A small one-time pad isn't guessable as long as the numbers are truly random. Here's my encrypted text: OEXC. You can randomly shuffle letters around and there will be a wide variety of potential solutions. Beef, beer, beds, rock, twit and so on. They all look equally valid as far as them being words in the english language. You don't even know that the plain text is english, or even language however. A sequence of characters could have been encrypted (maybe its the first four answers to a multiple choice test).
Longer encrypted messages only increase the number of possible solutions. Properly used one time pads are perfectly secure.
I've been searching via google for a while now and trying to find information on burning dvds with linux. There's cdrecord-PRO but its only for data. I've got a bunch of stuff on DV-tape that I'd like to make DVD playable DVD-Rs with. Is there any possibility for this using linux right now?
I've done this before and got things working again. For bent pins I've always seperated them just enough to get a header over one of them and used the header to straighten and seperate them. Basically, just slide something between them if they're shorted and use the header to do the actual straightening.
Pins that receded are more iffy, if they're no longer exposed I don't know what to do. If they're still exposed use tweezers or a pair of needle nosed pliers to pull them out. Use a header to straigthen them. The problem here is that they may now be loose, I've never had this happen but if it did I'd try a drop of glue at the base of the pin.
Remember, the pins are fragile (as you've already found out) so a lot of force isn't necessary.
Re:Whoa, doesn't the US protect its citizens ?
on
Loki Aftermath Looks Bad
·
· Score: 3, Interesting
This should be a criminal action. If I steal from my employer they can file charges against me. If I steal enough, say a nice color copier or something, I could actually be charged with grand theft. The converse should also be true, if a company knowingly defrauds or financially harms its employees then the company should be criminally liable. It won't reset things for the employees, but at least nobody would have to be concerned with the particular executives mismanaging a company for 20-30 years.
It'd add a law of diminishing returns to key size in the short term, in the long term it'd bound how long encryption based on factoring large numbers would be viable. As computer speeds increase it takes a longer key length to maintain the same security you had yesterday, if lengthining the key increases security slowly with respect to how fast speeds increase then RSA and company become flawed.
I recommend The Electronics of Radio by David B. Rutledge. It's an applied electronics text that introduces topics as it goes about a shortwave receiver/transmitter. It's available at Fatbrain.com. I got my copy at the Amazon.com outlet store but they no longer seem to have any stock.
It's not terribly suprising that Intel can make a more efficient compiler than gcc. They've got a performance group who's sole job is to understand the architecture and how to best exploit it. I can't read the article (its not coming up presently), but its hard to compete against a free product for most users, especially in the linux community. For some users the increased performance will be very important, especially people who write applications that crunch numbers. I'm not talking about gimp filters or spread sheets, sure, they crunch numbers but most of their CPU time is spent either idle or on user input. Remember, on linux gcc is both free and everywhere, and it does a good enough job for most people. Most people run systems that just use precompiled packages, and these packages are often just target at generic i386 processors. If people don't even bother exploiting features that gcc already has, I don't see how you can predict that enough people are going to switch to another compiler to even measure on the radar.
through my engineering library and I found a similar situation. A massive computer system, completely one of a kind, was destroyed prior to providing the solution to the problem for which it was designed. Recalculating the solution from scratch would take far too long, but there was one possibility. One of its computational units was still intact and the answer was surmised to be embedded deep within its memory.
I think the same solution would apply here: Find Arthur Dent.
As far as programming mathematics go, Mathematica and Matlab seem to be the most accepted programming languages. Mathematica seems to be used somewhat more by mathematicians, Matlab somewhat more by engineers. I assume that by programming mathematics you mean to apply mathematics to solve some problem. I've used Matlab extensively and it has a relatively C like syntax, but it understands things like matrices, complex variables and has a slew of built in mathematical operators. Mathematica can do symbolic mathematics, Matlab doesn't.
There are Open Source variants of these, a few of which I have used as well as some I haven't. Try them out, there are student editions of the commercial packages.
It's disappointing that they're not going after the real problem, gangs, and are instead treating all youths as a problem. But then this isn't new either. I remember well seeing signs "No more than 2 students in the store at a time" or "All school bags must be left outside" and so on as a teenager. The significant difference is that the local government is making the regulations. A private store should probably be allowed to do this, but for the government to do it should be unconstitutional, its directly squashing the right to free assembly. Of course that doesn't matter, juveniles can't vote, most adults have carefully excised any memory at all of what it was like to be a teenager.
