Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59
Posted on 19-09-07, 04:58 in Games You Played Today REVENGEANCE
Custom title here

Post: #681 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
It has been brought to my attention that my posts about FF1 may've been excessively aggressive. I thought "you big baby" would be understood as a bit of lighthearted teasing and not actual insults. I didn't ACTUALLY mean "if you don't like FF1, you are a sucking baby."

I just meant that maybe you should play Sailor Moon: Another Story instead, since it is meant for little girls.
...
Actually, don't do that. SM:AS has a difficulty curve as gradual and forgiving as a cliff face made of nitroglycerin crystals. It was created by the same breed of misanthropes that think Castlevania II's map design is in any way REASONABLE.



More seriously, I think complaining about the difficulty of FF1's combat and of resurrection afterwards misses the point of the game. It isn't getting by on the rich and compelling plot or the gorgeous spritework. The combat is intended to be tactical and require engagement on the player's part. Death is supposed to be more than an annoyance(I've actually long thought death carries far too little weight in most RPGs).
Basically, it is a dungeon crawler in the old tradition.


Ironically, the things I think the remakes actually need to fix(aside from bulk-purchase of items) are largely things that, while clearly bugs originally, are now "part of the game" and lovingly recreated in remakes.
Things like the multi-hit bug turning your fighter into a whirling dervish of death by the halfway point of the game, crit rates rising linearly with progress resulting in an explosive increase in damage, and intelligence not affecting spell effectiveness.
...
Ah well, at least they fixed all the broken spells(even if I got good mileage out of "HEL2 restores HP like HEL3 in battles"). And I THINK they fixed the separate inventories for weapons, items, and armor resulting in there being very little space in your pockets to carry around looted armor.

--- In UTF-16, where available. ---
Posted on 19-09-07, 08:30 in Games You Played Today REVENGEANCE
Custom title here

Post: #682 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Posted by DonJon
Posted by CaptainJistuce
It has been brought to my attention that my posts about FF1


for context that was me. bleh no sense in keeping it in PM now i guess...

hard to believe the first game came out like 4 years before i was even born...some of you guys must be approaching 40 then...damn, actually "Birthdays today: Ramsis (40) " so it seems

I used that merely as a lead-in to a more contentful post. It did in fact bring to my attention that I never really articulated WHY Final Fantasy with walkthroughs and auto-targeting seems a pointless endeavor. Only reason I brought it up, is it gave me a valid reason to circle back to the topic. Hence the lack of names or pasting. (I have pasted PMs in public before, but not without reason.)


I threw in the sarcastic aside mostly as an excuse to make fun of the Sailor Moon RPG. Seriously, I have a sister that was a die-hard moonie, I set her up with ZSNES and the rawm. She wound up save-stating after every turn of every battle because it was such an overtly hostile SoB. I have no idea what Bandai was thinking with that one other than "my favorite sound is children crying".
...
In hindsight, it may've been inappropriate for an attempt at not looking like a complete dick. Well, there you go, I'm rolling a one on my social skills checks.




I am 38, for the record. Darn kids, lawn, etc.
But I got my copy of FF1 after my copy of FF3 on the Super Nintendo. I'd had other dungeon crawlers before it, though, so I was kinda comfortable with the idea of playing for the killing. (Mostly Tunnels of Doom quests. My first RPG was ToD's pack-in scenario, Quest for the King)

--- In UTF-16, where available. ---
Posted on 19-09-09, 04:46 in Mozilla, *sigh*
Custom title here

Post: #683 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Posted by sureanem
What's wrong with DNS over HTTPS? Fixing ISP MITM attacks once and for all is a commendable idea. Not allowing hosts file blockers is a shame, but it really would not be a problem if you did your ad blocking like everyone else.

As an option, sure.
As a mandatory thing... ugh. I ALREADY can't use large portions of the internet with older computers solely because modern HTTPS servers require recent encryption standards that old browsers don't support(because Google punishes them for being back-compatible), and those same sites often don't offer an HTTP alternative(because Google punishes them for being back-compatible).

