Simple to use, great - but the company provides no specifications, like how random numbers are generated (most essential to Diffie-Hellman key exchange protocol), signal input/output details (so that the device can be verified properly).
The cryptographic details also don't allow to trust this device too much - why did they use TDEA, the effective key length is not quite 168 bits (although meet-in-the-middle attack to reduce it to 112 bits is probably not applicable in this case), why do they use such a low modulus (think of it as 1024 bits in RSA), if they used such modulus for speed reasons, why didn't they use elliptic curve cryptography, again why the hell did they use TDEA which is susceptible to known attacks).
Most importantly, this device seems to be completely useless against active wiretapping, since Man-in-the-Middle attack (which is trivial for the government in telephony) will break this setup completely. What is displayed on the screen is probably some hash of the shared secret, in which case it is completely useless due to its small size (exhaustive search done by the attacker would do, and even if it weren't possible, most people wouldn't understand why they need to check that they have the same hash each time they communicate).
I think you will find that most, if not all strong ecryption algorithms are in the public domain.
I wonder whether you have any evidence that will back this up. I am quite sure that most Signal Corps commands in military organizations worldwide will disagree.
If you can imagine a generic implementation, you can combine the best of both approaches: hiding the type downcasting inside the generic templated definition:
So, you have just slowed your sort template by an order of magnitude, since you use a function pointer to compare elements, something that would be probably inlined by the original template.
In your example, for those inside that universe, it is impossible to prove causation. For all intents and purposes, in that universe, the question of its cause is one for the philosophers of that universe to argue.
Completely wrong, since it might be possible to prove that the only way their universe was created is via external cause.
Why, you're right! That link perfectly explains why you think something did happen "before" the big bang! Thanks!
Okay, you seem so sure that causality is only possible within a single time frame, so I will give you a counter-example.
In the inflationary universe theory, already considered classic, it is possible to create black holes, which under some conditions will expand into their own universes, which will then have spacetime completely separated from ours.
The second universe creation was then caused from this universe, although nothing prevents any smartass in that universe to claim that it is impossible for anything to cause creation of it, since the time began when the universe was created.
P.S. What you want to believe about "before" the big bang is a metaphysicial question, because time and space began at the big bang. You might as well be asking "what is north of the north pole?"
That's bullshit. Notion of time is not necessary for causality.
Any cipher that relies on mathematics can not be proven secure. If you look up Gödel's Incompleteness Theorems... (rest of nonsense skipped)
Get a clue, than come back. By your amazing logic, it's impossible to prove that P=NP or P<NP, since there is always a possibility of a non-provable/disprovable claim to otherwise. I wonder why thousands of mathematicians don't abandon the problem...
If the platform uses 9M for a small program, that's not part of Hello World's memory footprint. How much memory does a compiled C program take (including all external libraries and the kernel itself) compared to its compiled size? The holistic difference is striking.
Kernel and external libraries are shared by the different processes. If the JVM and the class libraries are not shared, it's inherent problem in the language implementation, and should be solved by Sun if they want Java to ever become a "real" language, in which majority of desktop/server parts can be implemented. Dismissing the problem using invalid comparisons just doesn't fly here.
Oh, and cheaper memory argument doesn't fly either. The JVM is a program, and, as any evolving project, becomes more bloated when memory becomes cheaper.
The DNS system is pretty much full of inconsistencies anyway (.tv,.cx, hmm what else?). I once had an idea how they can be arranged to be more logical, but change would just confuse oh-the-so-numerous websurfing grandmothers of the world.
Eh? The DNS system is very consistent. Each domain is responsible for its subdomains, what's more consistent than that?
yeh, I'm marking c++ lab exercises now, and I can tell ya, people that don't comment enough surely don't make it easy on those people that have to understand their code.
What? You read the code?
You're new to this, right? Don't worry, soon you, too, will write scripts for automatic exercise checking.
