"The bytes in storage are useless without the phone's exact hardware."
Unless they're using physically uncloneable functions (which I doubt) a copy of the phone should give you access. The protection mechanism can be rewritten in software, the key is some derivative of the PIN.
It's a phone. State actors already have that capability. (although, in this case, the US apparently doesn't, or they're trying the easy way first). It all hinges on that 4-digit PIN. If this is some sort of smartcard, then Apple can't help you either. If this is software based, you can help yourself: just copy the contents of the phone to another medium, have an implementation of the crypto, and run your brute-force from there. With 10000 combinations, it should take about a minute.
I assume that you still have to make the surface with all the pinholes in, a little convex. If only to not just capture the same square cm in front of the lens a thousand times.
Crypto in Lotus Notes was deliberately debilitated by the US to something ridiculous like a few tens of bits. Don't say that Notes was secure. The principle? Sure. The execution? Not so much.
Do Americans also do this IRL? I mean, posit something and then end with: 'discuss'? I mean, it's annoying in message boards, but bloody hell that would make me lose it if someone were to say that to me in the flesh.
I propose that any post that ends with 'discuss.' is automatically deleted by/.
"The Russian government is allegedly looking to ban Microsoft's Windows operating system"
Aaaand... that's an extremely good idea. There is an enormous problem and it's called 'Restricted level networks' in governments everywhere; combined, they provide an attacker an enormous treasure trove of information, and they are installed, configured and used by morons^Hnot very apt computer users. To expose yourself additionally to an American company that can just open the floodgates at a simple request out of Washington, is folly.
The fact that we want your marks at the end of the year to be somewhat objective. In the same way that you can 'bribe' your spouse to do something in the house that you don't like doing, but you're not allowed to bribe your professor. Granted, this should be a private issue, not a legal one.
When you hire a consultant to tell you what's wrong with your organization, it's bad practice to hire the same people to do the cleaning up; it creates a perverse incentive.
So, information that was going to be public (press talking points) was somehow classified? I don't know anything about the case, but I do know about working with classified information and for all I know, they are talking about the release mechanisms that they have at their disposal at that point in time. And that the tech isn't cooperating.
Can static linking on windows be done? I mean, Firefox, who cares? But products like truecrypt should be statically compiled, and require no resources from their operating system.
Wait. 'Uses a 64 kbyte key' - is he mad? Does he realize the trouble he will have to go through when he has to transport over a network, or do a key agreement on, keys of that size?
Just thinking out loud: *maybe* what he means is that current 'disk'-like encryption mechanisms suck (like XTS, which they don't have to do, but which in practice they do). Or maybe he wants a proper encryption scheme, based on asymmetric cryptography (so that I can properly package a file just for you), which can be done (PKCS#1, ECIES, etc) - but there you basically package a symmetric key under a single stroke of asymmetric encryption, and follow up with the symmetric ecryption of the payload itself, which admittedly feels like a bit of a hack (mixing up crypto means you may be more vulnerable).
- He wants a block cipher that works on 1 kByte blocks (and on 4, 16, 64 kByte blocks, which is implicated by the first requirement). Current block ciphers do 16 bytes at a time, so they imply the 1 kByte requirement. - He says current block ciphers suck. Why? It doesn't really become clear from the discussion, which seems to be between two people who have heard a little bit about cryptography, and are trying to outdo each other in what little knowledge they have.
In reality, a block cipher is perfectly transferable to a stream cipher, and the 32 byte key space and 16 byte block size is not something that is going to be broken any time soon. So, I'm not getting the motivation. At all.
The point is not whether Trump gets to say whatever he wants - the point is that Twitter is hypocritical. Surely everyone is free to use or not use their services, and surely Twitter is free to can the one user for the same reason they're keeping the other. But individuals (and companies) *can* be told that they are hypocritical. It is not a nice character trait to display.
Your standards are low. That wasn't an obscure reference! Right? I mean, slashdot hasn't come all this way for a simple xkcd reference to be obscure, right?!
So yeah, even though the signs are written all over the friggin' wall, people don't like to hear about it. They think you're being mean, not realizing, or not wanting to know, that not talking about it is actually the mean thing to do.
