Comment Could have been worse (Score 1) 89
At the vaccination research lab funded by Jenny McCarthy, all of the workers who were treated for exposure are now autistic.
At the vaccination research lab funded by Jenny McCarthy, all of the workers who were treated for exposure are now autistic.
Most of FIPS is a certification process oriented on testing. However, there is a checklist of things you need to support, and one of them used to be the easy to backdoor Dual_EC_DRBG.
Now that the requirement for Dual_EC_DRBG has been dropped from NIST's checklist, it would be possible to have LibreSSL meet FIPS requirements without having the troublesome component. Most of FIPS certification is about throwing money at testing vendors, as described by OpenSSL themselves. Doing that would really be incompatible with the crusade LibreSSL is on though, because the result is believed by some to be less secure than using a library that isn't bound to the FIPS process. I don't see those developers ever accepting a process that prioritizes code stability over security.
OpenSSL is used to add SSL support when compiling PostgreSQL on Windows. It's a constant headache to the developers and packagers of the database. We were all complaining about how much the OpenSSL license sucks, too, before it was cool to rag on OpenSSL.
Daikatana was about as Japanese as the Teenage Mutant Turtles.
Well, if you've already trusted your national defence, university education, ideological belief system, and popular cultural to the homeland of said foreign company, entrusting your national telecoms infrastructure is a relatively small step.
What about the Cloud? The great workaround to constitution in the digital age?
Reading between the lines here, it seems fairly probable that Truecrypt has either
a) Very serious security bugs, or
b) Had backdoors introduced by the NSA.(Does Truecrypt use elliptic curve cryptography?)
In either event the code is basically tainted and shouldn't be used for any future projects.
The vague and sometimes bizzare nature of the statements from the Truecrypt dev team, including this one, lead me to believe that they have been placed under a standard NSA gagging order and have decided to burn Truecrypt rather than see it be turned against its users. Comments like "Forking is Impossibe" appear to be an open code for communicating that they are essentially unable to communicate, but that Truecrypt is no longer a trustworthy piece of software.
Reading though the Lavabit case, it's clear that those placed under NSA gagging orders have very, very little room for legal/media maneuver, but nevertheless still retain the freedom to walk away from their projects and tell others not to use them. Such actions appear to be the last defense of cryptographers in the US, and I think that is what we're seeing with Truecrypt.
Launch the data into oputer space on a satellite, programmed to transmit the data after a set time period. For best results, send the machine on a massive period orbit to the outer solar system, or in a pinch, crash land it it on the Moon or Mars.
Governments will either have to give up, or else fund massive space project. Either way, we win.
It's about making people feel better about their car. Who cares about your outdated value-add notions like "efficiency" or "safety"? Pshhh! BTFD.
Oh goodie, a lesson on ABX testing I didn't need. Carbonation is more obvious than the taste differences people often fail to confirm in blind test. Slate even did some coverage on container carbonation differences talking about it. According to that I didn't necessarily describe the cause and effect correctly in my quick comment--it may be from gas escaping rather than a bottling difference--but the effect I was describing is real.
Have you ever noticed the difference between flat soda and fresh? If so, why do you believe carbonation level and bottle specific characteristics are never distinguishable? There's a motion component to it. A major reason flat soda tastes differently is that you expect a different taste from the bubbles, whether or not there even is a taste difference outside of that. Your perception of carbonation turns into a taste even though it's really not a taste, exactly. The same way that knowing the brand alters how you taste--the bit that screws up non-blind taste tests--sensing the carbonation in your mouth changes how you taste too.
Fine, you say that's still me claiming something, not a test result. I looked around for five minutes for a blind test showing some difference between two different Coke product packages that included observations on the "fizziness" of the product impacting preference. Here's a recent blind comparison with untrained testers doing exactly that. I don't think it's studied more because it is too obvious to bother.
Traditionally, Valve have always extensively playtested their game offerings. Most of the development process has been based around player feedback.
Serious Coke drinkers can even tell what type of container the soda was stored in. Larger containers are carbonated more heavily so they can survive being opened more times, and that makes them taste differently.
Actually, with the rise of the internet, I imagine quite a signifiganct percentage of modern geeks actually come from such societies.
According to the latest official figures, 43% of all statistics are totally worthless.