Uncategorized

Q: How hard would it be to find collisions in SHA-1?
A: The reported attacks require an estimated work factor of 2^69 (approximately 590 billion billion) hash computations. While this is well beyond what is currently feasible using a normal computer, this is potentially feasible for attackers who have specialized hardware. For example, with 10,000 custom ASICs that can each perform 2 billion hash operations per second, the attack would take about one year. Computing improvements predicted by Moore ‘s Law will make the attack more practical over time, e.g. making it possible for a wide-spread Internet virus to use compromised computers to mount such attacks as well. Once a collision has been found, additional collisions can be found trivially by concatenating data to the matching messages.

— source

I dunno about everyone else on planet earth, but I feel safe enough with that probability, at least until Independence Day arrives.

Shared from Google Reader

A Stick Figure Guide to the Advanced Encryption Standard (AES)—hubertf’s NetBSD blog

The was strangely enjoyable!

I sneezed and Willow took off, as usual lol. After a while I looked and she wasn’t back on the bed, our the couch, so I started looking all over for her.

Checked under the step stool, in ma’s bedroom, under the dining room table, in the kitchen, the bathroom, next to the couch, on ma’s couch, heck even under the Parakeet! Guess what!!! Willow was under the covers on my bed, and that was the first place I had looked…. even moved the covers! Yet, sure enough when I walked back into the room it was her head looking quizzically at me, as if to say what the heck are you looking for idiot!

Oy vey!

Well, as something that’s been on my eventually to get around deciding; I’ve setup Google Desktop Enterprise Edition on SAL1600.

Earlier during the last reformat, I had opted into trying a newer Windows Desktop Search, yet found it to be just as useless as the old style search technology that had shipped with Windows XP back in 2001 :-(. In point of fact, I would much rather use GNU Find and skip the useless window dressings >_>.

Googles Desktop search, is not what interests me. In fact, nether does Strigi or Beagle – the only search program that would interest me, is a sexy wrapper around GNU Find (or equivalent) that mates it to a easily scriptable plugin system (think customized grepping) that would enable it to be come aware of any program you choose (think searching chats for pidgin, docs in google, news feeds in pan, blah blah) without having to rely upon someone to code it for you—just write a little shell script ;).

So obviously, I’m a power user who learned how to organise file systems very tightly, although I think that will become a mark of the dinosaurs before Windows 11 >_>.

What did attract me to Google Desktop, is the Gadgets system. Right now I have the sidebar up with time and temperature—never turn the TV to the weather channel lol. Since the only use I really have for Windows main panel, is the integrated system tray and clock, I’ve now set the panel to minimal height. I run much to many programs to be able to use a “Taskbar” without feeling like I’m dancing with a cement kimono!

The sidebar from Google Docks is also displaying Calendar & Mail gadgets making my life easier, plus Talk is docked for extra value. Since my desktop is never free of having a command prompt and web browser open, the Win+G shortcut for the search bar doesn’t matter any 8=). Ok, so I’m a whore for tools that speed up my work time instead of increasing it ;).

Intently interesting me, is whether or not the deskutils/google-gadgets port on FreeBSD works reasonably. While Google Talk lacks a version that’ll run on BSD, I don’t need it—since I rely upon Pidgon, and wish I did not need Xfire on the windows machine…. since integration would make life easier. It’s so funny how I actually have a more integrated system under FreeBSD, then Windows <_<.

OSX, KDE, and Vista have made greater emphasis on the desktop widget/gadget concept in recent years, but to me, it is just very much the modern incarnation of the old as gold dockapp.

It’s so funny how new innovation is often an upgrade to the last generations revolution.

Shared from Google Reader

IT Snake Oil, Six Tech Cure-Alls That Went Bunk—Slashdot

As fascinating as it can be, I’m sorry to say that calling AI IT snake oil might be a very fair statement to make…. lol.

The referenced articles on /. are well worth the parse in this case.

Shared from Google Reader

Microsoft Links Malware Rates To Pirated Windows—Slashdot

I’ll believe this when Microsoft releases all versions of Windows as Open Source under the GPL, and only makes a profit by selling support contracts—fat chance of that happenin’ and you can bank on it.

