Desktop supercomputers (GPUs) are cheap nowadays. Modern GPUs can process over 3 billion (yes, billion, with a B, http://www.golubev.com/hashgpu.htm) SHA-1 hashes per second, and this is where good salt gains it's importance, because even a very strong password of completely random upper and lower case letters and symbols could be extracted from it's SHA-1 hash on just 3 or 4 GPUs in less than 24 hours. Good random salt can increase this search time immensely.
That said, good password practice is obviously to avoid re-using passwords for different services, and if people actually followed that in practice it wouldn't be such a big deal for an attacker to gain access to the password plaintext, because if they have the hash database they probably have already compromised the site / system anyway, and getting the passwords wouldn't help them get any further access to other systems.
So if what Microsoft is doing is fair at what point does it exactly become unfair? They're currently harvesting Google's search results from users with software installed and settings enabled, and using that as a factor in their page relevance. What if I fore-go the users and setup some machines to automate this and submit search terms automatically for which I would like to borrow results? Is that fair? What if instead of just some search terms, it's an entire library of search terms? Is that fair? What if I just fucking setup a search page that submits queries to Google server side and returns the results sans ads, but with my own ads? Is THAT fair? Guys give me some funding I just had a great idea for a new search engine.
If the solution involved the mandatory installation of this hardware into the actual fingertips of ever man woman and child MADD would still be fighting for it. It's disappointing that this is the biggest voice against drunk driving.
I agree. One thing that angers me is that our system of dividing the costs for road maintenance fails to accurately take into account the fact that different classes of vehicles cause vastly different damage to the road surface. One large truck can cause almost a hundred times as much damage as a single car driving over the same piece of road.
... and then X-ISP buys Y-ISP and the cycle starts anew. Wait, you want to legislation to prevent that? Then you're already proposing regulation, albeit in the most roundabout ineffective way possible.
The right solution is probably just being honest and transparent about capacity, which will obviously need to be enforced with legislation. Consumers can't make an informed choice about their provider if all they publish are peak theoretical speeds.
It is very short sighted to make a judgment in technology based on what you think your users "need". The reality is many "normal" people see a lot of value in services like Youtube, Netflix, Skype (with video), iTunes and other multimedia applications that they may not have become accustomed to using because it isn't usable for them right now anyway, so it is a chicken and egg problem.
That's just today anyway, but I mean, what could people possibly need tomorrow? 640k ought to be enough for anyone right guys?
So if we have a way to generate exact partition numbers, does any of this mean there might be an efficient way to find the partition number of for a value where each part is equal to the others? There's potential for an easier way to find prime numbers here.
I think it's ironic to hear this kind of moaning from the open source community when OpenGL developers have had to deal with the similar mish-mash of supported features and no standard problems and DirectX developers have always been able to rely on standard feature sets built into major version numbers of the API.
There is actually a fundamental reason for this rather than just oversight. The ATA BIOS command set gives you a 32-bit sector index to load data off the disk in real mode (2 TB of addressable data). On a conventional BIOS system execution will start in real mode after the BIOS has loaded the boot sector (first sector) of the boot device, which of course is just 512 bytes. Normally this sector would also contain your MBR partition table, but the BIOS doesn't really care. Whatever boot device you point it at it's just going to load the first sector into memory and start executing it in real mode. In order to access data beyond 2 TB you need to:
1. Initialize at least 32-bit protected mode, which itself involves several steps and data structures 2. Complete basic hardware enumeration with the information given to you by the BIOS 3. Load a suitable driver for the disk device class. 4. Now you can load and read the GPT and figure out where the OS is actually located and load THAT, then finally transfer control to it.
Step 1 alone will take generally take the 512 bytes available to you if you do it robustly, so where do you put the code for the other steps? Wherever you put it, it needs to be within the first 2 TB of the disk. Windows COULD support booting from GPT on legacy BIOS systems, however, there would have to be 1 of 2 restrictions: Either your OS partition would need to start in the first 2 TB of the disk, or Windows would require a dummy partition located in the first 2 TB of the disk to use as the second stage boot loader. Although you might see those things as a reasonable compromise, the folks at Microsoft obviously don't and have decided that trying to shoehorn it in with restrictions and gotchas is probably just sillier than using the modern EFI boot system for the modern GPT partition table.
