I've used my tools to open my own vehicle and had the police stop to check it out. A quick explanation, hand over my ID, and they go on their way. Not a hassle at all. Same thing for friends. If they lock their keys in the vehicle, I can open it, with them present, and prepared to give the ID to the cops to prove ownership.

The reality is that around here, you're not getting charged with possession of burglarious instruments unless you're misusing them. Being able to quickly open your own vehicle or that of a friend, instead of waiting for AAA, is really useful. You should also check out locksport--TOOOL is active in Mass. and there are other smaller locksport meetups.

Bullshit. Locksmithing tools are state by state. In MA, I can, and do, freely carry lockpicks, no license required. Now fuck off and die, you idiot. Or at least, don't spread false BS.

I wish I had mod points for this one. +1 Interesting/Insightful.

New England is right out.

The dimensionality of the object can be higher than the degrees of freedom. For reference by analogy, see gimbals, which allow representation of arbitrary axes in n-dimensions, but are subject to gimbal lock, where a change in one axis may be represented by a substitution of a change in another axis, eliminating a degree of freedom (not to be confused with dimension).

The temptation to optimize for speed/memory usage over producing correct code is like will'o'the'wisps for many developers. If you develop code for a hostile environment (the default assumption for crypto) it should be assumed that any inputs will be abused.

Further, in a hostile environment, developers also need to assume that they won't have anticipated every possible way to extract information from a process. Do the simplest thing that will always work, within the limits you can predict. Then fix the bugs as you find them, because you WILL have some. Hopefully, you have a qualified set of eyes willing to review your code.

For example, timing attacks are pervasive in cryptography, and incredibly easy to enable without very thorough consideration of possible paths. Often, with higher-level languages, you have little opportunity to mitigate these issues. You check bounds because it's the low-hanging fruit for an attacker, not because it will provide absolute security. It merely raises the bar for an attacker. Crypto is often subject to attacks enabled via multiple layers of abstraction (all the way down to turtles) which obscure potential problem areas.

That 2 TB of key material has to be stored somewhere, and can't ever be reused. Is your data storage coercion-proof? Also, how much do you like sneaker-net? At that point, you might be better off not committing things to paper.

Any predictive observations will necessarily be limited by the actual applicability of the model. A model may suggest directions to look for interesting phenomena, but it is NEVER confirmation of such. Simulations will only get you as far as your inputs. GIGO.

Anything new to add?