Since the major use of cryptography is to prevent crimes, mabye they're afraid of the competition.
I know that sounds like a troll, but think about it this way; It's usually the job of the police, to investigate crimes, not prevent them. Cryptography makes the job of investigating more difficult. So the police are constantly hampered by encryption. Cryptography also makes theft of information more difficult, but how do you measure that? You don't call the FBI every time someone doesn't steal your credit card, and say "good job, thanks".
If there was a government body charged with protecting the public from criminals, instead of catching and punishing criminals, then cryptography would be as mainstream as locks.
Absolutely. Without pitting customers of ISPs against each other, i.e., the legitimate ones against the spammers, the ISPs will be happy to serve both. I'd suggest that if an ISP allows any spamming, block it -- wholesale. Either you have an agressive policy against SPAM or you lose your privilege to send mail to my servers. Your customers don't like it? Tough. Make your network spam-unfriendly.
Sadly, for some strange reason the people who get blocked seem to think it's because of some action taken by the maintainer of the block list. No matter how often you repeat the statement that's it's their ISPs fault, they still think it's because you listed them.
Pirated software is an alternate supply for the software in question. Supply and demand being what they are, that means the optimal price for legitimate copies of the software goes down. IOW, the real cost of pirating isn't just how many copies weren't sold, but how much less money was made on legal copies.
It's not likely that you'll hear the BSA say "Pirates force us to charge less for our software." but that's what really happens.
Supply and demand will take care of this nicely. We have lots and lots of energy availble, just at a price. The days of monster SUVs are numbered.
It's a nice thought, but there's a time coefficent in that equation that will result in lots of dead bodies. Unless we start taxing energy for the damage it causes, the economic solutions won't work. I don't expect a dollar a gallon gasoline tax or a 30 cent/Kilowatt hour tax any time soon.
Good point. Of course, RSA key generation is probably a million times slower than MD5 hashing, so this isn't really feasible from a practical standpoint. But I hadn't thought of that.
Even if generating a key is a million times harder, when you're testing 2^24 salts per key, that only makes the overall problem 7% harder.
But the major difficulty in generating keys is finding the large primes to multiply together. Finding 2 primes for one RSA key may be 1,000,000 times harder, but with 101 primes, you can generate over 50,000 keys. Generating a million keys is only about 1,500 times as hard as generating one. (and if a square root reduction in difficulty isn't enough, you can use three primes for the key)
The interesting thing, from a scientific perspective, is the sheer lack of study
Think about how hard it is to do a double blind experiment involving diet. "I want you to eat this, but I'm not going to tell you what it is..." Add to this the problem that a decent study would need to run for at least a year, and preferably several years.
I never really realized how bad diet research was until I tried to find proof that eating more food makes you gain weight. Sure, we all "know" it does, but find a study that proves it.
The entire purpose of computationally intensive identity generation is to prevent the "mule problem". Are you saying it doesn't?
No. At least, that's not what I meant by "Signed salts do not prevent the mule problem." Signing salts is a way to insure that the person who generates them knows the private key of the identity. This makes it hard for someone who is interested in protecting their identity to get someone else to do the work, but does nothing if they do not. Mules don't care if their master knows their private key.
> I don't believe you can so easily tune the amount of work needed to create an Identity > either.
Why not? It's easy to double the amount of work needed by increasing the number of colliding bits by 1.
Because the real problem isn't in adjusting the difficulty of the problem, but in deciding what difficulty is appropriate.
My mother uses a 133 Megahertz PC. I use an 800 Megahertz PC. At work I have access to more than 60 PCs, all more powerful than my personal computer.
So what's the "right" computational difficulty? If it takes my mother 6 hours, it takes me 1 hour at home, and 1 minute at work.
Note that I'm not saying that setting the computational difficulty is impossible, just that it's a non-trival task, with certain inherent weaknesses.
> If variable strength keys can be used, > then in the processes of generating a strength K key, > the EMM also generates 2 strength K-1 keys, 4 strength K-2 keys...
Yes, but they're all the same key, since a key is the public key part, not the public key and its salt.
That assumes that EMM creates keys the way you've outlined. But he doesn't. Instead he generates a new key and a new salt each time he gets a success.
For example, suppose you wanted to generate keys of stength 32, but knew that strength 28 was acceptable. You start testing salts until you find one that's strength 28 or more. You record the result, pick a new key, and continue.
By the time you find a strength 32 key, you will have (on average) found 2 strength 31, 4 strength 30....
