This is a great way to pass data very secretly. All you'd need to do is touch someone and you transfer 10Mb/s.
10Kb/s is plenty for secret messages.. and you have 2^10 times more than that to play with.
Perfect for secret corporate data transfers (trading secret info), spy data, insider stock tips, trading public keys (or even one-time pads), or many other interesting "walk near me" data transfers.
Im choosing a number between 2^0 and 2^69. If you dont get it the first time (or in 56 hours), Im using obscurity to hide the number.
Sheesh, guess you're good at parroting out the line, but security by obscurity does in fact work. Though, obscurity is best effective when mixed with true hardness.
---Hmm...but SHA is a hashing (i.e. one way) algorithm, and Blowfish is an encryption (i.e. bidirectional) algorithm. (For more on this, see the page you actually linked to.)
Im kinda confused.. From what I understand, a hash is like a modulus. Easy to get, but an infinite sets of data that it can be derived from (Think how many division problems have a remainder of 1..). Essentially, this equasion has a 1 to infinity relationship.
Now, an Encryption mechanism is a 2-way function. This function, compared to the data, has a 1 to 1 relationship.
My confusion lies in the actual difference between the 2. Couldnt the full-blown encryption be just as good as the hash? I know the sizes between the 2 are quite varied.
From what next I understand about hashes (amateur mathematician), the collision points on a 128 bit hash are 2^128. So, if you were to find a hash of hash(X), it would have 1 answer on a domain of 2^128.
So, wouldnt it have 2 answers on 2^129, 4 answers on 2^130 and so on?
Well, going into my main point about the hashes, couldnt you harden a hash by including exact bitsize of document/file you need hashed? WHen I mean included, I mean as the last line not counted in the line/char counter. (sort of like not counting the PGP wrapper data).
And as another hardening idea (which I think isnt very good.. but its an idea) is by using a semirandom forumula (the way Linux makes/dev/urandom) and computing a sort of a random-jumping-around hash of specific locations and include that hash. An example of what I mean is by getting 10 bits around this document, and then xor'ing them together. So, even if you could find a collision , it had better be the same size, and those specific bits had better be correct.
---So you don't use SHA-1 as an encryption algorithm for stuff like SSH, etc., because, well, you can't. Well, you can encrypt, but good luck decrypting:-)
Err... I might be wrong, but I believe you can technically 'decrypt' text phrases shorter than 128 bits, as they have only 1 solution within 2^128.
Better yet, is to use Credit Cards AGAINST bad businesses like Blockbuster.
Talking in a stern manner, whilst using strong terms as : Unauthorized, Theft, Illegal, and other power words and start some serious proceddings against BB.
When this shit starts hurting BB's mail line, awwwwww;)
Its kinda funny, I have a Linux server exposed to the outside and it was being targetted by kiddies.
I set the firewall rules up, all that stuff. And then I installed a rootkit on it.
Why, you ask? A rootkit offered me better security as I could watch without Being watched.
When the kid overflows your FTP server and has a terminal, whats better to do: watch as some other user, or watch as a super-root and not be anywhere on any name or process list?;-)
Seems to me you dont operate in a real server environment. Any real semi or full critical servers (or farms) of any OS should not be updated unless YOU update it.
Whether it be Linux, Windows, Mac, OpenVMS.. You should understand what the patches fix, what they break, and what they just plain modify. And after pushing a patch to a test server, only then you should push the patches at that time.
And if you're running on big iron, you create a new zone and test your patches in there.. A jail would work too, but I digress.
---Of course not. But, if someone sells you a car, and you have the title signed over to you, you can then register the car with your state, and be allowed to drive on public roads with no problems.
Why in the hell do you have to register "vehicles"? What makes them different than.. computers, software, kitchen ovens, books, or any other possessable inanimate object?
On the Princeton site (which now is down) they had 2 sections. One was "Scientific data" and the other was "Artistic and feeling".
The scientific side had a page mentioning the RNG capturing devices. All use a quantum-based RNG. They have a multitude of devices from either made themselves and company-prefab 'for the laboratory' RNG's.
