I think there is already a mostly-unused torrent-tella-like system. It's really a very good solution, since Gnutella provides very powerful searching and BitTorrent provides high-bandwidth data transfer. This is actually more like using eMule's Kad to share.torrents.
As I mentioned somewhere else, though, people won't move from the index site + centralized trackers + a BitTorrent client until enough indexes and trackers get shut down that they need a new solution.
* The network is much more efficient. * All this network is sharing is torrent metadata (.torrent files), while a BitTorrent client is doing the real transfer. * Their keyword searching system, while allowing for finding the k-nearest keywords, is not fully general like searches on a Gnutella-like system could be.
Sort of. The main point of the Gnutella network (of which Limewire is a client) is searching. The network is inefficient, but it allows for arbitrary searching. This would be along the same vein as using a Gnutella-like network to share.torrent files, then using a BitTorrent client to actually transfer the data. (I haven't read the article, but I suspect their searching network is more efficient than Gnutella.)
To my knowledge, Kademlia uses exact keyword searching, not approximate searching. While distributed hash tables are a fairly effective decentralized searching mechanism, it's tough to move them from exact-match searching to more general searching.
Other DHT systems are also used to list peers for trackerless torrents and to find peers for particular files on networks like eMule (by searching by hash).
Well, the problem is that decentralizing a system that's designed to be centralized (like an index of torrents) sucks. It's part of why file-sharing was so limited prior to Napster -- you have lots of little collections of shared files. What you want is one giant, searchable collection. Now, the decentralized trackers work pretty well. However, good decentralized indexing (hosting.torrent files) isn't too common yet.
Probably the reason for this is that shutting down or breaking one system drives people to develop and move to a new, better system. Without that impetus, they'll continue using whatever they've been using.
Hell, the "catching people who download/share on BitTorrent" hasn't gone terribly well for them, so they're going for the indexes and trackers. As much as I like TPB, the end result will be to drive people to a next-generation trackerless system, which isn't such a bad thing.
Oh, sure -- the only point is that once your encryption is stronger than all your other points of failure, it's no longer worth caring how strong the encryption is.
The important thing is that it's very, very easy to make the encryption itself the strongest link in your security system. If you encrypt with AES-256, then you have to worry about everything but the encryption itself. They might hack into your machine and steal the key, bribe someone to just give them the key or the data, or kidnap you and torture you until you give it up, but they won't brute-force the encryption. All other methods of getting what they want are easier.
"Remember no encryption is so good that it can't be cracked, given sufficient compute power and sufficient time, and that the profits from identity fraud are now sufficient to make it worth criminal gangs while to put significant resource into cracking encryption."
No practical encryption, that is. One-time pads are uncrackable. However, your statement is misleading -- for many types of encryption, "sufficient time" is longer than multiple human lifespans, even with access to a large amount of computing power. It's generally the non-encryption parts of a security system that fail.
In the absence of context, an ionized hydrogen atom and a free proton are the exact same thing.
What I really mean is that it's not like these things have some hidden "memory". If I take a hydrogen atom -- a proton and an electron -- and strip off the electron, the result is just a proton. This proton is no different from a proton that I somehow tore out of a nearby nucleus, or one that was created from other particles in a nuclear reaction. They're all just protons.
There's still the potential for difference, since the terms are not specific. "Hydrogen" might refer only to H-1 (just a proton and an electron), but it might also refer to some mix of H-1, H-2 (deuterium) and H-3 (tritium). Obviously if I ionize the latter, I'll have protons, deuterium ions, and tritium ions, which isn't the same as just protons. Most people I know would not appreciate someone calling that "hydrogen ions", though, since "hydrogen ion" is so often used to refer to free protons.
Consider pure EM radiation, such as that given off by a black-body. Prior to giving off radiation, there is no electric or magnetic field. The sum over all space of the E and M fields when radiation is being given off is still zero. (Makes sense: we've created no charges and no currents, so there should be no static E or M fields.)
Bear in mind that "the field is oscillating" isn't really a clear description. This implies that the field is the medium, but it's not. Consider waves in a medium -- say, water. If you have a tub of water, the water is the medium and the height of the surface is the analogue of the field.
So then you might say, "this must mean the electromagnetic field has some medium that persists throughout all space -- we could call this the ether". That's where field theory comes in to answer things, and I must say I don't understand it nearly well enough to give an explanation.
Close. A free proton and ionized hydrogen are the same. (A proton in the nucleus of a non-hydrogen atom is different.) There seem to be different standards for when which term is used, but I usually see free protons referred to as hydrogen ions. (Obviously if you ionize hydrogen, you should call the result hydrogen ions.)
Particularly on long trips, the majority of the fuel you expend is overcoming air resistance, which depends on your speed and the shape of your car, but not on its mass.
In slower, acceleration-dominated driving (like in the city), the mass of the car plays more of a role. However, 100 lbs difference in passenger weight is negligible compared to the weight of the car. For that matter, it's comparable to the weight of a full tank of gas. And of course it's dwarfed by the effect of driving a smaller (i.e., lighter) car.
