Forgot your password?

Comment: Re: "The real problem..." he explained (Score 1) 131

by Kiwikwi (#47388759) Attached to: Damian Conway On Perl 6 and the Philosophy of Programming

When an interpreted language breaks backwards compatibility, everyone is affected. Users suddenly can't run the program when their interpreter is updated.

Which is why we have separate /usr/bin/python2 and /usr/bin/python3 interpreters. So that programs can specify which one they use. You can even install e.g. Python 2.6 and Python 2.7 side-by-side if you have an application that is finicky enough to only run on 2.6.

On Windows, the situation is messier, which is why serious Python applications (e.g. Mercurial) bundle Python on Windows.

There's a lot of moaning about Python 2 vs. Python 3, but having worked professionally in Python and with Python applications for years, I have yet to experience problems worse than "oh, it'd be nice if Paramiko supported Python 3, so we could upgrade". (Which it does as of this March, so there's a nice little summer project at work.) Fact is, by now, the Python community is over the hump. All the important libraries support Python 3, and new applications are targeted at Python 3, with Python 2 compatibility being optional. (That's my professional experience, anyway.)

Comment: Re:How are they going to get proof? (Score 1) 65

by Kiwikwi (#47373107) Attached to: Seven ISPs Take Legal Action Against GCHQ

No single court has been appointed the Supreme Court of the European Union, with jurisdiction of every legal matter in the EU. SCOTUS does have jurisdiction over pretty much every legal matter in the US.

The US Supreme Court does not have jurisdiction over all legal matters in the US. Specifically, it has no jurisdiction over state law, unless that law conflicts with federal law. In this respect it resembles the European Court of Justice quite a bit.

Jurisdiction over federal law (including treaties to which the federation is a party)? Both. Jurisdiction over member state law not in conflict with federal law? Neither. Jurisdiction in disputes about federal law between member states? Both. Jurisdiction in other disputes between member states? No in the case of ECJ, and not applicable in the case of SCOTUS, since US states cannot enter treaties on their own and are hence only bound by federal law.

I'll grant you that SCOTUS has jurisdiction over all maritime matters and the ECJ does not (unless regulated by EU law or a treaty to which the EU is a party), as well as certain federal officials. (In the EU, officials are bound by national law, except for actions in an official capacity, which are under ECJ jurisdiction like all other EU institutions.)

The more you argue, the more I'm beginning to realize that the ECJ and the SCOTUS are in fact very similar; the biggest difference being that the EU still clings to the fantasy that it's not a federation. :-)

Comment: Re:How are they going to get proof? (Score 1) 65

by Kiwikwi (#47372369) Attached to: Seven ISPs Take Legal Action Against GCHQ

So no, the ECJ or ECHR are NOT an equivalent of the United States Supreme Court.

I never claimed that the ECJ was anything like the SCOTUS, only that it was a supreme court, as in "the highest judicial tribunal in a political unit" (Merriam-Webster), or specifically as in a court that makes final judicial decisions that bind lower courts and is not subject to any other court.

And no, I was not thinking about the ECHR. Even if this case might tangentially touch upon European human right law, I am well aware that the ECHR is not an EU court.

Did you even read the page you're quoting? The ECJ is not a Supreme Court, as national cases cannot be appealed to the ECJ.

You (as a citizen) cannot appeal a case to the ECJ, but you can challenge the law or intepretation of that law (under which the original case was decided) in a national court; the court may then direct the case to the ECJ. In other words, if you can make a reasonable case that GCHQ violates EU law, but is found in a UK court not to violate UK law, the case can certainly end up before the ECJ.

This has happened numerous times.

The [U.S.] Supreme Court has a much broader horizon when it comes to legal issues, most notably they can declare a national law to be unconstitutional.

The EU might not have a constitution, but the ECJ can certainly overturn EU law found to violate basic rights of citizens.

Comment: Re:Use cell or GPS location to turn on Wi-Fi (Score 1) 126

by Kiwikwi (#47343783) Attached to: Google Demos Modular Phone That (Almost) Actually Works

For privacy reasons, phones should of course also randomize their MAC address before every association request. There are 46 bits available for randomization

I thought network interface makers were supposed to use only MACs from their own respective registered prefixes.

That goes for the statically assigned MAC addresses, yes. But if the first octet ends with the bits 01, it is a "locally administered unicast address", for which there are no assignment rules - you can pick whatever value you want. (Hence 46 bits, not 48 bits.)

In theory, the local system administrator is supposed to assign the MAC addresses. In practice, randomization is the optimal assignment strategy. These random addresses will never collide with a statically assigned address (which do not have a first octet ending in 01), and if they're picked at random, the odds are insignificant that they might collide with another random address.

Comment: Re:Use cell or GPS location to turn on Wi-Fi (Score 1) 126

by Kiwikwi (#47334323) Attached to: Google Demos Modular Phone That (Almost) Actually Works

... the problem is not "listening for beacons", you can do that without broadcasting your position to the whole world (NSA included...).

