$7.95 Power Hosting
Title: $7.95 Power Hosting Limited Time Offer: Sign up and get FREE DOMAIN and Free setup 150 MB Hosting50 Pop E-MailsSecure Server15 Gigs TransferContent PromoYour-Name.comYou! r ! own cgi-bin 24/7 FTP AccessDetailed Statistics Plus much more! Our Equipment: Bravenet Targeted List Click Here to Unsubscribe
Re: Quantum mechanics, England, and Topos Theory
On 23 Apr 2002 at 18:56, Tim May wrote: > On Tuesday, April 23, 2002, at 11:18 AM, Ken Brown wrote: > > Back nearer to on-topic, Tim's explanation why the world could not be > > predicted even if it were locally (microscopically) predictable sounds > > spot-on. > > It's not my idea, obviously. But the fact that I wrote it so quickly, > and so glibly (he admits), is because it's so internalized to everything > I think. I simply cannot _conceive_ of anyone thinking the Universe, let > alone the Multiverse, is predictable in any plausible or operational > sense. The sources of "divergence" (aka chaos, aka combinatorial > explosion, aka Big O with a Vengeance) come in from all sides. I can explain why people might think it were. You could imagine that due to feedback mechanisms or statistical averaging, these small uncertainties tend to cancel each other out, provided you're confining your interest to macroscopic observables. For example, when a sheep dies you get more grass for the remaining sheep, which gets you more sheep again, so you can do a reasonable job of predicting sheep population without knowing anything about the fates of individual sheep. Similarly, if i cut a fart in an elevator, there's no telling where an indvidual stink molecule will go, but in not too long they'll be more or less uniformly spread throughout the elevator. I can't see how anyone would believe you would ever be able to predict, say, radio static. But I think 50 years ago most people believed that in principle you could predict the weather arbitrarily far into the future. And there are still people who believe you can predict stock prices based solely on the squiggles. These people are called "technical traders" by themselves and "fools" by others. George > > --Tim May > "He who fights with monsters might take care lest he thereby become a > monster. And if you gaze for long into an abyss, the abyss gazes also > into you." -- Nietzsche > >
HANSSEN FILES IN THE OPEN!
Soon,real soon.Lax e-security aided FBI spy Karen Dearne APRIL 23, 2002 A UNITED States commission reviewing FBI security in response to treason by a former special agent has been shocked at how easily he was able to steal vast amounts of secret information. Over 22 years, Robert Hanssen gave the Russians documents and computer diskettes filled with national intelligence of "incalculable value". In a report delivered to the US Attorney-General John Ashcroft, commission chairman William Webster said a "pervasive inattention to security" allowed Hanssen to gather information that was "tremendously useful" to hostile foreign powers. Hanssen has pleaded guilty to 15 counts of spying and is awaiting sentencing, due next month. Mr Webster, a former CIA and FBI director, led the commission's year-long review. "As shocking as the depth of Hanssen's betrayal is the ease with which he was able to steal material," Mr Webster said. "Hanssen usually collected this material in the normal routine of an FBI manager privy to classified information that crossed his desk or came up in conversation with colleagues." The treacherous agent worked in the Bureau's intelligence division and helped establish an automated counter-intelligence database. "He was proficient in combing FBI automated records, and printed or downloaded to disk reams of highly classified information," Mr Webster said. "He also did not hesitate to go into offices where he had worked some time before, log on to standalone data systems and retrieve, for example, the identities of foreign agents who US intelligence services had compromised - information vital to US interests and even more immediately vital to those he betrayed." Hanssen initially communicated with the Soviets through encoded radio transmissions, using a one-time pad - a practically unbreakable cipher he created himself. He installed unauthorised software on his office computers, including a password-breaking program discovered on his hard drive. On at least one occasion, he hacked into a colleague's computer, and even downloaded a classified document from the hard drive of the chief of the Bureau's Soviet intelligence section - purportedly to demonstrate weaknesses in the system. Early on, he suggested to his handlers that they communicate by email, but the Soviets weren't keen. Later he urged them to buy personal digital devices, so he could beam data to them. The commission found security was often seen as an impediment to operations, which depended on the free flow of information within the Bureau. "Operational imperatives will normally and without reflection trump security needs," Mr Webster said. "For instance, senior Bureau management recently removed certain security-based access restrictions from the FBI's automated record system -- the principal system Hanssen exploited -- because they hindered the investigation of the September 11 terrorist attacks. This might make sense operationally, but it was done without consulting the Bureau's security apparatus." One unforeseen and presumably unintended result was general access within the Bureau to highly restricted information obtained by warrant under the Foreign Intelligence Surveillance Act. "This violates the basic security principle that such information should only be circulated among those who need to know," he said. But the commission recognised the need for operational efficiency at a time when the country was under terrorist siege. Accordingly, it has recommended changes to address flaws in process, while establishing a new workplace culture to balance the two key needs.
Viagra - Lowest Prices Online - Ships instantly .... 7770
Below is the result of your feedback form. It was submitted by melodee ([EMAIL PROTECTED]) on Wednesday, April 24, 2002 at 16:12:51 --- body: VIAGRA (and many other Prescriptions) ONLINE! Responsible and Secure! No waiting rooms, drug stores, or embarrassing conversations. Our U.S. licensed pharmacists will have your order to you by tomorrow! http://www.weekly-sale.com/03/ Many other prescription drugs available, including: XENICAL, weight loss medication used to help overweight people lose weight and keep this weight off. VALTREX, Treatement for Herpes. PROPECIA, the first pill that effectively treats male pattern hair loss. ZYBAN, Zyban is the first nicotine-free pill that, as part of a comprehensive program from your health care professional, can help you stop smoking. CLARITIN, provides effective relief from the symptoms of seasonal allergies. And Much More... http://www.weekly-sale.com/03/ We are a responsible and secure online service offering patients throughout the world quick access to a large selection of safe and effective prescription medications... No prior prescription is required, and we utilize only licensed and certified U.S. physicians and pharmacies. Our able staff consists of U.S. licensed physicians and pharmacists. We are dedicated to help you live a healthy and happy lifestyle. http://www.weekly-sale.com/03/ To Be extracted from our database: http://61.129.81.68/remove/remove.htm 7474 ---
Re: (P)RNG's and k-distribution
- Original Message - From: "Jim Choate" <[EMAIL PROTECTED]> > For a RNG to -be- a RNG it -must- be infinity-distributed. This means that > there are -no- string repititions -ever-. Ummm, wrong. That would imply that in a binary stream, once 0 has been used it can never be used again. This of course means that the next must be 1 (which has no entropy, but that is besides the point). Following this, there can be no stream. The requirement for a perfect RNG is that given data points [0,n-1] and [n+1, infinite] it is impossible to determine the point n with any skew in the probability (in binary it simplifies to "with probability higher than 1/2"). Note that this does not mean that the data point n cannot be the same as some other point m, simply that m happened (will happen) and the exact time (place) of it' happening doesn't help determine the value at n. For an RNG, the only requirement be that it generates numbers that resemble random in some way, it is the super-class of true RNG, pseudo RNG, perfect RNG, and pretty much any other RNG you can think of. > If this can't be guaranteed then > the algorithm can be a PRNG (there are other conditionals). Wrong again. The requirement for a pseudo RNG is that it has an algorithm (very often a key as well) that generates the sequence. There are exceptions, /dev/random is a pseudo RNG, even though it breaks this rule. > A PRNG -by > definition- can -not- rule out repititions of some > very_large-distribution. Hence, -all- PRNG's must assume - even in > principle- some very_large-distribution sequence. Actually I think that's true. > So, the statement "My PRNG has no modulus" is incorrect even in principle. That depends, as I pointed out earlier /dev/random is a pseudo RNG, given a system in use the internal state is ever changing (assuming the use is at least slightly entropic), /dev/random has perturbations in it's state that make it non-repeating, yes it does have a certain quantity of state, but that state continually has an additional mix of entropy into it. > It's worth pointing out that the test of 'randomness' are -all' > statistical. They all have a margin of error. There is the a priori > recognition of 'window' effect. Only the tests on the stream, tests on the device itself can be state-less, eliminating the window effect. It has been proven that one cannot test randomness of the output stream, leaving only the possibility of testing the randomness that the device itself is creating (or harvesting). Joe
Sources for GBPS random bits
I'll probably regret proposing such things, but here goes.
