Forgot your password?

Comment: Re:Cut off your nose to spite your face (Score 1) 86

It's really not that hard to design a provably secure random number generator without a backdoor. My colleagues at Waterloo did it. Here's another construction. And another. For that matter, you could even backdoor-proof Dual-EC-DRBG itself, by reducing the output rate by 16 to 33%, depending on the curve size (so that it's 5/6th to 2/3rds as fast as before). Any of these choices would be more appropriate than simply keeping the algorithm as-is.

Comment: Re:Cut off your nose to spite your face (Score 1) 86

by David Jao (#46829787) Attached to: NIST Removes Dual_EC_DRBG From Random Number Generator Recommendations
But then you run into the problem that Dual_EC_DRBG is orders of magnitude slower than the other three algorithms contained in the standard. As far as we know, the only good reason to include Dual_EC_DRBG in the first place was because the NSA wanted a backdoor in the standard.

Comment: Re:Cut off your nose to spite your face (Score 1) 86

by David Jao (#46826419) Attached to: NIST Removes Dual_EC_DRBG From Random Number Generator Recommendations
You seem to be suggesting to "keep the standard but change the constants." But there's no way to do that. The standard requires the use of the particular constants specified in the standard. Contrary to what you seem to believe, these constants were not created via an open process. We actually have no idea where these constants came from, but the likeliest candidate is the NSA, simply because if it had come from any other source we would have found out by now. There's no question that using the required values for the constants is just suicidally insane. On the other hand, you can't keep the standard and change the constants, because by using different constants, you are by definition violating the standard. It's like trying to use DES with different constants; well, sure, you can do that, but it's no longer DES.

Comment: Re:Cut off your nose to spite your face (Score 2) 86

A deterministic random bit generator has no need for even a possiblility of a backdoor. Ever. We're not talking about encryption where there needs to be a backdoor so that one person (the legitimate recipient) can decrypt the communication. Also, most experts in the field, including myself, hold the subjective opinion that it is very unlikely there could be any innocent explanation for the existence of the possibility of a backdoor. There are many other much more straightforward designs for deterministic random bit generators that provably contain no possibility of a backdoor under standard number-theoretic assumptions. You cannot reasonably compare this situation to DES. Symmetric key cryptography doesn't come with security proofs. Public-key cryptography primitives are a completely different ballgame.

Comment: Re:Strange.. (Score 1) 320

If you live totally off the grid then I respect your position entirely. However, without knowing you, I can probably safely assume that this is not the case. It's probably highly likely that you rely on pollution-causing motor vehicles to deliver essential goods (food, clothing, construction materials, etc.) to maintain your life or at least your standard of living. If you benefit from motor vehicles in this way, then forswearing them is not a noble act. It's just pure hypocrisy.

Comment: Re:Strange.. (Score 1) 320

There are lots of things that aren't actually illegal but are nevertheless considered socially unacceptable. I would be happy to see public smoking relegated to this category. For example, it's not actually illegal to walk up to a total stranger and start verbally abusing them, nor is it directly harmful to the victim's health, but such actions are highly frowned upon by society and for good reason.

Comment: Re:Texas Has Fewer Homeless, California More (Score 1) 320

This argument is ridiculous. You're on slashdot. You should know better. Should California start deporting homeless people to lower its homelessness quotient? How about just outright killing them? For that matter, prisoners don't count as homeless, so let's incarcerate them. I'm not homeless, but if I were, I'd do everything possible to get myself to California. Obviously (to everyone but you), this does not mean that California or its policies cause homelessness in the first place.

Comment: Re:Strange.. (Score 0) 320

The only problem I have with smokers (and it is a big problem) is that I detest secondhand smoke. I dislike the smell intensely, even in open spaces outdoors. Unfortunately, this problem is completely irreconcilable with most smokers' desire to smoke in proximity to where non-smokers are. If you are the rare smoker who only smokes in your own residence which is not shared with anyone else like me living in the same building, then I respect that. Otherwise, no. As far as I'm concerned, your right to smoke ends when your smoke hits my face. It is unreasonable to expect non-smokers to accommodate smokers by giving smokers priority in public spaces.

Comment: Re:Tmux (Score 1) 136

by David Jao (#46730725) Attached to: Seven Habits of Highly Effective Unix Admins
I'm not a tmux user, so I may be completely wrong, but I think what they are talking about is that in tmux you can share one window in a session without also sharing all your other windows in that session. You can also easily move tmux windows between sessions, which you can't do in screen. In addition, sharing a tmux window to another user with a different login account is a lot easier in tmux than in screen. There are also forks of tmux that allow two people to use one window with two independent cursors.

Basically, tmux is a lot more flexible and easier to hack than screen. I've never bothered with tmux though, screen is good enough for me.

Comment: Re:A simple solution (Score 2) 97

by David Jao (#46675815) Attached to: FCC Orders Comcast To Stop Labeling Equipment Rental a Service Fee does a pretty good job of pirating most live sports, albeit only in standard definition quality.

I think HD quality is overrated. Yes, I can tell the difference. Yes, I appreciate HD quality. But up until 2003 or so, I happily watched live sports in standard definition quality without feeling in the least bit cheated. So I see no reason why high quality is mandatory today.

Numeric stability is probably not all that important when you're guessing.