Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×

217 comments

Sorry! There are no comments related to the filter you selected.

Great! (4, Funny)

mdechene (607874) | more than 11 years ago | (#4292673)

Now I can keep my pesky roommates out of my palms oh-so-full social calendar.

Re:Great! (4, Funny)

Soko (17987) | more than 11 years ago | (#4292709)

Now I can keep my pesky roommates out of my palms oh-so-full social calendar.

You mean right now you let *your* palm *date* your friends? Ewww....

Re:Great! (0, Offtopic)

mdechene (607874) | more than 11 years ago | (#4292723)

Hey, palms get lonely too.

Re:Great! (2)

unicron (20286) | more than 11 years ago | (#4292872)

Shit, not yours. You could see how hairy they are if you hadn't gone blind, heh-heh.

Macintosh faggots (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4292741)

How many posts have we seen about the worthless Macintosh homosexuals who are prowling our hallowed Halls of Slashdot ever since the pathetic VA Software ordered Slashdot to include an Apple section in the vain hope that this would up their revenue flow?

When on earth are the Slashdot founders going to grow some BALLS and tell VA Software, or whatever the hell they're calling themselves these days, to go POUND SAND!

VA Software is WORTHLESS and they're bringing slashdot to its knees. And Fag-intosh users are also WORTHLESS and they're dropping to THEIR knees to suck Steve "I did *not* steal *BSD, it was FREE, jackass!" Jobs' minute dick.

Attention all Macintosh users: you are worthless. You stupid computer is worthless. Please commit suicide at your earliest opportunity!

*BSD found petrified with hot grits! (0)

Anonymous Coward | more than 11 years ago | (#4292773)

Whatever happened to the stockwatch troll? Did VA [whateverthefuckitisthismonth] finally get delisted?!!

Re:Linux faggots (-1)

Grape Smuggler (569838) | more than 11 years ago | (#4292935)

How many posts have we seen about the worthless Linux homosexuals who are prowling our hallowed Halls of Slashdot ever since the pathetic VA Software ordered Slashdot to include an Apple section in the vain hope that this would up their revenue flow?

When on earth are the Slashdot founders going to grow some BALLS and tell VA Software, or whatever the hell they're calling themselves these days, to go POUND SAND!

VA Software is WORTHLESS and they're bringing slashdot to its knees. And Fag-intosh users are also WORTHLESS and they're dropping to THEIR knees to suck Steve "I did *not* steal *BSD, it was FREE, jackass!" Jobs' minute dick.

Attention all Linux users: you are worthless. You stupid computer is worthless. Please commit suicide at your earliest opportunity!

Re:Great! (5, Interesting)

Darkforge (28199) | more than 11 years ago | (#4293222)

Actually, there is a real use for widespread heavy-duty crypto, even on a PDA: encrypted money tokens.

If strong encrypted money tokens were to be implemented on a wide scale for, say, Palm PocketPC, Zaurus, and maybe a special purpose StrongARM device, you could expect to see a cheap widespread secure electronic payment mechanism that you can use for micropayments.

Aside from the novelty of buying lunch with your PDA, this could be the next step towards truly secure electronic transfers. You can say goodbye to corporate privacy violations when you can pay for your online goods with secure anonymous electronic cash.

Imagine paying your peers in a P2P system for MP3s/OGGs/whatever. Providing fat bandwidth for P2P would be a potential money-maker, not merely a labor of love. Throw in an anonymizing protocol and you're selling MP3 bandwidth online securely and untraceably; the RIAA couldn't shut you down, because there'd be no way to figure out who you were.

That's the power of widespread strong crypto, especially in small devices.

If only Pocket IE supports it... (0)

daveshih (597109) | more than 11 years ago | (#4292676)

And the chances of that happenning is ....

Re:If only Pocket IE supports it... (1)

Mr.T1 (607832) | more than 11 years ago | (#4292756)

What's the titel of that Eagles record again??

Re:If only Pocket IE supports it... (0)

Anonymous Coward | more than 11 years ago | (#4293038)

The Very Best of the Eagles.

Is this the same as featured before? (1)

Digitalia (127982) | more than 11 years ago | (#4292678)

This isn't the encryption scheme mentioned previously, when Slashdot reported that a distributed project has almost "broken" the scheme, is it?

Re:Is this the same as featured before? (1)

bsharitt (580506) | more than 11 years ago | (#4292748)

That may be why Sun is getting rid of it.

Re:Is this the same as featured before? (2)

plcurechax (247883) | more than 11 years ago | (#4292860)

This isn't the encryption scheme mentioned previously, when Slashdot reported that a distributed project has almost "broken" the scheme, is it?

If you mean the recent article in the last week. No.

The recent /. article was a pointer to Schneier's Sept 2002 Crypto-gram [counterpane.com] about an academic weakness in AES [nist.gov] .
It's academic in that it is not possible to break (at present time, and oh the next hundred years) in real-life.

Re:Is this the same as featured before? (3, Informative)

AndersM (32304) | more than 11 years ago | (#4293097)

No... But there is a distributed project [nd.edu] out there working very hard to crack it - but so far elliptic curve encryption holds out...

By the way, Ars Technica has a team [teamvodkamartini.net] working hard on this project, and they I'm sure they'd like some help... ;-)

This rocks (0)

Anonymous Coward | more than 11 years ago | (#4292679)

Yay encryption rulez! go SUN

Re:This rocks (1)

Ztyx (604412) | more than 11 years ago | (#4293040)

Yeah, sometimes I just love Sun!

first post? (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4292682)

Not this time i guess? Or is it so?
The Clit sucks ass niggaz!

