/dev/random blocks on most unix derived operating systems unless you go to some measures to feed the kernel with a continuous supply of data claiming to be entropic.
Certificates generated with software that trusts/dev/[u]random is what led us to the "Mining your Ps and Qs" problem. Google it if you aren't familiar.
Even if you have a good source of entropy on your platform, the odds are high that neither the OS nor RNGd will use it. On some popular Linux distributions I've used, RNGd fails silently at boot. You have to go and check if you need it to be there. I have a massive bloody linux server farm at my corporation and not one of them has RNGd running and/dev/random blocks after a few bytes. I assume this is normal. It is a symptom of the messed up model we have where we trust software that is not in a position to do what we ask of it.
>The OS is responsible for being a reliable source of trusted entropy.
Yet it cannot possibly be that. The OS has no entropy. It is not a source of entropy. Physical processes are sources of entropy. The OS might be able to demultiplex a source of physical entropy to share it out amongst multiple processes, but as has happened time and time again, we've seen operating systems fail to do exactly that because the OS has no knowledge of whether it's inputs are entropic, and when they are not, you get data that is highly correlated between systems.
The whole set up, where we think the OS will solve a problem it cannot solve in the general case, is brittle and fails frequently. A user land program, invoked by a user, is in no better or worse situation when it comes to doing the right thing, except that the user can run code that is particular to the environment, whereas the OS is necessarily written to work on all platforms, including fully synchronous embedded platforms with zero entropy until the ethernet is up.
Why would you expect the OS to solve your random number problem for you? It's software. It has no means to know what platform it is really running on and no means to understand the min-entropy of any input it sees. It is the wrong thing in the wrong place and it cannot 'guarantee' secure random numbers unless it gets guarantees of min-entropy sources from the hardware it runs on and uses it correctly.
If you hardware doesn't offer a hardware RNG with specific claims for min-entropy or computational bounds on the adversary, find a new vendor, because there isn't any software that's going to solve it for you.
A TB has already been done in SLC, that isn't hard to do... it is however enterprise only and very expensive, thus not of much interest to your average user...
It isn't going to be something that you see for your personal use.
Why not? I want multi TB SSD in full size HDD boxes, that can go into standard PC drive slots. Drives fail, even SSDs. I want to mirror them. 1TB MLC SSDs exist. Put them in a bigger box.
If someone is using goto inappropriately, more often than not, because they're failing to adopt the house style, then the 'new learning' they need does not require years of experience to acquire. It's a five minute conversation, because it's really not that complicated.
Some things in software are complicated. This is not one of them.
He didn't realize the headers defined how structures were laid out in memory.
How does anyone that's worked with C/C++ (assuming from your reference to a.h file) for any length of time NOT understand this?
I don't. There's a sea of header files in many projects that do nothing other than manipulate definitions of names and numbers. Structs are only one of the things you can put in header files.
I'm an EE who works as a programmer, who is currently working on a masters in CS. The general engineering skills involved in EE make me a better programmer than 90% of the CS majors out there.
With few exceptions, I've found that when someone tells me that they are better than 90% of the X out there, I've found that to be false and that the person just doesn't know how little he knows, and he'll go on at length about some arcane little anecdote that "proves" how smart he is.
The more experience I gain, the more I learn and the more I'm regarded as an expert by my peers, the more I'm made aware of how limited my knowledge is and how much we rely on the expertise of others to pull together solutions that have worth and substance.
You are aware that Python will let you arbitrarily indent code within parentheses like that to your heart's content? And that, contrary what the GP said, Python does indeed support multi-line strings?
I am not aware. Can it? How? Not that I'd bother if it does allow that. I appreciate not farting about with begin-end or curly brackets.
While I like Python and spent much of today writing code in it, this (array indexing) is what I hate. I look at that and see n != n. Every time I do some even slightly complicated array indexing, I have to print(f) it to make sure I'm grabbing the right bits.
This has been done to death. If you concentrate the otherwise omnidirectional signal into a beam, it can get improve snr between sender and receiver and so get higher data rates.
The problem is not beamforming. We've been able to dynamically beamform for decades. The problem in mobile packet networks like WiFi is knowing in what direction to point the bloody beam. This is not a solved problem. These researchers have not solved this problem. They've invented a better beam former, when the missing piece is the prescient algorithm that can predict where someone has moved since the last packet.
