An encryption that is unbreakable would mean that you can only decrypt something if you have the correct key. Even if you know exactly how the algorithm works, you still need the key to decipher something.
The only known unbreakable encryption algorihm is the one-time pad, but it kind of moves the problem (with otp, the key distribution is the mayor problem, which kind of comes down to you needing to send a message containing the key first, which needs to be encrypted, so you need to send a message containing the key first, etc.)
But most of the time, when someone claims to have an unbreakable algorithm, and will not share the algorithm itself, it can be cracked. Sometimes because the key can be deduced from the ecnrypted message, sometimes the key isn't needed at all. When these algorithms become public, they are usually cracked very fast.
With 1024+ bits key length, the length of the key usually doesn't matter anymore, so their claim on a long key isn't really something to trust. In most of these cases, it can be cracked some other way. In this case, i would bet on a chance of 95% or so:)
Java is indeed invulnerable to buffer overflows (although the virtual machine itself does not have to be), but Java programs can be attacked on other parts (RMI and classloading are popular targets iirc).
The strange thing is that buffer overflows are very old problems, and have been known for ages. Most (experienced) programmers also know how to avoid them, either by not using some functions blindly or using some form of boundchecking, but STILL they make up about half the security bugs found nowadays. It seems that some people just don't care...
If you do care then remember that the buffer overflow isn't the only security problem source, but just a common (and pretty stupid) one.
Try Security Engineering by Ross Anderson, which looks at security at a somewhat higher level.. I just read it and it's great (atm, i'm reading BSS:) )
Well, they are crackable if they are used more than once (hence one-time pad), which can either mean that they are indeed wrongly implemented or that a language is not a one-time pad:)
Or maybe the idea of submitting is that it is good news that you think other people should read. Come on, the story got posted didn't it? Who cares who's name is above it (i never even look at that)
-While some people have interesting.sigs, others don't-
How about if someone from outside the US hacks a US website? That would be an act of war then.
Re:Am I getting paranoid ?
on
Distro News
·
· Score: 1
No, but you don't buy a car and say 'What do you mean a driving lessons? I just want to go places!'
(see this for a, maybe a little excaggerated, but for tech-support people very familiar 'situation').
It is great that installation/settings are made a little easier, but things like Windows has made people lazy, and one who does not want to learn anything about computers, should not use them.
I think the userfriendliness has a long way to go for linux. The 'average' user just wants to have a computer and be on the internet with as little fuss as possible. Caldera's intentions are good, and I like the idea of installing it from Windows, but that's also a problem; if you have windows already running with all these neat new things like IE and all, why install another OS?
By the way, maybe the wheel is being reinvented, but hey, the last one was squared, so why not invent a round one.
Slashdot Mirror
Maybe i should read the book, but wouldn't this match only sentences ending with an arbitrary number of spaces?
Has anyone patented all programs matching '.*' yet?
i believe this has been covered on /. before, but the first google is this
An encryption that is unbreakable would mean that you can only decrypt something if you have the correct key. Even if you know exactly how the algorithm works, you still need the key to decipher something.
:)
:)
The only known unbreakable encryption algorihm is the one-time pad, but it kind of moves the problem (with otp, the key distribution is the mayor problem, which kind of comes down to you needing to send a message containing the key first, which needs to be encrypted, so you need to send a message containing the key first, etc.)
But most of the time, when someone claims to have an unbreakable algorithm, and will not share the algorithm itself, it can be cracked. Sometimes because the key can be deduced from the ecnrypted message, sometimes the key isn't needed at all. When these algorithms become public, they are usually cracked very fast.
With 1024+ bits key length, the length of the key usually doesn't matter anymore, so their claim on a long key isn't really something to trust. In most of these cases, it can be cracked some other way. In this case, i would bet on a chance of 95% or so
note: i am not a cryptologist either
Java is indeed invulnerable to buffer overflows (although the virtual machine itself does not have to be), but Java programs can be attacked on other parts (RMI and classloading are popular targets iirc).
The strange thing is that buffer overflows are very old problems, and have been known for ages. Most (experienced) programmers also know how to avoid them, either by not using some functions blindly or using some form of boundchecking, but STILL they make up about half the security bugs found nowadays. It seems that some people just don't care...
If you do care then remember that the buffer overflow isn't the only security problem source, but just a common (and pretty stupid) one.
Try Security Engineering by Ross Anderson, which looks at security at a somewhat higher level.. :) )
I just read it and it's great (atm, i'm reading BSS
Well, they are crackable if they are used more than once (hence one-time pad), which can either mean that they are indeed wrongly implemented or that a language is not a one-time pad :)
Or maybe the idea of submitting is that it is good news that you think other people should read.
.sigs, others don't-
Come on, the story got posted didn't it? Who cares who's name is above it (i never even look at that)
-While some people have interesting
How about if someone from outside the US hacks a US website? That would be an act of war then.
(see this for a, maybe a little excaggerated, but for tech-support people very familiar 'situation').
It is great that installation/settings are made a little easier, but things like Windows has made people lazy, and one who does not want to learn anything about computers, should not use them.
What is the answer to 143*4535/192+44=x
:)
The answer is : yes
See? We can do this
Tjebbe
'^J to justify my text? I'm sorry but it has no excuse.'
I think the userfriendliness has a long way to go for linux. The 'average' user just wants to have a computer and be on the internet with as little fuss as possible. Caldera's intentions are good, and I like the idea of installing it from Windows, but that's also a problem; if you have windows already running with all these neat new things like IE and all, why install another OS?
By the way, maybe the wheel is being reinvented, but hey, the last one was squared, so why not invent a round one.