Studies have been done where they have a non-symetric character, let's take "R", and display it on a screen at varying rotated angles, it is either a mirror image, or a non-mirror image. The job of the participants was to identify if the R were mirrored, or not.
They found that the time for the participants to respond, in all cases, was linearly related to the rotation of the letter.
This shows that they were mentally rotating the character in a languageless manner, then deciding if it were mirrored or not.
This was a proof (on the same order of validity as this experiment) that language does NOT influence all thought. At least in the area of physical manipulations, humans perform these though processes without language.
Right, I was saying you could through out the yo, but I'm not talking about throwing out the "backwards N", I'm talking about the backwards N with the breve. The one that is equivalent to the 'y' in English.
So the Russian language book I had indicated, the yo is almost always written in formal print as ye, and the y is almost always written as i.
Seriously, who couldn't properly read russkii as russkiy? (to use fairly basic transliteration rules)
Yes, the Cyrillic alphabet has 33 characters. 31 if you don't count the E with diaeresis/umlaut, and the backwards N (pronounced I), with a breve over it (pronounced like y)
I'd have not included these letters, if they'd have given an even number, but since they don't I thought, might as well *shrug*.
They're NOT "perfectly" secure though. As far as the cyphertext is concerned, it's the most secure part of it. But you said it yourself the key is the insecurity in the whole method.
If you even keep the key around, or have any directions as to how the key was synchronized, you could possibly come up with a resonable decryption of the text.
And in a court of law, you don't have to prove something perfectly, or 100% mathematically, you just have to prove that there's no doubt in a (generally) non-technically minded person as to the accuracy of your key finding method. The defense could scream all they want that "OTP is uncrackable! They can't PROVE that's the message." But the prosecution just need to support the evidence with "This is how we found the key, and we every reason to believe that the key is valid."
In a civil case this is even easier, as the plantiff need only prove beyond a reasonable doubt that the key they've developed is correct.
If you can prove you obtained the key, by any sort of forensic analysis.. even a broken CD containing a/dev/random image would yield portions of the key, which when paired with other instructions as to finding it, could be used to extract a partial valid key, and thus a partial valid plaintext.
So, what I'm saying is, if you're up against a OTP, don't crack the cyphertext, because, you're right, it says NOTHING about the cyphertext. Rather, you work your butt off to find the key, then the cyphertext gives you the plaintext.
Personally, seeing as how the key is data just like the cyphertext, you've just doubled the data size, and hope that someone doesn't find the other half of the data. And as/.ers are fond of telling people. Security through Obscurity is no Security at All.
He said that eventually any plaintext could be comprimisable.
This is still even true of a OTP.
Say you make an entire CD from/dev/random, and use that as a OTP with your friend. You then send OTP information between each other.
It is entirely possible that someone could obtain this CD, and the synchronizing information used to encrypt and decrypt, then your OTP could eventually become vulnerable.
The problem just becomes PROVING that the information is actually what you say it is. You likely couldn't prove it within 100% mathematical accuracy, but remember that in a court of law for a criminal case, you only need prove it "beyond a shadow of a doubt." (we found this CD contain the OTP sequences, and these communications containing the synchronizing data, and we are confident that these are the messages intended)
Even worse, in a civil case, you only need prove beyond a plausible doubt. This just means that the jury would only need to be mostly convinced that the messages were intentended. "Using this same sequence we were able to extrapolate some other messages which contained directions that were followed directly by one party, thus this same technique is likely to have been followed now."
Honestly, the only 100% safe thing to do is not to even write it down... until we make thought reading machines, and Big Brother owns the world.
Actually... think about it. Were you to make a program such as this, then it would generate pictures of you generating pictures of you generating pictures, ad nauseum until you reach the limits of the pixel size.
But you'd still get eventually a picture of yourself looking at the monitor generating nearly every possible output. (due to constraints due to image quality loss moving from discreet photons to discreet pixels)
OH GOD! Thanks for REMINDING me... Sheesh... I had safely ducked that out of my memory, then you go an remind me.
Remember the two-letter significant identifiers in AppleSoft BASIC? So that $APPLE would be the same as $APPLICATION.
I swear, I was rebelling for years after that naming everything variable_which_I_use_to_do_that_thing, rather than $A $J $AA $AJ $BZ or what have you.
