simple key to wireless security?
on
802.11 Security
·
· Score: 1
Before you exchange data with another host, simply use Diffie-Hellman to get a symmetric key and then encrypt/decrypt all your communications. I thought SSL solved this problem ages ago.....
first destruction of the Death Star in 'A New Hope'.
As a developer of open-source Gnutella software, I know we have a long ways to go to make p2p as ubiquitous and revolutionary as it can be, but not having legal concerns is a huge relief. I think this ruling will convince the RIAA to offer competing services instead of trying to maintain their unjust monopoly on music distribution. It will also make them go after individual users, which isn't good in general but a better strategy than attacking technology.
This ruling is very similar to Linus' recent views on DRM - don't build policy into technology, because you might disable good uses as well as the bad.
doesn't the plot look like a rehash of T2? "new and improved terminator travels back in time to take out John Connor but is stopped by our favorite old-school terminator, arnold."
i'll see it - don't get me wrong. i'm just a little worried. there does seem more scenes from the future, but are they just filler for the time-travel thread or actually related to a different plot thread? we'll find out....
if foreign governments are having misgivings about using Windows because it is closed source, they surely won't accept Palladium if MS has undue influence and control over the architecture.
the government can do for unemployed technologists. Give them a job at local, state, and federal legislatures explaining to lawmakers how broad statues such as the DMCA outlaw perfectly common sense technologies (routers, firewalls, academic research) and chill innovation in industry and academia.
i'm most impressed. obviously having J2ME support for the GBA is a smart move by Nintendo (i bet they are setting up developers for their next GB, which is rumored to have wireless support built-in). allowing consumers to access the java API is even more impressive - smart idea for allowing home-grown innovations to blossom.
i put off getting a GBA SP but i'll grab one as soon as the java access is available.
not until wireless (802.11 or BlueTooth) is widely deployed will tablet PCs take over. CDMA and GSM technology is a option but from what I understand the transfer rates aren't large enough to be useful.
Prof. Felten,
You are a vocal and staunch proponent of the 'right to tinker'. I understand and support your views on this subject, but I was wondering if you could give us a few examples where the 'right to tinker' was imperative to a major innovation? What innovations may have never come about or been delayed if the 'right to tinker' had never been a assumed privilege of the American citizen?
First off, I'm very happy my question was sent to Mr. Kocher. I was hoping for a little more from his answer, but it is a hard problem that lacks easy answers.
Secondly, I want to make it clear that we are not trying to validate content. Gnutella implementations are by nature content-agnostic - we have no prior knowledge of what a node may share or download and we have no way to control these things. Gnutella simply sets up a communications medium - what is said is up to the individual user.
The features we are trying to implement relate to trust between nodes at either end of a connection - how can a node know that it can 'trust' who it is connected to? 'trust' may denote inclusion in a group of vendors (i.e. LimeWire, BearShare, etc.) or some other delineation. This is a problem because nodes cannot certify who is on the other side of a connection UNLESS the network is fully locked out (i.e. only nodes with proof of access to a secret private key). This has lately become a problem because badly coded clients (that issue too many queries, that send spammy results) have been abusing the open nature of Gnutella.
The jury it still out on Gnutella2 - it isn't clear if a brand new protocol is really necessary or if Gnutella can just be extended to incorporate new features (Gnutella is pretty extensible after GGEP, etc.).
What the jury has already decided on is the bad form that the Gnutella2 developers displayed when they first stole Gnutella's name without the approval of the Gnutella community and then used Gnutella to bootstrap their fledgling network.
You are correct - when it comes down to it, a DRM advocate would have to make her system 'bulletproof'.
Unfortunately, a 'bulletproof' DRM system infringes upon the long-standing principle of fair-use.
So we have two possibilities: 1) if DRM only solves the casual copying problem, the owners of the copyrights aren't happy. 2) if the DRM system is 'bulletproof', the users of the copyright content aren't happy.
Since there hasn't been an innovative compromise that defends against napsterization AND protects fair-use, no one is happy with the state of DRM.
I'm usually not one to question Lessig's ideas, but I do see that this solution can either be 1) exploited by bodies with large amounts of capital (i.e. companies can pay the large continuation fee, whereas smaller fries cannot) or 2) useless if the price to extend copyrights is too low.
I really feel this is one area where compromise won't cut it - copyrights need to be limited, plain and simple. Sometimes to innovate you need to build on other's works, and Congress' bent to continually extend copyright is unjustified.
