I don't think anyone ever expected that something akin to actual deflector shields for use on earth might be practical anytime soon, that they would always be the stuff of science fiction. At least this offers the possibility of actually making something like them with matter and not a theoretical energy shield requiring massive nuclear reactors.
If so then nobody but NSA knows about the technique despite decades of trying. The password and brute force are pretty much it as far as anyone else knows. Even differential and linear are hardly useful.
I suppose there is an advantage to spreading rumors that DES and AES have a back door. Then more people will use weak crypto, and NSA gets the bounty.
LOL, sorry, no. DES was only ever intended for unclassified data and was limited in strength. The record is clear that NSA strengthened the DES algorithm against attacks not publicly known at the time. The best anyone ever did against full strength DES was pretty much brute force (linear was very late to the game, and limited). That is what the DES Cracking project was about, finally putting a bullet in DES to get the next standard going. Now we have AES, and nobody can really claim that it is weak, can they? IIRC AES it approved for both unclassified and classified data. People always suspected that NSA had inserted a back door in DES with the S-Box changes when they had actually strengthened it against differential cryptanalysis which humbled many other schemes, but not DES. DES was almost perfect as designed, as long as you executed it as designed. That is no reduced number of rounds, no changes to the S-boxes, no other toying. It was exactly as strong as it needed to be, and pretty much free of weaknesses other than speed (it was designed for hardware where it was fast, but many did it in software where it was slow). Only the key length was a long term issue, and then you could still do triple DES. Here is the funny thing - many people suspected the government put in a back door and went with some other crypto scheme that was almost certainly inferior if for no other reason than they weren't designed to resist the secret differential cryptanalysis technique, or any other secret techniques. People ran from the back door boogey man and ran over the cliff of poorly designed crypto, and that doesn't even take into account mistakes in implementation. We will almost certainly be seeing the same sort of thing playing out in the future. "You can't trust AES, it was approved by NSA! There must be a back door! No, we're going to use Krasnovian Software A.G.'s ROT-39, developed by our resident super genius."
I guess it's my turn to LOL now. Bulk collection is cheap because encryption isn't generally used. When governments legally force the turnover of keys that won't change. Although there may be some spots where security is stronger, it is likely we'll see more actual junk being produced in the future. Perhaps you recall the early days of PCs when many vendors did their own thing instead of relying on DES. How many of those products would hold up to NSA, FSB, or China? And that is before you get into the question of key handling by all these new firms. The fact that you expect many more of them to be outside the US will also probably mean more crypto compromised by foreign governments since not all of them play as nicely as the US does despite the hysterics on Slashdot. If your concern is for the activists, that would make them more susceptible, not less. Your link doesn't seem to provide any evidence of encryption keys being compromised to private industry by US government intelligence, nor the infrastructure to exploit them if they did. Companies have always been interested in adversaries trying to bring them down and there are legitimate grounds for concern. Not every activist is honest, reasonable, sane, or has goals supported by general society. One only has to look at the eco-terrorists of ELF and Earth First to realize that. Private industry provides nearly all of the critical infrastructure and critical services relied upon by society, and there are legitimate security concerns. By the same token there is always a need for watchdogs against abusive or illegal behavior on the part of companies and government. You almost seem to be applauding panic on this, and panicked people seldom make good decisions. That is before we get to the question of human intelligence, the specialty of Russia, China, and various other nations. I've seen a number of your posts where you worry about "sock puppets," but you never seem to worry about agent provocateurs in this matter. Since you should understand the existence of pitfalls when approaching encryption and security, a single mistake can sink you, why don't you worry about the panicked herd being directed towards a cliff? From claimed "junk" crypto to actual junk crypto?
LOL The world now understands tame US crypto as used, sold and tested is junk.
You keep repeating that, but it still isn't true. (Did you even bother to watch any of it?) All the available evidence is that the math is still protective. The problems are other places.
