- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Admin
@Remy was on that unlist-watch almost faster than @PaulaBean...
Edit: Also, mailto link was strip-ified:
Admin
Good catch. And yeah, I sometimes unlist manually when the Paula craps out when I create the article. It prevents accidental multiple threads.
Admin
:laughing:
Admin
...oh dear.
Admin
I'm disappointed with Pres. Obama's positions on personal privacy and the power of the security services in this country. I must confess, I expected him to be more on the side of the individual, and less on the side of government intrusion. But then, he turned out to be more of a friend to Big Business than I had hoped he would be as well.
Look, the Snoops can follow your every move by tracking your phone, monitor every call, SMS and internet connection it makes, all in real time. The only thing that leaves, is the contents of the phone, which they can also obtain. But do I have to give them the encryption keys as well? No, I don't. They're perfectly able to figure them out for themselves if they want to badly enough. It's just easier to strong-arm Apple into doing it for them.
Admin
Take a random person, and ask them: “I flipped a coin ten times, and it came up heads every time. Is it more or less likely that the next flip will also be heads?” Most people will get it wrong, because we intuitively know that 11 heads is very unlikely, but actually every coin flip is strict 50/50 odds.
In fact the more times it comes up heads the more you should bet on heads -- the coin is more likely to be biased to heads.
While Schroedinger's cat may or may not be dead Hetherington's cat, F.D.C. Willard aka Chester is known to be dead by now...Though he was probably still alive when I took Classical Mechanics from Hetherington as an undergrad.
Admin
Maybe we need a better analogy than a "key" + "lock".
A lot of encryption is about signatures, maybe those are a better analogy to emphasise - is there ever a time when it's OK for someone else to forge your signature?
Or counterfeit protection - should we have a "less absolutist" stance on anti-counterfeit measures on currency and financial transactions?
Admin
Are you sure that's really the President's view on encryption, Wayne? Because it looks a heck of a lot like a goat. Maybe I should pick the other door...
Admin
I actually think the analogy of a safe still holds for the most part. The big difference is that the safe isn't buried in your house or behind a bigger, heavier safe (i.e., a bank vault). Your safe is attached to a quad copter with infinite fuel and a publicly accessible web interface where anybody can make it come to them whenever they want. So yeah, you've got a safe, but literally anybody can attempt to break into it under whatever conditions they please.
Given that, what would most people put into the safe? Probably nothing very important: if anybody figures out a weakness in a model of safe, they'll just instruct every quad copter carrying that model safe to them and they'll have access to all of the juicy data therein. It also can't have a little red button that only the cops know about that opens it without the password, because if anybody else finds the red button, it will invalidate the security of every model of safe that has the button.
Well, the data on our phones or stored in our networks is the safe attached to the quad copter. If you're going to put anything important on there, then the safe has to be as impenetrable as the technology of the time allows.
Admin
Observation: the article comments on the "I don’t see why it’s so hard to make encryption that the government can spy on" fallacy.
It's easy to make encryption the government can spy on. What's hard is making encryption that only the government can spy on.
Admin
@boomzilla, @PJH, @abarker, @Yamikuronue, @aliceif, @Remy I do believe this should be listed now.
Admin
Admin
Admin
now, now.... @Yamikuronue, @PJH.... No need to fight over who gets to push the button.
[image]Admin
We weren't. Seems two other people were though...
[image]Admin
He's good at those sorts of lines. :passport_control:
I'd suspect the coin may have two heads under these conditions.
TDEMSYR. "We should be able to search your phone" is independent of the encryption. At that point, you are required to hand over the keys, IIRC. This is confusing the legal / moral issue with the encryption. If you had an "impenetrable" vault only accessible through some magic power you have, they should able to search it upon a warrant. That's orthogonal to the actual ability to compel you to follow the law.
Maybe your incorrect preconception is that they agree with you that truly unbreakable encryption is a good thing.
Admin
I saw an analogy that seemed alright to me. It's still with its flaws but it's not horrible:
Imagine there's a house that had a grim murder in it. It's in a community where everyone has their own key, but if you don't have that key, then there's no brute force way to get in. The only solution would be to provide a special key that one can use to enter any house. The investigators can get that key, for sure, but there's no foolproof way to keep it from getting copied and eventually sold on the black market for anyone to use.
Now, imagine that, instead of a house where you have to, you know, travel to it to even break in, this house exists in a virtual realm where anyone can access it from anywhere. They could be in another state, country, or even continent. Hell, they could even be in the International Space Station and have the same access to your stuff, and you won't even know if they ever accessed it.
That is until you find your nude photos on 4chan.
