I grade Mathematica notebooks.. we use the Mathematica and Math Everywhere cd/work to teach calc1 and calc2, and sometimes calculus 3...
The average notebook size (what they turn in -- electronic notebook with their work in it) is 3.43 mb.. I have 15 notebooks to grade per class... do the math..:/
Congratulate me.. I am going off the net tonight. Why would I be going off the net in this time that I have to send back graded work (I grade for professors) and I have to register for classes (online only) AND I am going to have to d/l all my coursework/study sheets for my exams that start next Thurs? Why am I going off? Because I am an @home user..
How about this... I am happy that you dont give a damn about @home users leaving -- all because you are getting some spam from @home users. And if I suggested I hope that whatever-state-your-in takes away your drivers license b/c there have been too many "drunk drivers" from your state/country/whatever, I suppose I would be correct by your logic.
Get over it. There are more people losing access tonight than your spammers... people who dont even have modems in their computers any more, who have depended on a dedicated connection for the last K years are losing it too...
I have been scouring message boards and it seems they have some info up at http://www.comcastonline.com/info.htm.
They SAY they dont expect to lose service.. but would you tell 35% of the @home user base that "hey, come friday your SOL."
Btw: dont bother clicking the "Comcast Connection Backup Program" -- this completely amazed me -- it was a REFERRAL link to netzero.. a plain free old netzero account and comcast just got paid for a click through... unbelievable...
Anyways, I hope this bit of info is good news... possibly we may not be SOL..
I have been on comcast @home for a year and a half now. Completely addicted to my connection... Has ANYONE heard what comcast may be doing about this? I know that @home is just the portal/email/webspace/proxy... surely they wouldnt just drop the customers b/c of that would they?
I thought there wern't THAT many of us left. I had the game at some point and loved it.. played mplayer with it ALL the time. Then I got used to Quakemultiplayer and gave up blood for a while. Got the itch for it last year and couldnt find where I had placed it so I went and bought another copy.
Blood didnt have a true 3d engine like quake did but for single player Blood was SSOO much better. If you listen carefully you can still hear the wise cracking caleb and the cheesy showtunes. . .
BTW: in blood it was a "hairspray can" and a match.. not a true "flame thrower" but operated in the same way. Still good.
I didn't feel like setting up the script that was posted there, but I did enjoy the site. Thanks for the post =]
Anyways, even though I didnt feel like setting up the script I still clicked the top10 bulk email links for goto. =] I wonder if the/. effect can be felt straight from net to wallet. . .
These guys want you to pay for their service AND serve advertisements to you? I am betting in a few weeks we will see how AOL has filed suit against Onstar for stealing their business practices... they would be right of course -- who could claim prior art against AOL's practices?
how would they go about doing this? They would have to use some kind of telecommunications equipment so transmission of data/pictures/etc could be available to the doctor in REAL TIME.
AFAIK, any kind of connection between countries will not be instant nor semi-instant. Can you imagine the problems associated with lag or a "disconnection" while in the midst of dangerous surgery?
It is a very interesting concept, but one that should not even be explored until we have the capabilities to give realtime data transmission and to guarentee that random/arbitrary disconnects just dont occur. Doesnt matter how bad your local doctor is if the perfect "virtual" doctor might just disappear on you as he is cutting into a heart...
most uselessly the test these scientists have been doing
Useless tests?
This is an experimental new tool. The scientists are predicting it can be used to detect (say) the membrane surrounding blood vessels, yet these tests are useless?
It would be both foolish and ignorant to test out an EXPERIMENTAL tool that actually MOVES in a surgical life/death environment. What then could be used to test out its detection of slight changes in membrane? Hello? The layer surrounding the yolk would be similiar to the same one you would see in a vessel...
Difference? If the tool screws up with the egg, then you can have scrambled eggs... the result in a person isnt even half as good.
The feature story on Yahoo tomorrow, of course, will be "Oh, we were just joking about the MSN not letting in other web browsers"
It will be shown tomorrow that a not-identified Yahoo executve bet Microsoft's Bill Gates 1 dollar that he could triple the page views of MSN.COM while pissing off the open source crew. Bill Gates, of course [one never to forego a challenge] took this bet. Commenting on the way things turned out, Bill said "Well, you win some, you lose some... this, though, was the most entertainment I got for a buck"
I would think that although major routers being hacked could stall the internet, the real threat STILL exists with computer viruses... at least the real threat economically...
