While I have been unable to find anyone interested in the Canadian government to take up the cause, I have tried to suggest the same thing to them.
Canada has a small film industry, and I believe that most of the smaller companies cannot afford to license DVD's region codes to competition globally. This should be setting off fireworks in the federal culture office (Canadian Heritage), but hasn't seen to trigger a trickle of interest. In fact the only DVD I have from a Canadian production is not CSS encrypted (thus not region coded either).
The problem is, like in the DeCSS case, short- sighted people assume that any films will be both available and more common in VHS format, so DVDs don't really matter.
It is also a problem because Canadian retailers stock Region 1 (North Americian) DVD players, yet I do not know of any french language DVDs with Region 1 code, thus interefering with francophones who wish to buy a DVD player and watch french DVDs (which tend to be Region 2).
I've wanted to change to IPv6 for a long time now, but it seems that major upgrades that break things need to have a tangible benefit to end-users. Some application needs to be updated or replaced to handle IPv6. IPv6 doesn't appear to have a benefit to the end-user, only the network admins, so it the users are not demanding it. So far there isn't end-user application that users are screaming for.
Makes me think it's a customer-driven world we live in.
OS vendors and network hardware vendors are treating IPv6 as experimential, which is why people are not deploying it. People like the network to work with as little work as possible. You are more likely to be pitched about Voice over IP than IPv6 from a vendor salesperson.
Another major concern is hardware compatiblity, people don't want to scrap older routers. IT departments have to watch their budgets these days. Most routers do support IPv6 or can be updated to do so.
Pointless experimentation? You admit it is an experiment. Voice-over-IP isn't something everyone uses often, and here is a non-profit low-cost effort to build a global network of linked repeaters using VoIP. Sounds interesting to me.
Yes using it isn't may not be exciting to use if you are using to using HF communications directly, but not everyone has HF privileges. It sounds quite interesting to build. It would be one of the easiest ways that an amateur with only VHF privileges can communicate world-wide, using a low-power handheld 2m or 70cm radio. Sounds like a neat experiment, and something that a new ham might find inspiring to work towards HF qualifications because of.
Using an Internet link does not always mean using a "phone line". If you checked out the site, you'd see part of their link in BC uses wireless ethernet. You could build a node that uses HF packet carring TCP/IP and VoIP. Nothing is to prevent that, and it would be compatible with other wired repeaters.
A lot of your message sounds like what was said about repeaters back in the 70s or any new digital mode from RTTY to PSK31, AMSAT, and likely about SSB[1] versus AM.
1. single sideband, suppressed carrier, uses less bandwidth than AM
Kerchkhoff's Principle: The security of the crypto-system must not depend on keeping secret the crypto-algorithm. The security depends only on keeping secret the key. (written in 1883)
Why did Kerchkhoff made such a radical statement? Because over the last, oh roughly 500 years, history has told the sad tale of bold cryptographers who sold their systems as unbreakable, and grossly underestimated the inventiveness of their enemies.
Ciphers (encryption algorithms) need to be designed to withstand the most cunning of oppositions. Who's main method is thinking "out of the box" to come up with diffierental cryptanalysis, timing attacks -- timing how long an encryption takes, differential power analysis -- measuring the power consumption, impossible cryptanalysis -- figuring which differentials aren't possible).
To understand more about how "security through obsurity" does more harm than good, read any one of the dozen accounts about the Engima used during World War II, and the Anglo-American (and Polish) effort which successfully analysed this "unbreakable" system. Like Code Breaking, The Code Breakers, or The Code Book.
I think at this point in history we're still dealing with the repercussions of a skewed educational system and societal expectations. I'm guessing that 5-10 years from now, the IT gender gap will have shrunk significantly.
Unfortunately there are now a smaller percentage of females in university or college Computer Science than 10-15 years ago. AFAIK there are more women in Physics, and Math per capita than Computer Science.
While the absolute numbers have increased, the percentage has decreased. I think over the last two years has been skewed by the dot com get rich quick profit craze which has affected enrollment (much higher first-term drop out in CS). Maybe the geekiness has worn off, and after this dot com silliness is gone we will hopefully see more women in Computer Science and IT.
One major benefit of placing source code under the GPL is getting enhanced version back, patches or extensions written by others, shared with the original programmer.
