Slashdot Mirror

I'm no scientist, and I've never researched the issues involved, so I'm certainly not proposing to pass judgement on whether this (extraordinary) claim has any likelihood of being justified, or whether Dr. Park's quoted reasoning is sound. But I will say that Dr. Park's eagerness not only to reject the possibility as quickly as possible but to quickly silence those who entertain the possibility through mockery as fast as possible cannot inspire confidence about his judgement.

Dr. Park and his ilk work to make a pariah of any scientist who gives any credence to an extraordinary claim which is subsequently proven false (or is considered to have been proven false, or in fact why bother waiting for proof at all?) The resulting social impulses to avoid exclusion and join in pelting the menacing sinner are what make this a powerful means of winning arguments. "Hark: A COLLECTIVE GROAN CAN BE HEARD . Better join in the groans fast before anyone starts looking your way!"

But for Heaven's sake, if we accept that the normal process of review will be able to effectively determine whether these results are sound or not, then the absolute worst that can happen is that some time and money will be spent in finding that the results are not sound, and that some people will thus be proven wrong. In science people are proven wrong, through the expenditure of some time and expense, all the damn time! Being willing to consider new ideas necessarily entails the risk that you will consider, or take seriously, ideas that turn out to be false. If you're terrified of ever believing something that turns out to be wrong, don't do scientific research. The exact same standard should hold for extraordinary claims as for more mundane ones: if they have some prima face credibility, let them join the rough-and-tumble of review. Extraordinary claims do merit searching, skeptical examination: those who make or consider them surely don't deserve any more or less odium than scientists who turn out to have been fraudulent, or foolish, or just mistaken in regard to more mundane ones.

Oh, and for all you freshly minted M.Sc.s and docs out there who are saddling up to join the posse and defend the faith in this forum: consider first that in all academic fields it tends to be the young postgrads who are loudest and most confident in defending the current thinking. Older academics are (on average, of course) a little less sure of themselves: could it possibly be that they have learned something?

I'm no scientist, and I've never researched the issues involved, so I'm certainly not proposing to pass judgement on whether this (extraordinary) claim has any likelihood of being justified, or whether Dr. Park's quoted reasoning is sound. But I will say that Dr. Park's eagerness not only to reject the possibility as quickly as possible but to quickly silence those who entertain the possibility through mockery as fast as possible cannot inspire confidence about his judgement.

Dr. Park and his ilk work to make a pariah of any scientist who gives any credence to an extraordinary claim which is subsequently proven false (or is considered to have been proven false, or in fact why bother waiting for proof at all?) The resulting social impulses to avoid exclusion and join in pelting the menacing sinner are what make this a powerful means of winning arguments. "Hark: A COLLECTIVE GROAN CAN BE HEARD . Better join in the groans fast before anyone starts looking your way!"

But for Heaven's sake, if we accept that the normal process of review will be able to effectively determine whether these results are sound or not, then the absolute worst that can happen is that some time and money will be spent in finding that the results are not sound, and that some people will thus be proven wrong. In science people are proven wrong, through the expenditure of some time and expense, all the damn time! Being willing to consider new ideas necessarily entails the risk that you will consider, or take seriously, ideas that turn out to be false. If you're terrified of ever believing something that turns out to be wrong, don't do scientific research. The exact same standard should hold for extraordinary claims as for more mundane ones: if they have some prima face credibility, let them join the rough-and-tumble of review. Extraordinary claims do merit searching, skeptical examination: those who make or consider them surely don't deserve any more or less odium than scientists who turn out to have been fraudulent, or foolish, or just mistaken in regard to more mundane ones.

Oh, and for all you freshly minted M.Sc.s and docs out there who are saddling up to join the posse and defend the faith in this forum: consider first that in all academic fields it tends to be the young postgrads who are loudest and most confident in defending the current thinking. Older academics are (on average, of course) a little less sure of themselves: could it possibly be that they have learned something?

Want to know what is possible? Want something to think smile about when you hear about the latest and greatest smartcard system? Just curious about how one actually can go about rev-eng'ing a chip?

You owe it to yourself to read the following paper: Design Principles for Tamper-Resistant Smartcard Processors and check out the slides for lots of interesting pictures.

Everything from how you use acid to remove the packaging without destroying the chip logic itself, to the actual microprobing to extract information from the circuit.