For one, a business can still operate if the network goes down.. that isnt THAT big an issue... ("Sorry fellows, we wont be sending you home just b/c are network is down"), but if the computers that are being operated/worked on could be sending out data and proprietary information... well..:)
Also, for home users... the kind who trust the benevolence of the economic cookie.. you know which ones: "Save my credit card information" on amazon/barnesandnobles checked, along with "Save login information in a cookie" always selected... all that has to be done is to buy up 5-6 items and send to dummy addresses (random ones) before the normal computer user REALLY cares about viruses.. which makes me ask--> why hasnt it happened before? Why hasnt a major virus (code red and nimda anyone?) made purchases after the computer has gone idle for K minutes using the cookies stored on there?
Dont consider yourself ignorant at all... until I saw a reply to you, I thought it stood for "Visual Basic Runtimes.".. I actually took time to try and figure out how having the runtimes would help "compress" better... only thing I could come up with was someone would write a worm that used the VBR, that would delete all things you had on your tivo -- therefor giving you true Infinite compression...
something like an EULA. Why just let them call or pay money in order for you not to get their calls, when them calling you can be a source of income?
Use caller-id and whenever you see a number that does not appear, answer the phone with "Thanks for calling the (whatever) residence. Because of the increasingly large amount of time taken up on the phone I am having to start charging a fee for those who wish to speak to me. By staying on the phone you acknowledge and aquiesce to the fact that you will be held responsible for a 5 doller/minute cost to speak to me. If you do not agree to this, please hang up now" -- since most telemarketers are under strict policies that they can not hang up on customers.. well, it worked for the software industry, right?
BTW: was not saying you were wrong about it, just was at my school and have a few classes to get before I got home.. =)
Anyway, thanks for the information.. I can only hope that a new "patch" for kazaa is made available shortly that fixes this "undocumented feature".. sheesh..:/
Actually, I bet there is a way that they could (not said DID) make it so it had to authenticate to servers, but if the servers are gone, then it doesnt...
Imagine: Real Kazaa clients (say 95% of all people who search on kazaa networks) have an item where they attempt to contact NEED.SECRET.KAZAA.COM... if they can contact them they have the secret id to connect to other people and they force people to have a secret id to connect to them (if a super node)... now, if they attempt to contact NEED.SECRET.KAZAA.COM and it returns nothing (or dns doesnt exist) then it gets no secret password and allows others to connect to it (the client that couldnt find need.blahblah if its a super node). Now, if the network is fully up and the need.secret.kazaa.com goes down, as the super nodes reboot/cycle off kazaa we see a split between the ones that require a code and dont... given a bit of time (only a bit on windows heh) all the super nodes thatq need passes will cycle off, and return withouyt needing them, thus rebuilding the network in such a way that it wont need it...
Thus a company can force people to use kazaa clients (and thus ads) but if ever there servers went down, the kazaa network would still be in place... of course this would still cause a rift between the opensource giFT and kazaa... (still needs a secret code to connect to the super nodes)... it would also stop people (unless almost all people on kazaa decided to) from putting a null entry into their personal dns tables for NEED.PASS.Kazaa.com... if they did that and say, Bob (#1super node) didnt, then they dont have the pass to access bob...
Now this is not saying they did this.. in fact I doubt they did... but if they just happened to do it.. wouldnt it be nice? (nice if not counting how they took down giFT)...
It is what gnutella should have been.. its decentralized so a company failure cant stop it, it is fast (instead of everyone being a node, only high bandy people are super nodes that carry searches), and contains encryption between sender and receiver so noone could tell what was happening...
The thing is, RIAA can sue Morpheus all they want... what are they going to do? Change the webpage that a Morpheus app goes to at the start to be one that says "please stop using this product" -- or maybe just put out an update (giving people the chance to choose to install it or not.. yea!) that disables morpheus...
I think the RIAA's hands are pretty tied in stopping the application... now destroying the morpheus and kazaa owners/coders.. thats in their reach -- but since they cant stop the app, it seems kinda pointless to me (though, I am sure, not to them)...