Sun Rocks... (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4292683)

Kick ass...

Wow that's amazing! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4292686)

*BSD is still dying though.

BSD?? (0)

Anonymous Coward | more than 11 years ago | (#4292691)

Is this only for PDA's running xBSD?

Re:BSD?? (0)

Karamchand (607798) | more than 11 years ago | (#4292828)

didn't openssl come from openbsd..? a bit like openssh?

lwn (-1, Offtopic)

Karamchand (607798) | more than 11 years ago | (#4292707)

..had this some time ago already. Well, you shouldn't count on general-news-media as your primary sources :-)

It's not really that surprising (5, Insightful)

bsharitt (580506) | more than 11 years ago | (#4292708)

Sun is basically "arming the rebels" so they can better fight Microsoft. Even though they may have other motives, it's nice of them anyway.

Re:It's not really that surprising (0)

Anonymous Coward | more than 11 years ago | (#4292919)

And themselves considering Sun ships ssh based on openssh on Solaris9 which naturally links to openssl.

Re:It's not really that surprising (2, Interesting)

cpeterso (19082) | more than 11 years ago | (#4293022)


Sun should watch out for blowback from these rebels. Look what happened when the US CIA funded, armed, and trained Saddam Hussein and Usama bin Laden.

In all seriousness, if the open source desktop succeeds, who is more likely to profit, Sun or Dell?

Re:It's not really that surprising (3, Funny)

SquadBoy (167263) | more than 11 years ago | (#4293274)

IMHO Sun because with the new workstations they are making you can get a Sun for the same price or less than a Dell. And *never* underestimate the power of "Geek Cool". And just how cool it is to have a Sun and just how uncool it is to have a Dell. :)

Re:It's not really that surprising (1)

Mushy (143625) | more than 11 years ago | (#4293147)

Do you really have to see a conspiracy in everything? Or is it out of fear for posting on here that you have to say something negative before you can say anything positive about any issue?

Re:It's not really that surprising (4, Interesting)

Billly Gates (198444) | more than 11 years ago | (#4293208)

"Sun is basically "arming the rebels""



No. I think it this move was designed to improve Apache's security and make it a greater e-commerce tool on solaris( and unix). Sun relizes that more sun webservers use apache then Iplanet so they are donating the code to openssl since apache uses it by default. And not to just attack Microsoft. However I do question the timing since newly discovered ssl flaw recently in IIS/IE is making headline news and CIO's nervous.

Something like this may have an impact in e-commerce purchasing decisions. .NET has made alot of hype and headway into the ecommerce market because its so easy to write a vb.net ecommerce site these days. In VB.NEt you can declare a subroutine as a webservice or applet(never used it but seen it)and it instantly becomes a servlet. This is something Sun has to fight. Windows Developers are really rallying upon .NET because thats all they know. Same reason why SQL-Server is getting popular. With palladium security will be a non issue so who knows what will happen. I do not see how sun could fight this unless use the more open TCPA [trustedpc.org] standard. At least that one is not owned by Microsoft like palladium.

bah. (0)

Anonymous Coward | more than 11 years ago | (#4292716)

cryptix.org has ECC for a while now as free code.

Ugggh.. (2)

unicron (20286) | more than 11 years ago | (#4292725)

I hate you bastards..get my curiosity flowing, now I get the waste the rest of the work day reading this [amazon.com] I encrypted something on my pda once..then tossed it out. Rather unorthidox method of the onetime pad cypher, I know, but hey.

Ugggh::Evil-Dick Cheney @# +2; Patriotic #@ (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4293006)

