At first jab I really wanted to take a jab at that, I really did. Some others have posted some excellent points this way and that about FRB (I'm tired of typing it) and looking at it all I'm inclined to think that FRB is done well. Really well. Take a look at all the wonderful things a healthy strong credit system can and has done. Lines of credit to smooth out payroll and unexpected expense, people building homes and investing into the community and economy at large, new business and old alike benefiting from the stability of others. Really good stuff.
Now, on the reverse of that same token there is also the ugly truth that the system is larger, more subtle, complex, and faster than it was ever imagined (not itself a flaw) but also more-so on every account than it NEEDS to be. The global economy would get on just fine if even a small percentage of the current trading took place and more (if not total) human supervision was enforced. The only liquidity that a market requires is that which is needed to balance incoming and outgoing money (forgive the gross simplification) and any changes in position that the "players" wish to make (for example, moving stock from Apple to IBM on the careful and considered opinion of a fund manager. He needs sellers and buyers within a reasonable time and he needs them to also behave reasonably to pricing and the market)
These needed transactions, amplified to the volume of the needs of humanity, are diminutive along side the volume that the market supports out of misguided attempts to skim money from the market. See, money coming and going is a pretty balanced game and stocks only generate real value when the company buys them back or issues a dividends. The rest is everyone throwing money around at each other.
The amount of money moved is staggering. Beyond the mortal ken. It also moves faster and in ways outside out control. Money won't, contrary to popular belief, disappear should something go awry. It will end up in the wrong places, though. The people who were throwing money around expecting to get more back suddenly find themselves dealt out of the game. This is the problem. The risk of a subset of the banking and financial populace to suffer harm is real. It is compounded by the desire to extract some of that money zipping around. Risks are taken, balanced against with the best of intents (at least from the point of view of the balance sheets) and as much caution as seems needed.
In the end when these players find themselves short handed or in a bad way for one reason or another they try to move the blame around. Sometimes the force of government is enlisted to change the rules. They sometimes beg to make the game more lively (to try and keep it moving as fast as it can) or to withdraw a tactic from allowed use so that nobody feels the sting anymore. These changes rarely have the effects intended (yes, I'm trying to give the law makers, on the whole, some benefit of the doubt. It is too messy otherwise.)
Back to your original point (and I did have this in mind) it is true that Full Tilt Poker was taking risks beyond their means to remediate them and, I think, that it is comparable to an aspect of the financial system. However I find it much more akin to the internal and large scale strategies of banks than to the details of the FRB system.
To steal a quote from the late Douglas Adams (or was it Gaiman who penned the line?):
Banks move in extremely mysterious, not to say, circuitous ways. Banks do not play dice with money; They play an ineffable game of Their own devising, which might be compared, from the perspective of any of the other players*, to being involved in an obscure and complex version of poker played in a pitch-dark room, with blank cards, for infinite stakes, with a Dealer who won't tell you the rules, and who smiles all the time. * ie., everybody
There is a good reason that casinos have to be able to cover every bet they make. Looking over the rules (beware, this thing is dense to the point of being dangerous) http://gaming.nv.gov/documents/pdf/06feb23_bankroll_instr.pdf it seems that in Nevada casinos do, in fact, need to have enough cash on hand or available the very next business day to cover all bets and chance events that are conceivable to within a rather generous statistical margin.
The comparisons to fractional reserve banking, though provoking, are also in contradiction with laws that are in place for good reason.
Now comparing the financial system to a casino... Well, I'll not press my luck. The casinos get jealous seeing someone else do it better. Even my far right wing family 'plays' the stock market and they think gambling is a sin.
The statement that I was in disagreement with was "You don't reuse openssh keys, either. It is one private key pair per host."
Bullshit unless there is something that I'm missing. Keep one private key / public key pair and use the public key on all things you want to access. Keep the private key private (read: in a private place, encrypted. As is traditional.)
Is there some problem with re-using your public key on several servers? I think not.
Those are just pubic facing servers, not the dev team's workflow boxes. However, even if they were their source code management tool, git, exposes every change made by anyone for all time. It is simply that nature of git. Check it out if you want details. Even if they didn't use git the maintainers and anyone with clean copies (per-breach) can simply run a diff on the source code vs any new "untrusted" copy they may see.
Since they've made the breach public and the aforementioned steps to detect any modifications are trivial for anyone to perform (Linux is not mirrored on github, a public git repository and absolutely wonderful site) there is a very low risk to anyone and zero risk now.
I'm not going to stand on a soap-box here but I'll just say this:any decent company or organization that is the victim of an attack such as this should have procedures and systems in place that render it as harmless as this one. Think of the impact of this hack compared to others in the recent past and near future. It might provide a wonderful 'dos and don'ts' guide
Think of it this way, all orbital changes take energy. Now that is obvious but bear in mind that ALL orbital changes take energy. What I'm getting at is that the velocity for a satellite determines its altitude range (or just it's altitude in the case of a circular orbit).
