This "fix the law to pardon the crime" issue is underexplored, while it is fundamental to our system. I hope that the NSA spying case is decided by actual experts in Constitutional law and justice, who apply a clear decision on Bush's actions.
In other words, I hope they impeach, convict and hang him:).
Did the 21st Amendment, repealing Prohibition, require freeing bootleggers convicted under the prohibition laws? Did it dismiss all cases being tried? Did it make bootlegging performed while the laws were in effect OK? If it did have those effects, was that the legal process in effect, or the political process which made it impossible to do anything about pending cases?
Because there are separate laws and doctrines for amnesty and pardons. Amnesty is the specific legal principle we're discussing, and it seems necessary to be explicit when amnesty is granted, rather than implicit amnesty when a law is changed.
No, the AC doesn't understand that encrypting the data will make it impossible to just increment the counters by incrementing the encrypted values. Since you're so obnoxious, I'm not going to do any more than just state the facts, reference the kind of "light reading" to which you referred, referring to the definitive cryptography book that I have read, citing my deeper experience with cryptography, and referring to my years of experience.
To which you have added nothing but perpetuating the inane statements of the Anonymous Coward. Despite my requests for any basis on which to take you seriously, especially after my repeated substantial responses to your questions.
So I will go one step further, and one step only. You are a troll, who's got nothing but obnoxious criticism, without any useful info about crypto - or anything else, apparently.
Among other crypto books, I read _Applied Cryptography_ over a decade ago - and I've had an email correspondence with Bruce Schneier since the late 1990s.
But that's not the "light reading" you sarcastically referred to. So I sent you there. A nice favor, especially since your preposterously condescending posts still haven't offered a single useful fact - just whining to back up an Anonymous Coward who apparently understands crypto as little as you do.
"The President, Vice President and all Civil Officers of the United States, shall be removed from Office on Impeachment for and Conviction of, Treason, Bribery, or other high Crimes and Misdemeanors."
" The Senate shall have the sole Power to try all Impeachments."
are pretty spiffy. Clause 7 of that Section is OK, though the second half is sweet:
" Judgment in Cases of Impeachment shall not extend further than to removal from Office, and disqualification to hold and enjoy any Office of honor, Trust or Profit under the United States: but the Party convicted shall nevertheless be liable and subject to Indictment, Trial, Judgment and Punishment, according to Law."
You do some light reading to see that the specification of data fields within an encrypted transaction (or any data transmission) is part of the protocol. Then do some heavy writing: an apology to someone who's been working with cryptography for probably longer than you've been writing. What's your authority credentials?
The spirit of the "no ex post facto laws" section is that Congress can't make a law after the fact to change the rules after someone has acted to change its legality. The basic spirit is that Congress can't make a legal action illegal retroactively. Seems to me the same spirit can't make an illegal action legal retroactively.
That's what pardons are for. And presidents can't pardon themselves. Because presidents' absolutely first responsibility is "to faithfully execute the laws", they cannot be allowed to violate the laws, no matter how much they want to. They have the power, more than any other personj, to have the laws changed to suit them, if the people (in the persons of Congressional representatives) agree.
I think it's obvious to everyone in this case that Bush broke the law, whether they admit it or not. Changing the law doesn't change that. I know we agree about Bush's crime, but it's also important to learn how the Constitution covers even this sleazy Bush campaign. Because we have to learn from these criminal presidential campaigns, to less easily be attacked by them in the future. We obviously didn't learn enough from Watergate and Iran/Contra, to name just a couple. Maybe it's time for a Constitutional amendment that says "the president can not break any law", sick and twisted though that will look.
Hey, why not? The NSA domestic spying already violates the 4th Amendment. And the Republican Congress is willing to violate the spirit of the 9th, "no ex post facto laws", to change the law just to try to make Bush's crimes, breaking the FISA and Constutiotion, "go away".
That's why George Tenet, Director of Central Intelligence ("head spook"), got the Medal of Freedom award from George Bush.
