I read Microserfs, and I thought it was the most pointless and boring story I ever read. I didn't care about the characters (or is that "caricatures"?) and I couldn't find anything remotely resembling a plot.
This is an excellent idea. An internet appliance in every home should be written into the constitution. Webcams should be made mandatory, to avoid the perils of internet addiction (and other various dangers).
The responsible organization could be called: Bureau of Internet access Grants for
Blacks and other Racial minorities Otherwise Too poor to Have Equal access Rights
I've considered my palm a computer, though a primitive one, ever since I learned to XOR the position of one finger against another. Naturally, it becomes far more powerful when hooked up to the standard "peripherals": a paper and pencil; or networks with a far more powerful computer through a keyboard interface.
And yet, Jethro, you don't deny the charges. "How do you know?" indeed. Many a dishonest soul lacks the courage to lie outright.
1) Your ignorance makes it clear that you are no doctor. 2) The foundation of the concept of first aid is that it is a temporary measure until a doctor can be reached.
For the rest, I'm assuming what seems probable, and which you haven't directly denied even after you responded. Also, the words of your original post reek of self-righteous certainty, and you make no mention of a moral dilemma. Given the way you boast of your foolish and misguided "rescue," I'm sure you would have loved to add to the drama with a depiction of any but the most mundane setting.
He doesn't deserve to be insulted, when he misunderstood a harmless situation, forced a useless "remedy," and goes around telling people how he saved this girl's life?
If he really believed she had potentially fatally low blood pressure, the intelligent thing to do would be to call 911 and/or take her to the emergency room ASAP. Knowing the situation and his intentions, what he did was a crime (both legally and ethically): he was practicing emergency medicine without a licence (as opposed to providing first aid until a doctor or other medical professional could be reached). If she really had been in trouble, she would have died anyway, even with that quack remedy; he could have been liable for manslaughter charges.
I don't care how they think they're making it secure, if a PalmPilot can read it, so can a PalmPilot emulator. From there, you can either hack the emulator to get the text or do screen grabs and text recognition on perfectly accurate, identical characters. Assuming, of course, that you don't just crack the encryption and decode directly to plain text.
I don't think non-profit illegal book copying has been a big problem in the past, but it will be now. IMHO, the reason people aren't passing out many illegally copied books over the internet is that it takes so much time and effort to scan in the pages, do text recognition, and correct the errors, and also how convenient it is to just lend books you've bought (I mean, if you can share it with your friends already, who would bother scanning it?).
It's a recipe for disaster (or at least minor to moderate profit reductions) for the publishing companies, and not exactly great for the authors either.
Go read my top-level post for this article: "The Value of OTP"
It's not utterly useless, just not very useful for the typical person at this point in time. Diplomats, spies, business executives, politicians, criminals, revolutionaries, and terrorists could find it invaluable (not necessarily a good thing for humanity in general...) and I think that in the long term it could become the only useful form of encryption and possible the base of all commerce.
There is no one best encryption protocol for all circumstances. There's no sense in using a public key protocol to protect the contents of your hard drive, and reversible encryption is not secure enough for many password systems. There's no current practical reason to use OTP for anything that does not have to be permanently and perfectly secure.
I don't mean to endorse the general use of OTP for routine emails and such (I'll admit it sounded like I did in my original post; I cut out as obvious a part I typed about the needless expense and the typically limited need for security, but forgot to change the "it's perfectly secure! and not that expensive" contrast piece at the end). I agree that it is a waste of effort for most people.
The point was that OTP is the only reversible general encryption scheme that is absolutely unbreakable when correctly done (dumb codes are also unbreakable, and potentially unrecognizable as well, but not general). Not expensive to break, not impossible to break in a human lifetime using modern computers, but absolutely unbreakable. It is also practical even for individuals with typical cheap home computers, certainly a needless expense for most, but a relatively small one, and still feasible.
I certainly believe OTP will become more important in the future, as exotic computing technologies emerge and change the rules about what is intractable. They may well become the foundation of commerce as everything becomes copyable and all material products are commoditized, leaving no form of portable and quantifiable wealth.
