Isn't a proof of the Riemann Hypothesis necessarily non-constructive? If so, a computer can't answer your question.
That doesn't follow at all. It merely indicates that the computer would have to provide a symbolic proof (if it's required to give a proof at all instead of just answering the question). Computers are entirely capable of handling symbolic proofs, they just aren't anywhere near as good at it (yet) as extensively-trained humans are.
Anyway, if the answer to the Riemann hypothesis is "no", providing a single counterexample would suffice to answer the question.
1) Create their own linux distro and mandate that the government use it. They have already said they want to do this and it was previously discussed on Slashdot.
2) Pass a law that says no new computer can be sold without a legitimate operating system on it (It doesn't matter if it's Windows, Russian Linux, OSX. It just must be a legal copy). More importantly, enforce the law. This should at least get most or all new computers pre-installed with the Russian OS just to comply with the law.
3) Refuse to let hardware vendors sell a product in Russia if it doesn't work out of the box or have a verified driver for Russian Linux on the installation CD. Linux generally has better hardware support than Windows these days so, this really isn't too onerous of a requirement on hardware vendors.
Isn't the whole point here, though, that the government in Russia is basically ineffectual and doesn't seem capable of policing its citizens? If there were onerous restrictions on buying new computers, people would just get those on the black market too.
3) Have separate permissions, but allow exceptions to make things easier. Ask only in certain situation, or only so often. Just let everything else go by. This is the Windows 7 method (and also several variants of Linux I've seen).
"Several"? Name me one distro in which/bin/ping isn't setuid root. On my Ubuntu desktop, find/usr/bin/sbin/lib -perm -4000 | wc -l returns "38". My RHEL server is only marginally lower, at 32. Every security system needs to have exceptions, and Unix has allowed them since the early 1970s.
On windows doing simple things (like changing the clock time) often required admin access.
I never got why everyone always complains about this. Every multiuser operating system I know of requires you to be admin to set the system time:
$ date 02071828
date: cannot set date: Operation not permitted
Using the Ubuntu GUI requires you to enter your password too. An unprivileged user with the right to set the system time arbitrarily could completely mess up the system, such as stopping critical system cron/at jobs from running or throwing log analyzers into a state of continuous bafflement. That's exactly what ordinary users are not supposed to be able to do.
Besides, how often do you need to set the time? Most people's timezone doesn't change too often, and the rest should be handled by NTP.
Copyright is a federal institution in the United States, and states cannot nullify, adjust, reinterpret, or ignore it. Copyright is held by the author of the work unless they created it in the course of their official duties for a regular employer, per USC 17. Therefore, New York couldn't do this.
Can you say, "We subsidized the work, so it was a 'Work For Hire'?" The state owns it.
No. The relevant law is 17 USC 101. The relevant definition is "a work prepared by an employee within the scope of his or her employment". Receiving a tax deduction from the government does not make you a government employee.
As for eminent domain, it's always possible that eminent domain could be invoked on any property that anyone holds. If it's possible to seize intellectual property by eminent domain, then I should think the government would be more interested in seizing proprietary software -- after all, that's what costs it money. It can do pretty much whatever it feels like with OSS already anyway, so it wouldn't be worth the inevitable legal battle.
In any event, the existence of a tax deduction for OSS hackers strikes me as irrelevant to the legality of seizing software by eminent domain. Although of course, IANAL.
Yes that's right it stops the keys being recorded.
I could record your encrypted traffic right now. In 20 years time when it may be feasible to decrypt that data i could take that recorded encrypted data and decrypt it.
So you need something right now that stops the data being recorded in the first place if you don't want that data possibly decoded in 20 years time.
I see your point. Of course, this is subject to the same problems as QKD generally: it only protects against eavesdroppers on channels where MITM already isn't possible for some reason. (Otherwise, I could agree on a key with Alice via QKD without letting her messages get to Bob, and agree on a totally different key with Bob posing as Alice.) I don't know of any practical example of a communications channel that's MITM-proof but not already eavesdropper-proof.
Sometimes I wonder whether it would make sense to optimize the disk usage for flash drives by writing transient files to ramdisk instead of hard disk. E.g. in compilation, intermediate files could well reside on ramdisk. If you rely on "make clean" a lot (e.g. when you are rebuilding "clean".debs all the time), you won't have that much attachment to your object files.