First, I'm not sure there are plausible reasons for GBPS (giga bit per
second) sources of "random" bits. Generating a OTP for a CD-ROM scheme
is certainly not such a situation. Padding a PipeNet link may be one,
but then all your need for the padding is something that "looks like"
(same statistics, same run lengths, same compressability, etc.) the
actual message traffic.
For the sake of this argument, let's assume the goal is worth pursuing.
Second, some approaches:
1. Radioactive decay. Don't count on it at these rates. A billion events
per second is a very, very high dose rate, even if spread out over
millions of FETs or diodes.
2. Johnson noise, avalanche-breakdown, etc. Much more plausible, as the
leakage current in, say, N cells could be measured M times per second
s.t. N * M = 10^9 bits per second, suitably MUXed and dumped out in a
stream.
3. Monitor a WiFi source that is "very noisy." 2.4 GHz implies a bit
rate in the right range. Noise shaping and standard Von Neumann methods
to remove skews (more 1 than 0, or vice versa) would of course be done.
4. Monitor a t.v. channel or satellite broadcast that is noisy. Data
rates should approximate the usual video rates.
(Calculational approach: 30 frames per second times approximately 500 x
500 pixels times approximately 20 bits per pixel (not full 24-bit color)
equals roughly 150 MBPS. Scale up accordingly for DVD or better
resolution. Beware of compression when converting MPEG numbers, though.
A GBPS is possible by mixing several t.v. channels, or by using HDTV.
The calculational approach fits with the heuristic approach, relating
DVD movies sent over the Net.)
Third, what are some good "noisy sources"?
-- Aim a Pringle can at the sun. I'll bet it's sufficiently radio-noisy
to swamp a WiFi system. Ditto for aiming a satellite dish at the sun.
Heavy video noise (seen twice a year when the Clarke Belt intersects the
sun's path.) To ensure tracking, daylight use and with std. scope drive.
-- Can NSA or someone else deduce patterns? Or inject patterns?
Highly unlikely, given nature of noise and lack of correlation. Power
level of sun makes insertion of patterns very expensive.
The t.v. camera lava lamp approach obviously can't get the full
bandwidth of a t.v. system, due to correlations (e.g., big parts are
similar reddish color, obviously). (BTW, note that a lot of people,
even here on the CP list, experimented with video noise randomness long
before Sun made its "LavaLampCam" P.R. splash several years ago.)
However, mixing N different video cameras looking at complex scenes,
monitoring t.v. channels tuned to "snow," should be doable.
If I were looking to build a product, I'd be hacking a common high-end
integrated t.v./graphics system card like the A.T.I. Radeon 8500 DV and
experimenting with noisy sources at the input, using the card to
generate statistics and distillations, and so on. My experiments would
be with a) video sources from cameras and rabbit ear antennas, b)
antennas aimed at the sun, c) noisy resistor sources applied directly to
the video inputs, etc.
Note that the full GBPS bandwidth may be unrealistic for even PipeNets.
A slightly downscaled PipeNet that operated in chunked bursts at 10% the
duty cycle ("virtual private pipenets"?) would still be useful and
interesting. And might mesh better with a heterogeneous mix of different
bandwidths, anyway.
Getting 100 MBPS of good, random-appearing bits should be feasible with
video approaches.
Re: RE: Lucky's 1024-bit post [was: RE: objectivity and factoring analysis]
- Original Message - From: "Morlock Elloi" <[EMAIL PROTECTED]> > Most hardware solutions that I'm aware of support 1024-bit modular arithmetic. > I don't know how easy or hard it is to do 2048-bit ops with 1024-bit > primitives, or is there any 2048-bit HW around. For encryption, you're out of luck, just the overhead is sending the data over the relatively slow link to the device is longer than it takes a 486 to do the 2048-bit encryption (or signature verification). For decryption/signing the matter is entirely different. Assuming that p and q are known on decryption, it's a fairly simple matter to use the Chinese Remainder Theorem along with the 1024-bit mod-exponentiators, to get the correct answer. The problem is that some of those same decryption/signing engines already use this trick and so they really only support 512-bit ops, in which case you're in the same boat as the encryption. The good part of all this is that many companies are now expanding their line to offer 2048-bit capable machines, so it shouldn't be long before everyone can finally retire their 1024-bit keys, and maintain speed. Joe
Re: Two ideas for random number generation
On 24 Apr 2002 at 17:41, David Howe wrote: > > Maybe for you, I sure as hell wouldn't use it either as a key or as a > > seed into a known hashing/whiting algorithm. > its probably a better (if much slower) stream cypher than most currently in > use; I can't think of any that have larger than a 256 internal state, and > that implies a 2^256 step cycle at best; for pi to be worse, it would have > to have less than 2^256 digits. > This is putting sillines on top of silliness. It's true that in principle that the decimal expansion of pi has an infinite number of digits, but any practical implementation of a PRNG based on pi would still have to have a finite number of accessable states. That is, to get the infinite cycle, you'd have to have some method of generating a uniform random integer 0 to infinity for the initial state, and you'd need an infinite amount of memory to store the current internal state. Neither of which is acheivable ion practice. Conversely, a PRNG whose cycle is "only" 2^256 bits long will never repeat itself during the lifetime of the device, or the lifetime of the universe for that matter. George
Re: Two ideas for random number generation
I seem to be channeling mathematicians this morning...
Cheers,
RAH
--- begin forwarded text
Status: U
From: Somebody with a sheepskin...
To: "R. A. Hettinga" <[EMAIL PROTECTED]>
Subject: Re: Two ideas for random number generation
Date: Wed, 24 Apr 2002 08:44:41 -0600
Bob,
Tim's examples are unnecessarily complicated.
The logistic function f(x) = Ax(1-x) maps the interval [0,1] into itself for
A in the range [0,4]. Hence, for any such A, it can be iterated.
That is, one may start with an x|0 get x|1= f(x|0) -- where x|j means x sub
j -- and repeat, thus: x|(n+1) = f(x|n).
For small enough values of A, the iteration provably converges to a single
value. For slightly larger values, it converges to a pair of values that
alternate every other time -- known as a period 2 sequence. For a slightly
larger value of A it converges to 4 values that come up over and over
again -- a period 4 sequence. Some of this is provable, too.
This increase in multiple period states continues briefly for smaller and
smaller changes in the parameter A. At some point the period becomes
infinite, and the sequence becomes not detectably different from random.
This is an empirical fact, not yet proven so far as I know.
Note that the function is completely deterministic. If you know x exactly,
you know x|n -- exactly. But if you know x to only finite precision, you
know very little about x|n. Specifically, you know only that it is in the
range [0,1].
So Pick A large enough. Pick an arbitrary double precision floating
point number (about 14 digits for 64 bit arithmetic) on a given machine.
Pick an integer N. Iterate the logistic function N times on it. Take the
sequence of 7 least significant digits. They're probably uniformly
distributed in the 7 digit integers.
If you don't know the seed, you don't know the sequence, so I guess you can
encrypt with the thing, too.
But you can't prove squat about it!
