If it's based on positioning with cell phone towers then anywhere with no cellphone signal is good.
Oh my god, the criminals could be anywhere in the entire US!
(Sorry:p)
quietly making a deal with the cellphone companies to get the positions of their phones would be almost as effective
If whoever gets that power gets it through the punishment, I'd prefer if the rulebook said so. If they have that power already, why aren't they using it to catch criminals and enforce restraining orders?
Your idea seems to suggest either violating rule-of-law principles, or a government-on-citizen spying program that would make Orwell turn over in his grave, or a government inept at grabbing for more power.
People need to better understand that it is a theoretical tool for comparing speed factors algorithms. That is useful, but you have to then consider the reality of the situation.
Heck, why don't we computer scientists do the last step of this whole science thing and come up with a model that describes the actual reality more accurately?
Oh, we do. Consider the I/O model, the cache-oblivious model or (for a fun combination) the parallel I/O model. (See for instance Aggarwal & Vitter: The Input/Output Complexity of Sorting and Related Problems.)
if the hardware can do X faster than Y, then X is better according to users.
Well, users as a collection run your algorithm with a distribution of inputs. You can't say that an algorithm is faster than another (either big-O or wall-clock) without talking about a particular case (worst, best, average) and distribution (diff works "better" on lines of code than paragraphs of latex/text; that's mostly a usability thing, but it illustrates different distributions of real-world data).
Inadvertently you also pointed out the regulation we have would not be needed if other regulations were not in place enforcing Comcast in a monopoly in so many communities (you said the problem was people had no other ISP to turn to)... and you want MORE regulation?
Regulation A is bad. Regulation B is regulation. Therefore, regulation B is bad.
I hope this isn't as nuanced a world understanding as you will ever get.
Even if his giving today is completely the result of his dad persuading him, what exactly is wrong with that?
It suggests that Bill Gates' primary goal is satisfying his dad, not actually helping people. This in turn suggests that if daddy is out of the picture, junior will stop being so generous.
Mind you, it doesn't prove anything, but it may cause people to be suspicious, and not entirely unreasonably so.
Free software advocates really need to understand that if you want to have true freedom
I think the concepts "true freedom", "false freedom", "more freedom" and "less freedom" don't exist---or at least are very misleading to think in terms of. I think it's much more useful to think in terms of freedom to do specific things.
Like, in the US, people are free to say whatever they want. The government is not free to censor people. One can argue that only if the government is allowed to censor people is it truly free. I think the freedom of the people is more important.
And that's pretty much my take on this discussion: there is no "more free" license. The GPL restricts (de jure) some people in ways the 3-clause BSD license doesn't. The 3-clause BSD license lets people (de facto) restrict some people in ways that aren't legal under the GPL.
Do you want the freedoms behind door number 1 or the ones behind door number 2? Which freedoms are "more"? Which freedoms are "true"?
(Oh, and by the way, who gets to define which freedoms are "true", and why _those_ people? Also, do these "true" freedoms have any special observable properties? Or were you just making a meaningless and/or unfounded assertion?)
At least, when you define "evil" as "whatever gets me more money/power/sex".
I think that's a good definition of being selfish, not evil. Evil is more like using power over others to intentionally hurt them.
The pricks on the highway who won't let you pass---they're not doing it to piss you off, they're doing it to arrive one second faster. True, it makes no difference to you, you're just as stuck, but I think it makes a big difference in the ethical calculations that they're not intending to be mean, you're just unluckily holding the short end of a stick. Also, is your one second somehow worth more than their one second? Well, I think it is if the system otherwise causes you to get deadlocked, but... it's starting to get slightly non-trivial here...
On behalf of the Knights of Standards, Measurements and Practices, I object! What kind of pound unit is 453.5g? Surely not the combined mass of three african swallows!?
(I suppose your thinking goes something like this: 1) numerical errrors 2) ??? 2.995) penny-shaving profit)
Sure, this might be viable for operations you seldom do, like dimming the lights or turning on a monitor, but it won't be viable for any prolonged use.
Not only that, gestures appear to be quite slow.
You might think that it's not really a problem because you don't do that many and so on average you have time enough. While true, that overlooks an important issue: the system is often hung waiting for user input.
Let's take the application example from the video: photo browsing. Let's say I want to find a particular photo in some linear collection. What am I going to do? Linear search, i.e. "look at one; is it that one? yes=return, no=goto next and repeat." Let's break down what happens in my brain: visual perception ("look at one"), recognition ("is it that one?"), decision ("yes=[...], no=[...], which branch to take?"), motor planning ("I'm going to move my hand in order to 'goto next'"), motor execution ("I'm moving my hand [as above]").
