Slashdot Mirror

Fair enough on your pedantry, so what I should have said is perhaps "often enough". Case in point:

https://web.nvd.nist.gov/view/...

There is no logical reason that should be a 10, unless I am missing something. I presume that Hanno is the guy who found it ... "The bug does not crash less, it can only be made visible by running less with valgrind or compiling it with Address Sanitizer. The security impact is likely minor as it is only an invalid read access."

https://blog.fuzzing-project.o...

That was just the first and most graphic example that came to mind. Otherwise we largely agree, especially that fear makes money right now and for always. I don't have much of an opinion on CVSSv3, not having used it. v2 works well enough for my needs at present.

Why do we even bother with this? Why can't we just let noon move a second. Even after a hundred years it won't make any difference. Time zones on average vary in the suns position by a whole hour so a 1 sec variation of the solar zenith makes no difference. Anstronomers will still be able to find there stars.

Agreed. This is all nonsense. Even NIST admits that it's basically for legacy astronomical equipment. But any astronomer who needs real precision needs to deal with fractional-second corrections all the time now anyway, and there are published tables that allow one to do this. (For the current correction to convert from UTC to UT1, see here, which gives values accurate to +/-5 milliseconds.)

If we ever got maybe a minute or more off, I could possibly see the reason for a correction. But a second? Who cares? As I said, the very small number of people who actually need to use UT1 mostly do fractional-second conversions all the time anyway, as leap seconds aren't precise enough to keep up with the continuous variation.

Why do we even bother with this? Why can't we just let noon move a second. Even after a hundred years it won't make any difference. Time zones on average vary in the suns position by a whole hour so a 1 sec variation of the solar zenith makes no difference. Anstronomers will still be able to find there stars.

Agreed. This is all nonsense. Even NIST admits that it's basically for legacy astronomical equipment. But any astronomer who needs real precision needs to deal with fractional-second corrections all the time now anyway, and there are published tables that allow one to do this. (For the current correction to convert from UTC to UT1, see here, which gives values accurate to +/-5 milliseconds.)

If we ever got maybe a minute or more off, I could possibly see the reason for a correction. But a second? Who cares? As I said, the very small number of people who actually need to use UT1 mostly do fractional-second conversions all the time anyway, as leap seconds aren't precise enough to keep up with the continuous variation.

Including the US.

Much of commerce and daily life in the US uses a customary system of measurements that traces its origins to England, before the revolution.

In 1859 the UK adopted a reformed and rationalized system of weights and measures that was binding on itself and its Imperial possessions, including about a quarter of the Earth's surface at that time.

The US did not adopt that system. Although in 1959, the US and the Imperial system countries adopted a common definition of the yard in SI units.

There are extensive differences between the US customary and Imperial systems, especially in units of volume and in larger units of weight.

All of this is explained by the National Institute of Standards and Technology [NIST, a division of the US Department of Commerce [nist.gov]] in Appendix B "Units and Systems of Measurement Their Origin, Development, and Present Status" to their publication Handbook 44 "Specifications, Tolerances, and Other Technical Requirements for Weighing and Measuring Devices" [PDF].

While we are correcting misconceptions, the SI system (often called metric) is lawful in the US, and has been so since 1866, and dominates several important activities, such as health care, and the military. What the US has not done, and probably will never do, is outlaw, the customary system.

I am not sure that Mr. Chaffee understands the issue.

Let me start by quoting the National Institute of Standards and Technology [NIST a division of the US Department of Commerce]. Appendix B "Units and Systems of Measurement Their Origin, Development, and Present Status" to their publication Handbook 44 "Specifications, Tolerances, and Other Technical Requirements for Weighing and Measuring Devices" [pdf] states:

2.2.5. Status of the Metric System in the United States.

The use of the metric system in this country was legalized by Act of Congress in 1866, but was not made obligatory then or since.

* * *

Since 1970, actions have been taken to encourage the use of metric units of measurement in the United States. A brief summary of actions by Congress is provided below as reported in the Federal Register Notice dated July 28, 1998.

Section 403 of ... the Education Amendment of 1974, states that it is the policy of the United States to encourage educational agencies and institutions to prepare students to use the metric system of measurement as part of the regular education program. Under both this act and the Metric Conversion Act of 1975, the âoemetric system of measurementâ is defined as the International System of Units ... interpreted or modified for the United States by ... the National Institute of Standards and Technology.

Section 5164 of ... the Omnibus Trade and Competitiveness Act of 1988, amends ... The Metric Conversion Act of 1975. ... read[s] as follows:

âoeSec. 3. It is therefore the declared policy of the United Statesâ"

(1) to designate the metric system of measurement as the preferred system of weights and measures for United States trade and commerce;

(2) to require that each federal agency, by a date certain and to the extent economically feasible by the end of the fiscal year 1992, use the metric system of measurement in its procurements, grants, and other business-related activities, except to the extent that such use is impractical or is likely to cause significant inefficiencies or loss of markets to U.S. firms ... ;

(3) to seek ways to increase understanding of the metric system of measurement through educational information and guidance and in government publications; and

(4) to permit the continued use of traditional systems of weights and measures in nonbusiness activities.â

The Code of Federal Regulations makes the use of metric units mandatory for agencies of the federal government. (Federal Register, Vol. 56, No. 23, page 160, January 2, 1991.)

Perhaps Mr. Chaffee wants non-metric units to be outlawed. That is not US policy (see above). I doubt that there is any enthusiasm for changing the policy, or any money to implement such a change.