It is not clear to me that there is an equal benefit with music, derived works (e.g. typically cover tunes) benefit the deriver more than the orignal. Other than radio DJs lamenting how much better the orignal tune was, even though they never played it anymore, and the cover gets lots of air play so they can lament for the good old days.
While I won't reject it out of hand, I'd like to hear from some actual artists whether this derived music is viewed as a benefit by them.
Too bad I don't have a community radio station programme any more, I'd would be interested in doing a OAL music format show. All Open, All the Time.
A couple of months ago, I speculated aloud about whether the "play" factor in IT (think: setting up a PC or network, getting a RAID controller to work under Solaris for intel, Unix sys admins tasks, database admin) might explain at least partly why women seem to make up a small number in certain segements of IT.
I have met very few female System Admins, Database Admins, Assembly Programmers, while quite a few females in System/Business Analysts, Application Programers, Support, and Technical Writers.
I think I called it the "gee-whiz" factor, of playing with a new toy. It seems to be more common to find women in the analyical roles, which might be more abstract than hands-on (Helpdesk and Support are the exception).
I also have found fewer women in "heroic effort" teams, where the team works in death march style repeatedly, due to poor planning or poor management.
Since this is about peer-reviewed scientific journals, I think what you will see is the growth of non-profit groups like AMS (in Math) and ACM, IEEE (in Computer Science) who already do a serious amount of publishing in the journals (Transactions on...) and conferences SIGGRAPH of high quality.
Since these journals are being reviewed by peers, publishing by such non-profit groups can work. Both the submitter and review wants the highest quality publication since it helps their respective reputations, the reviewer does not need a hugh amount of cash, just enough to cover expensives or pay for the costs of their next paper.
Smaller topics in mathematics, computer science, and physics already have free pre-print services (arXiv.org www.acm.org/dl), and more than a few online peer reviewed publications. These areas have quickly adapted because they already use electronic submissions of "camera-ready" papers in TeX format.
I think the important point is that these speciality publications are for a small community not for a general audience. The numbers are small, and most participates main income comes from elsewhere.
Read the PGP manual it deals with these sorts of questions.
There was already a Word marco virus Caligula that attacked the PGP secret keyring and mails it to codebreakers.org, circa 1998.
You are mainly concerned with your private key ring, since lose or corruption of that would be the most damage. If the public key ring was modified you could alter local trust of a specified key, but it could not sign a public key
without the private key.
As others have stated the private key itself is protected by symmetric encryption (e.g. IDEA, TripleDES) and you need the passphrase to unencrypt this encryption. So, a private key protected by a poor passphrase could be brute forced using a fast dictonary search tool, similar to Alex Muffett's crack for Unix passwords.
There are several ways to increase the security without irrating the user, such as using a floppy based key ring, using a smartcard memory card to store your own public/private keys, using a Dallas iButton, a removable PCCard (PCMCIA) storage device, or using a crypto smart card that stores your own private/public key, and does the RSA calculations on the card, designed in a such a manner as the keys cannot be extracted from the card. This gets into Differential Power Analysis (PDA) and tamper resistance attacks.
For a high security application, you could consider a hybrid smartcard and PDA (e.g. Palm), which forms a small trusted computer. Of course most security experts wouldn't call a out of the box Palm and PalmOS a trusted platform, but it's an example of a smartcard with a direct human interface (human input & output), rather than trusting a larger more complicated computer which is also more flexible because it is designed to be general purpose. Some 3G cell phones plan on having similar smartcard interfaces I believe. I think Nokia had a prototype. Of course since there have been some trojan SMS messages already seen in Europe, and with WAP expected to expand its capabilities rather than die, you can expect this to be a more virus friendly platform as cellphones evolve.
While Bruce's Secrets and Lies shows his change of heart from the absolute security through cryptography that he and cypherpunks dreamt of in the early 90's, he now understands that absolute security in a practial system is a myth, and wants readers to think like engineers in weighing of trade-offs, how easy to use verus how secure, and how expensive vs. how secure. It is not a reason to give up on cryptography, but to realise that in designing and working with secure systems you need to look at more than just which neat cryptographic algorithms to use.
Sorry, I live in a country where the large daily newspapers print garbage articles about "kids who use cell phones will get cancer".
