I vote hero. This would make in interesting Slashdot poll. I was hoping Snowden's intentions were to help us decide for ourselves how to be governed, rather than just being PO-ed at his boss. This interview convinced me. Definitely hero.
Besides violating our constitutional right to privacy, our government is now in the routine buisiness of lying to us. They're passing secret laws that force companies to help them spy on us, with gag orders preventing these companies from complaining about it. They follow us through our phones, and ignore laws restricting their powers. At what point does the government work for us rather than the other way around? At least in China everyone knows they're being spied on. There's no secrecy about that fact.
I don't want another 9/11 attack to occur, and I'm willing to give up a little privacy to help. I do believe the NSA is primarily focused on protecting Americans. However, I want a vote on just how much privacy to give up.
Speaking of numbers, did anyone else here gag when reading in the post that incandescent bulbs are 10% efficient? Try 2% efficient at creating light we can read by... all that infrared they put out just keeps you warm. The poster must have gotten incandescent efficiencies mixed up with the latest and greatest bulbs - LED bulbs from Cree, which can do 11% efficiency. Still, most of that energy becomes heat. There's still room for a lot of improvement.
For guys my age (I turned 50 last week), the first Moon walk was a pivotal event. July of 1969... I was 6 years old, and my father was a squadron commander in the 318th Fighter Squadron flying F-102s, and I lived on Cherry Hill on the Air Force base in Anchorage Alaska. We all watched the first steps taken on the Moon, and as the son of an Air Force fighter pilot, there were high expectations for me. I remember when pilots where heros. Everyone expected even greater things from my generation.
We totally let them down, at least in terms of space exploration. I blame politics, and to some extent NASA (though mostly because of politics). I also have my hopes pinned on commercial efforts like SpaceX. We were on the Moon in 1969, while people in China were still starving. I'm glad China has revived some of the dream, and I hope they do well. In the meantime, our generation gave birth to personal computers and cell phones, so it's not a total loss, but there never was another OMG moment like the Moon walk.
If someone does end up creating a truly anonymous form of currency or payment then you can be damn sure the main people who will benefit are those who want to pay no taxes or those who want to sell services and products that are illegal.
This is the major problem with the Tor network. I ran a node for a while, but the traffic packet sizes and timing all indicated users watching videos rather than doing something useful like advocating for freedom of speech. I've had Tor users hack my web sites and troll on-line meetings for blind people. As far as I can tell, most Tor users seem to be serious ass holes. So, I stopped running my node.
I have a less secure idea for how to do this that would encourage good behavior, but there's little interest on the Tor forum or Freedombox forum. Basically, instead of trying to hide what you do, only hide who you are. If you engage in behavior acceptable to a significant number of your peers, then they could help sponsor your anonymity. If you think on-line gambling should be allowed, you could sponsor some Americans who aren't allowed. If you think China should let their people speak freely without worrying about their Government locking them up, then you could sponsor Chinese political blogging. Normally, Tor "exit nodes" are run by people who believe strongly in freedom, but to protect themselves, they are careful not to look at any of the network traffic from their nodes. If they looked, and saw a child porn ring, they'd legally have to report it. In the modified network, node operators would be encouraged to monitor traffic, report anything illegal in their location to authorities, and report any activity outside a person's claimed need for anonymity to the network, lowering the number of exit nodes willing to carry their traffic. A web-of-trust network could be used to determine how much you should trust someone requesting an exit node.
This scheme would work very well with electronic money, using the original Ripple protocol. I doubt this would meet RMS's requirements, but I think it would be a fantastic step in the right direction. It's less secure because you're network traffic between sessions is associated with the same secret identity, allowing attackers to determine patterns of behavior far more easily. However, the people we all want to support are already doing this. There are famous political bloggers blogging from inside oppressive countries. If you want to use your right to free speech to make a difference, you have to attract a following, and that means having a public identity that people can follow. The only people this system would really hurt are those who wish to act out of the light of any public scrutiny at all.
As Thomas Jefferson said, when you do a thing, imagine the whole world is watching and act accordingly. I think all we need is a little more reality behind the whole world is watching part, and a little more anonymity. You wouldn't need everyone to support you to remain anonymous, but you couldn't PO the whole world either.
