Hm. Base 12 is used by everyone on a daily basis, as well as base 60, thanks to the Babylonians. The main advantage of working in these bases is the large number of divisors each base hase, relative to its size: 10 divides evenly into 2 and 5. 12 divides evenly into 2, 3, 4, and 6. 60 divides evenly into 2, 3, 4, 6, 10, 12, 15, 20 and 30. This makes it much easier, for example, to divide an hour or a day into quarters and thirds than if these were based on decimal units. Decimal units, however, are much easier for summing using base 10 arithmetic.
The quote at the beginning has become one of my favourite metaphors for describing a process that should be close to impossible: "Bypassing a PAL should be, as one weapons designer graphically put it, about as complex as performing a tonsillectomy while entering the patient from the wrong end."
A solution that works for many is PasswordSafe. This is a small application that keeps all passwords encrypted (using the Blowfish algorithm). Entries are presented either as a flat list or tree, and double-clicking an entry decrypts the password and copies it to the clipboard. The project originally came from Counterpane, Bruce Schneier's company, and is regarded as a useful and secure application. PasswordSafe has random password generation that can be customized rather nicely. Of course, the PasswordSafe database itself needs to protected by a passphrase...
[Disclaimer: I'm currently the project admin for PasswordSafe.]
The book may be flawed in that it doesn't look at other toolkits, but I don't think that his motivation is to sell cryptlib, which is available "under the GPL-compatible Sleepycat dual license, which means you can use it under the GPL terms or under standard commercial terms, depending on your preference." [http://www.cs.auckland.ac.nz/~pgut001/]
In a short story entitled "Silence Please", first published in Science-Fantasy #2, 1950, later in a collection in 1957, "Tales from the White Hart" (reprinted in 1970 by Harcourt, Brace & World Inc., New York). Quite funny, even if he does take some liberties with the laws of physics.
(1) PasswordSafe is not what is described in the patent application, but rather a password storage application that allows you to conveniently copy a selected password to the paste buffer.
Do you really want to add radioactivity to the list of issues that need to be addressed when disposing an old PC? (Yes, I know that the radioactive source would be too weak to be dangerous - try explaining that to a greenie)
All radioactive sources decay with time. This means yet another limitation on the lifetime of your PC. Worse, the failure mode is less benign (and more subtle) than the clock not keeping time...
Ed Felten has a valid point about the need to choose a threat model, and to stick to that choice.
However, he has not convinced me that the two threat models that he describes are the only ones, or indeed separate threat models at all.
I would view p2p networks as a means to achieving "widespread, but small-scale and unorganized, copying," and not as a separate threat model at all.
I'm also not clear about whom he's addressing: Most DRM advocates are aware of the fact that today's systems will not stop a determined adversary, and only mildly deter a casual user.
People interested in this might also be interested in the rubberhose project.
From the homepage:
"Rubberhose transparently and deniably encrypts disk data, minimising the effectiveness of warrants, coersive interrogations and other compulsive mechanisms, such as U.K RIP legislation. Rubberhose differs from conventional disk encryption systems in that it has an advanced modular architecture, self-test suite, is more secure, portable, utilises information hiding (steganography / deniable cryptography), works with any file system and has source freely available. Currently supported ciphers are DES, 3DES, IDEA, RC5, RC6, Blowfish, Twofish and CAST."
"The base of VME is a Virtual Matrix, a matrix of binary values which is infinity in size in theory and therefore have no redundant value. The data to be encrypted is compared to the data in the Virtual Matrix. Once a match is found, a set of pointers that indicate how to navigate inside the Virtual Matrix is created. That set of pointers (which is worthless unless pointing to the right Virtual Matrix) is then further encrypted in dozens other algorithms in different stages to create an avalanche effect. The result is an encrypted file that even if decrypted is completely meaningless since the decrypted data is not the actual data but rather a set of pointers. Considering that each session of VME has a unique different Virtual Matrix and that the data pattern within the Virtual Matrix is completely random and non-redundant, there is no way to derive the data out of the pointer set." This makes no sense, even to an expert.
I seriously doubt that the information is accurate enough to convict a driver of speeding. The poster wrote that the intended use is monitoring traffic jams - this means using statistical methods that average out errors. Saying that the traffic is flowing at X km (miles) per hour is very different from saying that cellphone C is moving at speed Y.
As to privacy, the location of each cellphone is already available to law enforcement (even if powered off), so there's no real difference. If you really want to drive to your lover for an afternoon, be sure to remove the battery from your cellular...
I don't know what you mean by "a god of community," but a devout Jew most certainly takes the biblical (and halachaik) commandments personally.
Anyway, it's clear that Einstein totally disbelieved in a god that took the slightest interest in human affairs, at the personal OR the community level.
