"Well, obviously..." or not. True, if you're a particular flavour of mathematician: "we just construct all possible files in sequence and compute the MD5 of each until we find a match".
However, there isn't enough energy in the solar system to implement this approach.
Finding a plaintext that has a preselected MD5 hash without using brute-force is still an unsolved problem; you can bet, however, that if a solution is found it won't be introduced with "well, obviously".
You can only verify a file's integrity with absolute certainty, as you say, by making a comparison that uses the same information content as the original. However, in the real world, you must of course factor in the liklihood that spurious real-world events will disrupt your computation; ignoring for the moment hostile attacks against your verification protocol.
Additionally, two files can have the same MD5 hash, be arbitrarily long, an ddiffer in only 6 bits. Your 10% comparison is doomed.
The attack in the initial paper does not permit you to discover a plaintext that has a desired hash. It permits you to discover two plaintexts that have the same hash; you have no control over what that hash will be.
That is, for an abitrary (fixed) prefix string P, you can determine X=x(P) and Y=y(P) such that
X != Y MD5(P,X) = MD5(P,Y)
however MD5(P,X) != MD5(P) with very high probability.
I think your reasoning is flawed. Let's say you have a set, {a, b, c, d} of strings all with the same MD5 hash.
How, exactly, do you go from there to a set of strings with the same MD5 _and_ the same (some other hash)? Bear in mind that
otherHash(a) != otherHash(b)
with very high probability; there's nothing essentially "magic" about these strings, except with respect to a single hash algorithm and a single initialisation vector.
You are incorrect. Let's say you have two strings, X and Y, such that
MD5(X,q) = MD5(Y,q).
If you'd read the initial paper you'd know that X and Y are dependent on the MD5 initial vector (IV): that is, the starting internal state of the MD5 routine.
The internal state will _not_ be the same (that is, it's highly unlikely) at the point where you've hashed (X,q).
So X and Y are unlikely to produce a hash collision given the new (and arbitrary) state vector of the MD5 machine.
Some approaches built on top of the RDF stack don't scale to the web, it's true, if they adopt a model of believing all RDF to be nothing more than aggregatable logical assertions. While thus far RDF and OWL don't say much about "the document", there are other approaches that are plausible rather than just blindly asserting everything you find on the web into a reasoning engine.
So there's probably space for something better. The RDF semantics work well enough in "closed" or controlled environments, but a better story of the nature of the web needs to be told. A semantics that takes account of trust or belief and makes the "document" distinction would make for a good PhD topic.
That is not the assumption. Rather, the opposite is assumed, because pragmatically there's no way in hell to produce (let alone get the political will to adopt) the One True Ontology.
This is understood in SW circles. That's why there's such an interest in inter-ontological mapping. This can't all be expressed in DL, though, and it's stuff like this that the famous layer cake diagram tries to capture when it refers to "rules".
Clarification: The assertion was that arithmetic was consistent and complete. My point is that it is not (consistent and complete) - not that it's (not consistent) and (not complete).
Arithmetic is NOT a complete and consistent system. Embedding the peano axioms is sufficient for a formal system to meet the criterion of "sufficiently complex".
The GP asked about generating "random caluli" and seeing where they lead. "A new kind of Science" (whatever you think of it otherwise) has some interesting work along these lines, just looking at various algebras in purely symbolic terms. (Is there any other way to look at them? Well, I would characterise Wolfram's approach here as a more formal symbolic one than is usually used with many of the axiom systems in question.)
Your refutation is flawed; taking a step back, binary search is constant time on a normal processor, because the addressable space is finite. If you actually attempt to produce a binary search algorithm on your "normal processor" then you're going to have a hell of a hard time making its performance scale to an arbitrarily chosen number of elements.
Take a look at the JSP specs. The semantics of JSP constructs are specified by saying that they are equivalent to a bunch of constructs using the java servlet spec. There really is no magic; JSPs can be converted into java servlets (dynamically, if required) and compiled into classes (again, dynamically: the stock java compiler's written in java and is available from runtime). The final (often dynamic) piece of the puzzle is to use a classloader to grab the generated class files and make them available in the runtime. No "java interpretation of java" going on, really.
The two specs are written in the usual Sun style - double spaced and nice big fonts, so they make a pretty easy read. (This isn't facetious: I find their manual layout kind on the eye.)
This article is yet another call for funding. The physics of mega-tsunami are NOT well-understood; the examples given in the documentary you probably saw (which was typically sensationalist) were not of the same order of magnitude that was suggested for this particular piece of rock. And "it could go off at any time" also has to be taken with a geological pinch of salt. Finally, the whole scenario is predicated upon the notion that a slide would precipitate the entire rock-mass (or a sizeable fraction of it) into the sea in one go. Geological opinion is (to put it kindly) not at a consensus on this issue.
