Posts by Charles 9 16605 publicly visible posts • joined 10 Jun 2009
"No wonder, some older cultures didn't trust written "knowledge"."
But at the same time, it's hard for people like us to believe people once relied on other people's memory, which we now know has plenty of potential to get muddled and messed up, especially with age. And I haven't even touched on deliberate fabrications (eg. one lies, the other swears by it).
Seems you can't win either way.
"Still not much of an attack, IMO. Unless someone can arbitrarily set the difference to something meaningful, it only proves that its possible to overcome SHA-1. It's still really really REALLY improbable to produce a meaningful difference."
Sometimes, just a few characters can be enough to change the whole meaning of a document, such as the inclusion or exclusion of a single "not".
But if you can insert "not" AND just stash away the "KJ"BIUE_D H£(*ERNY£" in a garbage area, you're sorted.
What I want to know if this is more than a collision but a preimage attack (or more severely, a SECOND-preimage attack that found a collision with a specific target).
Erasure coding has its place for large devices because larger transfers (inherent with larger disks) raise the risk of glitches: silent corruptions like double-bit-flips that manage to still pass on-the-fly checks like parity checking. With erasure codes in place, you can correct for those glitches.
Now, for whole device (ie. controller) failures, yes you need redundancy, but also recall that reconstruction is a function of time, and one thing SSDs have in spades over rust is transfer rate, especially when using 4x PCI Express. This greatly reduces the reconstruction time which in turn reduces the risk of a failure during the vulnerable reconstruction phase. Perhaps because of these faster times you can get away with just 2 backups when you would've needed 3 with rust. Besides, at some point you have to think enough is enough because if you get a major event that nails say FOUR of your devices at once (AND maybe even all your backups, including the offsite, think a major earthquake) you're into Act of God (aka Crap Happens) territory when all you can do is pray.
That's why I use BOTH strategies, though in a smaller capacity (because the data I'm backing up is less critical): two copies of each complete with PAR2 sets. The PAR2 files provide erasure codes to deal with glitches, while having the second copy (normally kept offline to reduce wear, and the two are rotated periodically) provides a failsafe in case one goes kaput.
Except I would think the price point for 30TB of ANY storage is going to probably limit it (at least for the short term) to enterprises who can actually afford them. After all, 6-8TB of rust runs about $200 externally, and these are likely shingled so are best for read-heavy jobs (a niche tech like QLC would be able to fill). So if they can do, say, 10TB for about $500 using more-general tech that lasts longer, then they'll be in a position to assault rust from the capacity end of the spectrum.
Though I should note that by that point, it would also be nice to have more-affordable access to some kind of longer-term backup tech on the consumer front, since at those capacities transfer glitches are more likely to crop up.
It wouldn't have to be comparable, just low enough that its premium can be justified to the buyer since solid-state drives do provide tremendous benefits. It's just that the premium at this point is still too high for most. I would say once it gets to double (or less) the price/capacity of rust, especially at large capacities (pretty much rust's last stand), then the sun will set for rust.
3D display won't be truly eye-catching until it's volumetric, as in projecting out into open space such that you can walk around it. No fancy headgear, no need to be positioned just right. It just works with the Eyeball Mk I. That's what the public is really waiting for, but the technology to display voxels in open air isn't there yet, plus whatever data demands are being pushed with today's 4K screens are raised a whole order of magnitude with volumetric displays. Just a 1Kx1Kx1K volumetric display, 32 bits per voxel (you now MUST include the alpha element), updated 15 times a second will require 60GB (yes, gigaBYTES) of bandwidth to keep up.
"You should not be NATing at all on v6. It's true that 1:1 NAT is less terrible than masquerading, but it still involves rewriting addresses on packets. Just give your public addresses directly to your machines; I promise it's way less effort than NATing."
But also riskier since an outsider could sniff out the network topology by ID'ing a few machines, and without ephemeral outgoing addresses, machines can be back-hacked. That's why BOTH are now in the IPv6 spec, to protect against those prospects, both of which cropped up in the IPv4 Net. And neither of these can be easily blocked by the firewall, either (the former because all the info is gleaned from the outside, the latter because you're re-using an already-established connection).
Still doesn't address the problem. Target device has a 128-bit IPv6 address. Source can only send 32-bit IPv4 addresses. It's like a native Frenchman trying to talk to a native German. Nothing in common, and you can't relay your way past the language barrier because IPv4 has no room for extensions that the (nonupgradeable) device can comprehend.
"Apps on internal devices do not send IP addresses, they send to names."
Actually, ALL IP devices send to numbers. They MUST, as that's all the protocol recognizes. Names get sent to resolvers which return numbers for the app or device to use. But they can still break.
"Eh, no. I just have to remember the "external" IP on the NAT box that gets me to the machine on the "inside"."
Unless you're trying to set it up, in which case you WILL need both internal and external addresses so that you can configure your gateways to reroute the connections.
"You should be getting enough address space to not need to NAT on v6"
The idea with NAT on IPv6 isn't to allow many machines to share one address (a one-to-many NAT) but to allow you to keep outsiders guessing about your network topology. NATs in IPv6 are meant to be one-to-one, taking advantage of the vast address space to scramble addresses in two ways.
One, outgoing connections get temporary IPv6 addresses, only good for those sessions. This helps prevent backtracking. Two, you can scramble the relations between external and internal IPs so that network snoops can't figure out hour your network is structured from the Internet-facing addresses listed. The Internet gurus don't mind one-to-one NAT because it preserves end-to-end connectivity (and thanks to the firewall that remains with IPv6, that connectivity remains yours to control or disable at your choice).
