| Molecular Electronics |
[Jun. 21st, 2009|09:12 pm] |
I only really aced one out of the four big questions on my molecular electronics exam. Oddly enough, it also had a serious typo in the Hamiltonian, and didn't really define its own language. It took me 10-20 minutes to decipher what was going on, and then the TA wanted 10-20 minutes to verify that my version was indeed correct. Here's the problem:Consider the motion of an electron on a linear chain of hopping sites separated by a distance a. The motion is described by the following tight-binding Hamiltonian:H = -t Σn=-∞∞ ( | n > < n+1+ | n+1 > | < n | ) a) What is the meaning of t? What is the unit of t?
b) Show that plane waves are eigenfunctions of this Hamiltonian.
c) Find the expression for the dispersion relation for the electrons and plot it. How large is the band width?
d) Show that at low energy the dispersion relation is that of a free electron with an effective ass. Find the expression of the effective mass as a function of the band width. If you read this question the obvious way -- by deleting the + symbol that doesn't mean anything, you get:H = Σn | n > < n+1 | n+1 > < n | BUT -- and this is a big but -- since wavefunctions are always normalized, < a | a > is just trivially 1. That makes this the sum of all | n > < n | states, but if they're exhaustive and orthogonal, then that's just the identity matrix. So the Hamiltonian is trivially "H = -t." No good.
The key here is that there's an extra | symbol which is in between a ket and a bra on the rightmost part -- and it doesn't mean anything there. It was misplaced, and the interaction is supposed to read:| n > < n+1 | + | n+1 > < n | Which is indeed a nearest-neighbors coupling.
Anyway. Cute problem. |
|
|
| Why Random Oracles don't work |
[May. 17th, 2009|12:35 am] |
If you read the specs for hash functions and block ciphers, you see a lot of discussion about whether something is "distinguishable from a random oracle" or not. In fact, "distinguishers" themselves are a big part of security.
So, for example, hash functions. I've written about them before; the idea is to take a file, hash it, and you get a unique number which can substitute for that file. If you give it the same file twice (even if the filename is different) you get the same number; if you give it two different files, you get two different numbers. You might think that probably the best thing is for these numbers to be otherwise indistinguishable from a truly-random number generator.
Indistinguishability is a big thing, here, so it deserves a little focus. We say that something is "secure in the random oracle model" if it's secure when you replace the underlying function with a truly-random number generator. We say that something is "indistinguishable from a random oracle" if there's no way (except with negligible probability of success) to tell the difference between a random oracle and the output of the function. The term "random oracle" just means a function which, whenever it receives a new input, generates truly-random numbers on the fly as its output/response. (The word "oracle" here comes from the terminology of security proofs, where you might sometimes offer to an attacker free knowledge which they otherwise might not necessarily have -- they ask an oracle which magically answers their question.)
The first problem is very obvious: how on earth do you *prove* that there's no way to distinguish your algorithm from this random oracle? Nobody has ever really developed the mathematics to do such a thing.
The security community has a clever answer to this, which is to say, "all of the building-block algorithms should be absolutely public, and all of our cryptanalysts should beat up on them, as much as possible. The longer something goes without someone finding a distinguisher, the more confident we are that it's indistinguishable from a random oracle. And then we prove that, if the base components are random oracles, then the bigger component is likewise a random oracle. So we put all of our confidence in the basic cryptographic building block, which everyone knows; and then we build our systems on top of it.So we don't prove that *anything* is a good substitute for a random oracle; we just prove that some things are secure in the random oracle model.
But the second problem, which was pointed out in 1998, is much more subtle and philosophical. It's this: no function is ever a blanket good substitute for a random oracle.
Here's the example from the original paper. It's a bit bizarre, but it's secure in the random oracle model. It just works like this: some person has a random oracle R(), and they have some extra function (e.g. a hash function) f, and both are tuned to the same output length. They accept a message M from the outside world, and apply some function f. Whenever f(M) = R(M), they reveal all their important secrets. The exact choice of the function f is a variable -- there are *lots* of these situations depending on what you use for f.
Why would you design something like this? Well, you wouldn't -- there's no point to needlessly revealing all your secrets. BUT, this is secure in the random oracle model: no matter how the outside world chooses M or f(M), the random oracle will almost never choose the same number, and your secrets are safe.
