And they also included a Javascript engine, I wonder if the JVM people come up with something new which will boost Javascript performance in ways the browser developers haven't yet. Javascript performance improvements haven't stalled yet (asm.js was an interesting approach), but others people looking at the problem could produce interesting results.
But you are wrong, because they don't have the resources to keep ALL that traffic data. They get a LOT of traffic data.
In at least the UK they got a copy of all traffic going through a bunch of undersea cables and Germany they basically get a port-mirror from certain transit providers.
So they have a computer to look at the data to find 'interesting' stuff.
Then they store it for up to a couple of weeks. Until a request comes in for some information and a human queries the data and looks at just a little bit. Anything that looks even remotely interesting will then be kept forever.
The problem is, what are these criteria that the computer and human are using to mark stuff 'interesting' ? And don't say, it's just a computer. That computer algorithm is fed by a human too.
That is my problem with this.
Their is a paper trail of the second part, but it is secret.
He didn't say why you shouldn't use public-key crypto.
At first I thought he might still trust the math, not the CAs. He might be saying that because of possible: man-in-the-middle-attacks with a CA-signed certs.
But in the comments on his site he mentions:
"It is more likely that the NSA has some fundamental mathematical advance in breaking public-key algorithms than symmetric algorithms."
> better to keep your communications inside your own country.
This is not enough. Just look at Germany.
Transit providers were involved with providing copies of traffic to the NSA or GCHQ (basically a port-mirror) in Germany, there is a compound about 30 kilometers away from the DE-CIX Internet Exchange in Germany.
If you are or compete with PayPal you might have requirements of where your data is and who has access to this data which don't allow you to place it on servers outside of your own datacenters.
Slashdot Mirror
What I meant is, it might have nothing to do with age.
Or Linus has more and more merges to do, so less time to code.
Actually, github is the way to do politics.
So you can see exactly which politician worked on which law and why.
Will probably never happen...?
Well, supposedly solar power development is on a similar curve like Moore's law (I believe it's 30% per yaar).
Some say this will make solar rediculously cheap in 2020:
http://www.youtube.com/watch?v=AKL8wJunKA0
So that would solve your energy problem, it also helps solve water and food problems.
I'm sure things will improve for them now they have a new logo ;-)
Interesting enough the Raspberry Pi has a hardware random number generator built in, did you know that ?
That might actually be one of the cheapest devices with a hardware random number generator I'm aware of.
Does anyone have any information about what type it is, how it works and how good it is ?
And they also included a Javascript engine, I wonder if the JVM people come up with something new which will boost Javascript performance in ways the browser developers haven't yet. Javascript performance improvements haven't stalled yet (asm.js was an interesting approach), but others people looking at the problem could produce interesting results.
Actually, urandom shouldn't be used for crypto if at all possible. That's the whole point.
The first question you should ask is: /dev/urandom or /dev/random or some other device ?
Where do these embedded devices get their random data ?
Linux kernel uses a pool with different sources and only accepts input on /dev/random from root.
Anyway you slice or dice, It's just tricky getting good random data on embedded devices.
I'm sorry, but a BIOS is firmware.
Look at UEFI as an example.
If you only look at the diffs, you won't notice a change which they'll spread out over a couple of months.
HDD's obviously also contain firmware and SSD's even more.
It would be kind of OK if that was true.
But you are wrong, because they don't have the resources to keep ALL that traffic data. They get a LOT of traffic data.
In at least the UK they got a copy of all traffic going through a bunch of undersea cables and Germany they basically get a port-mirror from certain transit providers.
So they have a computer to look at the data to find 'interesting' stuff.
Then they store it for up to a couple of weeks. Until a request comes in for some information and a human queries the data and looks at just a little bit. Anything that looks even remotely interesting will then be kept forever.
The problem is, what are these criteria that the computer and human are using to mark stuff 'interesting' ? And don't say, it's just a computer. That computer algorithm is fed by a human too.
That is my problem with this.
Their is a paper trail of the second part, but it is secret.
If you read the comments on his site he mentions:
"It is more likely that the NSA has some fundamental mathematical advance in breaking public-key algorithms than symmetric algorithms."
So he discourages it's use.
He didn't say why you shouldn't use public-key crypto.
At first I thought he might still trust the math, not the CAs. He might be saying that because of possible: man-in-the-middle-attacks with a CA-signed certs.
But in the comments on his site he mentions:
"It is more likely that the NSA has some fundamental mathematical advance in breaking public-key algorithms than symmetric algorithms."
> better to keep your communications inside your own country.
This is not enough. Just look at Germany.
Transit providers were involved with providing copies of traffic to the NSA or GCHQ (basically a port-mirror) in Germany, there is a compound about 30 kilometers away from the DE-CIX Internet Exchange in Germany.
Here is an introductory article:
http://arstechnica.com/tech-policy/2013/08/seven-telcos-named-as-providing-fiber-optic-cable-access-to-uk-spies/
If you trust DNSSEC and operating systems and browsers supported it DANE could solve that problem.
It is possible it would try to do so.
I don't think they can attack WebRTC directly.
The advantage of WebRTC might be that it doesn't define a signaling protocol.
But companies don't sue IETF, they sue other companies.
Your browser (Chrome, Firefox) probably already has more advanced technology onboard than Facetime.
It's called WebRTC and allows peer 2 peer video, audio and data communication and it's always encrypted.
If you ask me, it's the right time to start adoption of WebRTC.
If you are or compete with PayPal you might have requirements of where your data is and who has access to this data which don't allow you to place it on servers outside of your own datacenters.
So basically:
We already using something, we've invested into a solution which works for us, why invest again ?
Or maybe he just thinks all the companies provide employment.
Or maybe his political party wants to secure funding for the next elections.
Why would they need to photoshop that ?
The Bush family and the important Bin Laden family are friends, they do business together, for example they both are in oil, didn't you know that ?
Osama bin Laden is the black sheep of the family.
Those numbers are old, solar isn't a technology that is not improving.
If you look at graphs of how cheap solar panels are to produce or how much power they generate, it looks something similar to Moore's law.
I don't know, I would probably make the same list and I'm from Europe.