IANAL but IMHO the best way to handle this is
reject the settlement, find a new sponsor/advertiser and factor the debt to an expert recovery company. These will Charge you about 12% off the top.
How is it that a (ghasp) lone scientist with no resources can bullseye planetary magnetic fields before the fact, but NASA (besides many other large and well-equipped organisations) are several orders of magnitude wide of the mark?
You can ignore these links they are creationist psuedo science.
Indeed politics aside, since Eire became independent in only 1922, most Southern Irish immigrants to the US actually left what was still Great Briton. So they could probably claim which ever they wanted (or possible both). I know that predating the the EU provisions, UK Citizens could work in Eire and vica-versa.
You really can't get good quality warm beer without really looking these days.Can you get any Good, without really looking these days ?
The best way to track down good real ale (beer) is through Campaign for Real Ale's Good Beer Guide.
http://www.camra.org.uk/
Irish citizenship allows you to live and work in any EU member nation without any restriction.
If you can claim citizenship, through parents/grandparents to ANY EU country, then you can work in any other EU Country.
The EU currently includes:
UK (inc Scotland, Wales & Ireland), Eire, Holland , Belgium, France, Autria, Germany, Italy, Spain, Portugal, Greece, Turkey, plus some others I can't recall from the top of my head.
In my experience managing software developers the difficulty is this: after even 10 years writing software, most programmers have no idea how long it will take them to implement a feature specification. At a higher level, most developers don't have any idea how long it will take them to develop the feature spec. in the first place. Go another step and ask them to write a test plan, and you'll discover that most developers don't even know what a test plan is.
I think these comments reflection on your [lack of] Management ability rather than your programmers [lack of] ability. If your Engineers are consistently getting their estimates this wrong, YOU must be at fault.
I can imagine the scenario; after reading the email request from your customer, you print it out and walk over to the guy's desk, hand over the print out and ask how long; you stand over him whilst he reads the email and when he gazes at the roof in though, you hit them with it. How Long ? He um's and arh a little and you repeat a question. They respond, with a figure they know will make you go away.
As you walk away, your think to yourself; these guy's always get it Wrong. So you think to your self, no he can't do it that quickly, so you double (or triple) the estimate and enter in your plan (I'm giving you the benefit of the doubt and assuming you have a plan). Some times you think it's too long; the Customer will never go for it, so lets half it, and enter that in the plan. So not only have you not given the engineer a reasonable chance to consider the question, you ignored his response.
Result, your programmers only ever make the plan by accident, and you believe programmers cannot estimate.
My team, (of which I'm the senior Engineer, not the Manager) has just made three Project plans, with time to spare and exceeded the requirement (by including lower priority deferred requirements). Now this is not because I'm (or anybody else) is some super coding or team leading guru.
It is not even difficult, it just takes discipline. Firstly we clarify and digest the requirements. We chew over the requirements, and a few implementation details, to make sure we understand them. We conduct and document the design at high level. We can usually count the function points, by now, this gives a raw estimate. We factor in detailed design, testing and integration, based on the number of function points to produce an highly accurate estimate. We factor in a contingency; all this takes a couple of days. The customer gets estimate they can believe. They even start to really listen to you, and trust your judgement.
O'Reilly have quickly growth a reputation for excellence, particularly adept at picking through all the hype & crud and producing useful books on important stuff. However here they seem to have fallen hook line and sinker for all this XP hype.
XP is NOT the awesome paradigm shift that it is made out to be by its advocates; it is NOT even that new. It's mostly just a repackaging of the RAD fad, with a few real Software Engineering ideas thrown it. It is an exercise in marketing. Those that have not come across it (or the ideas) before should read more REAL Software Engineering texts.
There are ALWAYS entropic leaks in any symmetric encryption system.
The frequencies used, the morse operators signature, the location a message was sent from is all information leaked!