Note that each step depends on the previous. You can't really do a gesture in advance and save it up, because (presumably) it would take another gesture to release your savings, and what have you saved then?
So you're really stuck doing this slow reaction to external stimuli.
That being said, if the people behind this technology show appropriate humility and says "this is a prototype / under development / subject to continuous improvement" loudly and clearly enough, I think they deserve respect---basically because I think it's valuable to contribute new ideas to any discussion, especially if they've been proven feasible, and one can always limit the application of the idea to those places where it's actually useful (and those places, in my mind, are left un(der)explored).
My p cents where p is an even prime. (But hey, I'm not doing HCI, I'm doing crypto, so don't trust the above just for my authority:D -- but I hope it gives you something new to think about)
Everybody else has to do that... why should internet companies be different?
I hear the have internet in east bumfuckistan. Should all the world's internet sites obey east bumfuckistani law?
Try these on for size: The Middle East (no depictions of mohammed), Thailand (I hear they have a lot of respect for their king), France (got a thing against Nazi memorabilia), China (Tiananmen square is a touchy subject), [...].
What is the cost of making every website in 192 different versions? How do you vet user-supplied content for legality across 192 different jurisdictions?
So, to answer your question very explicitly: Internet companies should be different, one might argue, because your office or shop tends to not be built on the border between country A and B but the internet is, for every value of A and B.
Where's the graph showing Linux's install base compared to the rest of the market?
Yeah, I was wondering about that, and the whole "This bodes well for Linux" bit.
I mean, all the curves are going down. Ubuntu went up at (what appears to be) all the other distros' expense, but they're going down now. Mint may be going up, but not very steadily.
I know, Android is going up. But that's not really Linux---at least, as I understand it, not in the sense that N900 is Linux. Can you run frozen-bubble//wesnoth/sgt-puzzles/quake/openoffice on Android? (I can on my N900)
So, in what sense does it bode well for Linux? Can anyone who reads that out of the data presented in the article explain it to me? If so, thank you very much:-)
but Net Neutrality insists on going further to outlaw legal and voluntary premium content delivery services.
If power is sufficiently concentrated, it will tend to concentrate more. ISPs form such a concentration. These premium content delivery services are the tool which they use to concentrate power even more.
I think Net Neutrality proponents are against this concentration of power, and as a side effect are against its mechanism.
(That's my viewpoint, FWIW: that some organizations have way too much power, and the net would be better if they hadn't, and then I'm all for letting people pay more for faster downloads or whatever; see also rapidshare, fileplanet etc.)
An information service, where the ISPs all go gather all the worlds information and present it to the user. If it helps you, think of google, slashdot, my personal web server, [...] as the associated press feed and the ISP as the news anchor, except you can call in and have the news anchor give you the story you want.
You could view it this way. I mean, you can if you know jack shit about IP, TCP, HTTP, SMTP, BGP, DNS// ARIN, ICANN, [...].
Well done DNA analysis can be an amazing crime fighting tool
Isn't it mostly used for getting convictions once you got the guy? Or is it also used when trying to catch the guy? (That would require him to be a repeat offender, as he otherwise wouldn't be in any DNA register, true?)
That's funny, I thought it was like this: the adrenal glands increase zergling attack rate while the neurotransmitters (i.e. brain chems) increase mana regeneration;-)
Microsoft has thousands of programmers working full-time; Linux is maintained by volunteers, working in their spare time.
How many volunteers, compared to the number of Microsoft programmers? If the volunteers each work one tenth of full time per week but there are twenty times as many of them as there are Microsoft programmers, how does the math come out?
That means that Microsoft can easily allocate more resources to fixing a security bug than Linux can.
I see a type error: Microsoft is an organization, Linux is one or more pieces of software; they seem to not have an "allocate resources" behavior in common. So---who is this "Linux" you speak of? Do you mean Red Hat? Canonical? The Debian project? The collection of hobbyists living in their moms' basements? How does this resource-allocating-Linux-thing allocate its resources? How do you know how easily it does it, and how many resources it has?
This being true, you'd expect Microsoft to get bug patches out quicker than Linux
This assumes that more input resources yields more output results. That's not true, not even in just all the non-degenerate cases (For a controversial example, compare health care systems for price and quality across nations).
the Microsoft patches come out only on Patch Tuesday, while the Linux patches come out as quickly as the various distros fold them into their updates.