In the past near-decade of using Windows based computers, the machines in my care probably have one of the lowest infections, compared toanyone I know, who is an “Average, gullable, luser”. Do stupid things and your box is trashed, it won’t make a difference whether or not you paid for it.

Hmm, if people are going to start blaming outdated pirated copies of windows for the spread of malicious software: how about Microsoft try ditching the pseudo-worthless WGA garbage and making the Windows and Native APIs more restrictive in what they can tamper with?

Oh yeah, just blame other people, real s.m.r.t. idea.

Shared from Google Reader

Man accidentally ejects himself from plane—The Guardian World News

Oh man, this guy is never going to live that down! Sheesh, how stupid do you have to be not to know what’s going to happen if you yank the ejection rip-cord seated between your legs? Haha, that just sounds so wrong in of it self!

Here’s to narrowly evading the receipt of a Darwin Award, one lucky son of a bitch at a time !!

Shared from Google Reader

Adobe engages Apple in passive aggressive warfare with iPhone’s Flash message—Engadget

Flash player, eat your heart out and die!

database store {
  table tags {          /*
                         * Enumerates all tags in usage
                         */
    id        name;
  }
  table tasks {         /*
                         * Stores data for each todo with
                         * tags being a splitable string.
                         * Three date fields are used, marking
                         * when the item was set, completed, and
                         * a special 'mark' field, for things such
                         * as the do by then or piss off dilemma.
                         */
    id        tags       task       date_set    date_mark    date_done
   
  }
}

Just a simple structured annotation to the SQLite3 schemas that are in my brain at the moment.

Perhaps it would be more effective to encode the tags as a bitmask created from tags.id rows, mmm. The real question I suppose is can I actually insert the atribtrary data I want into an SQLite database and be able to query it without hitting any hard limits. Not that I’m likely to hit any there might be, lol.

I’ve been very busy of late.  By my own calculation, ma is now sucking an additional 2 1/2 hours or more out of every day of my life, just through lunch/dinner prep! Today she also decided it was time for redoing the kitchen and has managed to rattle my nerves accordingly to get what she wants. While I generally like an excuse to work with my hands, I don’t really care much for moving shelves around, along with all the junk on them, let along the priority interrupts that have to be fired later when I am “Done” but there’s still more odds and ends.

A distinguishing feature between me and the rest of my family, I do things myself, they can’t be arsed to do more then coerce someone into doing stuff for them.

The Encapsulated Package Installer (EPI) project was let out of the bag not to long ago, but in a good way; since it’s picked up steam again. In the past couple days I’ve started work on the build system, and filed off several memorandums while refining the standard.

Our build system is being designed with distributed functionality in mind, making it play nicely with jails and machines on a private subnet. The overview I sent in an earlier memo, described a build system so knock out dead dead sexy, it ought to be illegal!

One of the ideas I’ve been mulling over for a while, is ways we can improve the security model used in EPI; after much thought on the various methods, I’ve cooked up a scenario that would allow running the optional scripts without root privileges, while still expressing obtrusive functionality through the EPIL script API in ways that is “To eat your heart out, PBI”. I need to do a bit more study, but I like the idea.

Joy, dinner is ready and I’m not done writing this post yet, courtesy of her royal highnesses interruptions! Sigh, there’s just no way to win.

I managed to spend a portion of the day playing SWAT, maybe 5 or 6 missions worth. At this point in life, it’s one of the few pleasures I get beyond engineering software systems. Oy, there’s no peace to be found here :'(. In just about every action or endeavor, my mother manages to make me feel utterly miserable. It’s like a universal constant… for more years then I care to recall right now.

As far as efforts to consolidate my explosive todo list, I’ve been thinking about setting up some web software on Vectra, for triaging todo’s: the next best thing is Google integration with “Tasks” but I could use something a bit more dedicated. The best software that’s interested me, is one of the hosted apps on SourceForge, but sadly is not yet compatible with the database backend I’ve got to work with atm. Maybe later I’ll find some time to take a look at some webware. I can’t afford to take time to whip up one of my own, to busy cleaning todo’s off …. sigh