Actually, even DES (ca 1976 or so), and its contemporaries (LOKI, LUCIFER, etc) were immune to
both known and chosen plaintext attacks. It's not hard building a cipher that is resistant to
known and chosen plaintext attacks--most students who've taken an introductory crypto course in
university should be able to build a cipher that is resistant to known and chosen plaintext attack.
Even WW-II-era Enigma was at least partially resistant, as was the Lorenz cipher used by the German high
command.
Cryptanalytic attacks *aren't* how deployed cryptosystems generally fail. They fail for much more mundane reasons...
All modern encryption algorithms are immune or highly resistant to known-plaintext attack--which is the type
of attack you cite. Further, they're designed to be immune or resistant to attack by chosen
plaintext, chosen ciphertext, chosen-key, linear cryptanalytic, differential cryptanalytic, and a
plethoria of other highly-esoteric attacks.
In general, cryptosystems fail for reasons unrelated to the overall quality of the encryption algorithm in use.
Read "Why Cryptosystems Fail" for a (somewhat-dated) insight into problems in deployed cryptosystems.
Nothing is foolproof, and foolish use of cryptography is generally the "wedge" that the "bad guys" use to
defeat deployed cryptosystems. Users choosing bad keys, installing keyloggers, gaining access while the
"target" is still available in plaintext, etc, etc.
Whole-disk encryption schemes are fragile in the sense that applications never "see" the encrypted data.
They always see it in the clear, and treat it like any other data. Which means copying it to temporary
files that may not be on the encrypted part of the filesystem, sending it to print spoolers, etc.
If "the man" wants you bad enough, he'll find a way to get you, encrypted filesystem or not.
How do you know your USB key wasn't duplicated in the night while you slept? How do you know that
every keystroke you type hasn't been sent via wireless to the nearest FBI watcher?
So, this is an interesting case.
The student in question was 18 years old at the time of the event. That means that the usual
school Loco Parentis doctrine doesn't apply to this student. He's an adult in the eyes of
the law, which means that he may excuse himeself from school at any time, without needing
a note from a parent.
Indeed, an interesting question would be whether or not he needed to formally notify the school
administration at all that he'd "excused himself" from that particular bit of school that afternoon.
He was on public property, and conceivably had "excused himself" from school. Which means that he
wasn't subject to restrictions in free speech imposed by school policy.
Ken Starr should lose this one.
The article said that the containers in her hand luggage had "come into contact with explosives", which is a very
far cry from "were explosives". I'm nearly-certain that there won't be another item in the news saying
"we were mistaken, it was just skin cream". That wouldn't be sensational enough.
There are hundreds of legitimate reasons for your "stuff" to have come into contact with explosives residues.
I handle High Power Rocket Motors as part of my hobby, and I also handle fireworks rather frequently. I'm
rather surprised that I've never set off the detectors at the airport, but it's never happened. I've travelled
wearing clothes that actually smelled of burned blackpowder, and never been intercepted.
I suspect that recreational firearms enthusiasts set off the alarms once in awhile too. You don't hear about the recreational
shooters who are white males who set off explosives alarms at the airport. But this person
was originally from Pakistan, which means they should probably send her off to Gitmo
just as a precautionary measure, right?
This quote: "which she says violates the rights to free speech and privacy" does't make any sense to me. First, no one is being stripped of their rights to free speech. Second, I am not aware of any law that guarantees a right to privacy.
I can but quote from the Fourth Amendment to the Constitution of the United States of America:
The right of the people to be secure in their persons, houses, papers and effects, against unreasonable searches and seizures, shall
not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath, or affirmation, and particularly describing the
place to be searched, and the persons or things to be seized.
To me, that provides guarantees of privacy, except in certain clearly-defined-by-constitution circumstances
I'm just slightly half-way through the full opinion--it's a good read. In it the judge clearly establishes a link between violation of fourth amendment rights, and violation of first amendment rights, citing case law going back to 1765. I find the logic sound, but perhaps I would
be accused of feeble-mindedness, I dunno.
I never completed *any* post-secondary education, and to be honest, never actually completed highschool.
I started my career in computing in the late 1970s, at the tender age of 16. My lack of any paper credentials
didn't seem to slow me down any. I was a "senior member of scientifc staff" at a major high-tech R&D
company by the time I was in my late 20s. But I had a strong aptitude for programming and systems design.
Solving technical problems, root-cause analysis, leading technical projects, they were all things I was naturally
very good at. Nobody ever paid much attention to what flavour of degree I had or didn't have.
Go with what you're really good at. If that isn't computer programming, find out what you're good at, what you're
passionate about, and see if you can make a career out of it.
What does it take to impeach the prez? Isn't it time? You've already got the Neil Young song
to go along with it:-)
Force a new election?
Up here north of the 49th parallel, antics like GWBs could (not definitely, but *could*)
cause a non-confidence motion to be raised, which could precipitate the dissolution of
parliament and force an election.
Are you are saying that if I connect to a web server running some sort of trusted computing, I will be able to trust it to not serve me malware?
You could get a degree of trust in it, yes. It could publish its software configuration, signed by a crypto key embedded in the TPM chip. This way you could verify that it was running the latest patched version of Apache and other software, and had no intentional malware insertion features.
Only to a very small degree. The only thing you'd know is that at some point in the machines past, the system software ran the code
through the TPM to get a TPM "attestation". Which says *nothing* about the current state of the system. Nope, in order to
get a sanity statement from that web server that you can trust, you'd have to solve the Halting Problem. Good luck.
Some good uses of trusted computing:
Users using it to block viruses, worms, spyware, malware etc from running
Corporations/IT departments/etc using it to control the installation of unapproved software on employee PCs
Companies using trusted computing to protect sensitive data (for example, even if a hacker could get into the server holding all the credit card numbers, they wouldnt be able to use the hacker tools to get all the numbers out because trusted computing would prevent the hacker tools from running. Wont stop the hacker but would make it harder. Also prevents hacker from installing rootkits or other tools since they wont run or will cause the signature on the OS binaries to no longer be vaild)
Some of these uses superficially look good on the surface. For example, who could argue with the IT department at
MegaCorporation of America that they should be able to control what software you're allowed to have/run on the
computers owned by the corporation. Who could argue with that? It seems like motherhood and apple pie....
Except that in large companies, particularly large knowledge-driven, high-technology companies, the IT department has
nearly no clue about what it is that the computers that are under their care can legitimately be used for. The problem is
that for the most part, IT doesn't know that they don't know. In effect, such draconian "authorized software only" policies,
along with the TCG/TPM/TCPA technological policy enforcement machinery allows IT departments to redefine that which constitutes
useful work.
Imagine a scenario where you've spent the day writing some piece of exploratory data analysis code on
your desktop computer at MegaCorporation of America. For whatever reason, it needs to be "installed" to work properly.
The next time you reboot, or the network does a "authorized software" probe, it finds that you've installed some
"contraband" software, and kicks you off the net, and sends an audit report to a witless IT-security department.
