I've tried full-time teleworking and it was a disaster - being in the same room as your colleges from time to time is nearly essential, for me at least.
On the other hand the occasional day away from them can be a very productive day, free of interruption, and more productive for avoiding the stress of commuting.
If I were the Mayor of London I'd be doing everything I could to encourage London businesses to introduce partial teleworking, so as to reduce the load on the transport system. It's about the only way left to deal with London's transport capacity problems.
If they did that you'd have to explicitly consent to paying more for the call, even for an incoming call. I don't think it'll work that way - I think the phone company will pass on some of the money saved because it didn't need a mast to handle the call on to the picocell owner.
I've been predicting picocells for a while. I think there will be a lot of them. A private owner (eg a shop or a bar) installs a picocell, hooks it up to their broadband connection, and gets some of the call revenue from the network provider in return for taking some of the weight off the towers. Battery life is improved, radiation reduced, and everyone wins. The cells units are small and cheapish, and when they fail you just send them back by post and get sent a replacement. You'll see them underground in metro stations, or at the backs of shops in buildings which block radio waves.
When dialled-up, I felt pressure to sit at the computer and get all my on-line things done right away, so as not to waste the time the phone line was dialled up. Now I have broadband, I'm happy to wander away from the computer for any reason.
Looking at the archives, Crypto-Gram had started to widen its scope to general computer security by the second issue (news item: "The L0pht, a hacker group from Boston, testifies before Congress").
And Crypto-Gram definitely serves a purpose not served by eg Slashdot. The/. editors don't have a fucking clue about crypto or security.
In the UK at least, lawyers are expected to track the time they spend on each case *very* carefully. It's all about the billable hours. This is true even if they always represent the same client (eg the local authority).
Well, obviously you adjust your encryption to what you think people will be throwing at it. That goes without saying....or, actually, completely not. It's nearly always so cheap to use encryption that's completely infeasable to attack directly that you should always do that; it's crazy to use anything less to save a few cycles unless you're in a very limited resource environment.
ECC ("this Certicom encryption system") has turned out to be exactly as hard to break as Certicom and everyone else expected - if anything, the results of this challenge increase our confidence in it.
109 bits was deliberately chosen to be short enough to break. The next challenge is 131 bits, which is also considered breakable (though it will be about 2048 times harder).
After that, you get on to the "Level II" challenges, which are not considered breakable. They start at 163 bits, the least recommended for real use, and would be about 140 billion times harder to break.
I don't have the figures here to do the sums, but off the top of my head I'd say that's an underestimate for the difficulty of breaking 2048-bit RSA using current algorithms.
Read Paul van Oorschot and Michael Wiener, "Parallel Collision Search with Cryptanalytic Applications". I suspect most Slashdotters would be able to get the gist of it...
Nice story, but not true. According to Coppersmith, the DES design team discovered differential cryptanalysis during the design process of DES, and defended against it in the design of the S-boxes. They called it the T-attack, for "tickle". The NSA said they'd discovered some of their darker secrets, and asked them to keep quiet about it. The result was that everyone could see there was structure in the S-boxes, but no-one knew why, until Biham and Shamir re-invented DC in the late eighties and broke just about everything in use.
Coppersmith has always maintained that the NSA did not dictate a single wire of DES.
They don't really need a cycle that contains a DP - they just need two chains that end on the same DP. Pollard-Rho is the inspiration for the algorithm they're using, but actually cycles don't play any part in parallel collision search - the important bit is the "lambda" shape by which a collision in DPs alerts you to a collision earlier in the chain. Their explanation is surprisingly poor - read "Parallel Collision Search with Cryptanalytic Applications" for a better one.
It's so unlikely that a client might get stuck in a cycle that doesn't contain a DP that it's not worth addressing it. If the code to address the problem makes the program one byte larger, and that makes someone 0.0001% less likely to download it successfully, then the cost of addressing it outweighs the possible benefit.
By my calculations, at the current rate they'll take over 500 years to produce a collision. They need about a hundred times as many people on board to get anywhere.
N=2^128 is the space they're looking for a collision in. The expected number of collisions found after k items have been produced is very close to k^2/2N, so the probability zero have been found is exp(-k^2/2N) by the Poisson distribution. Assume exp(-k^2/2N) = 0.5 and solve for k, then divide by their declared rate of 1.325 gigaMD5s a second.
I don't know whether this inclines me to give the whole thing up or to climb on board. The latter is probably more fun.
Slashdot Mirror
In my case it didn't help that all my colleages were German speakers while my German was barely passable...
I've tried full-time teleworking and it was a disaster - being in the same room as your colleges from time to time is nearly essential, for me at least.
On the other hand the occasional day away from them can be a very productive day, free of interruption, and more productive for avoiding the stress of commuting.
If I were the Mayor of London I'd be doing everything I could to encourage London businesses to introduce partial teleworking, so as to reduce the load on the transport system. It's about the only way left to deal with London's transport capacity problems.
No, it's nonsense.
If they did that you'd have to explicitly consent to paying more for the call, even for an incoming call. I don't think it'll work that way - I think the phone company will pass on some of the money saved because it didn't need a mast to handle the call on to the picocell owner.
