Forgot your password?

Comment: Universal (Score 1) 391

by LainTouko (#47571035) Attached to: How long ago did you last assemble a computer?
I'm slightly surprised this is seen to be so universal. Obviously, there will be plenty of guys here who love doing stuff with hardware and will want to make as much as possible themselves. But I'm basically interested in software. (The hardware already does basically what I want it to, but I want to do all sorts of things with software which nobody has written yet, or at least, not in the way I want.) And while I've added drives and memory, I'd rather leave the main and initial build to a professional. I'm sure I could do it myself, and spend less money by doing so, but as an amateur, I'd end up with an amateurish job, and worry that I'd make some subtle error around cooling or power connections or whatever which would render the result unreliable or shorten its lifespan. Plus I value my time, and it would be a means to an end, rather than a joy.

Comment: Re:The only good thing (Score 1) 511

Actually, heroin would be safer than alcohol or tobacco if it wasn't for prohibition. Long term use of tobacco, or overuse of alcohol significantly increases your chance of dying from various things. Long term use of heroin doesn't actually do very much. It's the unreliable doses, sky-high costs, substances it's cut with and injection hazards which make heroin so dangerous under prohibition. None of these would be a problem if it was legal.

Comment: Re:The only good thing (Score 4, Insightful) 511

How about the entirely unnecessary, bigoted coercion and force used against them by society to incarcerate them, which they wouldn't have to suffer if they were addicted to something mainstream, i.e. alcohol or tobacco?

Having your life ruined merely for being different is something which should attract sympathy from anyone.

Comment: Re:The human is just a passenger (Score 1) 301

Well, someone has to have insurance. The reason passengers obviously don't have to have insurance at the moment is because they can rely on the driver having it. (Or at least they should be able to.) If we eliminate drivers from the equation, we don't eliminate the need for insurance, it just becomes less obvious who should be responsible.

Comment: Do you want to? (Score 1) 169

by LainTouko (#46817989) Attached to: Ask Slashdot: How Can We Create a Culture of Secure Behavior?

The first question is not actually how you can create such a culture, but whether it's actually a good thing in the first place. You seriously need to evaluate this. One of the primary means of being secure is not trusting others. But trusting others is an incredibly useful tool to get things done, and it may be worth taking the security hit. Stand on a crowded railway platform, and you're trusting so many people, each of whom could push you off and kill you so easily, without even thinking about it. Without trust, society itself would be impossible.

So for example, if everyone believed they were immune to the security risk of terrorism, this would very obviously be such a good thing for society. There have been security economic analyses done of various security measures recommended by security guys, thinking their users to be fools who just wouldn't listen, which established that the users who ignored them were actually completely right, that the cost of implementing these measures was hundreds of times greater than the benefit of preventing the attacks they were effective against.

A security professional who thinks doing things securely must always be a priority just because that's his field, instead of taking the time to gain a more holistic understanding of the situation, deserves to be ignored.

Comment: Obviously, none of those (Score 1) 324

by LainTouko (#45402849) Attached to: I'd rather be spied on by ...
The two main criteria for choosing someone to spy on you would be that they are as close to powerless to affect you as possible, and don't share information with anyone more able to exert power on you. Some tiny country I know little about but the name and approximate location is probably going to be the best answer.

Comment: Re:Related question re: Women's Chess (Score 1) 284

by LainTouko (#45350805) Attached to: Why There Shouldn't Be a Chess World Champion
Judit Polgar was one of eight players who participated in what FIDE called the "World Chess Championship 2005". Now, the FIDE world championship during the era when the champion wasn't participating was of course a joke, but the winner of that tournament, Topalov, challenged the world champion Kramnik for the title on the basis of his win. This makes the FIDE "World Chess Championship 2005" a de-facto candidates tournament, and hence, the eight participants, including Judit, world championship candidates. Players who were candidates to challenge for the world title.