Your suggestion that investigators can read data from your hard drive after you've deleted them, is very interesting. I hadn't really thought of that, but the principle is still true, if you really clean up after yourself properly (which is a lot more bother than I thought, though still feasible).
Here's a good article on the problems and how to try to get around them (it's more complicated than I first thought, and gives interesting insights into harddrive function if you have as naive a view of the encoding on such devices as I did; very interesting reading indeed): http://www.cs.auckland.ac.nz/~pgut001/secure_del .html
Hard? I think the word you mean to use is intractable, which is to say possible but unlikely in a short amount of time. For example, while it is possible to crack an RSA encrypted message, it is unlikely that it could be done without a tremendous amount of time + resources (assuming a large key).
A short amount of time is a very fuzzy concept. "Intractable problems" from a few years ago are being solved today. Who knows what'll happen in the coming years? Proven mathematical impossibility can be very comforting in the face of unpredictable future developments.
I agree with the idea that some other encryption schemes are good enough, so long as nobody cares about your encrypted data enough to want to hang on to it to decode it even if they can't manage it for years.
Also, your thoughts on security "even if your computers were seized" is wrong. If you or your recipient had that block of "random data" on their computer (or cd or whatever), it would be not too intensive to crack the encrypted messages still stored on either computer. OTP encryption is nearly useless as far as digital data is concerned.
Kindly note that I qualified this statement with "If you both deleted the used key data after communicating, and he deleted the message after reading it". In the case I was referring to, there wouldn't be any "still stored" messages or key data you are talking about them using. Of course, you would have to take inconvenient precautions to prevent this from happening. The exceptional situation you are referring to is analogous to someone bursting into the room while you are editing a message; it is also solvable by similar means: only take messages at pre-arranged times, have your system configured to auto-delete when you aren't there to receive, and have your system configured with a panic-button or deadman switch which you man while receiving to auto-delete if you are interfered with. The alternative is special hardware rigged with self-destruct mechanisms. Of course, now we are talking about some ridiculous extreme spy-vs-spy security; most sane people would be happy with an auto-decode and cleanup on reception and encryption in a less secure fashion for those messages which are being temporarily stored before being read (actually most sane people are happy without encrypting their email...). The point I was making is that once you're done with a message and you've cleaned up after yourself, it's utterly gone, no matter who has recorded the insecure transmission or what they're willing to spend on decoding it.
The thing about OTP keys, is that they don't come in fixed sizes. The key's size for a message is equal to the message size. So you just initially transfer as much key data as you want and then use what you need as you need it.
So if you share a few gigabytes of random data with a friend, everytime you want to send a message, you chop out an appropriate quantity of noise, use that as the key and never use it again. Of course, you'd have to take care that you and your friend were using the same piece of data for the same message, but that's trivial (prefix to the message the offset into the data table you gave, or something similar).
Indeed, though, they are called One Time Pads for a reason. If you reuse a key, or part of a key, the key (or part) can be cracked.
The point that many people seem to be missing is that you can transfer key data for an arbitrary amount of communication at one time. You don't have to be constantly couriering keys for each individual message. You don't need the message to make the key.
"you should be destroying the keys as you send messages" I agree, if you are worried about someone seizing the storage media. A basic assumption of OTP is that the keys are being stored securely and used on a secure machine. Anyway a CD-RW would be just as easy to send, if a little more expensive.
OTPs are perfectly fine for long-term, low-bandwidth communication, and you don't have to worry about some new magic black box (like a quantum computer) coming along five years down the road and having all your old messages that someone stored instantly open, or ever having to update your encryption software (your keys, OTOH...).
Imagine having a smart bank card that stored enough OTP key for a year's worth of transactions. Once a year (or time unit X), you'd have to feed it into your presumably secure local branch computer, which wouldn't be too inconvenient. It could be the only long-term (as in credits for the Galactic Republic, though it might become necessary much sooner) solution for verifiable money.
Also, OTP is not "strictly one-to-one," it is like any other symmetric reversible encryption (except, as I said, that the keys are large and are consumed on use, and it is unbreakable). It can be "group-member-to-group", where everyone with the key data can send and receive messages to everyone else. I suppose I'm splitting hairs here.
