For private communications, don't send encrypted emails. If the encrypted email is captured by a wiretap, the fact that the ciphertext could be decrypted by the recipient is enough to allow the authorities to force that recipient to decrypt it.
Instead, you should establish an encrypted connection, use it to exchange private information, then destroy the keys after the connection is closed. SSH is one protocol that does this automatically. That way, although a wiretap can record the ciphertext, the authorities cannot retrieve the encryption keys because they no longer exist. Your democratic right to privacy is preserved.
I wonder if any instant messaging programs have implemented this? If so, do they consider the possibility of man-in-the-middle attacks as SSH does?
Actually I was rather hoping that someone might have hit a similar problem, and would be able to suggest a workaround for the problem - either fixing NoMachine's broken behaviour, or suggesting another program that could be used for the same purpose. Failing that, a report along the lines of "It works fine for me" would also have been helpful, as the problem might be due to my particular hardware/software configuration. But thankyou for your comment anyway.
Actually I think you are wrong. It is known to be very difficult to simulate the timing behaviour of a complex CPU as found in modern desktop PCs, because the timing behaviour depends on so many factors. This has previously been a problem for real-time systems because programs on such complex CPUs have very poor timing behaviour in the worst case.
But it is also a problem if you are trying to hide a virtual machine, because the complexity of operation creates a sort of "timing fingerprint" that is unique to the CPU. The virtual machine would have to mimic this fingerprint correctly for every possible program in order to stay hidden, and current research suggests that this would be an intractable problem for a sufficiently complex CPU, let alone a multi-core architecture with many CPUs all accessing memory simultaneously!
The point is that a VM might be able to hide from a typical user, but it won't be able to hide from every piece of software that could be designed to detect it.
You should use full disk encryption, so that a thief can only steal the physical drive, not the data. These days, it is relatively easy to do using (for example) loop-aes on Linux, or perhaps whatever is built in to Windows. The speed penalty shouldn't be noticeable as the CPU core is much faster than the hard disk.
NoMachine's Linux server and client, for one example, rely on an ancient version of libstdc++ that sends you wandering all over Google trying to locate a copy of it.
I didn't have trouble with that myself, but NoMachine's Windows client does annoy me beyond belief. It refuses to coexist with fullscreen Direct3D applications, so if you want to play a game and use a remote Linux system, you have to reconnect every time you task switch out of the game. I cannot understand this behaviour as the NoMachine software doesn't use 3D features at all. Thanks to the combined magic of closed source software, and support that's reserved for paying customers, I have no way to fix it.
No, he makes a valid point. With a really accurate clock, you could use the time difference to detect (or confirm) the source of the signal. GPS works that way, and radio astronomers do use extremely accurate clocks for exactly this reason. The Earth is relatively tiny, but in the same sense, the speed of light is relatively slow.
Unfortunately the signal was only picked up at one observatory, a fact that suggests an error to me. If it had been independently detected elsewhere, that would be much more interesting.
oh wait, this is slashdot, where everything MS does is either evil, or poopy.
You are forgetting the XBox. Normal rules regarding Microsoft are reversed for XBox discussions. These take place in a parallel universe where DRM and platform lockin are considered Good Things, and you will be flamed for criticising MS products! However, this bizarre effect does not apply to Sony, who should be considered evil under all circumstances.
And the chances of Microsoft abandoning Vista? Zero. (Duh.)
I'm impressed to hear him speaking the truth for a change. Paraphrasing: "we're out of business because Linux does what we did, but for less money, and more flexibly."
But I still think he's a dick for trying to solve that problem by suing. Adapting to Linux would surely have been cheaper than all this legal action. They might even have made a profit...
Sufficiently advanced satire is indistinguishable from reality.
I expect to find your idea implemented in US and UK airports in the near future, and a long line of people queueing behind each scanner machine. Quite a few of whom will probably feel reassured that the terrorists are all being exposed by their anti-freedom thoughts.
I remember travelling by air shortly after that Russian guy was murdered using Polonium. There was "extra security" in place at the airport. (This only means that the queues were longer.) Later, I overheard a conversation in which two people agreed about the importance of the "extra security" - the Government had managed to convince them that the assassins were somehow a threat to all air passengers, even those that had never been part of the KGB.
