I'm curious what technologies you would like to see developed next, or what you think would be most important to develop next. In other words, what do you think researchers should work on now that would be most significant?
Oh, and thank you for changing my life!
Growing up, Star Trek was one of the things that got me interested in engineering and the sciences. It made me want to see the future, or create it myself. What do you think should be done to inspire the next generation of scientists and engineers?
In how many corporate campuses do you run into people who aren't your co-workers, clients, or contractors?
The thing is, if a group of engineers discusses an idea, sooner or later an idea pops up that everyone at the table agrees is the best possible solution, given the problem to be solved and the resources available to solve it. Then they go put their solution into practice. Politics isn't like this. There are always a few nimrods who will denounce even the sanest solution to any problem as "statist" or "communist" or whatever the appropriate political insult is at the moment, so the end solution is almost never the sanest one.
QUICK: Name the last president we had with an engineering degree.
A: J. Carter
He didn't work out too well, did he?
Carter inherited a disastrous economy, which resulted from a prolonged war funded by future earnings. When the bill came due at the end of the decade, the economy had massive problems. Sound familiar?
I see this logic repeated a lot, but it isn't correct. It's true that Windows has the vast majority of the market share, and is therefore an inviting target. But given that Macs have approx 10% of the market share in the US, you would expect 10% of the viruses to be written for the Mac. Virus writers use Macs too. However, only a few proof of concept viruses have ever been developed for OS X, that rate has not increased as the Mac as gained market share, and none have been successful in the wild. Therefore, it seem very unlikely that OS X is as vulnerable to viruses as Windows.
Note that not all exploits are viruses. Both Windows and OS X are vulnerable to other kinds of exploits. However, because OS X ships with almost no services enabled by default and does not require them to be enabled to be functional, it's much harder to attack a default OS X configuration. Additionally, there are some fundamental differences in the behavior of programs in general on OS X. For example, Windows has a 15 year history of programs running in the background in the system tray, and an entire ecosystem has been built up around supplying small utility programs for windows that potentially create new threats or open new vulnerabilities. OS X will refuse to run any code downloaded from the Internet or installed from an outside source unless the user permits it to run first (using signed code hashes to validate the executable). It's much harder to run exploit code when the user must approve it.
It's a bug that the FF developers don't believe exists. Please see https://bugzilla.mozilla.org/show_bug.cgi?id=620723.
To get a sense of how long it would take to find a particular key, consider:
The key has n bits, so there are 2^n possible keys that can be enumerated with those bits.
Each processor can test m keys per second. (I'm assuming each processor has the same performance, and ignoring latency between CPU nodes, I/O latency, or anything else that might slow the system down.)
You have access to p processors.
So the time to process all 2^n keys is:
(2^n)/p*m
Note that the value of m doubles once every 18 months (due to Moore's law), so to keep the key finding time constant, you must also add a bit every 18 months. (Adding bits is fairly cheap, but developing faster processors is not!) The value of p is not all that important because p increase linearly as you add more nodes, while n and m increase exponentially. To figure out how long of a key you need for a given algorithm, you simply need to determine the amount of time that you want to keep your data secret for, and choose a number of bits such that (2^n)/p*m is sufficiently large.
I'll let you plug in the numbers and work out the exact times for your favorite system for yourself.
It depends on the algorithm used, the performance of the individual nodes, the number of nodes being used in the attack, etc. Botnets vary wildly in size and performance. The Chinese supercomputer is (most likely) composed of off the shelf Intel or AMD processors. If someone used hardware custom designed to run a brute force attack, it might run much faster. (That's how some of the RSA challenge cracks were done.)
"Is it theoretically possible to derive the server's private key from a session key? How about from multiple session keys?"
Shouldn't be if you are using a well designed algorithm! If you could, that would be a major hole.
Living on Earth may be expensive, but it includes an annual free trip around the Sun.