Maybe you didn't write the software yourself. Maybe your whiz-kid highschool intern wrote it on *his* PC, and sent it to you.
You utterly trust that it's "good stuff", but because of IT policies, and the technology to back up those policies,
you're screwed, and if you try to install and run it, you'll be getting a visit from the jackbooted thugs in HR tommorow.
Of course, compilers will no longer be "authorized software" in this new dystopian world. You could, after all, use a
compiler to hill-climb your way into bypassing all the "Trusted Computing" nonsense on your desktop computer.
This technology has really-bad, far-reaching, socio-political and technical consequences, and clearly cannot be made to
"work" for a suitably-robust definition of "work". I can't understand why it's still being pursued so aggressively, except
that most folks, IT purchasing and CIOs included, will by any-old snakeoil if it's marketted aggressively enough.
I worked in IT security for over a decade at a large company. I do have *some* insight into how this nonsense will actually
get deployed, and I'm fairly certain that the nighmare scenario outlined above *will* play out in many cases.
"I personally abhor the notion of Trusted Computing on my personal computer"
Maybe the implimentation, but not the idea. TC has some pluses, amoung the least malware, spyware, viruses, and trojans will be harder to write. People will finally have end-to-end encryption that protects their privacy.
The only positive benefit of the TPM, that I can see, is that it will "commoditize" secure storage for cryptographic
private keys. But to go from that to "People will finally have end-to-end encryption that protects their privacy" is
a very large stretch indeed. We've had cryptographic systems for e-mail, etc, for over a decade. Uptake has *not* been
limited due to lack of secure hardware. Uptake has been limited by more mundane factors like ease-of-use, education,
interoperability, flexibility, etc, etc. But solving those problems isn't "cool" enough for most practitioners in
the cryptographic arts, so they mostly haven't been solved. TPM isn't going to fix this, unfortunately.
In fact, it occurred to me that the Army doesn't want TPM for the TCG aspects, but rather just as a cheap and
ubiquitous secure storage device for cryptographic keys. If *that's* what they want it for, then it's
probably a good thing. Cheaper, in the long run, than getting outboard ISO-7816 cards for safe storage
of keying material.
No, that's a common fallacy; in fact, it's an intentionally constructed fallacy. Trusted in this context means that you have evidence to trust that the computer will behave in a specified way, particularly from the point of view of remote access. Normally when you connect to a computer remotely you have no way of knowing what it's doing. It could be essentially running any software at all. But if you connect to a Trusted Computer, it provides cryptographic evidence about its software configuration. Knowing what software it is running gives you grounds to know how it will behave; and to trust that behavior. That is the real meaning of Trusted Computing.
Such "evidence" as you call it is extremely weak indeed. The market has bought-in to the notion that the
digitally-signed "attestations" produced by the TPM/TCG/TCPA "stack" are a useful proxy for the essential
truth that they're digitally signing. This "stack" is nothing more than a notary function, and just like
a real-world notary, it can't possibly say anything about the essential truth ("This Computer is in a secure state") of
such attestations, but can sign them cryptographically.
The Halting Problem is still generally thought to be intractable, and unless the TCG have some "magic pixie dust"
that solves the Halting Problem, all of this "secure attestation" nonsense is just nonsense, no matter how
much cryptographic mumbo-jumbo you wrap around it.
So, let's say that you get a statement (duly digitally signed from the TPM) that "I'm a sane computer". From
a sane computer, you can trust this statement. From an insane computer, you can't--digitally signed or not.
TCG believes that their "trusted boot sequence" technology is a way around the Halting Problem. They've
drunk very deeply of the Kool-Aid my friends, very deeply indeed. Until software can be made perfect,
this is just all crack-induced nonsense.
I'd expect the Army to know that. Surely, they must have talked to the folks at the NSA who know full-well
that the Halting Problem is the elephant in the living room that the Trusted Computing crowd are trying
to ignore...
Having spent most of my career as an IS/IT guy, with the last 12 or so as an IT security
guy for a large company, I can certainly sympathize with the "if I don't support it, you
can't run it" attitude.
But in a company full of knowledge workers, I can't see how to make this actually workable.
I don't see how a person, or group of people, could possibly evaluate every piece of
software that some hardware/software/whatever developer wants to run on their machine.
Not to mention that the "you may only run approved-by-me software on your computer" fails
badly when the person needs/wants to write their own software for their own machine.
Unless, of course, you wish to redefine "useful work" to consist of shuffling documents
around, using tools approved by the corporate security policy makers, sending the
occasional e-mail, and checking the current stock price using the corporately-approved
browser, visiting the corporately-approved website.
The same ignorant policies tend to spread to the corporate network. Such policies usually
look like "thou shalt only emit packets that I recognize. Anything else must necessarily
be a security risk". It's a little like restricting which words an employee may use
while engaged in business conversation--pick from a list of 2000 "policy-approved"
words....
I write my own (often throw-away) software on my corporate PC, which often emits
packets that the on-every-subnet sniffers have likely never seen before. Technically
I'm in violation of at least two corporate policies. But I have a hard time
redefining my job in such a way that I can express everything I need to do in terms
of PowerPoint presentations, word documents, and the occasional e-mail to the boss.
The Gnu Radio code used with the USRP already includes a couple of radio astronomy
applications--one for spectral and continuum work, and the other for pulsars.
Still very rudimentary, but the spectral application could easily be morphed into
something more useful for SETI. Keep firmly in mind that doing amateur SETI
observing with a small dish is a dicey proposition, at least based on the current
wild-assed guesses for ETs radiated power budget:-) A flotilla of small dishes,
all observing the same patch in the sky could concievably build a SETI array to
increase effective antenna size, but maximizing the sensitivity requires phase coherence
among all the antennae. Not easy to achieve at the amateur level...
The Gnu Radio SDR system that's used with USRP is a very flexible framework for
building a great number of specialized or general purpose radio applications.
It wouldn't take long to put together a SETI watcher application, using probably
the DBS_RX daughterboard, which would nicely cover the water hole.
1. Dried perchlorate salts are, themselves, shock sensitive and can explode. 2. The perchlorate ion participates in very facile acid/base chemistry, and can/will convert to the acid form very easily. I have seen trained chemists screw up and get injured using perchlorate *salts.* Never assume that chemicals stay in the condition you buy them; for example, ether readily forms explosive peroxides over time.
The only perchlorate salt that is in regular use by pyrotechnicists that is by itself even *mildly* shock sensitive,
is ammonium perchlorate, and even that isn't terribly sensitive. KClO4, on the other hand, is hard to get to
shock-initiate even when combined with sensitizing agents like sulfur. Certainly if you don't understand
what you're doing, you can produce perchloric acid, but you have to work fairly hard at it.
