Forgot your password?

Comment: Don't put Dlog to sleep so soon (Score 5, Insightful) 114

The result is on for fields with small characteristic, but the most commonly used finite fields in this context are the Zp for some prime p which have characteristic p.
So though this is a very interesting result, I am not tossing out all my crypto suit yet.
we should be cautiously seeking better alternatives, but the worst thing we can do is to panic and ditch well studied algorithms and implementations every time some progress is made on their cryptanalysis.

Comment: Don't be right be smart (Score 1) 165

by iceco2 (#46795807) Attached to: Declassified Papers Hint US Uranium May Have Ended Up In Israeli Arms

Nothing much has changed in the last 30 years. The US still has intrests in Israel and the middle east. Everyone knows Israel has nuclear weapons but can't prove it and that is just the way Israel likes it. Israel was on the brink of extinction in 1973 and no WMDs were used this proves remarkable self restraint. Accusing Israel of a 50 year old crime would serve no practical purpose. It would hurt relationships with Israel it will harm the peace process it would harm the fight against WMDs because it would show the truth we are much more concerned about dictators with WMDs then we are about democracies.

Comment: The implementations should keep parameters open (Score 1) 169

by iceco2 (#44984363) Attached to: Did NIST Cripple SHA-3?

We should not have one SHA-3 with the security parameters selected by NIST or anyone else.
For the vast majority of usages the speed of the hashing is a non-issue, they are all plenty fast enough
yet some implementations, specifically those with limited hardware my have other concerns.
We should approve the basic algorithm, and have a family of hash functions with different security parameters
to be selected for each usage.
Most of us should use an extra secure variant most of the time.

Comment: As early as possible (Score 1) 299

by iceco2 (#44970089) Attached to: How Early Should Kids Learn To Code?

I learned to write in basic when I was 6, even though I could hardly spell at the time, coding and typing came together,
most words were very short and easy but I still remember, 30 years later, memorizing REPEAT. I consider this a good experience.
I also had the chance to teach a class of 5 year olds to do "Lego-logo", this was a once week afternoon activity for 20 weeks.
They would build from mechanical lego. and would then program it on the computer by arranging large colorful blocks in order, the building blocks were inspired very loosly by Logo commands.
All kids had fun and were introduced to computers&robotics as something fun,cool and accessible.
A few of the kids were able to build original programs by the end of the course.
These were not gifted kids and they didn't get much personnel attention. A parent teaching his child can probably accomplish a lot.

Comment: trust the algorithm or the implemenation (Score 1) 138

by iceco2 (#44838671) Attached to: Ask Slashdot: Can We Still Trust FIPS?

the algorithms have a lot of peer review independent of the NSA and the NSA had little input in their design (though may have
significant input in the slection of those algorithms that got standardized).
Though the NSA probably has better methods for attacking common cryptographic algorithms either using undisclosed weaknesses or more likely
custom hardware, it seems likely the NSA can not easily crack these algorithms.

The simplest thing to do is to pick a larger key length which will give you more of a security margin.

Some implementations have also been peer reviewed, and though one can probably hide a side channel leakage in a peer reviewed implementation
hiding something more sinister may be difficult for the algorithm to still be operating per the spec.

Comment: We pretty much have to (Score 1) 659

by iceco2 (#44805999) Attached to: Should the U.S. bomb Syria?

It has nothing to do with Syria, or innocents being killed by an attack.
It is only about american interest, It is clearly in the USAs interest to be able to affect foreign nations using words alone.
We never want to use force, but the threat of force or even the implied threat can be a powerful one.
Obama made an explicit threat, he drew a red line, it is arguable if he should have done that but he did.
Not acting, even symbolically would turn his word into Mud which would force the US to use actions rather then words in the future.

Comment: experienced developers are a risky hire (Score 1) 252

by iceco2 (#44506321) Attached to: Ask Slashdot: Is Development Leadership Overvalued?

When looking for a development position with little to no leadership responsibility I would be hesitant before hiring someone with 14 years of experience.
Many such developers are simply incompetent, they have been around for ever and haven't risen to the top for good reason.
many developers do not want to manage but find themselves leading in their own way, becoming an architect or a very hands on team leader of a small team.
A different problem with experienced developers is ego and strong opinions. There are normally many good ways of doing something, an experienced developer is more likely to continue arguing for too long.
If I published a position asking 2-5 years of experience I wouldn't disqualify on the spot someone with 14, but it is definitely a red warning light.

Comment: Why encrypt my network at all? (Score 1) 438

by iceco2 (#44469443) Attached to: Home wireless security level?

The vast majority of my on-line browsing is ssl anyway (and some of it through an extra VPN) so I'm not too worried about
eaves dropping on my network my porn browsing isn't that interesting.
It is far more likely some neighbor/passer by simply wants to check his e-mail or bus schedule and I see no reason
not to supply that curtsy. I certainly enjoy finding open wi-fi networks when away from home.
If anyone started abusing my bandwidth I would probably notice quickly, I've been doing this for many years in my last 3 apartments and my parents home
and this hasn't happened yet.
I keep contemplating a more complicated setup where eavesdropping would be difficult but I would still be running an open network for anyone who needs it but never get around to doing it(I wish my router simply gave it as a standard option).

Comment: smart people use dumb phones (Score 0) 194

by iceco2 (#44270293) Attached to: I use a screen protector ...

My phone doesn't need Gorilla glass to be very durable, It simply has a small screen.
It can last without recharging for more then a week of normal use.
And it can take quite a beating, (my wife washed hers 3 times)
It's not very good for surfing the internet or taking pictures but it is a much better phone then any "smart" phone.

Comment: 80% precision isn't very good (Score 1) 167

by iceco2 (#44202257) Attached to: Tech Companies Looking Into Sarcasm Detection

And can easily be achieved without any sarcasm detection.
Social media mentions have a strong positive bias, so simply guessing positive all the time will get you
pretty close to the 80% mark. and with a simple list of negative phrases you can pass the 80% mark in identifying if a social media mention(twitter, facebook, etc.) is positive or negative.

Comment: Don't worry about it (Score 4, Insightful) 252

by iceco2 (#43766171) Attached to: Ask Slashdot: Why Do Firms Leak Personal Details In Plain Text?

The question is, who are you worried will find this super secret sensitive information (Your name, address and fact you use the site)?
The government? They don't need to intercept the e-mail they have easier ways of knowing it?
Some criminal targeting you specifically who manged to intercept this e-mail? He already knows who you are all he learned is you use this site,
simply seeing the IP is enough?
Some random script kiddie on the internet? intercepting e-mails is not that easy, yes they are in plain text but they are not broadcast over the internet for everyone to see
you have to position yourself along the route it travels (and this route normally doesn't change much) and attack somewhere along it, not impossible but hardly effortless. and why would he?
Which only leaves corporate espionage targeted against the site you are visiting, which though more likely then any other vector still seems a bit far fetched, and in the end all they learn is your name&address.
There are plenty of serious threats out there on the internet, this doesn't seem like one of them.
focus your worrying else where.

"Just think of a computer as hardware you can program." -- Nigel de la Tierre