Uh, some of the earliest encryption algorithms ever created are immune to MITM.

Yes, and they were built for communications between two parties, who knew they'd be communicating, and could exchange keys in advance.

Now, tell me one which is applicable to the problem of a large number of potential users, all unknown up front, and coming from random devices.

The problem with modern public key encryption (and its strength as well) is that you don't need to pre-exchange keys. But this opens you up to MITM attacks.

Key exchange is hard. Managing all of those keys is really hard. You think a bank can maintain a list (and keep it secure) of the private keys of every individual customer?

The thing which holds the keys (and every vendor you deal with would have a separate copy) then becomes the next attack vector.

I think the generalized problem of establishing, trust, and a secure exchange of keys, is far harder and more complex in a world where you deal with lots of entities, who deal with lots of entities. This isn't things your average person are going to be willing to spend hours doing.

I think "YEC" is quite fitting.

Or perhaps:

CRAC - Creationists Rationalizing Age Creatively

With $10,000 on the line, it'll be interesting to see if anyone manages to crack the code.

OK, so they have a $10K prize.

Now, purely to play devil's advocate -- if someone manages to exploit the system and doesn't tell anybody, is there more to be gained by that?

Even if it's just maliciously 'bricking' these cars, it seems like this incentive isn't as much as some other activities could be.

Hell, you could probably ransom people's cars back to them for more than that.

That's because they keep shifting the goalposts.

This isn't "shifting" the goal posts. This is trying to actually come up with a meaningful metric for computer intelligence.

And the test which everyone was up in arms about was definitely not an indicator of computer intelligence, but narrowly defining the test in such a way as to make it look like they'd achieved it.

Their test was Can a computer program pretending to be a child speaking it's non-native language fool people, but it sure as hell wasn't a valid measure of how well we're doing with machine intelligence.

This is a big deal. If you use a browser on Windows that does NOT counter this, such as Internet Explorer, then you ARE vulnerable. I imagine Microsoft will come out with a special-purpose patch, but still, this is a pretty nasty issue.

Untrustworthy CAs have been a problem for a long time; we need mechanisms to address them. The terrible cert revocation system makes it even worse; you can't be sure that the certs are checked in many cases. Chrome's CRLSets are not the answer; they are not even the beginning of an answer. We need to fix the whole revocation system. Sadly, there hasn't been enough work or enough urgency on these problems; maybe this will light a fire under those efforts. I doubt it, but it's worth hoping.

Yes actually, I do expect there to be some sympathy. Because everyone bitches when the NSA does it.

I don't disagree with you, but the hypocrisy of "but that's the job of the NSA" that I hear when someone points this out is maddening.

This was clearly wrong, they targeted another country's corporation, and one that has a huge impact on the Internet, worldwide.

And one which was doing business in their country. Like it or not, Google in India is subject to India's laws.

How many corporations and people in foreign countries have been targeted by the NSA? How many people think that is wrong?

There are an alarming number of people who basically say it's OK when the NSA does it, because that's their mandate.

It's only fair that you either get to protest when every and any country pulls something like this, or not at all.

Oh, I agree, and I disagree with the practice in general. But, as I said, it's appalling just how many Americans keep saying "it's fine when we do it, it's wrong when you do it".

I'm just reminding people of the apparent double standard which gets applied here and in the news.

Me, I think for a country to decide that their laws/desires trumps the rights of people in other countries, you lose some credibility when someone does the exact same thing to you.

There is that kind of need, however, for Adidas to sell a whole shitload of super-cool-awesome-double-plusgood soccer balls every couple of years at inflated prices.

I see what you did there. ;-)

So SSL is nothing more than an honor system?

This is nothing new.

And, let's face it, I bet the NSA et al have demanded more private keys be handed over to them than you'll ever know about. Where's your outrage over that?

The five eyes all use each other to spy on their own (and others) citizens, and share the information among themselves. Where's your outrage over that?

I see this as a symptom of a greater problem, but no different from what a bunch of other countries are already doing.