Since any change in velocity takes energy (fuel) and the difference between an orbit that is 100% clear of the atmosphere is a vastly different energy than one that is mostly or all in it. Now, on the other hand if you intentionally make the orbit highly elliptical you can have the satellite skim the outer atmosphere at closest approach. Sounds like they BARELY got there and the thing to keep in mind about the upper atmosphere is that it is not a solid line "atmosphere starts here" and even at a given altitude the density varies wildly.
Seems like they got it into as elliptical an orbit as they could and then had to rely on atmospheric breaking in an atmosphere that might be described as a "soft vacuum" in a laboratory. With those sorts of time scales and depending on the atmosphere it is little wonder that the target and timeframe were what they were. "Earth" and "sometime in the next X years".
As it get closer to re-rentry they will be able to make much better predictions but the last few orbits will eat the majority of the speed (exponential decay) so there isn't much to do till then but keep watching and waiting.
Now it STILL might get broken. Attacks better than brute force are always the largest threat. However nobody need worry about the brute force computer to break their codes. Not even quantum computers help here, by the way. See Grovers Algorithm. Preview: "Grover's algorithm is a quantum algorithm for searching an unsorted database with N entries in O(N1/2) time and using O(log N) storage space" Not so good.
Part manufacturer A wants to sell a product X. Customer B, C, D, E, and F all use the standard that pert X conforms to. Profit for you, lower cost for them for using a standard part!
As opposed to creating customer EVERYTHING for everyone.
Or, in the vein of your signature: "Specs? That's too geeky. Just make it go." Electrical characterization and testing for custom everything isn't trivial and having standards that you know a part conforms to aids in reducing that significant engineering cost.
So just because Best Buy can't service it does not mean that the standard is for nothing.
I'm not a Microsoft user or programmer, but I've worked with both. C# is very very nearly Java at first blush and if you are comfortable in Java you will be comfortable in C#. Go with mono and you've got your cross platform. There aren't as many libraries as there ae for Java, but it seems that the core is a bit stronger.
Your Mileage May Vary and I've not even seen C# doing GUI work, but it has to be better than swing in both ease of use and looks.
When it gets down to it I don't think that we have the processing power or knowledge to emulate the biological processes and even if we could we would then have to understand their output.
Why not design a connectomics informed system that mimics the neural retina and visual system? Something that takes the results of research like this and uses true biologically informed computing to do what neural systems are good at and silicon based systems are not so good at? After all, what they are looking at is a system that works like a retina works (more like a video camera and not a still camera)
The eyes do not "see" in the sense of processing information. They turn light into nerve impulses. Ho-Hum. We've got that, in fact this isn't about that at all. They are dealing with already captured data anyway.
so why not go to the biology which is really good at comparing like streams of information and making like or not like decisions.
Yeah, biology is really good at making decisions. Shame that not a single person on earth has a system that can replicate it. Nothing even close. Biology is fantastic, but it falls over flat when we try to replicate it on a computer. This is due in large part because a brain tends to have more "power" to throw at the problem by many orders of magnitude. It is also differently abled compared to a computer, we can't just scale up and hope to emulate it, need the special hardware-software combo that is our beloved wetware.
Let us say that a bio-technical solution was somehow brought to bear on this problem, someone wasted a wish perhaps. Then you get... what? What biological process or technique can be used here? The ability of mamals to discern individual objects in a scene? Then how to classify them? After a scene has been broken down by the biological side how is it turned into useful information? The mind would have to hand off some information at some point. Images suck because computers can't do that well yet (hence this project) and tokens representing actions and objects seems impossible for quite some time, it would resemble the complexity of a human mind.
Nothing in biology can be applied to this problem directly, only perhaps simple ideas applied rigorously. Stop spouting your favorite rubbish.
In order to give your eyes something to focus on in the first place you'd need to CREATE the plenoptic field that matches the scene. Read: holography of a sort.
Plenoptic functions as I understand them in brief:
The electromagnetic field requires 5 degrees of freedom for each photon. 3 of space and 2 for direction. -A plenoptic camera can cheerfully ignore one of the degrees of freedom (depth) since all of the light is hitting a plane. This is what allows it to re-focus. It does not, in fact, capture depth like it is often said. It captures the angle of the incoming light. -Lenses bend light. The focus of a lens is chosen to make the light coming in at certain angles (the depth of focus) bend and converge on to a plane: the sensor. -Knowing the angle of the light that came into the camera you can then choose to "focus" on a particular plane by, in short, figuring out where the light would have hit had the focus been different.
In order to give a display the ability to send out light which out eyes can focus on naturally the display would need to be able to send photons out in a pattern that matched the simulated environment at the cross-section of the screen. In short it would have to be able to send arbitrarily colored light in arbitrary directions from every pixel on the screen (4 degrees of freedom. 2 for space and 2 for direction, just like the camera but sending not capturing). Each pixel would have to be able to send not just one color in one direction but many colors in many (related) directions. All of those directions are directly at various parts of the lens of your eye. This is tantamount to holography, but achieved in a different way. Nice thing to have, though: this could be viewed glasses free for almost everyone because it could send out light in such a way that it "corrected" your vision. No glasses, even prescription, required!