It doesn't specify a checksum for the header, which means that it relies on some elements of it (the address fields) to be checksummed by a higher layer (which indeed TCP and UDP do). But which also means that some elements of the header (quality of service, hop limit) are left out of the checksum, which means that (for instance) you can get router loops. But it's probably because the designers of IPv6 thought that the whole packet would be authenticated at layer 2. But then - why require an ICMP checksum when you've just completely redesigned ICMP (and why require the TCP and UDP checksums to still use a pseudo header)? I mean, calculating checksums costs time. Either specify that it happens at layer 2 and be done with it, or do it properly.
He dove into a psychotic episode, went raving to the neighbor's house, who called the cops on him, who handled him like they would. But instead of institutionalizing him, they left him at his house, perhaps going/waiting for backup. Then they were called on him again, or they returned and they manhandled him again. Like they would. Then, still in his paranoid, psychotic mindstate, he committed suicide. And it all could have been prevented with the proper application of a straitjacket, a padded room, a nurse, some intravenous medication, and a bit of time and sleep.
Why is Barack Obama not white? Is it because he has more than zero drops of native Kenyan blood in him? If that is the case, aren't you in all actuality subscribing to the 'one drop of blood / white is the norm' position? And if you don't - because that would be quite racist - then why is Obama black? He has a 'white' mother after all... And if your position is that 'he identifies as black', then can he change his mind tomorrow? And if he can't, then at what age do people get to choose their 'race'? And if he can, what in the name of bloody bollocks does an outdated concept of 'race' even mean outside the industry that breeds cats, dogs and horses?
Race is a load of meaningless crap. Humans like to fark too much for it to exist. It has no concept in biology, and even in its last hold-out - sociology - it can easily be degraded to meaninglessness, see the reasoning above.
Slashdot Mirror
"The bytes in storage are useless without the phone's exact hardware."
Unless they're using physically uncloneable functions (which I doubt) a copy of the phone should give you access. The protection mechanism can be rewritten in software, the key is some derivative of the PIN.
It's a phone. State actors already have that capability. (although, in this case, the US apparently doesn't, or they're trying the easy way first). It all hinges on that 4-digit PIN. If this is some sort of smartcard, then Apple can't help you either. If this is software based, you can help yourself: just copy the contents of the phone to another medium, have an implementation of the crypto, and run your brute-force from there. With 10000 combinations, it should take about a minute.
I assume that you still have to make the surface with all the pinholes in, a little convex. If only to not just capture the same square cm in front of the lens a thousand times.
Crypto in Lotus Notes was deliberately debilitated by the US to something ridiculous like a few tens of bits. Don't say that Notes was secure. The principle? Sure. The execution? Not so much.
USB floppy drives can be had.
Who cares? With that density, you just use a logging filesystem. Only incremental changes - very handy for rollback as well.
Do Americans also do this IRL? I mean, posit something and then end with: 'discuss'? I mean, it's annoying in message boards, but bloody hell that would make me lose it if someone were to say that to me in the flesh.
I propose that any post that ends with 'discuss.' is automatically deleted by /.
"The Russian government is allegedly looking to ban Microsoft's Windows operating system"
Aaaand... that's an extremely good idea. There is an enormous problem and it's called 'Restricted level networks' in governments everywhere; combined, they provide an attacker an enormous treasure trove of information, and they are installed, configured and used by morons^Hnot very apt computer users. To expose yourself additionally to an American company that can just open the floodgates at a simple request out of Washington, is folly.
The fact that we want your marks at the end of the year to be somewhat objective. In the same way that you can 'bribe' your spouse to do something in the house that you don't like doing, but you're not allowed to bribe your professor. Granted, this should be a private issue, not a legal one.
When you hire a consultant to tell you what's wrong with your organization, it's bad practice to hire the same people to do the cleaning up; it creates a perverse incentive.
So, information that was going to be public (press talking points) was somehow classified? I don't know anything about the case, but I do know about working with classified information and for all I know, they are talking about the release mechanisms that they have at their disposal at that point in time. And that the tech isn't cooperating.
Can static linking on windows be done? I mean, Firefox, who cares? But products like truecrypt should be statically compiled, and require no resources from their operating system.
Wait. 'Uses a 64 kbyte key' - is he mad? Does he realize the trouble he will have to go through when he has to transport over a network, or do a key agreement on, keys of that size?
