I'm assuming there is an assumption about the maximum input size the easy problem would be given? Even at "only" n^4, having just 100 nodes in the graph produces 100 million possible four-cycles that must be considered. I pick 100 because it seems like a fairly round number on the low end of what one might see in a network flow / flight path / circuit problem.
If you read the problem, the constraint is 50. Consequently, it's a brute-forceable, easy problem, as I said. The point is that you have 8 seconds for the solution to run on any given input, so the input constraints will determine whether the problem is brute-forceable.
I didn't. Re-read what I wrote. I said they have to be good at unlearning what those classes teach. I don't know what Duke University teaches in those classes, but the ones I took were an exhaustive discourse on methods of finding optimal solutions, generally ones that run in n, log n, n log n or at worst n^2.
I claim that if you need to unlearn algorithms classes to write programs that run in worse than n^2 when no n^2 solution is feasible, you've really let the classes mess you up.
My interpretation of the intent of the parent posts was that TopCoder has applicability to the real world. Based on this example, and one of the parent posts, I was agreeing that the skill set one needs for TopCoder are significantly different because as this example showed a "good" solution for TopCoder should be a solution of last resort in professional programming.
The example showed a good solution to an easy problem. It doesn't show much about the skill set needed because you need to solve more than easy problems to do well. And yes, if a simple brute force solution will run in the time allotted, it is best in TopCoder to use that solution, but that's why the problem constraints are generally such that you can't brute force the harder problems.
You should be able to easily optimize the whole thing down to a theta of 0.25*n*m^3 where m is the average number of edges between nodes. In most cases m<<n, but in the worst case m=(n-1) and the algorithm will take n^4. There are probably better cases, but that's my "less than half an hour" stab at the problem.
What does "most cases" mean? In a graph selected uniformly at random from graphs of size n, m will be n/2 on average, and your algorithm will take time Theta(n^4). Your solution is brute force too, albeit one that's more efficient by a constant factor. You're just brute forcing using edges rather than vertices, if you're doing what I think. My stab at doing better than brute force showed that it's equivalent to counting 4-cliques.
The problems they used were too easy, in that 3 of the 4 finalists finished all the problems in 40 out of 75 minutes. That's because when they first ran the final round a switch died and they had to cancel the round. The problems in the article were their backup problems.
Ironically, I find the "easiest" one the hardest. I can think of a brute-force O(n^4) algorithm, but it's not pretty.
In the context of the competition, brute force is clearly the way to go.
Incidentally, if you can do better than brute force on DQuads, I can do better than brute force on finding 4-cliques in an undirected graph. I doubt there are any good lower bounds on 4-CLIQUE, but it does make it intuitively plausible that brute force is the best possible solution.
First, it's typical for the easy problem in TopCoder competitions to be brute-forceable. Harder problems usually aren't (there is a running time constraint).
Second, in the real world one does not look for solutions that run in optimal time, but rather for the appropriate trade-off between development time and running time.
Third, you really shouldn't be casting aspersions on others' ability to analyze algorithms. It should be obvious that four nested for loops do not take exponential time to run, and that there are not even an exponential number of possible quadrilaterals to test in the first place. Although the problem isn't NP-hard, as the given solution runs in time O(n^4), if you can do better than brute force on it, you can also do better than brute force at finding 4-cliques. (However, that may not imply anything interesting, though it is intuitively somewhat suggestive.)
Fourth, there's nothing ludicrous about having an NP-complete problem. I recall one competition where the hard problem was NP-complete, but given the problem constraints the way you could solve it was coming up with a O(2^(n/2)) solution rather than a O(2^n) solution.
At any rate, TopCoder is ultimately a coding competition, not a competition in asymptotic running time.
I was responding to sunaj, who claimed that an infinite number of monkeys would type 's' forever, and an infinite number would type Shakespeare over and over forever. My post made it clear I was talking about monkeys typing forever.
The set of infinite strings is not countably infinite. If there are b distinct characters, there is an obvious bijection to the real numbers: just put them in base b.