They were heartfelt, certainly: at least, the product of conviction. But read the article: Newton dabbled with unitarian heresy. (If about 50 years' of thought can be called "dabbling":-) )
public members have global visibility. private members are visible solely within the top-level class that declares them default-access members have package visibility protected members have package visibility AND are visible to subclasses.
It's a serious problem. XAML, XUL and even SVG are positioning themselves as web-delivered application delivery platforms. The idea is to provide a mechanism for web-delivered apps to NOT look like they're running in a browser; instead, permitting more integration with the desktop.
This kind of spoofing is going to become more problematic, not less.
Actually, in some scenarios the information exposed to traffic analysis may be critical. Whether those scenarios coincide with your average WLAN use is debatable; however, the intention is that WLAN should become a pervasive and persuasive technology for all your data needs (modulo high-energy physicists and geneticists), so some overlap is to be expected.
Have a look for "onion routing" to get a good idea of why people consider this to be important in general, and the extent of the effort you need to go to to obscure traffic form analysis.
What it wouldn't explain though, is why did several of the herbivore evolve defences. Why did the triceratops, for example, need those horns and a massive bone shield, if not for defence? Why did other species grow basically armour plates? What was the evolutionary advantage of that, in the absence of predators?
I'm not a behavioural paleobiologist, but the absence of predators doesn't seem to mean that there's the absence of reasons to fight. Maybe randy triceratops would fight over territory or a mate? Maybe girl triceratops were just turned on by massive head plates. Defence against predators isn't the only evolutionary advantage they might offer.
You assume (possibly in jest?) that a clock rollover is fatal. The GPS clock has already rolled over once. People held their breath, but in the end nobody really noticed.
Slashdot Mirror
"Well, obviously..." or not. True, if you're a particular flavour of mathematician: "we just construct all possible files in sequence and compute the MD5 of each until we find a match".
However, there isn't enough energy in the solar system to implement this approach.
Finding a plaintext that has a preselected MD5 hash without using brute-force is still an unsolved problem; you can bet, however, that if a solution is found it won't be introduced with "well, obviously".
You can only verify a file's integrity with absolute certainty, as you say, by making a comparison that uses the same information content as the original. However, in the real world, you must of course factor in the liklihood that spurious real-world events will disrupt your computation; ignoring for the moment hostile attacks against your verification protocol.
Additionally, two files can have the same MD5 hash, be arbitrarily long, an ddiffer in only 6 bits. Your 10% comparison is doomed.
The attack in the initial paper does not permit you to discover a plaintext that has a desired hash. It permits you to discover two plaintexts that have the same hash; you have no control over what that hash will be.
That is, for an abitrary (fixed) prefix string P, you can determine X=x(P) and Y=y(P) such that
X != Y
MD5(P,X) = MD5(P,Y)
however
MD5(P,X) != MD5(P) with very high probability.
I think your reasoning is flawed. Let's say you have a set, {a, b, c, d} of strings all with the same MD5 hash.
How, exactly, do you go from there to a set of strings with the same MD5 _and_ the same (some other hash)? Bear in mind that
otherHash(a) != otherHash(b)
with very high probability; there's nothing essentially "magic" about these strings, except with respect to a single hash algorithm and a single initialisation vector.
You are incorrect. Let's say you have two strings, X and Y, such that
MD5(X,q) = MD5(Y,q).
If you'd read the initial paper you'd know that X and Y are dependent on the MD5 initial vector (IV): that is, the starting internal state of the MD5 routine.
The internal state will _not_ be the same (that is, it's highly unlikely) at the point where you've hashed (X,q).
So X and Y are unlikely to produce a hash collision given the new (and arbitrary) state vector of the MD5 machine.
Pressing down, and sideways, and up. Pressure is a scalar.
Heh, permit me a frivolous comment on the "BSD way": as Rob Pike put it, "cat came back from Berkeley waving flags."
Some approaches built on top of the RDF stack don't scale to the web, it's true, if they adopt a model of believing all RDF to be nothing more than aggregatable logical assertions. While thus far RDF and OWL don't say much about "the document", there are other approaches that are plausible rather than just blindly asserting everything you find on the web into a reasoning engine.
So there's probably space for something better. The RDF semantics work well enough in "closed" or controlled environments, but a better story of the nature of the web needs to be told. A semantics that takes account of trust or belief and makes the "document" distinction would make for a good PhD topic.
