Slashdot Mirror

But it will be slightly less evil DRM than Microsoft's (if there can be such a thing.)

For those who haven't heard about the Vista DRM "features", please read this:

http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_c ost.txt

MS is letting the flashiness of their OS speak for itself. I've been using vista RTM for a while now, and I've got to say it's really nice. The built in speech recognition in particular is amazing, allowing one to dictate as if he was speaking to a real person. After a few days of training, I can read the declaration of independence, a document containing hundreds of archaic words I hadn't trained the system on, at faster than normal speed, with nearly 100% accuracy. Vista has hundreds of other updates which are by and large really nice, and I would say that it's MS' best OS yet ...

Except for it's absolutely outrageous kowtowing to content providers. The fact that vista requires hardware that 99.9% of the market does not own to view premium content at it's native resolution is the quintessential dealbreaker for me. MS has completely abandoned the consumers' interest with this release and is blatantly selling out to the terrified MPAA and RIAA, as well as other content providers. Vista is a resource hog, and will drastically and unnecessarily increase hardware costs across the board, but particularly for video card manufacturers (What? You didn't want 2-3 of your Pixel shader pipelines devoted to useless en/decryption ? Too bad! Or those of you who appreciated the unified driver models, say goodbye to that.) If I want to watch a bluray video on my top of the line HD-capable system, who is Microsoft to tell me to buy a new monitor which will actively conspire against me?

Governments must not ever implement windows vista, due to its enforcement of so called "tilt bits" which will disable the system if it is not within certain prescribed limits. This is to detect and prevent people tinkering with their systems' insides. These small abberations are normal, and the ability of electronic hardware to withstand them is one of the reasons that it is so robust these days. A small thing like an intentional power surge has the potential to set off these tilt bits and disable any system running Vista.

This schizophrenic tenancy for products we own to be controlled by an external master is criminal and should not be tolerated by anyone who values freedom. I stole Vista in order to test it, and its beauty and usefulness scares me very much. I had hoped that MS would screw up like they usually do, and no one would buy vista. Once most people are using vista, computer users are screwed badly. The funny thing is that they have no one to blame but themselves, for not knowing that it is a wold in sheep's clothing. I'd urge anyone who has any possibility of using vista, ESPECIALLY those who have sway over it's use in the workplace to read this document by Computer Scientist Peter Guttmann, A Cost Analysis of Windows Vista Content Protection. It's a great read, and is ablolutely infurating. Happy new years, Everybody

So then, I expect Microsoft will be sending Peter Gutman a free laptop for all his good work covering Vista.

A free laptop that downscales and then reupscales all "unprotected" high quality signals that pass through it? Just to cover the mere possibility that you didn't pay for something? A laptop designed to detect the slightest analog voltage fluctuations, and inject crap bits into the system to make it crash, just in case you attach an alligator clip to your sound card to get free music? Or with remotely destructible device drivers that are disabled by Microsoft once the RIAA learns about a driver vulnerability that allows leakage of "protected content"? No thanks.

Someone should get the list of developers who got free laptops, so we can send them Knoppix CDs as "no strings attached gifts". These laptops already need rescuing.

Gutman is a computer security specialist, not a medical imaging person. He wrote his PhD thesis on Security Architecture. Go visit his homepage http://www.cs.auckland.ac.nz/~pgut001/ and it's pretty clear he knows what he is talking about in IT Security.

As a user, there is simply no escape. Whether you use Windows Vista, Windows
XP, Windows 95, Linux, FreeBSD, OS X, Solaris (on x86), or almost any other
OS, Windows content protection will make your hardware more expensive, less
reliable, more difficult to program for, more difficult to support, more
vulnerable to hostile code, and with more compatibility problems.

I find it odd that the main thing that inspired this is not linked from the Slashdot summary. Truly a scathing article.

It makes Vista sound like a disaster. All this really shows how far MS will go to satisfy the RIAA/MPAA crowd's insanity. They are truly mad.

No one will like this. Not hardware vendors, not consumers, not anyone. Surely they're not going through with this?