I've had experience with a couple of little bastards that have done this as well as other things. It's not all that complicated to understand why after talking with one of them at length. They're fairly safe from prosecution, they enjoy the fact that it pisses people off, and revel in the fact that you can't really do anything about it. There are also people who look up for them for their ability to blindly execute a script somebody else wrote.
I don't think writing software of any type should be a crime, but I think in cases where there is clear damage (like this company that went under) the usage of the script should be treated as a criminal matter. This could easily involve conspiracy, vandalism etc. charges.
I was originally tempted to start releasing poisoned scripts, scripts that would work as intended when pointed at local machines but would have undesired consequences (hard disk corruption, file deletion etc) if used against external domains. I'd hate to see somebody harmed through legitimate use of the scripts though (auditing a site you have permission to audit from a remote location for instance).
Adobe did a pretty legitimate job (which of course nobody here bothers to notice) in estimating software losses. They took the development costs for porting to Asian languages and subtracted how much revenue it generated. It came out negative, hence, they are actually losing money. They didn't do the usual procedure: number of illegal copies * retail price.
Her encryption algorithm was hyped by the media and debunked by the professionals. I never said that humans can't develop cryptography, I said that Joe Average or even Joe Above Average can't. Bruce Schneier, is as far as I know, human, but in addition to a bit of a mathematics background he has experience in first breaking other peoples crypto, and later, in developing algorithms.
I'll trust a peer reviewed algorithm long before I trust my own, regardless of any knowledge I have of advanced mathematics.
This isn't difficult stuff - anyone with high school math and an introductory programming course (in just about any procedural
language) would be able to hack together an encryption program in no time.
This statement is false. The knowledge of high school math won't help you develop cryptography at all. Most people with advanced math knowledge will only develop weak cryptography as well. What's really needed is somebody elses work, an algorithm, and the knowledge on how to implement it in software. As soon as you think you're going to develop a secure algorithm on your own you're screwed.
The reason why this guys messages were decrypted through brute force wasn't because of the 40 bit encryption, it was because he didn't understand the difference between good encryption and bad encryption. The encrypting file system under Windows 2000 will only provide protection against casual inspection. Your day to day things are pretty secure, mostly because nobody is interested enough in it to go to the expense of decrypting it. When you try to blow up an airliner people become a bit more interested in the data you've got stored on your computer.
If this guy was informed about cryptography (not necessarily knowledgable, but informed - sort of like having the equivalent of a financial planner for cryptography) he would've used one of a number of bolt on products to really secure his computer. Some of these products are commercial, others are open source. He may have more difficulty getting (and if he's properly informed - less trust in) the higher grade commercial packages but it'd still be doable. Fly to California, go to Fry's and buy it. If he goes for the source code route its just about impossible to police. You can get it anywhere in the world where there's an internet connection or a mail system (CD ROM or a package of floppies through the mail).
Saying that 40 bit encryption is an assistance to the CIA/FBI/NSA is only true if you rely on having stupid terrorists, in this case it was obviously true. Suppose they hired the equivalent of a director of IT though, who would come up with approved solutions. Life would become more difficult for the government. Whether the solutions that are proposed are legal or not doesn't matter. You're planning on blowing up aircraft, knocking down buildings and killing people. You won't even bat an eyelash at breaking encryption laws.
What low grade encryption really helps with is gathering data against ordinary citizens such as the guy who was a bit less than honest about his tax return.
Also, despite this low grade encryption the attack wasn't stopped. It's only after everybodies eyes were on this guy that his computer was examined and found to have low grade encryption.
What are your credentials? Or you just some doofus calling somebody else a doofus? From his post he's above the average slashdot reader, he's actually interested in hacking code. This doesn't mean he'll be successful hacking the kernel, but even the attempt puts him above "the average". I'll worry about slashdot and the "respect" it gives the average slasdhot reader when they start posting Ask Slashdots about crochet.
Charter.net seems decent about letting services run on their network, at least in my particular locale. I've got two low traffic web sites, a MUD and email for two domains. I even asked about it at tech support and they said that if I wasn't a problem they didn't care.
I would think that charter.net would be the same in many/all areas, since when I have had to contact technical support they've always responded with a southern accent and I'm in the midwest.