I also have seen people have actual problems with neighbours because of their amateur radio antennas or external wireless ethernet and fears of cancer.
wouldn't a better solution due to signal loss over the length of a wire be to boost the incoming signal from the source, whether that be incoming (boosting at the antenna) or outgoing (boosting the signal before it goes up the line)? If the antenna adequately receives the data, the data loss is coming from loss of signal from the line, not the antenna not picking the signal up.
To clarify, there are two cables, at the transmitter and at the receiver. With many RF grade cables, there is significate signal lost in the cable above 1GHz. So if your transmitter loses most of the signal in the cable (mixes with noise), amplifing at the antenna would result in louder noise. Amplification at the transmitter itself is only limited sucess, because increased amplication also amplifies the noise already present at the transmitter though it does overcome signal lose in the cable.
We are talking licenseless (Part 15 in the US) 2.4GHz 802.11(b) here. You cannot amplify the transmitted signal very much, and I believe there is a limit to how high a gain antenna you can use (14db perhaps?), the specs are lower in Europe (7db gain for antennas I believe).
The receivering antenna then has to send that microvoltage RF signal through the cable to the receiver.
Using low-lose cable is a good thing for maximum performance, and using a clear unobstructive path (2.4 is partly absorbed by buildings) is the single best thing you can do to gain distance.
Wireless is in its infancy, and it's probably going to give us all cancer, but I like being able to take the telco out of the loop (no pun intended).
Yeah, it's only been 100 years since Marconi transmitted his famous trans-atlantic England to Canada. Microwave frequencies have been used for about 40-50 years for communications, and digital wireless is about 20-25 years old.
Unlicensed 2.4GHz is not designed for long distance, in fact it is designed not to be long distance. This is to reduce the work of people like the FCC Enforcement, NAB (broadcast radio) engineers and other licensed 2.4GHz radio spectrum users from tracking down interfereing transmitters. Remember, radio waves do not respect politic or property boundaries, so successful (i.e. effective and reliable) use requires coordination and co-operation.
Unless you put the antenna (or other EMF radiators) next to your head, it is not likely you will get cancer from Wireless ethernet.
I loved my Amigas (500 and 3000), but every time I see an article about the rising phonix called Amiga, can't help thinking that maybe the Amiga should be left in the past.
It was fun; it was a great computer, but like the rest of the 80's, I think the party is over.
Isn't time to move on? Promote BeOS, or GNU/Linux/GNOME/whatever_desktop instead.
Sorry, that "article" proves so little insight I don't see how it is worth mentioning.
If anyone (i.e. not an electical engineer) wants to learn about radio frequency (RF) propogation, I suggest finding some amateur radio publications such as The ARRL Handbook (2001 edition). It provides plain english explaination and particial experience about the operating in the microwave bands.
Typical 802.11(b) usage is under license-free operation for local "ad-hoc" networks. The equipment is designed to operate locally such as a college campus or a company building, not across town. This relates to the license-free usage exemptions (Part 15 or 11, I believe).
If you want higher power or higher gain antennas, you will need a license from the FCC (in USA) or similiar government agency in your country. Interference with other users of the radio spectrum can result in a fine from the FCC. Story about a wireless ISP being investigated by the FCC.
In Canada it has been acknowledged that like VCR's time-shifting, transfering a licensed audio recording according various media, such as vinyl record to CDR, or CD to cassette, is legal.
This was part of the basis for imposing a levy or tax on blank cassettes and the levy on blank audio CD-Rs. This money was to be distributed to artists and songwriters (or was that multinational copyright holders...) based on sales popularity.
Backing up an licensed audio CD is legal in Canada, AFAIK. After all I supposed pay the big bucks not for the piece of plastic but to pay to the artists and songwriters, so if I back up what I get with my "license" then I am not gaining any unfair advantage, nor are the creative artists and technical engineers lose any income.
This reminds me of the study done by Customs Canada that looking at obscene material did not affect their employees. The references are available from EFC archives.
Yet, this same study was not taken seriously in the freedom of speech context, that is if Customs says high concentration of this material doesn't damage the mental health and well being of their employees, yet the average citizen should still not be allowed to look at the material in question. A classic double standard.
Some speculation that the study was to be used as potential evidence if there were lawsuits by Customs employee that smut and filth that ruined their lives.
