Re: Which universe are we in? (tossing tennis balls into spinning props)
> Optimizzin Al-gorithym wrote: > At 03:21 PM 7/14/02 +0100, Ben Laurie wrote: >> Eric Cordian wrote: >>> Still, Nature abhors overcomplexification, and plain old quantum > mechanics >>> works just fine for predicting the results of experiments. >> >> Oh yeah? So predict when this radioactive isotope will decay, if you > please. > > You mean "this particular *atom* will decay". > > And while QM can't help you with a particular atom, it also doesn't say > that its impossible that knowledge of internal states of the atom > wouldn't help you predict its fragmentation. Yes it does. Heisenberg Uncertainty Principle. Ring a Bell? -- Peter Fairbrother
Re: Which universe are we in? (tossing tennis balls into spinning props)
> Major Variola (ret) wrote: > At 03:27 PM 7/15/02 +0100, Peter Fairbrother wrote: >>> Optimizzin Al-gorithym wrote: >> >>> And while QM can't help you with a particular atom, it also doesn't > say >>> that its impossible that knowledge of internal states of the atom >>> wouldn't help you predict its fragmentation. >> >> Yes it does. >> >> Heisenberg Uncertainty Principle. Ring a Bell? > > The uncertainty principle says that there is a limit on the information > about > position and change in position that you can collect. It does not rule > out > internal states. For instance, you could generate particles with a > certain property > which you do not have to measure to know that they have that property. > > It is a logical mistake to think that because you can't see it in 2002, > you can't ever > measure it, or it doesn't exist. When something appears 'random', it is > because of > (wholly normal) ignorance on our part. Sometimes 'randomness' is used > to > shut off analytic machinery, much like 'God' (this latter idea is > Minsky's). Oh dear. QM does rule out internal states. I didn't think I would have to explain why I capitalised "Bell", but perhaps it was a bit too subtle. Google "Bell" and "inequalities", and go from there. The uncertainty principle was generally considered to rule out internal states long before Bell, though. Since around 1930, I think. Whether QM/the uncertainty principle is wrong is a different question. -- Peter Fairbrother ps Are you a PFY (or a PFO), or is your name really Variola?
Re: The Microsoft Xbox Key/dvd issues
http://www.theregister.co.uk/content/4/28749.html The entertainment lobby has failed to persuade a Norwegian court to convict a teenager for creating a utility for playing back DVDs on his own computer. Jon Lech Johansen has been acquitted of all charges in a trial that tested the legality of the DeCSS DVD decryption utility he produced, Norwegian paper Aftenposten reports. Norwegian prosecutors, acting largely on the behest of the Motion Picture Association of America (MPAA), argued in court that Johansen acted illegally in sharing his DeCSS tool with others and distributing it via the Internet. They claimed the DeCSS utility made it easier to pirate DVDs. The court rejected these arguments, ruling that Johansen did nothing wrong in bypassing DVD scrambling codes that stopped him using his Linux PC to play back DVDs he'd bought. (They go on to say that it's not illegal to use DeCSS to play dvd's. So if you haven't already got a copy, you can get one now, in Sweden at least.) . There is a product called DVD region x for the xbox that allows you to play dvd's from any region coming out soon. As it probably has to be signed by Microsoft (as all xbox programs must be), can we assume that the regionalisation of DVD's silliness is effectively over? And apart from that, what was the point of CSS? You can do a "dd" on a DVD and play the image from a hard drive. I don't have a DVD burner, but I'd imagine you could burn a DVD from such an image, so direct copying is probably easy enough. Maybe I'm wrong, I haven't tried it, but the pirates don't seem to have any technical trouble. The regionalisation issue was another monopoly grab. The DVD format is as much a monopoly as Microsoft or Intel (probably more...) -- Peter Fairbrother
Strange spam
I just got this spam, and I was wondering if it was a honey-pot. Anyone? The site exists, and advertises games and movies for download. -- Peter Fairbrother > > Frank > > You've gotta see this website: http://209.132.227.38/lotr/index.htm > > I just downloaded Lord of the Rings: The Two Towers and I'm now watching it on > my computer. Picture quality is great and it was tottally free. > They've got a whole bunch of other games and movies as well. Take a look.
Re: Strange spam
Thomas Shaddack wrote: >> I just got this spam, and I was wondering if it was a honey-pot. Anyone? The >> site exists, and advertises games and movies for download. > > Classical porn and warez scam. The site itself is an attempt to extract > your email out of you for the purpose of spamming you. [..] > Beware of other annoyances, ie. ActiveX downloads of dial-a-porn programs. > Hadn't found them on a first glance there, but they can lurk on some of > the linked pages. > > In sum, the site seems to be designed to automatically harvest > high-quality verified email addresses to sell them to spam business. Would the spam business _want_ email addresses from people who download ripped games/ movies? Or would eg RIAA be more motivated? -- Peter Fairbrother
Re: Supremes and thieves.
Bill Stewart wrote: > At 09:54 AM 01/20/2003 -0500, Trei, Peter wrote: >> It dwindles because the rate at which the copyright period is increasing >> averages more than 1 year/year. Quite a number of works which had >> been in the public domain fell out of it when the 20 year extension went >> into effect. >> >> The public domain *did* dwindle. > > Did anything that had already become public domain cease to be public? I don't know about the US, but in the UK the answer is yes. Copyright that had expired in works from the relevant period was "revived" when copyright was "extended" in the UK, and the copyright of works still due to expire was "extended". You can insist that a licence for works in "revived" copyright be granted, and the owner cannot refuse, but there is no mechanism to set the fee (a few years ago I had a big argument with Disney about animating a work by Kipling {In the high and far-off times the Elephant, oh best beloved, had no trunk} in this category, but I'll probably end up just waiting, not long now, and hope the period isn't extended further). In Europe the Germans extended their copyright first, in order to prevent the publication of "Mein Kampf", whose copyright was running out (it's owned by the Bavarian State - maybe. But that's another story. Google "mein kampf" and copyright if interested. The US Govt. reportedly made $-many from the US copyright, which they had seized, of "Mein Kampf" _during_ WWII). Then the Germans wanted to extend the copyright, and thus the ban, in the other EU countries. In 1995 the EU agreed that any work in copyright in any EU Country should be in copyright in _every_ EU country. The Brits agreed partly because "Peter Pan" was in copyright in perpetuity in the UK, by Act of Parliament, with the proceeds going to Gt. Ormond St. Children's Hospital - a cause that politicians find it hard for to take anything away from - and the alternative was to have a set period of copyright for everything, which would take away the "Peter Pan" copyright. The Germans managed to get this into UK/ EU law on the very day the "Mein Kampf" copyright would have expired, 1st Jan 1996. The official period of copyright remained 50 years in the UK, under the previous Copyright, Designs and Patents Act (1988), but because things are in copyright for 70 years in Germany, they are also in copyright in the UK for 70 years. (However I heard things have changed, the Brits got stiffed, the EU 70 years is now law in the UK, and JM Barrie's copyright in Europe will expire soon (as the UK Act that makes "Peter Pan" copyright in perpetuity will not affect them). I might be wrong about that) The Yanks just followed suit in extending the copyright period to 70 years, as they had the copyright back catalogue anyway, and it meant more money for them (there aren't any really valuble works whose copyright might have expired in the relevant times that aren't owned by Yanks, mostly by Silverlode (sp?) ( =Disney), except "Peter Pan" - the story concerning the recentish film and the copyright thereof, the machinations surrounding it, and the out-of-court not-really-a-settlement, is another interesting, but overlong, story - and perhaps "Wind in the Willows", but I don't know offhand who owns that one - might be the Bodleian). At least that was the position a couple of years ago, but anything may have happened since then, and plenty is about to happen. -- Peter Fairbrother
Re: Supremes and thieves.
