I have discussed some of the conclusions in Cringley's article on my blog (http://tech.rufy.com/entry/51) to surprising results. I never knew there were so many people reading my blog that were pro-microsoft.
I originally built Web Collaborator in 8,000 lines of PHP over a couple of months. In about 16 hours, I had completely rebuilt it from scratch in the Ruby on Rails framework with 1,000 lines of code.
I have since created sites like The Conjuring Cabaret and S5 Presents, both with astonishing simplicity and rapid development. Rails gives me short-cuts for almost everything I ever want to do with web development.
We have all been scared about Diebold and other black box voting machines, and for good reason. Apparently one of the central machines from Election Systems & Software Inc. tallied 115 votes for Bush in a certain county, while another machine tallied 365 votes for that same county. Which one was right? There is no way to tell, because "it is too hard" to add a printer to a counting machine. It is not like they have been doing that for 30years. But who needs to do a recount when the machines are infallible, right?
Most infuriating of all is that Republican Senator Hagel, the former Senate Ethics Director, resigned after admitting that he owned Election Systems & Software! That's right, the same voting machine maker that 60% of ALL VOTES in the U.S. are counted on, the same one that provably miscounted votes in Ohio and other states, and the same one that refuses to print receipts to recount these votes. No wonder legislation trying to require printers on voting machines is taking so long to get through congress when congressmen can vote themselves into office without a paper trail.
"They were able to check the machine and determine that Bush got 115 votes on that machine, not 4008 votes on that machine." --- They were able to check the machine that had malfunctioned... so how do we know it was accurate? My point was that we need printouts for recounts and that printouts are not hard to do.
Second, please read the article I cite which says "ES&S counts approximately 60 percent of all votes cast in the United States.".
A paper trail helps because at least then there is the possibility of a recount. As it stands, not only can they get away with it, but there is no proof that they got away with anything.
We have all been scared about Diebold and other black box voting machines, and for good reason. Apparently one of the central machines from Election Systems & Software Inc. tallied 115 votes for Bush in a certain county, while another machine tallied 365 votes for that same county. Which one was right? There is no way to tell, because "it is too hard" to add a printer to a counting machine. It is not like they have been doing that for 30years. But who needs to do a recount when the machines are infallible, right?
Most infuriating of all is that Republican Senator Hagel, the former Senate Ethics Director, resigned after admitting that he owned Election Systems & Software! That's right, the same voting machine maker that 60% of ALL VOTES in the U.S. are counted on, the same one that provably miscounted votes in Ohio and other states, and the same one that refuses to print receipts to recount these votes. No wonder legislation trying to require printers on voting machines is taking so long to get through congress when congressmen can vote themselves into office without a paper trail.
Only if you know how to setup a discussion mailing list and a secured repository. With Web Collaborator you just need to type in people's email addresses and it is setup automaticallly.
This website creates a new free and easy way to collaborate. Before Web Collaborator, to collaborate on a project meant passing papers back and forth, hours of painstaking corrections, hundreds of wasted pieces of paper, headaches, and plenty of coffee. Web Collaborator coordinates collaborations automatically, keeping backups of every revision ever made to the project, letting you see who made the changes, and allowing you to focus on the work instead of managing the work. Better yet, it is absolutely free for all uses.
Each project has three components.
The discussion
This is where you can plan your project and discuss which parts of the project that need improvement. This allows you to have a clear vision for the future of your project.
The project
This is your actual project, be it a paper, a poem, a story, a grant or a proposal. Any collaborative writing can be done in this area. A Fog index is embedded within the project to gauge the level of writing. At any time, you can download it as a PDF document to archive or print for a hard copy. You can also protect the project with government standard Rijandel 256 bit encryption so that even a malicious hacker would never be able to get a hold of it.
The history
This section keeps a backup of every revision. You can see word for word, letter for letter what was changed at any point during the project.
Have you given encryption any thought? You do not understand ciphers like the Vernam cipher. Unless you know the key, the encrypted text is a completely random string of letters.
From a completely random string of letters, you can theoretically extract ANY plaintext in the world. That is why the Vernam cipher is uncrackable. Without the key, the message can not be recovered, you will never know when you actually got the right message. For example, playing with enough keys, you might decode the above message as:
Decoded message 1: THE PASSWORD IS YUCK Decoded message 2: THE PASSWORD IS LEFT
How would you know which of the decrypted messages was right? It could have been something completely different (like DINNER AT FIVE).
