That is a pretty poor measure of innovation, since it basically defines innovation by popularity. Maybe Facebook was marketed better than its competitors; would consider that to be "innovative?"
Buy "put" options. Keep in mind that these expire after some amount of time, so you have to be able to predict how quickly the price will fall. Also, I would not be so quick to assume that Facebook is overhyped; they have a lot of data that they can sell, a lot of advertising power, etc.; it is like claiming that Google is overhyped.
Is there proof of this? I thought I remembered Facebook researchers publishing a paper somewhere, but now I cannot seem to find it. Maybe everything is being done in secret, but then how would we ever know if they are innovating or just copying innovators?
I am having trouble remember what innovation we ever actually saw out of Facebook. I vaguely recall that they contributed some patches to a few open source projects, and I thought that they had done some research on distributed computing but I cannot seem to find that paper. Perhaps "past that" should be "never saw that?"
You could set up an experiment on your own using about $20 worth of components (having access to an oscilloscope is helpful but not strictly necessary). When I was in high school, I tried to build a radio using some spare parts from my electronics class; I was not able to pick up anything intelligible, but I did pick up lots of emissions from the computer sitting on my desk. If I ran a program with a tight loop, I could actually hear the difference coming out of the speak.
This, of course, is not quite the same thing as determining bits of a secret key, but the concept is the same -- it is just a little less sophisticated. All my "radio" was was a high gain amplifier and an PLL; anyone could build such a thing. Reliably extracting crypto keys is a matter of understanding how the algorithm interacts with the hardware, and then forcing it to process plaintext or ciphertext of your choosing (e.g. by using a TLS connection to a website that you control).
The TPM can always be broken. It stores a secret key right there for you to take and use for your own purposes -- you just need to find a way to extract it from the device. Attacking the TPM is not really a crypto problem as much as it is a security engineering problem: how do you prevent people from reading data that is stored on a computer they control, while still allowing them to use that data.
This is a well known side channel attack; it is usually pretty hard to pull off for all the reasons you said, but apparently these researchers have overcome those obstacles. Usually these sorts of attacks are chosen plaintext or chosen ciphertext attacks, and you will look for particular changes in the EMI that comes out of the phone which can be correlated with the secret key. You will probably need to choose many plaintexts/ciphertexts for this attack to work, but a typical TLS session will probably be enough.
You could just ignore the law and use the Internet to route around this sort of thing. Why follow an unjust law?
Of course, when a few people are imprisoned for doing so, and the news media tells everyone else about it, people will be frightened back into conformance. That is, of course, how things are supposed to work in the free world, right?
New communication systems can be exploited in different ways, and so new technologies need to be developed. The value of Facebook is not just in what people are typing, but in what their friends, friends of friends, etc. are typing as well.
I thought we already knew that law enforcement agencies were watching social networking websites? They have caught people because of pictures posted online in the past:
Thus explaining why schools in wealthier areas are doing better. Clearly, the fact that people can pay for private tutoring, higher teacher-to-student ratios, functional equipment and facilities, etc. has absolutely nothing to do with it.
Re:What does the hell does NP Hard mean?
on
Pac-Man Is NP-Hard
·
· Score: 1
P -- problems that can be solved in time that grows according to some polynomial of the size of problem (e.g. sorting -- can be solved in n^2 time by bubble sort).
NP -- problems that can be verified in polynomial time; we think that some of these problems cannot be solved in polynomial time. For example, graph three colorability is in NP and is not known to be in P; this means that if I show you a 3-colored graph, you can check that it is indeed 3-colored in polynomial time, but if I give you a graph and ask you to compute its 3-coloring, the amount of work you do will be exponential in the size of the graph (unless P=NP).
NP-complete -- problems for which any polynomial time solution would imply a polynomial time solution for any NP problem and for which a proof that shows there is no polynomial time algorithm would imply that none of the NP-complete problems can be solved in polynomial time.
NP-hard -- problems which any NP-complete problem can be reduced to i.e. given an NP-complete problem, it can be reexpressed as an NP-hard problem. Another way to state this is that NP hard problems cannot be solved faster than NP complete problems. Note that while a polynomial time solution to an NP-hard problem would imply P=NP, it is not the case that a proof that NP-hard != P implies P!=NP.
PSPACE -- problems which can be solved using a polynomial amount of space. Note that this not only includes P, but also NP and NP-hard, as well as even harder to solve problems.
PSPACE-complete -- same as NP-complete, but for PSPACE rather than NP.
PSPACE-hard -- ditto.
...or you can consult the nearest copy of Goldreich's computational complexity text, which covers these in more detail than Slashdot ever could.
Illegal or not i'll do whatever i want with my phone
So, where do I get all the tools that geohot wrote, so that I can jailbreak my PS3?
The problem with software being illegal is that it makes it harder to get that software, which discourages people who might have done so otherwise. I have no problem finding the PS3 jailbreaking tools, but a lot of other people would. Further, do you really want hackers to be arrested, deported, and so forth just for writing or distributing such tools? Do you really want to have to go on Tor or Freenet to find them?