In the Engima case, German Radio operators, historically trained as Morse Operators would double key 'P' or 'Q' at the start of a plain-text entered in to the enigma machine. To a Morse Operator this acts like start bit[s], and broadly means attention!). Indeed the Operators would often helpfully re-key these after encoding, when sending the Cipher text. Apparently many Sig-Int Radio Operators initially skipped recording these when the Cipher text was captured from the air waves, and when this discovery had to be specifically ordered to record what they though was useless 'junk data'.
Since the cipher text was produced from a known part of the plain-text, this could be used to help determine the rotors used.
Since the Destination and Sender of each message could normally be determined with a good degree of certainty, by other
It was also normal for German officers, largely because of their aristocratic backgrounds to start messages with long winded pleasantries, and use very formal naming and signatures, again more leaked information, in the form of known plain-text.
Pernutamtly it was not the USA who cracked Enigma, it was Code Breakers of Bletchly park, headed up by perhaps the founding father of the programmable digital computer, Alan Turing who cracked Enigma [with considerable ground work done by the Polish before the War].
Finally NCR is a Japanese company so what would they be doing cracking Enigma for the Allies ?
I'm contracted at 37.5 hours a week and work around 40 hours in a normal week, usually about 9.30am-6.00pm, the extra time comming from working extra hour (or two) about once (or twice) a week, about once or twice a month I work an day or so on a weekend.
Whilst I'm salaried staff, I am paid over-time if asked by my manager, but not if I just hang around a little extra.
This is fairly typical of all my team, I've worked in smaller software houses and they tended to 'require' longer hours, but on the whole these are farily typical for UK Software Engineers.
Now just to make a liar, So far I've worked about 68 hour this week and I'm just killing a little time before I walk out the door for a well earned rest this week-end.
I'm contracted at 37.5 hours a week and work around 40 hours in a normal week, usually about 9.30am-6.00pm, the extra time comming from working extra hour (or two) about once (or twice) a week, about once or twice a month I work an day or so on a weekend.
Whilst I'm salaried staff, I am paid over-time if asked by my manager, but not if I just hang around a little extra.
This is fairly typical of all my team, I've worked in smaller software houses and they tended to 'require' longer hours, but on the whole these are farily typical for UK Software Engineers.
Now just to make a liar, So fa I've worked about 68 hour this week and I'm just killing a little time before I walk out the door for a well earned rest this week-end.
It is catching on, big time in the Interactive Digital Tv field. However these tend to be private networks, one problem with the internet at large is that multicast support in routers and switches is patchy to say the best.
check out a cool application of this technology at www.kit.tv
Cool Application - Software Agents
on
Sun Launches JXTA
·
· Score: 2
There is more to JXTA than just p2p file transfer. I think the really interesting application of this technology is as a software agent space.
The JXTA services layer includes features that allow the agent to propergate it's self, it includes services allowing searching and indexing.
Come on we're all supposed to be hackers here, so take the hackers approach, keep them seperate, keep them quiet and use a handle/pseudo-name, a practical workable solution.
This could fall to the man-in-middle attack[1], but this can be avoid by using the conventional solutions to this attack, an interlock protocol[2] is one, signed public keys in a key public repository are another.
[1]This attack, works by intercepting the key exchange between Alice to Bob and replacing them with new keys. The message is also intercepted decrypted using the private partner of the public key we sent to Alice or Bob , and re-encrypted using the public key sent by Alice or Bob. We have the text, and Alice and Bob have also successfully exchanged the message without noticing.
[2]The interlock protocol (now this is complicated so read carefully) The key exchange occurs normally, assume 'the man' intercepts them. Alice and Bob now exchange alternate bits of the cipher text, in two parts. This is when 'the man' has a problem, he attempts to decrypt the first half, he fails, because he cannot decrypt half the message without the other half, he cannot receive the other half before he returns something. Therefore re-encrypt the true message is impossible, he has to simulate and forwards it. The second half is then exchanged, in order to ensure that his duplicity is not revealed, and his compromise is compromised. He would now need to generate the second half of the cipher text such that the total cipher text results in the same plain text. This is a computational problem of the same order of complexity as brute forcing the original key, it certainly cannot be performed during the normal latency of such a system.
