because, as one of the up-thread comments says, a large file which looks true random is either encrypted or the output of a (good) random number generator. This software wouldn't be able to tell the difference. Unfortunately very few people need very large amounts of true random data, as the people who need the most random numbers are probably computational scientists, and then a good PRNG will do that for you. Alternative needs of true random data relate to communication, or cryptography. Either way you are either 1) an academic (easy to rule out/use as an excuse) 2)have a need for better than internet banking security on your communication (once again easy to prove or rule out, as almost noone needs this) or 3) have a large encrypted file.
One way around this would be to format the blank space on your hard drive true-random, rather than a specific pattern. that way all space which hasn't been used recently looks like a blob of "encrypted/random" text. If you then go and shred (overwrite with random data) all files as you delete them, then having a block of random text on your hard drive is only then evidence of paranoia, not criminal conspiracy.
I've found the onboard graphics card on my laptop is good for a good portion of modern games - sins of a solar empire, gal. civ 2 (if i'm careful with the settings; beyond a certain number of objects on the screen the game suddenly gets very sluggish), Peggle. -- sure, none of them are 1st person shooters, but i've a desktop for when serious graphics need to be displayed, in the mean time, using a computer without any graphics card provides me sufficient entertainment while i'm on the train. (oh, and I think the FF Australian dictionary needs an update, it marked peggle as a spelling error:p )
I'm sorry, but while the 1st does guarantee the right to speak, it doesn't guarantee the right to an audience, and definitely doesn't infer the right to forcibly impose message i do not wish to hear on my time. (eg the sibling post which mentions spray paint on garage doors)
year-mm-dd is by far the most usefull to me -- that way when you sort by the date in character format and numerical format they both end up in the right order.
try naming files backup 12-04-2009, backup 17-11-2008 in windows, then find the latest backup in amongst a group of 50 similar folders. ( yes you can sort by date created/modified, but sometimes that isn't accurate if the backups have been copied/moved. yes, i know some type of content management system would be better for this... )
i don't know about all of 192 GB, but anyone doing video editing would love to be able to fit an entire vedeo sequence,in ram at once - no disk latency while video editing, yes please
if you ever want to play in offline mode, simply check the "remember your login info" checkbox next time you log in. -- its not an action which needs to be done every time you want to be offline. then any time you start up and you can't get online you have the option "start in offline mode", as the GP posted.
in America you can threaten and in fact actually sue for absolutely anything -- if i think that the shade of pink you are wearing offends my masculinity, i could sue you. The real question is would they have any chance of winning?
(IANAL but i think i'd have no chance of winning, but that wouldn't stop me racking up lots of lawyers fees attempting to do so)
bringing up process manager I note: symantic, microsoft, sun, google and adobe running things on my computer i didn't *explicitly* put there (i know about them and keep them because either they are minor annoyances, not worth removing, somewhat useful, or they'll just come back next update anyway).
unless they're doing things wrong (casting to integers)
but casting to char[4] is quite usefull when rendering to a screen - there's nothing like doing hit detection with a rendering pass, grabbing the colour of the pixel you clicked on, then calling the colour cast to a function pointer:) (oh, and then discovering that a specific implementation of opengl lies about the availability of an alpha channel, so the 4th byte is always 0.... )
Encrypted data should be indistinguishable from random noise, whereas there is definitely order to plaintext compressed data.
A good compression method also maximizes entropy (by compressing the same message into a much shorter space) If there is still some structure (non-randomness) in the message, then you could use that knowledge to compress the data further. (shortening the message at the cost of a more complex decompression method).
Therefore a "perfect" compression should look like a header + random noise, just like an encrypted message.
At the limit of compression, with known predefined probabilities of messages being passed, there is little difference between the compression and encryption - "message 1 = i want to have lunch with you tomorrow", message 2 "i agree", message 3 "how about the day after" Is both a great compression scheme for a specific type of communication, and also rudimentary encryption
Alice:1 Bob:3 Alice:3 Bob:2 (and then they have lunch 3 days from now)
compressed data can be "trivially" returned to the original without any extra knowledge (other than the details of the compressions scheme) encrypted data, even with complete knowledge of the mathematical transform done, can't be undone without finding the extra info somehow. (also compressed data is basically always smaller, encrypted data is usually the same size, plus a header.
