Hey, that's a bit too general. If I'm not mistaken my Intel G2 has quite a bit of redundant storage, and the Vertex drivers are using GiB instead of GB if I'm not mistaken.
Moreover, since it costs money to evaluate the EEPROM for over 1 million write cycles, 1 million write cycles is what is commonly specified. That more or less means that it has been tested to do *at least* that. I would not be surprised at all that the actual number is substantially higher, even after testing multiple chips. I'm using smart cards that use 100K write cycles for their EEPROM but I was assured this was the verified lower bound. Since the lower bound is much lower on flash chips, it makes more sense to test them to the limit instead of just drawing a line at some power of 10.
No, it's naive and dangerous if you do something and you don't understand the possible consequences, no matter how unfair those consequences are. You are right in the fact that if you continuously make people aware that doing the right thing is dangerous is in itself a dangerous thing to do. There is no discussion there.
Personally I would like to try and make the world a *conscious* place. We should not ignore the way the world works - that leads to things like Soviet communism. I do also think that being conscious means that you are able to rationalize threats and the fear that comes with threats.
Just letting people ignore threats is not an option. They must learn to understand them and deal with them. Only then can they fight the fight that needs to be fought. The lady in the story is not winning anything by ignoring the possible consequences of her deed.
I think we do all degree, so slow down guys. Firing her was terrible, posting something like this is online is in the current climate a dangerous thing to do. It's absolutely something you are allowed to do, but when posting, remember that you will be in the front fighting for your rights. You'll have all our moral support, but that might not buy you any bread. It's only a bit stupid if you don't realize posting online could land you in trouble; the act itself is not stupid if it was well thought out.
I do think that organizing skills are important too - and probably the most important. But if you don't know anything about your business, you're not fit to make business decisions. I can't imagine how you could prioritize anything if you don't know anything about the subject. I'm very glad our CEO came from within company (after spending some time leading another smaller business in the same market.
Many people that are used to snacking would be amazed how few tasty carrot is needed to do away with hunger. Your body just does not crave as much fat as you think it does. As long as you have to order a second dish at McDonalds next to your burger you'll just know that it's not good for you. Besides it containing too much fat, it also just does not provide you with any worthwhile nutriments. You'll feel hungry until you eat too much for your stomach. At least, that's my feeling about it - I haven't conducted a scientific study on it.
Fortunately that was without a major market upset. You can guess what happens to that trash when funding is removed. Or you can just have a look at the countries of the old USSR to have a very visible example. People are *horrible* at preventing incidents over a long time scale.
2^x - 1 does not have to be a prime number at all. E.g. take x =4, you will get 15, which is not a prime number. In that case the question is moot.
If it does constitute a prime number, the answer will be 1 and 2^infinity-1 - because that is the definition of a prime number if I understood math classes correctly.
Internet does not contain the whole of human knowledge, only rather the basics of rather a lot and the specifics of a rather smaller set. And this is coming from an internet junkie. Of course, it does contain the specifics of a lot of computer stuff, which tends to skewer our opinion of it.
And even now you get cheap audio with cross talk and bad DACs. Its stupid but I still use a SB Live Player to play audio, just for the DAC really. Fortunately my PC speaker setup accepts coaxial SPDIF. That makes life much easier.
Must be because EGA could not hold a candle even to an MSX-2 (well, probably even an MSX-1 but the MSX-2 just blew it away). 512 x 212 pixels if I'm not mistaken. And with pretty colors, not those horrible EGA colors. And sprites to make the games perform on a 3 dot something MHz CPU.
As for the sound, any sound chip blew it away, and we already had some digitized sounds too! Blast off!!! [BOSCONIAN] I still find myself whistling some of the game sounds from back then. And some classical music from Jet Set Willy and all those other games that abused the golden oldies from the renaissance.
Somewhat related is one of my favorite fortune cookies:
NOTE: No warranties, either express or implied, are hereby given. All software is supplied as is, without guarantee. The user assumes all responsibility for damages resulting from the use of these features, including, but not limited to, frustration, disgust, system abends, disk head-crashes, general malfeasance, floods, fires, shark attack, nerve gas, locust infestation, cyclones, hurricanes, tsunamis, local electromagnetic disruptions, hydraulic brake system failure, invasion, hashing collisions, normal wear and tear of friction surfaces, comic radiation, inadvertent destruction of sensitive electronic components, windstorms, the Riders of Nazgul, infuriated chickens, malfunctioning mechanical or electrical sexual devices, premature activation of the distant early warning system, peasant uprisings, halitosis, artillery bombardment, explosions, cave-ins, and/or frogs falling from the sky.
