To repeat myself: there is no single "ordinary SQL." SQL standardization has gone through many iterations: SQL-86, SQL-89, SQL-92, SQL:1999, SQL:2003, SQL:2006, SQL:2008, SQL:2011. The SQL standard is presently maintained by ISO/IEC JTC 1. Your original statement was "SQL certainly is not turing complete," and that is a false statement. Under the ISO standards, it is absolutely possible to create a Turing machine with SQL. Examples have been provided, including (but not limited to) one written "entirely in SQL:2008-conformant SQL." The degree to which any given database engine may adhere to ISO standards may vary, but by adhering to said standards, there exist code examples which demonstrate Turing completeness. You're only insulting yourself by continuing to refuse to accept reality, but if you're still in doubt, per the previously supplied references you're welcome to purchase SQL standards documents from ISO, IEC or ANSI.
As you are a practitioner of Aikido, I'm genuinely surprised by the direction this entire commend thread has taken. I am looking forward to your next reply, though.
You should be asking yourself what your problem is. Clearly, you still haven't read the referenced materials; proprietary extensions are not needed. Here's something else to read while you're at it: SQL Standardization. There is no single "standard SQL." SQL standardization has gone through many iterations: SQL-86, SQL-89, SQL-92, SQL:1999, SQL:2003, SQL:2006, SQL:2008, SQL:2011. The SQL standard is presently maintained by ISO/IEC JTC 1.
So yes, your initial statement (which was "SQL certainly is not turing complete") was and remains provably false, and you're still simply unable to admit your error. Put down the shovel. Do you conduct your professional affairs with the same level of reasoning you're demonstrating here? Incidentally, appealing to the authority of "hundreds of articles" you claim will show you're right doesn't help your cause any, as the majority of such articles will be nothing more than "Bob's Blog" posts and will be equally based on ignorance. Please feel free to keep arguing, though I still recommend taking a break to read the originally referenced materials in their entirety.
You should do so because you've proven that you're capable of not only once, but twice, commenting on a topic that you're unqualified to speak on. Will you continue to refuse to read the referenced materials, reply again, and hence continue to demonstrate your willful ignorance? Your initial statement was provably false, and you're simply unable to admit your error. That's pathetic.
Indeed, Turing Machine in SQL is a really neat five part series on demonstrating Turing completeness in SQL. Fabien Coelho does a really nice job of walking the reader through the various stages.
You must have stopped reading after the second sentence of my post. Please allow me to repeat the third sentence:
It's a transparent and comically unenforceable attempt to keep Russian data precisely where the Russian government wants it: on servers they can put their hands on.
You're correct that the motivation is fundamentally economic, but it has nothing to do with revenue generated from Russian datacenter leases, which are less than a drop in the bucket compared to the value derived from legally guaranteed physical access to servers for Russian government representatives. You really haven't thought this through, have you?
As stated in the subject line, security through legislation is no security at all. If anything, this will weaken information security for Russians. It's a transparent and comically unenforceable attempt to keep Russian data precisely where the Russian government wants it: on servers they can put their hands on. I'm genuinely amused.
If you believe for one moment the KKK was ever or is still compromised of people who only identify with either of our nation's "favorite sports teams," you're severely in need of a bitchslap back into reality. How can you possibly be this stupid? Keep on supporting the status quo, you fucking idiot.
Here we have a fine example of an "undocumented poster" (to use fashionable left wing terminology) making sweeping and emotionally charged bullshit statements about a political party which he or she believes to be an ideological rival of his or her "favorite sports team." I'm shocked, shocked I tell you.
For reference, I'm neither a Republican nor a Democrat, but I am fully in support of you going off to fuck yourself. Have a great day, you spineless little piece of shit.
Thank you for the first reasonable reply I've received throughout this thread. You've caught the gist of part of what I'm hoping to illuminate here (which is probably far more important in the larger scheme of things), but you haven't seen the full picture yet. I have a challenge for you. Using your own line of reasoning as a premise to be challenged, can you analyze it from an adversarial perspective and develop a proposal for how additional inferences might be made regarding unique identification of medallions in the event that each medallion has been replaced with an arbitrary token? In your deliberations, please consider every facet of the reported data. It's quite apparent that those who have replied to my comments in this thread either (1) haven't directly considered the data themselves, or (2) lack the insight required to observe relationships between apparently unrelated constructs.