I am not sure that Mr. Chaffee understands the issue.

Let me start by quoting the National Institute of Standards and Technology [NIST a division of the US Department of Commerce]. Appendix B "Units and Systems of Measurement Their Origin, Development, and Present Status" to their publication Handbook 44 "Specifications, Tolerances, and Other Technical Requirements for Weighing and Measuring Devices" [pdf] states:

2.2.5. Status of the Metric System in the United States.

The use of the metric system in this country was legalized by Act of Congress in 1866, but was not made obligatory then or since.

* * *

Since 1970, actions have been taken to encourage the use of metric units of measurement in the United States. A brief summary of actions by Congress is provided below as reported in the Federal Register Notice dated July 28, 1998.

Section 403 of ... the Education Amendment of 1974, states that it is the policy of the United States to encourage educational agencies and institutions to prepare students to use the metric system of measurement as part of the regular education program. Under both this act and the Metric Conversion Act of 1975, the âoemetric system of measurementâ is defined as the International System of Units ... interpreted or modified for the United States by ... the National Institute of Standards and Technology.

Section 5164 of ... the Omnibus Trade and Competitiveness Act of 1988, amends ... The Metric Conversion Act of 1975. ... read[s] as follows:

âoeSec. 3. It is therefore the declared policy of the United Statesâ"

(1) to designate the metric system of measurement as the preferred system of weights and measures for United States trade and commerce;

(2) to require that each federal agency, by a date certain and to the extent economically feasible by the end of the fiscal year 1992, use the metric system of measurement in its procurements, grants, and other business-related activities, except to the extent that such use is impractical or is likely to cause significant inefficiencies or loss of markets to U.S. firms ... ;

(3) to seek ways to increase understanding of the metric system of measurement through educational information and guidance and in government publications; and

(4) to permit the continued use of traditional systems of weights and measures in nonbusiness activities.â

The Code of Federal Regulations makes the use of metric units mandatory for agencies of the federal government. (Federal Register, Vol. 56, No. 23, page 160, January 2, 1991.)

Perhaps Mr. Chaffee wants non-metric units to be outlawed. That is not US policy (see above). I doubt that there is any enthusiasm for changing the policy, or any money to implement such a change.

Hasn't "Don't roll your own crypto, dumbass" been one of the cardinal rules of security since sometime before WEP violated it?

The least you can do is implement a real algorithm; but screw it up somehow (key handling is always a good place for that); but just making it up? How did they sneak this past a standards body?

WEP used a standard algorithm - RC4. They just accidentally screwed it up because of the way RC4 works (related to key handling and IVs).

A homegrown algorithm for WiFi is TKIP, which was created because RC4 had hardware acceleration, while AES didn't at the time. So they created TKIP to leverage the hardware crypto alongside several protections to mitigate several shortcomings that were found.

Even for something as simple as AES it's a chore to find an open implementation that's actively being maintained and that works with your system; and when you do one of your expensive security consultant mandates that you stop using AES for being too old and not cool enough.

AES is fixed by standard. There is no need to "maintain" it - as long as the code compiles properly you're done.

And for AES, because it's an official encryption algorithm, NIST has the official specification document, and the original author has the reference code.

Of course, the vast majority of people will just use OpenSSL or LibreSSL, being BSD licensed and all that. Even on embedded systems there is often a reference AES implementation.

That alone should be disincentive to roll your own algorithm - the fact that the standard ones are available everywhere for practically no cost and very little effort. Why write your own algorithm when you can copy and paste an existing one in? Even the lazy should see the benefits.

How many vulnerabilities is there in Ubuntu 6?

39 total vulnerabilities, 7 high severity, 27 medium severity, 5 low severity.

http://www.gfi.com/blog/most-v...

Debian Sid?

Couldn't find that. It's in NVD though, if you're really interested.

https://nvd.nist.gov/

Windows XP is FIFTEEN YEARS OLD

No it's not. It's still under development, and there is almost nothing left of the codebase from the original XP when you have patched up an XP install.

Otherwise Linux is TWENTYFOUR YEARS OLD, but you know, writing that in all caps as if it means something just seems silly. Because it is.

And hardly any of the Linux vulnerabilities allow a web client attack, like a whole slew of the Windows ones do. Because Linux does not have a web browser with kernel access. Therefore, the low level vulnerabilities in Linux are not like the low level vulnerabilities you are used to.

Or you could just go with my favorite, n-acetyl-para-aminophenol (shortened to APAP in the pharmacy trade). Bottom line is that there are lots of ways to write chemical names, all correct. See here.

two planes, three towers

You might try science instead of conspiracy theories about the US government.*

Questions and Answers about the NIST WTC 7 Investigation
Final Report on the Collapse of World Trade Center Building 7...

*There actually was a conspiracy by the group known as al Qaida, formerly led by Osama Bin Laden. Building 7 was part of the fallout.

two planes, three towers

You might try science instead of conspiracy theories about the US government.*

Questions and Answers about the NIST WTC 7 Investigation
Final Report on the Collapse of World Trade Center Building 7...

*There actually was a conspiracy by the group known as al Qaida, formerly led by Osama Bin Laden. Building 7 was part of the fallout.

