That is true, but the point is that it is non-trivial. Already, AES256 (well, a reduced number of rounds) is known to be vulnerable to related key attacks that AES128 is not vulnerable to. It might not be terribly hard to get Rijndael to work for arbitrary key sizes, but there is no guarantee or reason to believe that a 512 bit Rijndael would actually be more secure than 256 bit Rijndael (or that it would not be less secure, though this is not likely). Rijndael is not a provably secure cipher, so claiming that just increasing the key size is a quick fix is not quite right.
For one, AES is designed to have fixed key sizes, so "just switching to 512 bits" is not as trivial as you may think. Also, not all public key cryptosystems are based on the RSA problem.
Quantum computers can factor the product of two prime numbers in polynomial time, so RSA would be broken. A modification of that algorithm allows certain cases of the discrete logarithm problem to be solved efficiently as well, so DH and ElGamal would be broken also. Luckily, quantum computers are not yet known to be able to solve NP complete problems in polynomial time, so cryptosystems based on NP complete problems (Polly Cracker systems, for example) would still be secure assuming that P != NP. There are also hard lattice problems which quantum computers are not known to be more efficient at solving, which can be used to construct cryptosystems, and there was an early public key cryptosystem based on a group theoretic problem which is known to be secure against quantum computing.
So basically, quantum computing is not really a problem at all, at least not in a theoretical sense. It throws a bit of a wrench into some standard hardness assumptions, but nothing too bad.
Can someone shed light on whether they can actually control the internet, on a technical level?
Sure they can; the Internet is not like the old Usenet/UUCPNet, where it is controlled by its own users. All the UN would have to do is go after a handful of companies that really run the Internet, and by force of law require them to do whatever the UN wants them to do. Sanctions against a country could suddenly mean a loss of Internet access -- just force the ISPs to drop any route to that country from their routing tables.
The real question is, will they be able to convince the most powerful nations to play along? I am just going to guess that the answer is "yes," since the world's most powerful nations also happen to stand to gain the most from having a controlled Internet.
If the difficulty US law enforcement has had in policing child pornography on the Internet is any indication, any mandated censorship is going to be very difficult to pull off. Every so often, people will get busted, but for the most part free speech online will be difficult to kill. Let them try to censor the Internet; we'll just see an age of common people learning more and more about cryptography, steganography, and computer security.
Not that I think the Internet would be a nice place if everyone had to take those sorts of measures to protect their freedom of speech.
Given the enormous amount of external information available to any juror, perhaps we will soon be forced to sequester juries more frequently, just to prevent them from doing their own research?
No, but a Wikipedia page could potentially have been modified by the prosecutor or the defense. IANAL, but perhaps if the juror had brought in a volume of Encyclopedia Britannica, things would be different.
First of all, you were not specific about which laws you were referring to. Second of all, there certainly are examples of federal laws which can be willfully violated with no ethical issue; take marijuana law as an example. Would you claim that there is an ethical problem with a cancer patient who uses medical marijuana?
I will ask you again: When did the law become the definition of ethical behavior?
Given the three facts/assumptions above, what is the better option than compulsory health insurance?
Publicly funded healthcare. What the hell do we need private insurance companies for, if we are going to require everyone to pay into the system anyway? Why exactly are the executives and stockholders of private health insurance companies being enriched?
You're right, our society will not tolerate a system in which people are left to die; that's precisely why tax dollars should pay for health care.
Passwords are a very poorly designed security mechanism, yet no matter how many times this is pointed out, people still seem to think that the solution is to educate users about password security. Human brains just do not generate or remember random strings very well, and it is ludicrous to expect users to do so. Of course, passwords will always be around because password based systems are convenient.
Well, for several years I was employed as a programmer, who wrote computer programs as a means of making money. Of course, those programs are all GPLed, and so the issue of people downloading unauthorized copies is pretty much moot (unless, of course, the person they download it from refuses to grant them access to the source code...). I do not get emotional about the issue of people downloading software even when the software is not GPLed.
I understand that for some people, this is an issue to fight over like it is life or death. My point is that the people they are fighting against, which is basically everyone else, are not taking the fight so seriously, and so the rest of us will inevitably lose this fight.
