Re:Can there ever be a perfect digital shredder?
on
Self-Shredding E-Mail
·
· Score: 1
There may be not a pefect e-shredder (sigh, what a name).
All the shredding schemes I saw involved trusted client software - a piece of software that tle client computer uses to show the information to the recipient. And this software every time would check if the sender still want the recipient to access the information. If not, it would deny the access and the information would be 'shredded'.
This approach has two disadvantages:
It requires the recipient to run the software. This may be not an issue in a standardized corporate Outlook-only environment, but it IS a problem. But wait, there is more:
It trusts the client software.
There is no fundamental law of universe that prevents anyone from reverse engineering what the trusted piece of software does and reimplementing it, but without the limitations and permission checking. This was done in the past and will be done tin the future. This is one of reasons why Free Software/Open Source gets a lot less of business attention - because it is much harder to seal some piece of software there, and make the user unable to bypass the limitations of the software. usually the business model relies on those limitations. If you want to do this on proprietary OS 9and you have resources) you may approach the OS makers and make them help you in making your software a trusted, sealed agent that will do what you want and won't do what user wants. This helps such technologies (sarcasm intended) much.
Companies who produce such schemes again and again aren't really interested in perfect protection. They are interested in making a sealable product for a corporate environment. They probably know it is imprefect, but is enough good for the intended customer (20/80 principle).
A very good package for chaos-theory-oriented numerical data analysis is TISEAN.
It does excellent job on its part. There is also some documentation on the site, including one of the creators' Ph. D. thesis that explains some of the theory behind the software. On Linux it requires gcc and GNU Fortran complier to compile (compilation is pretty straightforward).
I also found GNU awk extremely useful at numerical data analysis. You also would want to include Python and
NumPy - python extension for numerical computations.
I tried to use GIMP. I used Photoshop once or twice and most of my graphics experience was with Deluxe Paint IV and V, and GIMP.
I tried to do not very complicated things with GIMP. I had 600 DPI A4 picture which I had to make into a poster by adding some text. The picture was full-color TIFF so it had about 16 megabytes. Would be a piece of cake with Photoshop. GIMP took ages to load it and any single operation caused the machine (celeron 566, 128 megabytes of RAM) to swap about 30 seconds (no other tasks running). An undo took about a minute and it was getting worse and worse. The configuration would be perfectly good fot this task if I would use Photoshop.
GIMP is a fine tool for small scale graphics. But for any DTP related work it is too inefficient.
I won't start into area of applying text with GIMP.
GPG is a nice program but i wouldn't dare to call it a competitor. What your average corporate user wants is a company you can negotiate with, support, professional step-bys-tep manuals, easy to install software package, user friendly interface. GPG still has none of these. It is a frame with engine, wheels, transmission, seats and a arc-welded trunk to keep stuff in, and it do its thing but corporate users want cars, not the cores of the cars.
I once worked as an software designer (working on - non-incidentally - a PKI software) and boy, I was surprised hwat features were considered too complicated for your average user. GnuPG is a nice product (I'm small part of its team) but it has a loong way to go before it will reach corporate desktop.
OTOH much more suited for your casual Joe Luser is S/MIME. It also has drawbacks but all things you need to do is to get a certificate, and then click 'sign' or 'encrypt' in message properties before sending. It is almost simplified to the point where you average manager can learn it. You can even teach it successfully to a CEO (been there, done that).
The main problem with bibnary only software for linux (again, from vendor perspective) is that there are much too many possible linux configurations to deal with.
Its not likely that I'll run to buy W2k right now. But the rock erodes - I was forced to (temporarily) use Internet Explorer to convert my hushmail account to 2.0 protocol (but it now works under linux netscape + java). I don't play games but I miss my UFO: Enemy Unknown nights much and I'm unable to run linux version of the new Wolfenstein etc, etc.
Sometimes I feel this fight is senseless. Accept the red pill and Windows.
They may be not copy protected because their market share is limited and they (already) are expensive (see the editions for audiophiles). But the target of the system is your mass market Brittney Aguilera CD which generates most of the label revenues.
Moreover classics listeners aren't likely to use MP3 because they won't want to degrade sound quality.
Sidenote: the same goes for MDs. All MD recorders have digital input (optical) but digital outputs (with some copy protection protocol) are only in expensive stationary models (I may be wrong but I know no portable MD with digital output sockets. You can only plug headphones to them.