How quick are those two time spans compared to one another, on average? (Pick your sample any way you want, as long as you discuss what might be wrong about your sampling method)
And, if that's not fast enough for you, you can always download the source and compile it for yourself
Assuming you have the time and skills to do so. (If you believe it takes virtually no skills, I guess you don't do tech support for family and friends)
Roll it out in the cell phones and the problem is solved!
What happens if you give all cell phones IPv6 addresses only and the rest of the internet stays IPv4?
How will the cell phones access facebook/slashdot/google/... when all those services don't listen for IPv6 traffic? I'm quite sure you don't IPv4 NAT the traffic;-)// but seriously, you put it in an encapsulation layer, who decapsulates? Is that really a viable option?
It's not clear to me how your scenario would play out. Care to give (more of) your thoughts? Thank you:)
then there wouldn't be any reason to think further about whether RSA is an NP problem.
Clearly it's the NP-hardness of any problem, rather than the NP membership, that makes it useful for security applications.
By way of example, add-and-compare (given integers x, y and z, answer "is x + y <= z") is in P and thus in NP. But since it's in P (and since we all learn an efficient algorithm in school), it would be somewhat foolish to base any kind of security on the assumption that an adversary cannot add numbers.
Also, every NP problem reduces to the halting problem, so it must be NP-hard (reduction: "for every candidate solution: if it works: return it; endfor; hang"). But, as the halting problem is undecidable, it is unlikely to enter into the picture as an attack on a cryptosystem as the cryptosystem is not likely to go near "halting territory" (i.e. involve that as a part of the encryption or decryption process, or anything attackable by a halting-decider); at least not in my experience (I'm a ph.d. student in cryptography).
Note that to the best accuracy ability of my memory, there is cryptography with only polynomial "advantage": encryption and decryption takes time O(n), breaking takes time O(n^2); this is provable without any unproven assumptions (such as the hardness of factoring or discrete logarithms). As long as the best known factoring algorithm takes superpolynomial (but subexponential) time, I prefer that; but if it breaks down, there is somewhere to retreat to. Presumably, that area is open to much low-hanging further research fruits.
Hell a phrase like "Purple Elephants make for a rough Work Day" is much harder to crack than "1qaz@WSX3edc$RFV"
Let's see, I have a bunch of algorithms:
let x = "Purple Elephants make for a rough Work Day"; if attempt(x) return x else return null
let x = "1qaz@WSX3edc$RFV"; same as before
For every string (of increasing length, lexicographic order): if attempt(x) return x;
For every n-tuple of dictionary words: if attempt(x) return x
The first one proves that "Purple Elephants [...]" is much easier to crack than the keyboard hamfist one, yes?;-)
Of course it doesn't. This goes to show that one ought to be aware of what the cracker is doing. That kinda' makes sense if you generalise it: if you want to protect something, it is probably useful to know which dangerous things happen to it (i.e. which pass phrases are attempted, how often, at what time and in which order).
There is really no good way to handle this problem because all cryptography is based on trust.
Trust in what?
Do you trust your government with the ability to forge your identity? Me neither.
I have no idea what you're on about.
Suppose that I tell you my public RSA key (n, e) [messages m encrypt to (m**e % n)], n = pq for two huge primes p and q. How would you forge my identity? Would you factor n?
Sure, that works, for impersonating jonaskoelker. But it doesn't work for impersonating everybody.
So you want to attack the part of the chain where I learn that (n', e') is the public key of drinkypoo (rather than someone else)?
Well, true, that part is based on trust. But with a web of trust, it's based on the trust you have in your friends, not in the government.
Okay, so we don't seem to be doing that. But I can hope, can't I?;-)
Half way seriously: with everyone running around with smartphones these days, we'd easily be able to do identity verification for/on one another. And if you believe what sociologists say about the A-knows-B-graph of the earth having diameter 6 ("# handshakes"), this should actually work (in the sense of connecting you with everybody else).
(Then, for the hard part: convince people that they need to go out of their way to be as secure as they feel.)
Slashdot Mirror
If it's based on positioning with cell phone towers then anywhere with no cellphone signal is good.
Oh my god, the criminals could be anywhere in the entire US!
(Sorry :p)
quietly making a deal with the cellphone companies to get the positions of their phones would be almost as effective
If whoever gets that power gets it through the punishment, I'd prefer if the rulebook said so. If they have that power already, why aren't they using it to catch criminals and enforce restraining orders?
