|
So what does it actually mean if it is true? They can decrypt messages from themselves on your machine or confirm messages came from them? Hardly seems to matter unless they have a way to deliver a payload to begin with.
|
|
|
|
|
Assume they're sitting right beside you. They see everything. Pick a door.
|
|
|
|
|
I pick the door that leads to an explanation of why this matters. Not to mention this key was discovered in 1999 (See this Wikipedia article[^]), and Microsoft actually did deny the NSA had access to it, contrary to what the article states. It all seems like a bunch of scare tactics with no foundation in reality to me.
|
|
|
|
|
In 1999 the US Gov't would not even admit the NSA existed - aka "No Such Agency"
Question is - is that reg key (and who knows where else it sits) used for a crypto seed - or is it a unique ID....
|
|
|
|
|
Rene Pilon wrote: Question is - is that reg key (and who knows where else it sits) used for a crypto seed - or is it a unique ID.... It's a public key[^], and it's the same on everyone's machine. In short, from my understanding, a public key allows you to do two things:
1. Decrypt data encrypted with the associated private key.
2. Confirm data came from the owner of the private key.
Neither of those is a danger to anyone's computer directly. There could be an issue of what you're decrypting (e.g. spyware of some sort), but then, why bother sending it encrypted if everyone has the key on their machine? The next is using it to confirm something was sent from a specific sender. So at worst, it would confirm some data came from the NSA. Unless there's more to it, e.g. it's open to any incoming internet traffic and will decode and execute arbitrary data, that alone isn't enough to be an obvious threat.
The real things to consider here:
a. Does it actually have anything to do with the NSA? (Seems like it would be a little stupid of them to label it "NSAKEY" if it was supposed to be some secret backdoor. It could easily stand for something like "Null Signing Authority", which would make sense for a test key.)
b. What is that module actually used for? How could it actually allow someone to compromise an entire computer?
c. Would MS actually go along with something like this? Seems a little dangerous to intentionally include any sort of back door, not to mention potential backlash.
|
|
|
|
|
I don't think it's related to a backdoor. I wasn't aware that all win 95 installs had the identical key value for that key.
As per c above - I'm not going to touch that one....
|
|
|
|
|
When people talk about “internet” and “cars” people usually think of internet-connected automobiles for the purposes of infotainment.... Today you can buy an Audi or a Dodge Ram pickup with a wifi hotspot (connected via mobile broadband) and you’ll see similar capabilities from other manufacturers in the next 1-2 years. Internet & software giants like Google (Google Maps now powers Audi nav systems) and Microsoft (Sync infotainment created in conjunction with Ford) have been hard at work to remain at the leading edge of innovation here. But to me infotainment is really just a small part of the internet connected car story. What will ubiquitous connected computing mean for your next automobile?
|
|
|
|
|
Microsoft and Oracle coming together to actually work together[^]? Java and Oracle databases are to gain first class citizenship in Azure Hyper-V.
|
|
|
|
|
did it feel anything like that time with IBM and Microsoft came together to work on a graphical OS?
you want something inspirational??
|
|
|
|
|
No, that time it made sense. MS and IBM locked in a battle to break the other.
|
|
|
|
|
In the nearly fifty years since beginning the book, 'The Art of Computer Programming', that has almost defined computer programming as much as it has defined him, Donald Knuth has received awards including the Kyoto Prize (1996), the Turing Award (1974), and the National Medal of Science (1979). He is an extraordinary man. As well as inventing 'Literate Programming' and writing the most important textbook on programming algorithms, he is also famous for designing and programming one of the most widely-used digital typesetting systems ever, even designing the fonts that went with it. He also pioneered the use of 'Open-source' software. From the art of building software to art of building pipe organs.
|
|
|
|
|
In my review of Get Lamp, the documentary about text adventures, I mentioned that the original Infocom employees believed the market for these games could exist for hundreds of years. After all, the novel is still around today and, despite stiff competition from movies and video games, writing fiction is still a profitable endeavor. Why not interactive fiction? The reality, however, is that since the demise of Infocom in 1989, many people have tried to make interactive fiction into a commercial endeavor. None have been able to figure out how to make the financial side work—until recently. Everything changed with the rise of smartphones and tablets. You are reading a newsletter. There are links above you and below you...
|
|
|
|
|
“All the marketable software has already been written.” That sounds like a true enough statement. How am I going to make any money writing software when all the app ideas have been taken and the established software companies are already controlling the market? What software can I write that will allow me to earn a living? Of course I said this in 1982 when I was mainly doing contract development on Apple ][, CP/M, and the newly popular PC-DOS machines. You don't even need a new idea. Just take an old idea and make it better.
