they made this massive social experiemt about how a poor population, which has a 1000 year long history of ethnic conflict, reacts when you take over their country by military force. Until today researchers have found no clear answer as to why the population neglects the truth, that it actually has been fried,äh freed.
Netbeans is very stable and mature platform. There's nothing to bitch about. Eclipse on the other hand offers much more comfort concerning plain editing and refactoring tasks. Additionally it is part of a much more attractive ecosystem.
Still there is one thing where Netbeans beats every other Java IDE easily: The matisse GUI builder is really fun to work with! For Java there's nothing even close. And for that alone Netbeans has a very well founded raison d'être. If it's GPL now, lets wait and see how long it takes for Eclipse to absorb that great tool. There's already a commercial port for MyEclipse, but it's not free or usable on vanilla Eclipse, yet.
Heh. Bring on the machine society, where everybody produces and nobody thinks! Nobody, said that you've generally to should up, if you don't produce anything. Else your comment would be fair. But this discussion is about licensing of produced things. RMS doesn't try to dictate how his own productions or derived works can be licensed, but what other (free, hello?) people should put their own work under.
Linus commits a lot of his own work and works really hard to synthesize a decent kernel from very many contributions. Those contributing should be free and I mean absolutely free about deciding how they want to license their work. How much has RMS commited to the kernel to barge in so loud? Linus gets stuff done and arleady knows how he wants to license is. RMS justs rants.
Exactly! RMS is a politician and 'free' software fundamentalist. We have at least two perfect licenses. BSD for almost total freedom and GPLv2 for freedom limited (and orthogonally promoted) by moralic constraints.
I don't want people like RMS pumping their politics into my software code's licenses! His crusade is purely political and belongs onto the political stage. That's why Linus' productive output surpasses Stallman's by a factor 1000. Man get a grip and produce stuff under whatever license you like. But if you don't even produce anything, but complaints, just shut up!
The original paper is much better than CmdrTaco's quick conclusions.
The described method is ONLY for SRAM (statical RAM), no DRAM, no SDRAM. You can find this on RFID chips and in a CPU'S cache, not in RAM. As there is no way to access a CPU's cache uninitialized, I can't see why this should be useful.
If you have to modify a CPU first, to allow access to it's unitialized caches (think about all the unwanted implications), it's much cheaper to just give it a thermal diode and register to poll (as most modern CPU's already have).
After all the described method is just another way of collecting thermal noise. As RFID's are custom designs most of the time, also there it would be cheaper to just use a thermal diode.
The only application for this would be if you had to develop strong crypto for legacy RFID chips.
Slashdot stories get worse by the day.
The lecturer is no native English speaker. So sometimes you have to replace the word 'base' with 'scheduler'.
The clip shows deep insight into what Con Kolivas really feels is going on right now.
The deal (for the GPS hardware and service) has been contraced to a vendor whose CEO is the President of the taxi garages' association.
The association's Vice President for Business Development is the former First Deputy Commissioner of the TLC (NYC Taxi & Limousine Commission).
The GPS vendor's Vice President of Operations is the TLC's former Deputy Commissioner of Safety and Emissions, the TLC officer in charge of all vehicle related issues.
Skype's login servers usually don't carry much load compared to the mass of traffic routed directly between all nodes via P2P. My guess is they just got overrun because they were not prepared for the worst case: ALL clients trying to connect AT THE SAME TIME to their master.
I bet Slashdot wouldn't be prepared for all of its users connecting at the same time, either. But it needs not to. It is never going to happen (why should it? - well how about December 1st, 1AM UTC everybody?). With Skype it's different. They should have been prepared for the case, that whenever their network would be down for whatever reason all clients would try to connect concurrently! Obviously they weren't prepared.
If you watched the aftermath closely you could see that they started filtering by IP on day two. Only a certain number of clients were allowed to connect per IP range. They probably hired super expensive DoS emergency contractors to get this back up.
A hack is still possible, but I rather guess that it brought the network down, but did not keep it from coming back up. That was Skype's own fault.
1. Wrong. "Weak key" is a well defined cryptographic term. See e.g. http://en.wikipedia.org/wiki/Weak_key . What you're describing is just a bad cipher. If all keys are bad to the same degree the keys aren't called weak but the cipher. It would be different if there were stronger keys additionally to the huge number of weak keys in the same set of the cipher you are talking about. This is not the case.
2. The seed's randomness is exactly what I was talking about. It's not what you are saying, that the "whole problem ist the algorithm". There is no algorithm in the world which can extract more than 16 bit randomness from a 16 bit seed (passphrase). So that's NOT the algorithm's problem, but people using too short passphrases.
What do you mean by "128 of data (into hex)". It doesn't need to be hex. 128 bit randomness are 4 bit per digit in hex. Using average passphrases you get about 2.5 bits per character, but more if you use the whole character set. So using passphrases or hex numbers gets you the same thing (in bits).