Well, I use Python on a regular basis, I'm well-known in my circles as the guy who exploited vulnerabilities in the radio software and bootloaders of 4 Android phones, and broke the RSA protection on the RAZR V3. I also worked on the early iPhones and developed a way to dump and decrypt bootloader blocks by manipulating the kernel page tables once we had temporary root.
https://web.nvd.nist.gov/view/... references my code and an exploit I discovered and was also widely used.
I've been mentioned in a book, invited to security conferences, and written piles of kernel-level and below code. I wouldn't call myself a dumbass, and I don't know many who would. Python's indentation still sucks my ass. Maybe my brain is just programmed to want structure in a way that's more flexible, I don't know. But I fucking hate it. I stumble across it frequently and get highly annoyed with its constraints. I think those are definitely valid complaints, even if they may only apply to me. Flexibility wins.
You're also a closed-minded dick.

https://web.nvd.nist.gov/view/...

The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface, aka Bug ID CSCun77435.

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score: 6.9 (MEDIUM) (AV:L/AC:M/Au:N/C:C/I:C/A:C) (legend)
Impact Subscore: 10.0
Exploitability Subscore: 3.4

CVSS Version 2 Metrics:
Access Vector: Locally exploitable
Access Complexity: Medium
Authentication: Not required to exploit
Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

Silly! How would that channel extra funds to NIST?

http://tf.nist.gov/time/common...

Because NIST developed the "Common view time transfer using the GPS system"...

Because NIST has a finger in everything having to do with measurement?

Clearly, you'll never be a politician, son!

but I bet they can be blamed on C.

Well, it could have be written in python and have broken SSL support for years...

https://web.nvd.nist.gov/view/...

Fact is, a language doesn't fix stupid programming. There's always gonna be some bimbo that doesn't think he needs to check the length of a string, or check that the SSL certificate matches the host..

When a fix for CVE-2014-9295 was already available to build and install on the day, I sent support.ntp.org $100 without hesitation. And was vaguely hoping the rest of civilization -- the part for whom the whole of that sentence was meaningful, anyway -- might do the same. I'm glad a little light is being thrown on some of the infrastructure we take for granted ... worth consideration if you support the FOSS model philosophically, and have a few $ to spare to back it up.

The same NIST that pushed the adoption of Dual_EC_DRBG even when it was evident that it was flawed? I mean, even the organizations that nobody trusts, like the NSA, publish helpful guides and information.

1 second is defined by the SI as the amount of time it takes light to travel 299792458m in vacuo.

Actually, no. It is defined in terms of the period of radiation from the transition between two hyperfine states of Cesium 133.

http://physics.nist.gov/cuu/Un...
http://en.wikipedia.org/wiki/S...

Look at your shoes. Did they need to pass regulations to make your shoes not terrible?

Yes

You don't buy the ones that are bad.

People will happily buy terrible shoes. Quality has nothing to do with economic success.

There shouldn't be just one organization with those two jobs. There should be an open, well-funded office in, say the National Institute for Standards and Technology that searches for vulnerabilities and has a responsible disclosure policy for everything it finds.

The Government has had this problem before - there used to be one body that handled both promotion and regulation of atomic energy in the US, the US Atomic Energy Commission. In 1974 it got broken up into two agencies, the Nuclear Regulatory Commission (the regulator) and the Energy Research and Development Administration (the promoter).

This feels like a blast from the past, specifically the Trusted Computer System Evaluation Criteria (TCSEC) aka the "Orange Book."

DoD 5200.28-STD - December 26, l985

4.1 CLASS (A1): VERIFIED DESIGN

Systems in class (A1) are functionally equivalent to those in class (B3) in that no additional architectural features or policy requirements are added. The distinguishing feature of systems in this class is the analysis derived from formal design specification and verification techniques and the resulting high degree of assurance that the TCB is correctly implemented. This assurance is developmental in nature, starting with a formal model of the security policy and a formal top-level specification (FTLS) of the design. Independent of the particular specification language or verification system used, there are five important criteria for class (A1) design verification:

4.2 BEYOND CLASS (A1)

Most of the security enhancements envisioned for systems that will provide features and assurance in addition to that already provided by class (Al) systems are beyond current technology. The discussion below is intended to guide future work and is derived from research and development activities already underway in both the public and private sectors. As more and better analysis techniques are developed, the requirements for these systems will become more explicit. In the future, use of formal verification will be extended to the source level and covert timing channels will be more fully addressed. At this level the design environment will become important and testing will be aided by analysis of the formal top-level specification. Consideration will be given to the correctness of the tools used in TCB development (e.g., compilers, assemblers, loaders) and to the correct functioning of the hardware/firmware on which the TCB will run. Areas to be addressed by systems beyond class (A1) include:

DEF CON 20 - Tom Perrine - Creating an A1 Security Kernel in the 1980s

DEF CON 20 Archive

Depends on the headlines you read.

http://web.nvd.nist.gov/view/v...

If you get your server administration advice from CNN's front page, perhaps your employer is not getting his/her money's worth.

Versions affected go all the way back to BASH 1.14.0
which dates from 1994. So that's 20 years.

http://web.nvd.nist.gov/view/v...

The "With many eyes all bugs are shallow" myth is busted again.

Bash 1.14.0, see http://web.nvd.nist.gov/view/v...