Bill Stewart wrote: > At 09:54 AM 01/20/2003 -0500, Trei, Peter wrote: >> It dwindles because the rate at which the copyright period is increasing >> averages more than 1 year/year. Quite a number of works which had >> been in the public domain fell out of it when the 20 year extension went >> into effect. >> >> The public domain *did* dwindle. > > Did anything that had already become public domain cease to be public? I just asked a friendly US copyright lawyer* about the US situation. In general, works that have fallen into the public domain in the US did not fall back into US copyright under any of the various extensions, including the 1998 Sonny Bono Copyright Term Extension Act (I don't know if he was involved in it. Quite possibly, I'd guess). There is one exception, which covers mostly foreign-authored works which were not in copyright in the US on 1 Jan 1996 (the same date as in my other post...) but which were in copyright abroad. However, this was a result of the Uruguay Round Agreements Act (URAA), not the 1988 extension. US copyright durations have been extended 11 times so far... and I agree that the public domain has been impoverished by this, in the sense that newer works have not fallen into it. -- Peter Fairbrother *who agreed not to charge me - must be on happy pills!
Duh, transport
Been away from email for a while: Shuttle: Dangerous. I'd like to be in space, but... not 25-year-old tech, and not that way. If there was a Chinese spy satellite captured, might it not have had a nuclear power source, and wouldn't the debris be "hot"? Railways: Euro railways are better than US - but in at least the UK there is "compulsory purchase", when they grab your land and pay you very little for it, in order to build them. And too much government is involved. Cars: Liquid fuel of some kind is needed. It should be liquid at room temperature. Methanol/ethanol is quite good functionally, as is biodiesel for those engines that support it, but - the problem is energy generally, and pollution from greenhouse CO2. And if you reject statism over a point that could kill all our descendants... It's an easy problem to solve tho', except the solution messes up US oil interests (but it's a big-scale project) - grow seaweed in the Pacific. There are millions of square _miles_, not acres, of near-empty ocean, and all you need is a mesh with a few (recyclable) nutrients suspended a few metres below the surface. Convert the biomass to a liquid fuel... Removes CO2 too. Not a new idea. -- Peter Fairbrother
Transport, the near future
me again. Space transport: I like the two-stage-to-orbit solution for humans, with the booster stage piloted. The maths works well. I don't know about scramjets etc for the booster, but a few rockets would do, with an aero fuselage to take off and land. Using current airline technology mostly. Safe. Cheap. If the second stage isn't reusable as a second stage (or if eg just the engines are) that's okay too. Things like tanks are useful in orbit, hell anything, any mass, is useful there. SSTO is pride, not economics (assuming at least a low-to-medium demand). But there ain't a company anywhere that's going to put up the dosh if NASA and the US insists on being the best... Another I like is tether systems, but not yet. The low-orbit rotating tethers with hypersonic collection (the tip of a rotating tether, whose overall CoG moves at orbital speeds, collects the spacecraft-to-be at mach 10 or so in the upper atmosphere) are a bit fraught, but doable with near-modern-day tech (modern economic materials ok, but patented!). A bit further on you might have a tether that reaches the ground... so a rope falls down from space, you grab on, and it yanks you up to orbit! Yeah!!! And light gas guns for cargo, perhaps with a mag assist. A two-ton payload gas-gun would cost $4bn to $6bn to build, then about $6,000 per ton launched, excluding capital costs. Figures are mine, about 5 years old. I suspect there are those who could do better, but aren't saying. I suppose you could even put one on the Ecuadorean plains, pointing up to the mountains near Quito, and have the needed 300km runup and low-gee for passengers (if it's on the equator you can schedule shots much better, eg every 30 minutes). Personal transport: Cars are okay, but I hate driving unless it's too fast for transport purposes. Suppose we have a mix of trains and cars - even the "Stephenson's Rocket" trials thought of carrying personal carriages on trains. If there was power and computer control available then people's individual cars could travel on the same lines as trains, but without needing an engine - or a schedule - or a train - or a driver - or a driving lcence - ar road accidents. Great when you're pissed and just want to say "Home George" (as a kid we actually had a chauffeur called George Cole, but I called him "Coley", not George). The macho Tim's of this world could also have fuel tanks on their cars, so thay could go where they liked (and if there was a strike, or the power failed, it wouldn't matter that much. Redundancy. Also you could get to places not on the regular network). Expensive in infrastructure terms, especially in the US. In the EU it might be better, as there are more railways already. But not cheap.
Re: Transport, the near future
Steve Schear wrote: > > My preference is the space elevator. In simple terms, the space elevator > is a ribbon with one end attached to the Earth's surface and the other end > in space beyond geosynchronous orbit (35,800 km altitude). The competing > forces of gravity at the lower end, and outward centripetal acceleration at > the farther end, keep the ribbon under tension and stationary over a single > position on Earth. This ribbon, once deployed, can be ascended by > mechanical means to Earth orbit. If a climber proceeds to the far end of > the ribbon and releases, it would have sufficient energy to escape from > Earth's gravity and travel to the Moon, Mars, Venus and the asteroids. > > http://www.highliftsystems.com/ > > > "Reality must take precedence over public relations, for nature cannot be > fooled." > -- Richard P. Feynman It's a nice idea, but it needs a tensile-strength-to-mass ratio equivalent to holding a girl and her mother up by a single thread of her 10 denier stockings. Not easy to achieve. You'd need carbon nanotubes or the like, and at the moment we can't build it. You also need 45,000 km or so of tether. Expensive. Huge investment, fragile. Unrealistic, imo. Rotating tethers on the other hand can use hi-test fishing line. Really, no kidding. You only need a few hundred km, or at most a few thousand km, of tether. Cheap. There are two types, landing takeup and hypersonic takeup. They work a bit like this (here goes a try at some ascii art...) [] orbiting mass--> \ \ rotating tether \ \ <-\ space atmosphere earth (on this scale a space elevator cable would be roughly six feet long) The tether, whose centre of gravity is in a fairly low orbit, dips it's end into the earth's atmosphere every so often. Hypersonic takeup tethers catch a 'plane flying at hypersonic speeds in the upper atmosphere, and landing takeup tethers reach the surface. The energy/momentum is replaced by sending current through the tether as it passes through the Earth's magnetic field. Hypersonic takeup tethers are better studied, even the rendezvous techniques apparently work, and can use fishing line except for the short length that enters the upper atmosphere (it would melt). They use a mesh-like tether structure to avoid catastrophic damage from meteorites etc (a patented, but IMO obvious, idea). Landing tethers sort of cast the line a bit ahead, like a fisherman; it hits the ground, is tied on to the spaceship (good knots!) and then the line and the spaceship are dragged up. No-one really has studied them much (except me, and I'm not telling yet), but the strength (and length) of line needed is _much_ (order of mag+) less than a space elevator. And you don't need a hypersonic 'plane. You can also fling things away from the tether when they're going away from the Earth. Can get any (reasonable) speed you like. -- Peter Fairbrother
Re: A secure government
David Howe wrote: >> No, the various provisions of the Constitution, flawed though it is, >> make it clear that there is no "prove that you are not guilty" >> provision (unless you're a Jap, or the government wants your land, or >> someone says that you are disrespectful of colored people). > Unfortuately, this is not true in the UK - the penalty for > non-decryption of encrypted files on request by an LEA (even if you > don't have the key!) is a jail term. Dave, a) it's not law yet, and may never become law. It's an Act of Parliament, but it's two-and-a-bit years old and still isn't in force. No signs of that happening either, except a few platitudes about "later". b) Plod would have to prove you have the key, and refused to give it, before you got convicted. Kinda hard to do. c) you already know this!!! -- Peter Fairbrother
Re: DOJ quietly drafts USA Patriot II w/crypto-in-a-crime penalty
Declan McCullagh wrote: > > Note the draft legislation creates a new federal felony of willfully using > encryption in the commission of a felony. "No more than five years" in > prison plus a hefty fine. "Any person who, during the commission of a felony under federal law. knowingly and willfully encrypts any incriminating communication or information relating to that felony - [gets 5 years 1st time, 10 the second, +fines]". Felons, be sure and use good crypto, with ephemeral keys!! And whatever you do, don't give keys in the cells! Really, makes you wonder what they're on. Prisoner's Dilemma steroids, I suppose. -- Peter Fairbrother ps would it include using a GSM mobile in a bank robbery?