- Original Message -
From: "R. A. Hettinga" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, April 23, 2002 6:16 PM
Subject: Re: Two ideas for random number generation
>
> --- begin forwarded text
>
>
> Status: U
> Date: Tue, 23 Apr 2002 09:42:32 -0700
> Old-Subject: Re: Two ideas for random number generation
> From: Tim May <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: Two ideas for random number generation
> Sender: [EMAIL PROTECTED]
>
> On Monday, April 22, 2002, at 11:23 PM, Joseph Ashwood wrote:
> >
> > From: <[EMAIL PROTECTED]>
> >> If a RNG runs off Johnson noise, then the ability to predict its
> >> output would imply the ability to violate the second law of
> >> thermodynamics. If it runs off shot noise, then the ability to
> >> predict its output would disprove quantum mechanics.
> >
> > Actually there are models that fit the universe that are entirely
> > deterministic.
>
> Could you mention what they are?
>
> Boehm's "hidden variables" model is generally discredited (some would
> say "disproved"). Alternatives to the Copenhagen Interpretation, notably
> EWG/"many worlds," Hartle's "consistent histories," and Cramer's
> transactional model, are still not deterministic, in that the world an
> observer is in ("finds himself in") is still not predictable in advance.
> Operationally, all interpretations give the same results, i.e., the
> Uncertainty Principle. (Which is why I mentioned "hidden variables," the
> only alternative theory which _might_ have restored classical
> Lagrange/Laplace predictability, in theory.)
>
> And even if the world were Newtonian, in a classical billiard ball
> sense, with Planck's constant precisely equal to zero, predictability is
> a chimera. Consider a game of billiards, with perfectly spherical
> billiard balls, a perfectly flat table, etc. Trajectories depend on
> angles to a precision that keeps going deeper and deeper into the
> decimals. For example, predicting the table state after, say, 3 seconds,
> might require knowing positions, speeds, and angles (in other words, the
> vectors) to a precision of one part in a thousand. Doable, one might say.
>
> But after 30 seconds, any "errors" that are greater than one part in a
> billion would lead to "substantially different" table states. Fail to
> know the mass or position or elasticity or whatever of just one of the
> billiard balls to one part in a billion and the outcome is no longer
> "predictable."
>
> After a couple of minutes, the table positions are different if anything
> is not known to one part in, say, 10^50.
>
> Even talk of a "sufficiently powerful computer" is meaningless when the
> dimensions of objects must be known to better than the Planck-Wheeler
> scale (even ignoring issues of whether there's a quantum foam at these
> dimensions).
>
> I feel strongly about this issue, and have thought about it for many
> years. The whole "in principle the Universe can be calculated" was a
> foray down a doomed path WHETHER OR NOT quantum mechanics ever came out.
>
> The modern name for this outl
Le dernier sondage avant les éléctions présidentielles 2002 !
Title: Untitled Document
En
partenariat avec
Le
dernier sondage avant le second tour des élections présidentielles
2002
Sondage Express réalise le dernier sondage avant le
second tour des élections présidentielles. Les résultats
seront envoyés par e-mail à tous les participants avant les
24 et 26 avril et le 3 mai 2002 à minuit par e-mail.
Pour quel candidat allez vous voter le dimanche 5 mai 2002 ?
Jacques
Chirac
•
Parti politique : Rassemblement pour la République
•
Âge : 69 ans
•
Situation de famille : Marié et père de
deux filles
•
Métier d'origine : Haut-fonctionnaire
•
Mandat en cours : Président de la République
depuis 1995
Jean-Marie
Le Pen
•
Parti politique : Front national
•
Âge : 73 ans
•
Situation de famille : Père de trois filles
•
Métier d’origine : Chef d’entreprise
•
Mandats en cours : Député européen
depuis 1984
Je
ne voterai pas
NSP
Je
suis certain de mon choix
Mon
choix n'est pas encore définitif
Pour
quel candidat avez vous voté au 1er tour ?
Choisir
Je n'ai pas voté
A. Laguiller
A. Madelin
B. Megret
C. Boutin
C. Lepage
C. Taubira
D. Gluckstein
F. Bayrou
J. Chirac
J. Saint-Josse
J.M. Le Pen
J.P. Chevenement
L. Jospin
N. Mamere
O. Besancenot
R. Hue
Votre
civilité :
Mr
Mme
Mlle
Année
de naissance :
Votre
situation :
Agriculteur, pêcheur
Artisan
Cadre, ingénieur
Commerçant
Dirigeant(e),
cadre supérieur
Employé(e) ou équivalent
Enseignant(e),
chercheur(se)
Etudiant(e)
Femme ou Homme au
foyer
Profession libérale
Prof. artistique
ou sportive
Re: Two ideas for random number generation
Optimizzin Al-gorithym <[EMAIL PROTECTED]> wrote: > You can also use common guard structures to isolate the "HV" part of > the chip, without dicking with the Delicate Recipes (process) which > you Don't Want To Do And Probably Wouldn't Be Allowed To Anyway. > Also helps keep digital switching noise out of the source. True, but if the customer wants low supply voltages, you're screwed. Consulting a process guide I happen to have handy (it's a pretty recent fast bipolar process), emitter-base breakdown is quoted at 2.6V nominal, so I guess from anything greater than 2.6V + Vcesat supplies (maybe 3V, certainly 3.3V, 5V), you're all set. Of course, if you're willing to sacrifice some current protection, put resistors on your wafer, and reduce PSRR, you could go as low as 2.7V for the cost of one 10 ohm resistor. > Actually, we're interested... I don't have any detailed data on it handy, but there are some indications in the same process guide that emitter-base breakdown carries with it some pretty serious hot-carrier problems. I believe that over time this effect drops off (after the worst of it has had its run), so the transistor won't continually degrade. Furthermore, most problems associated with hot-carrier effects won't concern us if the transistor is being run only in reverse breakdown---you'll lose some beta, BVeb might go down a little, etc. Thus, you'll almost certainly want to sacrifice the headroom and use a mirror to drive the emitter instead of a resistor (else your breakdown will increase over time, which will probably make the degradation more severe), but you should be OK. If I ever get the opportunity, I'll do some emitter-base burn-in testing and see how the entropy of the output is affected by hot-carrier-induced transistor degradation. > man, you don't want to have had too much coffee trying to land the > probes.. ..looking at analogue measurements with spectral analyzers > and sampled data with statistical tools) I've done some probing with way too much coffee. The worst was probing MEMS devices that way. Man, oh man. :-) -- Riad Wahby [EMAIL PROTECTED] MIT VI-2/A 2002
Re: Two ideas for random number generation
> No it isn't. You -want- a RNG but you can't have one. Nobody > -wants- a PRNG, they -settle- for it. I think there is some confusion here - if you are using a PRNG as a stream cypher, the last thing in the world you want is for it to be truely random - you need to sync up two prngs in order to decrypt the message, and randomness would defeat that (I can see a case where you introduce a little randomness and use some redundant method to strip it out before encryption, but that's only a second layer of obscurity of little value if the mainstream crypto is borken. > What one wants is a bit sequence which is > -random-. if you want random numbers, get a rng - a prng is never going to be a rng, and everyone knows it. given you are using a prng in any case, does it matter if the prng sequence being used happens to be a sequence of pi, or any other fixed sequence? > > any subset of the digits of pi is as close to RNG output as you would > > need to satisfy any entropy tests - unless you *knew* you had derived it > > from pi you couldn't distinguish it from a true random string of the same > > size. > Satisfying an -entropy test- is -not- equivalent to -being- a RNG. It only > says that within a particular error margin you're -close enogh-. indeed so. but if someone has said a prng is truely a rng, I must have missed it. > Really? The offset into the sequence is a fixed width and the result is > alaways a single character. Where do you add a bit? what makes you think the offset is a fixed width? pi is of infinite length (or so I am told) so any offset is also at least potentially of infinite size. speed and physical construction constraints limit that, but not enough to fit your claims of it being easily defeatable. > > the single-digit-of-pi formula is too slow to form a good stream cypher, but > > is otherwise ok; > Maybe for you, I sure as hell wouldn't use it either as a key or as a > seed into a known hashing/whiting algorithm. its probably a better (if much slower) stream cypher than most currently in use; I can't think of any that have larger than a 256 internal state, and that implies a 2^256 step cycle at best; for pi to be worse, it would have to have less than 2^256 digits. > Let me ask you a more pointy question. Are you selecting some offset and > then taking the sequence of digits from pi, or are you selecting the > digits out of order? In either of these cases it isn't the sequence of pi > that is providing the randomness (which is apparently the claim) but > rather the selection process; which is both undescribed at this point > -and- simply moves the argument from one area to another - this -proving- > nothing. no, you are using a subset of a pseudo-random stream of infinite length; there is little benefit in selecting digits at random, if you are relying on the pseudorandomness of the stream itself. I am at a loss to see what you are driving at, so am forced to assume we are considering radically different cases.
