Nice McCarthyism there. I know, its an easy way to avoid thinking and responding intelligently, you can't just accuse people of being shills because you don't agree with them.
Where did you get that? It says one person at a time. Are you using Word on the same computer at the same time as your kids? Pretty sure this means you can't do something like remote desktop a bunch of computers to your one machine with Office on it and have a bunch of people use it at once.
Especially in grad school, CS does not have to be about anything remotely practical or even involving computers at all. Many professors in my department cannot program anything more complex than hello world and would not know active directory from their my documents directory, but they are pioneers in cryptography, complexity theory and graph theory (notice the "theory").
How is that not a significant sample size? Since they said the misconduct rate for females was 1/3 of that for males, that implies that something like 35-40% of the scientists were females. 72 examples of misconduct is certainly enough to show a statistically significant difference between males and females.
Its not a matter of being all righteous about it (well for some people it probably is) but more about the digestive implications. I don't know anything about the science of it, be it enzymes, bacteria or whatever, but if you don't eat meat for a lengthy period of time eating it again will make you violently ill. As an anecdote, I was at a chinese restaurant the other day and got some broccoli which I didn't know was in fish sauce. I was like, "well its already there might as well eat it." Let me just say, big mistake.
I find this interesting because if you don't eat fruit or grains for a while (like maybe you are doing that paleo diet) you don't get sick when you eat them again. Not saying it means anything in particular, just food for thought (lol pun).
How were the users "rear-ended"? This patch was never part of a release, it was only the developers (particularly Linus) sensibilities that were offended.
Two files with the same hash is not a problem, it is allowed. This will happen just by chance many times on your filesystem because the hash is relatively short (64 bits). The problem is when you engineer many files to have the same hash and your data structure (hash table) degrades to an array. There is also some other problem in the code here that makes it so the the hash table can't store or for some reason can't process more than a certain number of collisions.
Sort of, but at least you can recover from those attacks by restarting or booting from an external source to clean up your filesystem. The second attack here leaves you with undeletable files because the file system code responsible for deleting cannot handle the multiple hash collisions. There is no way to recover from that until a patch is pushed out that fixes the problem.
Where did you find that information? I'm confused because according you your numbers it was 21 for and 43 against in the senate which would imply that it did not pass.
You are not understanding this correctly. The relationships between the numbers and the candidates is random and unknown to anyone but the person physically holding the ballot and the election officials. I guess you could force someone to take a picture of the ballot while they were voting but nothing can stop that.
The only people that can prove the relationship between a code and a candidate are the election officials. All you can prove is that you voted for the person that corresponds to the code you wrote down. It is not possible to coerce people. Maybe I am explaining it poorly, check the paper for details.
This is a well-researched topic and there are already good solutions. One way to do it is print a random number on every ballot (random for each individual ballot that is) underneath each candidate and have the voter copy down the numbers corresponding to the candidates they voted for. Afterwards, the codes that correspond to the recorded vote for each ballot are posted online and you can verify that the vote they recorded matches the one you wrote down. That way you can check that your vote was recorded successfully but no one (not even you if you can't remember) can know which candidate you voted for.
To make sure that the codes actually correspond to the correct candidates you have the voting authority cryptographically commit to all the code-candidate relationships. You then allow voters to "spot check" the ballot they were given and request that all the codes be decommitted and published (they would get a new ballot afterwards). Add in a mix-net which allows anyone to verify the final tally from the published codes, without revealing any individual votes, and you have http://scantegrity.org./
Why would you do this? We already have super-fast stream ciphers designed specifically for situations like this. There are no advantages to your method and quite a few disadvantages. Crypto is one of the areas where it is, as a rule of thumb, very bad to roll your own.
Good thing RSA seems to be the only widely used crypto tool that will be broken by quantum computing. Symmetric ciphers and hash functions are thought to be resistant to quantum attacks (besides the necessary doubling of key sizes that applies to everything, due to Grover's algorithm). We also have assymetric ciphers based on lattice constructions that are quantum-resistant, ready to step in and take over if RSA ever becomes impractical.
Actually they are saying that GPUs are good candidate for PUFs (physically unclonable functions). This means that the GPU would not have one "fingerprint" but a unique function which is specific to it. The standard way to use this is with a sort of challenge response protocol where intercepting any of the messages doesn't help impersonate the user later. PUFs are the physical analog to one-way functions. It may be possible to hack the verifier and then impersonate users to that verifier only, or to hack the computer and impersonate the user temporarily (while you have access to the machine), but it should not be possible to copy the "fingerprint" of the GPU in software and impersonate later. Check out the wikipedia for more info http://en.wikipedia.org/wiki/Physical_unclonable_function.
Slashdot Mirror
Whoops.
Nice McCarthyism there. I know, its an easy way to avoid thinking and responding intelligently, you can't just accuse people of being shills because you don't agree with them.
Where did you get that? It says one person at a time. Are you using Word on the same computer at the same time as your kids? Pretty sure this means you can't do something like remote desktop a bunch of computers to your one machine with Office on it and have a bunch of people use it at once.