I am sure you just can't wait for the Windows 8.1 update! Just imagine how happy we'll all be! After all the outrage and frustration over Windows 8 losing it's "start" menu, Windows 8.1 is here to save the day! Now, that old start menu that used to do something useless... listing all of your applications so you could find them... has been replaced! Now it takes you directly to the Metro UI, where you can barf all over your keyboard! Happy day!
Nice story. PG&E in California used to only give you credit for the fuel they calculated they didn't burn due to your feeding power to the grid, even though that was maybe 1/3 of everyone's electric bill. Obviously, we need to change this sort of BS behavior at utilities. PG&E, IIRC, has paid a proper rate for customer's power generation for at least a couple decades now. However, there's nothing wrong with utility scale solar in many places. There are inefficiencies of scale that they can make use of while you can't. Right now, here in NC, there seem to be enough tax credits for farmers to plant solar panels instead of food, and we're getting 10 acre solar farms all over. A friend of mine is installing solar panels on the new building he's constructing. The world-wide implosion of government sponsored solar installations has enabled the free market to finally deliver solar modules in the $1/watt range, making solar cost effective in many many cases.
Still, wind and solar aren't the entire answer to our power needs. It rains a lot here in NC, and wind is highly variable. Nuclear is good for "base" load, which means they run all the time at near full power, solar is good for those hot summer days when we need air conditioning, and natural gas generators are good for making up the gaps.
I wish we were funding Thorium development. It's not going to magically appear and start producing cheap safe clean nuclear power. To get there will take a massive investment and many years, but there's real promise there. I prefer the "all of the above" approach to energy.
I completely agree. I didn't want to say anything like "I got the last laugh" in my story. I love my brother like a brother, so there's no laughing. However, I working in a job I thoroughly enjoy where I make very decent money, and my family is wonderful. I wish things had worked out as well for my awesome little brother, but everyone is who they are in the end. I'm a big geek, and better off for it.
I have to tell a story... yeah... I'm old. My little bother was hot. He couldn't help it, girls just couldn't leave him alone. Someone convinced him to do modeling as a career for a while, but after missing shoots to enter skateboard contests, his modeling career was over. Still, Hallmark's "Hunk" calendar ran him as Mr April two years running.
Anyway, while he was screwing every girl who ever wanted a hot guy, I got my engineering degree. I dated the president of the math club, and spent a night in jail for hacking phone systems. One night during summer break, my brother had something to say to me. He said, "I respect what you're doing." I knew he meant he respects what I'm doing even though any reasonable person would not. I couldn't argue with the guy living every hormone driven teenager's dream, but I thought it was funny. I was preparing to make the world a better place, but I suppose being a girl's dream date counts.
We are geeks. There's something wrong in our minds that makes us happy spending time typing on a keyboard rather than chasing women. When I change the world in concrete measurable ways, the feeling is euphoric, and programming is the way I help change the world.
I guess I'll point out the obvious flaw in dork-tard's assertion that business should do the research and the government should stay out of it. Businesses may indeed fund research into things like climate change and even do a better job, but they wont *share* their results. Businesses are not in the business of improving our country or the world. If they pay for research, they almost always keep the results as a trade secret just in case it might give them a slight competitive advantage. It's not evil, it's simply business.
Is this a good place to say, "Ha ha!... you spent $15 to illegally influence an election and lost! And now you have to pay $16M in fines!"
Honestly, it's this secret crap that scares me the most, whether it's the Koch brothers or the NSA. If they're going to screw us over, they'd better damn well do it in the light of day.
I think it's dumb every time I hear we need to lower big business taxes to foster innovation and create jobs. Tech companies produce tons of high paying jobs, make investors rich, and often don't pay a dime in taxes, instead investing in growth, creating even more jobs.
As a public company, producing profits sucks to some extent. You have to pay taxes, investors ask for dividends or stock buy-backs, and you lose control over investing in growth as investors become addicted to taking your profits instead of letting you grow. Just look at Dell, for example. There are good reasons to take a company private. Among them is to gain the ability to spend your profits on improving the company rather than having investors leech off you.
I suspect this is how they caught the Silk Road guy. Tor is likely entirely transparent to the NSA, just from metadata. It kills me to see articles like this one recommending running a Tor node. I ran one for a while after hearing about it's use to avoid political oppression, but the traffic, from my reading of the meta-data, was dominated by video downloads. In theory, Tor is about freedom, but in reality, it's about porn.