This is a bit like music, in that I can write a tune that has a similar melody to someone else using totally different instruments and if it is too similar the original composer can sue me and claim royalty payments. This has been the case for years.
Then almost all the music on the market today would be in violation. It all follows the same basic patterns, has similar lyrical themes, uses the same instruments, etc. Yet the RIAA has the nerve to call everyone else "thieves" for downloading music...
In an election year? Too dangerous to leave this entirely untouched. Hope for the best?
Even more dangerous to touch it. Look at how many people in the Obama administration have ties to Hollywood and the MPAA -- investigating Dodd opens the door to investigating all of them too. In fact, it basically means investigating most of the politicians in the US government; that is why we can expect nothing to happen here. We asked the mafia to cracked down on organized crime, and we should not be so naive as to think that they would actually accomplish anything.
On the other hand, it may not be terribly hard to:
Get an industrial electric engine
Get gears and wires from a hardware store
Fabricate the frame, interior, steering wheel, etc.
I am leaving plenty of parts out, but the fact is that an electric car has a much simpler engine than internal combustion, and 3D printers could be used to fabricate many of the non-engine/frame/electrical parts of a car. I doubt people will be fabricating farm equipment or trucks, but it is not unreasonable to think that people might fabricate a small car for city driving.
Have an SSH server somewhere, and tunnel everything through that; this is the equivalent of using a VPN. If you see host key warnings, then abort -- better than the headache of dealing with someone pwning your bank account.
That's the one thing I'm not sure of. I'm all for downloading one, but where can I get a VIN to make it street legal?
This is the least of your concerns -- people do build their own cars in garages and there are procedures in place to register those cars. The real problem with downloading a car is that Detroit will join Hollywood in attacking new technologies rather than updating their business model.
the republicans are MUCH worse. the dems are not white knights by any means, but what the repubs to do what we call american society is a travesty.
Really? Was it a Republican president whose drug policy included spreading propaganda via prime time TV by rewriting the scripts, or was it a Democrat named Bill Clinton? Did the Republicans pass and signed CALEA into law, or the Democrats? How about the latest NDAA bill that allows citizens to be imprisoned indefinitely without a trial -- was Obama being a Republican when he signed the bill? Was Chris Dodd (the one who openly admits to bribery) a Democrat or a Republican when he was a senator?
The only difference between Democrats and Republicans is the public face they put on. Republicans try to appeal to idiotic dreams about America being a Christian nation, whereas Democrats continue to appeal to liberals who think the party has not shifted to the right over the past few decades. Once nobody is watching, both parties start working towards the same goals: increasing the power of the government (especially the executive branch and law enforcement), increasing the power of corporations, and chipping away at the freedoms and protections afforded to American citizens by our constitution.
That is the true level of the idiocy of these laws.
The point is to scare people away from encryption. Get a few good examples of people winding up in prison because they used WDE, and nobody will use WDE. Governments hate the idea of citizens being able to use strong encryption. They want to be able to read everything and anything they can get their hands on.
Slashdot Mirror
That is a pretty poor measure of innovation, since it basically defines innovation by popularity. Maybe Facebook was marketed better than its competitors; would consider that to be "innovative?"
Buy "put" options. Keep in mind that these expire after some amount of time, so you have to be able to predict how quickly the price will fall. Also, I would not be so quick to assume that Facebook is overhyped; they have a lot of data that they can sell, a lot of advertising power, etc.; it is like claiming that Google is overhyped.
Is there proof of this? I thought I remembered Facebook researchers publishing a paper somewhere, but now I cannot seem to find it. Maybe everything is being done in secret, but then how would we ever know if they are innovating or just copying innovators?
I am having trouble remember what innovation we ever actually saw out of Facebook. I vaguely recall that they contributed some patches to a few open source projects, and I thought that they had done some research on distributed computing but I cannot seem to find that paper. Perhaps "past that" should be "never saw that?"
They always have the option to move to a country where the works are published lawfully.
Just like people in the USSR always had the option to move to the west?
You could set up an experiment on your own using about $20 worth of components (having access to an oscilloscope is helpful but not strictly necessary). When I was in high school, I tried to build a radio using some spare parts from my electronics class; I was not able to pick up anything intelligible, but I did pick up lots of emissions from the computer sitting on my desk. If I ran a program with a tight loop, I could actually hear the difference coming out of the speak.
This, of course, is not quite the same thing as determining bits of a secret key, but the concept is the same -- it is just a little less sophisticated. All my "radio" was was a high gain amplifier and an PLL; anyone could build such a thing. Reliably extracting crypto keys is a matter of understanding how the algorithm interacts with the hardware, and then forcing it to process plaintext or ciphertext of your choosing (e.g. by using a TLS connection to a website that you control).