It's not complicated. Even novice programmers can understand goto error handling. Being an expert developer doesn't actually make a difference here. It just means you've done it more.
I'm not drinking alcohol at all this year (just as an experiment - I'm not a recovering alcoholic or anything like that).
Me too, though for different reasons. I ran out a few years ago and have been too lazy to go to the liquor store (the ABC store here in VA) to get some more. I do like beer, but don't often drink it because, I think, the Hops gives me a headache -- I have an allergy to pine needles.
Yesterday I got out of an annoying parents meeting at my child's school, rushed to the liquor store and found it had closed 30 minutes before the meeting ended. I've been without a G&T ever since. HELP!
her science teacher assigned each student a chapter to teach, and the students taught the class to each other while she sat in the back of the room browsing the web.
That's a well established, well researched and effective teaching method (having kids teach each other, while the teacher guides to keep things on track). Sitting at the back of the class and browsing the web is not. Using any given teaching method doesn't trump classroom management as the #1 most important thing a teacher can do.
I did mean you should use a RAID NAS as a backup device. Have you computers back up their data to the RAID NAS. So when a magnetic drive fails in a computer, you can recover from the NAS. When a NAS drive fails, you can just replace it, because it's a RAID NAS.
>They still use the troublesome Actiontec router that Verizon had
You don't have to use that. The bleed through problem with the Actiontec is that it is the reason they're dragging their feet on IPv6. The Actiontec router doesn't do it.
Yup. I wouldn't pay $1000 for a drive. I just need to wait for the prices to drop.
/dev/random blocks on most unix derived operating systems unless you go to some measures to feed the kernel with a continuous supply of data claiming to be entropic.
Certificates generated with software that trusts /dev/[u]random is what led us to the "Mining your Ps and Qs" problem. Google it if you aren't familiar.
Even if you have a good source of entropy on your platform, the odds are high that neither the OS nor RNGd will use it. On some popular Linux distributions I've used, RNGd fails silently at boot. You have to go and check if you need it to be there. I have a massive bloody linux server farm at my corporation and not one of them has RNGd running and /dev/random blocks after a few bytes. I assume this is normal. It is a symptom of the messed up model we have where we trust software that is not in a position to do what we ask of it.
>The OS is responsible for being a reliable source of trusted entropy.
Yet it cannot possibly be that. The OS has no entropy. It is not a source of entropy. Physical processes are sources of entropy. The OS might be able to demultiplex a source of physical entropy to share it out amongst multiple processes, but as has happened time and time again, we've seen operating systems fail to do exactly that because the OS has no knowledge of whether it's inputs are entropic, and when they are not, you get data that is highly correlated between systems.
The whole set up, where we think the OS will solve a problem it cannot solve in the general case, is brittle and fails frequently. A user land program, invoked by a user, is in no better or worse situation when it comes to doing the right thing, except that the user can run code that is particular to the environment, whereas the OS is necessarily written to work on all platforms, including fully synchronous embedded platforms with zero entropy until the ethernet is up.
Why would you expect the OS to solve your random number problem for you? It's software. It has no means to know what platform it is really running on and no means to understand the min-entropy of any input it sees. It is the wrong thing in the wrong place and it cannot 'guarantee' secure random numbers unless it gets guarantees of min-entropy sources from the hardware it runs on and uses it correctly.
If you hardware doesn't offer a hardware RNG with specific claims for min-entropy or computational bounds on the adversary, find a new vendor, because there isn't any software that's going to solve it for you.
A TB has already been done in SLC, that isn't hard to do... it is however enterprise only and very expensive, thus not of much interest to your average user...
It isn't going to be something that you see for your personal use.
Why not? I want multi TB SSD in full size HDD boxes, that can go into standard PC drive slots. Drives fail, even SSDs. I want to mirror them. 1TB MLC SSDs exist. Put them in a bigger box.
$840 dollars from Samsung translates roughly into $1600 from your optician.
And I am disagreeing with you.
If someone is using goto inappropriately, more often than not, because they're failing to adopt the house style, then the 'new learning' they need does not require years of experience to acquire. It's a five minute conversation, because it's really not that complicated.
Some things in software are complicated. This is not one of them.
My daughter has to put up with a dad who does cryptography.