Uh, your argument is nonesense. You're flagrantly confusing sequences that contain the complete works of Shakesspare somewhere with sequences that terminate with the complete works of Shakesspeare. In fact, it is well known that almost all (in the measure theoretic sense) real numbers are absolutely normal, and thus almost all infinite strings contain the complete works of Shakespeare.
You fail to appreciate the fact that there are different kinds of infinity. The Anonymous Coward is correct. If you have a monkey for each natural number: 0, 1, 2, 3,..., you have an infinite number of monkeys. Indeed, "infinity" means the cardinality of the natural numbers, unless specified otherwise. However, if each of these monkeys types characters randomly forever, the probability that there exists any monkey that types 's' forever, or any monkey that types the complete works of Shakespeare reapeatedly forever, is 0. You want a monkey for each real number to be certain that every infinite string of characters will be produced.
Your analogy to file sharing is bad. A better analogy would be to weapons.
In some la-la fantasy world where violence does not exist, no one would no needs weapons for self-defense. In reality, however, not allowing weapons puts the law-abiding at the mercy of criminals, who may still yet possess illegal weapons.
In some la-la fantasy world where exploits do not exist, no would need to audit their network for security holes. In reality, however, not allowing such tools would leave law-abiding network administrators at the mercy of those who would scan their networks with an illegal tool and discover holes that the administrators have never even heard of.
When a technology A has "strong dark uses", but one of its legitimate uses is defending against technology A, and it is in fact one of the best ways of defending against A, it is clear that making it illegal is sheer folly. For unless you stamp it out entirely, you are worse off than you would be if it were legal, and you could at least use it against itself.
WTF is your boss sleeping in the houses of people whom he doesn't trust not to tape him in bed with his wife??
Re:It probably wasn't that bad of an idea
on
Nuke-Lobbing
·
· Score: 1
Since over 2000 nuclear weapons tests have occurred without ending the world, that's evidence that the parent post is correct that nuclear war with the weapons we had in the 1950s wouldn't have been the end of the world.
Microsoft gave a technical presentation about Palladium at MIT in October 2002, and I attended the talk. This is where I got my information. The talk gave details about the Palladium architecture, but less detail about the Nexus that MS would provide, since their Nexus would not be part of the architecture.
It's damn hard to get specifics on palladium. I can't imagine any reason they would do it that way, it opens serious security issues. Everything I know of about palladium plus the parallels with TCPA would suggest that the data would be locked to the application.
I hope you're right. A single security hole would let you unlock ALL of your palladium data.
Of course, any Nexus that provides DRM, as Microsoft's presumably will, must lock data for applications. For the Palladium architecture to lock data for applications in hardware would require the hardware to understand how the OS organizes processes. It is thus a much better design decision to do it in software. You should realize that the Nexus will be very small. It will be separate from the OS kernel, and I think the intent is that it will do little more than serve as an interface to the security hardware, though it must, as I noted, understand process organization.
So, Microsoft is definitely hoping not to have bugs in their Nexus. A security hole would indeed let you unlock all your data for that Nexus, and they do realize that.
Nope. You can write any program you like, but you'll get garbage if you try to read the file. Palladium only correctly decrypts the data for the program that wrote the data. Think of it this way, the EXE making the request is fed in as the password.
Palladium will correctly decrypt the data for the Nexus, or Trusted Operating Root, or whatever they're calling it nowadays, that encrypted the data, not the invidual program that did so. It would be up to the Nexus, not the Palladium architecture itself, to ensure that it gives the data to the correct program.
1. Is palladium optional for the SO? Could Linux or Winshit98 be installed on a Palladium box w/ no ill effects?
Yes, as long as you don't want to use any Palladium protected content.
2. Is palladium optional for developers? Can "Joe Shareware" still release his software w/out paying an evil corporation for the right to sell it?
Nothing like software signing is in Palladium. That's just the X-box.
3. Is there any way whatsoever in which this would help Joe User or Joe Hacker(not to be confused with Joe Cracker)?
While I don't want to categorically say it does nothing useful for them, I think it's most useful for companies that want DRM.