|
|
|
|
|
Jon Masters summarises the goings-on in the Linux kernel community as the 3.9 kernel was being prepared for release. Ongoing development brings with it security headaches, and kernel testing is improved by the Trinity ‘Fuzzer’. A greater focus on malicious or illegal sequences of system calls.
|
|
|
|
|
One of Game Developer's most popular features was our "Dirty Coding Tricks" bit from 2009, where we got devs to open up about some of the ugly hacks they've resorted to in order to make a ship deadline or pass certification. Well, we're back with nine new from-the-trenches stories, including a few unorthodox tricks from other dev disciplines besides programming. So read on, revel in your colleagues' ingenuity, and relax -- because you're not the only one that pulls out a dirty trick under pressure. Even developers resort to cheat codes when the pressure is on.
|
|
|
|
|
AOL has announced the debut of its latest online service --an RSS reader to replace the soon-to-be-defunct Google Reader. The new AOL Reader is a no-frills web app for reading your RSS feeds. There are no mobile apps, but the service does have a tablet-friendly layout for your on-the-go reading. Google Reader goes away next week. How will you follow RSS feeds in the future?
|
|
|
|
|
"I think I'll stop here." This is how, on 23rd of June 1993, Andrew Wiles ended his series of lectures at the Isaac Newton Institute in Cambridge. The applause, so witnesses report, was thunderous: Wiles had just delivered a proof of a result that had haunted mathematicians for over 350 years: Fermat's last theorem. Wiles’ announcement now celebrates its twentieth birthday, but the result itself is linked to maths that is over 2000 years old. Celebrating Andrew Wiles' solution to Fermat's last theorem.
|
|
|
|
|
Terrence Dorsey wrote: I think I'll stop here.
Forrest Gump style!
|
|
|
|
|
Microsoft has added a new security option for those using its Windows Azure cloud service. Administrators can block unauthorized users from accessing virtual machines, Microsoft quietly announced at its TechEd conference in New Orleans earlier this month. The new option lets administrators put Access Control Lists (ACLs) on individual endpoints. By putting the ACLs on endpoints or subnets, administrators can control unauthorized access to virtual machines that are protected behind a firewall but are accessible in the public cloud. Don't leave your ports hanging out in public.
|
|
|
|
|
The product grabbing the headlines is the new Nytro WarpDrive BFH8-3200, a product that for once lives up to the hype in it’s name. This is a full height PCIe3 8x flash storage card that has 3.2TB of usable space, 4.0TB of actual flash for those who want the numbers under the hood. LSI claims a 4.0GBps, not Gbps mind you, sustained throughput for performance, a fairly staggering amount. I recently joked about RAM-as-storage. Well, jokes on me: here it is...
|
|
|
|
|
At a cost of more than all the computers I've bought in my life combined, I think I'll just dream and wait for it to drop price 99% before I invest in one.
|
|
|
|
|
Pretty sure my very first 20MB hard drive cost half again as much as the Mac Plus it upgraded, but yeah, this is another league entirely.
Director of Content Development, The Code Project
|
|
|
|
|
Friday Facebook announced the fix of a bug it said inadvertently exposed the private information of over six million users when Facebook's previously unknown shadow profiles accidentally merged with user accounts in data history record requests. According to Reuters, the data leak spanned a year beginning in 2012. Only the Shadow knows... oh, and everyone else on Facebook.
|
|
|
|
|
Now there's actual large infrastructure to support developers who want to create and publish their Linux games without having to deal with the usual lack of central standard authority themselves. Considering the direction Windows is going, this whole Linux game development thing doesn't seem so pointless after all. Having a multi-platform engine also has the advantage of being able to run games on special and portable devices that have become popular. You can easily adapt your engine to fit more devices when you use libraries that already have multiple versions (like SDL, OpenGL, etc.). It becomes easy to target even niche devices like the Raspberry Pi. Don't like where PC and Xbox gaming are headed? Take a look at Linux.
|
|
|
|
|
From my own experiences from the past few months I'd recommend http://www.sfml-dev.org/[^]
It runs Windows, Linux, Mac.
It's a great little library that is written in C++, but fully supports C, C++, D, Java, Python, Ruby, and .NET. It has support for OpenGL shaders too.
I've heard from the author that the OpenGL type that is on Raspberry Pi might be supported one day too.
.-.
|o,o|
,| _\=/_ .-""-.
||/_/_\_\ /[] _ _\
|_/|(_)|\\ _|_o_LII|_
\._. |\_/|"` |_| ==== |_|
|_|_| ||" || ||
|-|-| ||LI o ||
|_|_| ||'----'||
/_/ \_\ /__| |__\
modified 23-Jun-13 22:24pm.
|
|
|
|