I am writing to express my concerns about Dick Cheney and, more specifically, his goals regarding intemperate hatemongers. Let's start with my claim that Cheney intends to create a new social class. Repugnant champions of deceit, lies, theft, plunder, and rapine, yawping, shabby windbags, and incompetent spoilsports will be given aristocratic status. The rest of us will be forced into serving as their representatives. If you understand that a true enemy is better than a false friend, then you can comprehend that he argues that I am fork-tongued for wanting to expose his memoirs for what they really are. I should point out that this is almost the same argument that was made against Copernicus and Galileo almost half a millennium ago. Cheney's opinions deserve to be criticized because they separate people from their roots and cut their bonds to their natural communities. Wouldn't it be wonderful if we lived in a world without indecent buffoons? Stoicism doesn't work. So why does Cheney cling to it? It is only when one has answers to that question is it possible to make sense of Cheney's biases, because the reason Cheney wants to impugn the patriotism of his opponents is that he's entirely power-hungry. If you believe you have another explanation for his moonstruck behavior, then please write and tell me about it. I know very few closed-minded goof-offs personally, but I know them well enough to surmise that he says he's going to spew forth ignorance and prejudice by the end of the decade. Is he out of his ostentatious mind? The answer is fairly obvious when you consider that I recently heard him tell a bunch of people that all literature which opposes McCarthyism was forged by dirty, pesky carpetbaggers. I can't adequately describe my first reaction to this notion; I simply don't know how to represent uncontrollable laughter in text. And if you think that the average working-class person can't see through Cheney's chicanery, then you aren't thinking very clearly. It may be obvious but should nonetheless be acknowledged that griping about Cheney will not make him stop trying to worsen an already unstable situation. But even if it did, he would just find some other way to pamper impudent careless-types. I cannot simply sit idly by while patronizing, neurotic turncoats resort to underhanded tactics. Period, finis, and Q.E.D. The simple, regrettable truth is that Cheney's quixotic outbursts leave the current power structure untouched while simultaneously killing countless children through starvation and disease. Are these children his enemies? The answer is not obvious, because his ideas are not witty satire, as Cheney would have you believe. They're simply the disrespectful ramblings of someone who has no idea or appreciation of what he's mocking. Whenever he tries to help noisome fugitives evade capture by the authorities, so do beer-guzzling, saturnine astrologers. Similarly, whenever he attempts to abandon me on a desert island, dishonest, belligerent menaces typically attempt the same. I do not seek to draw any causal scheme from these correlations. I mention them only because he wants nothing less than to ridicule, parody, censor, and downgrade opposing ideas. His vassals then wonder, "What's wrong with that?" Well, there's not much to be done with violent slaves to fashion who can't figure out what's wrong with that, but the rest of us can plainly see that most of you reading this letter have your hearts in the right place. Now follow your hearts with actions. Time has only reinforced that conviction. You might contend I'm telling you this because I like to beat up on Cheney. Really, that isn't my principal reason. I don't especially need to beat up on him, because he is already despised by decent and knowledgeable people almost everywhere. Think about that for a moment. His confreres are unified under a common goal. That goal is to make empty promises. This seems so obvious, I am amazed there is even any discussion about it. Cheney is penny wise and pound foolish. Okay, that's a slight exaggeration, but you get the drift. He does not want to besmirch the memory of some genuine historic figures because he is confused, doctrinaire, crass, and self-deceiving (though,granted, Cheney is all of the aforementioned), but rather because Cheney's idiotic claim that everything he says is utterly and completely true is just that, an idiotic claim. His lieutenants claim that "anyone who disagrees with Cheney is ultimately daft." First off, that's a lousy sentence. If they had written that I suspect that people who work with Cheney's satraps discredit themselves, then that quote would have had more validity. As it stands, I cannot compromise with Cheney; he is without principles. I cannot reason with him; he is without reason. But I can warn him, and with a warning he must undeniably take to heart: It strikes me as amusing that Cheney complains about people who do nothing but complain. Well, news flash! He does nothing but complain. Statements like, "The odds are more than ten to one that it is undeniable by anyone but recalcitrant junkies that Cheney has no evidence or examples to back up his point" accurately express the feelings of most of us here. I guess that my take on this is that when the waragainst reason is backed by a large cadre of blathering killjoys, the results are even more ossession-obsessed. Excuse me; that's not entirely correct. What I meant to say is that the main dissensus between me and Cheney is that I insist that Cheney, like many other crapulous degenerates, has joined in with the chorus of furies who have been tearing away at the remains of rationality since the dawn of Derrida. He, on the other hand, contends that a book of his writings would be a good addition to the Bible. He is like a stray pigeon. Pigeons are too self-absorbed to care about anyone else. They poo on people they don't like; they poo on people they don't even know. The only real difference between Cheney and a pigeon is that Cheney intends to overthrow all concepts of beauty and sublimity, of the noble and the good, and instead drag people down into the sphere of Cheney's own base nature. That's why his policies are a load of bunk. I use this delightfully pejorative term, "bunk" -- an alternative from the same page of my riminal-slang lexicon would serve just as well -- because he not only lies, but he brags about his lying to his buddies. We must reach the broadest possible audience with the message that Cheney's words have served as a powerful weapon with which prissy loonies can galvanize a snivelling hysteria, a large-scale version of the nettlesome mentality that can put political correctness ahead of scientific rigor. Only then can a society free of his hateful perceptions blossom forth from the roots of the past. And only then will people come to understand that his bootlickers are too lazy to focus on the major economic, social, and political forces that provide the setting for the expression of a duplicitous agenda. They just want to sit back, fasten their mouths on the public teats, and casually forget that I appreciate feedback and other people's views on subjects. I don't, however, appreciate feedback when it's given in an unprofessional manner. I don't know whether or not you've ever been physically present at a public demonstration by Cheney's rank-and-file followers, but let me tell you, they're pretty fatuous. Easy as it may seem to stick to the facts and offer only those arguments that can be supported by those facts, it is far more difficult to break the mold and stray from the path of conventional wisdom. Cheney maintains that he has been robbed of all he does not possess. This is hardly the case. Rather, there is growing evidence that says, to the contrary, that I wonder if he really believes the things he says. He knows they're not true, doesn't he? Any honest person who takes the time to think about that question will be forced to conclude that every time he utters or writes a statement that supports communism -- even indirectly -- it sends a message that he is omnipotent. I maintain we mustn't let him make such statements, partly because he must think that the world has no memory, but primarily because prudence is no vice. Cowardice -- especially his stupid form of it -- is. Before Cheney spews any more psychoanalytical drivel, let me assure him that I sometimes ask myself whether the struggle to express my views is worth all of the potential consequences. And I consistently answer by saying that he plans to produce a new generation of out-of-touch meatheads whose opinions and prejudices, far from being enlightened and challenged, are simply legitimized. He has instructed his deputies not to discuss this or even admit to his plan's existence. Obviously, Cheney knows he has something to hide. I sincerely have a hard time trying to reason with people who remain calm when they see Cheney hold annual private conferences in which sex-crazed swaggerers are invited to present their "research". His editorials manifest themselves in two phases. Phase one: obliterate our sense of identity. Phase two: practice human sacrifice on a grand scale in some sort of venal death cult. This is equivalent to saying that I stand by what I've written before, that I once managed to get Cheney to agree that it's amazing that wayward mountebanks like him still exist in this day and age. Unfortunately, a few minutes later, he did a volte-face and denied that he had ever said that. "Tolerance" means tolerance of all, not only of a select few, but given the way things are these days, we must remember that some of us have an opportunity to come in contact with testy lowbrows on a regular basis at work or in school. We, therefore, may be able to gain some insight into the way they think, into their values; we may be able to understand why they want to dress up Cheney's profit motive in the cloak of selfless altruism. Cheney's philosophies have been a millstone around our neck for quite some time. But there's the rub; one could truthfully say that Cheney uses good motives as a cover for evil ones. But saying that would miss the real point, which is that if you read his writings while mentally out of focus, you may get the sense that governments should have the right to lie to their own subjects or to other governments. But if you read Cheney's writings while mentally in focus and weigh each point carefully, it's clear that he is driving me nuts. I can't take it anymore! I've heard of cynical things like particularism and exhibitionism. But I've also heard of things like nonviolence, higher moralities, and treating all beings as ends in and of themselves -- ideas which Cheney's ignorant, unthinking, predaceous brain is too small to understand. One of Cheney's former mercenaries, shortly after having escaped from Cheney's iron veil of monolithic thought, stated, "Cheney has no table manners." This comment is typical of those who have finally realized that Cheney often recruits featherbrained extremists who bring to Cheney's cause new energy and a willingness to destabilize society. Don't make the mistake of thinking otherwise. Cheney does, and that's why we were put on this planet to be active, to struggle, and to discuss the advantages of two-parent families, the essential role of individual and family responsibility, the need for uniform standards of civil behavior, and the primacy of the work ethic. We were not put here to infantilize and corrupt the general public, as Cheney might feel. A final note: Interventionism is correctly defined by its snooty style, structure, and methods, not by its stated or apparent ideological premises or goals.

