I don't know about my point, but I'm having trouble finding yours. You seem to be claiming, "There have not yet been any exploits found in djbdns, therefore it is secure."
It is probably secure, because no exploit has been found for it yet, despite widespread use.
Why do bugs that have already been fixed somehow invalidate the security of a package in the future, compared to a package in which no bugs have happened to be found yet?
If a bug is found in a released product, then with probability close to 100% it has more bugs. Yet, if no bugs have ever been discovered in a product, then it may have no bugs at all.
There's an awful lot of djb worshiping going on here. I seriously doubt djb happens to be the only living example in the world of a programmer who simply won't ever make a mistake. Very few people use djbdns compared to the uncountable masses that use popular open source server software. Don't you think there just might be a "more eyes spot more flies" corollary there?
Perhaps djbdns is not a good example for this purpose. Qmail is the second most common SMTP server on the internet. No bugs have been found in it yet. Countless bugs have been found in sendmail and postfix. According to your flawed logic, after each sendmail patch, it may be more secure than qmail.
Worshipping D. J. Bernshtein is fully justified. Unlike immature programmers working in open sores projects, he does not release buggy products.
Quantum Key Distribution algorithms such as BB84 (which is what people are actually refering to when they talk about "Quantum Cryptography") allows two parties to exchange absolutly secure OTP keys over an insecure medium, while the properties of quantum mechanics ensure that an adversary couldn't evesdrop or modify the traffic in transit.
Unlike OTPs, Quantum Cryptography security is not provable from mathematical axioms. Therefore, the OTP keys being exchanged are not "absolutely secure".
'Breaking' is a term of art in cryptography. It means finding a solution that requires less time than a brute-force search. Even a 1% improvement qualifies as a 'break', although it might not have any practical value.
Any x% improvement is certainly not a "break". "Breaking" must involve improvement in time- or space-complexity of the solution.
Oh yeah, in regular life I estimate how 15 * 10^-6 relates to 1368 * 10^-6 so much more than how 8 minutes relates to 12 hours.
You know, I suggest we start using SI to the point. For instance, speed should always be measured in m/s. Or, even better, it should be measured without units altogether, as a fraction of speed of light, since this is one true way to express speed.
Remember not to exceed 0.0000000926 on the road next time!
Basic understanding of physics as well, probably. Don't you know that observation without interaction is not possible? How exactly would you "see" without intercepting some photons?
Your ideas are remarkably insightful. Have you considered posting them on a respectable forum with people who are ready to discuss revolutionary theories?
No, I do not make unbased assumptions. I, however, find the possibility of technology being able to change the laws of the universe at some point in time plausible.
Slashdot Mirror
My mother in law knows what a gigabyte is. I think it's safe to stop with the point-of-reference crap.
My words exactly. Everyone knows that one gigabyte is 1,000,000,000 bytes.
Please explain how one GigaByte does not equal 1,000,000,000 bytes of data.
It's actually 4,700,000 bits of data
More like 4,700,000,000 bytes.
Your math is nonsense. You should read The Mythical Man-Month.
I don't know about my point, but I'm having trouble finding yours. You seem to be claiming, "There have not yet been any exploits found in djbdns, therefore it is secure."
It is probably secure, because no exploit has been found for it yet, despite widespread use.
Why do bugs that have already been fixed somehow invalidate the security of a package in the future, compared to a package in which no bugs have happened to be found yet?
If a bug is found in a released product, then with probability close to 100% it has more bugs. Yet, if no bugs have ever been discovered in a product, then it may have no bugs at all.
There's an awful lot of djb worshiping going on here. I seriously doubt djb happens to be the only living example in the world of a programmer who simply won't ever make a mistake. Very few people use djbdns compared to the uncountable masses that use popular open source server software. Don't you think there just might be a "more eyes spot more flies" corollary there?
Perhaps djbdns is not a good example for this purpose. Qmail is the second most common SMTP server on the internet. No bugs have been found in it yet. Countless bugs have been found in sendmail and postfix. According to your flawed logic, after each sendmail patch, it may be more secure than qmail.
Worshipping D. J. Bernshtein is fully justified. Unlike immature programmers working in open sores projects, he does not release buggy products.
Heil djb. Long live qmail.
I guess you don't use Postfix, PureFTPd, OpenSSH, BIND 9, or OpenBSD, for that matter. Since they are free, they cannot be secure.
There were exploits for all of these. Thus, they were not secure.
There were no exploits for djbdns.
What was your point again?
Yeah thanks for correction (see my reply above).
(Usually I would get trollish, but hey, this is Grub author here - I am not worthy :)).
Yeah I got confused when reading his post - thought he meant the reverse.
By the way, you always do encryption AFTER data compression. Doing it before data compression ensures that your compression ratio is close to 0%.
Am I the only one who thinks there is something wrong with this sentence?
It should be the reverse, obviously.
Over-zelous MSS activists are breaking the PDF!
Quantum Key Distribution algorithms such as BB84 (which is what people are actually refering to when they talk about "Quantum Cryptography") allows two parties to exchange absolutly secure OTP keys over an insecure medium, while the properties of quantum mechanics ensure that an adversary couldn't evesdrop or modify the traffic in transit.
Unlike OTPs, Quantum Cryptography security is not provable from mathematical axioms. Therefore, the OTP keys being exchanged are not "absolutely secure".
Obviously, you have no clue of what qbits are.
Brute forcing encryption is not sorting.
Encryption is not symmetric key encryption.
'Breaking' is a term of art in cryptography. It means finding a solution that requires less time than a brute-force search. Even a 1% improvement qualifies as a 'break', although it might not have any practical value.
Any x% improvement is certainly not a "break". "Breaking" must involve improvement in time- or space-complexity of the solution.
This is just hilarious...
I guess you are of those people who posted point-by-point rebuttals to the "Hacker" article on Adeqacy.
Want a cookie?
There is no necessity whatsoever to understand mass-energy equivalence in order to explain Michelson-Morley experiment results.
What's the point of your comment exactly?
Do you assert that the original poster didn't know that? I suggest you reread his post more carefully.
Oh yeah, in regular life I estimate how 15 * 10^-6 relates to 1368 * 10^-6 so much more than how 8 minutes relates to 12 hours.
You know, I suggest we start using SI to the point. For instance, speed should always be measured in m/s. Or, even better, it should be measured without units altogether, as a fraction of speed of light, since this is one true way to express speed.
Remember not to exceed 0.0000000926 on the road next time!
Basic understanding of physics as well, probably. Don't you know that observation without interaction is not possible? How exactly would you "see" without intercepting some photons?
Hello Louis.
Your ideas are remarkably insightful. Have you considered posting them on a respectable forum with people who are ready to discuss revolutionary theories?
If you place a link in a comment that you write, please check that the server is alive first, or at least click on the links in the comment preview.
Are you a Top Hacker?
Nemeses.
No, I do not make unbased assumptions. I, however, find the possibility of technology being able to change the laws of the universe at some point in time plausible.
The confidence with which you make your unbased claims is hilarious.
I love how non-Americans
[...blah blah...]
I love how non-non-Americans can, uh, uhm, never mind!
The proper term is actually Moderators on Crack.
Please use the correct wording from now on. Thank you.