So, >20 years

"After complaining about click-baiting laden titles, in your own writing at the link you provided, that's a pretty ironic statement." It's not a statement. It's a question, rhetorically delivered, that addresses a legitimate concern. Here's a fun game for the whole family: go to LinkedIn, and do a search for the string "29119". Note the preponderance of consultancies that offer services in interpreting and explaining 29119. Have a look at the constituency of the working group; note the overlap between those companies and those who are enthusiastic suppliers to the ISTQB certification mills. Have a look at the minutes of the meetings of the working group, and look for phrases like "marketing the standard" (rather than, say publicizing the standard). Are you really trying to claim that your business and yourself have no financial motivation in your actions? Or do you do all of your consulting gratis, merely on principle alone? That's another FAQ. “In one sense, it won’t make any difference to my business if 29119-1, 29119-2, and 29119-3 are left to stand, and if 29119-4 and 29119-5 move from draft to accepted. Rapid Software Testing is about actual testing skills—exploration, experimentation, critical thinking, scientific thinking, articulate reporting, and so forth. That doesn’t compete with 29119, in the same kind of way that a fish restaurant doesn’t compete with the companies that make canned tuna. We object to people manipulating the market and the ISO standards development process to suggest to the wider world that canned tuna is the only food fit for people to eat. I discuss that here: http://www.developsense.com/bl... “In another sense, 29119 could be fantastic for my business. It would offer me a way to extend the brand: how to do excellent, cost-effective testing that stands up to scrutiny in contexts where some bureaucrat, a long way away from the development project, was fooled into believing that 29119 was important. At the moment, I’m happy to refer that kind of business to colleagues of mine, but I suspect that it would be something of a gold mine for me. Yet still I oppose 29119, because what’s in my interest may not be in the interests of my clients and of society at large. “Let me be specific: There are existing standards for medical devices, for avionics, and the like. Those standards matter, and many of them are concise and well-written, and were created by genuine collaboration among interested parties. Testers who are working on medical devices or on avionics software have a limited number of minutes in the working day. As someone who flies a lot, and as someone who is likely to require the help of medical devices in the foreseeable future, I would prefer that those testers spend as many minutes as humanly possible actually investigating the software, rather than complying (authentically, pathetically, or maliciously) to an unnecessary standard for process modeling, documentation, and strategizing (a standard for developing a strategy—imagine that!). "You are free to ignore this standard" Yes, of course I am... until it creeps into regulation as the NIST points out in the second-last paragraph here: http://www.nist.gov/standardsg... ---Michael B.

As you said, the best we can realistically do is graybodies where emissivity = absorptivity. If you'd like to use a different emissivity just let me know, and we can both independently calculate the required electricity to check each other's answers.

After considering the situation I changed my mind. Since we are discussion what is supposed to be a real model of a real situation, we can use real emissivity and absorptivity. ... [Jane Q. Public, 2014-09-02]

You were right when you said the best we can realistically do is graybodies where emissivity = absorptivity. Otherwise we'd need to derive a new equation where heat transfer is an integral over wavelengths. In other words, we'd have to recreate MODTRAN. I simply don't have time for that.

After considering the situation I changed my mind. Since we are discussion what is supposed to be a real model of a real situation, we can use real emissivity and absorptivity. And the emissivity of aluminum (as you pointed out yourself some time ago) is different from the absorptivity by a factor of about 3. The ESA figures are observed figures for aluminum plates in near-vacuum, so those figures would appear to be perfect. [Jane Q. Public, 2014-09-02]

I've never pointed that out. I've repeatedly shown you Goodman 1957 where Table 1 lists aluminum's emissivity as 0.113 from 100C to 300C.

In contrast, you're citing ESA figures from page 32 which are at 0K (-273C). But nothing in this experiment is anywhere near that cold.

Also note that Goodman 1957 specifically tests the gray body approximation and concludes that "Pure aluminum appears to act like a gray body when its radiating surfaces are at temperatures lower than 400C."

Again, if you'd like to use a different emissivity just let me know, and we can both independently calculate the required electricity to check each other's answers.

THERE IS NO THERMODYNAMIC EQUILIBRIUM IN THIS EXPERIMENT. There is a steady-state, but no actual equilibrium. That is not possible, because we are actively pumping heat in at one "end", and pumping it out of the other. Since one of the requirements of thermodynamic equilibrium is that all surfaces be at the same temperature ... [Jane Q. Public, 2014-09-02]

We might be talking past each other. What you're calling steady-state is what I'm calling equilibrium. Radiative thermodynamic equilibrium doesn't require all surfaces to be at the same temperature, it simply means that temperatures don't change with time. At radiative equilibrium, power in = power out, which also means irradiance in = irradiance out.

... Kircchoff's law does not apply to this experiment, and no situation arises in which the temperatures are the same everywhere, or the emissivities vs absorptivities. There is a steady-state arising from active (but constant) exchange. But there is no equilibrium. [Jane Q. Public, 2014-09-02]

Earlier, when I saw your mentions of equilibrium, I thought you were referring to the

As you said, the best we can realistically do is graybodies where emissivity = absorptivity. If you'd like to use a different emissivity just let me know, and we can both independently calculate the required electricity to check each other's answers.

After considering the situation I changed my mind. Since we are discussion what is supposed to be a real model of a real situation, we can use real emissivity and absorptivity. ... [Jane Q. Public, 2014-09-02]

You were right when you said the best we can realistically do is graybodies where emissivity = absorptivity. Otherwise we'd need to derive a new equation where heat transfer is an integral over wavelengths. In other words, we'd have to recreate MODTRAN. I simply don't have time for that.

