You nailed it. It is important that we have been build by evolution to safe our lives. Doing away with our own life is very hard. My mother did stop her own life, but even after months of planning it in advance, only in the last week I had the feeling she was really ready to let go (shortening her bed ridden suffering maybe for weeks/months). I can only hope that I am that strong when my time comes - hopefully a heart attack or similar will end my life in a less dramatic way. But I will never ever accuse someone of hanging on to life, it's really really hard and maybe even unnatural*1 to let go.
*1 Something not being not natural is no reason not to do things, as some persons may lead you to believe (I hear the sound of an urn turning half a round after hearing four negatives in one sentence:)
The one thing I can remember of my father dying was the useless suffering of brain cancer in the last two months. Even when he cried out that he wanted to die doctors said he was not "able to decide". This even though he did in fact already put this on paper, and had the support of everybody around him.
My mother died two years after that, struggling with the same disease fortunately in a different spot. After a while she stopped the normal medical treatment and decided against a second surgery. She died peacefully after having taken time to say goodbye to everybody she loved. It did take a long time for her to accept her fate though, and choosing to end your life that way is certainly not for the weak of heart.
If anything is wrong with the current medical system is that it tries way too hard to safe lives. It should focus on the quality of life instead. It should certainly be able to make hard choices in this matter. And most certainly it should allow patients to make their own decisions (and stop religious groups interfering with such matters.) With the savings we can make the life of a whole lot of persons a lot better.
For those nerds equally confused, I'm pretty confident that they just mean the hardware platform, since all devices seem to be using some kind of Windows &.NET. So the software platform is more or less the same. It just shows how you can store and load save games from the.NET using different hardware platforms.
Oh, my god, he's displaying this and he has all these #ifdefs and "copies of projects" within his workspace and a "shared resources" folder for the game. Is that the future of cross platform? That's more like the PAST of cross platform. The way to do this is to create interfaces for the same object and implement that using different devices. What you don't want, ever, is to have all this different execution paths through your code using #ifdefs to instruct the compiler to compile each and every one of them separately.
The Java apps you can run on any mobile device are - by necessity - extremely limited. Java on the Android is much more like programming the normal JDK. There are many runtimes loosely based on the Java platform, but you would not want to use them for anything like an Android device. (I don't know the Backberry runtime so I won' t comment on that.)
Having a large base of programmers that know the language and a large part of the API is certainly an advantage. I don't think Objective C is very high in the list of mostly used languages. So it's certainly an advantage. How big an advantage is up to discussion. (If you are not convinced, replace Objective C by a true niche language with it's own API. How many apps would you expect in the app-store then?)
Because of education and (more) free thought I think the current generation of Asian programmers is - on average - not as apt as most western programmers. That has however nothing to do with cleverness, and it will certainly change in the future. It certainly better that they start with Java than with C++, which would certainly make everything a downright mess. The GP is under the illusion that having a harder language makes people stop programming. Instead they'll just make crappier programs.
Java does not just allow bad programmers to write sloppy code, it also allows good programmers to write better code (than in C/C++ and direct derivatives). Shitty programs are available in all languages. I managed to write a shit application in Lua in a minute flat. How difficult is it to grasp this concept? Do you really want a programming language that makes it harder to write manageable code, on purpose?
I'm getting sick of this argument. Most of my esteemed C++ colleagues like Java once they've actually tried it out for real. Unfortunately we don't always get Java libs for the hardware we are using.
Then they mention Linux, which has little to none-to do with it. Of course, you can only reach the add by clicking away a Microsoft add. It's amazing what kind of articles are displayed on Slashdot now and then. Even the comments are starting to deteriorate (not yours of course).
But you can be sure my home will stay void of Sparc processors after this fiasco:) The Niagra processors all have RSA in hardware so if the software uses that they are safe anyway. They probably chose a single CPU with easy RISC instructions on purpose anyway,
TPM chips and certainly high end smart card chips are protected against this kind of attacks using the power source. You certainly cannot get a Common Criteria certification if you don't protect against these kind of side channel attacks. Of course, for consumer CPU's there' no CC certification or protection measures like these.
Well, I can understand where you are coming from, but at least do some research before making comments like your initial post.