RE: Lucky's 1024-bit post [was: RE: objectivity and factoring analysis]
"Lucky Green" <[EMAIL PROTECTED]> writes: >1) Very, very few applications, and no cryptographic libraries that I am aware >of, that currently employ RSA perform any kind of sanity check on the size of >the keys. There are both applications and crypto libraries which perform fairly extensive checking on keys. However, it's not as simple as you describe: - GPG and (I believe) NAI PGP perform a pile of sanity checks which among other things are designed to make the Klima-Rosa attack a lot more difficult to pull off. This works because PGP knows it's only going to be fed keys from other PGP implementations, so it doesn't have to put up with the quirks and oddities of random software. - CryptoAPI expects keys to be in a certain format based on its own public/private key blob format, and crashes if they're not. It doesn't seem to do any validation of parameters, and there's even a MSKB article telling you how to use an RSA key with e=1 to export plaintext secret keys (!!). This is the opposite end of the scale from the GPG/PGP approach. - For crypto libraries, which have to be able to accept keys from all sorts of weird sources, it's difficult to get it right. For example I perform a pile of checks on RSA keys (n = p * q, ( d * e ) mod p-1 == 1 and ( d * e ) mod q-1 == 1, ( q * u ) mod p == 1, etc [0], the standard stuff from the Klima- Rosa paper) and the FIPS 186 checks on DLP keys. As a result, I keep getting complaints from people whose weird keys are being rejected by my code. My standard response to this is "You've got the source code, if you want to use strange key parameters you can change the source to allow it" (transl."If you want to hang yourself, the rope's over there"), but that hardly works for commercial products. As a result, (most) crypto libraries will continue to allow any old garbage as key values. User perception is more important than security. Peter. [0] Speaking of RSA sanity checks, can anyone provide a sensible explanation why OpenSSH uses e=35? I can think of several reasons why you wouldn't want to use this, but no sensible argument in support of it.
get covered now 2613865
Save up to 75% on your Term Life Insurance! Compare rates from top insurance companies around the country In our life and times, it's important to plan for your family's future, while being comfortable financially. Choose the right Life Insurance policy today. Click the link below to compare the lowest rates and save up to 75% COMPARE YOUR COVRAGE You'll be able to compare rates and get a free application in less than a minute! *Get your FREE instant quotes... *Compare the lowest prices, then... *Select a company and Apply Online. GET A FREE QUOTE NOW! You can't predict the future, but you can always prepare for it. 2613865
Re: Two ideas for random number generation
At 11:55 AM 4/24/02 +0300, Sampo Syreeni wrote: >On Tue, 23 Apr 2002, Riad S. Wahby wrote: > >>This may take more voltage than you want to use in your process, but you >>can engineer the base-emitter junction if you've got a friend in process >>engineering. You can also use common guard structures to isolate the "HV" part of the chip, without dicking with the Delicate Recipes (process) which you Don't Want To Do And Probably Wouldn't Be Allowed To Anyway. Also helps keep digital switching noise out of the source. >Aren't there dedicated avalanche diodes available with low breakdown >voltages, precisely for this reason? I think they're used in applications >where zeners could be, except for higher breakdown current. > >>One other potential problem is long-term reliability, but that's a >>subject for another email. Actually, we're interested... >Shouldn't be a problem, if you limit the breakdown current. If you're >after entropy, you'd likely want to use a constant current source anyway. And constant-current sources are *sooo* tough to make out of transistors :-) My small point is confirming that junction/avalanche RNG sources are very compatible with standard CMOS fabrication. (I've actually probed test structures on production wafers in a stuffy metal room examining this... man, you don't want to have had too much coffee trying to land the probes.. ..looking at analogue measurements with spectral analyzers and sampled data with statistical tools) The junction structures are "louder" than resistors --they produce more entropy per watt. Intel may have had other, valid reasons for using resistive sources in its real RNG.
Re: Two ideas for random number generation
On Tue, 23 Apr 2002 [EMAIL PROTECTED] wrote: > -- > Jim Choate wrote: > > > > If you can't develop a RNG in software (ie you'd be in a > > > > state of sin), what makes you think you can do it using > > > > -only- digital gates in hardware? You can't. > > James A. Donald: > > > Classic Choatian physics. > > > > > > Of course you can. > > Jim Choate: > > Not if you use -only- digital gates and derived functions (eg > > flip flop or a shift register) > > One can build a true random generator using a two resistors, a > capacitor, three unbuffered inverters and a shift register. A > second shift register and an XOR gate will serve to quite > adequately whiten the output. Yeah, the shit for brains will probably tell you that resistors and capacitors aren't digital gates. In which case you can just use a bunch of flip-flop that feed back to themselves at different rates, so you get different streams of 1's and 0's, and xor'em all together. Inefficient as compared to using analog components, but it would work if the timing between them is different enough and you only get data from them sporadically. Lots of whitening to do afterwards of course...
