Actually the notion that AES or any other quality cipher can be broken via brute-force rather than a clever mathematical attack is wrong. There is a great paper on this topic called "Ultimate physical limits to computation". You can grab a copy from http://arxiv.org/abs/quant-ph/9908043
The basic idea is this: moving from one state to another in a brute force algorithm requires some (small) amount of energy. Assuming in the future we reduce this energy to a small factor of Planck's constant, just cycling a 2^128 bit counter would require so much energy that we'd have to boil the oceans. 2^256 would require us to convert the matter in the universe directly into energy.
...found in heavily encrypted computer files...
What does this mean anyways? Clearly is must have been weak encryption if they got access to the data. Or did they get access to the keys? I'm tired of seeing terms like military-grade or heavy when it come to encryption.
The media is very bad about making encryption out to be some evil technology only used by terrorist and child pornographers. A few wording changes would fix this. "Encryption" is the new "hacker".
Come on.. what kind of software security company does this ??
Very few which is why IronPort has a better grasp on what is really going on than a lot of others. In order for the anti-malware industry to be effective it needs to understand the economics behind the malware industry. Spam continues to be effective because people continue to purchase products advertised in spam. Among other things, determining the authenticity of the drugs being sold helps to gauge if pharmaceutical business is all first-time customers or repeat customers.
Different solving algorithms are used for half versus quarter counting metrics. Although I'm not positive, I'm pretty sure the superflip+4spot is only interesting in quarter turns.
The algorithm I use to solve the superflip is 18 half turns and 2 quarter turns. If I were to count half turns as 2 quarter turns, it would not be a particularly efficient quarter turn solution. I've never met a cuber who counter in quarter turns but I can see how it is an interesting counting method for mathematicians and computer scientists.
Most every cuber believes the limit _is_ 20. There is only one known permutation that requires 20 moves and it is called the "super flip". In it, every edge and corner piece are in their correct positions but all the faces have the opposite orientation. It makes for a nice checkered pattern. It is the symmetry of the scramble and the lack of known permutations "harder" than the super flip that lend a strong argument to 20 being the max.
Two major problems with these numbers. First, they cover 6 years in which technology has become significantly more pervasive. Second, they were done by the Secret Service which is not a generic computer crime organization. The study should have been about how the Secret Service still deals with a much higher percentage of physical identity theft than electronic even though electronic id theft has become a lot more common.
Unfortunately, this paper completely misses the point. This paper is not so much about detecting a VM based rootkit so much as it is about detecting VMs in general. The authors argue is that if you detect a VM when you aren't expecting to, you've found a rootkit. Joanna's argument is that in a few years, everything is going to be using VM technology and you won't be able to tell a "good" VM from a "bad" one.
See virtualization-detection-vs-blue-pill and her presentation on the subject here. No one ever said that detecting a virtual machine is impossible. They are saying discriminating between malicious and non-malicious VMs is impossible.
Thank you. I was going to point this out -- at least one person in this world isn't an idiot. I bet if they got rid of images the lowered CPU cycles not processing images would save a few baby whales or a jungle or some stupid shit like that.
I've been running a Hyperthreaded Linux box for a few years now. The only test I've done of Hyperthreading is running make -j2 with it on and off. On my P4 2.8 (single proc, 2GiB of ram) Hyperthreading makes a long compilation about 25%-30% faster. I doubt it helps many standard apps much but it really helps make.
Unfortunately the universe doesn't work like that. It's easy as a human being to imagine being at the supernova event in the Eagle Nebula and then back at Earth instantaneously, outrunning the light that will take 6000 years to reach Earth. The order of events (or even their simultaneity) is based on frame of reference.
The parent poster is incorrect about the supernova not happening yet in our frame of reference though. In our frame of reference, it happened between 1000 and 2000 years ago. It is the shockwave that hasn't yet reached the pillars in our frame of reference.
I had to listen to the first 20 minutes of this 22 minute recording before I understood how 3 different Verizon reps on the phone could all make the exact same mistake. If it took me 20 minutes before I could see it wrong and it took them at least 22 minutes before they could see it right, that must make them 440 times stupider than me. Damn math is a bitch.
I don't see much of a problem here. The people who purchased had the money, theirs or not they should get the product. If I can afford dozens of PS3s and can afford to pay dozens of bums to stand in line and buy them, then I'll get dozens of PS3s. How can their be a law against that in a country that regards itself as free (Japan)?
You are off by 3 orders of magnitude. In fact, even the highest resolution I know of, 2560 x 1600 x 32bpp x 60fps, is a little shy of 8Gbps -- certainly no where near even 1Tbps.
The bag is made out of nylon, there aren't any hidden parts, and I only ever carry clothing and 1-3 magazines. Anything that isn't soft would puncture it. I don't think the decision to search it is being made after it is x-ray'd -- I think it is a visual inspection choice.