Are AOL censors lives ruined by the subjection to porn and illegal material in the workplace as part of their job?
To rate the reviewers, I think Michael's comments were redundant and didn't add anything to the main two reviews. drfalken's was a good review, and topeka gave a good (longish) summary of the book though neglected to mention my favorite bit, the cypherpunks.
It is an enjoyable read, a light quick read in the genre which might be described as "group biography". Similiar to Hackers.
I would describe it as a light-weight version of a book that picks up where The Codebreakers by David Kahn left off. Following the events myself since the early 90's I found I learnt a pleasant amount about the people, making the topic more humane as opposited to a technical or flamewar discussion.
Slashdot Mirror
Canada has a small film industry, and I believe that most of the smaller companies cannot afford to license DVD's region codes to competition globally. This should be setting off fireworks in the federal culture office (Canadian Heritage), but hasn't seen to trigger a trickle of interest. In fact the only DVD I have from a Canadian production is not CSS encrypted (thus not region coded either).
The problem is, like in the DeCSS case, short- sighted people assume that any films will be both available and more common in VHS format, so DVDs don't really matter.
It is also a problem because Canadian retailers stock Region 1 (North Americian) DVD players, yet I do not know of any french language DVDs with Region 1 code, thus interefering with francophones who wish to buy a DVD player and watch french DVDs (which tend to be Region 2).
Makes me think it's a customer-driven world we live in.
OS vendors and network hardware vendors are treating IPv6 as experimential, which is why people are not deploying it. People like the network to work with as little work as possible. You are more likely to be pitched about Voice over IP than IPv6 from a vendor salesperson.
Another major concern is hardware compatiblity, people don't want to scrap older routers. IT departments have to watch their budgets these days. Most routers do support IPv6 or can be updated to do so.
Pointless experimentation? You admit it is an experiment. Voice-over-IP isn't something everyone uses often, and here is a non-profit low-cost effort to build a global network of linked repeaters using VoIP. Sounds interesting to me.
Yes using it isn't may not be exciting to use if you are using to using HF communications directly, but not everyone has HF privileges. It sounds quite interesting to build. It would be one of the easiest ways that an amateur with only VHF privileges can communicate world-wide, using a low-power handheld 2m or 70cm radio. Sounds like a neat experiment, and something that a new ham might find inspiring to work towards HF qualifications because of.
Using an Internet link does not always mean using a "phone line". If you checked out the site, you'd see part of their link in BC uses wireless ethernet. You could build a node that uses HF packet carring TCP/IP and VoIP. Nothing is to prevent that, and it would be compatible with other wired repeaters.
A lot of your message sounds like what was said about repeaters back in the 70s or any new digital mode from RTTY to PSK31, AMSAT, and likely about SSB[1] versus AM.
1. single sideband, suppressed carrier, uses less bandwidth than AM
Microsoft issues bounty for OS-less PC buyers:
Rat your customer and help them be 'compliant'
30 April 2001 5:30am
5W NBFM transmitter, 146MHz (amateur 2m band)
Theoric distance of over 10,000 miles (in free space).
Why did Kerchkhoff made such a radical statement? Because over the last, oh roughly 500 years, history has told the sad tale of bold cryptographers who sold their systems as unbreakable, and grossly underestimated the inventiveness of their enemies.
Ciphers (encryption algorithms) need to be designed to withstand the most cunning of oppositions. Who's main method is thinking "out of the box" to come up with diffierental cryptanalysis, timing attacks -- timing how long an encryption takes, differential power analysis -- measuring the power consumption, impossible cryptanalysis -- figuring which differentials aren't possible).
Bruce Schneier at Counterpane Labs and Ross Anderson at Security Group at Cambridge University have several essays about how security systems fail because the enemy "breaks the rules". (Why Cryptosystems Fail, Why Cryptography Is Harder Than It Looks, etc.)
To understand more about how "security through obsurity" does more harm than good, read any one of the dozen accounts about the Engima used during World War II, and the Anglo-American (and Polish) effort which successfully analysed this "unbreakable" system. Like Code Breaking, The Code Breakers, or The Code Book.
Unfortunately there are now a smaller percentage of females in university or college Computer Science than 10-15 years ago. AFAIK there are more women in Physics, and Math per capita than Computer Science.
