The.eu domain is going through european parliament at the moment, most people think it's a great idea, and they're taking the time to do it properly, apparently with ICANN cooperating!
No mention yet of splitting this domain: looks like it will remain.eu, rather than separating.gov.eu,.com.eu,.org.eu, etc.
Prices expected to be on the high side (£60+ per year?), indicating that it's aimed at large organisations. Presumably european politics will stay inside europa.eu, once it loses its.int suffix.
offtopic: why so many loopholes in US laws? you gave one example, data protection is another. With 600-odd lawyers in congress, why so many laws to ban *one particular instance* of bad-behaviour, rather than a class?
There are a few registered and quite a few anonymous users currently online. Current bandwidth usage: 6.80 kbit/s Oct 19 12:02 EDT
Guess they stopped counting. We're supposed to be impressed that their dynamic page with 7 embedded tables and 160 images loads in less than three minutes?
If only they hadn't copied the review format from Toms Hardware. Take a 1000-word article, add 2000 words of padding, and split between 9 pages including an index.
"A major topic in the field of topology is the Four Color Conjecture, which states that you need only four colors to ensure that no two adjaced regions on a political map have the same color, regardless of their shape or number, except for regions that meet at a single point."
Maps have 5 colours; one is reserved for water
Re:And this is better than a good portable device.
on
Car Digital Assistant
·
· Score: 3, Funny
You will need Windows Media Player 12 to listen to this track. Please upgrade your car.
How odd, no one must have told them that the project ended, according to your comment.
What am I, a journalist that I must check my sources rather than just commenting from memory?
A google-search, as usual, turns up varieties of information. I discovered the following article on ZDNet news with a 2002 date at the bottom.
[Of course, this might be an auto-generated copyright statement using the current year, but I dread to think the legal implications of them doing that on something written before they claim]
Quoted text follows:
SE Linux may be the NSA's last direct contribution to open-source security, however. Because of the loud criticism, the NSA will have a far less direct role in the creation of more secure versions of open-source software.
"We didn't fully understand the consequences of releasing software under the GPL (General Public Licence)," said Dick Schafer, deputy director of the NSA. "We received a lot of loud complaints regarding our efforts with SE Linux."
Many complaints criticized the agency for providing the fruits of research to everyone, not just US companies and thus hurting American business.
While stressing that the agency received a loud chorus of support as well, the chagrined Schafer said that the issue was contentious enough that "we won't be doing anything like that again."
Sources familiar with events said that aggressive Microsoft lobbying efforts have contributed to a halt on any further work. "Microsoft was worried that the NSA releasing open-source software would compete with American proprietary software," said a source familiar with the complaints against the NSA who asked not to be identified.
Microsoft would not comment directly on its lobbying efforts, but did stress that it wanted to ensure the government continued to fund commercial ventures. "The federal government plays an important role in funding basic software research," said a Microsoft representative. "Our interest is in helping to ensure that the government licenses its research in ways that take into account a stated goal of the US government: to promote commercialization of public research."
Simple. The tech community should be smart enough to help themselves. It would be a weak industry indeed if we all depended on one person to solve the difficult problems.
Subversion was written by people who saw CVS and wanted something which was free. This is the way things should work, and indeed, it seems to be working very well. No need to go begging back to our political leaders. Isn't GCC enough of a gift?
At a guess, the fundamental reason your requests are being ignored is that people who write software on their own don't need CVS. What ESR calls the cathedrals, they don't need committees to decide whose turn it is to design the roof today. So why should somebody who can shut themselves into an office for 2 weeks and write a programming language need a CVS replacement? Isn't that something for the teams of 20 people next door divvying up tasks between themselves?
Like the kernel developers, for example.
Or the mozilla team.
Or any of the thousands of companies who pay for Visual-SourceSafe licenses each year.
Or literally, anyone with an interest in DIFF and GZIP with time on their hands looking for a project.
