used to know the leader of this project quite well, personally, and i can assure you the company in question did everything in it's power to deliver an honest specification and work. the problem was the australian government - it's damned near impossible to hit a specification moving at the speed of australian politics at the time.
is slashdot able to run two interfaces on one backend? if not - can that be fixed? if yes, as i said, be smarter than the board, carry both, wait and see.
nfc is a comms protocol, like bluetooth or ethernet, very timing sensitive, therefore best implemented on the kernel level. nfc is often used for payment systems, hen ce the conflation. am assuming - have no specific details.
um, in shannon, et al, the word "key" refers to the pad itself. so actually i'm not sure what you're saying here. did you mean "key reuse"? this applies to block ciphers, as i read it. what i think you are saying applies, once again, to block ciphers in counter mode, pretending to be one time pads, where the entropy in the key runs out, over time, as the block repeats.
one time pad is far more secure, the information gathered would have been useless, as it only applies to a transaction target would have already processed.
how is this comment rated 4, whereas the correct information, the parent, is currently only rated 2?
rsa is already busting it's square little heart trying to scramble your data, now you want another cipher to generate random noise to mask the regular patterns your initial cipher is making. what masks the patterns your new cipher produces - yet another cipher?
rsa works by doing the same little set of manipulations over and over, masked downstream by a counter and/or how compressed your data is. this set of manipulations manifests as a (probably not very) musical note which repeats itself over and over in the cacophony every machine radiates, and unfortunately it is the constant repetition which gives the game away.
unfortunately it is the blindly repetitive nature of the operation which makes rsa even vagely feasible given the vast amounts of data we expect it to cover, and i would guess that any attempt to counter this kind of attack would only make the situation worse.
as far as i can guess this kind of attack should be feasible on any block cipher.
did we not know this was coming?
block cipher in counter mode DOES NOT EQUAL csprng.
when you can afford either a phone or the internet, like me, it turns out, apparently, that i cannot get a phone line that will support a modem at all, anymore. it all goes digital shortly after it leaves my space anyway, i am told. yay. only wish i was living in the "third" world, fiber is cheaper than copper, and for my worth i would get a much better connection out there - i imagine - than anything the fubar over pots my north of merkin world is prepared to shaft me for here.
how are they allowed to pollute the moon like that? do we simply assume humans will never go there, or is 238 some kind of magic vanishing form of radiation, that will not simply sit there and radiate, as nuclear waste tends to do? we can safely assume, i assume, that shielding was not included in the 120kg design, or am i wrong? have they some legitimate excuse for this, or should we simply assume "some sources" are wrong about the plutonium, in the first place?
the level of technical incompetence in these 'trials' is jaw-dropping. every description of the techniques at issue was loaded with metaphors, attempts to explain the technology involved to the technically illiterate involved in deciding the matter. how many of the jury have the skills to write, or even maintain, an RC4 based SSL service?
admittedly not many of us do, but by which madness does anyone expect these people to have a clue?
i profess to know a little about how these things work, having been involved in the development of somewhat similar technology, and yet i cannot find in any of the disclosures sufficient information to even begin to construct a system similar to the one newegg is in trouble over. obviously the information is there, the mechanism in question is everywhere, but in the trial itself, the actual mechanism is considered irrelevant, a black box. that nobody involved is expected to understand.
blinded by science.
still, what do you expect from a nation created by a god?
what are the chances this matter will ever be tried by a jury of competent professionals - ie the actual peers of the people who actually wrote newegg's system? my impression is that this will continue to be haggled over by professionals of every field except the field in question, like a bunch of blind men haggling over the price of an elephant.
do not believe everything you read on the internet - abraham lincoln
stephen fry demonstrated a small 3D printed version he said came out of the printer complete - you only have to attach the turbine fan. the model was about palm sized, as far as i could tell, and appeared to work perfectly. this was on an episode of QI broadcast on BBC last year. the BBC also broadcast a series called "wallace and gromit's world of invention" quite a few years ago, in which those of us watching were introduced to theo and his creeptures.
i thought this was all old news, but apparently not in north america, where the media only talks about about cars, guns and crime.
they used the exploit at all - i gather the majority of these incursions are left hanging because the NutSoupAhats are smart enough to not want to get caught with their fingers in anyone savvy enough to bite.
Slashdot Mirror
am not on /. much anymore, because am in the midst of doing exactly this, only for pity sake - JUST SAY NO TO FRAMES.
polythene is a perfectly legitimate synonym. can you say aluminium? go on - give us all a laugh..
"user" is a good word for you, more power to the soda pusher and his profits, just cause that's what make you feel good..
the rest of us are trying to make this a better place, sorry if that spoils your day, makes you have to actually install something, for once.
used to know the leader of this project quite well, personally, and i can assure you the company in question did everything in it's power to deliver an honest specification and work. the problem was the australian government - it's damned near impossible to hit a specification moving at the speed of australian politics at the time.
for pity sake
(plank, whatever)
is slashdot able to run two interfaces on one backend?
if not - can that be fixed?
if yes, as i said, be smarter than the board, carry both, wait and see.
nfc is a comms protocol, like bluetooth or ethernet, very timing sensitive, therefore best implemented on the kernel level. nfc is often used for payment systems, hen ce the conflation. am assuming - have no specific details.