Deciding the intelligence of a machine based on it's use of human language is neither good science nor good engineering.
The point of the Turing test isn't that it's a good metric for intelligence. The point is that if a machine could pass the turing test, then it is unquestionably intelligent. Turing himself said that it was probably overkill. (BTW, Turing suggested a test involving two contestants and a judge. The contants goal is to convince the judge that they are human, and the other contestant isn't.)
The lesson to take away from that is that small talk is not that complicated, at least on the surface. It would be much harder, for example, to make an AI that could read a newspaper article and discuss it with someone. Or to have a conversation that was actually interesting as well as convincing. Or even to pay attention to the subtext in the small talk it was having.
Subtext? How about the text. I've never seen a chatter bot that could respond reasonably to "I'm sorry, could you rephrase that?". The best ones respond with a non sequitur. Before bots try and understand what other people say, they should understand what they say.
IMO, a better contest would be even more limiting. For example, pick 2000 words that are allowed, and limit the conversation to those words.
The problem here is that ALICE is easily determined to be non-intelligent by the average person. ALICE can only pass for an intelligence under conditions so severely constrained that what ALICE is emulating is merely a narrow and relatively trivial part of intelligent behavior. Humans cry out when they are injured -- I don't see anyone claiming that an animal, a rabbit for example, that screams when it's injured is intelligent.
The average person does have trouble determining that Alice is not intelligent, when they have nothing to compare it against. Most people can do it, just not easily. The problem is that a person who is ignoring you is almost indistinguishable from a recording of a person who is ignoring you.
Turing originally suggested that a machine be pitted against a human, with a second human trying to determine which is which. Most of the chatter bots would last about 2 sentences in such a contest, Alice might make 5 if it were lucky.
If the
Loebner prize actually used this format,
instead of the bastardized version they do run,
then we might see some real developement.
People don't need over 100 Mbps.. Nice idea... in theory. However, don't forget that 100Mbps means each cable can run MAX 100 Mbps, ethernet however saturates at 60% so you can only get real transfer of about 60 Mbps
In actual practice, I've personally pulled a sustained 95 Mbps over a 100baseT connection from the internet. In my home network, linux box to linux box, I frequently transfer files at better than 80 Mbps. I suppose it's possible that I have god like powers, but my suspicion is that who ever told you that 100baseT can only run 60Mbps was trying to sell you fatter pipes.
You're right about using up the bandwidth though - 10Mbps, 100Mbps, 1Gigabit... no matter how much I have, I want more.
The problem isn't the evil master mind making salt for his henchmen, the problem is the evil master mind who makes thousands of mules. (Identities for himself.) Signed salts do not prevent the mule problem.
I don't believe you can so easily tune the amount of work needed to create an Identity either.
The RIAA probably has over 100 computers that sit idle every night. If it takes 8 hours to make an identity, then they could churn out over 100 every day, virtually free. With backing, the number could easily be 10,000 a day, or even more.
If the EMM isn't constrained by legality, then he releases a virus and generates millions of keys in a single day.
If variable strength keys can be used, then in the processes of generating a strength K key, the EMM also generates 2 strength K-1 keys, 4 strength K-2 keys...
I think it's better to concentrate on whitelisting than blacklisting.
For the forseable future, gigabit to the desktop is more than 95% of users will need unless computing environments move to server-side VR operating systems that are fully streamed to a user with full motion and sound.
DVDs output less than 10Mbps. Even without the super fancy compression, 45Mbps is still sufficient for a Hi-def video stream. It's pretty hard to watch more than one video stream at a time, so most people won't even need over 100 Mbps.
But although 100 Mbps may be all people need, they will still want more. Once bandwidth is cheap enough, we'll all keep everything on our personal servers. P2P piracy will take 30 seconds at Gig-e speeds, for a single film. Sharing my entire library would take hours.
And what do we do when someone breaks into your house, takes your novel, and sells it under their name? (Insert *any* literary thing you want to get money or credit for.)
The more insidious case is when they sneak in and make a copy, without depriving you of yours. When that happens (and you catch them) you punish them. A different incentive system wouldn't eliminate the need to punish the wicked.
Copyright exists to stop this very thing, at its core. While triming it (Copyright term) down may be a good idea so as to encourage "public works" and reuse of ideas, eliminating it as an "incentive" angle isn't a good idea.
