I double-checked things after I wrote this, and I'm wrong. I didn't realize that Shor's algorithm could be used to solve discrete logarithm problems. So, the ECC versions of things are not affected, but the integer versions of El Gamal and Diffe-Hellman are.
ECC is still the discrete logarithm problem, just applied to a group other than integers mod another integer.
Give Red Hat a call. Seriously, if their sales department can't justify it for you, it's not justified.
My company has something like 20,000 diskless servers running Linux. Red Hat wanted us to pay for that level of support, which is ridiculous. Groups of several hundreds or thousands machines all netboot from the same image. Because of this, our needs for support is far lower than the number 20,000 suggests.
In the end, it was far cheaper for us to use CentOS and hire people to maintain the machines and their OS image than to pay what Red Hat demanded for 20,000 machines. Red Hat's business model just didn't fit, even though we wanted to have their support.
I'm fairly sure that Windows does not use the zoneinfo database. Their time zone list is organized in a very different way, and it doesn't even use the time zone names the Unix world is used to, like America/New_York.
While the outcome may be obvious, there's still a strategic advantage of stringing the whole thing out. The idea being that if you have deeper pockets, you'll force your opponent into bankruptcy. Sacrifice your own money to bleed them dry.
I have a feeling that their lawyer isn't quite aware of the hornet's nest she's stirred up here. The zoneinfo database is pretty much everywhere outside of Windows. There's even a copy on my iPhone. She's indirectly picked a fight with the largest corporation in America.
I can't comment much on the tradeoffs except to say that I think it solves the problem of Cygwin's fork() being terrible. (SUA also provides a route to get multiple files with the same case-folded name but different case-sensitive names, which I don't think you can do with Cygwin since it goes through the Win32 API.)
Yep, fork() on Interix (SUA) works much more efficiently. The NT kernel has supported what's essentially fork() since at least NT 4.0. The problem until Interix - and the reason why Cygwin's fork() sucks - is that the Win32 DLLs don't react well to being fork()ed. kernel32.dll gets confused, and simple things like console output stop working. Interix doesn't use the Win32 API, instead using a custom POSIX API and the NT API directly. The NT API has been updated to work in the event of a fork().
The NT API function NtCreateProcess spawns a new process. The SectionHandle parameter takes a handle to the image section (IE, CreateFileMapping with SEC_IMAGE) representing the EXE you want the new process to run. If you pass NULL for SectionHandle, you will instead be creating a copy of the parent process's address space, the main part of fork().
That's simply not true. The near-annihilation of native Americans was far more due to the smallpox the Europeans brought than anything the Europeans did themselves.
The irony of most Christian denominations' disbelief of evolution is that religions evolve through natural selection analogously to life forms. In fact, it is through evolution that the Abrahamic faiths came to dominate Europe and the Middle East.
I'm more worried that this will be used for new DRM systems that are hard to crack. You could make some really nasty anti-tampering protections with this.
Quite a bit of Windows software is compiled using Intel's compilers...
Dear KiloByte,
You clearly just made that up. That is a patently untrue statment. Both Windows and Office are bult with the Microsoft Compiler.
Wow, I would've expected better from a low 6-digit UID. Maybe, perhaps, by "Windows software" KiloByte meant programs made to run on Windows, not necessarily Windows itself? There exist companies making Windows software that were built with Intel C++.
...then it is no surprise that malware is about to explode on Macs. I submitted a local privilege exploit in Mac OS that allowed any process to get kernel privilege at least 8 months ago, and they still haven't released a fix for it. This is even though the fix is only a few lines of code.
If the exploit had not been x86-specific, I would have given it to the iPhone jailbreakers instead of Apple.
Tiny RAM space is one of the methods they use to slow down piracy. It's harder to hide bootloader-based copy protection cracking in resident memory if all of it needs to be used legitimately.
Are you kidding me? The PS3, Wii and 360 all have extra memory reserved for the kernel inside which piracy hacks have been placed for a while.
If everyone is placed behind ISP-level NAT, which is the way things appear to be going, particularly in Asia, BitTorrent would go away. You can't do peer-to-peer communication if you can't receive incoming connections.
ISPs would love to get rid of BitTorrent, because it's more than half the traffic their customers use. ISPs would also love to get rid of people running servers off their home machines, something also prevented.
It would not surprise me at all if the movie and music industries would bribe^W contribute to the campaigns of congresscritters to make IPv6 illegal or inhibit its adoption. It would certainly be in their best interest.
