tag:blogger.com,1999:blog-36966451.comments2022-11-30T02:56:15.691-06:00Steve's StoriesAnonymoushttp://www.blogger.com/profile/03567898327183592826noreply@blogger.comBlogger8125tag:blogger.com,1999:blog-36966451.post-31581743388988883902015-06-08T18:29:11.661-05:002015-06-08T18:29:11.661-05:00HP's machine: yes a big disappointment. But p...HP's machine: yes a big disappointment. But perhaps I should have expected it. If you look at the history of perpendicular magnetic recording (PMR). It was first proved possible back in 1976 and then commercially implemented in 2005. We now have multi-terabyte disks because of it - but it took 30 years of work. Every year the hope was that the manufacturing problems would be solved "in five years." <br /><br />So, defined in 1971, HP showed how memristors could be built in 2008. But that is only when serious work on manufacturing began. So if we need to wait for 30 years for manufacturing solutions to be developed, we won't see them till 2038. <br /><br />Barbara Tuchman defined "folly" as knowing a direction is bad and still going that way. Those spending money at HP, I'm sure, are desperate. They MUST have new billion-dollar products to survive. So wishes replaced rationality. I am sure they evaluated the manufacturing problems at Hynix (who HP asked to make the memristors) and told HP what it would take. HP, I am sure, went with their wishes.Zincmanhttps://www.blogger.com/profile/14626471703323195031noreply@blogger.comtag:blogger.com,1999:blog-36966451.post-33355829460353134562010-12-08T14:09:21.488-06:002010-12-08T14:09:21.488-06:00I read recently that in about two years, mobile co...I read recently that in about two years, mobile computing devices will outnumber "fixed" devices such as laptops and the old tower PC's. These mobile devices are cell phones, pads, and net-books.<br /><br />Microsoft is doing terrible in this arena. That's encouraging, because it opens competition. Plus I think Microsoft sucks, but that's just personal. If you have lots of Microsoft stock, you might consider selling pretty soon.<br /><br />I loaded ChromeOS (the operating system that includes the Chrome browser) onto a little Dell Mini 9 net book a couple of months ago. That was, of course, before the recent announcement of the new Chrome and of the app store. <br /><br />Still, it has the basics: email (I use Gmail), office applications (Google Docs, spreadsheet, presentations, and lots of other office stuff), and a lot of other applications. The office applications are useful for almost anything you want to do at home. They're useful for businesses who don't need to produce highly formatted documents such as books, proposals, and glossies. <br /><br />The new Google net-book is supposed to be out in a few months. <br /><br />At the same time, I upgraded a couple of machines to the newest Ubuntu release - using their Ubuntu Netbook Edition. Very nice as well. It's the most recent Ubuntu (10.10), but the desktop is an alternate format - more suited to a net-book. Nicely done: easy to use, pretty, and fast.<br /><br />I suspect the Ubuntu Netbook Edition will eventually be a competitor to Google's ChromeOS. A hardware developer (Dell, Samsung, HP, etc.) might pick this to differentiate themselves from the competition. And ... Chrome (the browser) runs on this. So you get the whole Google NetApp universe.<br /><br />Zincman is Roy Kimbrell<br />Regards all<br />RoyZincmanhttps://www.blogger.com/profile/14626471703323195031noreply@blogger.comtag:blogger.com,1999:blog-36966451.post-15529554470562610602010-11-23T10:35:54.730-06:002010-11-23T10:35:54.730-06:00Yeah, Hagel is the real deal.
