Squaring key lengths would be entirely impractical. That said, the improvements only apply to a case of discrete log which isn't actually in use. Cryptographic algorithms generally depend on hardness of discrete log mod p (p a large prime), not in the field with p^k (p fixed, k large).
Yes; the preprint was posted to arXiv when the research was completed. Obviously Science Magazine (the source for the slashdot posting) prefers to write about results when the journal article comes out later, because otherwise the magazine would to check the preprints for correctness on its own, which it can't be expected to do.
Reading the paper, the most notable feature is that their algorithm is efficiency for constant characteristic, including the common case of fields of characteristic 2. It's also okay for the characteristic to grow somewhat with the size of the field, but not very fast.
This is not at all relevant to most implementations of DH, which use prime fields of large characteristic. For example, DSA depends on discrete log modulu a large prime p. In particular, I wouldn't worry about forward secrecy of current internet traffic.
If DNA sequencing means taxonomy is now straightforward, then it's good students are switching to other fields. The goal of science is to solve problems, not to ossify. In this case, while taxonomy may cease to be a significant research field, morphology (understanding the structure and evolution of plants and animals) is surely going to continue. The people doing it will simply not be called "taxonomists" anymore.
During the 80s and 90s there were different projects trying to determine the cosmological parameters (mass density, curvature, cosmological constant, Hubble constant, etc). Then WMAP was launched in 2001, and by 2006 (release of 3-year data) the previous techniques were obsolete. Do you think many students in 2001 started working on the old techniques? Should they have? But we haven't lost interest in the cosmological parameters.
Many publishers will try to bribe professors to use their book for a course. Either you're very honest & kind or your class is small.
Do you have first-hand experience with this? It has never happened to me.
Publishers routinely send me free books with the hope I'll use them for a course. Almost all have a policy of giving you a free copy of any book you make mandatory for a large enough class (say 100 students) -- which is the closest it gets to a "bribe" -- but in fact it's basically irrelevant to the decision. First of all, the only reason I need the book is for teaching purposes, I'm not particularily motivated to own it except for use during that particular class. Second, since the book is for teaching, if I don't have a copy the academic department (my employer) will buy one for me to use during the course. So the only thing this "desk copy" policy do is save some money for my boss; it has no effect on how I choose a textbook.
I'm a professor, actually. In two words, you're wrong . If the book is only used in the class of the professor who taught it, the book will go out of print in a jiffy, and in any case the total harm to a single class of students is negligible. For a book to actually stay in print, many professors in many universities must use it. In this case very few will, and the problem will solve itself.
As a university faculty member I consider the cost of textbooks whenever I choose one for a course. I try to never require students to buy the book (I'm not always in charge of the course I teach, so I can't always do this), and I prefer books that are available on SpringerLink (whole-book DRM-free PDFs are available to all our students since our university subscribes). I doubt many faculty members will actually assign this textbook.
A manufacturer is attempting to circumvent the secondary market by only lending its products instead of selling them. This isn't an end run around the "first sale" principle exactly because the publisher doesn't plan to sell the books in the first place.
What they are trying to do should be legal -- but hopefully it won't work because professors will refuse to assign this textbooks.
I agree that are asking for absurd permissions, but I don't see the store as responsible for policing app permissions. Rather, you and I do so by refusing those updates and by not installing the apps on the first place.
If most consumers don't care, then we who do need to live in the "long tail"; mainstream apps won't cater to us.
As we understand galaxy formation better, galaxy mergers are an increasingly important topic. It's cool to have direct evidence of this type; probably this will spur more merger simulations designed to track the black holes.
Homework -- self practice -- is where you actually learn the material. When parents do their kids' homework, the kids lose the opportunity to learn the material for themselves.
This isn't to say that students don't need help. Rather, they need help thinking through the material instead of the "help" of being told the solution.
The headline creates the impression that this is a real-time adaptation of BSD (the "Berkeley Software Distribution", that is, BSD Unix). In fact, this OS is an original development; it is merely licensed under the terms that BSD is licensed under.
Would the headline have said "A GNU real-time OS" if it was licensed under the GPL, the license of the GNU operating system?
The link is to a news story behind the Wall Street Journal's paywall; I think such stories should be reconsidered. Such situations are acceptable with posts on science, which often link both to a popular-science write-up and to the original journal article: probably those readers with the expertise to read the original literature are subscribers. Links to ordinary news stories should follow the same policy: if there must be a link to a paywalled story, a link to a generally accessible version should be expected as well.
-- If your main concern is someone remotely accessing your machine while it is connected to the internet, then full-disk encryption is irrelevant. Programs running on your computer must be able to read the disk. Specifically regarding those WiFi passwords the article is trying to scare you with, they are stored in a file which is only readable by the root (=administrator) user. If the "evil" program can read the file, it has already achieved full privileges on your machine, and it reading WiFi passwords is the least of your concerns.
-- If, on the other hand, you would like protection against people who physically hold your machine (border guards when leaving/entering countries, or your business competitor who has stolen your machine) then you absolutely need full-disk encryption. Having restrictions on which programs can read a file is no protection against someone who can extract the harddrive from your machine and plug it into theirs (or simply boot your machine from a live-CD), gaining automatic access to every bit of information.
