Took a bit for me to dig this up, but here ya go: In the 1984 William Tell exercise, flying F-4C Phantoms, the 123rd FIS / 142nd FIG beat out all but 2 F-15 units finishing third overall. The 123rd is an Oregon Air National Guard unit.
Not to say the F-15 isn't a fine aircraft, of course.:-)
"[...] it's still nontrivial to generate the plaintext from the ciphertext, or am I completely offbase on this?"
I Am Not A Cryptanalist, but it is my impression that you are off base in this. Generating the plaintext may not become a completely trivial task with the backdoor key, but it at least would become so many orders of magnitude easier that the system would be essentially useless.
In really basic broad-brush terms, we can say that the ciphertext consists of the plain text added to a keystream by a method defined in a certain protocol. To decrypt the ciphertext, the legitimate recipient needs to subtract the keystream from the ciphertext using the same protocol. Any attacker who could capture the whole ciphertext usually should also discover the protocol in use. (That's not necessarily a trivial step, but often it is... especially with computers using known protocols.*) So the only unknown the attacker needs in order to reveal the plaintext is the keystream.
Schneier's article says that by observing a mere 32 consecutive bytes of randomness, an attacker with the key to the backdoor can generate the whole random stream, at least from that point forward. So if such an attacker can suss out that small portion of the keystream or plaintext - and that's what cryptanalysis is all about - then they can use that to break the whole message with relative ease.
[*: It is widely thought, and has been repeatedly proven by real world cryptosystem breaks where the protocol is unknown to the breaker, that for the most part hiding the protocol does no damn good. This is what's meant by "obscurity is not security".]
starfishsystems gives a good answer, but I'll say it a bit differently in case it helps.
The random number generator in question is a mathematical tool for generating randomness, not a cryptosystem of any kind. It has many potential applications. However, modern cryptography is absolutely dependent on high-quality randomness, so cryptosystems tend to use exactly this sort of tool. The thing is, if the "random" data stream one uses in a cryptosystem is actually predictable, then the whole cryptosystem is insecure right from the start no matter how good it otherwise appears.
It's is very much analagous to building a house on sand: if the foundation is unstable, it pretty much doesn't matter how good the rest of the construction on top of it may be; the whole structure is in dire and immediate peril.
The random number generator itself may be just fine for many applications. However, any cryptosystem built on this random number generator is presumed to be useless just because there exists a set of keys which can easily predict the whole random number stream given a tiny part of it. We don't actually know if anyone holds the keys, but if someone does then that person could undetectably open any cryptographic locks built on this random number generator, or release the keys so everyone could open the locks.
I thought the article was saying something slightly different: The standard does have a backdoor, it's just not clear who - if anyone - holds the keys.
The safe assumption is that someone does hold the keys and therefore the standard is useless for cryptography, even though it might be just fine for other applications.
"Submarine technology is actually way less relevant to the threats of the modern world than even freaking tanks. When was the last time we used a submarine to do any kind of warfare or political maneuvering? I'd say that ended in the cold war."
Oh good lord. No. Just no.
There's two very good reasons to care about subs. One is nuclear deterrence, the other is fleet defense.
Did all the nuclear warheads and ICBMs in the world just magically disappear overnight when the cold war ended? Nuclear deterrence is... well, if not good, at least currently necessary. The US SSBNs provide us a sufficent detterent, all by themselves, to make any contemplated invasion of Iran over nuclear weapons utter madness. By having those subs, we have more options than trying to prevent at any cost hostile powers from getting nukes of their own. Oh, and we aren't the only nation still running boomers, so our attack subs kinda matter for keeping track of them.
We have to care about other folks' subs because submarines are about the only weapon platform of any kind that can still hide. That means they can - as this Chinese sub did - potentially sneak up on our carriers. Coupled with the right weapons system, a sub can kill a carrier. If the US carriers go down, or even can be credibly threatened, that reduces the US position as a superpower considerably. So everyone else's subs matter to us... especially the Chinese, given that Taiwain is a cmpletely plausible flashpoint for naval conflict between the powers.
You may or may not like all the political implications of the above, but it is complete madness to suggest that subs no longer matter.