4. Will this be integrated on Sparc and PowerPC or just PCs? Is AMD accepting this BS or just Intel?
I think it's AMD and Intel, but not other architectures.
5. Who will be in charge of licensing keys for palladium software?
I don't know what keys you're talking about. Except possibly for patents, which can always throw wrenches into things, anyone could develop software that uses Palladium.
Supposing some kind of virus or, more likely, spyware starts running in the nexus layer, I have no way (short of pulling the power plug) of preventing it from running. That doesn't sound like the kind of "security" I'm interested in.
On the other hand, if that happens, you could reverse engineer the virus or spyware, and use the same technique it used to insert your own code into the Nexus and bypass annoying features of the Nexus like DRM.
Of all the objections to Palladium, I think that was rather odd in the first place. As the Intel architecture currently is, malicious code running in ring 0 can pretty much force you to pull the power cord.
For example company big$co wants to sell data file D to john doe. big$co gives a copy of D encrypted with the secret key on john doe's Palladium enabled comp to john. (notice i dont say John Doe's key as this is not the case. thats exactly what Rivest and Diffie are, rightly IMHO, complaining about.) The secret key in the box can only be accessed through the trusted OS (nexus) which in turn makes sure that only trusted software (i.e. some app provided (and sold) by big$co). Since the pladium part of the system will only boot if the nexus is trusted (i.e. hasnt been tampered with, and thus hashes to a predefined and stored value) and the nexus checks that only trusted software talks to it, the enviornment is controled by big$co and Redmond.
This is slightly inaccurate. The copy of D that big$co gives John is encrypted for his specific computer and for a specific Nexus hash. His Palladium enabled computer will refuse to use its secret key to decrypt D unless the hash of the running Nexus matches the Nexus for which D was encrypted. There is in fact no requirement that the Nexus match any known value for the computer to boot into trusted mode. Arbitrary code can be run as the Nexus. However, big$co will likely only be willing to give out copies of D encrypted for Nexuses that it considers trustworthy.
This doesn't go against your overall point, that big$co won't give you its content unless it trusts your computing environment. Also, it is worth noting that you are correct that the Palladium hardware will possess private keys that it will not share with the end user.
But If you can run **any** program, you could write a program to read their "Secure/encrypted/rot13ed/whaterved" data file and output a plain "filetype of my choice" file. Likewise if you could write an OS (even a simple one that only read bytes from the hard disk and shoveled them out the serial port) you could bypass the security.
Um, hello, it's actually quite hard to decrypt files that are encrypted with real encryption (not rot13). If it was just an issue of reading from the hard drive, you could just stick it in an older machine. Obviously data that's supposed to be protected won't be stored to disk unencrypted.
I belive you are incorrect... BSD/Linux and other programs will not be loaded if they are not properly cleared.
This is not true, for the reasons I described. I attended a presentation MS gave at MIT about Palladium, to a crowd that wasn't overly sympathetic toward them, and the idea that Palladium will only run signed code isn't at all the case. I think that's just a rumor that started because that's the way X-box "security" works.
Many science-minded individuals have the compulsion to believe all things in reality can be placed into a nice logical container. At the roots, they believe, all things must follow a logical order. You have made the assertion that because the brain is a complex chunk of matter, it could be accurately emulated. Your assertion is compatible with this belief.
However, one thing that Godel does show is that there is no universal formal system. There is no logical container from which all things mechanically live in harmony. The likes of David Hilbert were bent on discovering a set of primary axioms from which all mathematical truths could be derived. Godel showed this was not possible.
If we look at physical systems at the so-called macro-scale, they certainly do exhibit logical mechanisms that can be mathematically modeled. At some scale, however, it seems necessary that this logical consistency must be abandoned. Otherwise, we would have a Universal formal system from which all truths are derived.
