Comment Re:Unfortunately.... (Score 1) 66
arms: Doink-doink-doink-doink-doink-doink-doink!
So once we start using this on everything, 1 out of every 5 times, it will lead us to bogus conclusions with false statistical confidence....
So, a vast improvement then?
It's not a concern about maniacs hitting 18,000 theaters simultaneously, its about hitting one. Even if a single theater is attacked by one moron doing a copy cat attack, the people injured could sue the living bejesus out of Sony, and an the PR spin would be even worse than it is now. Personally, I think it should be leaked to the internet, so about a billion people can see what only a few million would have seen otherwise, and then release and uncut directors version on DVD 6 months from now after all this insanity has died down.
Let me introduce you to a little hobby of mine called POV-Ray.
If we look at jet aircraft, wear depends on the airframe and the engines, and the airframe seems to be the number of pressurize/depressurize cycles as well as the running hours. Engines get swapped out routinely but when the airframe has enough stress it's time to retire the aircraft lest it suffer catastrophic failure. Rockets are different in scale (much greater stresses) but we can expect the failure points due to age to be those two, with the addition of one main rocket-specific failure point: cryogenic tanks.
How long each will be reliable can be established using ground-based environmental testing. Nobody has the numbers for Falcon 9R yet.
Weight vs. reusable life will become a design decision in rocket design.
No but if you got a government request for your keys you'd know about it.
The government "request" would come in form of customised malware and you'd never even know you got hacked.
If google gets such a request you wouldn't know you were compromised.
You aren't gonna know, no matter what.
It isn't like they are sending l33t hackers to break in and get the data.
Schmidt isn't an idiot, despite how the press like to portray him via selective quoting (note that TFA does not provide much context for this quote). When he says Google is the safest place to put your data, he's probably comparing Google to other companies that provide similar services, not some hypothetical fully self hosted system - bearing in mind self hosting of email is rapidly going the way of the dodo even in business situations (it died for home email a long time ago).
Given that Yahoo still have not fully deployed SSL everywhere let alone encrypted their internal datacenter links, and if Microsoft have a similar effort they aren't talking about it, there's some evidence that he might be right. After all, if you get a government warrant for your data you're just as stuck as Google is: not much you can do about it. On the other hand, you are unlikely to secure your infrastructure as well as Google does.
But Google makes money from targeted advertising
Google makes significant sums of dough from paying corporate customers who use Google Apps. These clients can switch off advertising if they like. These are also the places where some of the most sensitive data is stored.
So Google have both the financial means and incentive to solve the end to end crypto problem for such clients. The difficulty is not financial. It's technological. Matching even just the feature set of Gmail with end to end crypto is insanely hard, and that's before you hit the "everything is a web app" problem.
The point of forward secrecy is there are no such keys to seize. The "master keys" are only used for identification, not encryption. So whilst a gov could theoretically seize Google's keys, this does not help them decrypt wire traffic. They'd have to do a large MITM attack, and to get everything? They'd have to decrypt and forward ALL Google's traffic. Not feasible.
Good use of applied cryptography means that realistically the only way for a government to get data out of it means requesting it specifically from the providers. In places where the warrant system has been vapourised (which certainly includes the USA and UK), this might not seem like much, but it does help prevent fishing expeditions.
Great idea! Now we all only need to agree on which language to standardize on. I'm sure that worldwide discussion will be calm, focused and productive. Please post the results here in the thread once it's been decided.
I suggest Swedish. It's just about equally well known by almost everybody in the world, so nobody is starting out with an unfair advantage. I get a lifetime gig teaching Swedish to everybody. And you get umlauts! Win-win.
Oh, and by "suggest" I of course mean "absolutely demand or I will refuse any part of this scheme".
"When the going gets tough, the tough get empirical." -- Jon Carroll