Patents are just ways for large companies to choke off competitors by getting a state granted monopoly on an idea.
"Monopoly on an idea"? I always thought that patents are about state granting temporary monopoly on an invention (that is, a concrete working implementation of an idea), not a plain idea.
If the codes were generated by an algorithm, it would be possible to discover the algorithm and generate valid codes.
You know the algorithm. You don't know the private key.
Not even necessarily that. They may securely, randomly generate codes and store them in their database for validation. No key, no derivation, the code is a completely random value.
In such a case, the only possible attack would be against their database.
"take a while to crack"? How do you exactly imagine performing cracking in this context? Cracking a code in the way you imply (brute force?) involves lots of attempts.
When faced with interactive network login, this is feasible - the attempts are cheap, you can automatically perform millions of login attempts at practically no cost.
In this context, you'd have to send millions of identical physical letters until one gets through. How do you imagine going that? Getting a truck of blank letters, using an army of printers and robots to fill them in and pack and throw into mail boxes? You'd have to distribute your attack among thousands of geographically distributed post offices, otherwise you'd overwhelm the one, the mailbox would immediately overflow.
We're talking of physical reality. Brute force cracking attacks are mostly tied to the domain of virtual stuff unless you're talking about really short codes (like 2 digit code, or, in the case of e.g. suitcase locks, 3/4 digits). I doubt they make the codes so short here.
About getting one digit wrong - you can always make the code somewhat redundant, making use of error correction codes.
I don't get it - surely it shouldn't matter if someone gains access to the password verification routine, the salt and the encrypted passwords... unless the password hashing/encryption is easily reversible?
They've still got to try and brute force match the encrypted data with a dictionary attack - sure, having the salt makes it easier - but if you've got the salt and the encrypted passwords it doesn't matter what encryption algorithm is used, you've still got to use a brute force dictionary attack. Most encryption algorithms aren't easily reversible - and that's the whole point.
Did you RTFA?
The point is that typically used hash algorithms are designed for speed, which makes brute forcing much easier. For this task, a deliberately slow hash algorithm, like bcrypt, should be used, making the brute force attack much less (like 5 orders of magnitude) feasible.
The polish SF writer Stanislaw Lem has predicted the evolution of warfare we're observing today as far back as 1986:
The really interesting essay of the three, and the one with the greatest connection to the rest of Lem's work, is the middle one, "The Upside-Down Evolution." Lem announces that, by unspecified means, he's gotten hold of "a military history of the twenty-first century," and proceeds to describe the advent and evolution of warfare by micro- and nano-robots.
It's been some time since I read it, but I recall him having envisioned evolution of war machinery as it became more and more miniaturized and swarm-like, until it was completely impossible to know if and who was attacking who. A country was able to e.g. form giant undetectable light-focusing lens overlaid in the upper layers of the atmosphere to influence agricultural yield of another country and affect its economy without needing to resort to direct contact and observable violence.
Very interesting to see the actual 21st century technology follow the exact path predicted by Stanislaw Lem. And we're only at its beginning.
All in all, a recommended read (like many other works by Lem).
Better yet, make the prison a non-GSM zone, deinstalling BTS-es and/or screening/jamming the radio signals. Make the staff and inmates use landlines for phone communication.
I were looking for it in a number of places (and their own help has 0 articles for that keyword) all around the Wave UI, I just wanted to revert some deletions I've made to a document.
I couldn't find it and it was the major reason I've stopped playing with it - too easy to lose content.
The other reasons being lack of integration with Google Docs and GMail...
So, someone's invented ntp_time? That's only been around collecting time from time servers, many of which are atomic clock connected, since about 1985.
...
Seriously, could the editor that greenlighted this have done a google search or something?
Could you have done a google search yourself or something?
The RADclock project (formerly known under 'TSCclock') aims to provide a new system for network timing within two years. We are developing replacements for NTP clients and servers based on new principles, in particular the need to distinguish between difference clocks and absolute clocks. The term RADclock, 'Robust Absolute and Difference Clock', stems from this. The RADclock difference clock, for example, can measure RTTs to under a microsecond, even if connectively to the time server is lost for over a week!
AFAIR, a major problem before phase-change memory can become a flash memory replacement is its sensitivity to heat and the resulting modifications that producers would have to introduce to their manufacturing processes (e.g. putting data on the memory chips after, not before assembling).
Would this technology lift this requirement from them by lowering the tempeartures involved in the soldering process?
