13 actually. And the replication doesn't quite work the way you claim: the 13 are all actually secondaries to a "hidden" primary.
The main problem with that system, though, is that one mistake on the hidden primary (which has happened) screws up the entire system. And, yes, many many zones were hosed for a while as Network Solutions tried to figure out what the hell they did. And, of course, there's only 13 machines to DoS before all DNS becomes totally useless.
I was at a talk recently given by one of the security guys from Apple. He was asked about the whole TCPA thing, and his response was that Apple wasn't participating in it at present, and didn't really see what they could offer to it. Unless some sort of TCPA-like thing became law, or unless someone came up with some way for Apple to contribute, they were going to stay out of it.
So, at least for now, they're staying out of the DRM wars. Of course, this is all subject to management whims, but that's the state as of now.
Ye gods, I hate these types of stories. The real physics is always more subtle and interesting than the press makes them out to be.
The vast majority of the experiments I've seen like this (I've really only looked at photon tunneling, but this sounds *very* similar from the write-up) are explained by wave-shaping, and the side-effects of that, and are not actually FTL at all. But of course, that's hard to explain to people, so the New Scientist, et al, just go for the "Speed of light broken!" headline, which mis-leads everyone.
I think you're arguing two different points. You're worrying about how the pad actually works, and he's worried about maximizing the use you get out of the pad (by dropping unnecessary words out of the message to be encrypted). These two worries are clearly related, but not identical.
I would say that he is correct: in practice, you would want to drop unnecessary or redundant info out of the message. Since OTPs rely so heavily on securely sharing the pad, you want to maximize the use you can get out of the pad you have without re-use. This means dropping redundant words. In common computer practice, we'd just zip the damn thing before sending it, hopefully greatly increasing the entropy (and decreasing the length) of the message before even bothering to encrypt it, but that's a whole other topic for discussion.
While this is true, there's a reason that no one uses one-time-pads : they're a pain in the ass. In terms of practical usefulness, really only governments are willing to go to the trouble.
The big problem is that once you've encrypted something with an OTP, the security (and secrecy) of the OTP is *everything*. If anyone gets the OTP, your encryption is done for.
So, managing the OTPs becomes the biggest challenge in using them. First, you have to have an OTP about the same size as the file you're encrypting, to ensure that no statistical games can be played to re-build the key, and you have to have a seperate OTP for every message you encrypt. Also, getting an OTP to someone else you want to encrypt a message to is not an easy matter. You have to be sure that no one else can see the transaction that shares the OTP, since that would immediately destroy the security of the system.
Compare this to any symmetric-key system: Yeah, you've also got a key that's central to the cipher. But, the key does not need to be approximately the same size as the file encrypted (as is the case with OTPs), which, for big files, is a huge deal.
Basically, there's a reason we like symmetric-key algorithms, and it's mostly to do with usability. If an encryption system is such a pain in the ass that no one uses it, then its impact in the real world will be zero.
Re:Too late. The cat is out of the bag.
on
"Squishy" DRM?
·
· Score: 2
I'll respond to this with another question:
Would you rather have music only made by one or two obsessed people who can't help but create music? Or would you rather have a legion of people who create music? The fact is, allowing folks to make a living of some sort by making music, even if they do get screwed by the recording labels, means that a lot more people are creating music. That means there's more music around.
Yes, there would still be music without copyright, but there would be much less. Whether this situation would be better or not is debatable.
Re:Too late. The cat is out of the bag.
on
"Squishy" DRM?
·
· Score: 2
Or just...debated:
http://www.wamozartfan.com/bio.html
(cue duelling banjos theme)
It's clear that finances were a problem through all his life, though, so the central point remains.
Re:Too late. The cat is out of the bag.
on
"Squishy" DRM?
·
· Score: 2
Mozart did it, look how much it helped him with fame.
Mozart died nearly penniless, without even the money for a private grave. (He was buried in a mass grave, so we don't know exactly where to go to pay respects.) Yeah, that's a great incentive.
So, will there be a way/API for writing our own plugins/working with other plugins? Or, better yet, a way to get the output from this out to other apps (sockets, etc)?
