Well, according to TFA how would you "make a dot change its position on a screen, propelled by math and logic, and only by math and logic" in python? For kids, simple graphics are far more persuasive than watching text scroll down. If your answer for doing this in python is longer than 1 line or involves compiling packages, you've lost. Basic commands I remember were as simple as "gr", "hgr", "hgr2", "screen" and you were ready to go.
The "random" selection appears to be done by computer based on your travelling profile, e.g. how you bought the ticket, one way or round trip, age, sex, etc. The way to know if you are about to be checked is to look for a telltale 'S' on your ticket which is what the TSA drones at the checkpoints look for (you can probably game the system by pencilling in a fake 'S' to see what happens). It is the worst kind of profiling - computers are being used to recognize patterns on mostly irrelevent information instead of security being based on the ultimate pattern recognition device - the well trained, well paid human screener. What passes for security these days at airports is a joke that will end with a sad punch line.
Peril of the semi-educated know-it-all
on
Crypto Snake Oil
·
· Score: 2, Insightful
One of the major perils facing a would-be crypto user is himself. Many people think they know it all (as evidenced in many of the posts to this article) and therefore can dictate insecure and plain silly design choices when deploying a secure solution in a non-trivial environment (for anything: authentication, the crypto itself, access enforcement, etc.). For the vendor this creates a conflict. On the one hand, you want to satisfy the customer's request. On the other hand, you know your customer is shooting himself in the foot and very possibly becoming a vendor reputation problem later on down the line. In my experience, most customers are accustomed to being "always right" and fail to recognize that crypto/security may be one of those things that they simply do not know enough about and to let the vendor help them. It is often the case that the vendor can explain/evangelize and detail the very attack the customer is opening himself up to with little or no effect - the customer is convinced they know it all.
Is that a review or paid advertising by Microsoft?
Which comments such as "Nice that it works with both Mac and PC, but I've had quite enough of the iTunes goliath, thank you very much." one wonders if this test wasn't performed in some Microsoft marketer's office...
"market boom in CPU demand" - which was largely driven by Intel's initial pioneering of the microprocessor and its relentless drive to make it faster and smaller (and power hungry...:). Its success was later bolstered by very good marketing but that didn't come and till after it was the dominant player.
You are saying is that there is nowhere for Intel to innovate on the technical side to the extent that it did historically. The approach is reactive and it doesn't lead to revolutionary innovation. It also sounds defeatist to me.
It's funny how when a company does very well, the CEO takes credit for all the brilliant choices s/he made. Yet, when a company flails, it's not that CEOs fault until after it has been thousands of underlings' faults. Otellini should resign. He stands for all the things Intel is/was not. He's a marketroid in what was and should be primarily an engineering driven organization.
I think in this case, copyright was correctly applied. However, it could have the unintended side effect of mobilizing the now famous right wing "base" to do something about copyrights. It could make copyright law worse or, if we are lucky, could put an end to mickey mouse legislation!
"2- The blank levy is not a compensation for massive, indiscriminate filesharing on P2P networks. Rather, it is a compensation for the (perfectly legal) private, physical copying and sharing of copyrighted works, within the circle of family and close friends, and in low numbers, which I understand is definitely allowed in Spain. France and Canada have a similar scheme"
And you don't find it disturbing that the government is using its vast powers to collect money for the benefit of a for-profit private company/companies?!?
You are so out of touch, it's funny. If you performed a cursory Google search for deaths/mile statistics, you would find that the U.S. has historically had, and continues to have, a lower rate than Germany. However, your ignorance really shines through when you say you prefer horses. You should Google that as well. For instance: http://www.enviroliteracy.org/article.php/578.html Horses were far more dangerous to public health in urban environments than cars are today.
The local profile is the user's home directory, the directory that usually sits under C:\Documents and Settings\ EFS will store your machine local keys (encrypted) in a file there (I don't remember if it has its own files or stores them in the profile registry files). If that directory is nuked (My Computer->Properties->Advanced->User Profiles Settings->Delete for instance), the user's keys are gone and his access to his data is gone. EFS relies on storing the user's keys in the profile directory and I think I remember roaming profiles not being allowed to store the keys. There are quite a few consequences from this scheme, the primary ones are the requirement to have a profile on the machine storing the data (wasted storage, user has to have accessed the machine previously in order to be granted access to someone else's data), sensitivity to the profile getting deleted on an individual machine (what happens if the drive gets nuked? Think of the interactions with backup and data recovery to other machines, how would that work?)