I loved cs255 but I got killed grade-wise. Interestingly, my bad performance didn't sour me on crypto - I still find it an enthralling subject and I actually find many occasions to use what I learned in a real-world setting.
as a software engineer building open source p2p applications (gnutella), we are faced with a huge problem: how do we establish trust in a open environment where any application that speaks the protocol can participate? we've thought of various cryptographic systems to establish trust, but they have several fatal flaws - they require some sort of centralization (a no-no in a p2p environent), they lock out 'untrusted' vendors, etc.
what can we do to maintain an open environment and establish trust between peers?
I think most applications/jobs that people run these days aren't CPU-bound, so I'd say that offering CPU cycles won't attract much of a customer base. I like the idea though - I just don't think offering CPU is as of yet something that will catch on. CPU cycles are just too cheap these days.
when he says novice users don't need or like tabs. everytime a friend is over my place and watching me surf with mozilla, i always get a 'cool' when i show and explain tabs to them. so i think users like tabs. i also think they need them - i think internet savvy has increased to the point where having multiple browsing tabs would be useful to all.
i wouldn't be surprised if the next version of IE has tabbed browsing.
Some current Gnutella clients could do grid computing pretty easily - I think the question is demand. LimeWire uses Java so technically one could create a 'JobInterface' that could be divided amongst peers for execution (definitely abstracting some issues). The big problem is that the common user doesn't have the need to write programs that need help from disparate peers. Not until there is a very high-level programming language that Joe User could make effective use of AND Joe User has a need for a lot of CPU cycles will Grid Computing features in P2P networks make sense.
Then again, perhaps it is a case of "If you build it, they will come."
I'm just shedding some light on the situation since I interact with the author of those posts. His actions may seem childish, but given the terrible form of the MP people I can't blame him from losing it. When you see your hard work stolen by a bunch of two-bit criminals (the Shareaza folks) - people you have TRIED to reach out to and compromise with, only to be lied to repeatedly - you can get a little hot under the collar.
when we accepted the license agreement when installing XP. so as much as i revile the practice, i'm not sure there is anything we can do except start using open software.
i'm not even trying to be an ass here....
on
Why Nerds Are Unpopular
·
· Score: 4, Insightful
but if i had a quarter for every 'popular' kid from my HS class that later served me my meals at Uno's, Bennigans, etc., I'd be one handspring treo richer.
and yes, if you haven't guessed yet, i'm a nerd;) .
Slashdot Mirror
Before you exchange data with another host, simply use Diffie-Hellman to get a symmetric key and then encrypt/decrypt all your communications. I thought SSL solved this problem ages ago.....
first destruction of the Death Star in 'A New Hope'.
As a developer of open-source Gnutella software, I know we have a long ways to go to make p2p as ubiquitous and revolutionary as it can be, but not having legal concerns is a huge relief. I think this ruling will convince the RIAA to offer competing services instead of trying to maintain their unjust monopoly on music distribution. It will also make them go after individual users, which isn't good in general but a better strategy than attacking technology.
This ruling is very similar to Linus' recent views on DRM - don't build policy into technology, because you might disable good uses as well as the bad.
doesn't the plot look like a rehash of T2? "new and improved terminator travels back in time to take out John Connor but is stopped by our favorite old-school terminator, arnold."
i'll see it - don't get me wrong. i'm just a little worried. there does seem more scenes from the future, but are they just filler for the time-travel thread or actually related to a different plot thread? we'll find out....
if foreign governments are having misgivings about using Windows because it is closed source, they surely won't accept Palladium if MS has undue influence and control over the architecture.
I guess I didn't make it clear, but I was being facetious. That said, I think lawmakers could benefit with some tech expertise at their disposal....
the government can do for unemployed technologists. Give them a job at local, state, and federal legislatures explaining to lawmakers how broad statues such as the DMCA outlaw perfectly common sense technologies (routers, firewalls, academic research) and chill innovation in industry and academia.
i'm most impressed. obviously having J2ME support for the GBA is a smart move by Nintendo (i bet they are setting up developers for their next GB, which is rumored to have wireless support built-in). allowing consumers to access the java API is even more impressive - smart idea for allowing home-grown innovations to blossom.
i put off getting a GBA SP but i'll grab one as soon as the java access is available.
not until wireless (802.11 or BlueTooth) is widely deployed will tablet PCs take over. CDMA and GSM technology is a option but from what I understand the transfer rates aren't large enough to be useful.
April Fools to you too!
Prof. Felten,
You are a vocal and staunch proponent of the 'right to tinker'. I understand and support your views on this subject, but I was wondering if you could give us a few examples where the 'right to tinker' was imperative to a major innovation? What innovations may have never come about or been delayed if the 'right to tinker' had never been a assumed privilege of the American citizen?
Keep up the good work!
First off, I'm very happy my question was sent to Mr. Kocher. I was hoping for a little more from his answer, but it is a hard problem that lacks easy answers.