On the other hand, I can read code like no ones bussiness now, because in all that code, the variable names could NEVER accurately fit what they were used for. (Unless you were doing quadratic formula type stuff)
If I actually used Perl, I would want to kill myself.
All hilarity aside though... Your code is not semantically the same as my code. This is because in your code, if the print were ever to fail, then the die wouldn't be executed.
This is like, making sure your suicide note is actually read before you kill yourself.
Mine on the other hand, blatently assumes that the message has been recieved and the process kills itself unquestioningly.
This is much more an emulation of the real life, where one leaves a not somewhere that they hope someone will read it, then kill yourself without knowing that said letter was recieved by anyone.
I actually think it's funny that Microsoft has the gaul to say that they are patent-for-patent more important than any other competitor. You know... except for IBM... which has more patents granted per year, than anyone else.
(If I have my fact right. If I don't please feel free to slap me with a herring.)
Personally I failed three of the questions, because they were an exact copy-paste of a legitimate e-mail, and I turned off the ability of Java-Script files changing the status line text. So when I look down to see what link they go to it says "Go to # on this site."
How the hell was I supposed to know the links were bad without actually viewing the source... and:P I wouldn't fall for any phishings that actually use the onMouseOver event to trigger a correct web addy.
I'd just like to say, just because you didn't get all of these correct, doesn't mean you're stupid, or a moron. The test is stilted against us that disable status bar text alterations.:P
The average non-techie wouldn't know what "Phreaking" was either, but ask any person who knows what it is how it's spelt, and they'll tell you "with a ph"!
Yeah, it has primarily to do with how long they've been in the US. Here in Texas and New Mexico the Hispanics have been here almost 400 years.
They were literally FORCED to not speak Spanish. So now most of them don't. In Los Angeles, I imagine that the Hispanic culture is much fresher from immigrants. Thus, almost all speak Spanish.:)
I imagine Hispanics in the USA, and Spanish speaking Anglos do the same on some forums.
A very small percentage of the hispanics in the USA speak Spanish with enough fluency to be communicable. (Don't tell me I'm wrong, I live in New Mexico, where over half the population is Hispanic.)
Most of the reason for this is because the schools actually PUNISHED students for speaking in Spanish. (Similar to what was done to some Sign Languages, and deaf children.) Thus, the majority of students stopped speaking English, and eventually developped a habit to not speak it.
There's another group that still exists today. Their parents speak Spanish, and spoke Spanish enough that they learned Spanish, and can understand it, but they are incapable of speaking it. This is primarily due to a psychological block because Spanish was viewed as "inferior", and that using it would diminish your English speaking skills, which you needed in order to survive in the world.
Honestly, New Mexico has treated its second official language entirely unfairly, and unjustly. (Yes, here in New Mexico, both English, and Spanish are official languages... but Spanish is mostly an afterthought)
It is though one of a set of WORKING language. A working language is the languages, which must be used when making a speech or something like that. The reason being that the UN cannot afford to hire translators for every combination of X and Y.
Thus, the working set is: English, French, and German.
Everything else is generally translated from these 3 languages into the respective operating languages. (of which, there is one for every language that a delegate speaks)
And you're right, pedantically they should be "UK Citizen" and "US Citizen" (which by the way, the US government uses all the time in place of "American").
Yes, well their concerted effort to use their own "pure" word for E-Mail is pretty funny, so I find.
German of all languages should get its own word, considering that it already has the word "Email", which means "enamel". I actually had Google translate a page for me once, and it was making some weird uses of "enamel", which upon reading the original German, I realized was actually E-Mail.
Slashdot Mirror
Studies have been done where they have a non-symetric character, let's take "R", and display it on a screen at varying rotated angles, it is either a mirror image, or a non-mirror image. The job of the participants was to identify if the R were mirrored, or not.
They found that the time for the participants to respond, in all cases, was linearly related to the rotation of the letter.
This shows that they were mentally rotating the character in a languageless manner, then deciding if it were mirrored or not.
This was a proof (on the same order of validity as this experiment) that language does NOT influence all thought. At least in the area of physical manipulations, humans perform these though processes without language.
Right, I studied a bit of Russian. Although, when you're transliterating to English, it's not j, it's y.
