Even if he only has some of your messages... say for example he is missing a message where 8 bits are added to the key. He knows your 160-bit key but needs your 168-bit key. Guess what? He only has to break an 8-bit key, which can be done on the Atari 2600 in his basement.
You missed the point.
Adding bits does help. And breaking the system is not about just trying the possible combinations. You cannot decrypt the quantum encrypted data, your only chance of breaking the system is forging a message from one of the two parties during the communication. You cannot just try all possible keys, you have only one try. If you send an invalid message, it will be discovered.
And when talking about adding a few bits every time, I talk about a few bits larger key. All the bits in the new key are brand new random bits. So basically you will have to start all over again every time you try. And every time you try, your chance of breaking the system is smaller than last time you tried.
If we get quantum computers and quantum cryptography, it will be the
end of public key cryptography. We will need to exchange the initial
keys face to face. The keys will not be used for encryption but rather
integrity, which is a requirement for quantum cryptography to work.
Obviously we will need to use unconditionally secure
message-authentication-codes on our messages. Luckily the key needed
for integrity does not grow linearly with the key size like keys
needed for confidentiality.
This means that once we have exchanged the initial keys, we can just
append new key material to our messages whenever we send quantum
encrypted data. This will provide us with a key for integrity the next
time we need to communicate.
To be very secure, I would not like to use a fixed key size for all
future communication. I'd rather increase the key size by a few bits
whenever a message is being exchanged. With a fixed key size, the
chance of breaking the system will converge toward 100% as the number
of attempts converges toward infinity. With a growing key size, the
chance of every breaking the system will converge toward a small
number, that is exponentially small as a function of the initial key
size.
This still leaves the DoS problem. An attacker might just keep messing
up the messages until we run out of key material for signing messages.
I see no solution other than keeping a lot of key material ready for
the future, and not keep trying too many times in a short period of
time if we keep seeing false signatures.
Even though we have no public keys, we can still build up trust
networks. If Alice has already exchanged keys with Bob and Charlie,
Alice can do the key exchange for Bob and Charlie. Of course this will
only work if Bob and Charlie trust Alice. But if Bob and Charlie has
exchanged keys with different middlemen, they can once send messages
signed with all their keys. Unless all middlemen are corrupt, Bob and
Charlie will discover any invalid key.
if not china, its about time they had one for google.
Sometimes a story fits multiple topics. It doesn't look like/. is capable of handling that, so one topic has to be picked. Sometimes we do see the next episode of a story under another topic.
Every time you compile any source you'd need
to get it signed. Guess who's going to sign
code?
Well, I don't know much about how Palladium
works, but I'd probably like to see a Linux
implementation differ in a few ways from what
Microsoft is going to implement. The signing
need to be implemented in the linker, and the
user should be able to make his own choices
about which keys to trust.
I'm not trying to copy any copyprotected software. I'm just trying to run my own software. If their mechanism prevents me from doing that, I don't call that a copy protection scheme.
I'm sure there is a name for a mechanism whose primary purpose is to prevent the competitors software from running, and I'm also sure you can find countries where this mechanism is illegal.
How does people like the idea of making a Linux version with support for Palladium? Of course it could turn out few people want to use it, but that is not the primary goal either. What is more interesting is, that some big companies might try to stop the project. And maybe we can get those companies break the law, which might help us at a later time in court.
I don't have to. Even if Microsoft owns some patent, it doesn't change anything. Their patent is not valid where I live. It even seems to be the case, that I'm allowed to reverse engineer their software, if that is the only way to get Linux running.
And then you might say, Microsoft can do enough lobying to get other products forbidden by law. Now I'm gonna compare this to countries that already have laws limiting peoples freedom. What do we say about people breaking the laws in those countries? Do we call them criminals? No, we don't, we say they are fighting for their freedom.
I guess in case laws are changed in favour of Microsoft, I'm willing to violate them, because I think that is the right thing to do.
No matter how I set permissions on that file it won't go away.
There are two possible explanations:
It is a feature you do not understand.
It is a bug.
Of course some people will claim those are the same. In case of a bug, my next comment has to be: fsck. (I don't even know if you can do that on Mac OS X, but it should be possible.)
In that case, you are on the wrong thread. This discussion is about the kernel configuration utility. This is not a utility any newbie should ever touch. The people at Debian, Mandrake, Redhat, and all the others could be going to use this utility to configure the kernel for their distributions. But this is in no way related to the hardware detection and setup you are talking about.
