Its not just "linux vs Windows" but "trusted boot": All you need to rely on is that the live CD is OK and your BIOS is not corrupted and you can effectively safely connect to your bank.
ORLY? What about hardware key stroke loggers? They do exist you know.
The use of the "or" conjunction, which in English is semantically equivalent to a logical XOR.
_Usually_ equivalent to XOR. Consider the following statement:
"It will rain today or tomorrow".
If, in fact, it rained today _and_ tomorrow, would you consider the statement false? Most people wouldn't. Therefore, in that particular case, English "or" is equivalent to logical OR not XOR.
Buy a damned computer, or one of the mobiles you can install Linux on.
Maybe you should RTFA before posting...
Of course there are a million machines you can install Linux on, but the PS3 was particularly nice because of its Cell architecture. That allowed for some super-computer like performance for a low, low price. Lots of research institutions used PS3 clusters for low cost supercomputing. Now that future is jeopardized.
Breaking RSA expected in next few decades?
on
Tetraktys
·
· Score: 1
Speaking of "getting your facts right"...
Breaking RSA is something that is not expected for many decades
Um, [citation needed] much? Seriously does anyone expect RSA to be broken in the next few decades?
Certainly much longer key lengths will be brute-forceable in the next few decades, but that's a far cry from coming up with a polynomial time algorithm that breaks RSA.
Concepts are (were) cool. But let's be realistic: unless you're doing a lot of template library programming, you wouldn't use them much.
I think much cooler additions are lamda functions, move semantics (rvalue references), auto keyword and others. Also additions to the standard library like threading and decent smart pointers.
Once you've reverted the hash back to salt+plaintext, it's *much* easier to remove the salt (often some string concatenated with the plaintext).
Often? That's the definition of salt.
Also, rainbow tables don't revert the hash back to salt+plaintext. Rainbow Tables don't work if salt was (correctly) used. Well, I guess you could make a set of RTs for every possible salt value... if you have an ice age or two to wait.
When you have a good dictator, things are generally pretty good. The trick is to avoid the bad dictator.
That is indeed the trick. The fact is, the harm that bad dictators cause greatly outweighs any good that "good" dictators provide. And a dictator system, once in place, is very hard to get rid of.
Also, I feel suspicious of the idea that there are "good" dictators. Some may start out good, but power corrupts and absolute power corrupts absolutely.
Having a lot of lines of code is not necessarily something to brag about. In fact, it's more likely to be an indicator of badness than goodness.
If the product works great, people won't care how many lines of code it has. If it's buggy or sluggish or in other ways wonky, people might look at the code line count and point to that as the problem. ("It's bloated!" "It's so big no one can understand it or fix it!")
3. Successful X2 and Arithmetic Mean tests on certain bytes.
4. File size greater than 15 MB.
Step 2 == entropy tests.
In other words, they detect random looking files (which implicitly implies "no header") whose size is 0 mod 512 and is greater than 15MB.
Big fucking deal. It might be true that on your system, the only files that meet these characteristics are TrueCrypt volumes, but again it's trivial to create non-TrueCrypt files that meet these criteria. Simply, any true random file (whose size meets the above requirements) will be detected as a TrueCrypt file.
I'm pretty familiar with TrueCrypt, but I don't know what a TrueCrypt "Dynamic" file is. Are they just talking about an encrypted virtual volume?
Anyway, I'm pretty sure this is BS. I think they're just doing regular entropy tests on files. That will tell you when you have random data. A good test might be able to distinguish a large amount of compressed data from encrypted data since compressed data does have a little redundancy (emphasis on "might" and "little").
But I guarantee that they are not detecting any redundancy in ciphertext. Detecting even a small amount of redundancy in the output of any modern cipher algorithm (like AES or Twofish) would be a HUGE cryptanalytic result. It would be front page news (in cryptographic circles).
In summary, I'm positive that they can't distinguish between a TrueCrypt volume and true random data.
... says Laura Moore, an unemployed college professor and one of the town's 13 residents
If you're unemployed, you're not a college professor. You're a former college professor, or a wannabe college professor.
Also, maybe a town of 13 doesn't have a lot of college professor openings?
Government intervention in the market, whether as a primary actor, or via impact (regulatory) on a primary actor, is anathema to a free-market idealist.
Then free-market idealists are living in a fantasy world.
In reality, even if you start with a free-market utopia, eventually some players consolidate power and then use it to stifle competition. We've seen it over and over again.
Yes, sometimes the government is the player that has too much power and quashes the free-market. But at least (in theory) governments are beholden to the people.
Really, these libertarian types remind me of old-school communists: their ideas sound cool but fail to take human nature into account.
Slashdot Mirror
Not to mention TEMPEST (http://en.wikipedia.org/wiki/TEMPEST)
Its not just "linux vs Windows" but "trusted boot": All you need to rely on is that the live CD is OK and your BIOS is not corrupted and you can effectively safely connect to your bank.
ORLY? What about hardware key stroke loggers? They do exist you know.
Someone should take all the XKCD comics, mark 'em up a bit, turn 'em into nice pictures, and .... Profit!!
Pics or it didn't happen.
The use of the "or" conjunction, which in English is semantically equivalent to a logical XOR.
_Usually_ equivalent to XOR. Consider the following statement:
"It will rain today or tomorrow".
If, in fact, it rained today _and_ tomorrow, would you consider the statement false? Most people wouldn't. Therefore, in that particular case, English "or" is equivalent to logical OR not XOR.