Alex
Yeah, I didn't say there aren't any. Interesting this is that more than half on the list fit into standard 74 minutes.
BTW: interesting thing is that DVD audio has much lower specified sound length than techincal capabilities wold allow (about 2 hrs against tens of hours).
They aren't afraid of people who can crank up a few bootleg CDs. They are afraid of people who rip it, and post it to some filesharing system where every Joe Sixpack who has a PC and his brother can download it using easy to use consumer friendly tools (like Napster). This scares the hell out of them because Joe Sixpacks won't go to a CD shop and buy it.
Joe Sixpacks won't care if the music is legal or not, All they care is if they have to spend money or it or get it for free. Those are your average consumers (remember section about free pizza in "Snow Crash"?).
This whole stuff is to make music share both hard and illegal to keep the unwashed masses buying it.
This is the basic assumption the companies' revenue model is based on.
And frankly, I don't know any other that works. On the verge of working is Bruce Schneier's street performer protocol but AFAIK nobody tried it as a business model.
Alex
I don't think so. I almost don't use 'alien' MP3 (obtained through Gnutella) for something more that a preview if I want to buy the CD. And I buy only the CDs I know I will like as a whole (i.e. not many, but the selected ones - I'm quite picky).
I do use MP3 technology at all but I a) keep backups of my music (fully ID3ed variable bit rate MP3 with averabe bit rate around 200 kbps - thus 'legal' Windows Media Audio at 128kbit are definitely out for me) or to share my music with my RL friends, which is perfectly legal in my country. And b) I find MP3 too inconvenient to use on a daily basis - there is nothing like a stereo with a good set of columns for stationary listening and MD with Sony's noise canceling headphones for mobile listening.
How many albums you know use the full 78 (wasn't it 74?) minutes? I transfer quite a lot of my (legal) CDs to minidisc and I found most of them will fit on a 60 minutes disk. The only album I could recall that required 80 minute MD was Dire Straits Sultans of Swing.
Putting monopoly back on track, these guys at least learned one thing - you can't have copy protectionwneh the client can do all things he wants. So they are pushing trusted client architecture (which is what Microsoft names Digital Rights Management). And you won't be able to do this on Linux because you can't have trusted (from the content provider) environment in open system.
Time to cough up some $ for windows license (all my machines are running Linux exclusively with the noble exception of one PalmOS machine:-)).
And they still do. As for the hot line, that's true but its no 'standar operation procedure'. Also Allies 'Project X' in WWII used random noise which is essentially a OTP. But I know of no OTP in 'everyday' use. They used M209, Navajo code talkers and other stuff but no OTP.
As far as I know, US governement agencies never used
One Time Pad. before WWII tey used various ciphers nd codes but no OTP. OTOH OTP was routinely used by Russian Spies snce 1960s. Source - Codebreakers by David Kahn.
It wasn't "I have to look it up to refresh it". It was "I have to look it up to learn it". And yes, most of the stuff I asked (and quoted here) was based on who we were doing on daily basis. This involved weird network configurations, weird IPSec configurations, writing kernel modules that talk with Oracle and lotsa very weird stuff.
I don't agree. I have very bad experiences with people who say "I don't know particulars but I can find this in man pages" - myself included. I didn't need people who would have to learn partcular task; I did need people who would be taken on one day course in our network configuration (which wasn't too easy) and start real work next day after.
If your candidate on question 'what is netmask for 10.0.0.0/26' would ansewer 'I don't know but I'll read documentation on this and I'll sure will know', would you hire him?
..the first thing I did was to determine guy's (there was no women among the candidates I intervieved) general familiarity with Unix, like what MUA does he use etc (using Windows
for daily computing is not a sign of Unix admin I assume).
Then came the technical questions. The killer one was What are the file type on Unix?. Most guys answered "normal ones, directories, and hidden" (I'm not making this up), at which point I was thanking them for attendance. If the "filetype test" was passed, I asked them about common
tasks like adding users (How do you add a user without using the adduser command), installing software, familiarity with packaging systems (the company used Redhat/Immunix and Debian), how do you patch and compile a kernel (a second common point of failure - esp. the patching part), how do you install software that is not packaged, what to do if this not compiles out of the box etc.