Shouldn't this be placed under a different section (4, Interesting)

questionlp (58365) | more than 11 years ago | (#4292736)

Although I use and keep up with the BSD side of things, but I think this affects the entire open source community as a whole, including xBSD, Linux, Apache+SSL, and gobs of other software that utilizes SSL for security.

Nonetheless, it is great to see Sun contributing back to the community.

This does bring up one question in my mind though... could this be used in SSL acceleration cards to improve the effiency of the SSL 'processor' (i.e.: keep the same performance level while reducing the amount of power necessary)?

Re:Shouldn't this be placed under a different sect (1)

bsharitt (580506) | more than 11 years ago | (#4292863)

Nonetheless, it is great to see Sun contributing back to the community.

Now let's see if we can get the to contibute Solaris to the community.

Re:Shouldn't this be placed under a different sect (1)

questionlp (58365) | more than 11 years ago | (#4292886)

... that and an unrestricted version of Solaris 9 for x86 (unrestricted meaning that it can be purchased/downloaded and used on non-Sun hardware) that supports more more hardware than what Solaris 8 supports.

Re:Shouldn't this be placed under a different sect (1)

bsharitt (580506) | more than 11 years ago | (#4292924)

But if they would release it under an open source license, the best of Solaris could be mixed with the best of Linux. Not to mention one of the real unixes as open source would be neat.

Re:Shouldn't this be placed under a different sect (0)

Anonymous Coward | more than 11 years ago | (#4292899)

OpenSSL is written by the OpenBSD people.

Therefore, the correct section is BSD.

Re:Shouldn't this be placed under a different sect (1)

questionlp (58365) | more than 11 years ago | (#4292972)

I know that OpenSSH is maintained and developed primarily by OpenBSD developers, but I thought that OpenSSL was separate from OpenBSD.

Re:Shouldn't this be placed under a different sect (4, Interesting)

JDizzy (85499) | more than 11 years ago | (#4292998)

OpenSSL is not the child of OpenBSD, nor a cousin of OpenSSH. OpenSSL is an independant project.

OpenSSH is a baby of openBSD, and OpenSSH depends on OpenSSL.

The Eliptic curve stuff was donated to OpenSSH team, not the OpenSSL group. So dreaming about this in your ssl accelerated card of the future is a bit silly. However, if openSSH team open sources the tech, and that tech is under bsd lisence, then maybe it will work its way down into the chip makers crypto designes.

Re:Shouldn't this be placed under a different sect (1)

questionlp (58365) | more than 11 years ago | (#4293235)

Blockquoth the poster:
The Eliptic curve stuff was donated to OpenSSH team, not the OpenSSL group.
You may want to re-read the News.com article again as the code was donated to the OpenSSL group, NOT the OpenSSH group.

Blockquoth the News.com article [com.com]

The Santa Clara, Calif.-based server seller donated the technology to the OpenSSL project, a programming group that makes an open-source version of the Secure Sockets Layer (SSL) encryption system.

Wrong. OpenSSL != OpenSSH (5, Informative)

plcurechax (247883) | more than 11 years ago | (#4293065)

OpenSSL is written by the OpenBSD people

Not quite.

OpenSSL is maintained by OpenSSL core members: Ralf S. Engelschall, Ben Laurie, Mark J. Cox, Dr. Stephen Henson, and others developers. [openssl.org]

OpenSSH was written by OpenBSD members (Theo de Raadt, Niels Provos, Markus Friedl, Dug Song, and others). OpenSSH uses OpenSSL as a cryptographic library source (it is highly optimized for many processors).

Re:Shouldn't this be placed under a different sect (2)

plcurechax (247883) | more than 11 years ago | (#4292907)

could this be used in SSL acceleration cards to improve the effiency of the SSL 'processor'

Unlikely in presently deployed accelerator cards, since AFAIK most (Rainbow CryptoSwift [rainbow.com] and nCipher [ncipher.com] ) are based on custom hardware chips (FPGA and the likes) which do mainly RSA key setup which is the really slow part of establishing a SSL session. I believe several of the cards do not even do any symmetric (i.e. RC4, 3DES) acceleration because it isn't worth it.