I'm transsexual and take testosterone blockers in order to help feminise my body, and changes in sex drive were quite noticeable. Propecia's active substance, finasteride, is essentially a testosterone blocker ( thou admittedly a weaker one than what I am taking ) so I'm not at all surprised it can have such side effects.
Same, though I'm on both finasteride and spironolactone. This is very much a desirable side effect for us. =)
I just hope that this doesn't result in a massive recall and them stopping making it. Finasteride in higher doses is used as part of a prostate cancer treatment regimen for analogous reasons to this "side effect", so hopefully the drug won't go away completely.
I reported a local privilege escalation exploit in the Darwin x86-32/64 kernel about eight months ago and they still haven't released a patch yet. What's stupid is that fixing it is an obvious single line to change in the code.
Even if they used the sandboxing API, I'm sure it wouldn't be too hard to find a bug like mine to get root access.
As an aside, if this exploit weren't specific to x86, I would've given the exploit to the iPhone jailbreak hackers instead of Apple.
Presumably it can only exist online or in digital format. As soon as you display it, print it or make a flag out of it any mismatch from fading, dye inconsistencies, LED spec variation etc. would mean that the colors no longer have that exact hexadecimal representation.
Yes. However, the differences in color will only be in the lower bits, and you can re-derive the correct key reasonably quickly through brute force. Also, if you know the printing process and the primary colors it uses, you could closely analyze the halftone pattern the printer chose.
In Windows Vista and 7, if DNS resolves the name "isatap", Windows will automatically try to acquire an IPv6 prefix using an IPv4 tunnel to the ISATAP server, and use that server to route all your IPv6 traffic. Windows XP SP1+ will as well, once you enable IPv6.
When an ISP implements IPv6, why can't they also add an ISATAP server? With ISATAP, customers with IPv4 routers will have computers that notice the ISP's IPv6 router and start using it through their IPv4 NAT router automatically.
Cisco could implement ISATAP into their routers so that ISPs' internal routers could provide the ISATAP interface, which would be better than a normal machine being a single point of failure. Is this an ISATAP packet destined for the fake IP address we set up as the isatap DNS result? Yes. Let's translate this packet to IPv6 and send it on its way.
Since this is effectively bypassing the customer's IPv4 router's pseudo-security inherently present in NAT, the ISP could have a policy that those using ISATAP as opposed to an IPv6-capable router will have incoming IPv6 traffic blocked, to maintain the status quo in security.
Sometimes, I feel like this transition process is being handled the wrong way, and that there are much easier solutions to these seemingly difficult migration problems.
Not to bust anyone's bubble, but the factoring problem is actually not known to be NP completely and evidence points to the fact that it is no[t]
Not to burst your bubble, but while factoring isn't believed to be NP-complete, it is definitely in NP. This means that it is actually easier to solve than NP-complete problems.
More evidence that factoring is not NP-complete is that there exists an algorithm called general number field sieve that has sub-exponential running time. If factoring were NP-complete, it would mean that all NP-complete algorithms could be solved in sub-exponential time, which is considered unlikely. Factoring is probably easier than NP-complete problems.
In fact, it seems that the current public-key algorithms are all apparently easier to solve than NP-complete problems.
There are many hard problems like that. Linear programming has the same property. It's unknown whether factoring has that property.
Factoring definitely has that property. The decision problem definition of factoring is, "Is there a divisor of X less than Y"? Most numbers are divisible by 2, 3 and 5, so for most numbers the answer is trivially "yes". Factoring a "random" number turns out to be fairly simple with elliptic curve factorization if the factors are "small", which is usually the case.
When choosing composite numbers to use in a cryptographic factoring problem, you deliberately choose problems of the worst case: numbers with exactly two prime factors that are both almost half the length of the composite number, but far enough from the square root to avoid attacks on that.
Slashdot Mirror
I double-checked things after I wrote this, and I'm wrong. I didn't realize that Shor's algorithm could be used to solve discrete logarithm problems. So, the ECC versions of things are not affected, but the integer versions of El Gamal and Diffe-Hellman are.
ECC is still the discrete logarithm problem, just applied to a group other than integers mod another integer.
Give Red Hat a call. Seriously, if their sales department can't justify it for you, it's not justified.
My company has something like 20,000 diskless servers running Linux. Red Hat wanted us to pay for that level of support, which is ridiculous. Groups of several hundreds or thousands machines all netboot from the same image. Because of this, our needs for support is far lower than the number 20,000 suggests.