Copyright law doesn't exist to prevent theft, it exists to prevent otherwise legitimate copies from being made. The justification is that this allows the creator to make more money than they otherwise would. Money is a powerful incentive, but copyright isn't the only way to get money into the hands of those that create. Copyright also creates a strong belief in intellectual "property".
If copyright is the only thing propping up the sale of information, then I say, "Thank God for copyright". In spite of recent abuses (infinite copyright extensions for Mickey Mouse), copyright is important because it protects the rights of creators of intellectual property. This is a necessary incentive towards encouraging creative work.
There are plenty of ways to incentivize the creation of information. We can pay people to create stuff directly, grant them honors, extend special privilages. If copyright was the only incentive for creation, FreeBSD wouldn't exist. More to the point, copyright isn't very good at creating public works.
How many other alternate systems of incentives have been squashed by clinging to copyright?
-- this is not a.sig
Re:6502 microcode bugs...
on
Pet Bugs?
·
· Score: 2
I remember that one. --
This code worked
LDA #9
NOP
STA $14
RTS
But this code didn't
LDA #9
STA $14
RTS
Turned out the/real/ bug was a JMP () elsewhere, the nop just shifted things by a byte.
I still think my favorite is redefining the value of 3 (in Fortran)
Slashdot Mirror
hospitals, wielders, chemists, cryogenics researchers ...
All buying specially packaged and prepaired air.
You don't pay your ISP for the data, you pay for the pipe.
Since the major use of cryptography is to prevent crimes, mabye they're afraid of the competition.
.sig
I know that sounds like a troll, but think about it this way;
It's usually the job of the police, to investigate crimes, not prevent them.
Cryptography makes the job of investigating more difficult.
So the police are constantly hampered by encryption.
Cryptography also makes theft of information more difficult, but how do you measure that?
You don't call the FBI every time someone doesn't steal your credit card, and say "good job, thanks".
If there was a government body charged with protecting the public from criminals,
instead of catching and punishing criminals, then cryptography would be as mainstream as locks.
-- this is not a
I suspect fuel cells will be about the same.
-- this is not a
taken by the maintainer of the block list.
No matter how often you repeat the statement that's it's their ISPs fault, they still think it's because you listed them.
-- this is not a
Pirated software is an alternate supply for the software in question.
.sig
Supply and demand being what they are, that means the optimal price for legitimate copies of the software goes down.
IOW, the real cost of pirating isn't just how many copies weren't sold, but how much less money was made on legal copies.
It's not likely that you'll hear the BSA say "Pirates force us to charge less for our software." but that's what really happens.
-- this is not a
I'm sick of people burying their nuclear wastes.
.sig
I say we force them to put it back where they got it from.
-- this is not a
Unless we start taxing energy for the damage it causes, the economic solutions won't work.
I don't expect a dollar a gallon gasoline tax or a 30 cent/Kilowatt hour tax any time soon.
-- nuke the gay terrorist whales for christ
But the major difficulty in generating keys is finding the large primes to multiply together.
Finding 2 primes for one RSA key may be 1,000,000 times harder, but with 101 primes, you
can generate over 50,000 keys. Generating a million keys is only about 1,500 times as hard as generating one.
(and if a square root reduction in difficulty isn't enough, you can use three primes for the key)
-- this is not
"I want you to eat this, but I'm not going to tell you what it is..."
Add to this the problem that a decent study would need to run for at least a year, and preferably several years.
I never really realized how bad diet research was until I tried to find proof that eating more food makes you gain weight.
Sure, we all "know" it does, but find a study that proves it.
-- this is not a
So after playing video games, peoples brains don't need to work as hard?
Signing salts is a way to insure that the person who generates them knows the private key of the identity.
This makes it hard for someone who is interested in protecting their identity to get someone else to do the work,
but does nothing if they do not.
Mules don't care if their master knows their private key. Because the real problem isn't in adjusting the difficulty of the problem, but in deciding what difficulty is appropriate.
My mother uses a 133 Megahertz PC.
I use an 800 Megahertz PC.
At work I have access to more than 60 PCs, all
more powerful than my personal computer.
So what's the "right" computational difficulty?
If it takes my mother 6 hours, it takes me 1 hour
at home, and 1 minute at work.
Note that I'm not saying that setting the computational difficulty is impossible,
just that it's a non-trival task, with certain inherent weaknesses.
That assumes that EMM creates keys the way you've outlined.
But he doesn't. Instead he generates a new key and a new salt each time he gets a success.
For example, suppose you wanted to generate keys of stength 32, but knew that strength 28 was acceptable.
