Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×

Comment Re:No surprise there (Score 1) 263

by Geirzinho (#42080689) Attached to: After Weeks of Trying, UK Cryptographers Fail To Crack WWII Code

Not true. The probability that the next letter in the OTP is (say) an A is always 1/26 when you have no prior knowledge about how the cipher clerk selected it. This is the optimal case, and any changes in how it is selected will only reduce the entropy of the pad.

*or did I just hear a whoosh over my head?*

Comment Re:Wait... (Score 4, Insightful) 189

by Geirzinho (#41827755) Attached to: "Badass" Bug Infects and Kills Borderlands 2 Characters

The corrupted blood incident is actually better described as emergent behavior in a complex system.

The Blizzard developers didn't make a mistake, they just didn't think about all the consequences that debuff would cause in a world-like environment. And researchers had a field day studying the CB spread of the epidemic:)
Science

Submission + - Complex Logic Circuit Made from Bacterial Genes (wustl.edu)

Submitted by another random user
another random user writes: Just as electronic circuits are made from resistors, capacitors and transistors, biological circuits can be made from genes and regulatory proteins. Engineer Tae Seok Moon’s dream is to design modular “genetic parts” that can be used to build logic controllers inside microbes that will program them to make fuel, clean up pollutants, or kill infectious bacteria or cancerous cells.

The circuit Moon eventually built consisted of four sensors for four different molecules that fed into three two-input AND gates. If all four molecules were present, all three AND gates turned on and the last one produced a reporter protein that fluoresced red, so that the operation of the circuit could be easily monitored.
Encryption

Submission + - Everyday Cryptography

Submitted by
benrothke
benrothke writes: "Untitled documentol{margin:0;padding:0}.c5{max-width:468pt;background-color:#ffffff;padding:72pt 72pt 72pt 72pt}.c0{text-align:justify;direction:ltr}.c2{color:#1155cc;text-decoration:underline}.c3{color:inherit;text-decoration:inherit}.c4{font-style:italic}.c1{font-size:12pt}.title{padding-top:24pt;line-height:1.15;text-align:left;color:#000000;font-size:36pt;font-family:"Arial";font-weight:bold;padding-bottom:6pt}.subtitle{padding-top:18pt;line-height:1.15;text-align:left;color:#666666;font-style:italic;font-size:24pt;font-family:"Georgia";padding-bottom:4pt}li{color:#000000;font-size:11pt;font-family:"Arial"}p{color:#000000;font-size:11pt;margin:0;font-family:"Arial"}h1{padding-top:24pt;line-height:1.15;text-align:left;color:#000000;font-size:18pt;font-family:"Arial";font-weight:bold;padding-bottom:6pt}h2{padding-top:18pt;line-height:1.15;text-align:left;color:#000000;font-size:14pt;font-family:"Arial";font-weight:bold;padding-bottom:4pt}h3{padding-top:14pt;line-height:1.15;text-align:left;color:#666666;font-size:12pt;font-family:"Arial";font-weight:bold;padding-bottom:4pt}h4{padding-top:12pt;line-height:1.15;text-align:left;color:#666666;font-style:italic;font-size:11pt;font-family:"Arial";padding-bottom:2pt}h5{padding-top:11pt;line-height:1.15;text-align:left;color:#666666;font-size:10pt;font-family:"Arial";font-weight:bold;padding-bottom:2pt}h6{padding-top:10pt;line-height:1.15;text-align:left;color:#666666;font-style:italic;font-size:10pt;font-family:"Arial";padding-bottom:2pt}

When Bruce Schneier first published Applied Cryptographyin 1994, it was a watershed event, given that is was one of the first comprehensive texts on the topic that existed outside of the military.



In the nearly 20 years since the book came out, a lot has changed in the world of encryption and cryptography. A number of books have been written to fill that gap and Everyday Cryptography: Fundamental Principles and Applicationsis one of them that have recently been published.



While the title Everyday Cryptographymay give the impression that this is an introductory text; that is not the case. Author Keith Martin is the director of the information security group at Royal Holloway, a division of the University of London, and the book is meant for information security professionals in addition to being used as a main reference for a principles of cryptography course. The book is also a great reference for those studying for the CISSP exam.



While the book notes that almost no prior knowledge of mathematics is required since the book deliberately avoids the details of the mathematical techniques underpinning cryptographic mechanisms. That might be a bit of a misnomer as the book does get into the mathematics of cryptography. While the mathematics in the book is not overwhelming, they are certainly not underwhelming. For those that want a deeper look, the book includes an appendix for many of the mathematical concepts detailed in the book.



Two benefits of the book are that it stresses practical aspects of cryptography and real-world scenarios. The mathematics detailed avoids number throaty with a focus on practicability. It also shows how cryptography is used as the underlying technology behind information security, rather than simply focusing on the abstracts of the potential of cryptography.



With that, the books 13 (made up of 4 parts) chapters provide a comprehensive overview of the theory and practice around all as aspects of contemporary cryptography. Each of the chapters end with a summary, detailed lists of items for further reading, and sets of penetration questions that challenge the reader. Readers are advised to spend time on these questions as it is often easy for the reader to feel that they understand the material. The questions can quickly humble the reader and show them that it may not be the case.



Part 1 is titled Setting the Sceneand provides a comprehensive introduction to the fundamental of cryptography. Chapter 1 (freely available here) details the basic principles about cryptography and provides a high-level introduction.



Chapter 2 provides a good overview of the history of cryptography. It details a number of obsolete, yet historically relevant ciphers, such as the Vigenère cipher from the 1500's, to the Playfair cipher from the mid-1800's and others. Martin provides a good overview of the cryptanalysis of the Vigenère cipher and lessons learned from it.