What is even the point of owning an Ultra 10 and a PowerBook 190 if I can't fuck about on the internet with them?

--- In UTF-16, where available. ---
Posted on 19-09-10, 00:02 in Mozilla, *sigh*
Custom title here

Post: #684 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Posted by sureanem
Posted by CaptainJistuce
As an option, sure.
As a mandatory thing... ugh. I ALREADY can't use large portions of the internet with older computers solely because modern HTTPS servers require recent encryption standards that old browsers don't support(because Google punishes them for being back-compatible), and those same sites often don't offer an HTTP alternative(because Google punishes them for being back-compatible).

What is even the point of owning an Ultra 10 and a PowerBook 190 if I can't fuck about on the internet with them?

HTTPS is also a mistake which ought to be thrown out and redone with modern technology.

The whole deal is that it has to be violently killed off - if DNS is allowed to coexist peacefully, what will happen is just that malicious actors will NXDOMAIN the use-application-dns.net record and then filter as usual. This is a golden opportunity in which the financial incentives for once line up with freedom, and it should not be squandered!

Backwards-compatibility is of value.
I don't think that "if someone can't afford a new computer, they should be banned from the internet" is a good attitude, and that's where we're headed. Current versions of Firefox and Chrome won't run on anything older than Windows 7. That ALREADY leaves a lot of people out in the cold. There is nothing wrong with their Vista and XP machines, but browser vendors said we can't use them anymore and websites said we can't use old browsers.
If you want to tell me privacy needs to be aggressively pursued at the cost of breaking existing browsers, you need to make sure that new browsers are available for older systems.


Also, there's a financial incentive to NOT change the DNS infrastructure. ISPs use their status as "your DNS server" to serve ads on failed lookups instead of returning an error. Commercial filter software relies on DNS being transparent.
Hell, commercial interests are trying to sabotage TLS 1.3, because enterprise software relies on flaws in TLS1.2 to do things that were easier to implement without abusing TLS1.2 in the first place.



But this is a completely ham-fisted way of going at things which should never be supported. How is Firefox to know you're using a trusted DNS server? The model of "because I tell it so" has clearly been shown to fail. The matter of fact remains: whether you like it or not, googleads.g.doubleclick.net does resolve to an ad domain, and this is not up to you to decide. There is such a thing as an objective truth, and this should not be interfered with - rather the filtering ought to be done on the level of the user-agent - that which represents the user, unlike the other components. When you bring a device to somewhere which does not implement your censorship, or the regulator decides to DNS block politically sensitive websites, what then?

Treating filtering of content as a supported behavior is a "good intention," and such should fail as violently as possibly.

Sorry, but nope. There ought to exist a mechanism right now to tell my network "this domain is untrusted and nothing on my network should be allowed to connect to it", and... oh, wait, such a mechanism does exist, and it is local DNS entries.

Instead, Firefox and Chrome want to block websites based solely on Google's "dangerous website" list. And we've already seen how THAT works. How much worse will it be when Google has the power to be overtly malicious instead of overtly inept and subtly malicious?

--- In UTF-16, where available. ---
Posted on 19-09-10, 03:03 in Mozilla, *sigh* (revision 2)
Custom title here

Post: #685 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Posted by tomman
The only sites I was able to open were this board (over HTTP) and n-gate (which does not need HTTPS).


Speaking of!
From a diffrent page on the same site...


"DNS over HTTPS - the good, the bad and the ugly
Why, how, when and who gets to control how names are resolved
A webshit will try to convince the audience that replacing other protocols with webshit is healthy and good. "Why" will be answered with "because we want to track you more closely," "how" will be answered with "extremely poorly," "when" will be answered with "as soon as the Chrome team tells you to" and "who gets to control how names are resolved" will of course be "Google." "



Edit: Ah yes. On my main computer now, and am reminded this is the site designed to use Comic Sans if at all possible, just to annoy anyone with Comic Sans installed.
*le sigh*
Also, was his about page ALWAYS that terrible?

