You can create keys that are so big that it would take (almost) endless time on (almost) endless computers. Think of a computer from each molecule in the universe, at a currently unatainable speed. Then calculate 2^8192, for e.g. a 8kb RSA keypair:
It would take 10907481356194159294629842447337828624482641619962 326924318327861897\ 21331849119295216264234525201 987223957291796157025 273109870820177184\ 06361097976507755479907890629 884219298953860982522 804820515969685161\ 35916381967718865426093245601 212905539018863010179 002525357999172000\ 10079600026535836800905297805 880952350501630195475 653911005312364560\ 01484742603529355124584392891 875276869627934408805 561751569434994540\ 66778251408149006161059202564 385045780133264935658 360472424073824428\ 12245131517757519164899226365 743722432277368075027 627883045206501792\ 76170094569916849725787968385 173704999690096112051 565505011556127149\ 14925153421057489666295470327 863215057308284302216 649703243961386352\ 51626409516168005427623435996 308921691446181187406 395310665404885739\ 43483287742816740749537099351 186875635997039011702 182361674945862096\ 98570062636120827067154081570 665751372810270223109 275649102767591605\ 20878304632411049364568754920 967322982459184763427 383790272448438018\ 52697776494107271561158043469 082745933999196141424 274141059911742606\ 05564837637563145276113626586 283833686211579936380 208785376755453367\ 89915694234433955666315070087 213535470255670312004 130725495834508357\ 43965382893607708097855057891 296790735278005493562 156109079584517295\ 41159729274798775277385600082 041185589300047777487 277618538135104938\ 40581861598652211605960308356 405941821189714037868 726219481498727603\ 65361629885617482241303348543 878532402475141941718 301228107820972930\ 35373728045743720952287036227 763639452908698062584 223551485075710396\ 19387449629866808188769662815 778153079393179093143 648340761738581819\ 56300299442279075495506128881 830843007964869323217 915876591803556521\ 61571154029921202761556078731 079374774668415283629 877086994501520312\ 31862594203085693838944657061 346236704234026821102 958954951197087076\ 54618662279629453645162075650 935101890602377382153 953277620867697858\ 97319663303088933046651694361 850783506415683369445 300514374913112988\ 34367265238595404904273455928 723949525227184617404 367854754610474377\ 01976802557660588103807727070 771794222197709038543 858584409549211609\ 98525389039746557039439730860 909305969633607675299 649384145981857059\ 63754561497355827813623833288 906309004288017321424 808663962671333528\ 00923275835087305961411872378 142210146019861574738 685509689608918918\ 04413395585248228675411132126 387936755676503403629 700319300233978284\ 65318547238244232028015189689 660418822976000815437 610652254270163595\ 65087543385114712321422726660 540358178146909080657 646895058766199718\ 6505665475715792896 iteratio ns to crack this using a (very dumb) brute force attack. Actually - with a bit of luck - you would find it in half the number of iterations but you get the idea. For comparison, there are only about 4000000000000000000000000000000000000000000 0000000 000000000000000000\ 00000000000 atoms in the universe.
Crypto-analists will have to look at smarter ways to crack keys than this, otherwise the cryptographers will always pull the long end. "Really bloody hard to crack" is not even starting to describe this.
"Or maybe just because they can crack RSA/DSA they prefer to protect USbusiness with ECC (supposed to be harder to crack)?"
I never understood parentheses within quotes. Did he whisper that part, or are we talking about an interview on an IRC channel? I've once tried to read a book that was filled with parentheses within quotes. Those books should be ritually burned.
Yes, it does feel like that. And anyone that has read anything from Sneider will see that he is just repeating the things he has always said. And that at a very high level, without the interesting details.
So this is mostly targeted at the uninitiated. Fortunately, with cryptography, that's about 99.9% of the population.
Bluetooth operates on both low level as relatively high level (application level). This gives it an distinct advantage over other technologies like WiFi, Wireless USB etc. etc. Furthermore, it is relatively cheap to implement, and does not take much power. WiFi headphones, for example, would take too much energy, and would have to operate on a specific protol on top of the default Ethernet or TCP/IP. And they would be more expensive as well.
