The techniques used for this attack may be useful attacking other things, so it's good to make it known so new algorithms can be tested for susceptibility to this.
sounded to me like he was thinking about the side work done by factory workers' families back in the early part of the industrial revolution when the factories were unregulated and the workers had to just suck it up.
Where I used to live, there was a bus that went from about 2 blocks from my home to my office. It took twice as long as I could drive it and cost twice as much as I'd spend in gas (though, if I recall, it was a little cheaper than the car if I factored in the IRS standard cents-per-mile costs). If it had been free, I'd have been willing to deal with the extra time, but I couldn't see spending more time and more money.
From where I live now, I don't think there's even that convenient a path.
When I was working at BK, there were times I'd have rather done that than do the cleaning, but I don't recall a time when neither was needed except during some severe weather where we wound up just closing early for safety reasons (blackouts and hot grease do not go well together).
They think they have access to it all, anyway. If so, they're dealing with the first bureaucracy in history that doesn't hide stuff from the boss when it looks bad.
You're right, the method where there's a function that takes the keys and returns a boolean is unlikely. (I would not quite be willing to declare that it will not get used, given the fondness legislators have for meddling, but I do agree with unlikely). Which leaves the key leakage attacks.
Oh, sure, there's ways to require multiple keys. I would be surprised, though, if they seriously considered a plan that involved more than 2 keys (two keys is approximately equivalent to getting a warrant - keyholder 1 wants to do it and keyholder 2 says okay).
However, at a purely technical level, there's going to be something that does the decryption, and it takes the keys. There is no way to guarantee that it cannot be hacked to either work without the keys or leak the keys when they're used, and if either of those happen, eventually you have folks using the decrypter who shouldn't be.
There's also the fact that there's no technical way for this plan to prevent corruption/collusion amongst keyholders. More keys requires a bigger conspiracy or more social engineering, but enough keys to make that really infeasible also makes the decryption itself unwieldy, at which point it'll get bypassed somehow (shared keys, decrypting bigger chunks to avoid having to do more individual operations, etc).
for now. I can see this being quickly targeted as something to hack, so that "share this network" defaults to true, or even so that "share this network" and even "activate wifi sense" is treated as true regardless of actual user setting.
if by "little doodad" you mean the "enable wifi sense" checkbox, you're making the assumption that he has access to it. In his stated scenario he does not; the checkbox is on a device that he does not own but does wish to allow access to wifi that he does own.
At present the only method he appears to have is to modify his ssid, which is (a) clunky and (b) similar to the "do not track" flag in that the observer has to choose to do the right thing, and that's not guaranteed.
The military would at least be able to set actual requirements. Too many of the requirements (one plane to rule them all, built everywhere...) were set by legislators.
That's not at all what the summary says, as best I can tell. Are you referring to one of the linked articles? Because one of them says that the domain owner did not try to sell anything to anyone; the plaintiff made an unsolicited offer.
He doesn't. He's appealing to beliefs, whether supported by science or not - first, the belief that wifi radiation can be dangerous, and second, the belief that his widget is safer than the competition.
Slashdot Mirror
but if it doesn't make that back in 14 years, is it ever going to?
That would be the joke. Lots of humor is based on intentional absurd misunderstanding.
The techniques used for this attack may be useful attacking other things, so it's good to make it known so new algorithms can be tested for susceptibility to this.
He's interpreting it as "it should have used 3-d printed guns as projectiles"
sounded to me like he was thinking about the side work done by factory workers' families back in the early part of the industrial revolution when the factories were unregulated and the workers had to just suck it up.
I want free markets, first.
Where I used to live, there was a bus that went from about 2 blocks from my home to my office. It took twice as long as I could drive it and cost twice as much as I'd spend in gas (though, if I recall, it was a little cheaper than the car if I factored in the IRS standard cents-per-mile costs). If it had been free, I'd have been willing to deal with the extra time, but I couldn't see spending more time and more money.
From where I live now, I don't think there's even that convenient a path.
never mind, they won't have the channels I want.
the router in the local office can probably handle it. The edge router is where they'll skimp on ports.
I wonder what taxes and fees will add. 159 for internet plus 15 for streaming TV is not that far from my current cable bill...
I wonder what the cost to taxpayers would be if NASA were doing their own development and had a similar explosion.
I have never been stung by a bumblebee. Yellowjackets, mostly.
When I was working at BK, there were times I'd have rather done that than do the cleaning, but I don't recall a time when neither was needed except during some severe weather where we wound up just closing early for safety reasons (blackouts and hot grease do not go well together).
which is why it's usually linked to a basic income.
They think they have access to it all, anyway. If so, they're dealing with the first bureaucracy in history that doesn't hide stuff from the boss when it looks bad.
You're right, the method where there's a function that takes the keys and returns a boolean is unlikely. (I would not quite be willing to declare that it will not get used, given the fondness legislators have for meddling, but I do agree with unlikely). Which leaves the key leakage attacks.
Can he get a refund for the unused copy of windows, then?
Oh, sure, there's ways to require multiple keys. I would be surprised, though, if they seriously considered a plan that involved more than 2 keys (two keys is approximately equivalent to getting a warrant - keyholder 1 wants to do it and keyholder 2 says okay).
However, at a purely technical level, there's going to be something that does the decryption, and it takes the keys. There is no way to guarantee that it cannot be hacked to either work without the keys or leak the keys when they're used, and if either of those happen, eventually you have folks using the decrypter who shouldn't be.
There's also the fact that there's no technical way for this plan to prevent corruption/collusion amongst keyholders. More keys requires a bigger conspiracy or more social engineering, but enough keys to make that really infeasible also makes the decryption itself unwieldy, at which point it'll get bypassed somehow (shared keys, decrypting bigger chunks to avoid having to do more individual operations, etc).
Good to know, thank you for the pointers :)
for now. I can see this being quickly targeted as something to hack, so that "share this network" defaults to true, or even so that "share this network" and even "activate wifi sense" is treated as true regardless of actual user setting.
if by "little doodad" you mean the "enable wifi sense" checkbox, you're making the assumption that he has access to it. In his stated scenario he does not; the checkbox is on a device that he does not own but does wish to allow access to wifi that he does own.
At present the only method he appears to have is to modify his ssid, which is (a) clunky and (b) similar to the "do not track" flag in that the observer has to choose to do the right thing, and that's not guaranteed.
can you point to evidence of this?
The military would at least be able to set actual requirements. Too many of the requirements (one plane to rule them all, built everywhere...) were set by legislators.
That's not at all what the summary says, as best I can tell. Are you referring to one of the linked articles? Because one of them says that the domain owner did not try to sell anything to anyone; the plaintiff made an unsolicited offer.
He doesn't. He's appealing to beliefs, whether supported by science or not - first, the belief that wifi radiation can be dangerous, and second, the belief that his widget is safer than the competition.
you paid for the domain, that's commercial activity.