Or maybe you could just buy a special keyboard made for beginners to computers / invalids, or on a budget you could just remove all the keys you don't feel are important by picking them off or putting tape over them.
Correct, which is one of the main reasons I can't see it ever catching on. In order to control anything you're going to have to make huge motions with your entire arms like a god damned gorilla, with all the accuracy and subtlety that entails.
What Microsoft actually pays for is licenses for patents pertaining to the similarities between the.NET Framework libraries and the Java standard libraries. I don't know the specific details but they are similar in that they both comprise a hierarchical set of namespaces and classes to provide certain functionality, and Sun had some patents applicable to that (apparently).
This is compounded by the new fad of including permanent progression in almost every online game now, so I can go online in Red Dead Redemption or Call Of Duty and get killed instantly by people like that who have 10 times more health and do 10 times more damage. What kind of sane adult has the patience to suffer through it for countless hours just to cancel that out?
3 year warranty with same day on-site service. I should have mentioned the price doesn't include monitors, but we have LCDs everywhere now so we rarely buy monitors, I think for most organizations the majority of their workstations purchases are just hardware upgrades where the monitor will probably stay.
I think the answer might just be to try renegotiating your price or specs. I also work for a government institution with about 1000 computers and we pay about $450 with Dell for what I would consider a very decent desktop computer (4GB of RAM, Intel Core 2, etc.).
I used Opera for about 7-8 years and loved it, and I still do, but I recently had to switch to Firefox because the security vulnerabilities in Adobe Reader and Flash Player plugins were just too great of a risk and I need the blocking plugins that Firefox has. Although I was able to replicate a lot of my Opera experience in Firefox through plugins, like speed dial, a plugin that emulates the search strings functionality, mouse gestures, etc., the startup times, load times, and UI in Firefox are way slower than what I knew and loved in Opera. I hope noscript, adblock and flashblock-esque plugins make to Opera very quickly so I can finally go back.
I suppose it's been a while since you've used Windows Server and associated admin tools. Everything Microsoft has written in the last 4 years has a complete Powershell back end interface exposed to the user and you anything you can do from their GUI tools can be done from the shell. In fact, most of their GUI tools just use the Powershell interface in THEIR back end.
Steganography is hard if you demand high density. That is, a higher ratio of your content vs the content it is being inserted into. It really depends how much encrypted data you need to hide and how much unencrypted data you have to hide it in. If you're hiding less than a kilobyte of encrypted high entropy data in a 6MB high entropy mp3, and your algorithm is intelligent to distribute it evenly into many areas of the file, that's much harder to detect. That said, I didn't say modifying a complex compressed file format while leaving it functionally intact would be easy, that's the hard part.
I think you're missing the point. Of course after they know that you have some encrypted data on your disk the strength of the encryption becomes moot because they can just drug / beat you until you tell them the key, but what this question is about is hiding encrypted data in unencrypted data so prying eyes can't tell if anything is even there at all.
For example, there may come a day when airport security could demand you disclose your passwords when they find you are carrying storage with encrypted content using the aforementioned techniques, but they aren't going to drug / beat every single person coming onto an airplane or going across a border. If your jpgs look like everybody elses jpgs both visually and under close analytical scrutiny they aren't going to bother you. Another example is there may come a day when any traffic on the Internet that cannot be positively identified as a common protocol with statistically "normal" contents is simply rejected. Maybe not here, maybe not right now, but this kind of idea is still very useful.
Parent is correct. If you want to disguise encrypted data with plausible deniability in existing files you should choose files that already contain data with very high entropy such as compressed file formats like mp3, gzip, rar, etc. Assuming the file remains functionally intact it would be extremely difficult or impossible to tell it was modified.
Additionally, nobody seems to remember that protocols have a non-trivial overhead and assume their bandwidth consumed is equal to the throughput of only their payload bytes. Just as a quick example of how big of a difference this can make, enabling jumbo frames on a high throughput iSCSI link can often increase the bandwidth of that link by up to 50% by reducing the amount of packet headers and increasing the number of payload available bytes per packet.
