It's a big program, there always have been and always will be memory leaks.
This attitude is the whole problem in a nutshell. I can leave the kernel running for months or years on end without anything going wrong because of memory leaks, and I should be able to the same thing with my web browser.
Same here (well, I use RSS). I still use a pretty minimalist fvwm config to run Firefox, xterm and emacs, and that's about it. I just don't get how most of this "Web 2.0" stuff is supposed to different from, you know, hypertext like we were all doing in about 1995.
I dunno, am I the ONLY one that did not become overly paranoid about terrorists coming to blow me up? This is ridiculous. Even if they did overreact at first....after the situation was ascertained, why in hell did they charge this girl with a crime and set bail? Can police no longer find they made a mistake, and just LET YOU GO without penalty??
The prevailing attitude these days seems to be "better that one hundred innocent persons should suffer than one cop look stupid."
<sarcasm>Yeah, a breadboard with a bunch of LEDs and a 9V battery looks *so* deadly.</sarcasm>
In any case, she was probably being a bit stupid not expecting the sort of paranoid response she got, but that pales in comparison with the stupidity of arresting her and then charging her with 'possessing a hoax device' even after it was clear that the device was harmless and there was no malicious intent.
That's the whole problem with the attitude people like you have to 'security': thinking it's okay to kill innocent people over a false positive just because the consequences of a false negative are scary. At least the TSA don't seem to have gotten quite *that* bad yet, unlike you.
As I mentioned in another recent Slashdot thread, I once got that reaction, plus an explosives swab of my luggage, for my TI-92 and a copy of Weinberg's The Quantum Theory of Fields. It really has gotten to the point that carrying anything a high-school dropout TSA minion can't understand is automatically 'suspicious behavior.'
The point I was making was that, if the anecdote referenced in the article is actually a statistically significant effect, either they aren't using this process, or they think they are but aren't implementing it correctly, because whatever process they are using at least appears to be behaving in clearly biased ways.
Hiring based on publication record isn't biased, but from the article it sounds at least plausible that the publication process for at least some journals is. Now, one anecdote like that is hardly proof; maybe the person mentioned in the article just got lucky when submitting papers under a masculine name. Still, it seems like something worth being concerned over.
If the review process is more likely to select the same paper for publication with a masculine name on it than with a feminine name, it looks like bias is slipping into their procedures somehow regardless of supposed double-blindness.
One academic went through a sex change, submitted the same papers under both identities, and found that papers were accepted from a man but were rejected when they came from a woman, said the web inventor. This bias is unaccountable, but adds to institutional bias, he said.
I think that depends on where you work to a great extent. At my employer, I'm one of only two female programmers in the company. It's been like that pretty much everywhere I've seen.
Berners-Lee said that a culture that avoided alienating women would attract more female programmers, which could lead to greater harmony of systems design. "If there were more women involved we could move towards interoperability. We have to change at every level," he said.
That seems like an awfully stereotypical and biased view of female programmers on the part of Tim Berners-Lee.
At Seattle-Tacoma Airport in 2002, I got pulled aside for extra screening and an explosives swab of my carry-on because I had a TI-92 calculator and a copy of Weinberg's The Quantum Theory of Fields in my back-pack.
I think you mean fermions, and it's about being in the same quantum state, not in the same place. A spin-1/2 fermion has two different spin states for each momentum/position/whatever other basis eigenstate, so you can fit two of them in the same place (and if supersymmetric quantum gravity turns out to be true and we have spin-3/2 gravitinos, you'd be able to put 4 of them in the same place).
Only if the thief isn't a complete nitwit. When I was living with my ex-girlfriend last year we had a burglary and someone stole her laptop, and later that day I saw someone logged into her Yahoo IM account from it. I tried to get it to accept a file transfer (Yahoo's protocol uses direct TCP connections for that) to get an IP address, but that didn't quite work. If it had had something on it to connect up to my server every few minutes or something I probably would have been able to get an IP address and then go to the thief's ISP to find out where it was.
You are misinformed. Shor's algorithm finds group orders, which suffices both to factor RSA keys and break discrete log systems, which include elliptic curves. Other posts here have explained this in more detail.
Okay, you got me there. The trick Shor's algorithm uses is a more general than just factorization. It's still way, way beyond anything actually buildable to use it against practical key sizes.