Certainly, someone who doesn't understand the hazards associated with gasoline and ignition sources could easily
blow themselves and their neighbours to kingdom come. So I'd suggest that in the same breath that you say
"nobody should have these chemicals at home", you should also say "nobody should be allowed to possess gasoline,
or rat poison, or power tools, or motor vehicles, or bicycles, or...".
What perchlorate salts did your trained-chemist friends injure themselves with? Be specific. The perchlorates that
are regularly used by amateur pyrotechnicians--KClO4, and NH4ClO4, are relatively well-behaved. But quite apart
from the amateur pyrotechnicians, there's hobby rocket types as well. High Power Rocketry types regularly
use rocket motors that can burn up many kg of NH4ClO4+fuel in a few seconds, sending their lovingly-crafted
creations to altitudes of thousands of feet. If AP (NH4ClO4) were as dangerous as you make it out to be,
then there'd be HPR enthusiasts blowing themselves to bits on a daily basis. Doesn't happen. During
"rocket season", my ballpark estimate is that hundreds of kg of AP gets burned up every week across
the U.S. and Canada.
I haven't once had a perchlorate salt spontaneously turn into perchloric acid. To hear you talk, you'd expect
perchlorates to do that all the time. They don't. And you know it. You're sensationalizing.
Like most people who only learn enough chemistry to make explosives, you don't have a sufficient understanding of the materials you're using to keep yourself - and others - safe. Kind of like running a meth lab that way, where idiots are always blowing themselves up because they don't fully understand the hazards of the chemicals they're using.
I got my safety and chemical handling training from my father--an industrial chemist of 20 years experience who
rounded out his working life teaching chemistry at the college level for 14 years. I *do* understand the hazards
of the chemicals I'm using, just like the many hundreds like me throughout North America who regularly
practice the pyrotechnic arts. Frankly, I find your condescending attitude repulsive.
While I didn't pursue a career in chemistry, I was quite good at it in highschool. Precisely because my father
instilled a love of it in me at an early age. We built our first pyrotechnic device together when
I was 8 years old. I "got back into" pyrotechnics in my late 30s (now I'm in my early 40s). I regularly
put on shows at my country property to an appreciative audience. I'm certainly not going to let
"live in bubblewrap" folks like you tell me that I need to stop.
Warfarin is rat poison. When your blood is thinned beyond a certain limit, you start bleeding internally, massively.
Pharmaceutical warfarin is carefully-dosed to be below the limit where you start internally bleeding to death.
You'd crap yourself if you were my neighbour, then.
Your comments clearly indicate that you've never actually handled the kinds of
perchlorates that UN sells. I suspect that your recent education is to blame.
You probably never handled KClO4 and NH4ClO4, because your local safety nazis
at school declared all perchlorates to be too hazardous to handle. Certainly if your
only exposure to such involves the actions of perchloric acid (definitely dangerous),
you'd come to that conclusion.
For example, the reaction between KClO4 and sugar is only modestly more "robust" than
the reaction between KNO3 and sugar. I can't definitely remember off the top of my
head, but I recall that the activation energy in the KCLO4 case is slightly higher
than the KNO3 case. You're probably going to tell us that they never even let you
burn a little pile of KNO3+Sugar in your college chemistry classes. Far too dangerous.
QED.
If your neighbour wants to kill you, or your neighbourhood, they'd spend their money much more
wisely by buying a few Kg of Warfarin at Wal-Mart or the local farm supply store.
UN sells uranium ore. Big fat hairy deal. There are many of places where you can buy uranium
ore, both in the "brick 'n mortar" world, and the online world. You'd be at it a very long
time to process enough of it to make anything truly dangerous. And out quite a bit of coin, too.
You can buy high-power lasers all over the net. UN doesn't have any kind of monopoly on high-powered
lasers. Heavy water? I'm not sure what you'd use it for, but it isn't a particularly dangerous
thing to have in your possession. More of a coffee-table curiosity than anything else.
You should perhaps re-examine that phrase you used "potentially deadly materials without a system in place to
verify identity". So, next time I'm at the metal store, they should verify my identity before I buy
a 2ft piece of 2" cold-rolled steel. I could, after all, be planning to bludgeon somebody to death
with it, and it's good to have an audit trail in place, should that ever be my evil plan. Better be safe
and record everybody, all the time, for any kind of transaction of any kind. Just in case.
In a country where children can buy guns and ammo at the local department store, I find it hard to understand why
people are getting paranoid about a few mildy-interesting chemicals.
Of course, the lay public generally regards CHEMICALS, OMG, CHEMICALS, as some kind of inherently-evil thing.
Most folks, if asked whether they'd let their child put OMFG, Sodium Chloride, on their french fries would probably
say "never! Are you some kind of monster?". But they're perfectly willing to buy the same substance
from the grocery store, innocuously labelled as "Table Salt". That same table salt can easily be turned into
a much-more-interesting powerful oxidizer, using a simple do-it-at-home process. Perhaps we need to
register all purchases of table salt now. And charcoal. Oh, and trees, since you can easily turn trees
into charcoal using a very common process. And since the urine of mammalian species can easily be turned
into mixed nitrates, we'd better ban urine as well. Everybody cross your legs:-)
While it's true that *certain* perchlorate salts are dangerous by themselves, it isn't generally true.
Reactions between perchloric acid and many organics are nasty, and produce highly-unstable organic perchlorates.
United Nuclear doesn't sell any of those, and nobody I know uses them.
The two most common perchlorate salts used in pyrotechnics are Potassium Perchlorate, and Ammonium Perchlorate.
Ammonium Perchlorate is somewhat shock sensitive by itself, but Potassium Perchlorate isn't. Having worked
with perchlorates for several years, I have a hard time believing your story about a thin coating of
perchlorate that "took out a whole lab". The type of behaviour you describe is characteristic of
much-more-sensitive compounds like the fulminates, or perhaps mechanical mixtures of *chlorates* with
sensitizing agents like sulfur or *shudder* phosphorous.
By themselves, the two most common perchlorate salts sold to the amateur experimenter--Potassium Perchlorate and
Ammonium Perchlorate, are quite stable in practice.
I live way out in the country, and my workshop is 150ft from the house. And quite far away from any other occupied
dwelling. I use the precautions that are usual practice for folks engaged in amateur pyrotechny. I don't make
high explosives, and I'm fully aware of the hazards associated with my craft, and the chemicals I use.
Per participant hour, there are far fewer injuries in amateur pyrotechny than other activities people
regularly engage in. Like cycling, hiking, roller-blading, etc, etc, etc.
So, I'll assert gain that your "nobody should have these dangerous chemicals at home" is chicken-little-style
nonsense. If you'd ever done significant work with Potassium Perchlorate, Ammonium Perchlorate, and the
pyrotechnic mixtures they're found in, you'd understand that your position of "perchlorates: unsafe at
any speed" attitude is unfounded. Amateur pyrotechnics types are well-aware of the hazards, and take steps
to mitigate the risks. Occasionally, some dumb-ass buys a bunch of KClO4 and aluminum, and blows himself
to bits, but even with the "dumb ass" factor, the statistical record is that amateur pyrotechny and chemistry
in general is a safe hobby.