Secondly, I want to make it clear that we are not trying to validate content. Gnutella implementations are by nature content-agnostic - we have no prior knowledge of what a node may share or download and we have no way to control these things. Gnutella simply sets up a communications medium - what is said is up to the individual user.
The features we are trying to implement relate to trust between nodes at either end of a connection - how can a node know that it can 'trust' who it is connected to? 'trust' may denote inclusion in a group of vendors (i.e. LimeWire, BearShare, etc.) or some other delineation. This is a problem because nodes cannot certify who is on the other side of a connection UNLESS the network is fully locked out (i.e. only nodes with proof of access to a secret private key). This has lately become a problem because badly coded clients (that issue too many queries, that send spammy results) have been abusing the open nature of Gnutella.
The jury it still out on Gnutella2 - it isn't clear if a brand new protocol is really necessary or if Gnutella can just be extended to incorporate new features (Gnutella is pretty extensible after GGEP, etc.).
What the jury has already decided on is the bad form that the Gnutella2 developers displayed when they first stole Gnutella's name without the approval of the Gnutella community and then used Gnutella to bootstrap their fledgling network.
You are correct - when it comes down to it, a DRM advocate would have to make her system 'bulletproof'.
Unfortunately, a 'bulletproof' DRM system infringes upon the long-standing principle of fair-use.
So we have two possibilities:
1) if DRM only solves the casual copying problem, the owners of the copyrights aren't happy.
2) if the DRM system is 'bulletproof', the users of the copyright content aren't happy.
Since there hasn't been an innovative compromise that defends against napsterization AND protects fair-use, no one is happy with the state of DRM.
Let's see:
1) A very usable, nice-looking GUI
2) All the functionality of Unix/Linux
I know there is a 'emulate XP' effort for Linux, but there should really be one to emulate OS X. It gets rid of the two main failings of OS X:
1) Not open
2) Pricey
I'm usually not one to question Lessig's ideas, but I do see that this solution can either be 1) exploited by bodies with large amounts of capital (i.e. companies can pay the large continuation fee, whereas smaller fries cannot) or 2) useless if the price to extend copyrights is too low.
I really feel this is one area where compromise won't cut it - copyrights need to be limited, plain and simple. Sometimes to innovate you need to build on other's works, and Congress' bent to continually extend copyright is unjustified.
I loved cs255 but I got killed grade-wise. Interestingly, my bad performance didn't sour me on crypto - I still find it an enthralling subject and I actually find many occasions to use what I learned in a real-world setting.
as a software engineer building open source p2p applications (gnutella), we are faced with a huge problem: how do we establish trust in a open environment where any application that speaks the protocol can participate? we've thought of various cryptographic systems to establish trust, but they have several fatal flaws - they require some sort of centralization (a no-no in a p2p environent), they lock out 'untrusted' vendors, etc.
what can we do to maintain an open environment and establish trust between peers?
I think most applications/jobs that people run these days aren't CPU-bound, so I'd say that offering CPU cycles won't attract much of a customer base. I like the idea though - I just don't think offering CPU is as of yet something that will catch on. CPU cycles are just too cheap these days.
when he says novice users don't need or like tabs. everytime a friend is over my place and watching me surf with mozilla, i always get a 'cool' when i show and explain tabs to them. so i think users like tabs. i also think they need them - i think internet savvy has increased to the point where having multiple browsing tabs would be useful to all.
i wouldn't be surprised if the next version of IE has tabbed browsing.
"if you build it, they will come...."
is this really news? when i took the xbox home i was convinced i had actually bought a arcade cabinet ;) .
Some current Gnutella clients could do grid computing pretty easily - I think the question is demand. LimeWire uses Java so technically one could create a 'JobInterface' that could be divided amongst peers for execution (definitely abstracting some issues). The big problem is that the common user doesn't have the need to write programs that need help from disparate peers. Not until there is a very high-level programming language that Joe User could make effective use of AND Joe User has a need for a lot of CPU cycles will Grid Computing features in P2P networks make sense.
Then again, perhaps it is a case of "If you build it, they will come."
I'm just shedding some light on the situation since I interact with the author of those posts. His actions may seem childish, but given the terrible form of the MP people I can't blame him from losing it. When you see your hard work stolen by a bunch of two-bit criminals (the Shareaza folks) - people you have TRIED to reach out to and compromise with, only to be lied to repeatedly - you can get a little hot under the collar.
when we accepted the license agreement when installing XP. so as much as i revile the practice, i'm not sure there is anything we can do except start using open software.
but if i had a quarter for every 'popular' kid from my HS class that later served me my meals at Uno's, Bennigans, etc., I'd be one handspring treo richer.
;) .
and yes, if you haven't guessed yet, i'm a nerd
i need to worry more about getting a date than getting moderator poins for slashdot :) .