I dislike working (in a class) in a group -- ESPECIALLY in upper level math and computer science classes...
When you get to a certain level, people tend to either "know their stuff" or dont... (no real in between).. in all the groups I have been "placed" in it has always started with me having to first reteach the lesson/example to my group and then walk them through what we have had to do. Havent had to work in these groups any more since I explained this to my Profs (and scored 99-100% on all tests I have had)...
Of course, in a workplace environment we expect to have weeded out all the people who didnt understand it.. you will be working with (more or less) equals... so it is assumed that you can actually HELP each other, rather than just foisting your work on another person in the guise of asking for help...
So (in other words) I am against working (forced working) in groups in a college/educational setting...
You are ABSOLUTELY right. When I get WinXP Pro (I am trying to maintain a basten against it as of yet) I am installing every damn thing I have on my current box -- including VNC.
I am looking at that pretty white box as I speak right now -- I have been using it for over a month now and it has only gotten more useful to me.
Will I violate the EULA? Yes...
Do I really care? Nope...
Does the EULA actually matter? Nope....
Of course, an interesting problem with this is that remotely logging into your winxp box that is coding from your house is going to probably be stopped... while we may like telecommuting, employers may not like that their precious winxp licenses have been "invalidated" -- (invalidated my ass... when I buy software I BUY that copy.. feh)
Well I do hope to hear how I am wrong when you have a chance. I am not saying that I am not --> in fact I am assured I have quite a few logic flaws in most things I do... I am just curious where they are this time.
What you are saying is that a message would be first encryped with the recipients public key. Then you would encrypt the same message with the governments public key. Possibly interleaving the governments encryped information with the recipients information such that you couldnt just delete the intended government block. This is what I am assuming you mean.
The problem I see here, of course, is that this is effectively doubling the size of the message. It is worth noting that companies use encryption to encrypt valuable trade secrets, and doubling the size of data certainly isnt a good thing. Also, if the companies that manufacture the encryption software release (open) their specs as to if there is a fixed interleaving of governmentmsg and recipientmsg then the governmentmsg could be replaced by, say, A's or another interesting message.
Of course, if this takes hold and the companies release their source, then it would be fairly trivial to just omit the section dealing with creation of a government message in the first place.
Of course, the government private key will be found out. The problem is that "law abiding citizens" will be using this government key (while the criminals do as I suggested), therefor citizens give up their rights to solve nothing...
Thats a very interesting point -- one of which I did not think of at all...
Of course, since public keys would be different lengths, then the encoded message "public key" that you mentioned would be some length X. Say, we can guess that X will be AT LEAST >= 15-20. So one could safely remove the last 15 characters and replace with A's or what have you, and the decryption of it by the intended recipient will not be affected (b/c the decryption will not be affected at all by the backdoor encryption) but won't allow the government to read it.
Now this is a way that encryption companies could make their product "compliant" with regulations, while also thumbing their nose at them. Very cute -- thanks for the heads up!
I have posted on this topic quite a few times before, but I must post again.
I enjoy working with encryption and number theory. I enjoy the theory behind encryption and why it works so successfully.. I will try to explain how it works (to a point) and this is a BIG reason why backdoored encryption can't work.
For this example: Assume use of RSA encryption
The way that this encryption works is it finds a function f[x] that is (to a point) one way. (NOTE: impossible [as of yet] to prove that it is a true one way function but the lower limit on finding the function has never been solved.. so for all purposes as of yet it is oneway). That is... f[k] == k' (k' being encrypted version of k). The way this works is that the function f[x] which is known by everyone and the value k' could be known by someone and still not be able to convert k' back to k. This is serious advanced number theory and requires very specialized hard-to-find functions.
To allow backdoors (that can be used without having a persons program but only the encoded message) is saying that the function f[x] must be modified to the point that there exists a function g[x] (for each SPECIALIZED function f[x] [that is, each persons f[x] is different, but g[x] must decode all of them]) that can decode any function f[x]'s input. Translation: f[k]==k' but g*[k']==k (for any function f[x] specialized). This function g[x] must be found when working out the base of the encryption product and once the function f[x] is worked out so g[x] exist, it stops being a one way function and therefor stops being useful.