This is from my experience playing with EFS. It is possible I missed some points that alleviate part of these issues. However, I spent quite a bit of time with EFS and there was nothing obvious on how to deal with these problems (or with the buggy interface).
I don't know anything about the other encryption schemes mentioned in the other comments. However, I do doubt they address any of these issues. Microsoft tried, with quite a bit of effort, and they didn't succeed very well.
The problem with disk encryption as it is implemented today is twofold: 1. it doesn't scale - all the various products today can be used for small deployments and still be useable. However, try to scale it to a large enterprise with thousands of machines and you have an administration headache. Microsoft EFS has various flaws in it like this. For instance, if somehow a user's _local_ profile on the machine with the encrypted data is erased, all his data is gone or has to be recovered by the backup operator (assuming the user went through proper procedure to allow this). Because of EFSs reliance on local profiles (if I recall correctly roaming profiles don't cut it), even NAS machines have to maintain a profile for every user accessing encrypted files on that machine. That's ok for 10 to 15 people and utterly ridiculous when you have 20,000+ users. Also, if I remember correctly, EFS adds an additional layer of certificate based ACLs which are devilishly difficult to use and are also contingent on local profiles being present for the users you want to grant access to. 2. it is a subset of the scaling issue but is a category of its own because it is central to a successful encryption scheme. Disk encryption is easy, managing the keys used for encryption is the real problem and is where your security ultimately lies. Again, the problem here is that for a small organization where you can store the keys on a notepad, if you like, is easy. For a large organisation with thousands of machines and hundreds of locations that need to share data, securely managing thousands and even millions of keys is not trivial. Key management considerations are Informaton Lifetime Management (ILM), Backup & Data Recovery (after a disaster, for instance), Synchronization across multiple sites, various key levels to control data sharing within an organization and without with its partners.
In summary, encrypting a disk is easy. Making it useful and manageable is very difficult.
Your assertion would be correct if Amazon were putting any money on the keywords in question. However, Amazon is not putting any money on the "latex" keyword or on "equation editors". One would think keywords would be priced based on advertiser demand. If no one else is bidding on those words, then Google technically shouldn't even care if Luis is buying them up. The cost for Google is pretty close to nothing. As it stands now, Google priced Luis out of advertising which means that if you search for "latex equation editor", you get no "relevant" ads and Google basically eliminated any chance of making money off those keywords.
"DOC files don't so much as stream as open for Random Access. They're structured in such a way that the information is stored as an object heirarchy scattered across the file. This makes saving faster because only the changes are saved to the file."
That's completely false. From observation, every time you save a Word document, the entire document is re-written from scratch. In fact the transaction goes something like this: 1. Word creates a temporary file 2. Word saves document to new file 3. Word deletes old file (your "document.doc") 4. Word renames old file to your "document.doc"
There is no random access whatsoever. Word, in some circumstances, will open potentially hundreds of temp files (one for every time you save the file), each with a complete copy of your document. It is highly inefficient and very far from being random access when performing writes. The object hierarchy is part of the reason this is the case. Since objects are serialized in their hierarchial order, if an object gets larger, it would need to "push" the following objects after it in the file. This is not easy to do or really desireable. You can also think of the converse problem of a shrinking object leaving a hole in the file.
ODF is slow because of the ZIP stage. It needs a faster ZIP stage (possibly a real random access ZIP abstraction would do the trick).
Yet, San Francisco wasn't considered part of the valley until the dot bomb. If you recall, the dot bomb induced gentrification of San Francisco created a notable backlash in the city.
His basic premise about nerds and rich people sounds about right. His meandering definition of a nerd attractive city is a off the mark and plain wrong with regards to San Francisco. San Francisco was not considered part of Silicon Valley until recently. Silicon Valley was typically considered to be 32 miles south of San Francisco, from Palo Alto in the north to the environs of San Jose in the south. Sprawling, faceless San Jose is definitely not a "nerd town" per his description and the neighboring towns are plain suburbia. Most of the startups you can think of - Google, Yahoo, HP, Apple, Cisco, etc. were started in that southern area. Much fewer were started farther north or in San Francisco proper.
