NSA broke DES before anyone else did, and they fixed DES to make more resistant agaist that kind of attack. Only much later did anyone outside NSA break DES thru differential cryptanalysis, and by that point (late 80s/early90s, iirc), it was becoming practical to simply brute-force DES. --
Why are you slashdotters so paranoid of the NSA? It stands for National Security Agency. NSA are not the bad guys; it's the big corporations and bureaucrats that we need to worry about.
Back in the 70's the NSA delayed the release of DES, for reasons which they could not disclose at the time.
NSA knew of a then-classified attack against DES known as differential cryptanalysis. NSA could not disclose why they delayed the release of DES, they could only say that they were still working on it. Lots of people speculated NSA was inserting a "secret backdoor", when actually they were ensuring the national standard for data encryption would be secure against even secret attacks than only NSA knew about at the time.
Of course, the complete design criteria for DES were not published at that time. Since not all of the steps in the algorithm seemed logical at the time, people got real suspicious. AES, on the other hand, is pretty straightforward.
For more background, check out this history of DES, or Eli Biham'sthese papers on differential cryptanalysys. --
Sounds like a good idea, but you've got to consider that compressed gas can be dangerous. My friends and I used to build compressed-air powered spud cannons that would throw a potato several hundred yards with less than 100 psi.
Any one remember seeing this one around?:
The Sleeping Giant
I am a high pressure, compressed gas cylinder.
I stand 57 inches tall.
I am 9 inches in diameter.
I weigh in at 155 pounds when filled.
I am pressurized at 2,200 pounds per square inch (psi).
I have a wall thickness of about 1/4 inch.
I wear a regulator and hose when at work.
I wear a label to identify the gas I am holding. My color is not the answer.
I transform miscellaneous stacks of material into glistening ships and many other things - when properly used.
I transform glistening ships and many other things into miscellaneous stacks of material - when allowed to unleash my fury unchecked, I can be ruthless and deadly in the hands of the careless and uninformed.
I am too frequently left standing alone on my small base without other visible means of support - my cap removed by an unthinking worker.
I am ready to be toppled over - when my naked valve can be damaged or even snapped off - and all my power unleashed through an opening no larger than a lead pencil.
I am still proud of my capabilities - here are a few of them:
I have on rare occasions been known to jet away - faster than any dragster.
I might smash my way through brick walls.
I might even fly through the air.
I may spin, ricochet, crash and slash through anything in my path.
You can be my master, but only under these terms:
Full or empty - see to it that my cap is on, straight and snug.
Never -repeat- never leave me standing alone. Secure me so that I cannot fall. --
Re:It's "Back the Underdog" week!
on
The Rise Of QNX
·
· Score: 2
Well, actually . . . there's a group of ex-Amigans who are actively involved with QNX.
The Phoenix Consortium Our intention is to establish a migration path to a new Amiga-like platform and computing experience. By clearly defining the standards and specs Phoenix hardware and software developers will be using we thus provide a common basis for individual developers to proceed with their own development stategies. --
Re:The coolest things about QNX
on
The Rise Of QNX
·
· Score: 2
when was the last time you ran a driver in user space, had it crash, and restarted it without taking your system down for reboot?
egads! It's got a parallax stamp in it. Memories of ME451 class!
pbasic is not terribly powerful, even compared to other basics. While other students were building swiveling light sensors and robot cars for class, I managed to cram tetris onto a Stamp II. There weren't any LCD displays handy, so you had to play it over a serial cable. Fun project--very un-fun programming language. --
Aye they do, but do they have the sheer playabity of the classic adventure?
> TELL TOLAN ABOUT IF
Actually, interactive fiction is still developing. It depends on good writing skills, clever puzzles and good plots. Some of the more feature-enhanced interpreters out there let you use color, images and music, but they games themselves still have to be good in order to rank well in one of these contests.
There's a good list of modern IF games at Bals guide to IF. Inform, Hugo, and TADS are great game engines that are still going strong today. Get yourself an interpreter and download some games! --
You are standing in an open field, with a boarded front door. A small mailbox is here.
> OPEN MAILBOX Inside the small mailbox is: a leaflet
> GET LEAFLET Taken.
> READ LEAFLET "WELCOME TO SLASHDOT!"
SLASHDOT is a game of adventure, danger and low cunning. In it you will explre some of the most amazing territory ever seen by mortals. No compter should be without one!
A nasty-looking troll, brandishing a bloody axe, blocks all passages out of the discussion. Your sword has begun to glow very brightly.
> _
--
An Open Letter to Digital Convergence
on
CueCat At It Again
·
· Score: 2
Also posted at kart.dhs.org, the home of Mr T. vs the CueCat.