Just thinking out loud: *maybe* what he means is that current 'disk'-like encryption mechanisms suck (like XTS, which they don't have to do, but which in practice they do). Or maybe he wants a proper encryption scheme, based on asymmetric cryptography (so that I can properly package a file just for you), which can be done (PKCS#1, ECIES, etc) - but there you basically package a symmetric key under a single stroke of asymmetric encryption, and follow up with the symmetric ecryption of the payload itself, which admittedly feels like a bit of a hack (mixing up crypto means you may be more vulnerable).
- He wants a block cipher that works on 1 kByte blocks (and on 4, 16, 64 kByte blocks, which is implicated by the first requirement). Current block ciphers do 16 bytes at a time, so they imply the 1 kByte requirement.
- He says current block ciphers suck. Why? It doesn't really become clear from the discussion, which seems to be between two people who have heard a little bit about cryptography, and are trying to outdo each other in what little knowledge they have.
In reality, a block cipher is perfectly transferable to a stream cipher, and the 32 byte key space and 16 byte block size is not something that is going to be broken any time soon. So, I'm not getting the motivation. At all.
The point is not whether Trump gets to say whatever he wants - the point is that Twitter is hypocritical. Surely everyone is free to use or not use their services, and surely Twitter is free to can the one user for the same reason they're keeping the other. But individuals (and companies) *can* be told that they are hypocritical. It is not a nice character trait to display.
Your standards are low. That wasn't an obscure reference! Right? I mean, slashdot hasn't come all this way for a simple xkcd reference to be obscure, right?!
Right?!
I got modded 0, flamebait for suggesting exactly this about Ian Murdock: http://slashdot.org/comments.p...
So yeah, even though the signs are written all over the friggin' wall, people don't like to hear about it. They think you're being mean, not realizing, or not wanting to know, that not talking about it is actually the mean thing to do.
Yeah, but Oracle simply is *that* good. No, really. I'm an avid postgres user, but Oracle still blows any other database out of the water. With ease.
AES and SHA-3 were (partly) conceived in Belgium. Legislation is one thing - inventing the technology is something else.
Yeah I know Belgium and the Netherlands are not the same country. I live in one of them. I was trying to make a point.
It doesn't specify a checksum for the header, which means that it relies on some elements of it (the address fields) to be checksummed by a higher layer (which indeed TCP and UDP do). But which also means that some elements of the header (quality of service, hop limit) are left out of the checksum, which means that (for instance) you can get router loops. But it's probably because the designers of IPv6 thought that the whole packet would be authenticated at layer 2. But then - why require an ICMP checksum when you've just completely redesigned ICMP (and why require the TCP and UDP checksums to still use a pseudo header)? I mean, calculating checksums costs time. Either specify that it happens at layer 2 and be done with it, or do it properly.
He dove into a psychotic episode, went raving to the neighbor's house, who called the cops on him, who handled him like they would. But instead of institutionalizing him, they left him at his house, perhaps going/waiting for backup. Then they were called on him again, or they returned and they manhandled him again. Like they would. Then, still in his paranoid, psychotic mindstate, he committed suicide. And it all could have been prevented with the proper application of a straitjacket, a padded room, a nurse, some intravenous medication, and a bit of time and sleep.
Wait. Is that real? Is that really his twitter account (and not some impersonator, like what happens quite often actually)?
Why is Barack Obama not white? Is it because he has more than zero drops of native Kenyan blood in him? If that is the case, aren't you in all actuality subscribing to the 'one drop of blood / white is the norm' position? And if you don't - because that would be quite racist - then why is Obama black? He has a 'white' mother after all... And if your position is that 'he identifies as black', then can he change his mind tomorrow? And if he can't, then at what age do people get to choose their 'race'? And if he can, what in the name of bloody bollocks does an outdated concept of 'race' even mean outside the industry that breeds cats, dogs and horses?
Race is a load of meaningless crap. Humans like to fark too much for it to exist. It has no concept in biology, and even in its last hold-out - sociology - it can easily be degraded to meaninglessness, see the reasoning above.
Famous right-wing rag The Guardian had a piece not so long ago on why basic income doesn't work:
http://www.theguardian.com/com...