What no one seems to mention is that their attack finds "freeform" collisions. I mean, they go and find two plaintexts with the same hash. I wouldn't worry about it until they find 2^63 attack against given plaintext/hash.
You can read about the distinction in Birthday Paradox article on Wikipedia. In short, when the difficulty of finding collision against a given message is 2^n, the difficulty of finding any two colliding plaintexts is 2^(n/2).
So, while they may have found 2^63 attack against SHA-1, it is still a "birthday attack", and to find collision against my message signed with sha-1 the attack would still be 2^126.
Well, honest mistake, because in my native tongue everything that sounds "f" is spelled "f"[1].
On the other hand, I don't see much outrage against natives[2] mistaking homonyms there/their/they're, something that makes me really sick, yet happens all the time...;)
Robert
[1] unless it is "w" read in Polish as "v" -- before a voiceless consonant or at the end of the word it sounds "f";)
[2] foreigners usually don't make this mistake, because we learn to speak and write these homonyms at the same time, as opposed to natives who learn to speak years before learning to write; by the same token, foreigners usually don't mistake Polish homonymous ch/h, u/ó, rz/z-with-dot-above[3], whereas native Polish speakers have problems with it their whole life...;)
[3] should be ż -- sheesh, someone should make/. display unicode properly...
I distinctly remember a patent case from other field, that would suggest there is no prior art in American legal sense of the idea in this case.
(I don't remember exact facts, can't find any sources, so just correct the information, if you know better.)
Some Farmaceutical Consortium developed a drug. It was based on some Indian (as in India) herb, or synthesised based on active factors from those herbs. The herb/plant/whatever and its medical properties were known in India for thousands of years, yet the patent was granted in USA. The same patent was rejected in EU after apeal.
I remember that analysss of the case explained different results by different definitions of Prior Art in EU and US. In the US known medical properties of a plant are PA if they were described in Medical or Scientific Journals. In EU PA includes also other sources, including folk tradition etc.
I know, which definition I prefer. After all, there aren't many scientific publications about the wheel...
Robert
PS I think the case of farmaceutics was described on Groklaw.
Just great, touch sensitive mouse, where you have to hold fingers in the air instead of resting them on the buttons. This adds a whole new depth to RSI.
I was operating mixmaster server some time ago. After couple of months of operation I've had couple of court orders[1] to reveal identity of people for which I was the last hop in mixmaster network. I decided to check outgoing mail for which I was last hop[2]. Around 90% of that mail was spam, scam, child pornography, harassment and simillar illegal and/or unethical stuff.
That was the end of mixmaster@hell.pl.
Oh, I believe, that there are some people in dictatorships, or some whistleblowers and other people, that really need anonymity on the net. But the reality is that whenever you make such a service available to population at large, it's the scum of the earth that dominates it.
Robert
[1] at least next best thing in my country, because here orders for search etc are issued by prosecution; don't ask me, why it is, it's stupid when the party to a conflict sings search warrants for the other party;
[2] you can't view mails that are just passing through your system in mixmaster network, they are encrypted; onl the mails that leave mixmaster network through your system are cleartext (if they aren't internally encrypted, of course);
Killing this directive is very dangerous since pro-patent lobbyists have already stated on record, that they want the directive in current shape or not at all.
If the directive doesn't pass, they can still lobby individual governments.
If the directive passes in castrated form with provisions preventing pure software and business method patents, member countries won't be able to enact legislation permitting it.
So, what we, Europeans, really want is for the directive to pass in a form that once and for all prevents this abomination called software patents to be reborn.
Not really a physical, it was always a cultural difference. Central and West Europe was always a culture built around Roman Catholic church, and Roman-Latin rite and culture. Later of course some of the countries switched to Protestant denomiations.
Eastern Europe was built around Eastern Orthodox Church and Byzantium-Greek Culture. Greek-Catholic (Uniate) Church, in some EE countries (Belarus and Ukraine) is today formally part of the Roman-Catholic Church, but culturally and ritually is still part of the eastern-rite church.
But then again, southern Slavs or Greeks consider themselves "Southern Europe" rather than "Eastern".