The only thing I dislike is that during the windows worm period they blocked port 80 traffic even though I wasn't effected. It was turned on after a while and from what I understand their current policy is to shut down bandwidth to anybody who does become infected, which I think is a good policy.
A slashdot moderator complains about poor editing?
on
Quoting in Emails?
·
· Score: 1
Now that's the pot calling the kettle black. A slashdot moderator complaining that if he can't read a message without editing then he assumes that the content isn't worth his time. Cliff must have a procmail filter for CmdrTaco's emails.
I get by on 4-5 hours of sleep a night, but thats just the way my body works. I go to bed around midnight or 1 am and almost always am awake at 5 am. I don't use an alarm clock, though the couple of times I've had to screw around with my schedule and I have resorted to one, I've ended up feeling pretty messed up.
If I sleep in purposely (close my eyes and go back to sleep) I wake up with a headache. If I naturally sleep in (like this morning, I just didn't wake up till 6:05 am) then I'm fine.
I think you're more or less wired to require a certain amount of sleep. I used to need more sleep than I do now, but I've always been a pretty short sleeper. I've also gone through periods where I just couldn't sleep and resorted to pills (this coming from a guy who doesn't even own aspirin).
I know that up to a point if I exercise more than I am less sleepy, but if I exercise excessively then I end up feeling worn down.
If you try to fool your body it catches up for you, and often you put in negative time. I know that I've been amazed at some of the stuff I've written after 3-4 days of solid up time (no caffeine). After a certain point things are apt to just be done fundamentally wrong. I know there's a point where I start having problems with simple mental arithmetic because my memory can't handle keeping track of things like "carrying the ones". There's another point beyond that where I won't remember what I've done during this state. That seems to be when my work is most error prone. If I go beyond that point then I start to hallucinate.
In engineering classes I had many classmates who resorted to a cocktail of caffeine and other products to keep them awake. All they seemed to be able to do was regurgitate for finals (which unfortunately was usually good enough) without any real comprehension.
If Microsoft were smart they'd have taken advantage of the IIS vulnerabilities that had caused mass bandwidth waste earlier this year. If each of the hacked machines voted in the poll appropriately prior to infecting its peers they wouldn't have been caught. (It would have been detected, but it wouldn't necessarily be attributal to Microsoft)
In other news, President George "Dubya" Bush has added outer space to his long and rambling list of terrorist strongholds. In his State of the Union address he unveiled his latest weapon against the war against terrorism, a human guided missile system.
The president, laughing vacantly, stated "I have seen this marvelacular system in action. I have even used the system myself to protect earth from these Goddless asteroids. The frugality of this system is amazing. Ordinary American people like you and me will be able to blow up these menaces for only a quarter. Just spin the doohickey until your ship faces an asteroid and push the fire button, it's that simple. I'm asking congress for 500 billion to deploy these machines in malls and bars across America imm... immadee umm... right now. The brilliant scientists who developed this system have named it Asteroids."
Name the movies that don't fit? I'm not talking about special features like "The Director's Cut of the Making of the Making of the Trailer for The Phantom Menace, Girls Gone Wild Edition", but an actual movie. I'm sure there are some, but I haven't seen them. Even so does it justify sacrificing quality on all DVD's so that the studios can save a few bucks on the handful that won't currently fit on a single DVD?
Yeah, windows media files do have longer playback per byte than a DVD. So does DIVX or MPEG4, but it is also appreciably worse looking. I'm not sure how this would be an advantage anyway. I've yet to see a movie that wouldn't fit onto a single DVD, so for the vast majority of movies the DVD is more than adequate to store a movie with the present technology.
Microsoft is offering a solution to a non-problem that weakens the benefits of DVD v.s. previous technologies.
Slashdot Mirror
A small one-time pad isn't guessable as long as the numbers are truly random. Here's my encrypted text: OEXC. You can randomly shuffle letters around and there will be a wide variety of potential solutions. Beef, beer, beds, rock, twit and so on. They all look equally valid as far as them being words in the english language. You don't even know that the plain text is english, or even language however. A sequence of characters could have been encrypted (maybe its the first four answers to a multiple choice test).
Longer encrypted messages only increase the number of possible solutions. Properly used one time pads are perfectly secure.
I've been searching via google for a while now and trying to find information on burning dvds with linux. There's cdrecord-PRO but its only for data. I've got a bunch of stuff on DV-tape that I'd like to make DVD playable DVD-Rs with. Is there any possibility for this using linux right now?