It is 100% possible to provide the kind of freedom Tor in theory was created to provide. First, do exactly what you said, and eliminate the meta data leaks. So long as the network is used to provide freedom rather than illegal video, the bandwidth per volunteer node will be very low, even with the techniques you describe. Freedom is about basic communication like accessing email lists, not watching 2 hour videos for free.
The second part is insuring your bandwidth is used for goals you support, like freedom of expression, rather than the crap Tor is used for. This can be done with "secret identities", as in Super Man and Spider Man. Each user would have their actual identity protected as a secret, while their "public" identity would have their network behavior, such as which web sites they visit, documented in a public unencrypted P2P social network. This would allow individuals to safely collaborate on worthy goals, while keeping illegal video sharing goons from wasting our bandwidth.
The problem comes with some simple math. I can hire writers all day long for $25/article. $2,500 buys me 100 Wikipedia shills if they get paid the same as regular writers in America. Maybe they get paid more because it's specialty work. How about $100/article? That's still only $10,000 - not much money to buy yourself a wikipedia image.
Great post! When you try to post constructive criticism of Linux, there's a lot of push back on slashdot. I would add:
4.- The "code purist" problem. I can publish my latest hacked POS app on Android in no time at all. That's why there are millions of apps for Android and iOS. With Debian/RedHat derived distros, the process is harder than refinancing the mortgage on your house, and getting your package into the "stable" distro takes years. Hours vs years, and an hour or so of effort vs getting a home loan. It's killing Linux.
Kudos to Shuttleworth for trying to fix this problem, with his jailed app delivery system for Ubuntu Touch. I hope he succeeds in reviving Linux. I'll even try to help.
I guess my outrage has burned since the early 1980's, but it's been hard to stay outraged all that time. IMO, the NSA won. They did their job as they see it, and electronic security is now a total joke. It's not just the NSA that gets access, but the spammers, botnets, and phishers. We could have made the Inernet secure, but every time anyone tried to make any single piece of it more secure, the NSA-influenced peanut gallery went ape-shit, insuring nothing useful happened. The exceptions are cases when we agreed to centralized control, such as certificate authorities, where the NSA can use secret powers to force big companies to cooperate, while gagging their ability to inform their customers.
If I had anything I really needed kept secret, I know how to do that. However, I just don't have anything I care to keep secret, given the insane effort it requires now days. I give up. The NSA can have up close pics of my testicles. Whatever.
The algorithm compensates, and delivers bitcoins at a predicable rate, unlike the US government's payments. If miners drop out, those who remain split the spoils.
I sold all my coins and bought my wife a nice silicon-carbide necklace fashioned out of Cree's materials, for about $500. I don't feel good about the use bitcoins are being put to, even if I do support the freedom that untraceable electronic money represents.
Yes. The poster is asking if Google should do like so many previous evil companies and stop innovating, and instead focus on putting the pinch to their clients. Oracle falls squarely in this category. I'm hoping Google will instead decide to continue innovating. They've been pretty damned good at it.
Re:Peer review stretched to its limit by money
on
How Science Goes Wrong
·
· Score: 3, Insightful
So... you think science used to be better? Really?
Newton spent much of his energy in later years in a brutal smear campaign to smear mathematicians and scientists who in fact invented much of he took credit for, such as portions of Calculus. Edison is known to have mounted an equally brutal attack on his arguably more inventive peer, Tesla. Have you ever read Penis envy? Really? That guy was a world class crack-pot, IMO.
I've read many technical and scientific papers every year since about 1982, and I see zero degradation in professionalism. The truth is there was never much anyway. For ever paper that made me believe something I useful, there were a half dozen total crap papers that weren't even close to the mark. Science is just fine... just the same crap as always, but overall very effective crap. It's the freaking "news" networks that have turned into crap.
I'm optimistically hoping this means the guys manning the nuke near house below Jordan Lake in NC are doing a better job maintaining it than their peers in the West. On the other hand, it could just be lazy NRC regulators.
