I still have my original Nook Color. Two years ago, my wife got her own tablet. The Nook at least has been jailbroken and reconfigured so that it does everything I want to do off my gaming and coding PCs.

I upgrade my gaming PC when we get a bigger monitor, my programing PC when I need to, my wife upgrades her phone when she doesn't want to appear out of date... But the tablets? They are only dropped on the bed, never get scratched, and don't do anything that taxes their modest capabilities. I cannot see myself upgrading them unless one gives up the ghost, and considering that my first American PC (1993 IBM PS2) is still managing CNCs on a machine tool floor, I'm not holding my breath.

Too late. The second infected nurse flew from Ohio to Texas, while symptomatic. Which means that the infection could, theoretically, have been spread in both Ohio, and wherever her co-passengers went.

Forget quarantining areas. I think efforts should be focused on
- educating citizens on measures to reduce chances of exposure (hygiene)
- training medical personnel (the infected nurses are a disgrace to their hospital's procedures)
- purchasing equipment to deal with Ebola (better suits, gloves, etc...)

But hey, I'm just an engineer. I do not have constituents to please so that I keep my cushy job where I can trade the common good for personal perks. So if any of the above gets implemented, it will be later, as opposed two weeks ago.

As for panicking? There's never a time to panic. There is a time to punish the guilty, after the emergency has been dealt with. They can panic them, if they wish.

The trolls eat well today.

Come on guys, the OP clearly has broader knowledge than the incoherence of his rant would imply. Whether the first post was a classic troll, or an example of Poe's law, half of these posts are just an attempt to rile up the audience.

I'm not in academia, but my wife and half of our friends are. To hear them talk, a blown talk or even a bad poster can absolutely affect your tenure chances. A few years ago, they were trembling over their own reputation, now they are gossiping/deciding the newbies' fate. And even if no one hold your equipment problems against you, you will still have missed a great opportunity to enhance your reputation.

As for having a local copy... you'd be surprised how many young people do not share our mindset. Too many people nowadays take connectivity for granted, and do not even know where their stuff is, physically. I'm not even talking about those who put important (or private) stuff 'on the Cloud'. I've seen students in my wife's lab who cannot even comprehend that it matters where the experimental data is stored, when you are dealing with datasets measured in gigabytes. I am not sure my wife would know as much about her lab's infrastructure, were I not sneaking away to drink beer with the IT people every time she tries to take me to her department's 'functions'.

IT professionals think about this - after all, we're paid to. Most other people are used to thing 'working', and if they are being jammed in Florida when their IT guy's kayaking off California, they will pony up a thousand bucks of their lab's fund in a second.

Are you kidding?

They were jamming for two years in a convention center where thousands of people meet every weekend, and they were charging exorbitant fees, in some cases $1000 per device. If this looks too high to you, imagine you are giving a talk about the last 18 months of your research, and a prearranged setup stops working. Your tenure, your reputation, your tenure may depend on that talk. And that's just for researchers. A company that has gathered a thousand POS managers for a discussion of a new system will have millions on the line.

Captive customer base indeed.

Fines seldom come close to wiping out the profits from the con, when big businesses with lobbyists are involved. I have personally participated in a cleanup effort (mostly through volunteers) which used about $30,000 on top of our donated time and equipment. While we were working, the assholes released more detectable crap, and were fined $2,500. But hey, they are golfing with the local high scum.

> Enough of that. Here's a little musical relief.

I see your Doctor Spin and raise you Pig With The Face Of A Boy.

If the movie is half as good as the video in my link, I'll go see it.

How often do you see a Viper, a Ferrari or a Lamborghini being driven the way it is meant to? One of my neighbors has a freaking Maserati, and I hate being stuck behind him on the on-ramp to the 57. He slows down to 15 miles to make the right turn into the ramp, and enters the highway at 45 miles per hour.

The results are exactly what I would have expected, except for the few cars I can't say I've ever heard of. What the hell is a Mercury Topaz?

id think in even a few hundred years our best encryption would be trivial to break.

Not without huge advances in theoretical mathematics, no. We have encryption that would take longer to crack than the heat death of the Universe, even if every atom in it were a modern computer.

On the other hand, advances in the factoring of large numbers, could, for example, make some modern encryption method a lot more vulnerable. But I am told, by people who do research on that topic at MIT and Caltech, that momentous breakthroughs in that area are unlikely - modest improvements, certainly, earth-shattering advancements, no.

I have one question:

If you damage your iDevice and forget your password, can they recover your data?

If the answer is yes, they are lying if they say they cannot assist law enforcement. And between lying to their consumers and lying to the government... I am pretty sure I know which way they will lean.

the worst is its reliance on criminals to be loyal and diligent, any one of whom could compromise your entire organization's communication.

No argument there.

And then you want them doing steganography, and by hand? They'll be raising every red flag there is

How exactly is the e-mail with a picture going to raise any red flags? Sure, it they are already tailed everywhere they go, and someone is monitoring how long they spend composing their e-mails, they will be in trouble. But just from the sent e-mail, when neither the sender or the receiver are monitored? Unlikely.

Each person has their own set of keys, and the key itself is encrypted with a decent password.

