Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment Hal Finney was Satroshi (Score 4, Interesting) 91

It has been an open secret in the cryptography community that Hal Finney was the designer of BitCoin from the very start. Hal died in 2014. Or at least he was frozen in liquid nitrogen so not talking either way.

Besides being the first person to be involved in BTC who didn't hide behind a pseudonym, Hal published a paper that describes essentially the whole BitCoin scheme two years before BTC was launched. And Hal never once accused Satoshi of stealing his work.

The reason Hal had to hide behind Satoshi is simple: The Harber Stornetta patent didn't expire until about 9 months after BTC launched. That covers the notion of the hash chain. There is absolutely no way anyone working in the field did not know about that patent or its imminent expiry. Hal certainly did because I discussed it with him before BTC was launched.

So the big question is why BTC was launched when it was, why not wait 9 months to have free and clear title? Well, Hal got his terminal ALS diagnosis a few weeks prior: He was a man in a hurry.

Having launched prematurely, Hal had to wait six years after the original expiry of the patent term to avoid a lawsuit over the rights to BTC from Surety. He died before that happened.

Oh and I have absolutely no doubt Hal mined the genesis blocks straight into the bit bucket. The key fingerprint is probably the hash of some English language phrase.

Comment Re:The Inventor of Bitcoin Should Be Worth Billion (Score 1) 92

The real inventor of BitCoin wrote a paper describing the architecture two years earlier under his own name, Hal Finney. He got a terminal diagnosis of ALS a few months before he launched the BitCoin service, the pseudonym being necessary at the time because of the Haber-Stornetta patent on the BlockChain.

No, Hal, did not keep the coins. He invented BitCoin because he was a crank with weird ideas about inflation, not to get rich. Mining the coins and keeping them would have been a betrayal of his principles.

The proof of this is given by the fact that Hal did not in fact get rich from BTC despite being the ''second' person to join the project. Nor did Hal ever complain that Satoshi took the credit for what was very clearly his work. If Hal had been just another person coming along, there would have been every reason to keep the cash.

And we do in fact know Hal ran mining servers from the start and that he ended up in serious financial trouble due to his ALS. The freezing his head thing came from donations.

Craig Wright does seem to be the last of the three early advocates alive but that doesn't make him Satoshi. Wright has never shown the slightest sign of being the sort of person who builds such a thing and in any case, Hal's name is on the much earlier paper.

Comment Dyson ruined his brand (Score 1) 126

The people who buy electric cars are hip urban professional types. The people who support Brexit are pensioners and skin-heads.

Dyson's public support for Brexit meant that most people in his target market wouldn't ride in a Dyson car, let alone buy one. And of course buggering off to Singapore because the Brexit he campaigned for would make assembly in the UK a disaster only made things worse.

It was a stupid idea anyway. Musk was there ten years ahead of him and was already churning out electric cars as a new entrant. It is far from clear Tesla can survive as VW and the major manufacturers enter the EV market. Dyson stood no chance. Sticking an electric motor in a vehicle instead of a petrol engine is not a huge feat of engineering. There are significant design differences but the bulk of the design and assembly technology is unchanged.

Electric vehicles still have doors, monocoque, windows, seats, suspension, in car entertainment, etc. Ford, GM and the rest only need to change one small part of the package. Sure, they have been slow to adapt. But nobody is making EVs at a profit yet. VW and BMW look set to change that this year.

Comment Can anyone help fix my end-to-end encryption? (Score 1) 334

This is irritating as it upsets my plans for end-to-end Web encryption. By which I mean encryption of the data on the server so that the server has no access to it. The only things that are on the server are encrypted data blobs and a pile of random numbers.

By end-to-end Web I mean that you will be able to set up comment forums like slashdot, read email in a Web browser and everything else you are accustomed to doing on the Web but without any of the plaintext content being accessible to the server.

The technical basis for this scheme was worked out in the 1990s and then patented by a completely unrelated company which merely sat on the patent till it expired last year. It uses meta-cryptography which is a property of the Diffie Hellman schemes that if you add two private keys, the corresponding public key is the product of the public keys, etc. Matt Blaze, Torben Pedersen and others worked out how to apply these effects to achieve an effect they considered interesting but insufficient. My contribution is merely to show that the simple scheme is more than enough to do interesting things.

So now I need to work out how to hook into the browser. One possibility is to present the decryption module as a new compression scheme. It looks like a compression scheme in other respects. It just requires the host to have access to a private key capable of completing the decryption.

Any help would be appreciated:

The project site is but that is of the previous approach which has been superseded in the reference code but not yet documented.