Re: Challenge to David Wagner on TCPA
> AARG! Anonymous wrote: > James Donald wrote: >> On 29 Jul 2002 at 15:35, AARG! Anonymous wrote: >>> both Palladium and TCPA deny that they are designed to restrict >>> what applications you run. The TPM FAQ at >>> http://www.trustedcomputing.org/docs/TPM_QA_071802.pdf reads >> >> They deny that intent, but physically they have that capability. > > Maybe, but the point is whether the architectural spec includes that > capability. After all, any OS could restrict what applications you > run; you don't need special hardware for that. The question is whether > restrictions on software are part of the design spec. You should be > able to point to something in the TCPA spec that would restrict or limit > software, if that is the case. > > Or do you think that when David Wagner said, "Both Palladium and TCPA > incorporate features that would restrict what applications you could run," > he meant "that *could* restrict what applications you run"? They *could* > impose restrictions, just like any OS could impose restrictions. > > But to say that they *would* impose restrictions is a stronger > statement, don't you think? If you claim that an architecture would > impose restrictions, shouldn't you be able to point to somewhere in the > design document where it explains how this would occur? > > There's enormous amount of information in the TCPA spec about how to > measure the code which is going to be run, and to report those measurement > results so third parties can know what code is running. But there's not > one word about preventing software from running based on the measurements. > The wise general will plan his defences according to his opponent's capabilities, not according to his opponent's avowed intentions. However, in this case the intention to attack with all available weapons has not been well hidden. There may be some dupes who honestly profess that no attack is planned, and some naif's who cannot or will not see the wood, but they will reap the whirlwind. My humble opinion, -- Peter Fairbrother
Re: TCPA/Palladium -- likely future implications (Re: dangers ofTCPA/palladium)
Adam Back wrote: [...] > - It is always the case that targetted people can have hardware > attacks perpetrated against them. (Keyboard sniffers placed during > court authorised break-in as FBI has used in mob case of PGP using > Mafiosa [1]). [...] > [1] "FBI Bugs Keyboard of PGP-Using Alleged Mafioso", 6 Dec 2000, > slashdot That was a software keylogger (actually two software keyloggers), not hardware. (IMO Scarfo's lawyers should never have dealt, assuming the evidence was necessary for a conviction, but the FBI statement about the techniques used was probably too obfuscated for them - it took me a good week to understand it. I emailed them, but got no reply. Incidently, Nicky Scarfo used his father's prison number for the password, so a well researched directed dictionary attack would have worked anyway.) The FBI reputedly can (usually, on Windows boxen) now install similar software keyloggers remotely, without needing to break in. -- Peter Fairbrother
Re: Spam blocklists?
Greg Broiles wrote: [...] >> Osirusoft seems to be a spam blocker, but blocking legitimate mail is going >> too far. I'd rather have the spam. And I object strongly to third (or >> fourth) parties deciding what to do with my mail. > > It's the recipient, or someone acting on their behalf, who's deciding what > to do with > *their* mail, at least from the recipient's perspective. One of the ISP's I use (only until the contract ends!!) now forces me to employ spam blocking, I have no choice. Quote "It is necessary for Freezone Internet to put such measures in place in order to ensure that other mail servers on the Internet do not block traffic originating from Freezone Internet's mail servers. If Freezone Internet were to be blocked, eventually over 90% of your email potentially may not be received or delivered to its recipients." IMO this is just plain wrong. Spam is a problem, no doubt, but it's not evil or anything, and I object to people stopping my email, for whatever reason (DoS attacks are another matter). There used to be an offence of interfering with the Royal Mail (in the UK, with horrendous penalties). While the per-message cost of email is so low that that concept is no longer viable for email, there must be better ways to limit spam. For instance, limiting the number of recipients of an email (the cryptogeek system I'm working on [m-o-o-t] just allows one), or limiting the number of emails one IP can send per day (adjusted for number of users). There was an EU proposal to force spammers (who are not always unwanted) to put [ADV] in the Subject: line, with appropriate penalties if they failed to, but it didn't happen (and we got long-term traffic data retention instead). I don't know offhand how to do it, but having unelected and unaccountable people (making the conditions for) stopping my email is unacceptable. If somehow there was a limit to the number of people an email could be sent to without a willing "passing on" by a human, that could limit the damage spam could do, and be a better way to do it than involving stopping real (false positive) emails. A slightly drunk (you don't see me here very drunk that often, lucky someone , -- Peter Fairbrother
Re: Bush admin cybersecurity report weighs anonymity
Declan McCullagh wrote: > > It says the executive branch should consult with privacy groups and > attempt to preserve civil liberties, but concludes that in some cases, > privacy could be limited. "Allowing completely anonymous > communications on a wide-scale basis, with no possibility of > determining the source, could shelter criminal, or even terrorist > communications," the draft says. > I wonder whether the authors know that it is impossible to stop anonymous communications for the intelligent criminal or terrorist who is willing to jump through a few hoops. If they don't, they shouldn't be writing such reports, as they are not qualified. If they do, then I wonder at their motives. The use of the term "wide-scale" is worrying in it's implication that they do know of the impossibility, and merely want to prevent anonymity for the masses. If the motive is to provide general surveillance capability, it is reprehensible and oppressive. Didn't you 'merkins once fight against oppressive government? If it's intended to help catch the dumb criminals and terrorists, they are mistaken about it's likely effectiveness - tracing is only useful when there is something worth tracing, and this only happens when people are unaware that their communications can be traced. Even dumb criminals and terrorists (who can usually be caught by less intrusive methods anyway) will quickly learn not to use traceable communications. Disposable mobile- and pay- phones are already favourites. I suppose they might be comparing the slight, short-term benefit to be gained in the ease of catching the dumb against the long-term loss of liberty for all, and weighing the loss of liberty at naught. If the motive is to give citizens the feeling that something is being done, it's just more political bullshit, but with unfortunate consequences. I can't think of any other possible motives. -- Peter Fairbrother
Re: The End of the Golden Age of Crypto
Tyler Durden wrote: > (I believe that the non-existence of the "last" prime number is also > unprovable.) Could you give some details/ a ref please? The usual proof by contradiction is easy and well-known. Suppose there is a "last" prime. Generate a list of all the primes sooner than or equal to the supposed last prime (in practice this could take some time, but not infinite time). Multiply them all together and add 1. Result has remainder of 1 for all primes in list. Therefore either the result (which must ' be later than supposed "last" prime) is prime, or the result is a multiple of primes not on the list (which must ' be later than supposed "last" prime). Therefore there must be a later prime than the supposed "last" prime. Should be valid in some non-Godelian systems as well. Doesn't apply in all fields though, but ordering in those fields where it doesn't apply is usually* impossible, so you can't even define a "last" prime there. Of course we can't even prove "cogito ergo sum", but I don't think that was your point. -- Peter Fairbrother Non-mathematicians should replace "sooner" with "smaller", "later" with "larger", and "last" with "largest". ' There are some ordering considerations I have left out, but they all work out in the field of Natural numbers. *Always?