Not entirely true, in order to perform an undetected man in the middle attack, you need to do two simultaneous man in the middle attacks. Not quite as easy as you might think.
Actually, just to keep things technically correct, in order to do man in the middle attack on quantum encryption, you need to do two simultaneous man in the middle attacks... a lot harder. You probably wouldn't have known that, you should read up on your quantum encryption before making comments like you do.
Actually, I misspoke, and you made a complete fool of yourself. SSH, SSL, and VPNs are all vulnerable to man in the middle attacks, but so is quantum cryptography. Read about it because you obviously don't know a thing about MITM attacks. They are not vulnerabilities in the software behind the programs, they are vulnerabilities due to the nature of communication.
What quantum encryption provides is provable protection against wiretaps. Nobody can passively listen in because the act of listening changes it.
Regarding your closed minded naive thoughts about current encryption being the holy grail for our current needs, I am surprised you are even using the internet because if we follow your train of mind, we would all just keep talking on the phone and sending snail mail because they are inexpensive commodities... you don't have to worry about web servers, cable internet, computers crashing, etc.
I would recommend spending time reading the thread and reading papers on the topic, because obviously you have NO IDEA about quantum computing.
In other words, they have not solved the problem of securely distributing keys. which is the claim to which my original post was responding.
If you knew anything about QC, you would know that it solves the problem of securely distributing keys, that is its main function. The encryption itself takes place out of band using the Vernam cipher.
If you are going to talk, at least know about the terms you are using.
I believe you are approaching this topic all wrong:
The Vernam Cipher, or one-time pad is not a the ''super-duper unbreakable solves all your problems'' cipher that some people think it is.
Yes, the Vernam cipher is unbreakable, because the cipher itself requires all of the things you mention. You talk about random keys as if they might be optional, but they are actually standard necessities. It is a subtle difference, but I hope you can see it. If someone misuses the Vernam cipher, it becomes crackable, but in its nature, it is super-duper unbreakable solve all your problems.
The former is just a very expensive way to make sure someone doesn't tap your line, something which can be done much more easily using SSL or SSH or any other VPN technology.
SSL, SSH, and VPNs are all susceptible to man in the middle attacks. QC could never ever be susceptible to man in the middle attacks. That makes quite a difference.
Also, regarding:
nobody has the technology today to crack 128 bit codes
Have you heard the famed quote supposedly from Bill Gates saying "no one will ever need more than 4 megabytes of RAM."? Furthermore, the NSA hires more mathematicians than any other organization in the world, and the NSA keeps their knowledge to themselves, so there is no telling what capabilities they have.
Nevertheless, no matter how long you wait, no matter how much computer power you put behind it, you could never decipher a message encrypted in the QC system.
To sum up, QC is a big deal: 1) eliminate the remotest possibility of wire-taps 2) provably undecipherable messages
There are a lot of places where security can be enhanced, but these two areas are substancial and worth notice.
The Vernam cipher ( http://en.wikipedia.org/wiki/Vernam_cipher ) which is used to encrypt the data is PROVABLY not crackable. The quantum part is a PROVABLY secure key exchange. It has been proven that this system is uncrackable. It doesn't matter how much computing power you have behind it.
The transmission of the pad IS secure because of the quantum key exchange... the laws of physics ensure that this exchange is secure. Quantum cryptography can tell you whether anyone even tried to compromise the key exchange.
Quantum cryptography solves the transmission problem of the pad.
The Vernam cipher ( http://en.wikipedia.org/wiki/Vernam_cipher ) which is used to encrypt the data is PROVABLY not crackable. The quantum part is a PROVABLY secure key exchange. It has been proven that this system is uncrackable.
But the conventional mathematical algorithm that takes over the actual encryption is the only known unbreakable cypher known to man kind... http://en.wikipedia.org/wiki/Vernam_cipher
Slashdot Mirror
MOG TV already took the title of MTV for Web 2.0: http://mog.com/tv
Thanks Anonymous Coward, I am glad you reminded me.
I have discussed some of the conclusions in Cringley's article on my blog (http://tech.rufy.com/entry/51) to surprising results. I never knew there were so many people reading my blog that were pro-microsoft.