Oh, yeah, I forgot to mention Al Qeida. They're one threat among many, and a rather small one at that.
It seems likely to me that this motion to quash will be granted. If so, then there's two possibilities: if the RIAA has better evidence of identity it will try again and if the subpoena is sufficient UO will give them what they ask for. If they don't have data to support another subpoena, the RIAA will walk away. I seriously doubt this matter will get to the Supremes; it seems like a narrow technical issue. It is not necessarily some principled stand by the university.
Either way, though, if the motion to quash is granted it'll be a big loss for the RIAA's actions against users of university networks, because it'll show other universities another way to deal with the subpoenas. The important thing is that the UO president has demonstrated sound legal and procedural skills in the past - enough to get to and win at the USSC - so if he's allowing his institution to do this then the idea probably has substantial legal merit. Other university administrations will pay attention, because he's got credentials in this area that most others lack.
The problem for the RIAA here is that they picked a target that has chosen to call BS, and the credibility of the UO president is going to make that cry of BS heard nationwide.
"If I were an RIAA shark, I'd smell blood in the water."
Well, yes. But the question is, whose blood?
As I said elsewhere, the U.O. President is a former dean of the U.O. Law School, and a former Attorney General of the State of Oregon. His university bio says he argued seven cases before the US Supreme Court as state AG and won six, and goes on to say that's more cases and a better record than any other contemporary State A.G. Its almost impossible to imagine that the University took this step without consulting him, and it's equally difficult to imagine he's misjudged the strength of their case or that he's afraid to take it all the way to the US Supreme Court.
I think the RIAA's sharks have just bitten a much bigger shark. If they aren't looking for a way to swim away quietly, they're in for a hell of a fight.
"The University of Oregon has filed a motion to quash the RIAA's subpoena for information on student identities in what is believed to be the first such motion made by a university with support from the state Attorney General."
Amusingly enough, the University of Oregon's President used to be the state Attorney General. I suspect he had an easier time getting the current AG's support than most university presidents have.
"Hell, create a searing flame capable of burning anyone to death who dare walks through it- that's the literal definition of a firewall. The heat caused by the burning of wood or something else is a "hardware" firewall."
Well, as I understand it each of the vehicles would have needed an FAA waiver to do free flights over a certain altitude or duration anywhere in the US. (I don't recall the limits, but I think it's in the Armadillo news archive somewhere.) So if they didn't have an FAA waiver, that (presumably) means they had never done a free flight of anything close to LLC1 parameters.
That makes it seem pretty unlikely (to me) that they stood a realistic chance of a prizewinning day at the XPC, or that the paperwork was the only holdup.
They've actually had several flights on that vehicle. Aside from ignition problems, they seem to have an engine design that can reliably run for several minutes at very decent thrust, and they obviously have a solid handle on flight stability. But yeah, the contest conditions exposed some troubles for them.
I'm not quite sure of my sources on this, but they seem to have had fuel (oxidizer? igniter?) contamination issues, leading to a flaky igniter, leading on the second flight to a hard start that caused engine damage. This damage was clear to them, so they chose to sit in a low hover at the end of their second flight to mitigate a half-expected crash. It appears that as the engine progressively got worse the vehicle started oscillating, and eventually the legs contacted the ground causing a tipover and automatic engine shutdown.
They're doing really well, but they will have to clear up their ignition issues. I'm pretty sure their suborbital flight profile will demand that they be able to do reliable in-flight restarts, so I think ignition is going to be a big issue for the over the next year.
That writeup is a bit misleading. It's not like they just showed up and their vehicle burst into flames. In a previous attempt this weekend they completed a 90+ second flight, then about 88 seconds of the second, potentially prizewinning flight before engine trouble brought them down.
It wasn't enough to win the prize, but they still had some impressive flights.
Yeah, either one would really have to be constructed in orbit - and probably pushed out of the magnetosphere - before moving out under their own power. Anything else is not politically possible even if the engineering worked.
From what I've been reading*, they amatuer rocket community is giving this challenge a lot of thought. There are development plans that look realistically capable of putting a lander on the moon for a budget close to the size of the prize. (Although the timeframe is tight.) Some of these plans call for multiple attempts with anticipation of initial failures.