Re: Yodels, new anonymous e-currency
Nomen Nescio quoted: >> The author of Yodel Bank can be reached on IIP under the name yodel on >> #yodel. He claims to be fully anonymous to the world Why? What for? It's the customers who need anonymity, not the Bank. It is now legal in the UK and the EU to issue "private money". You need a lot to start (euro100k or so) and you need to follow some regulations, but AFAIK customer anonymity isn't prohibited. I'm not clear on the details though. Started around the beginning of summer, sorry no ref's, but an inventive Googler should find something. I think Ben (Laurie) was interested in doing something along these lines. -- Peter Fairbrother
Re: The End of the Golden Age of Crypto
Jim Choate wrote: > > On Wed, 13 Nov 2002, Peter Fairbrother wrote: > >> Jim Choate wrote: >> >>> >>> What I'd like to know is does Godel's apply to all forms of >>> para-consistent logic as well > >> However you can have eg arithmetics without Peano counting, and so on, and >> there are ("trivial" according to Godel, but even he acknowledged that they >> exist) systems that are both complete (all problems have answers) and >> consistent (no statement is both true and false). > > [SSZ: text deleted] > >> Can you do interesting things in such systems? Yes. But you tend to leave >> intuition behind. > > What the hell does 'counting' have to do with para-consistent logic on > this? Extraordinary claims... Godel's (allegedly?) applies, as Ben pointed out, to "any sufficiently complex system". The requirement of "sufficient complexity" is that the system contains Peano counting. Systems described by Presburger, by Skolem, and by Tarski are among those which do not include Peano counting, and which are both consistent and complete. The relevance of non-Peano counting is simply that you can often do more things in a system that includes some form of counting. One way of stating Godel is "No system that includes Peano counting is both consistent and complete". > The answer of course is "Yes, Godel's applies to Para-Consistent Logic". Trivially, to the extent that all paraconsistent systems are not consistent by definition, you can say "yes". You can also say "no"! Not all paraconsistent systems include Peano counting. Depends what you mean by "apply". Godel also has connotations of consequences _within_ the system, eg regarding decideability. Let me introduce a term, "Godellike", to describe a system that obeys those supposed consequences. Are paraconsistent systems Godellike? Not necessarily, that's one of the reasons for the development of paraconsistent systems. > What really matters is the 'complete', not the 'consistent'. Godel's > doesn't apply to incomplete systems because by definition there are > statements which can be made which can't be expressed, otherwise it would > be complete. You can't prove something if you can't express it since there > is no way to get the machine to 'hold' it to work on it. Ahh, those problems of definition again. "Complete" is normally* taken to mean that every statement expressable within a system is provably true or is provably false within the system. I don't know offhand of any paraconsistent systems that have that property, but it's not impossible afaik. IMO "complete" has nothing to do with "statements which can be made which can't be expressed" - though I may be wrong, as I don't understand exactly what that means. -- Peter Fairbrother *As in Godel's other famous theorem, the completeness theorem, which is completely (ouch) different to his incompleteness theorem, the one we are discussing.
Re: OPPOSE THE WAR! We are going to ruin Iraq to get the oil. Who's ne
Kevin Elliott wrote: > 2) rifled muskets were not effective because of the ponderous reload > time (I don't have precise figures, but the number 1/6th-1/10th the > rate of fire of a smoothbore musket comes to mind) There isn't that much difference in reload times - say 30 seconds for a Kentucky rifle, as opposed to 20 seconds for a Brown Bess musket, for well-trained troops. However, if you are in a volley line and waiting for the last man to reload before firing a volley, that's a lifetime. Remember, you are standing up to reload! Putting a few men armed with rifles in a line of musketmen, they would seem useless, or worse, a liability. Before I get flamed about those figures, may I point out that modern black powder flintlock rifle shooters can and do shoot about one round a minute, without trying to fire fast - a hotspot on the barrel can cause the powder to cookoff unexpectedly, so they service the bore and touch hole between shots, which slows them; but this isn't so important on the battlefield when risks can be taken. It is said that Simon Kenton could reload his Kentucky rifle in 12 seconds. The world record Springfield reload is about 6.5 seconds, a Brown Bess will take a bit longer than a Springfield. At first glance the rifle was a better infantry weapon, but pitched battles at 300 yards just didn't happen - and smoke obscuring the battlefield made aimed shots difficult after a few volleys. Muskets weren't usually aimed, just pointed in the right direction - musketmen were sometimes told to close their eyes when firing to prevent injury from pan flash. In volley fire it isn't really possible to aim - for aimed fire you need to fire when the rifleman is ready, not on command. The superior accuracy of a rifle is no use if you can't or don't aim it. The time taken to aim also slows the rate of fire over an unaimed weapon. Another problem was that early rifles weren't optimised for battle or use in an army. It was often difficult starting the ball down the barrel, which can slow reload time - there's a tool to do it, and you then use the ramrod, but if the rifle/ball/patch combination is right you can start the ball by hitting it with the ball of your hand, and the ramming can be quite quick. Rifles were seldom fitted with bayonets, important to the tactics used at the time - fire a volley or two, then a bayonet charge while your opponents are reloading. They were also too fragile to use as a close quarter club. Rifles weren't standardised either, so ammunition and parts couldn't be shared and the riflemen had to cast/roll their own balls. Rifle balls need to be more accurate than musket balls. Rifles take more training to use as well. But I think the main reason that rifles didn't play a bigger part, apart from the usual military inertia (google Ferguson rifle for a British example of this), was the simple lack of rifles, and their cost. Many men fighting in the Revolutionary War didn't have any firearms at all. -- Peter Fairbrother
Re: CDR: Re: The End of the Golden Age of Crypto
Jim Choate wrote: > > On Wed, 20 Nov 2002, Peter Fairbrother wrote: > >> Completeness has nothing to do with whether statements can or cannot be >> expressed within a system. >> >> A system is complete if every sentence that is valid within the system can >> be proved within that system. > > Introduction to Languages, Machines and Logic > A.P. Parks > ISBN 1-85233-464-9 > pp 240 and 241 A "non-mathematical" "easy to read" primer (quotes from Springer-Verlag). I don't have a copy. If Alan Parkes says Godelian completeness is other than the definition above then he is wrong - possible, he is a multimedia studies teacher, and afaik is not a mathematician - but I suspect you misread him. FYI, I just googled "completeness godel". First five results plus some quotes are at the bottom. Five minutes, which I could have spent better. RTFM. -- Peter Fairbrother ... Googling "completeness" and "Godel", first five results: http://www.math.uiuc.edu/~mileti/complete.html No simple definition of completeness. Nice intro to models though. www.chaos.org.uk/~eddy/math/Godel.html "Completeness is the desirable property of a logical system which says that it can prove, one way or the other, any statement that it knows how to address." www.uno.edu/~asoble/pages/1100gdl.htm "Completeness = If an argument is valid, then it is provable" http://www-cs-students.stanford.edu/~pdoyle/quail/questions/11_15_96.html "A complete theory is one contains, for every sentence in the language, either that sentence or its negation." http://www.wikipedia.org/wiki/Kurt_Godel -- link to http://www.wikipedia.org/wiki/Goedels_completeness_theorem "It states, in its most familiar form, that in first-order predicate calculus every universally valid formula can be proved."
