Forgot your password?

Comment: They nailed it 500 years ago (Score 1) 62

by DNS-and-BIND (#47446677) Attached to: How To Fix The Shortage of K-5 Scholastic Chess Facilitators
"[Chess] is certainly a pleasing and ingenious amusement, but it seems to have one defect, which is that it is possible to have too much knowledge of it, so that whoever would excel in the game must give a great deal of time to it, as I believe, and as much study as if he would learn some noble science or perform well anything of importance; and yet in the end, for all his pains, he only knows how to play a game. Thus, I think a very unusual thing happens in this, namely that mediocrity is more to be praised than excellence."
-- Castiglione, The Book of the Courtier, 1528, Book II para. 31, Singleton translation

Comment: Re:Speculative. (Score 1) 152

by swillden (#47445719) Attached to: How Deep Does the Multiverse Go?

Anything dealing with multiverse is speculative. Math does not constitute evidence.

By that argument, everything we know about stars, quasars, black holes, and virtually everything else that isn't on our planet and relatively close to the surface is all speculative, too. Nearly everything we know about the stuff not immediately at hand is based on mathematical models, calibrated against "observations" which are often very, very indirect and themselves dependent on many layers of mathematical models derived the same way.

I don't know enough about QM and many worlds theories to know how much really is well-supported, but from what little I've read, the many-worlds hypothesis seems to provide a much better explanation of the spooky action at a distance effects we observe than the alternatives.

Comment: Re:Unsafe Advice (Score 1) 72

Any marginal blocks mapped out before you encrypt will remain unencrypted and may be available to a determined attacker. Same goes for hard drives, and SATA secure erase is not provably trustworthy. Always encrypt your storage before you put any data on it. If you do not trust your hardware AES to not be backdoored then use software crypto.

Yes, the safest approach is to enable encryption just after you get the device (after using it for a few minutes to accumulate some randomness in the Linux randomness pool, so you get a good key). If you don't, totally wiping it is more or less impossible, though the odds of anything significant surviving either the normal wipe or the encrypt & wipe (which probably won't actually do any more than the wipe) are pretty small.

Comment: Re:usually will not do the sdcard partition (Score 1) 72

Last time I checked the standard Android encryption will not do the sdcard partition (I mean not the physical card, but the partition on the internal flash, usually the biggest chunk of it, like let's say 11 out of 16GB).

I'm pretty sure that's not true, because it would make device encryption pretty much useless. A glance at the code certainly appears to show that it encrypts all volumes, but maybe /sdcard somehow gets excluded from the list? I'll ask my colleague, who "owns" disk encryption for Android at Google, tomorrow and post a followup.

I'll also note that none of the devices I have handy (Galaxy Nexus, Nexus 4, Nexus 5, Nexus 7 1st & 2nd gen, Nexus 10, Moto X, Moto RAZR M, Samsung Note 2) even have an /sdcard partition, exactly. They all mount their data partition on /data, and /data is definitely included in device encryption. In fact, it and /cache are the primary targets of device encryption (/system doesn't matter).

Comment: Re:Snowden's Patriotism is Gaining Acceptance (Score 1) 174

by DNS-and-BIND (#47445041) Attached to: NSA Says Snowden Emails Exempt From Public Disclosure
It has been my experience that those exact same people are very quick to label anything but their own thinking jingoism. They can't even accept there might be such a thing as patriotism, and if it did exist it surely wouldn't apply to America, the nation that is worse than Nazi Germany. How do you have an argument with people who believe that borders shouldn't exist?

Comment: Re:Snowden's Patriotism is Gaining Acceptance (Score 1) 174

by swillden (#47445025) Attached to: NSA Says Snowden Emails Exempt From Public Disclosure

It has been my observation that the people who have blistering hatred for Snowden, are the kinds of people who totally embrace jingoism.

But there are also those who don't have a blistering hatred, yet still feel that he broke the law and should be accountable. I find these people to be especially common among those who themselves are or have been under legal and moral obligations to preserve US government secrets and are appalled that Snowden essentially dumped a huge pile of unsifted sensitive data on the Guardian and trusted them to keep it secure and behave responsibly.

These people largely agree with the need to publish some of the data, but find dumping all of it to be criminally irresponsible.

I think there are a lot more people like that than those who have the blistering hatred you mention. FWIW, my own take (as someone who once held a Top Secret clearance) is that Snowden's action was necessary, that it was infeasible for him to properly vet and carefully release the data, that the news agencies have done a good job and been responsible, and that whatever damage it may have done is far more than offset by the good that it has done. So on balance I consider him a hero. But I do know a lot of people whose concern about what he did tips the balance the other way, even though they don't "have blistering hatred".

Comment: Re:Snowden / Binney 2016 (Score 1) 174

by swillden (#47444983) Attached to: NSA Says Snowden Emails Exempt From Public Disclosure

Except Snowden is 31 and you must be 35 to meet the candidacy requirement for POTUS.