I dispute this claim. Specifically, you believe that if the Universe can be mathemically modeled in its entirety at all scales, Gödel's Incompleteness Theorem is violated because "we would have a Universal formal system from which all truths are derived." Suppose you know all facts about the Universe. How would this allow you to derive the truth or falsity of, e.g., Golbach's Conjecture (assuming no one in the Universe ever proves or disproves it)? The laws of physics can be formally mathematically modeled, but that doesn't mean that all formal truths in the mathemical system one is using to model the laws of physics can be derived from the laws of physics, even if the laws of physics precisely apply to everything that ever will exist.
The difference is made when someone expresses his opinion about the holocaust. Because if he denies is this would be counted as slander towards the victims. That's all. Maybe we shouldn't focus too much on terms.
Legally, you can only slander individual entities. You can't slander a class of people. For example, I now say that all politicians are corrupt thieves. That's not slander.
I've always thought that the JVM security model was the morla equivalent of eliminating the FDA in favour of tamper resistant pill bottles.
That's a very bad analogy. Tamper-resistant pill bottles are supposed to ensure that no one other than the manufacturer has done anything to the contents. They do nothing unless the consumer trusts the manufacturer. The computer equivalent of tamper-resistant pill bottles is programs digitally signed by the author.
This is entirely unlike the JVM security model. I can't think of a good medical analogy for the JVM security model. Computers, unlike the human body, operate in ways that we can precisely model mathematically. Any interested third party can verify the proof of soundness of Java's type system, without the immense resources that would be required for a third party to conduct clinical trials of drugs, which are only empirical evidence of safety. This article shows how to take advantage of a situation where a computer does not operate as specified.
You encrypt the key with a sufficiently good passphrase, and type that in when you boot. There should be several copies of your encrypted key at different locations on the drive, and if they're all corrupted, your drive is probably hosed anyway.
No, if someone had your ring, it would be extremely easy to figure out. If all that determines your passphrase is starting location, direction, and number of letters, we're talking well under 20 bits of entropy. That's just plain awful.
Slashdot Mirror
I'm assuming there is an assumption about the maximum input size the easy problem would be given? Even at "only" n^4, having just 100 nodes in the graph produces 100 million possible four-cycles that must be considered. I pick 100 because it seems like a fairly round number on the low end of what one might see in a network flow / flight path / circuit problem.
If you read the problem, the constraint is 50. Consequently, it's a brute-forceable, easy problem, as I said. The point is that you have 8 seconds for the solution to run on any given input, so the input constraints will determine whether the problem is brute-forceable.
I didn't. Re-read what I wrote. I said they have to be good at unlearning what those classes teach. I don't know what Duke University teaches in those classes, but the ones I took were an exhaustive discourse on methods of finding optimal solutions, generally ones that run in n, log n, n log n or at worst n^2.
I claim that if you need to unlearn algorithms classes to write programs that run in worse than n^2 when no n^2 solution is feasible, you've really let the classes mess you up.
My interpretation of the intent of the parent posts was that TopCoder has applicability to the real world. Based on this example, and one of the parent posts, I was agreeing that the skill set one needs for TopCoder are significantly different because as this example showed a "good" solution for TopCoder should be a solution of last resort in professional programming.
The example showed a good solution to an easy problem. It doesn't show much about the skill set needed because you need to solve more than easy problems to do well. And yes, if a simple brute force solution will run in the time allotted, it is best in TopCoder to use that solution, but that's why the problem constraints are generally such that you can't brute force the harder problems.
You should be able to easily optimize the whole thing down to a theta of 0.25*n*m^3 where m is the average number of edges between nodes. In most cases m<<n, but in the worst case m=(n-1) and the algorithm will take n^4. There are probably better cases, but that's my "less than half an hour" stab at the problem.
What does "most cases" mean? In a graph selected uniformly at random from graphs of size n, m will be n/2 on average, and your algorithm will take time Theta(n^4). Your solution is brute force too, albeit one that's more efficient by a constant factor. You're just brute forcing using edges rather than vertices, if you're doing what I think. My stab at doing better than brute force showed that it's equivalent to counting 4-cliques.