It seems that one of the hardest parts of the prize is the communications problem. The prize conditions specify approximately a gigabyte of data to be transmitted from the moon, with some data gathered on-site and some carried along by the vehicle. It turns out that the data rate necessary to transmit that much data within one lunar day seems to be higher than can realistically be achieved without an aimed high-gain antenna. That in turn puts a lower bound on the size of hardware that has to be landed on the moon.
[*: On the most fasciniating list I've ever lurked.]
I know that, and you know that, but nevertheless that metaphor is the best way I've found to understand the philosophical difference between the GPL and BSD licenses, and why those folks can't seem to get along.
"Or, I understand the philosophy, but I think that particular way of putting it is a bit of FUD slinging."
I don't think it's meant as FUD. Actually the idea that the code itself has been emancipated, so that no one can bind it or its children with the chains of ownership ever again, is quite an attractive and appealing idea.* Stallman was a bloody genius to come up with such a wild abstraction. He's freed the slaves all over again, it's just that these slaves are not human.**
However, while this philosophy maximizes the freedom of the code itself, it does so at some cost to other interests. One cannot bind the software with the chains of ownership again - that's the whole point - which is a bit of a problem if one wishes to write code that can be used by any human for any purpose even if it means some of the code's children can be chained up again by some bloody-minded capitalist while others remain free. The BSD license maximizes the freedom of people, while not providing complete protection from slavery for all of the code's children.
Both licenses attempt to maximize freedom, but they do so in different ways and for different interests; to secure those different freedoms they must make different tradeoffs.
[*: When I say this I definitely do not mean to spread Fear, Uncertainty, or Doubt. It's meant as a compliment... although there are of course some who will view Stallman's grand idea as just bizarre philosophical wanking.] [**: And if you think this debate is interesting, just wait until the GPL philosophy meets seemingly self-aware robots! See also Asimov's book "I, Robot".]
"Apple will never be able to really compete with Vista (or Microsoft) as long as they insist on being a hardware company before all. "
And from this, we can draw the inference that Apple just doesn't want to tackle Vista head-on. They've got a model that works; it's given them (mostly) happy customers, a fabulous brand image, happy shareholders, and several hojillion dollars in the bank. Why would they want to risk their brand image and their long-term profitability by diverting the resources to run on a zillion different hardware platforms?
Someday OS X (or its successor) will come out for all PCs. But that's (probably) not going to happen while PC hardware still a big profit center for Apple.
I've been seeing pictures of that thing for a year or two. It was built in Longview, Washington or thereabouts and people 'round here kept posting snapshots of it on their blogs with titles like "What the hell is this thing?"
True, true. Apple will miss out on, oh, let's call it 400,000[1] credits used * $100 = $40,000,000 of potential unrealized revenue.
However, they don't just give that money up and get nothing for it: * They get great publicity that makes them appear responsive to customers - the story is all over the non-tech news. * They restore a lot of goodwill among early adopters, who are an important crowd for Apple. * It's a great loss-leader to get those people - known big spenders - back into the store to spend more money. * If it's used on Apple software or hardware, it will increase their installed base and marketshare.
So yeah, they're going to miss out on $40 million, but they get value for it that's probably better than the same amount spent on advertising in any media.
[1: Assuming they've sold 800,000 eligible units and 50% of buyers acquire and use their credits.]
"If you give $100 Apple Store credit to the sort of people who bought an iPhone on iPhone Day, that's all the excuse they need to buy a new iPod, or a MacBook or another iPhone."
Even better if most of them spend it on Apple software. Such as, I dunno, maybe Leopard? Due out next month?
Teh Steve is laughing all the way to the bank, and this time I'm laughing right along. This is so brilliant it almost has to be on purpose.
Slashdot Mirror
Took a bit for me to dig this up, but here ya go: In the 1984 William Tell exercise, flying F-4C Phantoms, the 123rd FIS / 142nd FIG beat out all but 2 F-15 units finishing third overall. The 123rd is an Oregon Air National Guard unit.
:-)
Not to say the F-15 isn't a fine aircraft, of course.