Cripes... I take a few years and don't read about the latest RC4 attacks, and someone finally figures out an attack that can make use of the super-low long-term biases found in RC4. I guess I'll have to switch to something else. I've been using message authentication MACs in P2P protocols when messages are not encrypted. The combination seems like a good idea for stream ciphers.
Even back in the early 1980's college students would add things like "bomb terrorist hijack communist assassinate" in their signature because of the rumors that the Usenet was being monitored by NSA programs that where basically data-mining for words like that. I had a friend who was pretty paranoid about it, so I wrote an email to him begging him to give up his plan to blow up a bunch of people. He didn't think it was very funny. I suspect some poor NSA schmuck has had the displeasure of being assigned to read most of what I say on line ever since... sorry if it's true!
I agree. The real firestorm was when Fox News was stoking Tea Party fear of Obama spying on Americans. It was so effective, Fox News had to stop for fear of actually forcing the Tea Party congressmen to vote against continuing surveillance, which as you know, they didn't do - our Tea Party Freedom Fighters voted to continue with zero change, right along with everyone else in congress.
The outrage might be stronger here on slashdot, but most of us haven't heard a single new revelation, only confirmations. On the plus side, my wife and friends no longer think I'm a paranoid conspiracy theorist for believing many of the leaks posted here on slashdot over the years.
I just read TFA and associated paper, and the petition. Linus was right, the petition was pointless, and motivated by confusion on the petitioner's part. However, the paper points out some scary issues in the Linux PRNG. It's tin-foil hat stuff, but it shows how one user on a Linux system could write a malicious program that would drain the entropy pools, and then feed the entropy pool non-random data which Linux would estimate as very random. If this attack were done just before a user uses/dev/random to generate a cryptographic key, that key could be compromised, meaning the attacker may be able to guess it.
The paper echos a call for Linux to stop estimating entropy, meaning effectively we'd just have/dev/urandom only, and people who require cryptographically strong random bits would have to look elsewhere. As a practical matter, I disagree./dev/random may not be 100% secure, but it's handy.
Let me try again using software this time instead of hardware. If I let my PC count from 0 to 2^32 in a loop until I hit enter, then the lowest bits will be very random, while the highest aren't very random at all. If I do this over and over, and XOR all the bits of all the counter results together, I can easily create crypto-grade random bits. If a hacker manages to add a signal of his design to my counter values, it has no impact on the randomness of my generated bits. This is obvious once you know that XORing a non-random value on top of a random value in no way reduces its randomness. If a random value v has exactly 50% probability of being 1, then I can flip the value by XORing 1 onto it, and it still has exactly 50% chance of being 1. Now if the hacker could AND values onto the counter values, I'd lose randomness, but any operation that is mathematically a permutation, like addition or XOR, does not reduce randomness.
The system I built does the same thing, generating 40 million 8 bit values per second that are similar to the counter values described above. The low bits are highly random, and the high bits are not. If you simply add a signal to these values it has zero impact on the randomness of the result, just like with the counter values. Now if your signal overloads the amplifier, causing clipping, then the output might be 255 for many samples. That would brake the RNG, just like AND-ing 0's onto my counters would do.
Anyway, this is not rocket science. People seem to think you can't make good random data without a Ph.D. in cryptography, but in reality, all you need is a source of *some* randomness and the XOR operation. The math is pretty simple, too.
There's a simple fact that makes hardware RNGs easy. It really isn't rocket science.
XORing bits that each contain a small amount of true randomness leads quickly to high quality true randomness. Model the output bit stream from the hardware RNG as v(i) for the i-th bit. Assume each v(i) is 1 with probability 0.5 + e(i), where e(i) is an error function of magnitude 0.5. e(i) can be a function of previous v(i), a periodic signal, or some clever signal injected directly from the NSA. However, with magnitude 0.5, all you have to do is XOR the v(i) values together until you achieve the desired level of true randomness.
For bits v(1) and v(2), v(1) XOR v(2) has probability of being 1 = (0.5 + e(1))(0.5-e(2)) + (0.5 - e(1))(0.5 + e(2)) = 0.5 -2*e(1)*e(2). If e is bounded in magnitude by some number, like 0.4, you can easily compute how many bits you must XOR together to get the desired randomness. For a very poor quality RNG output error of 0.4, I need to XOR the output stream 7 times, generating 1 output bit for each 128 from the hardware RNG. The resulting error in randomness would be less than 1 part in 10^12.