I think the NSA would probably be happy to see your scenario. Just think, part time visual basic programmers around the world turning out "secure" products to protect you from the "Yankees." Of course they will guarantee their own work, it's from their elite programmers, their own local genius that can't be questioned. It is an extra bonus if they come up with their own cipher - nobody else knows how we do it, so it's unbreakable! The NSA will have the last laugh. So yes, sell that idea far and wide. An extra bonus comes in if the new government contract in that country goes to the minister's cousin, something I'm sure you'll agree never happens. After all, who would benefit?
The NSA knew about some of the 9-11 hijackers, but it was lost in the noise (and in lack of interdepartmental information sharing). The solution, suck in more noise? Makes little sense to me.
Gen. Keith Alexander: Well, the reality is if you go and do a specific one for each, you have to tell the phone companies to keep those call detail records for a certain period of time. So, if you don’t have the data someplace you can’t search it. The other part that's important, phone companies-- different phone companies have different sets of records. And these phone calls may go between different phone companies. If you only go to one company, you'll see what that phone company has. But you may not see what the other phone company has or the other. So by putting those together, we can see all of that essentially at one time.
John Miller: Before 9/11, did we have this capability?
Gen. Keith Alexander: We did not.
John Miller: Is it a factor? Was it a factor?
Gen. Keith Alexander: I believe it was.
What Gen. Alexander is talking about is that two of the 9/11 hijackers, Khalid al-Mihdhar and Nawaf al-Hazmi were in touch with an al Qaeda safe house in Yemen. The NSA did not know their calls were coming from California, as they would today.
Gen. Keith Alexander: I think this was the factor that allowed Mihdhar to safely conduct his plot from California. We have all the other indicators but no way of understanding that he was in California while others were in Florida and other places.
That is just warehousing data they can't process. Snowden and the commentators say that encryption is still good, it still works. At best that allows them to process chains of related data if they get a break.
In Unixland the answer is pipes. You can quickly teach them to do things that typical stand alone programs won't do, or won't do easily using simple programs linked together by pipes. It is a form of linking the two paradigms while moving them closer to actual programming, especially since some of the tools you can link with pipes are programmable (awk, sed, perl, etc.). Once they know how to perform actions from the command line it is a trivial step to put them into a shell script - real programming with a scripting language.
"Bin Laden determined to do something, somewhere, at some unknown time." That is not really helpful for security planning. It wouldn't have mattered if President Bush was sitting in NORAD at the time, little would have changed. You should really rethink your views on this, they are unserious.
After declaring war on the United States in 1996, the international terrorist organization known as Al Qaida, which comprised elements of the armed forces and government of Afghanistan, conducted an attack on the United States of comparable magnitude to the attack by the Empire of Japan on Perl Harbor in 1941 in terms of loss of life and economic damage on 11 September 2001. They attacked targets in both New York City and Washington DC, having attacked American embassies and military forces previously, and many other targets subsequently. The conflict continues.
Starting in 1969 (due to action by the Johnson Administration in 1968) the transactions to the Trust Fund were included in what is known as the "unified budget." This means that every function of the federal government is included in a single budget. This is sometimes described by saying that the Social Security Trust Funds are "on-budget." This budget treatment of the Social Security Trust Fund continued until 1990 when the Trust Funds were again taken "off-budget." This means only that they are shown as a separate account in the federal budget. But whether the Trust Funds are "on-budget" or "off-budget" is primarily a question of accounting practices--it has no effect on the actual operations of the Trust Fund itself.
then you are nothing more than a jealous little man with nothing of value to add. Please go away.
He is just somebody that is offering an opinion, just like you, or anybody else here. If the standard is that you have to steal nearly 2 million Top Secret intelligence documents before being able to offer an opinion here, then the forums will be very quiet indeed.
If you are calling a man who's sacrificed his future for the future of others a narcissist for airing his opinions, then you are nothing more than a jealous little man with nothing of value to add. Please go away.
Or it could be that he is essentially right, that Snowden has a martyr's complex, and what he has done will ultimately prove to be very harmful. Even if you accept the claims of his virtue at face value there is no really good way to judge since it will take years before the bill for his actions can be tallied up. The planning of attacks against the West incorporating the information from his leaks and other stolen information will have just started and could easily take a year or two to execute. You really have no way of knowing what the outcome will be. That would make your contempt ridden statement seem rather arrogant and very premature.