I can count to 2^8 pretty fast. 2^16 is only twice as large, but I've never ever counted that high. For 2^32 you need a computer and for 2^64, well, let's just say that it'll take a very very long time even for a super computer. 2^128 is more than any computer will count to, ever. 2^256 is getting close to the estimated number of atoms in the universe (!).
If anything, trust number theory and exponents. If a single RSA 2048 key is cracked in the next year then it's because the algorithm failed (which is also not likely), not because they key was too small. AES-128/RSA-2048/SHA-256 is very safe already, if you are paranoid use AES-256/RSA-4096/SHA-512. Currently cryptography is ahead of crypto-analysis, and unless there is a significant break through this is not going to change the next two years.
Sorry I marked you troll, but - as said - your post is completely off the mark and got modded interesting or insightful. Be careful to make such remarks when you are not in the area of expertise.
Or the teletubbies interface because of the grass mount, the popularity of that program (and interesting spin-offs for slightly more grown-ups) nicely coincided with XP.
The idea of making things less clunky was a good one in retrospect, but the initial implementation was horrible. I'm still on XP at work, and I'm still using the 2K interface. Now that interface talked business - it was almost as ugly as an older IBM application.
Nah, if you aren't trolling then you are at the least guilty of gross neglect. You are so far out of the box (when you are not blatantly wrong) that warning persons of such fact is negligence. But it is far more likely that you are completely unaware of the current state of cryoto. Or you are fearmongering, which I assumed.
First 128 bit keys were always too short for RSA keys, that's for symmetric keys. 2048 bit is far from standard, just take a look at your browsers certificate store and especially the certificates of many sites. 2048 bit is far from being broken. Although the security of RSA is non-linear with key-length, breaking 2048 bits is way way more difficult than breaking 1024 bit keys. 4096 bit is more than enough for "Long-term protection: Generic application-independent recommendation, protection from 2009 to 2040" according to eCrypt II (see link below). 16Kib is longer than the recommendation against "quantum computers", by which they don't mean 4 qubit quantum machines that can break 2x2 sudoku's, and then it would make much more sense to switch to Elliptic Curve Cryptography anyway (if Microsoft ever upgrades their crypto libs to fully support ECC instead of a limited set of NIST curves of course).
For a better description of key sizes and their estimated security please take a look at http://www.keylength.com/ .
Mods, this is a rather obvious troll, please mod parent DOWN.
As the key was stored in less than 8Kib (see http://it.slashdot.org/comments.pl?sid=1570350&cid=31352310), I presume only the private exponent is stored in this scheme as well. Although the key size is 4Kib that does not mean that the encoding of the complete private key material fits within 4Kib as well.
The modulus part can be left out if you can retrieve the public key from somewhere (e.g. in a header or container format).
Yes, whenever you use a key it becomes more vulnerable. This only adds security to the storage, not the use. It's amazing how many times this kind of thing is forgotten, e.g. when using an ultra-secure USB device on a computer with zero protection. It becomes even more "interesting" when you have to use the key in an automated system - obviously this design is not meant for continuous use:).
OK, OK but it is probably practical for most things that require 4096 bits of RSA security. I've currently got two levels of backup. My administration/contacts etc. which is encrypted and backed up to my local ISP at ADSL speeds and on a tiny 2.5" external hdd, and a second one which *should* be stored on a separate hard disk or a RAID system. My favorite CD's I just copy to all my devices. Other things are just not worth backup up, such as 1 TB of downloaded movies - if I like them enough I simply buy the DVD. This one would presumably be for even higher levels of protection.
It's not more secure. It's cheaper. It's less likely to break down. You can store it in a safe. You can print it using a desktop printer. And its infinitely less likely to be wiped and used as a gaming machine by your 14 year old (if you have 4 year olds you might need the safe though).