Maybe it's the modern equivalent.
I got a chemistry set. And the knowledge to turn a light builb into a fairly potent bomb.
I got a chemistry set and a dad with a PhD in chemistry.
He didn't realize the headers defined how structures were laid out in memory.
How does anyone that's worked with C/C++ (assuming from your reference to a .h file) for any length of time NOT understand this?
I don't. There's a sea of header files in many projects that do nothing other than manipulate definitions of names and numbers. Structs are only one of the things you can put in header files.
I'm an EE who works as a programmer, who is currently working on a masters in CS. The general engineering skills involved in EE make me a better programmer than 90% of the CS majors out there.
With few exceptions, I've found that when someone tells me that they are better than 90% of the X out there, I've found that to be false and that the person just doesn't know how little he knows, and he'll go on at length about some arcane little anecdote that "proves" how smart he is.
The more experience I gain, the more I learn and the more I'm regarded as an expert by my peers, the more I'm made aware of how limited my knowledge is and how much we rely on the expertise of others to pull together solutions that have worth and substance.
>FWIW, I an a big fan of renewable power generation too
Sometimes renewable energy comes from a big fan.
You are aware that Python will let you arbitrarily indent code within parentheses like that to your heart's content? And that, contrary what the GP said, Python does indeed support multi-line strings?
I am not aware. Can it? How? Not that I'd bother if it does allow that. I appreciate not farting about with begin-end or curly brackets.
>while in Python it is head = x[:n]; tail = x[n:]
While I like Python and spent much of today writing code in it, this (array indexing) is what I hate. I look at that and see n != n. Every time I do some even slightly complicated array indexing, I have to print(f) it to make sure I'm grabbing the right bits.
This has been done to death. If you concentrate the otherwise omnidirectional signal into a beam, it can get improve snr between sender and receiver and so get higher data rates.
The problem is not beamforming. We've been able to dynamically beamform for decades. The problem in mobile packet networks like WiFi is knowing in what direction to point the bloody beam. This is not a solved problem. These researchers have not solved this problem. They've invented a better beam former, when the missing piece is the prescient algorithm that can predict where someone has moved since the last packet.
From TFA:
>Wayland's developer documentation is comprised of three different pieces.
Where's that guy from Wikipedia to fix their grammar?
Probably don't get what either of the two basic meaning of "Tube" in YouTube mean either.
It's about the internet right?
--TS
The internet is just a series of electron accelerating glass vacuum chambers with a phosphorescent lining on the other end to the electron source.
Don't worry about replacing the battery - they'll be selling you a new car with thinner sheet metal long before the battery wears out.
But will it bend?
It's not complicated. Even novice programmers can understand goto error handling. Being an expert developer doesn't actually make a difference here. It just means you've done it more.
You are the greatest
That's what I said to the bottle of Archery Summit 2012 Premier Cuvée I finished off a couple of days ago.
I'm not drinking alcohol at all this year (just as an experiment - I'm not a recovering alcoholic or anything like that).
Me too, though for different reasons. I ran out a few years ago and have been too lazy to go to the liquor store (the ABC store here in VA) to get some more. I do like beer, but don't often drink it because, I think, the Hops gives me a headache -- I have an allergy to pine needles.
Yesterday I got out of an annoying parents meeting at my child's school, rushed to the liquor store and found it had closed 30 minutes before the meeting ended. I've been without a G&T ever since. HELP!
her science teacher assigned each student a chapter to teach, and the students taught the class to each other while she sat in the back of the room browsing the web.
That's a well established, well researched and effective teaching method (having kids teach each other, while the teacher guides to keep things on track). Sitting at the back of the class and browsing the web is not. Using any given teaching method doesn't trump classroom management as the #1 most important thing a teacher can do.
It's just raining, like it usually does with normal wet drop of water. No sign of gunk on my windscreen.
I did mean you should use a RAID NAS as a backup device. Have you computers back up their data to the RAID NAS.
So when a magnetic drive fails in a computer, you can recover from the NAS. When a NAS drive fails, you can just replace it, because it's a RAID NAS.
>They still use the troublesome Actiontec router that Verizon had
You don't have to use that. The bleed through problem with the Actiontec is that it is the reason they're dragging their feet on IPv6. The Actiontec router doesn't do it.