There are already a lot of dropbox alternatives that have open source clients and even ones that do encryption. But there isn't a good Skype alternative I've seen that lets me participate in Skype group chats. I don't even care about video/audio chat. Can someone reverse engineer the Skype client next?
BitCoin is not an anonymous currency. It was touted as such, but if one really wanted an anonymous currency, they would have used one of Chaum's ideas (DigiCash, anyone?)
Bitcoin is decentralized, not anonymous. The previous more anonymous cryptocurrencies were centralized. Centralized cryptocurrencies sound much easier to regulate.
from the fact that it is centralized (which can cause someone offline to get fucked if someone hands them some coins and then spends the same coins to someone else),
I have no idea what you're trying to say here.
to the tracability aspect
Bitcoin does have some privacy issues. Users are able to make it hard-to-follow their history if they try. I'm hoping some future Bitcoin improvements help make tracing harder. (BIP 32 could help as a side effect.)
to the fact that the whole system benefited the people who came in first and could grind the coins out on CPUs, no GPUs, FPGAs, or ASICs needed, as is needed these days.
I can't fathom a way that this sort of thing wouldn't happen with a new cryptocurrency in one way or another.
Bitcoin is decentralized peer-to-peer cryptocurrency. It's a protocol, not something controlled by someone. There's no bank that can say you've reached your transaction limit or surprise you with a new fee out of nowhere. There's no Paypal who can decide your account looks suspicious and freeze it. There's no game company that limits its trade and creates more on its whim. There's no group who have to trust to keep running vital servers out of the goodness of their hearts.
It is really concerning. I'm hoping that existing SSL/TLS libraries rely on/dev/u?random instead of (in)SecureRandom, or else there might be a lot of stored ciphertext communications getting cracked about now.
At least there's an easy way to patch it in Android apps. Here's the patch that works around the issue in the Android Bitcoin client. It patches SecureRandom to just read from/dev/urandom instead.
From looking at the Android Bitcoin client's code, it appears it already used SecureRandom correctly (default empty constructor). The Android implementation of SecureRandom itself is broken.
Good random number generators exist elsewhere. Most modern encryption relies on them. The fact that someone spectacularly messed up an RNG with disastorous exploitable results is news.
The chance of getting the same number twice should be equal to the chance of an attacker brute-forcing it. Judging by the fact some keys were brute-forced in well under a billion years, I'm going to assume it's much more likely that Android's RNG is broken.
The correct and highest voted answer on that page says to avoid seeding SecureRandom yourself. It's designed to be the most secure with its default constructor. The issue is that Android's implementation of SecureRandom is bad even when you use it correctly.
The difference between Persona and OpenID is that if/when the email services and browsers (I think I can name at least one browser which is sure to do this) add native support for it, then you can authenticate to your email host once and a private key will be loaded into your browser, and then you can authenticate to sites directly yourself with that key easily, and then no 3rd party (Mozilla, your email provider, etc) knows you've authenticated there. With OpenID, your OpenID service can see everywhere that you log into.
If I were paying $1.2 billion for something as rote as a payroll system, it better be fucking amazing. It's estimated that the entirety of Linux could be recreated from scratch for $600 million. A payroll system twice as complex as the entire Linux operating system! Think of the possibilities! I have no idea what the possibilities are, but they must be amazing to justify that cost!
Beer isn't very fungible. There's many different types of it, there's varying qualities, and age can affect it. Any dollar is as valuable as any other dollar.
The Bitcoin network's computational power "far exceeds the combined processing strength of the top 500 most powerful supercomputers". Plenty of nodes have specialized hardware developed specifically for Bitcoin mining; the only way any actor could take over the network would be to invest shit tons of money in specialized hardware they can't use for anything else. This isn't a situation where they can just repurpose their existing supercomputers for a day.
Sure it's within the realm of physical possibilities, but what gains would there be besides pissing a lot of people off by spending huge sums of money? The ratio of people pissed off to money spent is very small, so practically any other method of pissing people off would be much more cost effective.
The value of gold and silver isn't because of any intrinsic values they have besides rarity. (Yes, I know there are industrial uses of them, but that's not the driving force behind their price.) Good currency similarly also has a limited supply.
Slashdot Mirror
Does Clorox sell bleach and ammounia together in drive-throughs?
There are already a lot of dropbox alternatives that have open source clients and even ones that do encryption. But there isn't a good Skype alternative I've seen that lets me participate in Skype group chats. I don't even care about video/audio chat. Can someone reverse engineer the Skype client next?
Just because someone reverse-engineered the dropbox client doesn't mean that dropbox is insecure. (Well, maybe their 2FA is bypassable.)
History -> Clear Recent History -> checkmark the cache box
How much easier do you want it?