Peter Gutmann is a "security expert". In fact, he may well be the computer security expert.

http://www.cs.auckland.ac.nz/~pgut001/

Don't be fooled by the WWW-Circa-1992 homepage...he is a world renowned and respected security researcher.

You realize the original poster confused the original computer science guy with some one commenting on his article right?

BTW the link to the paper is here.

http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_c ost.txt

Here's a link to the actual paper referenced in the article.

I would post the entire paper, but it's too large. Here are some notable excerpts:

However, one important point that must be kept in mind when reading this document is that in order to work, Vista's content protection must be able to violate the laws of physics, something that's unlikely to happen no matter how much the content industry wishes it were possible. This conundrum is displayed over and over again in the Windows content-protection specs, with manufacturers being given no hard- and-fast guidelines but instead being instructed that they need to display as much dedication as possible to the party line. The documentation is peppered with sentences like: "It is recommended that a graphics manufacturer go beyond the strict letter of the specification and provide additional content-protection features, because this demonstrates their strong intent to protect premium content". This is an exceedingly strange way to write technical specifications, but is dictated by the fact that what the spec is trying to achieve is fundamentally impossible. Readers should keep this requirement to display appropriate levels of dedication in mind when reading the following analysis.

Vista's content protection mechanism only allows protected content to be sent over interfaces that also have content-protection facilities built in... Since S/PDIF doesn't provide any content protection, Vista requires that it be disabled when playing protected content. In other words if you've invested a pile of money into a high-end audio setup fed from a digital output, you won't be able to use it with protected content. Similarly, component (YPbPr) video will be disabled by Vista's content protection, so the same applies to a high-end video setup fed from component video.

Alongside the all-or-nothing approach of disabling output, Vista requires that any interface that provides high-quality output degrade the signal quality that passes through it. This is done through a "constrictor" that downgrades the signal to a much lower-quality one, then up-scales it again back to the original spec, but with a significant loss in quality... Amusingly, the Vista content protection docs say that it'll be left to graphics chip manufacturers to differentiate their product based on (deliberately degraded) video quality. This seems a bit like breaking the legs of Olympic athletes and then rating them based on how fast they can hobble on crutches.

Vista's content protection requires that devices (hardware and software drivers) set so-called "tilt bits" if they detect anything unusual. For example if there are unusual voltage fluctuations, maybe some jitter on bus signals, a slightly funny return code from a function call, a device register that doesn't contain quite the value that was expected, or anything similar, a tilt bit gets set. Such occurrences aren't too uncommon in a typical computer (for example starting up or plugging in a bus-powered device may cause a small glitch in power supply voltages, or drivers may not quite manage device state as precisely as they think). Previously this was no problem - the system was designed with a bit of resilience, and things will function as normal... With the introduction of tilt bits, all of this designed-in resilience is gone. Every little (normally unnoticeable) glitch is suddenly surfaced because it could be a sign of a hack attack. The effect that this will have on system reliability should require no further explanation. Content-protection "features" like tilt bits also have worrying denial-of- service (DoS) implications. It's probably a good thing that modern malware is created by programmers with the commercial interests of the phishing and spam industries in mind rather than just creating as much havoc as possible

Really?

Or if you don't believe Wikipedia, how about one from the Dept of Computer science at Auckland University I'm sure that if you even spent 5 minutes on Google, you would find plenty of evidence to support what I've just said. So get your facts straight instead of trolling about something you blatantly know nothing about.

The idea is basically an extension of what scientific theories are supposed to do. To understand any phenomenon, it is necessary to compress it. A scientific theory, at its core, explains the data from many different experiments by means of a formula simpler than the data. Say, we did a thousand experiments measuring the energy released from the annihiliation of large numbers of electrons and positrons. We could use something like the Lagrange polynomial of the data from the experiment, and then come up with a "theoretical model" that is just as complicated as the data it tries to explain, and that would tell us nothing that we already didn't know. As Leibniz would say: "When a rule is extremely complex, that which conforms to it passes as random." But then, if we had something simpler, like E=mc^2, to explain the experiments, then we might be onto something. That equation explains the whole lot of data from the experiment, and gives an explanation for the transformation of matter into energy and vice-versa, in just a few symbols. I suppose, in the same way, compressing natural language would be a step to trying to get computers to understand natural language. If you want more on this idea, you could try reading the articles on Gregory J. Chaitin's website.