The reason I ask is that I'd love to take the planned GPS code (mentioned in the "future directions" section of the project) and use it to make a GPS-based stratum-1 NTP source. Real stratum-1 time servers are expensive...doing this all w/software would be cool.
(Yes, I know, it wouldn't be easy to get microsecond accuracy, but it'd be a hell of a lot better than nothing.)
To quote their summary: "GNUnet is an anonymous, distributed, reputation-based network." It's the reputation part that should cover poisoning pretty well (the anonymous part is pretty cool, too).
Yeah, the code is pretty much still at the Alpha stage, but if you want to help....it's gnu code after all.....
Move along. Nothing to see here.
on
Mr Anti-Google
·
· Score: 2
I have one response to this whiny dork: Operation Clambake. Operation Clambake is a criticism of Scientology. It is also ranked very highly by Google in searches for Scientology. Why? Because lots of other sites consider it important and related to Scientology. His pages are not ranked highly in relation to the political figures he tracks. Why? Because no one gives a damn about what he's doing.
Google is doing exactly what it should. The criticism sites that are respected get ranked highly, the cranks get modded down. The only problem here is that we have a whiny crank who conned a Salon writer into writing a story for him.
You back up that server regularly, right? As long as you include the logs in those backups, you're fine. You can just restore the backup somewhere else, and let the authorities look at them there. This is probably a better idea than letting them log onto your mail server (w/the rights to mess w/the logs) anyway.
But, you need to treat RMS just like you would any other wild animal. If you don't feel that you're up to the task of care and feeding of RMS, you should call animal control. They'd be happy to relocate him back to his natural habitat.
Okay, so that bit got me curious: are there any legal consequences to Qwest, or any RBOC, lying during these sorts of arbitration hearings? If it works (and it apparently did in this case), and there aren't any consequences (which there apparently weren't in this case), why would they not do this all the time? If there is some sort of penalty, you apparently have lawyers to spare, why not go after their butts?
Awww...c'mon...you don't have fun w/the registrations?
To the Post, I'm a 101-year-old woman, living in the 20001 zip code who reads lots of tech articles and the Boondocks. Who knew that demographic liked the Boondocks?
Ah, but amending their policies indicates an admission that Verisigns (ok, NetSols) policies were inadequate. If he can show that Verisign/NetSol knew (or reasonably should have known) that their policies were inadequate, then they've been irresponsible, and can be sued for damages.
And, to make things more complicated, some of the casinos in Las Vegas are now using shuffling machines. It's not clear how these machines work, but I'm sure the casinos are paying attention to the math research that shows that some shuffling techniques do not actually maximize randomness.
Okay, the FCC filing (here: http://hraunfoss.fcc.gov/edocs_public/attachmatch/ FCC-02-231A1.pdf ) isn't a preperation to enact the rules. It's a request for comment from the public on whether or not they should implement the rules.
So, what we have here is yet another person to flood with negative responses to industry insanity.
To quote the pdf file: To get filing instructions for e-mail comments, commenters should send an e-mail to ecfs@fcc.gov, and should include the following words in the body of the message, "get form <your e-mail address>."
If you read the article, he mentions that the FCC is apparently preparing to mandate the BPDG recommendations. This removes the pesky Congress from the picture entirely. I have a couple questions about this: 1) Can they do this constitutinally? 2) who do I bitch-slap at the FCC for this insanity?
I suspect this row was caused by the new law that makes him (and other executives) criminally liable for fraud and errors on financials. Without that he wouldn't have cared.
Good. Then the law is doing what it was supposed to. I don't give a damn whether or not he's an angel. If he's too scared of the law to play along with accounting games, then we've taken a step in the right direction.
One of the neater talks from DefCon (I just got back) was the GNU folks talking about doing RF decoding entirely in software.
Now, on its face, this sounds boring, until you realize that they can make a TV, HDTV, Cell Phone, radio, HAM, and CB transciever entirely in software. Once decoding is in software, we can choose whether to obey the broadcast flags or not. I suspect that this whole broadcast flag thing won't last that long if the GNU folks get that project really working well.