Speaking as someone who uses "those types of chemicals" in my home workshop all the time,
I have to disagree.
Life comes with risks, and rational adults learn to deal with and mitigate those risks.
We wear bicycle helmets while bicycling, have a garden hose on hand when we have a
bonfire, etc, etc.
United Nuclear, like Skylighter, Firefox, Iowa Pyro Supply, and many others, supplies chemicals
to amateur and professional pyrotechnicists all over the world, and to a lesser extent, the more
generic "home chemist type".
The article casts chemicals like "perchlorate" in the light of "makes bombs", which is misleading.
Yes, perchlorate can be used to make bombs, but it's also the main ingredient in a large number
of other pyrotechnic effects which *don't* go boom. In many places in the U.S., home manufacture,
for personal use, of fireworks is entirely legal. Check out respected organizations like the
PGI (Pyrotechnics Guild International), who have hundreds of members in the U.S., and who regularly
put on a large exhibit of home-manufactured fireworks.
The government, and the lay public, are increasingly of the opinion that anyone who does anything
after work other than chug a Pabst and watch their 57 channels of dreck is a terrorist, or
about-to-be terrorist. Which is a sad state indeed...
I can't believe along how many *different* vectors Mr Carrigans theories are whacked.
There's the obvious problem of instruction sets--there are a near-infinite number of
potential CPU architectures that are *possible*, even making assumptions about the
probable degree of technological advancement of your target species. Then, worse,
there are an infinite number of programs that could be the target of such an
"attack". Clearly, there will be common themes, but only *after* you've figured
out what the target architecture is, and the target "pool" of programs
you're going to attack. Yes, the bad ET could send out a large number of random
bit streams, hoping to, once in a while, hit a "jackpot".
There are no "universal" programs--that is, programs that will execute correctly
regardless of architecture. There are, I'll grant you, occasional curiosities
in computer science of trivial programs that happen to do something useful
across a small number architectures (2 or 3). But they have to be
*explicitly crafted to do so*, taking into account the architectures on which
you expect them to execute.
Then there's Shannon. The goal of most SETI work is merely to *detect* a very
narrowband signal coming from "out there". Such signals would be a hallmark
of intelligent origin, since nature doesn't produce such signals. Link
efficiency is also inversely proportional to bandwidth--in order for anyone
to hear ET *at all*, they have to concentrate their signal power into a very
narrow spectral corridor, or we'll never detect them. SETI research generally
works on the assumption that signals will be on the order of 1Hz. Even then,
such signals will be very far below the noise floor, which means long
integration times (several minutes, at least), in order to "hear" them.
Claude Shannon came up with some very interesting theorems about communications
channels, and what to expect out of them. Here is the most relevant:
C = B * log2(1+ S/N)
Relates the channel capacity, in bits/sec, to the channel bandwidth, in Hz, and
the signal-to-noise ratio. A signal to noise ratio of -30dB (generous assumption),
with a channel bandwidth of 1Hz, yields a *maximum theoretically possible* bit
rate of 0.001442 bits/second. Which means that you'd have to wait a long, long
time before you'd have enough bits to constitute the W32.MegaSeti virus.
The theoretical underpinnings of Shannons Law are very strong indeed. It's
unlikely that an ET will have found a way around them.
The whole thing is very bad science indeed. It's a shame when scientists come
up with nonsense like this. It's always very dangerous to stray very far
away from your field of expertise, and come to some unsupportable conclusions.
Had this guy from Fermilab actually talked to some notables in CS, signal
processing, security, and cryptography, he would never have come up with
his nonsense. But because he *has*, and he works for Fermilab, I fear that
he has some amount of credibility with the government. I can see this
irrational fear spreading to the current U.S. administration, and having them
outlaw SETI research as a result. Sad.
SAIC was contracted by ATK Thiokol to do a
comprehensive study of Thiokols proposal for
next-generation shuttle-replacement. The
study was to focus on safety and reliability
aspects, using entirely-standard engineering
techniques, based on known quantities. Not
surprisingly, the scheme that NASA unveiled
yesterday looks very much like what Thiokol
proposed. I'm sure that Thiokol is very happy
that the SRBs are going to carry on a new
life:-)
The SAIC study makes very interesting reading--it
was available on Thiokols site, but I can
no longer find it.
Reliability studies aren't, ahem, rocket science.
They're very well-understood engineering.
Indeed, solving the discrete log problem for
a field of order 2**127 would have been
considered "big news" in the mid 1980s, which
is apparently when this attack against
*Diffie-Hellman* was announced. The fact that
the keys derived from the D-H exchange were then
used to key DES is irrelevant to the cracking
DES problem. In the mid 1980s, brute-forcing
DES itself was considered a very hard problem
(which translates to very expensive), but Evi
sidestepped the issue by breaking the underlying
D-H based key exchange, using a brute-force
technique based on the discrete log problem.
Today, we know more about how big the field
needs to be for good security (modulii for
D-H on the order of 1500-2000 bits, with
exponents roughly twice as large as the keys
that are to be derived from the exchange).
AES is known to be resistant to attack based
on the the symmetric-cipher attack techniques
that were in existence at the time that AES
was designed. That doesn't mean that new
techniques won't come to light tommorow, or
next year, or next century.
With asymmetric schemes like D-H for key exchange,
and RSA/DSA for signatures and public-key
encryption, there's more mathematical
"theory" behind their design. The strength
of D-H, for example, is based purely on the
still-difficult discrete logarithm problem.
While RSA is based on the difficulty of the
factoring problem for very large prime
composites.
Symmetric ciphers like AES are generally
"ad-hoc", from a mathematical perspective.
They can only be shown to be secure against
known attacks, and they can be shown to have
several properties that are known to be
necessary (but not necessarily sufficient).
It's entirely possible that next week, a 12yo
will invent a devastating new attack technique
against Fiestel or SPN ciphers. Then we'd
all be up against a very smelly wall.
Similarly, quantum computing could advance to
the point that ciphers based on highly
structured problems, like discrete logarithm
or factorying, could fall.
Having both quantum computing, and our purported
12yo cryptanalyst tear the crypto universe
assunder at the same time would be bad...
Re:Too bad he's running the site off on 28.8 Kbps
on
Tinfoil Hat House
·
· Score: 1
I'm so incredibly funking glad that I live way
the heck in the middle of nowhere. Without
neighbourhood convenants, authoritarian
pig-bastard "property standards enforcers", etc
etc.
The litmus test, as far as I'm concerned is this:
"is the state of your property a clear hazard to
yourself or your neighbours"? If the answer
is "no", then F.O.A.D.!
I can't believe that in this world of rapists
and murderers, people get so stuck on what
colour you paint your house, or how many feet
past the back of the house your "forbidden"
chainlink fence is. Sheesh!