It's purely a money-making scam by Verisign (and other CAs). The only thing high-assurance about "high-assurance" certs is the assurance that you'll be charged more money for them. See the Defcon talk Phishing Tips and Techniques - Tackle, Rigging, and How and When to Phish for a discussion of why "high-assurance" certs are worthless except to the companies issuing them.

Using OSS is not a guarantee of strong crypto.

See Peter Gutmann's analysis of open source VPNs back in 2003. To be sure, the situation was not as dire as he described it to be in all these cases -- in some cases such issues were arguably not readily exploitable or were documented as recognized tradeoffs -- but it nonetheless raises a point that even having a substantial group of folks looking at the source doesn't necessarily help as much as it generally does if recognizing the bugs requires special knowledge which most developers don't have.

Is there some invisible line, which if crossed, bad things can happen? The scary part is the unknown.

Apparently not. And the scary thing is, those are the kind of people who hack together yet another VPN or other crypto-software with massive flaws in them.

See http://www.cs.auckland.ac.nz/~pgut001/pubs/linux_v pn.txt about how hobbyist "security" software can really suck.

1) Yes you can but it is very expensive to do. An electron scanning microscope and expertise is needed. See provided links for more information on how this is done.

http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_ del.html
http://www.akdart.com/priv9.html
http://seclists.org/lists/security-basics/2002/Oct /0433.html

Show me some proof that it can't be done.

This is slightly offtopic, but I'm at a loss as for what to do. About 8 months ago I wrote zeros in one pass to an 80gb WD drive using the Western Digital Data Lifeguard tools. After trying numerous software programs, and a local "recovery" center (mom and pop operation), I have set the drive in my closet to remain untouched until I can find some way to recover the data, and afford that recovery. Reading http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_ del.html gave me some hope that this is quite possible.

Does anyone know a recovery center that can do this (anywhere, I am willing to mail the drive)? How much can I expect to pay for something like this? Is there any software out there that could potentially help me?

Please let me know if there's a better forum or place to ask this question. Thanks!

Epilogue In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now.

Looking at this from the other point of view, with the ever-increasing data density on disk platters and a corresponding reduction in feature size and use of exotic techniques to record data on the medium, it's unlikely that anything can be recovered from any recent drive except perhaps one or two levels via basic error-cancelling techniques. In particular the the drives in use at the time that this paper was originally written have mostly fallen out of use, so the methods that applied specifically to the older, lower-density technology don't apply any more. Conversely, with modern high-density drives, even if you've got 10KB of sensitive data on a drive and can't erase it with 100% certainty, the chances of an adversary being able to find the erased traces of that 10KB in 80GB of other erased traces are close to zero.

Unfortunately a few passes with random data is not as effective against a sophisticated recovery effort as is often assumed.
Now if it's just some random joe with an undelete program he got for $19.99 at the local shop then a single pass is often enough, more sophisticated software only tools might get past a few, but with hardware equipment (probably not used often below the fbi/pro forensics places) you might want to do something a bit more secure.
With good knowledge of how the data is actually stored on the disk you can figure out patterns that tend to degausse the bits being wiped and help eleminate the residual images left by the micro imperfection in head positioning (which are shrinking to almost nothing these days) and simular effects a trully sophisticated data recovery effort might use.

Peter Gutman put out a paper about this that can be read at http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_ del.html
that explains it better.
Though with remapping and newer recording techniques things change and software only erasure becomes more and more problematic. At the highest levels of secrecy I believe most governments require over-kill levels of outright hardware destruction.

It's true that, with Closed Source, you can never be sure. That doesn't mean, however, that Open Source is guaranteed to be secure.

There are not only crypto algorithms but also many details surrounding an implementation that are equally important.

