I noticed a rash of these in my spam box a few days ago. The email bodies had lots of fixed content that made it pretty clear that some support system was getting abused, but it wasn't obvious exactly what the cause was.

Unlock all interactions? No. Unlocking a specific interaction? Maybe.

For common uses (like the public web), the most likely approach to decrypting a specific interaction is to break the RSA (cert-based) on the outside and then the Diffie-Hellman (ephemeral per-transaction) on the inside, then recover the symmetric encryption key to decrypt the rest of the conversation. But this is not trivial, and it requires more work than to just toss the transaction into the quantum computer.

The ephemeral layer is where things get harder. Even if you can derive the RSA key on a regular connection, you've got the first layer, but the DH layer is redone for each new connection. (Some sites don't use DH, or are vulnerable to downgrade attacks where DH isn't used, but DH is pretty widespread.) Every ephemeral negotiation has to be individually cracked. Tor uses DH or x25519 on all connections, so each has to be individually cracked. It is expected that breaking an individual 2048-bit RSA or DH encryption would take several hours if one had a quantum computer of sufficient power. Cracking 3072- or 4096-bit RSA/DH will take even longer, if it's even possible on the same systems. However, we appear to be a long way from such capabilities, and the NSA isn't likely to use it to break arbitrary Tor connection encryption, saving it instead for much more practical items. As soon as the NSA has practical quantum computing, it's going to have decades of backlog to go through just for the international signals, and getting anything moved up in line is going to need a damned good reason.

> Making Alexa is not THAAAAT hard

Last year, the WSJ reported that Amazon lost $25 billion on Alexa from 2017-2021, partially from selling devices below cost but mostly because of development costs. It seems like it's harder than you think.

https://algassert.com/post/250... addresses the case of 21.

https://arxiv.org/pdf/1903.007... seems to be the paper about 35, although it says that noise meant that "the algorithm fails to factor N = 35" (and didn't do a great job for 21 either).

More specifically, digital quantum computers have factored 15, 21 and 35 -- but 15 is a near-trivial special case, and the circuits for the other two used shortcuts that were associated with knowledge of what the factors (of 21 and 35) are. The circuit for 35 can't factor 21.

Almost all US healthcare spending is by the government. And the US government spends more per person on health care than any other country spends government+private. By a lot.

https://www.statista.com/stati...

A large majority of that government spending is direct spending on Medicare and Medicaid, not subsidies for insurance. So when you complain that the US "doesn't even have a functioning healthcare system", the most obvious reason is because our governments have broken the system.

slivergrunt: Was it over when the estheticians bombed Pearl Harbor? Hell no!
Otter: [to Boon] Estheticians?
Boon: Forget it, he's rolling.

Isn't that why they make phones with 256+ GB storage? "The cloud" (aka "someone else's computer") might be convenient in various ways, but it's inherently slower than what is already on your phone, and it doesn't work so well from the top of a mountain[1], the bottom of a parking garage, or other places with lousy mobile coverage.

[1]- I was surprised that Mount Fuji had mobile good coverage all the way up, but I guess Japanese people also want to Snapchat/SNS from there.

Why would anyone bother to point out you saying yet another retarded thing?

Russia and China thank you for making the cables much easier to snag with anchors.

Occasionally you get meter-plus slips, even far from the epicenter, and those could strain the cable pretty severely even with a tether to provide slack.

It's an even dumber take to insist that things can only be done if they are done perfectly.

... if you trust pseudonymous Internet randos over the US intelligence community and DoD, at least.

https://www.nextgov.com/modern...
https://www.cnbc.com/2022/12/0...

These clouds have multiple layers of security, several of which reduce the likelihood that someone will install an interposer in a server undetected. (Or, in the case of the Wiretap photo, job up a logic analyzer to a compromised server.) Cloud vendors are also likely to have moved quicker to DDR5, which isn't vulnerable to either of these attacks.

That's a dumb take. The US has been writing cloud computing contracts for TOP SECRET content for years, to say nothing of public web sites. Australia and New Zealand have specific infosec guidance (their Information Security Manuals) that not only recommend particular controls when using cloud vendors, but that encourage use of cloud vendors, CDNs, and similar services to improve availability of government-provided information and services.

Everyone should have contingency plans and fallback capabilities, but there are lots of places that cloud services make sense.

Amazon cares, apparently. But without sideloading, and with apologies to the typo in the headline here... what happens on Vega, stays in Vega.

If you type 12,000 lines that do pretty much the expected thing, and it takes you roughly 30 hours, sure you're better than Claude.

As much as we love to ding LLMs, productivity over time is a big factor in software development.