Slashdot Mirror


User: Jane+Q.+Public

Jane+Q.+Public's activity in the archive.

Stories
0
Comments
16,672
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 16,672

  1. Re:"Brilliant"? Hardly on Snowden Spoofed Top Officials' Identity To Mine NSA Secrets · · Score: 1

    "Forgive me if I'm forgetting something, but couldn't you just encrypt your home directory?"

    You could, but here's the reality of such a systems design: the first time anything went wrong, everything would be lost.

    It is certainly possible to design a system that would be pretty hard for a system administrator to get to. But if you ever need something fixed, that system will show itself to be impractical in the real world.

  2. Re:Don't Do The Crime... on The Register: 4 Ways the Guardian Could Have Protected Snowden · · Score: 0

    "Any bald injunction to "Believe it." leaves me heading for the nearest exit door."

    And any knee-jerk heading for the exit door makes you NOT a rationalist or empiricist. You'd better look at the data, first.

    I agree with you that you shouldn't believe it based on my saying "believe it". That wasn't intended to mean "believe it because I say so". I meant "believe it because the data says so."

    The difference is that the latter can be checked. If you leave without bothering to check, you are neither rational or empiricist.

  3. Re:Holy Crap. Get A Grip. on The Register: 4 Ways the Guardian Could Have Protected Snowden · · Score: 1
    You are making a distinction that is no real difference. That's just a slightly modified form of OTP. The difference is just that the "pad" is agreed upon using a separate key.

    "Nobody would dare claim that the key is anything close to random, yet the code is effective."

    Exactly. You are making my point for me. It isn't random... but it's "random enough" for the intended purpose. That's the effective entropy I was talking about, as opposed to true entropy.

    However, I would argue that a typical book code really isn't "random enough", if the encoded message is reasonably long. Word breaks and other features of plaintexts can sometimes be analyzed to break small bits... which leads to larger bits.

    But if you did it twice, using different passages, it is probably "good enough". Or if the encoded message is pretty short.

  4. Re:Out of jobs? on Technologies Like Google's Self-Driving Car: Destroying Jobs? · · Score: 0

    "If you solve the problems inherent in driving a car, you've made substantial progress in attacking environments that aren't built around robots and their limitations, which opens up many more just-sloppy-enough-to-confuse-robots and not-labor-intensive-enough-to-rebuild-for-robots workplaces."

    Two things to note about this:

    First, the "We've almost solved the too-sloppy for robots" attitude has been around since the 1930s. Sure, we're closer, but it has seemed that there was always just one more "sloppy" thing left to solve.

    Second, if you really do solve the "driving is too sloppy for robots" problem, you've also pretty much completely solved the "flying an airplane from the driveway to work is too sloppy for robots" problem. They are nearly identical. In fact the flying bit is arguably a bit easier in some ways.

    You won't be flying to work until there are nearly foolproof autopilots that communicate with all other nearby planes. It's that simple. Sounds a lot like the driving problem, doesn't it?

  5. "Brilliant"? Hardly on Snowden Spoofed Top Officials' Identity To Mine NSA Secrets · · Score: 5, Insightful

    "This is why you don't hire brilliant people for jobs like this. You hire smart people. Brilliant people get you in trouble." -- a former U.S. official with knowledge of the case.

    Um... no. What is described in TFA is not "brilliant" at all, but a necessary part of being a sysadmin: you have control over user profiles.

    The fact that the "former official" does not seem to realize this does not lead us to conclude that Snowden was brilliant... but rather that the mentioned official was anything but.

  6. Re:Don't Do The Crime... on The Register: 4 Ways the Guardian Could Have Protected Snowden · · Score: 1, Interesting

    "Generally I think I'd rate as overly optimistic about the future but since 9/11 I think we've come to be so over policed and scrutinized that if you're going to go up against the system in a big way you're going to get caught and you're better off going in thinking you're likely to get caught."

    I don't necessarily disagree with what you say... as long as you're only seeing it from that point of view. But try looking at it from a different (and probably more practical) point of view. That is to say, an engineering point of view, and Signal to Noise Ratio (s/n):

    Someone just recently (and quite rationally) campaigned for EVERYONE to publicly start publishing lots of noise. By noise, I mean:

    BOMBS. TERRORISM. DEATH TO INFIDELS. MAGNESIUM. RED PHOSPHORUS. WHITE PHOSPHORUS. SARIN. RICIN. MASS DESTRUCTION. AK-47. AR-15. M4. C4. 20mm. MINE.