I hope that it is now obvious that it would not simply be enough to know where your eye was focused. Don't expect this very soon. If the stagnation of holography is an indicator this is a tough problem to crack from any direction.
I abridged too far =p I do know it isn't SQL, I should have said "This is a standard ACID Compliant database like MySQL, PostreSQL, Oracle, and SQLite".
The abridged version: Atomicity: actions or sets of actions complete or they don't. No half states. Ever. Consistency: The database has rules. Rules like, "this can only be X when X exists in this other table" or "You cannot put a picture of a jabberwocky in this column." The rules are always obeyed even if one transaction fails. The DB itself will still be clean. Isolation: Everything accessing the DB views it as if it were the only thing accessing the DB. Durability: If the DB tells you it happened that means that you could yank the network jack, axe the power, or any other Bad Thing(tm) and so long as the disks are still there and intact your data also will be.
That is SQL. NoSQL: Pick three, or two.
Is it faster? You bet your ass it is. The limitations are, generally, that the DB won't do things like JOINs for you, or perhaps you have to deal with the idea of a half state, etc. Aside from ACID guarantees being, generally, broken the DB might act more as a key->value lookup (think a dictionary or encyclopedia, but with data). It might not have rigid fixed columns (some SQL databases do this too, but it is not a standard feature and generally comes with more cost vs a NoSQL that offers it).
NoSQL is useful, though, if you have a tremendous (REALLY REALLY huge, I mean it has to be worth it!) data set or some strange demanding special need. Some things don't need isolation because the actions are intrinsically isolated (Slashdot comments, for example, are just appended and only one column needs to be mutated (the moderation)) . Durability might not need to be met at the disk level, you might be comfortable with writing it to two node's memory (Cassandra even lets you return after it is in the target node's memory and after it has been flushed to the network send buffer. You know, to kill those pesky nanoseconds of latency). If your nodes are good and isolated this might be fine. Atomicity might not be a big deal.... though I can't think of any that don't provide THIS. Atomicity is really rather important almost everywhere. Getting rid of fixed tables or "relations" (foreign keys) makes consistency a non-issue. Consistency is one of the first things to be tinkered with in most of these NoSQL things, though it is not 100% gone (still can't put that jabberwocky in that int column!)
So by trading off some guarantees for a more simplistic DB one can gain speed and some degree of burden can be lifted from the programmer to work within the confines of that guarantee system. However, an ACID SQL system is universal (can store anything and meet any guarantees you require, but not necessarily quickly). NoSQL systems only work for some workloads and requirements. Almost (but not quite) anything can be shoehorned into them but weather it is a good idea remains a question to ask before you dive right in. If you can see gain from NoSQL then it might be a good idea, but don't paint yourself into a corner where you trade a working system of moderate speed for a blazingly fast system that has subtle (or blatant!) flaws which effect your company or customers.
What are your thoughts on the energy storage dreams floating around behind the starry eyes of so many and the thoughts that enough power can actually be produced with non-nuclear non-fossil-fuel methods to not only meet current demands but keep up with the growing demand? I appreciate your directness and insight and would love to know.
Geospatial technology? Breakthrough? Worried about more data?
This article reads like an add for cosmetics! "They can't handle the data, we made it shiny and all their problems went away!" REALLY? They drew some heat maps and used existing data to identify choke points. OoooOOHHHHHHH! Now I'm some kinda of impressed. And to do what, exactly? Make rolling blackouts easier to manage? Create jobs so some monkey looking at shiny data can ask plants to ramp up? Or press a button to activate some SCADA function?
Give me a break. This is a tremendous waste of technology. Something like it was surely wanted, perhaps warranted, but this stinks of "data overload"
They've just turned a gigantic dataset into a gigantic waste of money instead of a tool. Let me know how it all turns out.
Nope, no jets. In the production version there will be some air pumped into the bearing area to keep it "inflated" but the layer of air is about 0.003" thick and sitting between a plate rotating at 2K+ rpms and a non-moving plate. Imagine twisting your hand over dough, it does two things: moves out and curls on itself. It is this twisting radial motion that keeps the air and therefor heat moving vigorously from the hot plate to the spinning cooling fins.
Simple and clever, obvious once you see it and it works WELL. The best kind of solution to a problem.
To be fair Obama asked for a raise in their budget and Congress cut it and asked for a small cut in the military budget and Congress upped it.
President don't have as much control as the talking heads may imply. On the other hand I'm sure he could have done more. Just thought it was a good thing to know, though
Well, not that I'm a mind reader, but my take on this is that we don't bloody know how those few lbs of grey matter work, how it self organizes, the exacting details of behaviors that drive it, etc etc
On top of that what do you feed a brain? what is it going to do? They'd need to interface it with something that can challenge it, provide meaningful feedback, etc on and on.
