Given a "black box" implementation of a random number generator, is it possible to test its output sufficiently to gain some faith in its proper randomness?

The answer is an outright no.

The thing that crypto depends on isn't that a stream of random numbers appears to be random. It is that the next number is utterly unpredictable. No one, not even the person who generated it, will know what it will be. This means if it is used as a key to protected some data, no one can predict what that key will be.

One of ways every cryptographic cipher or hash is checked is to verify its output is indistinguishable from random data. If it isn't there is a weakness in the cipher or hash. So the output from any good cipher or hash will always appear to be completely random according to any test we can devise. But - the output is also completely predictable.

So all NSA need to do in their black box is start with a predictable key or salt (the time would be fine), push it through a cipher or hash and output something which by appears completely random. If the random number is used to as 128 bits AES key it will appear file to any test the user can generate. But say they use a 1us tick to generate the time, and the NSA knows to say within 10 minutes when the key was generated, then they will only have to brute force against 1 billion keys (in other words that 128 bit key only has 30 bits of entropy). This is trivial to do.

QED, the answer is emphatically no - there is no way to test if a black box is generating truly random numbers. Every black box must be treated as untrustworthy - which is exactly what BSD, Linux and I hope everybody else does.

The entire article is rubbish. It's little more that a viral ad for CSO, at Adobe's expense.

Yes, they used 3DES. 3DES has a number of nice attributes. It's strong, and it's slow. And if the password is kept safe, it's equivalent to a hash - but an unknown one. Being unknown renders it immune to brute force attacks. Being immune to brute force attacks makes it as good as bcrypt, scrypt and PBKDF2, but without the speed penalty those incur.

The one weakness is that password leaking. I gather it hasn't, so far. Which means that the passwords are safer than an alternative they recommend - salted with SHA-2. In fact, if they were salted with a single round of SHA-2 most of the passwords would be brute forced by now.

Which means while Adobe has done a good job of keeping those passwords safe (well aside from the leak), the security advice offered by CSO in the article is just plain wrong. Which makes the /. writeup of the article wrong. It should say "In trying to teach Adobe to suck eggs, CSO proves they know nothing about password security."

Hear hear! A bit of background to the politics of this:

NFTables is brought to you by a group of codes created when Alexey Kuznetsov decided to replaced the low level linux network stack for Linux 2.2 to make it more like what Cisco provided in IOS. The result added whole pile of new functionality to Linux (eg routing rules), and a shiny new highly module traffic control engine. Alexey produced a beautifully written postscript documentation for the new user land routing tools (the "ip" command), and 100 line howto for the far more complex traffic control engine tools (the "tc" command).

Technically it was a was tour de force. But to end users it could at best be called a modest success. Alexey re-wrote the net-utils tools ("ifconfig", "route" and friends) to use the new system, and did such a good job very few bothered to learn the new "ip" command even though the documentation was good and it introduced a modest amount of new features. But real innovation was the traffic control engine, and to this day bugger all people know how to use it.

At this point it could have gone two ways. Someone could have brought tc's documentation up to the same standard Alexey provided for ip, or they could ignore the fact that almost no one used the code already written and add more of the same. They did the latter.

It was also at this time the network code wars started in the kernel. Not many people know that a modest amount of NAT, filtering and so on can be done by Alexey's new ip command. But rather than build on that Rusty Russell just ported the old ipfwadm infrastructure, called it ipchains (and later replaced it with iptables). There was some overlap between Rusty's work and tc, and this has grown over time. For example the tc U32 filter could do most of the packet tests ipchain's introduced over time on day 1. Technically the modular framework provided by tc was more powerful than ipchains, and inherently faster. Tc was however near impossible for mere mortals to use even if they had good documentation. There were some outside efforts to fix this - tcng was an excellent out-of-tree attempt to fix the complexity problems of tc. But in what seems like a recurring theme, it was out of tree and ignored. In contrast, Rusty provided ipchains with the some best documentation on the planet. In the real world the result of these two efforts are plain to see - while man + dog uses iptables, there maybe 100 people on the planet who can use tc.