Your conclusion doesn't follow from undecidability arguments. Personally, I'm incomplete _and_ inconsistent. And so is Roger Penrose, dammit.
That is not the assumption. Rather, the opposite is assumed, because pragmatically there's no way in hell to produce (let alone get the political will to adopt) the One True Ontology.
This is understood in SW circles. That's why there's such an interest in inter-ontological mapping. This can't all be expressed in DL, though, and it's stuff like this that the famous layer cake diagram tries to capture when it refers to "rules".
Clarification: The assertion was that arithmetic was consistent and complete. My point is that it is not (consistent and complete) - not that it's (not consistent) and (not complete).
Arithmetic is NOT a complete and consistent system. Embedding the peano axioms is sufficient for a formal system to meet the criterion of "sufficiently complex".
The GP asked about generating "random caluli" and seeing where they lead. "A new kind of Science" (whatever you think of it otherwise) has some interesting work along these lines, just looking at various algebras in purely symbolic terms. (Is there any other way to look at them? Well, I would characterise Wolfram's approach here as a more formal symbolic one than is usually used with many of the axiom systems in question.)
Your refutation is flawed; taking a step back, binary search is constant time on a normal processor, because the addressable space is finite. If you actually attempt to produce a binary search algorithm on your "normal processor" then you're going to have a hell of a hard time making its performance scale to an arbitrarily chosen number of elements.
Take a look at the JSP specs. The semantics of JSP constructs are specified by saying that they are equivalent to a bunch of constructs using the java servlet spec. There really is no magic; JSPs can be converted into java servlets (dynamically, if required) and compiled into classes (again, dynamically: the stock java compiler's written in java and is available from runtime). The final (often dynamic) piece of the puzzle is to use a classloader to grab the generated class files and make them available in the runtime. No "java interpretation of java" going on, really.
The two specs are written in the usual Sun style - double spaced and nice big fonts, so they make a pretty easy read. (This isn't facetious: I find their manual layout kind on the eye.)
You have just described the plan 9 approach to getting rid of suid: privileged daemon processes acting on the behalf of a user via an IPC request.
This article is yet another call for funding. The physics of mega-tsunami are NOT well-understood; the examples given in the documentary you probably saw (which was typically sensationalist) were not of the same order of magnitude that was suggested for this particular piece of rock. And "it could go off at any time" also has to be taken with a geological pinch of salt. Finally, the whole scenario is predicated upon the notion that a slide would precipitate the entire rock-mass (or a sizeable fraction of it) into the sea in one go. Geological opinion is (to put it kindly) not at a consensus on this issue.
They were heartfelt, certainly: at least, the product of conviction. But read the article: Newton dabbled with unitarian heresy. (If about 50 years' of thought can be called "dabbling" :-) )
Argh. This is inaccurate./ html/names.doc.html#104285
Here's a link:
http://java.sun.com/docs/books/jls/second_edition
In a nutshell (and paraphrasing)
public members have global visibility.
private members are visible solely within the top-level class that declares them
default-access members have package visibility
protected members have package visibility AND are visible to subclasses.
It's a serious problem. XAML, XUL and even SVG are positioning themselves as web-delivered application delivery platforms. The idea is to provide a mechanism for web-delivered apps to NOT look like they're running in a browser; instead, permitting more integration with the desktop.
This kind of spoofing is going to become more problematic, not less.
Actually, in some scenarios the information exposed to traffic analysis may be critical. Whether those scenarios coincide with your average WLAN use is debatable; however, the intention is that WLAN should become a pervasive and persuasive technology for all your data needs (modulo high-energy physicists and geneticists), so some overlap is to be expected.
Have a look for "onion routing" to get a good idea of why people consider this to be important in general, and the extent of the effort you need to go to to obscure traffic form analysis.
America doesn't have an official language. It has a majority language, which in 15 years time may well be Spanish. Are you learning that?
:-) ]
[Incidentally you can learn this and many other interesting facts about your own country by watching "the West Wing"
You ask:
What it wouldn't explain though, is why did several of the herbivore evolve defences. Why did the triceratops, for example, need those horns and a massive bone shield, if not for defence? Why did other species grow basically armour plates? What was the evolutionary advantage of that, in the absence of predators?
I'm not a behavioural paleobiologist, but the absence of predators doesn't seem to mean that there's the absence of reasons to fight. Maybe randy triceratops would fight over territory or a mate? Maybe girl triceratops were just turned on by massive head plates. Defence against predators isn't the only evolutionary advantage they might offer.
It has a mass of 1kg.
You assume (possibly in jest?) that a clock rollover is fatal. The GPS clock has already rolled over once. People held their breath, but in the end nobody really noticed.