The installation and configuration utilities you are talking about are developed mostly by the individual distributors, and is a completely different issue.
If a newbie want to compile his own kernel, he should use the.config file that came with his distribution and then just use "make oldconfig". A graphical version of oldconfig, that provides help about the options and sane defaults, is the best we can do to help newbies that insist on compiling their own kernels.
Except from this the newbies should only use the kernel configuration utility if they know exactly what option they need to change.
IIRC there are still three parties larger than Dansk Folkeparti. Though the party is not yet that large it cannot be ignored. The amount of progress this party has made the last few years is scarry. I live in Denmark, but I never had and never will vote for Dansk Folkeparti.
Sometimes it sounds like people from the rest of the world thinks almost the entire Danish population supports Dansk Folkeparti, that is not the case.
During the campaign before the last election, the media made it sound like everybody had to support either Venstre or Socialdemokratiet. Personally I'd rather have the best from both sides than having to choose between the two.
it figures out how to get it working, and does so.
You say it like it is some kind of magic. There is no magic to this, somebody has to figure out how the hardware is working. If you don't want to figure that out by yourself, you shouldn't compile your own kernels. All distributions comes with precompiled kernels, and you can usually also download precompiled updates.
BTW I found almost everything I needed to know about CD recording in the CD-Writing-HOWTO.
Re:A positive application for the /. effect!
on
Crushing Experience
·
· Score: 2
Guess not... I just went to it, and the server is still up.
They actually have two servers. The one is serving a frameset and a single frame with some javascript. The other server is serving images and video. Do I need to say I can only get in touch with one of the two servers?
Right after reading this article by pure coincidence I just spotted a label on the USB cable that came with the cable modem from my ISP: "MADE IN CHINA".
OTOH the article says this: Part of you thrills to see the brash Kozmo.com co-founder sweating it out with other B-schoolers. Doesn't sound like he is a professor.
And searching on Google gave me this: Your search - "Joe Park" "Harvard Business School" - did not match
any documents.
Not yet. I actually suceeded in a search there. Of course when doing my first search I forgot to write the words backwards.
But I actually found a detail they didn't get working right. Though every word is written backwards, they didn't get every letter mirrored. So looking at the page through a mirror is not going to give the right result.
I never heard of Joe Park or kozmo.com, but It does sound like this person finally found out there was something he should have learned before starting his adventure.
I'd rather ask: Who is trusting Palladium? Should I trust Palladium? So far I have not been given any reason to trust it. Is this all about Microsoft trusting no people, and thus wanting to build computers they can trust instead?
The answer to this question is mostly decided by browsers. Most browsers contains a default list of trusted certificate authorities. The user can change this list, but very few users does.
The original idea was that an exact copy could be made, right?
You are right, we were actually not talking about the same. It is true, that at some layer an exact copy is not possible to make. That is why on top of that layer a new layer is introduced with error correction codes. By messing up the whole stuff, you can make disks, where the original and copy can be distinguished. But this also introduces problems like medias vulnurable to scratches and the like.
Now what I was talking about is the fact, that although you can distinguish the disks, this in itself doesn't prevent the copy from being used. Something more is needed. First of all you need hardware, that will do the checks or allow software to do so. And if the checks are done in software, that software should be in the box, not on the disk. Because if it was on the disk, it could just be removed from the copy.
This kind of protection in the hardware is going to annoy some users. So I'm wondering, how many playstations would they sell, if people couldn't by the mod chip.
if you can make a bit by bit copy, with whatever magic software, why do devices like modchips even exist.
Maybe because some people wants to run other software. Even if they could run copies, that might not allow them to run software not approved by the manufacturer of the box.
Now imagine the situation where MS produces a new box, but when you buy such a box you are not allowed to run software not approved by MS. Of course they are never going to approve Linux, so we need a mod chip. Maybe this isn't even something we have to imagine. Read more
I live in a country where the law says, that a person who has the right to use a program is allowed to make changes to the program if that is necesarrry to use the program - including bugfixes. In my case the change was necesarry for me to use the program, and I didn't change the actual program, just put a layer between the floppydriver and the program.
Slashdot Mirror
Even if he only has some of your messages ... say for example he is missing a message where 8 bits are added to the key. He knows your 160-bit key but needs your 168-bit key. Guess what? He only has to break an 8-bit key, which can be done on the Atari 2600 in his basement.
You missed the point.