While the absolute numbers have increased, the percentage has decreased. I think over the last two years has been skewed by the dot com get rich quick profit craze which has affected enrollment (much higher first-term drop out in CS). Maybe the geekiness has worn off, and after this dot com silliness is gone we will hopefully see more women in Computer Science and IT.
Have fun.
It is not clear to me that there is an equal benefit with music, derived works (e.g. typically cover tunes) benefit the deriver more than the orignal. Other than radio DJs lamenting how much better the orignal tune was, even though they never played it anymore, and the cover gets lots of air play so they can lament for the good old days.
While I won't reject it out of hand, I'd like to hear from some actual artists whether this derived music is viewed as a benefit by them.
Too bad I don't have a community radio station programme any more, I'd would be interested in doing a OAL music format show. All Open, All the Time.
I have met very few female System Admins, Database Admins, Assembly Programmers, while quite a few females in System/Business Analysts, Application Programers, Support, and Technical Writers.
I think I called it the "gee-whiz" factor, of playing with a new toy. It seems to be more common to find women in the analyical roles, which might be more abstract than hands-on (Helpdesk and Support are the exception).
I also have found fewer women in "heroic effort" teams, where the team works in death march style repeatedly, due to poor planning or poor management.
Since these journals are being reviewed by peers, publishing by such non-profit groups can work. Both the submitter and review wants the highest quality publication since it helps their respective reputations, the reviewer does not need a hugh amount of cash, just enough to cover expensives or pay for the costs of their next paper.
Smaller topics in mathematics, computer science, and physics already have free pre-print services (arXiv.org www.acm.org/dl), and more than a few online peer reviewed publications. These areas have quickly adapted because they already use electronic submissions of "camera-ready" papers in TeX format.
I think the important point is that these speciality publications are for a small community not for a general audience. The numbers are small, and most participates main income comes from elsewhere.
I didn't even say peer2peer once.
There was already a Word marco virus Caligula that attacked the PGP secret keyring and mails it to codebreakers.org, circa 1998.
You are mainly concerned with your private key ring, since lose or corruption of that would be the most damage. If the public key ring was modified you could alter local trust of a specified key, but it could not sign a public key without the private key.
As others have stated the private key itself is protected by symmetric encryption (e.g. IDEA, TripleDES) and you need the passphrase to unencrypt this encryption. So, a private key protected by a poor passphrase could be brute forced using a fast dictonary search tool, similar to Alex Muffett's crack for Unix passwords.
There are several ways to increase the security without irrating the user, such as using a floppy based key ring, using a smartcard memory card to store your own public/private keys, using a Dallas iButton, a removable PCCard (PCMCIA) storage device, or using a crypto smart card that stores your own private/public key, and does the RSA calculations on the card, designed in a such a manner as the keys cannot be extracted from the card. This gets into Differential Power Analysis (PDA) and tamper resistance attacks.
For a high security application, you could consider a hybrid smartcard and PDA (e.g. Palm), which forms a small trusted computer. Of course most security experts wouldn't call a out of the box Palm and PalmOS a trusted platform, but it's an example of a smartcard with a direct human interface (human input & output), rather than trusting a larger more complicated computer which is also more flexible because it is designed to be general purpose. Some 3G cell phones plan on having similar smartcard interfaces I believe. I think Nokia had a prototype. Of course since there have been some trojan SMS messages already seen in Europe, and with WAP expected to expand its capabilities rather than die, you can expect this to be a more virus friendly platform as cellphones evolve.
While Bruce's Secrets and Lies shows his change of heart from the absolute security through cryptography that he and cypherpunks dreamt of in the early 90's, he now understands that absolute security in a practial system is a myth, and wants readers to think like engineers in weighing of trade-offs, how easy to use verus how secure, and how expensive vs. how secure. It is not a reason to give up on cryptography, but to realise that in designing and working with secure systems you need to look at more than just which neat cryptographic algorithms to use.
Sorry, I live in a country where the large daily newspapers print garbage articles about "kids who use cell phones will get cancer".
I also have seen people have actual problems with neighbours because of their amateur radio antennas or external wireless ethernet and fears of cancer.
It seems to me that it feels like the kiss of death, to give a computer product (OS) the name of a system that already died once already.
