Forgot your password?
typodupeerror

Comment: Re:CRC (Score 3, Interesting) 440

by igb (#41205507) Attached to: Ask Slashdot: How Do I De-Dupe a System With 4.2 Million Files?
The problem isn't CRC vs secure hash, the problem is the number of bits available. He's not concerned about an attacker sneaking collisions into his filestore, and he always has the option of either a byte-by-byte comparison or choosing some number of random blocks to confirm the files are in fact the same. But 32 bits isn't enough simply because he's guaranteed to get collisions even if all the files are different, as he has more than 2^32 files. But using two different 32-bit CRC algorithms, for example, wouldn't be "secure" but would be reasonably safe. But as he's going to be disk bound, calculating an SHA-512 would be reasonable, as he can probably do that faster than he can read the data.

I confess, if I had a modern i5 or i7 processor and appropriate software I'd be tempted to in fact calculate some sort of AES-based HMAC, as I would have hardware assist to do that.

Comment: Re:CRC (Score 5, Insightful) 440

by igb (#41205291) Attached to: Ask Slashdot: How Do I De-Dupe a System With 4.2 Million Files?
That involves reading every byte. It would be faster to read the bytecount of each file, which doesn't involve reading the files themselves as that metadata is available, and then exclude from further examination all the files which have unique sizes. You could then read the first block of each large file, and discard all the files that have unique first blocks. After that, CRC32 (or MD5 or SHA1 --- you're going to be disk-bound anyway) and look for duplicates that way.

Comment: Re:Sigh... (Score 4, Informative) 639

by igb (#40828445) Attached to: Teenager Arrested In England For Criticizing Olympic Athlete On Twitter

"It's at this point that @Rileyy_69 began lashing out with offensive tweets"

Actually, it isn't. A glance at his history (now, unfortunately, protected) showed that threatening rape, assault on pregnant women, knifing, strangling and the rest was his long-term form. As it happens, Twitter, which is fast becoming a sewer, is full of people talking like that, and it's only because he was foolish enough to get involved in a public figure that it came to attention. But that doesn't make it any less unpleasant. Clearly, he's like that all the time.

Comment: Re:Hpw about (Score 1) 205

by igb (#40625413) Attached to: UK ISP Asks Religious Groups To Set Parental Controls
Everyone in the UK has the choice to switch, especially away from a tier-two LLU carrier. There is not a single line in the country for which Claranet is compulsory, the default choice or in any way anything other than an active choice. They don't even advertise much, so you have to seek their services out (indeed, I'm slightly surprised to learn they haven't been bought by one of the bigger players).

Comment: Re:Do they even have anything to lose ? (Score 1) 663

by igb (#40457447) Attached to: Are Open-Source Desktops Losing Competitiveness?
I used SunOS/Solaris as my desktop for twenty years, with everything from SunTools and NeWS through various X window managers through to their Gnome port. It was the Gnome port that finally made me realise I was wasting my time and (like a lot of Solaris developers) I switched to OSX on my desktop. It just works so well.

Comment: Re:Yes (Score 5, Insightful) 663

by igb (#40457393) Attached to: Are Open-Source Desktops Losing Competitiveness?
If you've spent any time around amateur theatre or amateur orchestras, you'll know that the real objective is to provide entertainment for the participants, and the interests of the audience come a long way down the list. If you go along to a concert by an amateur orchestra (and you don't, unless it's your wife or your child playing), then you simply don't have the same expectations as if it's professional, because the orchestra wants and audience so long as it doesn't have to compromise its own interests.

And so, Linux desktops...

Comment: Re:All this trouble. (Score 1) 400

by igb (#40377027) Attached to: Assange Requests Asylum In Ecuador
"However, Ecuador will not extradite Assange to the US or any other country"

Why not? The USA's not currently trying to extradite him, but if they did, Ecuador's got an extradition treaty with the USA. Why would Ecuador go out of their way to protect him?

"Assange is apparently on good terms with the president of Ecuador"

Perhaps. But why would he want to risk an international incident for him is a separate question.

Comment: Re:All this trouble. (Score 1) 400

by igb (#40376429) Attached to: Assange Requests Asylum In Ecuador
You wouldn't accept the bona fides of Sweden, but would trust the government of Ecuador to behave honestly and protect your interests? Really?

Anyway, Ecuador don't have a dog in this fight other than Assange turning up on his doorstep. If their government accepted a fugitive from justice and then exported him from the UK, I'd predict that the UK would break off diplomatic relations and expel their diplomats. Which isn't going to cause the UK any pain; I have no idea what the implications of that for Ecuador are. Other EU states might follow suit if Ecuador announce that they'll provide a route of out jurisdiction for anyone faced with EU arrest.

Comment: Re:The other currency alternative for Greece . . . (Score 1) 430

by igb (#40306419) Attached to: With Euro Zone Problems, Bitcoin Experiencing Boost In Legitimacy
"So if you are in Greece, you seem to have a bad option for storing your cash, and an even worse one." You've got loads of other choices, though. Other EU or Swiss banks, denoted in Sterling, Dollars or Euros. Other EU government paper (including non-Eurozone paper like UK). Euro, Dollar or Sterling cash. Any number of options.

Comment: Re:SecurID not broken (Score 1) 98

by igb (#40080431) Attached to: Researchers Can Generate RSA SecurID Random Numbers Flawlessly

This has always been possible in theory -- obviously, the computer software has to generate the output so it must have the seed in an accessible form; probably under several layers of obfuscation and encryption

There are some slightly better techniques: McCune's Flicker system leverages TPMs (which any corporate laptop will have) in a way which means you can perform cryptographic operations securely unless the attacker can compromise the hardware in a pretty fundamental way. It would be ideal for implementing soft-tokens.

Comment: Re:The NYT didn't read the Fed report either... (Score 1) 197

by igb (#39842409) Attached to: Report Finds Google Supervisors Knew About Wi-Fi Data Harvesting

All from Joe and Sally Sixpack who don't have enough sense to, in affect, close their blinds when they undress for bed at night, or shout all of their telephone conversations, or leave their cars and houses unlocked and the windows down or open. So, what are folks to do when they pass by, plug their ears and close their eyes for 600 feet?

Real-world analogies are always suspect, but even if people are undressing with the curtains open, anyone who films them doing so does so at their legal peril in most jurisdictions. The people undressing with the curtains open may also be committing an offence ("indecent exposure" in UK law) but tu quoque isn't a defence.

The law regarding recording telephone conversations is more variable, but most jurisdictions have a "so long as one party consents" law, which in this case wouldn't be met. It doesn't matter, in UK law at least, whether the recording is done on the electrical or the acoustic side of the proceedings, and I'd be surprised if other legislation draws that distinction: recording phone calls with a sucker mic on the receiver is just as illegal as doing it electrically.

Engineers may like to believe that the burden of enforcing privacy lies with the subject, but law, and social mores, tend to make it an offence to overtly intrude on the privacy of even those unaware they are not maintaining it.

Many people write memos to tell you they have nothing to say.

Working...