I am pretty sure there is a mathematical definition of democracy...
Democracy=Sum of everyone's opinion/Population/Size of government
SCO is proof that such baseless litigation is not only resistant to findings of fact, but also to common sense, dignity and morality.
http://yro.slashdot.org/story/11/11/05/144211/sco-zombie-creaks-into-motion-again
As we have seen of late, courts are becoming less tolerant of this form of abuse of the judicial system
http://yro.slashdot.org/story/11/11/02/158211/us-marshals-ordered-to-seize-righthaven-property
My hope is that a few more notable cases like this will make the cost-benefit of copyright litigation increasingly less attractive to the trolls
I find it kind of spooky that sqrt(5) appears in the formula for the golden ratio and in the closed expression formula to calculate Fibonacci numbers, and here we have it again... You almost couldn't pick a more innocuous looking number than 5... But the sqrt(5) thing is like some cosmic trickster looked at the succeeding prime numbers...
The only thing I find spooky is the anthropomorphisation of mathematical formula.
The first account you are outing has comments entirely consistent with a pubescent teenager fanboy:
http://slashdot.org/comments.pl?sid=2515218&cid=37989436
How did you arrive at the conclusion that these guys are shills apart from them disagreeing with your own views?
Is there any way this could hold up?
It should, at least until Jan. 2013, when a GOP president is likely to be sitting in the White House (thanks to the economy not turning around), starting to actually act upon their own "regulations are killing us," campaign rhetoric.
I am not an American and am not sympathetic to either Democrat or Republican ideologies. I wish to ask the American people on both sides of the economic debate for a reality check.
a) Do you think it possible that one of the largest and most complicated economies in the world can be turned around from the verge of collapse in under four years in a globally uncertain economic climate by a president from either political party?
b) Do you think the president should be held accountable for your economic recovery given that your own constitution vests the responsibility and authority for your economy with a separate house of government that the president has no authority or control over apart from a limited right to veto legislation?
c) Do you think that the problems with your economy can be solved by either political ideology given that both parties have spent and taxed at strikingly similar rates since the 1940s?
Perhaps what we need is a fourth branch of government, smallish and economical, operating independently, with a mission to build and maintain a friendly user interface for citizens to manage their government. Apple could have pulled that off in its glory years, when Steve Jobs was doing all the work and his 60,000 employees filled their time spreading spiteful anecdotes about him.
I have some questions to help me decide if Scott is coining a newer and darker style of satire or succumbing to some form of dissonance: You suggest creating a new branch of government with the sole purpose of educating voters. I appreciate the satire in your article, but do you really think that giving the government more scope and authority will resolve the misgivings people have about their government? If yes, then do you think an officially sanctioned and funded government media wing will lead to selfless and unbiased expression of the facts to the voting public? If yes then do you think that transparent, open and unbiased government communications will continue in perpetuity; even if such discourse contradicts the ideologies, reasoning and actions of the government itself? If yes then why do you suggest that such a government PR agency, guided only by the greater good of the public to provide transparent, open and unbiased knowledge to the voting public need engage in glitzy Apple-style marketing? Surely this egalitarian, unmandated house of government would be more akin to national public radio rather than an iTuneseque media engine?
While there is a bit of sensationalism involved, just imagine if we scaled everything down. Imagine the earth is your face, and the asteroid is a bullet coming within arms length of you. You'd probably feel like it was being shot directly at you as well.
If this analogy were scaled correctly, the bullet would be smaller than a bb pellet and the head would be denser than steel, meaning the analogy is also sensationalist.
Even if the analogy was valid, if you knew that the chance of a bullet hitting you was so low that a calculator with a precision of 1000 decimal places would still show it as zero. would you still be terrified? If the answer is 'yes' then the sensationalism is working.
I bet when you see some beautiful security system turned into a mess because of bad policies you feel like I do when i hand over some box i lovingly created only to have them turn it into a spyware/adware laden mess in less than a month, just like that scene in "History of The World part I" where the artist gets his work pissed on by the critic!
Indeed. Apathy, ignorance and laziness are the greatest of all foe.
Thanks to you and Pete for explaining this subject in much closer to layman's terms than I've ever seen it tackled, it does make me think of a couple of follow up questions if you don't mind.
Not at all, you questions are poignant and well-framed.
Since as you pointed out with Enigma (which IIRC there is still a handful of messages they still haven't cracked after all these years) there are gonna be advances coming down the pipe and that both AES 128 and RSA 1024 have expiration dates, wouldn't it be smarter to try to jump a little bit ahead of the curve?by that I mean wouldn't it be smarter to just go ahead and switch to 512 bit AES and 4096 RSA when the previous schema expires? Or is that too computationally expensive with current technology?
Yes, going too far beyond current standards is expensive. As you imply, when computational overhead is considered (particularly in terms of server hardware) the cost of supporting increased key lengths is significant. For ciphers that are embedded in hardware devices there is further pressure to reduce footprint and fabrication costs as well as motivation to build in some amount of redundancy. Economic pressure therefore acts to resist the urge to overstep the Moore curve too greatly.