Want to know what is possible? Want something to think smile about when you hear about the latest and greatest smartcard system? Just curious about how one actually can go about rev-eng'ing a chip?

You owe it to yourself to read the following paper: Design Principles for Tamper-Resistant Smartcard Processors and check out the slides for lots of interesting pictures.

Everything from how you use acid to remove the packaging without destroying the chip logic itself, to the actual microprobing to extract information from the circuit.

From what I've seen of it so far, it's a good book (Disclaimer: yes, he was my project supervisor last year!). A few funny typos etc in the errata, which is well worth a look, too, especially anyone wondering who the hell this "Prince Schneier" guy on p 113 is ;-)

From what I've seen of it so far, it's a good book (Disclaimer: yes, he was my project supervisor last year!). A few funny typos etc in the errata, which is well worth a look, too, especially anyone wondering who the hell this "Prince Schneier" guy on p 113 is ;-)

From what I've seen of it so far, it's a good book (Disclaimer: yes, he was my project supervisor last year!). A few funny typos etc in the errata, which is well worth a look, too, especially anyone wondering who the hell this "Prince Schneier" guy on p 113 is ;-)

Here you can find a pdf off chapter 10, chapter 18, and chapter 1.

Here you can find a pdf off chapter 10, chapter 18, and chapter 1.

Here's a log of viewing details so far

A nice addition would be tempest-resistant fonts! Here's a great article on tempest about tempest & creating fonts that are unreadable. Basically, the tempest setup only picks up the upper 30% of the frequency range, so this font has those components filtered out. But, the cool thing is that you can superimpose a (low amplitude) high-frequency pattern that isn't very visible to the user, but is visible to the tempest receiver. A whole fake Win98 screen transmitted? Here's the slide presentation for the above article (if you just want to look at the pretty pictures)

A nice addition would be tempest-resistant fonts! Here's a great article on tempest about tempest & creating fonts that are unreadable. Basically, the tempest setup only picks up the upper 30% of the frequency range, so this font has those components filtered out. But, the cool thing is that you can superimpose a (low amplitude) high-frequency pattern that isn't very visible to the user, but is visible to the tempest receiver. A whole fake Win98 screen transmitted? Here's the slide presentation for the above article (if you just want to look at the pretty pictures)

our chips (what the americans call fries, but different) are being patented and chip shops will be charged a per-chip royalty.

Ain't it great the way we get all the good ideas from the colonies...

The mathematics used to describe quantum mechanics can be performed on classical computers. Therefore, a QM system can be modelled as fully as is desirable, on ordinary computers. It's the same argument as with any kind of simulations: car crashes can be modelled even if there are no moving parts in the computer.

For some references you could check out my paper which summarizes some of the basics behind quantum computation.

By the way, all semiconductor devices are based on quantum mechanical phenomena so there are very few 'classical computers' around ;-)

a very, very small fraction of a percent uphill, and the rest downhill.

If you're geek enough to read Slashdot, hopefully you're geek enough to hack together a genetic algorithm (or download one off the 'net) and see by experiment that your logic isn't sound.

No one claims that every adaptation is going to be successful over the long run.

Basically you're asking us to prefer the conclusions of your thought experiments rather the conclusions based on the evidence.

I'm running a database of histopathology images derived from experimental manipulation of the mouse genome at Cambridge University and it's funded by the EU.

We are publishing all our images and data freely and people seem to be happily using our data, but while we encourage them to share their images, we made the experience that it just doesn't happen. Hardly anyone seems to want to give anything back to the community!

It's quite sad, because the more people would share their information, the more useful the database would be for everyone...

We'll probably have to hire some people now to scan and upload some images.

MG

In fact, I managed to find the paper in question. See here for yourself. The relevant page is sums and reading from the top, I get the following:

The DES cracker is searching a 2^56 key space (72,058,000,000,000,000 keys) at a speed of 33.333 MHz (ie 33.333 million keys/second). To search the entire key space would therefore take 68.50 years. The DES cracker is actually searching for up to 16384 keys in parallel. If the whole key space was searched it would find keys at an average rate of one per 68.50/16384 years, which is one every 36.65 hours.

So please, point me where I went wrong. Especially, have I understood the phrase if the whole key space was searched... wrong? And if, how?

