That's not entirely the case. In a large operation you'll have to keep that key safe over tens or hundreds of users, many who will have devices they want to connect (illegally or not). How do you know the key hasn't leaked? You are of course right about the brute force attack, but there are other things to consider.
That's actually *explicitly* illegal over here. It's illegal to search anyones garbage without having proper authority to do so. Of course, that wasn't entirely your point, but just in case someone starts to dig and gets arrested...
How much browsing is done through the "default browser" setting anyway? Maybe the occasional click of an email link.
Although I agree with most of your post, I would extend this to any link in any program, and there are a lot (on help pages, about boxes etc. etc.).
But starting up your favorite browser and click "make default" again should indeed do the trick. Of course, if other browsers were nice about installs/updates, this popup should never ever have to occur, at all.
There's a reason why I hate Microsoft at times, and Visual Studio installs are definitely one of them. First it goes and update your entire system, restarts a couple of hundred times and then it messes up your file associations. And of course you can be assured additional fun if you work at a company that does not have internet connections on their development PC's.
Compare that with an Eclipse inst^H^H^Hunzip.
Anyway, the whole idea that a single source file should open in an IDE is flawed. Let IDE's open workspaces and projects, but single files (many of them just containing fragments of code) that I want to view (promptly if possible) should *NOT* open in an IDE, and especially not in VS.
That said, VS itself is getting better. But it starts off by annoying the hell out of possible switchers.
"Anyone not choosing to customize IE's install deserves to have it supplant their settings."
Why? This is an upgrade, not a new install. Personally I don't think it should change the settings from the previous browsers. Although I know that this is not the way most software behaves, it should be.
Um, yes, almost any software does that. The number of people using two browsers at the same time must not be that high, and not doing so will cost you the competition.
If FF 3.5 comes out and is installed as an update (or, upgrade) I would be pissed off as well if it automatically installed itself as default, EVEN if you did the auto install.
Updating/upgrading and new installs are not the same thing. That said, I find it annoying as well, because I never switch directly to new software, I tend to give it a few test runs first.
Deserve? Hell no. There's a reason that people want to have another browser. With Windows systems you can be almost certain that they've explicitly replaced IE with another one. So Windows update should definitively not mess with that setting. Especially not with an update.
It's not about the length of the strings... the problem is that creates a new StringBuffer, which creates a new char array, copies the relevant characters in, then creates a new string and returns it. New object creation is practically by definition a slow process, as it means searching for free space in the heap which almost always will not be in cache (because it isn't in active use already). Even if you're just doing "a" + "b", you're probably talking thousands of active processor cycles plus at least two or three cache misses. If this is happening in an inner loop, you're basically fucked.
And how many times will a "string" + "string" be in an inner loop and add to the same string? In this case you need to create a StringBuilder sure enough. Basically, if you are doing string addition within a performance critical part of the system, you're probably already on the wrong track. Even then it is easy to remove when optimizing the application.
Furthermore, in a loop many things get optimized by the compiler, and short lived objects are put where they belong: in the short term object storage location of the garbage collector. I wonder if that would not be in the cache.
If your list has a max 10 elements, why use a linked list? An array is much simpler to work with...
You use arrays when the situation requires an array. I said: a maximum of 10 elements, not 10 elements. IMHO, keeping an array that is partly filled is something you should try to avoid. To me it seems like you are thinking too much in old school optimizations, while you should be thinking about the overall design and maintainability.
BTW, I do use StringBuilder a lot because I like working with final variables - the chances that your code is bug free is just somewhat higher with final variables (even local ones, not just fields). So I almost never use a = ""; a = a + b; a = a + c etc, because I want to assign variables only once unless they are supposed to change (offsets, counters etc etc). In a way, by using final a lot you will auto-optimize, and not just for optimalization per se.
Well, not if it is encrypted data. I'm not so certain that you cannot detect AES (CBC) encrypted files, but the leading digit will certainly look like it is randomly distributed - the numbers are certainly not part of a logarithmic scale (which is what seems to drive this "law").
And mods, questions and sentences that have "probable" in them should - in most cases - be modded "interesting", IMHO.
"The budget also receives other revenue, such as taxes paid by EU staff on their salaries, contributions from non-EU countries to certain EU programmes and fines on companies that breach competition or other laws. These miscellaneous resources add up to around EUR 1.3 billion, i.e. about 1 % of the budget."
It's a rather fucked up moderation system lately. I'm always ashamed of my excellent Karma, because if these kind of posts get modded up, I don't want to be part of it.
