Where do you get this? Hire native americans, yes, but they are substantially under employing black people by percentage. 12% of people in the US are black and less than 2% of people at Facebook are.
Man people around here are so damn hypocritical. The US should control the internet forever because they invented it, but fuck lifetime patents and copyright extensions that stifles innovation! Lol.
This has been planned for over two years. Don't you think if it were really a big deal that you would have heard someone yelling about it by now? It is just bureaucratic shift, nothing will change. Even if ICANN suddenly goes "evil", the internet is too big and too decentralized for it to be "the end" of anything.
ICANN also controls allocation of blocks of IP addresses in addition to DNS. But yeah I agree with your sentiment, if one day they turned evil for some reason, people would find alternatives.
Says you. There are 7 billion people on the planet and almost all of them don't live in the US. Besides, as I've written elsewhere, control is not going to other nations. Rather it is going to the board of directors of ICANN, which is made up of private industry executives. Control is going to TIme Warner Cable, Google, etc. Do you really thing ICANN is going to be run by Iran or North Korea or something?
First off, control is not really being "transferred" which you would know if you read any of the articles about this. ICANN is still doing the same job it was before, effectively controlled by the same people that controlled it before. It will just not have the US Government looking over it's shoulder the whole time. The power is in the hands of the board of directors, who are, surprise, industry IT people. Not the Shah of Iran. Executives from Time Warner Cable, Google, etc. Nothing will change. Aren't people here usually AGAINST the US Government controlling things it has no business controlling?
Second, what kind of "stewardship" do you think they are actually doing? The internet was formed almost entirely by private corporations. The government had a hand in getting the ball rolling, but it is a long leap to say that without the US government we would not have the internet today.
No, not really. If you read the article you would find out that control is transitioning to multinational private sector stakeholders, so in reality Google, Amazon, Apple, etc. will have more say.
Why should the US get to control the internet? Internet access was declared by the UN to be a basic human right. It should not be controlled by one nation. We don't even have a particularly good record of internet freedom anyway.
That is some serious whitewashing of history. Almost none of that is true. We don't have a democracy, we have a federal republic. Even in principle, if you want to argue that we have a representative democracy and the people's will is carried out indirectly, many laws passed these days do not have popular support. Also, where is this supposed strong moral compass? We haven't done anything for anyone that didn't help us first in quite a long time.
military dominance does lead to better access to different markets and resources, whether gotten implicitly or explicitly.
I'm just saying, looking at outcomes this is apparently not helping us very much. Our quality of life is substantially lower than countries with little or no military power.
The portion of its population that is still in poverty exceeds the entire population of the United States
Where did you get this? All the sources I can find say that the poverty rate in china is below 15% (actually similar to the US) which is only something like 200 million people.
Somehow the US is still on top.
By what metric exactly? All measures of education, poverty, GDP per capita, health outcomes, etc. do not put us in first place. Far from it actually.
Yeah I have been saying that to other people here. There is no point in using AES-256 because it is barely more secure than 128, if at all. In exchange for being a lot slower. It just doesn't make sense.
It's always good to encrypt data at rest. Even if the cloud provider has the key, it makes it less likely that attackers will get access to your data because they need both the ciphertext and the key, which are hopefully in different locations.
Yes you can do this but the leakage is actually quite significant. There is a paper from CCS last year that shows with medical records, for instance, a large fraction of the secret data is leaked when encrypted with deterministic encryption (necessary for your index). There are more advanced searchable encryption schemes that have better leakage, but at the end of the day you either settle for lesser security or have huge server overhead.
How is it different from any other contractual arrangement though? You might as well say "avoid banks" because money is only safe hidden under your mattress.
128-bits of security is enough for a very, very long time. The most powerful supercomputer in existence can execute 93 petaflops. It would take that computer 8400x the age of the universe to brute force one 128-bit key, assuming it can do an AES decryption in one operation (which it can't). AES-128 vs AES-256 is not that big of a distinction considering that a huge theoretical break on AES would be necessary to actually attack either of them.