The polish SF writer Stanislaw Lem has predicted the evolution of warfare we're observing today as far back as 1986:
The really interesting essay of the three, and the one with the greatest connection to the rest of Lem's work, is the middle one, "The Upside-Down Evolution." Lem announces that, by unspecified means, he's gotten hold of "a military history of the twenty-first century," and proceeds to describe the advent and evolution of warfare by micro- and nano-robots.
It's been some time since I read it, but I recall him having envisioned evolution of war machinery as it became more and more miniaturized and swarm-like, until it was completely impossible to know if and who was attacking who. A country was able to e.g. form giant undetectable light-focusing lens overlaid in the upper layers of the atmosphere to influence agricultural yield of another country and affect its economy without needing to resort to direct contact and observable violence.
Very interesting to see the actual 21st century technology follow the exact path predicted by Stanislaw Lem. And we're only at its beginning.
All in all, a recommended read (like many other works by Lem).
Or for impressing a geeky girl once could try to execute an injection attack. Just make sure you use a Trojan or you might spawn unwanted child processes.
Maybe she would prefer a man-in-the-middle...?
That's especially good as a part of a comprehensive penetration testing scenario...
You're making the same reasoning error that the vaccine fighters do: you make absolute and far reaching statements based on a single, anecdotal case or a small number of cases, while in the given subject matter only hard statistics and exhaustive research can give any significant conclusions.
A case of a single kid tells us absolutely nothing, no matter what it is.
You've more or less described how Chip and PIN works, only the difference is that the card, not the user, holds the private key (would yout trust the average user managing the security of his private key?).
For web-based payments (which 3DS is all about) you'd need a new standard for performing transactions that would involve smartcards and asymmetric crypto, and it would require special devices equipped with smartcard readers attached to each consumer's PC/laptop, which will probably make it never happen (the cost for the consumers and the complexity is just not worth it).
The operation would be quite different than in a physical store's payment terminal: the PIN should be verified locally at the user's workstation, but the verification of the card's authenticity should be left to the remote merchant, which would send in transaction data to be digitally signed on the card and verify the returning result.
This scenario sounds great, but take a look at all of the jobs that have now been lost: retail sales positions are drastically reduced, manufacturing of existing products is depopulated, the list goes on and on. I would expect we'd end up with 50% unemployment were they deployed within a 5-10 year span.
No, this is like telling drinkers that they cannot use a device that duplicates the beverage to give to their friends.
Now that's a basis for an interesting thought experiment. Suppose that "physical property" can be as easily copied as (I hate that term) "intellectual property".
How would that influence the beer market? Would people still buy beer from those who produce it, who research and develop new varieties? Or would those people just take some present samples from the moment and go on with duplicating them till the end of the world, which would quickly put all breweries out of business?
But then, maybe before the end of the world everyone would manage to get bored to death, having the same types of beer to choose from, and they'd become eager to pay for beer if someone would provide some new flavour?
That would of course create a small market for some innovative breweries.
I think that in such a scenario, some equilibrium would eventually be reached, a middle ground between free copies completely eliminating brewery businesses and beer duplication being completely restricted using legislative means.
E.g. you could legally duplicate some beer (that you've purchased or had already owned) on a party for your friends, but you'd be punished if you had placed a beer-dispensing machine outside your home for all passers by.
Does this provide an answer to today's copyright problems? I dunno, I just like imagining the idea of not having to go out to a 24h shop in the middle of the night just because there's no more beer in the fridge;)
The polish SF writer Stanislaw Lem has described exactly this problem (swarm robotics in military) as far back as 1986:
The really interesting essay of the three, and the one with the greatest connection to the rest of Lem's work, is the middle one, "The Upside-Down Evolution." Lem announces that, by unspecified means, he's gotten hold of "a military history of the twenty-first century," and proceeds to describe the advent and evolution of warfare by micro- and nano-robots.
It's been some time since I read it, but I recall him having envisioned evolution of war machinery as it became more and more miniaturized and swarm-like, until it was completely impossible to know if and who was attacking who. A country was able to e.g. form giant undetectable light-focusing lens overlaid in the upper layers of the atmosphere to influence agricultural yield of another country and affect its economy without needing to resort to direct contact and observable violence.
Very interesting to see the actual 21st century technology follow the exact path predicted by Stanislaw Lem.
All in all, a recommended read (like many other works by Lem).
