Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:Raspberry Pi Zero The Makebelieve Computer (Score 1) 69

Before Christmas I saw that the micro center near me had them on special near the check-out lanes for $0.99 each. I thought about buying some then but then tried to think of what I would do with them and decided that I didn't need to impulse buy something that would get left in a desk drawer and forgotten about as I don't have a good use for it.

Comment Re:Not on my property (Score 1) 220

Range wouldn't be the concern but penetrating power. Slugs are broad heavy and slow so against unarmored things they work great but add some armor and a bit of distance between the armor and critical systems and a slug becomes ineffective. A high powered rifle on the other hand would make it through and still damage the circuits. Against unarmored devices I would probably suggest some finer buck shot like #0 so it is big enough to cause a lot of damage but you still get a spread to increase you chance of hitting critical areas.

Comment Re:You don't need six figures in Silicon Valley... (Score 1) 733

I thought about it and I'm finding it hard to feel sorry for this guy. Yes he makes a bit more than I do, but he also pays more for housing than I do. It isn't that big of a difference when looking at post tax post housing income when taking those into account . Then again my housing expense is for a mortgage on a ~2000 square foot house on .5 acres that backs up to a multi acre wooded city park that will be paid off in 9 years. I also don't live in SV nor do I want to. I manage to save a large portion of my income and have done so for a while. To me this individual seems to be bad at managing their money.

Personally I wouldn't take a job out there because I would have to decrease my standard of living substantially. I like telling recruiters and headhunters out there they can't afford me when they call with job offers even when they insist that it is a very generous offer. I've laughed at some who did have some very insulting offers. Add in that I don't want to be a brogrammer, work 90+ hours a week, or live in a state that is on fire or being washed down hill and they only offer marginally more than what I currently make and it just isn't worth it.

If a company were serious they would offer me a multiples of what I currently am making since that is what it would take to get my current lifestyle out there. I want a sub 40 minute commute. I want a recreational property within 2 hours (owned outright). I want to be in one of the best school districts in the state with my kids going to the best schools in that district. I want to have a nice but modest house with nice property features. Offer me enough pay to get that and we can talk otherwise your offer is garbage. Sadly because I have a very good lifestyle it would probably take close to a half-million a year to afford what I currently have out there.

Comment Re:I have no faith in cryptography, because.. (Score 1) 159

Considering that several years ago everyone was told to move away from SHA1 as it wasn't considered secure given the at the time theoretical attacks this shouldn't come as a surprise. NIST has been very open about the process as of late with the AES process and more recently the SHA3 process. Even though no known issues exist with the SHA2 suite of hashes they were proactive in going forward with the SHA3 process because SHA2 is mathematically similar to SHA1 so it may be possible to have related attacks against the various SHA2 hashes. I would question anything that is just dropped wholesale from the government like the whole botched EC crypto, and then there was thae long standing questions about the DES S-Boxes that while it turned out were strengthened against differential attacks but no explanation was given as to why at the time. Even now the full set of parameters used for them haven't been provided.

Comment Re:"In the wild" - slight exaggeration (Score 1) 159

It means that collisions are now possible, and are within reach of moderate sized organizations.

This is the key. 6500 CPU years or 110 GPU years of computational power is not that difficult to achieve. When this news broke last week a few of us at my work had a discussion about it and while those number sound impressive we then realized that at work we have access to probably 2x that processing power in our building.

Comment Re:Micro Center! (Score 1) 218

Personally I like that there is a brick and mortar that I can go to and get stuff same day that doesn't carry a silly markup over online and has a good selection. Add in that they have a good return policy for things DOA and I prefer shopping there than online even if I can do marginally better price wise online sometimes. The last machine I built (a little pfSense box) I could have gotten for $3 cheaper online and if there was a problem I would have to dick around with some remote company and I would have to wait for shit to go through the mail. Instead I got it at micro center as it is on my way home from work. My desktop build I did 4 years ago cost me like $50 less with what I bought at micro center compared to online, but even there if it had been reversed I would have gotten from micro center because when you buy all the parts you just run the chance of getting a defective part. In that case I had a bad RAM stick and brought it back the next day and got a replacement without issue.