Re: Two ideas for random number generation
Tim May wrote: > > On Monday, April 22, 2002, at 11:23 PM, Joseph Ashwood wrote: > > > > From: <[EMAIL PROTECTED]> > >> If a RNG runs off Johnson noise, then the ability to predict its > >> output would imply the ability to violate the second law of > >> thermodynamics. If it runs off shot noise, then the ability to > >> predict its output would disprove quantum mechanics. > > > > Actually there are models that fit the universe that are entirely > > deterministic. > > Could you mention what they are? > > Boehm's "hidden variables" model is generally discredited (some would > say "disproved"). As I understand it, Bell's inequality definitively cannot be explained by hidden variables, hence the whole action-at-a-distance thing. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
ADV: Applicant Tracking Software
=0d=0a=0d=0ato unsubscribe from future mailings, click here=2e=0d=0a=0d=0a=0d=0a=0d=0a=0d=0a=0d=0a =0d=0a=0d=0aA Software to Fit Your Staffing Effort =0d=0a=0d=0a=0d=0a =0d=0a=0d=0a=0d=0a=0d=0aAn applicant tracking / recruiting application can be a vital tool to the success of your business=2eIf youre still storing your resumes in file cabinets or folders in My Documents, youre a few steps behind your competition=2e Or maybe youre only one step behind and still using a homegrown database application (something like Access, FileMaker, or Excel)=2e Isn't it time to take a look at an application that provides more functionality?Microsoft-based software works for everyone; there are applications for any size organization and the basic functions are consistent across them=2e PCRecruiter was designed the same way, with a version and a price to fit your needs=2e =0d=0aPCRecruiter extends the Microsoft tools you use today to increase your staffing power=2e =0d=0aYour r=e9sum=e9s are still in Word format, but now they can be searched word by word and connected to a database record that holds all of the information on the individual: who they are, where they have been and what happened when they went there=2e PCRecruiter uses the flow and terminology of YOUR process to accurately model and automate some of the work=2e =0d=0a=0d=0a =0d=0a=0d=0a =0d=0aPCRecruiter can scale from a single user rental, to Windows and Access on one PC, all the way to Web-based software with SQL in a clustered server array=2e =0d=0aLearning to use any software system boils down to individual style=2e PCRecruiter can be installed with on-site, telephone, or computer-based training or with any combination that works best for you=2e The training CDs for the web and windows versions are extensive and available to assist you in evaluating systems before you buy=2e=0d=0aThrough the use of these training CDs and our telephone walkthroughs, many owners are fairly fluent with PCRecruiter before its even installed=2eIf you are wondering what current recruiting software can do for you, take a demo of PCRecruiter or order a free training CD for the Web or Windows version right now=2e =0d=0a=0d=0aCall 440-946-5214=0d=0aWilliam Kubicek IV VP MarketingMain Sequence Technologies, Inc=2e 38106 Third Street, Willoughby, OH 44094 =0d=0a =0d=0a=0d=0a=0d=0aIf you have received this email in error you may unsubscribe by clicking here=2e =0d=0aThis document is provided for information only=2e This information is not a promise or guarantee nor is the accuracy of any information generated after this item is published guaranteed=2e This document is provided AS IS without warranty of any kind, express or implied, including but not limited to merchant ability, fitness for a particular purpose, and freedom from infringement=2e=0d=0a =0d=0a [EMAIL PROTECTED] Description: GIF image [EMAIL PROTECTED] Description: GIF image
Re: Two ideas for random number generation
Jim Choate wrote: > > PRNG output is fixed/repeatable too - that is a properly you *want* from a > > PRNG. > > No it isn't. You -want- a RNG but you can't have one. Nobody -wants- a > PRNG, they -settle- for it. That is nearly true for crypto applications, but it certainly isn't for some others. e.g. If you're debugging simulation software, you may need to be able to make the PRNG produce repeatable output by giving it the same seed on every run. For crypto, it absolutely clear that you need a true RNG for some things, if only seeding and re-seeding a PRNG, and that using a PRNG introduces one more thing that could contain dangerous weaknesses. Given a well-designed PRNG, though, it is not clear that there's any real benefit to using a true RNG instead. If you're generating 128-bit session keys, there is no practical difference between using the true RNG directly and using a good PRNG with, say, 256-bit key.
kuro5hin.org || Should record companies own copyrights?
http://www.Kuro5hin.org/story/2002/4/23/174344/154 -- -- The law is applied philosophy and a philosphical system is only as valid as its first principles. James Patrick Kelly - "Wildlife" [EMAIL PROTECTED] www.ssz.com [EMAIL PROTECTED] www.open-forge.org
Lindh Opposes Secrecy for Reports (washingtonpost.com)
http://www.washingtonpost.com/wp-dyn/articles/A36532-2002Apr23.html -- -- The law is applied philosophy and a philosphical system is only as valid as its first principles. James Patrick Kelly - "Wildlife" [EMAIL PROTECTED] www.ssz.com [EMAIL PROTECTED] www.open-forge.org
kuro5hin.org || The US chemical weapons, foul play and the OPCW
http://www.Kuro5hin.org/story/2002/4/23/19170/1201 -- -- The law is applied philosophy and a philosphical system is only as valid as its first principles. James Patrick Kelly - "Wildlife" [EMAIL PROTECTED] www.ssz.com [EMAIL PROTECTED] www.open-forge.org
AS SEEN ON NATIONAL TV!
Dear Friend, THIS IS THE BEST MONEY MAKING SYSTEM OF ALL!! NO SELLING,FOLLOW-UPS OR INTENSIVE LABOR!! NO RISK AND EASY AS PIE!! READ CAREFULLY!! $$$"TRUE STORY" SEEN ON ABC's 20-20 "BOY 15 MAKES 71 THOUSAND IN 5 WKS!!! YOU CAN TO!!" AS SEEN ON NATIONAL TV: THIS IS THE ONE! Parents of 15-year-old find $71,000 cash hidden in his closet. Does this headline look familiar? Of course it does. You most likely have just seen this story recently featured on a major nightly news program (USA). His mother was cleaning and putting laundry away when she came across a large brown paper bag that was suspiciously buried beneath some clothes and a skateboard in the back of her 15-year-old sons closet. Nothing could have prepared her for the shock she got when she opened the bag and found it was full of cash. Five-dollar bills, twenties, fifties and hundreds - all neatly rubber-banded in labeled piles. "My first thought was that he had robbed a bank", says the 41-year-old woman, "There was over $71,000 dollars in that bag -- that's more than my husband earns in a year". The woman immediately called her husband at the car-dealership where he worked to tell him what she had discovered. He came home right away and they drove together to the boys school and picked him up. Little did they suspect that where the money came from was more shocking than actually finding it in the closet. As it turns out, the boy had been sending out, via E-mail, a type of "Report" to E-mail addresses that he obtained off of the Internet. Everyday after school for the past 2 months, he had been doing this right on his computer in his bedroom. "I just got the E-mail one day and I figured what the heck, I put my name on it like the instructions said and I started sending it out", says the clever 15-year-old. The E-mail letter listed 5 addresses and contained instructions to send one $5 dollar bill to each person on the list, then delete the address at the top and move the others addresses down , and finally to add your name to the top of the list. The letter goes on to state that you would receive several thousand dollars in five-dollar bills within 2 weeks if you sent out the letter with your name at the top of the 5-address list. "I get junk E-mail all the time, and really did not think it was going to work", the boy continues. Within the first few days of sending out the E-mail, the Post Office Box that his parents had gotten him for his video-game magazine subscriptions began to fill up with not magazines, but envelopes containing $5 bills. "About a week later I rode [my bike] down to the post office and my box had 1 magazine and about 300 envelops stuffed in it. There was also a yellow slip that said I had to go up to the [post office] counter. I thought I was in trouble or something (laughs)". He goes on, "I went up to the counter and they had a whole box of more mail for me. I had to ride back home and empty out my backpack because I could not carry it all". Over the next few weeks, the boy continued sending out the E-mail." The money just kept coming in and I just kept sorting it and stashing it in the closet, barely had time for my homework". He had also been riding his bike to several of the banks in his area and exchanging the $5 bills for twenties, fifties and hundreds. "I didn't want the banks to get suspicious so I kept riding to different banks with like five thousand at a time in my backpack. I would usually tell the lady at the bank counter that my dad had sent me in [to exchange the money] and he was outside waiting for me. One time the lady gave me a really strange look and told me that she would not be able to do it for me and my dad would have to come in and do it, but I just rode to the next bank down the street (laughs)." Surprisingly, the boy did not have any reason to be afraid. The reporting news team examined and investigated the so-called "chain-letter" the boy was sending out and found that it was not a chain-letter at all. In fact, it was completely legal according to US Postal and Lottery Laws, Title 18, Section 1302 and 1341, or Title 18, Section 3005 in the US code, also in the code of federal regulations, Volume 16, Sections 255 and 436, which state a product or service must be exchanged for money received. Every five-dollar bill that he received contained a little note that read, "Please send me report number XYX". This simple note made the letter legal because he was exchanging a service (A Report on how-to) for a five-dollar fee. Here is the letter that the 15-year-old was sending out by E-mail, you can do the exact same thing he was doing, simply by following the instructions in this letter. Dear Friends & Future Millionaires: AS SEEN ON NATIONAL TV: Making over half million dollars every 4 to 5 months from your home for an investment of only $25 U.S. Dollars expense one time. THANKS TO THE COMPUTER AGE AND THE INTERNET ! === BE A MILLIONAI