Of course this may require more work than what it's really worth, but it's a thought.
Can't you just instruct your compiler to place temporary files in/tmp, and make that a tmpfs?
A warrant, or just cause. If they hear a woman inside a building screaming "OH GOD DON'T KILL ME TOO!" then they certainly don't have to go ask a judge for a warrant before entry.
Yes, that's what I meant when I said "with only quite narrow situational exceptions".
The demarcation of storage and RAM is a legacy constraint forced by hardware limitations. Ubiquitous 64-bit and SSD will blur and eventually totally eliminate this separation.
SSD is still orders of magnitude slower than RAM. The only way the distinction is going to go away is if someone comes up with persistent storage that's as fast as RAM but as cheap (per gigabyte) as disk. There's no reason to think such storage exists even in principle, unless you're living in a future where everything is made for free by solar-powered nanorobotic universal assemblers or something (and therefore don't have to worry about price).
Wow, now all we need is to connect the GPU to the FSB/QPI, make it support pagetables, interrupts, DMA, CPU-style L1/2/3 coherent cache, memory controller with synchronous fencing, legacy and long modes for pointers and instructions, etc.... and then we'll have something that can possibly emulate an x86 CPU at only 99.9% performance penalty!!
Or, you know, not.
Okay, the fact that this is modded Funny instead of Informative is pretty pathetic.
Will always be vulnerable to a gun to your head and the question "What does it say?"
How many enemies of Australia would be willing to try and intercept their digital communications? How many would be willing to try and kidnap members of their military intelligence corps to interrogate them? The answers at the present time are approximately "all of them" and "none of them", respectively.
Intercepting data is a "Whoops, haha, guess someone must have been overenthusiastic, sorry, won't let you find out^H^H^H^H^H^H^H^H^H^H^H^Hit happen again" kind of thing. Capturing an Australian soldier or other person with security clearance for the purpose of interrogation is an act of war.
Yes. Think secret plans that can't get out, even in 20 years time.
Can you guarantee quantum computers won't be around in 20 years time?
Not relevant. QKD is a key distribution system only. It has no implications for secure data storage. QKD is normally used (in theory) to transmit one-time pads, which are discarded immediately after the actual communication is received.
Storing something encrypted with a one-time pad is possible, of course. That would be equivalent to storing two copies (or n copies, with multiple pads) in such a way that you need to have both to get any information about the content other than an upper bound on its length. But QKD doesn't help you do that.
Assuming the sender and receiver have another channel which is secure against man in the middle attacks (though not necessarily secure against eavesdroppers)
Such as? This always seemed like the fatal flaw of QKD to me: you need to have a channel secure against MITM for it to be worth anything. Otherwise an attacker could just get Alice's key, make up a totally different key to transmit to Bob, and translate all further communications using the two keys.
So what MITM-proof channel do you use? The only plausible one I can think of is an ordinary communications channel encrypted with RSA or something. Except, oops, now you're just as vulnerable as you were before.
Under what practical circumstances will QKD produce any real increase in security, even a tiny one?
IE != Gecko. Gecko is used to render help files and other system-wide things that need an HTML rendering engine (same think as WebKit on OSX), but that does not mean that the IE application needs to be present to do so.
Supposedly Debian (from Sid onwards) also does not allow 'rm -rf/'.
This is not Debian-specific. Just RTFM of rm(1) from GNU Coreutils and you'll see the option --preserve-root is enabled by default. To override it use --no-preserve-root. Mine's coreutils-6.12 here.
Of course you can see this as another disadvantage of GNU.
The default appears to be version- or distro-specific. On RHEL5 (coreutils 5.97), the man page says "--no-preserve-root do not treat '/' specially (the default)".
Rather like talk of taxing the internet because DARPA funded it's original development?
You think the government doesn't tax the Internet? It taxes every ISP, router operator, and website owner for all profits they make on their business. That's about as close as you can get to "taxing the Internet" even in principle.
Dunno about the U.S., but in Canada, while the police can't bust down your door just because they think you killed someone, they can certainly do so, and sieze all your assets and property, if they think you're guilty of tax evasion.
They can do so in either case, if and only if they have a warrant. At least in the US, the police can't confiscate anything or enter your home without a warrant, with only quite narrow situational exceptions. I doubt it's much different in Canada, although you probably don't have the exclusionary rule.