It is good practice to use both, so that breaking the encryption on a low entropy message is much harder (as it'll be compressed to a short, high entropy burst, and so no assumptions about "weak messages" can be made).
If you use an obscure compression method, then to automated filters there wouldn't be a difference.
you could argue that non-anonymously protesting something like this shows the event is a bit more significant that a few mouse clicks -- if these people are right about what they are protesting, then their name would end up in a database of "people known to object to government activities" which can then be shared around.
i agree that objecting to other things via facebook isn't that significant (if you care send an email, or even better write the email, but print it out and post it), but publicly protesting potential privacy breaches?
somehow that seems to sum up all the comments above me...
anyway, formal software analysis is "hard"; its what compiler developers have been trying to do forever. Proving that code cannot do a specific subset of actions is not quite so hard, but some areas of security such as buffer overflows are inherently run-time only, and very hard to detect at the x86 level which doesn't quite have the concept of data structure, only a blob of memory assigned to a process.
IMO, given that most new computers have multiple cpu's on-the-fly compilation to the most computer optimised binary is probably the best option - run interpreted for the first 10 seconds while some generic bytecode is compiled to PPC,SPARC,or perhaps even x86 instruction sets. (This assumes that there is a significant benefit by improving computability, and that compiling for a specific flavour of x86 is enough of a speed boost that it is worth while).
Given that "With reliable disassembly as a tool, our validator can then insure that the executable includes only the subset of legal instructions, disallowing unsafe machine instructions.", why not just start from the byte code and do forward compile as needed, rather than the reverse one?
actually if you click the "Looking for company info? Click here" button you get company info where you can find nuggets of wisdom such as "Canadian Tire has a long-standing tradition of operating with integrity and we aspire to be Canadaâ(TM)s most trusted company. We expect each of our team members to perform in a manner that maintains the trust and confidence of our shareholders"
actually "initally cooperated" refers to him showing the evidence that he had CP in the first place. Effectively this means that you can't show law enforcement people evidence, then refuse to turn it over.
exactly the same way you get the documents you ask for under any other circumstances - if the police walk in to a business and say "here is a warrant for your financial records, gimmie" "what's to keep them from providing a "sanitized" copy"?
To not give all the evidence in either case, and then be found out later, is probably worse than giving it all later.
"Warning: This Product Attracts Every Other Piece of Matter in the Universe, Including the Products of Other Manufacturers, with a Force Proportional to the Product of the Masses and Inversely Proportional to the Distance Between Them."
(under acceptable circumstances (see endless debate of acceptable above)) EULAS are contracts between you, and the company that makes the software. Therefore they have the software act as an agent on their behalf. I'd like to see someone modify the text that they see in the EULA and propose the modified contract to the company, by pressing "i agree". If the software, acting on the companies behalf, also agrees and continues the installation, does this mean that the company has agreed to the contract?
I'd like to see a case under these circumstances in court - either the EULA is a contract, with the software operating on the companies behalf, or it is not. If the software agrees to a modified eula, it should be just as binding to both parties as if both parties agree to a non-modified one.
the catch is there's a delay between the money is given out, and when it needs to be taxed to repay it, also most of the money is in loans, not direct cash givaways, so the only out-of-pocket expenses are the losses due to bankrupsies (which could be substantial).
If the current crisis lasts less time than the effective duration of the bail-out loans, then what has happened is the goverment has borrowed from future tax income during prosperous times to cover the gap now. If the crisis lasts long enough, then the lack of tax income later breaks this system, making the problem even worse.
Which outcome happens will depend on things no one can accurately foresee. (people aren't even that sure what the state of various companies was 6 months ago letalone now).
Slashdot Mirror
because, as one of the up-thread comments says, a large file which looks true random is either encrypted or the output of a (good) random number generator. This software wouldn't be able to tell the difference. Unfortunately very few people need very large amounts of true random data, as the people who need the most random numbers are probably computational scientists, and then a good PRNG will do that for you.