Java fixes this foremost by not allowing pointer arithmetic. You can program some structures better with goto statements as well, but there is a good reason why they are gone. Pointer arithmetic is the next goto statement. It can be usefull, and sometimes it is difficult to do without (ie embedded or kernel level programming).
99 out of a 100 you don't pointer arithmetic, and 5 times out of a hundred it will introduce a hard to fix runtime error. Experienced programmers should only be allowed to do it, if it wasn't for the fact that everybody things he/she is one of those.
Because people would go an alter the code, like they are supposed to. Then you will have questions about integrating that code into the branches that still have to be released, messing up your time schedule. Knowing the way applications are developed, you can be pretty sure this will happen. But that's just my guess on why they shouldn't do this.
Knowing Sun, they are not going for a "it barely works" first release. These guys are quite serious about maintaining correct code. This is one of the things that OSS does *not* excel in particularly.
People are always screaming at Sun to open source things (e.g. Java) but I wonder if the software quality would remain at the same high level as it is now. The good thing of Open Solaris is that drivers will be hacked, and Sun could take advantage of that. Let's hope it won't screw up their version management.
From what I've seen, solaris is a very high quality, stable operating system. The only crash I ever saw from Solaris machines at the university was related to the floppy drive cable, which messed up communications inside the sparcstation.
Pft, you think you are unlucky? I lived in a rural area in the Netherlands when I got my first computer, a Z80 based MSX. No internet, my parents would not have let me have a modem, and all the guys that got computers (the whole handfull of them) only were interested in C64 games. Fortunately it came with a BASIC manual. Seriously, find some computer club or something in your neighbourhood, or place some ad in your local newspaper under the nerd seeks nerd section.
Darn, I am using the ? operator to maybe print something on screen. Now I'll have to rewrite all my code. Oh wait, I'll create a macro for it to clear things up...
This is the register you are talking about. Yes, they leave mistakes even if you point them out. Hell, they have heard about editing, they just don't want to have anything to do with it. Heck, they even don't check if the HTML they are writing is valid, though most of that seems to happen @ mikes new place, the inquirer nowadays. But they are quick with news, and their front page is easy to read.
Does anyone else think it is strange to install a supercomputer years before this telescope gets deployed? Processors do get faster and faster all the time.
Even though this telescope will not be placed in the most densily populated area, the Netherlands is hardly the place to go looking for 350 KM^2 of land to put a radio telescope on. It's nice for business and science here, but putting it on a field somewhere in East Germany, Tsech Republic etc. might be more economic.
Though I can understand that Microsoft only releases Win64 with boxen that work, I do feel a bit awkward.
First Win64 is ready for beta testing and prime time just when Intel readies it's compatible processors. Now Win64 is only sold preinstalled. This market is predominantly Intels, where AMD is more used for upgrades.
Am I starting to get paranoid, or do I feel a strong Intel backing from Microsoft. I'm undecided as yet.
One of the big points of Gmail is the ability to check your email from anywhere. This is not only the case with Google of course. If you would put the email on your own computer, you would not be able to view it from the library, on vacation, work, whatever. Furthermore, you have the hassle of backing up your data. One thing that is always plagueing me. I do not have the time nor the incentive to backup my home system.
Yeah, fortunately Exchange never makes a mistake. You should have seen the mails some (misconfigured) Exchange systems manage to create. Scarred beyond recognition. So you might want to check out which IMAP server you use as well.
Note: actually, if not for the scarred beyond recognition thingy, Exchange is a pretty featured IMAP server, afaik. I would not recommend it for end users though.
True, but we are still pretty far away from a general way of cracking hashes. All the strong hash algo's are currently based on the same ideas. This means that if you crack one of them (MD5 for instance) then the other ones would probably easier to crack as well. Still, more bits probably means more difficult to crack in practice.
Note that I would feel pretty safe with a SHA-256, 384 and 512, but I second the idea of Bruce Sneider that we need another government sponsored race for new ones (see practical cryptography by that writer and check his site).
IF you are going to use a different hash, add a CRC at the end, and then do a complete one-way hash over that message. CRC's are pretty different from secure hashes afaik.
I strongly object against calling people without valid papers criminals. They haven't done anything to harm you or anyone else.
