Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment unless the NIST evaluation tools are broken... (Score 2) 362

It's impossible to tell in general whether there's a vulnerability in a random number generator. It's a "computationally infeasible" problem, the best we can do is check for known deviations from randomness. If you know how it deviates, it's easy to check but beyond that there's no way to tell.

Unless the NIST tools are compromised as well, then yes, it's completely possible to verify how good hardware RNGs are. Also, few intel processors have built-in RNGs, at least not ones the Linux kernel can use. None of the machines we've bought in the last 5 years have them. When was the last major intel x86 processor to have one? P2/P3 based systems?

I always wondered why; now I think I know *exactly* why. Hardware RNGs increase crypto security; by removing them, the NSA can influence/corrupt OS-level pseudo-RNG routines.

I wonder how many of the software RNG projects like haveged are compromised...

Comment Re:meanwhile, in Russia... (Score 1) 369

You're wrong. Snowden chose publicity as his defence, so not NSA, nor FSB could have easily "disappeared" him without repercussions.

What repercussions? Son, in case you hadn't noticed, Russia is a world superpower and has been adopting a stronger and stronger military stance ever since Putin seized control.

Tell that whole "public" business to Alexander Litvinenko, whom Russia not only assassinated him, but did so in a purposefully highly visible, slow, unpreventable way.

Nevermind you're assuming a Russian Snowden would have even had a chance to go public before he was killed or captured. The only other country I can think of that is as bold about their clandestine ops is Israel. Russian Snowden would get a bullet to the brain and written up as a street crime and the world wouldn't blink a single eye.

Comment you seriously need to back up that claim (Score 2) 607

how do we know that the session keys are chosen securely and not divulged with steganography somehow? I know that products have existed which did exactly that, revealing part of the encryption key in the encrypted data stream (and I know that because the vendor was fairly open about the practice).

If you're going to make such a massive claim, you need to back it up. Name the vendor/manufacturer and equipment, or I, and every other slashdot reader, will consider this bullshit.

Comment Re:Codec? (Score 1) 141

Is it really as little as every second or two?

That is configurable, and typically ranges between about a half second and ten seconds. In fact I've been seeing about ten seconds between key-frames in some of the movies on my cable TV. It's visible as a faint fog that creeps up in very dark scenes, and abruptly vanishes to black at the next key-frame. The sudden jump is distracting, but it's even more distracting consciously realizing I'm "watching a CODEC" rather than "watching a movie. Chuckle.

Isn't it "how the current frame is different than the PREVIOUS frame"?

Yeah, my description was a little sloppy.

-

Comment Re:Patents. (Score 4, Informative) 141

New Zealand is now one of those countries.

No. The New Zealand bill was a scam, and all the news coverage screwed up and fell for the scam. The main body of the bill directly stated that software was not patentenable, but Supplementary Order Paper No 237 provided "clarification" that only software-as-such was not patentable, and further "clarified" that software-as-such ONLY included patent claims which merely added on-a-computer to something old. In legalese, they excluded patent claims who's sole contribution was that it was a program.

10A Computer programs
(1) A computer program is not an invention and not a manner of manufacture for the purposes of this Act.
  (2) Subsection (1) prevents anything from being an invention or a manner of manufacture for the purposes of this Act only to the extent that a claim in a patent or an application relates to a computer program as such.
(3) A claim in a patent or an application relates to a computer program as such if the actual contribution made by the alleged invention lies solely in it being a computer program.

This means the bill actually MANDATED pure software patents, so long as the patent claim described some new math or something.

For example the classic pure-software patent catastrophe was the GIF patent... that patent claimed some new mathematics for converting one series of numbers (representing a picture) into a shorter series of numbers (a GIF compressed picture). The patent described (contributed) new mathematics, therefore the it's patentable. The RSA public-key crypto software patent is also still patentable, it claims new math for encrypting stuff. All audio and video codec patents, all patentable in New Zealand.

The only patents they excluded was the stupidest level stuff like "fill out your tax form exactly the same way you filled it out last year, but I want a patent on doing it with software".

-

Comment Re:Codec? (Score 5, Informative) 141

It's not even that. The current version is basically just a glorified slideshow viewer.

