It should not be relied upon to provide any additional security, as you should assume the attacker knows the full details of your cryptographic system.
I am aware of the principle, and I would agree with it when considering the design of e.g. AES, or any other standardized security system. Secret algorithms tend to have hidden flaws, never having been exposed to public scrutiny, and thus the security of the algorithm should not rest in its secrecy.
However, if I just wanted to encrypt a single file, for myself to decrypt later, why would I assume that the attacker knows how I did it? In this case both the key(s) and the algorithm(s) should be secret in practice.
As soon as you start looking at a community or society genuinely taking responsibility for anything, the system fails to deliver. It puts too much power in the hands of a few and the few are usually in that position thanks to their selfishness.
You say "too much power", I say "exactly the right amount of power". The only power here is the power to choose one's own path rather than bow to the wishes of "society" or "the community" -- in other words, genuine personal liberty. That is a power everyone should have regardless of the popularity (or lack thereof) of one's choices. Not that there aren't perfectly legitimate social consequences for making unpopular choices, mind you -- but not legal ones, so long as one's actions do not cause direct harm to others.
The solution to authentication is something like the IronKey (a hardened USB drive for storing passwords) but with asymmetric crypto.
That's a good start, but there are still a couple of holes to work around. For example, you can't trust the local terminal; in your example it isn't even your system, and even if it was it may be compromised in some way. The authenticated session allows the computer, not just the user, to e.g. send mail, or change settings, or access any mail in the account (not just the ones explicitly downloaded).
The e-Gold web site had a similar problem -- people would log in from compromised computers, and malware would piggyback on their authenticated sessions to transfer money out of their accounts. The means of authentication were irrelevant, and the same attack would work in principle on any online banking site.
With Gmail these issues are probably acceptable, but for sessions requiring more security -- e.g. financial transactions -- you need to authorize each individual transaction, and you also need a way to see what it is you're signing. The simplest way to do that, without relying on a potentially compromised host, is to include a small bitmap display in the key device itself. When you accept the transaction -- indicated through a button on the device -- the contents of the display are included in the signature. The bitmap would include the critical information from the transaction (e.g. the total and destination account), making it easy to prove after the fact exactly what you agreed to. Since you have to interact with the device, Bluetooth would probably be preferable to USB. Acceptance may be indicated by a PIN or biometric scanner rather than a simple button if desired.
Not such a great password, really, since it's subject to a trivial dictionary attack.
I think it's safe to assume that most people don't have a "favorite poem", and most "favorite songs" likely come from a rather limited set -- let's say about 5,000 songs, which is probably excessive. You then have two options per song (refrain or first verse) and two styles (normal and "l33t speak"). That's only 20,000 additional possibilities on top of the normal password dictionaries, compared to the 56.8e+9 available six-character random alphanumeric passwords.
My recommendation is to avoid allowing any human input to bias the selection process. Instead, use a tool like APG to generate pronounceable, and thus memorable, random passwords, and simply assign them to each user.
I'm not a cryptographer, but I think the GP has a point, provided that the attacker doesn't know that there are two keys. Assume the brute-force process is something like: for every possible AES-256 key, try to decrypt the file; if the file appears to be a meaningful plaintext, we have the decryption key. If the file was encrypted twice (without any header or other identifying characteristics) then the "plaintext" will appear just as random as decryption with the wrong key. There should be no way for the attacker to know whether the key has been found or not.
If they know about the scheme, of course, then it's just as you said: the key length is effectively doubled, since one has to try every possible pair of keys per test.
On Slashdot you often see the statement that patents are a state sanctioned monopoly. That is not accurate. A patent does NOT give you the exclusive right to practice an invention. It only grants you the right to prevent OTHERS from practicing the invention. Your right to practice may be blocked by others in a variety of ways - laws, regulations, other patents, etc.
The important aspect is that the state grants one the privilege to prevent others from implementing the patented invention or method. That is sufficient to make it a "state-sanctioned monopoly" whether or not one can implement the patented invention or method oneself. The term "exclusive right" is intended to mean "no one but you has the right" rather than "you have the right, but no one else does".
