I submitted this a few hours ago and got rejected, but anyway... One question I raised in my submission (just about where the HERBAL VIAGRA joke is in this one), and one that I still think is worth answering is this:
The L.A. Times piece cites the CIA as saying that the People's Liberation Amry is conducting "research into offensive-minded cyber-tools" with the intent to cause damage to U.S. and Tawainese systems.
A technical contact at the Chinese Embassy in Washington counters that the research conducted by the Chinese government is purely defensive in nature.
There is no difference between offensive and defensive research except the intent, right? I mean, you could write a virus strictly for a deeper understanding of viral algorithms and how to protect against them. You could study more secure firewalls in order to circumvent them.
In short, the CIA can't prove that the research is offensive in nature unless they have intercepted Chinese plans to utilize the research in an offensive way. Similarly, it would be even harder for the Chinese to prove that it is defensive.
Therefore the news content in this article is essentially this: the CIA noticed that Chinese government studies network security.
According to the article, 23 eggs were screened for the disease. Of those, 15 were fertilized. Of 15 resulting embryos, 4 were transferred to the uterus. Of the 4, 1 was term.
That is 14 discarded embryos for 1 term pregnancy for a mother who will have Alzheimers by the time her kid is in middle school.
I got a resume spammed to my work address this morning from a guy named Thibault.
At first I thought that it would be a virus, but it was clean according to Norton.
Then I thought it was a scam, mostly because of the wording of this paragraph in the email:
So confident am I that I could be of benefit to any potential employer, I am willing to give them a complimentary demonstration of my abilities, with no commitment needed on their part.
(emphasis added)
Then I read this Slashdot story, and so I guess it is just some desperate guy.
The pathetic thing is, I would have read the resume if it wasn't a Word document.
I realized the other night as I was playing Nethack 3.3.1 on Windows that I have been playing the same game (on and off) for almost ten years, never winning, never getting bored.
I don't play many games but once every year or two I'll play a strategy game that will keep me glued, bleary eyed, eating only junk food, drinking only soda, for a few days. And I'll emerge from my cave, delete the game, vow to never waste that much consecutive time again, and move on, thinking that I'm an adult now.
That is classic addict behavior, which is why it feels so good.
Technically, effort required to "brute force" the key is just proportional to the keyspace, isn't it? If you're talking about a weakness of the cypher then you're no longer doing a brute force attack.
Key-space and search-space aren't necessarily the same thing, although they are close in a good cipher. So, to make my original statement more clear:
The strength of the cipher is proportional to the search-space.
As far as whether a random search of, say, half the key-space (because of a known symmetry in the algorithm which precluded half of the keys from being generated) would still be considered brutish or not, I don't know. I'd have to brood longer.
Er, The solve time is expondential in the length of the key so moores law won't help you very much. You can happily double your computational power every 18 months but still run out of time before the end of the universe.
Doubling every so often is also an exponential gain. You must always increase the key size as the faster processors approach feasability of forcing the key.
Your better bet is to work out how to solve NP hard problems...
The security of AES is currently being hailed as the fact it has a key field 10 to the 21 times larger than 56bit DES. Great. Only an idiot would try to brute force it though, so the number of keys is somewhat arbitrary.
Key length is, of course, vitally important. Understand the Rijndael spec. before you continue your speculation. Also, many "idiots" try to brute force it. Effort required to force a key is proportional to the cipher's weakness.
Less generally, by employing lack of symmetry and a non-linear layer in the cipher, AES pretty much gurantees that you'll simply be searching the key-space at random. If you can come up with a way to do better than a brute force, you should quit your current job.
The 2^255 Rijandel iterations required to force a 32 byte key is certainly sufficiently secure by todays standards, but historically consistent increases in computing power coupled with increased distributed processing ability due to networked computer proliferation means that keys will have to keep growing to stay resonably secure.
And no, i won't be putting ethernet on my Gibson. Experience and simple physics dictates that the cord itself from the high-impedance guitar electronics to the amplifier input also colors the tone, and i'm not going to give up that coloration. Digitizing at 16bit/44.1khz "CD quality" commits absolute horrors on the subtleties of good tone (this can be mostly defeated with sufficient bandwidth, ie 24bit/96khz, but the Philips/Sony "Perfect Sound Forever" format is a crime against music).
The spec claims 32 channels of high fidelity (32 bit, up to 192 kHz) audio. So, that should be "sufficient".