In short, under this challenge, I can deliver ~90% of the medallion identifiers using no external information other than full knowledge of the means by which the original medallions are assigned. Given a tiny parcel of additional correlation, I can hit 100%.
I look forward to your reply. By the way, what do you do for a living at the moment?
The sort of services being offered are easily worth USD $1M/month when you consider who the clients are, the scale of their operations, the degree to which their systems are interconnected with those of other institutions (large and small), and the complexities involved with regulatory/legal/reputation compliance and management. Risk management and threat analysis are not simple subjects.
To put it simply, these aren't your sort of client engagements.
Throughout this conversation, I've been patiently waiting for someone to realize there's a lot more correlating data available in plain sight than anyone is owning up to. Provided that realization is made in the first place, the ensuing thought experiment should rapidly progress through probability, curve fitting, and rote process of elimination in a key space drastically reduced from even the space represented by the raw medallion search space.
If someone else, anyone else, would bother to think about this for a few moments, they might just arrive at a deeply uncomfortable conclusion: some data sets cannot be properly anonymised at all. Put another way, engineering a cryptographic solution in a vacuum is a lot like gasping for breath in outer space: you can perform actions you are utterly convinced are perfectly valid, but owing to context the end result is going to be highly unpleasant.
This is why we can't have nice things, specifically things involving sane public policy regarding privacy. Regardless of how the voting populace and their elected representatives might desire to craft policy in one direction or another, fundamental lack of understanding of the underlying environment and its rules of operation implies a necessary disconnect between intent and outcome.
This is why people need to study formal reference materials and think about things before they make recommendations, and it is why large scale intelligence outfits will continue to trump those under observation. Tunnel vision is a motherfucker.
You still don't seem to understand. Maybe it will help you to recall that the input data is thoroughly non-uniform and deterministic in nature. This point was conveyed in the summary, ffs. The anonymization method asserted by msauve and errantly supported by others (yourself included) spectacularly fails to account for this fact, and bears no resemblance whatsoever to a sound OTP implementation. "You're going the wrong direction, shipmate."
I'm rather glad we didn't have folks like you leading the charge at Bletchley Park from 1939 onward, as things might have consequently turned out more poorly for the Allied powers. On the other hand, you would have fit right in keying Enigma machines.
Wow, I got modded "flamebait" for posting factual information. PayPal employees must be scrambling to man their sockpuppet accounts tonight. That's a shame; perhaps treating their customer base with respect and decency might be a better use of their time. I somehow doubt the downmod has anything to do with VPS Tree (the shit VPS provider) though, since they can't even be bothered to maintain a page for their About Us link these days.
You're either a fool or a liar. I've had funds frozen for months by PayPal with no explanation (eventually released with no apology from them), and I've also disputed recurring PayPal charges stemming from a shit VPS provider who had completely ignored several of my attempts to cancel services. In the latter case, PayPal decided to rule in the shit provider's favor anyhow. I walked away from PayPal permanently after finally getting the last of my money out of that account (again, several months later, and I still never got any of the fraudulent VPS fees refunded), and I will never transact business with them again. In fact, since January of 2012 I've continued to receive an email entitled "First Invoice Overdue Notice" from the shit VPS provider every month. Those emails serve as a nice reminder to encourage folks to avoid PayPal at all costs; people continue to use them out of sheer stupidity.
By the way, thanks for the added laughs per your attempt to reframe this discussion as "anonymising" versus "encrypting." You'd get a few charity points for sophomoric debate tactics if the subject matter were a bit less serious in nature, but that particular bit of commentary is indeed nothing more than a juvenile attempt at diverting attention from the matters at hand. Try again.
Slashdot Mirror
That's just nonsense. Everyone knows coconut antimatter retrograde marshmallows only flute cats between hairdresser Barbie doll lawnmower Ricky Martin.
Indeed, Machete kills.