One of my key crite...Yeah, Hagel is the real deal.<br /><br />One of my key criteria for supporting somebody is this: Are they the real deal? I care less about their politics than their sincerity and thoughtfulness. I guess that sort of makes me an Independent.<br /><br />Take Sam Brownback of Kansas. I violently disagree with many of his social values, but I like his reasonableness on everything else. I use to think he was an idiot, but now I think he's okay. Ditto for Lindsay Graham of South Carolina.<br /><br />I think Chuck Hagel still has a future ahead of him on the world stage of policy-making.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-36966451.post-38873793984372115912010-11-19T16:23:12.271-06:002010-11-19T16:23:12.271-06:00John Stewart (Comedy Central) has had a lot to say...John Stewart (Comedy Central) has had a lot to say about the new GOP. (I get most of my political news from John Steward and the rest from Stephen Colbert.) Some of the GOP actions are good - some are just the same old crap. <br /><br />I find myself wishing for republicans like Chuck Hagel. He was a guy I could trust. Shortly after he had been elected to the Senate, I was trapped next to him on a Friday Midwest Express flight back from Washington to Omaha. I had congratulated him on his winning the election and asked, "What's up, now? Like all freshman senators he had been assigned to a boring committee. This one was dealing with a treaty concerning markings of chemical exports. He knew all about it - and was able to talk intelligently about the pros and cons of various schemes for two hours. He had done his homework. <br /><br />I respect that. I respected his intent to do the right thing and to work for it. <br /><br />Unfortunately a lot of senators don't do this.<br /><br />I want a senator I can trust to work hard and try to do the right thing - even if I don't agree with him or her.Zincmanhttps://www.blogger.com/profile/14626471703323195031noreply@blogger.comtag:blogger.com,1999:blog-36966451.post-60990638738118144232010-11-19T12:39:32.131-06:002010-11-19T12:39:32.131-06:00As a conservative who's been ashamed to use th...As a conservative who's been ashamed to use that label for years, based on what it has come to represent, I couldn't be happier. (Well, I'd be happier if the civil discourse was actually coming up in Congress and leading to reasonable, timely legislation... but one step at a time.)Anonymoushttps://www.blogger.com/profile/12847814120352699164noreply@blogger.comtag:blogger.com,1999:blog-36966451.post-25832533388699869362010-08-27T15:13:35.827-05:002010-08-27T15:13:35.827-05:00Oh, dear, I did not mean to say that FPE is crummy...Oh, dear, I did not mean to say that FPE is crummy. What I mean is that not all the ways end-to-end encryption is being done are good. My apologies. I actually have read the FPE spec, find it interesting, and have lots of respect for the authors. I look forward to either ASC X9F1 or NIST CRC approving it.<br /><br />Thanks for pointing out the mistake in my entropy calculation. I did that awhile ago and just pull the number from memory. Shame on me - I should have done the math. :O)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-36966451.post-1045641075289988392010-08-27T13:42:06.751-05:002010-08-27T13:42:06.751-05:00Sid,
It's definitely true that cryptography i...Sid,<br /><br />It's definitely true that cryptography is hard, but I think you've mischaracterized the strength of FPE here. As you said, the previous Storefront BackTalk post did ruffle feathers, but it did so because (as the author acknowledged), it contained some incorrect assertions about how encryption works. Walt had some good points, but equating cipher strength to the entropy available in the plaintext is just not correct. Ciphers are designed to handle these cases without losing strength or revealing key bits.<br /><br />What you describe as XORing a random value with the PAN before encrypting is essentially creating a mode with an IV value that randomizes the encryption process. The XOR process is essentially the same process used by Cipher Block Chaining (CBC) mode, and has the randomizing effect. (Note that it does NOT double the key strength of the cipher, or at least I'm not aware of any proof that shows that these XORed bits contribute in the same way as cipher key bits.)<br /><br />(As a side note, your computation of the entropy in a PAN is off. 16 decimal digits = 10^16, which is approximately 2^57, so there are about 57 bits of entropy in a PAN. The presence of a Luhn digit cuts this down by somewhat less than 3 bits.)<br /><br />Regardless, in situations where there is minimal plaintext entropy, it can be important to randomize the encryption process, so that identical ciphertexts do not reveal that the plaintexts are identical. The FPE mode under consideration (FFX) contains a tweak parameter that has exactly that effect. THe algorithm can be supplied with random bits that will randomize the encryption algorithm in exactly the same way as an IV.<br /><br />Calling FPE "crummy" ignores the work that has gone into this mode. The FFX design leverages research into provably secure cipher design that dates back to the mid-80s, and uses an internal structure that has been scrutinized by the crypto community since the 1970s. The BPS mode proposed by an independent set of French cryptographers comes to the same conclusions, and uses the same internal structure.<br /><br />While the standardization process has not proceeded as fast one might like, this mode is under active consideration at a number of bodies, including X9F1, the cryptographic tools subcommittee of X9F.Terence Spiesnoreply@blogger.comtag:blogger.com,1999:blog-36966451.post-26201846077741030372010-07-16T09:48:57.209-05:002010-07-16T09:48:57.209-05:00One tip I've read is to have a core, strong pa...One tip I've read is to have a core, strong password, and append something like the first 3 letters of the domain you're logging into. Some system you can remember, anyway.<br /><br />Not sure if that adds a huge amount of security, and I like your tiered password setup.Anonymoushttps://www.blogger.com/profile/12847814120352699164noreply@blogger.com