Whatever it is they simulate I'd not call it a brain, or a mind. Perhaps a highly complex neural net, but it will be running in slow motion compared to what we have gotten used to. It is, however, a wonderful tool for exploring these problems. This is part of the cycle. Build a model, test the model, fix the model, test the model. Now, it isn't a real brain but it will be an interesting refining force for some ideas.
Read up on Quantum Encryption. It is really REALLY cool.
In case you've tried and hit one of the many hand-waving walls here is the brief because I'm not the type to just be snide and say RTFM:
So you have a sender and a pair of receivers. You (sender) have one of the receivers. You send an entangled pair of photons down the lines. Here is trick one: those two photons will have the same polarization but you don't know what it is till you measure it.
Now polarization isn't just one direction, photons can be polarized in many directions. What you and the other side do is pick a bias for your receivers independently and randomly, "+" or "x". Now that you have both seen this unreproducible event you talk about it, publicly. The only requirement for this "conversation" is that you both can hear each other. MITM attacks, etc do not matter. Those will show up as errors and the whole thing discarded.
Here is what you talk about: at first you talk about which bias you used. + or x. Where you agree there is a good chance you saw the same thing and you use that bit. Where you disagree you discard it and try again. One you have a good number of bits you talk about their parity (XOR is parity). The algorithm works by saying something like, "The parity I have for that group is 1" and then they either agree or disagree. Should you agree that means that there is a chance you have the same group. Discard one bit from it. Since that bit was random and you only transmitted the parity you have leaked zero information. If your parity did not agree (really even if it did) you split the shortened group in half and do it again. (this is trick two). Once you have found where all the errors are and discarded those pieces and have verified enough of the parities (and discarded one bit each time remember!) you have "amplified" your privacy. Using this technique you can amplify your privacy to arbitrary levels so that an interloper can have an arbitrarily small chance of successfully faked a key (a VANISHINGLY small chance in practice. 2**-256 is a commonly quoted value). Now you've got a shared *random* secret (As bond would say if he was an rng: Random. Quantum random. It is that good.).
If anyone had been fiddling with your signal (either the discussion or the quantum channel) you'd have spotted them making too many errors and gave up on the communication.
Now, as you said, you COULD xor that key with the data and send that, safe in the knowledge that it is protected by the only 100% secure encryption system: a one time pad. You've got a 1mbps channel using the very latest and greatest technology. Hope you didn't have big plans for it.
That might be what you need! I'll bet that it isn't. Most data only needs to be secure for a tiny amount of time. Seconds or hours. Days perhaps. That is the data that falls comfortably into the realm of standard cryptography. Brute force it if you like. Useless now anyway.
That is why I contend that unless you have a real need for OTP security that a robust RSA based system is good enough. Change your keys, verify often, have good physical security, etc. rest safe in the knowledge that your data is protected by decades of, thus far, bulletproof math.
On the other hand, if you DO need to have real OTP security don't you dare rest all your hopes and dreams on the physical realizations of quantum encryption. If your data is that important then you could (more cheaply, no less!) have stores of one time pads sitting around safely using, for example, Shamir's secret sharing algorithm. It is provably secure and not just from brute force attacks. It requires that a certain number of pieces are present to reconstruct the original data. There is no loophole. Without the last piece you gain nothing. It could be anything. It is also better than XOR (which requires that ALL pieces are present) in that it has a threshold number of pieces that need to be present so that the keepers of the keys need not all be simultaneously present (guards with rotating schedules, as an e
Why do they spend all this money, all this effort on systems that cost more and offer less security than a large RSA or ECC public key system?
Especially when RSA and ECC are so very well studied and don't rely on what amounts to lab grade optics with unknown exploits, weaknesses, and requirement for over paid professionals?
Why? I don't see the benefit. It is slower, harder to use, more expensive, the list goes on!
16K bit RSA keys are slow to generate but offer 256 bits of private key material equivalent security. Much less than that is needed for ECC. This all seems like a waste. It isn't even basic research anymore (which I endorse!) this is just some sort of dick measuring contest.
Actually, I didn't get far in when I posted it. I would not have if I had.
It IS bullshit. I agree 100% No apologetics, no nothing like that. You, good sir, are right. No good reason!
Also, it wouldn't even be that "hard" to add it. That is, insomuch as nothing would break due to that addition aside from perhaps a new keyword to avoid (I'm sure someone used uint/ubyte/ulong as a variable name somewhere along the line)
Thanks for the proverbial smack upside the head. Apparently I needed it!
Slashdot Mirror
I just realized that after I posted it. Douglas and Pratchett get jumbled in my head sometimes!
At first jab I really wanted to take a jab at that, I really did. Some others have posted some excellent points this way and that about FRB (I'm tired of typing it) and looking at it all I'm inclined to think that FRB is done well. Really well. Take a look at all the wonderful things a healthy strong credit system can and has done. Lines of credit to smooth out payroll and unexpected expense, people building homes and investing into the community and economy at large, new business and old alike benefiting from the stability of others. Really good stuff.