It's biomimical, i.e. scorpions have evolved for millions of years in that environment, and one of the things this evolutionary process found was the usefulness of 8 legs. Why do you think scorpions didn't evolve with wheels? When you want to build something for a particular project, look at what worked before, and in this case, the scorpions work when wandering around in the desert.
The major design feature of this thing over an organic scorpion is that energy comes from photovoltaic cells, rather than from eating (and catching) food. Presumably there's a reason why nothing evolved PV cells in nature (too big a jump from a stable design involving digesting food?) but that should make it easier for the robot to get energy without wasting time catching bugs.
"Imagine, being slashdotted without assistance from slashdot.org ! The horrors! What [other] force in the universe is capable of such obliterative power?"
PAN DOWN to reveal a monstrous half-completed Death Star[blender.org], its massive superstructure curling away from the completed section like the arms of a giant octopus. Beyond, in benevolent contrast, floats the small, green moon of ENDOR[petswarehouse.com]
"But wouldn't it be smarter to develop the driver in a clean-room environment? That is without any reverse engineering or especially the use of documents that you probably aren't supposed to have? Frankly, it just seems like you're looking for a lawsuit.
Only an american would look at a programming project, and their first thought be "who can I sue and why?"
I'm fairly dissappointed in RMS in this- You'd think if anyone was going to make a GNUkeeper, it'd be him.
Does that not seem a little childish, to demand of the person who gave you most of the operating system you are now using, that he continue to get you out of proprietary software ruts in the future?
Teach someone to fish and they're fed for life
So RMS taught the software world how to create free software, and it was this which allows you to run free software now. Were it not for the GNU license, linux, gnome, kde, openoffice, and mozilla would all now be costly, proprietary, and closed. Yet you still demand that RMS pay his way by writing software for you on demand?
Richard, can you give me another fish? I can't seem to get the hang of this rod-and-line lark you taught me.
Yep, and virus-scanners are a big pile of poo too, solving a problem that could better be solved by banning microsoft products.
Ever tried to compile an OS while your virus-checker scans each and every source-file in the entire program, each time you access the file?
DRM would be essentially similar: Although you could get admin on your NT box to turn the virus checker off while you compile, a DRM system would have no such facility (i.e. the administrator would be His Billness) and the system would have that very same requirement of scanning every file you access.
Think about it. Think about how long it will take you to check the certificate of every file in even just the linux kernel. It's some factor-of-ten slowdown or so for a virus checker, and will be similar for DRM.
Your other consideration is that his cryptosystem has none of the advantages of modern systems, i.e. it's symmetric. We already have symmetric encryption, have done for milennia. What innovation is that?
More to the point, can we name any headline mathematical attacks on cryptography recently? Most of the broken encryption I see on the news has come from key-loggers, compromised passwords, and rubber-hose cryptography by constables armed with RIP search-warrants and the threat of 2 years holiday if you don't tell this nice man your password.
(100BC) OTP, Symmetric cyphers, (RECENT) Hashing, Assymmetric cyphers, Quantum channels, steganography, chaffing, deniable storage and channels, webs of trust, (NOW) and eventually distributed passwords to combat legal attacks. Note how the most recent innovations have been as much in processess as in mathematics.
How strange. Modded up and down so much just for putting a reading-list on.
As you probably know, if you have read these books, One Time Pad is _provably_ unbreakable
Best demonstrate my reading then: A one-time pad contains more information than the message itself, and needs to be transmitted securely. So if you have the capability to send that much information securely, why not just send the message itself that way.
(answer: so you can time-shift the security, and send lots of secure messages following one couriered' OTP-on-CD)
Provable security: such messages can equally well decrypt to any plaintext, depending on which OTP you choose. This very message is OTP-encrypted, and if you choose an appropriate pad, it will decrypt to the first few paragraphs of paradise lost. But you couldn't prove that it did.
You do know one thing about it's message: it's length. You typically also know that the message is encrypted. Often quite useful to know.