(or without batteries) the thing is a toy.
this is a simple fact of life.
question for linus - who is git, and what is he objecting to?
rubber sheet? in the original destructions, i mean...
people should read more john brunner, beyond that i don't have an opinion here.
what you say makes sense, is much appreciated.
um, in shannon, et al, the word "key" refers to the pad itself. so actually i'm not sure what you're saying here. did you mean "key reuse"? this applies to block ciphers, as i read it. what i think you are saying applies, once again, to block ciphers in counter mode, pretending to be one time pads, where the entropy in the key runs out, over time, as the block repeats.
one time pad is far more secure, the information gathered would have been useless, as it only applies to a transaction target would have already processed.
how is this comment rated 4, whereas the correct information, the parent, is currently only rated 2?
so don't.
a 56k modem "requires" another 56k modem on the other end, am i wrong?
i was thinking more 9600 actually, as i'm not into porn.
who swallowed a fly...
rsa is already busting it's square little heart trying to scramble your data, now you want another cipher to generate random noise to mask the regular patterns your initial cipher is making. what masks the patterns your new cipher produces - yet another cipher?
rsa is usually run on a simple counter, and this output is only then xor'ed with your data.
rsa works by doing the same little set of manipulations over and over, masked downstream by a counter and/or how compressed your data is. this set of manipulations manifests as a (probably not very) musical note which repeats itself over and over in the cacophony every machine radiates, and unfortunately it is the constant repetition which gives the game away.
unfortunately it is the blindly repetitive nature of the operation which makes rsa even vagely feasible given the vast amounts of data we expect it to cover, and i would guess that any attempt to counter this kind of attack would only make the situation worse.
as far as i can guess this kind of attack should be feasible on any block cipher.
did we not know this was coming?
block cipher in counter mode DOES NOT EQUAL csprng.
quod, as has been, demonstrandum.
when you can afford either a phone or the internet, like me, it turns out, apparently, that i cannot get a phone line that will support a modem at all, anymore. it all goes digital shortly after it leaves my space anyway, i am told. yay. only wish i was living in the "third" world, fiber is cheaper than copper, and for my worth i would get a much better connection out there - i imagine - than anything the fubar over pots my north of merkin world is prepared to shaft me for here.
how are they allowed to pollute the moon like that? do we simply assume humans will never go there, or is 238 some kind of magic vanishing form of radiation, that will not simply sit there and radiate, as nuclear waste tends to do? we can safely assume, i assume, that shielding was not included in the 120kg design, or am i wrong? have they some legitimate excuse for this, or should we simply assume "some sources" are wrong about the plutonium, in the first place?
is that nobody wants this to be true simply because all your favourite toys are suddenly the problem.
time will have to tell, i guess.
the only big change i can think of - that seems to match the timeframe given - is the proliferation of cellular radio.
there are no tin-foil hats without fire, i say, and i'm not trying to be funny.
the level of technical incompetence in these 'trials' is jaw-dropping. every description of the techniques at issue was loaded with metaphors, attempts to explain the technology involved to the technically illiterate involved in deciding the matter. how many of the jury have the skills to write, or even maintain, an RC4 based SSL service?
admittedly not many of us do, but by which madness does anyone expect these people to have a clue?
i profess to know a little about how these things work, having been involved in the development of somewhat similar technology, and yet i cannot find in any of the disclosures sufficient information to even begin to construct a system similar to the one newegg is in trouble over. obviously the information is there, the mechanism in question is everywhere, but in the trial itself, the actual mechanism is considered irrelevant, a black box. that nobody involved is expected to understand.
blinded by science.
still, what do you expect from a nation created by a god?
what are the chances this matter will ever be tried by a jury of competent professionals - ie the actual peers of the people who actually wrote newegg's system? my impression is that this will continue to be haggled over by professionals of every field except the field in question, like a bunch of blind men haggling over the price of an elephant.
do not believe everything you read on the internet - abraham lincoln
stephen fry demonstrated a small 3D printed version he said came out of the printer complete - you only have to attach the turbine fan. the model was about palm sized, as far as i could tell, and appeared to work perfectly. this was on an episode of QI broadcast on BBC last year. the BBC also broadcast a series called "wallace and gromit's world of invention" quite a few years ago, in which those of us watching were introduced to theo and his creeptures.
i thought this was all old news, but apparently not in north america, where the media only talks about about cars, guns and crime.
well done slashdot.
they used the exploit at all - i gather the majority of these incursions are left hanging because the NutSoupAhats are smart enough to not want to get caught with their fingers in anyone savvy enough to bite.