Does this remind anyone else of the scene in
"A Beautiful Mind" where John Nash, at the
peak of his paranoid schizophrenia, was
"piecing together evidence" from vast
quantities of apparently-unrelated events,
newspaper articles, etc?
So now we have an electronic equivalent of
a paranoid schizophrenic. Lovely.
Read the paper. Yet-another side-channel
cryptanalytic attack. Congratulations, you're
now in good company with the likes of
Paul Kocher and David Wagner.
Side-channel attacks are often notoriously
difficult to close, and equally hard to find.
In order to mount such an attack, however, you
need to be able to launch a "spy" program, which
in many (but, granted *not all*) cases isn't
possible--assuming that your server system
is secure against attacks that would allow
launching of arbitrary software remotely.
Slashdot Mirror
Actually, even DES (ca 1976 or so), and its contemporaries (LOKI, LUCIFER, etc) were immune to
both known and chosen plaintext attacks. It's not hard building a cipher that is resistant to
known and chosen plaintext attacks--most students who've taken an introductory crypto course in
university should be able to build a cipher that is resistant to known and chosen plaintext attack.
Even WW-II-era Enigma was at least partially resistant, as was the Lorenz cipher used by the German high
command.
Cryptanalytic attacks *aren't* how deployed cryptosystems generally fail. They fail for much more mundane reasons...
All modern encryption algorithms are immune or highly resistant to known-plaintext attack--which is the type
of attack you cite. Further, they're designed to be immune or resistant to attack by chosen
plaintext, chosen ciphertext, chosen-key, linear cryptanalytic, differential cryptanalytic, and a
plethoria of other highly-esoteric attacks.
In general, cryptosystems fail for reasons unrelated to the overall quality of the encryption algorithm in use.
Read "Why Cryptosystems Fail" for a (somewhat-dated) insight into problems in deployed cryptosystems.
Nothing is foolproof, and foolish use of cryptography is generally the "wedge" that the "bad guys" use to
defeat deployed cryptosystems. Users choosing bad keys, installing keyloggers, gaining access while the
"target" is still available in plaintext, etc, etc.
Whole-disk encryption schemes are fragile in the sense that applications never "see" the encrypted data.
They always see it in the clear, and treat it like any other data. Which means copying it to temporary
files that may not be on the encrypted part of the filesystem, sending it to print spoolers, etc.
If "the man" wants you bad enough, he'll find a way to get you, encrypted filesystem or not.
How do you know your USB key wasn't duplicated in the night while you slept? How do you know that
every keystroke you type hasn't been sent via wireless to the nearest FBI watcher?
So, this is an interesting case. The student in question was 18 years old at the time of the event. That means that the usual school Loco Parentis doctrine doesn't apply to this student. He's an adult in the eyes of the law, which means that he may excuse himeself from school at any time, without needing a note from a parent. Indeed, an interesting question would be whether or not he needed to formally notify the school administration at all that he'd "excused himself" from that particular bit of school that afternoon. He was on public property, and conceivably had "excused himself" from school. Which means that he wasn't subject to restrictions in free speech imposed by school policy. Ken Starr should lose this one.
The article said that the containers in her hand luggage had "come into contact with explosives", which is a very far cry from "were explosives". I'm nearly-certain that there won't be another item in the news saying "we were mistaken, it was just skin cream". That wouldn't be sensational enough. There are hundreds of legitimate reasons for your "stuff" to have come into contact with explosives residues. I handle High Power Rocket Motors as part of my hobby, and I also handle fireworks rather frequently. I'm rather surprised that I've never set off the detectors at the airport, but it's never happened. I've travelled wearing clothes that actually smelled of burned blackpowder, and never been intercepted. I suspect that recreational firearms enthusiasts set off the alarms once in awhile too. You don't hear about the recreational shooters who are white males who set off explosives alarms at the airport. But this person was originally from Pakistan, which means they should probably send her off to Gitmo just as a precautionary measure, right?
This quote: "which she says violates the rights to free speech and privacy" does't make any sense to me. First, no one is being stripped of their rights to free speech. Second, I am not aware of any law that guarantees a right to privacy.
I can but quote from the Fourth Amendment to the Constitution of the United States of America:
The right of the people to be secure in their persons, houses, papers and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath, or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
To me, that provides guarantees of privacy, except in certain clearly-defined-by-constitution circumstances
I'm just slightly half-way through the full opinion--it's a good read. In it the judge clearly establishes a link between violation of fourth amendment rights, and violation of first amendment rights, citing case law going back to 1765. I find the logic sound, but perhaps I would be accused of feeble-mindedness, I dunno.
I never completed *any* post-secondary education, and to be honest, never actually completed highschool.
I started my career in computing in the late 1970s, at the tender age of 16. My lack of any paper credentials didn't seem to slow me down any. I was a "senior member of scientifc staff" at a major high-tech R&D company by the time I was in my late 20s. But I had a strong aptitude for programming and systems design. Solving technical problems, root-cause analysis, leading technical projects, they were all things I was naturally very good at. Nobody ever paid much attention to what flavour of degree I had or didn't have.
Go with what you're really good at. If that isn't computer programming, find out what you're good at, what you're passionate about, and see if you can make a career out of it.
What does it take to impeach the prez? Isn't it time? You've already got the Neil Young song to go along with it :-)
Force a new election?
Up here north of the 49th parallel, antics like GWBs could (not definitely, but *could*)
cause a non-confidence motion to be raised, which could precipitate the dissolution of
parliament and force an election.
Are you are saying that if I connect to a web server running some sort of trusted computing, I will be able to trust it to not serve me malware?
You could get a degree of trust in it, yes. It could publish its software configuration, signed by a crypto key embedded in the TPM chip. This way you could verify that it was running the latest patched version of Apache and other software, and had no intentional malware insertion features.
Only to a very small degree. The only thing you'd know is that at some point in the machines past, the system software ran the code through the TPM to get a TPM "attestation". Which says *nothing* about the current state of the system. Nope, in order to get a sanity statement from that web server that you can trust, you'd have to solve the Halting Problem. Good luck.
Some good uses of trusted computing: Users using it to block viruses, worms, spyware, malware etc from running Corporations/IT departments/etc using it to control the installation of unapproved software on employee PCs Companies using trusted computing to protect sensitive data (for example, even if a hacker could get into the server holding all the credit card numbers, they wouldnt be able to use the hacker tools to get all the numbers out because trusted computing would prevent the hacker tools from running. Wont stop the hacker but would make it harder. Also prevents hacker from installing rootkits or other tools since they wont run or will cause the signature on the OS binaries to no longer be vaild)
Some of these uses superficially look good on the surface. For example, who could argue with the IT department at MegaCorporation of America that they should be able to control what software you're allowed to have/run on the computers owned by the corporation. Who could argue with that? It seems like motherhood and apple pie....
