Actually, any unconditionally secure system I've ever so much as heard of breaks down to a one-time pad.
One-time pads are secure, but totally impractical. The definition of 'random' required for a one-time pad is much stronger than you'd think. Heck, the NSA broke Soviet 'One-time pads' which were reused as little as once, and even some which weren't reused but had been generated by secretaries hitting 'random' keys on a typewriter. That wasn't random enough.
So let's say you've got a one-time pad, and you'd like to encrypt your porn. You need, say, 22,000 random numbers. Which can't be computer generated (because they're not really random -- what you're doing is inputting a stream cipher), which can't be stored online (because then they're accessible), which probably shouldn't even be stored on magnetic media (ditto), and thus should be input by hand. And you'll have to type them in again to decrypt.
What, you missed one? Too bad, there goes your data.
Of course, if you keep it around and you get busted, that doesn't do you much good either. So it's good only to send to somebody else for a message which only has to be secure until it gets there, is a very short message, and who you have personal contact with to exchange very large sheets of random numbers on a fairly frequent basis. (OK, you could always use microfiche or something, but the basic problems remain.)
One-time pads are almost completely impractical for the real world, and are entirely impossible with people you only know virtually.
I suspect color would be difficult to pull off for Handspring, since they are just a liscensee of the Palm OS. I'm not sure if they have the source code (or the permission) to do the hacking that color support would require.
Also, would a dragonball processor be able to handle a color screen? I was under the impression that LCD control is tightly coupled to the dragonball.
Actually, the software's there (think: greyscale mode==color mode;-)); they do have license to modify the hardware (heck, they added a microphone, made it go faster) and the software (modifications to the datebook & calculator), but color is a big drain on batteries. While Handspring execs say that the future is color, they also say they won't do it until it's reasonable on the battery draw.
*IF* the cradle is USB-based, this is good news for you Mac users (if you are using a recent machine). However, considering the shaky support for USB in Linux, that's bad news for the rest of us.
They have serial cradles available for (ack!) $20. I bought one, not knowing if my old palm pro cradle will work. (I got the deluxe model, in green.) As far as Linux compatibility, it's a virtual certainty that the old pilot-xfer stuff should work, as should jpilot, kpilot, etc.
Besides, maybe this will encourage someone to do a nice little USB bit for this. That'd make me extra happy.:-)
> And why weren't you there to celebrate the > expiration of the Diffie-Hellman patents with > the rest of the DC Cypherpunks, and other > luminaries such as Whitfield Diffie himself and > Peter G. Neumann?;-);-)
> Why didn't the BIND folks use Diffie-Hellman > instead? Couldn't this section of BIND be > rewritten to use Diffie-Hellman?
Well, it could be, but D-H is broken. (See Schnier's _Applied_Cryptography_ for details.) The D-H patents only mattered (until they expired) because they applied to all future, better ways of doing the same thing. (Because that's what patents protect.)
> How is it that you are allowed to export the > source code for RSA as long as you intend to use > it for authentication?
Because that's the law. (Well, Federal Regulation, actually, but enforced as law.) Encryption code used only for authentication and not actually for encryption (ie, digital signature-only stuff) is 100% exportable. (Read Schnier for more, again.)
Of course (not that there's really any 'of course' about it), you can pretty much turn any digital signature software into data encryption. So it really doesn't make much difference.
> Can I export a cruise missle to Libya as long as > it's intended to be used as a lawn ornament?
Depends how much the Lybians contribute to the next presidential campaign. (Hey, it worked for the Chinese!)
Aaah, but in my office, all but one person in my group has a Palm device, and we beam stuff to each other all the time. My wife has one, and we beam stuff to each other all the time. At conferences, people beam stuff to each other all the time. If you're in an environment with a high concentration of Palm devices, you use this feature. If you're not, you don't.
I can think of at least two reasons why Vader wouldn't recognize C3PO in the other movies
(1) 3PO wasn't even *finished* when he left Tatooine. Give him a cover and how the heck do you expect him to recoginze 3PO?
Oh, come on! You know Anakin has to return to Tatooine. 2nd film, I bet. (How else does C3PO get off of the planet and reunite with R2D2? Plus he had the dream he freed his mother...
C'mon, it had a built in tape drive, and an IEEE-422 interface included. Neither the TRS-80 or Apple ][ could match that, that's something that even the latest Gateways and Dells don't offer (well, they offer the tape drive, just not the IEEE-422)! On top of that, if you had the right model, you could self destruct your computer with software alone!
You're on crack. The Apple// hardware architecture was more elegant and more open. It wrang much more performance out of the hardware through Woz's severe optimization. There's no contest: Apple// rules.:-)
Of course his distro ships with HUGE proprietary bits, like the Novell support stuff.
If we all ran on Caldera, we'd all be paying licensing fees.
I agree, though, that RH should *ultimately* support LSB, but I'd give them some slack as far as supporting a thing which hasn't actually done anything useful yet -- they're fsstd compliant, which is a good start.
