i.e. take the money out of it then. Pay researchers the same regardless of number of publications. Cut %30, at least, of the administration of a major research University and use that money to fund research, raise professor pay, and lower undergrad tuition. Then put a block on admin raises unless researchers and professors get an equal % bump.
Then elect better politicians that actually understand at least a little bit of science and how that correlates to bettering society so they're get bills past to fund higher education and research. We've got the money for it, but it's all in bombs at the moment.
No. Engineering is an iterative process. Even if you're 're-writing' everything, you're still not starting again from scratch, rather you're building off your previous approaches.
Fuck that. I live once. One chance to understand as much as I can about the universe I live in. Fuck chasing human value, that's fleeting, anxiety inducing, and utterly insignificant within probably 20 years of your death.
I think you guys are missing the joke. The users experience is with the U.S. health system. Because the stereotype and the parent comments have the implication that doctors from Asia are seen as inferior; the joke being that the U.S. sets a fucking low standard for quality of care.
Yeah because I'm explaining someone else's joke to you. Like it or not some of the comments here are perpetuating that stereotype. It's also a disservice and naive for one to claim that the there isn't that stereotype.
> So naturally if you consider lack of exercise as the natural state of humans, sure it will appear physical activity improve brain function.
I think not wanting to do more work or exert more energy than needed is the natural state of all of nature. Nothing does anything more than what requires the least amount of energy. However since humans are at least somewhat self aware they can 'determine' regular exercise is ultimately less annoying or less energy than being obese, depressed, and with likely more medical problems.
> assert that the US is doing the same thing and therefore we can't complain.
Yeah that's the point. normal people don't want to feel like hypocrites and why whataboutism is effective. Narcists don't suffer from this and so are happy to pass blame.
Will future employers google your SN and see this? What would they think? While you may have a solid argument that many IP laws are poorly written, used, and enforced, brazenly dismissing all of them is not a better position, ethically or practically.
It absolutely is ethically better and practical though however. IP is just information and information is meant to be free. To restrict it behind artificial pay walls is repugnant.
They all do, and in most of them there are obvious errors in processes or rights assignments. It is pretty rare to come across a company that takes the threat from within serious. That's the whole reason Snowden could do what he did and if the NSA gets it wrong then there is a fair chance that your average corporation has faults as well.
History lessons are pertinent to the degree you represent the facts therein accurately. Perhaps this is where the confusion arises. You claim the NSA has computational superiority to crack "whatever they want". If this is true, I posit that such a invention would be available to the private sector as it would represent and contain an immense technological innovation -- and not doing so would be a greater detriment than doing so.
I'm sure I read somewhere a few weeks ago on HN (unsure if article or comments) that if the world's total electricity output were focussed on this one task, and given it would take 0.5 volts to flip one bit, it would take around 20 years to crack an AES key (I forget whether 128 or 256) or 10 years using a quantum computer. those are vague numbers from memory but I think someone actually did the maths. it was mind-bogglingly fascinating if anyone else remembers and could point me in the right direction. wish I had bookmarked it.
Let me try to write a similar explanation in my own words...
Many people have absolutely no idea about how powerful an exponential growth is, and no idea about how large 2^128 and 2^256 are. The security of symmetric cryptography doesn't depend on the "absolute" computational cost of the algorithm - the security is created by the large number of operations alone, so that even if the cost of a single operation is negligible, the system remains secure.
Let's break some symmetric encryption algorithms.
We assume the hardware required to run a decryption routine is as easy as a binary counter, one of the simplest circuits in digital logic - it just counts numbers. (Of course, a real decryption routine requires much more resources, but let's make it infinitesimal for demonstration purpose.) And it takes one picosecond (10^-12) for each count, so the equivalent clock frequency is 1000 GHz. Let's call this machine "Doomsday Counter (TM)". Built by alien technology, this machine costs 1 dollar.
How long does it takes to crack DES (56-bit)? 20 hours. This is what the EFF and distributed.net did in 1999, they used an cracking machine with thousands of ASIC chips and a volunteer team of thousands of PCs. They exposed the U.S. Government's lies about how DES was secure and how it's a threat of nation security. And forced the NIST to start the AES competition for real security. The victory of the first crypto war.
But how long does Doomsday Counter take to crack a 64-bit encryption algorithm? 213 days. It's getting much longer, but it's still doable. If you build 213 Doomsday Counter units, you can crack it within a day. Okay, so now we have 213 of Doomsday Counter machines now and we run it in parallel. And the equivalent total clock frequency is 213,000 GHz, or 213 THz, and it costs 213 dollars (thanks to aliens).