You could sign the hibernate image with a key that is sealed by the TPM.
Especially in grad school, CS does not have to be about anything remotely practical or even involving computers at all. Many professors in my department cannot program anything more complex than hello world and would not know active directory from their my documents directory, but they are pioneers in cryptography, complexity theory and graph theory (notice the "theory").
How is that not a significant sample size? Since they said the misconduct rate for females was 1/3 of that for males, that implies that something like 35-40% of the scientists were females. 72 examples of misconduct is certainly enough to show a statistically significant difference between males and females.
There's an app for that http://sworkit.com/
Its not a matter of being all righteous about it (well for some people it probably is) but more about the digestive implications. I don't know anything about the science of it, be it enzymes, bacteria or whatever, but if you don't eat meat for a lengthy period of time eating it again will make you violently ill. As an anecdote, I was at a chinese restaurant the other day and got some broccoli which I didn't know was in fish sauce. I was like, "well its already there might as well eat it." Let me just say, big mistake. I find this interesting because if you don't eat fruit or grains for a while (like maybe you are doing that paleo diet) you don't get sick when you eat them again. Not saying it means anything in particular, just food for thought (lol pun).
How were the users "rear-ended"? This patch was never part of a release, it was only the developers (particularly Linus) sensibilities that were offended.
NEVER, EVER just brandish or wave a gun at someone. If you pull a gun out, you absolutely, positively must pull the trigger.
How is that the moral of the story? It should be "if you catch your wife cheating on you it is not appropriate to assault that person".
Can you not trust your kids to be as responsible?
Responsible enough to threaten a homeless man with a loaded gun? Hopefully not...
Two files with the same hash is not a problem, it is allowed. This will happen just by chance many times on your filesystem because the hash is relatively short (64 bits). The problem is when you engineer many files to have the same hash and your data structure (hash table) degrades to an array. There is also some other problem in the code here that makes it so the the hash table can't store or for some reason can't process more than a certain number of collisions.
Thats per month.
Sort of, but at least you can recover from those attacks by restarting or booting from an external source to clean up your filesystem. The second attack here leaves you with undeletable files because the file system code responsible for deleting cannot handle the multiple hash collisions. There is no way to recover from that until a patch is pushed out that fixes the problem.
Where did you find that information? I'm confused because according you your numbers it was 21 for and 43 against in the senate which would imply that it did not pass.
I believe that is called sarcasm. Perhaps you should look it up?
I didn't say serial numbers are random, I said the codes under each candidate on the ballot are random.
You are not understanding this correctly. The relationships between the numbers and the candidates is random and unknown to anyone but the person physically holding the ballot and the election officials. I guess you could force someone to take a picture of the ballot while they were voting but nothing can stop that.
The only people that can prove the relationship between a code and a candidate are the election officials. All you can prove is that you voted for the person that corresponds to the code you wrote down. It is not possible to coerce people. Maybe I am explaining it poorly, check the paper for details.
This is a well-researched topic and there are already good solutions. One way to do it is print a random number on every ballot (random for each individual ballot that is) underneath each candidate and have the voter copy down the numbers corresponding to the candidates they voted for. Afterwards, the codes that correspond to the recorded vote for each ballot are posted online and you can verify that the vote they recorded matches the one you wrote down. That way you can check that your vote was recorded successfully but no one (not even you if you can't remember) can know which candidate you voted for.
To make sure that the codes actually correspond to the correct candidates you have the voting authority cryptographically commit to all the code-candidate relationships. You then allow voters to "spot check" the ballot they were given and request that all the codes be decommitted and published (they would get a new ballot afterwards). Add in a mix-net which allows anyone to verify the final tally from the published codes, without revealing any individual votes, and you have http://scantegrity.org./
Why would you do this? We already have super-fast stream ciphers designed specifically for situations like this. There are no advantages to your method and quite a few disadvantages. Crypto is one of the areas where it is, as a rule of thumb, very bad to roll your own.
Good thing RSA seems to be the only widely used crypto tool that will be broken by quantum computing. Symmetric ciphers and hash functions are thought to be resistant to quantum attacks (besides the necessary doubling of key sizes that applies to everything, due to Grover's algorithm). We also have assymetric ciphers based on lattice constructions that are quantum-resistant, ready to step in and take over if RSA ever becomes impractical.
Well actually three encryptions should give you 512 bits of security, like 3-DES is 112 bits.
It is not. Research physically unclonable functions http://en.wikipedia.org/wiki/Physical_unclonable_function.
Actually they are saying that GPUs are good candidate for PUFs (physically unclonable functions). This means that the GPU would not have one "fingerprint" but a unique function which is specific to it. The standard way to use this is with a sort of challenge response protocol where intercepting any of the messages doesn't help impersonate the user later. PUFs are the physical analog to one-way functions. It may be possible to hack the verifier and then impersonate users to that verifier only, or to hack the computer and impersonate the user temporarily (while you have access to the machine), but it should not be possible to copy the "fingerprint" of the GPU in software and impersonate later. Check out the wikipedia for more info http://en.wikipedia.org/wiki/Physical_unclonable_function.