Re: CDR: Re: The End of the Golden Age of Crypto
Jim Choate wrote: > Para-consistent logic is the study of logical schemas or > systems in which the fundamental paradigms are paradoxes. It's a way of > dealing with logical situations in which true/false can't be determined > even axiomatically. Most paraconsistent logics deal with paradoxes, but I know of none whose "fundamental paradigms are paradoxes". That barely makes sense to me, and is certainly not true. Paraconsistent logics often* allow some but not all sentences within the logic to be both true and false. In paraconsistent logics that have simple notions of true and false** it is usually (at least sometimes) possible to axiomatically determine whether a sentence is true or/and false - they wouldn't be much use if you couldn't! (not that they are much use anyway). * Many logicians would say they all do, according to Vasiliev and Da Costa's original definition. Some would say only some do. And some logician somewhere will disagree with almost anything you say about paraconsistent logics... ** Not all do, eg some have multi-value truths. Some have conditional truths, or truths valid only in some worlds. Some have true, false, both and neither. And so on. As usual, some logicians will disagree with this. For those who might care, paraconsistent logics are usually defined as non-explosive* logics. Ha! There is some argument (lots!**) about that, but it's the generally accepted modern definition (or at least the one most often argued about). * logics in which ECQ does not hold. ECQ = Ex Contradictione Quodlibet, anything follows from a contradiction. In most "normal" logics, if any single sentence and it's negation can both be proved, then _every_ sentence can be proved both true and false. This property is known as explosiveness. ** For instance, it has recently been shown that some logics traditionally known as paraconsistent, eg Sette's atomic P1 logic, are explosive, contrary to that definition. There are arguments about the meaning of negation as well, all of which confuse the issue. BTW, the name doesn't have anything to do with paradoxes, at least according to the guy who invented it. The "para" bit is supposedly from an extinct word (I forget the language, Puppy-something, really) for "arising out of, coming from". Some say it's from the Greek para- "beyond"; but I've never heard the "paradox" story before. I hope this at least interested some, and was not just troll-food. -- Peter Fairbrother
Re: A couple of book questions...(one of them about Completeness)
Jim Choate wrote: > > With regard to completeness, I have Godel's paper ("On Formally > Undecidable Propositions of Principia Mathematica and Related Systems", K. > Godel, ISBN 0-486-66980-7 (Dover), $7 US) and if somebody happens to know > the section where he defines completeness I'll be happy to share it. That's* the wrong paper. You want "The completeness of the axioms of the functional calculus of logic" which is a 1930 rewrite of his doctoral dissertation. This is known as Godel's completeness theorem. Godel didn't invent the term though, and may not have said "this is the/my definition of completeness". I haven't read them for some time, and can't remember. He may well have assumed his readers would already know it. Or try "Some metamathematical results on completeness and consistency" or "On completeness and consistency" from 1931. Reports of his 1930 lecture would also be useful. Afaik they aren't available on the 'net. Some or all of these are in: From Frege to Gödel, Jean van Heijenoort, Harvard University Press. ISBN 0-674-32450-1 , (recently ?reissued? as ISBN 0-674-32449-8 at around $25, but I haven't seen the new version) which should also give you the history of the term. -- Peter Fairbrother * The one mentioned is available at http://www.ddc.net/ygg/etext/godel/godel3.htm if anyone wants to have a look. It's commonly called his incompleteness theorem paper, but the paper doesn't talk directly about completeness, rather about the existence of undecidable propositions - however the "incompleteness" name is a bit of a giveaway... if an undecideable proposition exists within a system then the system is incomplete.
Re: CNN.com - WiFi activists on free Web crusade - Nov. 29, 2002
Eugen Leitl wrote: > On Sun, 1 Dec 2002, Dave Howe wrote: > >> ah. Sorry, I don't think of dns as a name service (apart from once >> removed) - we are talking DHCP or similar routable-address assignment. > > You can use GPS as naming service (name collisions are then equivalent to > physical space collisions). You can actually label the nodes > automagically, once you know that it's a nearest-neighbour mesh spanned > over patches of Earth surface. You can use signal strenght and > relativistic ping to make mutual time of flight triangulation. It is a > good idea to use a few GPS anchor nodes, so that all domains are > consistent. What I don't understand is how a node knows the location of a person who moves about in the first place. Also, I don't like the idea that my location is known by the location of my equipment. But I know very little about geographical routing. -- Peter Fairbrother
Re: CNN.com - WiFi activists on free Web crusade - Nov. 29, 2002
Eugen Leitl wrote: > On Mon, 2 Dec 2002, Peter Fairbrother wrote: > >> What I don't understand is how a node knows the location of a person >> who moves about in the first place. > > The node spans a cell. Similiar to your cellular phone, you can link an ID > to a cell. Within the cell you can use relativistic ping and/or signal > strength (that's how mobile phone localization is done today). Since cells > overlap you've got a lot of constraints to get a position fix. Sure, I understand that. Maybe I wasn't clear. What I want to know is how an end-user can know where another end-user, who moves from cell to cell, is? A cellphone network uses a constantly-updated central database. What is a cell here? Is it just the nodes that one node can reach directly, or a geographical area? I thought a mesh wasn't structured at that level. -- Peter Fairbrother
Re: A couple of book questions...(one of them about Completeness)
Jim Choate wrote: > Complete means that we can take any and all -legal- strings within that > formalism and assign them -one of only two- truth values; True v False. Getting much closer. "Complete" means we can, within the formalism, _prove_ that all universally valid statements within the formalism are true. That's it. Little more to say. Except that at the time (1930)(in his doctoral thesis, later "The completeness of the axioms of the functional calculus of logic", in which he proved the completeness of FOL) Godel only proved that such proofs exist, and it was much later (1965?-ish) that a constructive procedure for proof generation was published... though he did also prove (for FOL, and the "usual suspect" logics, and some other logics) that that is the only way a logic _could_ be complete - and that, in those cases, the earlier disputed meanings of "complete" are identical/the differences are irrelevant; - and that his definition (above) is sufficient, eg (but not ie) that proof of negation is not required. -- Peter Fairbrother
Re: ...(one of them about Completeness)
Jim Choate wrote: > > On Wed, 4 Dec 2002, Ken Hirsch wrote: > >> Jim Choate says: >> >>> Godel's does -not- say mathematics is incomplete, it says we can't prove >>> completeness -within- mathematics proper. To do so requires a >>> meta-mathematics of some sort. >> >> You are mixing up what Godel says about proving consistency within a system, >> and his incompleteness theorem. Godel most certainly DOES prove that >> mathematics is incomplete. > > No Ken, he says you can't prove it. That it is unknowable. No he didn't. He proved Mathematics is incomplete, ie that there are universally valid but unprovable statements within it. He proved that any system that contains Peano arithmetic (roughly, a concept of the natural numbers) is incomplete. Mathematics certainly contains Peano arithmetic. Go and lie down. Your brain is feverish. And stop posting nonsense. -- Peter Fairbrother
Re: DBCs now issued by DMT
OK, suppose we've got a bank that issues bearer "money". Who owns the bank? It should be owned by bearer shares, of course. Can any clever person here devise such a protocol? I'd guess that all the Bank's finances should be available to anyone who asks. That should include an accounting of all the "money" issued. And not be reliant on one computer to keep the records. Or the propounders wanting to: make a profit/control the bank? -- Peter Fairbrother (who's drunk now, but will be sober tomorrow, and may regret posting this then...)