In the end, it was far cheaper for us to use CentOS and hire people to maintain the machines and their OS image than to pay what Red Hat demanded for 20,000 machines. Red Hat's business model just didn't fit, even though we wanted to have their support.
Microsoft
I'm fairly sure that Windows does not use the zoneinfo database. Their time zone list is organized in a very different way, and it doesn't even use the time zone names the Unix world is used to, like America/New_York.
But pretty much everyone else does.
While the outcome may be obvious, there's still a strategic advantage of stringing the whole thing out. The idea being that if you have deeper pockets, you'll force your opponent into bankruptcy. Sacrifice your own money to bleed them dry.
I have a feeling that their lawyer isn't quite aware of the hornet's nest she's stirred up here. The zoneinfo database is pretty much everywhere outside of Windows. There's even a copy on my iPhone. She's indirectly picked a fight with the largest corporation in America.
Cue legal support from IBM, Apple and the EFF in 3...2...1...
Crossing the swamp on foot without getting attacked by the serpent is all but impossible
I've managed to get past the Midgarsormr in FF7 without a chocobo. It's just timing and a lot of luck.
I can't comment much on the tradeoffs except to say that I think it solves the problem of Cygwin's fork() being terrible. (SUA also provides a route to get multiple files with the same case-folded name but different case-sensitive names, which I don't think you can do with Cygwin since it goes through the Win32 API.)
Yep, fork() on Interix (SUA) works much more efficiently. The NT kernel has supported what's essentially fork() since at least NT 4.0. The problem until Interix - and the reason why Cygwin's fork() sucks - is that the Win32 DLLs don't react well to being fork()ed. kernel32.dll gets confused, and simple things like console output stop working. Interix doesn't use the Win32 API, instead using a custom POSIX API and the NT API directly. The NT API has been updated to work in the event of a fork().
The NT API function NtCreateProcess spawns a new process. The SectionHandle parameter takes a handle to the image section (IE, CreateFileMapping with SEC_IMAGE) representing the EXE you want the new process to run. If you pass NULL for SectionHandle, you will instead be creating a copy of the parent process's address space, the main part of fork().
That's simply not true. The near-annihilation of native Americans was far more due to the smallpox the Europeans brought than anything the Europeans did themselves.
The irony of most Christian denominations' disbelief of evolution is that religions evolve through natural selection analogously to life forms. In fact, it is through evolution that the Abrahamic faiths came to dominate Europe and the Middle East.
How long before it's used as evidence in court?
I'm more worried that this will be used for new DRM systems that are hard to crack. You could make some really nasty anti-tampering protections with this.
Quite a bit of Windows software is compiled using Intel's compilers...
Dear KiloByte,
You clearly just made that up. That is a patently untrue statment. Both Windows and Office are bult with the Microsoft Compiler.
Wow, I would've expected better from a low 6-digit UID. Maybe, perhaps, by "Windows software" KiloByte meant programs made to run on Windows, not necessarily Windows itself? There exist companies making Windows software that were built with Intel C++.
"Any sufficiently advanced technology is indistinguishable from magic." - Arthur C. Clarke
I disagree. Magic doesn't follow the Second Law of Thermodynamics. In any unknown advanced technology, we could identify the heat reservoir.
...then it is no surprise that malware is about to explode on Macs. I submitted a local privilege exploit in Mac OS that allowed any process to get kernel privilege at least 8 months ago, and they still haven't released a fix for it. This is even though the fix is only a few lines of code.
If the exploit had not been x86-specific, I would have given it to the iPhone jailbreakers instead of Apple.
Tiny RAM space is one of the methods they use to slow down piracy. It's harder to hide bootloader-based copy protection cracking in resident memory if all of it needs to be used legitimately.
Are you kidding me? The PS3, Wii and 360 all have extra memory reserved for the kernel inside which piracy hacks have been placed for a while.
If everyone is placed behind ISP-level NAT, which is the way things appear to be going, particularly in Asia, BitTorrent would go away. You can't do peer-to-peer communication if you can't receive incoming connections.
ISPs would love to get rid of BitTorrent, because it's more than half the traffic their customers use. ISPs would also love to get rid of people running servers off their home machines, something also prevented.
It would not surprise me at all if the movie and music industries would bribe^W contribute to the campaigns of congresscritters to make IPv6 illegal or inhibit its adoption. It would certainly be in their best interest.
