Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:One time pad (Score 1) 121

Because then your compression function effectively becomes your encryption function. And it wasn't designed for security.

Keep in mind these are simple issues to identify and exploit. All these "what-if" scenarios have been played out repeatedly, which is why the standard response is always "use a proven secure algorithm, don't roll your own cryptographic solution." It's easier, less bug prone,and the security has been analyzed by more qualified people than you can afford. Any known weaknesses have already been identified and fixed.

Comment Re:Microsoft (Score 1) 167

Partner with Microsoft? Sure. Burn it to the ground so Microsoft had to buy Nokia, then make a massive write-off just so they'd have a phone in the market? Probably not the plan. He executed the "We have to get off our current platform NOW NOW NOW and go Microsoft" so well people only heard the first part. But I assume they were hoping for quite a few more converts.

Comment Re:Will not buy TLC NAND (Score 2) 51

Well, smaller process sizes also reduce write cycles. When they went from 2D to 3D they went back to a bigger process size with less defects due to all the layers. Though they had some controller/firmware issues the first 3D TLC NAND had more raw write cycles than state of the art planar MLC NAND. Of course now they're shrinking it again in the quest for even more storage, but the clock got a pretty good reset going from 1 layer to 48. Going from MLC to TLC is more of a variation that cuts write cycles to about 1/3rd for 50% more space, all other things being equal.

Comment Re:Tedious "lol government" editorializing (Score 1) 95

My expense report would make people freak out because I listed 2 lunches for the same calendar day. It took a couple of tries before someone told me to enter one as breakfast

Here in Norway that would probably be for tax reasons. Since excessive wining and dining could be considered a fringe benefit, there are regulations for how much you can charge the company per day tax free. Those limits are adjusted relative to the number of what meals you've had and if any have been provided for you (breakfast, lunch and dinner is singled out) like part of the trip like on a conference. Some give those as part of the trip, you choose how much to eat for and how much to pocket. Eating a double lunch and no breakfast probably triggered some silly rule of gaming the system either in the company regulations or tax regulations.

Comment Re:This sounds pathetic (Score 1) 50

This announcement of 10Gbits to 100Gbits is not impressive .. that is a typical server connection these days.

Heck, in March the first residential 10G/10G Internet connection was delivered here in Norway from Bayonette, source via Google translate. They have a 24xGbit hub with 2x10G for expansion and instead give you a direct line. Note that it mistranslates the prices, it's 5999 NOK = $727/month for 10G, 3-400 NOK = $36-50 for 1G so I'd call it mostly a publicity stunt but for a dedicated research network it's peanuts.

Now 100 Gbit is a bit more exotic but I know "The Gathering", a 5000 people data party had a 100 Gbit Internet connection in 2011 (10x10G bonded) as a publicity stunt though they never peaked beyond 20 GBit/s actual usage. So yeah in 2015 I'd say this sounds mostly like off the shelf technology, of course getting it rolled out into actual production use is nice. But clearly this is about bandwidth to research other things, not state of the art in networking technology.

Comment Re:One time pad (Score 1) 121

What you've described has been known for centuries as a "book cipher". Benedict Arnold used one during the American Revolutionary War to protect his treasonous communication with England.

Anyway, there's a really fun way to beat this kind of encryption today. If Mallory can get Alice or Bob to send a copy of BLACK_SQUARE.BMP, it's literally game over. Imagine XORing your key against a bunch of binary zeros. The result is a big patch of the cleartext version of the data that is your key. Google will find that faster than you can.

I did this to a friend who had the same idea in a "you'll never guess my encryption" challenge. After getting him to download a copy of BLACK.GIF, I stared at the intercepted results for many seconds longer than I should have. It output a repeating string of something like SLASHDOTTODHSALS, so I said that's your key. He was arguing because his key was SLASHDOT, and his "algorithm" was to invert the letters of the key word and append a copy to the end of the key. My mind boggled because I was expecting encryption, not immediate success at recovering his key and data.

Now, let's say you're smart enough to avoid encrypting BLACK_SQUARE.BMP. I can still achieve most of the same results by predicting that your data stream will contain "Host:", "Content-Type:", "Accept: text/plain", "User-Agent:", "HTML", "BODY", and other such 'cribs' (I was all set up to apply this logic to the intercepted message from my friend mentioned above.) By matching fragments of my guesses with your message, I can look to see if I recover legible text. It only takes a surprisingly small amount of recovered text to be able to identify the source.

Comment Re:I hate hieroglyphics (Score 2) 193

I hate decyphering hieroglyphics. I propose that the unicode for "I have peanut allergies" should be the text string "I have peanut allergies."

That works well for 1-2 billion people and not so well for the remaining 5-6 billion. While we're working on that universal language, a few universal "hieroglyphics" are useful and there's no law against writing elevator next to the elevator sign. Like say these, these, these or these.

That said, allergens may be useful for store products but that's usually half the markings on a restaurant menu which typically can be stuff like vegetarian, vegan, hot, garlic and so on. And for many complete dishes many will contain lots of allergens, it's probably easier to use a negative marking like these. I don't quite see what existing use case these symbols are supposed to cover, yes it could be added to the ingredients list but you need to solve other issues like how do you prominently say no allergens and not unmarked?

Comment Re:Insecurity culture.... (Score 4, Insightful) 567

I don't think it's just the companies that have changed though, it's the market the companies live in. Before there were plenty of fairly sheltered waters, where you were competing with the shop down the street but it was obvious the town needed a shop like yours. Weathering the bad times was possibly more a game of attrition than truly caring for the workers. Today it's all about globalization and open markets with huge waves like on the open ocean.

Jobs are washed away and probably never coming back, the large multinationals that have caught the huge global waves make tons of money while the small local or regional businesses get crushed. I don't think they have a choice anymore, really. That is to say, I think companies that tried this "cradle to grave" approach to employment would be crushed by the markets. And the ones who are big enough to have a choice, well they're stockholder driven and don't have any particular allegiance to anyone so they'll just squeeze out all the profit they can.

On the bright side, they can't really carry on this race to the bottom without actually pulling people out of the gutter. China and India has seen wages and living standards increase considerably, as they chase new cheap labor that in itself becomes a scarce resource to be competed for. That will cut into the profitability of outsourcing, of course balanced by your pay not being worth as much abroad. Because they make decent money now too.

Comment No demand (Score 1) 445

You are connecting a very, very remote area of Russia with a very, very remote area of the US. Take a look at a population density map, there's no cities whatsoever nearby. And long distance shipping will either go by sea (cheaper) or plane (faster), just the maintenance on thousands of miles of rail would kill it. This is as likely as the head of NASA suggesting a manned mission to Mars, it's his idea to make lofty ideas but the people with the money will never fund it.

"Who cares if it doesn't do anything? It was made with our new Triple-Iso-Bifurcated-Krypton-Gate-MOS process ..."