I know I shouldn't feed the trolls, but I can't help it here.
Gauss's Prime Number Theorem states that the number of primes below a positive integer X is close to x/ln(x). If you're doing 1024 bit RSA encryption - and most guidelines these days are for 2048 bit RSA or better, then that means your two prime numbers are about 512 bits in length (each roughly half of 1024 bits). 512 bits represents a number between 0 and 2^512 - 1, the natural log (ln) of that number is 355, which means there are very roughly 3.7x10^151 primes in there.
Now, as you say, it's likely the prime will be "close" to the maximum value of 2^512 -1, it's not probable that p is some prime near 1022 bits in length and q is 5. But even if you knew for sure that the prime number was above 2^400, that still gives your Core i7 more work than it can handle in your lifetime.
Anyone that knows number theory better than I, feel free to correct me if I screwed this up. I haven't looked at this kind of math since undergrad, 15 years ago.
It would ruin it as an encryption method because an attacker could use their own m, use the public e and n, and thus obtain their own c without intercepting anyone else's encrypted traffic. Then they can calculate d, and can decrypt anything encrypted using e and n.
p and q are the starter prime numbers that the person using RSA picks. n = p*q, and its bit length is your RSA key length. e is some number that is relatively prime to (p - 1)(q - 1). d is picked so that de = 1 mod (p-1)(q-1). Your public RSA key becomes the pair e and n. The others: p, q, (p - 1)(q -1), and d remain private.
I think Vista is a very tiny piece of Microsoft's problems. The real problem is the user experience and ease-of-use, which Microsoft gets wrong a lot more than Apple. It's death by a thousand cuts.
Sometimes the feature you want is in a control panel. Sometimes the feature you want is an administrator tool. It takes two lawyers, five tech support staff, a voodoo priestess, and a ouija board to figure out Terminal Services licensing. If you install a pre-SP2 version of Windows XP and go through the Windows Update process once, you get to see dozens of distinct patch applications and reboots. Some useful system services are controlled by the "net" command, even though many of them have nothing to do with the network. The file copy progress dialog clearly uses a random number generator to create the progress bar. Windows Explorer hangs completely when just one out of fifty folders in the view becomes unavailable due to a slow disk or network disruption. The naming conventions for different Windows skews and what they contain changes significantly with every release. On anything other than an SSD the "Search Indexer" service slows the computer to a crawl from time to time. Too many security updates require a reboot. Windows 8 home edition removed DVD playback from the consumer version for the sole purpose of alienating customers. It worked, I'm alienated. They keep changing their technologies and products, alienating developers. First they pushed developers to C++. Then it was C# and the.NET framework. Then it was Silverlight. Now it's C++ and HTML5/Javascript, and Silverlight is end-of-lifed. Windows Mobile was killed. Windows Phone 7 was killed (Windows Phone 8 has a compatibility layer to run Windows Phone 7 apps, but it's a different underlying architecture).
If you're a giant corporation with more money than brains you can just throw money at Microsoft until all of your Microsoft software is licensed properly and "just works". For everyone else, they've made it their personal mission to drive you into psychological counseling. Apple's user interfaces are more consistent, their licensing is simpler, their technology stack is more consistent. I'm a Linux geek, I hate the Apple walled garden as much as the Microsoft walled garden. But for people that don't give a damn about proprietary software and walled gardens, I can completely understand why they view Steve Jobs as a god and Steve Ballmer as the devil.
MiniITX specifies a motherboard size, and that's all. It doesn't specify the height, width, depth, and minimum heat dissipation possible by the heatsink and fan, it doesn't specify the dimensions and maximum heat generated by internal storage, it doesn't specify the minimum amount of airflow in the case, etc... etc...
I think open laptop design might be possible if there was maybe a dozen standard configurations, each with rigidly defined restrictions on the external dimensions, heat, and energy demands for every single component.
I have to agree with this. I've only installed Windows 7 four times and Windows 8 once, but in all cases the only headache was the fucking license code.
Of course, in the same five year period I've installed Linux over a dozen times without having any hardware problems, save for my own screwups when I did manual disk partitioning (and if I had left things on automatic, that would not have been a problem).
