So if the US or EU ever adopted real antispam laws, it could start a big domino effect that would cause a lot of other countries to adopt antispam laws as well.
It could happen, but you cannot be sure. I hope you will be proven right.
Maybe it sounds like it, but it certainly doesn't look like it.
To me it looks a lot better than it sounds, but it is certainly
not a replacement for X. It is more intended as something
between X and the command line. More user interface than
a command line and less bloated than X. It looks quite a
lot like Turbo Vision, which is one of the nicer textmode
based interfaces. Now they just need a lot of useful
applications. I don't know how much attention they will
get, neither how much they deserve. Sure it looks nice,
but I don't want to pull too many resources from X or the
command line.
Can it really done that fast? I don't know the constant c, but if it is smaller than one, that would mean breaking a 1024 bit key would already be feasible. If c was just 0.5, it would be feasible for anybody to even factor a 2048 bit key. If c is more than 2 we are still safe for some time to come. Anyway, I will take your word for it, at least for the duration of this discussion.
The ^2/3 part can be removed, since that is just equivalent to c being a different constant. In the formula ln(n) is the bitsize of the key (this differs by a constant factor, but that just means a different c), so if we call this b, the formula, we are left with
O(exp(c*(b^(1/3)*ln(b))))
It is safe to remove the ln(b) part, because that only means we assume the attacker is stronger than we really expect. So we are left with.
O(exp(c*b^(1/3))
Which is BTW obviously smaller than the MPQS formula as well (for some c). In other words to get the same security as a k bit symetric key, we need b=(k/c)^3. This is quite a large amount of key bits.
Did you ever heard that assymetric key recovery is essentially a factoring challenge, which is never solved with brute forcing?
A brute force attack would mean trying all possible factors starting from 3 until you find the right one, which would be at most the square root of the number. And I'm perfectly aware, that there are faster ways to factor. That is part of the reason why people use at least four times as many bits for assymetric encryption than for symmetric encryptions. If you don't think that is secure, you should tell us what the time complexity of the fastests known factoring algorithm is.
How could it possibly be a dupe? The O'Reilly announcement dates one month later than the old Slashdot article you were pointing at. The fact that this new slashdot article first was posted one week after the announcement is another issue though.
You are mistaken. Linux, Win32, or any other OS has no say in the matter, there is always segmentation in IA32.
The CPU might see it as segmentation, but at the program and OS levels there is no segmentation. In fact most Linux programs never touch a segment register, from the programs point of view the segment registers could as well be nonexistent. And those parts of Linux actually dealing with segment registers are few.
I merely prefer different bases so that code and data do not overlap in the logical address space. This would be transparent to the programmer, pointers would still be the 32-bit offsets you know and love.
By doing that you would run into at the very least four different problems:
As I already pointed out you would not know where to place mappings when a mmap call was done.
You would have problems with trampolines.
You might need to use 32-bit pointers, but you would not get 32-bit address space because it would have to be split between different segments.
You would get problems with JIT compilers.
With four disadvantages and no advantages known to me, I consider it a bad idea.
I don't see where having code and data segments being aliases for
one another has anything to do with paging.
It simply means that you can ignore the little usable segmentation and
use the pure paging that is below the segmentation.
At the program level, OS or app, we have segment+offset.
That is actually not the case in Linux IA32. A pointer is merely an
integer.
The special case of the flat model with code and data based at
logical address zero is merely a historical convention of UNIX, it may
be a requirement on other architectures but it is not under IA32. It
was just convenient.
Segmentation is really not that useful. If you have segmentation
without paging you will loose some efficiency as you are forced to
read/write complete segments to your swap partition rather than single
pages. Paged segments does allow you to swap single pages in and out,
but that is not what IA32 offers, it has reversed the order of the
segmentation and paging layers, a horrible design which is probably
due to the requirement of 286 compatibility.
The UNIX API is not designed with segmentation in mind. When a program
mmap a file there is no indication whether this is code or data except
from the initial protection mask which can be changed later. At this
early point you cannot decide whether the file would go in data or code
page, in fact it might as well be some of each. Security is not a
valid argument for using segmentation, the UNIX API offers the same
security in the paged model, it is just not implemented by the IA32
hardware.
Another of the arguments in favor of segmentation is address space. It
is claimed that with segmentation you are less likely to run out of
address space because you can have independent segments for each type
of data you store. I say it is an incorrect argument, they are
comparing a segment+offset address with a linear address the size of
the offset itself. So the observation really would be that with more
bits in the addressing you are less likely to run out of address
space. Obviously that is true, but a large linear address would help
even more. At the same size of addresses the linear model will beat
the segmented any time because of the flexibility offered by the
linear model. With IA32 it is even worse because not only do you need
larger pointers in the segmented model without getting enough from
them, but at the same time it all has to be mapped into the single
linear address space which is no larger than it used to be.