When you represent corporate interests, your number one interest in the government is making it unable to protect people from your corporate operations. The "antigovernment party" controlling the government is like the cat party controlling the mouse guild.
Who types access codes? We used "trusted devices", even when that's an untrustworthy credit card. Even short PINs most people write down somewhere, trusting a slip of paper in their wallet, purse, desk or car. Trust a storage chip with a standard interface to "readers" like mobile phones or just dinky little interface dongles, or PC slots.
Smartcards are the easiest way to do this. "Recharged" from a large repository stored on a person's home network. I'd get more into the key distribution architecture, but I happen to be working under NDA on just such a system. Fancy signing, or even enclosing transaction details as I mentioned, are just leveraging the system towards optimal. Just offering a single onetime password per transaction is such an improvement against most attacks over the current plaintext userid that the minimum implementation is the big win.
When will damages cost the account managers more than switching from plaintext permanent passwords to one-time pad pins? It's not that expensive to switch, but of course much cheaper. Even better is a OTP-encrypted message containing the senderID, recipientID, money amount, and expiration date.
But I guess insurance companies love paying the damages, which rarely accrue to the account manager - rather, to the account holder.
If you haven't noticed the difference since Bush took over, or don't remember the difference when Bush Sr ran things, there's no point explaining it to you. Trust me - it matters.
Paper ballots, even if "spoiled" by abuse after votes are cast on them, still offer lots of evidence. Evidence of the choice of the voter. And evidence of the crime of whoever abused them.
Digital ballots leave no evidence. Hence the much higher risk that they will be abused, and votes rigged by (ab)using them. They're also much cheaper and easier to rig on a large scale, with fewer accomplices. Without physical records, like cheap, familiar, reliable paper, they're worse than useless.
"TIRED OF DIEBOLD BEING A WHIPPING BOY"? What the hell is wrong with you? How about getting Diebold out of the (almost never applied) "whipping seat" by stopping them from rigging elections? You're in Ohio, where the latest count of disenfranchised 2004 voters is over 308,000, where Cuyahoga (Cleveland) County is still indicting criminal poll workers 15 months after the election. Of all of America, Ohioans should be demanding justice for Diebold's crimes. But instead, you're rooting for the "home team", which is screwing all of us. Let me guess who you voted for in the last few elections...
Paper ballots can be mechanically printed for inspection by the voter before it's collected. Extra technology, like video surveillance, can reduce vote fraud even more. Just because you live in Ohio, home of Diebold, doesn't mean you have to be so ignorant about how to count ballots. Or insist that criminal voterigging be ignored just because it happens so much.
Steven Heller, the guy blowing the whistle on Diebold's voterigging crimes is now being persecuted in court with felony charges. Aphor's diary has details of his legal defense. Including an easy way to do something about it: donate a little money to protect his rights, and your right to vote freely.
Well, we are talking about signing/hashing in this story, so that's what inspired my post. Which is a clear enough cost:benefit*risk case.
Double encrypting is valuable too. Encrypting the same message multiply in parallel with the same key/method may weaken the encryption, especially if the attacker knows it's the same original message, because they now have two different chances to guess - one will be easier to guess (first in their guessing sequence). Encrypting the message first with one method/key, then encrypting the encrypted message (f(h(m))) with a different method, but same key (f(k,h(k,m))) or different method and key (f(k,h(l,m))) will be harder to guess by the product of the probabilities of guessing.
But, as I explained originally, double crypto envelopes are more beneficial protection against protocol attacks than pure cryptanalysis. Because whatever went wrong with the envelope they crack, won't go wrong with the other envelope (if you choose different enough methods). That's why it's a simple analysis: it's just like redundant network paths. It doesn't matter what went wrong with one path, as long as the other path survives.
With the exception that I mentioned where attackers can store the half-decrypted message for later, when they have more success against the other method. Which is exactly inverse the risk of the redundant network, as the transmit/store values are themselves reciprocal in those two scenarios.