Except that in large companies, particularly large knowledge-driven, high-technology companies, the IT department has nearly no clue about what it is that the computers that are under their care can legitimately be used for. The problem is that for the most part, IT doesn't know that they don't know. In effect, such draconian "authorized software only" policies, along with the TCG/TPM/TCPA technological policy enforcement machinery allows IT departments to redefine that which constitutes useful work.
Imagine a scenario where you've spent the day writing some piece of exploratory data analysis code on your desktop computer at MegaCorporation of America. For whatever reason, it needs to be "installed" to work properly. The next time you reboot, or the network does a "authorized software" probe, it finds that you've installed some "contraband" software, and kicks you off the net, and sends an audit report to a witless IT-security department.
Maybe you didn't write the software yourself. Maybe your whiz-kid highschool intern wrote it on *his* PC, and sent it to you. You utterly trust that it's "good stuff", but because of IT policies, and the technology to back up those policies, you're screwed, and if you try to install and run it, you'll be getting a visit from the jackbooted thugs in HR tommorow.
Of course, compilers will no longer be "authorized software" in this new dystopian world. You could, after all, use a compiler to hill-climb your way into bypassing all the "Trusted Computing" nonsense on your desktop computer.
This technology has really-bad, far-reaching, socio-political and technical consequences, and clearly cannot be made to "work" for a suitably-robust definition of "work". I can't understand why it's still being pursued so aggressively, except that most folks, IT purchasing and CIOs included, will by any-old snakeoil if it's marketted aggressively enough.
I worked in IT security for over a decade at a large company. I do have *some* insight into how this nonsense will actually get deployed, and I'm fairly certain that the nighmare scenario outlined above *will* play out in many cases.
"I personally abhor the notion of Trusted Computing on my personal computer"
Maybe the implimentation, but not the idea. TC has some pluses, amoung the least malware, spyware, viruses, and trojans will be harder to write. People will finally have end-to-end encryption that protects their privacy.
The only positive benefit of the TPM, that I can see, is that it will "commoditize" secure storage for cryptographic private keys. But to go from that to "People will finally have end-to-end encryption that protects their privacy" is a very large stretch indeed. We've had cryptographic systems for e-mail, etc, for over a decade. Uptake has *not* been limited due to lack of secure hardware. Uptake has been limited by more mundane factors like ease-of-use, education, interoperability, flexibility, etc, etc. But solving those problems isn't "cool" enough for most practitioners in the cryptographic arts, so they mostly haven't been solved. TPM isn't going to fix this, unfortunately.
In fact, it occurred to me that the Army doesn't want TPM for the TCG aspects, but rather just as a cheap and ubiquitous secure storage device for cryptographic keys. If *that's* what they want it for, then it's probably a good thing. Cheaper, in the long run, than getting outboard ISO-7816 cards for safe storage of keying material.
Such "evidence" as you call it is extremely weak indeed. The market has bought-in to the notion that the digitally-signed "attestations" produced by the TPM/TCG/TCPA "stack" are a useful proxy for the essential truth that they're digitally signing. This "stack" is nothing more than a notary function, and just like a real-world notary, it can't possibly say anything about the essential truth ("This Computer is in a secure state") of such attestations, but can sign them cryptographically.
The Halting Problem is still generally thought to be intractable, and unless the TCG have some "magic pixie dust" that solves the Halting Problem, all of this "secure attestation" nonsense is just nonsense, no matter how much cryptographic mumbo-jumbo you wrap around it.
So, let's say that you get a statement (duly digitally signed from the TPM) that "I'm a sane computer". From a sane computer, you can trust this statement. From an insane computer, you can't--digitally signed or not.
TCG believes that their "trusted boot sequence" technology is a way around the Halting Problem. They've drunk very deeply of the Kool-Aid my friends, very deeply indeed. Until software can be made perfect, this is just all crack-induced nonsense.
I'd expect the Army to know that. Surely, they must have talked to the folks at the NSA who know full-well that the Halting Problem is the elephant in the living room that the Trusted Computing crowd are trying to ignore...
Having spent most of my career as an IS/IT guy, with the last 12 or so as an IT security
guy for a large company, I can certainly sympathize with the "if I don't support it, you
can't run it" attitude.
But in a company full of knowledge workers, I can't see how to make this actually workable.
I don't see how a person, or group of people, could possibly evaluate every piece of
software that some hardware/software/whatever developer wants to run on their machine.
Not to mention that the "you may only run approved-by-me software on your computer" fails
badly when the person needs/wants to write their own software for their own machine.
Unless, of course, you wish to redefine "useful work" to consist of shuffling documents
around, using tools approved by the corporate security policy makers, sending the
occasional e-mail, and checking the current stock price using the corporately-approved
browser, visiting the corporately-approved website.
The same ignorant policies tend to spread to the corporate network. Such policies usually
look like "thou shalt only emit packets that I recognize. Anything else must necessarily
be a security risk". It's a little like restricting which words an employee may use
while engaged in business conversation--pick from a list of 2000 "policy-approved"
words....
I write my own (often throw-away) software on my corporate PC, which often emits
packets that the on-every-subnet sniffers have likely never seen before. Technically
I'm in violation of at least two corporate policies. But I have a hard time
redefining my job in such a way that I can express everything I need to do in terms
of PowerPoint presentations, word documents, and the occasional e-mail to the boss.
The Gnu Radio code used with the USRP already includes a couple of radio astronomy applications--one for spectral and continuum work, and the other for pulsars. Still very rudimentary, but the spectral application could easily be morphed into something more useful for SETI. Keep firmly in mind that doing amateur SETI observing with a small dish is a dicey proposition, at least based on the current wild-assed guesses for ETs radiated power budget :-) A flotilla of small dishes,
all observing the same patch in the sky could concievably build a SETI array to
increase effective antenna size, but maximizing the sensitivity requires phase coherence
among all the antennae. Not easy to achieve at the amateur level...
The Gnu Radio SDR system that's used with USRP is a very flexible framework for
building a great number of specialized or general purpose radio applications.
It wouldn't take long to put together a SETI watcher application, using probably
the DBS_RX daughterboard, which would nicely cover the water hole.