Comment Re:Practical? (Score 1) 142

The simple act of counting that high on an ideal classical CPU would probably kill all surface life on Earth.

Nope. The energy requirement while substantial is not insurmountable. I believe that the amount of energy to cycle a 128 bit counter through all states on an ideal classical computer is around 10% of the total annual US energy consumption. This assumes an ideal machine which happens to be many orders of magnitude more efficient than even our best computers so using conventional technology it would be ocean boiling energy consumption.

Comment Re:Practical? (Score 1) 142

They don't halve the time they halve the number of bits for symmetric key encryption, to put it another way the do it in square root time. So 128 bit encryption on classical computers is equivalent to 256 bit encryption on quantum computers. For asymmetric encryption take makes uses of elliptical curves or prime factorization it completely breaks them. The 2^50 is because the best break for AES-256 is a related key attack that has 2^99.5 complexity on classical computers. Assuming that this decreased key space can processed using Grover's Algorithm that give a complexity of about 2^50 on a quantum computer.

Comment Re:Not viable on Windows 10 (Score 1) 232

I can think of some but that is usually really shitty software that does its own checks instead of using the OS checks. It then has a hard bail out and UAC never prompts to elevate privileges. There are a few programs that I have run into that do this but then I just right click on them and run as administrator anyway which then brings up the UAC prompt before the program starts and things work. It is most often installers of older software that have this problem and I haven't seen it in a while so I am forgetting the few that I have seen do this.

Comment Re:Practical? (Score 1) 142

I fully understand that but using the brute force attack does provide a good metric by how to judge things and yes I know that in my previous statement I didn't cover more detailed attacks as no one would like to read that wall of text. In response to another user above I look a little more closely at AES-256 taking into account using a quantum computer and the best attack against it. In that case we move from stellar mass energy requirements down to something that would become fairly trivial with a complexity of about 2^50.

Comment Re:Practical? (Score 1) 142

If losing encryption keys is going to be a problem for with crypto that strong then it is already a problem for you as you neither have an ideal classical computer operating near the limit of Landauer's Principal nor do you have the ability to consume a large fraction of the US's total annual energy consumption. The problem is with encryption is that if it is feasable for a state actor to crack it, then it is also possiable for a large criminal gang to do so in a few years, and a few years later you can do so with a device that runs on a battery that you carry in your pocket, see the image in the original article where they point out that generating MD5 hash collisions can be done on your smart phone in about 30 seconds.

Comment Re:Practical? (Score 1) 142

The reason I want crypto that has a chance of surviving the heat death of the universe is simple. Unless you are using a One Time Pad the encryption you haven't isn't provably secure for all time. It will be attacked and the strength of it will decrease. Is my data so important that it personally needs to be kept secure until the heat death of the universe? Simple answer is no, but at the same time it is something that I would like to see stay secure for the next 50-60 years until I'm taking a dirt nap.

So now lets look at AES-256. Here we are dealing with a cipher that is in that mass energy of a star to brute force on an ideal classical computer. Now that may seem pretty damn strong, but there is a related key attack against it that brings that complexity down to 2^99.5 from 2^256. At this point we are no longer talking about star sized energy requirements but instead a sizeable portion of the total annual energy output of a a nation on an ideal classical computer. While currently infeasible further advances in cryptanalysis and quantum computing will decrease this further. So using something like Grover's algorithm we could possibly get the work down to about 2^50. At that level we have already rejected crypto standards because they are easy to defeat.

Slashdot Top Deals

"It ain't so much the things we don't know that get us in trouble. It's the things we know that ain't so." -- Artemus Ward aka Charles Farrar Brown