It is more plausible that Blue Security just ran out of money. They raised $3m in 2004 - it is entirely plausible, even likely, they burned through all of it. It is a dis-service on their part to spin it as some chivalrous act "for the net". They make it sound like the spammers won when it was just VC funding that ran out.
The funny thing is that to be truly useful in an "industrial" setting with terabytes of data flowing through the system daily (think Yahoo, Google, Paypal, Ebay, IBM, etc.) all pretty.NET objects and other toys are inevitably discarded in favor of the "crude and outdated way of doing things". It is simple, crude and scales like no.NET object ever can.
Google's DomainPark (http://www.google.com/domainpark/) which is what typo-squatters use is a source of a large chunk of Google revenue. This could be the beginning of Microsoft's stab at Google's soft (and sleazy) underbelly.
This is entirely possible and they are not the only ones doing it, for example http://www.datadomain.com/ has been doing it for a while. The big storage vendors do it to some extent as well. The idea is based on "de-duplication" of data and is only really practical for backups (where most data from backup to backup is identical) or central repositories of data for a large organization that has multiple similar data sets, for example, many installations of Windows that are often similar. From my experience x25 is a bold claim for general data. I've seen small scale tests that showed x30 compression over backup sets but those implementations had performance issues. From the description in their white-paper, despite their claims, it appears they are performing some kind of hash by definition (e.g. mapping a space to a smaller space).
Slashdot Mirror
Well, according to TFA how would you "make a dot change its position on a screen, propelled by math and logic, and only by math and logic" in python?
For kids, simple graphics are far more persuasive than watching text scroll down. If your answer for doing this in python is longer than 1 line or involves compiling packages, you've lost. Basic commands I remember were as simple as "gr", "hgr", "hgr2", "screen" and you were ready to go.
The "random" selection appears to be done by computer based on your travelling profile, e.g. how you bought the ticket, one way or round trip, age, sex, etc. The way to know if you are about to be checked is to look for a telltale 'S' on your ticket which is what the TSA drones at the checkpoints look for (you can probably game the system by pencilling in a fake 'S' to see what happens).
It is the worst kind of profiling - computers are being used to recognize patterns on mostly irrelevent information instead of security being based on the ultimate pattern recognition device - the well trained, well paid human screener.
What passes for security these days at airports is a joke that will end with a sad punch line.
One of the major perils facing a would-be crypto user is himself. Many people think they know it all (as evidenced in many of the posts to this article) and therefore can dictate insecure and plain silly design choices when deploying a secure solution in a non-trivial environment (for anything: authentication, the crypto itself, access enforcement, etc.).
For the vendor this creates a conflict. On the one hand, you want to satisfy the customer's request. On the other hand, you know your customer is shooting himself in the foot and very possibly becoming a vendor reputation problem later on down the line.
In my experience, most customers are accustomed to being "always right" and fail to recognize that crypto/security may be one of those things that they simply do not know enough about and to let the vendor help them. It is often the case that the vendor can explain/evangelize and detail the very attack the customer is opening himself up to with little or no effect - the customer is convinced they know it all.
Any constraints he puts could be equally applied to random() output. TFA says he avoided using viagra to do what you described.
It sounds like he used the spam as a very complex RNG. He could probably use random() and get similar results...
Is that a review or paid advertising by Microsoft?
Which comments such as "Nice that it works with both Mac and PC, but I've had quite enough of the iTunes goliath, thank you very much." one wonders if this test wasn't performed in some Microsoft marketer's office...
If what you say were correct then Intel would have never come up with the microprocessor. Intel created the microprocessor market.
"market boom in CPU demand" - which was largely driven by Intel's initial pioneering of the microprocessor and its relentless drive to make it faster and smaller (and power hungry... :). Its success was later bolstered by very good marketing but that didn't come and till after it was the dominant player.