As to Spinoza's excommunication - thanks for pointing this out. I was unaware that there were different interpretations to the act. I found a decent summary here
Devout Jew? Believer? NOT!
on
Einstein Unveiled
·
· Score: 4, Informative
"I do not believe in a personal God and I have never denied this but have expressed it clearly. If something is in me which can be called religious then it is the unbounded admiration for the structure of the world so far as our science can reveal it." [from Albert Einstein - The Human Side,Selected and Edited by Helen Dukas and Banesh Hoffman, Princeton University Press, 1979]
This certainly doesn't make Einstein a devout Jew - the Jewish religion is very much about a personal god. His god is the same as Spinoza's, and Spinoza was excommunicated by his fellow Jews.
Open with Acrobat Reader, File->Document Properties->Summary... reveals:
Title: Microsoft Word - 3DB823B-1ABD-0AA6.doc
Furthermore, the PDF file was created by http://createpdf.adobe.com - which allows one to upload files and have the processed into PDF - 15 for free, more for $$$.
Seems like they didn't find out that ghostview allows you to generate pdf files as well as view them...
The article is informative and clearly written, but crashdumps are more useful for determining kernel software problems than hardware ones.
If the system is a stable release, and has been running without crashes for about a year, I'd start by running diagnonstics on the hardware - specifically, memory and disk - before trying to debug the kernel.
Er, even if Mary has exactly enough computing power as she needs, she doesn't need it 24x7. An Internet OS would use only *spare* CPU cycles, that is, the tasks would run at very low priority - effectively stopping as soon as Mary moves her mouse.
Slashdot Mirror
Hm. Base 12 is used by everyone on a daily basis, as well as base 60, thanks to the Babylonians.
The main advantage of working in these bases is the large number of divisors each base hase, relative to its size:
10 divides evenly into 2 and 5.
12 divides evenly into 2, 3, 4, and 6.
60 divides evenly into 2, 3, 4, 6, 10, 12, 15, 20 and 30.
This makes it much easier, for example, to divide an hour or a day into quarters and thirds than if these were based on decimal units.
Decimal units, however, are much easier for summing using base 10 arithmetic.
Steve Bellovin has a fascinating page on the subject here
The quote at the beginning has become one of my favourite metaphors for describing a process that should be close to impossible:
"Bypassing a PAL should be, as one weapons designer graphically put it, about as complex as performing a tonsillectomy while entering the patient from the wrong end."
A solution that works for many is PasswordSafe. This is a small application that keeps all passwords encrypted (using the Blowfish algorithm). Entries are presented either as a flat list or tree, and double-clicking an entry decrypts the password and copies it to the clipboard. The project originally came from Counterpane, Bruce Schneier's company, and is regarded as a useful and secure application.
PasswordSafe has random password generation that can be customized rather nicely.
Of course, the PasswordSafe database itself needs to protected by a passphrase...
[Disclaimer: I'm currently the project admin for PasswordSafe.]
The book may be flawed in that it doesn't look at other toolkits, but I don't think that his motivation is to sell cryptlib, which is available "under the GPL-compatible Sleepycat dual license, which means you can use it under the GPL terms or under standard commercial terms, depending on your preference." [http://www.cs.auckland.ac.nz/~pgut001/]
In a short story entitled "Silence Please", first published in Science-Fantasy #2, 1950, later in a collection in 1957, "Tales from the White Hart" (reprinted in 1970 by Harcourt, Brace & World Inc., New York).
Quite funny, even if he does take some liberties with the laws of physics.
(1) PasswordSafe is not what is described in the patent application, but rather a password storage application that allows you to conveniently copy a selected password to the paste buffer.
(2) PasswordSafe is now and Open Source project, and available on Windows and PocketPC: http://passwordsafe.sourceforge.net/
Linux is already being used on Smartphones, by Motorola and at least one other Asian manufacturer (Sharp, I think).
Aside from that, it is nice to play with, and that's how it's being developed, mainly as a hobby, like most OpenSource software...
Do you really want to add radioactivity to the list of issues that need to be addressed when disposing an old PC? (Yes, I know that the radioactive source would be too weak to be dangerous - try explaining that to a greenie)
All radioactive sources decay with time. This means yet another limitation on the lifetime of your PC. Worse, the failure mode is less benign (and more subtle) than the clock not keeping time...
Ed Felten has a valid point about the need to choose a threat model, and to stick to that choice.
However, he has not convinced me that the two threat models that he describes are the only ones, or indeed separate threat models at all.
I would view p2p networks as a means to achieving "widespread, but small-scale and unorganized, copying," and not as a separate threat model at all.
I'm also not clear about whom he's addressing: Most DRM advocates are aware of the fact that today's systems will not stop a determined adversary, and only mildly deter a casual user.