Having spent several years as a tech fixing PCs, I have to say that this concept seems like it could be really awesome. Of course, I say awesome for every except me.
Call be a cynical old fossil if you like but I seem to remember this is how WE used to do things before some 'technology executive' decided to put them on the desk instead and give use all tinitus, from the noise all those fans make.
Indeed I rather enjoyed sharing a single VDU in the only air conditioned room in the building; all trying to be the first to spot the problem;
What's that from the back ?
What People are doing that again too ? you don't say! And calling it extreme programming you say ?
Well I would never have guessed it. It seems there is nothing new, even in high technology. Well I've got an New[s] idea to share with you all. Have you noticed how you can never fit the full width of a program listing on standard paper, well imagine if we made it twice as wide, we could also include feignt rulings to make it easier to scan the page.
Yeh ? What's that paperless office, let me tell you about.....
Just because something is New[s] does not make it better or actually new!
that the U.S. should just ask the Chinese to let a neutral 3rd party investigate and lay blame on the responsible party if they can find one.
IHO the Chinese will never agree, the chinese military are self evidently trying evade their responsibility for this. Detaining the US pilots is all about witholding their evidence/accounts than directly blackmail the US into accepting responsibility.
Most hollywood hacker films are not accurate, or realistic, but that's part of their charm I have enough of real computer IRL, I don't want it in the movies too.
I like Net (well why
One application of multicast-IP is broadcasting Interactive Digital Television.
- Multicast an MPEG video stream.
- Multicast the EPG information.
- Multicast interactive applications & data. Massively multi-player games, quizzes (International-Interactive "Who Wants to be a millionaire" ?)
Unicast wouldmn't work because the load on the server would be a factor of the number of consumers, multicast-IP is much more efficient.
It's possible for practically anybody to multi-cast 'Pirate' TV broadcasts, (i.e. "Eyes Only" from "Dark Angel") currently the limitation factor is not the technology, but the high bandwidth cost of content insertion, compared to the [low] numbers of people with broadband connections, to exploit the content.
Soon, real soon:)
The possibilities are awsome!
"We control the horizontal; We control of the vertical; this is the Multicast-Zone"
This is a little bit more serious than my previous post...
This cannot be right (+5 Insightful), for what is complete B*** S****.
I can think of, at least, two or three workarounds for this:
Just because you can think of something, does not mean it will work, if you'd really cracked Zero Knowledge protocols. Well; you'd better prepare to be world famous and prossibly dead, because you've got the combined might of the KGB, MI5 and CIA, Mossad, indeed every intelligence agency in the world chasing you around the globe.
In windows 9x, restart under "DOS command line only" mode, then use an hex editor after copying the.EXE and the protected file to another computer. You can also boot from a FreeDOS or Caldera DOS diskette to do this.
Game Over:
The original data is now useless, essentially 'corrupt', all because you throught you knew what you where doing, and did not. You've just copied some useless encrypted data. Well done.
Using WinICE under Windows, while executing the.EXE to "read" a file would certainly yield interesting results...
Interesting perhaps, but useless, because the whole data set and token (key) would vary every time. So all you've got is more encrypted data. Well done.
Cracking the encryption scheme is, of course, left as an exercise for the reader. But, come on, how much encryption and "security layers" can you hide in a 300 KB windows executable ?
Left to the reader because you've got absolutely no idea what you're writing about. This is about zero knowledge protocols, something you clearly know the about the same about. All you've done, is copy encrypted data multiple times, and got different data each time.
Estimated time to crack: anywhere from 24 hours to 1 month.
Guessing again. Because this would depend on the underlying hashing algorithm. Not the Zero knowlege protocol used to access it.
Repeat after me: security through obscurity does not work.