This doesn't surprise me since services like CastleCops, which were a serious pain in the ass for spammers, were closed down due to lack of funding and massive DDOS attacks they could not withstand with their budgets.
The big ones do not care - I've tried to get Google interested in cooperating with CastleCops (to receive sample spam message feeds), but they saw no business case in that for them.
Now the GMail accounts are getting more and more spam that passes Google's filters and there seems to be no hope of improvement in the near future.
Slashdot Mirror
Patents are just ways for large companies to choke off competitors by getting a state granted monopoly on an idea.
"Monopoly on an idea"? I always thought that patents are about state granting temporary monopoly on an invention (that is, a concrete working implementation of an idea), not a plain idea.
It seems from your description that this is becoming a significant nuisance.
So just get a new account, with a non common e-mail address, notify all your contacts and start using that.
On the original account, put an automatic reply notifying the sender that they probably got a wrong address.
Infidel! How dare you not mention The Mighty Java in your pity list of inferior, poor imitations of programming languages!
DRIM? Direct Rendering Infrastructure Manager.
Not even necessarily that. They may securely, randomly generate codes and store them in their database for validation. No key, no derivation, the code is a completely random value.
In such a case, the only possible attack would be against their database.
"take a while to crack"? How do you exactly imagine performing cracking in this context? Cracking a code in the way you imply (brute force?) involves lots of attempts.
When faced with interactive network login, this is feasible - the attempts are cheap, you can automatically perform millions of login attempts at practically no cost.
In this context, you'd have to send millions of identical physical letters until one gets through. How do you imagine going that? Getting a truck of blank letters, using an army of printers and robots to fill them in and pack and throw into mail boxes? You'd have to distribute your attack among thousands of geographically distributed post offices, otherwise you'd overwhelm the one, the mailbox would immediately overflow.
We're talking of physical reality. Brute force cracking attacks are mostly tied to the domain of virtual stuff unless you're talking about really short codes (like 2 digit code, or, in the case of e.g. suitcase locks, 3/4 digits). I doubt they make the codes so short here.
About getting one digit wrong - you can always make the code somewhat redundant, making use of error correction codes.
I don't get it - surely it shouldn't matter if someone gains access to the password verification routine, the salt and the encrypted passwords... unless the password hashing/encryption is easily reversible?
They've still got to try and brute force match the encrypted data with a dictionary attack - sure, having the salt makes it easier - but if you've got the salt and the encrypted passwords it doesn't matter what encryption algorithm is used, you've still got to use a brute force dictionary attack. Most encryption algorithms aren't easily reversible - and that's the whole point.
Did you RTFA?
The point is that typically used hash algorithms are designed for speed, which makes brute forcing much easier. For this task, a deliberately slow hash algorithm, like bcrypt, should be used, making the brute force attack much less (like 5 orders of magnitude) feasible.
The polish SF writer Stanislaw Lem has predicted the evolution of warfare we're observing today as far back as 1986:
It's been some time since I read it, but I recall him having envisioned evolution of war machinery as it became more and more miniaturized and swarm-like, until it was completely impossible to know if and who was attacking who. A country was able to e.g. form giant undetectable light-focusing lens overlaid in the upper layers of the atmosphere to influence agricultural yield of another country and affect its economy without needing to resort to direct contact and observable violence.
Very interesting to see the actual 21st century technology follow the exact path predicted by Stanislaw Lem. And we're only at its beginning.
All in all, a recommended read (like many other works by Lem).
Better yet, make the prison a non-GSM zone, deinstalling BTS-es and/or screening/jamming the radio signals. Make the staff and inmates use landlines for phone communication.
Apache is not GPL-licensed, so it would crawl very slowly with no acceleration whatsoever. Tux web server, on the other hand...
Where's that edit history you're referring to?
I were looking for it in a number of places (and their own help has 0 articles for that keyword) all around the Wave UI, I just wanted to revert some deletions I've made to a document.
I couldn't find it and it was the major reason I've stopped playing with it - too easy to lose content.
The other reasons being lack of integration with Google Docs and GMail...
Could you have done a google search yourself or something?
Then you might find this:
The RADclock project (formerly known under 'TSCclock') aims to provide a new system for network timing within two years. We are developing replacements for NTP clients and servers based on new principles, in particular the need to distinguish between difference clocks and absolute clocks. The term RADclock, 'Robust Absolute and Difference Clock', stems from this. The RADclock difference clock, for example, can measure RTTs to under a microsecond, even if connectively to the time server is lost for over a week!