We know that the running time of DES is pretty much a constant. The same time is required per block, regardless of whether we are encrypting or decrypting. The function is the same, the subkeyset is just reversed. So if DES cracker manages to find a single key on average of 36.65 hours, it means it MUST have gone through 50% of the key space in that time.

And if I didn't misread the front page, it really says that anyone with access to 1000 $US FPGA and some programming books can do this.

In fact, I managed to find the paper in question. See here for yourself. The relevant page is sums and reading from the top, I get the following:

The DES cracker is searching a 2^56 key space (72,058,000,000,000,000 keys) at a speed of 33.333 MHz (ie 33.333 million keys/second). To search the entire key space would therefore take 68.50 years. The DES cracker is actually searching for up to 16384 keys in parallel. If the whole key space was searched it would find keys at an average rate of one per 68.50/16384 years, which is one every 36.65 hours.

So please, point me where I went wrong. Especially, have I understood the phrase if the whole key space was searched... wrong? And if, how?

We know that the running time of DES is pretty much a constant. The same time is required per block, regardless of whether we are encrypting or decrypting. The function is the same, the subkeyset is just reversed. So if DES cracker manages to find a single key on average of 36.65 hours, it means it MUST have gone through 50% of the key space in that time.

And if I didn't misread the front page, it really says that anyone with access to 1000 $US FPGA and some programming books can do this.

Actually, String theory has moved to M-theory, and involves "super strings" and membranes. I've read many books on the subject... most of them have taken a long time to read, i.e. read a few pages, think about it for a few days, go back...

Anyhow, some links:

• M-theory, the theory formerly known as Strings
• One of todays hottest subjects when it comes to Physics is M-Theory
• The lazy-man's Google Search

My take is that, as has been said before, the world consists of 11 dimensions. There are actually many super-string/m-theories, but they are not contradictory, kinda like different views of the same thing.

A main problem with these theories is that there are many (infinite?) solutions the math sets that descibe them.

A 'string' in the theory is like a circular guitar string that is taunt... it has certain modes of vibration, each mode representing a certain type of particle.

Also, there are different types of strings... strings that are self connecting, open string, string that loop around more than once...

Ok, that probably didn't clear anything up...

Please don't all do so at once though :-)

It's essentially a collection of lecture notes for a course on information theory and neural networks given by the author (David MacKay), but has been much expanded since I took the course in 1997. It will certainly show how any claim for a compression technique which works consistently on random data is bogus.

Yea, behold the BreadCam! (and it's descendant, PilchardCam)

Remember to read the legal notice beforehand though.

Yea, behold the BreadCam! (and it's descendant, PilchardCam)

Remember to read the legal notice beforehand though.

Yea, behold the BreadCam! (and it's descendant, PilchardCam)

Remember to read the legal notice beforehand though.

There was a mention of this in the ACM magazine, Communications of the ACM.

An online version of the article can be found here.

"On 11th November 1994, we were visited by a reporter from our local radio station, BBC Radio Cambridgeshire, to make a report on this service. Naturally we connected a radio to one of our workstations and relayed the broadcast over our local network. The transmission was also recorded digitally, and now you can hear it too (1.5Mb, 3'20").

We are grateful to BBC Radio Cambridgeshire for giving permission to put this audio file on the Web."

The Trojan Room Coffee Pot page which links to the page I listed before. There's also a "biography" of the coffee pot here

I totally remember loading this thing up w/ Mosaic. The shot of it being switched off is about what it looked like then-- tiny and black and white.

The Trojan Room Coffee Pot page which links to the page I listed before. There's also a "biography" of the coffee pot here

I totally remember loading this thing up w/ Mosaic. The shot of it being switched off is about what it looked like then-- tiny and black and white.

The coffee machine was shut down earlier this year, but I guess it's back.

Andrew Shields and others released a paper last year on possible use of normal FET technology in conjunction with a layer of "nanometer-sized quantum dots" for the detection of a single photon. I'm not sure that the method he demonstrates there could be adapted to commercial scale crypto, but it certainly seems to be a possibility.

I'm no expert, and Shields' comments on problems of attenuation in fiber transmitters may render the unique selling point of quantum crypto (that snooping can be detected) moot, but it still looks very promising for such a young idea.