Perhaps the airport security staff could reduce queueing for the brain scanner by looking for "face criminals"? Like anyone who looks unhappy, impatient, annoyed, or Middle Eastern...
Don't get me wrong! I like self being explicit... in fact, I have begun to use "this->" when I write C++ code.
I am interested to hear about nonlocal. That's almost the feature I was looking for. So thanks. Most informative.
I don't think it's a completely orthogonal issue, though, because if the scoping rules did work as in C++/Java, then there would be no need for either "self" or "nonlocal". But that would be a really major change to the language.
You have touched on a problem with Python that has always annoyed me. It's not "self", but it is one of the reasons why "self" has to be explicitly specified.
The problem is that Python does not distinguish between creating a variable and assigning a new value to an existing variable. This means that scoping doesn't work as well as it should. In particular, you can't do this:
def Parent():
v = 0
def Child():
v += 1
Child()
because Python cannot tell that the second v is the same as the first. You can access v from the Child() function, but you can't update it. There are ways around this problem, but they are ugly. That's why Python really uses self: so it knows which scope each variable belongs to. And it's a pain. There should be a way to explicitly specify the scope of variables without having to resort to ugly hacks. I am a big fan of Python, but it could be so much better...
That's a very unusual complaint about Python, which has great documentation. http://docs.python.org/ has info about everything bundled with Python (this is big -- "batteries included"). You can also get help from the Python interpreter by calling the built-in help() function, which takes a module, class or method name as a parameter. help() also works for many third party Python extensions.
I am surprised that none of your searches took you to docs.python.org. But perhaps you were using lots of third party extensions with their own documentation.
Ah no, that went way over my head. I couldn't resist an opportunity to complain about SecuROM, but with 1.5 million copies shipped, I doubt they really care...
I couldn't even play the Bioshock demo. I launched it from Steam, Steam said it was starting, and then... nothing. Nothing happened at all. No error messages, no log, no clue about what might have gone wrong.
All other Steam games work fine, but Bioshock is different because it includes SecuROM, even in the demo (!). Therefore, I suspect that SecuROM is to blame. So - no sale. Please try to make sure that showstopper bugs like SecuROM don't get through your QA process next time.
Doesn't matter. Before you unlock the files, you place a copy in escrow with the help of your lawyer. If the police copy differs from the escrow copy, then tampering is obvious.
The job you are talking about is quite easy on Linux because the only file that requires a special post-copy procedure is the kernel image - and even then, you only have to rerun lilo or grub. In fact you can copy an entire disk image using just "cp -a", and it will still boot if you update lilo or grub. The best way to upgrade a Linux system to a new hard disk is to do a copy in that way, with the target disk mounted somewhere in the current system. Then swap the disks, boot from a live CD, and run lilo or grub. Then upgrade the OS if you want once you are up and running. But if you do want to start with a clean install, just copy/home and any parts of/etc that you've changed.
You can use dd and netcat, as another reply suggests, but I've done this many times, and I think it's much better (and easier) to recreate the file system, not least because this provides a really easy way to resize the disk in either direction. It's also faster (dead space is not copied) and defragments the file system too. You only have to use tools like dd, Ghost, PartImage or ntfsclone when the OS acts against easy cloning by having lots of special files that have to be at specific locations on disk. (Every version of Windows has this "feature".)
This is a good reason to use full disk encryption. You can't tamper with such an image unless you know the key. If the police accuse you of a crime and confiscate your computer, you can refuse to unlock the hard disk data until you are certain that corrupt policemen will not be able to add new files to incriminate you. (Plus, if your machine gets stolen, the thief has no access to your data.)
But they don't need to implant RFID tags. All they need to do is sell you stuff that contains RFID tags. Eventually, everything you wear and everything else you carry will have at least one RFID tag in it. Then you can be accurately tracked by the average position of the cloud of RFID tags that surround you.