BTW, I never said it was a good general replacement for public-key encryption, or securing your data in an insecure storage location.
>"OTPs are not useful in general computing. Period. Any attempt to pretend that they are is foolish, and gives a false sense of security."
I don't know how to argue this one, since "general computing" is too fuzzy a term to argue with. One could well argue that encryption in general or 3d cards have no use in "general computing." I agree it's excessively troublesome for the typical user who doesn't care if the FBI or a rival corporation is listening, or if it might be cracked in a few years. I certainly don't see how, when correctly used, it could give anyone a false sense of security, unlike encryption schemes that can be broken by sufficiently motivated groups.
Launch facilities are expensive enough without building a train up the side of a mile-high mountain that can throw the shuttle straight up at 200 mph.
And 200 mph is not a huge fraction of escape velocity, nor is a mile up a huge fraction of the distance to orbit.
Most air-lift launches have the primary purpose of being able to use nice cheap (or at least pre-existing) airports to launch rockets, instead of having to make a big launch platform et c., not so much to gain the speed and altitude that the carrier plane provides.
People have a lot of trouble with the definition of "random number". The key to OTP being unbreakable is that the numbers be unpredictable and well-distributed, with no predictable statistical trends (hmm, I suppose that's an okay definition of random).
There are two basic acceptable ways to get gigabytes of useable OTP key: use theoretically sound true random numbers (the better way), or use a totally personal source of more-or-less random numbers (more or less a type of security through obscurity, with the same major pitfalls that you might screw it up or others who worked on it might betray you).
The first and best method is better covered by more knowledgable people. I'm not entirely sure it exists. There is a theory for generating psuedo-randoms, but that's totally different. The only way to really follow this may be to have a hardware device that generates quantum mechanical noise.
The important thing in using the second method is not to follow any sort of standard method. Pick a random mpeg file, use the numbers as keys in a pseudo-random generator (one key to one pseudo-random; yes, it's predictable and reversible, but most manipulations will be, the important thing is that the data they work on won't be), then use those numbers as offsets to pick out bytes of pi. Roll dice to choose a number to xor an audio file by, then take counts of occurances of each byte value and then partially normalize them to a dice-determined extent by pseudo-randomly (with a dice-generated key) changing the common ones to rare ones. Actually, don't do those things, because if they seem obvious others are probably doing it too. Change approaches each time you decide to whip up a new batch of key. The important thing here is that your approach is original and not standard, so the people who try to make educated guesses based on statistical trends won't have any statistical trends to work from. If they don't _know_ that there are statistical trends, they can't just assume it and get something useful. Of course, these assertions are unprovable; but, IMHO, that a sequence of numbers is truly random is never proven, merely plausible.
People are complaining about how useless OTP is, but it does have some extremely valuable uses.
After an initial secure communication of random bytes, you can send the same amount of data over insecure communication routes in absolutely perfect security.
Think of it; if you sent a CD-Rs of random noise to a friend, you could probably email securely with him for the rest of your life. Nobody could ever crack it, no matter how many billions of dollars worth of computer equipment, no matter how much computers improve, no matter how many millenia they spend on it. If you both deleted the used key data after communicating, and he deleted the message after reading it, nobody could ever know what you told him, even if your computers were seized.
Other reversible encryption schemes merely make it hard to decrypt a message. A large government agency with sufficient resources might do it, or a distributed effort, or a new computing technology might make it cheap and simple. If you encrypt and communicate something that can be damaging to you even 20 years in the future, it will hang over your head like the sword of Damocles for the rest of your life, unless you used OTP.
Any reversible data encryption requires that you use an inherently secure communication channel to send a key to the recipient before you can use insecure channels to securely communicate with him. It's just that in this case the key is large and can get used up. Since the only really inherently secure communication channel is handing someone a disk with the data, why bother with a short key? Disks are cheap, give him a few gigabytes of OTP and be perfectly secure.
I'm beginning to think the best way to get a post moderated up is to suggest in the message body that it will be moderated down, unless it's to have been moderated down and then post a reply under another name that it has been moderated down unfairly (it's controversial, it must be good).