After considering the situation I changed my mind. Since we are discussion what is supposed to be a real model of a real situation, we can use real emissivity and absorptivity. And the emissivity of aluminum (as you pointed out yourself some time ago) is different from the absorptivity by a factor of about 3. The ESA figures are observed figures for aluminum plates in near-vacuum, so those figures would appear to be perfect. [Jane Q. Public, 2014-09-02]

I've never pointed that out. I've repeatedly shown you Goodman 1957 where Table 1 lists aluminum's emissivity as 0.113 from 100C to 300C.

In contrast, you're citing ESA figures from page 32 which are at 0K (-273C). But nothing in this experiment is anywhere near that cold.

Also note that Goodman 1957 specifically tests the gray body approximation and concludes that "Pure aluminum appears to act like a gray body when its radiating surfaces are at temperatures lower than 400C."

Again, if you'd like to use a different emissivity just let me know, and we can both independently calculate the required electricity to check each other's answers.

THERE IS NO THERMODYNAMIC EQUILIBRIUM IN THIS EXPERIMENT. There is a steady-state, but no actual equilibrium. That is not possible, because we are actively pumping heat in at one "end", and pumping it out of the other. Since one of the requirements of thermodynamic equilibrium is that all surfaces be at the same temperature ... [Jane Q. Public, 2014-09-02]

We might be talking past each other. What you're calling steady-state is what I'm calling equilibrium. Radiative thermodynamic equilibrium doesn't require all surfaces to be at the same temperature, it simply means that temperatures don't change with time. At radiative equilibrium, power in = power out, which also means irradiance in = irradiance out.

... Kircchoff's law does not apply to this experiment, and no situation arises in which the temperatures are the same everywhere, or the emissivities vs absorptivities. There is a steady-state arising from active (but constant) exchange. But there is no equilibrium. [Jane Q. Public, 2014-09-02]

Earlier, when I saw your mentions of equilibrium, I thought you were referring to the

[shameless plug, but apropros] - my company's Kaje Picture Passwords for the Web would have prevented these attacks almost completely. (I say "almost" because, well, "never say never".) We published a press release about this two weeks ago: Bright Plaza offers “Kaje” Website Security Solution to Russian Hacker Password Breach. Using Kaje, the password is no longer stored on the website so these breaches could not have exposed the passwords. Kaje never knows anything about the user other than the anonymous ID sent by the website.

Had all those websites been using Kaje, these breaches would not have resulted in the huge potential liability and recovery costs that so many businesses will be facing. From Sony a few years ago to Target and EBay recently, and now this Russian thing, password breaches are causing billions of dollars in damages, often borne by website owners - in some cases thousands of dollars per user. Health care and financial services websites are particularly subject to financial penalties from regulatory bodies as well as civil litigation. In comparison, the Kaje service costs fractions of a cent per use for large users.

A Picture Password, which was demonstrated to be easier to use and more secure than text passwords by NIST as early as 2003 (using an earlier, less secure methodology), is more difficult to crack as well as resistant to man-in-the-middle attacks. The Kaje service has an HTTPS RESTful API, is compatible with OpenID, SAML, and other SSO systems, and plugins are available for Drupal and WordPress with others coming soon. Using Kaje basically requires SSL, one or two additional columns for the anonymous ID sent to Kaje by the website The first 10,000 uses are free, so smaller websites can use it for years without paying anything, while larger ones can try it out, do testing and prototyping with no cost or obligation.

If anyone is interested, check out Kaje or contact me through the website. We're looking for both website (customers) and web services (hosting, CMS vendors, developers), who can apply to be Kaje Affiliates and receive a commission from us by offering discounts to their customers.

... It is the engineering textbook answer. Claiming it is nonsense does not make it so. It was your own model that violated conservation of energy. But to see why, it's easiest to solve the general case first, then look at a specific case. I told you I had reasons to solve the general case first. ... Well, then, I guess you do admit defeat. It doesn't take much time to obtain a textbook on the subject (you were given references 2 years ago and it's not that hard to find others) ... [Jane Q. Public, 2014-09-01]

No, the PSI Sky Dragon Slayers told you it's the engineering textbook answer. I showed you MIT's final expression which reduces to my Eq. 1 for blackbodies, and is consistent with these equations and Eq. 1 in Goodman 1957. Physicists and engineers have been using thermodynamics for decades in the real world that contradicts Dr. Latour's Slayer nonsense.

That's why Jane, Dr. Latour and the rest of the Slayers disagree with the American Institute of Physics, the American Physical Society, the Australian Institute of Physics, and the European Physical Society.

... I am disputing that given reasonable chosen dimensions it is anywhere near an intractable problem. ... [Jane Q. Public, 2014-09-01]

I never said the problem is intractable. Just that it's more complicated than the spherically symmetric problem. Again, do you dispute that equilibrium temperatures for a non-enclosing plate would vary across the plate surfaces rather than being simple numbers like with a spherically symmetric fully enclosing plate?

Maybe I should explain that. Consider Dr. Spencer's first illustration. Presumably the heated plate at "150F" has finite conductivity, so its lack of spherical symmetry means that its corners will be cooler than the plate's side's midpoints. That's because the corners are closer to the cold chamber walls than those midpoints.

An integral over the heated plate's surface might average to "150F" but (unlike a spherically symmetric plate) it can't have that temperature everywhere as long as it has finite conductivity. But at least the single heated plate has bilateral symmetry; the left and right hand side midpoints have the same temperature.

Adding a cool plate removes even that bilateral symmetry. The left hand side's midpoint warms the least because it's still radiating to the 0F chamber walls. The right hand side's midpoint warms the most because it's now radiating to the (initially) 100F cold plate.