But doesn't V6 behind a one-to-one NAT mean you have to remember MORE addresses, because you have to remember TWO addresses PER node if they're Internet-facing, especially since with address scrambling (which is in the spec) there's no relation between the interior and exterior addresses, particularly if it's something like a gateway that wouldn't be allowed to use things like DNS (because it runs BELOW it) to smooth things over?
A map is what you make of it. If you're out orienteering or whatever, then perhaps you'll want a map with OS's level of detail. OTOH, road maps tend to be terser with an emphasis on...well, roads. Guess what Google Maps are used for 9 times out of 10? Also, Google Maps does go the extra mile with things like traffic maps and other things that are only practical when collected in realtime.
"Why is it that the only perceived options in the world are to eat up, destroy, or be destroyed? Survival of the fittest doesn't mean destroying everything else, because if you did there would be nothing to eat."
Because if you don't destroy the competition, some of them will start beating you to your lunch, meaning you don't get to eat, either. I mean, that's how it works in most other parts of nature. And we're still part of nature. Sure, there are some who would demand that businesses cater to their fellow man first (and if they can't make a buck while doing so, they're in the wrong line of work according to them), but businesses are just extensions of people, and people still have primal instincts such as to live, reproduce, and so on. What goes on beyond their little tribe (and remember, humans are more tribal than social),as long as they're not in the way, isn't really their concern. After all, a little altruism has as much chance of turning against you as going forward.
"You might equally argue that it doesn't need another satellite based navigation system but I understand that currently the fourth is well on the way to being complete, and these are not exactly cheap."
They're also politically and militarily motivated. None of the owners of the four systems wants to be at the mercy of the other three, especially in the event of disagreements or even a conflict.
Yes, how do you get data in and out of an airgapped system in the first place, especially if the data is not of the type to be easily grokked by the Eyeball Mk I. Otherwise, you've got yourself the equivalent of the PC in the ground: sure, you can't infect it, but you can't USE it, either.
"That I strongly doubt. Yes, fobs can run out of battery but in my experience you tend to get at least a small warning where for a few days or weeks you have to press it a few times before it goes entirely. And yes, operating then with gloves can be a challenge."
I'm holding one for a Buick right now. Changed the battery twice and it STILL won't work, and I'm not paying $100 to get it replaced.
"Now I grant that water can block some frequencies used by key fobs, but frankly if the ice is that thick, you ain't even getting to the handle, forget about driving it today."
Way up north, driving in those kinds of conditions is considered de rigeur; you can't really call yourself a resident if you can't.
"Any software (trojan or other) can easily re-enable your webcam and send as much video as it wants. Putting something in front of the lens removes that possibility."
Unless, of course, what you think is the lens isn't really the lens and it's much more insidiously concealed in a spot where tape isn't an option. And no, you can't cut the wires off the camera without potentially bricking the machine...
Yes, but it MIGHT be nice for it to consider that, with cars bumper-to-bumper on the one side blocking that exit, that it may be preferable to try to ram the guardrail on the other side or navigate the otherwise-illegal "emergency opening" in the median, even if it was never taught this before. Perhaps, as a last resort, intentionally put itself on its side to present less cross-section to the oncoming truck and focus the meat towards the median. IOW, to think outside the box and find a third option through which the driver may be better able to escape with his/her life.
"Better still, some enterprising hacker should figure out what makes it tick, and trace all the circuitry to see if its all just hype or not."
And once you find out that the device is equipped with suicide circuits such that defeating the telemetry bricks the device?
And then you find out they're standard equipement in all the devices you can find in the store and online these days?
"Interesting factoid, if you work for TLAs you can now get smoke detectors which "look" exactly like the real thing and even detect smoke/heat but have a small 1080p camera hidden inside them."
1080p? That's an improvement over the one I found at Amazon a couple years back. That only had 600TVL. Anyway, you don't have to be in a TLA to find such a camera. And yes, they ARE working smoke detectors, too.
Actually, they're still lossy. Because they're digital. The very process of ADC (which is needed to produce the bitstream) can be easily demonstrated to be lossy. Sure, a high-quality 24-bit 192KHz recording is not going to be THAT lossy, but it also won't capture every last harmonic or ultra-fine or ultra-high-frequency sound.
Take it even further, and you can claim that ALL recording is lossy because it involves a process in the analog world, and ANY process in the analog world can't be perfectly preserved.
I think it was "In the land of the blind, the one-eyed man is king." But the thing about election is that they suffer (like anything else communal in nature) from imbalance of knowledge. In fact, EVERY form of government is extremely prone to fatal corruption. Even democracy, which can be corrupted by fooling an uninformed electorate.
"The US has the highest per-capita prison population in the world, and you want to make it bigger? I'd suggest that as a policy it's not working, nor are US prisons cosy hotels that no one would want to leave."
Compared to some of the hellholes cons go through, they'll consider a US prison a paradise. Especially compared to prisons elsewhere in the world (or even within the US, consider some of the more infamous ones like Angola, Louisiana).
"One option would be to appoint willing canaries to the board. If they are suddenly unavailable for comment then conclusions can be drawn. I will not be putting my name forward, though."
Good thing, because those canaries would simply be compelled by court order to lie. That's always been the potential weakness of canaries: they can be compelled to sing...even if it means turning them into zombies first.
I'm saying it's a possibility and not the only one. But I'm also saying that trying to get corruption out of any work of man is basically an intractable problem, and that has grave consequences for greater civilization (ANOTHER work of man).
And PS. No Joke Alert because I'm dead serious.
"This however gets massively complex when we're discussing say, results from a scientific study done by a private university sponsored by government provided funding."
ESPECIALLY when the study was about sensitive stuff like potential dual-use biological agents, bringing up entirely-proper matters of sovereign security.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