1. Dried perchlorate salts are, themselves, shock sensitive and can explode. 2. The perchlorate ion participates in very facile acid/base chemistry, and can/will convert to the acid form very easily. I have seen trained chemists screw up and get injured using perchlorate *salts.* Never assume that chemicals stay in the condition you buy them; for example, ether readily forms explosive peroxides over time. The only perchlorate salt that is in regular use by pyrotechnicists that is by itself even *mildly* shock sensitive, is ammonium perchlorate, and even that isn't terribly sensitive. KClO4, on the other hand, is hard to get to shock-initiate even when combined with sensitizing agents like sulfur. Certainly if you don't understand what you're doing, you can produce perchloric acid, but you have to work fairly hard at it. Certainly, someone who doesn't understand the hazards associated with gasoline and ignition sources could easily blow themselves and their neighbours to kingdom come. So I'd suggest that in the same breath that you say "nobody should have these chemicals at home", you should also say "nobody should be allowed to possess gasoline, or rat poison, or power tools, or motor vehicles, or bicycles, or...". What perchlorate salts did your trained-chemist friends injure themselves with? Be specific. The perchlorates that are regularly used by amateur pyrotechnicians--KClO4, and NH4ClO4, are relatively well-behaved. But quite apart from the amateur pyrotechnicians, there's hobby rocket types as well. High Power Rocketry types regularly use rocket motors that can burn up many kg of NH4ClO4+fuel in a few seconds, sending their lovingly-crafted creations to altitudes of thousands of feet. If AP (NH4ClO4) were as dangerous as you make it out to be, then there'd be HPR enthusiasts blowing themselves to bits on a daily basis. Doesn't happen. During "rocket season", my ballpark estimate is that hundreds of kg of AP gets burned up every week across the U.S. and Canada. I haven't once had a perchlorate salt spontaneously turn into perchloric acid. To hear you talk, you'd expect perchlorates to do that all the time. They don't. And you know it. You're sensationalizing. Like most people who only learn enough chemistry to make explosives, you don't have a sufficient understanding of the materials you're using to keep yourself - and others - safe. Kind of like running a meth lab that way, where idiots are always blowing themselves up because they don't fully understand the hazards of the chemicals they're using. I got my safety and chemical handling training from my father--an industrial chemist of 20 years experience who rounded out his working life teaching chemistry at the college level for 14 years. I *do* understand the hazards of the chemicals I'm using, just like the many hundreds like me throughout North America who regularly practice the pyrotechnic arts. Frankly, I find your condescending attitude repulsive. While I didn't pursue a career in chemistry, I was quite good at it in highschool. Precisely because my father instilled a love of it in me at an early age. We built our first pyrotechnic device together when I was 8 years old. I "got back into" pyrotechnics in my late 30s (now I'm in my early 40s). I regularly put on shows at my country property to an appreciative audience. I'm certainly not going to let "live in bubblewrap" folks like you tell me that I need to stop.
Warfarin is rat poison. When your blood is thinned beyond a certain limit, you start bleeding internally, massively. Pharmaceutical warfarin is carefully-dosed to be below the limit where you start internally bleeding to death.
You'd crap yourself if you were my neighbour, then. Your comments clearly indicate that you've never actually handled the kinds of perchlorates that UN sells. I suspect that your recent education is to blame. You probably never handled KClO4 and NH4ClO4, because your local safety nazis at school declared all perchlorates to be too hazardous to handle. Certainly if your only exposure to such involves the actions of perchloric acid (definitely dangerous), you'd come to that conclusion. For example, the reaction between KClO4 and sugar is only modestly more "robust" than the reaction between KNO3 and sugar. I can't definitely remember off the top of my head, but I recall that the activation energy in the KCLO4 case is slightly higher than the KNO3 case. You're probably going to tell us that they never even let you burn a little pile of KNO3+Sugar in your college chemistry classes. Far too dangerous. QED.
If your neighbour wants to kill you, or your neighbourhood, they'd spend their money much more wisely by buying a few Kg of Warfarin at Wal-Mart or the local farm supply store. UN sells uranium ore. Big fat hairy deal. There are many of places where you can buy uranium ore, both in the "brick 'n mortar" world, and the online world. You'd be at it a very long time to process enough of it to make anything truly dangerous. And out quite a bit of coin, too. You can buy high-power lasers all over the net. UN doesn't have any kind of monopoly on high-powered lasers. Heavy water? I'm not sure what you'd use it for, but it isn't a particularly dangerous thing to have in your possession. More of a coffee-table curiosity than anything else. You should perhaps re-examine that phrase you used "potentially deadly materials without a system in place to verify identity". So, next time I'm at the metal store, they should verify my identity before I buy a 2ft piece of 2" cold-rolled steel. I could, after all, be planning to bludgeon somebody to death with it, and it's good to have an audit trail in place, should that ever be my evil plan. Better be safe and record everybody, all the time, for any kind of transaction of any kind. Just in case. In a country where children can buy guns and ammo at the local department store, I find it hard to understand why people are getting paranoid about a few mildy-interesting chemicals. Of course, the lay public generally regards CHEMICALS, OMG, CHEMICALS, as some kind of inherently-evil thing. Most folks, if asked whether they'd let their child put OMFG, Sodium Chloride, on their french fries would probably say "never! Are you some kind of monster?". But they're perfectly willing to buy the same substance from the grocery store, innocuously labelled as "Table Salt". That same table salt can easily be turned into a much-more-interesting powerful oxidizer, using a simple do-it-at-home process. Perhaps we need to register all purchases of table salt now. And charcoal. Oh, and trees, since you can easily turn trees into charcoal using a very common process. And since the urine of mammalian species can easily be turned into mixed nitrates, we'd better ban urine as well. Everybody cross your legs :-)
While it's true that *certain* perchlorate salts are dangerous by themselves, it isn't generally true.
Reactions between perchloric acid and many organics are nasty, and produce highly-unstable organic perchlorates.
United Nuclear doesn't sell any of those, and nobody I know uses them.
The two most common perchlorate salts used in pyrotechnics are Potassium Perchlorate, and Ammonium Perchlorate.
Ammonium Perchlorate is somewhat shock sensitive by itself, but Potassium Perchlorate isn't. Having worked
with perchlorates for several years, I have a hard time believing your story about a thin coating of
perchlorate that "took out a whole lab". The type of behaviour you describe is characteristic of
much-more-sensitive compounds like the fulminates, or perhaps mechanical mixtures of *chlorates* with
sensitizing agents like sulfur or *shudder* phosphorous.
By themselves, the two most common perchlorate salts sold to the amateur experimenter--Potassium Perchlorate and
Ammonium Perchlorate, are quite stable in practice.
I live way out in the country, and my workshop is 150ft from the house. And quite far away from any other occupied
dwelling. I use the precautions that are usual practice for folks engaged in amateur pyrotechny. I don't make
high explosives, and I'm fully aware of the hazards associated with my craft, and the chemicals I use.
Per participant hour, there are far fewer injuries in amateur pyrotechny than other activities people
regularly engage in. Like cycling, hiking, roller-blading, etc, etc, etc.
So, I'll assert gain that your "nobody should have these dangerous chemicals at home" is chicken-little-style
nonsense. If you'd ever done significant work with Potassium Perchlorate, Ammonium Perchlorate, and the
pyrotechnic mixtures they're found in, you'd understand that your position of "perchlorates: unsafe at
any speed" attitude is unfounded. Amateur pyrotechnics types are well-aware of the hazards, and take steps
to mitigate the risks. Occasionally, some dumb-ass buys a bunch of KClO4 and aluminum, and blows himself
to bits, but even with the "dumb ass" factor, the statistical record is that amateur pyrotechny and chemistry
in general is a safe hobby.
Speaking as someone who uses "those types of chemicals" in my home workshop all the time,
I have to disagree.
Life comes with risks, and rational adults learn to deal with and mitigate those risks.