I haven't heard of any serious Windows install problems since Vista, which Dell and HP seemed to prefer to ship with unsupported hardware.
Getting developers out of the business of manual memory management is a big step. Taking out pointers and unchecked type casts as such is another big step. Taking out header files is a big step. Removing a macro system that uses different syntax than the language itself is a big step.
So I'd say that Java takes C++ developers almost half of the way to Lisp.
Thanks for the suggestion. I can actually write some toy code in Lisp and Clojure without too much effort these days. I'm just trying to go from there to making useful contributions to Lisp and Clojure open source projects. I'm hoping like crazy my future career is in that direction, because I'm getting tired of using Java.
The problem with a self-signed cert is that you need some secure way to distribute the certificate's digital signature to your friends. If your friend doesn't know or doesn't check the digital signature of your self-signed certificate, someone else can do a man-in-the-middle attack. You and I know to check digital signatures, but most of the general public doesn't know or knows but doesn't care. A CA, in theory, establishes a chain of trust so your friends don't have to check the certificate digital signature. In order for our hypothetical distributed encrypted network to work for any more than a small percentage of motivated engineers, it has to be dead simple to use.
I had not been thinking of completely distributed storage. I had thought of a personal "master" node and several distributed backups including one or more nodes that can be a hot standby for the master. Otherwise a single hardware failure, theft, etc... can result in a permanent loss of data.
You have to host it yourself. You can't trust a provider. Obviously that makes the barrier to entry high.
But in theory (of course), we have most of the tools in our possession to make this work, we just need the software. Most people have their previous smart phone collecting dust somewhere, that could run a distributed secure social network and hosted email with integrated encryption. You would just have to dust it off, plug it in somewhere near your wireless access point, and install the software. Click through a simple setup wizard, and you're off. Then throw in an open source program to automate backups of your private social network site on the phone and automatically copy them (in encrypted form) to other local storage you designate, or maybe space reserved for your use by some key friends in your social circle.
Right. This "More Encryption is Not the Answer" assumes everyone continues to use the big cloud corporations for the data.
If I host my own email and use PGP, host my own distributed social network instance, browse the internet through Tor, use Yacy for search where possible, etc... then all I have to do is ensure my SSL certificate is valid (or use a self-signed one but find a secure way to distribute the signature to my friends). I can do that, the problem is that Johnny Public doesn't care to do it.
Which leads me to the conclusion that the solution to the NSA problem isn't a political one, it's an engineering one. It's a huge engineering problem, but the cynic in me says the open source community will get far more accomplished with regards to reigning in government surveillance than our elected officials.
I wonder if you could serve traffic out of your house over an SSL VPN. You find a cloud provider that has cheap bandwidth rates, and you rent the smallest possible virtual machine from them, and just make it a VPN endpoint for the server at your house. All web traffic to your home server goes to the virtual machine and goes to the house over the VPN. Responses back would likewise get routed through the virtual machine but as far as Google can tell you just have a single SSL connection to a website external to your house.
Nice idea, but Google's turn for the worse happened after the traditional American executive (Eric Schmidt) left the CEO position and the original idealistic founders Page and Brin resumed control!
Damn. I won't complain about Comcast for a while. I get 25 megabits down, 5 up for $65/month. If I wanted business it would jump. 16/3 with 1 static IP would be $85. 25/5 with 1 static IP would be $125. 100/10 with 1 static IP would be $385, but I could live with the $125 service level.
There are also thousands of failed projects in C, C++, Java, Perl, Python, and Ruby. There are two separate questions to debate - whether Lisp is a good language to use, period, and what obstacles there are to widespread adoption. Obviously if Lisp sucks, then that can be a big obstacle to widespread adoption.
But there's a famously quoted statement by Guy Steele, who wrote some of the Lisp language specs and Java language specs. "we were not out to win over the Lisp programmers; we were after the C++ programmers. We managed to drag a lot of them about halfway to Lisp." ( http://people.csail.mit.edu/gregs/ll1-discuss-archive-html/msg04045.html )
Going from C to C++ is easy, I did that. Going from C++ to Java is easy. I did that too. Going from Java to Lisp is damn difficult, at least for me. But the fact that teaching mainstream C, C++, and Java developers Lisp is difficult merely makes it unlikely Lisp will be popular. It does not prove Lisp is a poor language.