How exactly is what you described any better? You are still basically saying that if I have in my possession an item that I purchased overseas, I am not legally allowed to sell it to anyone else, even though I would be legally allowed to sell it if I had purchased it in America.
It is ludicrous either way. Nobody is going to stop and think, "Did I buy this in another country? Am I allowed to sell it to someone else?" People are going to continue to exercise their natural right to transfer ownership of their property to other people, at whatever price they see fit. Any decision or law to the contrary is a bad idea, it is unenforceable, and it will just result in even more of a disconnect between the law and the average person.
The problem with allowing third-party imports to be sold is that consumers will buy the items, expecting the manufacturer to support them
So what? Either the manufacturer was going to support the product anyway, in another country, or they will not support the product, in which case the consumer should just be told that.
If the product in question is not sold directly domestically, then the manufacturer may not be prepared for the support.
Then tell the customers that, "this product does not come with any warranty or support." Oh, what, the poor manufacturer does not want their name tarnished by having people believe they do not stand behind their products? Then they should stand behind their products regardless of where they are sold.
Further, the product may have been sold in a country where the cost and level of support is different.
I would be more sympathetic if tech support was not being outsourced to third world countries.
The solution is to require that any imports not authorized by the manufacturer must be clearly advertised as not supported by the manufacturer, with all service provided by the importer.
Or better yet, the manufacturer could just ship a redeemable tech-support coupon that activates your support, so that the support is not transferred when the item is resold, unless it was not activated in the first place.
Until people wake up and realize that they do not owe copyright owners anything, nothing will change. I had a conversation a few weeks ago with a person who used to work for the recording industry, and when I suggested that there might not be any ethical problem with downloading unauthorized copies of music and movies, he became so emotional that the conversation ended with him demanding that I never speak to him again. When the people "on the other side" of the issue are fighting like it is a matter of life and death, what hope do the rest of us have when most people just do not see copyright as being a particularly big deal?
What I am a little confused by is how copyright law has anything to do with this. Nobody is copying the logo, so how could a copyright be violated? Does copyright apply to activities that do not involve the creation of copies?
Then again, I'm confident that we'll see incompetent web application developers using unsalted MD5 for decades to come. People don't learn from others' mistakes it seems.
Or even cleartext; yes, I have seen this on production websites, and it is unbelievable.
I have fond memories of communicating by email, IM/IRC, etc. It is as if by virtue of being connected to the Internet, you can send an email message to any email address, and it will be received by someone else who is connected to the Internet. Or perhaps you can use a chat system to engage in real time conversations with any other Internet connected user. Or you might even use Facebook.
Like I said, the invention that really connected billions of the people is the Internet; Facebook is just a way of using the Internet to communicate.
Like it or not, it stretches farther and wider than Usenet, IRC, text MMOs, and just about every communication medium that came before it (the exception perhaps being email) ever could.
Funny, there is one medium that has always been more popular than Facebook...if I remember correctly, it is called "The Internet," and it was around years before Facebook ever debuted. I seem to remember that network connecting billions of people around the world, and Facebook simply being one of the ways in which people use the Internet to connect to each other.
I didn't know my old classmates' email addresses, so I used a search engine to locate them.
I didn't know my old classmates' email addresses, so I used a directory service to locate them.
I have personally reconnected with old friends, not using Facebook, with about as much trouble as it would take you to log on to Facebook and search for those friends.
The point was not that Facebook has not changed anything, but rather that the change is not the simple fact that people are able to communicate with each other. The fact that Facebook is now used by 500 million people to communicate with their friends (or perhaps not really their friends) is not exactly revolutionary. The Internet was the revolutionary technological development that connected billions of people to each other; Facebook has only affected a change in how people use the Internet to communicate.
Email is "kind of silly," but it did enable me to reconnect with old high school friends that I have not seen or heard from in many years. What makes Facebook so special, exactly? We were all connected to each other by the Internet long before Facebook debuted.
That is true, but the point is that it is non-trivial. Already, AES256 (well, a reduced number of rounds) is known to be vulnerable to related key attacks that AES128 is not vulnerable to. It might not be terribly hard to get Rijndael to work for arbitrary key sizes, but there is no guarantee or reason to believe that a 512 bit Rijndael would actually be more secure than 256 bit Rijndael (or that it would not be less secure, though this is not likely). Rijndael is not a provably secure cipher, so claiming that just increasing the key size is a quick fix is not quite right.