IOW, "You could not have developed this code if the taxpayer did not subsidize it, therefore the taxpayer owns it, not you, and you now have to pay a $50/year tax to use it. Obviously, since you did not own it, you could not copyright it, and the GPL is null and void, except where we say otherwise.
Copyright is a federal institution in the United States, and states cannot nullify, adjust, reinterpret, or ignore it. Copyright is held by the author of the work unless they created it in the course of their official duties for a regular employer, per USC 17. Therefore, New York couldn't do this.
If you need further convincing, we will just apply the doctrine of eminent domain to own it."
I've never heard of eminent domain being used with intellectual property. How would it work? They aren't actually causing you any loss, so can they just take it for free? Can they say that they get an exclusive license, or only that they get a plain old ordinary license? Can they force you to give support? Most importantly, would this run into federal supremacy problems? Congress created copyright, so it could impose whatever limitations it liked, but states might be on sketchy ground here.
Mozilla is an actual bona fide business allied with google among others, and as such I hope they sue the living snot out of that agency for making such a public claim. This sort of thing is no freakin joke. If they do, I would be interested to see what comes out in discovery with the actual human bureaucrats involved in setting this policy and posting that.
Do you really think it would be good if corporations started suing people who claimed their browsers were unsafe? If so, I can sure think of one browser vendor who has a heck of a lot of people to file complaints against.
It's not being run off someones desktop - the developer in question forgot to turn debug symbols off. Debug symbols in.NET include sourcecode filenames and line numbers on Windows.
I assume that the grandparent thought it was someone's desktop because of the "C:\Documents and Settings\qeuc34\My Documents\Visual Studio 2005\Projects\" path. It looks like a developer is keeping the project in their own documents and running it straight from the source code there.
That doesn't really make sense, Microsoft didn't make it less standards compliant and secure as it's life went on
No, it became less standards-compliant and less secure due to neglect. New standards were released and old standards were clarified, so it became less standards-compliant. New types of security vulnerabilities were uncovered and old ones became better understood, so it became less secure. Competing browsers evolved to stay in pace with the changing times, and IE6 did not. So by 2004 or whatever, it was a lot worse by comparison than when it came out.
Just because there was not much else around at the time does not mean it was a good product.
No, it really does. You cannot say "IE6 is a bad browser because it doesn't comply with CSS2" when no other browser complied with CSS2 either. At the time of its release, vendors had barely begun implementing CSS2, because it was such a new standard. Moreover, without implementation experience, CSS2 ended up being flawed in a number of ways, which is why we have CSS2.1 (and that's still not finished). You cannot blame Microsoft for not implementing standards instantly. You can only compare them to the competition at the same time, and as of August 2001, they compared pretty favorably in standards compliance (e.g., CSS support).
The same holds for security. IE6 has plenty of security vulnerabilities, but most could not have reasonably been foreseen. With eight years of hindsight, sure we can all see what a security disaster that, say, MIME type sniffing is. But can you really say that you would have foreseen that? User-uploaded files were rare in the late 1990s. Nobody had any reason to expect today's situation, where files might be completely untrusted to run as HTML even if they'd be trusted as GIFs or whatnot. The same goes for many other classes of vulnerabilities. The web was a much more trusting place eight or ten years ago.
IE6 is a terrible browser, and has been a terrible browser for some years. It was not a terrible browser in 2001. It's all very well to sneer from the peanut gallery, but the fact is that no one else did a better job than Microsoft at the time. If you think IE6 was such an incompetent release, why was everyone else even worse?
IE6 was bad because it was one of the least standards compliant browsers we've ever had to suffer in the mainstream and also one of the least secure.
It was not less standards compliant nor less secure than its competition at the time it was released. It grew into the monstrosity we know and hate due to neglect, not because it was poorly executed to begin with. It was good, but the competition got better while it stayed put.
Microsoft has indeed produced some shit through the years- the Zune, IE6
IE6 is not a good example. It was actually a top-notch browser in its time -- it's what finally killed Netscape. It's just that after Microsoft dominated the web browser market, it stopped adding useful features and got trounced by others.
Slashdot Mirror
Isn't a proof of the Riemann Hypothesis necessarily non-constructive? If so, a computer can't answer your question.
