Slashdot Mirror


User: tomstdenis

tomstdenis's activity in the archive.

Stories
0
Comments
6,870
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,870

  1. Re:another tactic? on Lawsuits Against Spammers · · Score: 1

    The problem with your idea is that you can't filter out the spam.

    With my scheme if they don't do the work the email is rejected. [assuming there are no flaws in my scheme...]

    Tom

  2. Re:another tactic? on Lawsuits Against Spammers · · Score: 1

    I can't tell if you're agreeing with my post or not.

    To recap my scheme is designed to make it so if the spammer doesn't do a lengthly calculation [that the end user can quickly verify] then the email gets automatically deleted.

    I'm going to write a paper on the scheme just to get it out in the open. Who knows, if its secure maybe someone will implement it?

    Tom

  3. Re:another tactic? on Lawsuits Against Spammers · · Score: 1

    Again I suggest you read the fucking post.

    Its the ----->****END****----- users that do the work.

    If joe@abc.com wants to send an email to blow@nbc.com then its user joe that does the cubing [T times] and user blow that does the inverse. The servers abc.com and nbc.com will just carry the message.

    Tom

  4. Re:another tactic? on Lawsuits Against Spammers · · Score: 2, Interesting

    First off, my scheme will work with existing email systems. You can use the same transport protocols you just have to tack on a plugin that will do the math part.

    So you can still use pop3/smtp for transporting email.

    Second, apply "law" to the problem just doesn't work. I send spam from country X to country Y, etc...

    My solution takes work [i.e to implement it] but will work regardless of laws in place. Doesn't matter if you're sending spam from Mars, if you don't apply my coding my program [client] will just filter the message out.

    Also, you can *NEVER* stop people from sending spam just by filtering for keywords or something. If I can send you an email in the clear and open, then I can just as easily find a new way to make a spam message that doesn't follow the heuristics of your filter.

    With my scheme spammers can still get passed the filter, it just takes them time [which you can roughly control]. That makes it less profitable.

    Think about it. Suppose you pick a setting [of T] that makes a fast ghz processor take about 7 seconds or so to make a valid email.

    Would a spammer wait 7 seconds per email if they have a list of 10^8 emails to go through [probably 90% of which are fake to begin with!]?

    I doubt it.

    Also my scheme can be made simpler. Instead of repeated squaring, use repeated cubing.

    I.e

    Make up

    K = random || hash(message) || time

    Then cube K, T times...

    K = K^3 mod pq
    K = K^3 mod pq
    ...

    The end user can compute

    K^((1/3)^T mod (p-1)(q-1)) mod pq

    Which means they can go directly to the original K value but an attacker [i.e spammer] must perform T cubings.

    So no matter what T is the time for the person getting the email is the same.

    Tom

  5. Re:another tactic? on Lawsuits Against Spammers · · Score: 3, Insightful

    Hmm? You hash the message so you can't just store them on a CD.

    The idea is not to stop people from SENDING spam its to stop you from having to SEE the spam.

    For a message to be valid you must first make up a bignumber

    K = random || hash(message) || time

    Then you send to the user K^(2^T) mod N.

    You're "attack" won't work since each user has their own N. So if you want to build up a huge table of valid numbers you can, but they will only work for one user.

    I'd suggest you actually read the posting before attacking it.

  6. Re:another tactic? on Lawsuits Against Spammers · · Score: 3, Interesting

    Well that will work, there are other schemes.

    I'm a student cryptographer and I'm working on a system which will provide authentication [signatures], privacy [via encryption] and at the same time make spam less feasible [you can do it but its easier to filter out].

    The basic idea stems from squaring modulo a composite. Say you're given N=pq where p and q are two huge primes.

    You can find

    R = K^(2^T) mod pq

    easily, but given R its hard to find K.

    So if you specifically construct K to follow certain rules, you can help filter out spam very easily.

    The basic scheme works like this

    1. Make up two primes p and q and get N=pq
    2. Choose a value of T [say 1024]
    3. Publish N and T with your email address

    The user wants to send you a message M so they make up

    K = random_data || HASH(M) || time

    They hash K and use that as a key for a symmetric cipher. Then they send R=K^(2^T) mod N [by squaring T times] along with the ciphertext.

    The trick is that finding K from R is easy if you know the factors and squaring T times takes time.

