We all know about the Roswell stories and there and hundreds of similar reliable situations throughout the last 50 years. Given that we know that extra-terrestrial life is and has been visiting the earth...
Wow. The leap from unidentified flying objects to "they must be aliens" leaves a gap in logic wider and deeper than the Grand Canyon!
I am sure the government has tested flying saucers in one form or another.
Why yes, they have. It's a sure thing, because the documents have bee de-classified and those involved in the work have talked about it. Hell, pictures from very early flight tests have been published.
The anti-gravity experiments they carried out surely had some successes.
Well now. That's not quite such a certain thing;-)
Kids of today will simply grow up to hold the attitude that literally everyone has made mistakes in their past, especially so while young, and most things a person did won't be held against them.
Maybe, even better, they will grow up to adults who realize that mild experimentation with alcohol and sex is normal, not even a "mistake". (Yes, teens will still make real mistakes, things they regret. But much of what these discussions refer to as "mistakes" are only "mistakes" from an extremely unhealthy puritanical view.)
Can't answer that question? Of course not. Yahoo is a holding company made up of numerous acquisitions. [wikipedia.org] If there's an identity buried in there somewhere, it's a Frankenstein's monster, stitched together out of spare parts. There's nothing cohesive about Yahoo, nothing that makes it special as a company, and there never was.
That's all true. But the question is whether or not that can be changed;-)
If a corporation's income were tax free (or if the base rate were significantly lower) you would simply see everyone in the country start their own one-owner corporation and proceed to funnel all of their income in and out, tax free. See the problem?
Uhm, no, that wouldn't happen. When the income comes out, it's taxable--and in a 1-person corporation, it all comes out, or is taxed as if it does even if it doesn't.
In that case it is up to the user to enter a sufficiently long password. A 20 character password with mixed case, digits and symbols can easily hit 128 bits of entropy.
Well, that's a problem--you not only have to remember this passcode, you have to enter it into your phone every time you want to use it. This certainly biases cell phone passcodes to be less secure than users' average passwords, which is pretty bad.
But nonetheless, Apple gives you the ability to do so, and it's up to you to choose the compromise between security and convenience.
Couldn't law enforcement copy out the encrypted contents as well?
You'd think so. My guess: they could get the encrypted flash contents, but maybe the encrypted key is harder to get, since it has to be stored in a special location (maybe even deliberately hard to get). Get that key, and you're brute-forcing a 4 (or 8, or 10 maybe) character passcode to decrypt it. Get only the encrypted flash content, and you're brute-forcing the 128-bit key.
Can you absolutely confirm that you must enter a short passcode, rather than an arbitrary length password? Android allows the latter. If iOS only allows short numerical codes then... well, it's shit.
By "short", I meant significantly shorter than the hex (or base-64) version of a 128-bit key--not 4 or 6 digits. Default is 4 digits, but simply clicking the "simple passcode" option to off gets you a full keyboard for entry.
No, the backlog is 4 months. Nobody knows how long actual decryption takes, but the nature of these things is that it will either be minutes or thousands of years with a supercomputer dedicated to the task. Apple claims [apple.com] that it uses AES with a 128 bit key, so if they can unlock it that quickly they MUST have a backdoor to the encryption key.
It would be proof only if the user had to enter the 128-bit key to access the phone, but that of course is not the case. The user only enters a short passcode, so the key is stored somewhere in the device, protected only by whatever encryption/scrambling they can do to it with a relatively short passcode.
This is absolute proof that they have your encryption key on file somewhere. Others have already verified that they do indeed use AES 128.
It is proof of no such thing; your statement is absolutely wrong.
Now you know and knowing is half the battle. Don't buy iPhone.
Right, because, as the article points out:
Google takes a more privacy-protective approach: it "resets the password and further provides the reset password to law enforcement," the materials say, which has the side effect of notifying the user that his or her cell phone has been compromised.
Oh, good for google! Wait, why doesn't Apple just reset the password and provide the new password to law enforcement. Oh, yeah, right, better security--they can't just reset the password. And boy, how much better it is for the suspect's privacy that google notifies him. Let's see, he's been arrested, his phone seized, a warrant obtained to examine its contents--I'm sure he'd be so much more relieved if he were to get email from Apple when his pass code is cracked, because by god that is so important to his privacy!
You're kidding, right? The real issue is that Apple has a backdoor to decrypt its customers' private information. That is outrageous.
They don't have a backdoor. They just have the skills to get a copy of the encrypted data so they can bypass the 10-failure limit at the lock screen and brute-force the pass code.
Maybe the backdoor isn't so much the crypto format itself - it's in the password to decrypt. After all - these companies have a thing for you sharing information 'in the cloud', right? What's to stop them from simply posting your password somewhere central - for recovery purposes on your (and apparently, other people's) behalf? I reckon 90% of users would find it super-convenient!