Your idea seems to suggest either violating rule-of-law principles, or a government-on-citizen spying program that would make Orwell turn over in his grave, or a government inept at grabbing for more power.
not a true hack in that quantum states were undisturbed regardless of reading them.
Dammit, I had hoped to base my perpetuum mobile on these hackers' violation of the laws of physics :(
People need to better understand that it is a theoretical tool for comparing speed factors algorithms. That is useful, but you have to then consider the reality of the situation.
Heck, why don't we computer scientists do the last step of this whole science thing and come up with a model that describes the actual reality more accurately?
Oh, we do. Consider the I/O model, the cache-oblivious model or (for a fun combination) the parallel I/O model. (See for instance Aggarwal & Vitter: The Input/Output Complexity of Sorting and Related Problems.)
if the hardware can do X faster than Y, then X is better according to users.
Well, users as a collection run your algorithm with a distribution of inputs. You can't say that an algorithm is faster than another (either big-O or wall-clock) without talking about a particular case (worst, best, average) and distribution (diff works "better" on lines of code than paragraphs of latex/text; that's mostly a usability thing, but it illustrates different distributions of real-world data).
Inadvertently you also pointed out the regulation we have would not be needed if other regulations were not in place enforcing Comcast in a monopoly in so many communities (you said the problem was people had no other ISP to turn to)... and you want MORE regulation?
Regulation A is bad. Regulation B is regulation. Therefore, regulation B is bad.
I hope this isn't as nuanced a world understanding as you will ever get.
Also, good data redundancy redundancy is very important.
Even if his giving today is completely the result of his dad persuading him, what exactly is wrong with that?
It suggests that Bill Gates' primary goal is satisfying his dad, not actually helping people. This in turn suggests that if daddy is out of the picture, junior will stop being so generous.
Mind you, it doesn't prove anything, but it may cause people to be suspicious, and not entirely unreasonably so.
Free software advocates really need to understand that if you want to have true freedom
I think the concepts "true freedom", "false freedom", "more freedom" and "less freedom" don't exist---or at least are very misleading to think in terms of. I think it's much more useful to think in terms of freedom to do specific things.
Like, in the US, people are free to say whatever they want. The government is not free to censor people. One can argue that only if the government is allowed to censor people is it truly free. I think the freedom of the people is more important.
And that's pretty much my take on this discussion: there is no "more free" license. The GPL restricts (de jure) some people in ways the 3-clause BSD license doesn't. The 3-clause BSD license lets people (de facto) restrict some people in ways that aren't legal under the GPL.
Do you want the freedoms behind door number 1 or the ones behind door number 2? Which freedoms are "more"? Which freedoms are "true"?
(Oh, and by the way, who gets to define which freedoms are "true", and why _those_ people? Also, do these "true" freedoms have any special observable properties? Or were you just making a meaningless and/or unfounded assertion?)
How would you like it if every time you ran NewSuperGameWithDRM, Photoshop lost it's license and forced you to phone home to reconfirm it?
I don't think NewSuperGameWithDRMStudioExecutive thinks nor cares particularly about consumer convenience, he just wants people's money.
At least, when you define "evil" as "whatever gets me more money/power/sex".
I think that's a good definition of being selfish, not evil. Evil is more like using power over others to intentionally hurt them.
The pricks on the highway who won't let you pass---they're not doing it to piss you off, they're doing it to arrive one second faster. True, it makes no difference to you, you're just as stuck, but I think it makes a big difference in the ethical calculations that they're not intending to be mean, you're just unluckily holding the short end of a stick. Also, is your one second somehow worth more than their one second? Well, I think it is if the system otherwise causes you to get deadlocked, but... it's starting to get slightly non-trivial here...
Anyways, the point: selfish != evil.
181.4 kg gorilla
On behalf of the Knights of Standards, Measurements and Practices, I object! What kind of pound unit is 453.5g? Surely not the combined mass of three african swallows!?
(I suppose your thinking goes something like this:
1) numerical errrors
2) ???
2.995) penny-shaving profit)
Sure, this might be viable for operations you seldom do, like dimming the lights or turning on a monitor, but it won't be viable for any prolonged use.
Not only that, gestures appear to be quite slow.
You might think that it's not really a problem because you don't do that many and so on average you have time enough. While true, that overlooks an important issue: the system is often hung waiting for user input.