Until someone creates a new encryption system which isn't susceptible to MITM attacks, this will always be the case. And governments will always unashamedly insist on spying on their people, and anybody else they can find.

So how much money or jail time for Fraud and Impersonation? Oh right, it's ok when a government does it. And you can't complain to Uncle Sam as that would disrupt your business in that country.

And, really, if the US is saying it's their right to tap into anything they want to ... how is it different when India does it?

India already forced BlackBerry to allow them to access BBM and the like.

Uncle Sam is causing as much disruption to US businesses abroad as anything, because people are realizing that American companies are effectively just extensions of the US spy apparatus -- because the PATRIOT act means they can demand whatever data they have, and you more or less have to assume they're doing it and being prevented from telling you.

Which means Indians are already being spied on by (at least) their own government AND the USA.

Do you expect there to be sympathy for an American company when a foreign government taps into them? Because I hear an awful lot of people saying they think it's perfectly OK when the US does it to foreigners.

Listening to an investment banker on the floor screaming "dont taze me bro" would pretty much make every single person on the planet smile at the same time. It would cause world peace and make cold fusion work.

Sounds like an awesome idea for a Kick Starter campaign.

Surely it would do almost as well as potato salad.

Doing the same to the people in charge of the NSA would also be awesome.

When you talk about "we" have to leave the earth, I assume you are talking about a handful of lucky few. We're not going to save the billions of sick and dirt poor bastards, right ?

That is one of the many reasons I'm skeptical.

Because I can't imagine most people are going to lift a finger to help build the escape module for a bunch of rich assholes. :-P

I was merely listing the reasons why "we" might seriously be considering leaving Earth. I do not actually expect it to happen.

Faux-socialist misanthropes are WINNING.

Time to beat them down.

Because modern technology has made them "civilized" and "comfortable" and soo "enlightened".

It starts when they are children. They are the bullies who would kick or trip others for fun, but do not because they are afraid. The more fortunate among them actually did these things and got an ass whoopin' -- and at least in the context of person-to-person relations, (perhaps) learned the greatest lesson -- that restraint of bully impulses saves you from retaliation, but also even a tiny bit of polite respect gets you further still.

But as emerging adults they learned that the human race as a whole, has no staunch defenders. You can trash the human race as a whole, in as stupid or skillful a manner as you wish, and as long as you are speaking about people in general, your opinions and remarks go unchallenged.

And sadly, they do not. Among others who also get off on this people-hating trend, you are a celebrity in this useless and ultimately dangerous sport. Those who disagree are held back by social conditioning that, in striving for a conflict free world, encourages you to disengage from confrontation.

In order for our species to succeed it is NOT ENOUGH to teach politeness and respect.

You have to teach children to draw a line, their own personal line.

And you MUST teach your children that is their duty to kick ass, LOUDLY, when someone crosses that line.

People all over are teaching their children that when someone crosses a line, it is okay to re-draw the line.

Meanwhile, the most ugly sentiments get the most traction.

Which is why assholes like the one who wrote TA feel free to take something he did not think of himself, something that would ennoble the human species with the simply inspiring, breathtaking act of its construction -- sitting in his electricity powered climate controlled room, he will proceed to take a shit on the idea and try to smear it all over the rest of us.

Okay it is painfully obvious what he is against. Maybe, it all sounds so vaguely political. That 'thing'. What is he FOR?? He does not think it worthwhile to elaborate on what his real 'plan' for those resources are, he'll leave it to you. He can't be bothered. He's done.

What you read in TA is a symptom of a really dangerous problem.

Someone who respects and stands up for the whole human needs to kick his ass. Verbally and en masse, of course.

The people involved learned certainly nothing from history.

While Germany was dabbling with all kinds of expensive new tank designs, the Russians built only one kind (with incremental improvements) but in large quantities. Guess which one made the difference? Actually, the same goes for the English and the Americans. While inferior, the Sherman tanks could be made in much larger quantities.

Luna 3 was an amazing mission for the time. Give the Soviets credit where credit is due.

Your Freudian slip suggests you need a vacation.