For one, AES is designed to have fixed key sizes, so "just switching to 512 bits" is not as trivial as you may think. Also, not all public key cryptosystems are based on the RSA problem.
Quantum computers can factor the product of two prime numbers in polynomial time, so RSA would be broken. A modification of that algorithm allows certain cases of the discrete logarithm problem to be solved efficiently as well, so DH and ElGamal would be broken also. Luckily, quantum computers are not yet known to be able to solve NP complete problems in polynomial time, so cryptosystems based on NP complete problems (Polly Cracker systems, for example) would still be secure assuming that P != NP. There are also hard lattice problems which quantum computers are not known to be more efficient at solving, which can be used to construct cryptosystems, and there was an early public key cryptosystem based on a group theoretic problem which is known to be secure against quantum computing.
So basically, quantum computing is not really a problem at all, at least not in a theoretical sense. It throws a bit of a wrench into some standard hardness assumptions, but nothing too bad.
Can someone shed light on whether they can actually control the internet, on a technical level?
Sure they can; the Internet is not like the old Usenet/UUCPNet, where it is controlled by its own users. All the UN would have to do is go after a handful of companies that really run the Internet, and by force of law require them to do whatever the UN wants them to do. Sanctions against a country could suddenly mean a loss of Internet access -- just force the ISPs to drop any route to that country from their routing tables.
The real question is, will they be able to convince the most powerful nations to play along? I am just going to guess that the answer is "yes," since the world's most powerful nations also happen to stand to gain the most from having a controlled Internet.
The Internet was nice while it lasted.
If the difficulty US law enforcement has had in policing child pornography on the Internet is any indication, any mandated censorship is going to be very difficult to pull off. Every so often, people will get busted, but for the most part free speech online will be difficult to kill. Let them try to censor the Internet; we'll just see an age of common people learning more and more about cryptography, steganography, and computer security.
Not that I think the Internet would be a nice place if everyone had to take those sorts of measures to protect their freedom of speech.
Given the enormous amount of external information available to any juror, perhaps we will soon be forced to sequester juries more frequently, just to prevent them from doing their own research?
No, but a Wikipedia page could potentially have been modified by the prosecutor or the defense. IANAL, but perhaps if the juror had brought in a volume of Encyclopedia Britannica, things would be different.
http://www.redhat.com/
I mean, they only have hundreds of millions of dollars in revenue each year...
I thought /. would be 0% advanced, 0% intermediate, 0% basic, and 100% kindergarten...
/me ducks
First of all, you were not specific about which laws you were referring to. Second of all, there certainly are examples of federal laws which can be willfully violated with no ethical issue; take marijuana law as an example. Would you claim that there is an ethical problem with a cancer patient who uses medical marijuana?
I will ask you again: When did the law become the definition of ethical behavior?
Given the three facts/assumptions above, what is the better option than compulsory health insurance?
Publicly funded healthcare. What the hell do we need private insurance companies for, if we are going to require everyone to pay into the system anyway? Why exactly are the executives and stockholders of private health insurance companies being enriched?
You're right, our society will not tolerate a system in which people are left to die; that's precisely why tax dollars should pay for health care.
Passwords are a very poorly designed security mechanism, yet no matter how many times this is pointed out, people still seem to think that the solution is to educate users about password security. Human brains just do not generate or remember random strings very well, and it is ludicrous to expect users to do so. Of course, passwords will always be around because password based systems are convenient.
Sony will only reenable the feature for people in Spain, and then try to sue anyone who buys Spanish PS3s for use in other countries.
There is a serious ethical problem with purposefully violating the law.
Yes, because parking your car in the wrong place is an ethical problem. Since when has the law been the definition of what is or is not ethical?
Well, for several years I was employed as a programmer, who wrote computer programs as a means of making money. Of course, those programs are all GPLed, and so the issue of people downloading unauthorized copies is pretty much moot (unless, of course, the person they download it from refuses to grant them access to the source code...). I do not get emotional about the issue of people downloading software even when the software is not GPLed.