Lastly, if we can't get out of this universe into another one, what difference does it make?
You have some interesting thoughts on the subject, many of which I have also been thinking from time to time. The more I think about it the more I start wondering. What is existence actually? It seems to me there must be different definitions of existence. In physics existence means it exists in our universe. In mathematics it means aproximately that it can be described and is not inconsistent with itself. The two definitions of existence leads to different answers to the question wether some imaginary universe exists. With the first definition the answer will be yes, with the second definition the answer will be no. But what is the correct definition of existence? You might have some third definition, and does it really matter?
aren't telemarketers prohibited by law from calling cell phones?
I don't know the law where you live. But where I live it is only very few products that telemarketers may sell. And they must start the conversation by saying that they are selling a product. (Or is it doorsales that applies to?)
That joke has been told many times. But in the case of Wine I think it is more appropriate than for most other pieces of software. I wonder why that joke was not one of the first three comments.
Nonexecutable read-write pages would have helped a lot in some cases. AFAIK that is not supported by the CPU. Only through nasty hacks doing stuff with undefined behaviour has it been possible to implement it.
The developers choose to make the code and data segments overlap, that is the error.
No that is certainly not an error. It is the way to go if you want to use a paged memory model on IA32. You cannot blame the kernel developers for some security feature being available in the segmented memory model but not in the paged memory model.
Slashdot Mirror
So if the US or EU ever adopted real antispam laws, it could start a big domino effect that would cause a lot of other countries to adopt antispam laws as well.
It could happen, but you cannot be sure. I hope you will be proven right.
Eventually, boredom will set into the hackers and they'll go onto something more challenging...
Trust me, they will..... Using your box as cover, so you get busted for their crimes.
co2
You missed the point. CO2 is carbondioxide. Co2 is cobalt in some molecular form with two atoms which I doubt exist. There is nothing called co2.
we don't use integers around here. the whole thing is coded in unary.
In that case I don't think it qualify as IPvAnything.
I'm still using IPv0.62.
What kind of network is it, that can put such a value into a four bit integer?
Co2
I don't think cobalt exist in molecular form, but even if it did, it would be nothing like carbondioxide.
Sounds like Windows NT/XP/ to me.
Maybe it sounds like it, but it certainly doesn't look like it. To me it looks a lot better than it sounds, but it is certainly not a replacement for X. It is more intended as something between X and the command line. More user interface than a command line and less bloated than X. It looks quite a lot like Turbo Vision, which is one of the nicer textmode based interfaces. Now they just need a lot of useful applications. I don't know how much attention they will get, neither how much they deserve. Sure it looks nice, but I don't want to pull too many resources from X or the command line.
Did they misplace it again? When are they going to learn it? Always put the Universe back once you are done using it!
Their young age
If you consider 25 years to be young.
O(exp(c*(ln(n)^1/3*ln(ln(n)^2/3)))
Can it really done that fast? I don't know the constant c, but if it is smaller than one, that would mean breaking a 1024 bit key would already be feasible. If c was just 0.5, it would be feasible for anybody to even factor a 2048 bit key. If c is more than 2 we are still safe for some time to come. Anyway, I will take your word for it, at least for the duration of this discussion.
The ^2/3 part can be removed, since that is just equivalent to c being a different constant. In the formula ln(n) is the bitsize of the key (this differs by a constant factor, but that just means a different c), so if we call this b, the formula, we are left with
O(exp(c*(b^(1/3)*ln(b))))
It is safe to remove the ln(b) part, because that only means we assume the attacker is stronger than we really expect. So we are left with.
O(exp(c*b^(1/3))
Which is BTW obviously smaller than the MPQS formula as well (for some c). In other words to get the same security as a k bit symetric key, we need b=(k/c)^3. This is quite a large amount of key bits.
Did you ever heard that assymetric key recovery is essentially a factoring challenge, which is never solved with brute forcing?
A brute force attack would mean trying all possible factors starting from 3 until you find the right one, which would be at most the square root of the number. And I'm perfectly aware, that there are faster ways to factor. That is part of the reason why people use at least four times as many bits for assymetric encryption than for symmetric encryptions. If you don't think that is secure, you should tell us what the time complexity of the fastests known factoring algorithm is.
why ask him this?
Sorry if I was unclear. The banner just said "ALT F4", not the entire question. I think they wanted him to stop talking.
ever hear of alt-f4 ?