Now, on the reverse of that same token there is also the ugly truth that the system is larger, more subtle, complex, and faster than it was ever imagined (not itself a flaw) but also more-so on every account than it NEEDS to be. The global economy would get on just fine if even a small percentage of the current trading took place and more (if not total) human supervision was enforced. The only liquidity that a market requires is that which is needed to balance incoming and outgoing money (forgive the gross simplification) and any changes in position that the "players" wish to make (for example, moving stock from Apple to IBM on the careful and considered opinion of a fund manager. He needs sellers and buyers within a reasonable time and he needs them to also behave reasonably to pricing and the market)
These needed transactions, amplified to the volume of the needs of humanity, are diminutive along side the volume that the market supports out of misguided attempts to skim money from the market. See, money coming and going is a pretty balanced game and stocks only generate real value when the company buys them back or issues a dividends. The rest is everyone throwing money around at each other.
The amount of money moved is staggering. Beyond the mortal ken. It also moves faster and in ways outside out control. Money won't, contrary to popular belief, disappear should something go awry. It will end up in the wrong places, though. The people who were throwing money around expecting to get more back suddenly find themselves dealt out of the game. This is the problem. The risk of a subset of the banking and financial populace to suffer harm is real. It is compounded by the desire to extract some of that money zipping around. Risks are taken, balanced against with the best of intents (at least from the point of view of the balance sheets) and as much caution as seems needed.
In the end when these players find themselves short handed or in a bad way for one reason or another they try to move the blame around. Sometimes the force of government is enlisted to change the rules. They sometimes beg to make the game more lively (to try and keep it moving as fast as it can) or to withdraw a tactic from allowed use so that nobody feels the sting anymore. These changes rarely have the effects intended (yes, I'm trying to give the law makers, on the whole, some benefit of the doubt. It is too messy otherwise.)
Back to your original point (and I did have this in mind) it is true that Full Tilt Poker was taking risks beyond their means to remediate them and, I think, that it is comparable to an aspect of the financial system. However I find it much more akin to the internal and large scale strategies of banks than to the details of the FRB system.
To steal a quote from the late Douglas Adams (or was it Gaiman who penned the line?):
Banks move in extremely mysterious, not to say, circuitous ways. Banks do not play dice with money; They play an ineffable game of Their own devising, which might be compared, from the perspective of any of the other players*, to being involved in an obscure and complex version of poker played in a pitch-dark room, with blank cards, for infinite stakes, with a Dealer who won't tell you the rules, and who smiles all the time.
* ie., everybody
There is a good reason that casinos have to be able to cover every bet they make. Looking over the rules (beware, this thing is dense to the point of being dangerous) http://gaming.nv.gov/documents/pdf/06feb23_bankroll_instr.pdf it seems that in Nevada casinos do, in fact, need to have enough cash on hand or available the very next business day to cover all bets and chance events that are conceivable to within a rather generous statistical margin.
The comparisons to fractional reserve banking, though provoking, are also in contradiction with laws that are in place for good reason.
Now comparing the financial system to a casino... Well, I'll not press my luck. The casinos get jealous seeing someone else do it better. Even my far right wing family 'plays' the stock market and they think gambling is a sin.
The statement that I was in disagreement with was "You don't reuse openssh keys, either. It is one private key pair per host."
Bullshit unless there is something that I'm missing. Keep one private key / public key pair and use the public key on all things you want to access. Keep the private key private (read: in a private place, encrypted. As is traditional.)
Is there some problem with re-using your public key on several servers? I think not.
Why shouldn't I re-use my ssh keys? I'm pretty clear on all your other points so I assume that you've got a good reason for this. What is it?
I feel that I may have mis-understood the proper use of SSH keys and would really like to know the attack vector here.
Those are just pubic facing servers, not the dev team's workflow boxes. However, even if they were their source code management tool, git, exposes every change made by anyone for all time. It is simply that nature of git. Check it out if you want details. Even if they didn't use git the maintainers and anyone with clean copies (per-breach) can simply run a diff on the source code vs any new "untrusted" copy they may see.
Since they've made the breach public and the aforementioned steps to detect any modifications are trivial for anyone to perform (Linux is not mirrored on github, a public git repository and absolutely wonderful site) there is a very low risk to anyone and zero risk now.
I'm not going to stand on a soap-box here but I'll just say this:any decent company or organization that is the victim of an attack such as this should have procedures and systems in place that render it as harmless as this one. Think of the impact of this hack compared to others in the recent past and near future. It might provide a wonderful 'dos and don'ts' guide
Think of it this way, all orbital changes take energy. Now that is obvious but bear in mind that ALL orbital changes take energy. What I'm getting at is that the velocity for a satellite determines its altitude range (or just it's altitude in the case of a circular orbit).