It is easy to see, that the original poster of this story has no clue about encryption. There are several misconceptions in his posting:
He writes: "WPA is the replacement for weak WEP keys in the original 802.11b specification". This is wrong. "weak key" ist a crypographic term for - wonder - weak keys, like 128 bit, consisting of 1's only (1111111111111...). For like 30 years, even WEP, has taken measures to prevent this kind of keys during use. WEP's problem in fact is the deterministic generation of IV's of the keystream, not weak keys.
"Moskowitz advised choosing passphrases of more than 20 characters or generating random keys of at least 96 bits, but preferably 128 bits." That's also misunderstood. The PSK (pre shared key) even when not using 802.1X is always 256-bit. It's generated -from- a passphrase that you type in. A passphrase like "abc" e.g. contains less than 16 bits of security. So a WPA key generated from the passphrase "abc", although still being 256-bit, can be cracked within the time of a 16 bit brute force attack. This is done by simply generating WPA keys from all passphrases between "aaa" and "zzz". So you always use 256 bit keys (PSK's), but they can be generated from much smaller passphrases.
"each user gets a long WPA key". See above. The keys are always the same size of 256 bit. When using 802.1X there is only maximum "randomness". That's the difference. It think the poster still thinks that WPA works like WEP where you actually use different key lengths.
One could think that I'm very picky about his words. I think not. Especially in cryptography it is important to know exactly what part of a cryptographic chain you're talking about, when talking about weaknesses. TinyPEAP seems to be just a tool for people like the original poster and script kiddies, who are in fact NOT knowing what they are talking about. It's just a bruteforce tool to try out WPA passphrases. This is supposingly faster for people using short passphrases than bruteforcing keys directly.
The German Fraunhofer FIRST is actually demonstrating (open to try for anybody) their next generation BCI at CeBIT in Hannover this year.
You can play "Brain Pong", where the pads get controlled by your brain.
A revolutionary aspect is that you don't need to condition your state of mental conciousness to adopt to the interface (meditation, etc.) as many of the "old" systems mentioned here, but the computer algorithms actually adopt to YOU by intelligently analyzing your brainwaves. You get 'recorded' when you imagine the pad going up and down and the algorithms do the rest.
The deal is already one year old!
on
Amiga Sells AmigaOS
·
· Score: 5, Informative
The story says: "...to meet with security engineers and review parts of the Windows programming code development and testing."
Is that supposed to be improved security? There is no guarantee for participating countries that the reviewed code matches the acutal Windows binaries completely! (Is there even the possibility to check whatever they want?)
Government officials cannot browse the whole code base by themselves but must work with Microsoft's engineers in Redmond.
And even if they could. If one does not have the possibility to compile his own Windows package out of the COMPLETE and verifiable source, there is always room for security leaks not detectable by governments.
So what's the big deal about this. Can a government be that blind?
O.k. stupid question..:)
Slashdot Mirror
;) EOF
they made this massive social experiemt about how a poor population, which has a 1000 year long history of ethnic conflict, reacts when you take over their country by military force.
Until today researchers have found no clear answer as to why the population neglects the truth, that it actually has been fried,äh freed.
Netbeans is very stable and mature platform. There's nothing to bitch about. Eclipse on the other hand offers much more comfort concerning plain editing and refactoring tasks. Additionally it is part of a much more attractive ecosystem.
Still there is one thing where Netbeans beats every other Java IDE easily: The matisse GUI builder is really fun to work with! For Java there's nothing even close. And for that alone Netbeans has a very well founded raison d'être. If it's GPL now, lets wait and see how long it takes for Eclipse to absorb that great tool. There's already a commercial port for MyEclipse, but it's not free or usable on vanilla Eclipse, yet.
What everybody should know better by now that:
...to the attention of an automated Secret Service agent, who recognized his voice from real time voiceprinting all maior-telco domestic calls
Exactly! RMS is a politician and 'free' software fundamentalist. We have at least two perfect licenses. BSD for almost total freedom and GPLv2 for freedom limited (and orthogonally promoted) by moralic constraints.
I don't want people like RMS pumping their politics into my software code's licenses! His crusade is purely political and belongs onto the political stage. That's why Linus' productive output surpasses Stallman's by a factor 1000. Man get a grip and produce stuff under whatever license you like. But if you don't even produce anything, but complaints, just shut up!
The original paper is much better than CmdrTaco's quick conclusions.
The described method is ONLY for SRAM (statical RAM), no DRAM, no SDRAM. You can find this on RFID chips and in a CPU'S cache, not in RAM. As there is no way to access a CPU's cache uninitialized, I can't see why this should be useful.
If you have to modify a CPU first, to allow access to it's unitialized caches (think about all the unwanted implications), it's much cheaper to just give it a thermal diode and register to poll (as most modern CPU's already have).
After all the described method is just another way of collecting thermal noise. As RFID's are custom designs most of the time, also there it would be cheaper to just use a thermal diode.
The only application for this would be if you had to develop strong crypto for legacy RFID chips.