Re: DBCs now issued by DMT
I missed a trick (I was drunk.. and am again). Why should there be a bank, as an organisation, at all? Money doesn't mean anything real nowadays, it's just a medium. When it was gold it might have meant something - but when the Spanish brought lots of gold from the new world it fd up their ecomomy. It's just a medium. That means that it should be exchangeable for other things, not necessarily dollars or lire. If dollars and lire are exchangeable for goods then they should be exchangeable for our money. But do we need a bank? I'd guess we need an issuer, but why can't it be a distributed issuer without central control (or even distributed control?)? Can't the protocol deal with the problem of issue? (We'd have to write a damn good one, of course) -- Peter Fairbrother bear wrote: > > > On Thu, 5 Dec 2002, Peter Fairbrother wrote: > >> OK, suppose we've got a bank that issues bearer "money". >> >> Who owns the bank? It should be owned by bearer shares, of course. >> >> Can any clever person here devise such a protocol? > > I thought about this problem for several months. > > The problem I kept running into and had no way around is that if the > holders are truly anonymous, then there is no way for them to seek > redress for fraudulent issue or fraudulent transactions. If the > banker goes broke, people want to be able to make a claim against the > banker's future earnings for whatever worthless currency they were > holding when it happened, and they cannot do that from a position of > anonymity. People want a faithless banker punished, meaning jail time > or hard labor, not just burning a nym. > > The sole method for any truly anonymous currency to acquire value is > for the banker to promise to redeem it for something that has > value. So the banker, if it's to have a prayer of acceptance, cannot > be anonymous. > > And the minute the banker's not anonymous, the whole system is handed > on a platter to the civil authorities and banking laws and so on, and > then no part of the system can be reliably anonymous because the > entire infrastructure of our legal system requires identity. > > Look at the possibilities for conflict resolution. How can the > anonymous holder of an issued currency prove that he's the beneficiary > to the issuer's promise to redeem, without the banker's cooperation > and without compromising his/her anonymity? And if s/he succeeded in > proving it, who could force an anonymous banker to pay up? And if you > succeeded in making the banker pay up, how could the banker prove > without the cooperation of the payee that the payment was made and > made to the correct payee? > > We use a long-accepted fiat currency, so we're not used to thinking > about the nitty-gritty details that money as an infrastructure > requires. It is hidden from us because our currency infrastructure has > not broken down in living memory. We shifted from privately issued > currency to government-issued currency largely without destabilizing > the economy. Then once people were accustomed to not thinking of a > promise to redeem as being the source of value, we went off the gold > standard. Our economy hasn't broken yet, but you have to realize that > this situation is a little bizarre from the point of view of currency > issue. We're not thinking anymore about the promise to redeem > currency for something of value, and the implications of failure to > honor that promise, because we live in a sheltered and mildly bizarre > moment in history where those things haven't been relevant for a long > time to the currency we use most. But any new currency would have to > have a good solid solution for that issue. > > The only way I found to decentralize the system, at all, was the model > where all the actors are pseudonymous rather than anonymous, each user > has the power to issue currency, and different issued currencies were > allowed to fluctuate in value against each other depending on the > degree of trust or value of the underlying redemption commodity. > Money becomes a protocol and a commodity and labor exchange in raw > form, rather than a simple sum - it's back to the barter system. > >> I'd guess that all the Bank's finances should be available to anyone who >> asks. That should include an accounting of all the "money" issued. And not >> be reliant on one computer to keep the records. > > An interesting idea, but it more or less prohibits offline > transactions involving a currency issue. It also means the entire > market must be finite and closed. > >> Or the propounders wanting to: make a profit/cont
Re: [MPUNKS] Cypherpunks December Mtg: HIGHFIRE Design Session
Dave Del Torto wrote: > Resumes should be in plain > ASCII text format with a PGP signature (detached sigs are OK) and on > floppy disk or CD-R also containing a copy of the applicant's PGP > public key. Fuck off. If you think that a PGP key is good enough, you don't know the threats you are facing with GAK and the like. If you think a resume should be required... -- Peter Fairbrother i sing of Olaf glad and big whose warmest heart recoiled at war: a conscientious object-or his wellbelovid colonel (trig westpointer most succinctly bred) took erring Olaf soon in hand; but-though an host of overjoyed noncoms (first knocking on the head him) do through icy waters roll that helplessness which others stroke with brushes recently employed anent this muddy toiletbowl, while kindred intellects evoke allegiance per blunt instruments- Olaf (being to all intents a corpse and wanting any rag upon what God unto him gave) responds, without getting annoyed "I will not kiss your fucking flag" straightaway the silver bird looked grave (departing hurriedly to shave) but -though all kinds of officers (a yearning nation's blueeyed pride) their passive prey did kick and curse until for wear their clarion voices and boots were much the worse, and egged the firstclassprivates on his rectum wickedly to tease by means of skillfully applied bayonets roasted hot with heat- Olaf (upon what were once knees) does almost ceaselessly repeat "there is some shit I will not eat" our president,being of which assertions duly notified threw the yellowsonofabitch into a dungeon,where he died Christ (of His mercy infinite) i pray to see;and Olaf,too preponderatingly because unless statistics lie he was more brave than me:more blond than you by ee cummings who was an American and a man but he's dead now
Re: Extradition, Snatching, and the Danger of Traveling to Other Countries
Anonymous wrote: > On Thu, 12 Dec 2002 10:47:25 -0800, Tim May wrote: >> >> America used to disdain the secret trials, the Star Chamber proceedings so >> endemic in other parts of the world. Now we have them. >> >> We will reap what we sow. >> >> --Tim May > > Spot on. But what, if anything, do you think can be done to > reverse this slide to Red White and Blue Stalinism with good PR? > I trust you are not one of those who will prattle something like > "exercise your right to vote", or "write your > congressperson/MP", etc. In practical terms, in a surveillance > society, what can the regular person do to strike a blow in > opposition to the direct attack on the Constitution and civil > liberties and civil rights? > > Do we need a program to oppose the progrom? Dear America, Yes, It's hard, but here's how. First, you can make comms unreadable. There are well-known ways to do this. Second, you can make comms untraceable. Ways to do this exist, and better ones are being developed*. Third, you can make comms available to everyone - the 'net might help here. If you don't choose to use these methods, the consequences are up to you. But secure comms alone will only provide you with useful information, by themselves they aren't enough; you need to vote. Lots of you. Nothing else really matters. To "them", and you. -- Peter Fairbrother