If you want the coloration of your audio chord, then don't use this.
And of course, you can plug this into a DAC and then into an amp if you want the tubes to massage the signal.
This is just a clean way to transmit digital audio around a stage or studio. That's good, not bad.
MaGIC shares a common physical layer with Ethernet. It is UDP compatible and is
similar to UDP in that it has no handshaking protocol or retransmission ability.
Each individual link occupies the entire bandwidth of a discrete 100baseT link in full
duplex mode. This is necessary to provide the bandwidth needed for live synchronous
audio.
Therefore, MaGIC may only be said to be compatible with Ethernet at its lowest physical
layer of abstraction.
So, that explains MaGIC's relationship to ethernet. And as to why "people keep reinventing the wheel", they do that when they need a wheel to do something novel, as in this case.
Maybe they could have used exactly RS-232. No, wait, what they did is better.
Not even close. I'm sure it can't generate shorter tones than the inverse of the refresh rate of your monitor. It needs 4Khz for telephone quality voice.
You could certainly get closer to reproducing sampled sound than the song format used by the program. The frequency cap (highest note) is 3.52Khz, but this is based on the highest note that he'll parse, not on the limitations of the program or monitor. I have no idea whether you could tweak the code to provide for volume control, which would give you more than two bits of information per sample, but it doesn't seem wild to believe you could.
Still, with no way to get sub-sub-refresh resolution playback, the most you can hope for is a chord.
Kent does not like software patents, but he does like copyrights and is a strong advocate of free market capitalism. Unlike a many people, Kent is quite ambivalent about the idea of both the "free software movement" and the "open source movement".... It dismays him that there's such a bandwagon of people who think thse are the automatically right answers in all contexts. It's a kind of religious dogmatism he finds very distasteful....
Where does Kent think that this "dogmatism" comes from? If he thinks the current open source zeitgeist is an oversimplification of a complex issue, what is his more nuanced view? How does he square the simultaneous holding of libertarian social values with communistic licensing ideologies by many in the open source and free software "bandwagon", in light of his characterization of the movements as simple minded.
Although I personally agree with Kent's observation that these movements have taken on a import in discussion that is more perceived than real, I do think the tone of his page is more than a little condescending and would like to hear why it is a more "complicated opinion" to think that open source isn't automatically the "right answer", than to think, for example, that it is?
Well, first off, cut out the full duplex operation...
It does seem intuitive to use one unit's bandwidth (112 Kbs, or 128Kbs depending apparently on the ISDN line; see the datasheet) for only the video stream, and another satellite phone line for full-duplex audio only. I wonder if this is being done? Is there a Slashdotter at a news network (or) who knows?
Also, could analog video filters be used pre-compression to make the stream more compression friendly? Especially when they are using the night-vision. There is so much random grain in each frame that I'm sure H.263 (meant for stiller sources) wastes most of the bandwidth on noise.
Could we easily loose the color depth for more frames per second? Again, especially for the night-vision shots which are intensity only anyway. My guess is no, because the unit doesn't look very configurable.
Which brings up the fact that while the per unit cost ($7,500 for field unit) isn't too bad, especially for media outlets, it certainly seems to be largely a compression application that a properly peripheraled laptop could undertake, and be more ready to accepts better (or environment-specialized) codecs.
Providence area stations are showing video of a young arabic man being led off a stopped train (from Boston) in Providence. The man is in handcuffs. They report that possibly a second man (not caught on video) was also taken into custody.
Not everyone can afford dedicated hardware for each OS.
That's true, but I'm not sure it is a common enough situation to drive vendors to support dual boot machines.
If there is any sort of business need, the cost of downtime from rebooting certainly reaches the cost of a new machine quickly enough to justify the extra machine.
And I'm not convinced that there are enough home users that need multiple operating systems, though not at the same time, and can't afford a second computer, and need a vendor to install a bootloader for them. Not enough, at least, to think that there is a real market niche that hasn't been responded to.
In short, why would vendors take the time to help a few people avoid buying more hardware?
Giving a child "freedom" to harm themselves isn't enlightened behaviour, but is itself childish.
Becoming a responsible person means that you actively influence others in a positive direction; those you are responsible for.
Shirking that responsibility doesn't mean that they weren't influenced, it just means that something else influenced them.