See, this is the odd thing. In the US, there's no data you could carry across the border that you couldn't transmit, encrypted, to the same destination. Carrying data in and out makes sense when a network connection doesn't pass the barrier. (So secure facilities don't allow any electronics or data storage devices in or out.) The only thing you can catch with laptop searches are idiots who happen to be traveling.
The only thing they can do to encrypted data streams (or mailing encrypted disks) is traffic analysis -- which they can also do with airline passengers, except if they're on to you, the airline traffic analysts don't need to work very hard to find and detain you.
Of course, as far as I know, neither fingerprints nor having your laptop searched are requirements for entry. They are (according to this case) legally allowed to search your laptop, but they're not performing routine laptop searches.
It's not an important difference in theory, but it is a difference in practice.
First, the USAF isn't asking for people to research vulnerabilities. Second, they're not stipulating (up front) that you can't release vulnerabilities to the public.
Third and most importantly, the government-funded organizations (CERT, Mitre) whose focus is getting vulnerabilities fixed have more influence than the USAF's startup cyberdefense labs.
That's not really true. Free disk blocks have a lot of structure. They're not initialized with random data and they're not maintained at random data. It's not likely that unused blocks on a partition containing a filesystem would just be filled with random data. (Nor is it likely that a hard drive would have a large range not allocated to any partition, for that matter.)
Looking at an unencrypted hard drive, it can be reasonably easy to guess if there is a TrueCrypt partition or not. (Plus, as far as I know, using TrueCrypt under Windows adds registry keys that would indicate this to an analyst.)
However, this is not true on a TrueCrypt volume. It's impossible to reasonably accurately guess if a TrueCrypt volume is stored within another TrueCrypt volume. Unfortunately, it *is* possible for someone to prove that they *don't* have a volume-within-a-volume, since the position of the volume-within-a-volume header is fixed.
If they choose to store the contents of your hard drive for later analysis, not at all. Nor will it protect you against minimally-clever forensics tools.
It depends on what, in particular, you're concerned about. As far as I know, they don't currently routinely search laptops, so it'd be speculation to guess at what a routine search they don't do would miss.
I think there is already a mostly-unused torrent-tella-like system. It's really a very good solution, since Gnutella provides very powerful searching and BitTorrent provides high-bandwidth data transfer. This is actually more like using eMule's Kad to share .torrents.
As I mentioned somewhere else, though, people won't move from the index site + centralized trackers + a BitTorrent client until enough indexes and trackers get shut down that they need a new solution.
No, it's implemented in an Azureus plugin.
I see nothing in the design of their searching network that would preclude implementations independent of Azureus.
* The network is much more efficient.
* All this network is sharing is torrent metadata (.torrent files), while a BitTorrent client is doing the real transfer.
* Their keyword searching system, while allowing for finding the k-nearest keywords, is not fully general like searches on a Gnutella-like system could be.
Sort of. The main point of the Gnutella network (of which Limewire is a client) is searching. The network is inefficient, but it allows for arbitrary searching. This would be along the same vein as using a Gnutella-like network to share .torrent files, then using a BitTorrent client to actually transfer the data. (I haven't read the article, but I suspect their searching network is more efficient than Gnutella.)
To my knowledge, Kademlia uses exact keyword searching, not approximate searching. While distributed hash tables are a fairly effective decentralized searching mechanism, it's tough to move them from exact-match searching to more general searching.
Other DHT systems are also used to list peers for trackerless torrents and to find peers for particular files on networks like eMule (by searching by hash).
Well, the problem is that decentralizing a system that's designed to be centralized (like an index of torrents) sucks. It's part of why file-sharing was so limited prior to Napster -- you have lots of little collections of shared files. What you want is one giant, searchable collection. Now, the decentralized trackers work pretty well. However, good decentralized indexing (hosting .torrent files) isn't too common yet.
Probably the reason for this is that shutting down or breaking one system drives people to develop and move to a new, better system. Without that impetus, they'll continue using whatever they've been using.
Hell, the "catching people who download/share on BitTorrent" hasn't gone terribly well for them, so they're going for the indexes and trackers. As much as I like TPB, the end result will be to drive people to a next-generation trackerless system, which isn't such a bad thing.
Many of us didn't vote for them. Some of us recognize it wouldn't be better if we voted for the other guy.
Oh, sure -- the only point is that once your encryption is stronger than all your other points of failure, it's no longer worth caring how strong the encryption is.
The important thing is that it's very, very easy to make the encryption itself the strongest link in your security system. If you encrypt with AES-256, then you have to worry about everything but the encryption itself. They might hack into your machine and steal the key, bribe someone to just give them the key or the data, or kidnap you and torture you until you give it up, but they won't brute-force the encryption. All other methods of getting what they want are easier.
"Remember no encryption is so good that it can't be cracked, given sufficient compute power and sufficient time, and that the profits from identity fraud are now sufficient to make it worth criminal gangs while to put significant resource into cracking encryption."
No practical encryption, that is. One-time pads are uncrackable. However, your statement is misleading -- for many types of encryption, "sufficient time" is longer than multiple human lifespans, even with access to a large amount of computing power. It's generally the non-encryption parts of a security system that fail.
No, your statement was close to accurate.