B8B8B8B8B8B8B8B8B8B8B8B8B8B8B8B8 Because 2D barcodes are much easier to read reliably. No need for special OCR. The hex key is presumably for human input, although I don't see any reason why you would not try and read it with a machine, if you really must. B8B8B8B8B8B8B8B8B8B8B8B8B8B8B8B8
I bought the smaller BeBook reader for 175 euro if you don't count the 25 euro voucher. That is already getting really close to 150 euro (which is roughly equivalent to 150 dollar because taxes and the smaller markets in Europe). It does not have WiFi, but that's not something I miss at all. Just copy the books directly to the SD card and put it in the reader. Why have all the hassles of setting up WiFi? Browsing is a PITA with only an eInk display anyway. Even the USB (which is TERRIBLE on the smaller BeBook - it even crashes all USB devices on my laptop, be warned) is spurious, were it not that it is also used to charge the battery.
As for the smaller screen: I was fine with that, but I would not choose an eBook reader with less pixels. I need the sharpness of the display - more pixels is better. And I would not be surprised if the number of pixels is driving the price.
It is interesting to see that the CPU supports both LCD and eInk at the same time. I've just bought a BeBook and the eInk is just perfect for reading. The eInk display is however absolutely worthless as an interface device. After buying a my Hero (android) phone, the BeBook is left at home most of the time. For my workplace I would be very interested in using an eInk display for PDF. But navigating and searching is such a PITA on the current readers that I can not recommend it to anyone. On my reader I get irritated by the navigating experience even when going from one book to another.
Idea: maybe they should mate androids and iPhones with eInk displays, e.g. using bluetooth. You could make a really cheap one while using the wireless LAN / mobile internet / multi-touch screen etc of the phone for all the stuff that the current eBooks are missing. For now I'll just use my droid, even though I will get a headache from all that eye-strain.
My (android) phone uses vibrations to provide feedback. You don't know exactly which key you typed, but - to be honest - that's the same with normal keyboards. Of course, with normal keyboards you have the 'f' and 'j' keys together with finger placement to help you type. It's not perfect, but you will know that you hit a key.
I'll leave the discussion about KiB, it was a side issue, although the article does IMHO make it painfully clear why it's needed.
"That said, excellent job highlighting the dreadful editing, inaccuracies like that are so confusing to try and keep straight between what is written and what was MEANT. Thumps up for you!"
Thanks, have been moderated into oblivion anyway:P
Slashdot Mirror
You nailed it. It is important that we have been build by evolution to safe our lives. Doing away with our own life is very hard. My mother did stop her own life, but even after months of planning it in advance, only in the last week I had the feeling she was really ready to let go (shortening her bed ridden suffering maybe for weeks/months). I can only hope that I am that strong when my time comes - hopefully a heart attack or similar will end my life in a less dramatic way. But I will never ever accuse someone of hanging on to life, it's really really hard and maybe even unnatural*1 to let go.
*1 Something not being not natural is no reason not to do things, as some persons may lead you to believe (I hear the sound of an urn turning half a round after hearing four negatives in one sentence :)
Living is what people do and surviving is a large part of that. It's a large part, but it is certainly not the whole pie.
The one thing I can remember of my father dying was the useless suffering of brain cancer in the last two months. Even when he cried out that he wanted to die doctors said he was not "able to decide". This even though he did in fact already put this on paper, and had the support of everybody around him.
My mother died two years after that, struggling with the same disease fortunately in a different spot. After a while she stopped the normal medical treatment and decided against a second surgery. She died peacefully after having taken time to say goodbye to everybody she loved. It did take a long time for her to accept her fate though, and choosing to end your life that way is certainly not for the weak of heart.
If anything is wrong with the current medical system is that it tries way too hard to safe lives. It should focus on the quality of life instead. It should certainly be able to make hard choices in this matter. And most certainly it should allow patients to make their own decisions (and stop religious groups interfering with such matters.) With the savings we can make the life of a whole lot of persons a lot better.
For those nerds equally confused, I'm pretty confident that they just mean the hardware platform, since all devices seem to be using some kind of Windows & .NET. So the software platform is more or less the same. It just shows how you can store and load save games from the .NET using different hardware platforms.
Oh, my god, he's displaying this and he has all these #ifdefs and "copies of projects" within his workspace and a "shared resources" folder for the game. Is that the future of cross platform? That's more like the PAST of cross platform. The way to do this is to create interfaces for the same object and implement that using different devices. What you don't want, ever, is to have all this different execution paths through your code using #ifdefs to instruct the compiler to compile each and every one of them separately.
