you'd still have to try 2^127 keys on average to recover the key
You're referring to brute force attacks. Cryptanalysis is much more sophisticated than this. The danger with known-plaintext(-fragments) is that you only need to break a very small amount of key bits, and then everything falls into place quite easily and rapidly.
Considering that MPEG frames have known headers, and knowing where all those headers will be in the stream, already gives quite important hints to attackers. It's enough if they concentrated on these spots. Provide them with enough known-plaintext (as in MPEG4 streams), and their job is not so daunting as if they did a brute force attack (which, I agree, won't work with current hardware resources).
How secure is AES 128+ bits anyway? MPEG streams have a pretty regular pattern that offers a lot hints to cryptanalysts. I wouldn't bet on the security of a system that encrypts 2-8 GB of data with such a regular pattern!
The Zealots can run their "pure" systems and suffer graphics glitches and poor 3d performance.
Are FreeBSD users zealots? What alternatives do we really have if NVidia (or ATI) released Linux-only binary drivers? We can use the Linuxulator for userland apps, but with kernel drivers that is sadly not possible.
Linux must become more like Windows (at least in terms of interfaces)
Hopefully, you're meaning GUI interfaces. It would be a shame to replace our good ole POSIX API with Win32s...
Seriously though: the beauty of Linux/BSD/... is that it doesn't restrict your choice. You can use KDE, GNOME or any other desktop, and if you like XP's GUI, go for it. If you prefer fluxbox, that's fine too. Try this under Windows without jumping through a lot of hoops!
But even if you consider low-level C APIs and ABIs: nothing (but the sad lack of competent reverse-engineers) prevents Linux from adding a Win32s API and ABI compatibility layer that would allow Windows apps to run natively. A similar approach works very well in FreeBSD's Linux-o-lator (okay, Linux and FreeBSD's API are very similar, so it was much easier, but that's not the point). But again: it's all about choice. With Linux, you're free to pick what best suits you; with Windows, you're desperately locked in.
That's about f*cking time! How many important files have been destroyed by Windows crashes? How many hours labour? How many marriages? How many lifes? It that doesn't qualify as WMD, nothing else would.
Oh, that's why the japanese are so competitive: they use secret backdoors in their encryption chips to read the secrets of US corps! Shouldn't we restrict the importing of alien encryption gear?
Recent wars were so successful, because we were able to remotely disable important anti-aircraft, defensive gear, but also civilian infrastructure like power plants and water suppliers with viruses (and I'm not meaning the ones developed at Fort Dettrick).
Export controlling powerful CPUs (besides being a silly, unenforceable law) would prevent newer Windows versions (a.k.a. spyware) from spreading even further in civilian infrastructure of present or future enemies. They may switch to that terrorist sponsored and sponsoring OSS stuff we can't control. On a second thought, it's not such a good idea...
Ashcroft and others won't be happy with this. Of course, PKI/PGP/... can be used in non-encryption mode only to sign messages. BUT, they can also be used to encrypt. As soon as this kind of software is ubiquitous, wiretapping would be much more difficult for the NSA and other agencies.
Your ISPs mail server generally accepts only mail from one domain, the one you've purchased from them. If you own multiple domains, you need your own mail server!
You can do that on a store-and-forward network too. Every mail server could require the computation of a challenge before accepting a message for storage.
Oh, and BTW, only a small minority has 24/7 connectivity (and I'm not even talking about third world countries!).
Yes, you're right. But please bear with me a little. The reason I prefer an.adult section is this: a lot of internet pages, that are not necessarily created with children in mind, are still useful for kids. Just think of kids doing research for a school homework assignment. Restricting children to a.kids domain seems like overkill. In the Real World(tm), children are allowed to use normal libraries and they may go wherever they (or their parents) wish, as long as it's not an XXX area (or bars etc...). I'd really prefer that children were free to use the Net unhindered, save for.adult areas. Our children deserve protection, but they also deserve respect: they are much more open and intelligent than we often assume. Please don't put them in a closed, artificial world, if we could confine our own bad habits in restricted.adult area.
Oh, of course I'm not restrincting this to sex of porn, but also to violence and other stuff that should be kept away from children.
Why so complex? Create a.porn (or.xxx,.sex, or, politically correct.adult) gTLD and pass legislation that all pr0n must use it exclusively. Then every browser maker, squid admin, etc... can implement a simple filter based on the URL. That's what the alt.sex.* USENET hierarchy was/is all about, and it works very well there.