Research has also shown that the construction of AES-256 is not great and attacks tend to have much higher impact on the 256-bit version compared to the 128-bit version. The best attack against AES-128 reduces its security to 119 bits, while the best attack against AES-256 reduces its security to only 176 bits. It is likely that any attack making AES-128 vulnerable would also make AES-256 vulnerable.
For some definitions of "less secure". There are better attacks against AES-256, but even so the total amount of security against the strongest known attacks is still higher. In the link you posted from Bruce Schneier it says AES-256 has 176 bits of security vs 119 for AES-128.
This kind of naive approach only works for simple storage services like Dropbox. Anything more complicated and the server has to be able to decrypt the data in order to do its job. Gmail has to be able to search through your inbox. AWS has to be able to run code over your data. There are some cutting-edge crypto solutions to do searching or computing over encrypted data, but they add substantial overhead on the server side. It would increase the cost of cloud services by 100x or more.
Besides simple cloud storage, a lot of applications require the provider to be able to decrypt a client's data. Gmail for instance: without being able to decrypt your emails you wouldn't be able to search through your inbox. There are ways to support encrypted searching but they currently impose a substantial overhead on the server, such that "free" cloud services wouldn't be feasible. If you were willing to pay $30 a month for your email, then maybe it could be done, but that is out of the question for most people.
It's not twice as fast, it is sqrt(N) times as fast where N is the number of possible keys. You might be thinking 'half' because this implies that the security in bits of a scheme will be half as much against a quantum computer.
I don't think there is any pressure to keep keys small, we already have AES-256 which nobody uses because we don't actually need that much security. If quantum computers came around AES-256 would still be perfectly secure.
Slashdot Mirror
Where do you get this? Hire native americans, yes, but they are substantially under employing black people by percentage. 12% of people in the US are black and less than 2% of people at Facebook are.
Man people around here are so damn hypocritical. The US should control the internet forever because they invented it, but fuck lifetime patents and copyright extensions that stifles innovation! Lol.
This has been planned for over two years. Don't you think if it were really a big deal that you would have heard someone yelling about it by now? It is just bureaucratic shift, nothing will change. Even if ICANN suddenly goes "evil", the internet is too big and too decentralized for it to be "the end" of anything.
ICANN also controls allocation of blocks of IP addresses in addition to DNS. But yeah I agree with your sentiment, if one day they turned evil for some reason, people would find alternatives.
Very useful comment, thanks for the input.
Says you. There are 7 billion people on the planet and almost all of them don't live in the US. Besides, as I've written elsewhere, control is not going to other nations. Rather it is going to the board of directors of ICANN, which is made up of private industry executives. Control is going to TIme Warner Cable, Google, etc. Do you really thing ICANN is going to be run by Iran or North Korea or something?
First off, control is not really being "transferred" which you would know if you read any of the articles about this. ICANN is still doing the same job it was before, effectively controlled by the same people that controlled it before. It will just not have the US Government looking over it's shoulder the whole time. The power is in the hands of the board of directors, who are, surprise, industry IT people. Not the Shah of Iran. Executives from Time Warner Cable, Google, etc. Nothing will change. Aren't people here usually AGAINST the US Government controlling things it has no business controlling?
Second, what kind of "stewardship" do you think they are actually doing? The internet was formed almost entirely by private corporations. The government had a hand in getting the ball rolling, but it is a long leap to say that without the US government we would not have the internet today.
I read your comment 4 times and I still don't know what you are saying. What do romans have to do with anything?
No, not really. If you read the article you would find out that control is transitioning to multinational private sector stakeholders, so in reality Google, Amazon, Apple, etc. will have more say.
Why should the US get to control the internet? Internet access was declared by the UN to be a basic human right. It should not be controlled by one nation. We don't even have a particularly good record of internet freedom anyway.