Slashdot Mirror
13 actually. And the replication doesn't quite work the way you claim: the 13 are all actually secondaries to a "hidden" primary.
The main problem with that system, though, is that one mistake on the hidden primary (which has happened) screws up the entire system. And, yes, many many zones were hosed for a while as Network Solutions tried to figure out what the hell they did. And, of course, there's only 13 machines to DoS before all DNS becomes totally useless.
I was at a talk recently given by one of the security guys from Apple. He was asked about the whole TCPA thing, and his response was that Apple wasn't participating in it at present, and didn't really see what they could offer to it. Unless some sort of TCPA-like thing became law, or unless someone came up with some way for Apple to contribute, they were going to stay out of it.
So, at least for now, they're staying out of the DRM wars. Of course, this is all subject to management whims, but that's the state as of now.
No more Max Headroom re-runs for this man.
Ye gods, I hate these types of stories. The real physics is always more subtle and interesting than the press makes them out to be.
The vast majority of the experiments I've seen like this (I've really only looked at photon tunneling, but this sounds *very* similar from the write-up) are explained by wave-shaping, and the side-effects of that, and are not actually FTL at all. But of course, that's hard to explain to people, so the New Scientist, et al, just go for the "Speed of light broken!" headline, which mis-leads everyone.
Grrr.
I think you're arguing two different points. You're worrying about how the pad actually works, and he's worried about maximizing the use you get out of the pad (by dropping unnecessary words out of the message to be encrypted). These two worries are clearly related, but not identical.
I would say that he is correct: in practice, you would want to drop unnecessary or redundant info out of the message. Since OTPs rely so heavily on securely sharing the pad, you want to maximize the use you can get out of the pad you have without re-use. This means dropping redundant words. In common computer practice, we'd just zip the damn thing before sending it, hopefully greatly increasing the entropy (and decreasing the length) of the message before even bothering to encrypt it, but that's a whole other topic for discussion.
While this is true, there's a reason that no one uses one-time-pads : they're a pain in the ass. In terms of practical usefulness, really only governments are willing to go to the trouble.
The big problem is that once you've encrypted something with an OTP, the security (and secrecy) of the OTP is *everything*. If anyone gets the OTP, your encryption is done for.
So, managing the OTPs becomes the biggest challenge in using them. First, you have to have an OTP about the same size as the file you're encrypting, to ensure that no statistical games can be played to re-build the key, and you have to have a seperate OTP for every message you encrypt. Also, getting an OTP to someone else you want to encrypt a message to is not an easy matter. You have to be sure that no one else can see the transaction that shares the OTP, since that would immediately destroy the security of the system.
Compare this to any symmetric-key system: Yeah, you've also got a key that's central to the cipher. But, the key does not need to be approximately the same size as the file encrypted (as is the case with OTPs), which, for big files, is a huge deal.
Basically, there's a reason we like symmetric-key algorithms, and it's mostly to do with usability. If an encryption system is such a pain in the ass that no one uses it, then its impact in the real world will be zero.
I'll respond to this with another question:
Would you rather have music only made by one or two obsessed people who can't help but create music? Or would you rather have a legion of people who create music? The fact is, allowing folks to make a living of some sort by making music, even if they do get screwed by the recording labels, means that a lot more people are creating music. That means there's more music around.
Yes, there would still be music without copyright, but there would be much less. Whether this situation would be better or not is debatable.
Or just...debated:
http://www.wamozartfan.com/bio.html
(cue duelling banjos theme)
It's clear that finances were a problem through all his life, though, so the central point remains.
Mozart died nearly penniless, without even the money for a private grave. (He was buried in a mass grave, so we don't know exactly where to go to pay respects.) Yeah, that's a great incentive.
So, will there be a way/API for writing our own plugins/working with other plugins? Or, better yet, a way to get the output from this out to other apps (sockets, etc)?
The reason I ask is that I'd love to take the planned GPS code (mentioned in the "future directions" section of the project) and use it to make a GPS-based stratum-1 NTP source. Real stratum-1 time servers are expensive...doing this all w/software would be cool.
