Maybe the dawn of the $1000+ phone which is designed to be obsolete in a couple of years and need a bunch of dongles and/or new wireless headphones, a case and AppleCare to be viable means our society is in a Mobile Phone Event Horizon.
If that were true, they would be getting a little cheaper with every new product.
This: >a bug in ASLR's implementation on Windows 8 and later will not generate enough entropy (random data) to start application binaries in random memory locations. is the bit that sounds ridiculous. The CPU has an instruction that delivers full entropy data, 64 bits at a time, available from the execution of the first instruction. How can software "not generate enough entropy"?
>Because it might be a valid call. And you haven't told them to.
So TFS is wrong. If they can't tell the difference, then they can't block calls with counterfeit IDs. TFS says they can. So it's the usual incompetently made claims by journalists who can't be bothered to understand what is going on.
My interest is my own. It's in my interest to have more freedom. Freedom to live and work where I choose and not where a government chooses.
>America: love it or leave it.
Go back to the nationalist hole you crawled out of. Other people will come and go as it suits them. America, like every other country is a mixed bag and nationalism is just a form of manipulation to get people to put up with less from their government.
And none of this dual citizen shit. If you become a US citizen, you have to renounce any existing citizenships.
Some countries do not permit you to do so, for example Morocco. And then there are the countries who penalize their (former) Citizens by charging them "expatriation" tax on everything they own if they wish to renounce their citizenship. Well, there is only one that does so. Oh shoot! It's the U.S.!
Standing in a US government office and stating you renounce your prior citizenship doesn't actually cause your prior citizenship to end. Your home government would need to hear about it and agree first. Of course the n-1 commenter doesn't know how it works because the US does ask you to make this pointless gesture when you become a citizen.
Anyone arguing against dual citizenship hates freedom. Why do they hate freedom? Do they want people to have less freedom?
>Phone companies can already block some calls that trick consumers by showing up on Caller ID with fake numbers.
If they can, why don't they?
The current trick seems to be to make a fake ID with my local area code. It obviously fake, the phone company knows it's fake because the area code doesn't match the source and TFS tells me they can block them. So why don't they? I get them every day.
Nope. Part of being happy and successful is being very clear minded about which people are the problems in your life and eliminating them. People never change. Never forgive. Never forget. Eliminate and move on.
Really? Isn't this all textbook stuff, except maybe for my DSA snark? Well DSA is very fragile, so I'll keep on snarking.
Here's a common one: M.H. Devoret and R.J.Schoelkopf , Science, Vol 339, 2013.
This has a diagram with a little green arrow from the 3rd stage to the 4th of the 7 stages of development. Saying we're at stage 3 and getting from the 3rd to the 4th stage is the current problem. That was 2013. We're still waiting.We haven't got to stage 4 (logical memory with longer liftime than physical qubits) from stage 3 (QND measurements for error correction and control). Stage 4 through 7 are entirely unsolved.
For all the supposed major advances in quantum computers, by the metric that matters, we haven't moved in 5 years.
The practical defenses against the hypothesized quantum cryptopocalypse are: Grover Issues: A) Double the key size for symmetric algorithms, MACs B) Double your hash sizes (you can finesse in which situations, but for practical purposes just double them all)
Shor Issues: C) Use Hash based signatures for certificates. D) Replace RSA, DH and ECDH with something else. Lattice crypto is a contender. Some with claim NTRU is fine, but it's not practical.
You shouldn't have been using DSA in the first place. So that's moot.
The dilemma is that the fix for asymmetric key crypto is not clear. Various lattice proposals have come along and been broken. RWLE is a PITA to implement (although that might be getting better soon with some stuff I've seen) and generally we don't know what it's going to be.
On the positive side, it's all BS. They will not build a quantum computer capable of breaking RSA any time soon. TFS makes is sound they they got from 2 bits to 50 bits and so 256 bits are only a short way off. This is grossly misrepresenting the situation. You can make some fragile qbits cohere but you can't do iterative logic on it., You can make a reliable, error corrected qbit, but you can't make reliable error corrected qubits into a memory on which you can perform the quantum logic needed to implement Shor's algorithm. These are the barriers to cross and as far as I can tell, they have remained unsolved for many years. Upping the number of non-ecc qbits doesn't move us towards breaking public key crypto.