--- In UTF-16, where available. ---
Posted on 19-09-10, 04:30 in I have yet to have never seen it all.
Custom title here

Post: #686 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
https://jalopnik.com/jesus-tap-dancing-christ-the-greatest-craigslist-car-5905078

A car ad on Craigslist. It is pretty good.

--- In UTF-16, where available. ---
Posted on 19-09-10, 09:50 in Mozilla, *sigh*
Custom title here

Post: #687 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
"It's easy to disable blocking for sites you trust."

*laughs*

--- In UTF-16, where available. ---
Posted on 19-09-10, 23:51 in Mozilla, *sigh*
Custom title here

Post: #688 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Posted by sureanem
Posted by CaptainJistuce
Backwards-compatibility is of value.
I don't think that "if someone can't afford a new computer, they should be banned from the internet" is a good attitude, and that's where we're headed. Current versions of Firefox and Chrome won't run on anything older than Windows 7. That ALREADY leaves a lot of people out in the cold. There is nothing wrong with their Vista and XP machines, but browser vendors said we can't use them anymore and websites said we can't use old browsers.
If you want to tell me privacy needs to be aggressively pursued at the cost of breaking existing browsers, you need to make sure that new browsers are available for older systems.

Well, while it's regrettable, that is the way things work anyway, so then it only makes sense that this should be made a basic underlying assumption and worked with from there.

I mean, who the hell is too poor to afford anything but a PowerBook 190? Poor people use low-end/used/old smartphones, and they handle the Modern Webâ„¢ just fine.

The Powerbook is a toy I traded a case of beer to a coworker for. I don't genuinely EXPECT it to still be supported, but the main thing keeping it off the net IS security theater, which affects more modern systems too.
Computers which were bought by someone who no longer has the money to upgrade, computers which were handed off to the less-fortunate when someone else upgraded, computers which do everything they need to do fine except that someone decided that security theater requires them being banned from the internet.

The things you can do on the internet with a little pocket computer datatablet are not actually the same as the things you can do with a desktop or laptop computer, unless your use of computers begins and ends at "surfing". Also, vision-impaired people can't see them tiny screens. People with motor disabilities can't touch them tiny screens with remotely the necessary accuracy. "Poor people should just get a cheap smartphone" is not actually a solution.


And you don't just get to say "it's regrettable, but that's how it is" while proselytizing for the changes that MAKE it the way it is.
It is only in the last few years that breaking changes to the internet have become a thing, and they are almost without exception done to give people a false sense of security.



Why does it need to be made sure that newer browsers exist for older systems? In theory, there is nothing preventing anyone from making or backporting a browser if they feel the existing alternatives are inadequate, and in practice, Vista and below are exceedingly rare nowadays - heavy enough of an edge case that anyone using XP as a daily driver certainly knows what they're getting themselves into.

Windows XP has 2.8% market share, which is more than Vista. Hell, it is more than ALL Linux(except Android).
https://www.netmarketshare.com/operating-system-market-share.aspx?options=;{"filter"%3A{"%24and"%3A[{"deviceType"%3A{"%24in"%3A["Desktop%2Flaptop"]}}]}%2C"dateLabel"%3A"Trend"%2C"attributes"%3A"share"%2C"group"%3A"platformVersion"%2C"sort"%3A{"share"%3A-1}%2C"id"%3A"platformsDesktopVersions"%2C"dateInterval"%3A"Monthly"%2C"dateStart"%3A"2018-09"%2C"dateEnd"%3A"2019-08"%2C"segments"%3A"-1000"}

Any argument against supporting Windows XP is also an argument against supporting any non-Windows OS(except Android).


Also, there's a financial incentive to NOT change the DNS infrastructure. ISPs use their status as "your DNS server" to serve ads on failed lookups instead of returning an error. Commercial filter software relies on DNS being transparent.
Hell, commercial interests are trying to sabotage TLS 1.3, because enterprise software relies on flaws in TLS1.2 to do things that were easier to implement without abusing TLS1.2 in the first place.