The problems they used were too easy, in that 3 of the 4 finalists finished all the problems in 40 out of 75 minutes. That's because when they first ran the final round a switch died and they had to cancel the round. The problems in the article were their backup problems.
However, the solutions were not all brute force.
I meant "counting 4-cliques", not "finding 4-cliques".
Ironically, I find the "easiest" one the hardest. I can think of a brute-force O(n^4) algorithm, but it's not pretty.
In the context of the competition, brute force is clearly the way to go.
Incidentally, if you can do better than brute force on DQuads, I can do better than brute force on finding 4-cliques in an undirected graph. I doubt there are any good lower bounds on 4-CLIQUE, but it does make it intuitively plausible that brute force is the best possible solution.
First, it's typical for the easy problem in TopCoder competitions to be brute-forceable. Harder problems usually aren't (there is a running time constraint).
Second, in the real world one does not look for solutions that run in optimal time, but rather for the appropriate trade-off between development time and running time.
Third, you really shouldn't be casting aspersions on others' ability to analyze algorithms. It should be obvious that four nested for loops do not take exponential time to run, and that there are not even an exponential number of possible quadrilaterals to test in the first place. Although the problem isn't NP-hard, as the given solution runs in time O(n^4), if you can do better than brute force on it, you can also do better than brute force at finding 4-cliques. (However, that may not imply anything interesting, though it is intuitively somewhat suggestive.)
Fourth, there's nothing ludicrous about having an NP-complete problem. I recall one competition where the hard problem was NP-complete, but given the problem constraints the way you could solve it was coming up with a O(2^(n/2)) solution rather than a O(2^n) solution.
At any rate, TopCoder is ultimately a coding competition, not a competition in asymptotic running time.
I was responding to sunaj, who claimed that an infinite number of monkeys would type 's' forever, and an infinite number would type Shakespeare over and over forever. My post made it clear I was talking about monkeys typing forever.
The set of infinite strings is not countably infinite. If there are b distinct characters, there is an obvious bijection to the real numbers: just put them in base b.
Uh, your argument is nonesense. You're flagrantly confusing sequences that contain the complete works of Shakesspare somewhere with sequences that terminate with the complete works of Shakesspeare. In fact, it is well known that almost all (in the measure theoretic sense) real numbers are absolutely normal, and thus almost all infinite strings contain the complete works of Shakespeare.
You fail to appreciate the fact that there are different kinds of infinity. The Anonymous Coward is correct. If you have a monkey for each natural number: 0, 1, 2, 3, ..., you have an infinite number of monkeys. Indeed, "infinity" means the cardinality of the natural numbers, unless specified otherwise. However, if each of these monkeys types characters randomly forever, the probability that there exists any monkey that types 's' forever, or any monkey that types the complete works of Shakespeare reapeatedly forever, is 0. You want a monkey for each real number to be certain that every infinite string of characters will be produced.
Your analogy to file sharing is bad. A better analogy would be to weapons.
In some la-la fantasy world where violence does not exist, no one would no needs weapons for self-defense. In reality, however, not allowing weapons puts the law-abiding at the mercy of criminals, who may still yet possess illegal weapons.
In some la-la fantasy world where exploits do not exist, no would need to audit their network for security holes. In reality, however, not allowing such tools would leave law-abiding network administrators at the mercy of those who would scan their networks with an illegal tool and discover holes that the administrators have never even heard of.
When a technology A has "strong dark uses", but one of its legitimate uses is defending against technology A, and it is in fact one of the best ways of defending against A, it is clear that making it illegal is sheer folly. For unless you stamp it out entirely, you are worse off than you would be if it were legal, and you could at least use it against itself.
WTF is your boss sleeping in the houses of people whom he doesn't trust not to tape him in bed with his wife??
Since over 2000 nuclear weapons tests have occurred without ending the world, that's evidence that the parent post is correct that nuclear war with the weapons we had in the 1950s wouldn't have been the end of the world.
Are you certain? Do you have a link?
