Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment: Re:There is no "law enforcement only" backdoor (Score 2) 166

by codewarren (#48620293) Attached to: Verizon "End-to-End" Encrypted Calling Includes Law Enforcement Backdoor

How is this insightful? What does "backdoor" have to do with it then? If anything with keys can be picked, then all encrypted communication is vulnerable and adding a backdoor would just be meaningless.

All communication has to be decryptable or it isn't communication. (How would one-way communication work? exactly like a write-only memory chip). So someone always has to have a key, but that doesn't always have to be the NSA or government or even Verizon.

Comment: Re:Depends... (Score 2) 166

by codewarren (#48616845) Attached to: Verizon "End-to-End" Encrypted Calling Includes Law Enforcement Backdoor

This has never been about whether the current U.S. government is trustworthy, but whether the future U.S. government is, and no one can ensure that. Would you trust promises from the Chinese government to always get warrants, or trust the quality of the warrants if they did? Governments are made from people and the people change. You may trust the U.S. government now, but you should not trust the U.S. government of the future further than necessary.

Comment: Re:C is very relevant in 2014, (Score 3, Interesting) 641

by codewarren (#48554647) Attached to: How Relevant is C in 2014?

Actually this is false. It is possible to write a language that is both safe* and compiles itself.

If you're not up to that then fine, but please spare us the poor workman blaming his tools excuse

I can cut a straight line with a circular saw without using a guide or a guard, but I can do it a hell of a lot quicker with a guide to rest against and a guard to keep me from having to constantly check my fingers and chords etc. These things weren't invented because of bad workman, but because they make good workman better. Not everyone who notices that there may be better tools out there than C for the very things that C is used for is a workman blaming his tools.

Someone eventually needs to write the rules for translating the higher level language down to lower levels, but this isn't the same as "getting their hands dirty down to the metal" in the same way that you've implied because it can be done in tiny self-contained, small chunks following yet more rules and rigorously like a mathematical proof and therefore not be subject to the same pitfalls as languages like C. It also only has to be done once (per processor) but then the safety is ongoing.

This layering is just modular design and separation of concern. Look at IR in the LLVM project which has allowed an explosion of languages that can enjoy most of the same compiler optimizations that the C family enjoy using this principle.

(btw, the Rust project is very interesting in this subject)

* Of course, the term "safe" has a limited meaning. A compiler can't read your mind but, to the extent that a language is well designed, it can prevent you from doing things that you could not have intended to do and force you to follow rules that will never allow certain common errors that result from people having limited memory.

Comment: Re:God (Score 1) 794

by codewarren (#46375083) Attached to: Whole Foods: America's Temple of Pseudoscience

The only evidence that the Israelites were ever in Egypt or made a 40 year trip through the desert or that anyone like Moses ever existed is a story where a guy parts the sea by raising his staff and the people are fed by magical food that falls from the sky nightly. That is to say, there is zero evidence that the Israelites were ever even in Egypt.

Comment: Re:Def Leppard fans are probably better off over t (Score 1) 80

by codewarren (#42548561) Attached to: Drug Allows Deafened Mice to Regrow Inner Ear Hair

I'm not sure that follows. Listeners compensate for both of these things by cranking up the volume only to be way over tolerance when the song goes from low point to high point or when the foam headphones shift back into place.

Which is worse for ears? Semi-loud music for 10 minutes or 10 seconds of over-the-top loud? It doesn't seem unreasonable to expect the opposite effect with flatter dynamics and a more physically stable listening device.

Comment: Re:Secure Networks vs. Insecure Networks (Score 1) 155

by codewarren (#42530831) Attached to: NTLM 100% Broken Using Hashes Derived From Captures

The crucial detail is whether the physical layer of the network can be trusted

Someone maintains that physical layer. Even if they are employees of the company, it doesn't follow that they can be trusted. Someone with access to the physical layer and an NTLM hack could "become" anyone else on the network and do whatever he wanted with little fear of getting caught.

Put another way, If everyone that was employed by the company could be trusted, they could all share the same login with unlimited access. If that makes you cringe, then so should NTLM. I think that's the point of the article.

No one gets sick on Wednesdays.

Working...