That's not a one-time pad, even if there were only one copy of the DVD. The pad must be *random*. That is, it must be impossible (both practically and theoretically) to construct a test that would determine whether or not any given pad is valid. Individual DVD movies do not have this property. Even if the DVDs themselves *were* totally random, everyone has access to them, so assuming that there are 100 million different movies to choose from, your scheme has *at most* 27 bits of computiational security, and probably substantially less.
Of course, if you know that your attacker isn't going to have access to all the DVD movies in the world, then your calculated risk is lowered (your security remains the same). However, the reason why people talk about the one-time pad in the first place is that it's immune to *any* attacker. Your scheme is interesting, but it's not comparable to a one-time pad.
It's good to see you're thinking about it, though. If you keep at it, you'll improve.
Companies often avoid having their programmers interact with the general public. It might be a good idea to avoid having their lawyers interact with the general public, for the same reasons.
"Copyright protection" is something that the *law* does. "Copy protection" (or perhaps more accurately, "copy prevention") is something that technology does.
It does no good to use these terms interchangeably.
No. I didn't say that. I never said anything about giving up freedoms.
Don't be naive. You said:
Unfortunately, this begs the ugly question of whether or not commercial skip should be allowed. Frankly, I think there's a compromise here. Get rid of commercial skip and add fast forward.
The obvious way this would be done is by legislating/regulating feature out of existence, i.e. giving up freedom.
Uhm...giving up what freedom? What he said was that they should not offer commercial skip; they should offer fast forward.
The freedom to buy devices that do offer a commercial-skip feature. Or do you think manufacturers will all voluntarily leave out this feature forever without any influence from the regulatory bodies?
Linux probably does not have "just about as many security flaws as Windows", because its design is simpler and there are fewer places for things to go wrong, among other reasons. You are obviously making statements that about things you know hardly anything about, so I put you in my foes list to remind me of that.
However, you've touched on an important point about computer security: to an attacker, the number of security holes in a system is almost totally irrelevant. If I were an attacker, I'd be more concerned about the types of security holes in a system, than the absolute number of them. For example, if I run a malicious webserver, and my goal is to install a key-logging driver into the kernel of a Linux machine that accesses my webserver, I need two types of security flaws: one in the web browser that lets me execute arbitrary code, and one in the OS so I can get root privileges to install the driver.
This where people get confused. Having 2 or 2000 local root holes doesn't help me if I can't execute arbitrary code on the computer, and having 2 or 2000 arbitrary code execution holes doesn't help me if I can't get root privileges. I need exactly one hole of each type for my attack to be successful. Beyond that, it makes little difference.
So, if you create two categories, "secure" and "not secure", Linux and Windows fall into the same category: "not secure". Most systems fall into that category. If you're a decision-maker, and you're forced to use some of these systems, even though you know that they are all "not secure", which ones do you choose?
You choose the ones that are going to minimize your risk. If that means choosing Linux, or some heterogeneous mix of systems, simply because that arrangement is less popular and therefore less likely to be exploited, then so be it. It's still a sound decision, given the circumstances.
Regarding people demonizing Microsoft, don't you find it the least bit pathetic that a loosely-knit group of poorly-organized hobbyists working on their spare time can be even remotely competitive against the industry leader, a company that can spend billions of dollars per year on software development?
What about all the people over the last decade who trusted Microsoft with their data, only to find out that (until recently) Microsoft didn't care about keeping it secure? Should they not be angry?
What about Microsoft's idea of "ease of use": menus that are never in the same place, and word processors that mangle your data because "it looks like you're writing a letter"? Or how about the general Microsoft "we know better" attitude? Software that makes your computer not do what it's told (DRM)? Product keys? EULAs? Software patents? Mandatory file locks (sharing violation)? The Win32 API? Broken CSS support? Horrible context-switching performance? mikerowesoft.com? "Best Viewed with Internet Explorer"? The need to use defrag.exe? The DR-DOS error messages? Abandoning OS/2? "Abort/Retry/Ignore/Fail"? Direct3D? ActiveX? DLL Hell? "There are no significant bugs in our released software that any significant number of users want fixed"? The way the MSN website seemed to deliberately break itself when people used Opera to view it?
