Slashback: Flashmob, Currency, Verification 218
Reminder of your scheduled spontaneous appointment. Zero_K writes "As previously posted on Slashdot and the NY Times, the University of San Francisco's, Computer Science department is building a 'flash mob' supercomputer on April 3rd. On their newly updated official web-site (Main Site, ISO's) the team has now posted the ISO image of their custom morphix that will be used to boot all the computers into the cluster, documentation is on the website (under 'downloads') and on the CD (index.html). I personally plan on downloading and testing this ISO tonight. And after the cluster is taken off line, there will be a massive LAN PARTY (Possibly one of the biggest in San Francisco...) On a 10-Gigabit LAN...Oh sweetness ... So if you are in or around the SF Bay Area on April 3rd, be sure to sign up and bring your laptop or desktop to campus and help make history."
Whaddya mean, "no pun intended"? Rudiger writes "After the dust (no pun intended) has settled around the whole Operation Dust Bunny thing, McAfee updates their signature database classifying Dust Bunny as an application. To be more specific: 'This program is detected as a "potentially unwanted application."' They also say 'This is not a virus or trojan.' Should we leave it to the experts this time?"
Would you read Atlas Shrugged on this screen? An anonymous reader writes "The so-called 'electronic paper,' being a high-clarity monochrome display to become a foundation for comfortable and inexpensive 'electronic papers,' has finally shown its face. The new electronic paper, which looks a bit like an iPod, has 10MB memory, keyboard, Memory Stick PRO slot, voice recorder, speaker, and headphones output, and USB2.0 interface."
(We mentioned the device yesterday, but this link provides better images of it.)
Now they're Pragmatic Publishers as well -- much success! AndyHunt writes "As you may have heard, the Pragmatic Programmers have started their own publishing company (see Slashdot reviews here and here). We've just signed our first outside author: Mike Clark, editor of the JUnit FAQ and developer of JUnitPerf and JDepend. He'll be writing the eagerly-anticipated Pragmatic Project Automation book, the third volume in our Jolt Productivity award-winning series."
Exactly how many bits, Ma'am? And in what order, did you say? jlcooke writes "Two months (almost to the day) after getting slashdotted for an innocent post to sci.crypt - the MD5CRK project has launched. The aim is to get the thousands of applications and websites to drop MD5 for SHA-1 or SHA-256 by finding a counter-example of a security requirement in MD5. Press Release is here."
How to take criticism, by example. slashdot_commentator writes "Eric S. Raymond has recently written a wonderful piece explaining to the Linux zealot why it may not be the operating system of choice of all users. (Or what user aspects open source developers need to focus on to further Linux World Domination.) The op-ed specifically focuses on the CUPS printing system. (But it would be a mistake to dismiss it as a screed against CUPS.) The CUPS authors surprisingly acknowledged ESR's points, and he wrote a followup to the article."
Hitting them where it figuratively hurts. Ian Wilson writes with a followup to the Slashdot post earlier this month on "website thieves stealing content and designs from others, taken from silicon.com. Well, now silicon.com is reporting that it has contacted the offending site's advertisers and forced them to stop paying ad revenues - thus effectively crippling the illegal site - after all, no revenue, no reason to the run the site."
Express your appreciation with PizzaPal. Chuck writes "After you guys published the article on $20 bills exploding when microwaved, a co-worker of mine went to put his soup in the microwave and found a $20 bill in it. Too bad it was an older one, but someone around the office must have left it in there after reading your article. The co-worker then took me out to lunch. Thanks, Slashdot!"
Flash-mod? (Score:4, Funny)
Re:Flash-mod? (Score:2)
Microwave... (Score:5, Funny)
Re:Microwave... (Score:5, Funny)
Don't forget to point out to them for the best results, they need to use a large wad of cash, preferably > $1,000, rather than a solitary $20.
McAfee problems... (Score:5, Interesting)
Bit Torrent is spyware?
Yet another reason for me to hate McAfee.
Re:McAfee problems... (Score:3, Insightful)
Re:McAfee problems... (Score:2)
Uninstall it? I certainly intend to... any suggestions for a really good one that doesn't screw its customers, use ungodly amounts of memory, and still does its job?