The other countries often referred to as "Eastern Europe" would rather be called today Baltic States - Lithuania, Latvia, Estonia. Estonia would even want to go farther and be a Nordic State.
It is very complex question and any self-respecting source will enumerate even more conflicting reasons to call or not to call a country "Eastern Europe". For me the best way is to ask people from that country, what they want to be called.
Poland was the first Eastern European country to join the 'million broadband lines' club.
Just so you know, because some Pole might slap you in the face otherwise:
Poland isn't and never was a part of "Eastern Europe". "Eastern Europe" is synonym for Byzantium/Orthodox Church (among other things) while Poland was always Roman Catholic country.
Poland for a short period of time was a part of the "Eastern Block", but it was always located in "Central Europe", just like Austria or Czech Republic.
Does this ruling mean that there's nothing to prevent them from blocking access to VoIP services competing with their overpriced PSTN-over-cable offerings?
or is this just another patent for tech that *could* be made in 2025.
No, it's a new trend: companies patent problems without a solution anticipating that some court in a couple of years will grant them license fees from someone that's going to actually put the money and effort to solve the problem.
I remember seeing in this category patents for ethical AI[1], Sony patenting virtual reality games via ultrasound stimulation of a brain. None of this thech is or will be available in foreseeable future.
To (US) americans it might seem like it, but there are actually big countries, even continents outside the United States.
I should know something about it, I am Pole living in Poland. And yet most of the music is published here by RIAA companies or entities spawned by them. Just as unlistenable as American pulp, I might add.
Is a site that shares old Stevie Nicks, Frank Sinatra, and Ian Hunter live shows really that much of a threat to the music industry?
Of course it is. It was said many times, but I'll say it again:
It was never about "lost sales" of current music pwn3d by RIAA members, it was about squashing competition and choice. Execs in the music industry are many things, but they are not stupid, and they are the people with the best access to the numbers showing that free exposure to music increases its sales. It was always about control of the distribution channel. The listener would have a choice other than buying music from them, either by downloading live, unreleased performances, or independent artists.
When you shut the alternatives people have no choice but to buy music from RIAA members.
IIRC, it is called "dwell" - and isn't something you are likely to have to change (or be able to change) unless your car is a pre-1980's distributor/points design.
Well, I've learnt car maintenance while I was doing a military service as a driver in miner patrol. It was early nineties, but the cars I used to drive were from the sixties: Star 66 and Star 660, wonderful 6x6 heavy-terrain trucks;)
Considering what has transpired, the obvious choice is subversion:)
Not really. Subversion is like CVS that doesn't suck that much.
I'd rather advice Gnu Arch. It is free software (not "free" software) with many features of bitkeeper, like independent repositories (i.e. version controlled local branches w/o write access to central repository), cheap branching and many more.
When you own a car, you either learn how to change tyres and set a proper ignition anticipation angle (or whatever it is called in English) or (if you can't be bothered to learn these things) you pay someone to do this.
Why should it be any different with computers? You can even buy yourself counterpart of the "car with a hood welded shut" (Macintosh). Or, if you have to own a PC, whenever I open any local newspaper on classifieds pages I see dozen of "computer emergency" ads. And this is Poland, I wonder how many of these are in US or Western Europe.
But it doesn't happen. Never. Ever. Taxes will be collected and spent by state. Period.
So between my tax money being spent on war machine or broadband, I'd chose broadband. But than again, it's not my country and I'm happy where I live -- EU.
BTW, I tried using Skype on my system (Linux), and the executable from their site wouldn't run due to library problems! So much for "just works"! And yes, I was using the statically linked version. Humbug.
Only on/. you can be proud of being incompetent;)
Robert
PS I never had a problem running Skype on Debian/unstable, officially unsupported platform. I used to use FC2 rpms converted with alien to deb, but since they started to prepare FC3 rpms I switched to SuSE rpms as a source of my skype debs.
Unfortunatelly, Skype is the only VoIP product that "just works" in today's Internet with all the NATs and firewalls.