One time pads are mathematically impossible to break. Public key and block encryption algorithms can be computationaly infeasable.
I've done this before and got things working again. For bent pins I've always seperated them just enough to get a header over one of them and used the header to straighten and seperate them. Basically, just slide something between them if they're shorted and use the header to do the actual straightening.
Pins that receded are more iffy, if they're no longer exposed I don't know what to do. If they're still exposed use tweezers or a pair of needle nosed pliers to pull them out. Use a header to straigthen them. The problem here is that they may now be loose, I've never had this happen but if it did I'd try a drop of glue at the base of the pin.
Remember, the pins are fragile (as you've already found out) so a lot of force isn't necessary.
This should be a criminal action. If I steal from my employer they can file charges against me. If I steal enough, say a nice color copier or something, I could actually be charged with grand theft. The converse should also be true, if a company knowingly defrauds or financially harms its employees then the company should be criminally liable. It won't reset things for the employees, but at least nobody would have to be concerned with the particular executives mismanaging a company for 20-30 years.
It'd add a law of diminishing returns to key size in the short term, in the long term it'd bound how long encryption based on factoring large numbers would be viable. As computer speeds increase it takes a longer key length to maintain the same security you had yesterday, if lengthining the key increases security slowly with respect to how fast speeds increase then RSA and company become flawed.
Good luck.
It's not terribly suprising that Intel can make a more efficient compiler than gcc. They've got a performance group who's sole job is to understand the architecture and how to best exploit it. I can't read the article (its not coming up presently), but its hard to compete against a free product for most users, especially in the linux community. For some users the increased performance will be very important, especially people who write applications that crunch numbers. I'm not talking about gimp filters or spread sheets, sure, they crunch numbers but most of their CPU time is spent either idle or on user input. Remember, on linux gcc is both free and everywhere, and it does a good enough job for most people. Most people run systems that just use precompiled packages, and these packages are often just target at generic i386 processors. If people don't even bother exploiting features that gcc already has, I don't see how you can predict that enough people are going to switch to another compiler to even measure on the radar.
I think the same solution would apply here: Find Arthur Dent.
There are Open Source variants of these, a few of which I have used as well as some I haven't. Try them out, there are student editions of the commercial packages.
rlab
SciLab
Octave
Euler
Q
Kalamaris
Good luck, perhaps you can review these packages and post a response.
It's disappointing that they're not going after the real problem, gangs, and are instead treating all youths as a problem. But then this isn't new either. I remember well seeing signs "No more than 2 students in the store at a time" or "All school bags must be left outside" and so on as a teenager. The significant difference is that the local government is making the regulations. A private store should probably be allowed to do this, but for the government to do it should be unconstitutional, its directly squashing the right to free assembly. Of course that doesn't matter, juveniles can't vote, most adults have carefully excised any memory at all of what it was like to be a teenager.
I don't think writing software of any type should be a crime, but I think in cases where there is clear damage (like this company that went under) the usage of the script should be treated as a criminal matter. This could easily involve conspiracy, vandalism etc. charges.
I was originally tempted to start releasing poisoned scripts, scripts that would work as intended when pointed at local machines but would have undesired consequences (hard disk corruption, file deletion etc) if used against external domains. I'd hate to see somebody harmed through legitimate use of the scripts though (auditing a site you have permission to audit from a remote location for instance).
Adobe did a pretty legitimate job (which of course nobody here bothers to notice) in estimating software losses. They took the development costs for porting to Asian languages and subtracted how much revenue it generated. It came out negative, hence, they are actually losing money. They didn't do the usual procedure: number of illegal copies * retail price.
I'll trust a peer reviewed algorithm long before I trust my own, regardless of any knowledge I have of advanced mathematics.
This statement is false. The knowledge of high school math won't help you develop cryptography at all. Most people with advanced math knowledge will only develop weak cryptography as well. What's really needed is somebody elses work, an algorithm, and the knowledge on how to implement it in software. As soon as you think you're going to develop a secure algorithm on your own you're screwed.
If this guy was informed about cryptography (not necessarily knowledgable, but informed - sort of like having the equivalent of a financial planner for cryptography) he would've used one of a number of bolt on products to really secure his computer. Some of these products are commercial, others are open source. He may have more difficulty getting (and if he's properly informed - less trust in) the higher grade commercial packages but it'd still be doable. Fly to California, go to Fry's and buy it. If he goes for the source code route its just about impossible to police. You can get it anywhere in the world where there's an internet connection or a mail system (CD ROM or a package of floppies through the mail).