People interested in this might also be interested in the rubberhose project.
From the homepage:
"Rubberhose transparently and deniably encrypts disk data, minimising the effectiveness of warrants, coersive interrogations and other compulsive mechanisms, such as U.K RIP legislation. Rubberhose differs from conventional disk encryption systems in that it has an advanced modular architecture, self-test suite, is more secure, portable, utilises information hiding (steganography / deniable cryptography), works with any file system and has source freely available. Currently supported ciphers are DES, 3DES, IDEA, RC5, RC6, Blowfish, Twofish and CAST."
Professional cryptographer Bruce Schneier used these guys as the exemplar for "Pseudo-mathematical gobbledygook" in the February 1999 issue of his monthly crypto-gram newsletter:
"The base of VME is a Virtual Matrix, a matrix of binary values which is infinity in size in theory and therefore have no redundant value. The data to be encrypted is compared to the data in the Virtual Matrix. Once a match is found, a set of pointers that indicate how to navigate inside the Virtual Matrix is created. That set of pointers (which is worthless unless pointing to the right Virtual Matrix) is then further encrypted in dozens other algorithms in different stages to create an avalanche effect. The result is an encrypted file that even if decrypted is completely meaningless since the decrypted data is not the actual data but rather a set of pointers. Considering that each session of VME has a unique different Virtual Matrix and that the data pattern within the Virtual Matrix is completely random and non-redundant, there is no way to derive the data out of the pointer set." This makes no sense, even to an expert.
Hi,
In all your years of writing:
- What changes do you find in your readers' responses to your column?
- How do think your writing has changed over time?
- What do you want to be when you grow up?
Surely NORAD was tracking this, and has an estimate on where the remains hit the earth.
I seriously doubt that the information is accurate enough to convict a driver of speeding. The poster wrote that the intended use is monitoring traffic jams - this means using statistical methods that average out errors. Saying that the traffic is flowing at X km (miles) per hour is very different from saying that cellphone C is moving at speed Y.
As to privacy, the location of each cellphone is already available to law enforcement (even if powered off), so there's no real difference. If you really want to drive to your lover for an afternoon, be sure to remove the battery from your cellular...
I don't know what you mean by "a god of community," but a devout Jew most certainly takes the biblical (and halachaik) commandments personally.
Anyway, it's clear that Einstein totally disbelieved in a god that took the slightest interest in human affairs, at the personal OR the community level.
As to Spinoza's excommunication - thanks for pointing this out. I was unaware that there were different interpretations to the act. I found a decent summary here
"I do not believe in a personal God and I have never denied this but have expressed it clearly. If something is in me which can be called religious then it is the unbounded admiration for the structure of the world so far as our science can reveal it."
[from Albert Einstein - The Human Side,Selected and Edited by Helen Dukas and Banesh Hoffman, Princeton University Press, 1979]
This certainly doesn't make Einstein a devout Jew - the Jewish religion is very much about a personal god. His god is the same as Spinoza's, and Spinoza was excommunicated by his fellow Jews.
For more about Einstein and religion, see this.
Even quicker:
strings `which tcpdump` | grep "not port 1963"
If this returns nothing, you're clean. Otherwise, the executable contains the hack that makes tcpdump ignore the port.
(Testing via telnet to port 1963 and seeing if tcpdump ignores it fails in our case, since iptables is configure to drop such a connection...)
Alternately, they could have written it using OpenOffice, and used ghostview to generate a pdf file, and providing a nice example of FOSS in use!
Open with Acrobat Reader, File->Document Properties->Summary... reveals:
Title: Microsoft Word - 3DB823B-1ABD-0AA6.doc
Furthermore, the PDF file was created by http://createpdf.adobe.com - which allows one to upload files and have the processed into PDF - 15 for free, more for $$$.
Seems like they didn't find out that ghostview allows you to generate pdf files as well as view them...
Actually, the announcement which was distributed on the openssl-announce mailing list, comes with the patch as an attachment - about 16k long.
Yeah, and it's a really cool application, too.
(sorry, couldn't resist)
A well-written HOWTO, originally for the environmental lobby, but applicable elsewhere, may be found here.
The article is informative and clearly written, but crashdumps are more useful for determining kernel software problems than hardware ones.
If the system is a stable release, and has been running without crashes for about a year, I'd start by running diagnonstics on the hardware - specifically, memory and disk - before trying to debug the kernel.
For those interested in reading the original, the text is available online here (ASCII text) or here (same, zip'ed), courtesy of project Gutenberg.
Consider this the ultimate spoiler.
Er, even if Mary has exactly enough computing power as she needs, she doesn't need it 24x7. An Internet OS would use only *spare* CPU cycles, that is, the tasks would run at very low priority - effectively stopping as soon as Mary moves her mouse.