(Yes, I know, it wouldn't be easy to get microsecond accuracy, but it'd be a hell of a lot better than nothing.)
To quote their summary: "GNUnet is an anonymous, distributed, reputation-based network." It's the reputation part that should cover poisoning pretty well (the anonymous part is pretty cool, too).
Yeah, the code is pretty much still at the Alpha stage, but if you want to help....it's gnu code after all.....
I have one response to this whiny dork: Operation Clambake. Operation Clambake is a criticism of Scientology. It is also ranked very highly by Google in searches for Scientology. Why? Because lots of other sites consider it important and related to Scientology. His pages are not ranked highly in relation to the political figures he tracks. Why? Because no one gives a damn about what he's doing.
Google is doing exactly what it should. The criticism sites that are respected get ranked highly, the cranks get modded down. The only problem here is that we have a whiny crank who conned a Salon writer into writing a story for him.
You back up that server regularly, right? As long as you include the logs in those backups, you're fine. You can just restore the backup somewhere else, and let the authorities look at them there. This is probably a better idea than letting them log onto your mail server (w/the rights to mess w/the logs) anyway.
That's not a bear. That's RMS.
But, you need to treat RMS just like you would any other wild animal. If you don't feel that you're up to the task of care and feeding of RMS, you should call animal control. They'd be happy to relocate him back to his natural habitat.
You mean, like RedHat?
Okay, so that bit got me curious: are there any legal consequences to Qwest, or any RBOC, lying during these sorts of arbitration hearings? If it works (and it apparently did in this case), and there aren't any consequences (which there apparently weren't in this case), why would they not do this all the time? If there is some sort of penalty, you apparently have lawyers to spare, why not go after their butts?
Awww...c'mon...you don't have fun w/the registrations?
To the Post, I'm a 101-year-old woman, living in the 20001 zip code who reads lots of tech articles and the Boondocks. Who knew that demographic liked the Boondocks?
Hands up: who thinks wireless (microwave, 802.11, whatever) would be a much better idea here?
Ah, but amending their policies indicates an admission that Verisigns (ok, NetSols) policies were inadequate. If he can show that Verisign/NetSol knew (or reasonably should have known) that their policies were inadequate, then they've been irresponsible, and can be sued for damages.
So, yeah...that's a case. A reasonable one, too.
Warning: Too many connections in /var/www/html/pgp/conn.php on line 7
/var/www/html/pgp/conn.php on line 7
Warning: MySQL Connection Failed: Too many connections in
Error: Could not connect to MySql
mmmm....I love the smell of a slashdotting in the morning. It smells like...victory.
And, to make things more complicated, some of the casinos in Las Vegas are now using shuffling machines. It's not clear how these machines work, but I'm sure the casinos are paying attention to the math research that shows that some shuffling techniques do not actually maximize randomness.
Okay, the FCC filing (here: http://hraunfoss.fcc.gov/edocs_public/attachmatch/ FCC-02-231A1.pdf ) isn't a preperation to enact the rules. It's a request for comment from the public on whether or not they should implement the rules.
So, what we have here is yet another person to flood with negative responses to industry insanity.
To quote the pdf file:
To get filing instructions for e-mail comments,
commenters should send an e-mail to ecfs@fcc.gov, and should include the following words in the body
of the message, "get form <your e-mail address>."
If you read the article, he mentions that the FCC is apparently preparing to mandate the BPDG recommendations. This removes the pesky Congress from the picture entirely. I have a couple questions about this: 1) Can they do this constitutinally? 2) who do I bitch-slap at the FCC for this insanity?
anyone know?
Good. Then the law is doing what it was supposed to. I don't give a damn whether or not he's an angel. If he's too scared of the law to play along with accounting games, then we've taken a step in the right direction.
One of the neater talks from DefCon (I just got back) was the GNU folks talking about doing RF decoding entirely in software.
Now, on its face, this sounds boring, until you realize that they can make a TV, HDTV, Cell Phone, radio, HAM, and CB transciever entirely in software. Once decoding is in software, we can choose whether to obey the broadcast flags or not. I suspect that this whole broadcast flag thing won't last that long if the GNU folks get that project really working well.