Dynamic DNS is not very good, if you operate a web server. Imagine googlebot is currently doing a deep scan and your IP changes. It will take a while until googlebot checks their cached DNS entry again, so you'll lose a lot of entries in Google's index. The reason for this is that googlebot doesn't honor the TTL (time to live) field of your DNS A record while performing a crawl.
Of course, if your IP addresses changes only sporadically (like, say, once or so in a month or two), then it's perfectly okay. Then again, you wouldn't need dynamic DNS in this case, just a regular zone update of your normal static DNS would suffice. Some ISPs auto-disconnect your connection every 24hrs. In this case, Dynamic DNS is just a temporary solution.
the latency to a geostationary satellite is quite high.
the fluctuations, mostly due to thermic turbulances, are occuring at a higher frequency than the latency of the feedback loop.
I had to deal with laser links over large distances, and that was quite difficult already. RF is not as suceptible to thermic absorbtion and reflection, but the distance through the whole atmosphere is long enough to become significant.
The only solution that is being considered right now is to provide a large enough target area. Not ideal, but better than nothing.
The Germans spell Iraq "Irak," and they were against the US waging war against Saddam. They could provide a.ik.de subdomain for irakis who don't want to be managed by a texan ccTLD operator...:-)
IQ is Iraq's two-letter ISO country code, and there's almost certainly (I didn't check that) a provision in the ICANN regulations that all ISO country codes should be exclusively used by ccTLD operators.
Of course, a country is free to delegate "their" ccTLD to any company (local or foreign) they wish. This happened with some ccTLDs already.
Now, if the Iraqi government required control over their ccTLD, ICANN would have to take this into account and act accordingly. They are probably not compelled to act immediatelly, but they'll eventually have to take care of the situation.
Another more important aspect is this: if an (ICANN-) accredited ccTLD operator fails to deliver an acceptable level of service, ICANN may also have to act accordingly and re-delegate the domain. Or won't they?
Slashdot Mirror
For non-US readers : The US government has issues of spending bloat.
LoL! Name just one government worldwide that doesn't have that specific problem!
you'd still have to try 2^127 keys on average to recover the key
You're referring to brute force attacks. Cryptanalysis is much more sophisticated than this. The danger with known-plaintext(-fragments) is that you only need to break a very small amount of key bits, and then everything falls into place quite easily and rapidly.
Considering that MPEG frames have known headers, and knowing where all those headers will be in the stream, already gives quite important hints to attackers. It's enough if they concentrated on these spots. Provide them with enough known-plaintext (as in MPEG4 streams), and their job is not so daunting as if they did a brute force attack (which, I agree, won't work with current hardware resources).
How secure is AES 128+ bits anyway? MPEG streams have a pretty regular pattern that offers a lot hints to cryptanalysts. I wouldn't bet on the security of a system that encrypts 2-8 GB of data with such a regular pattern!
The Zealots can run their "pure" systems and suffer graphics glitches and poor 3d performance.
Are FreeBSD users zealots? What alternatives do we really have if NVidia (or ATI) released Linux-only binary drivers? We can use the Linuxulator for userland apps, but with kernel drivers that is sadly not possible.
Shame on you, NVidia and ATI!
Linux must become more like Windows (at least in terms of interfaces)
Hopefully, you're meaning GUI interfaces. It would be a shame to replace our good ole POSIX API with Win32s...
Seriously though: the beauty of Linux/BSD/... is that it doesn't restrict your choice. You can use KDE, GNOME or any other desktop, and if you like XP's GUI, go for it. If you prefer fluxbox, that's fine too. Try this under Windows without jumping through a lot of hoops!
But even if you consider low-level C APIs and ABIs: nothing (but the sad lack of competent reverse-engineers) prevents Linux from adding a Win32s API and ABI compatibility layer that would allow Windows apps to run natively. A similar approach works very well in FreeBSD's Linux-o-lator (okay, Linux and FreeBSD's API are very similar, so it was much easier, but that's not the point). But again: it's all about choice. With Linux, you're free to pick what best suits you; with Windows, you're desperately locked in.
LoL! That's a good one! Please MOD PARENT UP!
when accelerated by a C4 explosion.
That's about f*cking time! How many important files have been destroyed by Windows crashes? How many hours labour? How many marriages? How many lifes? It that doesn't qualify as WMD, nothing else would.
It really scares me sometimes that such short-sighted, arrogant people are running our country.
Don't worry about that. Smart people running any country is the absolute exception, not the rule...
The Direct Marketing Association will lobby Congress to punch a hole in the HCDF so that they will still be able to spam the rest of the world.