The only way to get mod points lately is to be *VERY* quick with replies. Which means that people either know it already (which is fine) or, as in this case, make it up on the spot (which is fucked up). Sometimes I just cannot get mod points because the article is more than a few hours old and I had to wait for day light, and then do some research.
Especially when its about Java or security/cryptography it's annoying. I know a lot about those topics and most of the time I cannot even hope for my replies to be read. It's doubly annoying when there are +5 articles like the GP that are just PLAIN WRONG.
How can you use the history? The pages generally have no title or the exact same title as the one I'm trying to jump to. The only thing after that is jumping out of the site entirely. And if the site is only for browsing purposes, that's exactly what I'll do.
Great example of bad code, but that does not at all have anything to do with the argument I'm making. Yes, you need a bit of a backgrounder (and the more the better), but do you need to be able to implement algorithms to make successful use of them?
Gosh, I could post the method that incorrectly tried to implement a modulus operation (easily replaced by "%" in this case) as well. Will I get modded up as well? Currently I'm just hoping that my colleagues try and know the language and the API well. Knowing to implement algorithms is something that is on the wish list, but it's somewhere way down there.
Not turning off checkstyle is higher on my list, for example.
Depends. Google is promising chrome for Win2k and Linux for a while now. But is still only delivers for XP and Vista, even if people already made it work for 2K.
I'd have no problems running Chrome on my Ubuntu install, but Google is seriously messing this up. This also means that I won't run it on Windows, I'm not going to invest in any browser that does not run on all my PC's.
Yeah, I loved the disk copy applications that managed to copy an entire 360K floppy in just four floppy disk insertions as well. It used both the RAM and the VRAM of my MSX2 to cache the data in. Oh, the beautiful disk maps it put on the VRAM were really something. Of course sometimes they were accompanied by a curse when I saw that I was copying 00h bytes (that could have stored data, time was not as important).
I still think 00h bytes are black:) Green patches were common too, don't know why anymore.
Personally I was thinking about proposing that any class with a finalizer should be garbage collected by using reference counting. You would know that it got collected, and exactly when the last reference was removed. And it would allow you to close things down properly at the time the class is not used anymore.
Proper classes nowadays don't use finalizers, so it should not make a difference in speed.
"Funny" situations. But none of them would happen if the people knew how to use the collections available to them. You need to know how and when to use them, not so much how to program them. And don't say that's easy enough, there are plenty badly implemented frameworks (especially within companies) that beg to differ.
I would have to think about bubble sort and btree (I could do them though, but not at the drop of a hat). I would never program them myself. It's hard to write collection frameworks, and I'll gladly leave it to specialists.
More to the point: it's important *what* these algorithms do, much more than being able to program them, at least for most programmers. It is also very important that they know how and when to use the right classes.
I've already seen the Java "string" + "string" example, pointing out that it is slow. SO WHAT? Unless you're putting megabytes together (which you probably shouldn't), who will notice? Same with bubble sort and quick sort. Bubble sort is faster when doing small sorts? Who cares about small sorts? I've seen programmers clobber other programmers because they were using a linked list when sorting. Not very interesting if the list only grows to 10 elements.
After 8 years in the industry, I've only written a few slightly generic collections (what they called "data structures" in the old days). They were either on a smart card (which misses all these structures) or mash-ups of other data structures (a hash map with a backing linked list is a favorite for storing multiple elements of the same type to be referenced by a key).
All in all, there's simply no need to know how to implement these things anymore. As said, you *should* know the tools in your collections framework though. And you *should* know when to use them.
Strong security requires a lot of processing power. If this secure card can not support a lot of MIPS security is weak. That may just be fine if the secrets one is trying to hide are low value. Otherwise, it ain't good enough.
No, security would be strong and the card would be slow. The reason for this is that the key sizes and algorithms seem to be part of the protocol. But these kind of cards all use cryptographic co-processors (AES accelerators and Montgomery multipliers for RSA), so MIPS don't have anything to do with it.
First of all, this is a protocol using normal cryptographic primitives. They can't have a master key to this protocol. Normally you have back doors or master keys for devices not for protocols.
Second of all, this is mainly about authentication of their own terminals, so yes, I would suppose they have the master key. In their scheme, it's called "Master ISK key" (probably master inspection system key).
Third of all, they don't need to give away an unbreakable form of crypto, since none of the current, widely available cryptographic algorithms is insecure when used with sufficient rounds/block sizes/key sizes.
We don't need JavaScript in a PDF viewer, at least not for normal purposes. The problem is that Adobe keeps putting additional functionality in the reader. Functionality that I don't need 99% of the time. It's hard enough to create a secure document viewer thats able to do font rendering and vector graphics and such. Lets focus on that and use another viewer for forms and such. Heck, create a PDF viewer first where I can normally select and copy text.