Well, put briefly, the existence of secure public-key cryptography is equivalent to the existence of trap-door one-way functions. Suppose we have a public-key cryptosystem consisting of an encryption function E and a decryption function D, with a secret key Ks and a public key Kp. Let p be the plaintext and c be the ciphertext. Then, c=E(p,Kp) (we encrypt the plaintext with the public key to get the ciphertext), and p=D(c,Ks) (we decrypt the ciphertext with the secret key to get the plaintext back). Now, the public key Kp is known to an attacker, and so are the functions E and D, so in principle the attacker could do a brute-force search of the keyspace to find the secret key Ks corresponding to a given Kp using them. Thus, there exists another decryption function Dp using the public key rather than the secret key: p=Dp(c,Kp). To prove the cryptosystem is secure, we have to prove there's no way to compute Dp efficiently.
Now, a one-way function is exactly what we need. A one-way function o is a function that is easy to compute (can be done in polynomial time), but its inverse is hard (can't be done in polynomial time). It's fairly easy to prove that if a function is in P, then it's inverse must be at most NP. Well, strictly speaking P and NP are for decision problems, so we should refer to FP and FNP. If it's in FP, then the output can be at most polynomially large in the input length, so we can invert by doing a brute-force search of all possible inputs shorter than that bound, and a nondeterministic Turing machine can check them all in parallel. Thus, one-way functions exist only if P != NP (which is equivalent to FP != FNP). Otherwise anything we could compute efficiently we could also invert efficiently. Actually, it turns out that the inverses of one-way functions must be UP (unambiguous polynomial time). That is, there exists a nondeterministic Turing machine to compute them such that for any accepting input, exactly one path accepts (general NP problems can have more than one accepting path). It's believed, but not proven, that UP is smaller than NP; no NP-complete problems are known to be in UP. Thus, the existence of one-way functions is stronger than P != NP, since it also implies UP is strictly larger than P.
Of course, we need to be able to decrypt efficiently if we know the secret key, so we need something more specific than a one-way function: a trap-door one-way function, for which there is an algorithm to compute the inverse in FP if we have some additional piece of information, the trap-door. In complexity-theoretic terms, what we need for public-key cryptography is a family of trap-door one-way functions (functions in P with inverses in UP) parametrized by the public keys, and the secret keys are the corresponding trap doors (inverses in P if we also have the secret key as an input). A few functions, like RSA or discrete logarithms, really look like what we want, but none have ever been proved to be, and a proof that they are would necessarily include P vs. NP as a special case as describe above.
Anyway, BQP is the complexity class of problems tractable on quantum computers, analogous to P for Turing machines. It's a bounded error probability class, like BPP. BQP is the set of all decision problems which have an algorithm on a quantum computer that computes them in polynomial time with an error probability less than one-third (this bound is an arbitrary choice, we can reduce the error probability exponentially with a linear number of repetitions, and the class would be identical for any probability less than one-half). BQP is necessarily at least as large as P, and the existence of Shor's algorithm shows that factorization is in BQP, so BQP is probably strictly larger than P (although it hasn't been proven that you can't factor in P). NP probably contains problems that are not in BQP (no NP-complete problem is known to be in BQP), but proving this is equivalent to proving P != NP. So, if we assume quantum computers are feasible to build on a practical scale
Anyway, it's a long way from running Shor's algorithm to factor 15 to being able to factor a 4096-bit RSA key. Remember that because of the no-cloning theorem you can't build a flip-flop for qubits, so quantum circuits are all combinatorial logic. Applying Shor's algorithm to real-world RSA keys would require building a complete modular exponentiator combinatorially out of quantum logic gates, wide enough to deal with the biggest key sizes practical for anyone to use (and the cost of RSA encryption/decryption only scales linearly with the key size). We couldn't even build that out of regular non-quantum logic.
No, the problem is that Shor's algorithm can factor in polynomial time. To make keys big enough to be impractical to factor with it, they'd also have to be too big to practically use. Public-key cryptosystems depend on the ratio of the time to break the key to the time to use it scaling exponentially with key size.
Slashdot Mirror
s/prime roots/prime factors/, please. Sheesh.
Wow. I didn't know there were so many people getting paid $25M a year. I think maybe you meant $25 billion a year, not trillion. :)
I die in dreams all the time.
It's a big program, there always have been and always will be memory leaks.
This attitude is the whole problem in a nutshell. I can leave the kernel running for months or years on end without anything going wrong because of memory leaks, and I should be able to the same thing with my web browser.