I wonder whether every moderator just thinks the rest are real bastards or if they think they have to defend the moderation system.
...
Oh yeah, almost forgot...
This post is sure to be moderated down! The evil moderators are out to get me!
...just harder to make. Microcontrollers are cheap, and if they wanted to use bigger brains, they could just hook up their remote controls to their comptuters.
...now let's see them get rid of "Let's go!", "Where do you want to go today?", "Just do it!", and all other English phrases in common daily use.
Marketing slogans shouldn't be trademarked. If the company wants that protection, they should use one of their trademark product names in their slogan.
I hate it when people use this kind of a tactic. It's real battle-axe dipped in poison; if you keep talking you're "too far gone to even admit it," if you shut up you're implicitly confirming that the accusation is accurate.
Would you have said the same thing if I wrote, "they know they're above the petty interests of the typical moron, and don't expect these idiots to understand any remotely interesting conversation." ? It's closer to what I really meant, but I do try to be polite.
Damn, I hate the term "geek." Not so much because of the negative connotation, but because it can also mean just someone unpopular or generally inferior (this being what people mean when they use it derogatively). If that's what we're talking about, of course they have low self esteem. I'm talking about hackers (okay, not a whole lot better term...); great programmers who get jobs for >$70k/y (or equivalent status/lifestyle rewards). These people have big egos, no matter how outwardly mild they are.
I think property is a natural extension of territoriality (not to mention hoarding nuts and guarding a kill). Most animals say "this is mine, back the hell off!" so why should humans be different? Of course, humans are different, in that within societies which have property law, the entire society (rather than the individual) acts with coercive force to protect undefendable accumulations of property (in an anarchy, the accumulations are still often protected by hired guards or by group ownership; that's how governments grow).
OTOH, I find the concept of inheritance to be unnatural and the root of societal instability.
BTW: I am not an idealist. I don't agree with the sentiment that it would be nice if everyone would just share. We'd either overpopulate, stagnate, or become like hive insects with no regard for the individual; it all just seems so pointless. Personally, I prefer the chaos and war to a utopian society. I'd rather steal my food from the mouths of my enemies children than live without having to struggle for anything. But that's just me; most people don't know they really prefer the pain and the struggle of nature, even though they recoil with horror from the depictions of a blissful human hive.
The simple fact is that religion correlates inversely with intelligence and education. This isn't to say that all geniuses or PhD's are athiests or all morons are cultists, it's just a statistical trend. Highly intelligent people who are religious also tend to have unorthodox views about their religion, and often reject the teachings of their original church entirely. Similarly, the most deeply religious (in an orthodox sense) people tend to be of below average intelligence.
There are many counter-examples but the general correlation is solid.
Geeks tend to be pretty bright and highly educated, so they tend to be either athiest, agnostic, or have made up their own religion ("I believe in a God of some sort, but not the Bible.").
(I'm a theoretical agnostic, a practical atheist, and a linguistic Christian: I believe we can't know whether there's a God, I act like there is no God, but I yell "Christ!" when I stub my toe.)
Anarchists are generally opposed to coercive governments. Property law can be described as the right to use the coercive force of the government (police and army) to deny others the use of certain things.
Many anarchists look at things this way and take a "use it or lose it" attitude that if you don't have an item under your personal protection, nobody else should be bothered to stop others from taking it. This especially applies to land use rights: a common anarchist position is that there should be no such things as landlords and tenants.
In this way, anarchism often resembles socialism in a practical sense of property not being protected by law.
Yeah, you say libertarianism I say anarchism, the two are closely related: libertarians say they want freedom, anarchists say they don't want anyone controlling them (and they both want others to have the same situation); same thing.
I don't really think that one fits. In my experience, they know they don't really fit into mainstream society and don't expect normal people to be interested in them, but have high opinions of themselves (with a kind of prideful humility: "I am great, but not the greatest, and even the greatest is insignificant in many contexts").
Slashdot Mirror
I read Microserfs, and I thought it was the most pointless and boring story I ever read. I didn't care about the characters (or is that "caricatures"?) and I couldn't find anything remotely resembling a plot.