There was the networking part where the killer question were What is the CIDR? and Are the non-continous netmasks legal?
And believe me, it was rare that any candidate would pass this part.
I have a Timeport 260 and I'm quite content with it. It is a nice GSM phone, has HayesAT-cmpliant internal modem, RS 232
cable is supplied. It also talks without problems to my Palm Vx via IrDA (both GPRS and standard dialup). It also has a WAP browser
A nice phone for wireless Internet access, IRCing from train rocks.
On the more general note in Poland GPRS service is quite good you get
a promotional offer of 3 phone, 3 gigabytes of data (and extra 10 megabytes for the WAP usage via the phone only).
It seems that those id's are pretty standard X.509
certs. Netscape Communicator supports them. There
are other efforts to make them work in another
MUAs but none functional yet. Just export your cert from the Windows MUA - in pkcs12 format (export option should exist) and import it to linux netscape.
It depends on if you will be steadily forced to go
after hours. I am working on half-flex, and I'm trying to force myself to come to work at 8:00 and go at 16:30 to have much time afternoon for myself. I could work at any hours but that mean that I'll sleep till noon and work rest of the day that results in typical case of having no life (been there, done that). So I started working in shift. Now I'm considering putting halt at 1700HRS in crontab of my workstation (reading news is addictive).
IMHO you should also gather information if paid overtime (GASP!) when working shift is an option.
For the management types the agument may sound: shift time makes you organize your time better.
Slashdot Mirror
All the shredding schemes I saw involved trusted client software - a piece of software that tle client computer uses to show the information to the recipient. And this software every time would check if the sender still want the recipient to access the information. If not, it would deny the access and the information would be 'shredded'.
This approach has two disadvantages:
There is no fundamental law of universe that prevents anyone from reverse engineering what the trusted piece of software does and reimplementing it, but without the limitations and permission checking. This was done in the past and will be done tin the future. This is one of reasons why Free Software/Open Source gets a lot less of business attention - because it is much harder to seal some piece of software there, and make the user unable to bypass the limitations of the software. usually the business model relies on those limitations. If you want to do this on proprietary OS 9and you have resources) you may approach the OS makers and make them help you in making your software a trusted, sealed agent that will do what you want and won't do what user wants. This helps such technologies (sarcasm intended) much.
Companies who produce such schemes again and again aren't really interested in perfect protection. They are interested in making a sealable product for a corporate environment. They probably know it is imprefect, but is enough good for the intended customer (20/80 principle).
Alex
It does excellent job on its part. There is also some documentation on the site, including one of the creators' Ph. D. thesis that explains some of the theory behind the software. On Linux it requires gcc and GNU Fortran complier to compile (compilation is pretty straightforward).
I also found GNU awk extremely useful at numerical data analysis. You also would want to include Python and NumPy - python extension for numerical computations.
HTH
Alex
I tried to do not very complicated things with GIMP. I had 600 DPI A4 picture which I had to make into a poster by adding some text. The picture was full-color TIFF so it had about 16 megabytes. Would be a piece of cake with Photoshop. GIMP took ages to load it and any single operation caused the machine (celeron 566, 128 megabytes of RAM) to swap about 30 seconds (no other tasks running). An undo took about a minute and it was getting worse and worse. The configuration would be perfectly good fot this task if I would use Photoshop.
GIMP is a fine tool for small scale graphics. But for any DTP related work it is too inefficient.
I won't start into area of applying text with GIMP.
Alex
I once worked as an software designer (working on - non-incidentally - a PKI software) and boy, I was surprised hwat features were considered too complicated for your average user. GnuPG is a nice product (I'm small part of its team) but it has a loong way to go before it will reach corporate desktop.
OTOH much more suited for your casual Joe Luser is S/MIME. It also has drawbacks but all things you need to do is to get a certificate, and then click 'sign' or 'encrypt' in message properties before sending. It is almost simplified to the point where you average manager can learn it. You can even teach it successfully to a CEO (been there, done that).
Alex
The main problem with bibnary only software for linux (again, from vendor perspective) is that there are much too many possible linux configurations to deal with.
Alex
Sometimes I feel this fight is senseless. Accept the red pill and Windows.
Alex
They may be not copy protected because their market share is limited and they (already) are expensive (see the editions for audiophiles). But the target of the system is your mass market Brittney Aguilera CD which generates most of the label revenues.