Slashdot Mirror
I vote hero. This would make in interesting Slashdot poll. I was hoping Snowden's intentions were to help us decide for ourselves how to be governed, rather than just being PO-ed at his boss. This interview convinced me. Definitely hero.
Besides violating our constitutional right to privacy, our government is now in the routine buisiness of lying to us. They're passing secret laws that force companies to help them spy on us, with gag orders preventing these companies from complaining about it. They follow us through our phones, and ignore laws restricting their powers. At what point does the government work for us rather than the other way around? At least in China everyone knows they're being spied on. There's no secrecy about that fact.
I don't want another 9/11 attack to occur, and I'm willing to give up a little privacy to help. I do believe the NSA is primarily focused on protecting Americans. However, I want a vote on just how much privacy to give up.
Speaking of numbers, did anyone else here gag when reading in the post that incandescent bulbs are 10% efficient? Try 2% efficient at creating light we can read by... all that infrared they put out just keeps you warm. The poster must have gotten incandescent efficiencies mixed up with the latest and greatest bulbs - LED bulbs from Cree, which can do 11% efficiency. Still, most of that energy becomes heat. There's still room for a lot of improvement.
For guys my age (I turned 50 last week), the first Moon walk was a pivotal event. July of 1969... I was 6 years old, and my father was a squadron commander in the 318th Fighter Squadron flying F-102s, and I lived on Cherry Hill on the Air Force base in Anchorage Alaska. We all watched the first steps taken on the Moon, and as the son of an Air Force fighter pilot, there were high expectations for me. I remember when pilots where heros. Everyone expected even greater things from my generation.
We totally let them down, at least in terms of space exploration. I blame politics, and to some extent NASA (though mostly because of politics). I also have my hopes pinned on commercial efforts like SpaceX. We were on the Moon in 1969, while people in China were still starving. I'm glad China has revived some of the dream, and I hope they do well. In the meantime, our generation gave birth to personal computers and cell phones, so it's not a total loss, but there never was another OMG moment like the Moon walk.
If someone does end up creating a truly anonymous form of currency or payment then you can be damn sure the main people who will benefit are those who want to pay no taxes or those who want to sell services and products that are illegal.
This is the major problem with the Tor network. I ran a node for a while, but the traffic packet sizes and timing all indicated users watching videos rather than doing something useful like advocating for freedom of speech. I've had Tor users hack my web sites and troll on-line meetings for blind people. As far as I can tell, most Tor users seem to be serious ass holes. So, I stopped running my node.
I have a less secure idea for how to do this that would encourage good behavior, but there's little interest on the Tor forum or Freedombox forum. Basically, instead of trying to hide what you do, only hide who you are. If you engage in behavior acceptable to a significant number of your peers, then they could help sponsor your anonymity. If you think on-line gambling should be allowed, you could sponsor some Americans who aren't allowed. If you think China should let their people speak freely without worrying about their Government locking them up, then you could sponsor Chinese political blogging. Normally, Tor "exit nodes" are run by people who believe strongly in freedom, but to protect themselves, they are careful not to look at any of the network traffic from their nodes. If they looked, and saw a child porn ring, they'd legally have to report it. In the modified network, node operators would be encouraged to monitor traffic, report anything illegal in their location to authorities, and report any activity outside a person's claimed need for anonymity to the network, lowering the number of exit nodes willing to carry their traffic. A web-of-trust network could be used to determine how much you should trust someone requesting an exit node.
This scheme would work very well with electronic money, using the original Ripple protocol. I doubt this would meet RMS's requirements, but I think it would be a fantastic step in the right direction. It's less secure because you're network traffic between sessions is associated with the same secret identity, allowing attackers to determine patterns of behavior far more easily. However, the people we all want to support are already doing this. There are famous political bloggers blogging from inside oppressive countries. If you want to use your right to free speech to make a difference, you have to attract a following, and that means having a public identity that people can follow. The only people this system would really hurt are those who wish to act out of the light of any public scrutiny at all.
As Thomas Jefferson said, when you do a thing, imagine the whole world is watching and act accordingly. I think all we need is a little more reality behind the whole world is watching part, and a little more anonymity. You wouldn't need everyone to support you to remain anonymous, but you couldn't PO the whole world either.