No-one is going to be chipping people en masse soon. Too obvious. They'll wait until everyone is RFID tagged in a de facto sense because of the number of RFID tagged items they have bought, and only then will the authorities introduce compulsory chipping "to protect the children" or "because of terrorists". And at that point, objecting to RFID tags will seem as pointless as objecting to compulsory ID cards in a world of credit cards and cell phones.
Seems to me that it searches all possible 64-bit words that could be given to SHA-1. It cleverly reorders the search so that the Hamming distance of each block is at most 2 bits from the previous block, which allows Virtex block RAM resources to be used as part of the hash hardware. FPGA engineers often only use block RAMs for caches, FIFOs and scratchpads, so it is interesting to see them being used as part of the pipeline in this way despite the two-port limitation.
So it doesn't search all possible inputs to SHA-1, but maybe you could use it in this situation:
SHA-1(salt, password) = hash
Given hash and salt, you can find password by a brute force search on this hardware (assuming password is less than 9 characters in length). This could be useful for obtaining user passwords from/etc/shadow when something like md5crypt is in use, although md5crypt might well be designed to defeat/slow down this type of attack, for example by using multiple rounds of hashing (as done by the older DES-based crypt program).
I think a really good application for these things might be international drug trafficking. They could fly long distances at night, staying below the radar and using GPS to find their way to the target zone. One group of smugglers would supervise takeoff in South America, another group would be waiting over in the States to land the aircraft by remote control when it arrived. This could shift millions of $s of pure product on every trip. UAVs have crossed the Atlantic, so this idea is not far fetched.
But I wouldn't recommend anyone suggest this to their local drug lord, even if you have a ready-made UAV that runs free software and has a cargo hold. Imagine having to explain to Mr Big that the plane disappeared en route, but you don't know exactly where or why, and imagine how pleased he won't be. Perhaps bribing customs is easier for now.
If marijuana were ingrained in our society like alcohol, a far more harmful substance, it too wouldn't remain illegal. Do you think alcohol should be illegal? If so, I wont bother trying to reason with you.
Personally, I'd have more respect for the grandparent poster if they wanted alcohol to be prohibited as well, because then at least their position on recreational drugs would be internally consistent. (I am making the presumption that alcohol is more dangerous than marijuana - but that is true according to any sensible criteria. Only one of the two substances is toxic and addictive, only one causes many thousands of deaths every year.)
Slashdot Mirror
For private communications, don't send encrypted emails. If the encrypted email is captured by a wiretap, the fact that the ciphertext could be decrypted by the recipient is enough to allow the authorities to force that recipient to decrypt it.
Instead, you should establish an encrypted connection, use it to exchange private information, then destroy the keys after the connection is closed. SSH is one protocol that does this automatically. That way, although a wiretap can record the ciphertext, the authorities cannot retrieve the encryption keys because they no longer exist. Your democratic right to privacy is preserved.
I wonder if any instant messaging programs have implemented this? If so, do they consider the possibility of man-in-the-middle attacks as SSH does?
Actually I was rather hoping that someone might have hit a similar problem, and would be able to suggest a workaround for the problem - either fixing NoMachine's broken behaviour, or suggesting another program that could be used for the same purpose. Failing that, a report along the lines of "It works fine for me" would also have been helpful, as the problem might be due to my particular hardware/software configuration. But thankyou for your comment anyway.
Actually I think you are wrong. It is known to be very difficult to simulate the timing behaviour of a complex CPU as found in modern desktop PCs, because the timing behaviour depends on so many factors. This has previously been a problem for real-time systems because programs on such complex CPUs have very poor timing behaviour in the worst case.
But it is also a problem if you are trying to hide a virtual machine, because the complexity of operation creates a sort of "timing fingerprint" that is unique to the CPU. The virtual machine would have to mimic this fingerprint correctly for every possible program in order to stay hidden, and current research suggests that this would be an intractable problem for a sufficiently complex CPU, let alone a multi-core architecture with many CPUs all accessing memory simultaneously!
The point is that a VM might be able to hide from a typical user, but it won't be able to hide from every piece of software that could be designed to detect it.