That does not help against brute force attacks that just calculate the hashes, it only helps against attacks that use rainbow tables. The salt must be available, so you can still calculate the hash result.
Anyway, you can still see the difference when you simply visit the page, as others have pointed out.
Nope, can't do that. There are two reasons: the hash can be restored to an URL by guessing (brute forcing) the URL, calculating the hash and comparing. And as others pointed out, it can also be found by simply visiting the site.
So it's a thought, but it's not a particularly good one.
No it would not take care of it since it is relatively easy to generate SHA-1 hashes of URL's. You can then just compare with the one used for the settings. For a wife it would be pretty simple to prove that somebody went to the www.verynastypron.com by simply generating the correct hash. It's obfuscation at best. Of course, it's still not so bad as banks claiming they don't know the PIN of a bank card because they only stored the hash, but it's easy to brute force.
And they do this by storing some information on *my* PC where they cannot reach it? What's the point exactly? The freakin info is stored in the local preferences. Yes, it's a - relatively harmless - side channel and no this is not Google being evil.
As for the overlap, high end chips respond to an reader request. If an overlap is detected then the reader will try again. The reader then selects the chip by selecting it through the chips ID (just a couple of bytes, 4 to 7 in case of 14443 for instance). The other chips will then become inactive which mean that they don't respond to subsequent communications. This also means that they don't draw much power so that better communications are possible with the active chip.
In most passports 3 of the 4 bytes are randomized (the other being an indicator byte) - some countries forgot to enable this randomization feature though. Other cards, especially public transport cards normally respond with a unique serial number which can be used to create derived keys to communicate with the card. This obviously has the drawback that the card will send a unique number to anyone with a reader. This was e.g. covered when a guy skimmed US passport cards (which are different from ICAO compliant passports).
I'll just keep my phone with me in a pouch. If that breaks, I'm probably dead anyway. Even then, I don't see the survival rate go up significantly with this kind of solution. Which means that by definition, it will loose against the drawbacks of using it.
It is certainly possible to prove something secure from a mathematical point of view. Since mathematics is more or less self contained, that's all right. Unfortunately, the real world isn't. So then you have all sorts of things to factor in: - errors in the assumptions - setups to avoid detection errors - side channel attacks on the detectors and transmitters - insecurities of the complete protocol - insecurities of the overal system - human errors etc. etc.
The problem with quantum crypto always has been that the above are always more important than the security of any sufficiently strong cipher. And there are plenty sufficiently strong ciphers to choose from. Of course, even if it *currently* does not have a direct application does not mean that research on the matter is useless. Who knows what they'll find, and who knows what crypto-analysis will bring. At least it won't succeed in breaking any provably secure scheme itself.
WWI was not about Hitler Germany or anything. It was basically a war between countries to see who could grab the most riches and colonies - at least as far as I can tell from the little history I got about it. If you look at the history between the US and the UK at that time, I would not think it strange that German subs were considered heroes.
My history is not that good, but I know you have to look at facts like these from the perspective at that time. Not the current perspective, let alone the perspective offered after WWII.
I presume then that they have already turned off all tethering. Other it would not be hard to have another device act as the router, using the droid as a USB modem (it can charge at the same time). Maybe that's a bit of a kludge, but at 30 dollars per month it might be worth it - until somebody hacks the phone of course.
It's my main phone, I'm not in a big hurry to mess too much with it, especially if an official version is coming out in a month or so. It's working rather fine, the faster JVM and bluetooth internet sharing are nice-to-haves for my purposes.
Slashdot Mirror
Hey, that's a bit too general. If I'm not mistaken my Intel G2 has quite a bit of redundant storage, and the Vertex drivers are using GiB instead of GB if I'm not mistaken.