*BSD is dying (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4292740)

It is official; Netcraft now confirms: *BSD is dying

One more crippling bombshell hit the already beleaguered *BSD community when IDC confirmed that *BSD market share has dropped yet again, now down to less than a fraction of 1 percent of all servers. Coming on the heels of a recent Netcraft survey which plainly states that *BSD has lost more market share, this news serves to reinforce what we've known all along. *BSD is collapsing in complete disarray, as fittingly exemplified by failing dead last [samag.com] in the recent Sys Admin comprehensive networking test.

You don't need to be a Kreskin [amazingkreskin.com] to predict *BSD's future. The hand writing is on the wall: *BSD faces a bleak future. In fact there won't be any future at all for *BSD because *BSD is dying. Things are looking very bad for *BSD. As many of us are already aware, *BSD continues to lose market share. Red ink flows like a river of blood.

FreeBSD is the most endangered of them all, having lost 93% of its core developers. The sudden and unpleasant departures of long time FreeBSD developers Jordan Hubbard and Mike Smith only serve to underscore the point more clearly. There can no longer be any doubt: FreeBSD is dying.

Let's keep to the facts and look at the numbers.

OpenBSD leader Theo states that there are 7000 users of OpenBSD. How many users of NetBSD are there? Let's see. The number of OpenBSD versus NetBSD posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 NetBSD users. BSD/OS posts on Usenet are about half of the volume of NetBSD posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts.

Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over to yet another charnel house.

All major surveys show that *BSD has steadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS dilettante dabblers. *BSD continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, *BSD is dead.

Fact: *BSD is dying

Stephen King, author, dead at 54 (-1, Troll)

Anonymous Coward | more than 11 years ago | (#4292759)

I just heard some sad news on talk radio - Horror/Sci Fi writer Stephen King was found dead in his Maine home this morning. There weren't any more details. I'm sure everyone in the Slashdot community will miss him - even if you didn't enjoy his work, there's no denying his contributions to popular culture. Truly an American icon.

Get some PRIORITIES! (-1, Troll)

Anonymous Coward | more than 11 years ago | (#4292778)

The worst terrorist attack in recorded history occurred over a year ago, followed by a Holy War against Islam, and now Israel and the Palestinians as well as India and Pakistan are teetering on the brink of their own war, Argentina is in the midst of a financial crisis, America is considering launching attacks against Somalia and Iraq, and you people have the gall to be discussing OpenSSL???? My *god*, people, GET SOME PRIORITIES!

The bodies of the thousands of innocent civilians who died (and will die) in these unprecedented events could give a good god damn about OpenSSL, your childish Lego models, your nerf toy guns and whining about the lack of a "fun" workplace, your Everquest/Diablo/D&D fixation, the latest Cowboy Bebop rerun, or any of the other ways you are "getting on with your life" (here's a hint: watching Cowboy Bebop in your jammies and eating a bowl of Shreddies is *not* "getting on with your life"). The souls of the victims are watching in horror as you people squander your finite, precious time on this earth playing video games!

You people disgust me!

Re:Get some PRIORITIES! (1)

wizardmax (555747) | more than 11 years ago | (#4293002)

We are techs/geeks, thats what we do. We don't politicize or make war! We do what we are best at.

Re:Get some PRIORITIES! (0)

Anonymous Coward | more than 11 years ago | (#4293196)

Like bite on really stupid trolls?

When cryptography is outlawed, (2, Insightful)

SHEENmaster (581283) | more than 11 years ago | (#4292784)

newlmsy akhtswnd whss adna nwsufaclanw!

Re:When cryptography is outlawed, (0, Offtopic)

unicron (20286) | more than 11 years ago | (#4292831)

I got 18 "cows" working on that right now, with ya in a sec.

Kudos to Sun (1)

ebuck (585470) | more than 11 years ago | (#4292789)


Another fine donation by Sun. Congratulations to them for the offering.

*BSD is dying (-1, Troll)

Anonymous Coward | more than 11 years ago | (#4292797)

It is official; Netcraft now confirms: *BSD is dying

One more crippling bombshell hit the already beleaguered *BSD community when IDC confirmed that *BSD market share has dropped yet again, now down to less than a fraction of 1 percent of all servers. Coming on the heels of a recent Netcraft survey which plainly states that *BSD has lost more market share, this news serves to reinforce what we've known all along. *BSD is collapsing in complete disarray, as fittingly exemplified by failing dead last [samag.com] in the recent Sys Admin comprehensive networking test.

You don't need to be a Kreskin [amazingkreskin.com] to predict *BSD's future. The hand writing is on the wall: *BSD faces a bleak future. In fact there won't be any future at all for *BSD because *BSD is dying. Things are looking very bad for *BSD. As many of us are already aware, *BSD continues to lose market share. Red ink flows like a river of blood.

FreeBSD is the most endangered of them all, having lost 93% of its core developers. The sudden and unpleasant departures of long time FreeBSD developers Jordan Hubbard and Mike Smith only serve to underscore the point more clearly. There can no longer be any doubt: FreeBSD is dying.

Let's keep to the facts and look at the numbers.

OpenBSD leader Theo states that there are 7000 users of OpenBSD. How many users of NetBSD are there? Let's see. The number of OpenBSD versus NetBSD posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 NetBSD users. BSD/OS posts on Usenet are about half of the volume of NetBSD posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts.

Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over to yet another charnel house.