You should use full disk encryption, so that a thief can only steal the physical drive, not the data. These days, it is relatively easy to do using (for example) loop-aes on Linux, or perhaps whatever is built in to Windows. The speed penalty shouldn't be noticeable as the CPU core is much faster than the hard disk.
NoMachine's Linux server and client, for one example, rely on an ancient version of libstdc++ that sends you wandering all over Google trying to locate a copy of it.
I didn't have trouble with that myself, but NoMachine's Windows client does annoy me beyond belief. It refuses to coexist with fullscreen Direct3D applications, so if you want to play a game and use a remote Linux system, you have to reconnect every time you task switch out of the game. I cannot understand this behaviour as the NoMachine software doesn't use 3D features at all. Thanks to the combined magic of closed source software, and support that's reserved for paying customers, I have no way to fix it.
That's only because it has to be cross-referenced against every other citizen database run by the UK government.
No, he makes a valid point. With a really accurate clock, you could use the time difference to detect (or confirm) the source of the signal. GPS works that way, and radio astronomers do use extremely accurate clocks for exactly this reason. The Earth is relatively tiny, but in the same sense, the speed of light is relatively slow.
Unfortunately the signal was only picked up at one observatory, a fact that suggests an error to me. If it had been independently detected elsewhere, that would be much more interesting.
oh wait, this is slashdot, where everything MS does is either evil, or poopy.
You are forgetting the XBox. Normal rules regarding Microsoft are reversed for XBox discussions. These take place in a parallel universe where DRM and platform lockin are considered Good Things, and you will be flamed for criticising MS products! However, this bizarre effect does not apply to Sony, who should be considered evil under all circumstances.
And the chances of Microsoft abandoning Vista? Zero. (Duh.)
Cool. And you can rightly claim to have learned the Morse Code in order to get a decent Internet connection :).
I'm impressed to hear him speaking the truth for a change. Paraphrasing: "we're out of business because Linux does what we did, but for less money, and more flexibly."
But I still think he's a dick for trying to solve that problem by suing. Adapting to Linux would surely have been cheaper than all this legal action. They might even have made a profit...
Sufficiently advanced satire is indistinguishable from reality.
I expect to find your idea implemented in US and UK airports in the near future, and a long line of people queueing behind each scanner machine. Quite a few of whom will probably feel reassured that the terrorists are all being exposed by their anti-freedom thoughts.
I remember travelling by air shortly after that Russian guy was murdered using Polonium. There was "extra security" in place at the airport. (This only means that the queues were longer.) Later, I overheard a conversation in which two people agreed about the importance of the "extra security" - the Government had managed to convince them that the assassins were somehow a threat to all air passengers, even those that had never been part of the KGB.
Perhaps the airport security staff could reduce queueing for the brain scanner by looking for "face criminals"? Like anyone who looks unhappy, impatient, annoyed, or Middle Eastern...
Don't get me wrong! I like self being explicit... in fact, I have begun to use "this->" when I write C++ code.
I am interested to hear about nonlocal. That's almost the feature I was looking for. So thanks. Most informative.
I don't think it's a completely orthogonal issue, though, because if the scoping rules did work as in C++/Java, then there would be no need for either "self" or "nonlocal". But that would be a really major change to the language.
The problem is that Python does not distinguish between creating a variable and assigning a new value to an existing variable. This means that scoping doesn't work as well as it should. In particular, you can't do this: because Python cannot tell that the second v is the same as the first. You can access v from the Child() function, but you can't update it. There are ways around this problem, but they are ugly. That's why Python really uses self: so it knows which scope each variable belongs to. And it's a pain. There should be a way to explicitly specify the scope of variables without having to resort to ugly hacks. I am a big fan of Python, but it could be so much better...
That's a very unusual complaint about Python, which has great documentation. http://docs.python.org/ has info about everything bundled with Python (this is big -- "batteries included"). You can also get help from the Python interpreter by calling the built-in help() function, which takes a module, class or method name as a parameter. help() also works for many third party Python extensions.
I am surprised that none of your searches took you to docs.python.org. But perhaps you were using lots of third party extensions with their own documentation.
Ah no, that went way over my head. I couldn't resist an opportunity to complain about SecuROM, but with 1.5 million copies shipped, I doubt they really care...