Alternative needs of true random data relate to communication, or cryptography. Either way you are either 1) an academic (easy to rule out/use as an excuse) 2)have a need for better than internet banking security on your communication (once again easy to prove or rule out, as almost noone needs this) or 3) have a large encrypted file.
One way around this would be to format the blank space on your hard drive true-random, rather than a specific pattern. that way all space which hasn't been used recently looks like a blob of "encrypted/random" text. If you then go and shred (overwrite with random data) all files as you delete them, then having a block of random text on your hard drive is only then evidence of paranoia, not criminal conspiracy.
I've found the onboard graphics card on my laptop is good for a good portion of modern games - sins of a solar empire, gal. civ 2 (if i'm careful with the settings; beyond a certain number of objects on the screen the game suddenly gets very sluggish), Peggle. -- sure, none of them are 1st person shooters, but i've a desktop for when serious graphics need to be displayed, in the mean time, using a computer without any graphics card provides me sufficient entertainment while i'm on the train. :p )
(oh, and I think the FF Australian dictionary needs an update, it marked peggle as a spelling error
well, that's one explanation for the negative population growth in the western world (ignoring immigration)
I'm sorry, but while the 1st does guarantee the right to speak, it doesn't guarantee the right to an audience, and definitely doesn't infer the right to forcibly impose message i do not wish to hear on my time. (eg the sibling post which mentions spray paint on garage doors)
and XP sp3 also ....
year-mm-dd is by far the most usefull to me -- that way when you sort by the date in character format and numerical format they both end up in the right order.
try naming files backup 12-04-2009, backup 17-11-2008 in windows, then find the latest backup in amongst a group of 50 similar folders. ... )
( yes you can sort by date created/modified, but sometimes that isn't accurate if the backups have been copied/moved. yes, i know some type of content management system would be better for this
i tend to use yyyy-mm-dd that way when you sort the folders/files then they are sorted chronologically
i don't know about all of 192 GB, but anyone doing video editing would love to be able to fit an entire vedeo sequence,in ram at once - no disk latency while video editing, yes please
the next one.
if you ever want to play in offline mode, simply check the "remember your login info" checkbox next time you log in. -- its not an action which needs to be done every time you want to be offline.
then any time you start up and you can't get online you have the option "start in offline mode", as the GP posted.
given that it was only detected through decay products, i second this motion.
in America you can threaten and in fact actually sue for absolutely anything -- if i think that the shade of pink you are wearing offends my masculinity, i could sue you.
The real question is would they have any chance of winning?
(IANAL but i think i'd have no chance of winning, but that wouldn't stop me racking up lots of lawyers fees attempting to do so)
yeah, a very large (and increasing) fraction of the worlds manufacturing capacity.
bringing up process manager I note:
symantic, microsoft, sun, google and adobe running things on my computer i didn't *explicitly* put there (i know about them and keep them because either they are minor annoyances, not worth removing, somewhat useful, or they'll just come back next update anyway).
only one person, but multiple "entities".
unless they're doing things wrong (casting to integers)
but casting to char[4] is quite usefull when rendering to a screen - there's nothing like doing hit detection with a rendering pass, grabbing the colour of the pixel you clicked on, then calling the colour cast to a function pointer :) .... )
(oh, and then discovering that a specific implementation of opengl lies about the availability of an alpha channel, so the 4th byte is always 0
Encrypted data should be indistinguishable from random noise, whereas there is definitely order to plaintext compressed data.
A good compression method also maximizes entropy (by compressing the same message into a much shorter space)
If there is still some structure (non-randomness) in the message, then you could use that knowledge to compress the data further. (shortening the message at the cost of a more complex decompression method).
Therefore a "perfect" compression should look like a header + random noise, just like an encrypted message.
