The crypto standards community was well aware and openly discussing such things at the time. But no one was listening. It took Snowden to make people listen.
There is a group called SAGE that writes the crypto protocols for cell phones, DECT phones and other ETSI/ITU/3GPP derived standards. They have never knowingly published an unbroken spec. It is widely understood that this group exists to put government sponsored back doors into cordless phones and cell phones.
I attended a 3GPP meeting since LTE was happening. In it, the guy from SAGE was presenting the new link cipher. 3GPP had asked for something based on AES (so SAGE couldn't pull their A5 shit any more). He presenting AES-CTR for the encryption and AES-CBC-MAC for the integrity field. He added in an off hand way that *the integrity field is truncated to 16 bits*.
Since I wasn't there to help them, I didn't question this in the meeting but after the meeting I cornered him an asked why he made it 16 bits (because its obviously stupid), and he did a Gallic shrug of his shoulders and said "Zat ees what zey asked for". So at that point I knew the fix was in.
It's impossible, thanks to HTTPS's encryption method. The MITM can't decrypt packets encrypted with the real server's key, so in order for the MITM to have an encrypted session with the client, it has to use its own certificate. So I think you're mistaken:) I'd love to be proved wrong, however scary the implications.
It's not at all impossible if the client doesn't have a client cert. TLS is just plain broken if you don't use client certs, and normal website browsing doesn't use client certs. So HTTPS is just plain broken.
The actually 'qualified to talk about this shit' scientists I've talked with seemed to be fairly certain they had no clue as to whether low dose radiation was good or bad for humans. Hormesis might make low doses healthier than lower doses. Or maybe it doesn't.
The heating process would be 100% efficient, measure from the point of the output wires of the panels.
Not very cost-efficient upstream of those output wires, though. You could save a good bit of money by skipping the PV panels and harvesting the heat directly instead.
Yes. If you want efficient heating you can have have panels that directly heat water running through black pipes in a vacuum sealed box. The surface area required for a house is a lot smaller than is required for PV panels for a house. So you can put both water heating panels and PV panels up and meet both needs more efficiently. My parents had water heating panels fitted in Wales a few decades ago and they're still running and close to zero external energy has been used to heat the water since.
E.G.. Economy 7 was common in the UK, cheaper electricity at night and people would use storage heaters (radiators with blocks on concrete in them). Heat the blocks up at night. Let the heat out in the day.
Effective local energy storage would solve that problem. Make the panels as efficient as possible and store the resulting energy. Then use the stored energy at the time of peak need.
For instance, if it's going to be used for heating or cooling. Just heat or cool an insulated mass inside the house then run the house air through it during peak load times. The cooling process would not be 100% efficient, but it needn't be less efficient that a normal online AC unit.
The heating process would be 100% efficient, measure from the point of the output wires of the panels.
>Schools are just looking for a cheap method to deliver educational materials digitally.
My daughter's school expects the pupils to bring their own laptop. If you can't afford one, they'll lend you one.
This is way preferable to trying to pick a one-size-fits-all chromebook for all students. Schools cannot administer computers. They try, but get it horribly, horribly wrong.
https://www.google.com/search?...
>Yea, but at this point I think we should just give up on this.
Or maybe if you're in the business of writing security protocols for international standards, hold up your own end by doing a good job.
The crypto standards community was well aware and openly discussing such things at the time. But no one was listening.
It took Snowden to make people listen.
There is a group called SAGE that writes the crypto protocols for cell phones, DECT phones and other ETSI/ITU/3GPP derived standards.
They have never knowingly published an unbroken spec. It is widely understood that this group exists to put government sponsored back doors into cordless phones and cell phones.
I attended a 3GPP meeting since LTE was happening. In it, the guy from SAGE was presenting the new link cipher. 3GPP had asked for something based on AES (so SAGE couldn't pull their A5 shit any more). He presenting AES-CTR for the encryption and AES-CBC-MAC for the integrity field. He added in an off hand way that *the integrity field is truncated to 16 bits*.
Since I wasn't there to help them, I didn't question this in the meeting but after the meeting I cornered him an asked why he made it 16 bits (because its obviously stupid), and he did a Gallic shrug of his shoulders and said "Zat ees what zey asked for". So at that point I knew the fix was in.
>Whatever you think makes server certs "just plain broken" is also possible with client certs.
You need both at the same time to make a session that is MITM resistant.
Yes I love seeing the back of the casinos from the highway when I'm on vacation.
I'll leave it to someone else to explain why you're wrong. I'm working.
It's impossible, thanks to HTTPS's encryption method. The MITM can't decrypt packets encrypted with the real server's key, so in order for the MITM to have an encrypted session with the client, it has to use its own certificate. So I think you're mistaken :) I'd love to be proved wrong, however scary the implications.
It's not at all impossible if the client doesn't have a client cert. TLS is just plain broken if you don't use client certs, and normal website browsing doesn't use client certs. So HTTPS is just plain broken.
>Why?
Curiosity.
In a concrete slab under the house during construction. It's pretty basic stuff.
The actually 'qualified to talk about this shit' scientists I've talked with seemed to be fairly certain they had no clue as to whether low dose radiation was good or bad for humans. Hormesis might make low doses healthier than lower doses. Or maybe it doesn't.
Good to know, since I'm Welsh.
The heating process would be 100% efficient, measure from the point of the output wires of the panels.
Not very cost-efficient upstream of those output wires, though. You could save a good bit of money by skipping the PV panels and harvesting the heat directly instead.
Yes. If you want efficient heating you can have have panels that directly heat water running through black pipes in a vacuum sealed box. The surface area required for a house is a lot smaller than is required for PV panels for a house. So you can put both water heating panels and PV panels up and meet both needs more efficiently. My parents had water heating panels fitted in Wales a few decades ago and they're still running and close to zero external energy has been used to heat the water since.
E.G.. Economy 7 was common in the UK, cheaper electricity at night and people would use storage heaters (radiators with blocks on concrete in them). Heat the blocks up at night. Let the heat out in the day.
Effective local energy storage would solve that problem.
Make the panels as efficient as possible and store the resulting energy. Then use the stored energy at the time of peak need.
For instance, if it's going to be used for heating or cooling. Just heat or cool an insulated mass inside the house then run the house air through it during peak load times. The cooling process would not be 100% efficient, but it needn't be less efficient that a normal online AC unit.
The heating process would be 100% efficient, measure from the point of the output wires of the panels.
There's also a certain founder of Google called Sergey.
You could substitute any name common in the country of your choice to point a finger. I used Sergey only as an example.
Who said Russian? I know an Israeli called Sergey.
Is the irony of Sony being hit by malware lost on people?
http://en.wikipedia.org/wiki/S...
"Yes Sergey, I have this brilliant plan to compile the production malware on a Korean build of Windows. They'll never suspect it was us."
>Schools are just looking for a cheap method to deliver educational materials digitally.
My daughter's school expects the pupils to bring their own laptop. If you can't afford one, they'll lend you one.
This is way preferable to trying to pick a one-size-fits-all chromebook for all students. Schools cannot administer computers. They try, but get it horribly, horribly wrong.
>When you have a device that lasts maybe 5 years of use,
It might last 5 years, but I want a new toy at least every 2 years.
>Cue the shooting down welsh with a bow
What?
I did. What makes you think I didn't?
I don't smoke pot, but know do know how bad statistics work.
I don't want to hear about the nurse. Tell us what you did to get into jail.
>cooking
Home economics you insensitive clod!