There are a lot of workloads where it makes sense. If you are doing research and you only need to use a lot of computing resources for a few weeks out of the year to run simulations or something, then it is much more economical to go AWS than have a giant cluster sitting idle most of the time.
Yeah I was kind of thrown off by them using the loaded term cheapskate. I would call that efficiency or austerity. Everyone was complaining that they were assholes when companies were flying around in private jets while at the same time laying off employees. Now we complain that they are cheap if they make their employees fly in coach with the rest of us proles.
perhaps the reason Amazon's Glacier storage is so cheap is that maybe it might be based at least partly on tape, not disk
That is one of the stupidest things I have ever read. Of course it is using tape, why else would it take up to 24 hours to get your data when you request it? Everyone knows that is the whole point of Glacier, and the reason they can offer it so cheap. Nobody wants to deal with the hassle of having their own offsite tape library, so Amazon will do it for you with a convenience user interface. That is literally exactly what all of AWS is based on, doing something cheaper for you because they have the expertise and the facilities at scale.
A factor of 10 in average password length you mean, of which security is exponential. That's nothing to sneeze at. It does seem to be relatively pointless compared to just encrypting the password file with a key stored in the TPM or derived from an administrator password at boot time though.
It's not "slightly wrong" in that it is lexicographically close to the password. It is a password that hashes to the same first few bits, which is unrelated to the relationship between their plaintexts.
The 16 is just a lower limit. Almost every cryptographic RNG has a block size much, much larger so it's no big deal. Many applications rely on the fact that you will not get two blocks from an RNG that are the same so it seems like a good test to me.
Open-source doesn't help for shit in this situation. Dual_EC_DRBG was an open standard, all the details were public. The problem is that, with cryptographic algorithms, only a handful of people in the entire world are qualified to say whether something might or might not be secure. And even if there is a problem, it might go for years without being found.
I didn't say that there wasn't some diversion, but if he really did take and spend over $500 million, they would have been doing more than "suspecting".
Pretty sure you said brute-forcable which means just trying every key. As far as AES being weak, it is probably the most trusted cipher in existence. It has been around for over 15 years with the smartest cryptographers in the world trying to break it and no flaws have been found. Compare that to other ciphers like DES which researchers were skeptical of on day one and still took 20 years to break.
The surprising thing on that chart is that the Netherlands are so close to the US despite being only a tiny fraction of it's size and having less than 5% of it's population.
Every PRNG is predictable if you know or can guess the seed. That is why the seed needs to be large enough (say 128 bits) to be infeasible to brute force. If you assume that the seed is only drawn from some small range like 1 to a trillion then no matter how good your PRNG is it will be easily breakable. Rainbow tables have nothing to do with it, they only allow you to precompute instead of doing the work online. Anything you could break with a rainbow table you could also break without it, so the system has some other insecurity (in your example, too small of a seed).
You can make any hash function into a PRNG by repeatedly hashing a counter that is set with a random seed. Also Keccak has a mode where the output can be set to any length, which makes it explicitly a PRNG.
Well some quick googling shows that beats have about.5 calories per gram and steak has about 3 calories per gram, so it's still a pretty drastic difference.
Maybe it takes a long time to make it's way back? Although some back of the envelope calculations suggest that 100 billion gallons is less than.1% of the rainfall that California gets in a year, so I'm not sure what the overall effect is. It would be nice to get some actual climate scientists to weigh in.
I know many couples where this is true. That's not to say that it is universal, but it still happens quite a lot, especially outside of liberal urban areas.
Slashdot Mirror
There are a lot of workloads where it makes sense. If you are doing research and you only need to use a lot of computing resources for a few weeks out of the year to run simulations or something, then it is much more economical to go AWS than have a giant cluster sitting idle most of the time.