My famous example being http://www.cs.auckland.ac.nz/~pgut001/pubs/linux_v pn.txt:

    "These programs have been around for years (CIPE goes back to 1996 and vtun
    to 1998) and (apparently) have quite sizeable user communities without
    anyone having noticed (or caring, after flaws were pointed out) that they
    have security problems. I only heard of CIPE when a friend of mine
    mentioned it to me in passing, and came across vtun by coincidence when I
    was looking for more info on CIPE. Who knows how many more insecure Linux
    crypto-tunnel products there may be floating around out there."

To a non-expert in cryptography, an Open Source security program may just be as obscure as a closed one. So if you rely on an Open Source program, then actually go out and seek reviews. Don't just think "it's Open Source, _someone_ surely must have audited it".

DON'T use tinc, CIPE, vtun or PPTP!

http://www.cs.auckland.ac.nz/~pgut001/pubs/linux_v pn.txt

Really, OpenVPN must be the best thing since sliced bread. Runnable as non-user, chrootable, interfacing with standard tun/tap devices, certs. None of the complexity of IPsec. I love it.

My 266MHz Geode WRAP can handle 6Mbps which is enough to connect a LAN wirelessly. Faster boxes should handle more than that, despite someone else saying 5Mbps would be a limit.

I highly recommend you read this paper. Its from 1996... but still relevant today.

http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_ del.html

Fashioning it in Windows is quite simple, as Windows domain participants will automatically enroll for the types of certificates that you want, for example, allowing the machines to authenticate into the domain silently. I've written several detailed implementation how-tos on these subjects (kafkaATtelusDOTnet, if you're interested).

As soon as you leave the Windows world, then all these things become a bit trickier. No longer can you simply let the the Windows Certificate Services generate your certificates silently, since you'll need to intercede to generate the type of certificates that want. Controlling how these certificates are constructed becomes somewhat difficult (not impossible, just tricky). How and what you want will totally depend on the applications that you're using. You're probably far better off getting a PKI solution based on OpenSSL in that case, especially if you need to interoperate with non-Windows applications and devices (such as CISCO routers). If you don't have time to write any code, look into RSA Security. They're wayyyy cheaper than Verisign, and you don't have to deal with the hassle of outsourcing.

Another poster recommended using OCSP - thats fine, but I don't believe there is a native OCSP client built in to Windows. You either have to roll your own, or obtain one (RSA, for example, has one. As well as Computer Associates OCSPro). In fact, there is no reason why you can't implement both redundantly. Use both the CRL distributionpoints (CRLdP) extension *and* the AIA extension to get this done.

Another citation, I believe, referred to Peter Guttmans (very old) document on various PKI implementations, X.509 Style Guide. This document is horrendously outdated, as the tools and apps are far more widespread than they were wayyyy back in 2000.

Anyways, for what its worth, if you know what you're doing PKI has distinct advantages to add to your electronic security (although a blind reliance on it won't help you at all).

If you don't know what you're doing, then you'd better go with a vendor that will support you.

/K

Microsoft Profile - This isn't a real profile, but the software is widespread enough and nonstandard enough that it constitutes a significant de facto profile.

"No standard or clause in a standard has a divine right of existence." -- A Microsoft PKI architect explaining Microsoft's position on standards compliance.

"Whenever someone thinks that they can replace [IPSec] with something much better that they designed this morning over coffee, their computer speakers should generate some sort of penis-shaped sound wave and plunge it repeatedly into their skulls until they achieve enlightenment." -- Peter Gutmann

That's possibly the coldest, worst thing that I've ever heard a company to do.