To clarify, there are two cables, at the transmitter and at the receiver. With many RF grade cables, there is significate signal lost in the cable above 1GHz. So if your transmitter loses most of the signal in the cable (mixes with noise), amplifing at the antenna would result in louder noise. Amplification at the transmitter itself is only limited sucess, because increased amplication also amplifies the noise already present at the transmitter though it does overcome signal lose in the cable.
We are talking licenseless (Part 15 in the US) 2.4GHz 802.11(b) here. You cannot amplify the transmitted signal very much, and I believe there is a limit to how high a gain antenna you can use (14db perhaps?), the specs are lower in Europe (7db gain for antennas I believe).
The receivering antenna then has to send that microvoltage RF signal through the cable to the receiver.
Using low-lose cable is a good thing for maximum performance, and using a clear unobstructive path (2.4 is partly absorbed by buildings) is the single best thing you can do to gain distance.
Yeah, it's only been 100 years since Marconi transmitted his famous trans-atlantic England to Canada. Microwave frequencies have been used for about 40-50 years for communications, and digital wireless is about 20-25 years old.
Unlicensed 2.4GHz is not designed for long distance, in fact it is designed not to be long distance. This is to reduce the work of people like the FCC Enforcement, NAB (broadcast radio) engineers and other licensed 2.4GHz radio spectrum users from tracking down interfereing transmitters. Remember, radio waves do not respect politic or property boundaries, so successful (i.e. effective and reliable) use requires coordination and co-operation.
Unless you put the antenna (or other EMF radiators) next to your head, it is not likely you will get cancer from Wireless ethernet.
It was fun; it was a great computer, but like the rest of the 80's, I think the party is over.
Isn't time to move on? Promote BeOS, or GNU/Linux/GNOME/whatever_desktop instead.
If anyone (i.e. not an electical engineer) wants to learn about radio frequency (RF) propogation, I suggest finding some amateur radio publications such as The ARRL Handbook (2001 edition). It provides plain english explaination and particial experience about the operating in the microwave bands.
Typical 802.11(b) usage is under license-free operation for local "ad-hoc" networks. The equipment is designed to operate locally such as a college campus or a company building, not across town. This relates to the license-free usage exemptions (Part 15 or 11, I believe).
If you want higher power or higher gain antennas, you will need a license from the FCC (in USA) or similiar government agency in your country. Interference with other users of the radio spectrum can result in a fine from the FCC. Story about a wireless ISP being investigated by the FCC.
This was part of the basis for imposing a levy or tax on blank cassettes and the levy on blank audio CD-Rs. This money was to be distributed to artists and songwriters (or was that multinational copyright holders...) based on sales popularity.
Backing up an licensed audio CD is legal in Canada, AFAIK. After all I supposed pay the big bucks not for the piece of plastic but to pay to the artists and songwriters, so if I back up what I get with my "license" then I am not gaining any unfair advantage, nor are the creative artists and technical engineers lose any income.
Yet, this same study was not taken seriously in the freedom of speech context, that is if Customs says high concentration of this material doesn't damage the mental health and well being of their employees, yet the average citizen should still not be allowed to look at the material in question. A classic double standard.
Some speculation that the study was to be used as potential evidence if there were lawsuits by Customs employee that smut and filth that ruined their lives.
Are AOL censors lives ruined by the subjection to porn and illegal material in the workplace as part of their job?
It is an enjoyable read, a light quick read in the genre which might be described as "group biography". Similiar to Hackers.
I would describe it as a light-weight version of a book that picks up where The Codebreakers by David Kahn left off. Following the events myself since the early 90's I found I learnt a pleasant amount about the people, making the topic more humane as opposited to a technical or flamewar discussion.
The Sentient project extends this, it ties together the locator, the computer, the "model world" and communication systems.
BTW, To leave the system, simply leave your badge on your desk.
Sounds like ActiveBadge, also of AT&T Cambridge. Active Badge.
> Is this actually true? References? As far as
> I've heard, the rotor configuration was
> parametrable, and indeed changed regularily.
The Enigma did use keys, which was starting position of the n number of rotors. Various Engima models had different numbers of rotors.
Furthermore there is the wiring of the plugboard in the front.
See German Enigma Cipher Machine and Frode's Crypto Page more details about the Engima including simulators.
Do you have any evidence of a backdoor? No? I didn't think so.