All major surveys show that *BSD has steadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS dilettante dabblers. *BSD continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, *BSD is dead.

Fact: *BSD is dying

Good for more then PDA's (3, Insightful)

afidel (530433) | more than 11 years ago | (#4292804)

Since there is no known weakening from quantum computers of elyptic curve cryptosystems EC's may well be better for long term cryptography, even on supercomputers. Since it is pretty well known that the massive parallelism of quantom computers will greatly increase the ability of future systems to factor large numbers more traditional cyphers will be under more pressure.

Re:Good for more then PDA's (1, Informative)

Anonymous Coward | more than 11 years ago | (#4292976)

there is no known weakening from quantum computers of elyptic curve cryptosystems

Huh? "Using the Quantum Computer to Break Elliptic Curve Cryptosystems" [nec.com]

Re:Good for more then PDA's (5, Informative)

jbrandon (603700) | more than 11 years ago | (#4293024)

That's just not true; Shor's algorithm transfers quite nicely to solving what is essentially the discrete log problem in a group. IOW: Elliptic curve cryto is not any safer. See This [nec.com]

elliptic curves? (1)

crm114 (586020) | more than 11 years ago | (#4292810)

what about the Taniyama-Shimura conjecture? If openSSL would include that with elliptic curves we could solve Fermat's last theorem on our PDA's...

Re:elliptic curves? (1)

dollargonzo (519030) | more than 11 years ago | (#4292859)

but since they are modular, we could also use them for traditional pgp style encryption, no? instead of symmetric keys, you could use a public key.

Re:elliptic curves? (3, Insightful)

plcurechax (247883) | more than 11 years ago | (#4292980)

but since they are modular, we could also use them for traditional pgp style encryption, no? instead of symmetric keys, you could use a public key.

SSL and PGP (or preferrably the newer OpenPGP [openpgp.org] ) standard both use a hybrid scheme which uses both asymmetric and symmetric encryption algorithms.

If you mean could elliptic curves schemes (ECDLP, ECDSA, ECDH) be used in OpenPGP as well as SSL/TLS; then yes as long as it was added to the OpenPGP standards [ietf.org] which I don't think includes ECC yet but has spaces reserved for future ECC use.

so now (1)

frodo from middle ea (602941) | more than 11 years ago | (#4292814)

so now do we hate sun or love sun ?

Re:so now (2)

unicron (20286) | more than 11 years ago | (#4292905)

I don't know, I wrote the anwser in my pda but the encrpytion is too rough, can't get back in.

Re:so now (0)

Anonymous Coward | more than 11 years ago | (#4293078)

We make our own independent opinons and think for ourselfs in this question and in many others. This way we contribute more than being a sheep in the flock.

Yay for SUN (-1, Flamebait)

Anonymous Coward | more than 11 years ago | (#4292816)

Good for SUN. SUN has always been a technology leader starting with SunOS which was based on 4.2BSD and SUN continues to contribute to the BSD and free source legacy of BSD today. One can only hope that SUN will switch its Cobalt division over to the technologically superior BSD soon.

hi 2 u their (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4292862)

ãÑÍÈÇ ... hi 2 u their :))

Offering from large companies (5, Interesting)

phorm (591458) | more than 11 years ago | (#4292864)

Has anybody noticed a trend lately of large corporations or companies making offers to the public source movements. Is this a play between them for notice, or are they finally starting to figure out that it's better to play nice with open source than fight against it?

Re:Offering from large companies (2)

Deagol (323173) | more than 11 years ago | (#4292963)

My guess is that they benefit by being able to offload development of key libraries to willing, competent developers. Why should Sun waste time on their own crypto library when there's the OpenSSL group writing and debugging code and there are many more trying to find weaknesses in it?

The gesture isn't alturistic, I'm sure. Still, everyone benefits. Sun gets kudos for helping a project that is held highly by everyone else, and the project gets another algorithm under its hood.

Re:Offering from large companies (2, Interesting)

chris_mahan (256577) | more than 11 years ago | (#4293028)

You know the old saying: If you can't beat them, join them?

Well, any corporation can be beat if they screw up. Sun's stock hovers around 3 and Oracle is scraping by at 9. MSFT would have gone down with them had they not been aggressively buying their own shares to prop up the price. ( I fear they too will tank in time--yay)

Rather, open source developers can't be beat. You can't sue them, fire them, or force them one way or another. If one gets disgruntled about life and everything, five more rise to the occasion (with appropriate amount of bickering--but no ones dies of bickering... ni! ni! ni! ).

This, I think, is a perfect case of: Since they (the Corps) can't beat us (the OS Devs) they're joining us.

I just hope we don't jump on the bandwagon wholesale. Their evil ways are insidious, promising riches and glory,capitalism style, but lead straight down the Road to Perdition to the Bankruptcy Court.

Harken thee: inspect the mouth of the gift horse. (translation: watch your back OSS)

Re:Offering from large companies (1, Interesting)

Anonymous Coward | more than 11 years ago | (#4293266)

It is about compromising complementary businesses.

Sun's views their business as servers, and big iron, places where linux is not really making such strong inroads. Mega-servers are still dominated by big iron.

So, having as much client competition as possible makes sense. So, good crypto on the client increases client competition, and weakens Microsoft's hold on it.

All Sun really needs is for linux to be a serious client competitor. Then the focus shifts to the server, where Sun dominates other companies.