In short, in order to decide what security you need, you must first formulate your threat model. For a funny take on this see XKCD.
I don't think you appreciate the point. In most cases, rather than multiplying 152343x1534324, you might as well just multiply 15x10^4x15x10^5 = 225x10^9
. And to understand this you need to be very comfortable with what 2+2 equals exactly.
This is not about data centers and databases. This is about scientific computation -- video and audio playback, physics simulation, and the like.
The idea of doing a computation approximately first, and then refining the results only in the parts where more accuracy is useful is an old idea; one manifestation are multigrid algorithms.
An "air gap" means making sue a computer cannot exchange information with other computers. LAN is one way to do so, but other sensors on the computer can be used for input, and other devices for output. Is it really a surprise that the microphone on a computer can be used as an input device?
The cost of delivering power has two components: fixed costs (say, power lines to the home) and variable costs (say, of producing the power) The current system was to bundle the fixed costs into the variable ones, and just chage proportional to consumption. Since those selling back power to the grid still need to pay for the fixed costs, this principle of this change seems right. Better execution would have been to add the fixed cost to everyone and make a corresponding reduction to the marginal (per KWh) tariff, at which point those with and without solar panels would be treated equally.
If you assume that consumption of gas is independent of price (totally ineslastic demand), then raising the tax will increase revenue. But in the real world, when prices go up consumption goes down, and at current prices it is very well possible that raising the tax rate will lower consumption enought to lower revenue -- at which point lowering the rate would be the way to raise more revenue.
The problem with a gas tax is that as energy-efficient vehicles become more common, the state's expenses (road maintenance) are becoming less and less correlated with fuel consumption. But since tracking drivers to collect actual usage tax is far worse, I agree that gas taxes are better.
Java applets are an essential tool for science education -- as simulators, calculators etc. Are all these research groups supposed to get some authority to digitally sign their applets?
Fundametally, a major aspect of Java security is that, since it runs on a VM, an applet it is inherently encapsulated. Yes, VM bugs can cause problems, but the value of all the free educational applets online far exceeds any possibly security benefits of unptached VM bugs.
When it was discovered in 2007 that the NSA insisted on adding this PRNG to the standard, with constants they chose the general reaction was "so what? after all, this is one of many alternatives, and it is the slowest and least efficient". I assumed their idea was to somehow choose the PRNG in applications where they were one of the parties, but that seemed unlikely.
It's now clear what the idea was: secretly having companies use this PRNG. The original assumption was that companies voluntarily choose what products to put out, and that no-one would choose the obviously worst alternative. But if the NSA chould be the ones choosing...
Slashdot Mirror
Squaring key lengths would be entirely impractical. That said, the improvements only apply to a case of discrete log which isn't actually in use. Cryptographic algorithms generally depend on hardness of discrete log mod p (p a large prime), not in the field with p^k (p fixed, k large).
Yes; the preprint was posted to arXiv when the research was completed. Obviously Science Magazine (the source for the slashdot posting) prefers to write about results when the journal article comes out later, because otherwise the magazine would to check the preprints for correctness on its own, which it can't be expected to do.
Reading the paper, the most notable feature is that their algorithm is efficiency for constant characteristic, including the common case of fields of characteristic 2. It's also okay for the characteristic to grow somewhat with the size of the field, but not very fast.
This is not at all relevant to most implementations of DH, which use prime fields of large characteristic. For example, DSA depends on discrete log modulu a large prime p. In particular, I wouldn't worry about forward secrecy of current internet traffic.
TFA links to the published version on SpringerLink, which is paywalled. A free preprint is available on the arXiv.
If DNA sequencing means taxonomy is now straightforward, then it's good students are switching to other fields. The goal of science is to solve problems, not to ossify. In this case, while taxonomy may cease to be a significant research field, morphology (understanding the structure and evolution of plants and animals) is surely going to continue. The people doing it will simply not be called "taxonomists" anymore.
During the 80s and 90s there were different projects trying to determine the cosmological parameters (mass density, curvature, cosmological constant, Hubble constant, etc). Then WMAP was launched in 2001, and by 2006 (release of 3-year data) the previous techniques were obsolete. Do you think many students in 2001 started working on the old techniques? Should they have? But we haven't lost interest in the cosmological parameters.
Do you have first-hand experience with this? It has never happened to me. Publishers routinely send me free books with the hope I'll use them for a course. Almost all have a policy of giving you a free copy of any book you make mandatory for a large enough class (say 100 students) -- which is the closest it gets to a "bribe" -- but in fact it's basically irrelevant to the decision. First of all, the only reason I need the book is for teaching purposes, I'm not particularily motivated to own it except for use during that particular class. Second, since the book is for teaching, if I don't have a copy the academic department (my employer) will buy one for me to use during the course. So the only thing this "desk copy" policy do is save some money for my boss; it has no effect on how I choose a textbook.