The Java apps you can run on any mobile device are - by necessity - extremely limited. Java on the Android is much more like programming the normal JDK. There are many runtimes loosely based on the Java platform, but you would not want to use them for anything like an Android device. (I don't know the Backberry runtime so I won' t comment on that.)
Having a large base of programmers that know the language and a large part of the API is certainly an advantage. I don't think Objective C is very high in the list of mostly used languages. So it's certainly an advantage. How big an advantage is up to discussion. (If you are not convinced, replace Objective C by a true niche language with it's own API. How many apps would you expect in the app-store then?)
That'll be the upcoming Android X then...
Because of education and (more) free thought I think the current generation of Asian programmers is - on average - not as apt as most western programmers. That has however nothing to do with cleverness, and it will certainly change in the future. It certainly better that they start with Java than with C++, which would certainly make everything a downright mess. The GP is under the illusion that having a harder language makes people stop programming. Instead they'll just make crappier programs.
Java does not just allow bad programmers to write sloppy code, it also allows good programmers to write better code (than in C/C++ and direct derivatives). Shitty programs are available in all languages. I managed to write a shit application in Lua in a minute flat. How difficult is it to grasp this concept? Do you really want a programming language that makes it harder to write manageable code, on purpose?
I'm getting sick of this argument. Most of my esteemed C++ colleagues like Java once they've actually tried it out for real. Unfortunately we don't always get Java libs for the hardware we are using.
Then they mention Linux, which has little to none-to do with it. Of course, you can only reach the add by clicking away a Microsoft add. It's amazing what kind of articles are displayed on Slashdot now and then. Even the comments are starting to deteriorate (not yours of course).
But you can be sure my home will stay void of Sparc processors after this fiasco :) The Niagra processors all have RSA in hardware so if the software uses that they are safe anyway. They probably chose a single CPU with easy RISC instructions on purpose anyway,
TPM chips and certainly high end smart card chips are protected against this kind of attacks using the power source. You certainly cannot get a Common Criteria certification if you don't protect against these kind of side channel attacks. Of course, for consumer CPU's there' no CC certification or protection measures like these.
Well, I can understand where you are coming from, but at least do some research before making comments like your initial post.
I can count to 2^8 pretty fast. 2^16 is only twice as large, but I've never ever counted that high. For 2^32 you need a computer and for 2^64, well, let's just say that it'll take a very very long time even for a super computer. 2^128 is more than any computer will count to, ever. 2^256 is getting close to the estimated number of atoms in the universe (!).
If anything, trust number theory and exponents. If a single RSA 2048 key is cracked in the next year then it's because the algorithm failed (which is also not likely), not because they key was too small. AES-128/RSA-2048/SHA-256 is very safe already, if you are paranoid use AES-256/RSA-4096/SHA-512. Currently cryptography is ahead of crypto-analysis, and unless there is a significant break through this is not going to change the next two years.
Sorry I marked you troll, but - as said - your post is completely off the mark and got modded interesting or insightful. Be careful to make such remarks when you are not in the area of expertise.
Or the teletubbies interface because of the grass mount, the popularity of that program (and interesting spin-offs for slightly more grown-ups) nicely coincided with XP.
The idea of making things less clunky was a good one in retrospect, but the initial implementation was horrible. I'm still on XP at work, and I'm still using the 2K interface. Now that interface talked business - it was almost as ugly as an older IBM application.
Nah, if you aren't trolling then you are at the least guilty of gross neglect. You are so far out of the box (when you are not blatantly wrong) that warning persons of such fact is negligence. But it is far more likely that you are completely unaware of the current state of cryoto. Or you are fearmongering, which I assumed.
Non-sense.
First 128 bit keys were always too short for RSA keys, that's for symmetric keys.
2048 bit is far from standard, just take a look at your browsers certificate store and especially the certificates of many sites.
2048 bit is far from being broken. Although the security of RSA is non-linear with key-length, breaking 2048 bits is way way more difficult than breaking 1024 bit keys.
4096 bit is more than enough for "Long-term protection: Generic application-independent recommendation, protection from 2009 to 2040" according to eCrypt II (see link below).