Yeah I was kind of thrown off by them using the loaded term cheapskate. I would call that efficiency or austerity. Everyone was complaining that they were assholes when companies were flying around in private jets while at the same time laying off employees. Now we complain that they are cheap if they make their employees fly in coach with the rest of us proles.
perhaps the reason Amazon's Glacier storage is so cheap is that maybe it might be based at least partly on tape, not disk
That is one of the stupidest things I have ever read. Of course it is using tape, why else would it take up to 24 hours to get your data when you request it? Everyone knows that is the whole point of Glacier, and the reason they can offer it so cheap. Nobody wants to deal with the hassle of having their own offsite tape library, so Amazon will do it for you with a convenience user interface. That is literally exactly what all of AWS is based on, doing something cheaper for you because they have the expertise and the facilities at scale.
How would getting new certificates let them do anything they couldn't do now?
A factor of 10 in average password length you mean, of which security is exponential. That's nothing to sneeze at. It does seem to be relatively pointless compared to just encrypting the password file with a key stored in the TPM or derived from an administrator password at boot time though.
It's not "slightly wrong" in that it is lexicographically close to the password. It is a password that hashes to the same first few bits, which is unrelated to the relationship between their plaintexts.
The 16 is just a lower limit. Almost every cryptographic RNG has a block size much, much larger so it's no big deal. Many applications rely on the fact that you will not get two blocks from an RNG that are the same so it seems like a good test to me.
Open-source doesn't help for shit in this situation. Dual_EC_DRBG was an open standard, all the details were public. The problem is that, with cryptographic algorithms, only a handful of people in the entire world are qualified to say whether something might or might not be secure. And even if there is a problem, it might go for years without being found.
I didn't say that there wasn't some diversion, but if he really did take and spend over $500 million, they would have been doing more than "suspecting".
Pretty unlikely that he spent over half a BILLION dollars without anyone noticing.
Pretty sure you said brute-forcable which means just trying every key. As far as AES being weak, it is probably the most trusted cipher in existence. It has been around for over 15 years with the smartest cryptographers in the world trying to break it and no flaws have been found. Compare that to other ciphers like DES which researchers were skeptical of on day one and still took 20 years to break.
First off, the encryption itself is still brute-forceable by a determined attacker with enough resources.
I realized you don't know what you're talking about right here. It would take until the heat death of the universe to brute force a 128-bit AES key.
Now that all major browsers have transparent background updating, umm... all of them will remove the CA when Google, Mozilla, etc. do.
Even in their games, heterosexual interactions outnumber homosexual ones by a significant margin. So... you're whole point is moot.
The surprising thing on that chart is that the Netherlands are so close to the US despite being only a tiny fraction of it's size and having less than 5% of it's population.
Every PRNG is predictable if you know or can guess the seed. That is why the seed needs to be large enough (say 128 bits) to be infeasible to brute force. If you assume that the seed is only drawn from some small range like 1 to a trillion then no matter how good your PRNG is it will be easily breakable. Rainbow tables have nothing to do with it, they only allow you to precompute instead of doing the work online. Anything you could break with a rainbow table you could also break without it, so the system has some other insecurity (in your example, too small of a seed).
You can make any hash function into a PRNG by repeatedly hashing a counter that is set with a random seed. Also Keccak has a mode where the output can be set to any length, which makes it explicitly a PRNG.
This RNG is used for address space layout randomization though, so it must be in place before any peripherals are enabled.
Good thing we just had that and it was called the SHA-3 competition.
That statement is contrary to the OED so... I'm going with them.
Well some quick googling shows that beats have about .5 calories per gram and steak has about 3 calories per gram, so it's still a pretty drastic difference.
Not more dense than sugar beets though, which take less than 1% of the water per ton.
Maybe it takes a long time to make it's way back? Although some back of the envelope calculations suggest that 100 billion gallons is less than .1% of the rainfall that California gets in a year, so I'm not sure what the overall effect is. It would be nice to get some actual climate scientists to weigh in.
I know many couples where this is true. That's not to say that it is universal, but it still happens quite a lot, especially outside of liberal urban areas.
How do you know any of that? It could be that she gets home earlier than him, has flexible hours, or works from home. You're bigotry is showing.