top The Plane Crash That Gave Us GPS
> "freed the world from ever depending on paper maps or confusing directions from relatives again"
It's entirely plausible that GPS, or any equivalent, will die before minkind does. Mad Max, seen it?
top Windows Flaw Allowed Hackers To Spy On NATO, Ukraine, Others
In addition to
isight's blog there's an article in Wired about a month and a half ago
top Police Using Dogs To Sniff Out Computer Memory
Apparently the Rhode Island State Police posted a photo and plausible statement:
The post says the canine is "trained to detect electronic devices".
That does not look as bogus a claim as training specifically for storage media: the chemicals used in the soldering, cleaning, and IC packaging conceivably could have a detectable smell.
top Math Advance Suggest RSA Encryption Could Fall Within 5 Years
The whole thing is unsubstantiated FUD. I base my judgment on the slides at
The whole argument boils down to:
a) there has recently been huge progress [*] in solving the Discrete Log Problem over fields of small characteristic; b) progress in solving the DLP have historically implied progress in factorization, and vice versa; c) factorization breaks RSA, and solving the DLP breaks DSA; d) thus RSA and DSA are dead, move to ECDSA.
The fallacy of it is that in b) and c), the DLP is exclusively over fields of huge characteristics (thousands of bits), making the algorithms in a) powerless. The slides do not hint at the faintest research lead towards moving to huge characteristics. Best argument is that "renewed interest could result in further improvements".
One the positive side, the author is honest: "I’m not a mathematician, I just play one on stage".
[*] See e.g. this recent paper and its references
Razvan Barbulescu, Pierrick Gaudry, Antoine Joux, Emmanuel Thomé: A quasi-polynomial algorithm for discrete logarithm in finite fields of small characteristic http://hal.inria.fr/docs/00/83/54/46/PDF/quasi.pdf
top New Thermocell Could Turn 'Waste Heat' Into Electricity
From the article: "The top performing redox electrolyte (..) yielded output powers of 522 mW per square meter."
Seems that to get the 1 GW power of a nuclear reactor, one would need the active surface of a square of 43 kilometer side coated with that Cobalt stuff.
top Backdoor Discovered In Atlassian Crowd
The original report says about the last vulnerability discussed (but not disclosed)
Indicators such as covert positioning, the use of special parameters, absence of log messages, facilitation of persistence, and apparent lack of legitimate purpose suggest that this vulnerability could be classified as a symmetric backdoor if malicious intent were to be established (which it has not).
I like the tone: they stop short of stating this is a deliberate backdoor of the worst kind, but give extremely convincing argument that it is one.
top CipherCloud Invokes DMCA To Block Discussions of Its Crypto System
The taken-down images, and the promotional video around 2:53
http://pages.ciphercloud.com/AnyAppfiveminutesdemo.html?aliId=1 make it clear that in these promotional materials, identical plaintext leads to identical ciphertext.
Ciphercould's DMCA takedown notice
http://meta.crypto.stackexchange.com/a/258/555 rebuts that as wrong ("Ciphercloud's product is not deterministic"), with a key point at the beginning of page 3: "[detractor] implies that what was perceived from a public demo is Ciphercould's product offering".
Ciphercould's position is: you misjudged us from what we have shown, which is not the real thing.
about a year and a half ago
top Intrade Shutdown Hurts Academics
If trading funny money and a bare-bones web interface is OK, there is Foresight Exchange (aka Ideosphere) which has worked almost flawlessly since 1994.
http://www.ideosphere.com/ about a year and a half ago
top The World's Oldest Original Digital Computer Springs Back Into Action At TNMOC
If this computer can decide to reboot itself, it must have now reached self-awareness!
top Ask Steve Wozniak Anything
My favorite is the Apple ][ disk controller, most notably the read synchronization and decoding achieving 5, then ultimately 6 useful data bits per raw 8 bits, using little discrete logic and a small (P)ROM.
top Ask Slashdot: How Do I De-Dupe a System With 4.2 Million Files?
Recently had this situation.