(As Schneier says: on the eve of the bombing of Iraq, pizza-deliveries to the pentagon increased tenfold. Traffic-analysis is useful: the pizza drivers knew something was happening)
There is a weakness of one-time-pads, mentioned by someone else in the thread: it's only as secure as the random-number generator used to create it. I think analysing random-number generators may well need similar skills to analying cryptosystems themselves: Most of us know that tuning a software-radio to static works (if your enemy isn't transmitting known static as you do so), but how many people would be able to analyse the proverbial MPEG-of-a-lava-lamp random number generator?
Of course, the other attacks are imagination-limited. OTP's 'provable absolute security' is mathematical, not real-world. Couriers intercepted in transit? Messages stored in plaintext after decryption? Do you completely trust the device used to decrypt (whether computer or person)? Even the most secure of secure cryptosystems is no defense against someone attacking your building and militarily siezing the encryption pad.
Interesting discussion, but the many-time-pad being discussed is just a distracting waste of time. It's not new, it's not secure, it's not patentable, it's not useful, and this I know without even looking at it, just from the claims of its inventor.
Slashdot Mirror
http://europa.eu.int/ , .int being ."international"
.eu domain is going through european parliament at the moment, most people think it's a great idea, and they're taking the time to do it properly, apparently with ICANN cooperating!
.eu, rather than separating .gov.eu, .com.eu, .org.eu, etc.
.int suffix.
The
No mention yet of splitting this domain: looks like it will remain
Prices expected to be on the high side (£60+ per year?), indicating that it's aimed at large organisations. Presumably european politics will stay inside europa.eu, once it loses its
"Now, the author has to shrink the cluster size of his hard drive..."
It also takes less memory. Imagine a webserver loading a million such programs.
(okay, not for the return-42 example, but for oprimised programs in general)
Smallest possible MS-Word file?
Smallest possible HTML file created by Word?
I'm guessing 60K...
I noticed that all those dragons that used to be in the middle of the Atlantic are nowhere near there anymore.
They've been moved to iraq: just wait for the next set of atlases to come out.
p.s. what's the plural of atlas?
offtopic: why so many loopholes in US laws? you gave one example, data protection is another. With 600-odd lawyers in congress, why so many laws to ban *one particular instance* of bad-behaviour, rather than a class?
Benefits, Remuneration, Salary + Stock options -- Why regulate the lowest-level?
Personal data, Private personal data, Credit databases -- Why regulate the lowest level?
There are a few registered and quite a few anonymous users currently online. Current bandwidth usage: 6.80 kbit/s Oct 19 12:02 EDT
Guess they stopped counting. We're supposed to be impressed that their dynamic page with 7 embedded tables and 160 images loads in less than three minutes?
If only they hadn't copied the review format from Toms Hardware. Take a 1000-word article, add 2000 words of padding, and split between 9 pages including an index.
# THX is the name of a sound system
I think it's actually a certification for sound-systems. It's mostly been dropped now, as people realise they don't need to pay Lucas to certify them.
"When asking taco why he uses .GIFs for all of the graphics on slashdot"
We don't care: we've all blocked images.slashdot.com to stop the adverts.
"A major topic in the field of topology is the Four Color Conjecture, which states that you need only four colors to ensure that no two adjaced regions on a political map have the same color, regardless of their shape or number, except for regions that meet at a single point."
Maps have 5 colours; one is reserved for water
You will need Windows Media Player 12 to listen to this track. Please upgrade your car.
How odd, no one must have told them that the project ended, according to your comment.
What am I, a journalist that I must check my sources rather than just commenting from memory?
A google-search, as usual, turns up varieties of information. I discovered the following article on
ZDNet news with a 2002 date at the bottom.
[Of course, this might be an auto-generated copyright statement using the current year, but I dread to think the legal implications of them doing that on something written before they claim]
Quoted text follows:
SE Linux may be the NSA's last direct contribution to open-source
security, however. Because of the loud criticism, the NSA will have a far
less direct role in the creation of more secure versions of open-source
software.
"We didn't fully understand the consequences of releasing software under
the GPL (General Public Licence)," said Dick Schafer, deputy director of
the NSA. "We received a lot of loud complaints regarding our efforts with
SE Linux."