And I know about the palatized vs. unpalatized vowels. a-ja, e-je, the thing that looks like bI-i, o-jo, and u-ju.
I can actually read Cyrillic, I just can't understand what it's saying. Unless it's something simple, like "ty mat sobaka", or something like that.
Right, I was saying you could through out the yo, but I'm not talking about throwing out the "backwards N", I'm talking about the backwards N with the breve. The one that is equivalent to the 'y' in English.
So the Russian language book I had indicated, the yo is almost always written in formal print as ye, and the y is almost always written as i.
Seriously, who couldn't properly read russkii as russkiy? (to use fairly basic transliteration rules)
Yes, the Cyrillic alphabet has 33 characters. 31 if you don't count the E with diaeresis/umlaut, and the backwards N (pronounced I), with a breve over it (pronounced like y)
I'd have not included these letters, if they'd have given an even number, but since they don't I thought, might as well *shrug*.
They're NOT "perfectly" secure though. As far as the cyphertext is concerned, it's the most secure part of it. But you said it yourself the key is the insecurity in the whole method.
/dev/random image would yield portions of the key, which when paired with other instructions as to finding it, could be used to extract a partial valid key, and thus a partial valid plaintext.
/.ers are fond of telling people. Security through Obscurity is no Security at All.
If you even keep the key around, or have any directions as to how the key was synchronized, you could possibly come up with a resonable decryption of the text.
And in a court of law, you don't have to prove something perfectly, or 100% mathematically, you just have to prove that there's no doubt in a (generally) non-technically minded person as to the accuracy of your key finding method. The defense could scream all they want that "OTP is uncrackable! They can't PROVE that's the message." But the prosecution just need to support the evidence with "This is how we found the key, and we every reason to believe that the key is valid."
In a civil case this is even easier, as the plantiff need only prove beyond a reasonable doubt that the key they've developed is correct.
If you can prove you obtained the key, by any sort of forensic analysis.. even a broken CD containing a
So, what I'm saying is, if you're up against a OTP, don't crack the cyphertext, because, you're right, it says NOTHING about the cyphertext. Rather, you work your butt off to find the key, then the cyphertext gives you the plaintext.
Personally, seeing as how the key is data just like the cyphertext, you've just doubled the data size, and hope that someone doesn't find the other half of the data. And as
He said that eventually any plaintext could be comprimisable.
/dev/random, and use that as a OTP with your friend. You then send OTP information between each other.
This is still even true of a OTP.
Say you make an entire CD from
It is entirely possible that someone could obtain this CD, and the synchronizing information used to encrypt and decrypt, then your OTP could eventually become vulnerable.
The problem just becomes PROVING that the information is actually what you say it is. You likely couldn't prove it within 100% mathematical accuracy, but remember that in a court of law for a criminal case, you only need prove it "beyond a shadow of a doubt." (we found this CD contain the OTP sequences, and these communications containing the synchronizing data, and we are confident that these are the messages intended)
Even worse, in a civil case, you only need prove beyond a plausible doubt. This just means that the jury would only need to be mostly convinced that the messages were intentended. "Using this same sequence we were able to extrapolate some other messages which contained directions that were followed directly by one party, thus this same technique is likely to have been followed now."
Honestly, the only 100% safe thing to do is not to even write it down... until we make thought reading machines, and Big Brother owns the world.
Actually... think about it. Were you to make a program such as this, then it would generate pictures of you generating pictures of you generating pictures, ad nauseum until you reach the limits of the pixel size.
But you'd still get eventually a picture of yourself looking at the monitor generating nearly every possible output. (due to constraints due to image quality loss moving from discreet photons to discreet pixels)
In Soviet Russia, ROT-16.5 encrypts YOU! ... Stupid Cyrillic Alphabet having an odd cardinal value. :P
sacrifice ~$ echo "Just wait till the end of the conference. I hear there's a rumor MD5 is broken :)" | md5sum
923b63f834837c76c216737fe0e3eed6 -
Nah, that can't be it.
OH GOD! Thanks for REMINDING me... Sheesh... I had safely ducked that out of my memory, then you go an remind me.
Remember the two-letter significant identifiers in AppleSoft BASIC? So that $APPLE would be the same as $APPLICATION.