BTW, this is how I currently use PDF documents. I use a small PDF viewer that does almost nothing but show/zoom and select for documents from the internet. I turn to Adobe if and only if I receive complicated PDF's from a known source. Oh, and OpenOffice writer if I want to make my own simple PDF's or when I make comments on a document/webpage or PDF.
The protocol looks unremarkable. They pass some entropy and IDs back and forth, using conventional standards based encryption and hash algorithms.
That's a good thing.
Their problem is keeping the cards secure and they state clearly that they are using commercially available smart cards.
Which is also a good thing, as long as these cards have been analyzed well. I would be worried if they were using cards with "military grade" security meaning that they were only analyzed by few, without any standardized security level like FIPS or CC.
There are secrets in the cards, an RSA private key and an AES master key. The bigger problem is keeping these secrets in the cards and distributing the keys to cards. The PLAID protocol has no bearing on these matters.
Sorry, but you are wrong on both matters.
The RSA private key and AES master keys are not on the card. It contains the RSA public key and the AES derived key (one that is specific to the card).
There are many interesting things about this protocol. Lets have a list so I can get a few mod points on this old discussion:
No ID before authentication (card ID is encrypted with public RSA key, standard RSA encryption uses random padding)
No RSA private key encryption for the authentication (vulnerable to attack)
Uses standardized, up to date algorithms (SHA-1 is only used in a secure way as far as I can see)
Uses RSA public key on the card, which is *faster* than ECC because the public exponent will likely be small (010001h normally)
Ok, for some disadvantages
Requires contact-less processor card with AES and hardware RSA support
Access is much slower than with AES only authentication
Time and power usage of RSA calculations may make it more difficult to do a successful authentication
Unremarkable (probably has been invented earlier)
Requires terminal that performs RSA private key encryption
Requires RSA private key to be present on reader side, key cannot be revoked
Still requires a single master key (hopefully it will never be leaked)
All in all, this protocol is very interesting for mutual authentication. I'll have to look into it further (e.g. how much the private key needs to stay private).
First of all, it's a protocol, not an encryption method. The protocol is based on RSA and AES. If those are "broken" we have bigger problems to worry about as all internet encryption is based on these protocols.
I'm not saying it is safe, but saying it will be broken because somebody will break the "encryption method" because it is out there, well, that's not in line with the current state of crypto-analysis.
Slashdot Mirror
That's not entirely the case. In a large operation you'll have to keep that key safe over tens or hundreds of users, many who will have devices they want to connect (illegally or not). How do you know the key hasn't leaked? You are of course right about the brute force attack, but there are other things to consider.
That's actually *explicitly* illegal over here. It's illegal to search anyones garbage without having proper authority to do so. Of course, that wasn't entirely your point, but just in case someone starts to dig and gets arrested...
How much browsing is done through the "default browser" setting anyway? Maybe the occasional click of an email link.
Although I agree with most of your post, I would extend this to any link in any program, and there are a lot (on help pages, about boxes etc. etc.).
But starting up your favorite browser and click "make default" again should indeed do the trick. Of course, if other browsers were nice about installs/updates, this popup should never ever have to occur, at all.
There's a reason why I hate Microsoft at times, and Visual Studio installs are definitely one of them. First it goes and update your entire system, restarts a couple of hundred times and then it messes up your file associations. And of course you can be assured additional fun if you work at a company that does not have internet connections on their development PC's.
Compare that with an Eclipse inst^H^H^Hunzip.
Anyway, the whole idea that a single source file should open in an IDE is flawed. Let IDE's open workspaces and projects, but single files (many of them just containing fragments of code) that I want to view (promptly if possible) should *NOT* open in an IDE, and especially not in VS.
That said, VS itself is getting better. But it starts off by annoying the hell out of possible switchers.
"Anyone not choosing to customize IE's install deserves to have it supplant their settings."
Why? This is an upgrade, not a new install. Personally I don't think it should change the settings from the previous browsers. Although I know that this is not the way most software behaves, it should be.
Um, yes, almost any software does that. The number of people using two browsers at the same time must not be that high, and not doing so will cost you the competition.
If FF 3.5 comes out and is installed as an update (or, upgrade) I would be pissed off as well if it automatically installed itself as default, EVEN if you did the auto install.
Updating/upgrading and new installs are not the same thing. That said, I find it annoying as well, because I never switch directly to new software, I tend to give it a few test runs first.
