The NIST 800-22 test has bit length parameters. The article doesn't indicate if it passed the 128 bit NIST test after they reduced the entropy to 32 bits, only that it passed *some* NIST test. From another poster it seems the standard NIST parameters used for the NIST test may not be sufficient to test that the prng exhibits the level of entropy that people are relying on it to exhibit. The lavarnd folks pass a billion bit NIST test, so it is possible to run longer versions of the test. If the reduced entropy source is still passing a higher entropy test, we have a problem with our testing method.

Your other (very valid) point is that just because data is random, doesn't mean you are secure. The data stream has to be both random and unknown to your attacker, which PI would not be. In this case they do not have a way to set the seed, or all inputs to the prng, only to limit the prng's bit length, so the attacker will not know the random sequence or even its statistics. It simply makes a brute force attack much less time consuming.

It still concerns me that a 32 bit prng might have passed a 128 bit 800-22 test. Does anyone know more about that aspect of it?

There are easy numeric methods for determining how random data is. Optical inspection would be unnecessary to discover this modification. You might even get away with generating a few megabytes of data, zipping it, and then comparing the resulting compression ratio to a known good chip.

numpy and scipy are slow. Matlab is much faster. In a time trial I did for basic blas stuff even the vba macros in excel were faster (it has basic blas) by a little over ten times. I'm not sure what underlies octave, but last time I tried it it was missing simple stuff like linsolve so I have no idea how fast it is. Academics in physics are still using fortran, because it is the fastest. I usually explore an idea in matlab, then implement it in c++/boost.

Also, gnuradio has something that is very similar to simulink for dsp type stuff. It has mostly migrated away from python to C++ for all the heavy lifting.

Is this the same guy that was on /. a few weeks ago because he taught undercover agents who *told* him they were planning to commit a crime with the information he gave them? A /. lawyer indicated that helping someone who told you they were going to commit a crime, is a crime. That makes sense to me. If I'm driving my taxi and some pleasant old lady gets in and asks to be driven to the bank so she can rob it, I'm going to get out of the car and call the police, not drive her to the bank. Does that count as a car analogy?

I watch netflix in ubuntu. I accomplished it by adding one rep and installing one package. It manages the wine version, the windows firefox version, the silverlight version, and whatever other unholy nonsense is involved in making it work. The only glitch is that sometimes the audio is on fastforward when I first start watching something and I have to wait for it to go back to normal, then start the show over. This is on a relatively ancient macbook (it has an ethernet port), and it is still fast enough.

I like the rishi 100% masala chai, which is as you say, just spices and tea. I don't know which spice does it, but it is consistent. The tazo bags do it to, but they have essential oils of some spices rather than the dried spice.

Ingredients: Organic and Fair Trade Certified black tea, organic cinnamon, organic cardamom, organic ginger root, organic black pepper, organic cloves.

I can rule out the tea, cinnamon, and pepper because I eat those in many other things. It could be a combination I suppose.

I found that even diet drinks make me unable to concentrate after a few days of regular consumption. As an experiment I switched from diet cola colored drinks to a diet clear drink that had even more caffeine. The problem went away. Whatever the chemical is, chai tea (diffuser in water, not the starbucks crap) does the same thing to me after a few days, while black and green tea do not.

Some areas use the term "soft drink" or "cold drink" to describe what any sensible person would refer to as a "coke". Because these beverages bubbliness has nothing to do with any alkaline with sodium in it, I would argue that soda is no more appropriate than those three terms or "pop". Carbonated drink, or fizzy drink both seem quite reasonable.

disabling upnp might get a mention as well. I always leave it off out of laziness, but I periodically notice exploits that attack it. Seems like all the router attacks that don't come from inside rely on that.

TFA indicates they rooted the attacking computers using holes in the browsers they were attacking with, and then used the visible wifi hotspots to locate the machines. It does not say that they checked to make sure the machine was not being remotely controlled, or itself a honeypot. Using this technique not all the sophisticated attacks came from China, some were U.S., Japan, France, etc. but over half were from China. Also not all the honeypots were in the U.S., so its not only the U.S. being targeted.

Even standard mathematical notation is ambiguous. You can take the same math describing the same relationship, and publications from different fields will use entirely different notation and conventions. For that reason I prefer to convey mathematical relationships using code, whether it is matlab, c, c#, or what have you, all of them can be unambiguously interpreted by a machine. Even the best math paper cannot be parsed by a machine. I sometimes use math notation as a quick sketch on a whiteboard or an IM to someone to say "do something kinda like this but think it out", but if I have already thought it out, I put it in code so it is absolutely clear what I mean. I think hard math, even abstract math would benefit from using a computer language instead of math notation, its old and flawed and not as universal as people like to think. Even if the code isn't in a language you know, the syntax is clearly defined somewhere. If I read a paper in the journal of applied dendromorphology and they re-derive stokes theorem (and try to patent it) and have little tick marks everywhere, how am I supposed to know that "everyone uses those for time derivatives here! what else would you use"? You laugh, but I have seen stranger stuff, much stranger.

Originally the term middle class was used to describe the wealthy merchant class that lived like born nobility but were not. In the US which never had nobility, upper class was redefined to be the european middle class, the wealthy merchants, and that left the boundary between middle and lower a bit ambiguous.

You say people who claimed the tracking was going on were thought to be paranoid, but everyone I know considered it a forgone conclusion it was happening. Every time someone said "oops better not say that on the phone " were they just passing along a meme they didn't believe? More than anything I am surprised that anyone at all was surprised by any of this. The patriot act passed 98-1 in the senate, if it had been proposed as an amendment it probably would have still been passed. The notion it might violate the 4th amendment is interesting, but at the time it had enough support, or at least indifference, from us that it could have legally trumped the 4th amendment. Like V said, look in the mirror to find the problem. Rule one, assume any power you give the government for purposes from fighting terrorists and pedos all the way to business regulations, that can be abused, will be abused. Rule two, don't vote for anyone who gives the government these powers on your behalf, and tell them of your decision before they vote if possible. We screwed up on the patriot act and it would seem the effects of that spread east. Please limeys, stomp this thing out now for everyone's sake. Vote out every last person who spoke favorably of it, and those who spoke favorably of those people. Have bulimia fests on street corners, refuse to help friends and relatives unblock or work around the filters so that they feel the bite and speak out, speak out civilly to every single person you know. Maybe they will just think you are paranoid, or maybe they will think you are just joking about what the filters could lead to, make it clear it isn't a joke. Its better to be thought paranoid.

I'd be worried I would miss a jury duty notice or similar, and end up with a warrant out for my arrest. That is the only reason I check my mail now, government correspondence. And when my credit card expires and they send me a new one. Lately UPS has been letting USPS deliver packages the last leg, so I guess that counts too.

There is a FL 2012 statue that says acquittal by reason of self-defense provides immunity from civil suits. This is in several states now.