I give you Mjolnir: https://github.com/halgari/mjolnir It's a project that uses Clojure (a Lisp dialect) plus LLVM ( the compiler ) to generate highly optimized machine code. I'm not associated with the project in any way, and I don't know if the generated code comes close to well-written C++ for performance (both in terms of CPU and memory use efficiency). But the potential is there.
Obviously running a Lisp interpreter in an embedded RTOS isn't practical.
I'm not that knowledgeable about compilers, but my understanding of compiling code is:
Step 1: parse source code.
Step 2: build Abstract Syntax Tree ( https://en.wikipedia.org/wiki/Abstract_syntax_tree )
Step 3: depending upon whether your language is interpreted, compiled to machine code, or converted to some intermediate representation like Java Virtual Machine bytecode, use some program to execute the AST ( interpreted languages ) or use some transformation process to convert the AST to the desired representation.
While the syntax of C, Perl, Python, R, Haskell, and Ocaml may all vary widely from each other, the ASTs are all similar. And the kicker is, Lisp's syntax is as close as anyone has come to representing a generic AST directly in text. So the argument the Lisp fanatics make is that once you start compiling your language and build the AST you're effectively working with Lisp anyway.
Be fair - Google started out more friendly to standards-compliance and much more helpful to open source than Microsoft. So all along the plan was, "Be good until you have a huge market presence, then turn evil." Microsoft was evil from day one.
But did any of us expect differently? This is the free market over, and over, and over again - fight fair, use standards, and do your best for the customers when you're an upstart. Once you're well established, squeeze the customers for money, break standards to lock people in to your products, and fight dirty. Twitter is on the exact same path - they grew partly because of all of the excellent third party Twitter apps, and now that Twitter is popular, it's systematically blocking the third party apps.
I just find Ctrl-[ much easier than moving my left hand up to hit the Escape key. I don't want to remap Esc to Caps Lock or anything similar because it's inevitable I'll log on to some server or su to some account that doesn't have the remap, and then I'll drive myself bonkers toggling Caps Lock over and over.
Thanks for the response, maybe I should just give up and start working on making frequent use of the Alt key feel natural.
Well again, the regular Escape key is annoying to use, I have to take my left hand completely off the regular keyboard position to get to it. Ctrl-[ is comparatively easy.
I could remap Esc (or Alt, for that matter) to the Caps Lock, but it would drive me crazy every time I used that key on a machine where I had forgotten to make the change.
I mangle lines occasionally too, but not often enough to be a problem.
Okay, I have a really stupid question - what do Emacs aficionados use for the "Meta" key?
By far, the single biggest reason I prefer Vim to Emacs is that I can do "Esc" with Ctrl-[. So more than 99% of the time, I'm working with my fingers staying within one key below or two keys above home row, with the sole exception of my left pinkie which hits the Ctrl key. Using "Alt" as the Emacs Meta key starts to cramp my hands very quickly, and pulling the ring or middle fingers down or the thumbs over to the Alt key is much slower.
So I see Emacs as the technically superior, more flexible editor but Vim as the more ergonomic one, and I am staying with Vim. I'm hoping there's something simple I missed - so what is it?
DRM is going to be used whether it's in the standard or not. So you have to pick between making the standard open - so any software company can write tools that comply (proprietary tools by definition) or whether things continue as they are now, and Flash and Silverlight are de facto standards.
I don't think there's any technical or ethical reason to prefer one to the other.
Thanks for the suggestion, but honestly it's not a priority for me. For my own Android smart phone I use talk, text, navigation, and about once a month I open the web browser because I want to research something and I don't have a laptop handy. I'm an Ubuntu fanboy so if I had the cash to spare I would get one just to support Canonical, even if I didn't use it much.
I would rather see crowdfunding go for more worthy causes - genuine charity, the creation of new art, music, books, movies, and roleplaying games, or backing some useful technical project.
Slashdot Mirror
I know I shouldn't feed the trolls, but I can't help it here.