There have been previous discussions about a "right to be forgotten." It is hard to say what sort of traction it will ever get.
I'm sure it will become a popular idea with recent college grads that enjoyed partying with friends that had camera phones, as well as hooligans. But it already can be pretty difficult to track down some things, especially since the search engines started limiting how many pages they will retrieve for a search (at least for the general public). Even if you can remove a document from one place, it can often be found in another. How do you get them all? It would take a fair amount of work.
Against the "right to be forgotten" there is also the continuing erosion of useful information from various sites. There are some things that are disappearing from the internet even if you can find documents that mention them. Servers go away, files are lost, purges occur because "nobody would ever want that, it's old!" There are a lot of factors involved in this subject.
Interesting that. The Russian government also claimed to be surprised that Snowden showed up in Russia when he stayed at the Russian consulate in Hong Kong, and both had his birthday there, and made travel arrangements there. That seems a bit odd, don't you think? Can you imagine that they really didn't phone home to Moscow? What did they talk about while in the embassy?
Putin's statement may or may not be taken at face value. It would be a beautiful cover for a Russian intelligence operation involving a disgruntled American with access to Top Secret documents. In the opinion of a number of former Soviet bloc intelligence officers that is the case. We may never really know for sure.
And he did try to play by the rules; his superiors made it abundantly clear to him (repeatedly so) that his opinion on the matter was not solicited, and furthermore, endangered his career.
The demographic study – based on analysis of more than 2,500 censuses, surveys and population registers – finds 2.2 billion Christians (32% of the world’s population), 1.6 billion Muslims (23%), 1 billion Hindus (15%), nearly 500 million Buddhists (7%) and 14 million Jews (0.2%) around the world as of 2010. In addition, more than 400 million people (6%) practice various folk or traditional religions, including African traditional religions, Chinese folk religions, Native American religions and Australian aboriginal religions. An estimated 58 million people – slightly less than 1% of the global population – belong to other religions, including the Baha’i faith, Jainism, Sikhism, Shintoism, Taoism, Tenrikyo, Wicca and Zoroastrianism, to mention just a few.1
At the same time, the new study by the Pew Forum also finds that roughly one-in-six people around the globe (1.1 billion, or 16%) have no religious affiliation. This makes the unaffiliated the third-largest religious group worldwide, behind Christians and Muslims, and about equal in size to the world’s Catholic population. Surveys indicate that many of the unaffiliated hold some religious or spiritual beliefs (such as belief in God or a universal spirit) even though they do not identify with a particular faith.
Now go dig out some of the cool stuff NASA did before we started funding useless wars for no gain instead.
You do realize that the US Apollo missions to the moon occurred concurrently with the US involvement with the Vietnam war, when military spending took twice the relative bite out of the economy as it does today? Maybe not.
You should also be clear about how the spending of Federal tax dollars has changed over the years. (Don't like the source? Find another one, it won't really change if the numbers are honest*.)
* Honest Federal spending will include both "mandatory" and "discretionary" spending. Some sites mislead by excluding mandatory spending to distort the burden of social welfare spending versus defense spending.
I don't think anyone ever expected that something akin to actual deflector shields for use on earth might be practical anytime soon, that they would always be the stuff of science fiction. At least this offers the possibility of actually making something like them with matter and not a theoretical energy shield requiring massive nuclear reactors.
Very interesting stuff - Metamaterials
If so then nobody but NSA knows about the technique despite decades of trying. The password and brute force are pretty much it as far as anyone else knows. Even differential and linear are hardly useful.
I suppose there is an advantage to spreading rumors that DES and AES have a back door. Then more people will use weak crypto, and NSA gets the bounty.