So basically, if this happens, we might as all just encode our messages with rot13 and it will be the same as using any new "government approved" encryption... because someone somewhere WILL leak the functions g[x], whatever[x] (for each encryption product).
(For those who are curious, the reason each f[x] is tailored to a specific person is the picking of the keys allows a "trapdoor" as RSA puts it: another part of the function f[x] that is not mandated at production time. Of course, if a g[x] can decrypt the f[x] (no matter specialized) then the trapdoor theory is useless and serves no purpose therefor weakening it to a childs toy)
And yes, I know I am speaking to the choir here.. the thing is a long time ago I was reading slashdot when someone spoke about encryption and the basics of encryption theory.. it got me interested enough to look at it myself and now I am intrigued by it and am always learning more. My example may have small errors in it.. I hope someone can call me on them if they notice--> its always best to be factually correct...
and I have to admit: there are a few problems but this is good stuff!
Bell labs released FULLY (source code and binaries) of software designed to allow users to access and remotely admin their computers from abroad... the only other thing that does something like this is RAdmin and although it does have a few better points, the software (compared to VNC) doesnt warrent the price.
VNC does have a few problems.. one of the most strange problem that can be fixed (not their fault) would be the lag created by your computer uploading pictures of its entire desktop when anything on it has changed... well, this COULD be fixed by just uploading the changed part of the desktop. RAdmin does this and gets better mouse movement/page display, but not when the entire page is changing... then it is uploading entire page and is just like VNC.
Overall: I have to give it out to these guys at the labs.. to make such a quality product and then release it for free (source included) so anyone can modify it... that also runs from any JAVA enabled browser... these guys deserve major thanks.
Slashdot Mirror
I grade Mathematica notebooks.. we use the Mathematica and Math Everywhere cd/work to teach calc1 and calc2, and sometimes calculus 3...
:/
The average notebook size (what they turn in -- electronic notebook with their work in it) is 3.43 mb.. I have 15 notebooks to grade per class... do the math..
Good riddance???
Congratulate me.. I am going off the net tonight. Why would I be going off the net in this time that I have to send back graded work (I grade for professors) and I have to register for classes (online only) AND I am going to have to d/l all my coursework/study sheets for my exams that start next Thurs? Why am I going off? Because I am an @home user..
How about this... I am happy that you dont give a damn about @home users leaving -- all because you are getting some spam from @home users. And if I suggested I hope that whatever-state-your-in takes away your drivers license b/c there have been too many "drunk drivers" from your state/country/whatever, I suppose I would be correct by your logic.
Get over it. There are more people losing access tonight than your spammers... people who dont even have modems in their computers any more, who have depended on a dedicated connection for the last K years are losing it too...
I have been scouring message boards and it seems they have some info up at http://www.comcastonline.com/info.htm.
They SAY they dont expect to lose service.. but would you tell 35% of the @home user base that "hey, come friday your SOL."
Btw: dont bother clicking the "Comcast Connection Backup Program" -- this completely amazed me -- it was a REFERRAL link to netzero.. a plain free old netzero account and comcast just got paid for a click through... unbelievable...
Anyways, I hope this bit of info is good news... possibly we may not be SOL..
a fellow comcaster.. I just posted a plea for info about comcast @home's backup plan.
I am guessing they dont really have one... that is such a shame...
Yes they have bad policies and it seems I beat you to the dslreports =/ turns out there is nothing in my area... imagine that..
I have been on comcast @home for a year and a half now. Completely addicted to my connection... Has ANYONE heard what comcast may be doing about this? I know that @home is just the portal/email/webspace/proxy... surely they wouldnt just drop the customers b/c of that would they?
Anyone? (Do not mod up please)
Someone remembers the joys of Blood 1 besides me?
I thought there wern't THAT many of us left. I had the game at some point and loved it.. played mplayer with it ALL the time. Then I got used to Quakemultiplayer and gave up blood for a while. Got the itch for it last year and couldnt find where I had placed it so I went and bought another copy.
Blood didnt have a true 3d engine like quake did but for single player Blood was SSOO much better. If you listen carefully you can still hear the wise cracking caleb and the cheesy showtunes. . .