Saying that 40 bit encryption is an assistance to the CIA/FBI/NSA is only true if you rely on having stupid terrorists, in this case it was obviously true. Suppose they hired the equivalent of a director of IT though, who would come up with approved solutions. Life would become more difficult for the government. Whether the solutions that are proposed are legal or not doesn't matter. You're planning on blowing up aircraft, knocking down buildings and killing people. You won't even bat an eyelash at breaking encryption laws.
What low grade encryption really helps with is gathering data against ordinary citizens such as the guy who was a bit less than honest about his tax return.
Also, despite this low grade encryption the attack wasn't stopped. It's only after everybodies eyes were on this guy that his computer was examined and found to have low grade encryption.
What are your credentials? Or you just some doofus calling somebody else a doofus? From his post he's above the average slashdot reader, he's actually interested in hacking code. This doesn't mean he'll be successful hacking the kernel, but even the attempt puts him above "the average". I'll worry about slashdot and the "respect" it gives the average slasdhot reader when they start posting Ask Slashdots about crochet.
"This CD won't work on my computer". Hell, you can get a rubber stamp made with it for a few bucks.
I would think that charter.net would be the same in many/all areas, since when I have had to contact technical support they've always responded with a southern accent and I'm in the midwest.
The only thing I dislike is that during the windows worm period they blocked port 80 traffic even though I wasn't effected. It was turned on after a while and from what I understand their current policy is to shut down bandwidth to anybody who does become infected, which I think is a good policy.
Now that's the pot calling the kettle black. A slashdot moderator complaining that if he can't read a message without editing then he assumes that the content isn't worth his time. Cliff must have a procmail filter for CmdrTaco's emails.
If I sleep in purposely (close my eyes and go back to sleep) I wake up with a headache. If I naturally sleep in (like this morning, I just didn't wake up till 6:05 am) then I'm fine.
I think you're more or less wired to require a certain amount of sleep. I used to need more sleep than I do now, but I've always been a pretty short sleeper. I've also gone through periods where I just couldn't sleep and resorted to pills (this coming from a guy who doesn't even own aspirin).
I know that up to a point if I exercise more than I am less sleepy, but if I exercise excessively then I end up feeling worn down.
If you try to fool your body it catches up for you, and often you put in negative time. I know that I've been amazed at some of the stuff I've written after 3-4 days of solid up time (no caffeine). After a certain point things are apt to just be done fundamentally wrong. I know there's a point where I start having problems with simple mental arithmetic because my memory can't handle keeping track of things like "carrying the ones". There's another point beyond that where I won't remember what I've done during this state. That seems to be when my work is most error prone. If I go beyond that point then I start to hallucinate.
In engineering classes I had many classmates who resorted to a cocktail of caffeine and other products to keep them awake. All they seemed to be able to do was regurgitate for finals (which unfortunately was usually good enough) without any real comprehension.
If Microsoft were smart they'd have taken advantage of the IIS vulnerabilities that had caused mass bandwidth waste earlier this year. If each of the hacked machines voted in the poll appropriately prior to infecting its peers they wouldn't have been caught. (It would have been detected, but it wouldn't necessarily be attributal to Microsoft)
The president, laughing vacantly, stated "I have seen this marvelacular system in action. I have even used the system myself to protect earth from these Goddless asteroids. The frugality of this system is amazing. Ordinary American people like you and me will be able to blow up these menaces for only a quarter. Just spin the doohickey until your ship faces an asteroid and push the fire button, it's that simple. I'm asking congress for 500 billion to deploy these machines in malls and bars across America imm... immadee umm... right now. The brilliant scientists who developed this system have named it Asteroids."
Name the movies that don't fit? I'm not talking about special features like "The Director's Cut of the Making of the Making of the Trailer for The Phantom Menace, Girls Gone Wild Edition", but an actual movie. I'm sure there are some, but I haven't seen them. Even so does it justify sacrificing quality on all DVD's so that the studios can save a few bucks on the handful that won't currently fit on a single DVD?
Microsoft is offering a solution to a non-problem that weakens the benefits of DVD v.s. previous technologies.