If that were the case, there wouldn't be a backlog;-)
No, this is overall a bad thing: Apple is able and willing to break the encryption on an iPhone, presumably through a backdoor or brute force.
Brute force. 10 failed attempts at the lock screen results in the phone being wiped. But Apple can copy out the encrypted contents, and then keep guessing until they find the code, no matter how many tries.
Then again, we could all be mistakenly conflating "encryption" with "lock screen", which really speaks to the level of (in)competence on the part of law enforcement.
On the iPhone, same thing--when you set up the lock screen, it sets up a random key which is used to encrypt/decrypt data in-flight to the flash, so that nothing is stored decrypted. The passcode is used to de-scramble the key, which is stored in a special location...
Hubbert was a geologist working for an oil company. The fact that new discoveries come along, but at an ever slowing pace, was hardly something he wasn't aware of, and isn't a flaw in the theory.
The 50% is "50% of oil in the ground", not "50% of oil that we've discovered". The 100% doesn't move, other than at the pace of geological time frames.
That doesn't even make sense. At any point in time, what we think is 50% is, uhm, you know, base on what we think is 100%. That number keeps going up and up. But how much we used in the first century of use, somehow, manages to stay the same, and thus is a smaller and smaller portion of what we think the total in ground is.
Also, new discoveries have not been at "an ever-slowing pace".
Oil is a finite resource, it will inevitably run out eventually.
Read the article. Undersea methane hydrate is not a finite resource, and thus offers the potential to burn natural gas, and pump CO2 into the atmosphere, in vast quantities, forever.
Note that the first 50% of oil was mostly consumed in a century.
Except that it wasn't. We keep finding more and more, and that 50% keeps going down and down...
Well, in this context the word "oil" is ambiguous. It could mean a very specific thing, in which case the 50% is closer. Or it could mean anything that falls under the category "petroleum", which is the way I took it.
osx has just crappy pixel doubling for retina displays..
Bullshit. The text rendering engine properly uses the available resolution, and the major apps that use their own cross-platform rendering engines (MS, Adobe) have been updated. Vector graphics also get rendered properly at the actual screen resolution. Apple limits the APIs notion of screen resolution to "regular" and doubled just to make things easier on developers with regard to bitmapped graphics while avoiding crappy scaling of bitmapped graphics. (Of course applications that don't provide high-res versions wind up showing scaled-up versions, but applications that are actively maintained all show versions optimized for the current resolution, because they only have to provide a single extra high-res version to cover all cases.)
That there is a small minority of older developers who:
1) haven't learned anything new, beyond an absolute minimum necessary to scrape by, in 20 years
2) write awful code, using C as assembly or Ruby as C, for instance
3) still think that they have such massive depth of experience that they're head & shoulders above all others
4) lord it over younger developers, flaunting their delusion of superiority
5) most unfortunate of all, often have the trust of managers that have also been around a long time.
Like the archetype of any stereotype, these outliers have disproportionate influence on other people's experience and impressions, much more so than older developers who quietly excel and keep things running smoothly.
First of all, it's decades without an apostrophe you doof.
Apparently you are unaware that in modern usage an apostrophe no longer indicates possession or a contraction. It now indicates OMG WATCH OUT THERE IS AN "S" COMING UP NEXT!!!"
I believe that should be part of ANY copyright law. In order for copyright to be maintained. A work of art must be available for sale within a 5 year period. Stop selling it, and you lose your copyright.
Absolutely. Especially now that advances in technology have made small-run distribution much more affordable, from on-demand printing to e-books.
I'd better go tell my every gas station in the US, they're got a problem!
Well, as a matter of fact this was a problem for them. Many smaller stations that did marginal volume were forced out of business.
As far as your claim that you can't quantify the risks, why don't you try and do so? Here's a hint: It's doable. There are several ways you can do it, either from a geology direction (Hint: what are the characteristics of a hydrocarbon reservoir?) or from a public safety direction (Perhaps deaths and injuries/year? It's not like we don't have a massive amount of field testing from the past two decades.... Just to be fair, do a comparison to a comparison to the technology that cheap gas is reducing, which is coal).
OK, the question "stupid, or industry shill?" has been answered. There are problems with the industry's claims about the geology, and it's not all replacing coal.
You should note that I would not advocate for a ban, but rather much stricter oversight, which I'm sure you'll deride as unnecessary.
I hear that gasoline is toxic, and we pump that into our cars, so we better ban cars, too.
Stupidest comment ever??? We did ban underground gasoline storage tanks which were prone to leakage, precisely because we didn't want it put into the ground.
Slashdot Mirror
We all know about the Roswell stories and there and hundreds of similar reliable situations throughout the last 50 years. Given that we know that extra-terrestrial life is and has been visiting the earth...