Admin
"Most of you have probably seen a demonstration or visualization like this one which uses a rubber mat to show how gravity warps spacetime. [...] Of course, both of those analogies actually do a really bad job of actually explaining the phenomenon. They’re simplistic and obscure a lot of details in the name of getting the point across- in technical terms, they’re leaking abstractions"
Look-a-here: https://astronomy.stackexchange.com/questions/14148/how-does-gravity-really-work and here: https://xkcd.com/895/
Admin
Sticking to the key/lock/vault analogy, and using a master key as a government back door, let's continue with an actual example:
TSA master keys got photographed, and now anyone can have a master key to any luggage in any airport.
Extend the example:
The bad guy puts his stuff in a box, locks that with a different key, and puts that box in his luggage. The bad guy is safe. Everyone else has unlocked luggage.
Admin
I had a discussion about blackjack with a coworker yesterday. He claimed that an inexperienced player "screws up the table" by taking other people's cards. No matter how many times I told him that it's equally likely that the player would take your good card as take your bad card, he wouldn't budge on his belief that the guy to the right of him influences his chance of winning. He was completely deaf to the idea that if you are counting, more known cards makes the count more accurate. His only basis for his opinion was the times he "felt cheated" by a guy who took a stupid hit, busted, and went down with the exact card the coworker needed to make 21.
Admin
Bad, bad, bad assumption.
It is a much much safer and better assumption to assume that almost all politicians, regardless of ideology, are insincere and manipulative. Sometimes ignorant (although I doubt that in this case) and almost always harmful to our rights.
Trying to educate a politician as to the facts, when they already know the facts and simply do not want to publicly acknowledge them because they are inconvenient to acknowledge and would be harmful to their agenda, is a waste of time.
Admin
As I mentioned in the HTML comments- it's the spherical chicken in a vacuum assumption.
Admin
Not to mention black widow spiders...
Tyson reminds me of Michael Jordan: A superstar in one very specific field, but dangerously incompetent outside of it, particularly when he says things like how we shouldn't worry about GMOs because they're exactly equivalent to selective breeding, which mankind has practiced throughout history. Nevermind that 1) selective breeding has done real harm in some cases (producing monocultures and wiping out genetic diversity) and 2) there's a huge difference between breeding (mixing around genes naturally found in a species) and genetic manipulation (adding new genes that never existed in the species's genome).
Saying something like that, as a respected scientist that people actually listen to, is scary because it can do real harm. I lost a ton of respect for him at that point.
Admin
The biggest part of this mess that is forgotten is that the FBI had the opportunity to get the information they needed. Apple told the FBI to not reset the cloud service password for the account. They were told to let the phone synchronize to the cloud service. At that point, Apple was ready and willing to cooperate and give the FBI what they needed.
But instead, the upper-level idiots at the FBI reset the password, thus bringing us down the path we are on. So, the analogy is that the FBI is asking for the master key to unlock every iPhone--making every iPhone insecure, because they were too stupid to follow the instructions that allowed them entry to a single iPhone. Kinda like, "Oops, I put a wall up over the door--can you give me a rocket launcher so that I can get in?"
Admin
I thought I had the perfect analogy to explain the nature of the analogy of the rubber sheet to spacetime, but when I thought about it some more it wasn't really the same thing at all.
Admin
I think we have all struggled with explaining technical limitations to stake holders who don't understand the why of things, and it is a struggle.
My solution in the work place has been to take the stance of "I am the expert, you pay me for my expertise, take it"
The reality is there is no way of making people understand a complex subject without first teaching them the complexities. If they can't be bothered to learn then, simply put, they will never learn.
What we will really need are laws in place that state policy makers need to be educated on the topics for which they are making policies on. Yes it is a burden, but so is having law makers making decisions on things they don't even understand.
You don't hear law makers require that doctors "just grow an arm back" because "we landed a guy on the moon" and because "my laser eye surgery worked"....
When a doctor says "This is my advice, I am the expert so listen" lawmakers tend to listen and admit to themselves "maybe they can't grow back an arm"....
Security and tech experts need the same clout, so that when they say "we are the experts, listen to our expertise" the lawmakers don't feel like it is up for debate.
Admin
You should have used a cat.
Or maybe just put butter on one side of the rubber sheet.
Admin
BTW, you don't even need math for strong (and in fact unbreakable) encryption: Use one-time pads.
Yes there's a couple drawbacks, like the fact that you need to be able to distribute them. But unless your pad is noticeably nonrandom, it's solid. On the subject of 1time pads: does anyone know if recycling a pad within a single message leads to any decryption capabilities? Because if not, then once you've distributed the first pad, you just use it to encrypt and send out the next one-time pad, ... :smile:
Admin
and.. naturally, recycling is A Bad Thing (tm) . OTOH, combined with quantum encryption, there's a paper from 2005 which claims
Not that it would be a surprise if some subsequent paper disproved this. Quantum stuff is weird.
Admin
Isn't that essentially what Google Authenticator does?
Admin
..the wife of Ant-man?
Admin
Admin
Admin
You're forgetting about mutations.
Admin
No, they won't get it wrong. Because it is more likely that the next flip is heads. By a long shot.
