Liudvikas Bukys

Eric Rescorla rebuts the arguments for giving up on SMTP: Should we dump SMTP?:

« The movement to ditch SMTP strikes me as more of a howl of frustration at our collective inability to deal with spam than an actual reasoned argument for change. »
[Via Ed Felten: Email Redesign Not Helpful]

The big design issue is not transport security or authentication. It is whether spontaneous association is a desired feature, and how such associations are managed or controlled. Since most mailboxes do want to be found (that’s why people publish email addresses in directories and on web pages), re-doing SMTP might yield fresh transport and identity protocols (already available as succinctly described by Rescorla), but would be just as vulnerable to spam, unless something is done to improve association management and its hooks to content filtering. And, while it is interesting to describe a new world in which I can only correspond with people to whom I have been introduced and with whom I maintain a web of credibility, there is a very important question: Do people really want this, or do they only say they want this?

Philippe Oechslin: Making a Faster Cryptanalytic Time-Memory Trade-Offs «In 1980 Martin Hellman described a cryptanalytic time-memory trade-off which reduces the time of cryptanalysis by using precalculated data stored in memory. This technique was improved by Rivest before 1982 with the introduction of distinguished points which drastically reduces the number of memory lookups during cryptanalysis. This improved technique has been studied extensively but no new optimisations have been published ever since. We propose a new way of precalculating the data which reduces by two the number of calculations needed during cryptanalysis. Moreover, since the method does not make use of distinguished points, it reduces the overhead due to the variable chain length, which again significantly reduces the number of calculations. As an example we have implemented an attack on MS-Windows password hashes. Using 1.4GB of data (two CD-ROMs) we can crack 99.9% of all alphanumerical passwords hashes (2 37 ) in 13.6 seconds whereas it takes 101 seconds with the current approach using distinguished points. We show that the gain could be even much higher depending on the param-eters used. »
[Via SecurityFocus HOME Mailing List: BugTraq]

Wired News: Computer Groupthink Under Fire: « Critics at a House Science Committee hearing in July on the status of supercomputing in the United States claimed that federal agencies are focusing too heavily on developing and deploying grid computing and clusters, and not investing enough in development of true supercomputers. »

The Register: « Northwestern University law professor Anthony D’Amato has issued a strong caution to universities, calling on them to consider students’ privacy before shipping them off to the RIAA sponsored legal gulag. »

The Aggregate: KASY0 Home Page

Techdirt:People Know About Legit Download Sites - But No Interest

Jamie Zawinsky posts an interesting diatribe entitled CSS is BS.