Wow. The leap from unidentified flying objects to "they must be aliens" leaves a gap in logic wider and deeper than the Grand Canyon!
I am sure the government has tested flying saucers in one form or another.
Why yes, they have. It's a sure thing, because the documents have bee de-classified and those involved in the work have talked about it. Hell, pictures from very early flight tests have been published.
The anti-gravity experiments they carried out surely had some successes.
Well now. That's not quite such a certain thing ;-)
The proper term is "undocumented" planet!
Kids of today will simply grow up to hold the attitude that literally everyone has made mistakes in their past, especially so while young, and most things a person did won't be held against them.
Maybe, even better, they will grow up to adults who realize that mild experimentation with alcohol and sex is normal, not even a "mistake". (Yes, teens will still make real mistakes, things they regret. But much of what these discussions refer to as "mistakes" are only "mistakes" from an extremely unhealthy puritanical view.)
Can't answer that question? Of course not. Yahoo is a holding company made up of numerous acquisitions. [wikipedia.org] If there's an identity buried in there somewhere, it's a Frankenstein's monster, stitched together out of spare parts. There's nothing cohesive about Yahoo, nothing that makes it special as a company, and there never was.
That's all true. But the question is whether or not that can be changed ;-)
If a corporation's income were tax free (or if the base rate were significantly lower) you would simply see everyone in the country start their own one-owner corporation and proceed to funnel all of their income in and out, tax free. See the problem?
Uhm, no, that wouldn't happen. When the income comes out, it's taxable--and in a 1-person corporation, it all comes out, or is taxed as if it does even if it doesn't.
In that case it is up to the user to enter a sufficiently long password. A 20 character password with mixed case, digits and symbols can easily hit 128 bits of entropy.
Well, that's a problem--you not only have to remember this passcode, you have to enter it into your phone every time you want to use it. This certainly biases cell phone passcodes to be less secure than users' average passwords, which is pretty bad.
But nonetheless, Apple gives you the ability to do so, and it's up to you to choose the compromise between security and convenience.
Couldn't law enforcement copy out the encrypted contents as well?
You'd think so. My guess: they could get the encrypted flash contents, but maybe the encrypted key is harder to get, since it has to be stored in a special location (maybe even deliberately hard to get). Get that key, and you're brute-forcing a 4 (or 8, or 10 maybe) character passcode to decrypt it. Get only the encrypted flash content, and you're brute-forcing the 128-bit key.
Can you absolutely confirm that you must enter a short passcode, rather than an arbitrary length password? Android allows the latter. If iOS only allows short numerical codes then... well, it's shit.
By "short", I meant significantly shorter than the hex (or base-64) version of a 128-bit key--not 4 or 6 digits. Default is 4 digits, but simply clicking the "simple passcode" option to off gets you a full keyboard for entry.
Carriers lose money with phone subsidies for high-end smartphones (particularly Apple's iPhone).
This is a lie. They make less money than they do with lower-end phones, but they do not lose money. This quote exposes the source as a carrier shill.
No, the backlog is 4 months. Nobody knows how long actual decryption takes, but the nature of these things is that it will either be minutes or thousands of years with a supercomputer dedicated to the task. Apple claims [apple.com] that it uses AES with a 128 bit key, so if they can unlock it that quickly they MUST have a backdoor to the encryption key.
It would be proof only if the user had to enter the 128-bit key to access the phone, but that of course is not the case. The user only enters a short passcode, so the key is stored somewhere in the device, protected only by whatever encryption/scrambling they can do to it with a relatively short passcode.
This is absolute proof that they have your encryption key on file somewhere. Others have already verified that they do indeed use AES 128.
It is proof of no such thing; your statement is absolutely wrong.
Now you know and knowing is half the battle. Don't buy iPhone.
Right, because, as the article points out:
Google takes a more privacy-protective approach: it "resets the password and further provides the reset password to law enforcement," the materials say, which has the side effect of notifying the user that his or her cell phone has been compromised.
Oh, good for google! Wait, why doesn't Apple just reset the password and provide the new password to law enforcement. Oh, yeah, right, better security--they can't just reset the password. And boy, how much better it is for the suspect's privacy that google notifies him. Let's see, he's been arrested, his phone seized, a warrant obtained to examine its contents--I'm sure he'd be so much more relieved if he were to get email from Apple when his pass code is cracked, because by god that is so important to his privacy!
You're kidding, right? The real issue is that Apple has a backdoor to decrypt its customers' private information. That is outrageous.
They don't have a backdoor. They just have the skills to get a copy of the encrypted data so they can bypass the 10-failure limit at the lock screen and brute-force the pass code.
Maybe the backdoor isn't so much the crypto format itself - it's in the password to decrypt. After all - these companies have a thing for you sharing information 'in the cloud', right? What's to stop them from simply posting your password somewhere central - for recovery purposes on your (and apparently, other people's) behalf? I reckon 90% of users would find it super-convenient!