I'm transsexual and take testosterone blockers in order to help feminise my body, and changes in sex drive were quite noticeable. Propecia's active substance, finasteride, is essentially a testosterone blocker ( thou admittedly a weaker one than what I am taking ) so I'm not at all surprised it can have such side effects.
Same, though I'm on both finasteride and spironolactone. This is very much a desirable side effect for us. =)
I just hope that this doesn't result in a massive recall and them stopping making it. Finasteride in higher doses is used as part of a prostate cancer treatment regimen for analogous reasons to this "side effect", so hopefully the drug won't go away completely.
Because the TI-84 Plus graphing calculator had a USB port, and is user-programmable, people used it to do the USB-based original jailbreak.
CS and Software eng hiring is much more driven by business guys who, ask questions like.. I kid you not "Do you know HTML"
I'm a skilled reverse engineer who works in C++ and obviously assembly language, yet I don't know all but the simplest HTML.
That said, your point stands; I could learn HTML very quickly, artistic techniques aside.
but all the competition they're trying to squeeze out will just switch to v6...
And what competition is that?
I reported a local privilege escalation exploit in the Darwin x86-32/64 kernel about eight months ago and they still haven't released a patch yet. What's stupid is that fixing it is an obvious single line to change in the code.
Even if they used the sandboxing API, I'm sure it wouldn't be too hard to find a bug like mine to get root access.
As an aside, if this exploit weren't specific to x86, I would've given the exploit to the iPhone jailbreak hackers instead of Apple.
Presumably it can only exist online or in digital format. As soon as you display it, print it or make a flag out of it any mismatch from fading, dye inconsistencies, LED spec variation etc. would mean that the colors no longer have that exact hexadecimal representation.
Yes. However, the differences in color will only be in the lower bits, and you can re-derive the correct key reasonably quickly through brute force. Also, if you know the printing process and the primary colors it uses, you could closely analyze the halftone pattern the printer chose.
In Windows Vista and 7, if DNS resolves the name "isatap", Windows will automatically try to acquire an IPv6 prefix using an IPv4 tunnel to the ISATAP server, and use that server to route all your IPv6 traffic. Windows XP SP1+ will as well, once you enable IPv6.
When an ISP implements IPv6, why can't they also add an ISATAP server? With ISATAP, customers with IPv4 routers will have computers that notice the ISP's IPv6 router and start using it through their IPv4 NAT router automatically.
Cisco could implement ISATAP into their routers so that ISPs' internal routers could provide the ISATAP interface, which would be better than a normal machine being a single point of failure. Is this an ISATAP packet destined for the fake IP address we set up as the isatap DNS result? Yes. Let's translate this packet to IPv6 and send it on its way.
Since this is effectively bypassing the customer's IPv4 router's pseudo-security inherently present in NAT, the ISP could have a policy that those using ISATAP as opposed to an IPv6-capable router will have incoming IPv6 traffic blocked, to maintain the status quo in security.
Sometimes, I feel like this transition process is being handled the wrong way, and that there are much easier solutions to these seemingly difficult migration problems.
Not to bust anyone's bubble, but the factoring problem is actually not known to be NP completely and evidence points to the fact that it is no[t]
Not to burst your bubble, but while factoring isn't believed to be NP-complete, it is definitely in NP. This means that it is actually easier to solve than NP-complete problems.
More evidence that factoring is not NP-complete is that there exists an algorithm called general number field sieve that has sub-exponential running time. If factoring were NP-complete, it would mean that all NP-complete algorithms could be solved in sub-exponential time, which is considered unlikely. Factoring is probably easier than NP-complete problems.
In fact, it seems that the current public-key algorithms are all apparently easier to solve than NP-complete problems.
There are many hard problems like that. Linear programming has the same property. It's unknown whether factoring has that property.
Factoring definitely has that property. The decision problem definition of factoring is, "Is there a divisor of X less than Y"? Most numbers are divisible by 2, 3 and 5, so for most numbers the answer is trivially "yes". Factoring a "random" number turns out to be fairly simple with elliptic curve factorization if the factors are "small", which is usually the case.
When choosing composite numbers to use in a cryptographic factoring problem, you deliberately choose problems of the worst case: numbers with exactly two prime factors that are both almost half the length of the composite number, but far enough from the square root to avoid attacks on that.
It took them 8 months to fix a 10.6 simple kernel privilege escalation exploit I submitted to their security team last year.
It's x86-specific; otherwise, I would've sent it to the iPhone jailbreak hackers instead of Apple.