"[...] it's still nontrivial to generate the plaintext from the ciphertext, or am I completely offbase on this?"
I Am Not A Cryptanalist, but it is my impression that you are off base in this. Generating the plaintext may not become a completely trivial task with the backdoor key, but it at least would become so many orders of magnitude easier that the system would be essentially useless.
In really basic broad-brush terms, we can say that the ciphertext consists of the plain text added to a keystream by a method defined in a certain protocol. To decrypt the ciphertext, the legitimate recipient needs to subtract the keystream from the ciphertext using the same protocol. Any attacker who could capture the whole ciphertext usually should also discover the protocol in use. (That's not necessarily a trivial step, but often it is... especially with computers using known protocols.*) So the only unknown the attacker needs in order to reveal the plaintext is the keystream.
Schneier's article says that by observing a mere 32 consecutive bytes of randomness, an attacker with the key to the backdoor can generate the whole random stream, at least from that point forward. So if such an attacker can suss out that small portion of the keystream or plaintext - and that's what cryptanalysis is all about - then they can use that to break the whole message with relative ease.
[*: It is widely thought, and has been repeatedly proven by real world cryptosystem breaks where the protocol is unknown to the breaker, that for the most part hiding the protocol does no damn good. This is what's meant by "obscurity is not security".]
starfishsystems gives a good answer, but I'll say it a bit differently in case it helps.
The random number generator in question is a mathematical tool for generating randomness, not a cryptosystem of any kind. It has many potential applications. However, modern cryptography is absolutely dependent on high-quality randomness, so cryptosystems tend to use exactly this sort of tool. The thing is, if the "random" data stream one uses in a cryptosystem is actually predictable, then the whole cryptosystem is insecure right from the start no matter how good it otherwise appears.
It's is very much analagous to building a house on sand: if the foundation is unstable, it pretty much doesn't matter how good the rest of the construction on top of it may be; the whole structure is in dire and immediate peril.
The random number generator itself may be just fine for many applications. However, any cryptosystem built on this random number generator is presumed to be useless just because there exists a set of keys which can easily predict the whole random number stream given a tiny part of it. We don't actually know if anyone holds the keys, but if someone does then that person could undetectably open any cryptographic locks built on this random number generator, or release the keys so everyone could open the locks.
That help?
I thought the article was saying something slightly different: The standard does have a backdoor, it's just not clear who - if anyone - holds the keys.
The safe assumption is that someone does hold the keys and therefore the standard is useless for cryptography, even though it might be just fine for other applications.
"Submarine technology is actually way less relevant to the threats of the modern world than even freaking tanks. When was the last time we used a submarine to do any kind of warfare or political maneuvering? I'd say that ended in the cold war."
Oh good lord. No. Just no.
There's two very good reasons to care about subs. One is nuclear deterrence, the other is fleet defense.
Did all the nuclear warheads and ICBMs in the world just magically disappear overnight when the cold war ended? Nuclear deterrence is... well, if not good, at least currently necessary. The US SSBNs provide us a sufficent detterent, all by themselves, to make any contemplated invasion of Iran over nuclear weapons utter madness. By having those subs, we have more options than trying to prevent at any cost hostile powers from getting nukes of their own. Oh, and we aren't the only nation still running boomers, so our attack subs kinda matter for keeping track of them.
We have to care about other folks' subs because submarines are about the only weapon platform of any kind that can still hide. That means they can - as this Chinese sub did - potentially sneak up on our carriers. Coupled with the right weapons system, a sub can kill a carrier. If the US carriers go down, or even can be credibly threatened, that reduces the US position as a superpower considerably. So everyone else's subs matter to us... especially the Chinese, given that Taiwain is a cmpletely plausible flashpoint for naval conflict between the powers.
You may or may not like all the political implications of the above, but it is complete madness to suggest that subs no longer matter.
Oh, yeah, I forgot to mention Al Qeida. They're one threat among many, and a rather small one at that.
Well, IANAL, but this is /., so...