In all probability the western society has a large part in keeping the countries poor as well, yet when these people knock on the door for (economic) support they are called and treated as being criminals by utter bastards like you.
You can't let everyone share our well earned riches (*kuch*), so you might want to try to keep a large proportion out for economic reasions, but just don't come knocking on my door about them being criminals.
You don't leave country, friends and family lightly. I would like to see you in the position they are in, and see how *you* would fare.
Humans are just the tool that our genes use to make more genes.
From that perspective, my personal death is NOT as important as the continuation of my children.
Pfft, I tend to look at that from MY perspective, not of that of my genes. Not that I actually HAVE any other perspective, and genes certainly don't HAVE perspectives, let alone tools.
Most parents know this at the instinctual level.
That's an oxymoron if I ever saw one. That we love our children - and stuff with lots of fat put into it is clearly due to evolution. People tend to use it for their own purposes though, and lots of other things have nothing to do with evolution. We are not just a bunch of genes *anymore*.
The argument that says I'm going to die - what to I care about the rest of humanity - is clearly bogus for most humans. All life on earth strives harder to pass on genetic information than to survive as an individual. That's why we age - and why we fall apart much more rapidly after child-rearing age is past.
What a nice biological view of live expressed here. One of the things that sets us apart from the other living things down here is that we tend to break the laws set for us. I wouldn't mind dying like that - mostly because I would not have time minding dying like that.
This all said, if I could safe someone nice, preferably myself, then I would. If I thought the person to safe was a total looser, well, evolution be fucked, good bye gene pool.
Sorry, but I tend to live in a society. It is clearly an advantage if I live up to great age supporting my kids and family and ensure their survival. You just have selection on a higher level scale.
Posting on slashdot at this time, it's clear that I don't have either, so this is all pretty theoretical stuff anyway.
Slashdot Mirror
You can create keys that are so big that it would take (almost) endless time on (almost) endless computers. Think of a computer from each molecule in the universe, at a currently unatainable speed. Then calculate 2^8192, for e.g. a 8kb RSA keypair:
2 326924318327861897\1 987223957291796157025 273109870820177184\9 884219298953860982522 804820515969685161\1 212905539018863010179 002525357999172000\5 880952350501630195475 653911005312364560\1 875276869627934408805 561751569434994540\4 385045780133264935658 360472424073824428\5 743722432277368075027 627883045206501792\5 173704999690096112051 565505011556127149\7 863215057308284302216 649703243961386352\6 308921691446181187406 395310665404885739\1 186875635997039011702 182361674945862096\0 665751372810270223109 275649102767591605\0 967322982459184763427 383790272448438018\9 082745933999196141424 274141059911742606\6 283833686211579936380 208785376755453367\7 213535470255670312004 130725495834508357\1 296790735278005493562 156109079584517295\2 041185589300047777487 277618538135104938\6 405941821189714037868 726219481498727603\3 878532402475141941718 301228107820972930\7 763639452908698062584 223551485075710396\5 778153079393179093143 648340761738581819\1 830843007964869323217 915876591803556521\1 079374774668415283629 877086994501520312\1 346236704234026821102 958954951197087076\0 935101890602377382153 953277620867697858\1 850783506415683369445 300514374913112988\8 723949525227184617404 367854754610474377\0 771794222197709038543 858584409549211609\0 909305969633607675299 649384145981857059\8 906309004288017321424 808663962671333528\8 142210146019861574738 685509689608918918\6 387936755676503403629 700319300233978284\9 660418822976000815437 610652254270163595\0 540358178146909080657 646895058766199718\o ns to crack this using a (very dumb) brute force attack. Actually - with a bit of luck - you would find it in half the number of iterations but you get the idea. For comparison, there are only about0 0000000 000000000000000000\
It would take 1090748135619415929462984244733782862448264161996
2133184911929521626423452520
0636109797650775547990789062
3591638196771886542609324560
1007960002653583680090529780
0148474260352935512458439289
6677825140814900616105920256
1224513151775751916489922636
7617009456991684972578796838
1492515342105748966629547032
5162640951616800542762343599
4348328774281674074953709935
9857006263612082706715408157
2087830463241104936456875492
5269777649410727156115804346
0556483763756314527611362658
8991569423443395566631507008
4396538289360770809785505789
4115972927479877527738560008
4058186159865221160596030835
6536162988561748224130334854
3537372804574372095228703622
1938744962986680818876966281
5630029944227907549550612888
6157115402992120276155607873
3186259420308569383894465706
5461866227962945364516207565
9731966330308893304665169436
3436726523859540490427345592
0197680255766058810380772707
9852538903974655703943973086
6375456149735582781362383328
0092327583508730596141187237
0441339558524822867541113212
6531854723824423202801518968
6508754338511471232142272666
6505665475715792896
iterati
400000000000000000000000000000000000000000
00000000000
atoms in the universe.
