For an online community that largely values a scientific way of looking at things, I'm rather disappointed in slashdot every time the topic of airport scanners comes up. Unless my understanding of these scanners is dramatically incorrect, using the word "X-rays" is a misnomer. So far as I know, these scanners are using non-ionizing radiation. Nothing is getting 'nuked'. Even using these words in jest contribute to public fear of anything involving radiation.
Now, if you have objections to the TSA seeing you naked, that's a completely different topic. Likewise, if you think that non-ionizing radiation is more dangerous than it's generally thought to be, put down your cell phone and go live in the woods.
I have lots of issues with FIPS 140-2. Number one on the list is the fact that the list does more to constrain algorithms than to guarantee a good algorithm will be used.
Number two... people are afraid to upgrade to a newer OpenSSL with security patches for fear of loosing their precious $50,000 validation.
I also have issues with the self-testing requirements. It's a waste of CPU time. Why make people wait an extra half-second every time they open a program that uses encryption?
Uncle Sam already plays a heavy hand by defining standards that apply to software products that are sold to the US government. Ever hear of FIPS 140-2? The document that says exactly which encryption algorithms are allowed and not allowed? Both Microsoft and Linux vendors (RedHat, SuSE) have incorporated FIPS mode in their operating systems. Not surprisingly, these modes are generally turned off...
Slashdot Mirror
For an online community that largely values a scientific way of looking at things, I'm rather disappointed in slashdot every time the topic of airport scanners comes up. Unless my understanding of these scanners is dramatically incorrect, using the word "X-rays" is a misnomer. So far as I know, these scanners are using non-ionizing radiation. Nothing is getting 'nuked'. Even using these words in jest contribute to public fear of anything involving radiation.
Now, if you have objections to the TSA seeing you naked, that's a completely different topic. Likewise, if you think that non-ionizing radiation is more dangerous than it's generally thought to be, put down your cell phone and go live in the woods.
What possible good is re-encrypting the same test data every time you load the library? Either the algorithms are correct, or they're not.
I have lots of issues with FIPS 140-2. Number one on the list is the fact that the list does more to constrain algorithms than to guarantee a good algorithm will be used. Number two... people are afraid to upgrade to a newer OpenSSL with security patches for fear of loosing their precious $50,000 validation. I also have issues with the self-testing requirements. It's a waste of CPU time. Why make people wait an extra half-second every time they open a program that uses encryption?
Uncle Sam already plays a heavy hand by defining standards that apply to software products that are sold to the US government. Ever hear of FIPS 140-2? The document that says exactly which encryption algorithms are allowed and not allowed? Both Microsoft and Linux vendors (RedHat, SuSE) have incorporated FIPS mode in their operating systems. Not surprisingly, these modes are generally turned off...