How about criticizing the article instead of the person? Hero worship gets us nowhere.
Yes, in order to validate the chain of trust the TLD must be signed but sibling 2LDs have nothing to do with whether a particular 2LD can be signed. If wikipedia.org wants to sign, they can do so, because their parent…
Phreebird isn't critical in any way to the arguments he makes, it's simply offered as an example of online signing with DNSSEC. It's right there in the first paragraph, mentioned alongside existing, well-known servers…
Which would be only marginally more specific. Humans have been eating "artificial", "synthetic" foods for thousands of years, and all of these things are made from "natural" ingredients because matter can't be conjured…
You could use a Diffie-Hellman exchange to get a shared secret so things are "obscured by default" but not trusted, then let higher layers deal with trust validation. For example, the TLS certificate handshake could…
I use my own MX rubber-banded together with Postfix, SpamAssassin, and dovecot IMAP. I also have bucket.mydomain pointed to mailinator.com so I can use addresses under that domain as throwaways without the site I'm…
Apple adopted H.264 years ago -- it's basically all they use.
They're not sitting around a conference table in an underground bunker, stroking their beards and cackling maniacally while trying to screw the open source community as hard as possible. Microsoft is a business. What…
That is, until it starts taking over the target computers and clicking the links itself. Any naive utility function will produce undesired side effects: http://wiki.lesswrong.com/wiki/Paperclip_maximizer
> The author's whole premise is that dropping out is universally bad and should be discouraged, and that staying in school is universally good. No, the entire premise is in the title: Don't encourage kids to drop…
Clarify? Collision attacks by definition do not feature an existing digest as input so they are not useful for breaking into a system secured with a digest.
You are right, of course. I wrote that as 'ideal digest' instead of MD5 then rewrote it. Specific digests always lose a few bits in real life, or in MD5's case, most of the bits...
The Quebecois are particularly fond of religious imagery as a basis for cursing: http://en.wikipedia.org/wiki/Quebec_French_profanity
Actually you can (almost surely) stop cracking at 16 bytes, because that's how long MD5 digests are and any more bits than that are going to give you hashes you've already seen. You won't get back the original string…
You can upgrade passwords when the user logs in. The sanest thing to do seems to be to store all the public variables (work factor, salt) alongside the digest so each password can be handled separately.
> is it possible, given the ciphertext, to know roughly how much work is required to test a password? The work factor is an input to the digest function, both when creating and when validating the password. Normally…
To nitpick, the topic at hand is pre-image attacks, not collision attacks. Pre-image is where you know the hash and want the plaintext, collision is where you create two plaintexts with the same hash but don't care…
Why does the font size change randomly throughout the article?
You didn't explain why rewriting local, private history breaks any of those things unless you keep your local, private branches around indefinitely in un-rewritten form. If I rebase, it replaces my previous branch, not…
The answer to a question in a headline is always the null hypothesis. In this case, "no".
> How does one revert this without physical access to the drive? I know this was a rhetorical question, but I'll answer anyway: It isn't possible. Not only is there no way to read latent data normally from a drive…
If I were writing a block provisioning system I would keep a map of what blocks have not yet been written to and always read zero for those blocks. Then the first time it is written, allocate a block that has already…
Individual streams aren't parallelizable, but if you have many streams open at once you could hypothetically process them together in parallel instead of separately in parallel as it is with a CPU. Also, there are block…
I would downvote if I could even though it's now at 5 points. Topical or not, it's still a content-free post.
"copies of the Software" Doesn't say anything about the name. Trademark law and copyright law are related but very distinct. If Oracle owns and enforces the trademark "Hudson" in the context of continuous integration…
How about criticizing the article instead of the person? Hero worship gets us nowhere.
Yes, in order to validate the chain of trust the TLD must be signed but sibling 2LDs have nothing to do with whether a particular 2LD can be signed. If wikipedia.org wants to sign, they can do so, because their parent…
Phreebird isn't critical in any way to the arguments he makes, it's simply offered as an example of online signing with DNSSEC. It's right there in the first paragraph, mentioned alongside existing, well-known servers…
Which would be only marginally more specific. Humans have been eating "artificial", "synthetic" foods for thousands of years, and all of these things are made from "natural" ingredients because matter can't be conjured…
You could use a Diffie-Hellman exchange to get a shared secret so things are "obscured by default" but not trusted, then let higher layers deal with trust validation. For example, the TLS certificate handshake could…
I use my own MX rubber-banded together with Postfix, SpamAssassin, and dovecot IMAP. I also have bucket.mydomain pointed to mailinator.com so I can use addresses under that domain as throwaways without the site I'm…
Apple adopted H.264 years ago -- it's basically all they use.
They're not sitting around a conference table in an underground bunker, stroking their beards and cackling maniacally while trying to screw the open source community as hard as possible. Microsoft is a business. What…
That is, until it starts taking over the target computers and clicking the links itself. Any naive utility function will produce undesired side effects: http://wiki.lesswrong.com/wiki/Paperclip_maximizer
> The author's whole premise is that dropping out is universally bad and should be discouraged, and that staying in school is universally good. No, the entire premise is in the title: Don't encourage kids to drop…
Clarify? Collision attacks by definition do not feature an existing digest as input so they are not useful for breaking into a system secured with a digest.
You are right, of course. I wrote that as 'ideal digest' instead of MD5 then rewrote it. Specific digests always lose a few bits in real life, or in MD5's case, most of the bits...
The Quebecois are particularly fond of religious imagery as a basis for cursing: http://en.wikipedia.org/wiki/Quebec_French_profanity
Actually you can (almost surely) stop cracking at 16 bytes, because that's how long MD5 digests are and any more bits than that are going to give you hashes you've already seen. You won't get back the original string…
You can upgrade passwords when the user logs in. The sanest thing to do seems to be to store all the public variables (work factor, salt) alongside the digest so each password can be handled separately.
> is it possible, given the ciphertext, to know roughly how much work is required to test a password? The work factor is an input to the digest function, both when creating and when validating the password. Normally…
To nitpick, the topic at hand is pre-image attacks, not collision attacks. Pre-image is where you know the hash and want the plaintext, collision is where you create two plaintexts with the same hash but don't care…
Why does the font size change randomly throughout the article?
You didn't explain why rewriting local, private history breaks any of those things unless you keep your local, private branches around indefinitely in un-rewritten form. If I rebase, it replaces my previous branch, not…
The answer to a question in a headline is always the null hypothesis. In this case, "no".
> How does one revert this without physical access to the drive? I know this was a rhetorical question, but I'll answer anyway: It isn't possible. Not only is there no way to read latent data normally from a drive…
If I were writing a block provisioning system I would keep a map of what blocks have not yet been written to and always read zero for those blocks. Then the first time it is written, allocate a block that has already…
Individual streams aren't parallelizable, but if you have many streams open at once you could hypothetically process them together in parallel instead of separately in parallel as it is with a CPU. Also, there are block…
I would downvote if I could even though it's now at 5 points. Topical or not, it's still a content-free post.
"copies of the Software" Doesn't say anything about the name. Trademark law and copyright law are related but very distinct. If Oracle owns and enforces the trademark "Hudson" in the context of continuous integration…