Microsoft is a leader that's doing a crappy job, on top of its selfish motivations. People don't like that. You may not see Microsoft as being evil, but you shouldn't be surprised or disgusted that others do.
Re:On-demand is the future, today.
on
Television Reloaded
·
· Score: 2, Insightful
Get rid of commercial skip and add fast forward. I know this option won't go well with a lot of people. Sorry. But it's a sticky situation. If ads aren't being watched, the main source of revenue for these shows suddenly disappears.
So, if I understand this correctly, you're saying that every time technology changes in a big way, the public should give up a little bit of freedom. What will be left in 100 years?
I watch TV a lot, but I'd rather see TV die than take away people's freedom in order to save it. But that's probably a moot point, since in reality, TV won't die: there is money to be made selling television service to consumers.
It seems that permissions in the registry are given at the "folder" rather than at the key level.
What are "folders" in the registry, exactly? My understanding is that the registry has keys, and every key can contain other keys, an unnamed value, and multiple named values. i.e. The things that look like folders in Regedit *are* they keys, aren't they?
3 phases + neutral? I doubt it. Maybe 3 phases + strength reinforcement? IIRC, you typically wire the neutral wire (and the safety ground) to a spike in the soil.
Wow, do you have any idea how much optical fibre you could run alongside the existing lines for the amount that it would cost to replace every single power line in North America? With shielded cable?
Not only that, but I'd guess that the grid is so noisy that you'd have to transmit at a fairly high power in order to get a discernable, high-data-rate signal through it.
This may be a dumb question, but would the fact that the AC delivered over power lines in the UK operates at a different frequency than it does in the US make a difference in the amount/kind/acceptability of the interference produced?
Probably not. It isn't the 50-60 Hz frequency range that are the problem, it's the frequencies above that (which are used to carry data) that are the problem. The electrical grid is essentially a big, noisy, broadcast antenna. That's fine when you're only transmitting a narrow 50 or 60 Hz signal, but it's probably terrible for much else.
Slashdot Mirror
That's not a one-time pad, even if there were only one copy of the DVD. The pad must be *random*. That is, it must be impossible (both practically and theoretically) to construct a test that would determine whether or not any given pad is valid. Individual DVD movies do not have this property. Even if the DVDs themselves *were* totally random, everyone has access to them, so assuming that there are 100 million different movies to choose from, your scheme has *at most* 27 bits of computiational security, and probably substantially less.
Of course, if you know that your attacker isn't going to have access to all the DVD movies in the world, then your calculated risk is lowered (your security remains the same). However, the reason why people talk about the one-time pad in the first place is that it's immune to *any* attacker. Your scheme is interesting, but it's not comparable to a one-time pad.
It's good to see you're thinking about it, though. If you keep at it, you'll improve.
Add in that restriction and md5 could become a difficult problem again :)
Um... that's what they *did*:
Apparently, they also can only be piloted by 14-year-olds. On top of that, these things have a mind of their own, so be careful!
Companies often avoid having their programmers interact with the general public. It might be a good idea to avoid having their lawyers interact with the general public, for the same reasons.
Heh! You must be new here.
"Copyright protection" is something that the *law* does. "Copy protection" (or perhaps more accurately, "copy prevention") is something that technology does.
It does no good to use these terms interchangeably.
EntroPay offers a similar service.
Somebody needs to be taken out back and shot! ;-)
Don't be naive. You said:
The obvious way this would be done is by legislating/regulating feature out of existence, i.e. giving up freedom.
The freedom to buy devices that do offer a commercial-skip feature. Or do you think manufacturers will all voluntarily leave out this feature forever without any influence from the regulatory bodies?
Don't like what people say on Slashdot? Don't partake then.
At least in Linux, if you're root, you can get *all* keystroke events, not just ones associated with a particular user's terminal or X session.
In theory. In practice, probably not.