That can't possibly be right. If use of the entity is out of the question (just as it seems to be on./), maybe they could have said 0.000013 mm or even spelled out the word "micron" right out.
By moving to a 64-bit computer, the address space becomes astronomical - it is 4 billion time larger than the 32-bit addressing space. In the last twenty years, the average amount of memory in a computer has gone from about 512k to 512 megs - it's increased by about a thousand times. At that growth rate, a 64-bit address space would easily last through our lifetimes.
Err... 20 years aren't exactly a "lifetime". What about 3 times that? Whoah, billion times the memory. Also, recall that about 60 years ago, memory was counted in bits.
And there is always possibility for a breakthrough.
It seems that nothing is sacred anymore. First you get everybody and his brother trying to introduce alternate root zones, then you get morons like NewNet that go a step further and require a browser plugin. Now Verisign does this.
I understand that having non-ascii characters in host/domain names would be desirable, however if they can't do it without breaking the DNS protocol, then they should get their ass right back to the R&D lab and try harder.
This issue is extensively discussed on D.J. Bernstein's page, here.
Slashdot Mirror
Also, Linux = Linus. What's your point?
What exactly is wrong with naming something after yourself?
Correct me if I am wrong, but the name "Linux" wasn't given to the OS by Linus himself.
Point being, all of this claptrap on restricting encryption is just that, meaningless nonsense.
Point being, due to restricting encryption various agencies can scan all the telephony communications without any effort.
Any idea how much could this cost? :)
In the worst case, the money-value of the secrets you trust it with, combined.
Simple to use, great - but the company provides no specifications, like how random numbers are generated (most essential to Diffie-Hellman key exchange protocol), signal input/output details (so that the device can be verified properly).
The cryptographic details also don't allow to trust this device too much - why did they use TDEA, the effective key length is not quite 168 bits (although meet-in-the-middle attack to reduce it to 112 bits is probably not applicable in this case), why do they use such a low modulus (think of it as 1024 bits in RSA), if they used such modulus for speed reasons, why didn't they use elliptic curve cryptography, again why the hell did they use TDEA which is susceptible to known attacks).
Most importantly, this device seems to be completely useless against active wiretapping, since Man-in-the-Middle attack (which is trivial for the government in telephony) will break this setup completely. What is displayed on the screen is probably some hash of the shared secret, in which case it is completely useless due to its small size (exhaustive search done by the attacker would do, and even if it weren't possible, most people wouldn't understand why they need to check that they have the same hash each time they communicate).
In short, no thanks.
I think you will find that most, if not all strong ecryption algorithms are in the public domain.
I wonder whether you have any evidence that will back this up. I am quite sure that most Signal Corps commands in military organizations worldwide will disagree.
Use defines language, get over it.
But the world can use maybe 100,000 software developers ...
The world also doesn't need more than 3, maybe 4 computers.
If you can imagine a generic implementation, you can combine the best of both approaches: hiding the type downcasting inside the generic templated definition:
inline void template <typename T> Sort(T array[], size_t count)
{
genericSort((void *)array, count, (int (*)(void *, void *)SortCompare<T>);
}
So, you have just slowed your sort template by an order of magnitude, since you use a function pointer to compare elements, something that would be probably inlined by the original template.
Best of both approaches? I don't think so...
There's no need for encyption of something that is freely, publically available. Checksums, yes, encryption, no.
So, how do you ensure integrity of the checksums, then?
In your example, for those inside that universe, it is impossible to prove causation. For all intents and purposes, in that universe, the question of its cause is one for the philosophers of that universe to argue.
Completely wrong, since it might be possible to prove that the only way their universe was created is via external cause.
Why, you're right! That link perfectly explains why you think something did happen "before" the big bang! Thanks!
Okay, you seem so sure that causality is only possible within a single time frame, so I will give you a counter-example.
In the inflationary universe theory, already considered classic, it is possible to create black holes, which under some conditions will expand into their own universes, which will then have spacetime completely separated from ours.