The way most video codecs work is they start by storing a full picture once every second or two. These are called key-frames, or intra-frames. The frames in between key-frames are called inter-frames, and this is where 90+% of the real work of a codec happens. These frames are stored as a short description of how the current frame is different than the last key-frame. Instead of storing the full picture you just describe what parts of the picture are moving, or if part of the picture is getting brighter or darker, or if colors are shifting.

Currently, libde265 only decodes intra frames, inter-frame decoding is under construction.

It's essentially a slideshow viewer, showing something akin to a series of JPEG pictures. Basically the entire CODEC is missing, the part that compresses and decompresses all the video frames in between.

-

Comment meanwhile, in Russia... (Score 3) 369

...they arrest gay people simply for being gay, and have threatened to arrest gay athletes.

This man fled Russia because of the reaction to his paintings of Putin in lingerie: http://www.theatlantic.com/international/archive/2013/08/fearing-retribution-artist-behind-putin-lingerie-painting-leaves-russia/279181/

It's easy to take this as an opportunity to denigrate the US. The level of corruption is far worse in Russia and the civil rights protections a fraction of what US citizens enjoy.

If Snowdon has been Russian and escaped with FSB documents, he wouldn't be alive right now. In case nobody noticed, Russia assassinates inconvenient people.

Comment No, actually, we don't. (Score 1) 535

Most Atheists seem to be more on the Agnostic side of things; in that they acknowledge there might be, or there might not be a god. There is no solid proof either way though it's looking less and less likely given the claims of the Theists.

Stop trying to marginalize us. Agnostics call themselves agnostics or use a phrase of some sort to summarize their beliefs, and are usually fairly upfront about not wanting to be called atheists. Atheists by definition (hint: a-theist) do not believe in a god, and most of us are pretty goddamn emphatic about it.

Comment Re:The article you linked quotes exactly what I sa (Score 1) 150

Oh, a little clarification on the US Supreme Court and US law.

The Supreme Court handed down some good, but somewhat murky, rulings a few decades ago. Since then the lower courts have gone batshit insane throwing out all limitations on patentability.

Part of the reason is that many court cases involving a megacorp on one side demanding they be given a patent on X, and on the other side is some lawyer from the patent office arguing X isn't a valid invention. And of course the army of megacorp lawyers tends to steamroll the patent office lawyer, establishing some new tidbit of twisted precedence. Case, after case, after case, they steadily pushed the line (and the rules) off into the Twilight Zone.

Oh, and the corporations are free to file their case in any US district they want. So they ALL file in the same district... the Eastern District of Texas. That district has a well deserved reputation for judges having the most extreme ideology, granting and uphold anything that has the word "patent" scribbled on it in crayon.

In the last few years the Supreme Court has taken notice and started issuing some harsh smackdowns against the nutty logic of the lower courts. Unfortunately the Supreme Court has been issuing "narrow" rulings, basically they've stated that X Y and Z are insane interpretations of patent law, they've said invalid patents are being granted, but haven't clarified which or how many invalid patents are being granted, and basically all the Supreme Court said is "Yo, you're fucking up, go back and follow our old rulings on patents". Except the lower courts have spent the last few decades becoming experts in how to actively not understand those Supreme Court rulings.

So, the current general practice of US patent law is that they still accept insane patents from Twilight Zone, but the judges know most of the basis for doing so has been struck down, and the judges are arguing with each other in utter confusion desperately trying to figure out some coherent set of logic and rules.

And a major problem is that any sane set of rules, anything coherent with the old Supreme Court rules, is basically going to invalidate over a HUNDRED THOUSAND existing patents. Many of the district judges are dead set on the mindset that those patents are valid, and the more reasonable judges are insecure at the prospect of making a "radical" ruling that would create chaos by invalidating vast numbers of existing patents.

Ummm... this post was supposed to be a "small note" explaining the Supreme Court quote from my other post, and why we're in a mess despite having that obvious-solution quote. I guess I got carried away. Chuckle.

-

Slashdot Top Deals

As the trials of life continue to take their toll, remember that there is always a future in Computer Maintenance. -- National Lampoon, "Deteriorata"

Working...