Moreover, since it costs money to evaluate the EEPROM for over 1 million write cycles, 1 million write cycles is what is commonly specified. That more or less means that it has been tested to do *at least* that. I would not be surprised at all that the actual number is substantially higher, even after testing multiple chips. I'm using smart cards that use 100K write cycles for their EEPROM but I was assured this was the verified lower bound. Since the lower bound is much lower on flash chips, it makes more sense to test them to the limit instead of just drawing a line at some power of 10.
What are you proposing? Gather enough slashdotters and watch in 3..2..1..go? Or do you have a special way to delay multicasts and predict the future?
No, it's naive and dangerous if you do something and you don't understand the possible consequences, no matter how unfair those consequences are. You are right in the fact that if you continuously make people aware that doing the right thing is dangerous is in itself a dangerous thing to do. There is no discussion there.
Personally I would like to try and make the world a *conscious* place. We should not ignore the way the world works - that leads to things like Soviet communism. I do also think that being conscious means that you are able to rationalize threats and the fear that comes with threats.
Just letting people ignore threats is not an option. They must learn to understand them and deal with them. Only then can they fight the fight that needs to be fought. The lady in the story is not winning anything by ignoring the possible consequences of her deed.
I think we do all degree, so slow down guys. Firing her was terrible, posting something like this is online is in the current climate a dangerous thing to do. It's absolutely something you are allowed to do, but when posting, remember that you will be in the front fighting for your rights. You'll have all our moral support, but that might not buy you any bread. It's only a bit stupid if you don't realize posting online could land you in trouble; the act itself is not stupid if it was well thought out.
I do think that organizing skills are important too - and probably the most important. But if you don't know anything about your business, you're not fit to make business decisions. I can't imagine how you could prioritize anything if you don't know anything about the subject. I'm very glad our CEO came from within company (after spending some time leading another smaller business in the same market.
Many people that are used to snacking would be amazed how few tasty carrot is needed to do away with hunger. Your body just does not crave as much fat as you think it does. As long as you have to order a second dish at McDonalds next to your burger you'll just know that it's not good for you. Besides it containing too much fat, it also just does not provide you with any worthwhile nutriments. You'll feel hungry until you eat too much for your stomach. At least, that's my feeling about it - I haven't conducted a scientific study on it.
Fortunately that was without a major market upset. You can guess what happens to that trash when funding is removed. Or you can just have a look at the countries of the old USSR to have a very visible example. People are *horrible* at preventing incidents over a long time scale.
2^x - 1 does not have to be a prime number at all. E.g. take x =4, you will get 15, which is not a prime number. In that case the question is moot.
If it does constitute a prime number, the answer will be 1 and 2^infinity-1 - because that is the definition of a prime number if I understood math classes correctly.
Internet does not contain the whole of human knowledge, only rather the basics of rather a lot and the specifics of a rather smaller set. And this is coming from an internet junkie. Of course, it does contain the specifics of a lot of computer stuff, which tends to skewer our opinion of it.
And even now you get cheap audio with cross talk and bad DACs. Its stupid but I still use a SB Live Player to play audio, just for the DAC really. Fortunately my PC speaker setup accepts coaxial SPDIF. That makes life much easier.
...I can't think of a significant advance in sound hardware in many years that wasn't fully dependent on your speaker setup.
Well, they do sell speakers :) Not ones I would buy, but they are reasonably decent. Somewhere between the horrible 10 euro crap and a decent setup.
Must be because EGA could not hold a candle even to an MSX-2 (well, probably even an MSX-1 but the MSX-2 just blew it away). 512 x 212 pixels if I'm not mistaken. And with pretty colors, not those horrible EGA colors. And sprites to make the games perform on a 3 dot something MHz CPU.
As for the sound, any sound chip blew it away, and we already had some digitized sounds too! Blast off!!! [BOSCONIAN] I still find myself whistling some of the game sounds from back then. And some classical music from Jet Set Willy and all those other games that abused the golden oldies from the renaissance.