The second universe creation was then caused from this universe, although nothing prevents any smartass in that universe to claim that it is impossible for anything to cause creation of it, since the time began when the universe was created.
That's a priceless comment. Do tell how one can have cause and effect without the notion of time.
Time is a property of space-time geometry. Causality is not. Go get some clue.
And you can't really move one meter. Cause at first you move 1/2 of a meter, then 1/4, then 1/8...
Yeah, I dig.
P.S. What you want to believe about "before" the big bang is a metaphysicial question, because time and space began at the big bang. You might as well be asking "what is north of the north pole?"
That's bullshit. Notion of time is not necessary for causality.
Any cipher that relies on mathematics can not be proven secure. If you look up Gödel's Incompleteness Theorems... (rest of nonsense skipped)
Get a clue, than come back. By your amazing logic, it's impossible to prove that P=NP or P<NP, since there is always a possibility of a non-provable/disprovable claim to otherwise. I wonder why thousands of mathematicians don't abandon the problem...
If the platform uses 9M for a small program, that's not part of Hello World's memory footprint. How much memory does a compiled C program take (including all external libraries and the kernel itself) compared to its compiled size? The holistic difference is striking.
Kernel and external libraries are shared by the different processes. If the JVM and the class libraries are not shared, it's inherent problem in the language implementation, and should be solved by Sun if they want Java to ever become a "real" language, in which majority of desktop/server parts can be implemented. Dismissing the problem using invalid comparisons just doesn't fly here.
Oh, and cheaper memory argument doesn't fly either. The JVM is a program, and, as any evolving project, becomes more bloated when memory becomes cheaper.
The DNS system is pretty much full of inconsistencies anyway (.tv, .cx, hmm what else?). I once had an idea how they can be arranged to be more logical, but change would just confuse oh-the-so-numerous websurfing grandmothers of the world.
Eh? The DNS system is very consistent. Each domain is responsible for its subdomains, what's more consistent than that?
The unique signed tranasaction data would make it hard to fake the transactions.
And would make it easy to track the transactions of a given card.
Yeah! I have such problems too -- just today I wrote this trivial hello-world program and it just won't print anything!
yeh, I'm marking c++ lab exercises now, and I can tell ya, people that don't comment enough surely don't make it easy on those people that have to understand their code.
What? You read the code?
You're new to this, right? Don't worry, soon you, too, will write scripts for automatic exercise checking.
Or Russians will claim that it were them who won the WWII...
That can't possibly be right. If use of the entity is out of the question (just as it seems to be on ./), maybe they could have said 0.000013 mm or even spelled out the word "micron" right out.
Or, even better, 0.00013mm. :)
By moving to a 64-bit computer, the address space becomes astronomical - it is 4 billion time larger than the 32-bit addressing space. In the last twenty years, the average amount of memory in a computer has gone from about 512k to 512 megs - it's increased by about a thousand times. At that growth rate, a 64-bit address space would easily last through our lifetimes.
Err... 20 years aren't exactly a "lifetime". What about 3 times that? Whoah, billion times the memory. Also, recall that about 60 years ago, memory was counted in bits.
And there is always possibility for a breakthrough.
I think your prediction is a bit... exaggerated.
I predict that the problem was in the updated avionics software.
You heard it hear first.
Your "prediction", even if it turns out correct, is useless, since it's nothing more than a guess.
Provide facts, and logic. Otherwise, you can just as well pick any other of the thousands of parts in the shuttle.
It seems that nothing is sacred anymore. First you get everybody and his brother trying to introduce alternate root zones, then you get morons like NewNet that go a step further and require a browser plugin. Now Verisign does this.
I understand that having non-ascii characters in host/domain names would be desirable, however if they can't do it without breaking the DNS protocol, then they should get their ass right back to the R&D lab and try harder.
This issue is extensively discussed on D.J. Bernstein's page, here.