    FREEDOM

    According to reports, that last word gets scored as highly as any of the others. A bit strange, that.

    The answer is not to be a sheep, and say "I'd better not say it or I will be in trouble."

    The answer is to look them in they eye, and if necessary spit in their eye, and SAY IT ANYWAY.

    Anything else and YOU are the enemy. Believe it.

    ---

  7. Re:Holy Crap. Get A Grip. on The Register: 4 Ways the Guardian Could Have Protected Snowden · · Score: 0

    "OTPs aren't used for real security engineering these days, except by old school spooks using ancient equipment. PKI is much more dependable."

    And since you insisted on injecting your amateur opinion on this topic, I will clue you in to something else:

    OTP does not have to be just XOR or some other kind of simple "manual" manipulation. It can include very sophisticated OTHER bitstream or block or other cipher techniques to achieve its goals. The only DIFFERENCE is that it's OTP. And that's where you show your blatant naivete.

    Did you learn your stuff from the CSI shows on TV?

  8. Re:Holy Crap. Get A Grip. on The Register: 4 Ways the Guardian Could Have Protected Snowden · · Score: 0
    Nobody said anything about .mp3. "Podcasts" are often video, and depending on how the bitstream is interpreted, it can be quite "pseudo-random". The important part is how it is interpreted.

    "One-time pads are the preserve of neophytes. OTPs are only "perfectly secure" if they come from _real_ random sources"

    You are naive. OTP is still used as the MOST secure encryption by "black" security forces around the world. We know that, both from "leaks" and from spies who have been caught.

    And you completely missed my point about effective entropy versus "objective" entropy. You are doubly naive.

    You are spouting exactly the "security engineering" bullshit propaganda that I was speaking against. You have blinders on. Wake up.

  9. Re:Holy Crap. Get A Grip. on The Register: 4 Ways the Guardian Could Have Protected Snowden · · Score: 1

    Haha. Ooops. Should have been 8:23.000. A good example of the problem of key management.

  10. Re:Holy Crap. Get A Grip. on The Register: 4 Ways the Guardian Could Have Protected Snowden · · Score: 1

    A lot of people (including many cryptographers today) seem to have forgotten that effective entropy and actual, objective entropy are two different things. It all has to do with available information. If you don't have the information necessary to put semi-random bits into perspective, they may as well be completely random.

    But again, it still depends on the bits being "random enough". What that is varies by circumstance.

  11. Re:Holy Crap. Get A Grip. on The Register: 4 Ways the Guardian Could Have Protected Snowden · · Score: 1

    "I'm saying that finding a common set of suitably pseudo-random bits ..."

    Hah! Yes, I'm feeling a bit dense today. I should have picked up on what you meant right away.

    Exactly. It doesn't have to be "random", it only has to be "random enough", which a podcast (starting at, say, 8 minutes 22.000 seconds) certainly is. As long as the key is unknown to others, and is halfway well-chosen, it might as well be "completely" random.

  12. Re:More on The Register: 4 Ways the Guardian Could Have Protected Snowden · · Score: 1

    "Go one better than Tor and use I2P. "

    No. What you want is OneSwarm.

    Not only does it store data in an encrypted, distributed fashion, it makes sure that it is not even theoretically (today) possible to tell what nodes on the network are supplying any particular data. That puts it a step above most other solutions, because it protects the sources, not just the downloader.

  13. Re:Don't Do The Crime... on The Register: 4 Ways the Guardian Could Have Protected Snowden · · Score: 1

    "With all the assets governments have arrayed against citizens of all nations you've got to assume you're going to burn."

    Wow. That's about the most pessimistic thing I've heard or read in ages. Next to, maybe, the guy on the streetcorner telling us all that we were all going to Hell, no ifs, ands, or buts.

    (To be honest, I think maybe HE is the one going to Hell, and it has something to do with his butt. But I'm only guessing.)

  14. Re:Holy Crap. Get A Grip. on The Register: 4 Ways the Guardian Could Have Protected Snowden · · Score: 1

    "The one-time-pad is the binary from the current 'This Week in the NSA' podcast."

    Maybe I missed the morning news, but I'm not sure what you're saying there.

    One Time Pad is the only encryption that mathematics says is not even theoretically breakable. As long as, that is, you use proper key management. Which isn't trivial, but it also isn't hard.

  15. Re:Vista on Steve Ballmer's Big-Time Error: Not Resigning Years Ago · · Score: 1

    Cool. I just didn't know you could get Celerons with embedded GPU. I did look, but not at any length.