LOL, sorry, no. DES was only ever intended for unclassified data and was limited in strength. The record is clear that NSA strengthened the DES algorithm against attacks not publicly known at the time. The best anyone ever did against full strength DES was pretty much brute force (linear was very late to the game, and limited). That is what the DES Cracking project was about, finally putting a bullet in DES to get the next standard going. Now we have AES, and nobody can really claim that it is weak, can they? IIRC AES it approved for both unclassified and classified data. People always suspected that NSA had inserted a back door in DES with the S-Box changes when they had actually strengthened it against differential cryptanalysis which humbled many other schemes, but not DES. DES was almost perfect as designed, as long as you executed it as designed. That is no reduced number of rounds, no changes to the S-boxes, no other toying. It was exactly as strong as it needed to be, and pretty much free of weaknesses other than speed (it was designed for hardware where it was fast, but many did it in software where it was slow). Only the key length was a long term issue, and then you could still do triple DES. Here is the funny thing - many people suspected the government put in a back door and went with some other crypto scheme that was almost certainly inferior if for no other reason than they weren't designed to resist the secret differential cryptanalysis technique, or any other secret techniques. People ran from the back door boogey man and ran over the cliff of poorly designed crypto, and that doesn't even take into account mistakes in implementation. We will almost certainly be seeing the same sort of thing playing out in the future. "You can't trust AES, it was approved by NSA! There must be a back door! No, we're going to use Krasnovian Software A.G.'s ROT-39, developed by our resident super genius."
Wouldn't the same argument apply? - ‘We Can Trust GCHQ On Encryption’
It will be interesting to see how it plays out.
I guess it's my turn to LOL now. Bulk collection is cheap because encryption isn't generally used. When governments legally force the turnover of keys that won't change. Although there may be some spots where security is stronger, it is likely we'll see more actual junk being produced in the future. Perhaps you recall the early days of PCs when many vendors did their own thing instead of relying on DES. How many of those products would hold up to NSA, FSB, or China? And that is before you get into the question of key handling by all these new firms. The fact that you expect many more of them to be outside the US will also probably mean more crypto compromised by foreign governments since not all of them play as nicely as the US does despite the hysterics on Slashdot. If your concern is for the activists, that would make them more susceptible, not less. Your link doesn't seem to provide any evidence of encryption keys being compromised to private industry by US government intelligence, nor the infrastructure to exploit them if they did. Companies have always been interested in adversaries trying to bring them down and there are legitimate grounds for concern. Not every activist is honest, reasonable, sane, or has goals supported by general society. One only has to look at the eco-terrorists of ELF and Earth First to realize that. Private industry provides nearly all of the critical infrastructure and critical services relied upon by society, and there are legitimate security concerns. By the same token there is always a need for watchdogs against abusive or illegal behavior on the part of companies and government. You almost seem to be applauding panic on this, and panicked people seldom make good decisions. That is before we get to the question of human intelligence, the specialty of Russia, China, and various other nations. I've seen a number of your posts where you worry about "sock puppets," but you never seem to worry about agent provocateurs in this matter. Since you should understand the existence of pitfalls when approaching encryption and security, a single mistake can sink you, why don't you worry about the panicked herd being directed towards a cliff? From claimed "junk" crypto to actual junk crypto?
LOL The world now understands tame US crypto as used, sold and tested is junk.
You keep repeating that, but it still isn't true. (Did you even bother to watch any of it?) All the available evidence is that the math is still protective. The problems are other places.
I think the NSA would probably be happy to see your scenario. Just think, part time visual basic programmers around the world turning out "secure" products to protect you from the "Yankees." Of course they will guarantee their own work, it's from their elite programmers, their own local genius that can't be questioned. It is an extra bonus if they come up with their own cipher - nobody else knows how we do it, so it's unbreakable! The NSA will have the last laugh. So yes, sell that idea far and wide. An extra bonus comes in if the new government contract in that country goes to the minister's cousin, something I'm sure you'll agree never happens. After all, who would benefit?
Here: http://www.pbs.org/wgbh/pages/frontline/homefront/view/
The NSA knew about some of the 9-11 hijackers, but it was lost in the noise (and in lack of interdepartmental information sharing). The solution, suck in more noise? Makes little sense to me.
