×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

MasterCard Joining Push For Fingerprint ID Standard

John.P.Jones Keep the fingerprint on the device... (138 comments)

The key is to not use the fingerprint as a key for online authentication, we have a technique for that it is called cryptographic keys (either symmetric or asymmetric). Now people are generally bad at remembering these strong keys (and even worse at using them) so instead they use a trusted device (used to be a desktop computer but that day is past, now its a phone) to both store and use those keys. The user can then authenticate locally to their device using a less strong mechanism (traditionally passwords). Apple has this right, the device is the only thing that needs to use the fingerprint to authenticate the user (local authentication is by its nature two factor since you need the device). There is no advantage & clear disadvantages to using fingerprints directly for online authentication (passwords too as we have seen time and time again).

about a year ago
top

Ask Slashdot: Storing Items In a Sealed Chest For 25 Years?

John.P.Jones Keys in the box... (434 comments)

Instead of storing data in the box directly, where you then rely on media retaining viability over 25 years you could always strongly encrypt the data you would like to logically store in the box and then write (or etch in stone, whatever) the decryption key and store that human readable quantity of data in the box and then maintain the cipher-text outside the box in a redundant distributed fashion over multiple generations of media. Of course I fail to see what the advantage of keeping the data secret over the time period would obtain, and it prevents transcoding to new file formats, so I'd just suggest keeping copies of the data as you would any data you want to have in 25 years (not locked in a box).

You see, physical objects are placed into a time capsule because they would normally deteriorate and not be archived properly if they weren't removed from the harsh existence of everyday life. Data however doesn't work like that, neglect is the biggest problem and hence a time capsule is not a good means of preserving data the way it is for preserving objects.

about 2 years ago
top

Google Killing Off Mini, Video, and iGoogle

John.P.Jones Spring Scape (329 comments)

I'll miss spring scape, watching frog & ladybug go through their day was great.

more than 2 years ago
top

Ask Slashdot. Best Online Science Course?

John.P.Jones Re:Feynman's Lectures on Physics (166 comments)

Additionally, I would highly recommend Leonard Suskind's Stanford continuing education physics series (available on iTunes & YouTube etc) which is currently in its third quarter of the second attempt. The first covers classical mechanics, the second quantum mechanics and the third (ongoing) special relativity and classical field theory. The fourth I believe will cover general relativity and then the fifth will head into quantum field theory and the standard model.

more than 2 years ago
top

Historic Heat In North America Turns Winter To Summer

John.P.Jones Completely inexplicable... (618 comments)

If only we had some sort of theory that could explain this inexplicable change in weather patterns.

more than 2 years ago
top

US Military Working On 'Optionally-Manned' Bomber

John.P.Jones OTP (278 comments)

A remotely controlled armed weapon should only use a one time pad for secure communications as that is provably secure (or rather as provably secure as putting a pilot in a plane since ground crews could be subverted to steal the pad). Then the threat model is reduced from controlling the aircraft to DOS and other jamming techniques, which is much more acceptable (considering the plane could be designed to self destruct if a watchdog signal is not received).

more than 2 years ago
top

North Korea's High-Tech Counterfeit $100 Bills

John.P.Jones Paper Money w/ Digital signatures (528 comments)

We don't have to abandon paper money just because it is not possible to keep forgeries from being manufactured. The government just needs a private key and digitally sign each paper bill it produces (similar to the current serial numbers but with PKI powers) and then when you accept paper money for payment you will need a computer to read and verify the digital signature is valid. This would solve the problem (with the added expense of verifying bills) but the government won't propose such a simple solution because they would rather force people off paper currency to track them better.

more than 2 years ago
top

Physics Is (NP-)Hard

John.P.Jones Re:What ISN'T NP-Hard? (212 comments)