I would say that the right to I.P. comes from the right to all property. Historically mankind has tended to spear people who tried to steal the fruits of his labor.
That's one way of looking at it, but I wouldn't say it's completely accurate. The traditional cause of interpersonal conflict and social upheaval is that one is denied the benefit of one's labor, which is not exactly the same thing. At least it's not the same thing for all definitions of "steal"; the word seems to mean different things to different people.
If one is hired to perform labor in exchange for wages the benefit is the promised wages (not the end product of the labor, physical or abstract) and denying or stealing one's wages can be reasonably expected to result in discord. If one produces a physical item out of one's own resources one owns the end product by simple virtue of owning the resources which went into it, and similarly the loss or destruction of the product results in disharmony.
If the end product is an abstract concept, an idea, invention, or work of art or literature, then the benefit is the use or enjoyment of the concept thus discovered or created. To be prevented from using or enjoying what one has created would indeed be a cause for strife, but one is not deprived of the benefit of one's labor simply because others may also freely derive utility or enjoyment from it any more than one is deprived of the benefit of labor spent producing a chair simply by others enjoying the perception of its fine craftsmanship. In the case of an abstract product there is nothing to be deprived of beyond the continued unimpeded use of one's own body, mind, and physical possessions; one cannot be deprived of an idea.
However, it's ridiculous how long copyrights are now. It's absolutely crazy. Nobody should own an idea perpetually.
Which makes it obvious that ideas are not property, because property rights do not expire. If property and "IP" are really the same thing then "IP" rights should be perpetual.
Or maybe it just didn't occur to them that sharing amongst their friends is immoral.
And yet strangely, when they get a job, they expect to get paid for their own work.
For the time and effort they put in, yes, in accordance with an employment agreement established in advance. Not for every point from now until the end of time where someone might happen to receive some enjoyment or benefit from work long since completed.
Normal job process:
Apply for job
Receive offer of payment for work
Perform work
Get paid in accordance with previous agreement
What "IP" holders expect:
Spend time and effort with no arrangement in place for payment
Mass-produce cheap copies and distribute them as widely as possible, knowing that only a threadbare government privilege prevents others from doing the same openly
Of course, the problem with that argument is that concern for one's own safety can also be the process of an irrational mind. A mind which produces an irrational response to one problem and a rational one elsewhere is still an irrational mind, taken as a whole.
Then again, I doubt that the authors of Catch-22 cared whether their classifications were accurate. The point of the rules was merely to present the illusion of a way out while guaranteeing it would never be used. They didn't have to worry about anyone challenging their definitions.
My mistake. One sees this position applied to federal law so often I suppose it's become something of an auto-response. You have my sincerest apologies. Still, any decent state constitution ought to endorse the same basic principle. Not all of them do, I know. I have no idea whether Connecticut has a default-allow or default-deny policy at a state level.
I have, in fact, read the federal Constitution, but if you were referring to Connecticut's constitution you are correct. As for "the great legal scholar and civil libertarian Hugo Black" -- that's just an appeal to authority, and carries no weight. As it happens I was mistaken about the context, but if he had said the same on a matter of federal law his reputation would not make him right.
If they "distribute" the binaries to their employees, they must also make available the source to those employees.
But are they distributing it to their employees? The computers they're putting it on most likely belong to the company. The employees use the modified software in the course of their jobs, but don't actually receive a copy of it.
I like my privacy as well as the next one, but I am nevertheless compelled to admit that government has a right to invade it unless prohibited by some specific constitutional provision.
That is an uncommonly misinformed opinion. The entire structure of the Constitution is based around the idea that the government has no rights or powers beyond those granted therein. There is no need to prohibit the government from invading someone's privacy; if they can't justify said invasion of privacy on the basis of a specific power granted by the Constitution then it is automatically prohibited to them.
Here you go: Punishment and Proportionality: The Estoppel Approach, a paper describing how proportional responses (and not disproportionate ones) are objectively and rationally justified without reference to any particular subjective system of right and wrong. Most of the things we think of as human rights (due process of law, free speech, freedom of religion, security in oneself and one's possessions, etc.) are simple corollaries of this principle.
