some sophisticated thieves have laptops equipped with a radio transmitter" and use brute force attacks to find the correct and unique code of a car's key fob.
Thanks for the info. This definitely seems like poor design rather than a broken concept though. I'd like to see them brute force a 2048 bit RSA key. Wireless authentication protocols have the ability to be just as secure as anything else.
Actually, I think over the next few years for many of us our phones will migrate onto our wrists
And this is the problem with the culture at Google these days. Ever since all employees started using macbooks and they only hired 20 something's with thick frame glasses and "nerd" t-shirts they've been on a steady decline into the toilet. This geek tech culture is a serious blight. You people are ruining a once magnificent company. Oh ya... And get off my lawn.
I'm not sure about this claim. Whether it's a traditional key or a proximity key it still falls in the "something you have" category of security. And while I admit I don't know exactly how the proximity keys work I do know that if they use an rsa handshake then they're certainly more secure, than a laser cut key.
It's unfortunate that true randomness cannot exist in the physical world as we know it. Even the roll of a die is a deterministic equation. No matter how complex you make a program you can't make it "feel". That is a required component of sentience. Perhaps "feeling" is an illusion? If so, then nothing and no one is sentient. The creation on a true AI requires us to resolve countless paradox of the physical world that we don't even truly understand yet. Ultimately it will be the philosophers and physicists that give us the answers to developing one, if it's even possible.
Sentience implies the ability to "feel". It relies on certain unprovable truths like the existence of free will. If you don't believe in any of this, that's fine. There's no reason a computer can't be as deterministically complex as the human brain. That, however, is not the same thing as being sentient.
You don't have to study software for very long to learn that there is no such thing as a true random number generator. This is why all programs dealing with randomness are called pseudo random number generators. There are many PRNG's that can give the appearance of randomness, but it's impossible to ever be truly random.
This is the crux of the problem with trying to label a machine as sentient. Sentience applies to the ability to "feel"... beyond the ability to merely reason. It incorporates paradox like free will and choice. If you're of the opinion that neither free will or choice exists then you might believe the human brain is merely a series of electrical impulses and chemical reactions. You believe in the deterministic mind, not the sentient one. Could a computer be as deterministically complex as a human being? I don't see why not. But that is a far cry from declaring it sentient, unless you want to downgrade the definition of sentience to "deterministically complex".
It is fundamentally impossible for a purely deterministic machine to achieve sentience in the true spirit of the term. This is compounded by the fact that the term itself is surrounded in paradox and a lack of complete understanding of our physical world.
Yes. Sentience. Don't make the typical mistake of assuming you understand something just because you've labelled it. We don't know what sentience is, merely that it (probably) exists. In this way it's similar to the concepts of "energy", electro-magnetism, or the big bang. We can observe them, but we don't fully understand them.
The answer to creating a sentient being of our own won't be found in the computer science department. There's still major milestones to hit in biology, philosophy, and perhaps even spirituality.
A lot of well-educated and smart people, including Bill Gates and Stephen Hawking, have stated they are fearful about the dangers that sentient Artificial Intelligence (AI) poses to humanity.
They aren't that smart if they think machines could ever be sentient. Machines are deterministic. They do what you tell them to. We might be able to make extremely complex machines that give the general appearance of sentience, but they will still only ever be deterministic.
Anyone with enough insight and humility knows there's still an extremely large piece of the puzzle missing in our understanding of life. And you need to understand how something works before you can create it.
For apple maybe. Will they do the right thing for you? I highly doubt it. And if Mr. Snowden thinks they will, I would advise him to brush up on his history of that company.
Agreed. Mob mentality rules at reddit and the community that makes up that mob is of the worst kind. Selective censorship is quite usual for their kind. This story is no surprise.
Companies don't just open source code when they feel they can't sell it. The entire revenue model for open source is that the software is incidental to something you can sell.
The most common approach to this by companies like Red Hat and The Linux Foundation is to sell support and accreditation. Recently Google has pioneered a new model of incidental revenue by open sourcing code to generate market share and then using that code base to increase the exposure of it's proprietary software services.
So this works well for software architecture (languages, libraries, kernels, operating systems) but doesn't for one big area: applications. I would agree that there's very little incentive for a company to develop an end user application under the GPL (other than not having to start from scratch). This is why I believe the GPL needs to be amended to become more friendly to application development. Something like a provision to: retain modifications to GPL code that directly contributes to an end user application for up to two years would be immensely beneficial to adoption of the GPL, and the software industry as a whole.
While this is worrying, what a lot of people aren't noticing is that this is a good sign. Orthodox Christianity is getting desperate. They're resorting to dirty tactics and forced indoctrination because an educated society has largely realized their little fairy tale is pretty silly. While our initial reaction is to panic over things like this, I look at it as nothing but a drowning man trying to grab onto whatever he can to stay afloat. The truth will win in the end.