    You can sign K easily too ... anyways...

  7. Surprised? on First (proof-of-concept) .NET virus · · Score: 1

    Hey its a computer system where viruses can spread... This is news?

    Anywhere a program can run from a third party can have viruses. Only if you physically build each bit of code you run yourself can you be relatively sure.

    This includes .NET as well as linux or freebsd.

    I think you /. types should get a grasp of reality!

  8. Digital Sound Crap on New External Sound "Card" · · Score: 1

    Here's my take on things like this and the Stereo-Link.

    Great you by-pass the internal DAC and goto an external one.

    Two problems

    1) You can just get a better DAC [i.e newer sound card]

    2) A flawless DAC will not improve the quality of a highly compressed MP3,OGG,etc sound file.

    I think those "customers" that said it sounded so great should try this little "home experiment".

    Plug your lineout to your stereo. Does it sound just liket the "stereo-link". If so you've been had. If not then you have a horrible internal sound card.

    Tom

  9. Re:Raising Money on Cornell University Sues Hewlett Packard · · Score: 1

    First off I agree that if HP stole the idea they should own up to it.

    I just don't see the connection to the prof getting burned. Sure its not nice, but he gets paid none-the-less. Its not like he wasn't rewarded for his work.

    Besides, aren't schools there to teach? Another poster brought up a good point. What if a student learned of the idea from class and tried to use it. Should he be barred by the patent [that indirectly he paid to develop]?

    Tom

  10. Re:Raising Money on Cornell University Sues Hewlett Packard · · Score: 1

    " If you don't think usurping a guy's life work results in "damages," perhaps you should try to grow a soul. "

    Did the professor get paid during his stay? I can't imagine him on pogey for 20 years while working *for* the university.

    I agree that HP should credit him if they used his ideas, but as to the "usurping" his life work I don't really see that. He was rewarded for his work and probably generously.

  11. Re:Corporate ramifications on Spyware in Kazaa, Limewire, Grokster · · Score: 1

    Sorry, RIAA but you get the point.

    You can't just say "Its legal because I say so" crap...

    Tom

  12. Re:Corporate ramifications on Spyware in Kazaa, Limewire, Grokster · · Score: 1

    See that's the type of logical defense you can use.

    Defendant: Your honour, copying my friends cd's is legal because the MPAA are a bunch of assholes.

    Judge: Hehehehehe, oh really?

  13. Re:Corporate ramifications on Spyware in Kazaa, Limewire, Grokster · · Score: 1

    Kinda an aside.

    File sharing is not what most groups like the MPAA and RIAA are against.

    Its the piracy thats associated with it.

    If you used Gnutella to share programs/music that you yourself wrote, than the RIAA or MPAA wouldn't care. But because you're a leech off of society and download stuff and use stuff you shouldn't have they crack down.

    So don't say "p2p is illegal" because it isn't.

  14. Re:Why Slashdot Sucks on Review of Sorcerer GNU Linux · · Score: -1, Offtopic

    I say sir, I say good day.

    Actually I agree with your post. A lot mediums are "dumbing down" content.

    The reason: Too many gold-rush stock-hungry bidnezz people. For example I'm in a three year CS diploma course [stop laughing I know its a joke] and my Bidnezz teacher [have to take a class] spelt his name wrong and claimed that

    0.96/1 is the same as 0.96:1 [hint they aren't]

    The solution: Start educating bidnezz students in more advanced topics [certainly english and math].

    The government should also favour advertisements and products that have a higher standard of intelligence. For example, a company that makes puzzles or math text books should get a tax credit while the makers of Pokemon don't.

    That way you're free to be stupid, but it will pay more to be smart.

    Other than that we can also just shoot and kill wall st. type people. Survival of the smart!

  15. Re:here is your change on Ogg Vorbis RC3 Released · · Score: 1

    Um, lets review the pertinent facts

    a) I have 10GB of mp3 files
    b) My MP3CD player plays MP3s
    c) There is not a huge improvement in terms of bitrate.

    As to a), I am not going to re-encode all my cd's [plus my "borrowed" songs] in OGG format since that would require a huge amount of time.