Get paid up to $40 per hr. for shopping and dinning XKJ
Get Paid to Shop Get Paid to Eat! Sounds Crazy, But It's True, You can! Get Paid $10 to $40 an hour to go to your favorite Mall or Restaurant! Click Here Now! You are receiving this email because you registered at one of our partner's sites, and agreed to receive gifts and special offers that may be of interest to you. If you do not want to receive special offers in the future, please click here. Please Click here
Re: Two ideas for random number generation
Sampo Syreeni <[EMAIL PROTECTED]> wrote: > Aren't there dedicated avalanche diodes available with low breakdown > voltages, precisely for this reason? I think they're used in applications > where zeners could be, except for higher breakdown current. Sure. I was thinking of an IC design, in which case you're a lot more likely to be able to make a bipolar than you are to have essentially <5V zeners. >> [mention of reliability issues] > Shouldn't be a problem, if you limit the breakdown current. If you're > after entropy, you'd likely want to use a constant current source anyway. To first order, yes, but at least a couple of the processes I've worked with warn against even controlled emitter-base breakdown. Of course, I suppose they're assuming you want to use the transistor some other way, too... -- Riad Wahby [EMAIL PROTECTED] MIT VI-2/A 2002
(P)RNG's and k-distribution
It has been suggested by some that a PRNG can be created that is -not- repeating. There is a property of -all- RNG's that is called k-distribution. For a RNG to -be- a RNG it -must- be infinity-distributed. This means that there are -no- string repititions -ever-. If this can't be guaranteed then the algorithm can be a PRNG (there are other conditionals). A PRNG -by definition- can -not- rule out repititions of some very_large-distribution. Hence, -all- PRNG's must assume - even in principle- some very_large-distribution sequence. So, the statement "My PRNG has no modulus" is incorrect even in principle. The Art of Computer Programming Volume 2 Seminumerical Algorithms, 3ed D.E. Knuth ISBN 0-201-89684-2 Chapter 3 "Random Numbers" Section 3.5 "What is a Random Sequence?" He also has some things to say about Pi and its applicability as a seed in this same section, and the assumptions that people make that are not proven. "The representation of of a positive real number n in the radix-b may be regarded as a b-ary sequence; for example, pi corresponds to the 10-ary sequence 3, 1, 4, 1, 5, 9, 2, 6, 5, 3, 5, 8, 9, ... People have conjectured that this sequence is infinity-distributed, but nobody has yet been able to prove it is even 1-distributed." It's worth pointing out that the test of 'randomness' are -all' statistical. They all have a margin of error. There is the a priori recognition of 'window' effect. Which gets to the reference I mentioned in one post about 'Garden of Eden' sequences. These would be sequences that can -never- happen from -any- of the given input states. It is a sequence of states the generator can not make because they are outside the scope of its algorithm (there is usually a data set independency assumed - you can be in -all- combinations of start state). At least as far as I know this could apply to both (P)RNG's. -- The law is applied philosophy and a philosphical system is only as valid as its first principles. James Patrick Kelly - "Wildlife" [EMAIL PROTECTED] www.ssz.com [EMAIL PROTECTED] www.open-forge.org
Re: Two ideas for random number generation
On Wed, 24 Apr 2002, David Howe wrote: > "Jim Choate" <[EMAIL PROTECTED]> wrote: > > But that changes the game in the middle of play, the sequence of digits > > in pi is fixed, not random. You can't get a random number from a constant. > > Otherwise it wouldn't be a constant. > PRNG output is fixed/repeatable too - that is a properly you *want* from a > PRNG. No it isn't. You -want- a RNG but you can't have one. Nobody -wants- a PRNG, they -settle- for it. What one wants is a bit sequence which is -random-. There are many definitions of random, but they boil down to -unpredictable- outside of chance with respect to predicting individual bit results as well as sequences of bits (they are not the same statistically speaking, re probability distributions). Ideally what one would want is a situation where each bit has a 50/50 chance of being in either state and there are -no- inter-bit dependencies. That implies no modulo (though it doesn't prevent clustering which can fool you if you don't test your sub-strings well enough - re Gamblers Ruin). Which raises an interesting aspect for me, what happens if you put a PRNG into a 'Garden of Eden' state? > any subset of the digits of pi is as close to RNG output as you would > need to satisfy any entropy tests - unless you *knew* you had derived it > from pi you couldn't distinguish it from a true random string of the same > size. Satisfying an -entropy test- is -not- equivalent to -being- a RNG. It only says that within a particular error margin you're -close enogh-. > > You can't stop them from using their tables. Slow them down, not stop > > them. You can't use that huge a seed, hardware limitations. They can match > > you. > *shrug* given that adding a bit to the seed doubles the quantity of data > they would have to cache in their tables, it can quickly become unworkable; Really? The offset into the sequence is a fixed width and the result is alaways a single character. Where do you add a bit? > the single-digit-of-pi formula is too slow to form a good stream cypher, but > is otherwise ok; Maybe for you, I sure as hell wouldn't use it either as a key or as a seed into a known hashing/whiting algorithm. Let me ask you a more pointy question. Are you selecting some offset and then taking the sequence of digits from pi, or are you selecting the digits out of order? In either of these cases it isn't the sequence of pi that is providing the randomness (which is apparently the claim) but rather the selection process; which is both undescribed at this point -and- simply moves the argument from one area to another - this -proving- nothing. -- The law is applied philosophy and a philosphical system is only as valid as its first principles. James Patrick Kelly - "Wildlife" [EMAIL PROTECTED] www.ssz.com [EMAIL PROTECTED] www.open-forge.org
RE: Lucky's 1024-bit post [was: RE: objectivity and factoring analysis]
Lucky is to be commended for igniting a neglected aspect of the crypto wars: what happens to cryptosystems over time after they have been invented, tested, criticized, vetted and conditionally trusted, then gradually widely distributed as the best available under practical usage, then compromised by direct attack or undermining from within -- the cycle of all previous cryptosystems. This inevitable vulnerability comes about for the reason Lucky states: sloppiness, laziness, inattention to keeping up with new means of attack, desire to exploit markets based on widespread public and institutional trust, and, not least, succumbing to the stigma of "being too paranoid." Attackers of cryptosystems count on this. Inventors of cryptosystems dread gradual decline in their successive implementations, if they continue to care about security and are not enjoying the economic fruits of success and to hell with authentic security, so what if there are a few hundred victims, collateral damage, think big, think Wall Street. Any well-known and trusted cryptosystem should be highly suspect of being compromised, and total reliance upon it is immensely foolhardy. That is why no "military grade" cryptosystem is wholly trusted by the military in times of war or when war is threatening, which now means all the time. If you are at war with government no government-approved cryptosystem is to be trusted, which means no system in most countries and certainly not in the US. And no commercially successful cryptosystem is to be wholly trusted for its success rests in part on its acceptance by government -- still the prime purchaser of such systems and maker of markets. We will learn someday of currently trusted systems, as we have of those in the past, more or less when they were compromised. "More or less" reflects that the greatest cryptosystem deceptions of the past 100 years are still classified and will remain so in order to not disturb blind faith in accessible, practical comsec. Without blind faith in comsec, intelligence gathering would be much more difficult for few would transmit their most valuable secrets via trusted systems. And even those who, like Lucky, advocate stronger implementations, remain vulnerable to weaknesses of their correspondents' usage -- who may quote Lucky's transmittal in response, send it to others without Lucky knowing, tamper with his information, violate his trust wittingly or otherwise. One could argue that the increased use of crypto has enhanced intelligence gathering despite government protests widely disseminated to induce trust in the systems, again as with prior deceptions. Too little sustained testing of trusted systems is done in the private realm, and there too little skepticism of widely used systems by enthusiasts and market makers. Here's to Lucky for reminding of the price of success, for pointing to how the crypto wars have gone deeply undercover where they usually are fought without mercy and never with courteous discourse.
