The memo was justified in the interest of fairness and clarity, I and I get the intent, but on the face of it is absurd. The focus should be on the quality of the research, not the reputation of the journal. It's as if someone denigrated Lolita as a work of literature because the publisher was of poor reputation.
I'm not sure you really got the intent. The reason why science has these flaws is because of senior faculty, and they enforce these ridiculous norms to keep their own reputation. If junior faculty move away from traditional journals and methods of publishing, then senior faculty will lose prestige and their ability to direct the flow of grant money.
Thread is a little old, but that's an interesting idea. Adding random noise is usually not the best idea, because it is usually distinguishable from patterns in timing. Think of adding white noise to a conversation - random noise is there but you can still pick out the voices.
The general idea behind these flaws is that one process can flush the cache that another process is using, and testing whether the flushed area is free. By measuring the amount of time these flush/reload operations take, one can determine most or all of the bits of the secret signing exponent or private key when it's being used in the square-and-multiply algorithm, for example.
The attacker needs to be on the same machine. However, the main point is that any attacker program doesn't need elevated priveleges to carry out the timing attack since the attacking process will have access to the same cache that a sensitive program is using. Therefore, any seemingly legitimate program that is currently running could have this attack embedded inside it.
An attack on GnuPG can be mitigated by modifying the square and multiply algorithm, for example, so that it always multiplies. However, cryptographic attacks aren't the only problem - potentially, timing attacks can be carried out on all kinds of software as they slowly leak data.
Placing paper and plastic in a bin is only one way to do it, and as the article shows, it's not very effective a lot of the time. If you care about the environment, there are more effective ways: buy used electronics like phones, instead of new. Buy recycled stuff, reusable bags. Don't put the vegetables at the grocery store in a little plastic bag. Then go out and enjoy the outdoors, which is the very thing that is being threatened by our unsustainable consumption.
Don't give up just because our efforts don't always work.
There are so many lifeforms in the ocean that people rarely see, so if this sinking data center idea takes off, the massive number of sunk data centers could affect these lifeforms and no one will watch out for them.
Yes, it might reduce the CO2 and barely warm up the sea, but there are other aspects to balancing this equation than just this.
This is not just a problem with Nature. It's a sickness with every for-profit journal. Many examples show that with a bit of technology, it's cheap and easy to cut out the publisher. They pretty much do nothing but host content. Editors, reviewers, and writers are all academics that pretty much get nothing and the publishers pull in exorbitant fees.
The prestige isn't really about Nature, either. It's more connected to senior researchers in the field who have most of the power in academia to make career advancement decisions. Unfortunately, a lot of them like the idea of a journal like Nature, and so the cycle continues.
The good part will come when someone starts selling flawed lab-grown diamonds that look more like natural diamonds. Thank goodness too. The obsession for a diamond as an engagement ring is ridiculous.
Quantum computers have the potential to break some types of public key encryption like discrete log (Elgamal) and RSA because of Shor's algorithm, assuming that a large enough quantum computer can even be built.
However, there are public-key systems like lattice problem and code-based cryptography that quantum computing researchers have made virtually NO progress on in the decades since Shor published his algorithm. Various systems have a few problems, like large plaintext to ciphertext message expansion, but otherwise are pretty damn good. And, because PK crypto is used mainly to exchange keys for symmetric ciphers like AES, that problem isn't even that important.
The main threat quantum computers pose would be the possibility of decrypting stuff that was encrypted AND intercepted today using RSA/Elgamal to exchange AES keys, assuming that an attacker has a bunch of sufficient intercepted traffic sitting around somewhere. Which, I admit is a little scary.
Okay, this isn't very practical in many cases. However, I have recently converted one person on Gmail to use GnuPG with Thunderbird, and it works!
It helps if the person is already using thunderbird, and YOU set it up for them. With the Enigmail extension, the encryption will be done automatically by recipient.
The hardest part is the passphrase - lots of people don't want to remember long passphrases. However, you can get their computer to remember it forever. Not the safest, but it WILL prevent Gmail from reading the mails sent to and from the person you convert.
That is why (if you care) you can use one of those programs to make very nicely typeset text. LaTeX is one such program that is free and will handle virtually all cases in many languages.
Every second job involving a little math is basically data analysis right now. If you already some data to play with, you can get hands-on experience as well.