For some reasons, modern smartphones constantly yell in all directions, "Hear me! Hear me! My globally unique ID is 02:12:f6:12:8a:33! That said, any nice APs around that I might know?".

This despite the fact that standard APs broadcast beacons every 102.4 ms, obviating the need for the phone to send anything until it wants to actually associate.

Not sending beacons all the time would also save quite a bit of battery. Passively listening for beacons is almost free.

For privacy reasons, phones should of course also randomize their MAC address before every association request. There are 46 bits available for randomization; the risk of collisions is on the order of 1E-8 even if you have 1000 devices on the WLAN (which would be painful for other reasons).

Now, using the cell phone network without being tracked...

Comment: Re:That's not proof! (Score 1) 475

by Kiwikwi (#47191643) Attached to: The Sudden Policy Change In Truecrypt Explained

Please accept my apologies for the delayed reply. You appear to be lacking firsthand experience with interactions involving certain law enforcement agencies and persons who are subject to device examination. The first step will be production of a bit for bit copy of the digital media in question, followed by a quick analysis of the disk image. In many cases, said analysis will rapidly identify media regions which are likely to represent "hidden containers", and interesting interactions between the owner of the device and law enforcement personnel will commence shortly thereafter.

I may not have first-hand experience with police overreach, but then I have first-hand experience with cryptography, and therefore I know that an analysis of a TrueCrypt-encrypted disk will determine the presence of the outer, encrypted container. The hidden container, on the other hand, is mathematically indistinguishable from encrypted empty space, and there is no way to determine if a hidden container is present unless you 1) have the secret second key (which we assume you don't), 2) can brute-force the key (which you can't), 3) can learn about it from side channel attacks (of which several are known, but for which countermeasures exist) or 4) exploit bugs in the TrueCrypt software (of which none are known).

Comment: Re:That's not proof! (Score 1) 475

by Kiwikwi (#47159273) Attached to: The Sudden Policy Change In Truecrypt Explained

If they see a hard drive with only half its capacity in use yet the system reads full, they'll be wondering what's in the hidden container.

They won't see a hardrive that reads full, because they will only have the password to the outer container, and the hidden container will hence not be protected... writes to the outer container will simply overwrite the contents of the inner container, making it impossible to tell that it was ever there.

Whoever the Truecrypt developers are, they're not idiots.

Comment: Re:That's not proof! (Score 1) 475

by Kiwikwi (#47149575) Attached to: The Sudden Policy Change In Truecrypt Explained

Hidden containers are less useful than you might imagine in practice for a variety of reasons. Some of these points are relevant.

None of those points are relevant, except maybe "it's difficult to get right".

The first third of the thread, people are either not talking about hidden containers or don't know what a hidden container is, and instead go on about various steganographic methods of hiding the use of encryption. (E.g. "LUKS header, by design, is visible header."... that goes for TrueCrypt as well, and has nothing to do with hidden containers.)

In the middle third of the thread, they're discussing variations of "it's hard!" and "you can't protect the outer container" (though TrueCrypt does just that).

In the last third of the thread, random people are musing about their little pet-ideas and other off-topic tangents.

There are good arguments for not adding hidden containers to LUKS, most importantly the fact that nobody's stepping up to implement it, but no real arguments against hidden containers.

Comment: Re:It's not just medical information.... (Score 2) 200

by Kiwikwi (#47102861) Attached to: Wikipedia Medical Articles Found To Have High Error Rate

According to the results of that Nature study, Wikipedia had, on average, 32% more errors per article than the Encyclopedia Britannica.

First of all, that "32 % more" is based on finding an average of 4 errors in Wikipedia articles and only 3 errors on average in EB articles.

Secondly, note that this is per article. Since Wikipedia articles are generally much longer than EB articles, the number of errors compared to the volume of information is less in Wikipedia than in EB.

For more information, see this page on the reliability of Wikipedia.

Only 4 serious errors were found in Wikipedia, and 4 in Encyclopædia Britannica. The study concluded: "Wikipedia comes close to Britannica in terms of the accuracy of its science entries."

Also note that this study was done in 2005, before the Seigenthaler biography incident, which led to a great increase in quality control on the English Wikipedia, including a much harsher attitude towards unsourced statements.

Comment: Re:Morality is largely due to upbringing (Score 1) 212

by Kiwikwi (#47100173) Attached to: Games That Make Players Act Like Psychopaths

Empathy is understanding the feelings of another.

You might be thinking of sympathy.

No, he's thinking of empathy.

empathy [em-puh-thee] noun.
the intellectual identification with or vicarious experiencing of the feelings, thoughts, or attitudes of another. ( Unabridged, my emphasis)

Empathy is more than just understanding another person's feelings; it's about intuitively sharing those feelings. The layman definition of psycopathy is a lack of empathy. (There is no medical definition of psycopathy; the medical terms are narcissistic and/or antisocial personality disorder.)

Nothing is impossible for the man who doesn't have to do it himself. -- A.H. Weiler