BTW: in blood it was a "hairspray can" and a match.. not a true "flame thrower" but operated in the same way. Still good.
I didn't feel like setting up the script that was posted there, but I did enjoy the site. Thanks for the post =]
/. effect can be felt straight from net to wallet. . .
Anyways, even though I didnt feel like setting up the script I still clicked the top10 bulk email links for goto. =] I wonder if the
Oh my god.. what a new concept... how original..
These guys want you to pay for their service AND serve advertisements to you? I am betting in a few weeks we will see how AOL has filed suit against Onstar for stealing their business practices... they would be right of course -- who could claim prior art against AOL's practices?
Now that the famous pencil trick isn't an option for would-be AMD overclockers
What exactly is this famous pencil trick?
(don't bother modding up for a stupid question, just bear with my ignorance and maybe someone can clue me in?)
Something I have been wondering for a while...
how would they go about doing this? They would have to use some kind of telecommunications equipment so transmission of data/pictures/etc could be available to the doctor in REAL TIME.
AFAIK, any kind of connection between countries will not be instant nor semi-instant. Can you imagine the problems associated with lag or a "disconnection" while in the midst of dangerous surgery?
It is a very interesting concept, but one that should not even be explored until we have the capabilities to give realtime data transmission and to guarentee that random/arbitrary disconnects just dont occur. Doesnt matter how bad your local doctor is if the perfect "virtual" doctor might just disappear on you as he is cutting into a heart...
most uselessly the test these scientists have been doing
Useless tests?
This is an experimental new tool. The scientists are predicting it can be used to detect (say) the membrane surrounding blood vessels, yet these tests are useless?
It would be both foolish and ignorant to test out an EXPERIMENTAL tool that actually MOVES in a surgical life/death environment. What then could be used to test out its detection of slight changes in membrane? Hello? The layer surrounding the yolk would be similiar to the same one you would see in a vessel...
Difference? If the tool screws up with the egg, then you can have scrambled eggs... the result in a person isnt even half as good.
The feature story on Yahoo tomorrow, of course, will be "Oh, we were just joking about the MSN not letting in other web browsers"
It will be shown tomorrow that a not-identified Yahoo executve bet Microsoft's Bill Gates 1 dollar that he could triple the page views of MSN.COM while pissing off the open source crew. Bill Gates, of course [one never to forego a challenge] took this bet. Commenting on the way things turned out, Bill said "Well, you win some, you lose some... this, though, was the most entertainment I got for a buck"
Back to you, john...
I would think that although major routers being hacked could stall the internet, the real threat STILL exists with computer viruses... at least the real threat economically...
:)
For one, a business can still operate if the network goes down.. that isnt THAT big an issue... ("Sorry fellows, we wont be sending you home just b/c are network is down"), but if the computers that are being operated/worked on could be sending out data and proprietary information... well..
Also, for home users... the kind who trust the benevolence of the economic cookie.. you know which ones: "Save my credit card information" on amazon/barnesandnobles checked, along with "Save login information in a cookie" always selected... all that has to be done is to buy up 5-6 items and send to dummy addresses (random ones) before the normal computer user REALLY cares about viruses.. which makes me ask--> why hasnt it happened before? Why hasnt a major virus (code red and nimda anyone?) made purchases after the computer has gone idle for K minutes using the cookies stored on there?
Anyways, I may be wrong..
Dont consider yourself ignorant at all... until I saw a reply to you, I thought it stood for "Visual Basic Runtimes.".. I actually took time to try and figure out how having the runtimes would help "compress" better... only thing I could come up with was someone would write a worm that used the VBR, that would delete all things you had on your tivo -- therefor giving you true Infinite compression...
something like an EULA. Why just let them call or pay money in order for you not to get their calls, when them calling you can be a source of income?
Use caller-id and whenever you see a number that does not appear, answer the phone with "Thanks for calling the (whatever) residence. Because of the increasingly large amount of time taken up on the phone I am having to start charging a fee for those who wish to speak to me. By staying on the phone you acknowledge and aquiesce to the fact that you will be held responsible for a 5 doller/minute cost to speak to me. If you do not agree to this, please hang up now" -- since most telemarketers are under strict policies that they can not hang up on customers.. well, it worked for the software industry, right?