Then, how long does it take for our 213 Doomsday Counters to crack 80-bit encryption - which, in the beginning of this century, still was a reasonable standard of security? 180 years. Oops. Clearly, we need to scale up our operations further. Let's get 1 million (10^6) of these Doomsday Counter, which costs us 1 million dollars, and equivalent to 1,000,000 THz, and try again. Then we are able to crack it within... 14 days.
Then, let's try some serious targets - Triple-DES (112-bit) - three layers of 56-bit DES encryption - which was used as a stop-gap solution when DES was broken but AES was not ready yet. Although it's triple, due to mathematics, it's actually only equilevant to two layers of DES, not three layers, so it's 112-bit. So, how long do it take for our 1 million of Doomsday Counter to crack it?
164,646,653 years.
Clearly, 1 million of Doomsday Counters, each attempting a trillion keys per second is not enough. Let's purchase 165 trillion units of Doomsday Counters. Now it costs 165 trillion dollars, more than the GDP of the entire world combined. And don't forget, even a single unit of Doomsday Counters need alien technology to build. So we finally are able to build a supercomputing center that is able to crack Triple-DES within 365 days.
Now let's do the real challenge - crack AES-128, with 165 trillion units of Doomsday Counters. How long does it take? 65,395 years.
And AES-256?
20,000,000,000,000,000,000,000,000,000,000,000,000,000,000 years.
The end of the story. This is why those people who believe "hardware acceleration" threats the security of symmetric encryption have no idea about how secure symmetric encryption is.
And for our reference, as an indicator of the current level of human technology - what is the most powerful and the most expensive counter the human civilization ever built? The Bitcoin network. The bitcoin miners all over the world currently have a total hashrate of 101,057,457 THz. If all Bitcoin miners are codebreakers (they are not, decryption is more computationally expensive than hashing), its computational power is roughly equivalent to 101 millions of Doomsday Counters, and capable of breaking a 92-bit encryption key within two years, or a 98-bit encryption key within 100 years.
And all we can say is - it's the upper limit of the human civilization. 128-bit encryption is perfectly fine, although we can never be sure about whether AES-128 is really 128-bit, but we have enough confidence to continue using it for a few decades.
Now introduce quantum computers to this picture. All encryption algorithms will be broken, right? No! Quantum computers would not solve hard search problems
instantaneously by simply trying all the possible solutions at once. For quantum computers to solve a problem, the problem must have an exploitable mathematical structure. For example, integer factorization, discrete logarithm over a prime field, discrete logarithm over an elliptic curve - which are 99% of the public key encryption algorithms we deployed today, all have a structure that can be attacked by Shor's algorithm. If the problem size is O(N), Shor's algorithm only takes O(log(N)^3) steps, it makes the computation logarithmically simpler, this is serious - it effectively "linearized" your exponential growth, making quantum computers exponentially faster! For all practical size of the exponent, it will only have a small effect.
But surprisingly, for symmetric encryption, quantum computers doesn't do much at all! Yes, symmetric encryption has an exploitable mathematical structure as well. Grover's algorithm pointed out that, if you need to invert a blackbox function f(x), instead of O(N) of operations, on a quantum computer, you can do it with only O(sqrt(N)) operations. Thus, AES-128 (2^128) becomes AES-64 (2^64), and is vulnerable to quantum computers! Looks like a lot, but it's only a small speedup, simply upgrade AES-128 to AES-256 is enough to fix it, and it only makes the existence system 2x slower, not a lot to defend yourself from a quantum machine.
In the subfield of cryptography known as post-quantum cryptography, almost all major works are related to public key cryptography - for all things you need to worry about a large quantum computer, symmetric encryption is least of what you need to worry.
---
On the flip side, how much resource does it take to store an AES-128 secret key? Two 64-bit integers, or 16 bytes, or 10 English words from a dictionary of 7000 words, or 25 dice rolls of two 6-face dices. How about an AES-256 key? Four 64-bit integers, or 32-bit, or 20 English words, or 50 dice rolls of two 6-face dices. Also, going from 56-bit DES to 128-bit AES, only costs 2.28x more CPU time on your computer. This is the beauty of encryption: A linear increase of resources by the defender corresponding to an exponential increase of resources required by the attacker. So, decrypt a message simply doesn't make sense at all, but hacking (or stealing) your computer does.
This is true, as long as the algorithm itself lives up with its security claim, i.e. "it works as advertised", 128-bit AES really has 2^128 of possibilities to bruteforce, not 2^80 possibilities - which, we can never be sure, and it cannot be proved - but we are fairly confident that any major breakthrough require is extremely unlikely. Also, this is why 256-bit AES is standardized despite 128-bit is already much more than enough - cryptographers are one of the most conservative groups of people. And in fact, AES has already been broken, with its keyspace reduced to 126-bit, not 128-bit - which means, it's keyspace is now only 25% of what it's supposed to be. But if you understand how large 2^126 is, you'll see that it's irrelevant to practical applications.