The right to free speech is better stated as the principle that speech alone never results in actionable harm to another person. Say whatever you want; until you actually do something you haven't caused anyone harm.
Now enters the principle of proportional response. Basically, anything you do is (subjectively) either right or wrong. If you argue that the action was right then you cannot also argue that it is wrong for someone else to do exactly the same thing to you; if you argue that the action was wrong then you are admitting that it deserves punishment. Thus, despite the subjectiveness of the concepts of right and wrong, it is an objective fact that one cannot rationally argue against a proportional response to any action one takes.
If one attempts to respond in a disproportionate manner, however, one is not acting objectively. The punishment is not justified on the basis of the other party's actions, and there is no logical distinction between a subjective punishment and an act of aggression. Anyone who metes out disproportionate punishment thus commits an even greater offense than the one originally on trial, and invites punishment upon oneself in turn.
Infringement of free speech is objectively, rationally punishable for the simple reason that any response to speech other than speech would be disproportionate to the original "offense". You can say what you want, and all anyone can do -- without opening themselves up to a response in kind -- is counter your speech with their own.
Say you have electrons you want to flow from A to B. If you use a wire too thick in diameter all the current is going to go into resistance of the wire.
That doesn't make sense -- resistance in a conductor is inversely proportional to cross-sectional area. Larger-diameter wires have less resistance per unit length.
Also, current doesn't "go into" resistance. To get the analogy you want you'd have to introduce a non-linear component (like the turbocharger in your car analogy) which shuts off below a given supply voltage. A diode, for example.
No, this uses energy with fuel to function. What your asking isn't be very far from asking "will an electric motor generate electricity in a cost efficient way?"
Seeing as how an electric motor doubles as a simple electric generator... I think you picked a bad analogy. It's more like asking whether an internal combustion engine can produce gasoline, since the combustion reaction, like the heating and dispersal of the ions, can't easily be reversed.
Probably a warning to his employers that they can't trust him with any commercially-sensitive information would be a bigger punishment.
I'm sure it "would be a bigger punishment", but it wouldn't be accurate. An N.D.A. for "commercially-sensitive information" is a matter of contract law, and has nothing to do with copyrights. The fact that copyright infringement has taken place does not support the conclusion that voluntary contracts are in any danger of being broken.
Otherwise I agree with your comment, except that I would consider anything beyond invalidating the defendant's copyright claims, if any, to be disproportionate to the "crime" of copyright infringement.
Everyone want everything for free. Given two identical alternatives and perfect information, any rational individual would choose the alternative with the lower cost. Cost, however, cannot always be measured in financial terms. You appear to have an aversion to downloading (plus a lack of interest); that aversion is a cost. You choose to support your preferred artists financially, despite the cost, because there is something you want -- a positive feeling of some kind -- that is not available for free. It's not that you wouldn't prefer to get it for free if you could, but that isn't an option. You still only spend the minimum necessary to get what you want, though -- you don't want to spend more than you have to for a given result.
Don't want to rely on live concerts? Fine, not everything works in that medium. There are other models, though. For example, commissioned art. Probably not individually commissioned, but perhaps by a co-op or other organization funded through member dues. In addition to positive feelings and voting rights in the co-op, members would get first access to high-quality recordings, interaction with the artists, discounts on related merchandise, etc. Periodic contests could possibly work in place of, or in addition to, specific commissions depending on the genre.
Right or wrong, copyright infringement isn't going away. In my opinion, ignoring any and all the moral issues on both sides for the moment, the not-insignificant resources being spent trying to "put the genie back in the bottle" would be much better employed in finding a model that isn't at odds with the nature of the modern universe.
Sure, but the minimum separation for single precision floating point, with a 23-bit mantissa, is only about 1.2e-7 given an exponent of zero. That translates to a potential error of over 1000% of the original one-unit speed per day given the same millisecond interval. As the OP said, "I hope their simulations use doubles, not floats!" Doubles, with a 52-bit mantissa, would have an epsilon of about 2.2e-16.