It is all about time. There is only so much time in the day. What you choose (or what is chosen) to become part of your day influences you in time. If you spend enough time practicing piano, you eventually become excellent. If you spend enough time reading great books, you eventually become well read. Most of us spent a great deal of our youth to attain some degree of fluency with programming or system administration. To allow pornography to be part of a child's day is depriving them of the good things that would instead nurture and form their minds.
If you think that web-pornography is an essential part of an 11 year old's daily information intake, then state that plainly. It is at least a tangible position, however equivalent it is to allowing anything they can get their hands on to be "fair game" for injesting.
If an 11 year old mind already has a subtle enough pallete to distinguish worthy and unworthy ideas, images and friends, then they should be responsible for the formation of some/.'ers who can't claim the same.
Most need their parents, and (unfortunately) most parents subscribe to some degree of hands-off-ology, as if someone else won't gladly chime in the minute you fall silent.
To the people who claim that you will stifle your child or come across as overbearing by being so active a parent, that depends on what you give and show to them. Good things don't stifle, they enrich. I whole heartedly agree that space-fillers meant to replace more lurid (and usually more interesting) information will drive a kid crazy. This includes Christian "Rock", most Disney movies, etc. Adolescents generally will not be harmed by violent images (not gore, though), sexual images (not porn, though), rough language (not gratuitous, though).
In short, art and not shit. Those that can't tell the difference have already demonstrated that they lack qualifications to be responsible for another's (inevitable) formation.
> I hate to say it, but the microsoft backed Teledesic system is a much better system (many satellites in low earth orbit- kinda
> like a cellular system) the satellites are closer and cover smaller areas, so the amount of bandwidth/satellite is much smaller.
Teledesic says in their FAQ that "Mr. Gates's investment is a personal one not associated with Microsoft."
Slashdot Mirror
I submitted this a few hours ago and got rejected, but anyway... One question I raised in my submission (just about where the HERBAL VIAGRA joke is in this one), and one that I still think is worth answering is this:
The L.A. Times piece cites the CIA as saying that the People's Liberation Amry is conducting "research into offensive-minded cyber-tools" with the intent to cause damage to U.S. and Tawainese systems.
A technical contact at the Chinese Embassy in Washington counters that the research conducted by the Chinese government is purely defensive in nature.
There is no difference between offensive and defensive research except the intent, right? I mean, you could write a virus strictly for a deeper understanding of viral algorithms and how to protect against them. You could study more secure firewalls in order to circumvent them.
In short, the CIA can't prove that the research is offensive in nature unless they have intercepted Chinese plans to utilize the research in an offensive way. Similarly, it would be even harder for the Chinese to prove that it is defensive.
Therefore the news content in this article is essentially this: the CIA noticed that Chinese government studies network security.
The site says R for extended violoence.
Nice.
One of my husband's relatives got a letter like that from Verisign. He was previously with NetSol...
Network Solutions is VeriSign.
According to the article, 23 eggs were screened for the disease. Of those, 15 were fertilized. Of 15 resulting embryos, 4 were transferred to the uterus. Of the 4, 1 was term.
That is 14 discarded embryos for 1 term pregnancy for a mother who will have Alzheimers by the time her kid is in middle school.
What a wonderful story. Really warms the heart.
I got a resume spammed to my work address this morning from a guy named Thibault.
At first I thought that it would be a virus, but it was clean according to Norton.
Then I thought it was a scam, mostly because of the wording of this paragraph in the email:
So confident am I that I could be of benefit to any potential employer, I am willing to give them a complimentary demonstration of my abilities, with no commitment needed on their part.
(emphasis added)
Then I read this Slashdot story, and so I guess it is just some desperate guy.
The pathetic thing is, I would have read the resume if it wasn't a Word document.
Advertising with the post office isn't new. Ever change your address? This is hardly noteworthy.
The postal worker in the article says that FedEx and UPS are doing the same thing. Why should the USPS not take a check to provide ad space?
It'll help keep stamps cheap.
I realized the other night as I was playing Nethack 3.3.1 on Windows that I have been playing the same game (on and off) for almost ten years, never winning, never getting bored.
I don't play many games but once every year or two I'll play a strategy game that will keep me glued, bleary eyed, eating only junk food, drinking only soda, for a few days. And I'll emerge from my cave, delete the game, vow to never waste that much consecutive time again, and move on, thinking that I'm an adult now.