    Having the right hardware can make a big difference. I remember a few years ago when I dual-booted my MacBook Pro into Windows and was getting 64 fps in EQ II, when my hardcore-gaming brother-in-law was only getting a bit over 30 on his "gaming" PC.

  16. Re:Vista on Steve Ballmer's Big-Time Error: Not Resigning Years Ago · · Score: 1

    If you say so. I didn't locate a Celeron with embedded GPU when I looked before replying, but I will take your word that is what it is.

  17. Re:Dear Comcast, fuck off on Comcast Threatens TorrentFreak For Posting Public Court Document · · Score: 0

    "A DMCA takedown notice - which this wasn't, and which you apparently blathered about the abuse of in several of your posts - is a special and particular type of cease and desist. A notice containing the required elements carries with it certain specific legal rights and imposes specific obligations and timelines on the parties. "

    Sorry. No points.

    I mentioned myself that it triggers different legal processes. But that's a separate matter... again, as I mentioned myself. This STILL doesn't say that, as you implied earlier, there are "magic words" that distinguish a DMCA takedown from some other "cease & desist".

    The legal process it invokes does not involve magic incantations. And you have not come even close to showing that it does.

    "not all actions relating to copyrighted material online will necessarily involve law made or amended by the DMCA"

    No shit, Sherlock. That's not what I wrote, and that's not what I meant.

  18. Re:Holy Crap. Get A Grip. on The Register: 4 Ways the Guardian Could Have Protected Snowden · · Score: 1

    Addendum:

    TFA implies that public-key is a panacea. This is not true either. SOME of the vulnerabilities are mentioned. But while security through obscurity is not itself real security, the FACT is that public-key cryptography is simply not suitable for all situations.

    In fact, given THIS situation, public-key cryptography presents exactly the SAME vulnerabilities as other methods that might be more secure in these circumstances. Namely, key management.

  19. Holy Crap. Get A Grip. on The Register: 4 Ways the Guardian Could Have Protected Snowden · · Score: 2

    It is ridiculously easy to agree on continuously changing keys for one-time-pad encryption. All you need is a bit of imagination.

    If the media companies are really so afraid that they will spend millions to do face-to-face encounters, I would happily take half of those millions and give them a far easier, faster, at-least-as-secure alternative.

    Seriously. This is utter madness based on ignorance.

  20. None Of This Matters on Wikipedia Can Predict Box Office Flops · · Score: 0

    The entire premise is bogus. Despite the headline, it's based on HINDSIGHT; it has no predictive value whatsoever.

    It doesn't do much good to "predict" what movie will be a flop, after it was a flop.

    Even saying "big deal" in sarcasm gives it too much credit.

  21. Re:Vista on Steve Ballmer's Big-Time Error: Not Resigning Years Ago · · Score: -1, Offtopic

    Postscript:

    If I had written what OP wrote, under some past topic, I would have been modded -37 Troll.

    No matter how true it may be.

  22. Re:Vista on Steve Ballmer's Big-Time Error: Not Resigning Years Ago · · Score: 4, Insightful

    Ballmer simply didn't have the proper vision.

    His (going up) career was always following visionaries who DID have the vision, while he handled the nuts and bolts of business.

    His (going down) career mistake was in thinking he could handle the vision part. That was pretty obviously "NO" from the start. His SECOND biggest mistake was in failing to snare someone else who did have it, to run new product development.

    Let's face it. Gates was a greedy, selfish, often dishonest businessman. But he had vision that Ballmer does not.

  23. Re:Vista on Steve Ballmer's Big-Time Error: Not Resigning Years Ago · · Score: 3, Interesting
    Just no. Hints:

    * This conversation was about PAST tech. Not today.

    *Your DVRs don't just have Celerons, they ALSO have support chips and GPUs, which are likely doing almost all of the work.

    "You would do better by mandating SSDs for Win 8 than forcing an i5."

    True enough as far as it goes. But you'd do FAR better by just mandating Linux instead.

  24. Re:Dear Comcast, fuck off on Comcast Threatens TorrentFreak For Posting Public Court Document · · Score: 0

    "I'm glad I was able to enlighten you."

    Except that you didn't.

    Please explain how this DIFFERS from any other valid "cease & desist" copyright letter. Answer: they don't. That was my point.

  25. Re:Dear Comcast, fuck off on Comcast Threatens TorrentFreak For Posting Public Court Document · · Score: 1

    MY point was that we don't need a new law. We need the absence of the "new" law... the DMCA. Get rid of it and the problems pretty much go away.