16Kib is longer than the recommendation against "quantum computers", by which they don't mean 4 qubit quantum machines that can break 2x2 sudoku's, and then it would make much more sense to switch to Elliptic Curve Cryptography anyway (if Microsoft ever upgrades their crypto libs to fully support ECC instead of a limited set of NIST curves of course).
For a better description of key sizes and their estimated security please take a look at http://www.keylength.com/ .
Mods, this is a rather obvious troll, please mod parent DOWN.
As the key was stored in less than 8Kib (see http://it.slashdot.org/comments.pl?sid=1570350&cid=31352310), I presume only the private exponent is stored in this scheme as well. Although the key size is 4Kib that does not mean that the encoding of the complete private key material fits within 4Kib as well.
The modulus part can be left out if you can retrieve the public key from somewhere (e.g. in a header or container format).
Yes, whenever you use a key it becomes more vulnerable. This only adds security to the storage, not the use. It's amazing how many times this kind of thing is forgotten, e.g. when using an ultra-secure USB device on a computer with zero protection. It becomes even more "interesting" when you have to use the key in an automated system - obviously this design is not meant for continuous use :).
OK, OK but it is probably practical for most things that require 4096 bits of RSA security. I've currently got two levels of backup. My administration/contacts etc. which is encrypted and backed up to my local ISP at ADSL speeds and on a tiny 2.5" external hdd, and a second one which *should* be stored on a separate hard disk or a RAID system. My favorite CD's I just copy to all my devices. Other things are just not worth backup up, such as 1 TB of downloaded movies - if I like them enough I simply buy the DVD. This one would presumably be for even higher levels of protection.
It's not more secure. It's cheaper. It's less likely to break down. You can store it in a safe. You can print it using a desktop printer. And its infinitely less likely to be wiped and used as a gaming machine by your 14 year old (if you have 4 year olds you might need the safe though).
B8B8B8B8B8B8B8B8B8B8B8B8B8B8B8B8
Because 2D barcodes are much easier to read reliably. No need for special OCR. The hex key is presumably for human input, although I don't see any reason why you would not try and read it with a machine, if you really must.
B8B8B8B8B8B8B8B8B8B8B8B8B8B8B8B8
I bought the smaller BeBook reader for 175 euro if you don't count the 25 euro voucher. That is already getting really close to 150 euro (which is roughly equivalent to 150 dollar because taxes and the smaller markets in Europe). It does not have WiFi, but that's not something I miss at all. Just copy the books directly to the SD card and put it in the reader. Why have all the hassles of setting up WiFi? Browsing is a PITA with only an eInk display anyway. Even the USB (which is TERRIBLE on the smaller BeBook - it even crashes all USB devices on my laptop, be warned) is spurious, were it not that it is also used to charge the battery.
As for the smaller screen: I was fine with that, but I would not choose an eBook reader with less pixels. I need the sharpness of the display - more pixels is better. And I would not be surprised if the number of pixels is driving the price.
It is interesting to see that the CPU supports both LCD and eInk at the same time. I've just bought a BeBook and the eInk is just perfect for reading. The eInk display is however absolutely worthless as an interface device. After buying a my Hero (android) phone, the BeBook is left at home most of the time. For my workplace I would be very interested in using an eInk display for PDF. But navigating and searching is such a PITA on the current readers that I can not recommend it to anyone. On my reader I get irritated by the navigating experience even when going from one book to another.
Idea: maybe they should mate androids and iPhones with eInk displays, e.g. using bluetooth. You could make a really cheap one while using the wireless LAN / mobile internet / multi-touch screen etc of the phone for all the stuff that the current eBooks are missing. For now I'll just use my droid, even though I will get a headache from all that eye-strain.
My (android) phone uses vibrations to provide feedback. You don't know exactly which key you typed, but - to be honest - that's the same with normal keyboards. Of course, with normal keyboards you have the 'f' and 'j' keys together with finger placement to help you type. It's not perfect, but you will know that you hit a key.
I know they pull this off about every odd article, but it perpetually amazes me anyway :)
I'll leave the discussion about KiB, it was a side issue, although the article does IMHO make it painfully clear why it's needed.
"That said, excellent job highlighting the dreadful editing, inaccuracies like that are so confusing to try and keep straight between what is written and what was MEANT. Thumps up for you!"
Thanks, have been moderated into oblivion anyway :P