Sure. And their e-mails contain obviously encrypted content, which makes them a person of interest, and they own the key for the next e-mail, and the program to decrypt it, so that it can be taken from them, and used by the adversary. Are you sure your way is better?

What you're describing is a random number generator with a key to initialize it. Some of the good ones might be good enough (or might not). Anything you can keep in your head is going to be crap and fairly easily breakable.

Hell no. Using a not-all-that random-book page, and obfuscating its structure by applying a simple algorithm on will still give you an one time pad that is suboptimal, but nowhere all that breakable, especially if you do not know the simple algorithm, and that it is being applied on book pages.

Lets assume that you have somehow completely broken through some of the steps (In the real world, you could not break through the whole thing step by step)

1) So, through some magic you have managed to extract the exact bits from the picture that have been modified. (Which is far from easy, if you have ran out of magic)

2) Lets even assume that you somehow know that the one time pad is generated from book pages, through some keep-it-in-your-head method. (Through the same magic as before)

So now you have the encrypted message. What do you do? How do you use your knowledge of the weakness of the one time pad?

All you will get is the ability, once you have come up with every possible message, to assign a probability of the sort "This message is more likely to have been the original, if the one time pad was crappy in the way we assume it was".

You didn't say so, but I'm assuming you're encrypting your message using the book page as a one time pad,

Yes, I missed describing part of the mechanism. You use the page to generate the one time pad, once again via simple rules that you only keep in your head. You certainly do not use the ASCII code of each letter/space/punctuation sign as one byte in the pad. This will not make it anywhere close to random - it will be way worse than counting decay particles, but I think that it will be good enough. I am not trying to improve on something that we know works, here. I am trying to avoid incriminating keys that the characters have to keep secure, and that can be seized to compromise the communications.

Steganography isn't much protection when someone knows there might be hidden messages.

Once again, I am going for good enough. Sure, the attacker may know that a few bites in the picture 'may' have been changed. (The characters won't be dumb enough to exchange pictures only when they want to exchange a message.) If the message is short enough, and the picture large enough, it will be very hard to tell there's something amiss, and much much harder to prove it in a court of law... Not that it really matters.

Remember, by picking other bites, and picking a different one-time pad, you would get different messages, just as meaningful.

One time pads are not worthless in practice, at all.

Whether you are a criminal, or a government agent, at some point you will be in a secure location, and you will be able to exchange the pads. The USB stick in my pocket can hold more data than I expect to exchange with any of my friends in the course my lifetime. How long to you think encrypted messages need to be?

But even that is less secure than what you could do.

Hell, if I was writing a novel about smart criminals, and wanted them to be capable of secure communication, this is what I have them do:

They would meet in the big boss's hacienda, and they would agree to use one of the 50000 books available on project Gutenberg. The page to use as an one time pad would be selected via a function of the day the message is sent. The function would be simple enough to memorize.

When one of the party wants to send a message, they would take a picture they have a plausible reason to send, and would use a hex editor, on a PC physically disconnected from the Internet, to manually change a subset of low-significance color bits. Again, the subset will be determined by a rule that is easily memorized.

Yes, the process is laborious, and I would have them do it twice, and then compare the two resulting pictures. If they do not match, they will have to do it again. Once the pictures match, wipe (properly) the originals (from everywhere: camera, usb, secure computer) and send the modified picture, accompanied with an innocuous and appropriate message.

Obviously, the encrypted messages would need to be short, but this process will not attract any attention, and will rely on memorized rules, publicly available data, and programs that would not draw anyone's attention.

What is the NSA doing to do? Suspect anyone sending pictures to his friends? Try, as a one time pad, every page on every book available on Gutenberg, or the myriads of pirated book libraries in China, Russia, Ukraine, etc?

I cannot think of any weakness of this system. Can you? And even if it is completely stupid, I bet you two things: there are plenty of people who can come up with a better one, and plenty of people who are getting away with using a worse one.

Anyone with a solid Computer Science background, extensive programming experience, and access to google can make something that is secure enough that it cannot be cracked in resonable time. It may be sluggish, it may be extremely inefficient, it will require a secure exchange of data at some point (before it is secure itself) and will draw a lot of attention when used. But it is perfectly possible. I certainly could do it.

Oh, of course, I would be infringing on a bunch of patents, but I bet it would be the last of my problems, once my encrypted communications attract the attention of 'the proper authorities'.

I personally don't believe that the NSA can't crack strong encryption.

I'm not quite sure what you are saying. It sounds to me as if you think that there is no encryption strong enough that the NSA cannot crack it. This is completely false.

A simple example is using one time pad encryption. Without the pad, you you cannot even theoretically crack it. Try every possible pad, and you will get every possible message of the proper length - some of them will make perfect sense, so you will not be able to find the right one.

Taking it a bit further, there are encryptions that would take too long to crack, if they are properly executed, and the NSA does not have a backdoor. And by too long, I mean that there is not enough time before the heat death of the Universe.

Hell, I am perfectly sure that I could establish communication with some of my friends from college that could not be cracked, even theoretically. I would have to exchange some information with them in a secure manner before hand, of course. But I would never take the risk of doing something like this. It would attract the wrong kind of attention.