Forgot your password?
typodupeerror

Comment: Re:How long until someone cracks the backdoor key? (Score 3, Informative) 201

by Dr. Blue (#45840421) Attached to: Dual_EC_DRBG Backdoor: a Proof of Concept

If its not doable how then did NSA supposed to have done it? Its not like they came up with the key at random then invented this algorithm to fit it, the fact that there is a backdoor key is a quirk of the mathematics.

It's basically public-key crypto: you can create a keypair and publish the public key - that's essentially what this is, where the point Q in the Dual_CD_DRBG spec is really just a public key. There's a private key as well - it's far to expensive to compute it from the public key (basically 2^128 time), but they didn't have to do that since they generated the private key first.

And it's really not a "quirk of the mathematics" - it's really pretty straightforward if you understand elliptic curves, and it has been well-known how to do this since 2007 or earlier. I think a lot of academic cryptographers didn't really worry about it when Shumow and Ferguson pointed out the potential backdoor, because it's really a pretty crappy technique anyway - academic cryptographers, who quite frankly often don't know what is used in practice, assumed no one would use this. Then it turns out that RSA used it as the default tehnique in BSAFE. Oops.

Comment: Re:This is a stupid idea. (Score 1) 200

by Dr. Blue (#44783517) Attached to: New Jersey Congressman Seeks To Bar NSA Backdoors In Encryption

That's only partially true. NSA provided two changes to the original IBM Lucifer cipher: different S-Boxes (which made it more secure), and shorter keys (which made it less secure). The evidence is that they strengthened it enough to keep it just out of reach of everyone else who might attack it, while keeping it vulnerable enough for them. All the evidence shows that they're probably doing the same thing right now by putting in backdoors that only they can exploit (and there are some subtle ways to do this). Or at least that the THINK only they cna exploit - and that's the biggest danger, no matter how smart the folks at NSA are.

Comment: Re:Frozen, I tells you (Score 5, Insightful) 480

by Dr. Blue (#38116650) Attached to: Andrew Tanenbaum On Minix, Linux, BSD, and Licensing

Tanenbaum has always been the kind of person with good technical insights, but no sense whatsoever about what makes something successful as a product or "in the real world." I have a lot of sympathy for that, because I'm like that as well. I'm a researcher - I write papers, they have good technical insights and contributions, they definitely impact the science of the field, and I hope that along the line they can affect practice - but I know there's a world of difference between what I do and making a product. Tanenbaum doesn't seem to get that.

And as far as the Java bit, yeah a LOT of people had that idea. It long predates what Tanenbaum did, back to o-code in the 1960's and p-code in the early 1970's (with the most popular version, remarkably similar to the Java/JVM model being UCSD's Pascal/pSystem). Those didn't take off like Java either - because there's a huge difference between having a good technical idea and having a successful product. Some is timing, some is "cool factor", some is marketing and sheer determination and drive. But superior technology, or having the first idea technically, has very little to do with it. See the success of MS-DOS or Windows for further examples... :-)

Comment: Re:Where the Hell is panel decoupled from shell? (Score 1) 205

by Dr. Blue (#37576368) Attached to: GNOME 3.2 Released

OK, so lots of comments coming down from this, but is there an answer? Is there a panel available for Gnome 3.2? I have a list of about 3 things that went so far into unusability as far as my workflow went that I kept all my systems at Fedora 14 after some initial tests of F15 with Gnome 3. One of those was the ability to have an always-visible panel with a list of active windows. Seriously, that's not too much to ask, right? I don't even require that it be on by default, just something that I could add or an option I could turn on. And no, the backward compatibility mode (or whatever they call it) is not sufficient.

Comment: Focus on principles (Score 1) 364

by Dr. Blue (#36306662) Attached to: Ask Slashdot: Good Homeschool Curriculum For CS??

I won't pile on to the "that's not computer science" comments (but learning how to use Word really doesn't have anything at all to do with computer science).

At this level, the focus should be on basic principles and how to think logically. My suggestion is to look at the new AP course that's being developed on "CS Principles". The materials they're developing to define this course (at http://csprinciples.org/) aren't very useful for a homeschooler now, but there have been 5 pilots of this material at universities, and those course are available in their entirety online. My personal favorite is the course at Berkeley - it's called the "Beauty and Joy of Computing", and is available here: http://inst.eecs.berkeley.edu/~cs10/sp11/

Comment: Re:Roku + media streaming (Score 1) 180

by Dr. Blue (#33789882) Attached to: Google TV Details Revealed

I have an LG blu ray player that does netflix streaming as well as a couple of streaming pay-per-view places (vudu and cinemanow). It does pandora and some other things (like a low res verison of youtube - why can't they get HD when it's available???), AND plays from DLNA local network shares. And, of course, is a blu ray player. It sells for right around $150 on Amazon now. Why would anyone by a Boxee box for $50 more?
That said, I've actually been holding off on a new TV purchase to see what the new Sonys with Google TV built in will be like. Having web-connected services without an extra box would be awesome, especially if they truly push Android as an open platform and have lots of innovative apps. That's one thing my LG definitely can't do - they push new services through firmware updates, but it's services that they want to push. I'd much rather see a thriving and open marketplace.

Comment: MS-Word compatibility? (Score 1) 165

by Dr. Blue (#28137715) Attached to: KOffice 2.0.0 Now Open For Firefox-Like Extensions

Can anyone with experience with both OpenOffice and KOffice comment on MS-Word compatibility? I've been having headaches with this lately - I have a large document starting from a large MS-Word template, where I've been working on "my parts" in OpenOffice (under Linux) with the thought of doing a cut-and-paste back into the master document. I need to do the cut-and-paste using Word in Windows to make sure there aren't any problems, so saved my work in .DOC format in OpenOffice and went to find a Windows machine (actually, it wasn't that simple - normally I'd do this with my VMWare Windows install, but the master document is apparently so complex that it wouldn't actually open under VMWare - maybe a memory issue?). On the windows machine, my oo-saved .doc file wouldn't open - apparently oo saved a bad .doc file... So now I run back to my office, save in .odt format, run back to the windows machine and install openoffice (browse the web for a while waiting .... la, la, la....), transfer the file. Now I can have my part open in open office, the master document open in word, and can cut and paste between the two.

Did it work? Yes. Was it a pain? Definitely yes. So my question is: would this have been any easier using KOffice?

Comment: Re:Offer the Ebook for free. (Score 1) 987

by Dr. Blue (#27993785) Attached to: What Can I Do About Book Pirates?

Don't know if you're still following this discussion Peter, but even in the past "making money" should not have been a primary incentive for writing a textbook.

I remember at DCC about 15 years ago Alistair Moffat did a little session on "why you should write a textbook" or something like that - I remember asking him "isn't it obvious?" but apparently it isn't obvious to a lot of people.

Frankly, the reasons for writing a textbook should be (either in the past or now) primarily to get your name out there as someone who understands the field at a level beyond what people who can't write a comprehensive book can do. There are big career benefits to this, and frankly much more valuable than any royalties you'd receive. In compression in particular, think about how valuable it makes you as an expert witness to be able to be "the person who wrote this widely read book on data compression". Hell, I've only written chapters in edited volumes on compression, and I've made some good consulting money off that.

I would hope that anyone who has seriously contemplated writing textbooks would realize and understand this - the side benefits of publishing a textbook are far greater than anything you get off of the obvious (and usually small) income stream. Rules are probably different for intro-level books (CS1/CS2 level - Nell Dale probably makes a decent amount of royalty income), but that's a very competitive market, and not one a data compression book is going to play in.

"But this one goes to eleven." -- Nigel Tufnel

Working...