In a press
release published in the evening, ISIS gives its version of
the day's events: According to this press release, a technician had
been experimenting with blocking the relevant web sites since the
beginning of the week, despite the fact that the ISP originally
didn't want to implement the block (the district government had
originally called for the block in early October). This experiment
was then stopped in the morning, and reactivated in the late
afternoon after an ISIS executive had met the head of the district
government to discuss the issue. ISIS then complains about the
situation of ISPs which are either perceived as censors, or as
fostering right-wing radicalism. It is emphasized that ISIS
maintains its criticism of the technical solution used to block the
sites - in particular because the solution leaves so many back doors
that the effort can't actually be justified. According to the press
release, ISIS will meet the district government in December, in
order to discuss further activities and work on a political
solution.
The fake DNS entries on ISIS' server are active again. Note that they are not just redirecting www.rotten.com, but the entire domain, via a wildcard CNAME entry.
Stable kernels with many fixes coming out monthly from Linus with bigger more feature rich kernels available from -ac How awesome is that?
I suppose your article should be moderated as "cynical" - or is that option unavailable? Currently, Linus "stable" kernels look pretty unusable (including a basically untested VM, which is just a bad joke in a "stable" kernel, and including near-daily releases of so-called stable kernels which include new bugs). On the other hand, current -ac kernels look like they work nicely, with a usable VM, without crashing the system or part of it. This is just a bad joke of a development model.
Frankly, I'm starting to consider *BSD the better option.
(I've been a Linux user since somewhere in the 1.1 kernel series, but this is really starting to frustrate me.)
The text's title is another ambiguity. In German, it's "Meine Regierungserklärung". There are actually several things you have to notice about this in order to understand it:
The word "Regierungserklärung" is used in an ambiguous way. Normally, it's the German for a declaration the government gives to the parliament, such as an inaugural speech. (It's not limited to inaugural speeches, though, because a government may also give a Regierungserkälrung on ongoing matters of importance.)
However, Andy also interprets it in the sense of an explanation of government. This becomes clear in the end of the first paragraph of the text.
There, Andy writes "Manche Regierungen muß man eben erklären", that is, "Some governments have to be explained".
Finally, what's special about "Meine Regierungserklärung"? It's (deliberately) bad style. It quotes the style children use in school essays, like "My first trip to Aunt Lizzy", or "My first day in school". By quoting that style, Andy puts himself into the position of someone who's still learning, and additionally gives the reader an idea that he doesn't want to do a formal inaugural speech. Also, the combination of this school essay style on the one hand and the important-sounding "Regierungserklärung" already gives some advance warning to the reader on what to expect, and additionally avoids a tone of inappropriate importance.
So, please, don't expect this article to be a Treatise on the Theory of Government, or an academic contribution. It's written in a style which is most likely impossible to translate. Large parts are written in some kind of tongue-in-cheek-mode which is likely to be lost by any translation.
I hope the interpretation of the two-word title gives you some idea of how you should read this text to avoid misunderstandings.
They're the German '2600' equivalent, reviled and detested by state
institutions, telecomms companies, etc. They're the rebels of the underground.
I'd suggest you have a look at Andy's schedule which is online. There, you'll find information about events at banks, political parties (and their associated foundations), federal ministries, and the like.
In short: This isn't the 80s any more. The myth may still be alive, but...
Non-interactive key generation is where this bug strikes really badly, and visibly. Keys are determined only by the algorithm and key length, and, in the case of ElGamal encryption subkeys, the publicly known time stamp and user ID of the DSA signature key.
However, the vulnerability does affect interactive key generation, too, since pgp generally has less entropy at hand than it believes.
Speaking more precisely (and repeating some of the content of the original advisory;-), there are three sources of randomness used:
randseed.bin - isn't present the first time pgp5 is used, and essentially holds entropy gathered over the last sessions.
key stroke timings during user interaction (user ID input, etc) - only present with interactive key generation
/dev/random - doesn't work. Note that/dev/random is essentially used to fill up pgp's random pool, whether or not the program is run interactively or not. On systems without/dev/random, or with a/dev/random which has run out of entropy, pgp will prompt users for key strokes and use their timing, even when used "non-interactively".
So, to estimate the security of your keys, you'll have to look at the randomness pgp can gather from the timing of the key strokes you made during key generation. It's reasonable to assume that, in most cases, sufficient entropy is gathered to make it computationally difficult to break keys in the foreseeable future.
However, it is entirely possible that there are at least some public keys out there which may be broken by a determined attacker. So if you're paranoid and have used pgp 5.0i to generate your key, you may wish to revoke it.
Slashdot Mirror
In a press release published in the evening, ISIS gives its version of the day's events: According to this press release, a technician had been experimenting with blocking the relevant web sites since the beginning of the week, despite the fact that the ISP originally didn't want to implement the block (the district government had originally called for the block in early October). This experiment was then stopped in the morning, and reactivated in the late afternoon after an ISIS executive had met the head of the district government to discuss the issue. ISIS then complains about the situation of ISPs which are either perceived as censors, or as fostering right-wing radicalism. It is emphasized that ISIS maintains its criticism of the technical solution used to block the sites - in particular because the solution leaves so many back doors that the effort can't actually be justified. According to the press release, ISIS will meet the district government in December, in order to discuss further activities and work on a political solution.
The Social Democratic Party, and the Green Party.
The fake DNS entries on ISIS' server are active again. Note that they are not just redirecting www.rotten.com, but the entire domain, via a wildcard CNAME entry.
I suppose your article should be moderated as "cynical" - or is that option unavailable? Currently, Linus "stable" kernels look pretty unusable (including a basically untested VM, which is just a bad joke in a "stable" kernel, and including near-daily releases of so-called stable kernels which include new bugs). On the other hand, current -ac kernels look like they work nicely, with a usable VM, without crashing the system or part of it. This is just a bad joke of a development model.
Frankly, I'm starting to consider *BSD the better option.
(I've been a Linux user since somewhere in the 1.1 kernel series, but this is really starting to frustrate me.)
The text's title is another ambiguity. In German, it's "Meine Regierungserklärung". There are actually several things you have to notice about this in order to understand it:
So, please, don't expect this article to be a Treatise on the Theory of Government, or an academic contribution. It's written in a style which is most likely impossible to translate. Large parts are written in some kind of tongue-in-cheek-mode which is likely to be lost by any translation.
I hope the interpretation of the two-word title gives you some idea of how you should read this text to avoid misunderstandings.
at-b on the CCC:
They're the German '2600' equivalent, reviled and detested by state institutions, telecomms companies, etc. They're the rebels of the underground.
I'd suggest you have a look at Andy's schedule which is online. There, you'll find information about events at banks, political parties (and their associated foundations), federal ministries, and the like.
In short: This isn't the 80s any more. The myth may still be alive, but ...
Non-interactive key generation is where this bug strikes really badly, and visibly. Keys are determined only by the algorithm and key length, and, in the case of ElGamal encryption subkeys, the publicly known time stamp and user ID of the DSA signature key.
However, the vulnerability does affect interactive key generation, too, since pgp generally has less entropy at hand than it believes.
Speaking more precisely (and repeating some of the content of the original advisory ;-), there are three sources of randomness used:
So, to estimate the security of your keys, you'll have to look at the randomness pgp can gather from the timing of the key strokes you made during key generation. It's reasonable to assume that, in most cases, sufficient entropy is gathered to make it computationally difficult to break keys in the foreseeable future.
However, it is entirely possible that there are at least some public keys out there which may be broken by a determined attacker. So if you're paranoid and have used pgp 5.0i to generate your key, you may wish to revoke it.