If that were the case, there wouldn't be a backlog ;-)
No, this is overall a bad thing: Apple is able and willing to break the encryption on an iPhone, presumably through a backdoor or brute force.
Brute force. 10 failed attempts at the lock screen results in the phone being wiped. But Apple can copy out the encrypted contents, and then keep guessing until they find the code, no matter how many tries.
Then again, we could all be mistakenly conflating "encryption" with "lock screen", which really speaks to the level of (in)competence on the part of law enforcement.
On the iPhone, same thing--when you set up the lock screen, it sets up a random key which is used to encrypt/decrypt data in-flight to the flash, so that nothing is stored decrypted. The passcode is used to de-scramble the key, which is stored in a special location...
Hubbert was a geologist working for an oil company. The fact that new discoveries come along, but at an ever slowing pace, was hardly something he wasn't aware of, and isn't a flaw in the theory.
The 50% is "50% of oil in the ground", not "50% of oil that we've discovered". The 100% doesn't move, other than at the pace of geological time frames.
That doesn't even make sense. At any point in time, what we think is 50% is, uhm, you know, base on what we think is 100%. That number keeps going up and up. But how much we used in the first century of use, somehow, manages to stay the same, and thus is a smaller and smaller portion of what we think the total in ground is.
Also, new discoveries have not been at "an ever-slowing pace".
Oil is a finite resource, it will inevitably run out eventually.
Read the article. Undersea methane hydrate is not a finite resource, and thus offers the potential to burn natural gas, and pump CO2 into the atmosphere, in vast quantities, forever.
Note that the first 50% of oil was mostly consumed in a century.
Except that it wasn't. We keep finding more and more, and that 50% keeps going down and down...
Well, in this context the word "oil" is ambiguous. It could mean a very specific thing, in which case the 50% is closer. Or it could mean anything that falls under the category "petroleum", which is the way I took it.
osx has just crappy pixel doubling for retina displays..
Bullshit. The text rendering engine properly uses the available resolution, and the major apps that use their own cross-platform rendering engines (MS, Adobe) have been updated. Vector graphics also get rendered properly at the actual screen resolution. Apple limits the APIs notion of screen resolution to "regular" and doubled just to make things easier on developers with regard to bitmapped graphics while avoiding crappy scaling of bitmapped graphics. (Of course applications that don't provide high-res versions wind up showing scaled-up versions, but applications that are actively maintained all show versions optimized for the current resolution, because they only have to provide a single extra high-res version to cover all cases.)
That there is a small minority of older developers who:
1) haven't learned anything new, beyond an absolute minimum necessary to scrape by, in 20 years
2) write awful code, using C as assembly or Ruby as C, for instance
3) still think that they have such massive depth of experience that they're head & shoulders above all others
4) lord it over younger developers, flaunting their delusion of superiority
5) most unfortunate of all, often have the trust of managers that have also been around a long time.
Like the archetype of any stereotype, these outliers have disproportionate influence on other people's experience and impressions, much more so than older developers who quietly excel and keep things running smoothly.
First of all, it's decades without an apostrophe you doof.
Apparently you are unaware that in modern usage an apostrophe no longer indicates possession or a contraction. It now indicates OMG WATCH OUT THERE IS AN "S" COMING UP NEXT!!!"
I believe that should be part of ANY copyright law. In order for copyright to be maintained. A work of art must be available for sale within a 5 year period. Stop selling it, and you lose your copyright.
Absolutely. Especially now that advances in technology have made small-run distribution much more affordable, from on-demand printing to e-books.
Underground gasoline storage tanks are banned????
Not all of them, just the type prone to leakage.
I'd better go tell my every gas station in the US, they're got a problem!
Well, as a matter of fact this was a problem for them. Many smaller stations that did marginal volume were forced out of business.
As far as your claim that you can't quantify the risks, why don't you try and do so? Here's a hint: It's doable. There are several ways you can do it, either from a geology direction (Hint: what are the characteristics of a hydrocarbon reservoir?) or from a public safety direction (Perhaps deaths and injuries/year? It's not like we don't have a massive amount of field testing from the past two decades.... Just to be fair, do a comparison to a comparison to the technology that cheap gas is reducing, which is coal).
OK, the question "stupid, or industry shill?" has been answered. There are problems with the industry's claims about the geology, and it's not all replacing coal.
You should note that I would not advocate for a ban, but rather much stricter oversight, which I'm sure you'll deride as unnecessary.
I hear that gasoline is toxic, and we pump that into our cars, so we better ban cars, too.
Stupidest comment ever??? We did ban underground gasoline storage tanks which were prone to leakage, precisely because we didn't want it put into the ground.
Well, goddamn, you actually are retarded. Or an industry shill.