Heh, yeah, in my ideal future they only allow you to send SMS messages...
Surely power requirements grow on the square of distance? So that would be only about 30 times the range.
I've been predicting picocells for a while. I think there will be a lot of them. A private owner (eg a shop or a bar) installs a picocell, hooks it up to their broadband connection, and gets some of the call revenue from the network provider in return for taking some of the weight off the towers. Battery life is improved, radiation reduced, and everyone wins. The cells units are small and cheapish, and when they fail you just send them back by post and get sent a replacement. You'll see them underground in metro stations, or at the backs of shops in buildings which block radio waves.
When dialled-up, I felt pressure to sit at the computer and get all my on-line things done right away, so as not to waste the time the phone line was dialled up. Now I have broadband, I'm happy to wander away from the computer for any reason.
Brilliant! You've done a really nice job of capturing The Onion's style.
from all these hadrons escaping from it!
No Commissioner of the patent office anyway.
A Patently False Patent Myth
For some possible applications, check out machinima.com - film-making in real time using game engines.
Looking at the archives, Crypto-Gram had started to widen its scope to general computer security by the second issue (news item: "The L0pht, a hacker group from Boston, testifies before Congress").
/. editors don't have a fucking clue about crypto or security.
And Crypto-Gram definitely serves a purpose not served by eg Slashdot. The
In the UK at least, lawyers are expected to track the time they spend on each case *very* carefully. It's all about the billable hours. This is true even if they always represent the same client (eg the local authority).
Is there a message steganographically embedded in this Markov-chain-generated post?
Note that the benchmark was heavily slanted to favour Microsoft, but the Linux community wanted to win even in that instance.
http://lwn.net/1999/features/MindCraft1.0.php3
http://www.google.com/search?q=mindcraft+weiner
Well, obviously you adjust your encryption to what you think people will be throwing at it. That goes without saying. ...or, actually, completely not. It's nearly always so cheap to use encryption that's completely infeasable to attack directly that you should always do that; it's crazy to use anything less to save a few cycles unless you're in a very limited resource environment.
ECC ("this Certicom encryption system") has turned out to be exactly as hard to break as Certicom and everyone else expected - if anything, the results of this challenge increase our confidence in it.
/. moderators sometimes...
109 bits was deliberately chosen to be short enough to break. The next challenge is 131 bits, which is also considered breakable (though it will be about 2048 times harder).
After that, you get on to the "Level II" challenges, which are not considered breakable. They start at 163 bits, the least recommended for real use, and would be about 140 billion times harder to break.
I worry about the
I don't have the figures here to do the sums, but off the top of my head I'd say that's an underestimate for the difficulty of breaking 2048-bit RSA using current algorithms.
1) Where do you store the OTP? What do you do when it runs out
2) How do you know where you're up to in the OTP?
This won't work. OTP is *not* a magic incantation for wonderful security.
Read Paul van Oorschot and Michael Wiener, "Parallel Collision Search with Cryptanalytic Applications". I suspect most Slashdotters would be able to get the gist of it...
Nice story, but not true. According to Coppersmith, the DES design team discovered differential cryptanalysis during the design process of DES, and defended against it in the design of the S-boxes. They called it the T-attack, for "tickle". The NSA said they'd discovered some of their darker secrets, and asked them to keep quiet about it. The result was that everyone could see there was structure in the S-boxes, but no-one knew why, until Biham and Shamir re-invented DC in the late eighties and broke just about everything in use.
Coppersmith has always maintained that the NSA did not dictate a single wire of DES.
They don't really need a cycle that contains a DP - they just need two chains that end on the same DP. Pollard-Rho is the inspiration for the algorithm they're using, but actually cycles don't play any part in parallel collision search - the important bit is the "lambda" shape by which a collision in DPs alerts you to a collision earlier in the chain. Their explanation is surprisingly poor - read "Parallel Collision Search with Cryptanalytic Applications" for a better one.
It's so unlikely that a client might get stuck in a cycle that doesn't contain a DP that it's not worth addressing it. If the code to address the problem makes the program one byte larger, and that makes someone 0.0001% less likely to download it successfully, then the cost of addressing it outweighs the possible benefit.
By my calculations, at the current rate they'll take over 500 years to produce a collision. They need about a hundred times as many people on board to get anywhere.
1 9.78646399116343804161
The sum I did is
sqrt(-l(0.5)*2*2^128)/(1.325*10^9*86400*365)
5
N=2^128 is the space they're looking for a collision in. The expected number of collisions found after k items have been produced is very close to k^2/2N, so the probability zero have been found is exp(-k^2/2N) by the Poisson distribution. Assume exp(-k^2/2N) = 0.5 and solve for k, then divide by their declared rate of 1.325 gigaMD5s a second.
I don't know whether this inclines me to give the whole thing up or to climb on board. The latter is probably more fun.
Incidentally, the algorithm they're using to do the search efficiently is pretty cool. Paul C van Oorschot and Michael J Wiener, Parallel Collision Search with Cryptanalytic Applications (pdf)
Not on Debian sarge/testing. I've installed it several times in the last three days, I know :-)