Re:McAfee problems... (Score:3, Interesting)
Re:McAfee problems... (Score:4, Interesting)
They're also beta-testing a Linux A/V client, they actually FIX BUGS when people post them to their forum, and all-in-all a few of the other A/V companies could learn from them when it comes to ease-of-use, auto-updating, and product support...
Re:McAfee problems... (Score:2)
Re:McAfee problems... (Score:4, Informative)
http://fileforum.betanews.com/detail.php3?fi
Antivir
http://www.fileforum.com/detail.php3?f
Just use a throw-away mail account to register.
Re:McAfee problems... (Score:2)
Re:McAfee problems... (Score:3, Interesting)
Re:McAfee problems... (Score:2)
Re:McAfee problems... (Score:2)
anti-virus?
why on earth would I need one of those, i use an operating system
Re:McAfee problems... (Score:5, Interesting)
Further, make sure you download the Official client from the Official site. Suprnova has been purposely running a banner ad for a couple of months now for a BT 3.3 client that IS laden with spyware.
Re:McAfee problems... (Score:3, Interesting)
How do you know it isn't? (Score:3, Interesting)
Not a flame or anything, but did you check the source for the Bittorrent client you downloaded? SpywareInfo [spywareinfo.com] shows there is a Bittorent client floating away with an infection of spyware.
Just for grins, I checked my machine and McAfee ( Virusscan Enterprise 7.0.0, virus defs 4341) didn't complain about ABC [Yet Another Bittorrent Client] 2.6.5 being on my machine. (Nor did AdAware 6.0.) So McAfee doesn't go after all Bittorrent clients.
Re:How do you know it isn't? (Score:2)
Re:McAfee problems... (Score:2)
The official bittoreent client [bitconjurer.org] and the popular variations like abc [sourceforge.net] and shadows [bittornado.com] are not spyware but there are a few around that have adware/spyware added. It's open source, opportunists are free to do that sort of thing.
You may have mispelled when searching like the people who end up at the fake site kazza.com instead of kazaa.com
Electronic Paper (Score:5, Insightful)
Re:Electronic Paper (Score:2)
Re:Electronic Paper (Score:2)
So that gives us roughly 10 * 500 / 512 = 10 books, more or less.
10 books is more than enough for casual reading, assuming that I can easily move books on and off the eBook via a jukebox-style application. The only problem I can see is someone who carries a lot of texts around for reference. Say, a programmer who has several long programming language reference books or a student who carries around all of their co
Re:Electronic Paper (Score:2)
Assuming only a book a week, one could read 500 in a little less than ten years.
And frankly, a book a week is a bit low; I'd say double that is probably my average speed, and I'd expect higher numbers for persons still in school.
Admittedly, the two books I've read this week were both books I'd read before, and I am inclined to re-read old favorites.
Still, I'm sure that I own at least 500 books -- and while noting a lot of that is paperback fiction, I'd also guess
Re:Electronic Paper (Score:2)
They let their local library do it for them.
But then I'm lucky enough to live a block away from a branch of the local metropolitan library and two miles from a large university so I tend to keep my personal shelves filled with the expensive tech books that I need moment to moment and let the city and the university handle the rest.
Re:Electronic Paper (Score:2)
Unless they're forgetful like me. I used to check out a dozen books every few weeks from the library, until I realized that it was more cost-effective to just buy used books rather than pay the inevitable fines -- and this way, I get to keep the books. By this point, I've got enough that I never have to worry about running out of things to read; even at my typical rate of three or four books a week, books I've read before seem fresh by the time I get back to t
Re:Electronic Paper (Score:2, Funny)
Do editions of Playboy count?
Re:Electronic Paper (Score:2)
Re:Electronic Paper (Score:2)
You'd be surprised. I've read about 8000-9000 books and still manage to average one or two a day even with working full-time and posting on slashdot. (Ok, sometimes the posting overlapps with the working full-time...)
I also run several book [vacationbookreview.com] review [health-issue-books.com] websites [booksunderreview.com], so may not be a typical example.