The TPM can always be broken. It stores a secret key right there for you to take and use for your own purposes -- you just need to find a way to extract it from the device. Attacking the TPM is not really a crypto problem as much as it is a security engineering problem: how do you prevent people from reading data that is stored on a computer they control, while still allowing them to use that data.
This is a well known side channel attack; it is usually pretty hard to pull off for all the reasons you said, but apparently these researchers have overcome those obstacles. Usually these sorts of attacks are chosen plaintext or chosen ciphertext attacks, and you will look for particular changes in the EMI that comes out of the phone which can be correlated with the secret key. You will probably need to choose many plaintexts/ciphertexts for this attack to work, but a typical TLS session will probably be enough.
You could just ignore the law and use the Internet to route around this sort of thing. Why follow an unjust law?
Of course, when a few people are imprisoned for doing so, and the news media tells everyone else about it, people will be frightened back into conformance. That is, of course, how things are supposed to work in the free world, right?
I thought we already knew that law enforcement agencies were watching social networking websites? They have caught people because of pictures posted online in the past:
http://www.guardian.co.uk/technology/2009/oct/14/mexico-fugitive-facebook-arrest
Or people will just download their music, legally or illegally, from the most convenient source available to them.
No, because T-Mobile's policies suck too. Can't we get a decent cell phone plan in this country?
Thus explaining why schools in wealthier areas are doing better. Clearly, the fact that people can pay for private tutoring, higher teacher-to-student ratios, functional equipment and facilities, etc. has absolutely nothing to do with it.
Yes, culture matters...but money matters too.
We are finally making some progress here.
Illegal or not i'll do whatever i want with my phone
So, where do I get all the tools that geohot wrote, so that I can jailbreak my PS3?
The problem with software being illegal is that it makes it harder to get that software, which discourages people who might have done so otherwise. I have no problem finding the PS3 jailbreaking tools, but a lot of other people would. Further, do you really want hackers to be arrested, deported, and so forth just for writing or distributing such tools? Do you really want to have to go on Tor or Freenet to find them?
This is a bit like music, in that I can write a tune that has a similar melody to someone else using totally different instruments and if it is too similar the original composer can sue me and claim royalty payments. This has been the case for years.
Then almost all the music on the market today would be in violation. It all follows the same basic patterns, has similar lyrical themes, uses the same instruments, etc. Yet the RIAA has the nerve to call everyone else "thieves" for downloading music...
In an election year? Too dangerous to leave this entirely untouched. Hope for the best?
Even more dangerous to touch it. Look at how many people in the Obama administration have ties to Hollywood and the MPAA -- investigating Dodd opens the door to investigating all of them too. In fact, it basically means investigating most of the politicians in the US government; that is why we can expect nothing to happen here. We asked the mafia to cracked down on organized crime, and we should not be so naive as to think that they would actually accomplish anything.
Me too -- we are asking the mafia to crack down on organized crime here.
functional combustion engine
On the other hand, it may not be terribly hard to:
I am leaving plenty of parts out, but the fact is that an electric car has a much simpler engine than internal combustion, and 3D printers could be used to fabricate many of the non-engine/frame/electrical parts of a car. I doubt people will be fabricating farm equipment or trucks, but it is not unreasonable to think that people might fabricate a small car for city driving.
Have an SSH server somewhere, and tunnel everything through that; this is the equivalent of using a VPN. If you see host key warnings, then abort -- better than the headache of dealing with someone pwning your bank account.
That's the one thing I'm not sure of. I'm all for downloading one, but where can I get a VIN to make it street legal?
This is the least of your concerns -- people do build their own cars in garages and there are procedures in place to register those cars. The real problem with downloading a car is that Detroit will join Hollywood in attacking new technologies rather than updating their business model.
the republicans are MUCH worse. the dems are not white knights by any means, but what the repubs to do what we call american society is a travesty.
Really? Was it a Republican president whose drug policy included spreading propaganda via prime time TV by rewriting the scripts, or was it a Democrat named Bill Clinton? Did the Republicans pass and signed CALEA into law, or the Democrats? How about the latest NDAA bill that allows citizens to be imprisoned indefinitely without a trial -- was Obama being a Republican when he signed the bill? Was Chris Dodd (the one who openly admits to bribery) a Democrat or a Republican when he was a senator?
The only difference between Democrats and Republicans is the public face they put on. Republicans try to appeal to idiotic dreams about America being a Christian nation, whereas Democrats continue to appeal to liberals who think the party has not shifted to the right over the past few decades. Once nobody is watching, both parties start working towards the same goals: increasing the power of the government (especially the executive branch and law enforcement), increasing the power of corporations, and chipping away at the freedoms and protections afforded to American citizens by our constitution.
That is the true level of the idiocy of these laws.
The point is to scare people away from encryption. Get a few good examples of people winding up in prison because they used WDE, and nobody will use WDE. Governments hate the idea of citizens being able to use strong encryption. They want to be able to read everything and anything they can get their hands on.