In 2004 Pfizer withdrew funding from a New Zealand based cancer research centre over a dispute with Pharmac, the government (well, crown) entity that purchases pharmaceuticals for hospitals and health programmes. http://www.auckland.ac.nz/uoa/about/news/articles/ 2004/05/0005.cfm

The people who run America's large corporations are by and large not nice people. (Yeah, that means you Mr. Niblack, and your fucking lawyers.)

i spent a semester at the university of auckland in new zealand, and their in house IT services included a web-based classroom management system called Cecil in the exact niche filled by Blackboard and webCT commercially here in the states. it was enormously popular at the UofA, and it seems to have been developed, managed, and serviced almost entirely in-house by the University. i used it myself for classes that semester, and have used Blackboard at my home university, and i thought Cecil was remarkably reliable in comparison, if a tad less intuitive.

point is, while most schools are not likely to have the resources to do something like this so completely in house, many do have at least some in-house IT staff who would be able to administer a project like this. not only is in-house development a good alternative for schools that have the means, but it also might be a way for entrepeneurs (like the parent) to approach universities with their own systems. a system developed partially in-house is by default custom-built, and probably most useful and intuitive for users in that environment.

business as usual on /.--open-source or proprietary non-commercial development looks like the way to go.

The "one and only" method is the "comparative method" and this does NOT just rely on lexicon and morphological items, it also takes into account typological/structural/grammatical features too.

Next, why *aren't* these characteristics suitable? Many researchers ( Joanna Nichols being the poster scientist ) think that grammatical characters are much more stable than lexicon based characteristics which other computational phylogenetic studies of language evolution have relied on ( including my own work ). Also - Dunn, Terrill & Reesink are very highly regarded Austronesian linguists, so they do have some idea of what they're talking about.

This research is interesting precisely because it uses many data types, and appears to show some signal at MUCH greater time depths than most historical linguists would have predicted.

I think that linguisitics has a major hang-up about "magic bullets" i.e. one or two characteristics proving or disproving the rule. Surely the better approach is to take a statistical analysis. In fact, these methods (phylogenetic techniques from evolutionary biology) that they ( & our lab ) are using are very accurate and capable of detecting these false similarities, and providing an understanding based on ALL the evidence and not one or two examples plucked from a hat.

Anyway, if anyone's interested I wrote a paper earlier this year on these methods applied to the Austronesian language family and early human settlement of the Pacific here (Sorry - PDF! )

As for "being answered" in the literature many times and "sexing up an unreliable methodology by involving computers" - not really no. It's NOT lexicostatistics or glottochronology or any of those 1950s era techniques which are crap, these methods are far more realistic and sensible (and used by evolutionary biologists every day). The computers are not just used because they're sexy, but because analysing all that data by hand is hard.

--Simon

Unfortunately a few passes with random data is not as effective against a sophisticated recovery effort as is often assumed.
    Now if it's just some random joe with an undelete program he got for $19.99 at the local shop then a single pass is often enough, more sophisticated software only tools might get past a few, but with hardware equipment (probably not used often below the fbi/ pro foresnics places) you might want to do something a bit more secure.
    With good knowledge of how the data is actually stored on the disk you can figure out patterns that tend to degausse the bits being wiped and help eleminate the residual images left by the micro imperfection in head positioning (which are shrinking to almost nothing these days) and simular effects a trully sophisticated data recovery effort might use.
      Peter Gutman put out a paper about this that can be read at http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_ del.html
that explains it better.
    Though with remapping and newer recording techniques things change and software only erasure becomes more and more problematic. At the highest levels of secrecy I believe most governments require over-kill levels of outright hardware destruction.

Mycroft

The big paper that started all this is here:

http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_ del.html

(sorry if the link gets tangled). The author is Peter Gutmann. The paper you see on that link is actually an updated version of the original, which was published at USENIX '96, minus the "epilogue" section at the end. That's the critical part, where Gutmann basically backs off all the important conclusions about hard drive data recovery. He's still pretty optimistic in the epilogue (he talks about recovering one or two previous write passes of data), but you have to notice that he doesn't support himself, there, and the original citations don't support him, either.

Not to speak ill of Gutmann--he's done a lot of great work in UNIX security over the years, and he's a stand-out researcher. But he doesn't prove what he's saying.

Hopefully, the Gutmann terminology will be enough to get you started if you want to research the issue further. I used to have a couple dozen pages of cites and summaries on the issue, but I lost most of it when I left my last job. It's still out there, but it took me a couple of months to do it originally.

Here's some useful linkage:

http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_ del.html
http://dban.sourceforge.net/

That is complete bullshit. This guy obviously has not read Guttman's recent comments about this exact topic.