Microsoft gave a technical presentation about Palladium at MIT in October 2002, and I attended the talk. This is where I got my information. The talk gave details about the Palladium architecture, but less detail about the Nexus that MS would provide, since their Nexus would not be part of the architecture.
It's damn hard to get specifics on palladium. I can't imagine any reason they would do it that way, it opens serious security issues. Everything I know of about palladium plus the parallels with TCPA would suggest that the data would be locked to the application.
I hope you're right. A single security hole would let you unlock ALL of your palladium data.
Of course, any Nexus that provides DRM, as Microsoft's presumably will, must lock data for applications. For the Palladium architecture to lock data for applications in hardware would require the hardware to understand how the OS organizes processes. It is thus a much better design decision to do it in software. You should realize that the Nexus will be very small. It will be separate from the OS kernel, and I think the intent is that it will do little more than serve as an interface to the security hardware, though it must, as I noted, understand process organization.
So, Microsoft is definitely hoping not to have bugs in their Nexus. A security hole would indeed let you unlock all your data for that Nexus, and they do realize that.
Nope. You can write any program you like, but you'll get garbage if you try to read the file. Palladium only correctly decrypts the data for the program that wrote the data. Think of it this way, the EXE making the request is fed in as the password.
Palladium will correctly decrypt the data for the Nexus, or Trusted Operating Root, or whatever they're calling it nowadays, that encrypted the data, not the invidual program that did so. It would be up to the Nexus, not the Palladium architecture itself, to ensure that it gives the data to the correct program.
1. Is palladium optional for the SO? Could Linux or Winshit98 be installed on a Palladium box w/ no ill effects?
Yes, as long as you don't want to use any Palladium protected content.
2. Is palladium optional for developers? Can "Joe Shareware" still release his software w/out paying an evil corporation for the right to sell it?
Nothing like software signing is in Palladium. That's just the X-box.
3. Is there any way whatsoever in which this would help Joe User or Joe Hacker(not to be confused with Joe Cracker)?
While I don't want to categorically say it does nothing useful for them, I think it's most useful for companies that want DRM.
4. Will this be integrated on Sparc and PowerPC or just PCs? Is AMD accepting this BS or just Intel?
I think it's AMD and Intel, but not other architectures.
5. Who will be in charge of licensing keys for palladium software?
I don't know what keys you're talking about. Except possibly for patents, which can always throw wrenches into things, anyone could develop software that uses Palladium.
Supposing some kind of virus or, more likely, spyware starts running in the nexus layer, I have no way (short of pulling the power plug) of preventing it from running. That doesn't sound like the kind of "security" I'm interested in.
On the other hand, if that happens, you could reverse engineer the virus or spyware, and use the same technique it used to insert your own code into the Nexus and bypass annoying features of the Nexus like DRM.
Of all the objections to Palladium, I think that was rather odd in the first place. As the Intel architecture currently is, malicious code running in ring 0 can pretty much force you to pull the power cord.
Making every PC an Xbox with push content delivery just opens up an ugly vulnerability in your system.
What does Palladium have to do with push content delivery?
For example company big$co wants to sell data file D to john doe. big$co gives a copy of D encrypted with the secret key on john doe's Palladium enabled comp to john. (notice i dont say John Doe's key as this is not the case. thats exactly what Rivest and Diffie are, rightly IMHO, complaining about.) The secret key in the box can only be accessed through the trusted OS (nexus) which in turn makes sure that only trusted software (i.e. some app provided (and sold) by big$co). Since the pladium part of the system will only boot if the nexus is trusted (i.e. hasnt been tampered with, and thus hashes to a predefined and stored value) and the nexus checks that only trusted software talks to it, the enviornment is controled by big$co and Redmond.
This is slightly inaccurate. The copy of D that big$co gives John is encrypted for his specific computer and for a specific Nexus hash. His Palladium enabled computer will refuse to use its secret key to decrypt D unless the hash of the running Nexus matches the Nexus for which D was encrypted. There is in fact no requirement that the Nexus match any known value for the computer to boot into trusted mode. Arbitrary code can be run as the Nexus. However, big$co will likely only be willing to give out copies of D encrypted for Nexuses that it considers trustworthy.