This is an excellent idea. An internet appliance in every home should be written into the constitution. Webcams should be made mandatory, to avoid the perils of internet addiction (and other various dangers).
The responsible organization could be called:
Bureau of
Internet access
Grants for
Blacks and other
Racial minorities
Otherwise
Too poor to
Have
Equal access
Rights
I've considered my palm a computer, though a primitive one, ever since I learned to XOR the position of one finger against another. Naturally, it becomes far more powerful when hooked up to the standard "peripherals": a paper and pencil; or networks with a far more powerful computer through a keyboard interface.
8P
And yet, Jethro, you don't deny the charges. "How do you know?" indeed. Many a dishonest soul lacks the courage to lie outright.
1) Your ignorance makes it clear that you are no doctor.
2) The foundation of the concept of first aid is that it is a temporary measure until a doctor can be reached.
For the rest, I'm assuming what seems probable, and which you haven't directly denied even after you responded. Also, the words of your original post reek of self-righteous certainty, and you make no mention of a moral dilemma. Given the way you boast of your foolish and misguided "rescue," I'm sure you would have loved to add to the drama with a depiction of any but the most mundane setting.
He doesn't deserve to be insulted, when he misunderstood a harmless situation, forced a useless "remedy," and goes around telling people how he saved this girl's life?
If he really believed she had potentially fatally low blood pressure, the intelligent thing to do would be to call 911 and/or take her to the emergency room ASAP. Knowing the situation and his intentions, what he did was a crime (both legally and ethically): he was practicing emergency medicine without a licence (as opposed to providing first aid until a doctor or other medical professional could be reached). If she really had been in trouble, she would have died anyway, even with that quack remedy; he could have been liable for manslaughter charges.
Yeah, that's the kind of person we need more of.
I don't care how they think they're making it secure, if a PalmPilot can read it, so can a PalmPilot emulator. From there, you can either hack the emulator to get the text or do screen grabs and text recognition on perfectly accurate, identical characters. Assuming, of course, that you don't just crack the encryption and decode directly to plain text.
I don't think non-profit illegal book copying has been a big problem in the past, but it will be now. IMHO, the reason people aren't passing out many illegally copied books over the internet is that it takes so much time and effort to scan in the pages, do text recognition, and correct the errors, and also how convenient it is to just lend books you've bought (I mean, if you can share it with your friends already, who would bother scanning it?).
It's a recipe for disaster (or at least minor to moderate profit reductions) for the publishing companies, and not exactly great for the authors either.
Go read my top-level post for this article: "The Value of OTP"
It's not utterly useless, just not very useful for the typical person at this point in time. Diplomats, spies, business executives, politicians, criminals, revolutionaries, and terrorists could find it invaluable (not necessarily a good thing for humanity in general...) and I think that in the long term it could become the only useful form of encryption and possible the base of all commerce.
There is no one best encryption protocol for all circumstances. There's no sense in using a public key protocol to protect the contents of your hard drive, and reversible encryption is not secure enough for many password systems. There's no current practical reason to use OTP for anything that does not have to be permanently and perfectly secure.
l .html
I don't mean to endorse the general use of OTP for routine emails and such (I'll admit it sounded like I did in my original post; I cut out as obvious a part I typed about the needless expense and the typically limited need for security, but forgot to change the "it's perfectly secure! and not that expensive" contrast piece at the end). I agree that it is a waste of effort for most people.
The point was that OTP is the only reversible general encryption scheme that is absolutely unbreakable when correctly done (dumb codes are also unbreakable, and potentially unrecognizable as well, but not general). Not expensive to break, not impossible to break in a human lifetime using modern computers, but absolutely unbreakable. It is also practical even for individuals with typical cheap home computers, certainly a needless expense for most, but a relatively small one, and still feasible.
I certainly believe OTP will become more important in the future, as exotic computing technologies emerge and change the rules about what is intractable. They may well become the foundation of commerce as everything becomes copyable and all material products are commoditized, leaving no form of portable and quantifiable wealth.
Your suggestion that investigators can read data from your hard drive after you've deleted them, is very interesting. I hadn't really thought of that, but the principle is still true, if you really clean up after yourself properly (which is a lot more bother than I thought, though still feasible).