Adding bits does help. And breaking the system is not about just trying the possible combinations. You cannot decrypt the quantum encrypted data, your only chance of breaking the system is forging a message from one of the two parties during the communication. You cannot just try all possible keys, you have only one try. If you send an invalid message, it will be discovered.
And when talking about adding a few bits every time, I talk about a few bits larger key. All the bits in the new key are brand new random bits. So basically you will have to start all over again every time you try. And every time you try, your chance of breaking the system is smaller than last time you tried.
It'll be interesting to see what Red Hat Linux will be like when the 2.6.x kernel appears.
I guess Red Hat Linux 9.0 will be their first release with a 2.6 kernel.
key distribution problem
If we get quantum computers and quantum cryptography, it will be the end of public key cryptography. We will need to exchange the initial keys face to face. The keys will not be used for encryption but rather integrity, which is a requirement for quantum cryptography to work. Obviously we will need to use unconditionally secure message-authentication-codes on our messages. Luckily the key needed for integrity does not grow linearly with the key size like keys needed for confidentiality.
This means that once we have exchanged the initial keys, we can just append new key material to our messages whenever we send quantum encrypted data. This will provide us with a key for integrity the next time we need to communicate.
To be very secure, I would not like to use a fixed key size for all future communication. I'd rather increase the key size by a few bits whenever a message is being exchanged. With a fixed key size, the chance of breaking the system will converge toward 100% as the number of attempts converges toward infinity. With a growing key size, the chance of every breaking the system will converge toward a small number, that is exponentially small as a function of the initial key size.
This still leaves the DoS problem. An attacker might just keep messing up the messages until we run out of key material for signing messages. I see no solution other than keeping a lot of key material ready for the future, and not keep trying too many times in a short period of time if we keep seeing false signatures.
Even though we have no public keys, we can still build up trust networks. If Alice has already exchanged keys with Bob and Charlie, Alice can do the key exchange for Bob and Charlie. Of course this will only work if Bob and Charlie trust Alice. But if Bob and Charlie has exchanged keys with different middlemen, they can once send messages signed with all their keys. Unless all middlemen are corrupt, Bob and Charlie will discover any invalid key.
if not china, its about time they had one for google.
/. is capable of handling that, so one topic has to be picked. Sometimes we do see the next episode of a story under another topic.
Sometimes a story fits multiple topics. It doesn't look like
# rm -rf / ;-)
bash: syntax error near unexpected token `;-)'
Every time you compile any source you'd need to get it signed. Guess who's going to sign code?
Well, I don't know much about how Palladium works, but I'd probably like to see a Linux implementation differ in a few ways from what Microsoft is going to implement. The signing need to be implemented in the linker, and the user should be able to make his own choices about which keys to trust.
a locked file on a HFS(+) volume.
Forgive my ignorance, but is that feature similar to 'chattr +i' on an ext2 filesystem?
copy protection schemes
I'm not trying to copy any copyprotected software. I'm just trying to run my own software. If their mechanism prevents me from doing that, I don't call that a copy protection scheme.
I'm sure there is a name for a mechanism whose primary purpose is to prevent the competitors software from running, and I'm also sure you can find countries where this mechanism is illegal.
How does people like the idea of making a Linux version with support for Palladium? Of course it could turn out few people want to use it, but that is not the primary goal either. What is more interesting is, that some big companies might try to stop the project. And maybe we can get those companies break the law, which might help us at a later time in court.
Salon's attempt to /. Slashdot
Which site has the largest number of zombies reading the articles and clicking on all the links?
Are you willing to violate laws to run Linux?
I don't have to. Even if Microsoft owns some patent, it doesn't change anything. Their patent is not valid where I live. It even seems to be the case, that I'm allowed to reverse engineer their software, if that is the only way to get Linux running.
And then you might say, Microsoft can do enough lobying to get other products forbidden by law. Now I'm gonna compare this to countries that already have laws limiting peoples freedom. What do we say about people breaking the laws in those countries? Do we call them criminals? No, we don't, we say they are fighting for their freedom.
I guess in case laws are changed in favour of Microsoft, I'm willing to violate them, because I think that is the right thing to do.
There are two possible explanations:
- It is a feature you do not understand.
- It is a bug.
Of course some people will claim those are the same. In case of a bug, my next comment has to be: fsck. (I don't even know if you can do that on Mac OS X, but it should be possible.)In that case, you are on the wrong thread. This discussion is about the kernel configuration utility. This is not a utility any newbie should ever touch. The people at Debian, Mandrake, Redhat, and all the others could be going to use this utility to configure the kernel for their distributions. But this is in no way related to the hardware detection and setup you are talking about.