In fact, to quote Guttman himself:

"Looking at this from the other point of view, with the ever-increasing data density on disk platters and a corresponding reduction in feature size and use of exotic techniques to record data on the medium, it's unlikely that anything can be recovered from any recent drive except perhaps one or two levels via basic error-cancelling techniques. In particular the the drives in use at the time that this paper was originally written have mostly fallen out of use, so the methods that applied specifically to the older, lower-density technology don't apply any more. Conversely, with modern high-density drives, even if you've got 10KB of sensitive data on a drive and can't erase it with 100% certainty, the chances of an adversary being able to find the erased traces of that 10KB in 80GB of other erased traces are close to zero."

Traces of data can be left in RAM but it isn't easy to retrieve them. If you don't believe me, check here http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_ del.html

• It will help Apple's supply chain dramatically
• It may lower the price they pay on higher end CPUs
• Some organizations will buy mactel in place of wintel and then install Windows
  Reasons:
  1. Bulk discounts
  2. Less types of computers for IT to support
  3. What organization uses Dell's Windows support?
  4. Many organizations have site licences, so they won't have to shell out any extra money for MS Windows.
  5. Possibility of switching to OSX down the road

Don't forget 1998 -- there was a major, prolonged power outage in Auckland central city, that went on for weeks: http://www.cs.auckland.ac.nz/~pgut001/misc/mercury .txt

If I recall correctly, Auckland has lost power once or twice and it just messed things up. Doing a little googling reveals this page : http://www.cs.auckland.ac.nz/~pgut001/misc/mercury .txt Damn what a mess! I would not wish blackouts and or rats on anyone. I feel sorry for anyone dependant on electricity, since the local company really screwed the pooch. That goes double for interweb service, since I know what it feels like to go without...it sucks bigtime. Hm, as for the rat population maybe they need to sell off some of those many millions of sheeps (40+ million, IIRC) and get some cats...a whole mess of cats. Rats are VERY destructive and can gnaw through most materials with ease. Another fun fact is that they can swim for 1/4 mile underwater (and fly outta your toilet and bite you on the ass...yuck!).

If you want a more secure and efficient method, take a look at Peter Gutmann's work.

Actually, I'll save you a trip to google, just because I'm that nice.

http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_ del.html

This is completely unrelated to the MPAA issue, but anyway...

I'd argue that nothing is analog. Electrons and photons are finite things. When you look at a piece of copper wire, you'll never see some fractional number of electrons zipping by -- there ether is an electron or there isn't. Some scientists and mathematicians are leaning more and more towards the possibility that nothing in the universe is truly "analog." Wolfram's "A New Kind Of Science" suggests that the whole universe (physics, time, etc...) is a digital computer of sorts. The "Digital Philosophy" crowd (website) makes a similar argument. Chaitin even argued that real numbers don't exist in his most excellent book. The book was available for free online for a long time, but it looks like it's gone now. It's well worth whatever he's asking for it, though.

I can't quite speak to its security, but there's nothing I've seen that makes me the least bit concerned. Although Peter Gutmann didn't do a real audit of openvpn, he did have this to say about it: "... but a quick look through it indicates that the author knows what he's doing." After you read a few remarks made by cryptographers, something like "this person is not a moron" is exceptionally high praise.

And Gutmann did leave us with this memorable quote: "Whenever someone thinks that they can replace SSL/SSH with something much better that they designed this morning over coffee, their computer speakers should generate some sort of penis-shaped sound wave and plunge it repeatedly into their skulls until they achieve enlightenment."

If you need a vpn solution that Just Works, check out OpenVPN.

Jason.

The deeper theorists dig the universe appears to get more random, not less. Virtual particles appear from seemingly nothing and then disappear again without a trace. At the lowest meaningful levels it is postulated that time and space have none of the linearity that we percieve at higher levels. Will we eventually find our universe to be the clockwork world idealized by Newton? Maybe. But let's be realistic, we're nowhere near that today.