Yup. Go here to contact Dada Gottelli, who can get you the source. Unfortunatly, it can't be sent over the internet, but there are many mirror sites around the world. And yes, the source for hippos, or at least the species Choeropsis liberiensis, is available.

(For those who don't know, zoos around the world are preserving tissue samples and sperm and eggs from a wide variety of species. Useless (other than for research) now, but possibly vital at some time in the future... and they share back and forth to mirror each other's efforts (so the loss of a single facility won't affect the project... where is SourceForge's mirror?)

--
Evan

Actually, most MACHOs are thought to be failed stars--white and brown dwarfs and the like. I disagree that this object they found is in the "known" column as far as frequency of occurrence. This article supports me (found on a quick search), as well as many other things I have read. It is not well known how many failed stars populate the universe or even our own galaxy, or even how many white/brown dwarfs may populate the Kuiper Belt and Ort Cloud of our own solar system. This isn't known becuase the objects themselves are very hard to detect, because they don't emit much EM.

personally I am a fan of serpant Ross Anderson work because I understand it and after some conversations with people who know both I think its better than AES

the sooner AES is used widely the better though

regards
john 'keys ? no sir I forget things' jones

Multiple copies of both inodes and data blocks are stored on disk, so that if one or more copies are destroyed then hopefully others will remain intact.

Hopefully! this is my data, not my lottery ticket! i need a bit more reliability than a "hopefully".

i haven't used StegFS, though, so perhaps this hopefully works out to be more theoretical than it sounds, but i'd still like a guarantee that my data will be there unless i choose to delete it. Yeah i know that's tough given the whole deniability thing, but still, i'd like that guarantee.

The last question in the FAQ will help you out.

My bank uses a PIN which is a minimum of 4 digits long. I believe the maximum is 12. This solves the length problem.

How would I prove that I wasn't the one who used my PIN at an ATM (or several) to clear out my account? Anyone have an answer that can put my mind at ease?

In a word, no. Here in the UK, there was an unpleasant case some years back when the banks tried to do just that -- covering up security flaws in their ATM machines and prosecuting the man who had suffered from their errors when he protested about unauthorised withdrawals from his account.

There's a selection of relevant papers on Ross Anderson's website: read up on the subject here. "Why Cryptosystems Fail" is probably the most immediately rewarding, given your concerns.

10,000 combinations ~= somewhere between 13 and 14 bits of security. It is entirely feasible for a quick P4 to encrypt every single PIN within an hour, with time left over to play Unreal Tournament.

But if you read their page about how PIN works it becomes aparrent that you still need the derivation key, which is the hard bit to get.

Fake ATMs have been installed in shopping malls, collecting PINs and ATM cards from unsuspecting victims

LOL! Someone did a whole bunch of these in the UK a couple of years ago. Looked and smelled like an ATM, but took the PIN then complained that the card was borked, or something. Easy EASY kill.

because PINless credit card fraud is still so easy.

Exactly. 1e6+1 easier ways of stealing money than opening an ATM with an oxy-acetylene, spending two days cracking it with an FPGA and using all that to hack the banks comms. Easier to just look over some lamers shoulder then pick their pocket. Not that I would know. Not at all.

Dave

ISO8601 defines an international standard format for date/time which avoids some of the issues of other formats, like wrong sort order and ambiguity. It is summarized here: http://www.cl.cam.ac.uk/~mgk25/iso-time.html

This won't be any use for the poster, but might help someone

I became completely fed up with my CompSci degree in the 2nd year - ended up getting a very low 3rd, and a chat with the warden to see if I wanted to carry on at the university; As it happened I had a gap year coming up - and this really changed my perspective - I found that academia really was massively more interesting than being an analyst, and when I read the course books (which only a few months ago, I had been forced to read) for the sheer hell of it, it turned out that I still found them interesting.

After that it was really a case of properly focussing on why I wanted to do the degree in the first case - binning the courses I loathed but had been forcing myself to do (Yeuch) and really spending some quality time with the things I would have done even had I not gone to uni.

So, anyway - focus on the things you enjoy about the course, ditch the courses which you feel obliged to do, but you really hate. Bit trite, but it worked great for me.

A good description of the process which results in the ozone hole can be found here.