Gauss's Prime Number Theorem states that the number of primes below a positive integer X is close to x/ln(x). If you're doing 1024 bit RSA encryption - and most guidelines these days are for 2048 bit RSA or better, then that means your two prime numbers are about 512 bits in length (each roughly half of 1024 bits). 512 bits represents a number between 0 and 2^512 - 1, the natural log (ln) of that number is 355, which means there are very roughly 3.7x10^151 primes in there.
Now, as you say, it's likely the prime will be "close" to the maximum value of 2^512 -1, it's not probable that p is some prime near 1022 bits in length and q is 5. But even if you knew for sure that the prime number was above 2^400, that still gives your Core i7 more work than it can handle in your lifetime.
Anyone that knows number theory better than I, feel free to correct me if I screwed this up. I haven't looked at this kind of math since undergrad, 15 years ago.
It would ruin it as an encryption method because an attacker could use their own m, use the public e and n, and thus obtain their own c without intercepting anyone else's encrypted traffic. Then they can calculate d, and can decrypt anything encrypted using e and n.
https://en.wikipedia.org/wiki/RSA_encryption
p and q are the starter prime numbers that the person using RSA picks. n = p*q, and its bit length is your RSA key length. e is some number that is relatively prime to (p - 1)(q - 1). d is picked so that de = 1 mod (p-1)(q-1). Your public RSA key becomes the pair e and n. The others: p, q, (p - 1)(q -1), and d remain private.
I think Vista is a very tiny piece of Microsoft's problems. The real problem is the user experience and ease-of-use, which Microsoft gets wrong a lot more than Apple. It's death by a thousand cuts.
.NET framework. Then it was Silverlight. Now it's C++ and HTML5/Javascript, and Silverlight is end-of-lifed.
Sometimes the feature you want is in a control panel. Sometimes the feature you want is an administrator tool.
It takes two lawyers, five tech support staff, a voodoo priestess, and a ouija board to figure out Terminal Services licensing.
If you install a pre-SP2 version of Windows XP and go through the Windows Update process once, you get to see dozens of distinct patch applications and reboots.
Some useful system services are controlled by the "net" command, even though many of them have nothing to do with the network.
The file copy progress dialog clearly uses a random number generator to create the progress bar.
Windows Explorer hangs completely when just one out of fifty folders in the view becomes unavailable due to a slow disk or network disruption.
The naming conventions for different Windows skews and what they contain changes significantly with every release.
On anything other than an SSD the "Search Indexer" service slows the computer to a crawl from time to time.
Too many security updates require a reboot.
Windows 8 home edition removed DVD playback from the consumer version for the sole purpose of alienating customers. It worked, I'm alienated.
They keep changing their technologies and products, alienating developers. First they pushed developers to C++. Then it was C# and the
Windows Mobile was killed. Windows Phone 7 was killed (Windows Phone 8 has a compatibility layer to run Windows Phone 7 apps, but it's a different underlying architecture).
If you're a giant corporation with more money than brains you can just throw money at Microsoft until all of your Microsoft software is licensed properly and "just works". For everyone else, they've made it their personal mission to drive you into psychological counseling. Apple's user interfaces are more consistent, their licensing is simpler, their technology stack is more consistent. I'm a Linux geek, I hate the Apple walled garden as much as the Microsoft walled garden. But for people that don't give a damn about proprietary software and walled gardens, I can completely understand why they view Steve Jobs as a god and Steve Ballmer as the devil.
MiniITX specifies a motherboard size, and that's all. It doesn't specify the height, width, depth, and minimum heat dissipation possible by the heatsink and fan, it doesn't specify the dimensions and maximum heat generated by internal storage, it doesn't specify the minimum amount of airflow in the case, etc... etc...
I think open laptop design might be possible if there was maybe a dozen standard configurations, each with rigidly defined restrictions on the external dimensions, heat, and energy demands for every single component.
I have to agree with this. I've only installed Windows 7 four times and Windows 8 once, but in all cases the only headache was the fucking license code.
Of course, in the same five year period I've installed Linux over a dozen times without having any hardware problems, save for my own screwups when I did manual disk partitioning (and if I had left things on automatic, that would not have been a problem).
I haven't heard of any serious Windows install problems since Vista, which Dell and HP seemed to prefer to ship with unsupported hardware.