    As to b), I paid 169$ for a MP3CD player [Samsung that works like a charm and doesn't kill batteries]. It doesn't play WMA or OGG files so I cannot use it with those

    As to c), Overall a VBR OGG at 115kbps and a VBR MP3 at 128kbps sound about the same [I didn't really try MP3 at 115...]. In otherwords there is not a huge difference in terms of efficiency. Yes, OGG sounds better [seems a bit crisper] but the improvement is subtle and doesn't outweight the effort and cost of using only OGG.

    Getting back to my main theme. I agree OGG is getting better than MP3. The problem is MP3 is more commonplace [hence my MP3CD player] and OGG compression is just not far out.

    Say a 64kbps OGG file sounded just as good as a 128kbps MP3 then I could say "wow lets all use OGG" but the truth is the savings is meager and the cost is great.

    I'd first get OGG more portable in software [i.e default with winamp, XMMS,etc...]. Get people used to it [and improve OGG along the way] then when commercial apps [i.e portable players] support it you will see a huge popularity boost.

    Just randomly switching from 10GB of MP3s to 9.7GB of OGG files because OGG is "cool" is stupid.

  16. Re:My two cents on Ogg Vorbis RC3 Released · · Score: 1

    I don't think you read what I wrote. At q=3.5 it sounds as good as MP3s at about 128kbps.

    Therefore your statement about "192kbps for mp3" is moot since for me thats not required.

    Saving 9kbps just so I can feel proud to use something /. approves off [and my mp3cd player can't read] is not something I am willing todo.

    Also you have to realize these "tests" you guys perform are just stupid. On dorky computer speakers [99% of all computer users own] the actual threshold of noise is higher than the quality difference between OGG and MP3 at comparable bitrates. So this "oh I need 192kbps for MP3 and only 128 for OGG" are just stupid points since for 99% of all popular music you can't tell the difference past 128 kbits [and certainly not past 160]. I've encoded alot of piano music for instance at 160 and it sounds just fine. I've encoded folk music [i.e acoustic+base guitar] at 128 and it sounds fine.

    Now if I had a $10K sound card with a $250K sound system then maybe I'd hear the difference... but for 10$ headphones on a MP3CD player it doesn't matter.

    Also I'd like to point out that OGG performs horribly at lower bitrates. It distorts far more than MP3 does at 32kbps for instance...

    When all is said and done, OGG is a good idea, and its technology that is maturing. When it gets more stable, encodes better and gets accepted in commercial applications we can sit and talk about "replacing mp3 files with ogg".

    Tom

  17. Re:My two cents on Ogg Vorbis RC3 Released · · Score: 1

    First point. I'd rather save my files at 128kbps, then play them back on my ****MP3**** CD player.

    Saving 9kbps on my files and losing time tested MP3 playback hardware support? Not even worth it.

    Second point. Not all of those patents apply all over the world. Also you cannot patent a file format thats like putting a patent on a byte. You can patent an algorithm that does the compression [which is what has been done].

    A lot of MP3 encoders exist for free so I think as long as you don't use exact derivatives of the MP3 patented algorithms you're ok. Otherwise they **would** have cracked down on them already.

  18. My two cents on Ogg Vorbis RC3 Released · · Score: 1

    This is what I like/dislike about the Ogg toolchain

    Pros:
    --free
    --simple to use
    --really fast
    --makes good sounding audio

    Cons:
    --Requires "quality==3.5" before it even matches the quality of an decent MP3 codec at 128kbps. At q=3.5 it got about 117kbps average...

    I can see the value of free tools but as a replacement for mp3? LAME is free and it uses open and free psychoacoustic modelling [i.e no patents!].

    While OGG is a good idea I don't see it as a huge improvement over MP3 compression.

    BTW for my test I was using the 2nd track of the Godzilla CD [lots of wide band audio in the first two seconds good for picking out distortions]

  19. Re:crimes? on Why Worm Writers Stay Free · · Score: 1

    Lets look up the word "terror"

    http://www.dictionary.com/cgi-bin/dict.pl?term=t er ror

    Specically #1,2,3

    #3. The ability to instill intense fear

    What is a "terroist" someone who commits another to a state of "terror" or commits "terror".

    So yes, a 12 yr old kid that makes you afraid about your uncertain future [i.e all your work is corrupt] is instilling "intense fear".

    I'd say if I had a deadline to meet in a few days and my data was lost I would be worried about my employment status.