Basically, the intense cold of an antarctic winter creates a vortex which isolates the air over the south pole, and allows build up of the CFCs. When the summer comes, the Chlorine from the CFCs acts as a catalyst to destroy the ozone.

It now seems to be well understood - but it's one of those things that nobody could have predicted before it happened.

PDF (thanks to ps2pdf.com) available at http://homer.artificialcheese.com/fccm01_pilchard. pdf (I'm not putting an HTML link in for a reason, I don't want everyont to get it from me)
PLEASE MIRROR! I dont have nearly enough bandwidth to withstand the /. effect!

Done - mirror here Should be enough bandwidth - couple of megabits available - if not, I'll move it to a bigger box next door...

www.cl.cam.ac.uk

Hey, It's all about the stack...
&nbsp RPN stands for Reverse Polish Notation. The short history:
&nbsp In the 1920's Polish mathematician (and philosopher) Jan Lukasiewicz developed "Polish Notation" where the operators preceded the arguments. This was in the interest of simplifying symbolic algebra. Later in the 1960's HP found this to be an efficient method of performing calculations and implemented it, but instead had the operators entered after the arguments - hence REVERSE Polish Notation. This allowed intermediate calculation results to be kept on the stack and evaluated later WITHOUT ROUNDOFF ERROR that resulted from copying down the displayed results and entering them later. So not only was this more efficient, it also became a more accurate methodology! Due to the technological limitations of the time, it also allowed full algebraic calculations to be performed.
&nbsp You can read a lil more at the following sites: http://www.calculator.org/rpn.html http://www.hpmuseum.org/rpn.htm http://www-stone.ch.cam.ac.uk/documentation/rrf/rp n.html
&nbsp Best of luck going back to school. May you never stop learning!

Sounds a bit Urban-Mythy...
http://www.quns.cam.ac.uk/Queens/Images/WinBridg.h tml

UTF-8 and Unicode FAQ for Unix/Linux

A very useful resource on Unicode is this page, written by Markus Kuhn. In particular you may be interested in How do I have to modify my software?; while it does concentrate on Unix, the general principles should be the same on any OS.

A very useful resource on Unicode is this page, written by Markus Kuhn. In particular you may be interested in How do I have to modify my software?; while it does concentrate on Unix, the general principles should be the same on any OS.

Andrea is a friggin female, you have to say her VM alternative.

I did, however, turn up this article on the booming economy of Northern Iraq (from Radio Free Europe), attributed there to thriving black market exports to Turkey, Iran, and southern Iraq. Interestingly, Rubin points out that during his visit to the area in Iraq he claims is doing so well, he "I watched smugglers load sacks of rice and grain (and whiskey) for export", which is consistent with the more left-wing report from the area.

What's more, in the north, the UN takes responsibility for distributing the cash from the oil sales provided by the inefficient oil-for-food program ("the north ... can use the money to finance U.N.-approved projects"), while Hussein is allowed to use the money as he pleases.

But with (hardly unreasonable) statements from the UN such as "Iraq... is liable under international law for any direct loss, damage, including environmental damage and the depletion of natural resources, or injury to foreign Governments, nationals and corporations, as a result of Iraq's unlawful invasion and occupation of Kuwait" and the immediately following "all Iraqi statements made since 2 August 1990 repudiating its foreign debt are null and void", they have other things to deal with. In fact, Iraq's economy was not doing well before the war, and has sagged ever since due to the sanctions (see Kamil Mahdi, Rehabilitation Prospects for the Iraqi Economy, which conflicts to a certain extent with the reports of illicit trade supporting the northern economy, but only by deemphasizing its impact on the areas nearest the markets for it).

You are, of course, correct in pointing out that US and UN actions are two very separate things--but I would argue that this does not extend to the actions of the Security Council. I am also embarrassed for speaking before I knew what I was saying. However, I am not convinced.

Steganography programs now extend beyong just gifs, bmps and jpegs. There is a program available to allow files to be hidden within MP3s.

They are encoded deep within the mp3 encoding process (optional encrytion and all that obviously) so detecting them can be almost impossible.

The added advantage for MP3s is the file size... try hiding anything big in a gif and you're going to need an image as big as a whale.

A good place to starting looking into steganography stuff (and a whole range of neat crypto is Ross Anderson's homepage at Cambridge University.