[Oh and yes, I do know what I am doing sort of, I have probably considered the corner case you have just thought up. This has been in discussion for many years with serious protocol design people.]

Comment Re:doh! (Score 2, Informative) 528

Obama didn't release his birth certificate for one very good reason, he is very clever and Trump is very stupid.

The fact is that the Republicans will always invent some crazy idiotic 'scandal' that they obsess about and endlessly throw up smoke. The birther conspiracy was mind numbingly ridiculous. It would require someone to go back in time to plant the birth notice in the papers. Or for some group of conspirators to go to an enormous amount of trouble in order to make a particular black kid president.

So rather than release the birth certificate and let the Republicans invent a new scandal, Obama held onto it and let them obsess about a scandal nobody else thought made the slightest sense, knowing that he could knock their house of cards down any time he chose. Which of course he did a week before the Bin Laden raid which was guaranteed to end the story.

George W. Bush opened torture chambers across the world and collected photographs for a sick sexual thrill. Yet nobody ever talks about that. None of the people complaining about Hilary ever complained about GWB refusing to comply with Congressional investigation or the deletion of 5 million emails.

So here is what is going to happen. Trump is going to go down to the biggest defeat since Carter and he is going to drag the rest of his party down with him. And afterwards there is going to be a new civil rights act that prohibits Republican voter suppression tactics and the gerrymandering that give them a 5% advantage in elections. And by the time it is all done the Republican party will have two choices, either boot the racist conspiracy theorists and Trumpists out or face two decades in the wilderness.

Comment Re:Wny did they need the certificates? (Score 1) 95

Issuing for .test and .local are strictly prohibited by the CABForum EV requirements. They will soon be outlawed for DV under the basic requirements.

What seems to have happened is that instead of issuing all test certs for as the procedure manual required, they had to modify the procedure when Symantec took over and they no longer had

So instead of doing what they should have done and using or a test domain bought for the purpose, they typed the first name that entered their head.

Comment Re:Self Signed (Score 1) 95

Actually it doesn't. DANE certificates are not self-signed for a start, they are signed by the DNSSEC key for the zone.

The problem with DANE is that you swap the choice of multiple CAs for a monopoly run by ICANN, a shadowy corporation that charges a quarter million bucks for a TLD because that is what the market will bear. What do you think the price of DANE certification will rise to if it takes off?

ICANN is the Internet version of the NFL only with greater opportunities for peculation and enrichment.

Comment Re:Wny did they need the certificates? (Score 1) 95

Damn right they should. The CPS has a long section on the use of test hardware.

The problem is that all the original team that built VeriSign have been gone for years. A lot of us left before the sale of the PKI business to Symantec. The PKI/DNS merger was not a happy or successful partnership. The original point of the merger was to deploy DNSSEC. that effort was then sabotaged by folk in IETF and ICANN which has delayed the project by at least 10 and possibly 20 years. ATLAS was originally designed to support DNSSEC.

Unfortunately, in PKI terms what VeriSign was to IBM, Symantec is to Lenovo.

They apparently remember the ceremonies we designed but not the purpose. So they are going through the motions but not the substance.

One of the main criticisms I have heard is that we built the system too well. From 1995 up to 2010 it worked almost without any issues. So people decided that they didn't need things like proper revocation infrastructure. The only recent issue the 1995 design could not have coped with was DigiNotar which was a complete CA breach.

There are some developments on the horizon in the PKI world that will help add controls to mitigate some of the issues arising since. But those depend on cryptographic techniques that won't be practical for mass adoption till we get our next generation ECC crypto fully specified.

Comment Re:What is a pre-certificate? (Score 3, Informative) 95

A pre-certificate is created for use in the Certificate Transparency system. Introducing pre-certificates allows the CT log proof to be included in the certificate presented to an SSL/TLS server.

The CT system generates a proof that a pre-certificate has been enrolled in it. The proof is then added to the pre-certificate as an extension and the whole thing signed with the production key to make the actual certificate.

If the CT system logged the actual certificate, the proof of enrollment would only be available after the certificate had been created.

Comment Re: Not quite true (Score 1) 307

Whether the term is enforceable or not is debatable and almost certain to be rendered moot. Unlike US Republicans, UK Conservatives do actually believe in the rule of law and honest business practices (sort of). There isn't any party who believes that screwing the consumer is a constitutional right. There will be a bill passed.