Another example of the same thing is IMQ. IMQ lets you unleash the full power of the traffic control engine on incoming traffic. (Natively the traffic control engine only deals with packets being sent, not incoming packets - a limitation introduced for purely philosophical reasons). IMQ was very well documented, and heavily used. The people who brought you tc had a list of technical objections to IMQ. I don't know whether they were real or just a case of Not Invented Here, but I'd give them the benefit of the doubt - they are pretty bright guys. So they replaced it with their own in-kernel-tree concoction. (For those of you who don't follow the kernel "in-tree" means it comes with the Linux Kernel. An out-of-tree module like IMQ means at the very least you have to compile the module source, and possibly the entire kernel.) For a while this discouraged the developers of IMQ so much they stopped working on it. If you follow that link, you will see it's back now. Why? Because the thing that replaced it had absolutely no documentation. They never do. So no one could use the replacement. Again, in the end, the thing code that was documented won the day.

By now you might be guess where this is heading. We have two groups in the kernel competing to provide the same networking functions. All sorts of weird modules were added to the traffic control stack - things like mirred, nat, blackholing, ipset. The more observant among us noted they allowed the traffic control engine to replace iptables. No one used them of course, as in the fine and continuing tradition of this group, they weren't documented. So the net effect was to add unused orphan code to kernel. To this day, I don't know why it was tolerated by Dave Miller, the head of the networking stack.

NFTables is that latest attempt by this group to unseat iptables. This time it looks like they will succeed. For the most part this is a good thing. The duplication between iptables and Alexey's framework was always a huge technical wart, and Alexey's framework was always the better one. It will be even better if they backport the classification engine to tc, so we can use it to assign traffic control classes. If they do that most of the duplication will be gone, at last.

The one minor problem is that true to form, there is no fucking documentation.

It appears after consistently having their code ignored by most Linux users for over a decade, these bastards are incapable of learning the lesson. If Linus and his appointed networking stack maintainer, Dave Miller allows this state of affairs to continue with NFTables it will be another right royal mess.

TL;DR: If Dave Miller doesn't grow some balls and say "no user land documentation, then automatic NACK", nothing will be replaced. Instead we will end up with yet more duplication.

If the comments here are right, it wasn't the technologies Silk Road is based on that caused the issue, it was that he used dumb things like gmail addresses and mailing fake documents to his physical address. So the underlying technology stands firm, and it is now well know the he made millions from it.

There are two ways you can remove a weed. One way is to carefully dig it up, roots and all, and put it in the incinerator. The second way is to wait into it had flowers, then hit it with a weed wacker; spreading it seeds far and wide. This looks like the latter.

If I didn't know better I say someone in the Department of Justice is trying to set themselves up for a job for life. But I do know better. They aren't that smart.

They loose 20% of their capacity - when they are fully charged or fully discharged. Quoting Wikipedia:

Loss rates vary by temperature: 6% loss at 0 C (32 F), 20% at 25 C (77 F), and 35% at 40 C (104 F). When stored at 40%–60% charge level, the capacity loss is reduced to 2%, 4%, and 15%, respectively.

And yes, that is real. On reading that 5 years ago I decided to store my laptop's battery in the backpack, at 50% charge, unless I planned to use it. It still has 2/3's of charge today.

All that aside, again quoting Wikipedia on the ESS - the Tesla's battery system:

The ESS is expected to retain 70% capacity after 5 years and 50,000 miles (80,000 km) of driving (10,000 miles (16,000 km) driven each year). However, a July 2013 study found that even after 100,000 miles, Roadster batteries still have 80%-85% capacity and the only significant factor is mileage (not temperature)

As it happens, 80%-85% after 100,000 means 80%-85% after 500 cycles, which just happens to fit the characteristics of a LiMn battery. So there is nothing remarkable about the Telsa's performance. It's just today's battery technology done right. Granted, given it is almost always done wrong, this is a major achievement.

Quite true. The Minister for Industry is in charge of Science, and in particular the CSIRO. Which is how we end up with the minister in charge of CSIRO having no mention of educational attainments on his Wikipedia Page (does he have any?), and is climate skeptic.

I don't know what lots translates to in the US, but here in Australian it translates to a ballot paper 1.0 meter wide. The polling booths are 0.6ms wide, so you can lay the thing flat. The number of candidates exceeded our printing technology (or maybe the ballot paper had to fit into the ballot box - I don't know), but its put a maximum size on the ballot paper. The only option to fit every candidate on was to reduce the point size of the print. The had to reduce it to 6 point to make it fit.

Humans can't read 6 point. So the had to issue magnifying glasses so we could read the damned things.