Sunbird is not a server. If you don't like my questions, and keep getting their sense entirely wrong in various threads, why do you keep challenging me?
Who said it has to be for free? And who says they can't run their fingers through our data as it passes thru their servers?
The fact is that you don't know whether they'll allow public access to a calendaring API, or nonretention of our data. But yet you insist that the only business model possible is the one you can think of, that you think won't work.
There are many possible business models available to Google without their retaining our data. Many of which allow targeted ads. And many of which don't work that way at all. I'm sure Google will find one that works.
Will Google let people use their application logic without requiring we store our personal data on their servers (subject to cracking, government requisition, backup tapes "lost in the mail", etc)? For that matter, how easy is it now to connect our own Jabber networks to Google's version?
And so Tribble, business writer, tells engineers that security is an engineering, not a management, problem. When it is a management problem that can be supported by engineering. Engineering, like everything else at Apple (for which I used to work as an engineer), is run by managers. Who, thankfully, listen to their engineers. Hopefully they'll all ignore Tribble as they usually do everyone at Business Week, and figure out a typically Apple combination of good management and good engineering.
I note the fortune at the bottom of the pages on which I submit these posts says
"Power, like a desolating pestilence, Pollutes whate'er it touches... -- Percy Bysshe Shelley"
This "fix the law to pardon the crime" issue is underexplored, while it is fundamental to our system. I hope that the NSA spying case is decided by actual experts in Constitutional law and justice, who apply a clear decision on Bush's actions.
:).
In other words, I hope they impeach, convict and hang him
Did the 21st Amendment, repealing Prohibition, require freeing bootleggers convicted under the prohibition laws? Did it dismiss all cases being tried? Did it make bootlegging performed while the laws were in effect OK? If it did have those effects, was that the legal process in effect, or the political process which made it impossible to do anything about pending cases?
Because there are separate laws and doctrines for amnesty and pardons. Amnesty is the specific legal principle we're discussing, and it seems necessary to be explicit when amnesty is granted, rather than implicit amnesty when a law is changed.
Also, the Constitution says, in Article 2, Section 2, Clause 1 (the last phrase)
"he [the president] shall have Power to Grant Reprieves and Pardons for Offences against the United States, except in Cases of Impeachment."
That says the president can't pardon (or otherwise reprieve) themself in case of impeachment.
No, the AC doesn't understand that encrypting the data will make it impossible to just increment the counters by incrementing the encrypted values. Since you're so obnoxious, I'm not going to do any more than just state the facts, reference the kind of "light reading" to which you referred, referring to the definitive cryptography book that I have read, citing my deeper experience with cryptography, and referring to my years of experience.
To which you have added nothing but perpetuating the inane statements of the Anonymous Coward. Despite my requests for any basis on which to take you seriously, especially after my repeated substantial responses to your questions.
So I will go one step further, and one step only. You are a troll, who's got nothing but obnoxious criticism, without any useful info about crypto - or anything else, apparently.
Among other crypto books, I read _Applied Cryptography_ over a decade ago - and I've had an email correspondence with Bruce Schneier since the late 1990s.
But that's not the "light reading" you sarcastically referred to. So I sent you there. A nice favor, especially since your preposterously condescending posts still haven't offered a single useful fact - just whining to back up an Anonymous Coward who apparently understands crypto as little as you do.
I like Article 2, Section 4:
"The President, Vice President and all Civil Officers of the United States, shall be removed from Office on Impeachment for and Conviction of, Treason, Bribery, or other high Crimes and Misdemeanors."
