It's impossible to tell in general whether there's a vulnerability in a random number generator. It's a "computationally infeasible" problem, the best we can do is check for known deviations from randomness. If you know how it deviates, it's easy to check but beyond that there's no way to tell.

Unless the NIST tools are compromised as well, then yes, it's completely possible to verify how good hardware RNGs are. Also, few intel processors have built-in RNGs, at least not ones the Linux kernel can use. None of the machines we've bought in the last 5 years have them. When was the last major intel x86 processor to have one? P2/P3 based systems?

I always wondered why; now I think I know *exactly* why. Hardware RNGs increase crypto security; by removing them, the NSA can influence/corrupt OS-level pseudo-RNG routines.

I wonder how many of the software RNG projects like haveged are compromised...

If you were lost in Manhattan, chances are fairly good that you could walk to shelter before succumbing to the elements. And the Atacama is just about all dry and cold every day of the year.

Tell that to the forty or so homeless people a year who die of exposure in NYC.

You're wrong. Snowden chose publicity as his defence, so not NSA, nor FSB could have easily "disappeared" him without repercussions.

What repercussions? Son, in case you hadn't noticed, Russia is a world superpower and has been adopting a stronger and stronger military stance ever since Putin seized control.

Tell that whole "public" business to Alexander Litvinenko, whom Russia not only assassinated him, but did so in a purposefully highly visible, slow, unpreventable way.

Nevermind you're assuming a Russian Snowden would have even had a chance to go public before he was killed or captured. The only other country I can think of that is as bold about their clandestine ops is Israel. Russian Snowden would get a bullet to the brain and written up as a street crime and the world wouldn't blink a single eye.

how do we know that the session keys are chosen securely and not divulged with steganography somehow? I know that products have existed which did exactly that, revealing part of the encryption key in the encrypted data stream (and I know that because the vendor was fairly open about the practice).

If you're going to make such a massive claim, you need to back it up. Name the vendor/manufacturer and equipment, or I, and every other slashdot reader, will consider this bullshit.

Did you replace your NIC adapter or manually change the MAC address.
- sites can identify you by your network interface

What? Anything beyond the first-hop router has no idea what your MAC address is.

...they arrest gay people simply for being gay, and have threatened to arrest gay athletes.

This man fled Russia because of the reaction to his paintings of Putin in lingerie: http://www.theatlantic.com/international/archive/2013/08/fearing-retribution-artist-behind-putin-lingerie-painting-leaves-russia/279181/

It's easy to take this as an opportunity to denigrate the US. The level of corruption is far worse in Russia and the civil rights protections a fraction of what US citizens enjoy.

If Snowdon has been Russian and escaped with FSB documents, he wouldn't be alive right now. In case nobody noticed, Russia assassinates inconvenient people.

Most Atheists seem to be more on the Agnostic side of things; in that they acknowledge there might be, or there might not be a god. There is no solid proof either way though it's looking less and less likely given the claims of the Theists.

Stop trying to marginalize us. Agnostics call themselves agnostics or use a phrase of some sort to summarize their beliefs, and are usually fairly upfront about not wanting to be called atheists. Atheists by definition (hint: a-theist) do not believe in a god, and most of us are pretty goddamn emphatic about it.

If you were exposed in the Atacama, you would most likely be dead in less than 48 hours.

I live in a major US city where the same is true for a few months out of the year. Yawn.

RTFA, it emits no carbon.

Bullshit. It MUST. It's burning a fuel that HAS CARBON IN IT.

Biology being what it is, it's reasonable to think that the health benefits of exercise are a multi-factor phenomenon and that any one chemical will deliver fewer benefits than the real thing.

This is true - for example, this almost certainly won't do anything for improving glycogen stores - but it'd certainly help for people who have been bedridden, the elderly, chemo patients, etc. It may also provide an easier start for people who are badly out of shape.

So many people abandon fitness kicks because the first few times it's really unpleasant/hard; it's a bit sad because the human body is actually pretty responsive and adaptive, and especially if you're in lousy shape, gains can be substantial if you simply give it a chance. For example, someone bikes into work for the first time, and they find it exhausting, so they say "meeeeh" and the bike gets sold or disappears into the basement. Except if they'd simply stuck with it for about a week or two, they'd find it easier and easier every day (note: it's totally OK, and good for you, to take a day or two off if it feels like you need it. The volume of training by 'serious' athletes might surprise many. It's also not particularly intense. It's just focused and smart, and yes, rest days are taken by even elite competitors.)

Also note: for those of you who have thought about biking for transportation or commuting but don't want to because "I'd get all sweaty": Slow. Down. Throw an extra X minutes in for your commute. Seriously. Just slow down. Bicycles are *the* most efficient form of human transport. For the same energy as walking, you can be doing significantly more speed. More speed = more cooling wind. Hottest day ever recorded in my city last year, and I biked in to work.

There's also a little bit of trying to scare off the metal scavangers by hinting that the copper cables and other metals that they might be able to recover are radioactive and could be VERY unhealthy to be around.

Risk hasn't seemed to deter any of the people who routinely break into power stations and (try) to steal copper from energized equipment.

A relative is a mid-level commander who came up from rank-and-file and we talked about this very subject a few weeks ago. His department bans helmet cameras, and it's a policy he said he agrees with strongly.

As part of their job, they interact with people in deeply intimate, traumatic, personal moments and events. They have no right to turn that event into a spectacle for YouTube, and privacy laws *do* apply here if medical aide is rendered, in addition to the ethical side of things. Firefighters, like doctors, often need the truth for their own protection or to save lives. Example: they don't care if you were cooking meth from a legal standpoint, they care about the toxic chemicals in your on-fire house. How do you think "Hey, we need to know: you making meth here?" will be answered with a camera on the FF's head?

Firefighters respond to many medical calls to speed response and/or assist with entry if the ambulance crew need it. What happens when a firefighter responds to a domestic violence incident and the victim sees a blinking camera in their face?

You need a swift kick in the groin for thinking that you have any right to be "virtually" present during those moments. Next time you need emergency services, I want you to think "Do I want a camera shoved in my face and this broadcast on youtube?"

Poor taste is getting all hysterical about 9-11 (good lord, what was that all about...), claiming she can't collaborate with people, and then declaring she's "going off the Internet."

Does she not know how to install GPG or something? She could've been a force to help get people into using GPG/PGP and whatnot (plus people have pointed out there's services like Kolab), but instead she just Left The Reservation.

Just because someone has been a hero doesn't grant *you* a magical shield to run around deflecting criticism of their actions.

Imagine a fuel cell in every cellular tower, with a CNG tank on-site in case both the power and gas lines fail (and can be refilled by truck). Imagine your central heating boiler being for home and water heating was generating free electricity as well as heat for a combined ~80% efficiency (almost as good as condensing boiler). Imagine every city block has a fuel cell the size of a utility cabinet, reducing transmission losses and easing strain on the power grid.

Imagine a firefighter's worse nightmare:

Electricity? Check.

Flammable gas? Check.

Unlimited supply of flammable gas? Check.

Neighborhood cogeneration might be interesting, but there's going to have to be some serious, serious thought put into making them safe.

Also: this does not solve the problem of needing carbon neutral energy sources. It's "better", but we've dug ourselves into a sufficiently deep enough hole that we're well past "better" being good enough. Nuclear, wind, solar, hydro. Anything else is just delaying the problem, not fixing it.