It's not always insignificant. The problem mainly comes up when you're trying to accumulate something over a large number of iterations. For example, suppose your speed is the 1.0e0 term and the 1.0e-18 is your acceleration. At first it's insignificant, but over a few thousand (or million) cycles the error in the result becomes noticeable.
You can get around the issue with approaches like the one that this AC mentioned, but that requires additional consideration up front. You have to consider the limitations of the floating-point format when choosing and implementing your formulas rather than just writing them in the most natural style.
Criticizing someone else's actions or views based on their own admitted beliefs is an effective and perfectly legitimate argumentative technique, regardless of whether you happen to share those beliefs yourself.
I am aware of the principle, and I would agree with it when considering the design of e.g. AES, or any other standardized security system. Secret algorithms tend to have hidden flaws, never having been exposed to public scrutiny, and thus the security of the algorithm should not rest in its secrecy.
However, if I just wanted to encrypt a single file, for myself to decrypt later, why would I assume that the attacker knows how I did it? In this case both the key(s) and the algorithm(s) should be secret in practice.
You say "too much power", I say "exactly the right amount of power". The only power here is the power to choose one's own path rather than bow to the wishes of "society" or "the community" -- in other words, genuine personal liberty. That is a power everyone should have regardless of the popularity (or lack thereof) of one's choices. Not that there aren't perfectly legitimate social consequences for making unpopular choices, mind you -- but not legal ones, so long as one's actions do not cause direct harm to others.
That's a good start, but there are still a couple of holes to work around. For example, you can't trust the local terminal; in your example it isn't even your system, and even if it was it may be compromised in some way. The authenticated session allows the computer, not just the user, to e.g. send mail, or change settings, or access any mail in the account (not just the ones explicitly downloaded).
The e-Gold web site had a similar problem -- people would log in from compromised computers, and malware would piggyback on their authenticated sessions to transfer money out of their accounts. The means of authentication were irrelevant, and the same attack would work in principle on any online banking site.
With Gmail these issues are probably acceptable, but for sessions requiring more security -- e.g. financial transactions -- you need to authorize each individual transaction, and you also need a way to see what it is you're signing. The simplest way to do that, without relying on a potentially compromised host, is to include a small bitmap display in the key device itself. When you accept the transaction -- indicated through a button on the device -- the contents of the display are included in the signature. The bitmap would include the critical information from the transaction (e.g. the total and destination account), making it easy to prove after the fact exactly what you agreed to. Since you have to interact with the device, Bluetooth would probably be preferable to USB. Acceptance may be indicated by a PIN or biometric scanner rather than a simple button if desired.
Not such a great password, really, since it's subject to a trivial dictionary attack.
I think it's safe to assume that most people don't have a "favorite poem", and most "favorite songs" likely come from a rather limited set -- let's say about 5,000 songs, which is probably excessive. You then have two options per song (refrain or first verse) and two styles (normal and "l33t speak"). That's only 20,000 additional possibilities on top of the normal password dictionaries, compared to the 56.8e+9 available six-character random alphanumeric passwords.
My recommendation is to avoid allowing any human input to bias the selection process. Instead, use a tool like APG to generate pronounceable, and thus memorable, random passwords, and simply assign them to each user.
I'm not a cryptographer, but I think the GP has a point, provided that the attacker doesn't know that there are two keys. Assume the brute-force process is something like: for every possible AES-256 key, try to decrypt the file; if the file appears to be a meaningful plaintext, we have the decryption key. If the file was encrypted twice (without any header or other identifying characteristics) then the "plaintext" will appear just as random as decryption with the wrong key. There should be no way for the attacker to know whether the key has been found or not.
If they know about the scheme, of course, then it's just as you said: the key length is effectively doubled, since one has to try every possible pair of keys per test.
The important aspect is that the state grants one the privilege to prevent others from implementing the patented invention or method. That is sufficient to make it a "state-sanctioned monopoly" whether or not one can implement the patented invention or method oneself. The term "exclusive right" is intended to mean "no one but you has the right" rather than "you have the right, but no one else does".
