Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Comment Re:Quantum Bullshit (Score 1) 117

But the channel is NOT noise free.

And for it to have any measure of security provided by the quantum nature, it needs to be a dedicated circuit between all host pairs.

When you have a dedicated circuit, you need physical access to perform any attacks. Quantum or regular, it doesn't matter.

Given a dedicated circuit and an attacker with physical access, any unsuccessful MITM attack becomes a successful DOS attack.

Any successful MITM attack will require the private keys of one of the parties. You need both if you want to hear the replies, but you only need Alice's keys to have Alice say "Bob, you're a fag.".

Getting the key is the "hard" part. Just like it's "hard" to get someone's house keys. You can develop various attacks against the algorithm by playing in the noise threshold. It may take you months, years, or longer. It may not. But if you may have physical access to the source and detector, you could exploit all sorts of weaknesses in implementation, take the damned things, or just sit at Alice's terminal. Kind of like walking up to someone's door and trying to pick their lock, get in through a window, etc.

In the end it's all a key sharing problem, regardless of where you source your keys from.
If you have a dedicated circuit network, then you require physical access to launch an attack. Just as you need physical access to attack a dedicated circuit network using copper cable. Quantum stuff doesn't come into play.

And, as always physical access = Win.

The "security" of quantum communications comes not from the quantum nature, but from the fact that you're going to be using dedicated circuits between each host pair. This will never scale to the masses. Quantum communication along a dedicated circuit will pretty much only work in truly local networks and from Obama's to Putin (let's face it, Putin's in charge).

Comment Re:So Lets See, (Score 1) 459

designing a novel structure in a CAD tool optimised for some known series of simulations (i.e. knowing which parameters are relevant to each simulation and adjusting for them)

Uh... yeah, parameters like "aerodynamics". People use these simulations to make real aircraft that have to work, really. You can't just optimize for "relevant parameters" to cut corners around optimizing for overall performance in reality, because the simulations are designed to mimic reality as closely as possible and do a demonstrably good job of doing so. That's the simulation's purpose!

is not the same as proposing a design which can be prototyped, built, tested, flown... and paid for.

For sure!

Which is not the same as saying the design in the CAD program will not have closely similar behavior in the real world if they could build it.

Comment Re:Does anyone beiieve this number? (Score 1) 175

Yup, you can take my usb stick and read it all you want. Unless you're particularly interested in seeing what I've been working on recently, it will quickly bore you silly. The most damage loosing it would do it inconveniencing me. Whereas encrypting the thing would prevent me simply hand it to people so they can access my files.

9% encrypt their flash drives vs. x% who cypher their paper docs before leaving the building?

I'm not saying it shouldn't be done - I'd hope someone actually carrying sensitive data around would encrypt it as a precaution, just as I hope the people I just sent a paper copy of my passport to will have the diligence to not take on the train and leave it on the table.

Comment Re:Ah ah, what about the emails?! (Score 1) 175

I myself doubt that wiretapping (even without encryption) is a desirable approach to get at data, as opposed to stealing computer drives. With the drives you get everything that has not been mailed yet as well as everything from years back, all in one go. Most evil doers would not only be interested in current correspondence, no?

It is also an issue of practicality. Drive encryption is very easy and unobtrusive to deploy and manage. The basic variant uses just the same password in the same login screen.

As opposed to that, key management, and other basic usage concerns on PGP or similar are not easy. Average Joe needs to know too way too much about how these things work, and IT Staff / Power users don't get enough flexibility. Your white collar people may have spared you a LOT of annoyances while you still were sysadmin, in fact.

Comment Re:Good for you, Google (Score 1) 300

The central government in China is seen pretty positive by most people in China.

However many "mass incidents" (protests, riots, etc) are taking place, and the number is increasing. I have heard numbers of tens of thousands of such "mass incidents" each year, but hard to impossible to get any reliable numbers on that.

It is the local governments that are highly unpopular, down to local leaders being murdered and the village celebrating: such a case is now going on. This as many if not most local leaders are very corrupt, and have local business interests as well. This has issues for land rights and environmental pollution. It's those leaders that the protests are targeted against primarily. E.g. the local mayor owns a large share in the local coal mine, and will thus turn a blind eye on safety issues. Large brothels or gambling dens that were housed across the police station - the owner being a brother of the police commissioner.

You won't see much protest targeting the central government, and most of those are people asking for help in problems with local officials.

Comment Re:Why using cadmium? (Score 1) 454

You would need to translate them to an absolute scale (Kelvin or Rankine) to do a really meaningful comparison, but I would hope that most people that read English would be able to at least translate the temperatures into "pretty hot" and "a whole bunch hotter".

Even then, the temperatures may be less interesting than the amount of energy required to bring the materials to those temperatures (but adding energy at lower temperatures is probably easier).

Comment Not the right form factor (Score 1) 596

I buy a smartphone because it can fit in my pocket plus do phone calls, email, browsing, video, cameras, games, and some light special purpose business apps.

I buy a laptop because there are times when a smartphone isn't beefy enough, I need to do serious data input, document editing, presentations, or just about anything else I can do with a desktop.

I see no compelling reason for any tablet to replace either of these devices. If I want convenience, I can grab my smartphone. If I want power and am willing to put up with a device that won't fit in my pocket, I can grab my laptop or netbook.

I certainly wouldn't think "Hey, what I really need is a larger smartphone that won't fit in my pocket or a laptop without the nice tactile keyboard I am used to."

So - the negatives of a tablet are that it won't fit in your pocket and doesn't have the single, reliable input device we are all familiar with - the keyboard. In my mind, the pluses would need to be significant to overcomes these drawbacks.

If it had a roll-up or fold up screen that allowed it to still fit in my pocket, while having the power of a laptop, you might get me to take a second look.

Comment Re:Trends (Score 1) 264

You realize that based on the rate of consumption a couple of years ago we were supposed to run out of addresses by 2010.

Now based on the current rate of consumption we are supposed to run out of addresses some time in 2012.

I think it's safe to say you can't accurately predict how soon we'll run out of address by basing it on the current rate of consumption, because it is fairly obvious that the rate of consumption changes as we approach the end.

I estimate that within 10 years but not sooner than 5 we will run out of IPv4 addresses, and within 20 years we will have switched to IPv6.

$50 says my estimate is more accurate - if less precise - than TFA.

The trouble with being poor is that it takes up all your time.