That's why you make sure to only get 4G hotspots that work with it. Other people's phones don't matter, they can just use the wifi from the hotspots.
Accessing a website through a proxy is "plain old criminal trespass"?
you can't fool a gamer into thinking he is having fun while he is actually doing work
Have you ever seen someone play an MMO?
Does this mean that if you live in the middle of nowhere, your TV remote will mysteriously fail to work? Great.
BitCoin is not an anonymous currency. It was touted as such, but if one really wanted an anonymous currency, they would have used one of Chaum's ideas (DigiCash, anyone?)
Bitcoin is decentralized, not anonymous. The previous more anonymous cryptocurrencies were centralized. Centralized cryptocurrencies sound much easier to regulate.
from the fact that it is centralized (which can cause someone offline to get fucked if someone hands them some coins and then spends the same coins to someone else),
I have no idea what you're trying to say here.
to the tracability aspect
Bitcoin does have some privacy issues. Users are able to make it hard-to-follow their history if they try. I'm hoping some future Bitcoin improvements help make tracing harder. (BIP 32 could help as a side effect.)
to the fact that the whole system benefited the people who came in first and could grind the coins out on CPUs, no GPUs, FPGAs, or ASICs needed, as is needed these days.
I can't fathom a way that this sort of thing wouldn't happen with a new cryptocurrency in one way or another.
And that would help regulate it how?
Bitcoin is decentralized peer-to-peer cryptocurrency. It's a protocol, not something controlled by someone. There's no bank that can say you've reached your transaction limit or surprise you with a new fee out of nowhere. There's no Paypal who can decide your account looks suspicious and freeze it. There's no game company that limits its trade and creates more on its whim. There's no group who have to trust to keep running vital servers out of the goodness of their hearts.
It is really concerning. I'm hoping that existing SSL/TLS libraries rely on /dev/u?random instead of (in)SecureRandom, or else there might be a lot of stored ciphertext communications getting cracked about now.
At least there's an easy way to patch it in Android apps. Here's the patch that works around the issue in the Android Bitcoin client. It patches SecureRandom to just read from /dev/urandom instead.
By "implement" you mean "use"?
From looking at the Android Bitcoin client's code, it appears it already used SecureRandom correctly (default empty constructor). The Android implementation of SecureRandom itself is broken.
Good random number generators exist elsewhere. Most modern encryption relies on them. The fact that someone spectacularly messed up an RNG with disastorous exploitable results is news.
The chance of getting the same number twice should be equal to the chance of an attacker brute-forcing it. Judging by the fact some keys were brute-forced in well under a billion years, I'm going to assume it's much more likely that Android's RNG is broken.
The issue is with Android's SecureRandom class. SecureRandom does not rely on /dev/urandom or /dev/random.
The correct and highest voted answer on that page says to avoid seeding SecureRandom yourself. It's designed to be the most secure with its default constructor. The issue is that Android's implementation of SecureRandom is bad even when you use it correctly.
There's stuff to privacy besides lack of cookies.
Enigmail for Thunderbird has a nice interface for keyservers hidden under some menu if I remember right.
The difference between Persona and OpenID is that if/when the email services and browsers (I think I can name at least one browser which is sure to do this) add native support for it, then you can authenticate to your email host once and a private key will be loaded into your browser, and then you can authenticate to sites directly yourself with that key easily, and then no 3rd party (Mozilla, your email provider, etc) knows you've authenticated there. With OpenID, your OpenID service can see everywhere that you log into.
Just use a different email address at different places then.
If I were paying $1.2 billion for something as rote as a payroll system, it better be fucking amazing. It's estimated that the entirety of Linux could be recreated from scratch for $600 million. A payroll system twice as complex as the entire Linux operating system! Think of the possibilities! I have no idea what the possibilities are, but they must be amazing to justify that cost!
Beer isn't very fungible. There's many different types of it, there's varying qualities, and age can affect it. Any dollar is as valuable as any other dollar.
The Bitcoin network's computational power "far exceeds the combined processing strength of the top 500 most powerful supercomputers". Plenty of nodes have specialized hardware developed specifically for Bitcoin mining; the only way any actor could take over the network would be to invest shit tons of money in specialized hardware they can't use for anything else. This isn't a situation where they can just repurpose their existing supercomputers for a day.
Sure it's within the realm of physical possibilities, but what gains would there be besides pissing a lot of people off by spending huge sums of money? The ratio of people pissed off to money spent is very small, so practically any other method of pissing people off would be much more cost effective.
The value of gold and silver isn't because of any intrinsic values they have besides rarity. (Yes, I know there are industrial uses of them, but that's not the driving force behind their price.) Good currency similarly also has a limited supply.