Hard drive encryption [was: RE: Biometrics helping privacy]
Peter wrote: > I have seen hard drives which do sector level encryption, and > hook into the bios so that the pw request happens before any > system sw runs. This is a good solution (modulo bios > hacking)[...] Any such hard drives that I have seen keep the actual encryption key utilized in firmware on the drive, using the password provided during boot merely to authorize the drive to apply the internally stored encryption key, thus making the encryption provided by the drive utterly useless against invasive analysis by an attacker with a modicum of skill in the art. One very promising project underway to get us closer to the goal of transparent universal drive encryption is GEOM, a component scheduled for inclusion in the release of FreeBSD 5.0. (GEOM also will provide a host of other highly desirable mass storage management features in addition to drive encryption). See http://phk.freebsd.dk/geom/ for more information. --Lucky
Re: Two ideas for random number generation
"Jim Choate" <[EMAIL PROTECTED]> wrote: > But that changes the game in the middle of play, the sequence of digits > in pi is fixed, not random. You can't get a random number from a constant. > Otherwise it wouldn't be a constant. PRNG output is fixed/repeatable too - that is a properly you *want* from a PRNG. any subset of the digits of pi is as close to RNG output as you would need to satisfy any entropy tests - unless you *knew* you had derived it from pi you couldn't distinguish it from a true random string of the same size. > You can't stop them from using their tables. Slow them down, not stop > them. You can't use that huge a seed, hardware limitations. They can match > you. *shrug* given that adding a bit to the seed doubles the quantity of data they would have to cache in their tables, it can quickly become unworkable; the single-digit-of-pi formula is too slow to form a good stream cypher, but is otherwise ok; if you aren't constrained to matching a real world sequence (pi in this case) but are happy with *any* non-repeating but deterministic stream, you can probably find something much faster.
Reduce Travel Costs
Title: Take Control Of Your Conference Calls Crystal Clear Conference CallsOnly 18 Cents Per Minute! (Anytime/Anywhere) No setup fees No contracts or monthly fees Call anytime, from anywhere, to anywhere Connects up to 100 Participants International Dial In 18 cents per minute Simplicity in set up and administration Operator Help available 24/7 Get the best quality, the easiest to use, and lowest rate in the industry. If you like saving money, fill out the form below and one of our consultants will contact you. Required Input Field* Name* Web Address Company Name* State* Business Phone* Home Phone Email Address* Type of Business ÿA9 1999-2002 CCFL To be removed from our distribution lists, please Click here..
Send Your Ads FREE To 200,000+ Targeted eZine Readers
Webmaster, STOP RISKING YOUR AD BUDGET! Cut it down to Zero! Now you can Send Your Ads FREEEvery Week To 200,000+ Targeted eZine Readers Plus, Get The Complete Resell Rights to This Brand New Product and Keep ALL the Profits for yourself! Start boosting your sales in under 5 minutes from now. Please, open attached web page for more details,- it's safe. Thank you. *Please, see attached web page For removal instructions. eznb.htm Description: Binary data
London woman becomes fiftieth hunger striker to die in Turkey
London woman becomes fiftieth hunger striker to die in Turkey By Andrew Finkel in Istanbul and Daniel McGrory IN HER last, whispered telephone call to friends in London, Meryem Altun, 25, told them that she was determined to starve herself to death. A few weeks later, on April 1, after 301 days of refusing all solid food, the London-based community worker died in a Turkish hospital with only two prison guards for company. Ms Altun became the fiftieth person to die on a hunger strike as part of a mass protest against prison conditions in Turkey. When ten Republicans starved themselves to death in Northern Ireland's Maze prison in 1981, they attracted huge publicity around the world, yet this hunger strike has passed almost unnoticed outside Turkey and the immediate area of North London where Ms Altun lived. "Nobody outside her own community even knows her name," Gurkan Gur, who worked with her in London, complained. "Fifty people starve themselves to death, including this young woman, and nobody seems to care." More FROM http://www.infoshop.org/inews/stories.php?story=02/04/22/9727223 Also on the news just now,gas and clubs are out at wackenhuts WA port Hedland concentration camp.One way to end a stand off I suppose.Prisoners are fighting at the perimeter fence.
Re: Two ideas for random number generation
On Tue, 23 Apr 2002, Riad S. Wahby wrote: >This may take more voltage than you want to use in your process, but you >can engineer the base-emitter junction if you've got a friend in process >engineering. Aren't there dedicated avalanche diodes available with low breakdown voltages, precisely for this reason? I think they're used in applications where zeners could be, except for higher breakdown current. >One other potential problem is long-term reliability, but that's a >subject for another email. Shouldn't be a problem, if you limit the breakdown current. If you're after entropy, you'd likely want to use a constant current source anyway. Sampo Syreeni, aka decoy - mailto:[EMAIL PROTECTED], tel:+358-50-5756111 student/math+cs/helsinki university, http://www.iki.fi/~decoy/front openpgp: 050985C2/025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2
The Investment Journal: Biotech Holdings Ltd.
Title: The Investment Journal The InvestmentIssue 23ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0 JournalÿA0ÿA0ÿA0 April 2002 ÿA0ÿA0ÿA0ÿA0ÿA0 BIOTECH HOLDINGS LTD. BIOTECH HOLDINGS PROFILE ÿA0BREAKTHROUGH DIABETES DRUG The Company: Biotech is a pharmaceutical company based in Vancouver, Canada.ÿA0 Biotech controls and is bringing to market a breakthrough diabetes drug.ÿA0 The drug, called DIAB II, is classed as an insulin-sensitizing drug. Drugs of this type improve the bodyÿ92s abilityto make use of insulin, the hormone that controls blood sugar levels.ÿA0 Currently available insulin-sensitizers such as Avandia and Actos have huge sales volumesÿA0 -- over $700 million annually in the case of Avandia, and over $1 Billion for ActosÿA0 -- despite a number of drawbacks including potential liver toxicity.ÿA0 The success of these drugs demonstrates the tremendous potential for an effective and safe insulin sensitizer such as DIAB II. The Potential Market: The market for Type II Diabetes drug worldwide is estimated to be more than $10 billion annually. Biotechÿ92s first goal is to bring DIAB II onto the market in Latin America, as preparation for bringing DIAB II to the drug market in the U.S. and Canada. Discussions with potential pharmaceutical partners for the U.S. market have begun. In Latin America, Mexico is first on the companyÿ92s list of target markets. In his report to shareholders issued March 1, 2002, the President of Biotech Holdings, Robert Rieveley, said: We believe that we are well positioned for receiving regulatory approval shortly.ÿA0 Accordingly, we have been making preparations for supply of DIAB II to the Mexican market, which is the eighth largest pharmaceutical market in the world. In Latin America, DIAB II has already been approved in Peru and Biotech has signed distribution agreements for Venezuela, Chile and Argentina.ÿA0 In other markets, a distributor has been signed for Turkey and preliminary agreements are in place for Spain, Greece, South Africa and several markets in the Middle East and South Asia. The U.S. patents that protect DIAB II - - issued on November 28, 2000 and September 18, 2001 - - confer the sole right to the use of treatments combining insulin-sensitizing drugs with any other standard medications for Type II Diabetes.ÿA0 Many large pharmaceutical companies active in the diabetes field may be affected. In addition to its prescription drug business, Biotech has a non-prescription, personal care products division which is showing steady growth.ÿA0 In addition to its growing private label business, this division is planning to launch a new line of high-margin cosmetic products, which will be sold primarily in the U.S. Biotechÿ92s revenues are set to grow sharply as markets for DIAB II open up, as non-prescription revenues grow and as the implications of the above-mentioned patents are pursued, with potential for royalty payments from major pharmaceutical companies. In his Report to Shareholders, the President of Biotech concluded: We look forward with enthusiasm to developments in the coming months. Company NameBiotech Holdings Ltd.Stock Exchange in U.SOTC BB: BIOHFStock Exchange in CanadaTSX.Venture: BIO52-week High/Low BIOHF$.41/$0.0752-week High/Low BIO$.65/$.12 ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0 THE OPPORTUNITY There has been growing investor interest and substantial volumes in trading of BIOHF shares.ÿA0 Since January 2002 trading has averaged nearly 1 million shares per week.ÿA0 This suggests to some market watchers that a strong base is being formed, with the next step being a significant upward movement.ÿA0ÿA0 Research the growth potential of this special situation while the Company that developed, controls and markets DIAB II is still trading as a penny stock. INVESTOR INFORMATION Active Float:20,000,000U.S. SEC Registration No.:0 - 29108Shares outstandingMar.31/02:69,928,130Recent Market Cap:$6,300,000 USStock Exchange in U.S.:OTC BB: BIOHFStock Exchange in Canada:TSX.Venture:BIO52-week High/Low BIOHF:$.41/$0.0752-week High/Low BIO:$.65/$.12 ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0ÿA0The Investment Journal: The information herein has been obtained from sources which are believed to be reliable, but there are no guarantees as to its accuracy or completeness. Neither the information nor any opinion expressed constitutes a solicitat
Two Anarchists in Jail on explosives charges
Explosives my arse! http://www.infoshop.org/inews/stories.php?story=02/04/22/2400080 same story,different page. Late April, California: More Repression Against Anarchists posted by breakthechains on Monday April 22 2002 @ 02:48PM PDT As some of you may have heard, a comrade and fellow anarchist activist, Matt "Rampage" Lamont has been jailed very recently and remains jailed in Orange County. He was arrested with another fellow activist and supporter of South Bay Food Not Bombs, Max Lucas, a juvenile, also in jail in OC's juvenile detention center. [...] http://www.infoshop.org/inews/stories.php?story=02/04/22/2095398 Also http://www.infoshop.org/inews/stories.php?story=02/04/22/1239583 Cali anarchists well covered!
