Explained in the YPM episode "Power to the People" by Sir Arnold and Sir Humphrey. It follows the following scheme: "Something must be done. This is something, therefore we must do it.". But doing nothing is better than doing the wrong thing.
If by "multiple hashes" you mean a hash of a hash, then it's a bad idea. A hash function compresses the input data (lossily) to a (usually) smaller amount of data. As for computing both hashes and XOR'ing them together, it doesn't seem like too bad an idea, but it's beyond my ability to give a more definitive answer. It's entirely possible that the two hash algorithms effectively cancel out parts of each other, or at least make the job of cryptanalysis easier. That is, it could make the job of finding hash collisions (which is the usual measure of security for hashes, assuming that the hash is effectively one-way to begin with) potentially much easier. When in doubt, it's safer to use a single system.
Also, iirc MD5 and SHA-1 give different length hashes so some additional mungeing will be needed to come up with a uniform length hash.
The attack primarily affects some digital signature applications, including timestamping and certificate signing operations, where one party prepares a message for the generation of a digital signature by a second party, and third parties then verify the signature.
There's an easy solution here as mentioned in Applied Cryptography (2nd edition). To paraphrase, when given a document to sign using a hash-based digital signature protocol, make sure to make some trivial edits to the document first. Otherwise, you run the risk that the person asking you to sign the document has already calculated a hash collision for that document, meaning that at a later date they can use your signature as "proof" that you signed some more nefarious document which has the same hash. Funnily enough, I think SHA-1 was mentioned somewhere in that same section...
The VCR didn't have any copy protection built in, so there would be no "circumvention" to trip the DMCA.
Since I don't know anything about this software, I don't know if it decrypts the disc or not. But it is possible to make a perfect copy of a disc without decrypting it. That, and the fact that CSS (Content Scrambling System) is no longer a trade secret, should be enough to show how groundless this suit is.
I know it's not what the article is about, but I thought it was a cool hack nonetheless... remember how the invaders changed colour as they moved down the screen? Well it wasn't because they had a full colour screen. Instead different coloured strips of plastic were placed over different areas to give the illusion of a colour display. But I guess most of you knew that...
to generate wealth out of thin air and making everyone dependent on everyone else's well-being is the entire foundation of our economic system
Uhh, no. It's just the foundation of the stock market.
Er, no. What you're describing is called "speculation", or, to use another word, "gambling". The reason the stock exchange was founded was to allow companies to raise capital in order to set up or expand operations. Too bad it's become synonymous with speculation and/or "getting something for nothing".
By definition, shorting relies on the stock going down in response to the very act of short-selling. In other words, that sentence is either completely useless or a disingenuous attempt to justify shorting.
Because the "world-class reporting" (I assume Byrne intends that to refer to the lush praise the Register showers him with)...
I rather think he was referring to the the comment I (writing as Frumious Bandersnatch) made on the story, and Mr. Byrne quoted verbatim:
In particular, as someone said above, this "actually has me thinking that The Register is a world-class journalistic publication."
If you had gone back and read some of the other things the Register had previously said about him, you would not have come up with the conclusion that he thinks the Register is brilliant because they're fawning over him. If anything, they've been fairly dismissive of him until now.
Disclaimer: I don't work for, or have any connection with Overstock.com or Patrick Byre. Or the Register, for that matter, btw. I'm just a regular commentard. I'm chuffed that I'm being quoted and that my quote is being talked about, but that's as far as it goes. Unless either of the above wants to offer me a job or something...
Slashdot Mirror
You keep using that word. I do not think it means what you think it means.
http://www.yes-minister.com/polterms.htm
Also, iirc MD5 and SHA-1 give different length hashes so some additional mungeing will be needed to come up with a uniform length hash.
There's an easy solution here as mentioned in Applied Cryptography (2nd edition). To paraphrase, when given a document to sign using a hash-based digital signature protocol, make sure to make some trivial edits to the document first. Otherwise, you run the risk that the person asking you to sign the document has already calculated a hash collision for that document, meaning that at a later date they can use your signature as "proof" that you signed some more nefarious document which has the same hash. Funnily enough, I think SHA-1 was mentioned somewhere in that same section...
Since I don't know anything about this software, I don't know if it decrypts the disc or not. But it is possible to make a perfect copy of a disc without decrypting it. That, and the fact that CSS (Content Scrambling System) is no longer a trade secret, should be enough to show how groundless this suit is.
I know it's not what the article is about, but I thought it was a cool hack nonetheless... remember how the invaders changed colour as they moved down the screen? Well it wasn't because they had a full colour screen. Instead different coloured strips of plastic were placed over different areas to give the illusion of a colour display. But I guess most of you knew that...
It still doesn't stop the uninformed from spending billions on tracking associations anyway. Oh, have an obligatory Onion link
Uhh, no. It's just the foundation of the stock market.
Er, no. What you're describing is called "speculation", or, to use another word, "gambling". The reason the stock exchange was founded was to allow companies to raise capital in order to set up or expand operations. Too bad it's become synonymous with speculation and/or "getting something for nothing".
Shorts generally fortell future price declines.
By definition, shorting relies on the stock going down in response to the very act of short-selling. In other words, that sentence is either completely useless or a disingenuous attempt to justify shorting.
Because the "world-class reporting" (I assume Byrne intends that to refer to the lush praise the Register showers him with) ...
I rather think he was referring to the the comment I (writing as Frumious Bandersnatch) made on the story, and Mr. Byrne quoted verbatim:
In particular, as someone said above, this "actually has me thinking that The Register is a world-class journalistic publication."
If you had gone back and read some of the other things the Register had previously said about him, you would not have come up with the conclusion that he thinks the Register is brilliant because they're fawning over him. If anything, they've been fairly dismissive of him until now.
Disclaimer: I don't work for, or have any connection with Overstock.com or Patrick Byre. Or the Register, for that matter, btw. I'm just a regular commentard. I'm chuffed that I'm being quoted and that my quote is being talked about, but that's as far as it goes. Unless either of the above wants to offer me a job or something ...
The elevators traveling speed will be measured in GFIp/t ("Girl from Ipanema" plays per transport).
I do hope it's the version by Pizzicato Five.
What's in a name? Ask Bobby Tables