I have a large camouflage pattern duffel bag that I've been traveling with over the last two years. Every time I arrive at my destination I find one of those long TSA slips in my bag informing me that it was randomly selected for search. In over twelve trips with this bag, it has never NOT been 'randomly' selected. I don't care if my bag is searched, but it makes me wonder how realistic it is to expect a camouflage bag to more of a risk than some other bag.
> The only time you would have to a fresh install is if you went from pro to home.
"Corporate" is just Pro with a Volume License Key (VLK). Going from Pro->Home is no different than Corp->Home. You can't repair between versions without running into trouble.
A "repair" will often fail when repairing between different versions of Windows (Home/Pro, Media Center/Pro, etc). I agree that a repair is a lot cleaner than what I suggested but it is less likely to get the job done.
Between the different versions, (home, pro, media center) and the different sub versions (upgrade, full, OEM, corp) the number of Windows CDs needed for people who do this daily is ridiculous.
For all the people saying just buy Windows and change the key - there is a good chance this *wont* work. In principle changing the key does work - the trick is getting a legal key for the version installed.
Your parents probably installed a Corporate copy of XP. This doesn't take the same keys as Home so they can't just walk down to Best Buy and get a key that is going to work.
In fact, there are a number of different key types including:
* XP Home * XP Home OEM * XP Pro * XP Pro OEM * XP Corporate (and more)
Assuming your parents installed Corporate, they still need to buy a legal copy of Windows, yes, but they won't be able to pop the key in and go on their merry way. They will need to do what is knows an a "In place install". This isn't the cleanest way to do things but will make sure all their files are left intact (all settings including the entire registry are lost). Boot off the new disk:
The first menu is going to ask you to install, go to the recovery console, or quit. Choose install by hitting enter.
The second menu is a license agreement, hit F8.
The third menu is going to show the existing Windows installation, choose to install on top of it. You will be warned about an existing Windows install there and be given the option of deleting the existing %systemroot% folder and continuing.
Choosing this option will not delete anything on the drive other that what is in the windows folder. All of their files will still be available by navigating to the "Documents and Settings" folder.
I know it is a dirty mess but it is the only way to go from one version of Windows to another while still retaining the contents of the hard drive.
Slashdot Mirror
Actually the notion that AES or any other quality cipher can be broken via brute-force rather than a clever mathematical attack is wrong. There is a great paper on this topic called "Ultimate physical limits to computation". You can grab a copy from http://arxiv.org/abs/quant-ph/9908043
The basic idea is this: moving from one state to another in a brute force algorithm requires some (small) amount of energy. Assuming in the future we reduce this energy to a small factor of Planck's constant, just cycling a 2^128 bit counter would require so much energy that we'd have to boil the oceans. 2^256 would require us to convert the matter in the universe directly into energy.
...found in heavily encrypted computer files...What does this mean anyways? Clearly is must have been weak encryption if they got access to the data. Or did they get access to the keys? I'm tired of seeing terms like military-grade or heavy when it come to encryption.
The media is very bad about making encryption out to be some evil technology only used by terrorist and child pornographers. A few wording changes would fix this. "Encryption" is the new "hacker".
Very few which is why IronPort has a better grasp on what is really going on than a lot of others. In order for the anti-malware industry to be effective it needs to understand the economics behind the malware industry. Spam continues to be effective because people continue to purchase products advertised in spam. Among other things, determining the authenticity of the drugs being sold helps to gauge if pharmaceutical business is all first-time customers or repeat customers.
Different solving algorithms are used for half versus quarter counting metrics. Although I'm not positive, I'm pretty sure the superflip+4spot is only interesting in quarter turns.
The algorithm I use to solve the superflip is 18 half turns and 2 quarter turns. If I were to count half turns as 2 quarter turns, it would not be a particularly efficient quarter turn solution. I've never met a cuber who counter in quarter turns but I can see how it is an interesting counting method for mathematicians and computer scientists.
Most every cuber believes the limit _is_ 20. There is only one known permutation that requires 20 moves and it is called the "super flip". In it, every edge and corner piece are in their correct positions but all the faces have the opposite orientation. It makes for a nice checkered pattern. It is the symmetry of the scramble and the lack of known permutations "harder" than the super flip that lend a strong argument to 20 being the max.
Two major problems with these numbers. First, they cover 6 years in which technology has become significantly more pervasive. Second, they were done by the Secret Service which is not a generic computer crime organization. The study should have been about how the Secret Service still deals with a much higher percentage of physical identity theft than electronic even though electronic id theft has become a lot more common.
Unfortunately, this paper completely misses the point. This paper is not so much about detecting a VM based rootkit so much as it is about detecting VMs in general. The authors argue is that if you detect a VM when you aren't expecting to, you've found a rootkit. Joanna's argument is that in a few years, everything is going to be using VM technology and you won't be able to tell a "good" VM from a "bad" one.