I couldn't even play the Bioshock demo. I launched it from Steam, Steam said it was starting, and then... nothing. Nothing happened at all. No error messages, no log, no clue about what might have gone wrong.
All other Steam games work fine, but Bioshock is different because it includes SecuROM, even in the demo (!). Therefore, I suspect that SecuROM is to blame. So - no sale. Please try to make sure that showstopper bugs like SecuROM don't get through your QA process next time.
Doesn't matter. Before you unlock the files, you place a copy in escrow with the help of your lawyer. If the police copy differs from the escrow copy, then tampering is obvious.
The job you are talking about is quite easy on Linux because the only file that requires a special post-copy procedure is the kernel image - and even then, you only have to rerun lilo or grub. In fact you can copy an entire disk image using just "cp -a", and it will still boot if you update lilo or grub. The best way to upgrade a Linux system to a new hard disk is to do a copy in that way, with the target disk mounted somewhere in the current system. Then swap the disks, boot from a live CD, and run lilo or grub. Then upgrade the OS if you want once you are up and running. But if you do want to start with a clean install, just copy /home and any parts of /etc that you've changed.
You can use dd and netcat, as another reply suggests, but I've done this many times, and I think it's much better (and easier) to recreate the file system, not least because this provides a really easy way to resize the disk in either direction. It's also faster (dead space is not copied) and defragments the file system too. You only have to use tools like dd, Ghost, PartImage or ntfsclone when the OS acts against easy cloning by having lots of special files that have to be at specific locations on disk. (Every version of Windows has this "feature".)
This is a good reason to use full disk encryption. You can't tamper with such an image unless you know the key. If the police accuse you of a crime and confiscate your computer, you can refuse to unlock the hard disk data until you are certain that corrupt policemen will not be able to add new files to incriminate you. (Plus, if your machine gets stolen, the thief has no access to your data.)
Last time this piece of news was discussed, someone helpfully posted a solution for your Linux firewall.
But they don't need to implant RFID tags. All they need to do is sell you stuff that contains RFID tags. Eventually, everything you wear and everything else you carry will have at least one RFID tag in it. Then you can be accurately tracked by the average position of the cloud of RFID tags that surround you.
No-one is going to be chipping people en masse soon. Too obvious. They'll wait until everyone is RFID tagged in a de facto sense because of the number of RFID tagged items they have bought, and only then will the authorities introduce compulsory chipping "to protect the children" or "because of terrorists". And at that point, objecting to RFID tags will seem as pointless as objecting to compulsory ID cards in a world of credit cards and cell phones.
So it doesn't search all possible inputs to SHA-1, but maybe you could use it in this situation:Given hash and salt, you can find password by a brute force search on this hardware (assuming password is less than 9 characters in length). This could be useful for obtaining user passwords from
Slightly dead is mostly alive! There's hope for Vista yet!
You could carry 5kg on board a UAV.
I think a really good application for these things might be international drug trafficking. They could fly long distances at night, staying below the radar and using GPS to find their way to the target zone. One group of smugglers would supervise takeoff in South America, another group would be waiting over in the States to land the aircraft by remote control when it arrived. This could shift millions of $s of pure product on every trip. UAVs have crossed the Atlantic, so this idea is not far fetched.
But I wouldn't recommend anyone suggest this to their local drug lord, even if you have a ready-made UAV that runs free software and has a cargo hold. Imagine having to explain to Mr Big that the plane disappeared en route, but you don't know exactly where or why, and imagine how pleased he won't be. Perhaps bribing customs is easier for now.
If marijuana were ingrained in our society like alcohol, a far more harmful substance, it too wouldn't remain illegal. Do you think alcohol should be illegal? If so, I wont bother trying to reason with you.
Personally, I'd have more respect for the grandparent poster if they wanted alcohol to be prohibited as well, because then at least their position on recreational drugs would be internally consistent. (I am making the presumption that alcohol is more dangerous than marijuana - but that is true according to any sensible criteria. Only one of the two substances is toxic and addictive, only one causes many thousands of deaths every year.)