Deserve? Hell no. There's a reason that people want to have another browser. With Windows systems you can be almost certain that they've explicitly replaced IE with another one. So Windows update should definitively not mess with that setting. Especially not with an update.
It's not about the length of the strings... the problem is that creates a new StringBuffer, which creates a new char array, copies the relevant characters in, then creates a new string and returns it. New object creation is practically by definition a slow process, as it means searching for free space in the heap which almost always will not be in cache (because it isn't in active use already). Even if you're just doing "a" + "b", you're probably talking thousands of active processor cycles plus at least two or three cache misses. If this is happening in an inner loop, you're basically fucked.
And how many times will a "string" + "string" be in an inner loop and add to the same string? In this case you need to create a StringBuilder sure enough. Basically, if you are doing string addition within a performance critical part of the system, you're probably already on the wrong track. Even then it is easy to remove when optimizing the application.
Furthermore, in a loop many things get optimized by the compiler, and short lived objects are put where they belong: in the short term object storage location of the garbage collector. I wonder if that would not be in the cache.
If your list has a max 10 elements, why use a linked list? An array is much simpler to work with...
You use arrays when the situation requires an array. I said: a maximum of 10 elements, not 10 elements. IMHO, keeping an array that is partly filled is something you should try to avoid. To me it seems like you are thinking too much in old school optimizations, while you should be thinking about the overall design and maintainability.
BTW, I do use StringBuilder a lot because I like working with final variables - the chances that your code is bug free is just somewhat higher with final variables (even local ones, not just fields). So I almost never use a = ""; a = a + b; a = a + c etc, because I want to assign variables only once unless they are supposed to change (offsets, counters etc etc). In a way, by using final a lot you will auto-optimize, and not just for optimalization per se.
Well, not if it is encrypted data. I'm not so certain that you cannot detect AES (CBC) encrypted files, but the leading digit will certainly look like it is randomly distributed - the numbers are certainly not part of a logarithmic scale (which is what seems to drive this "law").
And mods, questions and sentences that have "probable" in them should - in most cases - be modded "interesting", IMHO.
Hmm, either the slashdot mods are again rising up to the challenge or they are not understanding the word "facetious". Now I'm confused.
sh.
That should be "almost ashamed" not "always ashamed". Slashdot ain't that bad :)
Don't worry, he's just trolling.
"The budget also receives other revenue, such as taxes paid by EU staff on their salaries, contributions from non-EU countries to certain EU programmes and fines on companies that breach competition or other laws. These miscellaneous resources add up to around EUR 1.3 billion, i.e. about 1 % of the budget."
Source:
http://ec.europa.eu/budget/budget_glance/where_from_en.htm
It's a rather fucked up moderation system lately. I'm always ashamed of my excellent Karma, because if these kind of posts get modded up, I don't want to be part of it.
The only way to get mod points lately is to be *VERY* quick with replies. Which means that people either know it already (which is fine) or, as in this case, make it up on the spot (which is fucked up). Sometimes I just cannot get mod points because the article is more than a few hours old and I had to wait for day light, and then do some research.
Especially when its about Java or security/cryptography it's annoying. I know a lot about those topics and most of the time I cannot even hope for my replies to be read. It's doubly annoying when there are +5 articles like the GP that are just PLAIN WRONG.
How can you use the history? The pages generally have no title or the exact same title as the one I'm trying to jump to. The only thing after that is jumping out of the site entirely. And if the site is only for browsing purposes, that's exactly what I'll do.
Great example of bad code, but that does not at all have anything to do with the argument I'm making. Yes, you need a bit of a backgrounder (and the more the better), but do you need to be able to implement algorithms to make successful use of them?
Gosh, I could post the method that incorrectly tried to implement a modulus operation (easily replaced by "%" in this case) as well. Will I get modded up as well? Currently I'm just hoping that my colleagues try and know the language and the API well. Knowing to implement algorithms is something that is on the wish list, but it's somewhere way down there.
Not turning off checkstyle is higher on my list, for example.
Depends. Google is promising chrome for Win2k and Linux for a while now. But is still only delivers for XP and Vista, even if people already made it work for 2K.
I'd have no problems running Chrome on my Ubuntu install, but Google is seriously messing this up. This also means that I won't run it on Windows, I'm not going to invest in any browser that does not run on all my PC's.
Yeah, I loved the disk copy applications that managed to copy an entire 360K floppy in just four floppy disk insertions as well. It used both the RAM and the VRAM of my MSX2 to cache the data in. Oh, the beautiful disk maps it put on the VRAM were really something. Of course sometimes they were accompanied by a curse when I saw that I was copying 00h bytes (that could have stored data, time was not as important).