Although I agree adhering to their internal policies is a good thing, I fear that these stories only serve to detract from the data abuse that Facebook performs as part of their business model.
It's true that people sign up and willingly use this service. But, if you interact with those not so familiar with technology, you'll realize that they are being taken advantage of in ways that could not be anticipated by those crafting older privacy laws.
Besides education on this issue, many countries should take a serious look at the EU's data privacy laws approach and consider applying it in their own country.
The truth is, sci-fi is about exploring ideas just as much as it is about human relationships. For whatever reason, most people just don't have that much interest in new ideas and speculation about different possibilities.
In fact, for me, it was the shift key. It went totally dead, and then came to life a couple weeks later. Quite annoying if you want to type anything with proper capitalization.
If you can move the taskbar/start menu to the right side in a widescreen laptop like on XFCE, it's great. That being said for creating content like programs or a LaTeX document, it's actually better to have a longer screen so you can have two windows (code/results) side by side.
Might be true for some disciplines, but not for disciplines like math. You can get a really good undergraduate and graduate degree in math at places like Harvard and Princeton, where the course level will be much higher in standard than other institutions. For example, you can do a course in commutative algebra there whereas a good but not "top" school won't have this course.
This is especially helpful for research areas that require a lot of background. If you can take the heavy course load/tons of problems, then going to a place like Princeton over a good but not great school can make a difference.
People with a six-figure salary complaining about silicon valley living costs would have an easier time of it if they didn't have children.
This kind of phenomenon is only the beginning. The cost of having children is going up, and it will continue to do so until the population reaches an equilibrium. It has to happen sometime.
Full stack is not that tough to get into, and pretty fun if you're into designing. You can get pretty good practice by using a simple Python webserver like CherryPy and SQLite as a backend, which obviates the need for installing a full LAMP stack.
The most tricky part IMO is keeping up with all the Javascript libraries out there. However, if you learn jQuery and maybe a data display library like D3 or a higher level charting library you can do pretty cool stuff with fairly minimal code.
Slashdot Mirror
I'm not sure you really got the intent. The reason why science has these flaws is because of senior faculty, and they enforce these ridiculous norms to keep their own reputation. If junior faculty move away from traditional journals and methods of publishing, then senior faculty will lose prestige and their ability to direct the flow of grant money.
Thread is a little old, but that's an interesting idea. Adding random noise is usually not the best idea, because it is usually distinguishable from patterns in timing. Think of adding white noise to a conversation - random noise is there but you can still pick out the voices.
The general idea behind these flaws is that one process can flush the cache that another process is using, and testing whether the flushed area is free. By measuring the amount of time these flush/reload operations take, one can determine most or all of the bits of the secret signing exponent or private key when it's being used in the square-and-multiply algorithm, for example.
The attacker needs to be on the same machine. However, the main point is that any attacker program doesn't need elevated priveleges to carry out the timing attack since the attacking process will have access to the same cache that a sensitive program is using. Therefore, any seemingly legitimate program that is currently running could have this attack embedded inside it.
An attack on GnuPG can be mitigated by modifying the square and multiply algorithm, for example, so that it always multiplies. However, cryptographic attacks aren't the only problem - potentially, timing attacks can be carried out on all kinds of software as they slowly leak data.
Placing paper and plastic in a bin is only one way to do it, and as the article shows, it's not very effective a lot of the time. If you care about the environment, there are more effective ways: buy used electronics like phones, instead of new. Buy recycled stuff, reusable bags. Don't put the vegetables at the grocery store in a little plastic bag. Then go out and enjoy the outdoors, which is the very thing that is being threatened by our unsustainable consumption.
Don't give up just because our efforts don't always work.
There are so many lifeforms in the ocean that people rarely see, so if this sinking data center idea takes off, the massive number of sunk data centers could affect these lifeforms and no one will watch out for them.
Yes, it might reduce the CO2 and barely warm up the sea, but there are other aspects to balancing this equation than just this.
Because pilots have way more rigorous training than drivers who can't be bothered to read the manual?
...since the videos are max 30s long.
It is, but the problem is there are enough people that respond to the ads to keep this kind of annoyance around.
Researcher here.
This is not just a problem with Nature. It's a sickness with every for-profit journal. Many examples show that with a bit of technology, it's cheap and easy to cut out the publisher. They pretty much do nothing but host content. Editors, reviewers, and writers are all academics that pretty much get nothing and the publishers pull in exorbitant fees.