Getting developers out of the business of manual memory management is a big step. Taking out pointers and unchecked type casts as such is another big step. Taking out header files is a big step. Removing a macro system that uses different syntax than the language itself is a big step.
So I'd say that Java takes C++ developers almost half of the way to Lisp.
Thanks for the suggestion. I can actually write some toy code in Lisp and Clojure without too much effort these days. I'm just trying to go from there to making useful contributions to Lisp and Clojure open source projects. I'm hoping like crazy my future career is in that direction, because I'm getting tired of using Java.
The problem with a self-signed cert is that you need some secure way to distribute the certificate's digital signature to your friends. If your friend doesn't know or doesn't check the digital signature of your self-signed certificate, someone else can do a man-in-the-middle attack. You and I know to check digital signatures, but most of the general public doesn't know or knows but doesn't care. A CA, in theory, establishes a chain of trust so your friends don't have to check the certificate digital signature. In order for our hypothetical distributed encrypted network to work for any more than a small percentage of motivated engineers, it has to be dead simple to use.
I had not been thinking of completely distributed storage. I had thought of a personal "master" node and several distributed backups including one or more nodes that can be a hot standby for the master. Otherwise a single hardware failure, theft, etc... can result in a permanent loss of data.
You have to host it yourself. You can't trust a provider. Obviously that makes the barrier to entry high.
But in theory (of course), we have most of the tools in our possession to make this work, we just need the software. Most people have their previous smart phone collecting dust somewhere, that could run a distributed secure social network and hosted email with integrated encryption. You would just have to dust it off, plug it in somewhere near your wireless access point, and install the software. Click through a simple setup wizard, and you're off. Then throw in an open source program to automate backups of your private social network site on the phone and automatically copy them (in encrypted form) to other local storage you designate, or maybe space reserved for your use by some key friends in your social circle.
Right. This "More Encryption is Not the Answer" assumes everyone continues to use the big cloud corporations for the data.
If I host my own email and use PGP, host my own distributed social network instance, browse the internet through Tor, use Yacy for search where possible, etc... then all I have to do is ensure my SSL certificate is valid (or use a self-signed one but find a secure way to distribute the signature to my friends). I can do that, the problem is that Johnny Public doesn't care to do it.
Which leads me to the conclusion that the solution to the NSA problem isn't a political one, it's an engineering one. It's a huge engineering problem, but the cynic in me says the open source community will get far more accomplished with regards to reigning in government surveillance than our elected officials.
Thanks, but someone pointed that out above. Somehow I thought it was only a Vim feature - I was reading Vim tips somewhere and I saw it suggested.
I wonder if you could serve traffic out of your house over an SSL VPN. You find a cloud provider that has cheap bandwidth rates, and you rent the smallest possible virtual machine from them, and just make it a VPN endpoint for the server at your house. All web traffic to your home server goes to the virtual machine and goes to the house over the VPN. Responses back would likewise get routed through the virtual machine but as far as Google can tell you just have a single SSL connection to a website external to your house.
Wouldn't that work?
Nice idea, but Google's turn for the worse happened after the traditional American executive (Eric Schmidt) left the CEO position and the original idealistic founders Page and Brin resumed control!
Damn. I won't complain about Comcast for a while. I get 25 megabits down, 5 up for $65/month. If I wanted business it would jump. 16/3 with 1 static IP would be $85. 25/5 with 1 static IP would be $125. 100/10 with 1 static IP would be $385, but I could live with the $125 service level.
There are also thousands of failed projects in C, C++, Java, Perl, Python, and Ruby. There are two separate questions to debate - whether Lisp is a good language to use, period, and what obstacles there are to widespread adoption. Obviously if Lisp sucks, then that can be a big obstacle to widespread adoption.
But there's a famously quoted statement by Guy Steele, who wrote some of the Lisp language specs and Java language specs. "we were not out to win over the Lisp programmers; we were after the C++ programmers. We managed to drag a lot of them about halfway to Lisp." ( http://people.csail.mit.edu/gregs/ll1-discuss-archive-html/msg04045.html )
Going from C to C++ is easy, I did that. Going from C++ to Java is easy. I did that too. Going from Java to Lisp is damn difficult, at least for me. But the fact that teaching mainstream C, C++, and Java developers Lisp is difficult merely makes it unlikely Lisp will be popular. It does not prove Lisp is a poor language.