I won't deny they don't line up 100%, but they're far closer to perfect than they have ever been in the past. ISP money from DNS hijacking and commercial filter software are pennies on the dollar compared to the economic might of CloudFlare/Google.

See also: enterprise usage, ISP backend upgrades.


Sorry, but nope. There ought to exist a mechanism right now to tell my network "this domain is untrusted and nothing on my network should be allowed to connect to it", and... oh, wait, such a mechanism does exist, and it is local DNS entries.

How can Firefox tell it is really you, the user, of which it is the agent, though? Such cases are a hundred to one compared to corporate/national attacks. You could rewrite the sentence as such, and it would still make as much sense;
There ought to exist a mechanism right now to tell my country "this domain is terroristic and nobody in my country should be allowed to connect to it", and... oh, wait, such a mechanism does exist, and it is local DNS entries.

DNS does not exist for the sake of censorship, it exists to provide name resolution - arguing its raison d'etre is that it should exist to do poor name resolution seems like a queer idea.

If such bad actors do concern you, the proper course of action is an IP block.

DNS intentionally provides a multi-tiered system where a local DNS server can override a remote one. It has ALWAYS been intended that you can specify your own name resolution.

Hell, the original DNS implementation was user-side only. HOSTS.TXT, MOTHERFUCKERS!

Instead, Firefox and Chrome want to block websites based solely on Google's "dangerous website" list. And we've already seen how THAT works. How much worse will it be when Google has the power to be overtly malicious instead of overtly inept and subtly malicious?

Google already has the power to be overtly malicious, so there is no scenario in which this changes anything. That Firefox implements their blocklist is regrettable, but as the saying goes, he who pays the piper calls the tune.
With that said, what does Google have to do with DoH? They run 8.8.8.8, and I would imagine they can run a DoH server too, but by my understanding so could I if I were so inclined.

"DNS can be censored, so we need to change the internet so the only way to censor the internet is through Google's blacklist"?


Personally, I think it's a moot point in the long run. For applications requiring privacy, Tor is the only suitable option

Translation: Privacy doesn't exist.

--- In UTF-16, where available. ---
Posted on 19-09-11, 10:49 in Computer Hardware News
Custom title here

Post: #689 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Another day, another Intel processor vulnerability.
This time it only hits Xeons, but it lets attackers copy data from the CPU cache out over the network, using a feature called Data-Direct I/O(DDIO) and Remote Direct Memory Access(RDMA).

RDMA does what it says. It allows one computer to have direct memory access to another computer, instead of simply limiting DMA to peripherals attached to the computer.
And what is DDIO, you ask? It is DMA on steroids. It lets hardware attached to a computer have direct memory access to the processor's cache.




Basically, the conversation went like this...

Security researchers: "DMA is a vulnerability, albeit a very useful one from a performance standpoint. You probably shouldn't just let any random piece of hardware take a DMA channel, certainly not without asking first."

Intel: "But what if DMA could get outside main memory and into the CPU? Wouldn't that give it EVEN BETTER PERFORMANCE?"

Security: "Maybe, but the vulnerability would be far worse."

Intel: "And we could let OTHER COMPUTERS use DMA to talk to each other!"

Security: "That is basically carte blanche to copy secure information from any Xeon system across the fucking internet. Are... are you even listening to us?"

Intel: "DMA EVERYWHERE!"


In short, it is a vulnerability that only exists because Intel is intentionally sacrificing security for performance, and has cranked that knob up to Ludicrous Gibs 11 in the last couple of years.

--- In UTF-16, where available. ---
Posted on 19-09-11, 12:08 in Computer Hardware News
Custom title here

Post: #690 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
I have no problem with DMA within reason.

One computer reaching through the network into another computer's cache is... not within reason.