Same here (well, I use RSS). I still use a pretty minimalist fvwm config to run Firefox, xterm and emacs, and that's about it. I just don't get how most of this "Web 2.0" stuff is supposed to different from, you know, hypertext like we were all doing in about 1995.
I dunno, am I the ONLY one that did not become overly paranoid about terrorists coming to blow me up? This is ridiculous. Even if they did overreact at first....after the situation was ascertained, why in hell did they charge this girl with a crime and set bail? Can police no longer find they made a mistake, and just LET YOU GO without penalty??
The prevailing attitude these days seems to be "better that one hundred innocent persons should suffer than one cop look stupid."
<sarcasm>Yeah, a breadboard with a bunch of LEDs and a 9V battery looks *so* deadly.</sarcasm>
In any case, she was probably being a bit stupid not expecting the sort of paranoid response she got, but that pales in comparison with the stupidity of arresting her and then charging her with 'possessing a hoax device' even after it was clear that the device was harmless and there was no malicious intent.
That's the whole problem with the attitude people like you have to 'security': thinking it's okay to kill innocent people over a false positive just because the consequences of a false negative are scary. At least the TSA don't seem to have gotten quite *that* bad yet, unlike you.
As I mentioned in another recent Slashdot thread, I once got that reaction, plus an explosives swab of my luggage, for my TI-92 and a copy of Weinberg's The Quantum Theory of Fields. It really has gotten to the point that carrying anything a high-school dropout TSA minion can't understand is automatically 'suspicious behavior.'
Um, duh. I know what double-blind means.
The point I was making was that, if the anecdote referenced in the article is actually a statistically significant effect, either they aren't using this process, or they think they are but aren't implementing it correctly, because whatever process they are using at least appears to be behaving in clearly biased ways.
Hiring based on publication record isn't biased, but from the article it sounds at least plausible that the publication process for at least some journals is. Now, one anecdote like that is hardly proof; maybe the person mentioned in the article just got lucky when submitting papers under a masculine name. Still, it seems like something worth being concerned over.
If the review process is more likely to select the same paper for publication with a masculine name on it than with a feminine name, it looks like bias is slipping into their procedures somehow regardless of supposed double-blindness.
From the article:
One academic went through a sex change, submitted the same papers under both identities, and found that papers were accepted from a man but were rejected when they came from a woman, said the web inventor. This bias is unaccountable, but adds to institutional bias, he said.
That sounds an awful lot like bias to me.
I think that depends on where you work to a great extent. At my employer, I'm one of only two female programmers in the company. It's been like that pretty much everywhere I've seen.
Berners-Lee said that a culture that avoided alienating women would attract more female programmers, which could lead to greater harmony of systems design. "If there were more women involved we could move towards interoperability. We have to change at every level," he said.
That seems like an awfully stereotypical and biased view of female programmers on the part of Tim Berners-Lee.
At Seattle-Tacoma Airport in 2002, I got pulled aside for extra screening and an explosives swab of my carry-on because I had a TI-92 calculator and a copy of Weinberg's The Quantum Theory of Fields in my back-pack.
I think you mean fermions, and it's about being in the same quantum state, not in the same place. A spin-1/2 fermion has two different spin states for each momentum/position/whatever other basis eigenstate, so you can fit two of them in the same place (and if supersymmetric quantum gravity turns out to be true and we have spin-3/2 gravitinos, you'd be able to put 4 of them in the same place).
Hey, I've had the idea, I just haven't gotten around to getting a Linux laptop yet. :)
Only if the thief isn't a complete nitwit. When I was living with my ex-girlfriend last year we had a burglary and someone stole her laptop, and later that day I saw someone logged into her Yahoo IM account from it. I tried to get it to accept a file transfer (Yahoo's protocol uses direct TCP connections for that) to get an IP address, but that didn't quite work. If it had had something on it to connect up to my server every few minutes or something I probably would have been able to get an IP address and then go to the thief's ISP to find out where it was.
You are misinformed. Shor's algorithm finds group orders, which suffices both to factor RSA keys and break discrete log systems, which include elliptic curves. Other posts here have explained this in more detail.
Okay, you got me there. The trick Shor's algorithm uses is a more general than just factorization. It's still way, way beyond anything actually buildable to use it against practical key sizes.