Of course, I tend to read in the bath (showers don't work as well), while eating, while exercising, pretty much anytime my mind doesn't have something else to think about.
That being said, I hate reading books on a compu
Eh? (Score:5, Funny)
He found a $20 bill in his soup?
Re:Eh? (Score:5, Funny)
Re:Eh? (Score:2)
Dustbunny.... (Score:3, Funny)
--
Live updates from Slickdeals, Tech Bargains, Bens Bargains, Got|Apex, etc.. [dealsites.net]
"Waiter, there's a $20 in my soup!" (Score:2, Redundant)
md5 is weak? (Score:5, Funny)
At least it's not production yet, so I can switch it over.
See? This is why my bosses should let me read Slashdot at work.
Re:md5 is weak? (Score:4, Insightful)
But why did you bother reimplementing it? There are loads of free, public domain implementations, unless you are working in some fringe language (no shame in that).
E-paper (Score:4, Interesting)
If they can do that, make notes using handwriting easy (no recognition required), I'd love that...
But I bet the main opponents to this would be book publishers who charge exhorbiant amounts for "new editions" where hardly anything was changed. oh well.
So then what... (Score:2, Insightful)
Re:So then what... (Score:5, Informative)
SHA1, which you can use via the sha1sum command in the GNU core utilities, probably already installed on most Linux systems.
wanna outsource the SF lan party? (Score:5, Insightful)
Jokes apart, i'd really like to fly down to USA top be a part of the lan party and see how those guys manage things.Its one thing to have a lan party with 100 ppl but using up complete subnets is one different league!
I love this guy! (Score:4, Insightful)
The point is that, unlike a command tool for techies that should give them lots of choices, the goal of a GUI is to present the user with as few decision points as possible.
Remember the Macintosh dictum that the user should never have to tell the machine anything that it knows or can deduce for itself.
this is as clueful as it gets. Most app designers should heed him
Re:I love this guy! (Score:2)
Re:I love this guy! (Score:3, Insightful)
However, it's equally as import to still allow experienced users to bypass any settings with whatever they feel, because try as we might to code perfect autodection routines, there will be times when it is wrong and the user will know better. Bury it behind an "advanced" button or some such, but don't blindly assume the autodection can't possibly be w
The luxury of ignorance (Score:5, Insightful)
I see this every single day. The open source community (as it were) is full of people who want to use and like operating systems like Linux and BSD but are just too fucking afraid of even uttering anything that might reveal their ignorance (and I don't use that word in a negative sense) of whatever it it they're trying to accomplish with their computers.
Slashdot and USENET are full of endless threads about how easy it is to do this-or-that and if you haven't figured it out you must be supremely stupid and lazy. "What, you want it in a fucking silver plate?". Normal people (the ones not buying into open source right now) are petrified at this. They eventually either figure out how to do it ($deity bless Google) or just give up.
Without gross generalizations of course, I can't claim that everyone is this way. But there seems to be a troubling majority of zealots who are just so fantastically out there in their claims that [insert technology here] is so easy to use that even a "brain dead Windoze luser" must be able to figure it out, so they just cannot figure out why everyone hasn't dumped "M$". I mean, it's all so easy and efortless.
Maybe this will indeed be a wake up call for everyone.
Re:The luxury of ignorance (Score:3, Insightful)
So to tar all OSS with the same brush seems pointless and counter productive.
Re:The luxury of ignorance (Score:2, Interesting)
There are so many little things that cripple non-expert users in Linux. Just off the top of my head, on RH9/GNOME, inserting a CD-ROM brings up a dialog that reads
Or something like that. I mean, c'mon. If I wanted that I'd be running fwwm or something. Do I want to "mount" "/dev/cdrom"? How the hell should I know?? Or even better, try ins
Re:The luxury of ignorance (Score:2)
A very nice example. I guess I'm saying that having read both ERS' articles I came away thinking GNU/Linux and associated FOSS products have totally unusable UIs (and are by implication "not yet ready for the desktop", blah blah). This, in my experience and observation of non GNU/Linux users using that OS, is clearly overstating the case.