--- In UTF-16, where available. ---
Posted on 19-09-13, 07:22 in Mozilla, *sigh*
Custom title here

Post: #691 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Posted by sureanem

Well, I get it in theory. But I can't say I know of anyone actually using these extreme legacy devices. The poor people I know either use old Android phones with cracked screens and whatever, or old laptops with the "free" upgrade to Windows 10. To my knowledge, Windows 10 runs on pretty much anything that Vista does, to varying degrees of performance.

And obviously, you know everyone.
I DO know of people using XP machines. Also, Vista was not eligible for a free Win10 upgrade. This is why I have a machine running Vista today. Speaking of browsers vs old computers, I can't run Steam on the Vista box anymore because Chrome doesn't support Vista and Steam uses Chrome for much of the interface.

And you don't just get to say "it's regrettable, but that's how it is" while proselytizing for the changes that MAKE it the way it is.
It is only in the last few years that breaking changes to the internet have become a thing, and they are almost without exception done to give people a false sense of security.

Well, how exactly have these things broken? I wouldn't think it's due to the security theatre. Moore's law is a far more probable explanation. If I want to log in to my bank, doing this in an old browser which doesn't support JavaScript is not possible either.

Moore's law is not why internet development has moved away from backwards-compatibility and graceful failure and on into "require the latest of everything to do anything online".
And exactly how old a browser do you need to get before you find one that doesn't support javascript? Seriously, that was invented by Netscape.

Without DoH, we would still have the problem of "legacy devices are legacy for a reason," so it can hardly be blamed for this development.

Legacy devices are "legacy" because they are no longer for sale. Sometimes not even that. RS-232 is a "legacy port" and it is still in widespread use today.
Find me a genuine reason a device shouldn't be supported beyond "Oh my god, that is, like, soooooo old! Why don't they buy a new computer already?!?!"
The point is that these machines are being artificially kicked off the internet because no one wants to compile a browser for them(solely due to laziness) and internet people no longer believe that compatibility is a good thing.


This includes Micky Mouse places like China and Africa though. If you just look at civilized places it's practically zero. The SHS for instance puts XP at <0.10% while Linux clocks in at 0.80%. Consider that Steam also has a lot of people from those places, and the real ratio probably turns out to be 20 to 1 or something like that.

Oh, it only hurts the blacks and yellows and barely touches real white people? Well that's okay, then!



I would also like to point out that Linux obeys the standards of the web and runs modern browsers, unlike Windows XP, and having your website support Linux often requires no additional effort - good luck running Ubuntu Warty in 2019.

You really don't understand the difference between a web browser and an operating system, do you? XP doesn't NEED to support web standards, because the BROWSER is responsible for that.



DNS intentionally provides a multi-tiered system where a local DNS server can override a remote one. It has ALWAYS been intended that you can specify your own name resolution.

Hell, the original DNS implementation was user-side only. HOSTS.TXT, MOTHERFUCKERS!

Yes, and SMTP was originally intended to be anonymous because that's how post offices worked. That didn't turn out too good and now we're layers and layers of bandaids in, with the end result being that you now have a few 'good' mail providers who authenticate you via cell phone and chuck all the rest's into the spam folder or even kill them silently. Far better then to rip off the bandaid and kill the archaic service that is DNS.

Spam filters that can't be disabled and eat far more real e-mails than they do spam. And are you seriously suggesting that e-mail accounts should require identity verification?


Translation: Privacy doesn't exist.

What do you mean? Tor is plenty private, and many websites which have trouble with clearnet already today find themselves with no other choice but to use it. If censorship/snooping continues it seems as if this development too should continue, but that hardly means privacy is dead.

Right, keep telling yourself that a networking scheme designed by the US government in the twenty-first century is unmonitorable. Whatever helps you sleep.



Let's go through a list of problems with regular HTTP over clearnet
...
* This also goes for whoever runs your network

That's me. And if I want to block a website, I think I'm allowed.
Trufax, my hosts file contains one entry: "facebook.com 192.168.0.1"


This is a feature, not a bug.

This is a catchphrase, not an argument.
Especially since tomman was calling it a flaw, not a bug.


...we should use blockchain...

Said no sane person ever.