Ok, I have a few qualms with this:
1. You are talking about a model of reality as if it were real.
2. There is nothing in modern physics that says nor implies that any event, including virtual particle creation and annihilation, is noncausal. Unpredictable yes, noncausal no.

I don't believe entaglement is what he was referring to when he said that "God does not play dice with the universe".

Here's a good link explaining Einstein's philosophical difference of opinion on the interpretation quantum physics. It essentially boils down to causal determinism, and predictive determinism. While all events are causal, we cannot necessarily gather enough information to be able to predict outcomes even given a correct model of reality. I'm sure there are physicists who would adaondon all sense determinism, but it's my distinct impression they are few and far between (and not well regarded at all).

By the explanation given in the link I included, the creative force is not described as causing the big bang, they sound to be one and the same.

Not necessarily. G can give rise to E1 which can then cause E2 which can then cause the big bang. There can be any number of steps between G and the big bang. There is no reason why G cannot be the cause of V by transitive closure. As long as the intervening causal events are one-shots, ie. they merely cause the next stage of the process, I don't see why the proof would discount them.

Again, from the one who posted the proof

That being me... ;-)

The poster confirms what you say that later in his book Hatcher goes more indepth about the nature of god, but he doesn't say what the nature is.

It's mentioned further here (thought not in much more detail than I outlined here).

It is said he has no other attributes at all which based on that proof, somewhat rules out an "all good" or "all knowing" creative force.

To be fair, it's not at all clear to me what "non-composite" means exactly. What exactly does it mean to be a member of a set in the proof's model? I'm not sure that an "attribute" is a member of a set for instance.

This may leave open the possibility for much interpretation unfortunately.

I think the point of the secure erasing feature is overwriting the (presumably sensitive) data with useless gibberish which looks like malformed/broken data and/or can't even be construed as a file.

Yes - see the man page for the srm command (that's the Darwin 7.0.1 man page, which is the 10.3.1 man page, but other UN*Xes include it as well).

The "Gutmann algorithm" mentioned therein is presumably the one devised by Peter Gutmann, as described in his paper Secure Deletion of Data from Magnetic and Solid-State Memory.

Not the greatest choice of wording (and spelling), in any case. Maybe "meaningless" would have been clearer?

That, or "scrambled" (which I suggested via the Website Feedback page on the Apple Website), although perhaps "scrambled" is a bit too techy.

I think the point of the secure erasing feature is overwriting the (presumably sensitive) data with useless gibberish which looks like malformed/broken data and/or can't even be construed as a file.

Yes - see the man page for the srm command (that's the Darwin 7.0.1 man page, which is the 10.3.1 man page, but other UN*Xes include it as well).

The "Gutmann algorithm" mentioned therein is presumably the one devised by Peter Gutmann, as described in his paper Secure Deletion of Data from Magnetic and Solid-State Memory.

Not the greatest choice of wording (and spelling), in any case. Maybe "meaningless" would have been clearer?

That, or "scrambled" (which I suggested via the Website Feedback page on the Apple Website), although perhaps "scrambled" is a bit too techy.

Using shred isn't necessary for any modern hard disc. Something like 'dd if=/dev/urandom of=/dev/hda obs=512' is sufficient, as good as you're going to get if you're working from behind the drive's on-board electronics and is faster than shred. This is paraphrased from the epilogue of Peter Gutmann's classic paper http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_ del.html. PRML has been widely used since at least 1998 (a 6GB IBM drive I bought then was PRML).

Q: Is the Gutmann method the best method?

A: No.

Most of the passes in the Gutmann wipe are designed to flip the bits in MFM/RLL encoded disks, which is an encoding that modern hard disks do not use.

In a followup to his paper, Gutmann said that it is unnecessary to run those passes because you cannot be reasonably certain about how a modern hard disk stores data on the platter. If the encoding is unknown, then writing random patterns is your best strategy.

In particular, Gutmann says that "in the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data... For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do".

Read these papers by Peter Gutmann:

• Secure Deletion of Data from Magnetic and Solid-State Memory
• Data Remanence in Semiconductor Devices

A) How in the hell can they read zeroes? Perhaps if you *deleted* the data (i.e. on an OS level) they can read it, but I doubt that if you filled the drive with zeros they could do anything.

