Intel has an insanely high Gross Profit Margin of 75%. That is the opposite of selling at a loss.
> As of now, only AfriNIC is not in address exhaustion mode."
That is not true - ARIN (north America's RiR) is still handing out IPv4's and will continue to do so until down to their last
For dual screen setups, using the proprietary drivers is an absolute mess, while the open source drivers work perfectly. And the free drivers are perfectly adequate for non-high-end-gaming. I can play Minecraft at 1920x1600 with the open source Radeon driver at acceptable framerates.
Yes. There are free software projects making a driver for each of those, build upon Mesa. Both AMD (a lot) and NVIDIA (in small measure) has actually contributed to those projects, in addition to their closed source drivers.
My impression is that basically all Linux distributions install the open source drivers by default. And in my experience, installing the proprietary drivers is messy.
And most distributions uses 3D in the window manager by default.
So I imagine that many more Linux users use the open source drivers (which in turn use Mesa) than uses the proprietary drivers.
And from http://www.sintel.org/download
> 2^128 - 2^112 [...] it's significant, especially if you have a huge data center in Utah.
As an upper limit, assume that you remove 100*2^112. But that will still only eliminate 100/65536=0.1% of the search space. Any key that is brute-forceable by NSA with those 0.1% removed is also brute-forceable without those 0.1% of the search space removed.
> What may be worse (I don't know) is the simultaneous equations that it creates that are invariant for keys from such a source. Maybe they could be used in a cryptographic attack to help solve the sorts of attack that try to build big systems of simultaneous equations to attack the key schedule.
Something like this seems slightly more likely. But assuming the bits were perfectly random before the removal of repeated blocks, for finite keys it still doesn't generate anything that couldn't have been generated by chance without the removal of repeated blocks.
I agree that the output is not random by the standard definition. And obviously a bad RNG.
But making a practical attack based on that seems unlikely to me.
> For the record, RdRand doesn't do this because I refused to put it in because it's a back door in the spec.
Wait what - you designed Intel's RdRand hardware RNG?
So, since there is a lot of paranoia about backdoors in that, is there a backdoor?
Meh - NSA at the same time asked them to use a too short key length. And it was an open secret for a long time that NSA could brute-force it. https://en.wikipedia.org/wiki/...
> And what if there is a hash collision?
Cryptographical hashes are designed to make that ridiculously unlikely. Go play buy a single ticket to the national lottery instead - you are far more likely to win the biggest price there than to every find a hash collision.
I freely admit that I assume they are guilty because of 1) all the damning evidence 2) their refusal to defend themselves.
And I submit that all reasonable persons should assume they are guilty for the same reasons. Assuming they are not guilty would be incredibly stupid.
For starters, they can come clean. All their press releases have been exercises in trying to say as little as possible, and be as misleading as possible whiile still not literally lying. For example, their non-denial of the $10,000,000 deal with NSA had half the press falsely reporting that RSA claimed there never any $10,000,000 deal.
Dual_EC_DRBG has been documented since 2006/2007 to be an insecure CSPRNG, even without the backdoor. I knew about it for example, and I do not even work in that field. The only way nobody at RSA Security (a huge company specializing in security) could not have heard about it is by putting their hands over their ears and yelling LALALA. And they didn't put 2 and 2 together about why NSA paid them $10,000,000 when the possible backdoor was discussed in the media and the cryptographic community?
I can accept that RSA Security might have been fooled in 2004. But they have not even tried to explain why they kept using Dual_EC_DRBG after 2006/2007. They have been caught with the hand in the cookie jar, and refuse to even try to defend themselves. Why should I try to invent explanations for their innocence for them?
> what evidence could RSA show us that would reinstate our trust
The point is that the circumstantial evidence is so hugely strong. This is not unfair - this is reality.
It is like finding you standing over a corpse in a pool of blood and a knife in your hand, with a $10 million payment to your account from the victims worst enemy. And you refusing to talk about how you got there, or why the victim's worst enemy sent you the $10 million. Do you think I have no right to make assumptions in that case?
> What RSA Security has specifically said is that they knew about the backdoor when they made the $10,000,000 deal.
That should of course have been:
> What RSA Security has specifically said is that they didn't know about the backdoor when they made the $10,000,000 deal.