DNS-over-TLS is made to be easy to be blocked. Here's what Paul Vixie has to say on the matter:
Posted by Paul Vixie
DoH is an over the top bypass of enterprise and other private networks. But DNS is part of the control plane, and network operators must be able to monitor and filter it. Use DoT, never DoH.

Posted by Paul Vixie
if your network operator is me in any form, then none of those bypasses [VPNs] will work, because i defend my control plane, which includes dns. i think the IETF was way wrong to standardize DoH since not all network operators are malicious -- my enterprise and home nets are examples

Posted by Paul Vixie
That's inverted. A network operators who defends their control plane may be more worried by outside actors than by it's users. Defensive tunneling from my house or work is not in your interest or mine. Don't do it. Esp not by default. Please.

Posted by Paul Vixie
Nope[, DoH is not about protection against untrusted local networks]. DoH will be the default setting for many BYOD, and will mindlessly bypass security policy. Not at all like DoT, which can be filtered by any network operators with ease, to force local resolver use. DoH is a big F.U. to ALL network operators.

Does this sound like a man you trust with making your standards?
I'm not going to call into questions Mr. Vixie's allegiances here, but I will say that if I were tasked with writing satire to make DoT proponents look bad, this is exactly what I would write.

I dunno, he sounds perfectly sane and reasonable to me. There are extremely valid reasons for blocking sites from a network. DoH IS a big F.U. to all network operators.

--- In UTF-16, where available. ---
Posted on 19-09-13, 09:20 in Mozilla, *sigh*
Custom title here

Post: #692 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Posted by Kawa
Posted by CaptainJistuce
Trufax, my hosts file contains one entry: "facebook.com 192.168.0.1"
What, not even "localhost 127.0.0.1"?

Fine, it contains one entry that has been hand-typed.

--- In UTF-16, where available. ---
Posted on 19-09-15, 08:34 in Mozilla, *sigh*
Custom title here

Post: #693 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Posted by sureanem

Also, Hr. Hipp (the SQLite guy) looks really badass in the image on his Wikipedia page, like the villain in an anime series or perhaps a Bond movie.
He looks like Steve Jobs.
...
Wait, that's what you said.




Okay, but seriously... when is the tech industry gonna get over "Jobs wore black turtlenecks so we must too!"? Jobs was an asshole, are you gonna be one too just because he was... wait, don't answer that, I'm happier not knowing.

--- In UTF-16, where available. ---
Posted on 19-09-15, 23:43 in Mozilla, *sigh*
Custom title here

Post: #694 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Posted by sureanem
That the US government made it is not all too relevant here - the purpose was to help their CIA spooks communicate easier with HQ, as well as to facilitate fomenting color revolutions in the second world. To try and put backdoors in it would have been like drilling holes in your gun in case someone else steals it - not exactly ideal.
Navy, actually. Not CIA.
And the point is that if it was actually that secure, they wouldn't have released it to the public.


--- In UTF-16, where available. ---
Posted on 19-09-17, 10:40 in Mozilla, *sigh* (revision 3)
Custom title here

Post: #695 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Posted by sureanem

Posted by CaptainJistuce
Navy, actually. Not CIA.
And the point is that if it was actually that secure, they wouldn't have released it to the public.

Navy made it, but the main beneficiaries inside the US government sure are the CIA.

If the CIA was using it, they would have blocked the public release. Prevent anyone from studying it for potential vulnerabilities, and prevent them from even gaining any insight into how the CIA communicates.
Also, TOR traffic is identifiable and blockable. Therefore, the CIA would not use it if it was public knowledge.


It does not follow. By that line of reasoning AES and the like should have backdoors too since it was standardized by the US government, not to talk about Bitcoin. Historically, the US government's backdoors have only been of the kind that they were damn sure an adversary couldn't exploit, so something of the public/private key kind (e.g. Dual_EC_DRBG) would have been their only choice.