Your Hotel web site is NOT Being SEEN!
Your Hotel Web Site is NOT Being SEEN WHY? NO ONE CAN FIND IT! YOUR web site is NOT on many search engines and at the Bottom of their listings and as a result YOU are LOSING customers who cannot find you! Can this be changed? YES!Regal Telecom For ONLY £79.97 We will submit your web site to over 350 of the worlds search engines. (see full list of Search Engines at the end of this document) We will submit your site with the most effective meta tags and keywords. (See our money back guarantee) We know what the search engines are looking for. How do we know? We look at the top five web sites in your category and use the same meta tags and key words that they use. If it works for them it will work for you! So YOUR web site can beFOUND and SEEN For Twelve Months! Guaranteed! (See our testimonials) Think about it! Just as you have a web designer to build your site and a company to host your site,does it not make sense to use a company that specializes in professionally submitting your web site. Getting your web site FOUND and SEEN! A Shocking Fact! Your web site designer and your host are NOT responsible for getting your web site seen! Yes, they may submit your site to a few search engines periodically but to stay on the TOP of the search engines is an aggressive business. Getting onto the search engines and at the top of their listings doesn't just happen. You have to be put there! What the.Net, The Internet Magazine 8/2000 said: "You have your web site designed and have sorted out the maintenance and waiting for the business to roll in, but there's one small problem No one knows!" You need a professional company to do it! Your Money Back Guarantee! If you do not receive confirmation from the search engines that we submit your web site to, we will give you your money back! Guaranteed! There is nothing to lose! Some testimonials of those that have used Regal Telecom "This service is my secret weapon. I never believed it was possible to have such a rapid response." etvcom.tv "I have been truly amazed by the results. I have received enquires from Austria, Hawaii, Spain and many different parts of Britain for my international real estate business. This is directly due to this service. I definitely recommend it! Worth every penny!" keyhomes.net "We run a Cancer Clinic and it is essential that our web site is submitted to as many search engines as possible. We are looking forward to having the capability to do online video conferencing and online diagnosis with our patients from many parts of the world. It is a real advantage to have the capabilities that Regal Telecom offers." Mari Posas Cancer Clinic. "We never received a single inquiry until we used Regal Telecom" noniuk.co.uk To submit your web site all we need is your web site and e-mail address. We will do the rest! Once we have submitted your web site you will receive a dramatic response by e-mail from search engines around the world confirming that you are listed on them. This will happen every month for the next year! To Book our Service Simply PRESS this BOOK NOW! Button and we can begin submitting your web site to the worlds search engines today! Then be ready for the response! Within 24 hours your web site will begin to be submitted to over 350 search engines world wide and every month thereafter for the next year. The results will astound you! Most of your competition are unaware of the facts below! This is to YOUR Advantage! Web Site Facts Remember "The Yellow Pages" Rule! A search engine is like an enormous "yellow pages" with thousands of companies advertising the same product. Unless you are near the front of the listing your chances of a customer actually seeing you is remote. Unlike a literal yellow pages there is a way to move YOU to the front and also get you on all of the "Yellow pages" in the world. What does it take to be seen on the Search Engines? Appreciate the Three Golden Rules q Search engines do not pull up the web sites at random they use a specific method of search. Those that know them are the ones at the top, those that do not are buried at the bottom! q Your web site must be submitted to the search engines every month otherwise your site gets pushed off (Its a bit like a Ferris wheel, you get on and then after a while you are taken off unless you get another ticket and get back on). q Understand the importance of Keywords, Meta tags, and Titles employed when submitting your site to the search engines! Use the right ones and you go up. Get it wrong and you go to the bottom! Some feel that it is enough to be on the large search engines. Wrong! The problem is because of their sheer size most web sites get buried. Having your web site professionally submitted can boost you up the listings of these larger search engines, so you can be found on them. Also many people use the smaller search engines and if your site is pr
Re: Choate a Spammer or a Victim?
I suggest "and". -- Julian Assange|If you want to build a ship, don't drum up people |together to collect wood or assign them tasks and [EMAIL PROTECTED] |work, but rather teach them to long for the endless [EMAIL PROTECTED] |immensity of the sea. -- Antoine de Saint Exupery
RE: Lucky's 1024-bit post [was: RE: objectivity and factoring analysis]
Most hardware solutions that I'm aware of support 1024-bit modular arithmetic. I don't know how easy or hard it is to do 2048-bit ops with 1024-bit primitives, or is there any 2048-bit HW around. = end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: Yahoo! Games - play chess, backgammon, pool and more http://games.yahoo.com/
Fresh FBI Fuckup.
http://www.newscientist.com/news/news.jsp?id=ns2172 A week after pit bull Sharon pissed on the shrub,fresh evidence of terminal US decay. Extract... The assumption that bullets found at a crime scene can be matched to those in a suspect's possession has helped convict countless murderers, robbers and armed felons in the US, Britain and elsewhere. Forensic scientists analyse lead bullets for traces of antimony, tin, arsenic, copper, bismuth, silver and cadmium. The idea is that if two bullets have the same chemical signatures, they must have been made at the same time from the same batch of smelted lead. British firearms expert Jonathan Spencer, from the forensic services firm Keith Borer Consultants in Durham, says it is also common for this link to be made in court cases in Britain. But New Scientist has learned that this assumption is plain wrong. Like all those who work for or pay taxes too a corrupt rotten Govt that richly deserves death.Death so that the rest of the world may live.KillthepresidentKillthepresidentKillthepresidentKillthepresidentKillthepresidentKillthepresidentKillthepresident.