Let's take the application example from the video: photo browsing. Let's say I want to find a particular photo in some linear collection. What am I going to do? Linear search, i.e. "look at one; is it that one? yes=return, no=goto next and repeat." Let's break down what happens in my brain: visual perception ("look at one"), recognition ("is it that one?"), decision ("yes=[...], no=[...], which branch to take?"), motor planning ("I'm going to move my hand in order to 'goto next'"), motor execution ("I'm moving my hand [as above]").
Note that each step depends on the previous. You can't really do a gesture in advance and save it up, because (presumably) it would take another gesture to release your savings, and what have you saved then?
So you're really stuck doing this slow reaction to external stimuli.
That being said, if the people behind this technology show appropriate humility and says "this is a prototype / under development / subject to continuous improvement" loudly and clearly enough, I think they deserve respect---basically because I think it's valuable to contribute new ideas to any discussion, especially if they've been proven feasible, and one can always limit the application of the idea to those places where it's actually useful (and those places, in my mind, are left un(der)explored).
My p cents where p is an even prime. (But hey, I'm not doing HCI, I'm doing crypto, so don't trust the above just for my authority :D -- but I hope it gives you something new to think about)
Everybody else has to do that... why should internet companies be different?
I hear the have internet in east bumfuckistan. Should all the world's internet sites obey east bumfuckistani law?
Try these on for size: The Middle East (no depictions of mohammed), Thailand (I hear they have a lot of respect for their king), France (got a thing against Nazi memorabilia), China (Tiananmen square is a touchy subject), [...].
What is the cost of making every website in 192 different versions? How do you vet user-supplied content for legality across 192 different jurisdictions?
So, to answer your question very explicitly: Internet companies should be different, one might argue, because your office or shop tends to not be built on the border between country A and B but the internet is, for every value of A and B.
Where's the graph showing Linux's install base compared to the rest of the market?
Yeah, I was wondering about that, and the whole "This bodes well for Linux" bit.
I mean, all the curves are going down. Ubuntu went up at (what appears to be) all the other distros' expense, but they're going down now. Mint may be going up, but not very steadily.
I know, Android is going up. But that's not really Linux---at least, as I understand it, not in the sense that N900 is Linux. Can you run frozen-bubble//wesnoth/sgt-puzzles/quake/openoffice on Android? (I can on my N900)
So, in what sense does it bode well for Linux? Can anyone who reads that out of the data presented in the article explain it to me? If so, thank you very much :-)
but Net Neutrality insists on going further to outlaw legal and voluntary premium content delivery services.
If power is sufficiently concentrated, it will tend to concentrate more. ISPs form such a concentration. These premium content delivery services are the tool which they use to concentrate power even more.
I think Net Neutrality proponents are against this concentration of power, and as a side effect are against its mechanism.
(That's my viewpoint, FWIW: that some organizations have way too much power, and the net would be better if they hadn't, and then I'm all for letting people pay more for faster downloads or whatever; see also rapidshare, fileplanet etc.)
GGP wanted the partisans to form an orderly, single file cueue ;-)
What else could it be?
An information service, where the ISPs all go gather all the worlds information and present it to the user. If it helps you, think of google, slashdot, my personal web server, [...] as the associated press feed and the ISP as the news anchor, except you can call in and have the news anchor give you the story you want.
You could view it this way. I mean, you can if you know jack shit about IP, TCP, HTTP, SMTP, BGP, DNS // ARIN, ICANN, [...].
Well done DNA analysis can be an amazing crime fighting tool
Isn't it mostly used for getting convictions once you got the guy? Or is it also used when trying to catch the guy? (That would require him to be a repeat offender, as he otherwise wouldn't be in any DNA register, true?)
That's funny, I thought it was like this: the adrenal glands increase zergling attack rate while the neurotransmitters (i.e. brain chems) increase mana regeneration ;-)
Allow me to analyze your assumptions:
Microsoft has thousands of programmers working full-time; Linux is maintained by volunteers, working in their spare time.
How many volunteers, compared to the number of Microsoft programmers? If the volunteers each work one tenth of full time per week but there are twenty times as many of them as there are Microsoft programmers, how does the math come out?
That means that Microsoft can easily allocate more resources to fixing a security bug than Linux can.
I see a type error: Microsoft is an organization, Linux is one or more pieces of software; they seem to not have an "allocate resources" behavior in common. So---who is this "Linux" you speak of? Do you mean Red Hat? Canonical? The Debian project? The collection of hobbyists living in their moms' basements? How does this resource-allocating-Linux-thing allocate its resources? How do you know how easily it does it, and how many resources it has?