I originally built Web Collaborator in 8,000 lines of PHP over a couple of months. In about 16 hours, I had completely rebuilt it from scratch in the Ruby on Rails framework with 1,000 lines of code.
I have since created sites like The Conjuring Cabaret and S5 Presents, both with astonishing simplicity and rapid development. Rails gives me short-cuts for almost everything I ever want to do with web development.
Please watch this free 30-minute film about black box voting machines.
We have all been scared about Diebold and other black box voting machines, and for good reason. Apparently one of the central machines from Election Systems & Software Inc. tallied 115 votes for Bush in a certain county, while another machine tallied 365 votes for that same county. Which one was right? There is no way to tell, because "it is too hard" to add a printer to a counting machine. It is not like they have been doing that for 30 years. But who needs to do a recount when the machines are infallible, right?
Most infuriating of all is that Republican Senator Hagel, the former Senate Ethics Director, resigned after admitting that he owned Election Systems & Software! That's right, the same voting machine maker that 60% of ALL VOTES in the U.S. are counted on, the same one that provably miscounted votes in Ohio and other states, and the same one that refuses to print receipts to recount these votes. No wonder legislation trying to require printers on voting machines is taking so long to get through congress when congressmen can vote themselves into office without a paper trail.
"They were able to check the machine and determine that Bush got 115 votes on that machine, not 4008 votes on that machine." --- They were able to check the machine that had malfunctioned... so how do we know it was accurate? My point was that we need printouts for recounts and that printouts are not hard to do.
Second, please read the article I cite which says "ES&S counts approximately 60 percent of all votes cast in the United States.".
A paper trail helps because at least then there is the possibility of a recount. As it stands, not only can they get away with it, but there is no proof that they got away with anything.
Please watch this free 30-minute film about black box voting machines.
We have all been scared about Diebold and other black box voting machines, and for good reason. Apparently one of the central machines from Election Systems & Software Inc. tallied 115 votes for Bush in a certain county, while another machine tallied 365 votes for that same county. Which one was right? There is no way to tell, because "it is too hard" to add a printer to a counting machine. It is not like they have been doing that for 30 years. But who needs to do a recount when the machines are infallible, right?
Most infuriating of all is that Republican Senator Hagel, the former Senate Ethics Director, resigned after admitting that he owned Election Systems & Software! That's right, the same voting machine maker that 60% of ALL VOTES in the U.S. are counted on, the same one that provably miscounted votes in Ohio and other states, and the same one that refuses to print receipts to recount these votes. No wonder legislation trying to require printers on voting machines is taking so long to get through congress when congressmen can vote themselves into office without a paper trail.
Only if you know how to setup a discussion mailing list and a secured repository. With Web Collaborator you just need to type in people's email addresses and it is setup automaticallly.
http://webcollaborator.com/
This website creates a new free and easy way to collaborate. Before Web Collaborator, to collaborate on a project meant passing papers back and forth, hours of painstaking corrections, hundreds of wasted pieces of paper, headaches, and plenty of coffee. Web Collaborator coordinates collaborations automatically, keeping backups of every revision ever made to the project, letting you see who made the changes, and allowing you to focus on the work instead of managing the work. Better yet, it is absolutely free for all uses.
Each project has three components.
The discussion
This is where you can plan your project and discuss which parts of the project that need improvement. This allows you to have a clear vision for the future of your project.
The project
This is your actual project, be it a paper, a poem, a story, a grant or a proposal. Any collaborative writing can be done in this area. A Fog index is embedded within the project to gauge the level of writing. At any time, you can download it as a PDF document to archive or print for a hard copy. You can also protect the project with government standard Rijandel 256 bit encryption so that even a malicious hacker would never be able to get a hold of it.
The history
This section keeps a backup of every revision. You can see word for word, letter for letter what was changed at any point during the project.
Have you given encryption any thought? You do not understand ciphers like the Vernam cipher. Unless you know the key, the encrypted text is a completely random string of letters.
Like: JKFGHFJGFKJGFDNVLKLAKKSLJJDGFKDJFHGJKHEHEIIOUO
From a completely random string of letters, you can theoretically extract ANY plaintext in the world. That is why the Vernam cipher is uncrackable. Without the key, the message can not be recovered, you will never know when you actually got the right message. For example, playing with enough keys, you might decode the above message as:
Decoded message 1: THE PASSWORD IS YUCK
Decoded message 2: THE PASSWORD IS LEFT
How would you know which of the decrypted messages was right? It could have been something completely different (like DINNER AT FIVE).