I may or may not be proven wrong, but we will have the symmetric upgrades deployed in most new silicon pretty soon and the conference circuit will remain well attended while the lattice crypto work continues. So there will be lots more travel to nice places.
Also, maybe if the shuttle had a human driver, he would have been more careful near a semi truck and stopped further from it. I assume that the visibility from a big truck is quite poor and keep my distance.
Yes this same thing happened to my mom some time ago, and she said she would have stopped further back if she had seen it coming (dump truck); then she got pinched in by other construction vehicles, and an asshat tailgating behind-and still the flagger didn't shout to the damn truck. Luckily it was quickly settled, and my mom was physically unhurt, though shook up!
And my mother too. All the people on the street were yelling at the asshat reversing into my mother's car that was pinched between two commercial vehicles, but the asshat continued reversing.
Is the lava lamp really the source of most of the randomness, or is it kind of a gimmick that people can say and understand? I mean, cmon, the noise in the camera itself is probably already enough, right? They're taking the Nth decimal place of some characteristic of the entire image -- the lava really isn't that important, is it?
You are correct to question this and your intuition is correct. The noise in the camera provides more entropy by a large margin. The better choice would be to put the cap back on the camera lens, so the gain is cranked up and the noise is maximized.
Slashdot Mirror
Noticed this not I have. But then Welsh I am, Boyo.
I'm Welsh, and I will keep this on record in case I decide to be offended by it in the future.
>Outside of that, why WOULDN'T you write a section of code the simplest and most straightforward way possible?
Because finding that way can take years of research. This is noble work if you can get it.
>That's complete bullshit. There's zero science behind that.
Indeed. You don't need frankenwheat to elevate your blood sugar. Regular wheat will do.
It's not the content, it's the repetition. Find a new topic to obsess over.
Maybe the dawn of the $1000+ phone which is designed to be obsolete in a couple of years and need a bunch of dongles and/or new wireless headphones, a case and AppleCare to be viable means our society is in a Mobile Phone Event Horizon.
If that were true, they would be getting a little cheaper with every new product.
Since I was a central member of the team that designed that RNG, I do know it is trustable.
However you, as an AC are not trustable. What basis do you have for the claim that it isn't trustable?
I don't own a bull.
Do you?
Address Space Layout Randomization
http://searchsecurity.techtarg...
This:
>a bug in ASLR's implementation on Windows 8 and later will not generate enough entropy (random data) to start application binaries in random memory locations.
is the bit that sounds ridiculous. The CPU has an instruction that delivers full entropy data, 64 bits at a time, available from the execution of the first instruction. How can software "not generate enough entropy"?
>Because it might be a valid call. And you haven't told them to.
So TFS is wrong. If they can't tell the difference, then they can't block calls with counterfeit IDs. TFS says they can. So it's the usual incompetently made claims by journalists who can't be bothered to understand what is going on.
My interest is my own. It's in my interest to have more freedom. Freedom to live and work where I choose and not where a government chooses.
>America: love it or leave it.
Go back to the nationalist hole you crawled out of. Other people will come and go as it suits them. America, like every other country is a mixed bag and nationalism is just a form of manipulation to get people to put up with less from their government.
And none of this dual citizen shit. If you become a US citizen, you have to renounce any existing citizenships.
Some countries do not permit you to do so, for example Morocco. And then there are the countries who penalize their (former) Citizens by charging them "expatriation" tax on everything they own if they wish to renounce their citizenship. Well, there is only one that does so. Oh shoot! It's the U.S.!
Standing in a US government office and stating you renounce your prior citizenship doesn't actually cause your prior citizenship to end. Your home government would need to hear about it and agree first. Of course the n-1 commenter doesn't know how it works because the US does ask you to make this pointless gesture when you become a citizen.
Anyone arguing against dual citizenship hates freedom. Why do they hate freedom? Do they want people to have less freedom?
>Phone companies can already block some calls that trick consumers by showing up on Caller ID with fake numbers.
If they can, why don't they?
The current trick seems to be to make a fake ID with my local area code. It obviously fake, the phone company knows it's fake because the area code doesn't match the source and TFS tells me they can block them. So why don't they? I get them every day.