That doesn't follow at all. It merely indicates that the computer would have to provide a symbolic proof (if it's required to give a proof at all instead of just answering the question). Computers are entirely capable of handling symbolic proofs, they just aren't anywhere near as good at it (yet) as extensively-trained humans are.
Anyway, if the answer to the Riemann hypothesis is "no", providing a single counterexample would suffice to answer the question.
1) Create their own linux distro and mandate that the government use it. They have already said they want to do this and it was previously discussed on Slashdot.
2) Pass a law that says no new computer can be sold without a legitimate operating system on it (It doesn't matter if it's Windows, Russian Linux, OSX. It just must be a legal copy). More importantly, enforce the law. This should at least get most or all new computers pre-installed with the Russian OS just to comply with the law.
3) Refuse to let hardware vendors sell a product in Russia if it doesn't work out of the box or have a verified driver for Russian Linux on the installation CD. Linux generally has better hardware support than Windows these days so, this really isn't too onerous of a requirement on hardware vendors.
Isn't the whole point here, though, that the government in Russia is basically ineffectual and doesn't seem capable of policing its citizens? If there were onerous restrictions on buying new computers, people would just get those on the black market too.
3) Have separate permissions, but allow exceptions to make things easier. Ask only in certain situation, or only so often. Just let everything else go by. This is the Windows 7 method (and also several variants of Linux I've seen).
"Several"? Name me one distro in which /bin/ping isn't setuid root. On my Ubuntu desktop, find /usr /bin /sbin /lib -perm -4000 | wc -l returns "38". My RHEL server is only marginally lower, at 32. Every security system needs to have exceptions, and Unix has allowed them since the early 1970s.
On windows doing simple things (like changing the clock time) often required admin access.
I never got why everyone always complains about this. Every multiuser operating system I know of requires you to be admin to set the system time:
$ date 02071828
date: cannot set date: Operation not permitted
Using the Ubuntu GUI requires you to enter your password too. An unprivileged user with the right to set the system time arbitrarily could completely mess up the system, such as stopping critical system cron/at jobs from running or throwing log analyzers into a state of continuous bafflement. That's exactly what ordinary users are not supposed to be able to do.
Besides, how often do you need to set the time? Most people's timezone doesn't change too often, and the rest should be handled by NTP.
Copyright is a federal institution in the United States, and states cannot nullify, adjust, reinterpret, or ignore it. Copyright is held by the author of the work unless they created it in the course of their official duties for a regular employer, per USC 17. Therefore, New York couldn't do this.
Can you say, "We subsidized the work, so it was a 'Work For Hire'?" The state owns it.
No. The relevant law is 17 USC 101. The relevant definition is "a work prepared by an employee within the scope of his or her employment". Receiving a tax deduction from the government does not make you a government employee.
As for eminent domain, it's always possible that eminent domain could be invoked on any property that anyone holds. If it's possible to seize intellectual property by eminent domain, then I should think the government would be more interested in seizing proprietary software -- after all, that's what costs it money. It can do pretty much whatever it feels like with OSS already anyway, so it wouldn't be worth the inevitable legal battle.
In any event, the existence of a tax deduction for OSS hackers strikes me as irrelevant to the legality of seizing software by eminent domain. Although of course, IANAL.
Yes that's right it stops the keys being recorded.
I could record your encrypted traffic right now. In 20 years time when it may be feasible to decrypt that data i could take that recorded encrypted data and decrypt it.
So you need something right now that stops the data being recorded in the first place if you don't want that data possibly decoded in 20 years time.
I see your point. Of course, this is subject to the same problems as QKD generally: it only protects against eavesdroppers on channels where MITM already isn't possible for some reason. (Otherwise, I could agree on a key with Alice via QKD without letting her messages get to Bob, and agree on a totally different key with Bob posing as Alice.) I don't know of any practical example of a communications channel that's MITM-proof but not already eavesdropper-proof.
Sometimes I wonder whether it would make sense to optimize the disk usage for flash drives by writing transient files to ramdisk instead of hard disk. E.g. in compilation, intermediate files could well reside on ramdisk. If you rely on "make clean" a lot (e.g. when you are rebuilding "clean" .debs all the time), you won't have that much attachment to your object files.
Of course this may require more work than what it's really worth, but it's a thought.