That is classic addict behavior, which is why it feels so good.
Technically, effort required to "brute force" the key is just proportional to the keyspace, isn't it? If you're talking about a weakness of the cypher then you're no longer doing a brute force attack.
Key-space and search-space aren't necessarily the same thing, although they are close in a good cipher. So, to make my original statement more clear:
The strength of the cipher is proportional to the search-space.
As far as whether a random search of, say, half the key-space (because of a known symmetry in the algorithm which precluded half of the keys from being generated) would still be considered brutish or not, I don't know. I'd have to brood longer.
Er, The solve time is expondential in the length of the key so moores law won't help you very much. You can happily double your computational power every 18 months but still run out of time before the end of the universe.
...
Doubling every so often is also an exponential gain. You must always increase the key size as the faster processors approach feasability of forcing the key.
Your better bet is to work out how to solve NP hard problems
I have some time later today.
The security of AES is currently being hailed as the fact it has a key field 10 to the 21 times larger than 56bit DES. Great. Only an idiot would try to brute force it though, so the number of keys is somewhat arbitrary.
Key length is, of course, vitally important. Understand the Rijndael spec. before you continue your speculation. Also, many "idiots" try to brute force it. Effort required to force a key is proportional to the cipher's weakness.
Less generally, by employing lack of symmetry and a non-linear layer in the cipher, AES pretty much gurantees that you'll simply be searching the key-space at random. If you can come up with a way to do better than a brute force, you should quit your current job.
The 2^255 Rijandel iterations required to force a 32 byte key is certainly sufficiently secure by todays standards, but historically consistent increases in computing power coupled with increased distributed processing ability due to networked computer proliferation means that keys will have to keep growing to stay resonably secure.
And no, i won't be putting ethernet on my Gibson. Experience and simple physics dictates that the cord itself from the high-impedance guitar electronics to the amplifier input also colors the tone, and i'm not going to give up that coloration. Digitizing at 16bit/44.1khz "CD quality" commits absolute horrors on the subtleties of good tone (this can be mostly defeated with sufficient bandwidth, ie 24bit/96khz, but the Philips/Sony "Perfect Sound Forever" format is a crime against music).
The spec claims 32 channels of high fidelity (32 bit, up to 192 kHz) audio. So, that should be "sufficient".
If you want the coloration of your audio chord, then don't use this.
And of course, you can plug this into a DAC and then into an amp if you want the tubes to massage the signal.
This is just a clean way to transmit digital audio around a stage or studio. That's good, not bad.
From the MaGIC spec:
4.1 IEEE 802.3 Compatibility
MaGIC shares a common physical layer with Ethernet. It is UDP compatible and is
similar to UDP in that it has no handshaking protocol or retransmission ability.
Each individual link occupies the entire bandwidth of a discrete 100baseT link in full
duplex mode. This is necessary to provide the bandwidth needed for live synchronous
audio.
Therefore, MaGIC may only be said to be compatible with Ethernet at its lowest physical
layer of abstraction.
So, that explains MaGIC's relationship to ethernet. And as to why "people keep reinventing the wheel", they do that when they need a wheel to do something novel, as in this case.
Maybe they could have used exactly RS-232. No, wait, what they did is better.
Not even close. I'm sure it can't generate shorter tones than the inverse of the refresh rate of your monitor. It needs 4Khz for telephone quality voice.
You could certainly get closer to reproducing sampled sound than the song format used by the program. The frequency cap (highest note) is 3.52Khz, but this is based on the highest note that he'll parse, not on the limitations of the program or monitor. I have no idea whether you could tweak the code to provide for volume control, which would give you more than two bits of information per sample, but it doesn't seem wild to believe you could.
Still, with no way to get sub-sub-refresh resolution playback, the most you can hope for is a chord.
From hypermeta.com:
... It dismays him that there's such a bandwagon of people who think thse are the automatically right answers in all contexts. It's a kind of religious dogmatism he finds very distasteful. ...
Kent does not like software patents, but he does like copyrights and is a strong advocate of free market capitalism. Unlike a many people, Kent is quite ambivalent about the idea of both the "free software movement" and the "open source movement".
Where does Kent think that this "dogmatism" comes from? If he thinks the current open source zeitgeist is an oversimplification of a complex issue, what is his more nuanced view? How does he square the simultaneous holding of libertarian social values with communistic licensing ideologies by many in the open source and free software "bandwagon", in light of his characterization of the movements as simple minded.