True, but this not. I suggest you do some background reading before you jump off in the deep end again.
Repeat after me: security through ego does not work either. Just because you think something is secure, or insecure does not make it so.
out there have an idea how this might be implemented?
There are several possibilities, based around what are called zero knowledge protocols in cryptography.
Essentially the chipertext become stateful, it's transformed each time it's accessed, the transformation process produces a new token each time the system is used/accessed and the new token must be used to access the data, the next time.
The correct token is must be passed into the system with the change request and the new token is returned. Any data that is accessed is actually removed from the data set, modified then resubmitted with the last token. The last token, must be used the next time, the use of the wrong token, corrupts the data, because it results in an incorrect transformation, because a one way hashing function is used, reversal is unfeasible, and tampering with the system changes it's state, therefore it also 'corrupts' the data.
neat eh:) it even amazes me.
This type of system is actually used when licencing databases, and only a very small sub-set of the data is ever used, like PAF's. It can also be used when an unchangeable audit trail is required.
A side effect is the document cannot even be 'official' copied either, it's actually removed from the system instead (where it could be copied and re-inserted). However the system would show this as a new document not the original.
I'm not sure if I see how this couldn't be circumvented by dropping in a new DLL on top of InTether that decrypts the file, but *doesn't* enforce the copy-protection scheme?
Doesn;t work like that, if the copy protection scheme is not used the 'data' become garbage rather than information.
Plus, how does it control this in the first place? Where in the Win API is this level of control possible? Sounds almost like it must replace Windows kernel calls, which would mean it's hard for it to keep pace with Windows releases...
Implemented on Windows, it would almost certainly leak information via the VM, & therefore to the disk. Unless the implementing software engineer, actually got in below windows.
Slashdot Mirror
You mean this link ... ?
http://www.2600.com/news/display.shtml?id=413
IANAL but IMHO the best way to handle this is reject the settlement, find a new sponsor/advertiser and factor the debt to an expert recovery company. These will Charge you about 12% off the top.
How is it that a (ghasp) lone scientist with no resources can bullseye planetary magnetic fields before the fact, but NASA (besides many other large and well-equipped organisations) are several orders of magnitude wide of the mark?
You can ignore these links they are creationist psuedo science.
Anyone know for sure?
Should still count because both are EU Countries.
Indeed politics aside, since Eire became independent in only 1922, most Southern Irish immigrants to the US actually left what was still Great Briton. So they could probably claim which ever they wanted (or possible both). I know that predating the the EU provisions, UK Citizens could work in Eire and vica-versa.
You really can't get good quality warm beer without really looking these days. Can you get any Good, without really looking these days ? The best way to track down good real ale (beer) is through Campaign for Real Ale's Good Beer Guide. http://www.camra.org.uk/
Irish citizenship allows you to live and work in any EU member nation without any restriction. If you can claim citizenship, through parents/grandparents to ANY EU country, then you can work in any other EU Country. The EU currently includes: UK (inc Scotland, Wales & Ireland), Eire, Holland , Belgium, France, Autria, Germany, Italy, Spain, Portugal, Greece, Turkey, plus some others I can't recall from the top of my head.
I think these comments reflection on your [lack of] Management ability rather than your programmers [lack of] ability. If your Engineers are consistently getting their estimates this wrong, YOU must be at fault.
I can imagine the scenario; after reading the email request from your customer, you print it out and walk over to the guy's desk, hand over the print out and ask how long; you stand over him whilst he reads the email and when he gazes at the roof in though, you hit them with it. How Long ? He um's and arh a little and you repeat a question. They respond, with a figure they know will make you go away.
As you walk away, your think to yourself; these guy's always get it Wrong. So you think to your self, no he can't do it that quickly, so you double (or triple) the estimate and enter in your plan (I'm giving you the benefit of the doubt and assuming you have a plan). Some times you think it's too long; the Customer will never go for it, so lets half it, and enter that in the plan. So not only have you not given the engineer a reasonable chance to consider the question, you ignored his response.