Comment: Re:Related question re: Women's Chess (Score 5, Informative) 284

by LainTouko (#45343183) Attached to: Why There Shouldn't Be a Chess World Champion

And moreover, since Judit Polgar was capable of becoming a world championship candidate, it's proven that women can compete with men at the top.

The problem is that chess, or at least, serious chess seems to be an almost exclusively male pastime, for reasons I can only guess at. This leads to there being very few women in the top ranks of the game, simply because there are very few women at all ranks of the game, which creates the perception that they can't compete. So people organise separate tournaments for girls because that's what you do in sport. And so girls learning chess only have a tiny pool of other people to practice against, so they don't get the broad range of experience that the boys do, and they imagine becoming women's world champion rather than world champion so they don't get the ambition boys do, and so the regular stream of Judit Polgars which we need to break this idea is suppressed.

Segregation is a disaster for women's chess, but it creates a self-propagating vicious circle. It is its own explanation.

Comment: Different sorts of 'best' (Score 5, Insightful) 284

by LainTouko (#45343131) Attached to: Why There Shouldn't Be a Chess World Champion

I think the problem the author has is that he wants to believe that there is a singular notion of "best chess player". In reality, there are multiple notions of the best chess player. Ratings measure more the ability to stay consistent throughout your career and never let your form dip, tournament wins measure more your ability to take points off weaker players and shift our mindset rapidly to deal with the next style which comes along... and the world championship measures more your ability to present an impregnable wall of defensive ability and be unbeatable.

These are all very valuable things to have, and wanting to take one of them away just because your mind isn't flexible enough to cope with them all existing simultaneously is selfish.

Comment: Re:a much better question (Score 2) 138

by LainTouko (#44838369) Attached to: Ask Slashdot: Can We Still Trust FIPS?

What do you have against AES? The US government doesn't pick bad algorithms for itself to use as a matter of principle or anything, suspicion is only really warranted on algorithms which contain data which claims or appears to be random, but could have been specially chosen to have some property. (If you want people to trust your magic numbers, you generate them by doing something like taking the hash of the square root of 2.) The difference between AES and Twofish is that AES got more positive comments from around the world during the AES selection process, and fewer negative comments. Twofish is still a well-respected algorithm which will protect your data, but AES is generally regarded as slightly superior, and this is why NIST recommend it.

There's no need for a replacement for Dual_EC_DRBG, because it was only one of several recommended choices, and was both slow and suspicious, so nobody was using it anyway. Hash-based PRNGs seem to be faring best at the moment, though something which everyone can call good is still yet to really emerge.

The main crypto algorithm which is both trusted and now under suspicion is ECDSA/ECDH, where people have tended to use curves recommended by NIST, which have data in which we can't verify the generation of. It's not clear just how dangerous this is, whether this data could actually hold any malicious secrets or not, but it can certainly be solved just by generating our own curves, or using curves from organisations we trust more.

Comment: Re:Damned if you do, damned if you don't (Score 1) 659

by LainTouko (#44799653) Attached to: Should the U.S. bomb Syria?
There is a key difference between Libya and Syria, beyond the geopolitical considerations of Syria being a big part of the Israel-Arab enmity. Libya ended up being a struggle between nearly all the people of the country and a bunch of foreign mercenaries, nobody really supported the previous government. Syria is just a standard civil war.

Comment: Re:Suprising why? (Score 1) 607

by LainTouko (#44769983) Attached to: NSA Foils Much Internet Encryption
Without knowing the details, this sounds perfectly reasonable. Going to 256-bit symmetric keys is future-proofing. Nobody can break 128-bit encryption now, but in thirty years time, it's quite possible that someone could. (In particular, quantum computing could effectively halve symmetric key lengths, in addition to its better known effect of killing all the practical asymmetric crypto we've got right now.) So if the military didn't want their messages to be readable in even 30 years time, they would be advised to use 256-bit, whereas if a guy who decrypts a message which is part of some banking protocol 20 years after it was sent couldn't do much with the information because everything has already happened, it would be an unnecessary move for the banks.

As far as we know, our computer has never had an undetected error. -- Weisert