Become a fan of Slashdot on Facebook


Forgot your password?

Comment Primer on European Union stewardship (Score 1) 220

For those still needed to understand how the EU is ruled, here is a quick primer. Feel free to add more if you think it's relevant:
1) there are 3 groups in charge of the EU: the European Council, the European Commission and the European Parliament.
2) members of the European Parliament are elected by European citizens via your usual voting booth.
3) members of the European Commission are not elected but appointed by their respective country of origin's government.
4) members of the European Council are in fact the heads of European government plus the president of the European Commission

You can see from that arrangement that exactly one group is elected and consequently renders an account to the electors. In this case, it's a member of the European Parliament that raises the flag on a proposal from a member of the European Commission.

Comment Re:Two sides of the coin? (Score 1) 318

If an American citizen isn't protected by the U.S. Constitution when travelling overseas then they can't be bound by it either. [...] This would therefore mean that Julian Assange would not be able to be extradited as he isn't beholding to U.S. laws while overseas.

You also know that Julian Assange has never been a U.S citizen, right?

Comment Fiat currency (Score 0) 75

Not a bitcoin hater/lover, but I remember lots of loud voices here on Slashdot against fiat currencies.

Isn't bitcoin the most extreme of fiat currencies? A number with no physical value at all, not even worth the paper it's written on since it's not written at all.

At least, it's not centralized and barely regulated. For now. But let me know if I missed something.

Comment Re:combine them? (Score 1) 87

the issue in using one hash is still present though. One day if SHA256 is broken, you will be back to the same problem.

Suppose a (near?) future where SHA256 is widely deployed and just got broken: full collision on demand. That future also means that SHA1 is even more trivially broken and MD5 even more so.

My point is that it would harder to conjure S' so that S != S' AND MD5(S) = MD5(S') AND SHA1(S) = SHA1(S') than it would be to have S != S' AND SHA256(S) = SHA256(S')

For that matter, string 3 of those hashes to be even more safe! Here's an algo in pseudo-language:

function validate_input(input,correct_value)
      if(md5(input) == md5(correct_value) && sha1(input) == sha1(correct_value) && sha256(input) == sha256(correct_value)) return 'valid'; else return 'invalid';

That code is more resistant than:
function validate_input(input,correct_value)
      if(superDuperNewHash(input) == superDuperNewHash(correct_value)) return 'valid'; else return 'invalid';

Comment combine them? (Score 3, Interesting) 87

One thing that always bothered me with announcements like 'MD5 is dead because we can forge collisions' is that what are the chances that the forgery would pass *both* MD5 and SHA1 ?

Say you have a string S and a forged S' so that S != S' and MD5(S) = MD5(S') and let's say you can create S' easily regardless of S. That's the definition of a hash collision and a proof that the algorithm can't be trusted anymore. Surely, the odds that it also satisfies SHA1(S) = SHA1(S') are close enough to impossible, no?

If that's the case, then sign your certs, code, etc with concat(MD5(S),SHA1(S)) instead of just one broken hash. Yes, two broken hashes are indeed protecting you.

Comment IPFS (Score 1) 73

I found this free/open source new protocol that aims at filling the gaps that HTTP has in terms of permanence and security of data. Loosely based on DHT and Coin mining, it allows for website to become P2P instead of centrally served.

The protocol is called IPFS and the site where you can get more information is

Comment Re:Already propagating (Score 1) 663

I appreciate your comment and I'm sorry about your stress. In my case, it's my nails that take a beating when stressed out.

As for fluid intake, reading all the other comments, it seems drinking soda pop is almost a hard addiction for many. So much damage for so little reward. I feel sorry for that guy who drinks a can of pop in the bus ride to work every morning. Not 8am yet, and already victim to an artificial craving.

I'm nobody to tell you that, but all the power to you for trying to mind your intake of water. And even more power to you if you try to mind your intake of soda pop.

Slashdot Top Deals

An engineer is someone who does list processing in FORTRAN.