Comment Re:What? (Score 2) 422
Give me 2/3 of 2 meters.
That one is pretty easy. How about converting one cubic foot in gallons?
Give me 2/3 of 2 meters.
That one is pretty easy. How about converting one cubic foot in gallons?
What you're missing is that those assets become much more valuation after they had been open sourced.
In particular, StarOffice bacame widespread only after it was open source and renamed OpenOffice.
You don't seem to have a very good knowledge of cryptography yourself... Good signature algorithms use both a hash and something asymmetric.
Most signature algorithms start with a hash of the original file, because signing a big document would require a lot of computations. This does not reduce the security of the signature, as long as you don't use a broken hash function (and even if your hash function is as broken as MD5, the impact in this kind of scenario would be quite limited). Note that it is actually necessary to do some some kind of preprocessing of the message because RSA has bad multiplicative properties.
BTW, I don't see any mention of the algorithm used by Canon in TFA but they mention a key and hash functions do not have a key, so they're not just hashing the picture (which would indeed by stupid).
In 2008, it was claimed to have been discovered in natural thorium samples[1] but that claim has now been dismissed by recent repetitions of the experiment using more accurate techniques.
People jump up and down and scream that SHA1 and MD5 are broken, but if properly used, they still offer significant password security. One trick is to use salts when storing passwords in the database.
Even, if you use a stupid password system by only hashing the password once without salt, you won't be affected by current attacks on MD5 or SHA-1.
The attack we have so far are only collision attack, and preimage attacks are still quite a long way (well, there is a 2^123 preimage attack on MD5 instead of the expected 2^128). And even preimage attacks wouldn't help you much, because they will most likely give you a random preimage, and there is a lot of them. You can use the random preimage to access the system, but it's not as valuable as the original password (if you have acces to the password file, the machine is probably compromised already, but the original password is probably used also in other system).
That being said, you should not use MD5 or SHA-1 because they are broken, and the weakness used in the collision attack might be usable for stronger attacks. So far they have a limited impact, but just don't use MD5 ans SHA-1 anymore, it's not worth it.
I think "able to brute-force thousands of passwords in an hour" qualifies as a weakness in SHA-1.
No it's a strength of SHA-1 to be fast.
If you want to design a system that resists stupid users with weak password, you can iterate the hash function a high number of times in you password system, but please keep the hash fucntion fast for other purposes. The best part is, that's actually what is done for the Linux
This just shows one more time that SHA1 is deprecated — You really don't want to use it anymore.
No it doesn't show anything. Your "attack" would only have been marginally slower with SHA-2, because SHA-2 is a bit slower of SHA-1. You didn't exploit any weakness of SHA-1 in this brute-force attack.
What is it going to take for us to realize that the TSA is simply not effective?
Actually they are rather efficient: it's been quite a long time since someone blew up a plane. Most of the visible part of what they do is utterly useless (and I don't know about the non-visible part), but somehow, they have a pretty good track record.
The next terrorist should really smuggle a part of his bomb in his ass.
It doesn't matter whether he blows up the plane or not, but everybody will be afraid of flying after they add the next security measure to take care of this attempt...
You are right that the amount of physical damage is minimal, but actual physical damage is not the goal of terrorists: spreading the message is the goal, and the spreading of that message is greatly heightened by a dramatic delivery, such as the deaths of innocent people.
Security measures in airports also serve the terrorists. It is not dramatic but it reminds everybody of the possibility of a dramatic event. And it costs an awful lot of money and time.
That could be acceptable if it was effective, but the problem is that it's not. If I were a terrorist, I would just hide whatever material I need to destroy the plane inside my body: for instance, I could swallow it like drug-smugglers, or put it in my anus or vagina, or use fake breast implants. This will not be detected by those new fancy screeners.
Well, actually if I really were a terrorist, I would not try to a blow up a plane, because there are so many easier way to kill people in a dramatic way (like in a mall, and at the line in front of the security checks in an airport), but that only makes those measures even more stupid.
The fact that the new screeners are invasive is just the cherry on top of cake. The ban on liquids is just as stupid but it costs less time and money, and is less invasive, so it's reasonable to fight the screeners first.
Do you know single person having non-NATed computer for web browsing?
Most of the machines I use for browsing are non-NATed. My machine at the university has a public IP. My home machine also has a public IP, because I want to be able to use it as a server, and it's easier to have a single machine than two. Even my laptop gets a public IP when I use the hotspots of my ISP.
I hope they won't go the route of a lot of news sites and make stuff that should be text video.
Wikipedia is all about collaborative editing. As long as making a collaborative video is out of reach, they will stick to text.
Stellar rays prove fibbing never pays. Embezzlement is another matter.