Re: constant encryped stream
Get the "pull" from a "party popper" and wrap it in a dollar bill. Record the serial number of the bill (some crypto here maybe). Make it impossible to open the closet without setting the "pull" off, ie no trapdoor. Fairly good tamper-evidence, and the token is hard (and very illegal!) to forge. Also the dollar bill is still spendable, so the only cost of your accesses are the "pull"s. Depends on your threat model, of course. -- Peter Fairbrother
Re: Power Grab: Ashcroft overturns 4th Amend
Major Variola (ret.) wrote: > Administration Calls for Unprecedented Subpoena Powers > > http://www.latimes.com/news/nationworld/nation/la-na-subpoena14sep14,1,689004. > story?coll=la-home-todays-times > > Unlike in ordinary criminal investigations, Ashcroft would not need the > approval of a grand jury or a judge to order witnesses to appear for > questioning. > > "The attendance of witnesses and the production of records may be > required from any place in any state or in any territory or other place > subject to the jurisdiction of the United States at any designated place > of hearing," the administration's bill says. > > ... > The bill includes a "nondisclosure requirement" as well. "If the > Attorney General certifies [there] may result a danger to the national > security, no person shall disclose to any other person that a subpoena > was received or records were provided," it says. > > Grand juries operate in secret as well. And though they are often seen > as a rubber stamp for the government, Cole said the mere presence of the > jurors restrains prosecutors. "There is a real difference when a > prosecutor knows 23 citizens are there observing what's going on," he > said > > ... > > The administration proposal was introduced in the House last week by > Rep. Tom Feeney (R-Fla.). > > Hmm, other Rep.tiles from Fla get turned into boots. And they're not > even raping > the constitution. McCarthy? The tee-shirt is mostly methane now. -- Peter Fairbrother
Re: Idea: The ultimate CD/DVD auditing tool
okay I'm a bit pissed now. actually i'm raging pissed! Wh!!! the nyquist/lindquist/someone-else-who-was-pissed sampling theorems are based on the possibility of mathematically extracting frequencies from digital information in a STEADY_STATE situation. That doesn't mean that a speaker will properly reproduce those frequencies. Consider the dynamics of energy transfer. A digital signal at near-1/2-sampling frequency will have two datum points. The transitiion between them will be dramatic! the possibilities of energy transfer will not be comparable to an analogue sinusoidal waveform. And that's why good analogue is better then good digital. Doug Self etc. did some work on ultra-fast analogue systems in the mid 90's, and designed some amps that were and are regarded as pretty good - but afaik he didn't get the theory right. YHHH!-- Peter Fairbrother
Re: Idea: The ultimate CD/DVD auditing tool
I wrote: the nyquist/lindquist/someone-else-who-was-pissed sampling theorems are based on the possibility of mathematically extracting frequencies from digital information in a STEADY_STATE situation. That doesn't mean that a speaker will properly reproduce those frequencies. Consider the dynamics of energy transfer. A digital signal at near-1/2-sampling frequency will have two datum points. The transitiion between them will be dramatic! the possibilities of energy transfer will not be comparable to an analogue sinusoidal waveform. and i missed a bit or two. Consider the entropic uncertainty of a signal that has two-and-a-bit datums, against a sine wave. Start from zero, and go to such a waveform. Is it a constant-amplitude sine wave at frequency z? or a decaying sine at a frequency (z-at)? There's more, and it's to do with the limits of fourier and sampling theory. Say you have a wave at a frequency of z that's sampled according to nyquist theory. can you distinguish it from a wave of a frequency z - delta z? It can be done, but it takes a while, and a good few samples to do it. And a good analogue system will do it quicker. someone (hopefully not me, i haven't the time just now) can probably apply wavelet theory and get all this from steady-state theory, and tie it up in a nice package. -- Peter Fairbrother
Re: Security for Mafiosos and Freedom Fighters
Bill Frantz wrote: > Ever since I heard that manufacturers were cleaning assembled boards with > soap and water I have wondered just how much you need to protect electronic > circuits from water. You obviously don't want to allow them to stay damp > so they corrode, but immersion for a time (up to weeks) followed by a fresh > water rinse and drying might not be so bad. Do any hardware experts have > an opinion? A long time ago I used to teach an "intro to computing" class. many students were older people who were afraid to physically touch a keyboard - partly just because it was unfamiliar, because it meant they were actually, now, starting on the road to learning, because they feared to "break something", or because they thought they might get a shock (I kid you not). I digress. One way of making them feel more comfortable was to "accidently" spill a drink on a keyboard, than immerse it in a sink, rinse, and hang out to dry. Sometimes I used a hairdrier to reuse the keyboard during the lesson, but mostly I just left it overnight to dry. That gave some at least of them some confidence that it was ok to touch the keyboard. I've also washed an iMac (which had fallen in the sea) by immersion in tap water and careful drying, the CD needed more care (drying with IPA), I took out the hard drive first and was careful with that, also cleaned all connectors with solvent cleaner, but it worked ok afterwards. BTW, do NOT do this with crappy Apple keyboards! They are membrane-based and will be destroyed. They are also hard to open for repair, and when I asked an Apple chap about them he said "You should never drink near a keyboard". What crap! I give no guarantee that it won't destroy your keyboard, but it won't hurt most keyboards. -- Peter Fairbrother BTW, m-o-o-t uses a randomised virtual keyboard with TEMPEST (both EM and optical) resistant fonts. It's okay for inputting keys, but it's a hassle for inputting text. Which means that your keys might be safe from keyloggers (both hardware and software), but your plaintext isn't. Sigh. I'm trying to improve it by putting the "senhorita" letters in one block and the rest elsewhere (not for key input obviously), and you do learn where the keys are after a while, but it's still a hassle.
RE: Sealing wax & eKeyboard
Peter Fairbrother (me) wrote (in a different thread): > BTW, m-o-o-t uses a randomised virtual keyboard with (both EM and optical) > TEMPEST resistant fonts. It's okay for inputting keys, but it's a hassle > for inputting text. > > Which means that your keys might be safe from keyloggers (both hardware and > software), but your plaintext isn't. Sigh. I'm trying to improve it by > putting the "senhorita" letters in one block and the rest elsewhere (not for > key input obviously), and you do learn where the keys are after a while, but > it's still a hassle. (senhorita contains the 9 most-commonly-used-in-English letters, tho' not in order) There is another problem - assuming the TEMPEST gear or camera can't see the randomised resistant letters, if it can follow the cursor then it's just a simple substitution cypher to get plaintext (assuming the gear can get clicks). I thought of having a large cursor grid, with resistant symbols on each grid place, and changing the position of the operative symbol every so often - how often? - but I don't know how to get such a large cursor - any ideas? X on OpenBSD preferred. Any better ideas? -- Peter Fairbrother
Re: Defeating Optical Tempest will be easy...