And as for that, it's hardly the dried-and-shut case of "NSA uses their superior cryptography skills to hide invisible backdoors in every single cryptography algorithm freely available on the open market" - people knew something was up even in the early 2000's. IBM got some mystery meat S-boxes for DES from the NSA, and everyone thought they were backdooring it, but they were actually making it more secure:
Controversies arose out of classified design elements, a relatively short key length of the symmetric-key block cipher design, and the involvement of the NSA, nourishing suspicions about a backdoor. Today it is known that the S-boxes that had raised those suspicions were in fact designed by the NSA to actually remove a backdoor they secretly knew (differential cryptanalysis). However, the NSA also ensured that the key size was drastically reduced such that they could break it by brute force attack (the computing power to brute force DES however did not exist in 1975).


(As an aside, it must be a very painful position to be in to have everyone accusing you of introducing backdoors when you were actually trying to help them stay safe but being unable to tell them because you would endanger them)

The government, in a post-9/11 world, is not going to release an open, untracable communication standard into the wild for everyone to use. They don't even want american citizens going unmonitored(and to hell with legality), much less random dudes from Pablochevakia. If your arguments for how great TOR is were accurate, then the release would have been blocked to prevent "the terrorists" from using it.

Do not confuse the 21st century political environment with 1975's.

Also, IBM figured out differential cryptanalysis and selected the substitution boxes to be resistant. The NSA just declared differential cryptanalysis classified so that IBM couldn't release the information about it publicly. Because they wanted to preserve the vulnerability in other encryption schemes.
And then they badgered IBM and the NIST to use shorter keys, so that they could still brute-force DES(the final standard used a longer key than the NSA had requested, but a shorter key than IBM felt was appropriate).
So no, the NSA did NOT make DES better. They made it a little worse, and prevented anyone else in encryption development from knowing about a serious vulnerability for two decades, preserving themselves a way to break into most encryption not developed by IBM.

Note also that DES was only approved for use on unclassified data. Why was it forbidden from use on classified data if not because it was known-vulnerable? The answer, of course, is because the NSA already knew it could be brute-forced by anyone with a sufficient budget, like a major world power's intelligence division. Most assuredly because they were already doing it. Just to figure out if the ruskies could, I'm sure. The NSA would never spy on american citizens.

The US government has realized extreme geopolitical gains from the Internet in general and Tor in particular, and this alone pays for it a thousand times over.

What political gains has the US seen from the public release of TOR?

The US is already an open society, and as such the damage from even perfect cypherpunk-style anonymity is negligible, especially when compared to what that might do to China/Iran/Russia, and what it already has done to a whole host of countries before.

You honestly know nothing about american society or politics.

--- In UTF-16, where available. ---
Posted on 19-09-18, 09:17 in Games You Played Today REVENGEANCE
Custom title here

Post: #696 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Posted by Kawa
Physics engines were a mistake.
At this point, I think it is safe to say that civilization was a mistake.

--- In UTF-16, where available. ---
Posted on 19-09-18, 23:14 in Games You Played Today REVENGEANCE
Custom title here

Post: #697 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Posted by Kawa
Civilization was a perfectly good game. The only mistake was Nuclear Gandhi.
Gandhi knew. No saving the world. Burn it out now.

--- In UTF-16, where available. ---
Posted on 19-09-19, 21:49 in I have yet to have never seen it all.
Custom title here

Post: #698 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Apparently the low cabin pressure in flight causes the gas in your digestive system to expand, making farting a common occurence.

--- In UTF-16, where available. ---
Posted on 19-09-20, 21:09 in delta patching, bsdiff edition
Custom title here

Post: #699 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
What about nsync?

--- In UTF-16, where available. ---
Posted on 19-09-23, 00:15 in Internet numbers bragging thread
Custom title here

Post: #700 of 1164
Since: 10-30-18

Last post: 72 days
Last view: 19 hours
Posted by Kawa
Are you sure you're bragging about the right number here?
I dunno, an 18-inch penis is impressive.

--- In UTF-16, where available. ---
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59
    Main » CaptainJistuce » List of posts
    [Your ad here? Why not!]