Nope. Part of being happy and successful is being very clear minded about which people are the problems in your life and eliminating them. People never change. Never forgive. Never forget. Eliminate and move on.
iOS autocorrupts apostrophes and double quotes to SmartQuotes by default, which slashdot doesn't handle.
https://www.jordanmerrick.com/...
FWIW, Latex is pretty stupid with quotes too.
It's only easier if you have a happy hacking keyboard with the control key in the right place. None of that control key bottom left nonsense.
And an escape key.
This video is not exactly crystal-clear...
Noise is correlated between qubits, so it adds up rather than canceling out.
In the hardware I'm responsible for the answer is by the end of the decade.
I agree that browser security and PKI are basket cases. They will do as they have always done and will make changes when it's too late.
Really? Isn't this all textbook stuff, except maybe for my DSA snark? Well DSA is very fragile, so I'll keep on snarking.
Here's a common one: M.H. Devoret and R.J.Schoelkopf , Science, Vol 339, 2013.
This has a diagram with a little green arrow from the 3rd stage to the 4th of the 7 stages of development. Saying we're at stage 3 and getting from the 3rd to the 4th stage is the current problem. That was 2013. We're still waiting.We haven't got to stage 4 (logical memory with longer liftime than physical qubits) from stage 3 (QND measurements for error correction and control). Stage 4 through 7 are entirely unsolved.
For all the supposed major advances in quantum computers, by the metric that matters, we haven't moved in 5 years.
I was expecting some crackpot video, but no, it was a real academic with real work.
Nice talk.
The practical defenses against the hypothesized quantum cryptopocalypse are:
Grover Issues:
A) Double the key size for symmetric algorithms, MACs
B) Double your hash sizes (you can finesse in which situations, but for practical purposes just double them all)
Shor Issues:
C) Use Hash based signatures for certificates.
D) Replace RSA, DH and ECDH with something else. Lattice crypto is a contender. Some with claim NTRU is fine, but it's not practical.
You shouldn't have been using DSA in the first place. So that's moot.
The dilemma is that the fix for asymmetric key crypto is not clear. Various lattice proposals have come along and been broken. RWLE is a PITA to implement (although that might be getting better soon with some stuff I've seen) and generally we don't know what it's going to be.
On the positive side, it's all BS. They will not build a quantum computer capable of breaking RSA any time soon. TFS makes is sound they they got from 2 bits to 50 bits and so 256 bits are only a short way off. This is grossly misrepresenting the situation. You can make some fragile qbits cohere but you can't do iterative logic on it., You can make a reliable, error corrected qbit, but you can't make reliable error corrected qubits into a memory on which you can perform the quantum logic needed to implement Shor's algorithm. These are the barriers to cross and as far as I can tell, they have remained unsolved for many years. Upping the number of non-ecc qbits doesn't move us towards breaking public key crypto.
I may or may not be proven wrong, but we will have the symmetric upgrades deployed in most new silicon pretty soon and the conference circuit will remain well attended while the lattice crypto work continues. So there will be lots more travel to nice places.
I think RENTING a father for 8 YEARS takes it to a new level.
It's cheaper than the real thing.
Also, maybe if the shuttle had a human driver, he would have been more careful near a semi truck and stopped further from it. I assume that the visibility from a big truck is quite poor and keep my distance.
Yes this same thing happened to my mom some time ago, and she said she would have stopped further back if she had seen it coming (dump truck); then she got pinched in by other construction vehicles, and an asshat tailgating behind-and still the flagger didn't shout to the damn truck. Luckily it was quickly settled, and my mom was physically unhurt, though shook up!
And my mother too. All the people on the street were yelling at the asshat reversing into my mother's car that was pinched between two commercial vehicles, but the asshat continued reversing.
Is the lava lamp really the source of most of the randomness, or is it kind of a gimmick that people can say and understand? I mean, cmon, the noise in the camera itself is probably already enough, right? They're taking the Nth decimal place of some characteristic of the entire image -- the lava really isn't that important, is it?
You are correct to question this and your intuition is correct. The noise in the camera provides more entropy by a large margin. The better choice would be to put the cap back on the camera lens, so the gain is cranked up and the noise is maximized.
Dieharder has a handful of suspect tests. You can safely ignore them.
What's worse is when the certification tests are broken. Here is this old slashdotter's evaluation: https://github.com/dj-on-githu...