fintler (140604) writes "Due to the expected enforcement of the REAL ID Act on Jan. 15, 2013, New Mexico travelers will need to be prepared to have TSA approved identification to be allowed to board a commercial aircraft. New Mexico driver's licenses are not valid valid identification after the law is in effect." Link to Original Source top
fintler writes "The National Institute of Standards and Technology (NIST) is pleased to announce the selection of Keccak as the winner of the SHA-3 Cryptographic Hash Algorithm Competition and the new SHA-3 hash algorithm. Keccak was designed by a team of cryptographers from Belgium and Italy, they are:
* Guido Bertoni (Italy) of STMicroelectronics, * Joan Daemen (Belgium) of STMicroelectronics, * Michaël Peeters (Belgium) of NXP Semiconductors, and * Gilles Van Assche (Belgium) of STMicroelectronics.
NIST formally announced the SHA-3 competition in 2007 with an open call for the submission of candidate hash algorithms, and received 64 submissions from cryptographers around the world. In an ongoing review process, including two open conferences, the cryptographic community provided an enormous amount of expert feedback, andNIST winnowed the original 64 candidates down to the five finalist candidates – BLAKE, Grøstl, JH, Keccak and Skein. These finalists were further reviewed in a third public conference in March 2012.
NIST chose Keccak over the four other excellent finalists for its elegant design, large security margin, good general performance, excellent efficiency in hardware implementations, and for its flexibility. Keccak uses a new “sponge construction” chaining mode, based on a fixed permutation, that can readily be adjusted to trade generic security strength for throughput, and can generate larger or smaller hash outputs as required. The Keccak designers have also defined a modified chaining mode for Keccak that provides authenticated encryption. Additionally, Keccak complements the existing SHA-2 family of hash algorithms well. NIST remains confident in the security of SHA-2 which is now widely implemented, and the SHA-2 hash algorithms will continue to be used for the foreseeable future, as indicated in the NIST hash policy statement. One benefit that Keccak offers as the SHA-3 winner is its difference in design and implementation properties from that of SHA-2. It seems very unlikely that a single new cryptanalytic attack or approach could threaten both algorithms. Similarly, the very different implementation properties of the two algorithms will allow future application and protocol designers greater flexibility infinding one of the two hash algorithms that fits well with their requirements. NIST thanks the many people in companies, universities, laboratories and organizations around the world that participated in and contributed to the SHA-3 competition, especially the submitters of all the candidate algorithms, and the many others who contributed expert cryptanalysis, and performance studies. NIST could not have done the competition without them.
fintler writes "A Philadelphia radio station, The Beat (100.3), ran a contest on April fools day and managed to increase their e-mail database by around 2000 people. At the end of the day, the contest turned out to be a fake. According to FCC regulations, "[It is required] that a licensee that broadcasts or advertises information about a contest that it conducts shall fully and accurately disclose the material terms of the contest, and shall conduct the contest substantially as announced or advertised. No contest description shall be false, misleading or deceptive with respect to any material term". So, what should happen now?" Link to Original Source top
fintler writes "I work for a rather large fortune 50 company that does software development and general scientific research worldwide. My job is as a software engineer in a CMMI Lvl 5 facility. This company has a policy of blocking websites. Of course, there are rules applied to block websites that are obviously NSFW. I have no problem with that. It's their network, they can block whatever they think is morally objectionable. The problem is, there's no process to have a website reviewed for being unblocked. There are many sites blocked that are directly relevant to work. For example, some documentation on http://www.w3.org/ is blocked, even though we have a web-tier to maintain and develop. All support tickets placed with the company-wide help desk go unanswered and there doesn't seem to be any process setup to have websites unblocked. Even my managers are frustrated by this. My current solution is to just put off working on things until I can go home and look up something. Some here have tried questionable methods like ssh tunneling, but considering some of the work we do, the network is highly monitored and persistent connections to suspicious IP addresses are monitored (one of my coworkers had some security people interview him for doing exactly this). As someone in my position, how would you handle looking up topics that you need to research for software development?" top
fintler writes "The Open Voting Consortium, is a not-for-profit organization dedicated to the development, maintenance, and delivery of trustful and open voting systems for use in public elections. Today, they have received a donation from Mark Shuttleworth for $5,000 as well as permission to use his name for endorsement purposes." Link to Original Source top
fintler writes "I've been slated to create a version control system for my University as an independent study next semester. The system would cater to only Computer Science and Information Science students (about 100-200 people). Can anyone give some advice on what kind of services should be provided and how they should be implemented? I'm currently thinking along the line of having something like a gForge and svn setup. However, I've also been thinking about doing a system using trac that has a bit of a custom "project" creation website. Any advice would be appreciated." Link to Original Source