I'm a professor, actually. In two words, you're wrong . If the book is only used in the class of the professor who taught it, the book will go out of print in a jiffy, and in any case the total harm to a single class of students is negligible. For a book to actually stay in print, many professors in many universities must use it. In this case very few will, and the problem will solve itself.
But they don't have to sell the books. They can just lend them for a fee, and that would be perfectly legal.
As a university faculty member I consider the cost of textbooks whenever I choose one for a course. I try to never require students to buy the book (I'm not always in charge of the course I teach, so I can't always do this), and I prefer books that are available on SpringerLink (whole-book DRM-free PDFs are available to all our students since our university subscribes). I doubt many faculty members will actually assign this textbook.
A manufacturer is attempting to circumvent the secondary market by only lending its products instead of selling them. This isn't an end run around the "first sale" principle exactly because the publisher doesn't plan to sell the books in the first place.
What they are trying to do should be legal -- but hopefully it won't work because professors will refuse to assign this textbooks.
I agree that are asking for absurd permissions, but I don't see the store as responsible for policing app permissions. Rather, you and I do so by refusing those updates and by not installing the apps on the first place.
If most consumers don't care, then we who do need to live in the "long tail"; mainstream apps won't cater to us.
As we understand galaxy formation better, galaxy mergers are an increasingly important topic. It's cool to have direct evidence of this type; probably this will spur more merger simulations designed to track the black holes.
Homework -- self practice -- is where you actually learn the material. When parents do their kids' homework, the kids lose the opportunity to learn the material for themselves.
This isn't to say that students don't need help. Rather, they need help thinking through the material instead of the "help" of being told the solution.
The headline creates the impression that this is a real-time adaptation of BSD (the "Berkeley Software Distribution", that is, BSD Unix). In fact, this OS is an original development; it is merely licensed under the terms that BSD is licensed under.
Would the headline have said "A GNU real-time OS" if it was licensed under the GPL, the license of the GNU operating system?
The link is to a news story behind the Wall Street Journal's paywall; I think such stories should be reconsidered. Such situations are acceptable with posts on science, which often link both to a popular-science write-up and to the original journal article: probably those readers with the expertise to read the original literature are subscribers. Links to ordinary news stories should follow the same policy: if there must be a link to a paywalled story, a link to a generally accessible version should be expected as well.
Labelling your opponents "trolls" will be the new corporate propaganda term, just like labeling copyright infringement "pirates".
What is your threat model?
In short, in order to decide what security you need, you must first formulate your threat model. For a funny take on this see XKCD.
I don't think you appreciate the point. In most cases, rather than multiplying 152343x1534324, you might as well just multiply 15x10^4x15x10^5 = 225x10^9
. And to understand this you need to be very comfortable with what 2+2 equals exactly.
This is not about data centers and databases. This is about scientific computation -- video and audio playback, physics simulation, and the like.
The idea of doing a computation approximately first, and then refining the results only in the parts where more accuracy is useful is an old idea; one manifestation are multigrid algorithms.
An "air gap" means making sue a computer cannot exchange information with other computers. LAN is one way to do so, but other sensors on the computer can be used for input, and other devices for output. Is it really a surprise that the microphone on a computer can be used as an input device?
The cost of delivering power has two components: fixed costs (say, power lines to the home) and variable costs (say, of producing the power) The current system was to bundle the fixed costs into the variable ones, and just chage proportional to consumption. Since those selling back power to the grid still need to pay for the fixed costs, this principle of this change seems right. Better execution would have been to add the fixed cost to everyone and make a corresponding reduction to the marginal (per KWh) tariff, at which point those with and without solar panels would be treated equally.
If you assume that consumption of gas is independent of price (totally ineslastic demand), then raising the tax will increase revenue. But in the real world, when prices go up consumption goes down, and at current prices it is very well possible that raising the tax rate will lower consumption enought to lower revenue -- at which point lowering the rate would be the way to raise more revenue.
The problem with a gas tax is that as energy-efficient vehicles become more common, the state's expenses (road maintenance) are becoming less and less correlated with fuel consumption. But since tracking drivers to collect actual usage tax is far worse, I agree that gas taxes are better.
Java applets are an essential tool for science education -- as simulators, calculators etc. Are all these research groups supposed to get some authority to digitally sign their applets?
Fundametally, a major aspect of Java security is that, since it runs on a VM, an applet it is inherently encapsulated. Yes, VM bugs can cause problems, but the value of all the free educational applets online far exceeds any possibly security benefits of unptached VM bugs.
When it was discovered in 2007 that the NSA insisted on adding this PRNG to the standard, with constants they chose the general reaction was "so what? after all, this is one of many alternatives, and it is the slowest and least efficient". I assumed their idea was to somehow choose the PRNG in applications where they were one of the parties, but that seemed unlikely.
It's now clear what the idea was: secretly having companies use this PRNG. The original assumption was that companies voluntarily choose what products to put out, and that no-one would choose the obviously worst alternative. But if the NSA chould be the ones choosing ...
First, note the name of the court. Second, consider the surveillance Google et al would like to discuss.