SIP is as crappy and NAT unfriendly as you can get with separate signalling and payload channels. Think sending information about voice payload endpoint to the party from behind the NAT device you don't control. You can get around some of those problems going through proxies etc, but such proxy would became major chokepoint, since lots of clients would communicate through it instead of talking directly to each other. IAX would be much better choice here.
You see, I install and maintain commercial VoIP (SIP, IAX) solutions for a living, but when it comes to advising other people on how to talk via Internet with their technologically challenged relatives, I always tell them to use Skype. It "just works", no matter how fucked up their net connection is.
Now, one could devise a similar P2P system, based on some open protocol like IAX (with the way SIP works it would be rather impossible), that would immitate inner workings of Skype. If it materialises, let me know.
They hope to corner the market, and if they succeed in that aim, their services will not remain free.
They already have a legitimate, sustainable income source. The moment they started charging for "basic" services, bundling spyware etc, people would stop using it. I know I would.
May I observe, my fellow countryman, that you are confusing "houses of parliament" with "branches of government (power)"?
Modern democratic states divide the power between three (at least in theory) independant branches: legislative (parliament, one or two houses), judiciary (courts) and executive branch (gornment, council of ministers or the cabinet, headed by prime minister of president, depending on the system).
So Poland has three branches of power (government) and two houses of Parliament (Seym and Senat). Press is so called "fourth power", not third or fourth "house".
Slashdot Mirror
What no one seems to mention is that their attack finds "freeform" collisions. I mean, they go and find two plaintexts with the same hash. I wouldn't worry about it until they find 2^63 attack against given plaintext/hash.
You can read about the distinction in Birthday Paradox article on Wikipedia. In short, when the difficulty of finding collision against a given message is 2^n, the difficulty of finding any two colliding plaintexts is 2^(n/2).
So, while they may have found 2^63 attack against SHA-1, it is still a "birthday attack", and to find collision against my message signed with sha-1 the attack would still be 2^126.
Or did I miss something?
Robert
Well, honest mistake, because in my native tongue everything that sounds "f" is spelled "f"[1].
;)
;)
;)
/. display unicode properly...
On the other hand, I don't see much outrage against natives[2] mistaking homonyms there/their/they're, something that makes me really sick, yet happens all the time...
Robert
[1] unless it is "w" read in Polish as "v" -- before a voiceless consonant or at the end of the word it sounds "f"
[2] foreigners usually don't make this mistake, because we learn to speak and write these homonyms at the same time, as opposed to natives who learn to speak years before learning to write; by the same token, foreigners usually don't mistake Polish homonymous ch/h, u/ó, rz/z-with-dot-above[3], whereas native Polish speakers have problems with it their whole life...
[3] should be ż -- sheesh, someone should make
Prior Art
I distinctly remember a patent case from other field, that would suggest there is no prior art in American legal sense of the idea in this case.
(I don't remember exact facts, can't find any sources, so just correct the information, if you know better.)
Some Farmaceutical Consortium developed a drug. It was based on some Indian (as in India) herb, or synthesised based on active factors from those herbs. The herb/plant/whatever and its medical properties were known in India for thousands of years, yet the patent was granted in USA. The same patent was rejected in EU after apeal.
I remember that analysss of the case explained different results by different definitions of Prior Art in EU and US. In the US known medical properties of a plant are PA if they were described in Medical or Scientific Journals. In EU PA includes also other sources, including folk tradition etc.
I know, which definition I prefer. After all, there aren't many scientific publications about the wheel...
Robert
PS I think the case of farmaceutics was described on Groklaw.
Just great, touch sensitive mouse, where you have to hold fingers in the air instead of resting them on the buttons. This adds a whole new depth to RSI.
Robert
I was operating mixmaster server some time ago. After couple of months of operation I've had couple of court orders[1] to reveal identity of people for which I was the last hop in mixmaster network. I decided to check outgoing mail for which I was last hop[2]. Around 90% of that mail was spam, scam, child pornography, harassment and simillar illegal and/or unethical stuff.
That was the end of mixmaster@hell.pl.