    And don't give us that crap about "you should back stuff up". Yes that's true. But you **should** back it up for a **different** reason. I should back up stuff because I fear the possibility of undesirable hardware failures [and no a HW failure is not terroism because a) computers are inanimate and b) its not on purpose or intent on doing so].

    Some 12 yr old kid is not going to tell me how I should and shouldn't use my computer because they are reckless behind the seat of a mallicious script they probably don't even understand.

    And to whoever is trying to connect to my proxy, its behind a firewall so give it up already!

    Tom

  20. Re:crimes? on Why Worm Writers Stay Free · · Score: 1

    Touche. I should have proof read that.

    I think half the posters here however should let a virus unexpectedly thrash their computer. Then they can come back to /. and talk to softly about "kids being kids".

    Hey better yet let the virus thrash their network at their place of employment. Then let the management talk softly about it :-)

  21. Re:crimes? on Why Worm Writers Stay Free · · Score: 1

    Yeah I know you should back stuff up. My point is who are you to tell me how to use MY computer.

    As for the "using buggy software". Yea software vendors should get on the ball, but again, who are you to exploit the bug and cause me to lose my data?

    Its not your computer you're fucking with, its mine! Hey write an exploit for yourself all you want, share the exploit in non-source/binary form all you want. Just don't tell me that when some criminal "kid" destroys my hard disk "its your fault for not backing it up".

    Tom

  22. Re:They aren't terrorists! on Why Worm Writers Stay Free · · Score: 1

    I fully agree with this poster.

    Perhaps these "kids" should be punished by not allowing them to use computers for say 5 years or something.

    That's like joy-riding in a car. You just "wanted to have fun" but when you run your car thru a quicky-mart and ruin some poor dudes business you can just say "I was bored!". Um nope!

    Tom

  23. Re:crimes? on Why Worm Writers Stay Free · · Score: 1, Flamebait

    "kids with too much time on their hands" who also happen to be ruining the internet for millions of people.

    What if I was writting my Ph.D and I got this virus you wrote and it trashed it along with all my notes.

    Well you just costed me a few years of my life. [yes backups are a good idea but its not upto you to force me to backup my data].

    Their is more to virusses and worms etc then just "slow networks". For many it could cost them a serious portion of their lives.

    Tom

  24. Re:They aren't terrorists! on Why Worm Writers Stay Free · · Score: 2, Insightful

    The problem is half the time they are not kids with skills. They just download a exploit [done for research] adn use it [for fun].

    How many of the attacks where kids are involved were actually invented and written by kids?

    Besides yes it is terroism since its mischief on the grand scale. Like it or not the internet is a mass communication medium and its a "way of life" for some people [some == growing].

    That's like taking down the entire california telephone network and claiming "I'm bored". Not only is that dangerous [no 911 calls] but its disruptive to literally millions of people.

    Tom

  25. Re:A network admin's perspective on Broadband In Australia Just Got Slower · · Score: 1

    Of course this is comming from the same crowd that think paying for domain names is a "good" idea.

    In reality this stuff shouldn't cost so much. Just there are too many layers of bullshit between money and work.

    As an example, you work at a job. They pay you, but take tax off. You put it in a bank and pay to access the money. You pay bills for stuff, but it costs you money to pay bills! arrg...

    If people just stopped getting greedy and organized things better bandwidth would be aplenty.

    Last I read there was a story about the amount of fiber that goes unused in America being over 50%. The reason that is is because people were trying to hype it before it was really required. When 98% of the internet paying users had 28.8k the content was simple and small. Now stuff is bigger and flashier [albeit not much better] and the bandwidth is required.

    That's why there's a bigger market now for the bandwidth then before. The problem is people are now weary to invest in companies which is why you see monopolies, which gets back to the original point.

    Greed. People want to be the only ISP in town, which is ok if you're giving good service. For example, my ISP is pretty much the only high speed ISP in the neighbourhood for residential stuff [next to bell HSE]. Its a somewhat decent service that costs about 40$ a month.

    My ISP seems somewhat reliable about updating service and there is alot of interest in people using it.

    The point is people have to start investing in high speed home access again. That will drive down prices and make bandwidth more affordable.

    Wow, I'm a lunatic... sorry I just had to rant!