I am sure you just can't wait for the Windows 8.1 update! Just imagine how happy we'll all be! After all the outrage and frustration over Windows 8 losing it's "start" menu, Windows 8.1 is here to save the day! Now, that old start menu that used to do something useless... listing all of your applications so you could find them... has been replaced! Now it takes you directly to the Metro UI, where you can barf all over your keyboard! Happy day!
Nice story. PG&E in California used to only give you credit for the fuel they calculated they didn't burn due to your feeding power to the grid, even though that was maybe 1/3 of everyone's electric bill. Obviously, we need to change this sort of BS behavior at utilities. PG&E, IIRC, has paid a proper rate for customer's power generation for at least a couple decades now. However, there's nothing wrong with utility scale solar in many places. There are inefficiencies of scale that they can make use of while you can't. Right now, here in NC, there seem to be enough tax credits for farmers to plant solar panels instead of food, and we're getting 10 acre solar farms all over. A friend of mine is installing solar panels on the new building he's constructing. The world-wide implosion of government sponsored solar installations has enabled the free market to finally deliver solar modules in the $1/watt range, making solar cost effective in many many cases.
Still, wind and solar aren't the entire answer to our power needs. It rains a lot here in NC, and wind is highly variable. Nuclear is good for "base" load, which means they run all the time at near full power, solar is good for those hot summer days when we need air conditioning, and natural gas generators are good for making up the gaps.
I wish we were funding Thorium development. It's not going to magically appear and start producing cheap safe clean nuclear power. To get there will take a massive investment and many years, but there's real promise there. I prefer the "all of the above" approach to energy.
I completely agree. I didn't want to say anything like "I got the last laugh" in my story. I love my brother like a brother, so there's no laughing. However, I working in a job I thoroughly enjoy where I make very decent money, and my family is wonderful. I wish things had worked out as well for my awesome little brother, but everyone is who they are in the end. I'm a big geek, and better off for it.
I have to tell a story... yeah... I'm old. My little bother was hot. He couldn't help it, girls just couldn't leave him alone. Someone convinced him to do modeling as a career for a while, but after missing shoots to enter skateboard contests, his modeling career was over. Still, Hallmark's "Hunk" calendar ran him as Mr April two years running.
Anyway, while he was screwing every girl who ever wanted a hot guy, I got my engineering degree. I dated the president of the math club, and spent a night in jail for hacking phone systems. One night during summer break, my brother had something to say to me. He said, "I respect what you're doing." I knew he meant he respects what I'm doing even though any reasonable person would not. I couldn't argue with the guy living every hormone driven teenager's dream, but I thought it was funny. I was preparing to make the world a better place, but I suppose being a girl's dream date counts.
We are geeks. There's something wrong in our minds that makes us happy spending time typing on a keyboard rather than chasing women. When I change the world in concrete measurable ways, the feeling is euphoric, and programming is the way I help change the world.
I guess I'll point out the obvious flaw in dork-tard's assertion that business should do the research and the government should stay out of it. Businesses may indeed fund research into things like climate change and even do a better job, but they wont *share* their results. Businesses are not in the business of improving our country or the world. If they pay for research, they almost always keep the results as a trade secret just in case it might give them a slight competitive advantage. It's not evil, it's simply business.
Is this a good place to say, "Ha ha!... you spent $15 to illegally influence an election and lost! And now you have to pay $16M in fines!"
Honestly, it's this secret crap that scares me the most, whether it's the Koch brothers or the NSA. If they're going to screw us over, they'd better damn well do it in the light of day.
I think it's dumb every time I hear we need to lower big business taxes to foster innovation and create jobs. Tech companies produce tons of high paying jobs, make investors rich, and often don't pay a dime in taxes, instead investing in growth, creating even more jobs.
As a public company, producing profits sucks to some extent. You have to pay taxes, investors ask for dividends or stock buy-backs, and you lose control over investing in growth as investors become addicted to taking your profits instead of letting you grow. Just look at Dell, for example. There are good reasons to take a company private. Among them is to gain the ability to spend your profits on improving the company rather than having investors leech off you.