I don't think that is quite right.
NSA speaks out on Snowden, spying
Gen. Keith Alexander: Well, the reality is if you go and do a specific one for each, you have to tell the phone companies to keep those call detail records for a certain period of time. So, if you don’t have the data someplace you can’t search it. The other part that's important, phone companies-- different phone companies have different sets of records. And these phone calls may go between different phone companies. If you only go to one company, you'll see what that phone company has. But you may not see what the other phone company has or the other. So by putting those together, we can see all of that essentially at one time.
John Miller: Before 9/11, did we have this capability?
Gen. Keith Alexander: We did not.
John Miller: Is it a factor? Was it a factor?
Gen. Keith Alexander: I believe it was.
What Gen. Alexander is talking about is that two of the 9/11 hijackers, Khalid al-Mihdhar and Nawaf al-Hazmi were in touch with an al Qaeda safe house in Yemen. The NSA did not know their calls were coming from California, as they would today.
Gen. Keith Alexander: I think this was the factor that allowed Mihdhar to safely conduct his plot from California. We have all the other indicators but no way of understanding that he was in California while others were in Florida and other places.
That's all very nice, but be clear -
Bruce Schneier: Crypto works.
That is just warehousing data they can't process. Snowden and the commentators say that encryption is still good, it still works. At best that allows them to process chains of related data if they get a break.
Point, Seumas.
In Unixland the answer is pipes. You can quickly teach them to do things that typical stand alone programs won't do, or won't do easily using simple programs linked together by pipes. It is a form of linking the two paradigms while moving them closer to actual programming, especially since some of the tools you can link with pipes are programmable (awk, sed, perl, etc.). Once they know how to perform actions from the command line it is a trivial step to put them into a shell script - real programming with a scripting language.
Don't forget to order some poutine.
Fermented mare's milk is a national drink in Kazakhstan.
That is Kazakhstan, the real country that is tormented by Sasha Baron Cohen's fictional character, the "journalist," Borat.
Kazakh national cuisine
Kazakh documentary film "Kieli Meken" - Discover Real Kazakhstan
MEET THE STANS
The actual Kazakhstan national anthem, the "Borat" parody, and an unfortunate incident.
Don't knock it, it's great work if you can get it.
Beauty, eh!
"Bin Laden determined to do something, somewhere, at some unknown time." That is not really helpful for security planning. It wouldn't have mattered if President Bush was sitting in NORAD at the time, little would have changed. You should really rethink your views on this, they are unserious.
I also like how, apparently, we're calling it "mass collection of information", instead of "spying", now.
A collection of books doesn't equal an education unless you read and understand them.
After declaring war on the United States in 1996, the international terrorist organization known as Al Qaida, which comprised elements of the armed forces and government of Afghanistan, conducted an attack on the United States of comparable magnitude to the attack by the Empire of Japan on Perl Harbor in 1941 in terms of loss of life and economic damage on 11 September 2001. They attacked targets in both New York City and Washington DC, having attacked American embassies and military forces previously, and many other targets subsequently. The conflict continues.
It doesn't really matter.
MYTHS AND MISINFORMATION ABOUT SOCIAL SECURITY- Part 2
Starting in 1969 (due to action by the Johnson Administration in 1968) the transactions to the Trust Fund were included in what is known as the "unified budget." This means that every function of the federal government is included in a single budget. This is sometimes described by saying that the Social Security Trust Funds are "on-budget." This budget treatment of the Social Security Trust Fund continued until 1990 when the Trust Funds were again taken "off-budget." This means only that they are shown as a separate account in the federal budget. But whether the Trust Funds are "on-budget" or "off-budget" is primarily a question of accounting practices--it has no effect on the actual operations of the Trust Fund itself.
RL33028: Social Security: The Trust Fund
then you are nothing more than a jealous little man with nothing of value to add. Please go away.
He is just somebody that is offering an opinion, just like you, or anybody else here. If the standard is that you have to steal nearly 2 million Top Secret intelligence documents before being able to offer an opinion here, then the forums will be very quiet indeed.