However, you've touched on an important point about computer security: to an attacker, the number of security holes in a system is almost totally irrelevant. If I were an attacker, I'd be more concerned about the types of security holes in a system, than the absolute number of them. For example, if I run a malicious webserver, and my goal is to install a key-logging driver into the kernel of a Linux machine that accesses my webserver, I need two types of security flaws: one in the web browser that lets me execute arbitrary code, and one in the OS so I can get root privileges to install the driver.
This where people get confused. Having 2 or 2000 local root holes doesn't help me if I can't execute arbitrary code on the computer, and having 2 or 2000 arbitrary code execution holes doesn't help me if I can't get root privileges. I need exactly one hole of each type for my attack to be successful. Beyond that, it makes little difference.
So, if you create two categories, "secure" and "not secure", Linux and Windows fall into the same category: "not secure". Most systems fall into that category. If you're a decision-maker, and you're forced to use some of these systems, even though you know that they are all "not secure", which ones do you choose?
You choose the ones that are going to minimize your risk. If that means choosing Linux, or some heterogeneous mix of systems, simply because that arrangement is less popular and therefore less likely to be exploited, then so be it. It's still a sound decision, given the circumstances.
Regarding people demonizing Microsoft, don't you find it the least bit pathetic that a loosely-knit group of poorly-organized hobbyists working on their spare time can be even remotely competitive against the industry leader, a company that can spend billions of dollars per year on software development?
What about all the people over the last decade who trusted Microsoft with their data, only to find out that (until recently) Microsoft didn't care about keeping it secure? Should they not be angry?
What about Microsoft's idea of "ease of use": menus that are never in the same place, and word processors that mangle your data because "it looks like you're writing a letter"? Or how about the general Microsoft "we know better" attitude? Software that makes your computer not do what it's told (DRM)? Product keys? EULAs? Software patents? Mandatory file locks (sharing violation)? The Win32 API? Broken CSS support? Horrible context-switching performance? mikerowesoft.com? "Best Viewed with Internet Explorer"? The need to use defrag.exe? The DR-DOS error messages? Abandoning OS/2? "Abort/Retry/Ignore/Fail"? Direct3D? ActiveX? DLL Hell? "There are no significant bugs in our released software that any significant number of users want fixed"? The way the MSN website seemed to deliberately break itself when people used Opera to view it?
Microsoft is a leader that's doing a crappy job, on top of its selfish motivations. People don't like that. You may not see Microsoft as being evil, but you shouldn't be surprised or disgusted that others do.
By the time you found out, it could easily be too late.
That joke will have to wait in line behind my Amiga... ;-)
48.5%???
So, if I understand this correctly, you're saying that every time technology changes in a big way, the public should give up a little bit of freedom. What will be left in 100 years?
I watch TV a lot, but I'd rather see TV die than take away people's freedom in order to save it. But that's probably a moot point, since in reality, TV won't die: there is money to be made selling television service to consumers.
With any luck, this move will soon result in the outright dropping of crypto export restrictions. Hooray!
What are "folders" in the registry, exactly? My understanding is that the registry has keys, and every key can contain other keys, an unnamed value, and multiple named values. i.e. The things that look like folders in Regedit *are* they keys, aren't they?
Yes, those are obviously "Dennis" and "Fingertip".
3 phases + neutral? I doubt it. Maybe 3 phases + strength reinforcement? IIRC, you typically wire the neutral wire (and the safety ground) to a spike in the soil.
Wow, do you have any idea how much optical fibre you could run alongside the existing lines for the amount that it would cost to replace every single power line in North America? With shielded cable?
Not only that, but I'd guess that the grid is so noisy that you'd have to transmit at a fairly high power in order to get a discernable, high-data-rate signal through it.
Probably not. It isn't the 50-60 Hz frequency range that are the problem, it's the frequencies above that (which are used to carry data) that are the problem. The electrical grid is essentially a big, noisy, broadcast antenna. That's fine when you're only transmitting a narrow 50 or 60 Hz signal, but it's probably terrible for much else.