Since enclosing a spherically symmetric plate warms it from 150F to ~233.8F for area ratios similar to Earth's, the right hand side's midpoint won't warm past ~233.8F. But it has to warm to conserve energy because at equilibrium power in = power out.

I can't be more specific without programming a finite element model. But Dr. Latour never even allowed for the heated plate's temperature to be different on each side. As long as we're only considering materials with finite conductivity, this would only be poss

... you KNOW Latour was correct. And it isn't just him. TEXTBOOKS about practical applications of thermodynamics say so. ... [Jane Q. Public, 2014-08-30]

Again, I already showed you that MIT's equation reduces to my Eq. 1 for blackbodies, and is consistent with these equations and Eq. 1 in Goodman 1957. I've stressed that this thought experiment has been tested for decades in the real world. Radiation shields allow for more accurate measurements of gas temperatures using thermocouples:

"The greatest problem with measuring gas temperatures is combatting radiation loss. ... surround the probe with a radiation shield ... The thermocouple bead radiates to the shield which is much hotter than the surrounding walls. Thus the radiative loss and hence temperature error is significantly reduced. The shield itself radiates to the walls."

These radiation shields have been used since at least Daniels 1968 (PDF), and they work like Dr. Spencer's insulating plate. They slow radiative heat loss from the hotter thermocouple. If Jane and Dr. Latour's Sky Dragon Slayer misinformation is correct, why have accurate thermocouples used radiation shields since at least 1968? Isn't that an example of a "real world" situation that's ultimately what we're talking about?

But its inner temperature ISN'T 149.6F [Jane Q. Public, 2014-08-30]

After twice pretending that I'd claimed the inner temperature wasn't equal to its outer temperature of 149.6F... now you make that incorrect claim yourself? Bizarrely, I have to point out that a thermal superconductor enclosing shell will have an inner temperature equal to its outer temperature, exactly as I originally said.

This reminds me of your other similar mistake that you haven't acknowledged:

A plate near the heat source is NOT even remotely the same as closing the drain on a bathtub, because the total power out of the system (it's a closed system with heat being removed, remember?) remains constant, as you have so conveniently observed. [Jane Q. Public, 2014-08-28]

Completely backwards, as usual. I've never observed any such ridiculous nonsense. That's actually Jane's ridiculous "observation" which I've already tried to correct:

"... Hopefully it's also clear that Jane's also wrong to claim that the power used by the cooler is required to be constant. The chamber wall temperature is held constant, so the power used by the cooler temporarily decreases after the enclosing plate is added, until it reaches equilibrium."

I've repeat

Nice try, but the fact that the aircraft are all moving in relationship to each other plus the fact that the interconnect signals are only traveling between them as fast as the radar signals they receive means trying to triangulate with timing differences would be close to impossible.

The reason GPS works is the satellites are synced to an atomic clock source to a billionth of a second accuracy, along with dynamic orbital-correction information to give the exact distance to the satellite. Even with the new "atomic clock on a chip" to give distances, their spacial locations would be unknown. http://www.nist.gov/public_aff...

Newer planes use a phase-array antenna system to give azimuth (direction) to the signal source. With multiple planes receiving directional information and sharing that information between themselves, a location can be determined. As with your timing approach, the more receivers and wider the separation, the better the accuracy. http://www.microwaves101.com/e...

~~

When you respond to a call for comments from a federal agency, don't say it sucks. Say what's wrong and provide solutions.
Solutions should come in the form of exact text changes that the editor can copy and paste into the document. People are lazy. Text talks.

See this: http://csrc.nist.gov/publicati...

In my comments, each comment comes with a resolution..
E.G.

The diagram shows inputs to functions including entropy, personalization string, nonce and Additional input. However the text calls out only the
nonce input as being optional. By omission it leaves the optionality of the other inputs ambiguous. In a specification, where there is a list of items,
some optional, some mandatory, it is necessary to identify the optional or mandatory nature of every item.
Also, “depending on the implementation” is redundant and adds no meaning.
Proposed resolution:
Replace
Figure 1 provides a functional model of a DRBG (i.e., one type of RBG). A DRBG uses a DRBG mechanism and a source of entropy
input, and may, depending on the implementation of the DRBG mechanism, include a nonce source. The components of this model are
discussed in the following subsections.
With
Figure 1 provides a functional model of a DRBG (i.e., one type of RBG). A DRBG shall implement an approved DRBG algorithm and at
least one approved source of entropy input, and may include additional optional sources including a nonce source, personalization string,
and additional input. The components of this model are discussed in the following subsections.
 

Humanity is emitting about one Yellowstone Supervolcano per year, or two Pinatubos per day.

Even assuming that the CO2 is natural, the forcing would still be a problem. The idea that the natural CO2 cycle is little-studied is lunatic. Aside from laboratory experiments on CO2 absorption spectra measuring the "global scale CO2 cycle" is practically the entirety of climate science.

A pound is a unit of weight and can correspond to any kg mass, determined by the gravity of the place where it is being measured.

Weight is dependent on gravity, mass is not. Welcome to 5th grade science class

Which is why the metric system has separate units for mass and weight/force.

But that's not the case with the pound, it is used for both (sometimes, but not always more specifically as pound-force or pound-mass)

http://en.wikipedia.org/wiki/P...

The pound or pound-mass (abbreviations: lb, lbm, lbm, [1]) is a unit of mass used in the imperial, United States customary and other systems of measurement. A number of different definitions have been used, the most common today being the international avoirdupois pound which is legally defined as exactly 0.45359237 kilograms, and which is divided into 16 avoirdupois ounces.