To repeat myself: there is no single "ordinary SQL." SQL standardization has gone through many iterations: SQL-86, SQL-89, SQL-92, SQL:1999, SQL:2003, SQL:2006, SQL:2008, SQL:2011. The SQL standard is presently maintained by ISO/IEC JTC 1. Your original statement was "SQL certainly is not turing complete," and that is a false statement. Under the ISO standards, it is absolutely possible to create a Turing machine with SQL. Examples have been provided, including (but not limited to) one written "entirely in SQL:2008-conformant SQL." The degree to which any given database engine may adhere to ISO standards may vary, but by adhering to said standards, there exist code examples which demonstrate Turing completeness. You're only insulting yourself by continuing to refuse to accept reality, but if you're still in doubt, per the previously supplied references you're welcome to purchase SQL standards documents from ISO, IEC or ANSI.
As you are a practitioner of Aikido, I'm genuinely surprised by the direction this entire commend thread has taken. I am looking forward to your next reply, though.
You should be asking yourself what your problem is. Clearly, you still haven't read the referenced materials; proprietary extensions are not needed. Here's something else to read while you're at it: SQL Standardization. There is no single "standard SQL." SQL standardization has gone through many iterations: SQL-86, SQL-89, SQL-92, SQL:1999, SQL:2003, SQL:2006, SQL:2008, SQL:2011. The SQL standard is presently maintained by ISO/IEC JTC 1.
So yes, your initial statement (which was "SQL certainly is not turing complete") was and remains provably false, and you're still simply unable to admit your error. Put down the shovel. Do you conduct your professional affairs with the same level of reasoning you're demonstrating here? Incidentally, appealing to the authority of "hundreds of articles" you claim will show you're right doesn't help your cause any, as the majority of such articles will be nothing more than "Bob's Blog" posts and will be equally based on ignorance. Please feel free to keep arguing, though I still recommend taking a break to read the originally referenced materials in their entirety.
You should do so because you've proven that you're capable of not only once, but twice, commenting on a topic that you're unqualified to speak on. Will you continue to refuse to read the referenced materials, reply again, and hence continue to demonstrate your willful ignorance? Your initial statement was provably false, and you're simply unable to admit your error. That's pathetic.
You clearly didn't actually read the material provided. Please read it, in its entirety, and let me know when you're done. Cheers!
Indeed, Turing Machine in SQL is a really neat five part series on demonstrating Turing completeness in SQL. Fabien Coelho does a really nice job of walking the reader through the various stages.
You're incorrect. Please see Cyclic Tag System and Turing Machine in SQL.
You must have stopped reading after the second sentence of my post. Please allow me to repeat the third sentence:
It's a transparent and comically unenforceable attempt to keep Russian data precisely where the Russian government wants it: on servers they can put their hands on.
You're missing the point. Those who control the surface of the sphere of influence control its contents.
Agreed.
You're correct that the motivation is fundamentally economic, but it has nothing to do with revenue generated from Russian datacenter leases, which are less than a drop in the bucket compared to the value derived from legally guaranteed physical access to servers for Russian government representatives. You really haven't thought this through, have you?
As stated in the subject line, security through legislation is no security at all. If anything, this will weaken information security for Russians. It's a transparent and comically unenforceable attempt to keep Russian data precisely where the Russian government wants it: on servers they can put their hands on. I'm genuinely amused.
If you believe for one moment the KKK was ever or is still compromised of people who only identify with either of our nation's "favorite sports teams," you're severely in need of a bitchslap back into reality. How can you possibly be this stupid? Keep on supporting the status quo, you fucking idiot.
Here we have a fine example of an "undocumented poster" (to use fashionable left wing terminology) making sweeping and emotionally charged bullshit statements about a political party which he or she believes to be an ideological rival of his or her "favorite sports team." I'm shocked, shocked I tell you.
For reference, I'm neither a Republican nor a Democrat, but I am fully in support of you going off to fuck yourself. Have a great day, you spineless little piece of shit.
You're doing it wrong. Yes, I speak from experience.
Thank you for the first reasonable reply I've received throughout this thread. You've caught the gist of part of what I'm hoping to illuminate here (which is probably far more important in the larger scheme of things), but you haven't seen the full picture yet. I have a challenge for you. Using your own line of reasoning as a premise to be challenged, can you analyze it from an adversarial perspective and develop a proposal for how additional inferences might be made regarding unique identification of medallions in the event that each medallion has been replaced with an arbitrary token? In your deliberations, please consider every facet of the reported data. It's quite apparent that those who have replied to my comments in this thread either (1) haven't directly considered the data themselves, or (2) lack the insight required to observe relationships between apparently unrelated constructs.