Distributions obviously vary and therefore YMMV too.
Re:The luxury of ignorance (Score:2)
In FC1 at least (thought RH9 did too), it is automagically detected and mounted (if it is a data CD), played (if it is audio), or brings up the CD-burning view of Nautilus (if the CD is unwritten).
Similarily, installing a TrueType font now can be done by dragging it to the font settings window, byt dragging it to the Font view of Nautilus, or by moving it to your
Re:The luxury of ignorance (Score:2)
So his rant is in a sense accurate but misleading. And your post does more or less the same, for although it is true that there are far too many elitists out there, there are in my experience more good people willing to help, and
Re:The luxury of ignorance (Score:2)
Apparently you aren't aware that MacOS X uses CUPS. It has a wonderful GUI that conceals the technical details beneath the candy colored Aqua shell.
Re:The luxury of ignorance (Score:5, Insightful)
Another big problem with UI design in general is that when things go wrong, there is a tendancy to blame the user instead of the software. "You should have clicked this other button" or "You should have seen this option" or the ever-popular "You should have read the manual". This attitude is not restricted to open-source software developers; you see it everywhere. The fact of the matter is, if one person makes a stupid mistake, it's quite likely that other people will too, so you should account for it in your design no matter how stupid the mistake seems. If you want a good user interface, you have to make sure that even the stupidest mistakes people make are accounted for in your design. The attitude you need to have to design a good UI is: _every_ mistake a user makes is entirely the fault of the interface, because a truly good interface would either eliminate the possibility of making a mistake or at least be smart enough to indicate that you're making a mistake. Obviously it's not possible to meet this ideal, but a lot can be done to eliminate most mistakes users make. On-the-fly spell/grammar checking is a good example of this philosophy.
Wow.. (Score:4, Interesting)
Finding 1 MD5 collision does break the system... (Score:3, Insightful)
To really destroy MD5, you need to either be able to reverse the plaintext from the hash, or build a lookup table where you can get the plaintext from the hash.
Both of these seem infeasible, especially the lookup table, so things like Paypal using MD5, which the web site uses as an example, doesn't seem quite true.
Re:Finding 1 MD5 collision does break the system.. (Score:2)
To really destroy MD5, you need to either be able to reverse the plaintext from the hash, or build a lookup table where you can get the plaintext from the hash.
Exactly which plain text are you finding, there are (for he purposes of this at least) an infinite number of plain texts for each MD5 hash.
Re:Finding 1 MD5 collision does break the system.. (Score:4, Insightful)
Re:Finding 1 MD5 collision does break the system.. (Score:3, Informative)
Peachy. Where were you going to put the lookup table for that? 2^81920 is on the order of 10^25000. If you could store one of those documents on an atom (attach it with a little dab of glue, okay?) you'd have enough plaintext documents for every atom in this universe...and for every atom to have its own universe of attached atoms...and still have enough document
Re:Finding 1 MD5 collision does break the system.. (Score:4, Insightful)
Re:Finding 1 MD5 collision does break the system.. (Score:2)
Except that SHA-256 was developed by the NSA, which means it may have been designed with some intentional obscure "shortcut" that could be exploited by the NSA. The SHA message digest functions have been scrutinized quite heavily, though, so it seems unlikely in my humble opinion.
Re:Finding 1 MD5 collision does break the system.. (Score:2, Insightful)
THE plaintext? Firstly, there cannot be only one plaintext. By the pigeonhole principle, a few byte sum cannot be unique for all multi-megabyte texts.
Besides, if that were possible, MD5 would not be destroyed; it would become the world's best compression.
$400 book!!! (Score:3, Insightful)
for a 7.5" by 5" device with 800x600 4-tone grayscale and 10 megs they want how much??? Damn thing probably doesn't even have a decent processor, can't do 1/10th the things a 5 yr old Palm could do and they're charging $400?!? Did I warp back to 1984? Sure it's not a Mac?
Let Dell copy it and sell them for $149.