I swear, I was rebelling for years after that naming everything variable_which_I_use_to_do_that_thing, rather than $A $J $AA $AJ $BZ or what have you.
On the other hand, I can read code like no ones bussiness now, because in all that code, the variable names could NEVER accurately fit what they were used for. (Unless you were doing quadratic formula type stuff)
English is no longer my first spelling language. :)
:)
But thank you otherwise.
If I actually used Perl, I would want to kill myself.
All hilarity aside though... Your code is not semantically the same as my code. This is because in your code, if the print were ever to fail, then the die wouldn't be executed.
This is like, making sure your suicide note is actually read before you kill yourself.
Mine on the other hand, blatently assumes that the message has been recieved and the process kills itself unquestioningly.
This is much more an emulation of the real life, where one leaves a not somewhere that they hope someone will read it, then kill yourself without knowing that said letter was recieved by anyone.
I actually think it's funny that Microsoft has the gaul to say that they are patent-for-patent more important than any other competitor. You know... except for IBM... which has more patents granted per year, than anyone else.
(If I have my fact right. If I don't please feel free to slap me with a herring.)
Personally I failed three of the questions, because they were an exact copy-paste of a legitimate e-mail, and I turned off the ability of Java-Script files changing the status line text. So when I look down to see what link they go to it says "Go to # on this site."
:P I wouldn't fall for any phishings that actually use the onMouseOver event to trigger a correct web addy.
:P
How the hell was I supposed to know the links were bad without actually viewing the source... and
I'd just like to say, just because you didn't get all of these correct, doesn't mean you're stupid, or a moron. The test is stilted against us that disable status bar text alterations.
The average non-techie wouldn't know what "Phreaking" was either, but ask any person who knows what it is how it's spelt, and they'll tell you "with a ph"!
What? you think I should sleep() on it?
Well, personally, I'm allergic to Morphine, and derivatives.
So, like... I couldn't have a Morphine-based drug no matter what.
So, I hardly see the "big deal" here.
Not only that, but when it was available, it was only available for NT4.0, and supported graphics drivers... Those drivers being soley nVidia.
Yeah, it has primarily to do with how long they've been in the US. Here in Texas and New Mexico the Hispanics have been here almost 400 years.
:)
They were literally FORCED to not speak Spanish. So now most of them don't. In Los Angeles, I imagine that the Hispanic culture is much fresher from immigrants. Thus, almost all speak Spanish.
Very well, they've updated from when I last recieved my statistics... thanks for the information.
A very small percentage of the hispanics in the USA speak Spanish with enough fluency to be communicable. (Don't tell me I'm wrong, I live in New Mexico, where over half the population is Hispanic.)
Most of the reason for this is because the schools actually PUNISHED students for speaking in Spanish. (Similar to what was done to some Sign Languages, and deaf children.) Thus, the majority of students stopped speaking English, and eventually developped a habit to not speak it.
There's another group that still exists today. Their parents speak Spanish, and spoke Spanish enough that they learned Spanish, and can understand it, but they are incapable of speaking it. This is primarily due to a psychological block because Spanish was viewed as "inferior", and that using it would diminish your English speaking skills, which you needed in order to survive in the world.
Honestly, New Mexico has treated its second official language entirely unfairly, and unjustly. (Yes, here in New Mexico, both English, and Spanish are official languages... but Spanish is mostly an afterthought)
French is not the official language of the UN.
It is though one of a set of WORKING language. A working language is the languages, which must be used when making a speech or something like that. The reason being that the UN cannot afford to hire translators for every combination of X and Y.
Thus, the working set is: English, French, and German.
Everything else is generally translated from these 3 languages into the respective operating languages. (of which, there is one for every language that a delegate speaks)
Funny, mine are too, but they all didn't believe me!
I fully agree, both terms are plain silly.
And you're right, pedantically they should be "UK Citizen" and "US Citizen" (which by the way, the US government uses all the time in place of "American").
Yes, well their concerted effort to use their own "pure" word for E-Mail is pretty funny, so I find.
German of all languages should get its own word, considering that it already has the word "Email", which means "enamel". I actually had Google translate a page for me once, and it was making some weird uses of "enamel", which upon reading the original German, I realized was actually E-Mail.