Don't believe Wikipedia? How about the NIST?

http://physics.nist.gov/Pubs/S...

MASS and MOMENT OF INERTIA: To convert from pound (avoirdupois) (lb) to kilogram (kg)

http://physics.nist.gov/Pubs/S...

FORCE: To convert from pound-force (lbf) to newton (N)

The real world is not always as simple as what you learned in 5th grade science, when your teacher said "The pound is a unit of weight, not mass", he was correct and incorrect at the same time due to the ambiguous nature of the unit.

A pound is a unit of weight and can correspond to any kg mass, determined by the gravity of the place where it is being measured.

Weight is dependent on gravity, mass is not. Welcome to 5th grade science class

Which is why the metric system has separate units for mass and weight/force.

But that's not the case with the pound, it is used for both (sometimes, but not always more specifically as pound-force or pound-mass)

http://en.wikipedia.org/wiki/P...

The pound or pound-mass (abbreviations: lb, lbm, lbm, [1]) is a unit of mass used in the imperial, United States customary and other systems of measurement. A number of different definitions have been used, the most common today being the international avoirdupois pound which is legally defined as exactly 0.45359237 kilograms, and which is divided into 16 avoirdupois ounces.

Don't believe Wikipedia? How about the NIST?

http://physics.nist.gov/Pubs/S...

MASS and MOMENT OF INERTIA: To convert from pound (avoirdupois) (lb) to kilogram (kg)

http://physics.nist.gov/Pubs/S...

FORCE: To convert from pound-force (lbf) to newton (N)

The real world is not always as simple as what you learned in 5th grade science, when your teacher said "The pound is a unit of weight, not mass", he was correct and incorrect at the same time due to the ambiguous nature of the unit.

In other news, there was also a 4-year-old flaw in OpenSSL. In the same way this bug was publicly reported (CVE-2010-5298) for years, without no one taking the responsibility to fix it.

Here's a detailed report of the bug by OpenBSD developer Ted Unangst. It was finally fixed in the recent quality assurance effort conducted by the OpenBSD guys.

In other news, OpenSSL gets a 4-year-old flaw patched. The catch here is that the bug was not only 4 years in the codebase, but it was publicly reported (CVE-2010-5298) for 4 years, without no one taking the responsibility to fix it.

OpenBSD developer Ted Unangst made a detailed report of the bug. It's not as severe as Heartbleed, but still allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.

In other news, OpenSSL gets a 4-year-old flaw patched. The catch here is that the bug was not only 4 years in the codebase, but it was publicly reported (CVE-2010-5298) for 4 years, without no one taking the responsibility to fix it.

OpenBSD developer Ted Unangst made a detailed report of the bug. It's not as severe as Heartbleed, but still allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.

Define actions (instant, daily, weekly alerts) for ranges of CVSS scores http://nvd.nist.gov/cvss.cfm?c...

Track incoming CVEs (http://nvd.nist.gov/download.cfm) , assign CVSS scores specific to your organization. Also have a organization specific remediation approach.

As you find out who is using what software, and use the CVE CPE (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2168) information to target more specific users.

In the blast emails, you could potentially harvest who thinks they may be affected to gather CPE information.

It's going to be a thankless, painful job, so you may as well automate as much as possible.

FIPS 140-2 is a spec about boundaries. You draw a boundary and the spec talk about how data passed through the boundary and about the stuff that allowed inside the boundary.

One the primary things is asks is that the crypto algorithms are NIST approved. E.G. AES or SP800-90 or SHA1/2/3.

So to build a FIPS140-2 compliant thing, you first determine the box (the boundary) and the function. Then implement that function using crypto algorithms from the list of NIST approved algorithms.

Curve 25519, chacha20 and poly1305 do not appear in any NIST published specification.

I'm pretty sure the interesting metric is the fracture toughness.
Interestingly enough there is a NIST page on it:
http://www.ceramics.nist.gov/s...

which ranges from 1.89 to 4.45 MPam1/2

and a nice paper on anealed borosilicate glass fracture toughness:
                http://dx.doi.org/10.1016/j.ph...
which ranges from 1.5 to 1.7 MPam1/2 depending on loading.
Of course Gorilla glass might have slightly higher values.

Oops. I missed the link for the announcement.. here

They also made many other changes. See appendix F of draft 1. I'm in the middle of reviewing them

The announcement and RFC is here.
The comments from the previous round addressed far more than just the Dual_EC_DRBG.

There are structural issues in the spec. My comments on the previous draft address them:
1) Flow control: ES pushing, vs conditioner pulling. Reseeding on demand vs when entropy is available.
2) A purely software centric API, when all nondeterministic random number generators need a hardware component.
3) Online testing that is too onerous for resource constrained solutions, when effective technical solution exists that have been ignored.
4) Conditioners (really an SP800-90B thing, but A, B and C go hand in hand) are all single source conditioners based on large crypto functions. The current state of math tells us multiple input conditioners can be implemented with non cryptographic methods in fewer gates with higher lower-bounds for min entropy out.

There's more. See the comments.

It was discovered and fixed so quickly *because* it's open source

For crikessakes, the heartbleed vulnerability existed for over 2 years before being discovered and fixed!

Sorry my bad, that sentence was confusing -- I meant the fix was fast, not finding the bug.