The key here is they all use quantum-based randomness generators.
Read and find out. They even used a commercial-random unit.
Multiple methods, XOR'ed and added.. Never the less, looks darn random.
Past that, I'd sure like to try to try to deviate random quantum events by my mind. You know, put a personal test to it. Course it wont make it "real".
There's a way you can be a real ass about that situation, whilst running all 4 of your CPUs.
First, it can be easier if you were running Linux, but the way it sounds, youre running solaris, right?
Well, if you do happen to be running Linux on this, just nab the 2.6 kernel, and make a Usermode Kernel. Run Oracle under the UML kernel, where it cant touch any hardware at all, without going through an abstraction layer. What it doesnt know wont hurt it. Even better yet, you could run this "Kernel Job" on proc #3 and give it sole prio over that CPU (in other words, run only that process- the UML process).
Since, you're probably running Solaris, I believe there's 2 possibilities.. For one, VMware I believe can run on that architechure. Just do with VMware what you can do with UML Kernel. Run it on last CPU like UML. Sits there happy as a clam at high tide.
The last possibility is what Im not completely not sure of. I believe the new solaris had UML-like capability and to partition hardware resources to seperate "Computers". Since Im not quite sure, I'll have have you go look at Sun's website about possibly looking down that path of execution (heh I made a funny).
Nevertheless, if there's a method of little overhead that partitions hardware resources, it's something you ought to look into.
Still, Ive seen some reallly far out articles that I'd never expect even K5 to accept. One was on a D&C howto. Yes, a HOWTO...
Ive also seen some quite conservative pieces there too. They just have to be good.
And as a last note, about the troll culture there, Its funny.. Ive seen the trolls (Circle times square, tex bigballs, and the like) talk quite intellectually with the owner;)
Err, calling a company who makes things, sells things, repairs, and sets things up like clockwork is like McDonalds.
For example, you bought a Big Mac and they did something bad and you didnt like it, after you eat 1/3 of the burger. They apologise and take burger, and give you new one.
You now have the same type of burger, same size.. same everything. Quick, easy, cheap.
The same works for Dell. Bad ram? Call em up, tell em you ran Dell Diagnostic and it said ram was bad. Wham bam thank you maam. Shipment already in works. It'll get there in 1 day.
---So, why aren't all the gun and ammo manufacturers deemed guilty of contributory murder?
Wonderful question. Even a lockpick could be ( we're looking at could-be's here.. Thats what the court would probably do) construed to help get around you being locked out of your own possessions or property.
A gun is a machine intended to make inaccurate holes in fleshy objects. Rifles and shotguns at least can be used in hunting sports. Well... handguns arent used normally in hunting. So, they are accessory in murder, right?
*as a note, Im a member of NRA and heavy supporter of 2'nd amendment.
Slashdot Mirror
Thats what my sisters' machine is running with right now!
;)
And it had a cap knocked off, and still cranks frames
Have a "Copyright flag". Why is it no program supports it?
This is a great way to pass data very secretly. All you'd need to do is touch someone and you transfer 10Mb/s.
10Kb/s is plenty for secret messages.. and you have 2^10 times more than that to play with.
Perfect for secret corporate data transfers (trading secret info), spy data, insider stock tips, trading public keys (or even one-time pads), or many other interesting "walk near me" data transfers.
Just void warranty on people/companies who use 3'rd party "ink" unless it's 'certified' to work with the printer.
And for some uses, I can see why a 3'rd party ink is worse in certain printers..
I still like the 5 cartridge cheap-o-ink Epson's. The reps actually encourage by saying "We dont do Lexmarks Scheme of lockins".
Wow, whats this /etc/shadow file? Better grab it to *ahem* back it up.
*runs a permutation-based dict attack on the md5 sums*
Wow, who's this admin running his password as.. Password?
---Security through obscurity is not safety
You dont say..
Im choosing a number between 2^0 and 2^69. If you dont get it the first time (or in 56 hours), Im using obscurity to hide the number.