Moreover classics listeners aren't likely to use MP3 because they won't want to degrade sound quality.
Alex
Better! Lister to audio representation of PI number :-).
Sidenote: the same goes for MDs. All MD recorders have digital input (optical) but digital outputs (with some copy protection protocol) are only in expensive stationary models (I may be wrong but I know no portable MD with digital output sockets. You can only plug headphones to them.
Alex
BTW: interesting thing is that DVD audio has much lower specified sound length than techincal capabilities wold allow (about 2 hrs against tens of hours).
Alex
Joe Sixpacks won't care if the music is legal or not, All they care is if they have to spend money or it or get it for free. Those are your average consumers (remember section about free pizza in "Snow Crash"?).
This whole stuff is to make music share both hard and illegal to keep the unwashed masses buying it.
This is the basic assumption the companies' revenue model is based on.
And frankly, I don't know any other that works. On the verge of working is Bruce Schneier's street performer protocol but AFAIK nobody tried it as a business model.
Alex
Alex
I do use MP3 technology at all but I a) keep backups of my music (fully ID3ed variable bit rate MP3 with averabe bit rate around 200 kbps - thus 'legal' Windows Media Audio at 128kbit are definitely out for me) or to share my music with my RL friends, which is perfectly legal in my country. And b) I find MP3 too inconvenient to use on a daily basis - there is nothing like a stereo with a good set of columns for stationary listening and MD with Sony's noise canceling headphones for mobile listening.
Alex
Putting monopoly back on track, these guys at least learned one thing - you can't have copy protectionwneh the client can do all things he wants. So they are pushing trusted client architecture (which is what Microsoft names Digital Rights Management). And you won't be able to do this on Linux because you can't have trusted (from the content provider) environment in open system.
Time to cough up some $ for windows license (all my machines are running Linux exclusively with the noble exception of one PalmOS machine :-)).
Alex
And they still do. As for the hot line, that's true but its no 'standar operation procedure'. Also Allies 'Project X' in WWII used random noise which is essentially a OTP. But I know of no OTP in 'everyday' use. They used M209, Navajo code talkers and other stuff but no OTP.
Alex
As far as I know, US governement agencies never used
One Time Pad. before WWII tey used various ciphers nd codes but no OTP. OTOH OTP was routinely used by Russian Spies snce 1960s. Source - Codebreakers by David Kahn.
Alex, crypto geek.
It wasn't "I have to look it up to refresh it". It was "I have to look it up to learn it". And yes, most of the stuff I asked (and quoted here) was based on who we were doing on daily basis. This involved weird network configurations, weird IPSec configurations, writing kernel modules that talk with Oracle and lotsa very weird stuff.
If your candidate on question 'what is netmask for 10.0.0.0/26' would ansewer 'I don't know but I'll read documentation on this and I'll sure will know', would you hire him?
Alex
Then came the technical questions. The killer one was What are the file type on Unix?. Most guys answered "normal ones, directories, and hidden" (I'm not making this up), at which point I was thanking them for attendance. If the "filetype test" was passed, I asked them about common tasks like adding users (How do you add a user without using the adduser command), installing software, familiarity with packaging systems (the company used Redhat/Immunix and Debian), how do you patch and compile a kernel (a second common point of failure - esp. the patching part), how do you install software that is not packaged, what to do if this not compiles out of the box etc.
There was the networking part where the killer question were What is the CIDR? and Are the non-continous netmasks legal?
And believe me, it was rare that any candidate would pass this part.
Alex
A nice phone for wireless Internet access, IRCing from train rocks.
On the more general note in Poland GPRS service is quite good you get a promotional offer of 3 phone, 3 gigabytes of data (and extra 10 megabytes for the WAP usage via the phone only).
--
It seems that those id's are pretty standard X.509 certs. Netscape Communicator supports them. There are other efforts to make them work in another MUAs but none functional yet. Just export your cert from the Windows MUA - in pkcs12 format (export option should exist) and import it to linux netscape.
--
IMHO you should also gather information if paid overtime (GASP!) when working shift is an option.
For the management types the agument may sound: shift time makes you organize your time better.
--
Whats wrong with socialism? I, unlike you, experienced it myself and I don't see any disadvantages of it. A.
Anyway, working unpaid overtime in startups is a norm, not an exception.
Alex