Er, I admit I haven't gotten around to reading Arcadia yet (I'm *not* a Stoppard fan, and SiL was tripe), but romanticism was a revolt *against* the enlightenment, so I don't understand this comment.
Not surprisingly, though, the Romantics produced better art than the Enlightenment.;-)
Slashdot Mirror
Actually, any unconditionally secure system I've ever so much as heard of breaks down to a one-time pad.
One-time pads are secure, but totally impractical. The definition of 'random' required for a one-time pad is much stronger than you'd think. Heck, the NSA broke Soviet 'One-time pads' which were reused as little as once, and even some which weren't reused but had been generated by secretaries hitting 'random' keys on a typewriter. That wasn't random enough.
So let's say you've got a one-time pad, and you'd like to encrypt your porn. You need, say, 22,000 random numbers. Which can't be computer generated (because they're not really random -- what you're doing is inputting a stream cipher), which can't be stored online (because then they're accessible), which probably shouldn't even be stored on magnetic media (ditto), and thus should be input by hand. And you'll have to type them in again to decrypt.
What, you missed one? Too bad, there goes your data.
Of course, if you keep it around and you get busted, that doesn't do you much good either. So it's good only to send to somebody else for a message which only has to be secure until it gets there, is a very short message, and who you have personal contact with to exchange very large sheets of random numbers on a fairly frequent basis. (OK, you could always use microfiche or something, but the basic problems remain.)
One-time pads are almost completely impractical for the real world, and are entirely impossible with people you only know virtually.
But the Handspring site says they're using AAA batteries, and given that they're building them, I trust them more. :-)
Actually, the software's there (think: greyscale mode==color mode ;-)); they do have license to modify the hardware (heck, they added a microphone, made it go faster) and the software (modifications to the datebook & calculator), but color is a big drain on batteries. While Handspring execs say that the future is color, they also say they won't do it until it's reasonable on the battery draw.
They have serial cradles available for (ack!) $20. I bought one, not knowing if my old palm pro cradle will work. (I got the deluxe model, in green.) As far as Linux compatibility, it's a virtual certainty that the old pilot-xfer stuff should work, as should jpilot, kpilot, etc.
Besides, maybe this will encourage someone to do a nice little USB bit for this. That'd make me extra happy. :-)
> And why weren't you there to celebrate the ;-) ;-)
:-)
> expiration of the Diffie-Hellman patents with
> the rest of the DC Cypherpunks, and other
> luminaries such as Whitfield Diffie himself and
> Peter G. Neumann?
Er, I was there, Brad.
> Why didn't the BIND folks use Diffie-Hellman
> instead? Couldn't this section of BIND be
> rewritten to use Diffie-Hellman?
Well, it could be, but D-H is broken. (See Schnier's _Applied_Cryptography_ for details.) The D-H patents only mattered (until they expired) because they applied to all future, better ways of doing the same thing. (Because that's what patents protect.)
> How is it that you are allowed to export the
> source code for RSA as long as you intend to use
> it for authentication?
Because that's the law. (Well, Federal Regulation, actually, but enforced as law.) Encryption code used only for authentication and not actually for encryption (ie, digital signature-only stuff) is 100% exportable. (Read Schnier for more, again.)
Of course (not that there's really any 'of course' about it), you can pretty much turn any digital signature software into data encryption. So it really doesn't make much difference.
> Can I export a cruise missle to Libya as long as > it's intended to be used as a lawn ornament?
Depends how much the Lybians contribute to the next presidential campaign. (Hey, it worked for the Chinese!)
Aaah, but in my office, all but one person in my group has a Palm device, and we beam stuff to each other all the time. My wife has one, and we beam stuff to each other all the time. At conferences, people beam stuff to each other all the time. If you're in an environment with a high concentration of Palm devices, you use this feature. If you're not, you don't.
Oh, come on! You know Anakin has to return to Tatooine. 2nd film, I bet. (How else does C3PO get off of the planet and reunite with R2D2? Plus he had the dream he freed his mother...
You're on crack. The Apple // hardware architecture was more elegant and more open. It wrang much more performance out of the hardware through Woz's severe optimization. There's no contest: Apple // rules. :-)
Of course his distro ships with HUGE proprietary bits, like the Novell support stuff.
If we all ran on Caldera, we'd all be paying licensing fees.
I agree, though, that RH should *ultimately* support LSB, but I'd give them some slack as far as supporting a thing which hasn't actually done anything useful yet -- they're fsstd compliant, which is a good start.
Er, I admit I haven't gotten around to reading Arcadia yet (I'm *not* a Stoppard fan, and SiL was tripe), but romanticism was a revolt *against* the enlightenment, so I don't understand this comment.
;-)
Not surprisingly, though, the Romantics produced better art than the Enlightenment.
Anyone have PAM working with K5? The MIT links were potentially useful, but I was wondering if anyone has actually done and documented this...