Re:$400 book!!! (Score:2)
Re:$400 book!!! (Score:2)
decided to do a little math... assuming your device uses two AA batteries that's roughly 5.4 watts (right? two 1.5v AA @ 1800mAh each?). Most people pay less than 10 cents for a kilowatt/hr, so that's charging the batteries 185 times for less than 10 cents.
Let's assume you get 4 hours of battery life from your device (although the last PDAs to use AAs, the Palms, usually got 20+ hours), and you
Proprietary form (Score:3, Insightful)
Apart from this, does it support any other format? I'd love to have something like this to read the countless PDF and HTML books I have, but if I had to buy them again in BBeB format, it's not quite as cool.
Re:Proprietary form (Score:2)
Drop MD5? No. It depends on the intended use. (Score:5, Informative)
Now, cryptographically, MD5 does not have the same "strength" as the SHA256. If you want to prevent tampering, you should most certainly switch to an SHA. But to just check the validity of a large block of data (such that a mere CRC doesn't suffice), MD5 works beautifully.
Additionally, I would point out to those who seem to believe finding a single MD5 collision would invalidate the whole algorithm - BS. For SHA256, going though every possible 257 bit block, you can guarantee a collision. For any hashing algorithm, that will hold true. I don't care if someone came up with a quantum hash (pulled from my posterior, since quantum-blah seems like the word of the day for magical guarantees of computational perfection), you'll still have at least one collision in N+1 bits, where the hash generates N bits.
So can we drop the SHA elitism that seems to have infected people lately? If you want to waste time in your code, go right ahead. But don't fault those of us who actually understand that, outside the realm of hard cryptography, MD5 more than suffices as an all around good hashing algorithm.
Re:Drop MD5? No. It depends on the intended use. (Score:2, Informative)
Run this command:
openssl speed md5 sha1
I get:
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
md5 13426.71k 46361.18k 124663.83k 222340.64k 286203
Re:Drop MD5? No. It depends on the intended use. (Score:2)
By the numbers you gave (which running the suggested test on my own system more-or-less supported), for more than 16 byte blocks (ie, anywhere you'd use it, otherwise the idea of a "hash" doesn't mean a whole lot), MD5 performs roughly twice as fast as SHA-1.
I do not consider that insignificant. Perhaps not enough of a difference to matter in most cases, but why make a program slower for n
Re:Drop MD5? No. It depends on the intended use. (Score:2)
Phillip.
Error in MD5CRK assumptions (Score:4, Informative)
That is an incorrect assumption. The fundamental requirement is: It is hard (next to impossible) to find two inputs which produce the same digest (and still make sense
The message digest is usually shorter than the message, so this means that the digest contains less "information" that the message. Which means there will be more than one message for the same digest. This loss of "information" means also that you cant reverse a hash to get the original message and be 100% certain you have the right message. There is an infinite number of messages that produce that hash.
Slashdot that distributed computing team! (Score:2)
Join! [md5crk.com]
of course there are MD5 collisions! (Score:5, Informative)
Are the MD5CRK folks trolling, smoking crack, or just not explaining themselves very well?
They "aim to disprove one of the fundamental requirements of a secure message digest: No two inputs can be found which produce the same digest - this is also known as a collision."
MD5 gives a 128-bit digest. There are more than 2^128 possible messages. Of course there are collisions. What MD5 claims is that the difficulty of coming up with two messages having the same message digest is on the order of 2^64 operations, and that the difficulty of coming up with any message having a given message digest is on the order of 2^128 operations. [faqs.org]
No digest algorithm can claim to be free of collisions; they are many-to-one mappings.
ESR's strange idea... (Score:2)
I mean, if the Windows print servers are local, and you can see the broadcasts, or you use SL
The Insanity of Blind Autoconfiguration. (Score:4, Interesting)
My comments on the slashback stories mentioned... (Score:2, Funny)
-Duh!
-huh?
-Whoa!
Please feel free to apply to comment of your choice, to the
Maybe this underscores the problem... (Score:4, Insightful)
First of all, he'd better stay the hell away from my network. I thank goodness that no other (non-script-kiddie) application on this planet performs unprompted scans like this. DHCP, of course, doesn't count.