So, what substance does it decompose to?
AFAIR, a major problem before phase-change memory can become a flash memory replacement is its sensitivity to heat and the resulting modifications that producers would have to introduce to their manufacturing processes (e.g. putting data on the memory chips after, not before assembling).
Would this technology lift this requirement from them by lowering the tempeartures involved in the soldering process?
The polish SF writer Stanislaw Lem has predicted the evolution of warfare we're observing today as far back as 1986:
It's been some time since I read it, but I recall him having envisioned evolution of war machinery as it became more and more miniaturized and swarm-like, until it was completely impossible to know if and who was attacking who. A country was able to e.g. form giant undetectable light-focusing lens overlaid in the upper layers of the atmosphere to influence agricultural yield of another country and affect its economy without needing to resort to direct contact and observable violence.
Very interesting to see the actual 21st century technology follow the exact path predicted by Stanislaw Lem. And we're only at its beginning.
All in all, a recommended read (like many other works by Lem).
I'd suggest "5a): send really-really-important files to yourself by e-mail". You know, just in case your USB drive dies somewhere between 5) and 9).
That's especially good as a part of a comprehensive penetration testing scenario...
You're making the same reasoning error that the vaccine fighters do: you make absolute and far reaching statements based on a single, anecdotal case or a small number of cases, while in the given subject matter only hard statistics and exhaustive research can give any significant conclusions.
A case of a single kid tells us absolutely nothing, no matter what it is.
You've more or less described how Chip and PIN works, only the difference is that the card, not the user, holds the private key (would yout trust the average user managing the security of his private key?).
Still, the way it's designed and implemented has some areas for exploitation: http://www.smartcard.co.uk/Chip%20and%20PIN%20Security.pdf
For web-based payments (which 3DS is all about) you'd need a new standard for performing transactions that would involve smartcards and asymmetric crypto, and it would require special devices equipped with smartcard readers attached to each consumer's PC/laptop, which will probably make it never happen (the cost for the consumers and the complexity is just not worth it).
The operation would be quite different than in a physical store's payment terminal: the PIN should be verified locally at the user's workstation, but the verification of the card's authenticity should be left to the remote merchant, which would send in transaction data to be digitally signed on the card and verify the returning result.
Khm, khm. Broken window fallacy.
Now that's a basis for an interesting thought experiment. Suppose that "physical property" can be as easily copied as (I hate that term) "intellectual property".
How would that influence the beer market? Would people still buy beer from those who produce it, who research and develop new varieties? Or would those people just take some present samples from the moment and go on with duplicating them till the end of the world, which would quickly put all breweries out of business?
But then, maybe before the end of the world everyone would manage to get bored to death, having the same types of beer to choose from, and they'd become eager to pay for beer if someone would provide some new flavour?
That would of course create a small market for some innovative breweries.
I think that in such a scenario, some equilibrium would eventually be reached, a middle ground between free copies completely eliminating brewery businesses and beer duplication being completely restricted using legislative means.
E.g. you could legally duplicate some beer (that you've purchased or had already owned) on a party for your friends, but you'd be punished if you had placed a beer-dispensing machine outside your home for all passers by.
Does this provide an answer to today's copyright problems? I dunno, I just like imagining the idea of not having to go out to a 24h shop in the middle of the night just because there's no more beer in the fridge ;)
The polish SF writer Stanislaw Lem has described exactly this problem (swarm robotics in military) as far back as 1986:
It's been some time since I read it, but I recall him having envisioned evolution of war machinery as it became more and more miniaturized and swarm-like, until it was completely impossible to know if and who was attacking who. A country was able to e.g. form giant undetectable light-focusing lens overlaid in the upper layers of the atmosphere to influence agricultural yield of another country and affect its economy without needing to resort to direct contact and observable violence.
Very interesting to see the actual 21st century technology follow the exact path predicted by Stanislaw Lem.
All in all, a recommended read (like many other works by Lem).
Bruce? Is that you?
This doesn't surprise me since services like CastleCops, which were a serious pain in the ass for spammers, were closed down due to lack of funding and massive DDOS attacks they could not withstand with their budgets.
The big ones do not care - I've tried to get Google interested in cooperating with CastleCops (to receive sample spam message feeds), but they saw no business case in that for them.
Now the GMail accounts are getting more and more spam that passes Google's filters and there seems to be no hope of improvement in the near future.
That only postpones the problem till a star system ending disaster...