Result, your programmers only ever make the plan by accident, and you believe programmers cannot estimate.
My team, (of which I'm the senior Engineer, not the Manager) has just made three Project plans, with time to spare and exceeded the requirement (by including lower priority deferred requirements). Now this is not because I'm (or anybody else) is some super coding or team leading guru.
It is not even difficult, it just takes discipline. Firstly we clarify and digest the requirements. We chew over the requirements, and a few implementation details, to make sure we understand them. We conduct and document the design at high level. We can usually count the function points, by now, this gives a raw estimate. We factor in detailed design, testing and integration, based on the number of function points to produce an highly accurate estimate. We factor in a contingency; all this takes a couple of days. The customer gets estimate they can believe. They even start to really listen to you, and trust your judgement.
also getting all the same old responses.
Newbies: What is this, never heard of it before.
Perl hackers: WoW that's good I'll try that next.
Cynical Old C Hackers: Seen it before, next :)
Disappointed with O'Reilly
O'Reilly have quickly growth a reputation for excellence, particularly adept at picking through all the hype & crud and producing useful books on important stuff. However here they seem to have fallen hook line and sinker for all this XP hype.
XP is NOT the awesome paradigm shift that it is made out to be by its advocates; it is NOT even that new. It's mostly just a repackaging of the RAD fad, with a few real Software Engineering ideas thrown it. It is an exercise in marketing. Those that have not come across it (or the ideas) before should read more REAL Software Engineering texts.
There are ALWAYS entropic leaks in any symmetric encryption system.
The frequencies used, the morse operators signature, the location a message was sent from is all information leaked!
In the Engima case, German Radio operators, historically trained as Morse Operators would double key 'P' or 'Q' at the start of a plain-text entered in to the enigma machine. To a Morse Operator this acts like start bit[s], and broadly means attention!). Indeed the Operators would often helpfully re-key these after encoding, when sending the Cipher text. Apparently many Sig-Int Radio Operators initially skipped recording these when the Cipher text was captured from the air waves, and when this discovery had to be specifically ordered to record what they though was useless 'junk data'.
Since the cipher text was produced from a known part of the plain-text, this could be used to help determine the rotors used.
Since the Destination and Sender of each message could normally be determined with a good degree of certainty, by other
It was also normal for German officers, largely because of their aristocratic backgrounds to start messages with long winded pleasantries, and use very formal naming and signatures, again more leaked information, in the form of known plain-text.
Pernutamtly it was not the USA who cracked Enigma, it was Code Breakers of Bletchly park, headed up by perhaps the founding father of the programmable digital computer, Alan Turing who cracked Enigma [with considerable ground work done by the Polish before the War].
Finally NCR is a Japanese company so what would they be doing cracking Enigma for the Allies ?
I work in the UK for a Blue Chip company.
I'm contracted at 37.5 hours a week and work around 40 hours in a normal week, usually about 9.30am-6.00pm, the extra time comming from working extra hour (or two) about once (or twice) a week, about once or twice a month I work an day or so on a weekend.
Whilst I'm salaried staff, I am paid over-time if asked by my manager, but not if I just hang around a little extra.
This is fairly typical of all my team, I've worked in smaller software houses and they tended to 'require' longer hours, but on the whole these are farily typical for UK Software Engineers.
Now just to make a liar, So far I've worked about 68 hour this week and I'm just killing a little time before I walk out the door for a well earned rest this week-end.
I work in the UK for a Blue Chip company.
I'm contracted at 37.5 hours a week and work around 40 hours in a normal week, usually about 9.30am-6.00pm, the extra time comming from working extra hour (or two) about once (or twice) a week, about once or twice a month I work an day or so on a weekend.
Whilst I'm salaried staff, I am paid over-time if asked by my manager, but not if I just hang around a little extra.