Crypto-analists will have to look at smarter ways to crack keys than this, otherwise the cryptographers will always pull the long end. "Really bloody hard to crack" is not even starting to describe this.
"Or maybe just because they can crack RSA/DSA they prefer to protect USbusiness with ECC (supposed to be harder to crack)?" I never understood parentheses within quotes. Did he whisper that part, or are we talking about an interview on an IRC channel? I've once tried to read a book that was filled with parentheses within quotes. Those books should be ritually burned.
Yes, it does feel like that. And anyone that has read anything from Sneider will see that he is just repeating the things he has always said. And that at a very high level, without the interesting details.
So this is mostly targeted at the uninitiated. Fortunately, with cryptography, that's about 99.9% of the population.
Bluetooth operates on both low level as relatively high level (application level). This gives it an distinct advantage over other technologies like WiFi, Wireless USB etc. etc. Furthermore, it is relatively cheap to implement, and does not take much power. WiFi headphones, for example, would take too much energy, and would have to operate on a specific protol on top of the default Ethernet or TCP/IP. And they would be more expensive as well.
Java fixes this foremost by not allowing pointer arithmetic. You can program some structures better with goto statements as well, but there is a good reason why they are gone. Pointer arithmetic is the next goto statement. It can be usefull, and sometimes it is difficult to do without (ie embedded or kernel level programming).
99 out of a 100 you don't pointer arithmetic, and 5 times out of a hundred it will introduce a hard to fix runtime error. Experienced programmers should only be allowed to do it, if it wasn't for the fact that everybody things he/she is one of those.
And yes, all arrays and strings are checked.
Because people would go an alter the code, like they are supposed to. Then you will have questions about integrating that code into the branches that still have to be released, messing up your time schedule. Knowing the way applications are developed, you can be pretty sure this will happen. But that's just my guess on why they shouldn't do this.
Knowing Sun, they are not going for a "it barely works" first release. These guys are quite serious about maintaining correct code. This is one of the things that OSS does *not* excel in particularly.
People are always screaming at Sun to open source things (e.g. Java) but I wonder if the software quality would remain at the same high level as it is now. The good thing of Open Solaris is that drivers will be hacked, and Sun could take advantage of that. Let's hope it won't screw up their version management.
From what I've seen, solaris is a very high quality, stable operating system. The only crash I ever saw from Solaris machines at the university was related to the floppy drive cable, which messed up communications inside the sparcstation.
Pft, you think you are unlucky? I lived in a rural area in the Netherlands when I got my first computer, a Z80 based MSX. No internet, my parents would not have let me have a modem, and all the guys that got computers (the whole handfull of them) only were interested in C64 games. Fortunately it came with a BASIC manual. Seriously, find some computer club or something in your neighbourhood, or place some ad in your local newspaper under the nerd seeks nerd section.
Pfft. Everyone knows that liquid nitrogen just kills liquid metal.
In other news, slashdot ate my "<".
Darn, I am using the ? operator to maybe print something on screen. Now I'll have to rewrite all my code. Oh wait, I'll create a macro for it to clear things up...
This is the register you are talking about. Yes, they leave mistakes even if you point them out. Hell, they have heard about editing, they just don't want to have anything to do with it. Heck, they even don't check if the HTML they are writing is valid, though most of that seems to happen @ mikes new place, the inquirer nowadays. But they are quick with news, and their front page is easy to read.
Does anyone else think it is strange to install a supercomputer years before this telescope gets deployed? Processors do get faster and faster all the time.