Slashdot stories get worse by the day.
poor guy... :(
http://www.scene.org/redhound/AYB.swf ;)
The lecturer is no native English speaker. So sometimes you have to replace the word 'base' with 'scheduler'. The clip shows deep insight into what Con Kolivas really feels is going on right now.
http://www.scene.org/redhound/AYB.swf/
- The deal (for the GPS hardware and service) has been contraced to a vendor whose CEO is the President of the taxi garages' association.
- The association's Vice President for Business Development is the former First Deputy Commissioner of the TLC (NYC Taxi & Limousine Commission).
- The GPS vendor's Vice President of Operations is the TLC's former Deputy Commissioner of Safety and Emissions, the TLC officer in charge of all vehicle related issues.
No joke, look it up on google.being afraid of fags is fag
Skype's login servers usually don't carry much load compared to the mass of traffic routed directly between all nodes via P2P. My guess is they just got overrun because they were not prepared for the worst case: ALL clients trying to connect AT THE SAME TIME to their master. I bet Slashdot wouldn't be prepared for all of its users connecting at the same time, either. But it needs not to. It is never going to happen (why should it? - well how about December 1st, 1AM UTC everybody?). With Skype it's different. They should have been prepared for the case, that whenever their network would be down for whatever reason all clients would try to connect concurrently! Obviously they weren't prepared. If you watched the aftermath closely you could see that they started filtering by IP on day two. Only a certain number of clients were allowed to connect per IP range. They probably hired super expensive DoS emergency contractors to get this back up. A hack is still possible, but I rather guess that it brought the network down, but did not keep it from coming back up. That was Skype's own fault.
Indeed. Read the comments of the old article to easily understand why this 'news' is not only no news but complete BS.
1. Wrong. "Weak key" is a well defined cryptographic term. See e.g. http://en.wikipedia.org/wiki/Weak_key . What you're describing is just a bad cipher. If all keys are bad to the same degree the keys aren't called weak but the cipher.
It would be different if there were stronger keys additionally to the huge number of weak keys in the same set of the cipher you are talking about. This is not the case.
2. The seed's randomness is exactly what I was talking about. It's not what you are saying, that the "whole problem ist the algorithm". There is no algorithm in the world which can extract more than 16 bit randomness from a 16 bit seed (passphrase). So that's NOT the algorithm's problem, but people using too short passphrases.
What do you mean by "128 of data (into hex)". It doesn't need to be hex. 128 bit randomness are 4 bit per digit in hex. Using average passphrases you get about 2.5 bits per character, but more if you use the whole character set. So using passphrases or hex numbers gets you the same thing (in bits).
- He writes: "WPA is the replacement for weak WEP keys in the original 802.11b specification". This is wrong. "weak key" ist a crypographic term for - wonder - weak keys, like 128 bit, consisting of 1's only (1111111111111...). For like 30 years, even WEP, has taken measures to prevent this kind of keys during use. WEP's problem in fact is the deterministic generation of IV's of the keystream, not weak keys.
-
"Moskowitz advised choosing passphrases of more than 20 characters or generating random keys of at least 96 bits, but preferably 128 bits." That's also misunderstood. The PSK (pre shared key) even when not using 802.1X is always 256-bit. It's generated -from- a passphrase that you type in. A passphrase like "abc" e.g. contains less than 16 bits of security. So a WPA key generated from the passphrase "abc", although still being 256-bit, can be cracked within the time of a 16 bit brute force attack. This is done by simply generating WPA keys from all passphrases between "aaa" and "zzz". So you always use 256 bit keys (PSK's), but they can be generated from much smaller passphrases.
- "each user gets a long WPA key". See above. The keys are always the same size of 256 bit. When using 802.1X there is only maximum "randomness". That's the difference. It think the poster still thinks that WPA works like WEP where you actually use different key lengths.
One could think that I'm very picky about his words. I think not. Especially in cryptography it is important to know exactly what part of a cryptographic chain you're talking about, when talking about weaknesses. TinyPEAP seems to be just a tool for people like the original poster and script kiddies, who are in fact NOT knowing what they are talking about. It's just a bruteforce tool to try out WPA passphrases. This is supposingly faster for people using short passphrases than bruteforcing keys directly.You can play "Brain Pong", where the pads get controlled by your brain.
A revolutionary aspect is that you don't need to condition your state of mental conciousness to adopt to the interface (meditation, etc.) as many of the "old" systems mentioned here, but the computer algorithms actually adopt to YOU by intelligently analyzing your brainwaves.
You get 'recorded' when you imagine the pad going up and down and the algorithms do the rest.
This deal has already happend in April 2003!
Great information politics, Amiga Inc...!
Their only capital is the trust of some spirited, hard core nostalgians. These politics trash this completely..
rpp3po
Is that supposed to be improved security? There is no guarantee for participating countries that the reviewed code matches the acutal Windows binaries completely! (Is there even the possibility to check whatever they want?)
Government officials cannot browse the whole code base by themselves but must work with Microsoft's engineers in Redmond. And even if they could. If one does not have the possibility to compile his own Windows package out of the COMPLETE and verifiable source, there is always room for security leaks not detectable by governments.
So what's the big deal about this. Can a government be that blind? :)
O.k. stupid question..