Slashdot Mirror
How can we even begin to discuss hackers without this video? http://www.youtube.com/watch?v=wQ_SE71N3Bc
Desktop supercomputers (GPUs) are cheap nowadays. Modern GPUs can process over 3 billion (yes, billion, with a B, http://www.golubev.com/hashgpu.htm) SHA-1 hashes per second, and this is where good salt gains it's importance, because even a very strong password of completely random upper and lower case letters and symbols could be extracted from it's SHA-1 hash on just 3 or 4 GPUs in less than 24 hours. Good random salt can increase this search time immensely.
That said, good password practice is obviously to avoid re-using passwords for different services, and if people actually followed that in practice it wouldn't be such a big deal for an attacker to gain access to the password plaintext, because if they have the hash database they probably have already compromised the site / system anyway, and getting the passwords wouldn't help them get any further access to other systems.
So if what Microsoft is doing is fair at what point does it exactly become unfair? They're currently harvesting Google's search results from users with software installed and settings enabled, and using that as a factor in their page relevance. What if I fore-go the users and setup some machines to automate this and submit search terms automatically for which I would like to borrow results? Is that fair? What if instead of just some search terms, it's an entire library of search terms? Is that fair? What if I just fucking setup a search page that submits queries to Google server side and returns the results sans ads, but with my own ads? Is THAT fair? Guys give me some funding I just had a great idea for a new search engine.
If the solution involved the mandatory installation of this hardware into the actual fingertips of ever man woman and child MADD would still be fighting for it. It's disappointing that this is the biggest voice against drunk driving.
I agree. One thing that angers me is that our system of dividing the costs for road maintenance fails to accurately take into account the fact that different classes of vehicles cause vastly different damage to the road surface. One large truck can cause almost a hundred times as much damage as a single car driving over the same piece of road.
Many applications that display embedded HTML would be at risk. Those applications include Steam, MSN Messenger and others, etc.
... and then X-ISP buys Y-ISP and the cycle starts anew. Wait, you want to legislation to prevent that? Then you're already proposing regulation, albeit in the most roundabout ineffective way possible.
The right solution is probably just being honest and transparent about capacity, which will obviously need to be enforced with legislation. Consumers can't make an informed choice about their provider if all they publish are peak theoretical speeds.
It is very short sighted to make a judgment in technology based on what you think your users "need". The reality is many "normal" people see a lot of value in services like Youtube, Netflix, Skype (with video), iTunes and other multimedia applications that they may not have become accustomed to using because it isn't usable for them right now anyway, so it is a chicken and egg problem.
That's just today anyway, but I mean, what could people possibly need tomorrow? 640k ought to be enough for anyone right guys?
So if we have a way to generate exact partition numbers, does any of this mean there might be an efficient way to find the partition number of for a value where each part is equal to the others? There's potential for an easier way to find prime numbers here.
I think it's ironic to hear this kind of moaning from the open source community when OpenGL developers have had to deal with the similar mish-mash of supported features and no standard problems and DirectX developers have always been able to rely on standard feature sets built into major version numbers of the API.
The tax revenues from legalizing pot alone would probably be enough.
There is actually a fundamental reason for this rather than just oversight. The ATA BIOS command set gives you a 32-bit sector index to load data off the disk in real mode (2 TB of addressable data). On a conventional BIOS system execution will start in real mode after the BIOS has loaded the boot sector (first sector) of the boot device, which of course is just 512 bytes. Normally this sector would also contain your MBR partition table, but the BIOS doesn't really care. Whatever boot device you point it at it's just going to load the first sector into memory and start executing it in real mode. In order to access data beyond 2 TB you need to:
1. Initialize at least 32-bit protected mode, which itself involves several steps and data structures
2. Complete basic hardware enumeration with the information given to you by the BIOS
3. Load a suitable driver for the disk device class.
4. Now you can load and read the GPT and figure out where the OS is actually located and load THAT, then finally transfer control to it.
Step 1 alone will take generally take the 512 bytes available to you if you do it robustly, so where do you put the code for the other steps? Wherever you put it, it needs to be within the first 2 TB of the disk. Windows COULD support booting from GPT on legacy BIOS systems, however, there would have to be 1 of 2 restrictions: Either your OS partition would need to start in the first 2 TB of the disk, or Windows would require a dummy partition located in the first 2 TB of the disk to use as the second stage boot loader. Although you might see those things as a reasonable compromise, the folks at Microsoft obviously don't and have decided that trying to shoehorn it in with restrictions and gotchas is probably just sillier than using the modern EFI boot system for the modern GPT partition table.