Since any change in velocity takes energy (fuel) and the difference between an orbit that is 100% clear of the atmosphere is a vastly different energy than one that is mostly or all in it. Now, on the other hand if you intentionally make the orbit highly elliptical you can have the satellite skim the outer atmosphere at closest approach. Sounds like they BARELY got there and the thing to keep in mind about the upper atmosphere is that it is not a solid line "atmosphere starts here" and even at a given altitude the density varies wildly.
Seems like they got it into as elliptical an orbit as they could and then had to rely on atmospheric breaking in an atmosphere that might be described as a "soft vacuum" in a laboratory. With those sorts of time scales and depending on the atmosphere it is little wonder that the target and timeframe were what they were. "Earth" and "sometime in the next X years".
As it get closer to re-rentry they will be able to make much better predictions but the last few orbits will eat the majority of the speed (exponential decay) so there isn't much to do till then but keep watching and waiting.
http://everything2.com/user/dogganos/writeups/Thermodynamics+limits+on+cryptanalysis
Who cares about Moore's law. Read that.
Now it STILL might get broken. Attacks better than brute force are always the largest threat. However nobody need worry about the brute force computer to break their codes. Not even quantum computers help here, by the way. See Grovers Algorithm. Preview: "Grover's algorithm is a quantum algorithm for searching an unsorted database with N entries in O(N1/2) time and using O(log N) storage space" Not so good.
Part manufacturer A wants to sell a product X.
Customer B, C, D, E, and F all use the standard that pert X conforms to.
Profit for you, lower cost for them for using a standard part!
As opposed to creating customer EVERYTHING for everyone.
Or, in the vein of your signature: "Specs? That's too geeky. Just make it go." Electrical characterization and testing for custom everything isn't trivial and having standards that you know a part conforms to aids in reducing that significant engineering cost.
So just because Best Buy can't service it does not mean that the standard is for nothing.
I'm not a Microsoft user or programmer, but I've worked with both. C# is very very nearly Java at first blush and if you are comfortable in Java you will be comfortable in C#. Go with mono and you've got your cross platform. There aren't as many libraries as there ae for Java, but it seems that the core is a bit stronger.
Your Mileage May Vary and I've not even seen C# doing GUI work, but it has to be better than swing in both ease of use and looks.
Which features of Java as a language or Java programs do you commonly see failing to work across different platforms?
Perhaps I treated you unfairly then. I'm going to give your links a good read. Seemed, at first rub, like more of the same old. Now not so much.
I don't mind being wrong, after all. Means I get to learn something new.
When it gets down to it I don't think that we have the processing power or knowledge to emulate the biological processes and even if we could we would then have to understand their output.
Why not design a connectomics informed system that mimics the neural retina and visual system? Something that takes the results of research like this and uses true biologically informed computing to do what neural systems are good at and silicon based systems are not so good at? After all, what they are looking at is a system that works like a retina works (more like a video camera and not a still camera)
The eyes do not "see" in the sense of processing information. They turn light into nerve impulses. Ho-Hum. We've got that, in fact this isn't about that at all. They are dealing with already captured data anyway.
so why not go to the biology which is really good at comparing like streams of information and making like or not like decisions.
Yeah, biology is really good at making decisions. Shame that not a single person on earth has a system that can replicate it. Nothing even close. Biology is fantastic, but it falls over flat when we try to replicate it on a computer. This is due in large part because a brain tends to have more "power" to throw at the problem by many orders of magnitude. It is also differently abled compared to a computer, we can't just scale up and hope to emulate it, need the special hardware-software combo that is our beloved wetware.
Let us say that a bio-technical solution was somehow brought to bear on this problem, someone wasted a wish perhaps. Then you get... what? What biological process or technique can be used here? The ability of mamals to discern individual objects in a scene? Then how to classify them? After a scene has been broken down by the biological side how is it turned into useful information? The mind would have to hand off some information at some point. Images suck because computers can't do that well yet (hence this project) and tokens representing actions and objects seems impossible for quite some time, it would resemble the complexity of a human mind.
Nothing in biology can be applied to this problem directly, only perhaps simple ideas applied rigorously. Stop spouting your favorite rubbish.
Mod the parent down.
In order to give your eyes something to focus on in the first place you'd need to CREATE the plenoptic field that matches the scene. Read: holography of a sort.
Plenoptic functions as I understand them in brief:
The electromagnetic field requires 5 degrees of freedom for each photon. 3 of space and 2 for direction.
-A plenoptic camera can cheerfully ignore one of the degrees of freedom (depth) since all of the light is hitting a plane. This is what allows it to re-focus. It does not, in fact, capture depth like it is often said. It captures the angle of the incoming light.
-Lenses bend light. The focus of a lens is chosen to make the light coming in at certain angles (the depth of focus) bend and converge on to a plane: the sensor.
-Knowing the angle of the light that came into the camera you can then choose to "focus" on a particular plane by, in short, figuring out where the light would have hit had the focus been different.