An exact timeline for Hearthbleed is hard to find, but it looks like there was some responsible disclosure of the bug to some large parties about a week before public disclosure and release of the fixed SSL library.

In contract, Apple learned of its SSL vulnerability over a month before they released an IOS patch and even after public disclosure of the bug, it was about a week before they released the OSX patch. And just like the OpenSSL bug, Apple's vulnerability was believed to have been in the wild for about 2 years before detection. (of course, since the library code was opensourced by Apple, several unofficial patches were released before Apple's official patch).

Everyone knows the current encryption schemes can be broken if you can (even theoretically) throw enough resources at it.

Everyone who "knows" this is dead wrong. Resource-based, brute-force attacks on, say, AES-256, are completely pointless.

According to Landauer's Principle the lowest possible amount of energy required to perform a single elementary computation is 2.85*10^-21 J. This means that even with a perfectly-efficient computer, to perform 2^256 elementary computations (assuming that an AES-256 trial decryption is a single elementary operation, which it isn't, but I'll ignore that) you would need 3.3*10^56 J. That's a lot.

How much? Well, suppose we built a Dyson sphere and captured the entire energy output of the sun to power our perfectly-efficient computer. The annual output of the sun is 1.2*10^34 J, which means we'd need 2.75*10^22 years of solar energy to complete the search for one key. One problem with that: The sun won't last that long.

Okay, so instead of just using a Dyson sphere to capture naturally-produced solar energy, suppose we found a way to convert the entire mass of the sun to energy. The theoretical mass energy of the sun is 1.8*10^47 J. That means you'd actually need the mass of just under two billion suns -- as well as an ideal computer and the ability to gather and convert all of those suns to energy in order to perform 2^256 operations.

As Bruce Schneier put it in the intro to Applied Cryptography, brute force of a 256-bit keyspace is impossible until computers are made of something other than matter and and occupy something other than space.

Of course, the 128-bit keyspace is miniscule compared to the 256-bit key space... but it's still unimaginably huge. Well beyond anyone's capabilities for at least several decades, perhaps longer. Suppose you had a trillion computers, each of which could test a trillion keys per second, allowing you to test 10^24 keys per second. It would still take you 10 million years to search a 128-bit key space.

No, if "everyone knows" current encryption schemes can be broken by application of enough resources, then everyone is wrong. At least, if the "resources" you're applying are computational brute force. "Rubber hose" cryptanalysis, on the other hand, is much cheaper and more effective. But this scheme, whatever other strengths or weaknesses it may have, is no more resistant to rubber hose cryptanalysis than any other.

List of NIST time servers here: http://tf.nist.gov/tf-cgi/serv... If you want to be a good NTP citizen you probably shouldn't use these servers directly though, unless your running a very large network and syncing your own ntp servers. Some ISPs run time servers on their gateways or DNS servers, it is a decent way to get an NTP sync that is "network close" to you.

NIST has vastly more accurate clocks - so I don't see what the big deal is.

http://www.nist.gov/pml/div688...

why anybody anywhere would ever invest in proprietary crypto software.

People forced by their customers to buy off of this list (i.e. people who sell to the federal government):

http://csrc.nist.gov/groups/ST...

Sure there are a couple F/OSS groups that paid the pretty significant cost to get a certificate. But not that many, especially when it comes to networking products.

>Wait what - you designed Intel's RdRand hardware RNG?
Me and many others. I was the primary designer of the crypto processing hardware which intersects with these specs. My public comments on the specs are here .

>So, since there is a lot of paranoia about backdoors in that, is there a backdoor? :P
No. I say that as a personal statement. I don't speak for my employer in public forums.

I'm in it to improve security of users from all comers. Good RNGs are a prerequisite for good security and in my design philosophy, security wins over slavish compliance to debatable clauses is specs. I'll seek a waiver for not putting in the back door, but I won't knowingly ship an insecure design.

Why is it so hard for you aspyrons to understand that the meaning of a word is often dependent on context?

Well, maybe because almost all the international standards organizations actually agree that there's a single meaning now (even though they disagreed in the past).

In a decimal context, kilo means 1000. In a binary context, it means 1024. Most of the people that pretend to have difficulty understanding this are actually making money from their 'confusion' - what's your excuse?

Look, what the GP said was factually accurate:

the IEEE, ISO and SI standards all agree that kilobyte means 1000 bytes, and megabyte means 1000000 bytes.

The IEC adopted these in 1998, leading to full adoption by the IEEE in 2005. SI explicitly defines kilo ONLY to mean 1000, and though bytes are not technically SI units, they regard any other use of the prefixes as incorrect.

The only large body that has endorsed the use of your system in the past decade is JEDEC, though they insist on capital letters, i.e., K, M, and G, instead of the standard SI lower-case. So, a kilobyte (kB) to them is actually 1000 bytes, while a Kilobyte (KB or K) is 1024.

Recently, if you read even JEDEC's standards from 2012, you'll note that they quote the IEEE standards and say the older style "frequently leads to confusion and is deprecated."

So, I don't know about the GP, but my "excuse" for following standard SI style is that basically all international standards bodies agree that "kilo" means 1000, and if you want to have a term for 1024, you should use something else.

Now, the reality of the world is that many hardware manufacturers and such still retain older deprecated usages. But GP's statement was basically accurate. There's no reason to go around insulting people when they state factual information.

You want to keep using a standard that has confused people for decades when the international standards organizations deprecate it because it's confusing? That's your choice. But what's your excuse for attacking people?