At the limit of compression, with known predefined probabilities of messages being passed, there is little difference between the compression and encryption - "message 1 = i want to have lunch with you tomorrow", message 2 "i agree", message 3 "how about the day after" Is both a great compression scheme for a specific type of communication, and also rudimentary encryption
Alice:1
Bob:3
Alice:3
Bob:2
(and then they have lunch 3 days from now)
compressed data can be "trivially" returned to the original without any extra knowledge (other than the details of the compressions scheme) encrypted data, even with complete knowledge of the mathematical transform done, can't be undone without finding the extra info somehow. (also compressed data is basically always smaller, encrypted data is usually the same size, plus a header.
It is good practice to use both, so that breaking the encryption on a low entropy message is much harder (as it'll be compressed to a short, high entropy burst, and so no assumptions about "weak messages" can be made).
If you use an obscure compression method, then to automated filters there wouldn't be a difference.
you could argue that non-anonymously protesting something like this shows the event is a bit more significant that a few mouse clicks -- if these people are right about what they are protesting, then their name would end up in a database of "people known to object to government activities" which can then be shared around.
i agree that objecting to other things via facebook isn't that significant (if you care send an email, or even better write the email, but print it out and post it), but publicly protesting potential privacy breaches?
tags: "google salt insane crap it security"
somehow that seems to sum up all the comments above me ...
anyway, formal software analysis is "hard"; its what compiler developers have been trying to do forever. Proving that code cannot do a specific subset of actions is not quite so hard, but some areas of security such as buffer overflows are inherently run-time only, and very hard to detect at the x86 level which doesn't quite have the concept of data structure, only a blob of memory assigned to a process.
IMO, given that most new computers have multiple cpu's on-the-fly compilation to the most computer optimised binary is probably the best option - run interpreted for the first 10 seconds while some generic bytecode is compiled to PPC,SPARC,or perhaps even x86 instruction sets. (This assumes that there is a significant benefit by improving computability, and that compiling for a specific flavour of x86 is enough of a speed boost that it is worth while).
Given that "With reliable disassembly as a tool, our validator can then insure that the executable includes only the subset of legal instructions, disallowing unsafe machine instructions.", why not just start from the byte code and do forward compile as needed, rather than the reverse one?
actually if you click the "Looking for company info? Click here" button you get company info where you can find nuggets of wisdom such as
"Canadian Tire has a long-standing tradition of operating with integrity and we aspire to be Canadaâ(TM)s most trusted company. We expect each of our team members to perform in a manner that maintains the trust and confidence of our shareholders"
actually "initally cooperated" refers to him showing the evidence that he had CP in the first place. Effectively this means that you can't show law enforcement people evidence, then refuse to turn it over.
exactly the same way you get the documents you ask for under any other circumstances - if the police walk in to a business and say "here is a warrant for your financial records, gimmie" "what's to keep them from providing a "sanitized" copy"?
To not give all the evidence in either case, and then be found out later, is probably worse than giving it all later.
"Warning: This Product Attracts Every Other Piece of Matter in the Universe, Including the Products of Other Manufacturers, with a Force Proportional to the Product of the Masses and Inversely Proportional to the Distance Between Them."
(under acceptable circumstances (see endless debate of acceptable above)) EULAS are contracts between you, and the company that makes the software. Therefore they have the software act as an agent on their behalf. I'd like to see someone modify the text that they see in the EULA and propose the modified contract to the company, by pressing "i agree". If the software, acting on the companies behalf, also agrees and continues the installation, does this mean that the company has agreed to the contract?
I'd like to see a case under these circumstances in court - either the EULA is a contract, with the software operating on the companies behalf, or it is not. If the software agrees to a modified eula, it should be just as binding to both parties as if both parties agree to a non-modified one.
the catch is there's a delay between the money is given out, and when it needs to be taxed to repay it, also most of the money is in loans, not direct cash givaways, so the only out-of-pocket expenses are the losses due to bankrupsies (which could be substantial).
If the current crisis lasts less time than the effective duration of the bail-out loans, then what has happened is the goverment has borrowed from future tax income during prosperous times to cover the gap now. If the crisis lasts long enough, then the lack of tax income later breaks this system, making the problem even worse.
Which outcome happens will depend on things no one can accurately foresee. (people aren't even that sure what the state of various companies was 6 months ago letalone now).