To DigitalConvergence, or to "whom it may concern",
I run the website kart.dhs.org, which hosts the BeClueCat decoder, listed here:
DigitalConvergence has been visiting my website since September 15th. Certainly they know I exist.
I have yet to receive a 'cease and decist' letter from your legal consels, Kenyon and Kenyon, and I feel left out. So many other people have received FedEx'ed letters "WITHOUT PREJUDICE [sic]", yet I have not.
Kenyon and Kenyon's neglect to C+D me might be construed as "prejudice", since so many others have gotten scary letters. As a BeOS user I realize that I'm part of a minority. Don't you care enough to send your goons after me too? Do I need to agree to a special cease and decist EULA before you can send me one? Perhaps it's because you don't have any contact info.
(name and address sent to Digital Convergence)
To put it in a nutshell:
Here I am. I'm looking for answers. If you have a beef with me, let's get in touch and I'll listen to your side of the story. If you want to play silly games, I and thousands of other individuals will continue to screw with you. Your business model is beyond flawed; it's despicable. Digital Convergence employees: get out now and cut your losses. --
Since leaving college last year, I've been missing the 'geek house' sort of lifestyle as well.
The major demographic in around here seems to be 30somethings with big trucks and small clues. I've heard rumors that the west side of Houston is nicer, but that would be an insane commute for me.
SWMG (single white make geek) seeks likeminded people. Interestests: Bikes, Unix, BeOS, aerospace.
Dislikes: suburban decay, bureaucracy, traffic. --
You don't really need a wacky Sun monitor. It's possible to install *bsd on a sparcstation with just a serial terminal. Once you've got it set up, you don't need a monitor anyway. --
Right on! This is exactly why Linux for SPARC is a cool thing. Geeks love esoteric hardware. SPARCstations may not be terribly fast, but they're cheap, very functional, and cool.
but if they allow you to put in place a web server on hardware actually designed for serving
Yup. They make great servers. Or, get a happymeal and set yourself up a decent router/firewall box. kart.dhs.org has been running on an old SS10 ever since I registered the name with dhs.org back in May. --
It should work on an IPC.
There are plenty of cool operating systemst that will run on an IPC. I probably haven't thought of them all, but your options (besides Sun) might include:
Mandrake: nice, but overkill for for such an old machine
RedHat: also overkill, but not quite as nice
NetBSD: "of course it runs NetBSD"
OpenBSD: Refined and actively developed on SPARCs.
Looking at SuSE's ftp site, I can see one directory with individual packages, and another one with four (FOUR?!) iso images. Where are the boot floppy images?
One thing about Sparcs, _bootable_ 512-bytes-per-block scsi cdrom drives are hard to come by. That's why many people with secondhand Sparcstations choose to do FTP or NFS installations, e.g.:
attach monitor + keyboard, or serial terminal, then power on...
*beep* Sun SPARCStation OpenPROM 2.x.xx blah blah insert floppy >boot floppybooting . . . . welcome to $OS_SETUP. press [space] to configure networking.configuation ensues. . . select FTP site . . . download . ..
A title like "Engines of Our Ingenuity" is suspiciously Katzish
That's the same thing I thought when I started hearing the radio shows. The show is pretty good, however, and I don't necessary have a problem with John Katz' articles either:P
KUHF 88.7 FM right here in Houston is the home station where John Lienhard does the Engines of Ingenuity show. It's one of the main reasons I listen to NPR in the morning.
There are transcripts of the show available at the University of Houston.
I have not authorized anybody to scan my computer.
That's okay, because nobody asked for your permission anyway. I can understand why one would be nervous about getting scanned, but if your system is secure, you have nothing to fear.
Anyhow, there's a legend about Werner Von Braun at NASA that goes like this: In the early days of the space program, Von Braun was in charge of the facilities at the Redstone Arsenal in Huntsville Alabama. They needed to build a large neutral bouyance tank to simulate weightlessness, so they just built one. Later when government officials were visiting, they saw the large tank and were upset that Von Braun never went through any red tape in Washington to get an official budget to build the tank.
<feds>: We never gave you permission to build the neutral buoancy tank! <VonBraun>: That's OK, I never asked;)
He had port sentry setup and it detected nmap as a DoS attack [and] port sentry shut down their ROUTER! He was some major security buff who just happened to maintain this mud server
Perhaps he was a buff, but he certainly didn't know what he was doing. LOL, good story. Unless they're stuck on a dialup connection, getting scanned hardly constitutes a denial of service attack. Running "nmap -sS" against 1024 ports will send exactly 1024 SYN packets (plus a RST to the ports which replied), so if you assume, say, 32 bits per packet and 0% loss, that scan will throw at most a whopping 12k of data transfer. Sheesh.