Not entirely true, in order to perform an undetected man in the middle attack, you need to do two simultaneous man in the middle attacks. Not quite as easy as you might think.
It might not prevent man in the middle attacks, but it requires two simultaneous man in the middle attacks.
Actually, just to keep things technically correct, in order to do man in the middle attack on quantum encryption, you need to do two simultaneous man in the middle attacks... a lot harder. You probably wouldn't have known that, you should read up on your quantum encryption before making comments like you do.
Actually, I misspoke, and you made a complete fool of yourself. SSH, SSL, and VPNs are all vulnerable to man in the middle attacks, but so is quantum cryptography. Read about it because you obviously don't know a thing about MITM attacks. They are not vulnerabilities in the software behind the programs, they are vulnerabilities due to the nature of communication.
What quantum encryption provides is provable protection against wiretaps. Nobody can passively listen in because the act of listening changes it.
Regarding your closed minded naive thoughts about current encryption being the holy grail for our current needs, I am surprised you are even using the internet because if we follow your train of mind, we would all just keep talking on the phone and sending snail mail because they are inexpensive commodities... you don't have to worry about web servers, cable internet, computers crashing, etc.
You obviously have no taste for innovation.
I would recommend spending time reading the thread and reading papers on the topic, because obviously you have NO IDEA about quantum computing.
In other words, they have not solved the problem of securely distributing keys. which is the claim to which my original post was responding.
If you knew anything about QC, you would know that it solves the problem of securely distributing keys, that is its main function. The encryption itself takes place out of band using the Vernam cipher.
If you are going to talk, at least know about the terms you are using.
No. All but the vernam cipher are theoretically crackable given enough computer power and time.
I believe you are approaching this topic all wrong:
The Vernam Cipher, or one-time pad is not a the ''super-duper unbreakable solves all your problems'' cipher that some people think it is.
Yes, the Vernam cipher is unbreakable, because the cipher itself requires all of the things you mention. You talk about random keys as if they might be optional, but they are actually standard necessities. It is a subtle difference, but I hope you can see it. If someone misuses the Vernam cipher, it becomes crackable, but in its nature, it is super-duper unbreakable solve all your problems.
You are technically incorrect when you say:
The former is just a very expensive way to make sure someone doesn't tap your line, something which can be done much more easily using SSL or SSH or any other VPN technology.
SSL, SSH, and VPNs are all susceptible to man in the middle attacks. QC could never ever be susceptible to man in the middle attacks. That makes quite a difference.
Also, regarding:
nobody has the technology today to crack 128 bit codes
Have you heard the famed quote supposedly from Bill Gates saying "no one will ever need more than 4 megabytes of RAM."? Furthermore, the NSA hires more mathematicians than any other organization in the world, and the NSA keeps their knowledge to themselves, so there is no telling what capabilities they have.
Nevertheless, no matter how long you wait, no matter how much computer power you put behind it, you could never decipher a message encrypted in the QC system.
To sum up, QC is a big deal:
1) eliminate the remotest possibility of wire-taps
2) provably undecipherable messages
There are a lot of places where security can be enhanced, but these two areas are substancial and worth notice.
"... provides really-tough-to-decode crypto ..."
Correction, it provides provably imposible to crack cryptography.
The Vernam cipher ( http://en.wikipedia.org/wiki/Vernam_cipher ) which is used to encrypt the data is PROVABLY not crackable. The quantum part is a PROVABLY secure key exchange. It has been proven that this system is uncrackable. It doesn't matter how much computing power you have behind it.
The transmission of the pad IS secure because of the quantum key exchange... the laws of physics ensure that this exchange is secure. Quantum cryptography can tell you whether anyone even tried to compromise the key exchange.
Quantum cryptography solves the transmission problem of the pad.
The Vernam cipher ( http://en.wikipedia.org/wiki/Vernam_cipher ) which is used to encrypt the data is PROVABLY not crackable. The quantum part is a PROVABLY secure key exchange. It has been proven that this system is uncrackable.
But the conventional mathematical algorithm that takes over the actual encryption is the only known unbreakable cypher known to man kind... http://en.wikipedia.org/wiki/Vernam_cipher