A rather more direct question is whether the hotelier was entitled to collect the charge under the credit card agreement. And that is unambiguous, he isn't. A credit card merchant cannot use a charge card to recover a disputed charge. It does not matter what the purported contract term was or if it is enforceable. The credit card agreements are designed to prevent cardholders from dishonest merchants. So the consumer will get their refund and the hotelier will find themselves facing a 30 quid chargeback fee.

The only option for the hotelier to recover would be to take the matter to court. The most he could win is the hundred pounds, if he lost he would likely be out the legal costs which could be a couple of thousand. Small claims courts don't usually award costs but they might well do so in this case. Judges tend to detest bullies.

Comment Re: Ask the credit card for a refund (Score 1) 307

Its more than that, without regulation you end up with a lemon-law market.

Lots of times the difference between an honest product and a dishonest one only becomes apparent years later. If the product is safety equipment you only find out if the hard hat works when someone drops the brick on your head.

The libertarian theory that self interest will drive people to make honest products has turned out to be utterly false. In fact it turns out to be quite difficult for a company that intends to do the right thing to do so. I once had to get a guy fired after I found he had goosed his response rates for customer support calls by deliberately setting the phone tree up as a maze.

People do all sorts of idiotic short sighted stuff. This hotelier for example got his pants in a twist over a bad review and now he has probably sunk his business completely.

Rational choice is not an empirical fact of human behavior. It is a modelling assumption that tends to give good results in certain cases. But it does not hold for corporations because the interests of the corporation are not identical to those of the employees. All those banks who go belly up because the traders get big rewards for raking in profits and face no consequences for a loss. I don't gamble with my own money but if you want to give me $100,000 to gamble with I am happy to take it to Vegas, find a roulette wheel and let you take 100% of any losses and 90% of any gains.

Comment Re:Build refineries in ND (Score 1) 206

There is plenty of capacity in St Louis and room to build more.

The cost of the pipeline is much more than the cost of a refinery. The 'surplus capacity' claim is total nonsense. The tar sludge isn't anything like the crude that the existing refineries process. There would have to be major upgrades in any case. And building a two thousand mile pipeline costs a heck of a lot more than any refinery would.

Comment Re:after november... (Score 1) 206

The decision was made years ago: No pipeline.

Not announcing the decision stops the Koch bros and the Keystone corp from starting their appeal. Its like an administrative filibuster.

There is already a pipeline that runs to St Louis, the only reason to build the second pipeline is to sell the sludge to China. Having that option available will allow the price to be jacked up when the sludge is sold to the US market as it will fetch the international price which is a lot higher than the refiners currently pay in St Louis.

There is absolutely no reason for the US to OK a pipeline that will increase the cost of supply to the US market. The only reason the GOP backs the pipeline is that the Koch bros stand to make $100 billion from the increase in the value of their shale tar sands.

It is a purely tactical decision because nobody outside the GOP wants the pipeline built. Everyone who wants the pipeline will vote GOP in November whatever the decision. Obama could make a short term political gain by announcing that there will be no pipeline but that would allow the appeals to start. Better for the country to wait until there have been some GOP deaths on the SCOTUS.

Comment Re:Control vs. Prosperity (Score 2) 119

What I find problematic with that mode of argument is that it tends to turn McCarthyite very quickly. Castro attempted to cut a deal with the US before going to the Soviets, he is rather less committed to communism than either his supporters or his opponents believe. He also gave the CIA the location of Che Guavera when he decided he was a liability. So there has been a basis for cooperation for a long time.

The list of crimes committed by US Presidents panicking about communism is very long. Snuffing out a democracy in Iran to replace it with a bloodthirsty dictator, supporting the Khumer Rouge after Vietnam ejected them, installing Pinochet, a mass murderer in Chile. George W Bush just managed to cause the deaths of a half million Iraqis and wonders why he isn't being praised for his efforts.

The problem isn't capitalism of communism, the problem is authoritarianism and elites who believe that brute force is the solution to every problem. Castro is a thug and a murderer but its the US who set up a torture chamber in Cuba.

Since the US government has been spending a large amount of money to get the Internet into Cuba, giving them a pipe and letting them rip with it seems like the best way forward. They will try to control it but everyone knows that Cuba is going to liberalize in the near future.

The logical way forward would be for the US to lift the blockade and let the commerce flood in. The communist system would collapse pretty quickly when there was money to be made. But the problem is that there is a faction that is less interested in bringing democracy to cuba as returning their assets that were nationalized. Since they stole the assets under the corrupt Batista regime, there aren't going to be many interested in that happening.

Slashdot Top Deals

Life is a whim of several billion cells to be you for a while.
