I didn't mind the odd general discussion on how they compromised Google etc but an awful lot of money has now just gone down the tube for no useful purpose except perhaps to satisfy a Gen-Y's sudden burst of conscience.
Which kind of explains why senior Australian and American politicians have been in Indonesia recently..
Hate to be the Australian Ambassador to Indonesia at the moment..
Rumour has it that the Indonesians regularly send encrypted birthday greetings for Australian operatives so we will probably just end up with another round of mock outrage and contrition from both sides and then it will be back to the cricket..
I think that its a shame Shirley Temple Black is dead because now there is no one to lead a global round of "Good ship lollypop."
I support the sentiment of these guys but your code is going to be running on a platform that is largely exploitable by most English speaking foreign governments and possibly well funded crooks.
What this means is that no matter how good your software is it will be ultimately rendered useless by going after the host platform and memory.
Also anything that uses a public key exchange is only secure because certain reversals of transformation are 'hard'. There is no universality to hard, what is hard for me may not be hard for you.. Globally governments and crooks seek out and employ people who are good at working with hard.
Then there are all the other sources of issue, like suitable entropy, which is not to be scoffed if something is 20% less random than is should be then that is a huge advantage.
However most of the above is a bit unfair though because they will not be in a position to do much about it but it does need to be considered by the users though.
Predictable, irritating but understandable.
When the crypto genie really got going was when home computers became fast enough to generate useful enough prime numbers in times that did not upset domestic home users.
Once this occurred the volume of encrypted "I want to lover you [sic]" traffic would start to drown out potentially useful-to-know-about encrypted traffic.
I am not surprised,
For the record the US government uses the NIST cryptographic transformations as recommended by its own NSA so on a global scale of one to broken they can't be that bad.
So for generalist every day encryption they should be fine, if your trying to hide something that might have some sort of national security implications then if your legitimately in possession / generating that kind of information then there will be a different set of protocols and standards to follow.
People would shit their pants if the world suddenly turned to using ad-hoc unreviewed transformations because at that point all bets are off, no seriously, all bets are off.
Cheers
As much as I hate to admit it..
The Oracle stuff for the most part just works and if you have competent DBA's you don't have to worry about it.
You may regret using oracle when you get the bill and sometimes it does not have the more esoteric features of the other DB's but you will be glad for its stability and its enterprise focused features in the long run..
And no one will sack you for choosing Oracle.
Slashdot Mirror
I didn't mind the odd general discussion on how they compromised Google etc but an awful lot of money has now just gone down the tube for no useful purpose except perhaps to satisfy a Gen-Y's sudden burst of conscience.
Which kind of explains why senior Australian and American politicians have been in Indonesia recently..
Hate to be the Australian Ambassador to Indonesia at the moment..
Rumour has it that the Indonesians regularly send encrypted birthday greetings for Australian operatives so we will probably just end up with another round of mock outrage and contrition from both sides and then it will be back to the cricket..
I think that its a shame Shirley Temple Black is dead because now there is no one to lead a global round of "Good ship lollypop."
I support the sentiment of these guys but your code is going to be running on a platform that is largely exploitable by most English speaking foreign governments and possibly well funded crooks.
What this means is that no matter how good your software is it will be ultimately rendered useless by going after the host platform and memory.
Also anything that uses a public key exchange is only secure because certain reversals of transformation are 'hard'. There is no universality to hard, what is hard for me may not be hard for you.. Globally governments and crooks seek out and employ people who are good at working with hard.
Then there are all the other sources of issue, like suitable entropy, which is not to be scoffed if something is 20% less random than is should be then that is a huge advantage.
However most of the above is a bit unfair though because they will not be in a position to do much about it but it does need to be considered by the users though.
Cool, trust the Chinese Generic diversity makes it harder for disease to take hold.
Cloning removes that barrier.
Predictable, irritating but understandable.
When the crypto genie really got going was when home computers became fast enough to generate useful enough prime numbers in times that did not upset domestic home users.
Once this occurred the volume of encrypted "I want to lover you [sic]" traffic would start to drown out potentially useful-to-know-about encrypted traffic.
I am not surprised,
That happens a lot on the Pakenham line in Melbourne Australia.
Idiots take either wire or fiber..
Either way its delayed trains or busses..
For the record the US government uses the NIST cryptographic transformations as recommended by its own NSA so on a global scale of one to broken they can't be that bad. So for generalist every day encryption they should be fine, if your trying to hide something that might have some sort of national security implications then if your legitimately in possession / generating that kind of information then there will be a different set of protocols and standards to follow. People would shit their pants if the world suddenly turned to using ad-hoc unreviewed transformations because at that point all bets are off, no seriously, all bets are off. Cheers
It just gets better and better..
Yea I would agree with that.. This is a good blog posting on the topic.. http://www.autochthonous.org/blog/
As much as I hate to admit it.. The Oracle stuff for the most part just works and if you have competent DBA's you don't have to worry about it. You may regret using oracle when you get the bill and sometimes it does not have the more esoteric features of the other DB's but you will be glad for its stability and its enterprise focused features in the long run.. And no one will sack you for choosing Oracle.
They could have the spells backfire if they put credentials or access tokens in plain text within the applications.