Now that is just a shame...
:/
BTW: was not saying you were wrong about it, just was at my school and have a few classes to get before I got home.. =)
Anyway, thanks for the information.. I can only hope that a new "patch" for kazaa is made available shortly that fixes this "undocumented feature".. sheesh..
Actually, I bet there is a way that they could (not said DID) make it so it had to authenticate to servers, but if the servers are gone, then it doesnt...
Imagine: Real Kazaa clients (say 95% of all people who search on kazaa networks) have an item where they attempt to contact NEED.SECRET.KAZAA.COM... if they can contact them they have the secret id to connect to other people and they force people to have a secret id to connect to them (if a super node)... now, if they attempt to contact NEED.SECRET.KAZAA.COM and it returns nothing (or dns doesnt exist) then it gets no secret password and allows others to connect to it (the client that couldnt find need.blahblah if its a super node). Now, if the network is fully up and the need.secret.kazaa.com goes down, as the super nodes reboot/cycle off kazaa we see a split between the ones that require a code and dont... given a bit of time (only a bit on windows heh) all the super nodes thatq need passes will cycle off, and return withouyt needing them, thus rebuilding the network in such a way that it wont need it...
Thus a company can force people to use kazaa clients (and thus ads) but if ever there servers went down, the kazaa network would still be in place... of course this would still cause a rift between the opensource giFT and kazaa... (still needs a secret code to connect to the super nodes)... it would also stop people (unless almost all people on kazaa decided to) from putting a null entry into their personal dns tables for NEED.PASS.Kazaa.com... if they did that and say, Bob (#1super node) didnt, then they dont have the pass to access bob...
Now this is not saying they did this.. in fact I doubt they did... but if they just happened to do it.. wouldnt it be nice? (nice if not counting how they took down giFT)...
In truth, it cant go "down"...
It is what gnutella should have been.. its decentralized so a company failure cant stop it, it is fast (instead of everyone being a node, only high bandy people are super nodes that carry searches), and contains encryption between sender and receiver so noone could tell what was happening...
The thing is, RIAA can sue Morpheus all they want... what are they going to do? Change the webpage that a Morpheus app goes to at the start to be one that says "please stop using this product" -- or maybe just put out an update (giving people the chance to choose to install it or not.. yea!) that disables morpheus...
I think the RIAA's hands are pretty tied in stopping the application... now destroying the morpheus and kazaa owners/coders.. thats in their reach -- but since they cant stop the app, it seems kinda pointless to me (though, I am sure, not to them)...
I dislike working (in a class) in a group -- ESPECIALLY in upper level math and computer science classes...
When you get to a certain level, people tend to either "know their stuff" or dont... (no real in between).. in all the groups I have been "placed" in it has always started with me having to first reteach the lesson/example to my group and then walk them through what we have had to do. Havent had to work in these groups any more since I explained this to my Profs (and scored 99-100% on all tests I have had)...
Of course, in a workplace environment we expect to have weeded out all the people who didnt understand it.. you will be working with (more or less) equals... so it is assumed that you can actually HELP each other, rather than just foisting your work on another person in the guise of asking for help...
So (in other words) I am against working (forced working) in groups in a college/educational setting...
You are ABSOLUTELY right. When I get WinXP Pro (I am trying to maintain a basten against it as of yet) I am installing every damn thing I have on my current box -- including VNC.
I am looking at that pretty white box as I speak right now -- I have been using it for over a month now and it has only gotten more useful to me.
Will I violate the EULA? Yes...
Do I really care? Nope...
Does the EULA actually matter? Nope....
Of course, an interesting problem with this is that remotely logging into your winxp box that is coding from your house is going to probably be stopped... while we may like telecommuting, employers may not like that their precious winxp licenses have been "invalidated" -- (invalidated my ass... when I buy software I BUY that copy.. feh)
Well I do hope to hear how I am wrong when you have a chance. I am not saying that I am not --> in fact I am assured I have quite a few logic flaws in most things I do... I am just curious where they are this time.
What you are saying is that a message would be first encryped with the recipients public key. Then you would encrypt the same message with the governments public key. Possibly interleaving the governments encryped information with the recipients information such that you couldnt just delete the intended government block. This is what I am assuming you mean.