I still think 00h bytes are black :) Green patches were common too, don't know why anymore.
Personally I was thinking about proposing that any class with a finalizer should be garbage collected by using reference counting. You would know that it got collected, and exactly when the last reference was removed. And it would allow you to close things down properly at the time the class is not used anymore.
Proper classes nowadays don't use finalizers, so it should not make a difference in speed.
"Funny" situations. But none of them would happen if the people knew how to use the collections available to them. You need to know how and when to use them, not so much how to program them. And don't say that's easy enough, there are plenty badly implemented frameworks (especially within companies) that beg to differ.
I would have to think about bubble sort and btree (I could do them though, but not at the drop of a hat). I would never program them myself. It's hard to write collection frameworks, and I'll gladly leave it to specialists.
More to the point: it's important *what* these algorithms do, much more than being able to program them, at least for most programmers. It is also very important that they know how and when to use the right classes.
I've already seen the Java "string" + "string" example, pointing out that it is slow. SO WHAT? Unless you're putting megabytes together (which you probably shouldn't), who will notice? Same with bubble sort and quick sort. Bubble sort is faster when doing small sorts? Who cares about small sorts? I've seen programmers clobber other programmers because they were using a linked list when sorting. Not very interesting if the list only grows to 10 elements.
After 8 years in the industry, I've only written a few slightly generic collections (what they called "data structures" in the old days). They were either on a smart card (which misses all these structures) or mash-ups of other data structures (a hash map with a backing linked list is a favorite for storing multiple elements of the same type to be referenced by a key).
All in all, there's simply no need to know how to implement these things anymore. As said, you *should* know the tools in your collections framework though. And you *should* know when to use them.
Strong security requires a lot of processing power. If this secure card can not support a lot of MIPS security is weak. That may just be fine if the secrets one is trying to hide are low value. Otherwise, it ain't good enough.
No, security would be strong and the card would be slow. The reason for this is that the key sizes and algorithms seem to be part of the protocol. But these kind of cards all use cryptographic co-processors (AES accelerators and Montgomery multipliers for RSA), so MIPS don't have anything to do with it.
First of all, this is a protocol using normal cryptographic primitives. They can't have a master key to this protocol. Normally you have back doors or master keys for devices not for protocols.
Second of all, this is mainly about authentication of their own terminals, so yes, I would suppose they have the master key. In their scheme, it's called "Master ISK key" (probably master inspection system key).
Third of all, they don't need to give away an unbreakable form of crypto, since none of the current, widely available cryptographic algorithms is insecure when used with sufficient rounds/block sizes/key sizes.
Or, in short, you're talking shit.
We don't need JavaScript in a PDF viewer, at least not for normal purposes. The problem is that Adobe keeps putting additional functionality in the reader. Functionality that I don't need 99% of the time. It's hard enough to create a secure document viewer thats able to do font rendering and vector graphics and such. Lets focus on that and use another viewer for forms and such. Heck, create a PDF viewer first where I can normally select and copy text.
BTW, this is how I currently use PDF documents. I use a small PDF viewer that does almost nothing but show/zoom and select for documents from the internet. I turn to Adobe if and only if I receive complicated PDF's from a known source. Oh, and OpenOffice writer if I want to make my own simple PDF's or when I make comments on a document/webpage or PDF.
The protocol looks unremarkable. They pass some entropy and IDs back and forth, using conventional standards based encryption and hash algorithms.
That's a good thing.
Their problem is keeping the cards secure and they state clearly that they are using commercially available smart cards.
Which is also a good thing, as long as these cards have been analyzed well. I would be worried if they were using cards with "military grade" security meaning that they were only analyzed by few, without any standardized security level like FIPS or CC.
There are secrets in the cards, an RSA private key and an AES master key. The bigger problem is keeping these secrets in the cards and distributing the keys to cards. The PLAID protocol has no bearing on these matters.
Sorry, but you are wrong on both matters.
The RSA private key and AES master keys are not on the card. It contains the RSA public key and the AES derived key (one that is specific to the card).
There are many interesting things about this protocol. Lets have a list so I can get a few mod points on this old discussion:
Ok, for some disadvantages
All in all, this protocol is very interesting for mutual authentication. I'll have to look into it further (e.g. how much the private key needs to stay private).
First of all, it's a protocol, not an encryption method. The protocol is based on RSA and AES. If those are "broken" we have bigger problems to worry about as all internet encryption is based on these protocols.
I'm not saying it is safe, but saying it will be broken because somebody will break the "encryption method" because it is out there, well, that's not in line with the current state of crypto-analysis.