You could see Microsoft use this strategy when they maintained rights to DOS after licensing to IBM. They licensed DOS to all hardware manufacturers, to make them compete. Hardware became a tough business, and Microsoft got a monopoly.

it's all strategy (3, Insightful)

g4dget (579145) | more than 11 years ago | (#4293293)

Companies give software away for many reasons: PR, establishing standards, driving competitors out of the market, and hurting competitors financially are among them. Sharing development efforts may be as well, but usually is not. Sometimes such strategies are combined with "dual licensing schemes", where open source is used to gain a foothold in a commercially meaningless part of the market to prop up a product that otherwise wouldn't be competitive.

Not all such gifts are useful for the recipient, and some are genuinely harmful to the interests of open source users. So, do look a gift horse in the mouth, or you may be stuck with large vet bills otherwise.

This one seems harmless if it is on unpatented technology, or if the patents are free for use by open source.

Certicom SecureMemo? (1)

hey you, it's me (603035) | more than 11 years ago | (#4292871)

When I first got my Visor, a co-worker sent me an app he had been using to encrypt passwords and such. It was called Certicom SecureMemo. To set it up, you would drag your stylus in circles (elliptic curves), and it would generate a key based on this. Now, my question is, doesn't this imply that this technology is already implemented on Palm? Given, it's not OSS, but it is there.

Unfortunately, I think Certicom pulled the app from their site. Nice app.

Re:Certicom SecureMemo? (1)

lamp77 (147098) | more than 11 years ago | (#4293099)

I'm pretty sure it does not imply this, no.

your drawing was likely just random input.

Re:Certicom SecureMemo? (1)

bo-eric (263735) | more than 11 years ago | (#4293107)

My guess is that the "elliptic curves" you drew were used to create random numbers, like when you are asked to type random stuff when generating gpg keys. The elliptic curves in Diffie-Hellman are just there as part of the mathematical problem that makes the cipher difficult to decode. The curves there are huge - nothing you could draw on-screen (more like with radii on the order of 2**1024). So no, that does not necessarily imply that they used the same cipher.

Re:Certicom SecureMemo? (1)

AndersM (32304) | more than 11 years ago | (#4293130)

I'm no expert, but my guess would be that the "drag your stylus about" part was almost certainly just random number generation, and the crypto just, well, plain crypto...

Elliptic Curves refer to a set of mathematics... Here's a FAQ! [inria.fr]

Re:Certicom SecureMemo? (0)

Anonymous Coward | more than 11 years ago | (#4293162)

Totally different. You're way off. Although that Palm program sounds neato.

Re:Certicom SecureMemo? (1)

BigBadBri (595126) | more than 11 years ago | (#4293179)

Mod parent up - should be 5-funny.

Unless of course s/he means it...

GOD DAMN YOU'RE STUPID!!! (0)

Anonymous Coward | more than 11 years ago | (#4293247)

did yo momma drop u on ur head when u was a little rugrat worm you stupid piece of shit... go fuck off yourself u fucking scumbag

Please say it's patented.. (2, Flamebait)

GauteL (29207) | more than 11 years ago | (#4292902)

.. and that they have given a irreversible distribution right for free software, so that its usable on free software but not for proprietary software unlicensed by SUN.

Or... was that a rather evil thought? I'm not sure anymore, I'm so blinded by my zealotism.

Re:Please say it's patented.. (2)

Wesley Felter (138342) | more than 11 years ago | (#4292985)

IIRC, it's patented, but not by Sun.

Re:Please say it's patented.. (0)

Anonymous Coward | more than 11 years ago | (#4293102)

Mod parent up!

(Or unpatented, of course).

I believe the patenting thing is

holding up ECC supporting in e.g. FreeS/WAN.

Re:Please say it's patented.. (0)

Anonymous Coward | more than 11 years ago | (#4293110)

I'm not sure anymore, I'm so blinded by my zealotism.

Zealotism? Is that some sort of degenerative eye disorder? Perhaps those new bionic eyes they are making will fix that for you.

Re:Please say it's patented.. (1)

wfmcwalter (124904) | more than 11 years ago | (#4293232)

Some specific eliptic-curve crypto is patented, but the idea in general isn't:

See our helpful friends (ahem) down at RSA [rsasecurity.com] . Dan Bernstein has more here [cr.yp.to] .

Re:Please say it's patented.. (1)

Claric (316725) | more than 11 years ago | (#4293298)

Seeing as Diffie works for Sun I think that this probably isn't an issue.

C

Nice - but is it really necessary? (1)

theskov (556173) | more than 11 years ago | (#4292921)

Doesn't most hand-helds have more than enough processing power for encryption? Since you don't have broadband connections, the highest possible pressure on the processor is to encrypt/decrypt 56 kbit/s. With f.ex. 233 MHz, that's around 30 MHz pr. kbyte. And if you're encrypting financial transactions the amount of data transfered is very, very small.

The article cites that current encryption technology is based on 17th and 18th century mathematics - so is quite a lot of other things that work very well indeed. Mathematics don't deteriorate.

Of course this is a Good Thing (tm), but I honestly don't think that many people will ever notice a difference.

Re:Nice - but is it really necessary? (2)

plcurechax (247883) | more than 11 years ago | (#4293032)

Doesn't most hand-helds have more than enough processing power for encryption?

Most high end PDAs do for file encryption, but as increased demand for WTLS (Wireless TLS), "wireless speed" encryption for high speed GPRS/Bluetooth/802.11/1X networking applications. Applications like online wireless betting or online wireless reservations need better (read: quick) security in PDAs and mobile phones, which have less powerful processors.

Just what was donated? (2)

Deagol (323173) | more than 11 years ago | (#4292931)

I read the article, but "technology" was the only thing I read was "donated". WTF does that mean? Did they give them reference code with a GPL (or whetever the OpenSSL library uses)? Did they give up patent rights to the method? The article didn't explain just what the OpenSSL folks got.