I understand that for some people, this is an issue to fight over like it is life or death. My point is that the people they are fighting against, which is basically everyone else, are not taking the fight so seriously, and so the rest of us will inevitably lose this fight.
How exactly is what you described any better? You are still basically saying that if I have in my possession an item that I purchased overseas, I am not legally allowed to sell it to anyone else, even though I would be legally allowed to sell it if I had purchased it in America.
It is ludicrous either way. Nobody is going to stop and think, "Did I buy this in another country? Am I allowed to sell it to someone else?" People are going to continue to exercise their natural right to transfer ownership of their property to other people, at whatever price they see fit. Any decision or law to the contrary is a bad idea, it is unenforceable, and it will just result in even more of a disconnect between the law and the average person.
The problem with allowing third-party imports to be sold is that consumers will buy the items, expecting the manufacturer to support them
So what? Either the manufacturer was going to support the product anyway, in another country, or they will not support the product, in which case the consumer should just be told that.
If the product in question is not sold directly domestically, then the manufacturer may not be prepared for the support.
Then tell the customers that, "this product does not come with any warranty or support." Oh, what, the poor manufacturer does not want their name tarnished by having people believe they do not stand behind their products? Then they should stand behind their products regardless of where they are sold.
Further, the product may have been sold in a country where the cost and level of support is different.
I would be more sympathetic if tech support was not being outsourced to third world countries.
The solution is to require that any imports not authorized by the manufacturer must be clearly advertised as not supported by the manufacturer, with all service provided by the importer.
Or better yet, the manufacturer could just ship a redeemable tech-support coupon that activates your support, so that the support is not transferred when the item is resold, unless it was not activated in the first place.
Until people wake up and realize that they do not owe copyright owners anything, nothing will change. I had a conversation a few weeks ago with a person who used to work for the recording industry, and when I suggested that there might not be any ethical problem with downloading unauthorized copies of music and movies, he became so emotional that the conversation ended with him demanding that I never speak to him again. When the people "on the other side" of the issue are fighting like it is a matter of life and death, what hope do the rest of us have when most people just do not see copyright as being a particularly big deal?
What I am a little confused by is how copyright law has anything to do with this. Nobody is copying the logo, so how could a copyright be violated? Does copyright apply to activities that do not involve the creation of copies?
Do they really think that anyone is going to care? You will see those watches resold. Good luck trying to stop people from reselling tangible goods.
Then again, I'm confident that we'll see incompetent web application developers using unsalted MD5 for decades to come. People don't learn from others' mistakes it seems.
Or even cleartext; yes, I have seen this on production websites, and it is unbelievable.
I have fond memories of communicating by email, IM/IRC, etc. It is as if by virtue of being connected to the Internet, you can send an email message to any email address, and it will be received by someone else who is connected to the Internet. Or perhaps you can use a chat system to engage in real time conversations with any other Internet connected user. Or you might even use Facebook.
Like I said, the invention that really connected billions of the people is the Internet; Facebook is just a way of using the Internet to communicate.
Like it or not, it stretches farther and wider than Usenet, IRC, text MMOs, and just about every communication medium that came before it (the exception perhaps being email) ever could.
Funny, there is one medium that has always been more popular than Facebook...if I remember correctly, it is called "The Internet," and it was around years before Facebook ever debuted. I seem to remember that network connecting billions of people around the world, and Facebook simply being one of the ways in which people use the Internet to connect to each other.
I didn't know my old classmates' email addresses, so I used a search engine to locate them.
I didn't know my old classmates' email addresses, so I used a directory service to locate them.
I have personally reconnected with old friends, not using Facebook, with about as much trouble as it would take you to log on to Facebook and search for those friends.
The point was not that Facebook has not changed anything, but rather that the change is not the simple fact that people are able to communicate with each other. The fact that Facebook is now used by 500 million people to communicate with their friends (or perhaps not really their friends) is not exactly revolutionary. The Internet was the revolutionary technological development that connected billions of people to each other; Facebook has only affected a change in how people use the Internet to communicate.
Email is "kind of silly," but it did enable me to reconnect with old high school friends that I have not seen or heard from in many years. What makes Facebook so special, exactly? We were all connected to each other by the Internet long before Facebook debuted.