Although I personally agree with Kent's observation that these movements have taken on a import in discussion that is more perceived than real, I do think the tone of his page is more than a little condescending and would like to hear why it is a more "complicated opinion" to think that open source isn't automatically the "right answer", than to think, for example, that it is?
Well, first off, cut out the full duplex operation...
It does seem intuitive to use one unit's bandwidth (112 Kbs, or 128Kbs depending apparently on the ISDN line; see the datasheet) for only the video stream, and another satellite phone line for full-duplex audio only. I wonder if this is being done? Is there a Slashdotter at a news network (or) who knows?
Also, could analog video filters be used pre-compression to make the stream more compression friendly? Especially when they are using the night-vision. There is so much random grain in each frame that I'm sure H.263 (meant for stiller sources) wastes most of the bandwidth on noise.
Could we easily loose the color depth for more frames per second? Again, especially for the night-vision shots which are intensity only anyway. My guess is no, because the unit doesn't look very configurable.
Which brings up the fact that while the per unit cost ($7,500 for field unit) isn't too bad, especially for media outlets, it certainly seems to be largely a compression application that a properly peripheraled laptop could undertake, and be more ready to accepts better (or environment-specialized) codecs.
Providence area stations are showing video of a young arabic man being led off a stopped train (from Boston) in Providence. The man is in handcuffs. They report that possibly a second man (not caught on video) was also taken into custody.
Not everyone can afford dedicated hardware for each OS.
That's true, but I'm not sure it is a common enough situation to drive vendors to support dual boot machines.
If there is any sort of business need, the cost of downtime from rebooting certainly reaches the cost of a new machine quickly enough to justify the extra machine.
And I'm not convinced that there are enough home users that need multiple operating systems, though not at the same time, and can't afford a second computer, and need a vendor to install a bootloader for them. Not enough, at least, to think that there is a real market niche that hasn't been responded to.
In short, why would vendors take the time to help a few people avoid buying more hardware?
I missed your point, yes. I think I read a bunch of comments and just decided to reply to yours for all of them.
It takes dilligence, like you say. I have my first child on the way and am thinking about it non-stop.
Giving a child "freedom" to harm themselves isn't enlightened behaviour, but is itself childish.
/.'ers who can't claim the same.
Becoming a responsible person means that you actively influence others in a positive direction; those you are responsible for.
Shirking that responsibility doesn't mean that they weren't influenced, it just means that something else influenced them.
It is all about time. There is only so much time in the day. What you choose (or what is chosen) to become part of your day influences you in time. If you spend enough time practicing piano, you eventually become excellent. If you spend enough time reading great books, you eventually become well read. Most of us spent a great deal of our youth to attain some degree of fluency with programming or system administration. To allow pornography to be part of a child's day is depriving them of the good things that would instead nurture and form their minds.
If you think that web-pornography is an essential part of an 11 year old's daily information intake, then state that plainly. It is at least a tangible position, however equivalent it is to allowing anything they can get their hands on to be "fair game" for injesting.
If an 11 year old mind already has a subtle enough pallete to distinguish worthy and unworthy ideas, images and friends, then they should be responsible for the formation of some
Most need their parents, and (unfortunately) most parents subscribe to some degree of hands-off-ology, as if someone else won't gladly chime in the minute you fall silent.
To the people who claim that you will stifle your child or come across as overbearing by being so active a parent, that depends on what you give and show to them. Good things don't stifle, they enrich. I whole heartedly agree that space-fillers meant to replace more lurid (and usually more interesting) information will drive a kid crazy. This includes Christian "Rock", most Disney movies, etc. Adolescents generally will not be harmed by violent images (not gore, though), sexual images (not porn, though), rough language (not gratuitous, though).
In short, art and not shit. Those that can't tell the difference have already demonstrated that they lack qualifications to be responsible for another's (inevitable) formation.
IDN should help with at least one barrier, multilingual domain names.
d
> I hate to say it, but the microsoft backed Teledesic system is a much better system (many satellites in low earth orbit- kinda
> like a cellular system) the satellites are closer and cover smaller areas, so the amount of bandwidth/satellite is much smaller.
Teledesic says in their FAQ that "Mr. Gates's investment is a personal one not associated with Microsoft."
-b