I have heard of it. I have also heard about Gates giving a talk once where people started waving banners with those exact words.
How could it possibly be a dupe? The O'Reilly announcement dates one month later than the old Slashdot article you were pointing at. The fact that this new slashdot article first was posted one week after the announcement is another issue though.
to just disconnect AOL from the internet?
I'm also fighting spam. Yesterday there were three mails in my Inbox saying "Lets murder antispammers".
Obviously, you get spammed.
You almost got me trying to do so just to see what would happen.
Uh, you might want to reconsider believing the story attributed to the Register.
Where do you see that story?
we are going to move all the mailing list traffic onto a protocol like RSS that is a pull mode protocol rather than push.
How about NNTP?
The CPU might see it as segmentation, but at the program and OS levels there is no segmentation. In fact most Linux programs never touch a segment register, from the programs point of view the segment registers could as well be nonexistent. And those parts of Linux actually dealing with segment registers are few.
I merely prefer different bases so that code and data do not overlap in the logical address space. This would be transparent to the programmer, pointers would still be the 32-bit offsets you know and love.
By doing that you would run into at the very least four different problems:
- As I already pointed out you would not know where to place mappings when a mmap call was done.
- You would have problems with trampolines.
- You might need to use 32-bit pointers, but you would not get 32-bit address space because it would have to be split between different segments.
- You would get problems with JIT compilers.
With four disadvantages and no advantages known to me, I consider it a bad idea.I don't see where having code and data segments being aliases for one another has anything to do with paging.
It simply means that you can ignore the little usable segmentation and use the pure paging that is below the segmentation.
At the program level, OS or app, we have segment+offset.
That is actually not the case in Linux IA32. A pointer is merely an integer.
The special case of the flat model with code and data based at logical address zero is merely a historical convention of UNIX, it may be a requirement on other architectures but it is not under IA32. It was just convenient.
Segmentation is really not that useful. If you have segmentation without paging you will loose some efficiency as you are forced to read/write complete segments to your swap partition rather than single pages. Paged segments does allow you to swap single pages in and out, but that is not what IA32 offers, it has reversed the order of the segmentation and paging layers, a horrible design which is probably due to the requirement of 286 compatibility.
The UNIX API is not designed with segmentation in mind. When a program mmap a file there is no indication whether this is code or data except from the initial protection mask which can be changed later. At this early point you cannot decide whether the file would go in data or code page, in fact it might as well be some of each. Security is not a valid argument for using segmentation, the UNIX API offers the same security in the paged model, it is just not implemented by the IA32 hardware.
Another of the arguments in favor of segmentation is address space. It is claimed that with segmentation you are less likely to run out of address space because you can have independent segments for each type of data you store. I say it is an incorrect argument, they are comparing a segment+offset address with a linear address the size of the offset itself. So the observation really would be that with more bits in the addressing you are less likely to run out of address space. Obviously that is true, but a large linear address would help even more. At the same size of addresses the linear model will beat the segmented any time because of the flexibility offered by the linear model. With IA32 it is even worse because not only do you need larger pointers in the segmented model without getting enough from them, but at the same time it all has to be mapped into the single linear address space which is no larger than it used to be.
Lastly, if we can't get out of this universe into another one, what difference does it make?
You have some interesting thoughts on the subject, many of which I have also been thinking from time to time. The more I think about it the more I start wondering. What is existence actually? It seems to me there must be different definitions of existence. In physics existence means it exists in our universe. In mathematics it means aproximately that it can be described and is not inconsistent with itself. The two definitions of existence leads to different answers to the question wether some imaginary universe exists. With the first definition the answer will be yes, with the second definition the answer will be no. But what is the correct definition of existence? You might have some third definition, and does it really matter?
aren't telemarketers prohibited by law from calling cell phones?
I don't know the law where you live. But where I live it is only very few products that telemarketers may sell. And they must start the conversation by saying that they are selling a product. (Or is it doorsales that applies to?)
That joke has been told many times. But in the case of Wine I think it is more appropriate than for most other pieces of software. I wonder why that joke was not one of the first three comments.
It's not Intel, it's the kernel developers.
Nonexecutable read-write pages would have helped a lot in some cases. AFAIK that is not supported by the CPU. Only through nasty hacks doing stuff with undefined behaviour has it been possible to implement it.
The developers choose to make the code and data segments overlap, that is the error.
No that is certainly not an error. It is the way to go if you want to use a paged memory model on IA32. You cannot blame the kernel developers for some security feature being available in the segmented memory model but not in the paged memory model.