In short, there are no "ones" or "zeroes" on your hard drive, but only certain signals that represent them. Somewhat oversimplifying, when you write 1 over 1, the value is slightly larger than 1 written over 0.

It doesn't matter for the hard drive as long as both are well over certain threshold and will never get confused with 0. But when you subtract a perfect 1 from all of the "ones" on the hard drive (and leave the "zeroes" alone), then you will get a weak signal which is a shadow of the previous data. Amplify it and you have more or less the same signal that was there before the overwriting.

You can do it once more and get the data before that, and repeat it until you hit the limitation of your equipment sensitivity and the noise of the signal itself, but recovering few generations of data is usually possible, and recovering the previous data is trivial, especially when you deleted it with zeroes, so you don't even have to bother with removing the 1s.

That is why I always run:

shred -vz /dev/hda

before I stop using any hard drive.

B) Assuming they can, destroy it in some other way.

From info shred:

The best way to remove something irretrievably is to destroy the media it's on with acid, melt it down, or the like. For cheap removable media like floppy disks, this is the preferred method. However, hard drives are expensive and hard to melt, so the `shred' utility tries to achieve a similar effect non-destructively. This uses many overwrite passes, with the data patterns chosen to maximize the damage they do to the old data. [...]

Shred is available in GNU fileutils.

See also Secure Deletion of Data from Magnetic and Solid-State Memory paper by Peter Gutmann, first published in the Sixth USENIX Security Symposium Proceedings, San Jose, California, July 22-25, 1996.

Abstract: With the use of increasingly sophisticated encryption systems, an attacker wishing to gain access to sensitive data is forced to look elsewhere for information. One avenue of attack is the recovery of supposedly erased data from magnetic media or random-access memory. This paper covers some of the methods available to recover erased data and presents schemes to make this recovery significantly more difficult. [emphasis added]

Introduction: [...] In the 1980's some work was done on the recovery of erased data from magnetic media, but to date the main source of information is government standards covering the destruction of data. There are two main problems with these official guidelines for sanitizing media. The first is that they are often somewhat old and may predate newer techniques for both recording data on the media and for recovering the recorded data. For example most of the current guidelines on sanitizing magnetic media predate the early-90's jump in recording densities, the adoption of sophisticated channel coding techniques such as PRML, the use of magnetic force microscopy for the analysis of magnetic media, and recent studies of certain properties of magnetic media recording such as the behaviour of erase bands. The second problem with official data destruction standards is that the information in them may be partially inaccurate in an attempt to fool opposing intelligence agencies (which is probably why a great many guidelines on sanitizing media are classified). By deliberately under-stating the requirements for media sanitization in publicly-available guides, intelligence agencies can preser

The entire point of using certificates is so that you know that there is a certified binding between a public key and an identity. If you don't know who will recieve your encrypted information then there's no point encrypting it in the first place!

For a (partial) list of the design and implementation problems that interfere with certificates actually solving the problem, check out Peter Gutman's scathing critique of X.509-based PKI.

Article at this site explains some of the why.. PPTP (via poptop) has some advantages (mostly in terms of interoperability) but openvpn or frees/wan are probably your best choices..

This is the source from which everyone gets information on the topic from.

Or so it seems.

To make the data unreadable, you must overwrite it approximately 20 times. From what I've heard, 10 times is enough, but 20 times if you want to be sure.

No-one's mentioned the superb pari-gp yet. It'll draw graphs using gnuplot and unlike much other software of it's type it has excellent documentation.

Lisp is also prominently absent but I agree with what Chaitin says about it being the natural computer language for mathematically minded computer users. Actually I'm surprised it isn't more popular with other software developers - it seems to me to make any kind of programming easier and more pleasurable.

People who've mentioned Maxima also haven't said anything much about graphical (non-plotting) interfaces to it. I like imaxima in emacs and also TeXmacs - which will act as a graphical front end to many other mathematical programs.