Which brings me to my second question: Back in the day we had math co-processors for seriously heavy number crunching and today thanks to HT on the AMD side and QP on the Intel side we once again have the ability to place a co-processor on a bus that is as fast as the CPU my second question is thus: Since from what Pete wrote (again not an expert, he may be wrong, I don't know) the majority of the key generation is being done on the server side wouldn't it be advantageous to use a "crypto co-processor" to allow much larger and thus stronger keys to be generated quicker and thus as you put it "leap ahead" in the bit race? I know Via has native crypto in their silicon and FPGAs allow one to build a custom chip easily but it just seems to me with so many black hats throwing so much power at the wall it would make sense to throw some specialized silicon at the problem instead of just more generic CPUs.
Cryptoprocessors exist right now but they require specialist software, are expensive to fabricate and are costly or impractical to upgrade. Even if these problems were mitigated by mass production, Moore's law dictates that they will be rapidly outmoded by cheaper and faster generic chips of the near future. As such, custom hardware will only ever be economically viable for those wanting "military grade" security who also have a pentagon-grade budget to spend on it.
I'm sure there is some hidden gotcha I'm missing which is why it isn't done.
The hidden gotcha is that information security is not all about cryptography. In fact, ciphers like AES and RSA with currently approved key sizes are the most secure part of our information security infrastructure. Rather than trying to break ciphers, black hats are expert at finding the weakest part of a system and attacking that instead; such as finding out where a system stores its cryptographic keys; how to intercept secrets before they've been encrypted or after they've been decrypted; and even more rudimentary things that remain the most successful infiltration strategies to date: Password dictionaries, key-loggers and human factor attacks such as bold-faced asking people for their password.
Black hats are successful because people make bad choices when they design their security systems, when they write their policies, when they monitor and review their systems, when they train their staff and when they respond to incidents. Cryptography has advanced significantly since the days of Enigma but unfortunately human nature hasn't changed much at all.
I am a cryptographic security researcher. I will give some background on this before answering your specific questions. Information security is subject to the same pressures as other forms of conflict. Such pressures are otherwise known as an "escalation", "arms race" or even as "evolution". Cryptography is one such armament in the information security arsenal; and while cryptography is subject to constant pressure of Moore's Law as you quite rightly assert; more cataclysmic changes can occur through leaps in either or both knowledge or capability. I can think of no better example of these notions than the Enigma machine; first developed in the early 1900's but made extensive use of by Germany during the second world war.
The first countermeasure used against Enigma was reverse-engineering. This lead to identification of weaknesses that whittled down the key size from a massive 380 bits to only just 76 bits. A one in 75,557,863,725,914,323,419,136 chance of randomly guessing (brute forcing) the correct key was still well beyond the resources of brute force at the time. This lead to the construction of the Bombe machine (a precursor to the computer) that could perform rapid searches through the keyspace for given known plaintexts and keys. Enigma was eventually broken through a combination of reverse-engineering, improvements in cryptanalytic techniques, improvements to computational power leading to faster brute force and the exploitation of systemic and human factor weaknesses. As a result, countermeasures to such attacks were developed such as the foundational principles of modern cryptography, developed by Claude Shannon in 1948.
How fast are we going through these things and with the frankly insane amounts of hardware that keep coming down the pipe is this gonna end up some sort of "bit race" between the white and black hats?
I am guessing that the speed of innovation is partly driven by necessity. There will be periods of relatively steady improvements on both sides of the fence like there has been over recent years; then like with Enigma, there will be periods where there are giant leaps forward in technology and knowledge. There most assuredly is a "bit race" and it will continue so long as there is conflict.
so how long until 1024 and 2048 are as useless as the old 128 and 256 bit keys?
Giant leaps of technology aside, our industry generally accepts conclusions made about minimum key-length for each cipher by NIST : http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf. In short:
For AES, 128 bits is the minimum acceptable key size with no timeframe on when 256 bits will be required (everyone assumes this will occur around 2015)
For RSA, 1024 bit keys are the minimum acceptable key size until 2013 when the minimum will be increased to 2048 bit
How high of a number can we go to before the time to process it on an average machine makes it not worth the work? Is there a number high enough to be uncrackable? or is it all just a matter of letting Moore's Law catch up?
Just like mechanical computers in the time of Enigma, current silicon-based computers are quickly reaching practical limits and Moore's law is starting to show signs of fatigue. But if it were to be built, a quantum supercomputer could be so powerful as to render all current key sizes useless. But even the fastest quantum computer will have a speed limit; and so should every newer and faster generation of computer; because all such things are constrained by the Universe's ultimate speed limit. So long as it takes longer to break a cipher without knowing the key than it does to transmit encrypted information using knowing the key, there will always be secrecy in numbers.
"The laws of physics in our corner of the universe seem to be finely tuned to support life."
The statement would read better as "The laws of physics in our corner of the universe seem to be finely tuned to support life [as we know it, Captain]."
Just enough to get away from the Blight... Poor old Relay, I have never empathized with network hardware so much. By the way, I'm using a banged-up IP connection from the slow zone, so this post may take millions of years to reach anyone.
I'm wondering what the margin of error is on this calculation?
The N-sigma for 2005 YU55 is 31,700, which means that the maximum error is 31,700 times smaller than the distance between the Earth and the object at its nearest point or an error so small as to be insignificant.
The author should have written "settled" instead of "dismissed". All around this is a badly summarized article verging on "Troll" status. Surprised it got through? Nope.
Dinosaurs aren't extinct. They've just learned to hide in the trees.
