That DES by itself was too weak to withstand a state-funded attack was well known in the 90s, I was not exactly part of the cryptography in-crowd in those days, but I knew that much. I remember discussing the key length issue in a crypto discussion in college in 1985 or so, after a presentation about DES. No hindsight needed.
If by "extremely limited" you mean tens of thousands of people I agree, but it was not exactly a secret. The big issue was that this was before there was "the web" so accessing information about anything was much harder in general, unless you had access to a research library.
Did anybody actually even see this, apart from mr. Wildeboer? I'm running an up-to-date 64-bit CentOS 6 and an up-to-date Chrome beta on CentOS 6, and I have not seen this.
I have bought some books from Manning and O'Reilly, and they live on my laptop and tablet. They're in epub and PDF format, w/o DRM of any kind. They (may) have my name embedded in them, but that keeps me honest....
So the whole cloud is in trouble if one node starts spewing nonsense? So much for redundancy. Amazon developers would be well advised to read up on the "Byzantine Generals" problem.
So who is still running half-duplex Ethernet and collision detection? I've retired my last Ethernet hub a few years ago, so as far as I'm concerned the point is moot, and Ethernet is now a switched technology that has a legacy mode called CSMA/CD.
.... unless your problem does not fit the model. I'm happy for Qt developers that they can do Google-style mapreduce problems in Qt now, but this solution does not solve the general case.
DES does not form a group, i.e. there is no key K3 such that for all keys K1, K2, and all x DES(K2,DES(K1, x)) == DES(K3, x). If it was Triple-DES would be pointless. I believe the same is true for AES.
EDE mode was used for Triple DES to make it backwards compatible with DES. By setting all three keys to the same value you effectively end up with single DES, a useful feature in some contexts. There's nothing particularly magical about EDE over EEE.
I've written both an implementation of Radix sort and Merge sort in C using linked lists. With integer keys Radix sort is indeed faster by about a factor of 2 on large lists (10^7 keys). The stack management for the non-recursive Merge sort take more time than the very simple operations in the Radix sort.
We probably should not use flammable coatings on cars and hydrogen tanks. That was a major issue with the Hindenburg, the reflective coating on the outer skin was highly flammable.
I've been using live backups on FreeBSD for a while now, and I have had 0 issues with it. The way it works:
- dump requests snapshot of the volume being backed up - file system creates *consistent* snapshot of file system (volume managers can't do this!) - dump makes backup of snapshot - dump removes snapshot
Just pass the '-L' flag to 'dump'.
If you use another backup utility you may have to write a script to create a snapshot, and mount it through a loopback device. Nothing a good sysadmin can't handle.
It works great. Just make sure your datebase transaction logs are on the same volume as the main database:-). After a file system restore the transaction mechanism of your database should get things consistent again.
At 3.34% I'm not going to get rich, the dividends won't even come close to paying for my increased electric (and gas heating) bills. In the current market I'm not worrying about the cost of missed opportunity much. I'm also better protected against the risk of major energy price increases.
I live in Tucson, AZ, in a 2500 sq. ft. house, with lots of windows. The electric bill runs about $150 in the middle of summer, $60-$75 in winter. I do have 2 PCs and various other equipment running 24/7.
Friends who live in a 2000 sq. ft. home built by a volume builder pay about $300 right now, and I have heard of people that have $600/month power bills.
We spent a few $1000 extra to get a more efficient house: - blow-in insulation was used everywhere. There's more than a foot of the stuff under the roof, and 6 inches in the walls, packed tight. - most windows are dual-pane Low-E2, tinted to reduce glare - we limited the number of skylights - the A/C is a high-efficiency, dual-compressor model (18 SEER) - we use fluorescent lights where possible - we keep shades drawn in rooms we don't use, such as a guest room, and my office on weekends.
It looks like we'll recover the extra cost in about 5-7 years.
Linus' approach makes a lot of sense. In the case of patents (not copyrights) it's the patent owner's job to defend its IP, you are not required to take steps to avoid infringing on patents you're unaware of.
The above rambling is simply not true. The problem with WEP is that the method was designed by people who were unaware of basic methods of cryptography. You can do much, much better than that.
To get technical: if an encryption method is used that is "plaintext aware" then an attacker with access to a (bounded) set of plaintext-ciphertext pairs cannot forge a valid ciphertext that's not in that set with more than negligible probability. Add replay prevention and you end up with a much better system,
Rotating the keys like a madman is not necessary if the system is well-designed. For a N-bit block cipher you need to rotate the keys before you encrypt 2^(N/2) blocks, otherwise ciphertexts will start to repeat. For a 128 bit cipher like AES you can encode over 100 exabytes before you have to rotate the key, which is every six million years or so at 802.11b speeds. Nobody cares after 6 million years.
Some people have compared erasure codes to secret sharing schemes. Secret sharing schemes like Shamir's scheme create shares that are as large as the original data. The good ones have the property that no information is leaked if the amount of shares you collect is below a certain treshold .