Can't you just instruct your compiler to place temporary files in /tmp, and make that a tmpfs?
A warrant, or just cause. If they hear a woman inside a building screaming "OH GOD DON'T KILL ME TOO!" then they certainly don't have to go ask a judge for a warrant before entry.
Yes, that's what I meant when I said "with only quite narrow situational exceptions".
The demarcation of storage and RAM is a legacy constraint forced by hardware limitations. Ubiquitous 64-bit and SSD will blur and eventually totally eliminate this separation.
SSD is still orders of magnitude slower than RAM. The only way the distinction is going to go away is if someone comes up with persistent storage that's as fast as RAM but as cheap (per gigabyte) as disk. There's no reason to think such storage exists even in principle, unless you're living in a future where everything is made for free by solar-powered nanorobotic universal assemblers or something (and therefore don't have to worry about price).
Fast, cheap, persistent: pick any two.
Wow, now all we need is to connect the GPU to the FSB/QPI, make it support pagetables, interrupts, DMA, CPU-style L1/2/3 coherent cache, memory controller with synchronous fencing, legacy and long modes for pointers and instructions, etc.... and then we'll have something that can possibly emulate an x86 CPU at only 99.9% performance penalty!!
Or, you know, not.
Okay, the fact that this is modded Funny instead of Informative is pretty pathetic.
Will always be vulnerable to a gun to your head and the question "What does it say?"
How many enemies of Australia would be willing to try and intercept their digital communications? How many would be willing to try and kidnap members of their military intelligence corps to interrogate them? The answers at the present time are approximately "all of them" and "none of them", respectively.
Intercepting data is a "Whoops, haha, guess someone must have been overenthusiastic, sorry, won't let you find out^H^H^H^H^H^H^H^H^H^H^H^Hit happen again" kind of thing. Capturing an Australian soldier or other person with security clearance for the purpose of interrogation is an act of war.
Yes. Think secret plans that can't get out, even in 20 years time.
Can you guarantee quantum computers won't be around in 20 years time?
Not relevant. QKD is a key distribution system only. It has no implications for secure data storage. QKD is normally used (in theory) to transmit one-time pads, which are discarded immediately after the actual communication is received.
Storing something encrypted with a one-time pad is possible, of course. That would be equivalent to storing two copies (or n copies, with multiple pads) in such a way that you need to have both to get any information about the content other than an upper bound on its length. But QKD doesn't help you do that.
Assuming the sender and receiver have another channel which is secure against man in the middle attacks (though not necessarily secure against eavesdroppers)
Such as? This always seemed like the fatal flaw of QKD to me: you need to have a channel secure against MITM for it to be worth anything. Otherwise an attacker could just get Alice's key, make up a totally different key to transmit to Bob, and translate all further communications using the two keys.
So what MITM-proof channel do you use? The only plausible one I can think of is an ordinary communications channel encrypted with RSA or something. Except, oops, now you're just as vulnerable as you were before.
Under what practical circumstances will QKD produce any real increase in security, even a tiny one?
Pussy. Real men telnet to port 80.
Using butterflies.
shouldn't v1 be in the current section, and the latest nightly be in upcoming?
They didn't use the latest nightly for any other browser, so that would hardly be fair.
IE != Gecko. Gecko is used to render help files and other system-wide things that need an HTML rendering engine (same think as WebKit on OSX), but that does not mean that the IE application needs to be present to do so.
Did you mean "Trident" instead of "Gecko"?
This is not Debian-specific. Just RTFM of rm(1) from GNU Coreutils and you'll see the option --preserve-root is enabled by default. To override it use --no-preserve-root. Mine's coreutils-6.12 here.
Of course you can see this as another disadvantage of GNU.
The default appears to be version- or distro-specific. On RHEL5 (coreutils 5.97), the man page says "--no-preserve-root do not treat '/' specially (the default)".
Rather like talk of taxing the internet because DARPA funded it's original development?
You think the government doesn't tax the Internet? It taxes every ISP, router operator, and website owner for all profits they make on their business. That's about as close as you can get to "taxing the Internet" even in principle.
Dunno about the U.S., but in Canada, while the police can't bust down your door just because they think you killed someone, they can certainly do so, and sieze all your assets and property, if they think you're guilty of tax evasion.
