Posts by PyLETS

Re: Legitimate uses for Bitcoin ?

"Uhh - Microsoft accept btc ... "

It seems they price in and accept $US, and will allow an account to be settled through a Bitcoin payment processor which they immediately convert to the required $US amount. That's not the same thing, as the BC price will change minute to minute while the $US price is more fixed. You could more easily pay a restaurant bill in Spain with a £ debit card using the Visa or Mastercard network - but that doesn't mean the restaurant accepts or trades in £Sterling. http://time.com/money/3658361/dell-microsoft-expedia-bitcoin/

Monopoly money

'Everyone involved wants bitcoin to grow, and it is obvious capacity needs to increase. They disagree on *how* to do it.'

If having the system slow and unreliable increases transaction fees, how exactly does this result in everyone, including those who would prefer to be larger sharks in smaller pools, involved in wanting these limits removed ? If that were so the present incumbents wouldn't have DDOS'd the fork intended to bypass current limits.

Einstein's dice

>Going out on an existential limb, it could be that true randomness is impossible because there's an >innate order to the universe that can't be broken....

You're in good company. For Albert Einstein's famous statement: "God does not play dice with the universe" to be true, randomness where we think we've found this, would be an emergent as opposed to an intrinsic property of the universe.

@Charles 9: Wresting power back

"Fair enough. Now tell us how we can wrest the power back from them? What cards can the community still play?"

Setup and use an alternate DNS root zone. It wouldn't be that hard to do technically in collaboration between the existing top level domain authoritative nameserver operators. There would be 2 harder problems:

1. Get those configuring DNS resolvers to point to it in preference to the ICANN root.

2. Decide who manages it and how.

Once enough people are using DNSSEC, a revolutionary consensus would also need include operating system vendors to patch operating systems to accept the new root zone signing key.

There would also be quite a financial stream available for such from the domain registrars, who would clearly have to be part of any revolutionary consensus if they are not to have to pay cuts from domain fees to 2 root zone operators during a protracted competition between 2 root providers.

Black start options

Rotating fossil fuel generators tend to need electricity to generate a magnetic field to generate electricity. Hydro is often designated for this purpose in grid black start planning.

https://en.wikipedia.org/wiki/Black_start

Re: Why?

Because the different product and technology divisions within Microsoft don't want to be bound together into an ultimate gamble where either all have to succeed together, or none will succeed at all. It's the same reason Microsoft want to sell Office on platforms they don't control. If they can get their technology working as well on Linux and Apple platforms this increases the market for services and support, even if they sell fewer licenses on Windows. If the .Net platform is sold based on support as opposed to product licensing they have no reason not to do this.

.Net also competes against Oracle Java, CPython and the GNU toolchain also, but it can't compete as well if it's limited to Windows platforms given these competitors are not so limited. Python runs on .Net (IronPython) and Java (Jython) platforms for the same kind of reason.

Re: Naive -> "What’s needed are zero-carbon energy sources..."

The main problem with wind energy is storage, due to wind variability. Putting big reservoirs on the top of hills is expensive and unsightly. One option being looked at is storing excess wind energy in the gas grid, using C02 captured from residual fossil fuel plant in the medium term, and I guess from biofuel in the longer term. Again, all of this is feasible given acceptance of higher energy costs, but not a perfect totally "carbon free" solution during several decades of transition.

The alternative is much higher energy costs externalised into costs of sea level rise, more frequent storms and flooding etc.

DNSSEC ?

Well, it provides for the possibility of a somewhat better PKI than the broken one we use for HTTPS, where any of over 500 CAs can forge a certificate for any domain on the net. DNSSEC would not be a perfect PKI by any means, and there's no particular reason to trust ICANN as the holder of the keys to this kingdom either. But signatories of bogus NS records pointed to at managed zones can at least be held accountable. Such a bogus signed NS record for any next level down is observable and recordable, and once recorded and publicised, such would provide signed proof of bad intentions and actions wherever in the DNSSEC hierarchy registrar reputation needs to be protected.

DNSSEC also provides a fairly obvious place for certificated public key storage. For example, if you want to develop a networked application called foo, storing the public key for example.com at _foo.example.com seems fairly obvious. And given domain registrants already got the hassle of having to renew domains every year or 2, now's good time to move our business to DNSSEC domain friendly registrars in preference to those which are not. This could also save the cost of those stupid, expensive and near useless CA HTTPS certificates.

"disappear forever. Will it happen with bitcoin ??"

Unless the cypto protocols are broken and the system branches wildly without consensus about which branch is "authentic", I expect Bitcoins might be traded in 100 years, just as Penny Blacks are after they ceased to be carried by anyone's need to have letters delivered, amongst a historically inclined and nerdy trainspotterish sect. They probably won't generate many press articles though once they stop carrying some other historical baggage with them such as payment for blackmail demands, other than in the cryptocurrency equivalents of stamp-collector's magazines.

Of course this is all predicated on continuing interest in the "my CPU/GPU/Hashing farm is bigger than yours" electricity-wasting competition continuing.

Re: Hang on a minute…

SSH can be setup either to use a shared secret password, or to use public/private keypairs, where only the public key would have needed embedding, and clearly the latter approach is safer if slightly harder to setup. I've installed it using both approaches. Cisco had wanted to leave a way in for themselves and/or their spook friends without it becoming so easily exploitable and had thought a bit more carefully about this, they wouldn't have used the shared secret password approach.

NSA behind this ?

You can't achieve security without trust at some level. That's looking at it from the point of view of risk management which is possible, and not full risk elimination which isn't possible.

You can make whatever conclusions you like of the fact Phil Zimmerman is their CEO. He was the author of PGP and faced a grand jury trial many years ago which was eventually thrown out, based on the allegation his authorship and release of PGP contravened export regulations which classified crypto software as equivalent to munitions at the time. You can form whatever opinion you like of Phil's motivations in doing this, and of his ability effectively to select and manage whichever professional engineers he has chosen to collaborate with him on this.

Pick of jobs

Robert Morris didn't do too badly. But computer crims didn't have to waste 10 years of their life awaiting threatened extradition then. https://en.wikipedia.org/wiki/Morris_worm

Re: Worked on something similar to this.

Me too, in the early eighties. I didn't even know then the name of the problem. Ended up optimising 3 variables, 1. The time on the CNC drilling tool used to drill a stack of PCBs, 2. The machine time on the much more expensive mainframe computer, and 3. the number of days programming effort.

I seem to remember I did it by dividing up the rectangular area into a number of smaller squares with suitable start and end nodes within each square to minimise movement of the drill head between squares, optimised the route within each square and moved between adjacent squares.

Re: Been there, done that. - well more or less depending how you view it

"The user id doesn't work on your demo app."

Fixed it for now.

Re: Yup..

"Pity that the most crumpled places in the UK, i.e. those best suited to hydro-storage, are those bits most likely to devolve and claim independence."

Matters from one point of view, but not this one given suitable market incentives. Eire has been considering using their western mountain ranges for pumped storage. Not so much for their own needs, but to sell more reliable renewable electricity to the UK. Same applies to increasing interconnector capacity across the North Sea (as well as the Irish Sea), enabling access to Norweigan hydro and pumped storage on a commercial basis.

Re: If that's not a typo...

The level of security audit and testing feasible on hardware and software is proportional to its age.

So if you really want a secure system, you don't want the latest shiny. You do want something that's been around for a while and has been very heavily used by many curious people willing to publish what they have discovered.