Erasure codes create 'shares' that are smaller than the original data. The ideal erasure code creates shares that are just the size of the original data divided by the treshold value. They also do not necessarily have the property that no information is leaked when you don't have enough shares.
Michael Rabin's Information Dispersal Algorithm is such an ideal erasure code. It's just too slow when you create a large number of shares.
As an aside: by combining secret sharing, erasure codes, and an encryption algorithm you can build a hybrid secret sharing scheme that generates small shares and is computationally secure.
if you could keep an old tree around in tux2 so you could get a consistent backup of your system without having to shut it down? I'm sure this will complicate freelist management, though, you can only free a block if all references to it are gone.
"Intellectual Property" is a relatively recent invention, and things are not as clear as the recording industry wants you to believe they are. There's a 'fair use' clause in copyright legislation, which means you can use a 5-second music clip of an artist in a newscast about his 24th drug arrest without approval. Reverse engineering for the purpose of interoperability is legal in most places (Samba was developed legally).
Ripping off songs and distributing them through the Internet is obviously not legal. The question though is whether heavyhanded web censoring using flaky software is the answer. Not to mention that the hardcore offenders will probably just start using encrypted communications to escape detection, or tunnel around the blocks.
A third issue is that backbone routers have better things to do than filter on individual IP addresses. The custom silicon in these boxes is not designed to handle this.
This move may make it illegal to reverse engineer their protocols for interoperability. MS lawyers may have figured out where the DVD thing is going......:-)
Oh, please. What we've got here is someone from the Catholic church in Germany making a statement. I don't think W2000 has been banned yet. Some German states have rules that don't allow the govt. to fund anything that furthers Scienotoly's cause. It's questionable whether these rules will be stretched this far.
When a Scientologist contributes to Linux by providing GPL'ed software s/he gives up control over it. There's a difference there.
Slashdot Mirror
That DES by itself was too weak to withstand a state-funded attack was well known in the 90s, I was not exactly part of the cryptography in-crowd in those days, but I knew that much. I remember discussing the key length issue in a crypto discussion in college in 1985 or so, after a presentation about DES. No hindsight needed.
If by "extremely limited" you mean tens of thousands of people I agree, but it was not exactly a secret. The big issue was that this was before there was "the web" so accessing information about anything was much harder in general, unless you had access to a research library.
Did anybody actually even see this, apart from mr. Wildeboer? I'm running an up-to-date 64-bit CentOS 6 and an up-to-date Chrome beta on CentOS 6, and I have not seen this.
Apple acquired Lala.com a while back:
http://www.appleinfocenter.com/article/Apple_s_Lala_Acquisition_Could_Change_Music_Business/70457/index.html
"Lala uses licensed technology to instantly match songs from a consumer's personal music library with the web-based catalog on lala.com."
Sounds like Music Match to me.
I have bought some books from Manning and O'Reilly, and they live on my laptop and tablet. They're in epub and PDF format, w/o DRM of any kind. They (may) have my name embedded in them, but that keeps me honest....
That's the letters after the last dot in the domain names. So we don't end up with http://barber.mainstreet.eastpodunk/
If you're a GPL fundamentalist you get what you deserve: you get to run a GPL MySQL version.
Calm down, grandpa....
You will need at least 8G of RAM. ZFS is an enterprise file system, which needs big hardware. So run 64-bit FreeBSD and get lots of memory.
So the whole cloud is in trouble if one node starts spewing nonsense? So much for redundancy. Amazon developers would be well advised to read up on the "Byzantine Generals" problem.
So who is still running half-duplex Ethernet and collision detection? I've retired my last Ethernet hub a few years ago, so as far as I'm concerned the point is moot, and Ethernet is now a switched technology that has a legacy mode called CSMA/CD.
.... unless your problem does not fit the model. I'm happy for Qt developers that they can do Google-style mapreduce problems in Qt now, but this solution does not solve the general case.
DES does not form a group, i.e. there is no key K3 such that for all keys K1, K2, and all x DES(K2,DES(K1, x)) == DES(K3, x). If it was Triple-DES would be pointless. I believe the same is true for AES.
EDE mode was used for Triple DES to make it backwards compatible with DES. By setting all three keys to the same value you effectively end up with single DES, a useful feature in some contexts. There's nothing particularly magical about EDE over EEE.
I've written both an implementation of Radix sort and Merge sort in C using linked lists. With integer keys Radix sort is indeed faster by about a factor of 2 on large lists (10^7 keys). The stack management for the non-recursive Merge sort take more time than the very simple operations in the Radix sort.