You are saying is that there is nowhere for Intel to innovate on the technical side to the extent that it did historically. The approach is reactive and it doesn't lead to revolutionary innovation. It also sounds defeatist to me.
It's funny how when a company does very well, the CEO takes credit for all the brilliant choices s/he made. Yet, when a company flails, it's not that CEOs fault until after it has been thousands of underlings' faults.
Otellini should resign. He stands for all the things Intel is/was not. He's a marketroid in what was and should be primarily an engineering driven organization.
I think in this case, copyright was correctly applied.
However, it could have the unintended side effect of mobilizing the now famous right wing "base" to do something about copyrights.
It could make copyright law worse or, if we are lucky, could put an end to mickey mouse legislation!
"2- The blank levy is not a compensation for massive, indiscriminate filesharing on P2P networks. Rather, it is a compensation for the (perfectly legal) private, physical copying and sharing of copyrighted works, within the circle of family and close friends, and in low numbers, which I understand is definitely allowed in Spain. France and Canada have a similar scheme"
And you don't find it disturbing that the government is using its vast powers to collect money for the benefit of a for-profit private company/companies?!?
You are so out of touch, it's funny.l
If you performed a cursory Google search for deaths/mile statistics, you would find that the U.S. has historically had, and continues to have, a lower rate than Germany.
However, your ignorance really shines through when you say you prefer horses. You should Google that as well. For instance: http://www.enviroliteracy.org/article.php/578.htm
Horses were far more dangerous to public health in urban environments than cars are today.
The local profile is the user's home directory, the directory that usually sits under C:\Documents and Settings\
EFS will store your machine local keys (encrypted) in a file there (I don't remember if it has its own files or stores them in the profile registry files).
If that directory is nuked (My Computer->Properties->Advanced->User Profiles Settings->Delete for instance), the user's keys are gone and his access to his data is gone.
EFS relies on storing the user's keys in the profile directory and I think I remember roaming profiles not being allowed to store the keys.
There are quite a few consequences from this scheme, the primary ones are the requirement to have a profile on the machine storing the data (wasted storage, user has to have accessed the machine previously in order to be granted access to someone else's data), sensitivity to the profile getting deleted on an individual machine (what happens if the drive gets nuked? Think of the interactions with backup and data recovery to other machines, how would that work?)
This is from my experience playing with EFS. It is possible I missed some points that alleviate part of these issues. However, I spent quite a bit of time with EFS and there was nothing obvious on how to deal with these problems (or with the buggy interface).
I don't know anything about the other encryption schemes mentioned in the other comments. However, I do doubt they address any of these issues. Microsoft tried, with quite a bit of effort, and they didn't succeed very well.
The problem with disk encryption as it is implemented today is twofold:
1. it doesn't scale - all the various products today can be used for small deployments and still be useable. However, try to scale it to a large enterprise with thousands of machines and you have an administration headache. Microsoft EFS has various flaws in it like this. For instance, if somehow a user's _local_ profile on the machine with the encrypted data is erased, all his data is gone or has to be recovered by the backup operator (assuming the user went through proper procedure to allow this). Because of EFSs reliance on local profiles (if I recall correctly roaming profiles don't cut it), even NAS machines have to maintain a profile for every user accessing encrypted files on that machine. That's ok for 10 to 15 people and utterly ridiculous when you have 20,000+ users. Also, if I remember correctly, EFS adds an additional layer of certificate based ACLs which are devilishly difficult to use and are also contingent on local profiles being present for the users you want to grant access to.
2. it is a subset of the scaling issue but is a category of its own because it is central to a successful encryption scheme. Disk encryption is easy, managing the keys used for encryption is the real problem and is where your security ultimately lies. Again, the problem here is that for a small organization where you can store the keys on a notepad, if you like, is easy. For a large organisation with thousands of machines and hundreds of locations that need to share data, securely managing thousands and even millions of keys is not trivial. Key management considerations are Informaton Lifetime Management (ILM), Backup & Data Recovery (after a disaster, for instance), Synchronization across multiple sites, various key levels to control data sharing within an organization and without with its partners.
In summary, encrypting a disk is easy. Making it useful and manageable is very difficult.
Last time secret messages were popping up in different places, google was involved...