Somewhat related is one of my favorite fortune cookies:
NOTE: No warranties, either express or implied, are hereby given. All
software is supplied as is, without guarantee. The user assumes all
responsibility for damages resulting from the use of these features,
including, but not limited to, frustration, disgust, system abends, disk
head-crashes, general malfeasance, floods, fires, shark attack, nerve
gas, locust infestation, cyclones, hurricanes, tsunamis, local
electromagnetic disruptions, hydraulic brake system failure, invasion,
hashing collisions, normal wear and tear of friction surfaces, comic
radiation, inadvertent destruction of sensitive electronic components,
windstorms, the Riders of Nazgul, infuriated chickens, malfunctioning
mechanical or electrical sexual devices, premature activation of the
distant early warning system, peasant uprisings, halitosis, artillery
bombardment, explosions, cave-ins, and/or frogs falling from the sky.
My computer is free storage for them? They can get to my browser preferences whenever they want to? Gods, I hope not.
That does not help against brute force attacks that just calculate the hashes, it only helps against attacks that use rainbow tables. The salt must be available, so you can still calculate the hash result.
Anyway, you can still see the difference when you simply visit the page, as others have pointed out.
Nope, can't do that. There are two reasons: the hash can be restored to an URL by guessing (brute forcing) the URL, calculating the hash and comparing. And as others pointed out, it can also be found by simply visiting the site.
So it's a thought, but it's not a particularly good one.
No it would not take care of it since it is relatively easy to generate SHA-1 hashes of URL's. You can then just compare with the one used for the settings. For a wife it would be pretty simple to prove that somebody went to the www.verynastypron.com by simply generating the correct hash. It's obfuscation at best. Of course, it's still not so bad as banks claiming they don't know the PIN of a bank card because they only stored the hash, but it's easy to brute force.
And they do this by storing some information on *my* PC where they cannot reach it? What's the point exactly? The freakin info is stored in the local preferences. Yes, it's a - relatively harmless - side channel and no this is not Google being evil.
There are also posts that it *does* work on later versions.
Hopefully you will now get modded into oblivion showing that the modding system actually works, so I can truly say:
Well done Slashdot!
As for the overlap, high end chips respond to an reader request. If an overlap is detected then the reader will try again. The reader then selects the chip by selecting it through the chips ID (just a couple of bytes, 4 to 7 in case of 14443 for instance). The other chips will then become inactive which mean that they don't respond to subsequent communications. This also means that they don't draw much power so that better communications are possible with the active chip.
In most passports 3 of the 4 bytes are randomized (the other being an indicator byte) - some countries forgot to enable this randomization feature though. Other cards, especially public transport cards normally respond with a unique serial number which can be used to create derived keys to communicate with the card. This obviously has the drawback that the card will send a unique number to anyone with a reader. This was e.g. covered when a guy skimmed US passport cards (which are different from ICAO compliant passports).
I'll just keep my phone with me in a pouch. If that breaks, I'm probably dead anyway. Even then, I don't see the survival rate go up significantly with this kind of solution. Which means that by definition, it will loose against the drawbacks of using it.
It is certainly possible to prove something secure from a mathematical point of view. Since mathematics is more or less self contained, that's all right. Unfortunately, the real world isn't. So then you have all sorts of things to factor in:
- errors in the assumptions
- setups to avoid detection errors
- side channel attacks on the detectors and transmitters
- insecurities of the complete protocol
- insecurities of the overal system
- human errors
etc. etc.
The problem with quantum crypto always has been that the above are always more important than the security of any sufficiently strong cipher. And there are plenty sufficiently strong ciphers to choose from. Of course, even if it *currently* does not have a direct application does not mean that research on the matter is useless. Who knows what they'll find, and who knows what crypto-analysis will bring. At least it won't succeed in breaking any provably secure scheme itself.
WWI was not about Hitler Germany or anything. It was basically a war between countries to see who could grab the most riches and colonies - at least as far as I can tell from the little history I got about it. If you look at the history between the US and the UK at that time, I would not think it strange that German subs were considered heroes.
My history is not that good, but I know you have to look at facts like these from the perspective at that time. Not the current perspective, let alone the perspective offered after WWII.
I presume then that they have already turned off all tethering. Other it would not be hard to have another device act as the router, using the droid as a USB modem (it can charge at the same time). Maybe that's a bit of a kludge, but at 30 dollars per month it might be worth it - until somebody hacks the phone of course.
It's my main phone, I'm not in a big hurry to mess too much with it, especially if an official version is coming out in a month or so. It's working rather fine, the faster JVM and bluetooth internet sharing are nice-to-haves for my purposes.