Chapters 4-9 comprise part 2, and provide a thorough overview of the various forms of encryption (symmetric and asymmetric) and digital signatures. This section gets into some of the deeper mathematics of cryptography. While the author states that almost no prior knowledge of mathematics is needed; those without a background will surely be confused by some of the material.



Chapter 7 closes with a good overview of the relationship between digital signatures and handwritten signatures. The author notes the importance of resisting any temptation to consider digital signatures as a direct electronic equivalentof handwritten signatures. He then provides a detailed outline of the environmental, security, practical and flexibility differences between them.



Key management is one of the most important aspects of cryptography and often the most difficult to execute on. Part of the difficulty around key management is at the user level, with key updates, passphrase management and more. Ultimately, effective key management is essential to the underlying security of the cryptosystem. The 2 chapters in part 3 provide a thorough synopsis of the fundamentals of key management.



Part 4 closes the book with two chapters on practical cryptographic applications. Chapter 12 details how cryptography can be used on the internet, secure payment cards, video broadcasting and more.



The book concludes with an appendix on the mathematics of cryptography, which takes a look at the basic mathematical concepts the underlie some of the material in the book.



This book is not for the fainthearted and is not an introductory text on the topic. It is meant for the advanced reader or someone taking a college level course. For such a reader serious about a significant overview of the essentials on the topic, Everyday Cryptography: Fundamental Principles and Applicationsis an excellent reference.







Ben Rothkeis the author of Computer Security: 20 Things Every Employee Should Know."

Submission + - Blackhole's 'point of no return' found (harvard.edu) 1

Submitted by dsinc
dsinc writes: Using a continent-spanning telescope, an international team of astronomers has peered to the edge of a black hole at the center of a distant galaxy. For the first time, they have measured the black hole’s “point of no return” — the closest distance that matter can approach before being irretrievably pulled into the black hole.

According to Einstein’s theory of general relativity, a black hole’s mass and spin determine how close material can orbit before becoming unstable and falling in toward the event horizon. The team was able to measure this innermost stable orbit and found that it’s only 5.5 times the size of the black hole’s event horizon. This size suggests that the accretion disk is spinning in the same direction as the black hole.
The observations were made by linking together radio telescopes in Hawaii, Arizona, and California to create a virtual telescope called the Event Horizon Telescope, or EHT. The EHT is capable of seeing details 2,000 times finer than the Hubble Space Telescope.
NASA

Shuttle Endeavour Embarking to Los Angeles Museum 56

Posted by samzenpus from the pack-it-up dept.
Endeavour will be the second of NASA's space shuttles to leave the Kennedy Space Center. The ship will piggyback on top of a specially modified 747 and head to a Los Angeles museum this week. From the article: "Endeavour's lifespan was relatively short by shuttle standards - 25 missions over 20 years, totaling 299 days in space. But those flights ran the gamut of orbital odysseys, including the sheer moxie of its May 1992 debut when three astronauts made an impromptu and unprecedented spacewalk to rescue a stranded Intelsat communications satellite."
Privacy

Site Offers History of Torrent Downloads By IP 340

Posted by Soulskill from the exposing-the-obvious dept.
tsu doh nimh writes "You may have never heard of youhavedownloaded.com, but if you recently grabbed movies, music or software from online file-trading networks, chances are decent that the site has heard of you. In fact, you may find that the titles you downloaded are now listed and publicly searchable at the site, indexed by your Internet address. So far, youhavedownloaded.com has recorded more than 50 million unique Internet addresses belonging to file-sharing users. The site is searchable by file name and by Internet address. When you visit, it automatically checks and lets you know if your Internet address is in the database."

Submission + - Cryptic codes in Oslo-terrorist manifest (no.net)

Submitted by repvik
repvik writes: The 1500 page manifest of terrorist that killed 77 people in Oslo and on Utøya two weeks ago, contains a series of seemingly encrypted URLs. There are 46 of them, and the initial part of the URLs appear to be GPS coordinates. An effort to analyze the codes have been launched.
Android

Nexus S To Serve As Brain For 3 Robots Aboard the ISS 82

Posted by Soulskill from the i-bid-twenty-quatloos-that-they're-all-untrainable dept.
An anonymous reader writes "Given the NFC capabilities in Nexus S, NASA researchers are about to deploy them on the International Space Station. Two Nexus S phones will be installed in robotic floating orbs called Spheres (Synchronized Position Hold, Engage, Reorient, Experimental Satellites). They will be performing a variety of everyday tasks like taking inventory and inspecting equipment, which will free up the human crew members for other duties. Currently the Spheres are in testing mode, as the video shows, but are expected to be up and running by the end of the year."
Encryption

SSL/TLS Vulnerability Widely Unpatched 103

Posted by Soulskill from the never-put-off-until-tomorrow-what-you-can-forget-entirely dept.
kaiengert writes "In November 2009 a Man-In-the-Middle vulnerability for SSL/TLS/https was made public (CVE-2009-3555), and shortly afterwards demonstrated to be exploitable. In February 2010 researchers published RFC 5746, which described how servers and clients can be made immune. Software that implements the TLS protocol enhancements became available shortly afterwards. Most modern web browsers are patched, but the solution requires that both browser developers and website operators take action. Unfortunately, 16 months later, many major websites, including several ones that deal with real world transactions of goods and money, still haven't upgraded their systems. Even worse, for a big portion of those sites it can be shown that their operators failed to apply the essential configuration hotfix. Here is an exemplary list of patched and unpatched sites, along with more background information. The patched sites demonstrate that patching is indeed possible."

Slashdot Top Deals

It is easier to write an incorrect program than understand a correct one.

Close