We wear bicycle helmets while bicycling, have a garden hose on hand when we have a
bonfire, etc, etc.
United Nuclear, like Skylighter, Firefox, Iowa Pyro Supply, and many others, supplies chemicals
to amateur and professional pyrotechnicists all over the world, and to a lesser extent, the more
generic "home chemist type".
The article casts chemicals like "perchlorate" in the light of "makes bombs", which is misleading.
Yes, perchlorate can be used to make bombs, but it's also the main ingredient in a large number
of other pyrotechnic effects which *don't* go boom. In many places in the U.S., home manufacture,
for personal use, of fireworks is entirely legal. Check out respected organizations like the
PGI (Pyrotechnics Guild International), who have hundreds of members in the U.S., and who regularly
put on a large exhibit of home-manufactured fireworks.
The government, and the lay public, are increasingly of the opinion that anyone who does anything
after work other than chug a Pabst and watch their 57 channels of dreck is a terrorist, or
about-to-be terrorist. Which is a sad state indeed...
I can't believe along how many *different* vectors Mr Carrigans theories are whacked. There's the obvious problem of instruction sets--there are a near-infinite number of potential CPU architectures that are *possible*, even making assumptions about the probable degree of technological advancement of your target species. Then, worse, there are an infinite number of programs that could be the target of such an "attack". Clearly, there will be common themes, but only *after* you've figured out what the target architecture is, and the target "pool" of programs you're going to attack. Yes, the bad ET could send out a large number of random bit streams, hoping to, once in a while, hit a "jackpot". There are no "universal" programs--that is, programs that will execute correctly regardless of architecture. There are, I'll grant you, occasional curiosities in computer science of trivial programs that happen to do something useful across a small number architectures (2 or 3). But they have to be *explicitly crafted to do so*, taking into account the architectures on which you expect them to execute. Then there's Shannon. The goal of most SETI work is merely to *detect* a very narrowband signal coming from "out there". Such signals would be a hallmark of intelligent origin, since nature doesn't produce such signals. Link efficiency is also inversely proportional to bandwidth--in order for anyone to hear ET *at all*, they have to concentrate their signal power into a very narrow spectral corridor, or we'll never detect them. SETI research generally works on the assumption that signals will be on the order of 1Hz. Even then, such signals will be very far below the noise floor, which means long integration times (several minutes, at least), in order to "hear" them. Claude Shannon came up with some very interesting theorems about communications channels, and what to expect out of them. Here is the most relevant: C = B * log2(1+ S/N) Relates the channel capacity, in bits/sec, to the channel bandwidth, in Hz, and the signal-to-noise ratio. A signal to noise ratio of -30dB (generous assumption), with a channel bandwidth of 1Hz, yields a *maximum theoretically possible* bit rate of 0.001442 bits/second. Which means that you'd have to wait a long, long time before you'd have enough bits to constitute the W32.MegaSeti virus. The theoretical underpinnings of Shannons Law are very strong indeed. It's unlikely that an ET will have found a way around them. The whole thing is very bad science indeed. It's a shame when scientists come up with nonsense like this. It's always very dangerous to stray very far away from your field of expertise, and come to some unsupportable conclusions. Had this guy from Fermilab actually talked to some notables in CS, signal processing, security, and cryptography, he would never have come up with his nonsense. But because he *has*, and he works for Fermilab, I fear that he has some amount of credibility with the government. I can see this irrational fear spreading to the current U.S. administration, and having them outlaw SETI research as a result. Sad.
SAIC was contracted by ATK Thiokol to do a comprehensive study of Thiokols proposal for next-generation shuttle-replacement. The study was to focus on safety and reliability aspects, using entirely-standard engineering techniques, based on known quantities. Not surprisingly, the scheme that NASA unveiled yesterday looks very much like what Thiokol proposed. I'm sure that Thiokol is very happy that the SRBs are going to carry on a new life :-)
The SAIC study makes very interesting reading--it
was available on Thiokols site, but I can
no longer find it.
Reliability studies aren't, ahem, rocket science.
They're very well-understood engineering.
Indeed, solving the discrete log problem for a field of order 2**127 would have been considered "big news" in the mid 1980s, which is apparently when this attack against *Diffie-Hellman* was announced. The fact that the keys derived from the D-H exchange were then used to key DES is irrelevant to the cracking DES problem. In the mid 1980s, brute-forcing DES itself was considered a very hard problem (which translates to very expensive), but Evi sidestepped the issue by breaking the underlying D-H based key exchange, using a brute-force technique based on the discrete log problem. Today, we know more about how big the field needs to be for good security (modulii for D-H on the order of 1500-2000 bits, with exponents roughly twice as large as the keys that are to be derived from the exchange). AES is known to be resistant to attack based on the the symmetric-cipher attack techniques that were in existence at the time that AES was designed. That doesn't mean that new techniques won't come to light tommorow, or next year, or next century. With asymmetric schemes like D-H for key exchange, and RSA/DSA for signatures and public-key encryption, there's more mathematical "theory" behind their design. The strength of D-H, for example, is based purely on the still-difficult discrete logarithm problem. While RSA is based on the difficulty of the factoring problem for very large prime composites. Symmetric ciphers like AES are generally "ad-hoc", from a mathematical perspective. They can only be shown to be secure against known attacks, and they can be shown to have several properties that are known to be necessary (but not necessarily sufficient). It's entirely possible that next week, a 12yo will invent a devastating new attack technique against Fiestel or SPN ciphers. Then we'd all be up against a very smelly wall. Similarly, quantum computing could advance to the point that ciphers based on highly structured problems, like discrete logarithm or factorying, could fall. Having both quantum computing, and our purported 12yo cryptanalyst tear the crypto universe assunder at the same time would be bad...
I'm so incredibly funking glad that I live way the heck in the middle of nowhere. Without neighbourhood convenants, authoritarian pig-bastard "property standards enforcers", etc etc. The litmus test, as far as I'm concerned is this: "is the state of your property a clear hazard to yourself or your neighbours"? If the answer is "no", then F.O.A.D.! I can't believe that in this world of rapists and murderers, people get so stuck on what colour you paint your house, or how many feet past the back of the house your "forbidden" chainlink fence is. Sheesh!
Does this remind anyone else of the scene in
"A Beautiful Mind" where John Nash, at the
peak of his paranoid schizophrenia, was
"piecing together evidence" from vast
quantities of apparently-unrelated events,
newspaper articles, etc?
So now we have an electronic equivalent of
a paranoid schizophrenic. Lovely.
Read the paper. Yet-another side-channel cryptanalytic attack. Congratulations, you're now in good company with the likes of Paul Kocher and David Wagner. Side-channel attacks are often notoriously difficult to close, and equally hard to find. In order to mount such an attack, however, you need to be able to launch a "spy" program, which in many (but, granted *not all*) cases isn't possible--assuming that your server system is secure against attacks that would allow launching of arbitrary software remotely.