Summary is misleading at best. A brief inspection of the source code reveals this is still using OpenSSL's crypto functions. So you're not getting 6k lines of source code to replace OpenSSL, as the summary implies. You're getting 6k worth of wrapper code that still uses OpenSSL and needs to be linked against OpenSSL libraries.
Like many (most?) tools, the GOTO can be used and abused. Only pendants are convinced the issue is black and white.
I think necklaces should be left out of this. You probably mean "pedant."
I bet this is one of the systems that will have to be replaced to fix the 2038 bug. There are a lot more 32 bit UNIX systems out there.
That's why they're starting now.
I'd be shocked if we could do this with current technology.
Golf certainly is frustrating. That's quite deliberate, as it makes excelling very difficult and thus worthwhile. Think of it as like a Scottish martial art... taking years to become fairly proficient, and never being sure of reaching that elusive perfection.
But golf is also a spiritual discipline. It teaches you self-control, patience, and sportsmanship. Witness the far better behaviour of professional golfers, compared to soccer players and many other sportsmen.
I think of Golf more like taking a stroll with my friends, a couple beers, and maybe a cigar. Often I spend time enjoying the beauty of the woods that line each fairway, up close and personal. Sometimes crossing scenic rivers and lakes, noting where my golf ball lies within their depths. Walking along well-groomed fairways towards the stands of trees along the course. Usually more in the trees, than in the fairway.
And then there's the handful of shots each round I play that make me think, "I could do that every time and maybe shoot par." But afterwards, I'm usually back in the woods.
In the US educational system you don't get credit for learning on your own. You sit in a classroom, do the homework, take the test(s) and in the end you pass or fail based on how well you do some or all of those things in the opinion of the teacher. You can learn as much as you want on your own time but if it's not part of any class you're taking, you've proven nothing. And unfortunately, proving to the teacher that you know the material being taught is what gets you passing grades, and passing grades get you into good colleges, where you do the same thing except in bigger classes and with more advanced material.
The AP classes/tests are completely optional and not every AP test is accepted by every college for every subject. (How's that for vague?) When I was in HS -- graduated in 1993 -- I took and passed several AP tests (obligatory on topic statement: there was no CS class nor CS test offered at my HS) and this is how the breakdown of college credit worked out:
Passed AP English -- tested out of one semester of mandatory Literature course
Passed AP History -- tested out of two semesters of mandatory European and World History courses
Passed AP Calculus -- tested out of one semester of Calculus for CS majors
Other people I graduated with, who got the exact same scores on the AP tests, reported completely different results, including several who received no credit at all from their colleges. You don't really know that in your Junior and Senior year, especially if you still haven't made a college decision, or even applied, whether the college you pick is going to take credit, and even asking the admissions department may not get you anywhere.
So, why do they take these "crappy" tests in order to learn stuff? Because they have to take the class anyway, as part of the HS curriculum, and if you qualify for an AP class, you probably want to take it, as it is more advanced, over the standard offering, which will have students who do not qualify for the advanced classes (read into that statement what you will.)
Posting such info could endanger the future, or risk causality paradox issues --- changing the future in such a way,
that time travel is not discovered.
Time travelers from the future are historians.... they may be tweeting, but they are tweeing about the past
(our present), and possibly sending those tweets into the future.
You can go forward in time, one-way trip, and not cause any problems. Your knowledge of things in the past does no harm in the future where those things already happened. In fact, you "skip" some time and probably are worse off for it.
You cannot go forward in time and then return, or backwards in time at all. You will have knowledge of at least some part of the future and you would return to a timeline permanently altered, if ever so slightly at first. This slight difference would be magnified as the years pass (i.e. the butterfly effect) to a degree perhaps only noticeable to yourself, but it is necessary that, as you make choices, due to your future knowledge, when your new timeline catches up to the point you jumped to in the future, it will be extremely different.
You cannot go backwards in time. Once you do, your alteration of that timeline is permanent. The mere existence of time travelers immediately and irrevocably inflicts an alteration of that timeline which is cosmic in scale, paradoxes can and will (and have) happened.