Here's a good article on the problems and how to try to get around them (it's more complicated than I first thought, and gives interesting insights into harddrive function if you have as naive a view of the encoding on such devices as I did; very interesting reading indeed):
http://www.cs.auckland.ac.nz/~pgut001/secure_de
Hard? I think the word you mean to use is intractable, which is to say possible but unlikely in a short amount of time. For example, while it is possible to crack an RSA encrypted message, it is unlikely that it could be done without a tremendous amount of time + resources (assuming a large key).
A short amount of time is a very fuzzy concept. "Intractable problems" from a few years ago are being solved today. Who knows what'll happen in the coming years? Proven mathematical impossibility can be very comforting in the face of unpredictable future developments.
I agree with the idea that some other encryption schemes are good enough, so long as nobody cares about your encrypted data enough to want to hang on to it to decode it even if they can't manage it for years.
Also, your thoughts on security "even if your computers were seized" is wrong. If you or your recipient had that block of "random data" on their computer (or cd or whatever), it would be not too intensive to crack the encrypted messages still stored on either computer. OTP encryption is nearly useless as far as digital data is concerned.
Kindly note that I qualified this statement with "If you both deleted the used key data after communicating, and he deleted the message after reading it". In the case I was referring to, there wouldn't be any "still stored" messages or key data you are talking about them using. Of course, you would have to take inconvenient precautions to prevent this from happening. The exceptional situation you are referring to is analogous to someone bursting into the room while you are editing a message; it is also solvable by similar means: only take messages at pre-arranged times, have your system configured to auto-delete when you aren't there to receive, and have your system configured with a panic-button or deadman switch which you man while receiving to auto-delete if you are interfered with. The alternative is special hardware rigged with self-destruct mechanisms. Of course, now we are talking about some ridiculous extreme spy-vs-spy security; most sane people would be happy with an auto-decode and cleanup on reception and encryption in a less secure fashion for those messages which are being temporarily stored before being read (actually most sane people are happy without encrypting their email...). The point I was making is that once you're done with a message and you've cleaned up after yourself, it's utterly gone, no matter who has recorded the insecure transmission or what they're willing to spend on decoding it.
The thing about OTP keys, is that they don't come in fixed sizes. The key's size for a message is equal to the message size. So you just initially transfer as much key data as you want and then use what you need as you need it.
So if you share a few gigabytes of random data with a friend, everytime you want to send a message, you chop out an appropriate quantity of noise, use that as the key and never use it again. Of course, you'd have to take care that you and your friend were using the same piece of data for the same message, but that's trivial (prefix to the message the offset into the data table you gave, or something similar).
Indeed, though, they are called One Time Pads for a reason. If you reuse a key, or part of a key, the key (or part) can be cracked.
The point that many people seem to be missing is that you can transfer key data for an arbitrary amount of communication at one time. You don't have to be constantly couriering keys for each individual message. You don't need the message to make the key.
"you should be destroying the keys as you send messages" I agree, if you are worried about someone seizing the storage media. A basic assumption of OTP is that the keys are being stored securely and used on a secure machine. Anyway a CD-RW would be just as easy to send, if a little more expensive.
OTPs are perfectly fine for long-term, low-bandwidth communication, and you don't have to worry about some new magic black box (like a quantum computer) coming along five years down the road and having all your old messages that someone stored instantly open, or ever having to update your encryption software (your keys, OTOH...).
Imagine having a smart bank card that stored enough OTP key for a year's worth of transactions. Once a year (or time unit X), you'd have to feed it into your presumably secure local branch computer, which wouldn't be too inconvenient. It could be the only long-term (as in credits for the Galactic Republic, though it might become necessary much sooner) solution for verifiable money.
Also, OTP is not "strictly one-to-one," it is like any other symmetric reversible encryption (except, as I said, that the keys are large and are consumed on use, and it is unbreakable). It can be "group-member-to-group", where everyone with the key data can send and receive messages to everyone else. I suppose I'm splitting hairs here.