The real concern would be an EMP from a solar flare which is a real, documented, historical concern. As we move our society towards an ever increasing reliance on electricity and digital storage of information, this should be the most paramount of concerns.
If I can pile into one drunk and it will drive me home, sign me up. My hunch is that the our current nanny-state way of thinking will never allow this. We will be required to be sober and attentive even if not driving. You'd probably get a ticket for merely reading a book or sending a text message.
The best way, imho, would be through education; not on the technical aspects of cryptography, but why it's important to use. Then implement it via something tangible like a yubikey. If people know it's important, and they implement it via a tangible tool they can attach to their keychain, it would be more popular.
FB hosting your public key has zero effect on anything. You are supposed to distribute your public key widely. The actual problem with public keys is ensuring that your public key is actually your public key for the purposes of not sending an email that someone else can read.
Well... exactly. So if all that is happening here is that facebook is another public key server than this is a really a non-story. The interesting prospect of this is that facebook, by it's nature, has the ability to verify your identity. So, instead of the user dealing with the prompt "Do you want to add key 'such and such' from 'so and so' to your key store?" and then having to either manually verify that (not practical) or blindly trust that it's valid (99.999999999999% of real world use) they could pass off that work to facebook who could do the verification for them.
So the argument stands that since any American company is potentially in the back pocket of any American government agency, by legislation, this is not such a neat thing. If this was done by a social media service run through Sweden perhaps it would be. Or, even better, a decentralized social media network.
This is very interesting, but unfortunately the parent poster is correct. Tying a public key to your social media account is a good way to prove ownership without having to trust these notoriously dubious certification authorities. However, Facebook is an American company and that makes it trivial for their government agencies to infiltrate it to fake a false trust and man in the middle communications (ie. pretend to be you to the other end). Them encrypting the traffic they send you is nice but also irrelevant from that perspective as the unencrypted traffic could just be subpoenaed.
It would be extremely interesting if someone else from a more trustworthy country were to do this!
Slashdot Mirror
So many rules! What are you apple?
Right after my warranty expires.
I didn't define it. The Greeks did.
some sophisticated thieves have laptops equipped with a radio transmitter" and use brute force attacks to find the correct and unique code of a car's key fob.
Thanks for the info. This definitely seems like poor design rather than a broken concept though. I'd like to see them brute force a 2048 bit RSA key. Wireless authentication protocols have the ability to be just as secure as anything else.
Actually, I think over the next few years for many of us our phones will migrate onto our wrists
And this is the problem with the culture at Google these days. Ever since all employees started using macbooks and they only hired 20 something's with thick frame glasses and "nerd" t-shirts they've been on a steady decline into the toilet. This geek tech culture is a serious blight. You people are ruining a once magnificent company. Oh ya... And get off my lawn.
I'm not sure about this claim. Whether it's a traditional key or a proximity key it still falls in the "something you have" category of security. And while I admit I don't know exactly how the proximity keys work I do know that if they use an rsa handshake then they're certainly more secure, than a laser cut key.
It's unfortunate that true randomness cannot exist in the physical world as we know it. Even the roll of a die is a deterministic equation. No matter how complex you make a program you can't make it "feel". That is a required component of sentience. Perhaps "feeling" is an illusion? If so, then nothing and no one is sentient. The creation on a true AI requires us to resolve countless paradox of the physical world that we don't even truly understand yet. Ultimately it will be the philosophers and physicists that give us the answers to developing one, if it's even possible.
Sentience implies the ability to "feel". It relies on certain unprovable truths like the existence of free will. If you don't believe in any of this, that's fine. There's no reason a computer can't be as deterministically complex as the human brain. That, however, is not the same thing as being sentient.
You don't have to study software for very long to learn that there is no such thing as a true random number generator. This is why all programs dealing with randomness are called pseudo random number generators. There are many PRNG's that can give the appearance of randomness, but it's impossible to ever be truly random.
This is the crux of the problem with trying to label a machine as sentient. Sentience applies to the ability to "feel"... beyond the ability to merely reason. It incorporates paradox like free will and choice. If you're of the opinion that neither free will or choice exists then you might believe the human brain is merely a series of electrical impulses and chemical reactions. You believe in the deterministic mind, not the sentient one. Could a computer be as deterministically complex as a human being? I don't see why not. But that is a far cry from declaring it sentient, unless you want to downgrade the definition of sentience to "deterministically complex".
It is fundamentally impossible for a purely deterministic machine to achieve sentience in the true spirit of the term. This is compounded by the fact that the term itself is surrounded in paradox and a lack of complete understanding of our physical world.