Then Article 1, Section 2, Clause 5:
" The House of Representatives shall chuse their Speaker and other Officers; and shall have the sole Power of Impeachment."
and Article 1, Section 3, Clause 6:
" The Senate shall have the sole Power to try all Impeachments."
are pretty spiffy. Clause 7 of that Section is OK, though the second half is sweet:
" Judgment in Cases of Impeachment shall not extend further than to removal from Office, and disqualification to hold and enjoy any Office of honor, Trust or Profit under the United States: but the Party convicted shall nevertheless be liable and subject to Indictment, Trial, Judgment and Punishment, according to Law."
considering Article 2, Section 2, Clause 1 (the last phrase):
"he shall have Power to Grant Reprieves and Pardons for Offences against the United States, except in Cases of Impeachment."
.
You do some light reading to see that the specification of data fields within an encrypted transaction (or any data transmission) is part of the protocol. Then do some heavy writing: an apology to someone who's been working with cryptography for probably longer than you've been writing. What's your authority credentials?
The spirit of the "no ex post facto laws" section is that Congress can't make a law after the fact to change the rules after someone has acted to change its legality. The basic spirit is that Congress can't make a legal action illegal retroactively. Seems to me the same spirit can't make an illegal action legal retroactively.
That's what pardons are for. And presidents can't pardon themselves. Because presidents' absolutely first responsibility is "to faithfully execute the laws", they cannot be allowed to violate the laws, no matter how much they want to. They have the power, more than any other personj, to have the laws changed to suit them, if the people (in the persons of Congressional representatives) agree.
I think it's obvious to everyone in this case that Bush broke the law, whether they admit it or not. Changing the law doesn't change that. I know we agree about Bush's crime, but it's also important to learn how the Constitution covers even this sleazy Bush campaign. Because we have to learn from these criminal presidential campaigns, to less easily be attacked by them in the future. We obviously didn't learn enough from Watergate and Iran/Contra, to name just a couple. Maybe it's time for a Constitutional amendment that says "the president can not break any law", sick and twisted though that will look.
Hey, why not? The NSA domestic spying already violates the 4th Amendment. And the Republican Congress is willing to violate the spirit of the 9th, "no ex post facto laws", to change the law just to try to make Bush's crimes, breaking the FISA and Constutiotion, "go away".
Fibonacci appears in a list of 20 inventions Muslims contributed to make our world, for his work importing Muslim mathematics to Europe hundreds of years after they were produced.
That's why George Tenet, Director of Central Intelligence ("head spook"), got the Medal of Freedom award from George Bush.
When you represent corporate interests, your number one interest in the government is making it unable to protect people from your corporate operations. The "antigovernment party" controlling the government is like the cat party controlling the mouse guild.
Moderation 0
50% Insightful
50% Troll
No point explaining reality to Anonymous Bush TrollMods who haven't learned a thing in the past 5 nightmare years.
"Digits"? Don't you use a computer, Anonymous Coward?
You obviously don't know what encryption is, while you invent some retarded protocol of your own, then blame it on me.
Who types access codes? We used "trusted devices", even when that's an untrustworthy credit card. Even short PINs most people write down somewhere, trusting a slip of paper in their wallet, purse, desk or car. Trust a storage chip with a standard interface to "readers" like mobile phones or just dinky little interface dongles, or PC slots.
Smartcards are the easiest way to do this. "Recharged" from a large repository stored on a person's home network. I'd get more into the key distribution architecture, but I happen to be working under NDA on just such a system. Fancy signing, or even enclosing transaction details as I mentioned, are just leveraging the system towards optimal. Just offering a single onetime password per transaction is such an improvement against most attacks over the current plaintext userid that the minimum implementation is the big win.
When will damages cost the account managers more than switching from plaintext permanent passwords to one-time pad pins? It's not that expensive to switch, but of course much cheaper. Even better is a OTP-encrypted message containing the senderID, recipientID, money amount, and expiration date.
But I guess insurance companies love paying the damages, which rarely accrue to the account manager - rather, to the account holder.
If you haven't noticed the difference since Bush took over, or don't remember the difference when Bush Sr ran things, there's no point explaining it to you. Trust me - it matters.
Those "images of humans" are unborn. When will Tennessee finally protect the unborn from these sensless murders?