Even though this telescope will not be placed in the most densily populated area, the Netherlands is hardly the place to go looking for 350 KM^2 of land to put a radio telescope on. It's nice for business and science here, but putting it on a field somewhere in East Germany, Tsech Republic etc. might be more economic.
Anyway, I'm buying stock in the storage business.
See dupe.
Yeah, and Newton did not discover gravity. All the other people did when they fell off the stairs.
Though I can understand that Microsoft only releases Win64 with boxen that work, I do feel a bit awkward.
First Win64 is ready for beta testing and prime time just when Intel readies it's compatible processors. Now Win64 is only sold preinstalled. This market is predominantly Intels, where AMD is more used for upgrades.
Am I starting to get paranoid, or do I feel a strong Intel backing from Microsoft. I'm undecided as yet.
Use classic folder view, which turns off the idiot web page thingy MS put in. If this is still possible in XP.
I'm probably one of the view that has created personal menu's in the web view. They can be handy, but normally I prefer classic folders.
One of the big points of Gmail is the ability to check your email from anywhere. This is not only the case with Google of course. If you would put the email on your own computer, you would not be able to view it from the library, on vacation, work, whatever. Furthermore, you have the hassle of backing up your data. One thing that is always plagueing me. I do not have the time nor the incentive to backup my home system.
Yeah, fortunately Exchange never makes a mistake. You should have seen the mails some (misconfigured) Exchange systems manage to create. Scarred beyond recognition. So you might want to check out which IMAP server you use as well.
Note: actually, if not for the scarred beyond recognition thingy, Exchange is a pretty featured IMAP server, afaik. I would not recommend it for end users though.
Maybe so, but I would still give him a negative travel advise.
True, but we are still pretty far away from a general way of cracking hashes. All the strong hash algo's are currently based on the same ideas. This means that if you crack one of them (MD5 for instance) then the other ones would probably easier to crack as well. Still, more bits probably means more difficult to crack in practice.
Note that I would feel pretty safe with a SHA-256, 384 and 512, but I second the idea of Bruce Sneider that we need another government sponsored race for new ones (see practical cryptography by that writer and check his site).
IF you are going to use a different hash, add a CRC at the end, and then do a complete one-way hash over that message. CRC's are pretty different from secure hashes afaik.
Modern computers already match us in terms of raw power. However, our operating system is *way* cooler, and we get better peripherals :)
It runs a lot cooler as well, even if you compare it to other water cooled systems.
I strongly object against calling people without valid papers criminals. They haven't done anything to harm you or anyone else.
In all probability the western society has a large part in keeping the countries poor as well, yet when these people knock on the door for (economic) support they are called and treated as being criminals by utter bastards like you.
You can't let everyone share our well earned riches (*kuch*), so you might want to try to keep a large proportion out for economic reasions, but just don't come knocking on my door about them being criminals.
You don't leave country, friends and family lightly. I would like to see you in the position they are in, and see how *you* would fare.
Humans are just the tool that our genes use to make more genes.
From that perspective, my personal death is NOT as important as the continuation of my children.
Pfft, I tend to look at that from MY perspective, not of that of my genes. Not that I actually HAVE any other perspective, and genes certainly don't HAVE perspectives, let alone tools.
Most parents know this at the instinctual level.
That's an oxymoron if I ever saw one. That we love our children - and stuff with lots of fat put into it is clearly due to evolution. People tend to use it for their own purposes though, and lots of other things have nothing to do with evolution. We are not just a bunch of genes *anymore*.
The argument that says I'm going to die - what to I care about the rest of humanity - is clearly bogus for most humans. All life on earth strives harder to pass on genetic information than to survive as an individual. That's why we age - and why we fall apart much more rapidly after child-rearing age is past.
What a nice biological view of live expressed here. One of the things that sets us apart from the other living things down here is that we tend to break the laws set for us. I wouldn't mind dying like that - mostly because I would not have time minding dying like that.
This all said, if I could safe someone nice, preferably myself, then I would. If I thought the person to safe was a total looser, well, evolution be fucked, good bye gene pool.
Sorry, but I tend to live in a society. It is clearly an advantage if I live up to great age supporting my kids and family and ensure their survival. You just have selection on a higher level scale.
Posting on slashdot at this time, it's clear that I don't have either, so this is all pretty theoretical stuff anyway.