That's one way of looking at it, but I wouldn't say it's completely accurate. The traditional cause of interpersonal conflict and social upheaval is that one is denied the benefit of one's labor, which is not exactly the same thing. At least it's not the same thing for all definitions of "steal"; the word seems to mean different things to different people.
If one is hired to perform labor in exchange for wages the benefit is the promised wages (not the end product of the labor, physical or abstract) and denying or stealing one's wages can be reasonably expected to result in discord. If one produces a physical item out of one's own resources one owns the end product by simple virtue of owning the resources which went into it, and similarly the loss or destruction of the product results in disharmony.
If the end product is an abstract concept, an idea, invention, or work of art or literature, then the benefit is the use or enjoyment of the concept thus discovered or created. To be prevented from using or enjoying what one has created would indeed be a cause for strife, but one is not deprived of the benefit of one's labor simply because others may also freely derive utility or enjoyment from it any more than one is deprived of the benefit of labor spent producing a chair simply by others enjoying the perception of its fine craftsmanship. In the case of an abstract product there is nothing to be deprived of beyond the continued unimpeded use of one's own body, mind, and physical possessions; one cannot be deprived of an idea.
Which makes it obvious that ideas are not property, because property rights do not expire. If property and "IP" are really the same thing then "IP" rights should be perpetual.
For the time and effort they put in, yes, in accordance with an employment agreement established in advance. Not for every point from now until the end of time where someone might happen to receive some enjoyment or benefit from work long since completed.
Normal job process:
What "IP" holders expect:
See the difference?
Of course, the problem with that argument is that concern for one's own safety can also be the process of an irrational mind. A mind which produces an irrational response to one problem and a rational one elsewhere is still an irrational mind, taken as a whole.
Then again, I doubt that the authors of Catch-22 cared whether their classifications were accurate. The point of the rules was merely to present the illusion of a way out while guaranteeing it would never be used. They didn't have to worry about anyone challenging their definitions.
My mistake. One sees this position applied to federal law so often I suppose it's become something of an auto-response. You have my sincerest apologies. Still, any decent state constitution ought to endorse the same basic principle. Not all of them do, I know. I have no idea whether Connecticut has a default-allow or default-deny policy at a state level.
I have, in fact, read the federal Constitution, but if you were referring to Connecticut's constitution you are correct. As for "the great legal scholar and civil libertarian Hugo Black" -- that's just an appeal to authority, and carries no weight. As it happens I was mistaken about the context, but if he had said the same on a matter of federal law his reputation would not make him right.
But are they distributing it to their employees? The computers they're putting it on most likely belong to the company. The employees use the modified software in the course of their jobs, but don't actually receive a copy of it.
That is an uncommonly misinformed opinion. The entire structure of the Constitution is based around the idea that the government has no rights or powers beyond those granted therein. There is no need to prohibit the government from invading someone's privacy; if they can't justify said invasion of privacy on the basis of a specific power granted by the Constitution then it is automatically prohibited to them.
Here you go: Punishment and Proportionality: The Estoppel Approach, a paper describing how proportional responses (and not disproportionate ones) are objectively and rationally justified without reference to any particular subjective system of right and wrong. Most of the things we think of as human rights (due process of law, free speech, freedom of religion, security in oneself and one's possessions, etc.) are simple corollaries of this principle.
See also: The Ethics of Liberty.
The right to free speech is better stated as the principle that speech alone never results in actionable harm to another person. Say whatever you want; until you actually do something you haven't caused anyone harm.
Now enters the principle of proportional response. Basically, anything you do is (subjectively) either right or wrong. If you argue that the action was right then you cannot also argue that it is wrong for someone else to do exactly the same thing to you; if you argue that the action was wrong then you are admitting that it deserves punishment. Thus, despite the subjectiveness of the concepts of right and wrong, it is an objective fact that one cannot rationally argue against a proportional response to any action one takes.