In short, under this challenge, I can deliver ~90% of the medallion identifiers using no external information other than full knowledge of the means by which the original medallions are assigned. Given a tiny parcel of additional correlation, I can hit 100%.
I look forward to your reply. By the way, what do you do for a living at the moment?
The sort of services being offered are easily worth USD $1M/month when you consider who the clients are, the scale of their operations, the degree to which their systems are interconnected with those of other institutions (large and small), and the complexities involved with regulatory/legal/reputation compliance and management. Risk management and threat analysis are not simple subjects.
To put it simply, these aren't your sort of client engagements.
Throughout this conversation, I've been patiently waiting for someone to realize there's a lot more correlating data available in plain sight than anyone is owning up to. Provided that realization is made in the first place, the ensuing thought experiment should rapidly progress through probability, curve fitting, and rote process of elimination in a key space drastically reduced from even the space represented by the raw medallion search space.
If someone else, anyone else, would bother to think about this for a few moments, they might just arrive at a deeply uncomfortable conclusion: some data sets cannot be properly anonymised at all. Put another way, engineering a cryptographic solution in a vacuum is a lot like gasping for breath in outer space: you can perform actions you are utterly convinced are perfectly valid, but owing to context the end result is going to be highly unpleasant.
This is why we can't have nice things, specifically things involving sane public policy regarding privacy. Regardless of how the voting populace and their elected representatives might desire to craft policy in one direction or another, fundamental lack of understanding of the underlying environment and its rules of operation implies a necessary disconnect between intent and outcome.
This is why people need to study formal reference materials and think about things before they make recommendations, and it is why large scale intelligence outfits will continue to trump those under observation. Tunnel vision is a motherfucker.
Minor correction to the above post: "non-uniform" was intended to be "non-entropic." It's late here.
You still don't seem to understand. Maybe it will help you to recall that the input data is thoroughly non-uniform and deterministic in nature. This point was conveyed in the summary, ffs. The anonymization method asserted by msauve and errantly supported by others (yourself included) spectacularly fails to account for this fact, and bears no resemblance whatsoever to a sound OTP implementation. "You're going the wrong direction, shipmate."
I'm rather glad we didn't have folks like you leading the charge at Bletchley Park from 1939 onward, as things might have consequently turned out more poorly for the Allied powers. On the other hand, you would have fit right in keying Enigma machines.
Wow, I got modded "flamebait" for posting factual information. PayPal employees must be scrambling to man their sockpuppet accounts tonight. That's a shame; perhaps treating their customer base with respect and decency might be a better use of their time. I somehow doubt the downmod has anything to do with VPS Tree (the shit VPS provider) though, since they can't even be bothered to maintain a page for their About Us link these days.
You're either a fool or a liar. I've had funds frozen for months by PayPal with no explanation (eventually released with no apology from them), and I've also disputed recurring PayPal charges stemming from a shit VPS provider who had completely ignored several of my attempts to cancel services. In the latter case, PayPal decided to rule in the shit provider's favor anyhow. I walked away from PayPal permanently after finally getting the last of my money out of that account (again, several months later, and I still never got any of the fraudulent VPS fees refunded), and I will never transact business with them again. In fact, since January of 2012 I've continued to receive an email entitled "First Invoice Overdue Notice" from the shit VPS provider every month. Those emails serve as a nice reminder to encourage folks to avoid PayPal at all costs; people continue to use them out of sheer stupidity.
Paypal Policy - A License To Steal Your Money
Funds Stolen By PayPal
PayPal - Beware of PayPal, 6000 USD seized by Paypal
180-Day Hold Sparks PayPal Suit
Paypal Can and Will seize funds...Atwood Knives
Another PayPal victim $4000.00 seized from my business account.
PayPal Horror Stories
If you get bored, try these as well:
Exhibit A
Exhibit B
So, which is it? Are you a liar, or are you a fool?
By the way, thanks for the added laughs per your attempt to reframe this discussion as "anonymising" versus "encrypting." You'd get a few charity points for sophomoric debate tactics if the subject matter were a bit less serious in nature, but that particular bit of commentary is indeed nothing more than a juvenile attempt at diverting attention from the matters at hand. Try again.