Many complaints criticized the agency for providing the fruits of
research to everyone, not just US companies and thus hurting American
business.
While stressing that the agency received a loud chorus of support as
well, the chagrined Schafer said that the issue was contentious enough
that "we won't be doing anything like that again."
Sources familiar with events said that aggressive Microsoft lobbying
efforts have contributed to a halt on any further work. "Microsoft was
worried that the NSA releasing open-source software would compete with
American proprietary software," said a source familiar with the
complaints against the NSA who asked not to be identified.
Microsoft would not comment directly on its lobbying efforts, but did
stress that it wanted to ensure the government continued to fund
commercial ventures. "The federal government plays an important role in
funding basic software research," said a Microsoft representative. "Our
interest is in helping to ensure that the government licenses its
research in ways that take into account a stated goal of the US
government: to promote commercialization of public research."
"I doubt the veracity of your story. The NSA has worked on a secure Linux distribution"
And the government told them not to do it again. It was 'harming american business by encouraging competition to microsoft'
"So why isn't this the situation for BitKeeper?"
Simple. The tech community should be smart enough to help themselves. It would be a weak industry indeed if we all depended on one person to solve the difficult problems.
Subversion was written by people who saw CVS and wanted something which was free. This is the way things should work, and indeed, it seems to be working very well. No need to go begging back to our political leaders. Isn't GCC enough of a gift?
At a guess, the fundamental reason your requests are being ignored is that people who write software on their own don't need CVS. What ESR calls the cathedrals, they don't need committees to decide whose turn it is to design the roof today. So why should somebody who can shut themselves into an office for 2 weeks and write a programming language need a CVS replacement? Isn't that something for the teams of 20 people next door divvying up tasks between themselves?
Like the kernel developers, for example.
Or the mozilla team.
Or any of the thousands of companies who pay for Visual-SourceSafe licenses each year.
Or literally, anyone with an interest in DIFF and GZIP with time on their hands looking for a project.
Or the Subversion team.
8 legs really needed?
It's biomimical, i.e. scorpions have evolved for millions of years in that environment, and one of the things this evolutionary process found was the usefulness of 8 legs. Why do you think scorpions didn't evolve with wheels? When you want to build something for a particular project, look at what worked before, and in this case, the scorpions work when wandering around in the desert.
The major design feature of this thing over an organic scorpion is that energy comes from photovoltaic cells, rather than from eating (and catching) food. Presumably there's a reason why nothing evolved PV cells in nature (too big a jump from a stable design involving digesting food?) but that should make it easier for the robot to get energy without wasting time catching bugs.
"Imagine, being slashdotted without assistance from slashdot.org ! The horrors! What [other] force in the universe is capable of such obliterative power?"
PAN DOWN to reveal a monstrous half-completed Death Star[blender.org], its massive superstructure curling away from the completed section like the arms of a giant octopus. Beyond, in benevolent contrast, floats the small, green moon of ENDOR[petswarehouse.com]
"Imagine a Microsoft that says: if you don't contribute to Linux you can use Windows for free"
Can anyone remember what microsoft told the chineese government?
"But wouldn't it be smarter to develop the driver in a clean-room environment? That is without any reverse engineering or especially the use of documents that you probably aren't supposed to have? Frankly, it just seems like you're looking for a lawsuit.
Only an american would look at a programming project, and their first thought be "who can I sue and why?"
I'm fairly dissappointed in RMS in this- You'd think if anyone was going to make a GNUkeeper, it'd be him.
Does that not seem a little childish, to demand of the person who gave you most of the operating system you are now using, that he continue to get you out of proprietary software ruts in the future?
Teach someone to fish and they're fed for life
So RMS taught the software world how to create free software, and it was this which allows you to run free software now. Were it not for the GNU license, linux, gnome, kde, openoffice, and mozilla would all now be costly, proprietary, and closed. Yet you still demand that RMS pay his way by writing software for you on demand?