That is some serious whitewashing of history. Almost none of that is true. We don't have a democracy, we have a federal republic. Even in principle, if you want to argue that we have a representative democracy and the people's will is carried out indirectly, many laws passed these days do not have popular support. Also, where is this supposed strong moral compass? We haven't done anything for anyone that didn't help us first in quite a long time.
military dominance does lead to better access to different markets and resources, whether gotten implicitly or explicitly.
I'm just saying, looking at outcomes this is apparently not helping us very much. Our quality of life is substantially lower than countries with little or no military power.
lol okay. Tell me how that matters to anyone that's not a megalomaniac. Does it put food on the table? Help people pay their hospital bills?
The portion of its population that is still in poverty exceeds the entire population of the United States
Where did you get this? All the sources I can find say that the poverty rate in china is below 15% (actually similar to the US) which is only something like 200 million people.
Somehow the US is still on top.
By what metric exactly? All measures of education, poverty, GDP per capita, health outcomes, etc. do not put us in first place. Far from it actually.
Yeah I have been saying that to other people here. There is no point in using AES-256 because it is barely more secure than 128, if at all. In exchange for being a lot slower. It just doesn't make sense.
If the server can decrypt it, then it wasn't a proper application of encryption to begin with.
https://www.youtube.com/watch?...
It's always good to encrypt data at rest. Even if the cloud provider has the key, it makes it less likely that attackers will get access to your data because they need both the ciphertext and the key, which are hopefully in different locations.
Yes you can do this but the leakage is actually quite significant. There is a paper from CCS last year that shows with medical records, for instance, a large fraction of the secret data is leaked when encrypted with deterministic encryption (necessary for your index). There are more advanced searchable encryption schemes that have better leakage, but at the end of the day you either settle for lesser security or have huge server overhead.
How is it different from any other contractual arrangement though? You might as well say "avoid banks" because money is only safe hidden under your mattress.
128-bits of security is enough for a very, very long time. The most powerful supercomputer in existence can execute 93 petaflops. It would take that computer 8400x the age of the universe to brute force one 128-bit key, assuming it can do an AES decryption in one operation (which it can't). AES-128 vs AES-256 is not that big of a distinction considering that a huge theoretical break on AES would be necessary to actually attack either of them.
Research has also shown that the construction of AES-256 is not great and attacks tend to have much higher impact on the 256-bit version compared to the 128-bit version. The best attack against AES-128 reduces its security to 119 bits, while the best attack against AES-256 reduces its security to only 176 bits. It is likely that any attack making AES-128 vulnerable would also make AES-256 vulnerable.
For some definitions of "less secure". There are better attacks against AES-256, but even so the total amount of security against the strongest known attacks is still higher. In the link you posted from Bruce Schneier it says AES-256 has 176 bits of security vs 119 for AES-128.
True, but then you leave the burden of deciding which information should be secret on the sender, which is not always obvious.
This kind of naive approach only works for simple storage services like Dropbox. Anything more complicated and the server has to be able to decrypt the data in order to do its job. Gmail has to be able to search through your inbox. AWS has to be able to run code over your data. There are some cutting-edge crypto solutions to do searching or computing over encrypted data, but they add substantial overhead on the server side. It would increase the cost of cloud services by 100x or more.
Besides simple cloud storage, a lot of applications require the provider to be able to decrypt a client's data. Gmail for instance: without being able to decrypt your emails you wouldn't be able to search through your inbox. There are ways to support encrypted searching but they currently impose a substantial overhead on the server, such that "free" cloud services wouldn't be feasible. If you were willing to pay $30 a month for your email, then maybe it could be done, but that is out of the question for most people.
It's not twice as fast, it is sqrt(N) times as fast where N is the number of possible keys. You might be thinking 'half' because this implies that the security in bits of a scheme will be half as much against a quantum computer.
I don't think there is any pressure to keep keys small, we already have AES-256 which nobody uses because we don't actually need that much security. If quantum computers came around AES-256 would still be perfectly secure.