In the absence of context, an ionized hydrogen atom and a free proton are the exact same thing.
What I really mean is that it's not like these things have some hidden "memory". If I take a hydrogen atom -- a proton and an electron -- and strip off the electron, the result is just a proton. This proton is no different from a proton that I somehow tore out of a nearby nucleus, or one that was created from other particles in a nuclear reaction. They're all just protons.
There's still the potential for difference, since the terms are not specific. "Hydrogen" might refer only to H-1 (just a proton and an electron), but it might also refer to some mix of H-1, H-2 (deuterium) and H-3 (tritium). Obviously if I ionize the latter, I'll have protons, deuterium ions, and tritium ions, which isn't the same as just protons. Most people I know would not appreciate someone calling that "hydrogen ions", though, since "hydrogen ion" is so often used to refer to free protons.
There are all sorts of fun ways you can spin stories.
"..police dispatcher slain by 18-year-old heterosexual man Devin Moore."
"..police dispatcher slain by 18-year-old non-vegetarian Devin Moore."
"..police dispatcher slain by 18-year-old Darwinist Devin Moore."
Consider pure EM radiation, such as that given off by a black-body. Prior to giving off radiation, there is no electric or magnetic field. The sum over all space of the E and M fields when radiation is being given off is still zero. (Makes sense: we've created no charges and no currents, so there should be no static E or M fields.)
Bear in mind that "the field is oscillating" isn't really a clear description. This implies that the field is the medium, but it's not. Consider waves in a medium -- say, water. If you have a tub of water, the water is the medium and the height of the surface is the analogue of the field.
So then you might say, "this must mean the electromagnetic field has some medium that persists throughout all space -- we could call this the ether". That's where field theory comes in to answer things, and I must say I don't understand it nearly well enough to give an explanation.
Close. A free proton and ionized hydrogen are the same. (A proton in the nucleus of a non-hydrogen atom is different.) There seem to be different standards for when which term is used, but I usually see free protons referred to as hydrogen ions. (Obviously if you ionize hydrogen, you should call the result hydrogen ions.)
I assume by "physics graduate" you mean you majored in it in undergrad.
First, as a physics graduate, you should know better than to use the phrase "believe in" when talking science.
Second, I suppose you haven't had much field theory (can't fault you for that), so the behavior of electromagnetic fields may seem odd.
Particularly on long trips, the majority of the fuel you expend is overcoming air resistance, which depends on your speed and the shape of your car, but not on its mass.
In slower, acceleration-dominated driving (like in the city), the mass of the car plays more of a role. However, 100 lbs difference in passenger weight is negligible compared to the weight of the car. For that matter, it's comparable to the weight of a full tank of gas. And of course it's dwarfed by the effect of driving a smaller (i.e., lighter) car.
It's over 8 years, so it's actually $125,000 per act if there are a thousand such acts a year.
Also, there are significantly more than a thousand such acts a year.
See, this is the odd thing. In the US, there's no data you could carry across the border that you couldn't transmit, encrypted, to the same destination. Carrying data in and out makes sense when a network connection doesn't pass the barrier. (So secure facilities don't allow any electronics or data storage devices in or out.) The only thing you can catch with laptop searches are idiots who happen to be traveling.
The only thing they can do to encrypted data streams (or mailing encrypted disks) is traffic analysis -- which they can also do with airline passengers, except if they're on to you, the airline traffic analysts don't need to work very hard to find and detain you.
Of course, as far as I know, neither fingerprints nor having your laptop searched are requirements for entry. They are (according to this case) legally allowed to search your laptop, but they're not performing routine laptop searches.
It's not an important difference in theory, but it is a difference in practice.
First, the USAF isn't asking for people to research vulnerabilities. Second, they're not stipulating (up front) that you can't release vulnerabilities to the public.
Third and most importantly, the government-funded organizations (CERT, Mitre) whose focus is getting vulnerabilities fixed have more influence than the USAF's startup cyberdefense labs.
That's not really true. Free disk blocks have a lot of structure. They're not initialized with random data and they're not maintained at random data. It's not likely that unused blocks on a partition containing a filesystem would just be filled with random data. (Nor is it likely that a hard drive would have a large range not allocated to any partition, for that matter.)
Looking at an unencrypted hard drive, it can be reasonably easy to guess if there is a TrueCrypt partition or not. (Plus, as far as I know, using TrueCrypt under Windows adds registry keys that would indicate this to an analyst.)
However, this is not true on a TrueCrypt volume. It's impossible to reasonably accurately guess if a TrueCrypt volume is stored within another TrueCrypt volume. Unfortunately, it *is* possible for someone to prove that they *don't* have a volume-within-a-volume, since the position of the volume-within-a-volume header is fixed.
They still teach that sort of thing -- the person in question just isn't paying attention.
That money's primarily going to contractors. So for the most part, that means it's going to security-research firms.
If they choose to store the contents of your hard drive for later analysis, not at all. Nor will it protect you against minimally-clever forensics tools.
It depends on what, in particular, you're concerned about. As far as I know, they don't currently routinely search laptops, so it'd be speculation to guess at what a routine search they don't do would miss.