Major Variola (ret) wrote: > At 02:17 AM 7/21/03 +0200, Thomas Shaddack wrote: >> On Sat, 19 Jul 2003, Tyler Durden wrote: >> There is some minuscule proportion of X-rays produced by CRT displays. > > Produced by the ebeam decelerating on the shadow mask, but adsorbed > by the glass. > a_b_sorbed. Absorb is a widely used word meaning 3to drink in, to soak up,2 both literally and figuratively. Adsorb is a specialized technical term, meaning only 3to collect a condensed gas or liquid on a surface.2 The glass of CRT's absorbs so much of the X-rays that it might be hard to detect a signal at all at any distance, but then the signal is not swamped by noise from the not-immediately-illuminated areas, unlike the optical emissions. "0.5 milliroentgens per hour at a distance of five (5) centimeters from any point on the external surface of the receiver" is the US legal limit[*], and low voltage (and thus very low x-ray emission) crt monitors are common now, if not a de-facto standard. However, I expect shot noise to be a limiting factor here. Unfortunately, the Roentgen is such a wierd unit it's not that easy to convert it to photons and do the math! A light background on a CRT screen image will give out enough delayed light to give problems in the s/n ratio of an optical TEMPEST attack. It's much easier to "see" white text on a black background than black text on a white background. I use 180:210:210[**] (r:g:b) text on a 255:255:255 window background at present, with very light wallpaper, though I speckle both slightly. It's a little hard to read, but much better than some other suggested combinations. [*]< Probably far too high for safety! Originally for TV's, where the viewing distance is much higher. But most modern monitors will emit much less than that. I hope! > [**]< I replaced the black in Marcus's anti-em-tempest fonts with 180:210:210, and varied the other colours in proportion. > -- Peter Fairbrother
Re: A 'Funky A.T.M.' Lets You Pay for Purchases Made Online
Tim May wrote: > Some lurker unwilling to comment on the public list sent me this. I > didn't notice it wasn't intended for the list until I had already > written a reply and was preparing to send it. So I have altered the > name. 'Twas meant for the list, I just hit "reply" instead of "reply all" without looking. @lne.com and @minder.net don't set a Reply-To: header, but @einstein.ssz.com does. I don't get any mail from other nodes, if there are any. So some list mail needs a "reply" to get to the list, and some needs a "reply to". Personally I prefer to hit "reply", ie with a Reply-To: header set to the list (confusing, eg!). That way, if I want to reply to the list (which is my default preference) then the sender of the mail I'm replying to doesn't get two copies. But then I use OE... Perhaps @lne.com and @minder.net could do this? Or, if people prefer, @einstein.ssz.com could stop setting the Reply-To: header? Or would having all the nodes do it the same way be too conventional for cypherpunks... -- Peter Fairbrother
Re: [eff-austin] Antispam Bills: Worse Than Spam?
Peter Harkins wrote: > On Tue, Aug 05, 2003 at 07:06:46PM -0700, [EMAIL PROTECTED] wrote: >> The state must protect my freedom of speech. So when I make a claim >> against AOL for conducting a DoS attack against me, the state must >> rule in my favor, or else they are failing to protect my free speech >> rights. > > OK, for anyone who wasn't sure, it's time to stop feeding the trolls. > Troll or not, if AOL censored email in the UK* it would be illegal interception. 2 years for every interception. IMO, that's the only good thing to come from the RIP Act (the one with not-(yet)-implemented GAK). Freedom to do your own thing is great, but what if the baby bells refused to connect you to another baby bell? The benefits of a unified 'phone service are such that legislation prevents baby bells doing that, and most of us would agree with that legislation. IMO, email should be similar. But it don't solve the spam problem :-( -- Peter Fairbrother *They do censor UK email, but they do it in the US. The relevant legal phrase is "public telecommunications service provider", not "common carrier". If you offer a telecomms service (eg email) to the public in the UK then you are a PTSP, and RIPA applies to you. No choice.
Re: Orwell's "Victory" goods come home
J.A. Terranson wrote: > > http://www.cnn.com/2003/ALLPOLITICS/03/11/sprj.irq.fries/index.html > > WASHINGTON (CNN) -- The cafeteria menus in the three House office buildings > changed the name of "french fries" to "freedom fries," in a culinary rebuke > of France stemming from anger over the country's refusal to support the > U.S. position on Iraq. > > Ditto for "french toast," which will be known as "freedom toast." - could actually be subversive - the French are fighting for freedom from 'merkin bullying and attempts at world domination, as much as anything else...
Re: Deniable data storage
Tarapia Tapioco wrote: > James A. Donald ([EMAIL PROTECTED]) wrote on 2003-11-06: >> I want fully deniable information storage -- information >> theoretic deniable, not merely steganographic deniable, for >> stenography can never be wholly secure. Information-theoretic deniability is impossible (or impractical). You can have computationally-bounded secure deniability though. > > So, StegFS is not "deniable enough"? I'm not much of a theory buff, > but it sure sounds nice from the paper... > StegFS (if that's the one Markus Kuhn wrote, there is another program with a similar name which isn't as secure), and the other construction in Ross Anderson, Roger Needham and Adi Shamir's paper [1] are pretty good, at least as good as your outline construction. All hide ciphertext in random data, rather than in eg images, where there is no underlying pattern to the covertext which an adversary can use a better understanding of than the filing system has to extract and identify ciphertext. The moral? - hide ciphertext in random data, not "partly-random" data such as images. You might also want to look at Mnemosyne [2], but I haven't analysed it and have no idea whether it's any good. It also depends on whether your adversary is going to torture you, or take you to Court. There's not a great deal of difference in effect, but a torturer can harm you on suspicion only, whereby a Court can't jail you on suspicion alone but needs, at least in theory, proof beyond reasonable doubt. Getting a bit theoretical now, but still important: Two problems with all these systems are observability and secure deletion. If the database can be continuously observed (eg a NFS-based FS) then an adversary can ask why the SFS was modified. This can be overcome - I'm writing a paper on how to do that right now, but it's not finished yet. Secure deletion is harder - if someone can prove that some data is in the SFS (or, combining this with observability, that some data was at some time in the SFS) then they can demand a key - are you going to remember a zillion different keys/passwords, and what they refer to? If you store them somewhere then they can demand the key to the keys, so to speak. Problematic. I think secure deletion in observable SFS's is impossible, it seems obvious on information grounds - but there also seems to be just a teeny hint of a crack in that proof. I'm working on it. James, you might want to move this to eg the cryptography list if you want more technical answers. Or subject yourself to sci.crypt's abuse, which will at least stop some elementary mistakes. [1] http://www.cl.cam.ac.uk/ftp/users/rja14/sfs3.pdf [2] www.cs.rice.edu/Conferences/IPTPS02/107.pdf -- Peter Fairbrother
Re: Diffie-Hellman question
Thomas Shaddack wrote: > > I have a standard implementation of OpenSSL, with Diffie-Hellman prime in > the SSL certificate. The DH cipher suite is enabled. > > Is it safe to keep one prime there forever, or should I rather > periodically regenerate it? Why? If yes, what's some sane period to do so: > day, week, month? No need. Kinda. The best known discreet logarithm attacks are such that if they succeed in the attack then they can easily apply their solution to anything encrypted with the same prime. A shared prime attracts attacks. Widely used primes can become a big target. These attacks are generally supposed to be beyond capability for the next X zillion years though. Or perhaps for ten years. This might seem garubonsendese in the naive ""it's safe' or 'it's not safe"" crypto paradigm. However, that isn't how crypto works. Cryptanalysis (the revealing of plaintext against the wishes of the encryptor) is an economic activity. No-one will bother putting in enough resources to break your 2k-bit modexp-based crypto unless they think it worthwhile. But if your prime is shared with several other people who are sending nuclear secrets, then your prime might become subject to attack. > If the adversary has a log of a passively intercepted DHE-RSA-AES256-SHA > secured SSL communication, presuming the ephemeral key was correctly > generated and disposed of after the transaction, will the eventual > physical retrieval of the DH prime (and the rest of the certificate) allow > him to decode the captured log? The prime is public - anyone can know it - so it's retrieval won't affect anything. The question I think you are asking is "if the secret key is retrieved, will I lose forward security", to which the answer is "yes". For long-term forward secrecy you need to change the public key every every day or so. Use a long-term key to sign the daily keys. PGP does this. Once you have deleted the day's public key, you are OK (but see belaw!). The ephemeral keys cannot (or should not) be retrive(able)d. (below!) Or perhaps the question you were asking was "if finding DL's mod _this prime_ becomes possible, will I lose forward security?", in which case the answer is "yer fukked" - as are we all - if one prime gets broken, they all will, sooner or later. -- Peter Fairbrother (Who is right now composing a talk about the uses of modexp in crypto, for those far more knowledgeable than I)