Well, put briefly, the existence of secure public-key cryptography is equivalent to the existence of trap-door one-way functions. Suppose we have a public-key cryptosystem consisting of an encryption function E and a decryption function D, with a secret key Ks and a public key Kp. Let p be the plaintext and c be the ciphertext. Then, c=E(p,Kp) (we encrypt the plaintext with the public key to get the ciphertext), and p=D(c,Ks) (we decrypt the ciphertext with the secret key to get the plaintext back). Now, the public key Kp is known to an attacker, and so are the functions E and D, so in principle the attacker could do a brute-force search of the keyspace to find the secret key Ks corresponding to a given Kp using them. Thus, there exists another decryption function Dp using the public key rather than the secret key: p=Dp(c,Kp). To prove the cryptosystem is secure, we have to prove there's no way to compute Dp efficiently.
Now, a one-way function is exactly what we need. A one-way function o is a function that is easy to compute (can be done in polynomial time), but its inverse is hard (can't be done in polynomial time). It's fairly easy to prove that if a function is in P, then it's inverse must be at most NP. Well, strictly speaking P and NP are for decision problems, so we should refer to FP and FNP. If it's in FP, then the output can be at most polynomially large in the input length, so we can invert by doing a brute-force search of all possible inputs shorter than that bound, and a nondeterministic Turing machine can check them all in parallel. Thus, one-way functions exist only if P != NP (which is equivalent to FP != FNP). Otherwise anything we could compute efficiently we could also invert efficiently. Actually, it turns out that the inverses of one-way functions must be UP (unambiguous polynomial time). That is, there exists a nondeterministic Turing machine to compute them such that for any accepting input, exactly one path accepts (general NP problems can have more than one accepting path). It's believed, but not proven, that UP is smaller than NP; no NP-complete problems are known to be in UP. Thus, the existence of one-way functions is stronger than P != NP, since it also implies UP is strictly larger than P.
Of course, we need to be able to decrypt efficiently if we know the secret key, so we need something more specific than a one-way function: a trap-door one-way function, for which there is an algorithm to compute the inverse in FP if we have some additional piece of information, the trap-door. In complexity-theoretic terms, what we need for public-key cryptography is a family of trap-door one-way functions (functions in P with inverses in UP) parametrized by the public keys, and the secret keys are the corresponding trap doors (inverses in P if we also have the secret key as an input). A few functions, like RSA or discrete logarithms, really look like what we want, but none have ever been proved to be, and a proof that they are would necessarily include P vs. NP as a special case as describe above.
Anyway, BQP is the complexity class of problems tractable on quantum computers, analogous to P for Turing machines. It's a bounded error probability class, like BPP. BQP is the set of all decision problems which have an algorithm on a quantum computer that computes them in polynomial time with an error probability less than one-third (this bound is an arbitrary choice, we can reduce the error probability exponentially with a linear number of repetitions, and the class would be identical for any probability less than one-half). BQP is necessarily at least as large as P, and the existence of Shor's algorithm shows that factorization is in BQP, so BQP is probably strictly larger than P (although it hasn't been proven that you can't factor in P). NP probably contains problems that are not in BQP (no NP-complete problem is known to be in BQP), but proving this is equivalent to proving P != NP. So, if we assume quantum computers are feasible to build on a practical scale
*sigh*
This doesn't break "public-key cryptography". Even if you could build a Shor-factorization machine big enough to use against real-world keys (and that's a *big* if), it's only good against RSA. Elliptic-curve cryptosystems, for example, would be entirely unaffected. In general, the question of whether general-purpose quantum computers would break all public-key cryptography is a really hard one. It's equivalent to whether there are any trapdoor one-way functions which are in P but with inverses not in BQP. Even the existence of non-trapdoor one-way functions is still an open question; they would have to have inverses in , and proving that would also imply P != NP. All the existence of Shor's algorithm really shows about that problem is that there is at least one problem, integer factorization, which is in BQP but (probably) not in P.
Anyway, it's a long way from running Shor's algorithm to factor 15 to being able to factor a 4096-bit RSA key. Remember that because of the no-cloning theorem you can't build a flip-flop for qubits, so quantum circuits are all combinatorial logic. Applying Shor's algorithm to real-world RSA keys would require building a complete modular exponentiator combinatorially out of quantum logic gates, wide enough to deal with the biggest key sizes practical for anyone to use (and the cost of RSA encryption/decryption only scales linearly with the key size). We couldn't even build that out of regular non-quantum logic.
No, the problem is that Shor's algorithm can factor in polynomial time. To make keys big enough to be impractical to factor with it, they'd also have to be too big to practically use. Public-key cryptosystems depend on the ratio of the time to break the key to the time to use it scaling exponentially with key size.