Yes. Sentience. Don't make the typical mistake of assuming you understand something just because you've labelled it. We don't know what sentience is, merely that it (probably) exists. In this way it's similar to the concepts of "energy", electro-magnetism, or the big bang. We can observe them, but we don't fully understand them.
The answer to creating a sentient being of our own won't be found in the computer science department. There's still major milestones to hit in biology, philosophy, and perhaps even spirituality.
A lot of well-educated and smart people, including Bill Gates and Stephen Hawking, have stated they are fearful about the dangers that sentient Artificial Intelligence (AI) poses to humanity.
They aren't that smart if they think machines could ever be sentient. Machines are deterministic. They do what you tell them to. We might be able to make extremely complex machines that give the general appearance of sentience, but they will still only ever be deterministic.
Anyone with enough insight and humility knows there's still an extremely large piece of the puzzle missing in our understanding of life. And you need to understand how something works before you can create it.
For apple maybe. Will they do the right thing for you? I highly doubt it. And if Mr. Snowden thinks they will, I would advise him to brush up on his history of that company.
Agreed. Mob mentality rules at reddit and the community that makes up that mob is of the worst kind. Selective censorship is quite usual for their kind. This story is no surprise.
Your post was informative, but damn man, hit the shift key every once in a while.
Companies don't just open source code when they feel they can't sell it. The entire revenue model for open source is that the software is incidental to something you can sell.
The most common approach to this by companies like Red Hat and The Linux Foundation is to sell support and accreditation. Recently Google has pioneered a new model of incidental revenue by open sourcing code to generate market share and then using that code base to increase the exposure of it's proprietary software services.
So this works well for software architecture (languages, libraries, kernels, operating systems) but doesn't for one big area: applications. I would agree that there's very little incentive for a company to develop an end user application under the GPL (other than not having to start from scratch). This is why I believe the GPL needs to be amended to become more friendly to application development. Something like a provision to: retain modifications to GPL code that directly contributes to an end user application for up to two years would be immensely beneficial to adoption of the GPL, and the software industry as a whole.
While this is worrying, what a lot of people aren't noticing is that this is a good sign. Orthodox Christianity is getting desperate. They're resorting to dirty tactics and forced indoctrination because an educated society has largely realized their little fairy tale is pretty silly. While our initial reaction is to panic over things like this, I look at it as nothing but a drowning man trying to grab onto whatever he can to stay afloat. The truth will win in the end.
The real concern would be an EMP from a solar flare which is a real, documented, historical concern. As we move our society towards an ever increasing reliance on electricity and digital storage of information, this should be the most paramount of concerns.
If I can pile into one drunk and it will drive me home, sign me up. My hunch is that the our current nanny-state way of thinking will never allow this. We will be required to be sober and attentive even if not driving. You'd probably get a ticket for merely reading a book or sending a text message.
I just found my next certification for my employer to pay for.
Whatever you do make sure it runs systemd....
Some sort of new device to keep people off my lawn. It couldn't be run IOS, Android, have a unified touch interface, or be in "the cloud" though.
The best way, imho, would be through education; not on the technical aspects of cryptography, but why it's important to use. Then implement it via something tangible like a yubikey. If people know it's important, and they implement it via a tangible tool they can attach to their keychain, it would be more popular.
FB hosting your public key has zero effect on anything. You are supposed to distribute your public key widely. The actual problem with public keys is ensuring that your public key is actually your public key for the purposes of not sending an email that someone else can read.
Well... exactly. So if all that is happening here is that facebook is another public key server than this is a really a non-story. The interesting prospect of this is that facebook, by it's nature, has the ability to verify your identity. So, instead of the user dealing with the prompt "Do you want to add key 'such and such' from 'so and so' to your key store?" and then having to either manually verify that (not practical) or blindly trust that it's valid (99.999999999999% of real world use) they could pass off that work to facebook who could do the verification for them.
So the argument stands that since any American company is potentially in the back pocket of any American government agency, by legislation, this is not such a neat thing. If this was done by a social media service run through Sweden perhaps it would be. Or, even better, a decentralized social media network.
This is very interesting, but unfortunately the parent poster is correct. Tying a public key to your social media account is a good way to prove ownership without having to trust these notoriously dubious certification authorities. However, Facebook is an American company and that makes it trivial for their government agencies to infiltrate it to fake a false trust and man in the middle communications (ie. pretend to be you to the other end). Them encrypting the traffic they send you is nice but also irrelevant from that perspective as the unencrypted traffic could just be subpoenaed.
It would be extremely interesting if someone else from a more trustworthy country were to do this!
Considering this is a more severe punishment than the majority of rapists receive, something is very wrong indeed.