I suspect this is how they caught the Silk Road guy. Tor is likely entirely transparent to the NSA, just from metadata. It kills me to see articles like this one recommending running a Tor node. I ran one for a while after hearing about it's use to avoid political oppression, but the traffic, from my reading of the meta-data, was dominated by video downloads. In theory, Tor is about freedom, but in reality, it's about porn.
It is 100% possible to provide the kind of freedom Tor in theory was created to provide. First, do exactly what you said, and eliminate the meta data leaks. So long as the network is used to provide freedom rather than illegal video, the bandwidth per volunteer node will be very low, even with the techniques you describe. Freedom is about basic communication like accessing email lists, not watching 2 hour videos for free.
The second part is insuring your bandwidth is used for goals you support, like freedom of expression, rather than the crap Tor is used for. This can be done with "secret identities", as in Super Man and Spider Man. Each user would have their actual identity protected as a secret, while their "public" identity would have their network behavior, such as which web sites they visit, documented in a public unencrypted P2P social network. This would allow individuals to safely collaborate on worthy goals, while keeping illegal video sharing goons from wasting our bandwidth.
The problem comes with some simple math. I can hire writers all day long for $25/article. $2,500 buys me 100 Wikipedia shills if they get paid the same as regular writers in America. Maybe they get paid more because it's specialty work. How about $100/article? That's still only $10,000 - not much money to buy yourself a wikipedia image.
Great post! When you try to post constructive criticism of Linux, there's a lot of push back on slashdot. I would add:
4.- The "code purist" problem. I can publish my latest hacked POS app on Android in no time at all. That's why there are millions of apps for Android and iOS. With Debian/RedHat derived distros, the process is harder than refinancing the mortgage on your house, and getting your package into the "stable" distro takes years. Hours vs years, and an hour or so of effort vs getting a home loan. It's killing Linux.
Kudos to Shuttleworth for trying to fix this problem, with his jailed app delivery system for Ubuntu Touch. I hope he succeeds in reviving Linux. I'll even try to help.
I guess my outrage has burned since the early 1980's, but it's been hard to stay outraged all that time. IMO, the NSA won. They did their job as they see it, and electronic security is now a total joke. It's not just the NSA that gets access, but the spammers, botnets, and phishers. We could have made the Inernet secure, but every time anyone tried to make any single piece of it more secure, the NSA-influenced peanut gallery went ape-shit, insuring nothing useful happened. The exceptions are cases when we agreed to centralized control, such as certificate authorities, where the NSA can use secret powers to force big companies to cooperate, while gagging their ability to inform their customers.
If I had anything I really needed kept secret, I know how to do that. However, I just don't have anything I care to keep secret, given the insane effort it requires now days. I give up. The NSA can have up close pics of my testicles. Whatever.
The algorithm compensates, and delivers bitcoins at a predicable rate, unlike the US government's payments. If miners drop out, those who remain split the spoils.
I sold all my coins and bought my wife a nice silicon-carbide necklace fashioned out of Cree's materials, for about $500. I don't feel good about the use bitcoins are being put to, even if I do support the freedom that untraceable electronic money represents.
Yes. The poster is asking if Google should do like so many previous evil companies and stop innovating, and instead focus on putting the pinch to their clients. Oracle falls squarely in this category. I'm hoping Google will instead decide to continue innovating. They've been pretty damned good at it.
So... you think science used to be better? Really?
Newton spent much of his energy in later years in a brutal smear campaign to smear mathematicians and scientists who in fact invented much of he took credit for, such as portions of Calculus. Edison is known to have mounted an equally brutal attack on his arguably more inventive peer, Tesla. Have you ever read Penis envy? Really? That guy was a world class crack-pot, IMO.
I've read many technical and scientific papers every year since about 1982, and I see zero degradation in professionalism. The truth is there was never much anyway. For ever paper that made me believe something I useful, there were a half dozen total crap papers that weren't even close to the mark. Science is just fine... just the same crap as always, but overall very effective crap. It's the freaking "news" networks that have turned into crap.
I'm optimistically hoping this means the guys manning the nuke near house below Jordan Lake in NC are doing a better job maintaining it than their peers in the West. On the other hand, it could just be lazy NRC regulators.
Cripes... I take a few years and don't read about the latest RC4 attacks, and someone finally figures out an attack that can make use of the super-low long-term biases found in RC4. I guess I'll have to switch to something else. I've been using message authentication MACs in P2P protocols when messages are not encrypted. The combination seems like a good idea for stream ciphers.