Sheesh, guess you're good at parroting out the line, but security by obscurity does in fact work. Though, obscurity is best effective when mixed with true hardness.
---Hmm...but SHA is a hashing (i.e. one way) algorithm, and Blowfish is an encryption (i.e. bidirectional) algorithm. (For more on this, see the page you actually linked to.)
/dev/urandom) and computing a sort of a random-jumping-around hash of specific locations and include that hash. An example of what I mean is by getting 10 bits around this document, and then xor'ing them together. So, even if you could find a collision , it had better be the same size, and those specific bits had better be correct.
:-)
Im kinda confused.. From what I understand, a hash is like a modulus. Easy to get, but an infinite sets of data that it can be derived from (Think how many division problems have a remainder of 1..). Essentially, this equasion has a 1 to infinity relationship.
Now, an Encryption mechanism is a 2-way function. This function, compared to the data, has a 1 to 1 relationship.
My confusion lies in the actual difference between the 2. Couldnt the full-blown encryption be just as good as the hash? I know the sizes between the 2 are quite varied.
From what next I understand about hashes (amateur mathematician), the collision points on a 128 bit hash are 2^128. So, if you were to find a hash of hash(X), it would have 1 answer on a domain of 2^128.
So, wouldnt it have 2 answers on 2^129, 4 answers on 2^130 and so on?
Well, going into my main point about the hashes, couldnt you harden a hash by including exact bitsize of document/file you need hashed? WHen I mean included, I mean as the last line not counted in the line/char counter. (sort of like not counting the PGP wrapper data).
And as another hardening idea (which I think isnt very good.. but its an idea) is by using a semirandom forumula (the way Linux makes
---So you don't use SHA-1 as an encryption algorithm for stuff like SSH, etc., because, well, you can't. Well, you can encrypt, but good luck decrypting
Err... I might be wrong, but I believe you can technically 'decrypt' text phrases shorter than 128 bits, as they have only 1 solution within 2^128.
Better yet, is to use Credit Cards AGAINST bad businesses like Blockbuster.
;)
Talking in a stern manner, whilst using strong terms as : Unauthorized, Theft, Illegal, and other power words and start some serious proceddings against BB.
When this shit starts hurting BB's mail line, awwwwww
Its kinda funny, I have a Linux server exposed to the outside and it was being targetted by kiddies.
;-)
I set the firewall rules up, all that stuff. And then I installed a rootkit on it.
Why, you ask? A rootkit offered me better security as I could watch without Being watched.
When the kid overflows your FTP server and has a terminal, whats better to do: watch as some other user, or watch as a super-root and not be anywhere on any name or process list?
I dont know..
Well, for Linux at least, perhaps making a requirement in the driver so that when X number is dialed, it requires root passwd.
So, even if youre root, you get re-authorization that you actually intend to call 911.
It's an API emulator.
Translates Win32 control lang to X-api control lang.
Err, excuse me?
Seems to me you dont operate in a real server environment. Any real semi or full critical servers (or farms) of any OS should not be updated unless YOU update it.
Whether it be Linux, Windows, Mac, OpenVMS.. You should understand what the patches fix, what they break, and what they just plain modify. And after pushing a patch to a test server, only then you should push the patches at that time.
And if you're running on big iron, you create a new zone and test your patches in there.. A jail would work too, but I digress.
---Of course not. But, if someone sells you a car, and you have the title signed over to you, you can then register the car with your state, and be allowed to drive on public roads with no problems.
Why in the hell do you have to register "vehicles"? What makes them different than.. computers, software, kitchen ovens, books, or any other possessable inanimate object?
On the Princeton site (which now is down) they had 2 sections. One was "Scientific data" and the other was "Artistic and feeling".
The scientific side had a page mentioning the RNG capturing devices. All use a quantum-based RNG. They have a multitude of devices from either made themselves and company-prefab 'for the laboratory' RNG's.
The key here is they all use quantum-based randomness generators.
So yes. This experiment does as you say.
***Poster flames topic at hand.. "Stupid pile of horseshit never gonna happen"
Ok, going from a very scientific standpoint, there's abnormalities occuring at random number generators at roughly the same time.