The Radix sort is fairly simple:
typedef uint32_t KEY;
enum {
KEYBITS = 32,
STEPBITS = 11,
};
enum {
NUMBUCKETS = 1 << STEPBITS,
};
#define MASK ((KEY)(NUMBUCKETS-1))
typedef struct node NODE;
struct node
{
KEY key;
NODE *next;
};
NODE * sort(NODE *a)
{
NODE *bucket[NUMBUCKETS+1];
NODE **tail[NUMBUCKETS];
unsigned shift, i;
bucket[NUMBUCKETS] = NULL;
for(shift = 0; shift < KEYBITS; shift += STEPBITS){
for(i = 0; i < NUMBUCKETS; i++)
tail[i] = &bucket[i];
while(a != NULL){
unsigned index = (unsigned)((a->key >> shift) & MASK);
*(tail[index]) = a;
tail[index] = &a->next;
a = a->next;
}
for(i = NUMBUCKETS; i-- > 0;)
*(tail[i]) = bucket[i+1];
a = bucket[0];
}
return a;
}
Just put a reset button on steering wheel, right next to the radio volume controls.......
We probably should not use flammable coatings on cars and hydrogen tanks. That was a major issue with the Hindenburg, the reflective coating on the outer skin was highly flammable.
I've been using live backups on FreeBSD for a while now, and I have had 0 issues with it. The way it works:
:-). After a file system restore the transaction mechanism of your database should get things consistent again.
- dump requests snapshot of the volume being backed up
- file system creates *consistent* snapshot of file system (volume managers can't do this!)
- dump makes backup of snapshot
- dump removes snapshot
Just pass the '-L' flag to 'dump'.
If you use another backup utility you may have to write a script to create a snapshot, and mount it through a loopback device. Nothing a good sysadmin can't handle.
It works great. Just make sure your datebase transaction logs are on the same volume as the main database
At 3.34% I'm not going to get rich, the dividends won't even come close to paying for my increased electric (and gas heating) bills. In the current market I'm not worrying about the cost of missed opportunity much.
I'm also better protected against the risk of major energy price increases.
I live in Tucson, AZ, in a 2500 sq. ft. house, with lots of windows. The electric bill runs about $150 in the middle of summer, $60-$75 in winter. I do have 2 PCs and various other equipment running 24/7.
Friends who live in a 2000 sq. ft. home built by a volume builder pay about $300 right now, and I have heard of people that have $600/month power bills.
We spent a few $1000 extra to get a more efficient house:
- blow-in insulation was used everywhere. There's more than a foot of the stuff under the roof, and 6 inches in the walls, packed tight.
- most windows are dual-pane Low-E2, tinted to reduce glare
- we limited the number of skylights
- the A/C is a high-efficiency, dual-compressor model (18 SEER)
- we use fluorescent lights where possible
- we keep shades drawn in rooms we don't use, such as a guest room, and my office on weekends.
It looks like we'll recover the extra cost in about 5-7 years.
Linus' approach makes a lot of sense. In the case of patents (not copyrights) it's the patent owner's job to defend its IP, you are not required to take steps to avoid infringing on patents you're unaware of.
Ignorance is bliss......
The above rambling is simply not true. The problem with WEP is that the method was designed by people who were unaware of basic methods of cryptography. You can do much, much better than that.
To get technical: if an encryption method is used that is "plaintext aware" then an attacker with access to a (bounded) set of plaintext-ciphertext pairs cannot forge a valid ciphertext that's not in that set with more than negligible probability. Add replay prevention and you end up with a much better system,
Rotating the keys like a madman is not necessary if the system is well-designed. For a N-bit block cipher you need to rotate the keys before you encrypt 2^(N/2) blocks, otherwise ciphertexts will start to repeat. For a 128 bit cipher like AES you can encode over 100 exabytes before you have to rotate the key, which is every six million years or so at 802.11b speeds. Nobody cares after 6 million years.
Erasure codes create 'shares' that are smaller than the original data. The ideal erasure code creates shares that are just the size of the original data divided by the treshold value. They also do not necessarily have the property that no information is leaked when you don't have enough shares.
Michael Rabin's Information Dispersal Algorithm is such an ideal erasure code. It's just too slow when you create a large number of shares.
As an aside: by combining secret sharing, erasure codes, and an encryption algorithm you can build a hybrid secret sharing scheme that generates small shares and is computationally secure.
if you could keep an old tree around in tux2 so you could get a consistent backup of your system without having to shut it down? I'm sure this will complicate freelist management, though, you can only free a block if all references to it are gone.
Ripping off songs and distributing them through the Internet is obviously not legal. The question though is whether heavyhanded web censoring using flaky software is the answer. Not to mention that the hardcore offenders will probably just start using encrypted communications to escape detection, or tunnel around the blocks.
A third issue is that backbone routers have better things to do than filter on individual IP addresses. The custom silicon in these boxes is not designed to handle this.
This move may make it illegal to reverse engineer their protocols for interoperability. MS lawyers may have figured out where the DVD thing is going...... :-)
When a Scientologist contributes to Linux by providing GPL'ed software s/he gives up control over it. There's a difference there.