Still, that isn't the problem. We have two more complications. We have preferential voting. This means you have to number every box from 1 to the number of candidates. It works wonderfully well the number of candidates is sane - far better than the US system of first past the post.

Only in the senate the number of candidates isn't sane. It is literally near impossible to mark 100 candidates without duplication or missing a number. To have a hope you have to spend ages double checking and triple checking, and if you make a mistake you can't correct it. Corrections on a ballot paper invalid it. You have to ask for a new ballot sheet and start again, and pray you don't make a different bloody mistake.

Are you getting the idea now? It is clear it is near impossible for a human to make a valid full senate vote? Good. Because what happens next leads us to the current situation, where a man who had a video of him & his mates flinging kangaroo poo at each other up on YouTube during the election got elected to the current Australian federal senate.

Because it is impossible to fill in, they had to simplify it. What they did seems fair enough. They introduced "above the line" voting. To vote above the line you effectively delegate your vote a 1 party. In other words you mark one box. The party has submitted a full senate vote to the Electoral Commission earlier, and that is used as your full preferential senate vote. You can still do a full preferential vote by filling in every square below the line, but you would have to be completely anal.

So, think about it. How do you game this system? If you are a big party it isn't easy, but if you aren't so tied down by ethics you create lots of little parties with confusingly similar names. The Electoral Commission helpfully colludes with you by randomising those names on the ballot sheet. So the voter is confronted to 20 to 30 names of parties most of which he has never heard of before, on a piece of paper so wide he can't lay it flat in the ballot box so he can read them in a single pass. Naturally lots of mistakes are made. The preferential system means if a small party doesn't get in, their votes (which remember they control now) flow to another party of their choice. It doesn't take much imagination to how they might make their choices.

There is one final twist. For the senate, you aren't electing 1 person. You are electing 6. The 1st 5 winners have almost certainly gobbled up more than 90% of the votes, so the last one is determined by tiny fraction.

The really sad part of all of this is while the extra complexity of preferential voting is more than worth it when electing one candidate, it is a complete waste of time when electing 6.

Anyway, don't lecture us Aussie's on how to completely fuck up a voting system. We have all of you beat by a large margin.

footage of him in a kangaroo poo fight

Yes, he is evidently a man of some character. It seems he enjoys dropping other peoples pants, hitting them with sticks, and spitting on the camera man. And he did have clip up on YouTube of him partaking in root poo fight.

But look on the bright side. Given the state Australian politics over the past 3 years this might be a plus. Surely he was just planning ahead, and picking up survival skills.

I wonder what his position is on the how VDSL vectoring will effect competition in the broadband wholesale market?

Thanks, this finally explains how SSL interception proxies are able to intercept my traffic at sites I work at.

No, I didn't explain that. But since you are so nice about it I will. When the corporation owns the hardware they can install anything they want. What they install is a self signed certificate with the signing bit set into the browser, and they tell the browser this cert is a CA. There are so many CA's there days you would have to be an actuary to spot it in the list. When your browser contacts https://www.host.com/ you automagically get a cert authorised by that self signed cert.

In the end you trust whoever firefox or whatever trusts says you should trust as CA's. That normally works. Except when someone else installs Firefox. Then you trust whoever they say you should trust, because they can edit the CA list Firefox / Chrome / whatever has.

Actually, all they need is the CA to sign a cert with the "allowed to sign" bit set. Then they can MITM anyone. Given TrustWave sold one of these to a company not so long ago, I doubt it would be hard to find a CA willing to pony up. Given some CA's in the world are government owned organisations, this has almost certainly happened somewhere already.

As others have said, what keeps the current PKI system working isn't the inherent trustworthiness CA's (they aren't trustworthy), or because NSA has scruples (it doesn't). Its the fact that in time they will almost be certainly found out.

Where I live at least, in Australia, I am not sure what proportion of SSL connections are already MITM'ed. But it would have to be above 10%. All schools do it, many government offices do it, many businesses do it.

The thing all these organisations have in common is they own the computers they are compromising. The corollary is if you care about your privacy, you need to use only hardware you control. But this has been known for years. What this story makes plain is you must also use software "you control", otherwise NSA and others will backdoor it just as eagerly as they have done with the hardware. You can't absolutely control all software you use of course, but open source is a good proxy.

We are absolute, miserable failures at buying software.

True, but give some bureaucracies credit - they are at least trying to work around that problem. The NSW police for example have trialled stealing it instead of buying it.