Decius wrote:
] cerkit wrote:
] ] skullaria wrote:
] ] ] ] At last, the secret of how to make MD5 collisions is
] out!
] ]
] ] It should be noted the article and the related documents
] only
] ] offer a still too slow total collision method. First block
] ] collisions in the neighborhood of two minutes, much faster
] in
] ] that respect then the soon to be released report by Wang on
] ] the subject, but over 80 times slower on second block
] ] collisions. Which is to say a meaningful method has yet to
] be
] ] fielded publicly but will most likely soon be available.
]
] Read the paper. Even at 80 times slower for the second half
] the Russian team reports that their overall time is 3-6 times
] faster and they obtained their first collision in 8 hours on a
] conventional laptop. MD5 is dead as fried chicken.

an 8 hour collision isn't exactly death. it's totally dependant on the application's use of MD5. for instance, PHP uses MD5 inherently as a form of session identification. and it's more likely to expire and be re-issued over the course of 8 hours depending on how carefully implemented it is. so, until we're talking minutes, and not hours to collide completely, the issue is very much still open. i agree its grave is certainly dug, but until they reconcile both of these methods and develop a unified method leveraging the advantages of both, MD5 can still be carefully and safely implemented. theres no reason to believe that process of reconciliation will be instant. as a careful developer though, i never used MD5 for anything. early on, to me, it was somewhat obvious that this would eventually occur.

RE: MD5 collision method published

Nanochick wrote:
] Hijexx wrote:
] ] We at Interz0ne strive to bring you the absolute best
] ] experience while you attend the conference, and we also try
] to
] ] do this where it doesn't empty your wallet in the process.
] But
] ] with trying to bring you the best of the best speakers,
] ] forums, and issues, it does mean expenditures on Interz0ne's
]
] ] part. We regretfully announce that we have to raise the
] ] entrance fee for this year's conference to $50.00 a
] person
] ] for the weekend.
] ]
] ] ...
] ]
] I agree with Hijexx. I see no reason why a con roughly the
] size of PN...possibly even smaller, would need $50. I
] mean...Defcon is $75, and if Interz0ne is $50, then $75 for
] Defcon is starting to look like a good deal. I don't plan on
] attending Interz0ne this year. Granted, I may happen to be
] hanging out at the hotel's bar, to chat with friends I only
] see at cons...but I won't be "going" to the con because 1) I
] think $50 is way too expensive and 2) past grievances with the
] so called "student price" that was suddenly retracted at the
] door last year. If you advertise a student price, then either
] stick to it, or give me a damn good valid reason why the
] "student price" is retracted. When your a student, every
] dollar counts. Anyway, thats my rant for the evening:)

PhreakNIC has had between 300-400 attendees per year for the last three years. I think you can remove the "possibly" qualifier before "even smaller."

One thing that I can shed some light on is the fact that it does indeed cost a good bit of money to throw on an "organized" convention. Trying to find the balance between charging too little and not getting taken to the cleaners is difficult. For the first two years that I ran PhreakNIC, I took a loss. This past year we are left with enough money in the bank to actually pay for some things up front next year. (As opposed to my American Express card being the primary sponsor for PhreakNIC!) Typically convention space in the amount needed for a regional convention is anywhere from $2000-$5000 for a weekend. The need for 24 hour access drives the price up. If you have an established usage pattern for hotel rooms, you can often get that fee significantly dropped or waived altogether, which was our case for PhreakNIC 8. Now add in the price of t-shirts, especially the ones that don't sell. Badges take not only a lot of time, but money, to create. That's why I've taken the approach of trying to have a multi-use item, like the key cases from last year (yes, they were for keys, even though a pack of smokes fits perfectly in there) as the identifying item for the convention. This year's arm band worked out pretty well, too, I think. Anyway, those things cost money. Specifically, about $6500 for PhreakNIC 8, and I didn't pay speakers anything (though they did get a nice little thank you gift of a laptop backpack). That's without me having to pay for meeting space, so I'm sure the costs for interz0ne are way up there.