If you are calling a man who's sacrificed his future for the future of others a narcissist for airing his opinions, then you are nothing more than a jealous little man with nothing of value to add. Please go away.
Or it could be that he is essentially right, that Snowden has a martyr's complex, and what he has done will ultimately prove to be very harmful. Even if you accept the claims of his virtue at face value there is no really good way to judge since it will take years before the bill for his actions can be tallied up. The planning of attacks against the West incorporating the information from his leaks and other stolen information will have just started and could easily take a year or two to execute. You really have no way of knowing what the outcome will be. That would make your contempt ridden statement seem rather arrogant and very premature.
There have been previous discussions about a "right to be forgotten." It is hard to say what sort of traction it will ever get.
I'm sure it will become a popular idea with recent college grads that enjoyed partying with friends that had camera phones, as well as hooligans. But it already can be pretty difficult to track down some things, especially since the search engines started limiting how many pages they will retrieve for a search (at least for the general public). Even if you can remove a document from one place, it can often be found in another. How do you get them all? It would take a fair amount of work.
Against the "right to be forgotten" there is also the continuing erosion of useful information from various sites. There are some things that are disappearing from the internet even if you can find documents that mention them. Servers go away, files are lost, purges occur because "nobody would ever want that, it's old!" There are a lot of factors involved in this subject.
This is the dumbest thing I've ever seen on Slashdot.
Hi, you must be new here.
Interesting that. The Russian government also claimed to be surprised that Snowden showed up in Russia when he stayed at the Russian consulate in Hong Kong, and both had his birthday there, and made travel arrangements there. That seems a bit odd, don't you think? Can you imagine that they really didn't phone home to Moscow? What did they talk about while in the embassy?
Putin's statement may or may not be taken at face value. It would be a beautiful cover for a Russian intelligence operation involving a disgruntled American with access to Top Secret documents. In the opinion of a number of former Soviet bloc intelligence officers that is the case. We may never really know for sure.
And he did try to play by the rules; his superiors made it abundantly clear to him (repeatedly so) that his opinion on the matter was not solicited, and furthermore, endangered his career.
You aren't talking about Snowden, are you? That doesn't appear to be remotely true in any meaningful way. Snowden has admitted that he took his job with the intent of stealing secrets.
More than half actually.
The Global Religious Landscape
The demographic study – based on analysis of more than 2,500 censuses, surveys and population registers – finds 2.2 billion Christians (32% of the world’s population), 1.6 billion Muslims (23%), 1 billion Hindus (15%), nearly 500 million Buddhists (7%) and 14 million Jews (0.2%) around the world as of 2010. In addition, more than 400 million people (6%) practice various folk or traditional religions, including African traditional religions, Chinese folk religions, Native American religions and Australian aboriginal religions. An estimated 58 million people – slightly less than 1% of the global population – belong to other religions, including the Baha’i faith, Jainism, Sikhism, Shintoism, Taoism, Tenrikyo, Wicca and Zoroastrianism, to mention just a few.1
At the same time, the new study by the Pew Forum also finds that roughly one-in-six people around the globe (1.1 billion, or 16%) have no religious affiliation. This makes the unaffiliated the third-largest religious group worldwide, behind Christians and Muslims, and about equal in size to the world’s Catholic population. Surveys indicate that many of the unaffiliated hold some religious or spiritual beliefs (such as belief in God or a universal spirit) even though they do not identify with a particular faith.
Now go dig out some of the cool stuff NASA did before we started funding useless wars for no gain instead.
You do realize that the US Apollo missions to the moon occurred concurrently with the US involvement with the Vietnam war, when military spending took twice the relative bite out of the economy as it does today? Maybe not.
You should also be clear about how the spending of Federal tax dollars has changed over the years. (Don't like the source? Find another one, it won't really change if the numbers are honest*.)
* Honest Federal spending will include both "mandatory" and "discretionary" spending. Some sites mislead by excluding mandatory spending to distort the burden of social welfare spending versus defense spending.