This is fairly typical of all my team, I've worked in smaller software houses and they tended to 'require' longer hours, but on the whole these are farily typical for UK Software Engineers.
Now just to make a liar, So fa I've worked about 68 hour this week and I'm just killing a little time before I walk out the door for a well earned rest this week-end.
It is catching on, big time in the Interactive Digital Tv field. However these tend to be private networks, one problem with the internet at large is that multicast support in routers and switches is patchy to say the best. check out a cool application of this technology at www.kit.tv
There is more to JXTA than just p2p file transfer. I think the really interesting application of this technology is as a software agent space.
The JXTA services layer includes features that allow the agent to propergate it's self, it includes services allowing searching and indexing.
Come on we're all supposed to be hackers here, so take the hackers approach, keep them seperate, keep them quiet and use a handle/pseudo-name, a practical workable solution.
Yes your right, well sort of.
This could fall to the man-in-middle attack[1], but this can be avoid by using the conventional solutions to this attack, an interlock protocol[2] is one, signed public keys in a key public repository are another.
[1]This attack, works by intercepting the key exchange between Alice to Bob and replacing them with new keys. The message is also intercepted decrypted using the private partner of the public key we sent to Alice or Bob , and re-encrypted using the public key sent by Alice or Bob. We have the text, and Alice and Bob have also successfully exchanged the message without noticing.
[2]The interlock protocol (now this is complicated so read carefully) The key exchange occurs normally, assume 'the man' intercepts them. Alice and Bob now exchange alternate bits of the cipher text, in two parts. This is when 'the man' has a problem, he attempts to decrypt the first half, he fails, because he cannot decrypt half the message without the other half, he cannot receive the other half before he returns something. Therefore re-encrypt the true message is impossible, he has to simulate and forwards it. The second half is then exchanged, in order to ensure that his duplicity is not revealed, and his compromise is compromised. He would now need to generate the second half of the cipher text such that the total cipher text results in the same plain text. This is a computational problem of the same order of complexity as brute forcing the original key, it certainly cannot be performed during the normal latency of such a system.
Call be a cynical old fossil if you like but I seem to remember this is how WE used to do things before some 'technology executive' decided to put them on the desk instead and give use all tinitus, from the noise all those fans make.
Indeed I rather enjoyed sharing a single VDU in the only air conditioned room in the building; all trying to be the first to spot the problem;
What's that from the back ?
What People are doing that again too ? you don't say! And calling it extreme programming you say ?
Well I would never have guessed it. It seems there is nothing new, even in high technology. Well I've got an New[s] idea to share with you all. Have you noticed how you can never fit the full width of a program listing on standard paper, well imagine if we made it twice as wide, we could also include feignt rulings to make it easier to scan the page.
Yeh ? What's that paperless office, let me tell you about.....
Just because something is New[s] does not make it better or actually new!
sigh...
'Loss of Face' is a very Chinese concept.
do the math. & ...I live in the UK
Unlikely, in the UK we say Mathematics, not Math, which is an americanism.
Not even the UK government or the UK press have given Bush any support.
Definitely some agenda!
that the U.S. should just ask the Chinese to let a neutral 3rd party investigate and lay blame on the responsible party if they can find one.
IHO the Chinese will never agree, the chinese military are self evidently trying evade their responsibility for this. Detaining the US pilots is all about witholding their evidence/accounts than directly blackmail the US into accepting responsibility.
Everybody knows they WILL be released eventually.
Most hollywood hacker films are not accurate, or realistic, but that's part of their charm I have enough of real computer IRL, I don't want it in the movies too. I like Net (well why
Check this link out for a cool example of this technology in action. http://www.kit.tv
One application of multicast-IP is broadcasting Interactive Digital Television.
- Multicast an MPEG video stream.
- Multicast the EPG information.
- Multicast interactive applications & data. Massively multi-player games, quizzes (International-Interactive "Who Wants to be a millionaire" ?)