I think it's scary that any random sysadmin could write your ISP and get them to shut down your account over some perceived slight. Anybody else smell a social engineering exploit?
Using only one finger must get pretty tiring after awhile. Why limit yourself to just one finger when the majority of people have quite a few more fingers available?
Slashdot Mirror
NSA broke DES before anyone else did, and they fixed DES to make more resistant agaist that kind of attack. Only much later did anyone outside NSA break DES thru differential cryptanalysis, and by that point (late 80s/early90s, iirc), it was becoming practical to simply brute-force DES.
--
Good question. I've always been told it's pronounced like "RHEIN-DALL". We're just lucky there aren't any Ø's in the word ;-).
--
Back in the 70's the NSA delayed the release of DES, for reasons which they could not disclose at the time.
NSA knew of a then-classified attack against DES known as differential cryptanalysis. NSA could not disclose why they delayed the release of DES, they could only say that they were still working on it. Lots of people speculated NSA was inserting a "secret backdoor", when actually they were ensuring the national standard for data encryption would be secure against even secret attacks than only NSA knew about at the time.
Of course, the complete design criteria for DES were not published at that time. Since not all of the steps in the algorithm seemed logical at the time, people got real suspicious. AES, on the other hand, is pretty straightforward.
For more background, check out this history of DES, or Eli Biham'sthese papers on differential cryptanalysys.
--
... Microsoft ActivePerl shows up in Visual Studio.
--
Sounds like a good idea, but you've got to consider that compressed gas can be dangerous. My friends and I used to build compressed-air powered spud cannons that would throw a potato several hundred yards with less than 100 psi.
Any one remember seeing this one around?:
The Sleeping Giant
I am a high pressure, compressed gas cylinder.
I stand 57 inches tall.
I am 9 inches in diameter.
I weigh in at 155 pounds when filled.
I am pressurized at 2,200 pounds per square inch (psi).
I have a wall thickness of about 1/4 inch.
I wear a regulator and hose when at work.
I wear a label to identify the gas I am holding. My color is not the answer.
I transform miscellaneous stacks of material into glistening ships and many other things - when properly used.
I transform glistening ships and many other things into miscellaneous stacks of material - when allowed to unleash my fury unchecked, I can be ruthless and deadly in the hands of the careless and uninformed.
I am too frequently left standing alone on my small base without other visible means of support - my cap removed by an unthinking worker.
I am ready to be toppled over - when my naked valve can be damaged or even snapped off - and all my power unleashed through an opening no larger than a lead pencil.
I am still proud of my capabilities - here are a few of them:
I have on rare occasions been known to jet away - faster than any dragster.
I might smash my way through brick walls.
I might even fly through the air.
I may spin, ricochet, crash and slash through anything in my path.
You can be my master, but only under these terms:
Full or empty - see to it that my cap is on, straight and snug.
Never -repeat- never leave me standing alone. Secure me so that I cannot fall.
--
The Phoenix Consortium
Our intention is to establish a migration path to a new Amiga-like platform and computing experience. By clearly defining the standards and specs Phoenix hardware and software developers will be using we thus provide a common basis for individual developers to proceed with their own development stategies.
--
Just yesterday. BeOS.
--
egads! It's got a parallax stamp in it. Memories of ME451 class!
pbasic is not terribly powerful, even compared to other basics. While other students were building swiveling light sensors and robot cars for class, I managed to cram tetris onto a Stamp II. There weren't any LCD displays handy, so you had to play it over a serial cable. Fun project--very un-fun programming language.
--
> TELL TOLAN ABOUT IF
Actually, interactive fiction is still developing. It depends on good writing skills, clever puzzles and good plots. Some of the more feature-enhanced interpreters out there let you use color, images and music, but they games themselves still have to be good in order to rank well in one of these contests. There's a good list of modern IF games at Bals guide to IF. Inform, Hugo, and TADS are great game engines that are still going strong today. Get yourself an interpreter and download some games!
--
A small mailbox is here.
> OPEN MAILBOX
Inside the small mailbox is:
a leaflet
> GET LEAFLET
Taken.
> READ LEAFLET
"WELCOME TO SLASHDOT!"
SLASHDOT is a game of adventure, danger and low cunning. In it you will explre some of the most amazing territory ever seen by mortals. No compter should be without one!
A nasty-looking troll, brandishing a bloody axe, blocks all passages out of the discussion.
Your sword has begun to glow very brightly.
> _
--
To DigitalConvergence, or to "whom it may concern",
I run the website kart.dhs.org, which hosts the BeClueCat decoder, listed here:
http://www.bebits.com/app/1537/
DigitalConvergence has been visiting my website since September 15th. Certainly they know I exist.