Made in Japan.
Oh, that's why the japanese are so competitive: they use secret backdoors in their encryption chips to read the secrets of US corps! Shouldn't we restrict the importing of alien encryption gear?
Recent wars were so successful, because we were able to remotely disable important anti-aircraft, defensive gear, but also civilian infrastructure like power plants and water suppliers with viruses (and I'm not meaning the ones developed at Fort Dettrick).
Export controlling powerful CPUs (besides being a silly, unenforceable law) would prevent newer Windows versions (a.k.a. spyware) from spreading even further in civilian infrastructure of present or future enemies. They may switch to that terrorist sponsored and sponsoring OSS stuff we can't control. On a second thought, it's not such a good idea...
They just fear terrorist bombs full of super-hot P4 shrapnells WITHOUT cooling fans! It's very diffucult to operate them out of injured bodies...
Ashcroft and others won't be happy with this. Of course, PKI/PGP/... can be used in non-encryption mode only to sign messages. BUT, they can also be used to encrypt. As soon as this kind of software is ubiquitous, wiretapping would be much more difficult for the NSA and other agencies.
Your ISPs mail server generally accepts only mail from one domain, the one you've purchased from them. If you own multiple domains, you need your own mail server!
You can do that on a store-and-forward network too. Every mail server could require the computation of a challenge before accepting a message for storage.
Oh, and BTW, only a small minority has 24/7 connectivity (and I'm not even talking about third world countries!).
Time to move to a third world country with illiterate ISPs.
Yes, you're right. But please bear with me a little. The reason I prefer an .adult section is this: a lot of internet pages, that are not necessarily created with children in mind, are still useful for kids. Just think of kids doing research for a school homework assignment. Restricting children to a .kids domain seems like overkill. In the Real World(tm), children are allowed to use normal libraries and they may go wherever they (or their parents) wish, as long as it's not an XXX area (or bars etc...). I'd really prefer that children were free to use the Net unhindered, save for .adult areas. Our children deserve protection, but they also deserve respect: they are much more open and intelligent than we often assume. Please don't put them in a closed, artificial world, if we could confine our own bad habits in restricted .adult area.
Oh, of course I'm not restrincting this to sex of porn, but also to violence and other stuff that should be kept away from children.
Why so complex? Create a .porn (or .xxx, .sex, or, politically correct .adult) gTLD and pass legislation that all pr0n must use it exclusively. Then every browser maker, squid admin, etc... can implement a simple filter based on the URL. That's what the alt.sex.* USENET hierarchy was/is all about, and it works very well there.
Dynamic DNS is not very good, if you operate a web server. Imagine googlebot is currently doing a deep scan and your IP changes. It will take a while until googlebot checks their cached DNS entry again, so you'll lose a lot of entries in Google's index. The reason for this is that googlebot doesn't honor the TTL (time to live) field of your DNS A record while performing a crawl.
Of course, if your IP addresses changes only sporadically (like, say, once or so in a month or two), then it's perfectly okay. Then again, you wouldn't need dynamic DNS in this case, just a regular zone update of your normal static DNS would suffice. Some ISPs auto-disconnect your connection every 24hrs. In this case, Dynamic DNS is just a temporary solution.
No, that wouldn't probably be enough, because:
I had to deal with laser links over large distances, and that was quite difficult already. RF is not as suceptible to thermic absorbtion and reflection, but the distance through the whole atmosphere is long enough to become significant.
The only solution that is being considered right now is to provide a large enough target area. Not ideal, but better than nothing.
The Germans spell Iraq "Irak," and they were against the US waging war against Saddam. They could provide a .ik.de subdomain for irakis who don't want to be managed by a texan ccTLD operator... :-)
IQ is Iraq's two-letter ISO country code, and there's almost certainly (I didn't check that) a provision in the ICANN regulations that all ISO country codes should be exclusively used by ccTLD operators.
Of course, a country is free to delegate "their" ccTLD to any company (local or foreign) they wish. This happened with some ccTLDs already.
Now, if the Iraqi government required control over their ccTLD, ICANN would have to take this into account and act accordingly. They are probably not compelled to act immediatelly, but they'll eventually have to take care of the situation.
Another more important aspect is this: if an (ICANN-) accredited ccTLD operator fails to deliver an acceptable level of service, ICANN may also have to act accordingly and re-delegate the domain. Or won't they?
That's what Al Jazeera TV is for. They wouldn't like the competition...
www.wmd.iq
Oh, didn't WMD mean Weapons of Mass Deception?