Perhaps unfortunately neither factoring or discrete log are known to be NP-hard yet (fortunately) polynomial time algorithms have thus far alluded us although BQP algorthims (Shor's algorithm) have been found. Of course an NP-hard problem in BQP would be a major discovery. Also simulation of quantum mechanical systems (protein folding) is known to be in BQP, although no polynomial algorithm is known and it isn't known to be NP-hard. While its true that a great many interesting problems that apparently aren't in P but are in NP are NP-hard, but the above are examples of important problems that aren't.

more than 2 years ago
top

Physics Is (NP-)Hard

John.P.Jones Re:NP (212 comments)

I would fully expect that verifying that a set of dynamical equations does indeed fit experimental evidence is in P so in this case (physics) the problem is NP-complete, certainly for classical mechanics. Verifying predictions in quantum mechanics may not be in P but is certainly in BQP.

more than 2 years ago
top

WikiLeaks To Ship Servers To Micronation of Sealand?

John.P.Jones Moving servers, you mean physically, seriously? (350 comments)

In this day of age of virtualization, cloud deployments and the like the idea of moving servers offshore being equivalent to physically moving boxes across the ocean seems absurd. You setup some new machines at the new location, sync the data across this thing called the Internet, flip a switch and then wipe the old boxes and sell off the hardware (if you ever owned it to begin with).

more than 2 years ago
top

Autonomous Vehicles and the Law

John.P.Jones Re:Why wouldn't police be able to? (417 comments)

The designer of the car broke the law, the vehicle is defective breaking traffic laws and needs to be impounded and the builder fined for endangering the public.

When a computer is a box sitting on someone's desk that computes figures and shows lights on a display there is no reason to restrict who can do what with machines and they should be open to hacking and modification. When they are connected to networks the burden goes up a bit and maybe code has to be signed or restricted to a safe API on top of a trusted locked OS (but probably not, in my opinion). But by the time the computer is connected to hardware fully capable of killing people both inside and outside the computer the game has changed and the system needs to be locked down so it can't be hacked and the developers need to take responsibility for their actions. An owner of a car no longer has the right to hack the device because they own it, at least they can't then put it on public roads. Just as drivers need to pass a test the design of an autonomous vehicle needs to pass a test (regulated) to use our roads. This will probably mean leased vehicles owned by the builder company with per mile, per minute, per month fee structures to generate revenue to offset settlements for accidents (which will still happen). The law should then limit the costs of a computer caused accident to the same penalties that a human driver would face for an unintentional accident with the same circumstances.

more than 2 years ago
top

Faster-Than-Fast Fourier Transform

John.P.Jones Re:Wish I could understand the details of FFTs (271 comments)

Rather than understanding the FFT (an O(nlgn) algorthim for computing the DFT which is normally an O(n^2) operation) you should first understand how the basic DFT equation works, which is independent for each of the frequencies. It just takes each of the n elements in your discrete signal and multiplies it by a (complex) sinusoidal function of that frequency and sums them. If the data is correlating well with the sine wave the magnitudes of these products will be larger and of a consistent sign (+ for direct correlation and - for anti-correlation, small numbers for uncorrelated values). Then you can see that the DFT works and then it is an algorithmic exercise that the FFT produces the same result in less computations.

more than 2 years ago
top

Apple Unveils Software To Reinvent the Textbook

John.P.Jones $15 price cap? (416 comments)

The whole concept of price capping these books at a low level, putting a text book in the same price range as a fiction novel (I don't believe fiction is price capped, and certainly apps aren't) is insane and downright offensive. Also the exclusivity requirements should be downright illegal.

more than 2 years ago
top

Could a Dirty Rag Take Out a $2 Billion Satellite?