I have yet to receive a 'cease and decist' letter from your legal consels, Kenyon and Kenyon, and I feel left out. So many other people have received FedEx'ed letters "WITHOUT PREJUDICE [sic]", yet I have not.
Kenyon and Kenyon's neglect to C+D me might be construed as "prejudice", since so many others have gotten scary letters. As a BeOS user I realize that I'm part of a minority. Don't you care enough to send your goons after me too? Do I need to agree to a special cease and decist EULA before you can send me one? Perhaps it's because you don't have any contact info. (name and address sent to Digital Convergence)
To put it in a nutshell:
Here I am. I'm looking for answers. If you have a beef with me, let's get in touch and I'll listen to your side of the story. If you want to play silly games, I and thousands of other individuals will continue to screw with you. Your business model is beyond flawed; it's despicable. Digital Convergence employees: get out now and cut your losses.
--
Since leaving college last year, I've been missing the 'geek house' sort of lifestyle as well.
The major demographic in around here seems to be 30somethings with big trucks and small clues. I've heard rumors that the west side of Houston is nicer, but that would be an insane commute for me.
SWMG (single white make geek) seeks likeminded people. Interestests: Bikes, Unix, BeOS, aerospace.
Dislikes: suburban decay, bureaucracy, traffic.
--
You don't really need a wacky Sun monitor. It's possible to install *bsd on a sparcstation with just a serial terminal. Once you've got it set up, you don't need a monitor anyway.
--
but if they allow you to put in place a web server on hardware actually designed for serving
Yup. They make great servers. Or, get a happymeal and set yourself up a decent router/firewall box. kart.dhs.org has been running on an old SS10 ever since I registered the name with dhs.org back in May.
--
There are plenty of cool operating systemst that will run on an IPC. I probably haven't thought of them all, but your options (besides Sun) might include:
--
One thing about Sparcs, _bootable_ 512-bytes-per-block scsi cdrom drives are hard to come by. That's why many people with secondhand Sparcstations choose to do FTP or NFS installations, e.g.:
attach monitor + keyboard, or serial terminal, then power on... .
*beep*
Sun SPARCStation OpenPROM 2.x.xx blah blah
insert floppy
>boot floppy booting . . . . welcome to $OS_SETUP. press [space] to configure networking. configuation ensues. . . select FTP site . . . download . .
How simple is that?
--
SuSE was my first distro, actually. It's pretty decent as long as you don't mind sorting through multiple gigs of extra packages and fluff.
:P
Nice to seem them supporting Sparc. I'd test it, but my box already runs OpenBSD just fine.
--
No shit! It has been rather obvious that Bluetooth is insecure for quite awhile now.
Now we get to watch them backpedal and spin while the techs scramble to kludge some kind of security into the protocol.
What would be better would be if someone started over FROM SCRATCH and designed a new wireless protocol, with security in mind from square one.
--
That's the same thing I thought when I started hearing the radio shows. The show is pretty good, however, and I don't necessary have a problem with John Katz' articles either :P
There are transcripts of the show available at the University of Houston.
That's okay, because nobody asked for your permission anyway. I can understand why one would be nervous about getting scanned, but if your system is secure, you have nothing to fear.
Anyhow, there's a legend about Werner Von Braun at NASA that goes like this: In the early days of the space program, Von Braun was in charge of the facilities at the Redstone Arsenal in Huntsville Alabama. They needed to build a large neutral bouyance tank to simulate weightlessness, so they just built one. Later when government officials were visiting, they saw the large tank and were upset that Von Braun never went through any red tape in Washington to get an official budget to build the tank.
<feds>: We never gave you permission to build the neutral buoancy tank! ;)
<VonBraun>: That's OK, I never asked
He was some major security buff who just happened to maintain this mud server
Perhaps he was a buff, but he certainly didn't know what he was doing. LOL, good story. Unless they're stuck on a dialup connection, getting scanned hardly constitutes a denial of service attack. Running "nmap -sS" against 1024 ports will send exactly 1024 SYN packets (plus a RST to the ports which replied), so if you assume, say, 32 bits per packet and 0% loss, that scan will throw at most a whopping 12k of data transfer. Sheesh.
I think it's scary that any random sysadmin could write your ISP and get them to shut down your account over some perceived slight. Anybody else smell a social engineering exploit?
$ finger @twosolutions.com
finger: non-recoverable failure in name resolution.
Using only one finger must get pretty tiring after awhile. Why limit yourself to just one finger when the majority of people have quite a few more fingers available?
You're right, cold fusion doesn't work very well on Earth. Maybe if we relocate all NT servers to the moon they will work better.