I give you Mjolnir: https://github.com/halgari/mjolnir It's a project that uses Clojure (a Lisp dialect) plus LLVM ( the compiler ) to generate highly optimized machine code. I'm not associated with the project in any way, and I don't know if the generated code comes close to well-written C++ for performance (both in terms of CPU and memory use efficiency). But the potential is there.
Obviously running a Lisp interpreter in an embedded RTOS isn't practical.
I'm not that knowledgeable about compilers, but my understanding of compiling code is:
Step 1: parse source code.
Step 2: build Abstract Syntax Tree ( https://en.wikipedia.org/wiki/Abstract_syntax_tree )
Step 3: depending upon whether your language is interpreted, compiled to machine code, or converted to some intermediate representation like Java Virtual Machine bytecode, use some program to execute the AST ( interpreted languages ) or use some transformation process to convert the AST to the desired representation.
While the syntax of C, Perl, Python, R, Haskell, and Ocaml may all vary widely from each other, the ASTs are all similar. And the kicker is, Lisp's syntax is as close as anyone has come to representing a generic AST directly in text. So the argument the Lisp fanatics make is that once you start compiling your language and build the AST you're effectively working with Lisp anyway.
Be fair - Google started out more friendly to standards-compliance and much more helpful to open source than Microsoft. So all along the plan was, "Be good until you have a huge market presence, then turn evil." Microsoft was evil from day one.
But did any of us expect differently? This is the free market over, and over, and over again - fight fair, use standards, and do your best for the customers when you're an upstart. Once you're well established, squeeze the customers for money, break standards to lock people in to your products, and fight dirty. Twitter is on the exact same path - they grew partly because of all of the excellent third party Twitter apps, and now that Twitter is popular, it's systematically blocking the third party apps.
I just find Ctrl-[ much easier than moving my left hand up to hit the Escape key. I don't want to remap Esc to Caps Lock or anything similar because it's inevitable I'll log on to some server or su to some account that doesn't have the remap, and then I'll drive myself bonkers toggling Caps Lock over and over.
Thanks for the response, maybe I should just give up and start working on making frequent use of the Alt key feel natural.
Meta is also Ctrl-[? Damn. Thanks for the information.
Well again, the regular Escape key is annoying to use, I have to take my left hand completely off the regular keyboard position to get to it. Ctrl-[ is comparatively easy.
I could remap Esc (or Alt, for that matter) to the Caps Lock, but it would drive me crazy every time I used that key on a machine where I had forgotten to make the change.
I mangle lines occasionally too, but not often enough to be a problem.
Okay, I have a really stupid question - what do Emacs aficionados use for the "Meta" key?
By far, the single biggest reason I prefer Vim to Emacs is that I can do "Esc" with Ctrl-[. So more than 99% of the time, I'm working with my fingers staying within one key below or two keys above home row, with the sole exception of my left pinkie which hits the Ctrl key. Using "Alt" as the Emacs Meta key starts to cramp my hands very quickly, and pulling the ring or middle fingers down or the thumbs over to the Alt key is much slower.
So I see Emacs as the technically superior, more flexible editor but Vim as the more ergonomic one, and I am staying with Vim. I'm hoping there's something simple I missed - so what is it?
DRM is going to be used whether it's in the standard or not. So you have to pick between making the standard open - so any software company can write tools that comply (proprietary tools by definition) or whether things continue as they are now, and Flash and Silverlight are de facto standards.
I don't think there's any technical or ethical reason to prefer one to the other.
Thanks for the suggestion, but honestly it's not a priority for me. For my own Android smart phone I use talk, text, navigation, and about once a month I open the web browser because I want to research something and I don't have a laptop handy. I'm an Ubuntu fanboy so if I had the cash to spare I would get one just to support Canonical, even if I didn't use it much.
I would rather see crowdfunding go for more worthy causes - genuine charity, the creation of new art, music, books, movies, and roleplaying games, or backing some useful technical project.