Even back in the early 1980's college students would add things like "bomb terrorist hijack communist assassinate" in their signature because of the rumors that the Usenet was being monitored by NSA programs that where basically data-mining for words like that. I had a friend who was pretty paranoid about it, so I wrote an email to him begging him to give up his plan to blow up a bunch of people. He didn't think it was very funny. I suspect some poor NSA schmuck has had the displeasure of being assigned to read most of what I say on line ever since... sorry if it's true!
I agree. The real firestorm was when Fox News was stoking Tea Party fear of Obama spying on Americans. It was so effective, Fox News had to stop for fear of actually forcing the Tea Party congressmen to vote against continuing surveillance, which as you know, they didn't do - our Tea Party Freedom Fighters voted to continue with zero change, right along with everyone else in congress.
The outrage might be stronger here on slashdot, but most of us haven't heard a single new revelation, only confirmations. On the plus side, my wife and friends no longer think I'm a paranoid conspiracy theorist for believing many of the leaks posted here on slashdot over the years.
I just read TFA and associated paper, and the petition. Linus was right, the petition was pointless, and motivated by confusion on the petitioner's part. However, the paper points out some scary issues in the Linux PRNG. It's tin-foil hat stuff, but it shows how one user on a Linux system could write a malicious program that would drain the entropy pools, and then feed the entropy pool non-random data which Linux would estimate as very random. If this attack were done just before a user uses /dev/random to generate a cryptographic key, that key could be compromised, meaning the attacker may be able to guess it.
The paper echos a call for Linux to stop estimating entropy, meaning effectively we'd just have /dev/urandom only, and people who require cryptographically strong random bits would have to look elsewhere. As a practical matter, I disagree. /dev/random may not be 100% secure, but it's handy.
Let me try again using software this time instead of hardware. If I let my PC count from 0 to 2^32 in a loop until I hit enter, then the lowest bits will be very random, while the highest aren't very random at all. If I do this over and over, and XOR all the bits of all the counter results together, I can easily create crypto-grade random bits. If a hacker manages to add a signal of his design to my counter values, it has no impact on the randomness of my generated bits. This is obvious once you know that XORing a non-random value on top of a random value in no way reduces its randomness. If a random value v has exactly 50% probability of being 1, then I can flip the value by XORing 1 onto it, and it still has exactly 50% chance of being 1. Now if the hacker could AND values onto the counter values, I'd lose randomness, but any operation that is mathematically a permutation, like addition or XOR, does not reduce randomness.
The system I built does the same thing, generating 40 million 8 bit values per second that are similar to the counter values described above. The low bits are highly random, and the high bits are not. If you simply add a signal to these values it has zero impact on the randomness of the result, just like with the counter values. Now if your signal overloads the amplifier, causing clipping, then the output might be 255 for many samples. That would brake the RNG, just like AND-ing 0's onto my counters would do.
Anyway, this is not rocket science. People seem to think you can't make good random data without a Ph.D. in cryptography, but in reality, all you need is a source of *some* randomness and the XOR operation. The math is pretty simple, too.
There's a simple fact that makes hardware RNGs easy. It really isn't rocket science.
XORing bits that each contain a small amount of true randomness leads quickly to high quality true randomness. Model the output bit stream from the hardware RNG as v(i) for the i-th bit. Assume each v(i) is 1 with probability 0.5 + e(i), where e(i) is an error function of magnitude 0.5. e(i) can be a function of previous v(i), a periodic signal, or some clever signal injected directly from the NSA. However, with magnitude 0.5, all you have to do is XOR the v(i) values together until you achieve the desired level of true randomness.
For bits v(1) and v(2), v(1) XOR v(2) has probability of being 1 = (0.5 + e(1))(0.5-e(2)) + (0.5 - e(1))(0.5 + e(2)) = 0.5 -2*e(1)*e(2). If e is bounded in magnitude by some number, like 0.4, you can easily compute how many bits you must XOR together to get the desired randomness. For a very poor quality RNG output error of 0.4, I need to XOR the output stream 7 times, generating 1 output bit for each 128 from the hardware RNG. The resulting error in randomness would be less than 1 part in 10^12.