In order to give a display the ability to send out light which out eyes can focus on naturally the display would need to be able to send photons out in a pattern that matched the simulated environment at the cross-section of the screen. In short it would have to be able to send arbitrarily colored light in arbitrary directions from every pixel on the screen (4 degrees of freedom. 2 for space and 2 for direction, just like the camera but sending not capturing). Each pixel would have to be able to send not just one color in one direction but many colors in many (related) directions. All of those directions are directly at various parts of the lens of your eye. This is tantamount to holography, but achieved in a different way.
Nice thing to have, though: this could be viewed glasses free for almost everyone because it could send out light in such a way that it "corrected" your vision. No glasses, even prescription, required!
I hope that it is now obvious that it would not simply be enough to know where your eye was focused.
Don't expect this very soon. If the stagnation of holography is an indicator this is a tough problem to crack from any direction.
I abridged too far =p
I do know it isn't SQL, I should have said "This is a standard ACID Compliant database like MySQL, PostreSQL, Oracle, and SQLite".
The abridged version:
Atomicity: actions or sets of actions complete or they don't. No half states. Ever.
Consistency: The database has rules. Rules like, "this can only be X when X exists in this other table" or "You cannot put a picture of a jabberwocky in this column." The rules are always obeyed even if one transaction fails. The DB itself will still be clean.
Isolation: Everything accessing the DB views it as if it were the only thing accessing the DB.
Durability: If the DB tells you it happened that means that you could yank the network jack, axe the power, or any other Bad Thing(tm) and so long as the disks are still there and intact your data also will be.
That is SQL. NoSQL: Pick three, or two.
Is it faster? You bet your ass it is. The limitations are, generally, that the DB won't do things like JOINs for you, or perhaps you have to deal with the idea of a half state, etc. Aside from ACID guarantees being, generally, broken the DB might act more as a key->value lookup (think a dictionary or encyclopedia, but with data). It might not have rigid fixed columns (some SQL databases do this too, but it is not a standard feature and generally comes with more cost vs a NoSQL that offers it).
NoSQL is useful, though, if you have a tremendous (REALLY REALLY huge, I mean it has to be worth it!) data set or some strange demanding special need. Some things don't need isolation because the actions are intrinsically isolated (Slashdot comments, for example, are just appended and only one column needs to be mutated (the moderation)) . Durability might not need to be met at the disk level, you might be comfortable with writing it to two node's memory (Cassandra even lets you return after it is in the target node's memory and after it has been flushed to the network send buffer. You know, to kill those pesky nanoseconds of latency). If your nodes are good and isolated this might be fine. Atomicity might not be a big deal.... though I can't think of any that don't provide THIS. Atomicity is really rather important almost everywhere. Getting rid of fixed tables or "relations" (foreign keys) makes consistency a non-issue. Consistency is one of the first things to be tinkered with in most of these NoSQL things, though it is not 100% gone (still can't put that jabberwocky in that int column!)
So by trading off some guarantees for a more simplistic DB one can gain speed and some degree of burden can be lifted from the programmer to work within the confines of that guarantee system. However, an ACID SQL system is universal (can store anything and meet any guarantees you require, but not necessarily quickly). NoSQL systems only work for some workloads and requirements. Almost (but not quite) anything can be shoehorned into them but weather it is a good idea remains a question to ask before you dive right in. If you can see gain from NoSQL then it might be a good idea, but don't paint yourself into a corner where you trade a working system of moderate speed for a blazingly fast system that has subtle (or blatant!) flaws which effect your company or customers.
Hope that helps!
Here's to this!
What are your thoughts on the energy storage dreams floating around behind the starry eyes of so many and the thoughts that enough power can actually be produced with non-nuclear non-fossil-fuel methods to not only meet current demands but keep up with the growing demand? I appreciate your directness and insight and would love to know.
Geospatial technology? Breakthrough? Worried about more data?
This article reads like an add for cosmetics! "They can't handle the data, we made it shiny and all their problems went away!"
REALLY? They drew some heat maps and used existing data to identify choke points. OoooOOHHHHHHH! Now I'm some kinda of impressed. And to do what, exactly? Make rolling blackouts easier to manage? Create jobs so some monkey looking at shiny data can ask plants to ramp up? Or press a button to activate some SCADA function?
Give me a break. This is a tremendous waste of technology. Something like it was surely wanted, perhaps warranted, but this stinks of "data overload"
They've just turned a gigantic dataset into a gigantic waste of money instead of a tool. Let me know how it all turns out.
Nope, no jets. In the production version there will be some air pumped into the bearing area to keep it "inflated" but the layer of air is about 0.003" thick and sitting between a plate rotating at 2K+ rpms and a non-moving plate. Imagine twisting your hand over dough, it does two things: moves out and curls on itself. It is this twisting radial motion that keeps the air and therefor heat moving vigorously from the hot plate to the spinning cooling fins.
Simple and clever, obvious once you see it and it works WELL. The best kind of solution to a problem.
To be fair Obama asked for a raise in their budget and Congress cut it and asked for a small cut in the military budget and Congress upped it.