Oh, I believe, that there are some people in dictatorships, or some whistleblowers and other people, that really need anonymity on the net. But the reality is that whenever you make such a service available to population at large, it's the scum of the earth that dominates it.
Robert
[1] at least next best thing in my country, because here orders for search etc are issued by prosecution; don't ask me, why it is, it's stupid when the party to a conflict sings search warrants for the other party;
[2] you can't view mails that are just passing through your system in mixmaster network, they are encrypted; onl the mails that leave mixmaster network through your system are cleartext (if they aren't internally encrypted, of course);
Killing this directive is very dangerous since pro-patent lobbyists have already stated on record, that they want the directive in current shape or not at all.
If the directive doesn't pass, they can still lobby individual governments.
If the directive passes in castrated form with provisions preventing pure software and business method patents, member countries won't be able to enact legislation permitting it.
So, what we, Europeans, really want is for the directive to pass in a form that once and for all prevents this abomination called software patents to be reborn.
Robert
Not really a physical, it was always a cultural difference. Central and West Europe was always a culture built around Roman Catholic church, and Roman-Latin rite and culture. Later of course some of the countries switched to Protestant denomiations.
Eastern Europe was built around Eastern Orthodox Church and Byzantium-Greek Culture. Greek-Catholic (Uniate) Church, in some EE countries (Belarus and Ukraine) is today formally part of the Roman-Catholic Church, but culturally and ritually is still part of the eastern-rite church.
But then again, southern Slavs or Greeks consider themselves "Southern Europe" rather than "Eastern".
The other countries often referred to as "Eastern Europe" would rather be called today Baltic States - Lithuania, Latvia, Estonia. Estonia would even want to go farther and be a Nordic State.
It is very complex question and any self-respecting source will enumerate even more conflicting reasons to call or not to call a country "Eastern Europe". For me the best way is to ask people from that country, what they want to be called.
Robert
Poland was the first Eastern European country to join the 'million broadband lines' club.
Just so you know, because some Pole might slap you in the face otherwise:
Poland isn't and never was a part of "Eastern Europe". "Eastern Europe" is synonym for Byzantium/Orthodox Church (among other things) while Poland was always Roman Catholic country.
Poland for a short period of time was a part of the "Eastern Block", but it was always located in "Central Europe", just like Austria or Czech Republic.
Robert
Does this ruling mean that there's nothing to prevent them from blocking access to VoIP services competing with their overpriced PSTN-over-cable offerings?
Robert
Must be something very wrong with my faith in politics and politicians, since I've misread the title of the article as:
;)))
Researchers control the flip of the election spin
It took me a while to find out what is the idiom I don't know in this sentence, before I carefully read it again
Robert
(of course non-native English user)
or is this just another patent for tech that *could* be made in 2025.
No, it's a new trend: companies patent problems without a solution anticipating that some court in a couple of years will grant them license fees from someone that's going to actually put the money and effort to solve the problem.
I remember seeing in this category patents for ethical AI[1], Sony patenting virtual reality games via ultrasound stimulation of a brain. None of this thech is or will be available in foreseeable future.
So what?
Fucking parasites.
Robert
[1] "Three laws" anyone?
No, it's perfectly good from business angle:
1. patent some idea
2. wait for someone to build some device implementing this idea
3. profit
Noticed, there is no "unknown" step between 2 and 3?
Robertt
To (US) americans it might seem like it, but there are actually big countries, even continents outside the United States.
I should know something about it, I am Pole living in Poland. And yet most of the music is published here by RIAA companies or entities spawned by them. Just as unlistenable as American pulp, I might add.
Robert
One word: library.
That's where some serious copyright infrigment occurs everyday. Somebody should do something about it.
Robert
Is a site that shares old Stevie Nicks, Frank Sinatra, and Ian Hunter live shows really that much of a threat to the music industry?
Of course it is. It was said many times, but I'll say it again:
It was never about "lost sales" of current music pwn3d by RIAA members, it was about squashing competition and choice. Execs in the music industry are many things, but they are not stupid, and they are the people with the best access to the numbers showing that free exposure to music increases its sales. It was always about control of the distribution channel. The listener would have a choice other than buying music from them, either by downloading live, unreleased performances, or independent artists.