'I don't think anybody else does this, developers suspend their lives for a week to focus entirely on just development.'
Tell that to the folks at EA. Or to any other member of a startup for that matter who suspend their lives for at least a couple years.
Your assertion would be correct if Amazon were putting any money on the keywords in question. However, Amazon is not putting any money on the "latex" keyword or on "equation editors". One would think keywords would be priced based on advertiser demand. If no one else is bidding on those words, then Google technically shouldn't even care if Luis is buying them up. The cost for Google is pretty close to nothing.
As it stands now, Google priced Luis out of advertising which means that if you search for "latex equation editor", you get no "relevant" ads and Google basically eliminated any chance of making money off those keywords.
"DOC files don't so much as stream as open for Random Access. They're structured in such a way that the information is stored as an object heirarchy scattered across the file. This makes saving faster because only the changes are saved to the file."
That's completely false. From observation, every time you save a Word document, the entire document is re-written from scratch. In fact the transaction goes something like this:
1. Word creates a temporary file
2. Word saves document to new file
3. Word deletes old file (your "document.doc")
4. Word renames old file to your "document.doc"
There is no random access whatsoever. Word, in some circumstances, will open potentially hundreds of temp files (one for every time you save the file), each with a complete copy of your document. It is highly inefficient and very far from being random access when performing writes.
The object hierarchy is part of the reason this is the case. Since objects are serialized in their hierarchial order, if an object gets larger, it would need to "push" the following objects after it in the file. This is not easy to do or really desireable. You can also think of the converse problem of a shrinking object leaving a hole in the file.
ODF is slow because of the ZIP stage. It needs a faster ZIP stage (possibly a real random access ZIP abstraction would do the trick).
Yet, San Francisco wasn't considered part of the valley until the dot bomb. If you recall, the dot bomb induced gentrification of San Francisco created a notable backlash in the city.
His basic premise about nerds and rich people sounds about right. His meandering definition of a nerd attractive city is a off the mark and plain wrong with regards to San Francisco. San Francisco was not considered part of Silicon Valley until recently. Silicon Valley was typically considered to be 32 miles south of San Francisco, from Palo Alto in the north to the environs of San Jose in the south. Sprawling, faceless San Jose is definitely not a "nerd town" per his description and the neighboring towns are plain suburbia.
Most of the startups you can think of - Google, Yahoo, HP, Apple, Cisco, etc. were started in that southern area. Much fewer were started farther north or in San Francisco proper.
It is more plausible that Blue Security just ran out of money. They raised $3m in 2004 - it is entirely plausible, even likely, they burned through all of it. It is a dis-service on their part to spin it as some chivalrous act "for the net". They make it sound like the spammers won when it was just VC funding that ran out.
Washington is obsessed with 'terrorism' (is this the extent of the U.S. intelligence effort?):
a te=all&geo=all
l &geo=all
http://www.google.com/trends?q=terrorism&ctab=0&d
While the Arab world is far more preoccupied with something else entirely:
http://www.google.com/trends?q=sex&ctab=0&date=al
The funny thing is that to be truly useful in an "industrial" setting with terabytes of data flowing through the system daily (think Yahoo, Google, Paypal, Ebay, IBM, etc.) all pretty .NET objects and other toys are inevitably discarded in favor of the "crude and outdated way of doing things". It is simple, crude and scales like no .NET object ever can.
Google's DomainPark (http://www.google.com/domainpark/) which is what typo-squatters use is a source of a large chunk of Google revenue. This could be the beginning of Microsoft's stab at Google's soft (and sleazy) underbelly.
This is entirely possible and they are not the only ones doing it, for example http://www.datadomain.com/ has been doing it for a while. The big storage vendors do it to some extent as well.
The idea is based on "de-duplication" of data and is only really practical for backups (where most data from backup to backup is identical) or central repositories of data for a large organization that has multiple similar data sets, for example, many installations of Windows that are often similar.
From my experience x25 is a bold claim for general data. I've seen small scale tests that showed x30 compression over backup sets but those implementations had performance issues.
From the description in their white-paper, despite their claims, it appears they are performing some kind of hash by definition (e.g. mapping a space to a smaller space).