Unicast wouldmn't work because the load on the server would be a factor of the number of consumers, multicast-IP is much more efficient.
It's possible for practically anybody to multi-cast 'Pirate' TV broadcasts, (i.e. "Eyes Only" from "Dark Angel") currently the limitation factor is not the technology, but the high bandwidth cost of content insertion, compared to the [low] numbers of people with broadband connections, to exploit the content.
Soon, real soon :)
The possibilities are awsome!
"We control the horizontal; We control of the vertical; this is the Multicast-Zone"
This is a little bit more serious than my previous post...
This cannot be right (+5 Insightful), for what is complete B*** S****.
I can think of, at least, two or three workarounds for this:
Just because you can think of something, does not mean it will work, if you'd really cracked Zero Knowledge protocols. Well; you'd better prepare to be world famous and prossibly dead, because you've got the combined might of the KGB, MI5 and CIA, Mossad, indeed every intelligence agency in the world chasing you around the globe.
In windows 9x, restart under "DOS command line only" mode, then use an hex editor after copying the .EXE and the protected file to another computer. You can also boot from a FreeDOS or Caldera DOS diskette to do this.
Game Over:
The original data is now useless, essentially 'corrupt', all because you throught you knew what you where doing, and did not. You've just copied some useless encrypted data. Well done. Using WinICE under Windows, while executing the .EXE to "read" a file would certainly yield interesting results...
Interesting perhaps, but useless, because the whole data set and token (key) would vary every time. So all you've got is more encrypted data. Well done.
Cracking the encryption scheme is, of course, left as an exercise for the reader. But, come on, how much encryption and "security layers" can you hide in a 300 KB windows executable ?
Left to the reader because you've got absolutely no idea what you're writing about. This is about zero knowledge protocols, something you clearly know the about the same about. All you've done, is copy encrypted data multiple times, and got different data each time.
Estimated time to crack: anywhere from 24 hours to 1 month.
Guessing again. Because this would depend on the underlying hashing algorithm. Not the Zero knowlege protocol used to access it. Repeat after me: security through obscurity does not work.
True, but this not. I suggest you do some background reading before you jump off in the deep end again.
Repeat after me: security through ego does not work either. Just because you think something is secure, or insecure does not make it so.
End of transmission.
I hope so.
Any Windows-heads
Cipherpunk actually:)
out there have an idea how this might be implemented?
There are several possibilities, based around what are called zero knowledge protocols in cryptography.
Essentially the chipertext become stateful, it's transformed each time it's accessed, the transformation process produces a new token each time the system is used/accessed and the new token must be used to access the data, the next time.
The correct token is must be passed into the system with the change request and the new token is returned. Any data that is accessed is actually removed from the data set, modified then resubmitted with the last token. The last token, must be used the next time, the use of the wrong token, corrupts the data, because it results in an incorrect transformation, because a one way hashing function is used, reversal is unfeasible, and tampering with the system changes it's state, therefore it also 'corrupts' the data.
neat eh :) it even amazes me.
This type of system is actually used when licencing databases, and only a very small sub-set of the data is ever used, like PAF's. It can also be used when an unchangeable audit trail is required.
A side effect is the document cannot even be 'official' copied either, it's actually removed from the system instead (where it could be copied and re-inserted). However the system would show this as a new document not the original.
I'm not sure if I see how this couldn't be circumvented by dropping in a new DLL on top of InTether that decrypts the file, but *doesn't* enforce the copy-protection scheme?
Doesn;t work like that, if the copy protection scheme is not used the 'data' become garbage rather than information.
Plus, how does it control this in the first place? Where in the Win API is this level of control possible? Sounds almost like it must replace Windows kernel calls, which would mean it's hard for it to keep pace with Windows releases...
Implemented on Windows, it would almost certainly leak information via the VM, & therefore to the disk. Unless the implementing software engineer, actually got in below windows.
You asked for it, you get it. First, I'll explain what a one time pad is:... This is a description not a Proof!