John.P.Jones What is the actual loss? (297 comments)

So a satellite costing $2 billion to design construct and launch failed due to a small error. How much of that money was truly wasted? How much would it then cost to construct a replacement using the same design? One would hope that the majority of costs associated with this thing are design and testing related that would not be lost by the need to try again.

more than 2 years ago
top

Why the NTSB Is Wrong About Cellphones

John.P.Jones School bus... (1003 comments)

Are these the same school buses that the same NTSB gives authority to bypass seat belt laws? I say its time to strap those kids down.

about 3 years ago
top

Graphene Spun Into Meter-Long Fibers

John.P.Jones Re:Space elevator coming next? (159 comments)

I was thinking about how the energy of chemical rockets is just barely sufficient (given fuel mass) to make chemical rockets that can escape Earth's gravity well. I'm not sure of the exact headroom but my understanding is that it is fairly tight. From what I have read on the strength of nanotubes, they too are theoretically just strong enough to barely make a space elevator a possibility (if we could manage to weave them into a macro-fiber without significant losses.) If this turns out to be the case I wonder if there is a connection between these two methods and the strength of chemical bonds to overcome the gravitational potential of our planet. Need it be so that these two very different ways of utilizing bond strength achieve a similar maximum gravitational field that they can overcome?

Going further, obviously the strength of a planet's gravity is important for the development of life, it may be that it is required for the development of intelligent life that the planet's gravity be close to this value (earth's gravity).

about 3 years ago
top

Are Data Centers Finally Ready For DC Power?

John.P.Jones Other server optimizations (462 comments)

Along similar lines but related (in a way)...

I have been wondering why data centers don't use more optimized hardware that basically packages CPU & memory on a single chip (multiple dies until they can fit on one) so that basically all the pins go to either power or to a network adapter, no local disk or video adapter or anything else, just a black box with power, network i/o and heat dissipation. The thing would boot up over the local network by a controller and use other data nodes (dumb but fast NAS front end to disk drives) for storage beyond the locally cached memory.

about 3 years ago
top

Google Researchers Propose Plan To Fix CA System

John.P.Jones Re:Self signed certs. (91 comments)

This is essentially what I proposed in my paper in 2005, only it adds a level of indirection to reduce the amount and volatility of data being added to DNS.

about 3 years ago
top

Google Researchers Propose Plan To Fix CA System

John.P.Jones Re:Something To Think About (91 comments)

Current protocols that agree on a public key do so via certificate chains signed by a CA, which we don't necessarily trust (or wish to fund) and we would like to have the option to remove them from the chain, but then we need somewhere else to root trust. DNS is the natural place to do that in today's internet (who has the authority to assign me a gmail.com address, why the owners of that domain do of course, if they wanted to give that name to someone else only they could, once you own a registered domain you have rights to subdomain it to whomever you please and they have to trust you not to revoke it).

The proposal is to have this certificate chain rooted at a per domain CA (or the domain can choose to use an existing CA) so that both the fingerprint of the CA's signing key and the authority of the CA to vouch for this domain are both leveraged from DNS not some arbitrary out of band trusted party. The protocol would agree on keys just as it does today but when the certificate chain is being validated it would then verify the CA with the proper domain (for e-mail, ftp, http, ssh etc the owning domain is well understood from context) before accepting the key. No real change is needed to the underlying protocols (although the implementations need to be changed slightly just as they would for accepting a CA's new signing key), essentially every key validation would end in a couple additional DNSSEC resolution queries.

Of course this is a chicken-egg problem in that it then ties back into DNSSEC and root level trust in DNSSEC needs to be solved (through CAs for now) but it decouples the problem and leverages the architecture of DNSSEC (we really do need it anyways) to provide arbitrary certificate trust without putting undo burden on DNS. If we are going to have to have DNSSEC to fix DNS we may as well use it for more than just name to IP resoultion. There is no reason to solve the trust problem more than once since and as long as we use DNS based hierarchies to specify machines or end users (e-mail accounts) we have to trust DNS. The fact that today pre-DNSSEC we blindly trust unsigned DNS replies is the only reason the parallel certificate hierarchy exists at all.

about 3 years ago

Submissions

John.P.Jones hasn't submitted any stories.

Journals

John.P.Jones has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?