You start testing salts until you find one that's strength 28 or more.
You record the result, pick a new key, and continue.
By the time you find a strength 32 key, you will have (on average) found 2 strength 31, 4 strength 30....
The point is that if a machine could pass the turing test, then it is unquestionably intelligent.
Turing himself said that it was probably overkill.
(BTW, Turing suggested a test involving two contestants and a judge.
The contants goal is to convince the judge that they are human, and the other contestant isn't.)
-- Yes I said that before, what's your point?
I've never seen a chatter bot that could respond reasonably to "I'm sorry, could you rephrase that?".
The best ones respond with a non sequitur.
Before bots try and understand what other people say,
they should understand what they say.
IMO, a better contest would be even more limiting.
For example, pick 2000 words that are allowed,
and limit the conversation to those words.
-- this is not a
The average person does have trouble determining that Alice is not intelligent, when they have nothing to compare it against. Most people can do it, just not easily. The problem is that a person who is ignoring you is almost indistinguishable from a recording of a person who is ignoring you.
Turing originally suggested that a machine be pitted against a human, with a second human trying to determine which is which. Most of the chatter bots would last about 2 sentences in such a contest, Alice might make 5 if it were lucky.
If the Loebner prize actually used this format, instead of the bastardized version they do run, then we might see some real developement.
-- this is not a .sig
You're right about using up the bandwidth though - 10Mbps, 100Mbps, 1Gigabit... no matter how much I have, I want more.
-- this is not a
http://www-2.cs.cmu.edu/~tom7/papers/peer.pdf
...
.sig
The problem isn't the evil master mind making salt for his henchmen,
the problem is the evil master mind who makes thousands of mules. (Identities for himself.)
Signed salts do not prevent the mule problem.
I don't believe you can so easily tune the amount of work needed to create an Identity either.
The RIAA probably has over 100 computers that sit idle every night.
If it takes 8 hours to make an identity, then they could churn out over 100 every day, virtually free.
With backing, the number could easily be 10,000 a day, or even more.
If the EMM isn't constrained by legality,
then he releases a virus and generates millions of keys in a single day.
If variable strength keys can be used,
then in the processes of generating a strength K key,
the EMM also generates 2 strength K-1 keys, 4 strength K-2 keys
I think it's better to concentrate on whitelisting than blacklisting.
-- this is not a
You can't fight the spam itself, but you can fight the spammers.
.sig
Advertise a service that will send spam for money, collect the money, and don't send the spam.
Or if you're squeemish about that,
just spread the "knowledge" that many of the spam for hire people do it.
-- this is not a
Even without the super fancy compression,
45Mbps is still sufficient for a Hi-def video stream. It's pretty hard to watch more than one
video stream at a time, so most people won't even need over 100 Mbps.
But although 100 Mbps may be all people need, they will still want more.
Once bandwidth is cheap enough, we'll all keep everything on our personal servers.
P2P piracy will take 30 seconds at Gig-e speeds, for a single film.
Sharing my entire library would take hours.
-- this is not a
I think the generally accepted term for this is crapflooding, not Denial of Service.
YMMV.
I think there's a 98 version available now too.
Look here
Imagine if each piece of spam you received also gave you a 3 cent credit to your ISP account (or you, if you're your own ISP)
.sig
Would that really be any better?
-- this is not a
The more insidious case is when they sneak in and make a copy, without depriving you of yours.
When that happens (and you catch them) you punish them.
A different incentive system wouldn't eliminate the need to punish the wicked.
Copyright law doesn't exist to prevent theft, it exists to prevent otherwise legitimate copies from being made.
The justification is that this allows the creator to make more money than they otherwise would.
Money is a powerful incentive, but copyright isn't the only way to get money into the hands of those that create.
Copyright also creates a strong belief in intellectual "property".
- this is not a
There are plenty of ways to incentivize the creation of information. We can pay people to create stuff directly, grant them honors, extend special privilages. If copyright was the only incentive for creation, FreeBSD wouldn't exist.
More to the point, copyright isn't very good at creating public works.
How many other alternate systems of incentives have been squashed by clinging to copyright?
-- this is not a
I remember that one. --
/real/ bug was a JMP () elsewhere,
.sig
This code worked
LDA #9
NOP
STA $14
RTS
But this code didn't
LDA #9
STA $14
RTS
Turned out the
the nop just shifted things by a byte.
I still think my favorite is redefining the value of 3 (in Fortran)
-- this is not