Nirsoft's free "SearchMyFiles"
http://www.nirsoft.net/utils/search_my_files.html has a straightforward Find Duplicates mode which helped a lot. It is easy (the most "complex" is designating the base locations for searches as e.g. K:\;L:\;P:\;Q:\), fast, never crashed on me, and had only cosmetic issues ("del" key not working). I recommend running it with administrative privileges so that it does not miss files.
top AMD Downgrades Bulldozer Transistor Count By 800 Million
AMD just clarified that Bulldozer does have 2 billion transistors after all, but only 1.2 billion work.
top XML Encryption Broken, Need To Fix W3C Standard
"..we describe a practical attack on XML Encryption, which allows to decrypt a ciphertext by sending related ciphertexts to a Web Service and evaluating the server response. We show that an adversary can decrypt a ciphertext by performing only 14 requests per plaintext byte on average."
top Another CA Issues False Certificates To Iran
I now see your point: a CAs does not guarantee against MITM in the same way a safe does not guarantee against robbery.
top Another CA Issues False Certificates To Iran
CA does not guarantee that there is no MITM either
Can you please explain, preferably with a link to a reference?
Common wisdom is that good CA + SSL should protect against MITM, including if the DNS service is comprimized.
top FreeBSD Running On PS3
This is *NOT* related to the recent crypto break, as demonstrated by the release note stating
Supported hardware:Sony Playstation 3 Fat, firmware version 3.21
top Virtualizing Workstations For Common Hardware?
It's easy enough to slipstream (lots of) extra drivers and periodically update a master install
.iso using tools such as nlite.
Any pointer to (or hint) for some "Slipstream for novices?" Explaining in particular how do you deal with
- disparate versions of serial-number protected things (MSO and Windows XP Pro/Home, or worse vendor-customized Vistas/7) - machines where XP needs extra drivers to boot a SATA device - drivers that seem to only come as an interractive installer (ATI) - patch tuesday routine
top Dell Defect Turning 2.2GHz CPU Into 100MHz CPU?
This one seems to work
top Brazilian Breaks Secrecy of Brazil's E-Voting Machines With Van Eck Phreaking
> What options do you have to protect your self from Van eck phreaking?
One option to consider seriously is: paper ballot inserted, in a voting booth protected by opaque curtain, into an opaque paper envelope, which is then publicly dropped into a transparent urn, which is left under public view during the voting, and publicly shaked before the counting process.
That's how 90% of the votes are cast in France for decades [the "transparent" bit was added some 45 years ago]. Not only is it secure against Van Eck phreaking before its invention, it has great resilience against many kinds of fraud, and most voters are able to understand and check the process.
You still have to guard against quite a few things, including
* unsuitably opaque envelopes; * bulletins printed on paper of different color/size/material [even if the envelope is opaque, it is usually not sealed, and sometime some portion of the bulletin (hopefully the back side, if the bulletin is folded) may be glanced at thru the opening; also the weight/stiffness of the bulletin may be revealing] * hidden cameras in the voting booth; including those built into cellphones held by the voter [because the voter could be trying to prove what (s)he voted [in order to sell her/his vote or avoid retaliation if s/he did not vote as instructed].
Actually, in some locations much closer to you than half the circumference of planet earth, it may happen that voters are threatened to be beaten/killed is they do not vote as instructed; and maybe, on election day, a few of those who voted could be beaten publicly (often: regardless of what they actually voted, or based on their perceived opinion), in order to make the threat credible to those who did not vote yet. In these circumstances, the voters must be able to really trust the secrecy of their vote.
top AIDS Vaccine Is Partially Successful
According to numerous online sources, raw numbers are:
51 out of 8187 found infected in the vaccinated group; 74 out of 8198 found infected in the control group.
The most basic course of statistics tells how to proceed from here: test if the null hypothesis (vaccine has no effect) remains plausible despite this evidence. Conditions are ideal for the chi-squared test.
We get Observed values 51, 74, 8147, 8123; Expected values 62.504, 62.496, 8135.5, 8134.5; then sum((O-E)^2/E) = 4.267, with two degrees of freedom. Conclusion: the null hypohesis is rejected with only 88% confidence level.
This is not enough to confortably say that the vaccine has any benefit. Odds of the contrary are about 1/17.
This is much less reason to trust that the vaccine reduce infection rate by 31.1%, as reported in some press articles. Odds are 1/2 that it is less efficient than this.
fgrieu hasn't submitted any stories.
fgrieu has no journal entries.