The problem I see here, of course, is that this is effectively doubling the size of the message. It is worth noting that companies use encryption to encrypt valuable trade secrets, and doubling the size of data certainly isnt a good thing. Also, if the companies that manufacture the encryption software release (open) their specs as to if there is a fixed interleaving of governmentmsg and recipientmsg then the governmentmsg could be replaced by, say, A's or another interesting message.
Of course, if this takes hold and the companies release their source, then it would be fairly trivial to just omit the section dealing with creation of a government message in the first place.
Of course, the government private key will be found out. The problem is that "law abiding citizens" will be using this government key (while the criminals do as I suggested), therefor citizens give up their rights to solve nothing...
Thats a very interesting point -- one of which I did not think of at all...
Of course, since public keys would be different lengths, then the encoded message "public key" that you mentioned would be some length X. Say, we can guess that X will be AT LEAST >= 15-20. So one could safely remove the last 15 characters and replace with A's or what have you, and the decryption of it by the intended recipient will not be affected (b/c the decryption will not be affected at all by the backdoor encryption) but won't allow the government to read it.
Now this is a way that encryption companies could make their product "compliant" with regulations, while also thumbing their nose at them. Very cute -- thanks for the heads up!
I have posted on this topic quite a few times before, but I must post again.
I enjoy working with encryption and number theory. I enjoy the theory behind encryption and why it works so successfully.. I will try to explain how it works (to a point) and this is a BIG reason why backdoored encryption can't work.
For this example: Assume use of RSA encryption
The way that this encryption works is it finds a function f[x] that is (to a point) one way. (NOTE: impossible [as of yet] to prove that it is a true one way function but the lower limit on finding the function has never been solved.. so for all purposes as of yet it is oneway). That is... f[k] == k' (k' being encrypted version of k). The way this works is that the function f[x] which is known by everyone and the value k' could be known by someone and still not be able to convert k' back to k. This is serious advanced number theory and requires very specialized hard-to-find functions.
To allow backdoors (that can be used without having a persons program but only the encoded message) is saying that the function f[x] must be modified to the point that there exists a function g[x] (for each SPECIALIZED function f[x] [that is, each persons f[x] is different, but g[x] must decode all of them]) that can decode any function f[x]'s input. Translation: f[k]==k' but g*[k']==k (for any function f[x] specialized). This function g[x] must be found when working out the base of the encryption product and once the function f[x] is worked out so g[x] exist, it stops being a one way function and therefor stops being useful.
So basically, if this happens, we might as all just encode our messages with rot13 and it will be the same as using any new "government approved" encryption... because someone somewhere WILL leak the functions g[x], whatever[x] (for each encryption product).
(For those who are curious, the reason each f[x] is tailored to a specific person is the picking of the keys allows a "trapdoor" as RSA puts it: another part of the function f[x] that is not mandated at production time. Of course, if a g[x] can decrypt the f[x] (no matter specialized) then the trapdoor theory is useless and serves no purpose therefor weakening it to a childs toy)
And yes, I know I am speaking to the choir here.. the thing is a long time ago I was reading slashdot when someone spoke about encryption and the basics of encryption theory.. it got me interested enough to look at it myself and now I am intrigued by it and am always learning more. My example may have small errors in it.. I hope someone can call me on them if they notice--> its always best to be factually correct...
Thanks.
and I have to admit: there are a few problems but this is good stuff!
Bell labs released FULLY (source code and binaries) of software designed to allow users to access and remotely admin their computers from abroad... the only other thing that does something like this is RAdmin and although it does have a few better points, the software (compared to VNC) doesnt warrent the price.
VNC does have a few problems.. one of the most strange problem that can be fixed (not their fault) would be the lag created by your computer uploading pictures of its entire desktop when anything on it has changed... well, this COULD be fixed by just uploading the changed part of the desktop. RAdmin does this and gets better mouse movement/page display, but not when the entire page is changing... then it is uploading entire page and is just like VNC.
Overall: I have to give it out to these guys at the labs.. to make such a quality product and then release it for free (source included) so anyone can modify it... that also runs from any JAVA enabled browser... these guys deserve major thanks.