Buy a damned computer, or one of the mobiles you can install Linux on.
Maybe you should RTFA before posting ...
Of course there are a million machines you can install Linux on, but the PS3 was particularly nice because of its Cell architecture. That allowed for some super-computer like performance for a low, low price. Lots of research institutions used PS3 clusters for low cost supercomputing. Now that future is jeopardized.
Speaking of "getting your facts right" ...
Breaking RSA is something that is not expected for many decades
Um, [citation needed] much? Seriously does anyone expect RSA to be broken in the next few decades?
Certainly much longer key lengths will be brute-forceable in the next few decades, but that's a far cry from coming up with a polynomial time algorithm that breaks RSA.
Concepts are (were) cool. But let's be realistic: unless you're doing a lot of template library programming, you wouldn't use them much.
I think much cooler additions are lamda functions, move semantics (rvalue references), auto keyword and others. Also additions to the standard library like threading and decent smart pointers.
Once you've reverted the hash back to salt+plaintext, it's *much* easier to remove the salt (often some string concatenated with the plaintext).
Often? That's the definition of salt.
Also, rainbow tables don't revert the hash back to salt+plaintext. Rainbow Tables don't work if salt was (correctly) used. Well, I guess you could make a set of RTs for every possible salt value ... if you have an ice age or two to wait.
I thought the prevelance of using salts with hashes obsoleted rainbow tables years ago.
True. Correctly salting your password hashes will make rainbow tables useless.
But ... Guess which system still doesn't salt passwords? Windows!
(Really? No takers? Huh. Well, a geek's gotta do what a geek's gotta do:)
NO ONE EXPECTS THE SPANISH INQUISITION!!!
When you have a good dictator, things are generally pretty
good. The trick is to avoid the bad dictator.
That is indeed the trick. The fact is, the harm that bad dictators cause greatly outweighs any good that "good" dictators provide. And a dictator system, once in place, is very hard to get rid of.
Also, I feel suspicious of the idea that there are "good" dictators. Some may start out good, but power corrupts and absolute power corrupts absolutely.
Call me when someone ports Nethack to the iPhone. Or figures out a good mobile device type interface for roguelikes in general.
ls | grep
amiright?
What they don't realise is that motorists are more intelligent than water particles.
Says you.
Having a lot of lines of code is not necessarily something to brag about. In fact, it's more likely to be an indicator of badness than goodness.
If the product works great, people won't care how many lines of code it has. If it's buggy or sluggish or in other ways wonky, people might look at the code line count and point to that as the problem. ("It's bloated!" "It's so big no one can understand it or fix it!")
UTF-16 is much better than UTF-8 for encoding asian scripts. UTF-8 needs 3 bytes per code point in that range, while UTF-16 needs only two.
OK, I checked it out. Here's how they "do" it:
1. No File Header.
2. (File size % 512) = 0
3. Successful X2 and Arithmetic Mean tests on certain bytes.
4. File size greater than 15 MB.
Step 2 == entropy tests.
In other words, they detect random looking files (which implicitly implies "no header") whose size is 0 mod 512 and is greater than 15MB.
Big fucking deal. It might be true that on your system, the only files that meet these characteristics are TrueCrypt volumes, but again it's trivial to create non-TrueCrypt files that meet these criteria. Simply, any true random file (whose size meets the above requirements) will be detected as a TrueCrypt file.
I stand by my assessment: BS.
I'm pretty familiar with TrueCrypt, but I don't know what a TrueCrypt "Dynamic" file is. Are they just talking about an encrypted virtual volume?
Anyway, I'm pretty sure this is BS. I think they're just doing regular entropy tests on files. That will tell you when you have random data. A good test might be able to distinguish a large amount of compressed data from encrypted data since compressed data does have a little redundancy (emphasis on "might" and "little").
But I guarantee that they are not detecting any redundancy in ciphertext. Detecting even a small amount of redundancy in the output of any modern cipher algorithm (like AES or Twofish) would be a HUGE cryptanalytic result. It would be front page news (in cryptographic circles).
In summary, I'm positive that they can't distinguish between a TrueCrypt volume and true random data.
Put up or shut up.
... says Laura Moore, an unemployed college professor and one of the town's 13 residents
If you're unemployed, you're not a college professor. You're a former college professor, or a wannabe college professor. Also, maybe a town of 13 doesn't have a lot of college professor openings?
Government intervention in the market, whether as a primary actor, or via impact (regulatory) on a primary actor, is anathema to a free-market idealist.
Then free-market idealists are living in a fantasy world.
In reality, even if you start with a free-market utopia, eventually some players consolidate power and then use it to stifle competition. We've seen it over and over again.
Yes, sometimes the government is the player that has too much power and quashes the free-market. But at least (in theory) governments are beholden to the people.
Really, these libertarian types remind me of old-school communists: their ideas sound cool but fail to take human nature into account.
No. See the laws of thermodynamics.
The closest language to English is French.
Not true. Frisian is.
I can't stand the stupid "try 'em as adults" trend that has swept the country.
I think that if you're tried as an adult and acquitted, then you get the privileges of being an adult. Like voting, drinking, renting cars, etc.
After all, according to the government you have the responsibilities of an adult. You should get the privileges too.
Yes, I realise the right tool for the job argument.
Exactly. Most applications are not CPU bound. If yours is, then I don't know why others are trying to get you to use Python.