It also helps to be able to set foot on US soil without being arrested. Not a constitutional requirement, per se, but a fairly important practical one. Otherwise even if you win you have to figure out how to sneak into the country and your own inauguration so you can get sworn in -- and acquire the ability to pardon yourself -- before being body slammed to the ground, thrown into the back of a black Suburban and transported to Gitmo for waterboarding.

Comment: Re:Full-disk wipe or only current data? (Score 4, Insightful) 72

Who gives a shit what the documentation says. Actual implementation is what matters.

Absolutely. So, look at the source: https://android.googlesource.c...

That file contains the code that generates the master key, derives the key encryption key used to protect it (using scrypt), stores the protected master key, and configures dm_crypt with the master key.

Some functions to look at:

- create_encrypted_random_key(), which creates the master key (reading from /dev/urandom).
- encrypt_master_key(), which derives a KEK from your password and uses it to encrypt the master key.
- decrypt_master_key(), which does the reverse.
- create_crypto_blk_dev(), which creates dm_crypt block device.
- cryptfs_setup_volume(), which mounts an encrypted block device.
- cryptfs_enable_inplace(), which encrypts an existing file system.

Do you really trust a mobile platform to be faithful to the documentation when you're trying to wipe a partition (which could easily be implemented directly but isn't) by first encrypting all data and then throwing away the key?

The device doesn't know you're trying to wipe. It knows that you (a) requested full disk encryption and then later (b) requested a wipe. So it can't optimize (a) away. I suppose it's possible it could just lie and tell you "Yep, I'm encrypting" even though it isn't, but that's the sort of thing that would definitely get noticed by security analysts and gleefully published.

Comment: Re: Not France vs US (Score 1) 258

Well, I don't know if anything in economics is provable per se, but Europe (more specifically the UK) is going through this debate right now. The EU is a giant free trade zone. How valuable is that? People who do business all think it's essential, but people are who are just employees aren't so sure. Let the debate commence.

Comment: Re: Not France vs US (Score 1) 258

Whatever the reason, they still boosted domestic production and economic growth.

That may have been true in the USA (hard to say given the lack of in-depth statistics back then and difficulty of knowing the impacts of such things even today) but it probably wasn't the case abroad. Sure, the USA didn't care one whit back then about the impact of tariffs on British or European manufacturers, nor did they care much if Americans couldn't afford superior foreign-made products for a while. They valued economic independence more, and given their situation that was understandable.

But putting military concerns to one side, free trade theory is correct. Those tariffs made the world as a whole economically worse off. If governments could be trusted not to use their economies as weapons of war, it'd be better for everyone if tariffs were reduced and removed, because it makes people wealthier in the long run and that's why every so often countries and trading blocs try to engage in free trade treaties.

Of course the problem is, governments do so love using economics as a weapon .... the USA more than most. So tariffs will continue to have non-economic justifications for the forseeable future, of the form "yes it makes us less wealthy, but the upsides are worth it".

Comment: Re:Free Shipping (Score 1) 258

Banning loss leaders (a.k.a. market dumping) seems like an inherently attractive fix to improve free markets, but it's fraught with difficulty.

The most obvious problem is R&D costs. I do market research and decide that people would be willing to pay $100 for a widget. But said widget does not yet exist, so I spend a million dollars to develop it, and then start selling it for $100 a pop. I calculate it will take several years to break even but that's OK, because I'm a businessman who thinks long term and we like those sorts of people don't we?

I think you can see where this is going - the business runs at a loss for several years, to build the market and spread out the development costs. Eventually I can reduce the price of my widget because I paid off the R&D costs. But until then I'm still in the red.

Amazon is no different. If they make no profit, it's because they choose to charge low prices, build the market and develop new products all at the same time, instead of cashing out. Though actually I think you're distorting history by saying they "muscled their way into the market". Amazon was one of the first online stores. There was no market to muscle in to, nobody else was doing what they were doing. Bezos pretty much created a new market from scratch.

Comment: Re:Price floors are subsidies (Score 1) 258

And sometimes it is, despite the supposed inefficiencies. That's what the French government thinks, and there are similar opinions in other European countries.

If governments could reflect the diversity of opinions in their population perfectly ever time, the world would be a simpler place.

In practice they tend to reflect the opinions of a very specific group of people - politicians (closely followed by bureaucrats) who are e.g. typically older and wealthier than the average man on the street.

There's an interesting article by an author on the topic, called "Don’t Support Your Local Bookseller: Buying books on Amazon is better for authors, better for the economy, and better for you". Worth reading, at least.

Comment: Re:Not France vs US (Score 1) 258

If it isn't better, why would you do it?

Small online book shop - you didn't hear about them so .... they don't exist? Is that what you're implying?

Read this article about a commercial dispute between Amazon and a large publisher (Hachette). It was on the Colbert Report, a US news comedy show. The hosts book was caught up in this dispute and so he told people to go buy his book and others at Powell's Books, which I can only describe as a small (relative to Amazon) online book store.

Of course you can't flap your arms and fly to the moon. After a while you'd run out of air to push against.