Posted on 10/05/2005 7:42:38 AM PDT by N3WBI3
You keep trying to move the focus away from the central fact: Microsoft is excluding itself from Massachusetts by refusing to implement ODF, while at the same time demanding the luxury of victimhood status. That's rich.
I'm not saying it's bad to have algorithms to be reviewed. I'm saying it's more secure if you keep it private (like NSA's internal algorithms).
There are 2 reasons I'd make it public. 1) I'm selling it to a company that wants to review the algorithm. 2) I don't have the budget to test to see if it's strong enough.
However, if it was for my companies use and we had a budget large enough to test...I sure as heck wouldn't just give it to my enemies to test with (and use if it ends up being truly strong).
I'm just trying to find out the nature of your issue. By answering this question I can discern if I'm wasting my time or not.
No it doesn't. I too would change the subject if I were you. Your position is indefensible.
Whoops, a tax increase on corporations impacts consumers. I got caught in a double negative.
I'd say this is one of the properties of a hash...The quality or condition of being imperfectly known or difficult to understand.
Do you agree?
So a tax increase on corporations does impact consumers. Is that all tax increases or just really big tax increases?
How about the fact that your example is NOT a one-way hash?
Here's a (stupid example) of a one-way hash:
I can compress any amount of text into a single-digit number. I can even give you the algorithm to perform this feat, give you the number, and you STILL would not be able to decipher a given hash into the original text.
For instance, here's the algorithm: Substitute a number for each word, the number would be the number of characters in that word. Now take all the numbers in the text, and add them together. Take each digit in the resulting number and add them together. Continue doing this until you have a single digit.
Here's the hash : 6
What was my original text? You can't tell me because it's a ONE-WAY hash! The example you gave wasn't one-way--it was a two-way hash. Quite different.
I'm not on your stand. I'm not under your interrogation.
You're afraid the taxpayers of Massachusetts will set an example for the other states by pointing out the cost savings of casting off Microsoft's yoke. Entire governments can be run on Linux and Open Office and Microsoft wouldn't get a dime. That's a huge CUT for the taxpayers. And it scares Redmond white just thinking about it.
Wow. You really don't know what you're talking about, and you keep showing it every post.
We're talking about one-way digest hashes, the kind used in encryption. What you just showed was a simple cipher, not a hash. You encrypted the information in a way that should I discover the algorithm (reverse and change case), I know the text. It's a perfect example of how obscurity of the algorithm does not help at all. Such ciphers went out the window long ago as insecure.
Okay, try this, which is how hashes really work: Let's say your password is "My Password" and the hash is 14ddb8585ddfc6c4670b9c18aed1fe8b. Now here's the hash 61b8631f77c82fb816080fe3b0d4fa99. Tell me what text creates that. Depending on the length and complexity of the text, not so easy, maybe impossible in any meaningfully short amount of time.
And here's the kicker: if you do get a match, you don't know whether it's the original input or a collision.
Again for the cryptographically-challenged: You cannot get the original from a hash. You can only guess some input that matches that hash.
True my example was a 2-way hash for ease of understanding I chose a 2-way hash. Your example is just as weak as there are billions of collisions (which is the equivolent of getting the original passphrase).
A discussion on the details like how SHA-0 are now broken isn't appropriate for this discussion, but let's just say it's not impossible to get back to the original passphrase (whether by brute force or broken/cracked algorithm).
But that doesn't matter...a collision is the equivolent of the original. And you say I don't know encryption. As I told shadow...I used a 2-way hash for ease of understanding.
oops meant to say sha-1.
That's why I was saying the PDF waiver is bogus. Office 12 offers of license to use the format as PDF does.
Hmmm, it's only been ingrained in my mind over the years. You're yet again trying what you did with challenging me on SCI, SCIF and safes. You lost then, you lose now.
OPSEC is mainly about secrecy. We do use standard encryption algorithms government-wide. There's no obscurity in that, nor is any needed, because the algorithms are trusted. The best minds in the world work to break them in an open, scientific manner. When we see with all that worldwide brain power that an algorithm is approaching the end of its secure days, we switch (as with DES). Microsoft is being smart and is also removing weak hash algorithms from now on.
I believe you guys are trying to save face by slowly changing your point into a more rational point of view.
My point remains as it always was: never rely on obscurity. And if you can't rely on it, why expend resources to do it in the first place? Rely on secrecy and open, peer-reviewed, proven encryption.
Yeah, Office 12 is a bit better for gov't organizations as it specificially spells out things for gov't. Where as PDF doesn't.
Read the licenses then comment. They are essentially the same. The only way to make them EXACTLY the same would be to have Microsoft use the PDF license verbatim (and that just isn't going to happen with lawyers involved). Each lawyer puts their own spin on things. However, the same rules apply. FREE and Transparent. Also gov't can use any program they want to access the office 12 docs.
By changing the topic, refusing to answer, and answering incorrectly doesn't make you the "winner". It just reveals you as the fool.
False dichotomy. This isn't about O12 v. PDF. It's about O12 v. ODF. This government chose ODF, they find ODF to be better. But Microsoft wants to take its ball and go home, crying about being left out.
That's fine if the rumored algorithms are only used internally, although as I said, if they exist I guarantee you they operate under the assumption that the algorithm is known.
There are 2 reasons I'd make it public. 1) I'm selling it to a company that wants to review the algorithm. 2) I don't have the budget to test to see if it's strong enough.
3) You are selling it to the general public. Because if you do, it is known, so you might as well get the benefit of peer review. Plus, the public likely won't trust an unknown algorithm going on "Trust me, it's secure." This is one reason why the NSA required competitors for the latest standard encryption to have open algorithms.
Why on earth would you be afraid to answer the question? It's simple, you already stated that tax increases on corporations do impact consumers. So now I'm just trying to get clarify...is it all tax increases or just the really big ones.
I know why you won't answer it because if you say yes all tax increases then you admit any increases in cost to a company does impact consumers (which is counter to your previous claims). Now if you say only big tax increases impact consumers then you show yourself as a liberal on a conservative forum.
So either answer the question or just withdraw your claim about this not costing the consumer anything by making M$ pay for it.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.