So given that we have no known time travelers my postulation is that either it is impossible or our universe -- that is, the specific probability vector we are currently on -- is the only universe, out of the infinite set of vectors comprised of every permutation of possible events, that has not and will not and will never invent, or discover, or experience time travel. (Or, it is one-way to the future only, which is rather pointless, if you think about it even briefly.)
...the tcp sequence number tells you the byte offset in the session's psudo-random bit stream to xor against.
Perfect explanation. I get it now. Thanks!
When you don't understand encryption, it all looks like ROT13.
Best leave that to the big boys.
If you can't explain it, just say so. Thanks anyway though.
I read through the implementation presented and the additional ~200 lines of code for each of the authentication (poly1305) and encryption (chacha.c) pieces of this protocol. Coming from the perspective of an experienced coder but relative crypto novice this just looks like a very sophisticated shifting algorithm (like ROT13, on steroids) keyed on the TCP sequence number. Is this considered acceptable security for a data stream? I'm honestly curious, I haven't played around with crypto functions very much.
My understanding of the fifth is that it only applies to information that can't be collected under a warrant.
For example, if you have a lockbox with incriminating documentation, and the police can provide sufficient evidence for a warrant, you can be required to unlock the box. However, you can still plead the fifth if a lawyer is asking about your "intentions" for the contents of the incriminating box.
So I think there is a valid question of whether the FBI had the right to force the lock on "the box" of encryption if they didn't have a warrant already. That's like the police breaking and entering to seize evidence; it would be thrown out in court because it wasn't collected properly.
They have to have evidence of a crime before they can get a warrant. But once they have a warrant, they have the right to open "the box" of encryption.
I believe that also means they have the right to demand the keys to the box: your passwords.
IANAL, but this is nearer the truth than other comments earlier in the thread, I think.
Having read not just THIS article, but others about Feldman's case, I learned that the prosecution has found, on Feldman's personal computer, unencrypted indexes of file names that are present on the encrypted drives. Many of these files have explicit names about the subject matter contained within, giving them reasonable suspicion that these files actually contain depictions of underage children engaging in sexual activity.
Because the prosecution has this list of file names on the encrypted drives, Judge Callahan determined that Feldman's 5th amendment right no longer applied, as he would not be incriminating himself -- they know what is on the drives, they just need to have them unencrypted to enter them as evidence.
Make no mistake, this man is being accused of perversions that, if true, deserve prosecution to the full extent of the law. However, that does not give the government of this country or any country free reign to ignore his rights as a citizen and as a human being. I am in one sense extremely glad to see the judicial process being carefully applied, so that the accused is properly and legally convicted, and does not get off on a technicality. In another sense, I am also watching this with much trepidation, as precedents set too hastily could erode another one of our rights.
I believe, having read the motions presented in court that are publicly available, that in this case, because they already have evidence that there are files on the encrypted drives which have pornographic names, referencing the depiction of pre-teens in sexual acts, for instance, then the prosecution is justified in forcing the defendant to decrypt the drives and provide the court with the contents of those files.
If they didn't have the unencrypted index, I would probably have to see more proof to feel comfortable with what they are doing, however.
The Romain Empire used concrete extensively, even hydraulic cement (cures under water).
After the Empire fell, they went back to building with rocks.
Lettuce hear more of this Romaine empire
... I do not believe you can legitimately solve societal issues with technological mandates.
Nor with legislation.
If the aim is to stop registered sex offenders from messaging, why block them from gaming completely? Just block their ability to message.
Shooting them in the head will stop them from both messaging and gaming. If we're already admitting rapists, pedophiliacs, or exhibitionists are not able to be rehabilitated, why bother even pretending they can live a productive and successful life? Just get rid of them, no one wants them around, obviously. Solves the problem, neat and clean.
soccer moms scare me WAY more than drunks or any other intoxicated driver does. the thing is, drunks know they are drunk (usually) and so they at least try to be careful. moms, otoh, think things are perfectly fine even though little johnny is screaming his head off in the back seat and slapping his sister suzie. each time the mom turns around to scold the kids, she takes her eye off the road.
I seriously fear the soccer moms more than any chemically enhanced driver.
No joke, I saw a m0m in a minivan turning around to READ A BOOK to her kid in the back seat, while driving on the freeway. You're completely right, it's the everyday unsafe drivers that worry me just as much as or more than the ones that are under the influence of something.