagine someone finding a way to get those routers to copy your traffic, or at least the headers, to some hostile entity. It doesn't take full knowledge of your traffic to destroy your privacy.

A router is a type of computer. It's subject to all the same concerns about trustworthiness as any debate about proprietary and free software.

There really isn't any way of knowing. The possibility of a weakness with the elliptic curve cryptography is only suspected, suggested, not proven.

Wrong.

Weaknesses have already been academically shown. Both the fact that it's remarkably slow (for the quality of the produced pseudorandom bitstream) and the fact that it displays backdoor-like properties has been shown elsewhere. Contrast that with DES which, although there were suspicions that the design of its S-boxes might have had ulterior motives (which, again, is a FAIR assumption whenever the design guidelines of cryptographic primitives is not transparent), has never been actually proven to actually contain backdoor-like properties (unlike Dual_EC_DRBG).

And, well... I'm not even taking into account the Snowden leaks that strongly suggest that NSA has been subverting standards and coercing companies to weaken their cryptographic algorithms (like this one by Reuters).

Good 'ol Bruce has said that there is nothing in the Snowden leaks to prove that the actual crypto algorithms have been weakened. As far as anyone knows all that NSA has done is try to spread the use of it, which may be because they think that it is better.

[citation needed] on that one. Besides, "good ol' Bruce" has been, from the start, one of the people that kept warning against the use of Dual_EC_DRBG. Why use a slow and inefficient PRNG that has known biases (and possible number-theoretical backdoors), when you can use something more extensively tested (i dunno... Salsa20 or whatever).

Look, either Dual_EC_DRBG is a decent and secure PRNG, within reasonable parameters of computational complexity, or it's not. If it is, why the fuck is NSA paying security companies to adopt it? If it's that good, it should stand on its own and surely people will naturally adopt it (similarly to what happened with DES).

The fact that NSA has paid RSA to give priority to this PRNG is HIGHLY suspect, to put it mildly.

In a way this is no different than the fixes they made to make DES proof against differential cryptanalysis. Everyone suspected that NSA had weakened DES when in fact they made it stronger, but it took 15-20 years for people to see that.

Back then, people _suspected_ that DES might contain a backdoor. Today, we _know_ that Dual_EC_DRBG contains backdoor-like properties: it's not simply a suspicion. Do you understand the difference, or do you prefer to keep invoking this flawed comparison?

Since you like talking about DES, shouldn't you also refer how the US gov, back then, artificially forced DES key length to be ridiculously low, to the point where the keyspace could be directly bruteforced? Oh, let's not talk about that small detail...

For all we know the elliptic stuff only looks like it might be weak, but it may be perfectly fine and strong, but it may have been chosen since the form looks weak as a troll against anyone that would try to crack it. Square the circle, you can do it!

Hello? Are you paying attention? Dual_EC_DRBG has been SHOWN (not suspected) to display biases and to be particularly slow for the quality of its output bitstream (AND display backdoor-like properties). It's not optimal or transparent, and it's certainly NOT "fine and strong": it's shit.

A five-year-old could make a better PRNG using any vaguely-decent stream cipher, block cipher in counter mode or cryptographically-secure ha

Thought it was going to get banned like Aliyun because of the stories below.

http://www.theverge.com/2012/9/14/3335204/google-statement-acer-smartphone-launch-aliyun-android

http://www.theverge.com/2011/05/12/google-android-skyhook-lawsuit-motorola-samsung/

http://arstechnica.com/gadgets/2013/10/googles-iron-grip-on-android-controlling-open-source-by-any-means-necessary/3/

Anyone know if Jolla phones are banned from being made by the Android OEMs because they're using a third party jvm for compatibility?

Yes, the terms of the OHA prohibit OEMs that ship Android phones from making "Android compatible" phones.

But Oppo is shipping an Android phone, so it's not an issue. If Oppo were to ship an Aliyun phone or a Jolla phone, they too will get a phone call reminding them of their legal commitment to not make a phone that does not run Android but can run Android apps. (So you can make a phone running your own OS, as long as it does NOT run Android apps).

Yes, it's CyanogenMod, but it's still Android in the end. That's perfectly allowed. In fact, Cyanogen is the only one allowed to distribute Gapps outside of Google.

Though, this makes the Blackberry announcement interesting - since Foxconn makes a lot of Android phones for others - are they going to be harassed for making Blackberry phones since those can run Android apps that are not Android?

Thought it was going to get banned like Aliyun because of the stories below.

http://www.theverge.com/2012/9/14/3335204/google-statement-acer-smartphone-launch-aliyun-android

http://www.theverge.com/2011/05/12/google-android-skyhook-lawsuit-motorola-samsung/

http://arstechnica.com/gadgets/2013/10/googles-iron-grip-on-android-controlling-open-source-by-any-means-necessary/3/

Anyone know if Jolla phones are banned from being made by the Android OEMs because they're using a third party jvm for compatibility?

Boston police apparently "abandoned" their license-plate reading program after reporters found out they weren't using it for the stated purpose of finding stolen vehicles.

FTFY - you forgot the scare quotes.

Boston police apparently abandoned their license-plate reading program after reporters found out they weren't using it for the stated purpose of finding stolen vehicles.

Of course, it is easier to get a crooked, ineffective police program killed when it is funded from the local budget, not windfall "homeland security" dollars in the US.