8-10 years from now? (2)

NerveGas (168686) | more than 11 years ago | (#4292950)


Supposedly, this offers encryption with less computational demand. And, supposedly, it's not going to be in use for 5 to 10 years.

If that's the case, my quesion is this: Why bother? Moore's law says that in the 10 years that it will take to get this implemented, CPU's will be *64 times faster* than they are today.

Just think: "Wow! With this new encryption technology, encrypted 100 megabit networking only takes 0.05% of my processer instead of 0.1%!"

steve

Re:8-10 years from now? (1)

Colin Bayer (313849) | more than 11 years ago | (#4293113)

Wrong. Moore's Law states that (barring physical laws), the number of transistors on a square unit of substrate will double every 6 months. The number of transistors does not necessarily have a linear correlation to clockspeed.

Re:8-10 years from now? (2)

Junta (36770) | more than 11 years ago | (#4293225)

and by the same token, clockseed does not necessarily have a linear correlation to performance :)

Re:8-10 years from now? (2)

NerveGas (168686) | more than 11 years ago | (#4293255)


You're half right, half wrong. Moore's law DOES deal with transistor count. However, it says that it will double every 18 months, not every 6 months. (originally, it was 24 months, but later revised.)

In practice, however, the actual computational power has been doubling about every 18 months as well.

As evidence, look at where we were 10 year ago: The big, bad processer to have was a 33 MHz 486. Today's high-end processers have MORE than 64 times the computational power of the 486 of a decade ago - and there's no indication that we're not going to keep on track for another decade.

steve

Re:8-10 years from now? (2)

dillon_rinker (17944) | more than 11 years ago | (#4293259)

Wrong. "Moore's Law" is more accurately called "Moore's observation" - "You know, transistor density in ICs seems to have been doubling every 18 months."

Re:8-10 years from now? (1)

tot (30740) | more than 11 years ago | (#4293144)

Computing needs electricity which is limited resource in mobile devices. Thus having anything to use less computing increases the battery life.

Re:8-10 years from now? (2)

NerveGas (168686) | more than 11 years ago | (#4293223)

Right, but we keep making individual transistors smaller and smaller, letting them use less and less power. Of course, CPU manufacturers tend to simply add more transistors and/or increase the frequency to make up for the power savings.

Look at the newest, fastest Athlons - they produce less heat than considerably older versions. Why? Smaller manufacturing process. And that's going to keep on going...

steve

Certicom has done commercial ECC for years (2)

geekotourist (80163) | more than 11 years ago | (#4292983)

The article reads as if using ECC for small devices is a novel concept. That isn't the case- Certicom is 15 years old, and has done ECC for handheld and embedded devices for at least 4-5 years. It has some solid encryption researchers (Scott Vanstone, for example) and a bundle of patents. Most Palms out today use Certicom's ECC, although newer versions are using RSA. And while Certicom is probably the best known company promoting ECC, I know of several other companies in Japan, Korea and Germany that sell their own implementations of ECC.

Why is *Sun* getting the nod for this technology? (0)

Anonymous Coward | more than 11 years ago | (#4292994)

...given that it was invented by NeXT? [venona.com]

Re:NeXT, did NOT invent ECC. (4, Informative)

plcurechax (247883) | more than 11 years ago | (#4293119)

...given that it was invented by NeXT?

Sorry, Ellipitic curve cryptography was invented independantly by Neal Koblitz, Professor of Mathematics at the University of Washington and Victor Miller who was then at IBM.
(Source [certicom.com] )

Securing edge of network devices (2, Insightful)

clutch110 (528473) | more than 11 years ago | (#4293005)

I can see this as a positive step to secure the network end to end, from the server room down to the smallest of devices, the PDA.

As it stands now, having a wireless network could be a blessing. Information available at your finger tips. PDAs have never been a strong focal point for security in my experience. It will be great to see a network that can be truly encrypted end to end.

Now if only the user friendliness of this made it so that even the ordinary citizen could use it.

Bush's advisor present, official government suppor (5, Funny)

Anonymous Coward | more than 11 years ago | (#4293057)

You know what that tells us, right?

The NSA can already crack it. :)

BSD!?!?! (0)

Anonymous Coward | more than 11 years ago | (#4293082)

So how in the hell is this a BSD-specific article!?!?!

Instead.... (0)

Anonymous Coward | more than 11 years ago | (#4293092)

...they should have donated some decent web servers to them so I can access the OpenSSL site more than once a week.

Why don't they release a OPENSSL patch for Cobalts (2, Offtopic)

backtick (2376) | more than 11 years ago | (#4293121)

If they are so *&*^ serious about security? The slapper worm has been out for quite a while now, and Sun's cobalts run a REALLY old version of OpenSSL. Sun's last patch was released almost a month ago, for a CGI vulnerability. They've been asked dozens of times about the OpenSSL patch, and won't even give customers the courtesy of a "We're going to have one by X" response. CobaltOS is just a flippin' rebuilt RedHat OS; it isn't hard to patch!

BSD? (0)

Anonymous Coward | more than 11 years ago | (#4293148)

BSD? Huh?

Why is this significant? (0)

Anonymous Coward | more than 11 years ago | (#4293246)

I know the keys used for ECC are generally smaller, but that seems like a fairly minor consideration even for PDAs (how many keys do you ever need to store anyway?)

Is eliptic curve cryptography actually faster than RSA? If so, by how much?

And if it IS faster, wouldn't it be much more useful for web servers than for PDAs?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>