If one attempts to respond in a disproportionate manner, however, one is not acting objectively. The punishment is not justified on the basis of the other party's actions, and there is no logical distinction between a subjective punishment and an act of aggression. Anyone who metes out disproportionate punishment thus commits an even greater offense than the one originally on trial, and invites punishment upon oneself in turn.
Infringement of free speech is objectively, rationally punishable for the simple reason that any response to speech other than speech would be disproportionate to the original "offense". You can say what you want, and all anyone can do -- without opening themselves up to a response in kind -- is counter your speech with their own.
The hydrogen could be used as "fuel" (reaction mass) in an ion- or plasma-style engine. No oxygen required, just lots of electricity.
That doesn't make sense -- resistance in a conductor is inversely proportional to cross-sectional area. Larger-diameter wires have less resistance per unit length.
Also, current doesn't "go into" resistance. To get the analogy you want you'd have to introduce a non-linear component (like the turbocharger in your car analogy) which shuts off below a given supply voltage. A diode, for example.
Seeing as how an electric motor doubles as a simple electric generator ... I think you picked a bad analogy. It's more like asking whether an internal combustion engine can produce gasoline, since the combustion reaction, like the heating and dispersal of the ions, can't easily be reversed.
I'm sure it "would be a bigger punishment", but it wouldn't be accurate. An N.D.A. for "commercially-sensitive information" is a matter of contract law, and has nothing to do with copyrights. The fact that copyright infringement has taken place does not support the conclusion that voluntary contracts are in any danger of being broken.
Otherwise I agree with your comment, except that I would consider anything beyond invalidating the defendant's copyright claims, if any, to be disproportionate to the "crime" of copyright infringement.
Which was, in fact, the main point of my comment. The very next sentence: "Cost, however, cannot always be measured in financial terms."
Everyone want everything for free. Given two identical alternatives and perfect information, any rational individual would choose the alternative with the lower cost. Cost, however, cannot always be measured in financial terms. You appear to have an aversion to downloading (plus a lack of interest); that aversion is a cost. You choose to support your preferred artists financially, despite the cost, because there is something you want -- a positive feeling of some kind -- that is not available for free. It's not that you wouldn't prefer to get it for free if you could, but that isn't an option. You still only spend the minimum necessary to get what you want, though -- you don't want to spend more than you have to for a given result.
Don't want to rely on live concerts? Fine, not everything works in that medium. There are other models, though. For example, commissioned art. Probably not individually commissioned, but perhaps by a co-op or other organization funded through member dues. In addition to positive feelings and voting rights in the co-op, members would get first access to high-quality recordings, interaction with the artists, discounts on related merchandise, etc. Periodic contests could possibly work in place of, or in addition to, specific commissions depending on the genre.
Right or wrong, copyright infringement isn't going away. In my opinion, ignoring any and all the moral issues on both sides for the moment, the not-insignificant resources being spent trying to "put the genie back in the bottle" would be much better employed in finding a model that isn't at odds with the nature of the modern universe.
Sure, but the minimum separation for single precision floating point, with a 23-bit mantissa, is only about 1.2e-7 given an exponent of zero. That translates to a potential error of over 1000% of the original one-unit speed per day given the same millisecond interval. As the OP said, "I hope their simulations use doubles, not floats!" Doubles, with a 52-bit mantissa, would have an epsilon of about 2.2e-16.
It's not always insignificant. The problem mainly comes up when you're trying to accumulate something over a large number of iterations. For example, suppose your speed is the 1.0e0 term and the 1.0e-18 is your acceleration. At first it's insignificant, but over a few thousand (or million) cycles the error in the result becomes noticeable.
You can get around the issue with approaches like the one that this AC mentioned, but that requires additional consideration up front. You have to consider the limitations of the floating-point format when choosing and implementing your formulas rather than just writing them in the most natural style.
You know, if you really wanted to crash the system via an excess of processes it would be a lot simpler to just write:
It'd be a lot more likely to work, too, since most people don't have NASM installed.
Criticizing someone else's actions or views based on their own admitted beliefs is an effective and perfectly legitimate argumentative technique, regardless of whether you happen to share those beliefs yourself.