Second, what if the printer is currently down? Or I'm configuring a machine to be installed offsite? I can think of any number of scenarios where I'd want to configure a network printer that isn't currently on the network.
A program should NEVER think that it's smarter than the user. What if CUPS doesn't detect "wvlan0" as a network interface? Well, it would gray out all the network printer options. But that's clearly wrong -- the user *knows* that the machine is networked. If CUPS allowed him to configure the network printer, everything would just work. Note that CUPS probably should put up a warning dialog "Warning: I could not detect a network -- do you want to continue," but it should not prevent or restrict anything.
ESR's solution relies on too much magic and will cause support nightmares. It is too system-dependent -- it might work on Red Hat, but it'll probably break on SuSE. Or an ARM-based machine. Or a token ring network. Etc. And when it breaks, the user will be surprised and have no other recourse than to consult the documentation.
Incidentally, graying something out is almost always wrong because it gives no indication as to why it's grayed out! You should let the user select it, then put up an informative dialog telling the user that what he's doing doesn't make sense, and what he or she might do to fix it. Always, always, always tell WHY.
Yes, the CUPS UI is flawed ("client-error-forbidden! client-error-forbidden!"), but ESR's proposal is even worse. It's a measly six-item menu! If Easy Software did try to implement it, after a ton of programmer time they'd have an interface that is more surprising, less informative, and more fragile. Not a step in the right direction.
The proper way to fix this unfriendly menu is to create a wizard The first page would allow you to select a locally-connected printer or, if there are no unconfigured local printers, a network printer (possibly launching a Samba browser to help). Wizards are great for reducing perceived complexity without reducing functionality.
Creating a good user interface is hard. I think that ESR just proved this.
Re:Maybe this underscores the problem... (Score:2)
Re:Maybe this underscores the problem... (Score:2)
I like the idea of my computer auto-detecting any network printers. I don't have my printer linked up to the network as I don't have time to try and figure out how to do it.
Second, what if the printer is currently down? Or I'm configuring a machine to be installed offsite? I can think of any numb
Re:Maybe this underscores the problem... (Score:2)
You've never installed corporate hardware, have you?
You don't walk in with a OS-only server, jack it into the network and start configuring. You've got a design sitting there, and you configure the server *before* dropping it into production. So when you drop it in place, it does 'just work'.
If you require auto-detection for configuration, you take yourself out of well-des
Re:Maybe this underscores the problem... (Score:3, Informative)
I do to. But I also want the ability to say "you're wrong...do it this way" to the computer.
I think you are in the minority. If the printer is currently down then you can't use it so configure it later when you CAN use it.
For home users, this may not be an issue. For an office environment, it may be. There have been a few times
Re:Maybe this underscores the problem... (Score:3, Interesting)
There have been some solutions in the past. Balloon help did a really good job of explaining WHY a particular menu item was grayed out. It's too bad
Fatal flaw in the MD5CRK algorithm (Score:2)
Re:Fatal flaw in the MD5CRK algorithm (Score:2)
It's so unlikely that a client mig
MD5CRK will need a few more participants... (Score:3, Interesting)
The sum I did is
sqrt(-l(0.5)*2*2^128)/(1.325*10^9*86400*365)
5
N=2^128 is the space they're looking for a collision in. The expected number of collisions found after k items have been produced is very close to k^2/2N, so the probability zero have been found is exp(-k^2/2N) by the Poisson distribution. Assume exp(-k^2/2N) = 0.5 and solve for k, then divide by their declared rate of 1.325 gigaMD5s a second.
I don't know whether this inclines me to give the whole thing up or to climb on board. The latter is probably more fun.
Incidentally, the algorithm they're using to do the search efficiently is pretty cool. Paul C van Oorschot and Michael J Wiener, Parallel Collision Search with Cryptanalytic Applications [sympatico.ca] (pdf)
MD5CRK boneheaded (Score:4, Insightful)
That is bullshit. Of course two inputs can be found which produce the same message digest. This is the pigeonhole principle. Now the MD5CRK developers seem like smart people, and so it's more likely that they just haven't explained it very well.