Nice FUD.
Paper ballots, even if "spoiled" by abuse after votes are cast on them, still offer lots of evidence. Evidence of the choice of the voter. And evidence of the crime of whoever abused them.
Digital ballots leave no evidence. Hence the much higher risk that they will be abused, and votes rigged by (ab)using them. They're also much cheaper and easier to rig on a large scale, with fewer accomplices. Without physical records, like cheap, familiar, reliable paper, they're worse than useless.
"TIRED OF DIEBOLD BEING A WHIPPING BOY"? What the hell is wrong with you? How about getting Diebold out of the (almost never applied) "whipping seat" by stopping them from rigging elections? You're in Ohio, where the latest count of disenfranchised 2004 voters is over 308,000, where Cuyahoga (Cleveland) County is still indicting criminal poll workers 15 months after the election. Of all of America, Ohioans should be demanding justice for Diebold's crimes. But instead, you're rooting for the "home team", which is screwing all of us. Let me guess who you voted for in the last few elections...
Paper ballots can be mechanically printed for inspection by the voter before it's collected. Extra technology, like video surveillance, can reduce vote fraud even more. Just because you live in Ohio, home of Diebold, doesn't mean you have to be so ignorant about how to count ballots. Or insist that criminal voterigging be ignored just because it happens so much.
Steven Heller, the guy blowing the whistle on Diebold's voterigging crimes is now being persecuted in court with felony charges. Aphor's diary has details of his legal defense. Including an easy way to do something about it: donate a little money to protect his rights, and your right to vote freely.
Well, we are talking about signing/hashing in this story, so that's what inspired my post. Which is a clear enough cost:benefit*risk case.
Double encrypting is valuable too. Encrypting the same message multiply in parallel with the same key/method may weaken the encryption, especially if the attacker knows it's the same original message, because they now have two different chances to guess - one will be easier to guess (first in their guessing sequence). Encrypting the message first with one method/key, then encrypting the encrypted message (f(h(m))) with a different method, but same key (f(k,h(k,m))) or different method and key (f(k,h(l,m))) will be harder to guess by the product of the probabilities of guessing.
But, as I explained originally, double crypto envelopes are more beneficial protection against protocol attacks than pure cryptanalysis. Because whatever went wrong with the envelope they crack, won't go wrong with the other envelope (if you choose different enough methods). That's why it's a simple analysis: it's just like redundant network paths. It doesn't matter what went wrong with one path, as long as the other path survives.
With the exception that I mentioned where attackers can store the half-decrypted message for later, when they have more success against the other method. Which is exactly inverse the risk of the redundant network, as the transmit/store values are themselves reciprocal in those two scenarios.
I'm a born-again GPL2ian. Covered in the blood of Stallman! By the smelly beard of RMS, I will march into the promised distro!
Sunbird is not a server. If you don't like my questions, and keep getting their sense entirely wrong in various threads, why do you keep challenging me?
Who said it has to be for free? And who says they can't run their fingers through our data as it passes thru their servers?
The fact is that you don't know whether they'll allow public access to a calendaring API, or nonretention of our data. But yet you insist that the only business model possible is the one you can think of, that you think won't work.
There are many possible business models available to Google without their retaining our data. Many of which allow targeted ads. And many of which don't work that way at all. I'm sure Google will find one that works.
Will Google let people use their application logic without requiring we store our personal data on their servers (subject to cracking, government requisition, backup tapes "lost in the mail", etc)? For that matter, how easy is it now to connect our own Jabber networks to Google's version?
And so Tribble, business writer, tells engineers that security is an engineering, not a management, problem. When it is a management problem that can be supported by engineering. Engineering, like everything else at Apple (for which I used to work as an engineer), is run by managers. Who, thankfully, listen to their engineers. Hopefully they'll all ignore Tribble as they usually do everyone at Business Week, and figure out a typically Apple combination of good management and good engineering.