This doesn't go against your overall point, that big$co won't give you its content unless it trusts your computing environment. Also, it is worth noting that you are correct that the Palladium hardware will possess private keys that it will not share with the end user.
But If you can run **any** program, you could write a program to read their "Secure/encrypted/rot13ed/whaterved" data file and output a plain "filetype of my choice" file. Likewise if you could write an OS (even a simple one that only read bytes from the hard disk and shoveled them out the serial port) you could bypass the security.
Um, hello, it's actually quite hard to decrypt files that are encrypted with real encryption (not rot13). If it was just an issue of reading from the hard drive, you could just stick it in an older machine. Obviously data that's supposed to be protected won't be stored to disk unencrypted.
I belive you are incorrect... BSD/Linux and other programs will not be loaded if they are not properly cleared.
This is not true, for the reasons I described. I attended a presentation MS gave at MIT about Palladium, to a crowd that wasn't overly sympathetic toward them, and the idea that Palladium will only run signed code isn't at all the case. I think that's just a rumor that started because that's the way X-box "security" works.
Many science-minded individuals have the compulsion to believe all things in reality can be placed into a nice logical container. At the roots, they believe, all things must follow a logical order. You have made the assertion that because the brain is a complex chunk of matter, it could be accurately emulated. Your assertion is compatible with this belief.
However, one thing that Godel does show is that there is no universal formal system. There is no logical container from which all things mechanically live in harmony. The likes of David Hilbert were bent on discovering a set of primary axioms from which all mathematical truths could be derived. Godel showed this was not possible.
If we look at physical systems at the so-called macro-scale, they certainly do exhibit logical mechanisms that can be mathematically modeled. At some scale, however, it seems necessary that this logical consistency must be abandoned. Otherwise, we would have a Universal formal system from which all truths are derived.
I dispute this claim. Specifically, you believe that if the Universe can be mathemically modeled in its entirety at all scales, Gödel's Incompleteness Theorem is violated because "we would have a Universal formal system from which all truths are derived." Suppose you know all facts about the Universe. How would this allow you to derive the truth or falsity of, e.g., Golbach's Conjecture (assuming no one in the Universe ever proves or disproves it)? The laws of physics can be formally mathematically modeled, but that doesn't mean that all formal truths in the mathemical system one is using to model the laws of physics can be derived from the laws of physics, even if the laws of physics precisely apply to everything that ever will exist.
The difference is made when someone expresses his opinion about the holocaust. Because if he denies is this would be counted as slander towards the victims. That's all. Maybe we shouldn't focus too much on terms.
Legally, you can only slander individual entities. You can't slander a class of people. For example, I now say that all politicians are corrupt thieves. That's not slander.
You don't get root, you get to be whatever user the Java VM is.
I've always thought that the JVM security model was the morla equivalent of eliminating the FDA in favour of tamper resistant pill bottles.
That's a very bad analogy. Tamper-resistant pill bottles are supposed to ensure that no one other than the manufacturer has done anything to the contents. They do nothing unless the consumer trusts the manufacturer. The computer equivalent of tamper-resistant pill bottles is programs digitally signed by the author.
This is entirely unlike the JVM security model. I can't think of a good medical analogy for the JVM security model. Computers, unlike the human body, operate in ways that we can precisely model mathematically. Any interested third party can verify the proof of soundness of Java's type system, without the immense resources that would be required for a third party to conduct clinical trials of drugs, which are only empirical evidence of safety. This article shows how to take advantage of a situation where a computer does not operate as specified.
You encrypt the key with a sufficiently good passphrase, and type that in when you boot. There should be several copies of your encrypted key at different locations on the drive, and if they're all corrupted, your drive is probably hosed anyway.
No, if someone had your ring, it would be extremely easy to figure out. If all that determines your passphrase is starting location, direction, and number of letters, we're talking well under 20 bits of entropy. That's just plain awful.