.config file that came with his distribution and then just use "make oldconfig". A graphical version of oldconfig, that provides help about the options and sane defaults, is the best we can do to help newbies that insist on compiling their own kernels.
The installation and configuration utilities you are talking about are developed mostly by the individual distributors, and is a completely different issue.
If a newbie want to compile his own kernel, he should use the
Except from this the newbies should only use the kernel configuration utility if they know exactly what option they need to change.
IIRC there are still three parties larger than Dansk Folkeparti. Though the party is not yet that large it cannot be ignored. The amount of progress this party has made the last few years is scarry. I live in Denmark, but I never had and never will vote for Dansk Folkeparti.
Sometimes it sounds like people from the rest of the world thinks almost the entire Danish population supports Dansk Folkeparti, that is not the case.
During the campaign before the last election, the media made it sound like everybody had to support either Venstre or Socialdemokratiet. Personally I'd rather have the best from both sides than having to choose between the two.
it figures out how to get it working, and does so.
You say it like it is some kind of magic. There is no magic to this, somebody has to figure out how the hardware is working. If you don't want to figure that out by yourself, you shouldn't compile your own kernels. All distributions comes with precompiled kernels, and you can usually also download precompiled updates.
BTW I found almost everything I needed to know about CD recording in the CD-Writing-HOWTO.
Guess not... I just went to it, and the server is still up.
They actually have two servers. The one is serving a frameset and a single frame with some javascript. The other server is serving images and video. Do I need to say I can only get in touch with one of the two servers?
Right after reading this article by pure coincidence I just spotted a label on the USB cable that came with the cable modem from my ISP: "MADE IN CHINA".
Really? I couldn't find that mentioned anywhere.
OTOH the article says this: Part of you thrills to see the brash Kozmo.com co-founder sweating it out with other B-schoolers. Doesn't sound like he is a professor.
And searching on Google gave me this: Your search - "Joe Park" "Harvard Business School" - did not match any documents.
Not yet. I actually suceeded in a search there. Of course when doing my first search I forgot to write the words backwards.
But I actually found a detail they didn't get working right. Though every word is written backwards, they didn't get every letter mirrored. So looking at the page through a mirror is not going to give the right result.
- Then: Kozmo.com
- Now: Harvard Business School
I never heard of Joe Park or kozmo.com, but It does sound like this person finally found out there was something he should have learned before starting his adventure.I'd rather ask: Who is trusting Palladium? Should I trust Palladium? So far I have not been given any reason to trust it. Is this all about Microsoft trusting no people, and thus wanting to build computers they can trust instead?
A device that can extract 1000 words from a picture?
Why would anybody want that? We all know, that a picture is worth more than 1000 words.
whether anybody should trust Verisign's assurance
The answer to this question is mostly decided by browsers. Most browsers contains a default list of trusted certificate authorities. The user can change this list, but very few users does.
Ah, I see. Most manuals was however printed with black text on white paper.
The original idea was that an exact copy could be made, right?
You are right, we were actually not talking about the same. It is true, that at some layer an exact copy is not possible to make. That is why on top of that layer a new layer is introduced with error correction codes. By messing up the whole stuff, you can make disks, where the original and copy can be distinguished. But this also introduces problems like medias vulnurable to scratches and the like.
Now what I was talking about is the fact, that although you can distinguish the disks, this in itself doesn't prevent the copy from being used. Something more is needed. First of all you need hardware, that will do the checks or allow software to do so. And if the checks are done in software, that software should be in the box, not on the disk. Because if it was on the disk, it could just be removed from the copy.
This kind of protection in the hardware is going to annoy some users. So I'm wondering, how many playstations would they sell, if people couldn't by the mod chip.
if you can make a bit by bit copy, with whatever magic software, why do devices like modchips even exist.
Maybe because some people wants to run other software. Even if they could run copies, that might not allow them to run software not approved by the manufacturer of the box.
Now imagine the situation where MS produces a new box, but when you buy such a box you are not allowed to run software not approved by MS. Of course they are never going to approve Linux, so we need a mod chip. Maybe this isn't even something we have to imagine. Read more
If this is isn't illegal
I live in a country where the law says, that a person who has the right to use a program is allowed to make changes to the program if that is necesarrry to use the program - including bugfixes. In my case the change was necesarry for me to use the program, and I didn't change the actual program, just put a layer between the floppydriver and the program.