It seems likely to me that this motion to quash will be granted. If so, then there's two possibilities: if the RIAA has better evidence of identity it will try again and if the subpoena is sufficient UO will give them what they ask for. If they don't have data to support another subpoena, the RIAA will walk away. I seriously doubt this matter will get to the Supremes; it seems like a narrow technical issue. It is not necessarily some principled stand by the university.
Either way, though, if the motion to quash is granted it'll be a big loss for the RIAA's actions against users of university networks, because it'll show other universities another way to deal with the subpoenas. The important thing is that the UO president has demonstrated sound legal and procedural skills in the past - enough to get to and win at the USSC - so if he's allowing his institution to do this then the idea probably has substantial legal merit. Other university administrations will pay attention, because he's got credentials in this area that most others lack.
The problem for the RIAA here is that they picked a target that has chosen to call BS, and the credibility of the UO president is going to make that cry of BS heard nationwide.
"If I were an RIAA shark, I'd smell blood in the water."
Well, yes. But the question is, whose blood?
As I said elsewhere, the U.O. President is a former dean of the U.O. Law School, and a former Attorney General of the State of Oregon. His university bio says he argued seven cases before the US Supreme Court as state AG and won six, and goes on to say that's more cases and a better record than any other contemporary State A.G. Its almost impossible to imagine that the University took this step without consulting him, and it's equally difficult to imagine he's misjudged the strength of their case or that he's afraid to take it all the way to the US Supreme Court.
I think the RIAA's sharks have just bitten a much bigger shark. If they aren't looking for a way to swim away quietly, they're in for a hell of a fight.
"The University of Oregon has filed a motion to quash the RIAA's subpoena for information on student identities in what is believed to be the first such motion made by a university with support from the state Attorney General."
Amusingly enough, the University of Oregon's President used to be the state Attorney General. I suspect he had an easier time getting the current AG's support than most university presidents have.
"Hell, create a searing flame capable of burning anyone to death who dare walks through it- that's the literal definition of a firewall. The heat caused by the burning of wood or something else is a "hardware" firewall."
Personally I'd call that a vaporware firewall.
Well, as I understand it each of the vehicles would have needed an FAA waiver to do free flights over a certain altitude or duration anywhere in the US. (I don't recall the limits, but I think it's in the Armadillo news archive somewhere.) So if they didn't have an FAA waiver, that (presumably) means they had never done a free flight of anything close to LLC1 parameters.
That makes it seem pretty unlikely (to me) that they stood a realistic chance of a prizewinning day at the XPC, or that the paperwork was the only holdup.
They've actually had several flights on that vehicle. Aside from ignition problems, they seem to have an engine design that can reliably run for several minutes at very decent thrust, and they obviously have a solid handle on flight stability. But yeah, the contest conditions exposed some troubles for them.
I'm not quite sure of my sources on this, but they seem to have had fuel (oxidizer? igniter?) contamination issues, leading to a flaky igniter, leading on the second flight to a hard start that caused engine damage. This damage was clear to them, so they chose to sit in a low hover at the end of their second flight to mitigate a half-expected crash. It appears that as the engine progressively got worse the vehicle started oscillating, and eventually the legs contacted the ground causing a tipover and automatic engine shutdown.
They're doing really well, but they will have to clear up their ignition issues. I'm pretty sure their suborbital flight profile will demand that they be able to do reliable in-flight restarts, so I think ignition is going to be a big issue for the over the next year.
That writeup is a bit misleading. It's not like they just showed up and their vehicle burst into flames. In a previous attempt this weekend they completed a 90+ second flight, then about 88 seconds of the second, potentially prizewinning flight before engine trouble brought them down.
It wasn't enough to win the prize, but they still had some impressive flights.
Yeah, either one would really have to be constructed in orbit - and probably pushed out of the magnetosphere - before moving out under their own power. Anything else is not politically possible even if the engineering worked.
I don't think it would be polite to slashdot it. Send me an e-mail.
From what I've been reading*, they amatuer rocket community is giving this challenge a lot of thought. There are development plans that look realistically capable of putting a lander on the moon for a budget close to the size of the prize. (Although the timeframe is tight.) Some of these plans call for multiple attempts with anticipation of initial failures.