The most brutal dictators in the world can build guns, bombs, tanks, planes, but they cannot decrypt a message if the key is destroyed, no matter what. It also transcends time - if you have a Commodore 64 in the 80s, you can write a AES-128 encryption routine in MOS 6502 assembly, it will only takes a few hours to encrypt a floppy disk, but the disk still remains secure today, and will remain secure tomorrow against the most powerful government in the world. (unfortunately, most people at that time, did not believe 128-bit encryption was necessary - Diffie and Hellman were the biggest advocate of 128-bit encryption and a vocal critic of the government's 56-bit DES).
"""
For commonly used 1024-bit keys, it would take about a year and cost a "few hundred million dollars" to crack just one of the extremely large prime numbers that form the starting point of a Diffie-Hellman negotiation. But it turns out that only a few primes are commonly used, putting the price well within the NSA's $11 billion-per-year budget dedicated to "groundbreaking cryptanalytic capabilities."
"""
My understanding is that they record encrypted traffic too. They can't read any of it - yet.
But they're betting one day either a security vulnerability will be discovered, or computers will be fast enough to attack the encryption and allow them to read the data. So even though it's unreadable today, it might be in 10 years.
Even 5EB would be a stretch for 2013. 5ZB is flat-out impossible. As another poster points out, that's years' worth of total worldwide drive shipments (most sources put it at less than 1ZB in 2013). Large buyers are further constrained by the fact that their demand can cause price spikes even at much lower percentages of the total. Not even No Such Agency has that kind of budget. The Utah facility also isn't physically big enough for that figure to hold. I work on large storage systems at one of those large buyers, and I've toured one of the several data centers where ours live. NSA's Utah data center looks to be on approximately the same scale, not orders of magnitude bigger. It's further plagued by power problems, which is another constraint on total size.
So I looked into that quote from the NSA director. What was actually said, apparently, was that the center was designed to hold up to 5ZB, not that it actually did. That seems to be a design based on some extremely optimistic assumptions about future drive density, power consumption, and cost. Needless to say, those assumptions were a bit silly at the time and have only seemed more so in retrospect.
For platter or SSD drives, sure. Some forms of magnetic tape storage can get up to 300 TB per cartridge though, which can scale up to petabytes in the right config.
Still ridiculous for information that is worth less and less over time.
300TB per cartridge in 2013? I think 10TB per cartridge was pretty high round then. That's still around half a billion tape cartridges, which are also very slow to read and write from.
Do you have a source for that 100 million figure? It strikes me as awfully low considering how many personal computers must surely exist in the world and how often they'd be replaced without reusing the drives, not even factoring in servers.
I remember hearing a speech by a quantum computing researcher that was primarily funded by the NSA. He included an anecdote about how “they would prefer quantum computing didn’t exist, but if it’s going to exist - they want the first one”.
Not even limited to 'the government'. Improperly sanitized network gear shows up in second-hand markets all around the world. Happened at a former employer of mine and a 'finder' attempted to extort us over it. VPN PSKs on the equipment were still in use in the field (no PFS either, so years of captured content could ostensibly have been decrypted).
Even equipment that appears to have been cleared out is probably hiding secrets in flash. The vendor of the equipment in this case had a separate command to wipe file contents. Deleting files just unlinked them in the flash fs.
Yep, I personally bought a Cisco firewall off of eBay several years ago that still had its entire configuration on it, including the PSKs for several IPSec VPN connections as well as SNMP (v2) communities, weak "type 7" hashes for local user accounts, the shared secrets for a pair of RADIUS servers, and so on.
Pretty much all of them (with the exception of the VPN PSKs) were sufficiently "generic" enough that I was convinced that they weren't device-specific, i.e., they were probably shared across many such devices.
According to the login banner, the firewall came from a casino.
I'm certain that my experience was not a unique one.
This is a claim that has been made about the Total Information Awareness program, its offshoots and, specifically, the NSA's big datacenter that was in the news some years ago: that one of the things the NSA are doing is collecting all the data they can in the hope they can make sense of it later, even I'd they can't now.
It was the breakfast I was planning on eating. It wasn't a grand gesture by any stretch, but it was a lot more than anyone else had done for him that day.
Just 'cause no one less was helping doesn't make you a saint for giving your leftovers. Maybe you can take this as a lesson for next time you're in opportunity to give.
Then elect better politicians that actually understand at least a little bit of science and how that correlates to bettering society so they're get bills past to fund higher education and research. We've got the money for it, but it's all in bombs at the moment.