BTW, I never said it was a good general replacement for public-key encryption, or securing your data in an insecure storage location.
>"OTPs are not useful in general computing. Period. Any attempt to pretend that they are is foolish, and gives a false sense of security."
I don't know how to argue this one, since "general computing" is too fuzzy a term to argue with. One could well argue that encryption in general or 3d cards have no use in "general computing." I agree it's excessively troublesome for the typical user who doesn't care if the FBI or a rival corporation is listening, or if it might be cracked in a few years. I certainly don't see how, when correctly used, it could give anyone a false sense of security, unlike encryption schemes that can be broken by sufficiently motivated groups.
It would be very, very expensive.
Launch facilities are expensive enough without building a train up the side of a mile-high mountain that can throw the shuttle straight up at 200 mph.
And 200 mph is not a huge fraction of escape velocity, nor is a mile up a huge fraction of the distance to orbit.
Most air-lift launches have the primary purpose of being able to use nice cheap (or at least pre-existing) airports to launch rockets, instead of having to make a big launch platform et c., not so much to gain the speed and altitude that the carrier plane provides.
This is for secure communication, not a way to keep your storage secure.
People have a lot of trouble with the definition of "random number". The key to OTP being unbreakable is that the numbers be unpredictable and well-distributed, with no predictable statistical trends (hmm, I suppose that's an okay definition of random).
There are two basic acceptable ways to get gigabytes of useable OTP key: use theoretically sound true random numbers (the better way), or use a totally personal source of more-or-less random numbers (more or less a type of security through obscurity, with the same major pitfalls that you might screw it up or others who worked on it might betray you).
The first and best method is better covered by more knowledgable people. I'm not entirely sure it exists. There is a theory for generating psuedo-randoms, but that's totally different. The only way to really follow this may be to have a hardware device that generates quantum mechanical noise.
The important thing in using the second method is not to follow any sort of standard method. Pick a random mpeg file, use the numbers as keys in a pseudo-random generator (one key to one pseudo-random; yes, it's predictable and reversible, but most manipulations will be, the important thing is that the data they work on won't be), then use those numbers as offsets to pick out bytes of pi. Roll dice to choose a number to xor an audio file by, then take counts of occurances of each byte value and then partially normalize them to a dice-determined extent by pseudo-randomly (with a dice-generated key) changing the common ones to rare ones. Actually, don't do those things, because if they seem obvious others are probably doing it too. Change approaches each time you decide to whip up a new batch of key. The important thing here is that your approach is original and not standard, so the people who try to make educated guesses based on statistical trends won't have any statistical trends to work from. If they don't _know_ that there are statistical trends, they can't just assume it and get something useful. Of course, these assertions are unprovable; but, IMHO, that a sequence of numbers is truly random is never proven, merely plausible.
People are complaining about how useless OTP is, but it does have some extremely valuable uses.
After an initial secure communication of random bytes, you can send the same amount of data over insecure communication routes in absolutely perfect security.
Think of it; if you sent a CD-Rs of random noise to a friend, you could probably email securely with him for the rest of your life. Nobody could ever crack it, no matter how many billions of dollars worth of computer equipment, no matter how much computers improve, no matter how many millenia they spend on it. If you both deleted the used key data after communicating, and he deleted the message after reading it, nobody could ever know what you told him, even if your computers were seized.
Other reversible encryption schemes merely make it hard to decrypt a message. A large government agency with sufficient resources might do it, or a distributed effort, or a new computing technology might make it cheap and simple. If you encrypt and communicate something that can be damaging to you even 20 years in the future, it will hang over your head like the sword of Damocles for the rest of your life, unless you used OTP.
Any reversible data encryption requires that you use an inherently secure communication channel to send a key to the recipient before you can use insecure channels to securely communicate with him. It's just that in this case the key is large and can get used up. Since the only really inherently secure communication channel is handing someone a disk with the data, why bother with a short key? Disks are cheap, give him a few gigabytes of OTP and be perfectly secure.
Okay, you should moderate this down. It's totally redundant, I should have read the other replies.
Sorry, all.