They go on to say
But I don't see what that would achieve either: two strings of gibberish that happen to have the same MD5 sum. Find a way to produce two documents which both have meaning (perhaps two pieces of source code, or two different school reports) and have the same signature, and that would be impressive.
Re:MD5CRK boneheaded (Score:2)
No, obviously they exist but they can't be found in a computational feasible way. Obviously, RSA is trivially breakable by trial division, given infinite time, too.
I don't see what that would achieve either: two strings of gibberish that happen to have the same MD5 sum.
Well, it's a partial crack. I'm not a crypto expert but a partial crack is often a way into an algorithm.
Re:MD5CRK boneheaded (Score:2)
MD4 is considered totally broken. Nobody has ever been able to generate 'arbitary' collisions for that hash either, just semi-random ones. But still, nobody uses it.
The definition of collision-resistent is that
Re:MD5CRK boneheaded (Score:2, Interesting)
In other words, that the function H is injective. But no message digest function producing a fixed-length digest from an arbitrary-length input can have such a property.
It depends on how you were doing it 'easily'... if you simply had a great deal of brute force to
ESR goes too far (Score:2)
For the most part, I have no problem with what these essays say--better user interfaces are needed and so is documentation that ordinary users have a chance of understanding if they ever get around to reading it. But I think one of the conclusions toward the end is remarkably unproductive:
I've never se
MD5 colision demonstration. (Score:4, Interesting)
Re:MD5 colision demonstration. (Score:2)
(www.cryptool.org is down, but you can download the software from this link [medialab.ch].)
Re:Flashmobs can be fun! (Score:5, Funny)
Welcome to Slashdot.
Re:I'll drop MD5 in a heartbeat... (Score:3, Informative)
You have three different "MD5 sum" utilities that all give different checksums for the same data? If so, then at least two of them aren't actually MD5 utilities, in the sense that they don't compute MD5 sums. *cough*
Re:I'll drop MD5 in a heartbeat... (Score:5, Insightful)
If you wrote code to generate the checksum(s) and it's not working then you have a problem between the keyboard and chair, not with the algorithm. That's a standard that is not OS, platform or language specific.
Re:I'll drop MD5 in a heartbeat... (Score:3, Informative)
You also have to be careful with text files that they aren't being modified on the fly when being transferred between machines.
Re:I'll drop MD5 in a heartbeat... (Score:2)
From the GNU text utilities man page, correct? If you read the texinfo [gnu.org] document (like the man page suggests), you get more information:
While ryanr's comment about files transferred between systems being
Comment removed (Score:4, Interesting)
Re:I'll drop MD5 in a heartbeat... (Score:3, Informative)
Perhaps some of the utilities you are using consider file metadata when generating the checksum?
Also beware of implicit conversions being done to your data by your I/O libraries, as other posters have noted.
Re:I'll drop MD5 in a heartbeat... (Score:3, Informative)
Re:Is it just me..... (Score:4, Insightful)
When they shouldn't have to read or choose, it's lacking for an app to make them choose. In ESR's case, he shouldn't have had to make the decision as the system had all the info it needed to answer the question itself.
Yes, this takes more effort on the part of the programmer and that's probably why it's not done yet, but it's near-sighted to argue against a change that only improves the user experience. Not only does Aunt Tilly now have a good chance of getting her printer setup, I don't have to work nearly as hard reading manuals and experimenting with settings to get mine working. Why read the manual if you don't have to?
Re:Is it just me..... (Score:4, Interesting)
And in the Windows, installing a network printer goes like this: Select 'add new printer', click next, check 'network printer', click next, click next, select the printer from the list, click next, click finish, admire the test page printed out on the remote printer. Windows user is done before Linux user read the first page of the manual.
Do you for a second believe that Linux way is better in this respect?
Is it really so much to ask that people learn how to use the tool they choose to use properly? Is it so much to ask that people know how to read?
Joe Q. User (you know, the one Linux needs to win over in order to establish world domination) answers: Yes, and yes. I want to install a printer, not read something. If I wanted to read something, I'd go to the library.