Richard, can you give me another fish? I can't seem to get the hang of this rod-and-line lark you taught me.
Yep. Still is 11th October 102 at my website-host's site. They don't care: IE5 is broken enough to allow it.
Running virus protection takes processor cycles too, so security == overhead
Yep, and virus-scanners are a big pile of poo too, solving a problem that could better be solved by banning microsoft products.
Ever tried to compile an OS while your virus-checker scans each and every source-file in the entire program, each time you access the file?
DRM would be essentially similar: Although you could get admin on your NT box to turn the virus checker off while you compile, a DRM system would have no such facility (i.e. the administrator would be His Billness) and the system would have that very same requirement of scanning every file you access.
Think about it. Think about how long it will take you to check the certificate of every file in even just the linux kernel. It's some factor-of-ten slowdown or so for a virus checker, and will be similar for DRM.
"DMCP? Wtf?
Disney's Mounted Canadian Police
Strangely, Microsoft gets their software taken down from illegal eBay auctions. Maybe you need to find yourself a good lawyer.
Strangely, GNU/Linux CDs get taken down from 'illegal' eBay auctions. Maybe eBay needs to find itself a clue.
Your other consideration is that his cryptosystem has none of the advantages of modern systems, i.e. it's symmetric. We already have symmetric encryption, have done for milennia. What innovation is that?
More to the point, can we name any headline mathematical attacks on cryptography recently? Most of the broken encryption I see on the news has come from key-loggers, compromised passwords, and rubber-hose cryptography by constables armed with RIP search-warrants and the threat of 2 years holiday if you don't tell this nice man your password.
(100BC) OTP, Symmetric cyphers, (RECENT) Hashing, Assymmetric cyphers, Quantum channels, steganography, chaffing, deniable storage and channels, webs of trust, (NOW) and eventually distributed passwords to combat legal attacks. Note how the most recent innovations have been as much in processess as in mathematics.
Stupid question?
How does the sender of this one-time-pad know which bits have been intercepted, and thus which bits he should use to create the pad?
Do you have to write back and say "disregard bits 4,9,22...", and if so, how is that return-channel not vulnerable to tampering?
How strange. Modded up and down so much just for putting a reading-list on.
As you probably know, if you have read these books, One Time Pad is _provably_ unbreakable
Best demonstrate my reading then: A one-time pad contains more information than the message itself, and needs to be transmitted securely. So if you have the capability to send that much information securely, why not just send the message itself that way.
(answer: so you can time-shift the security, and send lots of secure messages following one couriered' OTP-on-CD)
Provable security: such messages can equally well decrypt to any plaintext, depending on which OTP you choose. This very message is OTP-encrypted, and if you choose an appropriate pad, it will decrypt to the first few paragraphs of paradise lost. But you couldn't prove that it did.
You do know one thing about it's message: it's length. You typically also know that the message is encrypted. Often quite useful to know.
(As Schneier says: on the eve of the bombing of Iraq, pizza-deliveries to the pentagon increased tenfold. Traffic-analysis is useful: the pizza drivers knew something was happening)
There is a weakness of one-time-pads, mentioned by someone else in the thread: it's only as secure as the random-number generator used to create it. I think analysing random-number generators may well need similar skills to analying cryptosystems themselves: Most of us know that tuning a software-radio to static works (if your enemy isn't transmitting known static as you do so), but how many people would be able to analyse the proverbial MPEG-of-a-lava-lamp random number generator?
Of course, the other attacks are imagination-limited. OTP's 'provable absolute security' is mathematical, not real-world. Couriers intercepted in transit? Messages stored in plaintext after decryption? Do you completely trust the device used to decrypt (whether computer or person)? Even the most secure of secure cryptosystems is no defense against someone attacking your building and militarily siezing the encryption pad.
Interesting discussion, but the many-time-pad being discussed is just a distracting waste of time. It's not new, it's not secure, it's not patentable, it's not useful, and this I know without even looking at it, just from the claims of its inventor.