This being true, you'd expect Microsoft to get bug patches out quicker than Linux
This assumes that more input resources yields more output results. That's not true, not even in just all the non-degenerate cases (For a controversial example, compare health care systems for price and quality across nations).
the Microsoft patches come out only on Patch Tuesday, while the Linux patches come out as quickly as the various distros fold them into their updates.
How quick are those two time spans compared to one another, on average? (Pick your sample any way you want, as long as you discuss what might be wrong about your sampling method)
And, if that's not fast enough for you, you can always download the source and compile it for yourself
Assuming you have the time and skills to do so. (If you believe it takes virtually no skills, I guess you don't do tech support for family and friends)
Roll it out in the cell phones and the problem is solved!
What happens if you give all cell phones IPv6 addresses only and the rest of the internet stays IPv4?
How will the cell phones access facebook/slashdot/google/... when all those services don't listen for IPv6 traffic? I'm quite sure you don't IPv4 NAT the traffic ;-) // but seriously, you put it in an encapsulation layer, who decapsulates? Is that really a viable option?
It's not clear to me how your scenario would play out. Care to give (more of) your thoughts? Thank you :)
then there wouldn't be any reason to think further about whether RSA is an NP problem.
Clearly it's the NP-hardness of any problem, rather than the NP membership, that makes it useful for security applications.
By way of example, add-and-compare (given integers x, y and z, answer "is x + y <= z") is in P and thus in NP. But since it's in P (and since we all learn an efficient algorithm in school), it would be somewhat foolish to base any kind of security on the assumption that an adversary cannot add numbers.
Also, every NP problem reduces to the halting problem, so it must be NP-hard (reduction: "for every candidate solution: if it works: return it; endfor; hang"). But, as the halting problem is undecidable, it is unlikely to enter into the picture as an attack on a cryptosystem as the cryptosystem is not likely to go near "halting territory" (i.e. involve that as a part of the encryption or decryption process, or anything attackable by a halting-decider); at least not in my experience (I'm a ph.d. student in cryptography).
Note that to the best accuracy ability of my memory, there is cryptography with only polynomial "advantage": encryption and decryption takes time O(n), breaking takes time O(n^2); this is provable without any unproven assumptions (such as the hardness of factoring or discrete logarithms). As long as the best known factoring algorithm takes superpolynomial (but subexponential) time, I prefer that; but if it breaks down, there is somewhere to retreat to. Presumably, that area is open to much low-hanging further research fruits.
Tell me about it, it doesn't even pass tokenizaton!
Hell a phrase like "Purple Elephants make for a rough Work Day" is much harder to crack than "1qaz@WSX3edc$RFV"
Let's see, I have a bunch of algorithms:
The first one proves that "Purple Elephants [...]" is much easier to crack than the keyboard hamfist one, yes? ;-)
Of course it doesn't. This goes to show that one ought to be aware of what the cracker is doing. That kinda' makes sense if you generalise it: if you want to protect something, it is probably useful to know which dangerous things happen to it (i.e. which pass phrases are attempted, how often, at what time and in which order).
and impersonates the operating system's user interface.
Downloading emacs.js
1% done
processing...
processing...
1% done
processing...
processing...
1% done
processing...
processing...
HEAP SPACE EXHAUSTED
(from a loving user)
There is really no good way to handle this problem because all cryptography is based on trust.
Trust in what?
Do you trust your government with the ability to forge your identity? Me neither.
I have no idea what you're on about.
Suppose that I tell you my public RSA key (n, e) [messages m encrypt to (m**e % n)], n = pq for two huge primes p and q. How would you forge my identity? Would you factor n?
Sure, that works, for impersonating jonaskoelker. But it doesn't work for impersonating everybody.
So you want to attack the part of the chain where I learn that (n', e') is the public key of drinkypoo (rather than someone else)?
Well, true, that part is based on trust. But with a web of trust, it's based on the trust you have in your friends, not in the government.
Okay, so we don't seem to be doing that. But I can hope, can't I? ;-)
Half way seriously: with everyone running around with smartphones these days, we'd easily be able to do identity verification for/on one another. And if you believe what sociologists say about the A-knows-B-graph of the earth having diameter 6 ("# handshakes"), this should actually work (in the sense of connecting you with everybody else).
(Then, for the hard part: convince people that they need to go out of their way to be as secure as they feel.)