-Dolemite

RE: Interz0ne 4: *50* BUCKS???

Jello wrote:

] ] is usually doubled by BGW preamps. No one uses
] ] turntables. (If you've ever had to haul hundreds of
] ] pounds of vinyl to a club or a friend's house, then you
] ] understand the impracticality of lugging albums around
] ] the world, not to mention the excess baggage surcharges
] ] airlines will impose.) The DJs who work the Goa raves do
] ] so with cassette or digital audio tape. A trio of Sony
] ] Professional Walkmans or Sony or Aiwa digital audio tape
] ] players are the Goan equivalent to the twin direct-drive
] ] Technics turntables ubiquitous to most nightclubs in the
] ] Western world.
]
] Goa is good

Goa is okay in moderation. I don't know if I could take 8 hours of 4/4 909 kick drum anymore though. You definately need to be stimulated or just plain hyper to dance to it with any longevity. I seem to gravitate towards Breaks these days. A little slower, chunkier and funkier. Maybe that's an artifact of choosing to maintain a natural chemically balanced nervous system these days :) Or I'm getting old...

I find it interesting they use cassettes. A laptop with a 60 gig harddrive could easily store 500 CD's worth of music in MP3 format (taking out about 10 gig for OS and the one app needed, Traktor.) It also seems like beatmatching would be more of a pain with reels of tape. I'm sure the decks have some sort of variable pitch control and they know what #### to FF or RR to though. Then again they could just be playing mix tapes.

If you don't want to lug vinyl and you don't want to play MP3s with their sonic degredation amplified 1000x over, playing WAV's off a hard drive with Traktor seems to be the logical choice. You could still get away with about 80 hours of tracks.

RE: Salon Wanderlust | Raving in Goa

] Plenty of Treo 650 owners were cheesed off that palmOne
] released their new smartphone without support for their
] WiFi SD card.
] They've promised to get around to supporting it
] sooner or later, but you know how impatient those hackers
] can be, and so hot on the heels of his fine work to
] uncripple the Bluetooth on Sprint%u2019s version of the
] Treo 650 so you can use it as a wireless laptop modem,
] "Shadowmite" has figured out a way to hack the
] driver for the SD WiFi card so it'll work with the
] Treo 650, too (the hacked driver is hosted here).
] Hugeness, of course.

Add WiFi to your Treo 650! SD WiFi card drivers hacked - Engadget - www.engadget.com

] The foreign militants are flush with cash, use a highly
] sophisticated code when communicating, travel in small
] groups at night, are disciplined and have access to
] laptop computers, Pakistani military officials say. The
] network has even sent e-mail messages, letters and DVD's
] to Pakistani soldiers fighting in the tribal areas urging
] them not to kill their fellow Muslims on behalf of
] America, according to Western diplomats.

More rumors of sophisticated technology in the hands on Al'Q leadership...

The New York Times - Intelligence: A Hostile Land Foils the Quest for bin Laden

I want to watch High Noon now more then any other time. I've read that its a presidential favorite going back to Ike; the first man who really understood the power of media in politics. Never seen it. Maybe if I can get my hands on a copy I'll make it an election night thing. It would be perfect for TV number three.

Oh yes.. That might be useful background. Watching TV, as much as it does hurt, is best done in concert with other things. I've been desiring the three television setup. Elvis had it, the president has it, I want it. He used to sit in a yellow room watching them with a gun in one hand, and a drink in the other. I have a general idea of what it was that finally made him pop off a round. Elvis that is, not the president. I wonder how much he gestured with the gun.

I don't have the three television setup, but I can fake it to a degree thanks to laptops. I certainly don't have the evil boardroom wall o' tv thing that's been made popular in movies. Almost all of my viewing is done in the kitchen, on a little TV. Its like watching TV in a foxhole. I sat in the same kitchen, watching the same TV, and typing furiously on the same laptop while watching the Iraq war. What a show that was. Several scenes are forever burned into my memory, such as watching the 3rd ID burn across the desert of Iraq in realtime while sitting in my kitchen foxhole listening to River Euphrates. Priceless.