The prestige isn't really about Nature, either. It's more connected to senior researchers in the field who have most of the power in academia to make career advancement decisions. Unfortunately, a lot of them like the idea of a journal like Nature, and so the cycle continues.
The good part will come when someone starts selling flawed lab-grown diamonds that look more like natural diamonds. Thank goodness too. The obsession for a diamond as an engagement ring is ridiculous.
Quantum computers have the potential to break some types of public key encryption like discrete log (Elgamal) and RSA because of Shor's algorithm, assuming that a large enough quantum computer can even be built.
However, there are public-key systems like lattice problem and code-based cryptography that quantum computing researchers have made virtually NO progress on in the decades since Shor published his algorithm. Various systems have a few problems, like large plaintext to ciphertext message expansion, but otherwise are pretty damn good. And, because PK crypto is used mainly to exchange keys for symmetric ciphers like AES, that problem isn't even that important.
The main threat quantum computers pose would be the possibility of decrypting stuff that was encrypted AND intercepted today using RSA/Elgamal to exchange AES keys, assuming that an attacker has a bunch of sufficient intercepted traffic sitting around somewhere. Which, I admit is a little scary.
Okay, this isn't very practical in many cases. However, I have recently converted one person on Gmail to use GnuPG with Thunderbird, and it works!
It helps if the person is already using thunderbird, and YOU set it up for them. With the Enigmail extension, the encryption will be done automatically by recipient.
The hardest part is the passphrase - lots of people don't want to remember long passphrases. However, you can get their computer to remember it forever. Not the safest, but it WILL prevent Gmail from reading the mails sent to and from the person you convert.
That is why (if you care) you can use one of those programs to make very nicely typeset text. LaTeX is one such program that is free and will handle virtually all cases in many languages.
...and 40 years of users clicking on spam. When will they learn?
Actually, Zuckerberg gave this employee extra vacation time and a promotion.
Every second job involving a little math is basically data analysis right now. If you already some data to play with, you can get hands-on experience as well.
Although I agree adhering to their internal policies is a good thing, I fear that these stories only serve to detract from the data abuse that Facebook performs as part of their business model.
It's true that people sign up and willingly use this service. But, if you interact with those not so familiar with technology, you'll realize that they are being taken advantage of in ways that could not be anticipated by those crafting older privacy laws.
Besides education on this issue, many countries should take a serious look at the EU's data privacy laws approach and consider applying it in their own country.
The truth is, sci-fi is about exploring ideas just as much as it is about human relationships. For whatever reason, most people just don't have that much interest in new ideas and speculation about different possibilities.
In fact, for me, it was the shift key. It went totally dead, and then came to life a couple weeks later. Quite annoying if you want to type anything with proper capitalization.
Perhaps you meant 'being easily farmable'. Because that's definitely not true for many ocean fish that are being caught to extinction.
If you can move the taskbar/start menu to the right side in a widescreen laptop like on XFCE, it's great. That being said for creating content like programs or a LaTeX document, it's actually better to have a longer screen so you can have two windows (code/results) side by side.
>but here's the real issue, do the vast majority of people even want this problem fixed?
No, but then the majority of drug addicts probably wouldn't choose to avoid their next hit either.
Might be true for some disciplines, but not for disciplines like math. You can get a really good undergraduate and graduate degree in math at places like Harvard and Princeton, where the course level will be much higher in standard than other institutions. For example, you can do a course in commutative algebra there whereas a good but not "top" school won't have this course.
This is especially helpful for research areas that require a lot of background. If you can take the heavy course load/tons of problems, then going to a place like Princeton over a good but not great school can make a difference.
People with a six-figure salary complaining about silicon valley living costs would have an easier time of it if they didn't have children.
This kind of phenomenon is only the beginning. The cost of having children is going up, and it will continue to do so until the population reaches an equilibrium. It has to happen sometime.
That's not really a bad thing, though.
Full stack is not that tough to get into, and pretty fun if you're into designing. You can get pretty good practice by using a simple Python webserver like CherryPy and SQLite as a backend, which obviates the need for installing a full LAMP stack.
The most tricky part IMO is keeping up with all the Javascript libraries out there. However, if you learn jQuery and maybe a data display library like D3 or a higher level charting library you can do pretty cool stuff with fairly minimal code.