What is causing them?
1. Bad hardware?
No, cause they use a multitude of RNG equipment with different ways to make the RNG's.
2. Electric surges?
No, the "eggs" or RNG devices are in different parts of the world.
3. Radiation?
Thats a source of randomness, yet we see un-randomness.
4. Earthquakes?
Possible. Do spikes coorelate with known seismic activity?
5. Neutrino emissions?
The detecters with superpure water should eliminate/validate this.
6. Deviations of Schumann resonance?
Perhaps data from Berkley can clear that up...
Is there ANY global natural phenomena that could make this data consistently go.. 'weird'?
http://noosphere.princeton.edu/reg.html
Read and find out. They even used a commercial-random unit.
Multiple methods, XOR'ed and added.. Never the less, looks darn random.
Past that, I'd sure like to try to try to deviate random quantum events by my mind. You know, put a personal test to it. Course it wont make it "real".
---And for a long time I've had a strange feeling about November 2006. I guess I'll just have to wait and see.
The human creation of a miniture Black Hole.
There's a way you can be a real ass about that situation, whilst running all 4 of your CPUs.
;)
First, it can be easier if you were running Linux, but the way it sounds, youre running solaris, right?
Well, if you do happen to be running Linux on this, just nab the 2.6 kernel, and make a Usermode Kernel. Run Oracle under the UML kernel, where it cant touch any hardware at all, without going through an abstraction layer. What it doesnt know wont hurt it. Even better yet, you could run this "Kernel Job" on proc #3 and give it sole prio over that CPU (in other words, run only that process- the UML process).
Since, you're probably running Solaris, I believe there's 2 possibilities.. For one, VMware I believe can run on that architechure. Just do with VMware what you can do with UML Kernel. Run it on last CPU like UML. Sits there happy as a clam at high tide.
The last possibility is what Im not completely not sure of. I believe the new solaris had UML-like capability and to partition hardware resources to seperate "Computers". Since Im not quite sure, I'll have have you go look at Sun's website about possibly looking down that path of execution (heh I made a funny).
Nevertheless, if there's a method of little overhead that partitions hardware resources, it's something you ought to look into.
Just an idea
Still, Ive seen some reallly far out articles that I'd never expect even K5 to accept. One was on a D&C howto. Yes, a HOWTO...
;)
Ive also seen some quite conservative pieces there too. They just have to be good.
And as a last note, about the troll culture there, Its funny.. Ive seen the trolls (Circle times square, tex bigballs, and the like) talk quite intellectually with the owner
There's also Zildjan. - Middle Eastern Cymbal maker.
;)
Any percussionist worth their salt knows that one
Thankya, I try real hard ;)
Err, calling a company who makes things, sells things, repairs, and sets things up like clockwork is like McDonalds.
For example, you bought a Big Mac and they did something bad and you didnt like it, after you eat 1/3 of the burger. They apologise and take burger, and give you new one.
You now have the same type of burger, same size.. same everything. Quick, easy, cheap.
The same works for Dell. Bad ram? Call em up, tell em you ran Dell Diagnostic and it said ram was bad. Wham bam thank you maam. Shipment already in works. It'll get there in 1 day.
---So, why aren't all the gun and ammo manufacturers deemed guilty of contributory murder?
Wonderful question. Even a lockpick could be ( we're looking at could-be's here.. Thats what the court would probably do) construed to help get around you being locked out of your own possessions or property.
A gun is a machine intended to make inaccurate holes in fleshy objects. Rifles and shotguns at least can be used in hunting sports. Well... handguns arent used normally in hunting. So, they are accessory in murder, right?
*as a note, Im a member of NRA and heavy supporter of 2'nd amendment.
The quick jab wasnt intended at you specifically, but to the law in general..
As the main article said, you get in "more trouble" to download a song than you would to shoplift it. Sad state of affairs.
---On the other hand, most systems for trading such material online also encourage downloaders to upload.
Oh, thats right. These days, youre now responsible for _others_ actions.