Its been one hell of an election cycle. I've disliked administrations. Hell, that comes naturally. However, I've never actually been scared of one before. I'm glad I can still be surprised. Politics have never been so engaging. Clinton and his dick don't even compare.

This is about the time I'm used to hearing people start complaining about the electoral system. Oh yes, it has its problems sure. At the very least realize that your state does speak for itself in how its elections go, so try not to shit up your section of the fucking union. Ok? That is the way it works. Its your state versus all the others. If you state sucks, its your problem. Its your state. Shutup. (Yes, yes.. Florida. Don't be too hard on them.. They have had a bad year. And don't put too much stock into the whole message from God thing either. If anything, it was just a scream. Could mean anything.)

At the very least, I'm happy to be in Jersey. We seem to have outdone ourselves yet again in brilliantly sucking. Our past few years continue to expose us for the pit of corruption we are, but we continue inventing new ways to get out of it. How America of us. This time around, we have been holding up as a swing state to the very end, even though we all know Jersey will go blue. Being needlessly contentious is our style. Check out those polls. The way scale works here, every one of those bumps represents hundreds of fist fights. I know, I was a participant in one that broke out during the last debate.

I love a good ... [ Read More (0.1k in body) ]

] So, sitting in front of me right now is a notebook very
] similar to the ThinkPad T42 that I reviewed a few weeks
] ago. However, just below the cursor keys is a slim, and
] very unobtrusive fingerprint scanner.

[ If i was gonna get an x86 laptop, it'd be a ThinkPad. If i was paranoid, or consumed by geek fetishism, it'd be this one. -k]

Biometric IBM ThinkPad T42 | The Register

Heh, I gave a talk last week on cryptography at the St. Louis "Gateway Open Technologies Expo." I was a keynote speaker there, along with Rick Berenstein, Chairman of Xandros.

Here's a review from the Missouri Linux Users' Group:

] About this time Elonka Dunin gave an excellent speech on
] classical cryptography, Kryptos, and the solving of
] Cyrillic Projector. If you missed this speech, you have
] my deepest sympathies. Her passion for solving
] inscrutable puzzles infected the crowd to the point where
] Christine finally had to force everyone out of the room
] to set up for Rick's presentation and Rick announced a
] new rule, he will never follow Elonka at a speaking
] engagement, ever!

LOL! I'm flattered. Berenstein was using the analogy that he felt like a guy with a gazoo who was scheduled to go on stage immediately after a rousing performance by the New York Philharmonic playing "Stars and Stripes Forever." ;)

To his credit though, I found Berenstein to be a charming and intelligent man who is a very entertaining speaker, himself. He had many of his own stories, such as the one about how he helped with getting a green card for Linus Torvalds. And Berenstein's talk on Xandros was interesting and informative. I've even now got a fresh new Xandros Linux partition on my laptop. :)

Kryptos & the St. Louis GOTexpo

] But experiments, one using a common laptop and another
] using a prototype Bluetooth "rifle" that captured data
] from a mobile phone a mile away, have demonstrated that
] such attacks aren't so far-fetched.
]
] Then, German researcher Herfurt developed a program
] called Bluebug that could turn certain mobile phones into
] a bug to transmit conversations in the vicinity of the
] device to an attacker's phone

Wired News: Security Cavities Ail Bluetooth

] Someday in the future, once people have stopped giggling
] about how all telephones once were wired to the wall,
] they'll still have trouble containing their laughter
] about laptop computers.

[ Certainly not a new idea at all, and i know lots of people have discussed this stuff at length, from the simple act of having your ~/ on a USB flash drive, all the way to complex schemes like this one, still, it's a promising line of research and i think one which proves to be very interesting... -k]

Virtual project may one day let your work jump from computer to computer without interruption