I'm beginning to think the best way to get a post moderated up is to suggest in the message body that it will be moderated down, unless it's to have been moderated down and then post a reply under another name that it has been moderated down unfairly (it's controversial, it must be good).
I wonder whether every moderator just thinks the rest are real bastards or if they think they have to defend the moderation system.
...
Oh yeah, almost forgot...
This post is sure to be moderated down! The evil moderators are out to get me!
^_^
...just harder to make. Microcontrollers are cheap, and if they wanted to use bigger brains, they could just hook up their remote controls to their comptuters.
...now let's see them get rid of "Let's go!", "Where do you want to go today?", "Just do it!", and all other English phrases in common daily use.
Marketing slogans shouldn't be trademarked. If the company wants that protection, they should use one of their trademark product names in their slogan.
I don't think any governments are going to have a hard time switching over to 1k RSA if they consider this a real threat.
I hate it when people use this kind of a tactic. It's real battle-axe dipped in poison; if you keep talking you're "too far gone to even admit it," if you shut up you're implicitly confirming that the accusation is accurate.
Would you have said the same thing if I wrote, "they know they're above the petty interests of the typical moron, and don't expect these idiots to understand any remotely interesting conversation." ? It's closer to what I really meant, but I do try to be polite.
Damn, I hate the term "geek." Not so much because of the negative connotation, but because it can also mean just someone unpopular or generally inferior (this being what people mean when they use it derogatively). If that's what we're talking about, of course they have low self esteem. I'm talking about hackers (okay, not a whole lot better term...); great programmers who get jobs for >$70k/y (or equivalent status/lifestyle rewards). These people have big egos, no matter how outwardly mild they are.
I think property is a natural extension of territoriality (not to mention hoarding nuts and guarding a kill). Most animals say "this is mine, back the hell off!" so why should humans be different? Of course, humans are different, in that within societies which have property law, the entire society (rather than the individual) acts with coercive force to protect undefendable accumulations of property (in an anarchy, the accumulations are still often protected by hired guards or by group ownership; that's how governments grow).
OTOH, I find the concept of inheritance to be unnatural and the root of societal instability.
BTW: I am not an idealist. I don't agree with the sentiment that it would be nice if everyone would just share. We'd either overpopulate, stagnate, or become like hive insects with no regard for the individual; it all just seems so pointless. Personally, I prefer the chaos and war to a utopian society. I'd rather steal my food from the mouths of my enemies children than live without having to struggle for anything. But that's just me; most people don't know they really prefer the pain and the struggle of nature, even though they recoil with horror from the depictions of a blissful human hive.
The simple fact is that religion correlates inversely with intelligence and education. This isn't to say that all geniuses or PhD's are athiests or all morons are cultists, it's just a statistical trend. Highly intelligent people who are religious also tend to have unorthodox views about their religion, and often reject the teachings of their original church entirely. Similarly, the most deeply religious (in an orthodox sense) people tend to be of below average intelligence.
There are many counter-examples but the general correlation is solid.
Geeks tend to be pretty bright and highly educated, so they tend to be either athiest, agnostic, or have made up their own religion ("I believe in a God of some sort, but not the Bible.").
(I'm a theoretical agnostic, a practical atheist, and a linguistic Christian: I believe we can't know whether there's a God, I act like there is no God, but I yell "Christ!" when I stub my toe.)
Anarchists are generally opposed to coercive governments. Property law can be described as the right to use the coercive force of the government (police and army) to deny others the use of certain things.
Many anarchists look at things this way and take a "use it or lose it" attitude that if you don't have an item under your personal protection, nobody else should be bothered to stop others from taking it. This especially applies to land use rights: a common anarchist position is that there should be no such things as landlords and tenants.
In this way, anarchism often resembles socialism in a practical sense of property not being protected by law.
Yeah, you say libertarianism I say anarchism, the two are closely related: libertarians say they want freedom, anarchists say they don't want anyone controlling them (and they both want others to have the same situation); same thing.
I don't really think that one fits. In my experience, they know they don't really fit into mainstream society and don't expect normal people to be interested in them, but have high opinions of themselves (with a kind of prideful humility: "I am great, but not the greatest, and even the greatest is insignificant in many contexts").