It seems that one of the hardest parts of the prize is the communications problem. The prize conditions specify approximately a gigabyte of data to be transmitted from the moon, with some data gathered on-site and some carried along by the vehicle. It turns out that the data rate necessary to transmit that much data within one lunar day seems to be higher than can realistically be achieved without an aimed high-gain antenna. That in turn puts a lower bound on the size of hardware that has to be landed on the moon.
[*: On the most fasciniating list I've ever lurked.]
I ain't sayin' it's right, only that it's a useful metaphor for understanding the debate.
:-)
With that, I shall stop arguing with an AC.
"And dude, the software's not really alive."
I know that, and you know that, but nevertheless that metaphor is the best way I've found to understand the philosophical difference between the GPL and BSD licenses, and why those folks can't seem to get along.
This from a guy who uses the word "propietarians".
The real irony is that he's trademarked it.
"Or, I understand the philosophy, but I think that particular way of putting it is a bit of FUD slinging."
I don't think it's meant as FUD. Actually the idea that the code itself has been emancipated, so that no one can bind it or its children with the chains of ownership ever again, is quite an attractive and appealing idea.* Stallman was a bloody genius to come up with such a wild abstraction. He's freed the slaves all over again, it's just that these slaves are not human.**
However, while this philosophy maximizes the freedom of the code itself, it does so at some cost to other interests. One cannot bind the software with the chains of ownership again - that's the whole point - which is a bit of a problem if one wishes to write code that can be used by any human for any purpose even if it means some of the code's children can be chained up again by some bloody-minded capitalist while others remain free. The BSD license maximizes the freedom of people, while not providing complete protection from slavery for all of the code's children.
Both licenses attempt to maximize freedom, but they do so in different ways and for different interests; to secure those different freedoms they must make different tradeoffs.
[*: When I say this I definitely do not mean to spread Fear, Uncertainty, or Doubt. It's meant as a compliment... although there are of course some who will view Stallman's grand idea as just bizarre philosophical wanking.]
[**: And if you think this debate is interesting, just wait until the GPL philosophy meets seemingly self-aware robots! See also Asimov's book "I, Robot".]
"Apple will never be able to really compete with Vista (or Microsoft) as long as they insist on being a hardware company before all. "
And from this, we can draw the inference that Apple just doesn't want to tackle Vista head-on. They've got a model that works; it's given them (mostly) happy customers, a fabulous brand image, happy shareholders, and several hojillion dollars in the bank. Why would they want to risk their brand image and their long-term profitability by diverting the resources to run on a zillion different hardware platforms?
Someday OS X (or its successor) will come out for all PCs. But that's (probably) not going to happen while PC hardware still a big profit center for Apple.
"Yea, it's a site to swap software serial numbers."
Darn, I was hoping it was a site about Mac serial ports. I was gonna go ask a question...
I've been seeing pictures of that thing for a year or two. It was built in Longview, Washington or thereabouts and people 'round here kept posting snapshots of it on their blogs with titles like "What the hell is this thing?"
Movies? Check.
Microcode? Check.
Now for high-speed pizza delivery...
True, true. Apple will miss out on, oh, let's call it 400,000[1] credits used * $100 = $40,000,000 of potential unrealized revenue.
However, they don't just give that money up and get nothing for it:
* They get great publicity that makes them appear responsive to customers - the story is all over the non-tech news.
* They restore a lot of goodwill among early adopters, who are an important crowd for Apple.
* It's a great loss-leader to get those people - known big spenders - back into the store to spend more money.
* If it's used on Apple software or hardware, it will increase their installed base and marketshare.
So yeah, they're going to miss out on $40 million, but they get value for it that's probably better than the same amount spent on advertising in any media.
[1: Assuming they've sold 800,000 eligible units and 50% of buyers acquire and use their credits.]
"If you give $100 Apple Store credit to the sort of people who bought an iPhone on iPhone Day, that's all the excuse they need to buy a new iPod, or a MacBook or another iPhone."
Even better if most of them spend it on Apple software. Such as, I dunno, maybe Leopard? Due out next month?
Teh Steve is laughing all the way to the bank, and this time I'm laughing right along. This is so brilliant it almost has to be on purpose.