They can do so in either case, if and only if they have a warrant. At least in the US, the police can't confiscate anything or enter your home without a warrant, with only quite narrow situational exceptions. I doubt it's much different in Canada, although you probably don't have the exclusionary rule.
IOW, "You could not have developed this code if the taxpayer did not subsidize it, therefore the taxpayer owns it, not you, and you now have to pay a $50/year tax to use it. Obviously, since you did not own it, you could not copyright it, and the GPL is null and void, except where we say otherwise.
Copyright is a federal institution in the United States, and states cannot nullify, adjust, reinterpret, or ignore it. Copyright is held by the author of the work unless they created it in the course of their official duties for a regular employer, per USC 17. Therefore, New York couldn't do this.
If you need further convincing, we will just apply the doctrine of eminent domain to own it."
I've never heard of eminent domain being used with intellectual property. How would it work? They aren't actually causing you any loss, so can they just take it for free? Can they say that they get an exclusive license, or only that they get a plain old ordinary license? Can they force you to give support? Most importantly, would this run into federal supremacy problems? Congress created copyright, so it could impose whatever limitations it liked, but states might be on sketchy ground here.
Mozilla is an actual bona fide business allied with google among others, and as such I hope they sue the living snot out of that agency for making such a public claim. This sort of thing is no freakin joke. If they do, I would be interested to see what comes out in discovery with the actual human bureaucrats involved in setting this policy and posting that.
Do you really think it would be good if corporations started suing people who claimed their browsers were unsafe? If so, I can sure think of one browser vendor who has a heck of a lot of people to file complaints against.
Besides, it's probably protected free speech.
It's not being run off someones desktop - the developer in question forgot to turn debug symbols off. Debug symbols in .NET include sourcecode filenames and line numbers on Windows.
I assume that the grandparent thought it was someone's desktop because of the "C:\Documents and Settings\qeuc34\My Documents\Visual Studio 2005\Projects\" path. It looks like a developer is keeping the project in their own documents and running it straight from the source code there.
That doesn't really make sense, Microsoft didn't make it less standards compliant and secure as it's life went on
No, it became less standards-compliant and less secure due to neglect. New standards were released and old standards were clarified, so it became less standards-compliant. New types of security vulnerabilities were uncovered and old ones became better understood, so it became less secure. Competing browsers evolved to stay in pace with the changing times, and IE6 did not. So by 2004 or whatever, it was a lot worse by comparison than when it came out.
Just because there was not much else around at the time does not mean it was a good product.
No, it really does. You cannot say "IE6 is a bad browser because it doesn't comply with CSS2" when no other browser complied with CSS2 either. At the time of its release, vendors had barely begun implementing CSS2, because it was such a new standard. Moreover, without implementation experience, CSS2 ended up being flawed in a number of ways, which is why we have CSS2.1 (and that's still not finished). You cannot blame Microsoft for not implementing standards instantly. You can only compare them to the competition at the same time, and as of August 2001, they compared pretty favorably in standards compliance (e.g., CSS support).
The same holds for security. IE6 has plenty of security vulnerabilities, but most could not have reasonably been foreseen. With eight years of hindsight, sure we can all see what a security disaster that, say, MIME type sniffing is. But can you really say that you would have foreseen that? User-uploaded files were rare in the late 1990s. Nobody had any reason to expect today's situation, where files might be completely untrusted to run as HTML even if they'd be trusted as GIFs or whatnot. The same goes for many other classes of vulnerabilities. The web was a much more trusting place eight or ten years ago.
IE6 is a terrible browser, and has been a terrible browser for some years. It was not a terrible browser in 2001. It's all very well to sneer from the peanut gallery, but the fact is that no one else did a better job than Microsoft at the time. If you think IE6 was such an incompetent release, why was everyone else even worse?
IE6 was bad because it was one of the least standards compliant browsers we've ever had to suffer in the mainstream and also one of the least secure.
It was not less standards compliant nor less secure than its competition at the time it was released. It grew into the monstrosity we know and hate due to neglect, not because it was poorly executed to begin with. It was good, but the competition got better while it stayed put.
Microsoft has indeed produced some shit through the years- the Zune, IE6
IE6 is not a good example. It was actually a top-notch browser in its time -- it's what finally killed Netscape. It's just that after Microsoft dominated the web browser market, it stopped adding useful features and got trounced by others.