Hint: you didn't stipulate that the coin is fair or that flips are independent. Since there is no reason to assume the coin is fair, the maximum likelihood estimator for the probability of heads on the next flip is 100%.
Admin
One of the tests in my stochastics homework once deducted a point because I did not stipulate that "you can only draw as many balls out of the urn as there are balls in the urn."
That's why I like physics: We don't have to deal with such bullshit.
Admin
I'll allow that the coin might not be fair, but individual flips of a coin are pretty much by definition independent, regardless of whether the coin is fair or not.
Admin
Well, you could make the coin out of lead and scrape off a bit off one side (asymmetrically, of course) every time it falls on this side...
Admin
Let's put it this way: Your mind is "encrypted" and (presently) only you know the "key". Would you let the government (or anyone else for that matter) have the decrypting key to your mind?
I didn't think so.
Sure there are interrogration techniques that will coerce bits from someone, but there is no "key" that will decrypt your entire mind. I consider this a positive thing.
Admin
Can you toss a coin in such a way as to make it more likely to land (the same way up|the other way up) as you were holding it when you flipped it? If you then always picked it up (the same way|the other way) as it landed, it wouldn't be independent.
Admin
Anything fancy like that would go outside of the description of simply "flipping" the coin.
That would be very difficult and also go outside the description of "flipping" it.
Admin
What I think Remy was saying is that most people will say "Tails is due so I'll bet on that" when in fact what I was pointing out is that 10 heads in a row is beginning to be evidence of a biased coin and you should bet on heads.
Since you are cap obvious I'll spell it out:
Either the coin is fair or it isn't:
Maybe I'm misunderstanding your reply because - uhm ...maybe it's too obvious for me :stuck_out_tongue:
Admin
It's not just how you toss it, but if/how it lands.
http://econ.ucsb.edu/~doug/240a/Coin%20Flip.htm
Admin
So the answer is simple: the coin must be flipped by firing it out of a modified shotgun, bouncing off a kitchen sponge, to then come to rest on a wooden table; the table is then flipped.
There, that should add sufficient randomness :smile:
Admin
:wtf:
Did this astrophysicist give any kind of remotely possible explanation? I'd be willing to accept that the difference in vibrations between shouting and whispering could have an effect. I'd even go as far as entertaining the slim possibility that those emotions being active in a person's brain have some subtly different electromagnetic radiation that causes it.
:fire: Exhibit B: Ben Carson. Widely considered a great neurosurgeon, yet still thinks the Earth is 6,000 years old.
Admin
Same reason technical people do. Mostly it's down to not having done enough work to build up the conceptual background required, and that is mostly down to the fact that no human being has infinite amounts of time at their disposal.
By being visibly good at what we do so that when people want an informed opinion they will ask for one.
The fundamental issue you're trying to address here, it seems to me, is too narrow. Lack of technical knowledge is not the only, or even the most frequent, reason for terrible decision making.
The making of terrible decisions by powerful people has been a feature of human society for as long as there have been human beings, and there is no way to stop it from happening. All we can do - all any of us can ever do - is keep on attempting to use our own best judgment to influence the decisions we see being made by the powerful people within our own orbits, while continuing our own personal internal jihad against Dunning-Kruger*.
When the knowledge that you are completely surrounded by utterly sincere Trump supporters becomes too much to bear, I recommend taking long walks in heavily treed country. Don't forget your bells and your pepper spray.
*Engineers in particular would do well to spend more time paying attention to the output of some of those "useless" liberal arts majors.
Admin
I don't understand some things in this debate.
"Government X or politician Y wants to ban encryption" Do they want to ban companies in their country from selling encryption software, or do they want to ban all citizens from running it? So if they succeed, and I implement an encryption scheme in C and run it on my own device, am I breaking the law?
"A backdoor is different from a warrant to search your home, because it would enable the bad guys to access your data as well" How is it different? The bad guys break into my home if they are bad enough. Bad guys can do anything, because they are bad.
"Encryption is math, and you can't ban math" Who said you can't? You can't ban my foot or my car, and you can't generally ban me going to places using them, but I am definitely banned from, say, using them to enter Area 51, and I will be shot down if I try. It seems to me that you could ban encryption no problem without banning math in general.
Admin
I wouldn't count on that. see Orin Kerr's article Encryption and the Fifth Amendment Right Against Self-Incrimination it discusses United States v. Fricosu, where a defendant was ordered to produce an unencrypted hard drive with the provision
He also links to previous discussions of In re Boucher were another defendant was forced to turn over an unecrypted hard drive.
There's also United States v. Kirschner where the court said requiring a defendant to reveal a password would violate the 5th amendment.
Since you have federal courts disagreeing on this I would expect sooner or later SCOTUS will grant cert on a password case.
Admin
A post was merged into an existing topic: :fire: Vaccines Are EVILZ!!! NAZI EVILZ!!! + Conspiracy to suppress autism cure