President don't have as much control as the talking heads may imply. On the other hand I'm sure he could have done more. Just thought it was a good thing to know, though
Well, not that I'm a mind reader, but my take on this is that we don't bloody know how those few lbs of grey matter work, how it self organizes, the exacting details of behaviors that drive it, etc etc
On top of that what do you feed a brain? what is it going to do? They'd need to interface it with something that can challenge it, provide meaningful feedback, etc on and on.
Whatever it is they simulate I'd not call it a brain, or a mind. Perhaps a highly complex neural net, but it will be running in slow motion compared to what we have gotten used to. It is, however, a wonderful tool for exploring these problems. This is part of the cycle. Build a model, test the model, fix the model, test the model. Now, it isn't a real brain but it will be an interesting refining force for some ideas.
Read up on Quantum Encryption. It is really REALLY cool.
In case you've tried and hit one of the many hand-waving walls here is the brief because I'm not the type to just be snide and say RTFM:
So you have a sender and a pair of receivers. You (sender) have one of the receivers. You send an entangled pair of photons down the lines. Here is trick one: those two photons will have the same polarization but you don't know what it is till you measure it.
Now polarization isn't just one direction, photons can be polarized in many directions. What you and the other side do is pick a bias for your receivers independently and randomly, "+" or "x". Now that you have both seen this unreproducible event you talk about it, publicly. The only requirement for this "conversation" is that you both can hear each other. MITM attacks, etc do not matter. Those will show up as errors and the whole thing discarded.
Here is what you talk about: at first you talk about which bias you used. + or x. Where you agree there is a good chance you saw the same thing and you use that bit. Where you disagree you discard it and try again. One you have a good number of bits you talk about their parity (XOR is parity). The algorithm works by saying something like, "The parity I have for that group is 1" and then they either agree or disagree. Should you agree that means that there is a chance you have the same group. Discard one bit from it. Since that bit was random and you only transmitted the parity you have leaked zero information. If your parity did not agree (really even if it did) you split the shortened group in half and do it again. (this is trick two). Once you have found where all the errors are and discarded those pieces and have verified enough of the parities (and discarded one bit each time remember!) you have "amplified" your privacy. Using this technique you can amplify your privacy to arbitrary levels so that an interloper can have an arbitrarily small chance of successfully faked a key (a VANISHINGLY small chance in practice. 2**-256 is a commonly quoted value). Now you've got a shared *random* secret (As bond would say if he was an rng: Random. Quantum random. It is that good.).
If anyone had been fiddling with your signal (either the discussion or the quantum channel) you'd have spotted them making too many errors and gave up on the communication.
Now, as you said, you COULD xor that key with the data and send that, safe in the knowledge that it is protected by the only 100% secure encryption system: a one time pad. You've got a 1mbps channel using the very latest and greatest technology. Hope you didn't have big plans for it.
That might be what you need! I'll bet that it isn't. Most data only needs to be secure for a tiny amount of time. Seconds or hours. Days perhaps. That is the data that falls comfortably into the realm of standard cryptography. Brute force it if you like. Useless now anyway.
That is why I contend that unless you have a real need for OTP security that a robust RSA based system is good enough. Change your keys, verify often, have good physical security, etc. rest safe in the knowledge that your data is protected by decades of, thus far, bulletproof math.
On the other hand, if you DO need to have real OTP security don't you dare rest all your hopes and dreams on the physical realizations of quantum encryption. If your data is that important then you could (more cheaply, no less!) have stores of one time pads sitting around safely using, for example, Shamir's secret sharing algorithm. It is provably secure and not just from brute force attacks. It requires that a certain number of pieces are present to reconstruct the original data. There is no loophole. Without the last piece you gain nothing. It could be anything. It is also better than XOR (which requires that ALL pieces are present) in that it has a threshold number of pieces that need to be present so that the keepers of the keys need not all be simultaneously present (guards with rotating schedules, as an e
Why do they spend all this money, all this effort on systems that cost more and offer less security than a large RSA or ECC public key system?
Especially when RSA and ECC are so very well studied and don't rely on what amounts to lab grade optics with unknown exploits, weaknesses, and requirement for over paid professionals?
Why? I don't see the benefit. It is slower, harder to use, more expensive, the list goes on!
16K bit RSA keys are slow to generate but offer 256 bits of private key material equivalent security. Much less than that is needed for ECC. This all seems like a waste. It isn't even basic research anymore (which I endorse!) this is just some sort of dick measuring contest.
Actually, I didn't get far in when I posted it. I would not have if I had.
It IS bullshit. I agree 100% No apologetics, no nothing like that. You, good sir, are right. No good reason!
Also, it wouldn't even be that "hard" to add it. That is, insomuch as nothing would break due to that addition aside from perhaps a new keyword to avoid (I'm sure someone used uint/ubyte/ulong as a variable name somewhere along the line)
Thanks for the proverbial smack upside the head. Apparently I needed it!