Or maybe you could just buy a special keyboard made for beginners to computers / invalids, or on a budget you could just remove all the keys you don't feel are important by picking them off or putting tape over them.
Correct, which is one of the main reasons I can't see it ever catching on. In order to control anything you're going to have to make huge motions with your entire arms like a god damned gorilla, with all the accuracy and subtlety that entails.
What Microsoft actually pays for is licenses for patents pertaining to the similarities between the .NET Framework libraries and the Java standard libraries. I don't know the specific details but they are similar in that they both comprise a hierarchical set of namespaces and classes to provide certain functionality, and Sun had some patents applicable to that (apparently).
This is compounded by the new fad of including permanent progression in almost every online game now, so I can go online in Red Dead Redemption or Call Of Duty and get killed instantly by people like that who have 10 times more health and do 10 times more damage. What kind of sane adult has the patience to suffer through it for countless hours just to cancel that out?
3 year warranty with same day on-site service. I should have mentioned the price doesn't include monitors, but we have LCDs everywhere now so we rarely buy monitors, I think for most organizations the majority of their workstations purchases are just hardware upgrades where the monitor will probably stay.
I think the answer might just be to try renegotiating your price or specs. I also work for a government institution with about 1000 computers and we pay about $450 with Dell for what I would consider a very decent desktop computer (4GB of RAM, Intel Core 2, etc.).
I used Opera for about 7-8 years and loved it, and I still do, but I recently had to switch to Firefox because the security vulnerabilities in Adobe Reader and Flash Player plugins were just too great of a risk and I need the blocking plugins that Firefox has. Although I was able to replicate a lot of my Opera experience in Firefox through plugins, like speed dial, a plugin that emulates the search strings functionality, mouse gestures, etc., the startup times, load times, and UI in Firefox are way slower than what I knew and loved in Opera. I hope noscript, adblock and flashblock-esque plugins make to Opera very quickly so I can finally go back.
I suppose it's been a while since you've used Windows Server and associated admin tools. Everything Microsoft has written in the last 4 years has a complete Powershell back end interface exposed to the user and you anything you can do from their GUI tools can be done from the shell. In fact, most of their GUI tools just use the Powershell interface in THEIR back end.
Steganography is hard if you demand high density. That is, a higher ratio of your content vs the content it is being inserted into. It really depends how much encrypted data you need to hide and how much unencrypted data you have to hide it in. If you're hiding less than a kilobyte of encrypted high entropy data in a 6MB high entropy mp3, and your algorithm is intelligent to distribute it evenly into many areas of the file, that's much harder to detect. That said, I didn't say modifying a complex compressed file format while leaving it functionally intact would be easy, that's the hard part.
I think you're missing the point. Of course after they know that you have some encrypted data on your disk the strength of the encryption becomes moot because they can just drug / beat you until you tell them the key, but what this question is about is hiding encrypted data in unencrypted data so prying eyes can't tell if anything is even there at all.
For example, there may come a day when airport security could demand you disclose your passwords when they find you are carrying storage with encrypted content using the aforementioned techniques, but they aren't going to drug / beat every single person coming onto an airplane or going across a border. If your jpgs look like everybody elses jpgs both visually and under close analytical scrutiny they aren't going to bother you. Another example is there may come a day when any traffic on the Internet that cannot be positively identified as a common protocol with statistically "normal" contents is simply rejected. Maybe not here, maybe not right now, but this kind of idea is still very useful.
Parent is correct. If you want to disguise encrypted data with plausible deniability in existing files you should choose files that already contain data with very high entropy such as compressed file formats like mp3, gzip, rar, etc. Assuming the file remains functionally intact it would be extremely difficult or impossible to tell it was modified.
Additionally, nobody seems to remember that protocols have a non-trivial overhead and assume their bandwidth consumed is equal to the throughput of only their payload bytes. Just as a quick example of how big of a difference this can make, enabling jumbo frames on a high throughput iSCSI link can often increase the bandwidth of that link by up to 50% by reducing the amount of packet headers and increasing the number of payload available bytes per packet.