See virtualization-detection-vs-blue-pill and her presentation on the subject here. No one ever said that detecting a virtual machine is impossible. They are saying discriminating between malicious and non-malicious VMs is impossible.
Thank you. I was going to point this out -- at least one person in this world isn't an idiot. I bet if they got rid of images the lowered CPU cycles not processing images would save a few baby whales or a jungle or some stupid shit like that.
Haxdoor is not a virus, it is a Backdoor/Trojan.
I've been running a Hyperthreaded Linux box for a few years now. The only test I've done of Hyperthreading is running make -j2 with it on and off. On my P4 2.8 (single proc, 2GiB of ram) Hyperthreading makes a long compilation about 25%-30% faster. I doubt it helps many standard apps much but it really helps make.
Unfortunately the universe doesn't work like that. It's easy as a human being to imagine being at the supernova event in the Eagle Nebula and then back at Earth instantaneously, outrunning the light that will take 6000 years to reach Earth. The order of events (or even their simultaneity) is based on frame of reference.
The parent poster is incorrect about the supernova not happening yet in our frame of reference though. In our frame of reference, it happened between 1000 and 2000 years ago. It is the shockwave that hasn't yet reached the pillars in our frame of reference.
I had to listen to the first 20 minutes of this 22 minute recording before I understood how 3 different Verizon reps on the phone could all make the exact same mistake. If it took me 20 minutes before I could see it wrong and it took them at least 22 minutes before they could see it right, that must make them 440 times stupider than me. Damn math is a bitch.
...and this post doesn't have a body
No, I'm assuming outgoing port 25, 587, and 465 are blocked and the email MUST come off the ISP's mail server.
If more ISPs did egress filtering of email this sort of thing would be harder to do.
I don't see much of a problem here. The people who purchased had the money, theirs or not they should get the product. If I can afford dozens of PS3s and can afford to pay dozens of bums to stand in line and buy them, then I'll get dozens of PS3s. How can their be a law against that in a country that regards itself as free (Japan)?
I doubt anyone here is actually surprised by this. Since when has Microsoft ever done anything truly for the good of OSS?
You are off by 3 orders of magnitude. In fact, even the highest resolution I know of, 2560 x 1600 x 32bpp x 60fps, is a little shy of 8Gbps -- certainly no where near even 1Tbps.
The bag is made out of nylon, there aren't any hidden parts, and I only ever carry clothing and 1-3 magazines. Anything that isn't soft would puncture it. I don't think the decision to search it is being made after it is x-ray'd -- I think it is a visual inspection choice.
I have a large camouflage pattern duffel bag that I've been traveling with over the last two years. Every time I arrive at my destination I find one of those long TSA slips in my bag informing me that it was randomly selected for search. In over twelve trips with this bag, it has never NOT been 'randomly' selected. I don't care if my bag is searched, but it makes me wonder how realistic it is to expect a camouflage bag to more of a risk than some other bag.
True. I was operating under the assumption that the new legal copy of Windows would be Home, not Pro.
"Corporate" is just Pro with a Volume License Key (VLK). Going from Pro->Home is no different than Corp->Home. You can't repair between versions without running into trouble.
A "repair" will often fail when repairing between different versions of Windows (Home/Pro, Media Center/Pro, etc). I agree that a repair is a lot cleaner than what I suggested but it is less likely to get the job done. Between the different versions, (home, pro, media center) and the different sub versions (upgrade, full, OEM, corp) the number of Windows CDs needed for people who do this daily is ridiculous.
For all the people saying just buy Windows and change the key - there is a good chance this *wont* work. In principle changing the key does work - the trick is getting a legal key for the version installed.
Your parents probably installed a Corporate copy of XP. This doesn't take the same keys as Home so they can't just walk down to Best Buy and get a key that is going to work.
In fact, there are a number of different key types including:
* XP Home
* XP Home OEM
* XP Pro
* XP Pro OEM
* XP Corporate
(and more)
Assuming your parents installed Corporate, they still need to buy a legal copy of Windows, yes, but they won't be able to pop the key in and go on their merry way. They will need to do what is knows an a "In place install". This isn't the cleanest way to do things but will make sure all their files are left intact (all settings including the entire registry are lost). Boot off the new disk:
The first menu is going to ask you to install, go to the recovery console, or quit. Choose install by hitting enter.
The second menu is a license agreement, hit F8.
The third menu is going to show the existing Windows installation, choose to install on top of it. You will be warned about an existing Windows install there and be given the option of deleting the existing %systemroot% folder and continuing.
Choosing this option will not delete anything on the drive other that what is in the windows folder. All of their files will still be available by navigating to the "Documents and Settings" folder.
I know it is a dirty mess but it is the only way to go from one version of Windows to another while still retaining the contents of the hard drive.
You live in a cube? How have you retained your individuality?