When you shut the alternatives people have no choice but to buy music from RIAA members.
Robert
ignition anticipation angle
;)
IIRC, it is called "dwell" - and isn't something you are likely to have to change (or be able to change) unless your car is a pre-1980's distributor/points design.
Well, I've learnt car maintenance while I was doing a military service as a driver in miner patrol. It was early nineties, but the cars I used to drive were from the sixties: Star 66 and Star 660, wonderful 6x6 heavy-terrain trucks
Robert
Considering what has transpired, the obvious choice is subversion:)
Not really. Subversion is like CVS that doesn't suck that much.
I'd rather advice Gnu Arch. It is free software (not "free" software) with many features of bitkeeper, like independent repositories (i.e. version controlled local branches w/o write access to central repository), cheap branching and many more.
Robert
When you own a car, you either learn how to change tyres and set a proper ignition anticipation angle (or whatever it is called in English) or (if you can't be bothered to learn these things) you pay someone to do this.
Why should it be any different with computers? You can even buy yourself counterpart of the "car with a hood welded shut" (Macintosh). Or, if you have to own a PC, whenever I open any local newspaper on classifieds pages I see dozen of "computer emergency" ads. And this is Poland, I wonder how many of these are in US or Western Europe.
Robert
Wonder if there's anywhere it is legal to sell your politicans. Not that most of them would raise much money.
So do it the other way around: threaten, that you will send somewhere your politicians, unless they pay you not to.
Robert
PS Such fundraising campaign would work much better if you threatened to send some lawyers.
Or I'd have 9 of these things roaming my house.
Robert
But it doesn't happen. Never. Ever. Taxes will be collected and spent by state. Period.
So between my tax money being spent on war machine or broadband, I'd chose broadband. But than again, it's not my country and I'm happy where I live -- EU.
Robert
BTW, I tried using Skype on my system (Linux), and the executable from their site wouldn't run due to library problems! So much for "just works"! And yes, I was using the statically linked version. Humbug.
/. you can be proud of being incompetent ;)
Only on
Robert
PS I never had a problem running Skype on Debian/unstable, officially unsupported platform. I used to use FC2 rpms converted with alien to deb, but since they started to prepare FC3 rpms I switched to SuSE rpms as a source of my skype debs.
Unfortunatelly, Skype is the only VoIP product that "just works" in today's Internet with all the NATs and firewalls.
SIP is as crappy and NAT unfriendly as you can get with separate signalling and payload channels. Think sending information about voice payload endpoint to the party from behind the NAT device you don't control. You can get around some of those problems going through proxies etc, but such proxy would became major chokepoint, since lots of clients would communicate through it instead of talking directly to each other. IAX would be much better choice here.
You see, I install and maintain commercial VoIP (SIP, IAX) solutions for a living, but when it comes to advising other people on how to talk via Internet with their technologically challenged relatives, I always tell them to use Skype. It "just works", no matter how fucked up their net connection is.
Now, one could devise a similar P2P system, based on some open protocol like IAX (with the way SIP works it would be rather impossible), that would immitate inner workings of Skype. If it materialises, let me know.
They hope to corner the market, and if they succeed in that aim, their services will not remain free.
They already have a legitimate, sustainable income source. The moment they started charging for "basic" services, bundling spyware etc, people would stop using it. I know I would.
Robert
I don't know how it is in English.
Oh, that's easy:
Robert
PS If you, the (not so) careful reader still haven't noticed, it's all one and the same person/office ;)
May I observe, my fellow countryman, that you are confusing "houses of parliament" with "branches of government (power)"?
Modern democratic states divide the power between three (at least in theory) independant branches: legislative (parliament, one or two houses), judiciary (courts) and executive branch (gornment, council of ministers or the cabinet, headed by prime minister of president, depending on the system).
So Poland has three branches of power (government) and two houses of Parliament (Seym and Senat). Press is so called "fourth power", not third or fourth "house".
Robert
PS And it's "bullshit", not "bull shit".