But now suppose you try to implement the random oracle with some special pseudorandom function G. Well, for most of these protocols, the protocol remains secure -- but for at least one of them, where f = G, you're now revealing all of your important secrets for *all* input messages! "Whenever G(M) = R(M) we reveal all our secrets" is perfectly secure in the random oracle model -- but it's perfectly insecure if you try to use G as your R function.
You might try to broaden the definition by using a *key* -- just as block ciphers use a key to encrypt and decrypt their plaintext. So instead of *one* function G, we have billions of functions Gk, one of which gets chosen at random to be your random oracle substitute. We also have a suite of random oracles, but we only really need one: just feed the message (k, M) [the concatenation of k and M] instead of the message M, and you select different inputs depending on different k's. Still, we have something like Rk : can a *family* of functions behave like a *family* of random oracles in all circumstances, even though one function can't always?
Notice that this evades the previous problem, because I have to choose one particular function f as part of the protocol there. Now I might choose one of many functions to fulfil my random number generator, while f is just some fixed function.
Well, we can do the same thing, we just have to be a little more tricky. The first thing we assume is that the adversary knows k -- because it's supposedly not a security parameter; it's just an arbitrary choice of a random number generator.
Well, then define a relation ~, which is kind of like an equals sign, except instead of =, which holds when both sides are the exact same number, k ~ x holds when Rk(k) = x. If R is a random oracle, then no matter what the k is, the left side is a random number and x probably doesn't match, so it will be hard for our adversary to find some (k,x) pair so that k ~ x. On the other hand, if you replace R with a family of functions Gk, and tell the adversary k, then for some protocols -- the ones where you have something analogous to the "f = G" idea above -- you just reveal all of your secrets.
Here's one example they give. Imagine that we have a perfectly secure cryptosystem which encrypts with E(key, plaintext) and decrypts with D(key,ciphertext), and assume that it's completely and totally secure. We're going to build a system on top of this, with a random oracle R that implements ~. The idea is that we have a secret key K, an oracle key k, and then take a message M; we truncate the "first part" of M as m -- however long our oracle output is. If k ~ m, then we output the message, (1, M); otherwise we output the message (2, E(K,M)).
This allows for what's sometimes called a "watermarking attack," leaving a watermark on disk that proves that you tried to store a particular message. See, if you're using Gk to implement R, then I just give you the message (Gk(k), watermark) and you've got a watermark on your disk. If you had been using a real random oracle I wouldn't have been able to guess its output ahead of time (it's random!) and thus wouldn't have been able to construct this message except by chance.
Let's make it even worse: when you decrypt (3, M) -- which we didn't define above in encryption -- let's say that we check if k ~ M and then output K -- the secure cryptosystem's private key. Again, if you've got a random oracle, I can't touch you; but if you're using the family of G-functions, my chosen ciphertext attack reveals your private secret K! The system is perfectly secure until you use an algorithm to implement it.
These are all contrived examples, but they show that no function is a good substitute for a random oracle in *all* circumstances -- there will always be systems which are secure in the random oracle model but aren't secure in the real world with a given pseudorandom function.
Despite these contrivances, indistinguishability is still a top concern. Why? Because we don't actually have much else to work with. That's just the nature of the beast. |
|
|
| drostie.org mostly out of limbo |
[May. 12th, 2009|03:46 pm] |
I had underestimated the previous months' schoolwork, which really required a bunch of effort. But the end of April and early May, I pushed very hard, and basically the entire Django backend of drostie.org has been written. This included one day where I just sat down and coded my own admin interface, because I didn't like the one that came with Django and I could tell it was only a ~ 1 day project. The admin interface looks like this:
After Apache was too much of a resource hog for my taste, I elected to start running Django out of Lighttpd. Surprisingly, I found Lighty to be more versatile than Apache -- though the documentation is *abominable* and there were several features missing. (For example, client certificate support is presently restricted to LDAP, which is quite like saying "You can pick your nose, but only with this shotgun.") But mod_auth can work for my administrative backend just as well as a client cert, so long as Firefox remembers my password and my computer doesn't die spectacularly.
In particular, here's the problem that drove me to lighttpd: I want several subdomains, like code.drostie.org and aca.drostie.org and muse.drostie.org and odd.drostie.org and so forth. They shouldn't share file namespaces (a text file on code shouldn't be visible from odd; the images on odd shouldn't be visible from code), except for some common files that should only be in one place, so that I can update them all at once. That's the business of a rewrite engine, of course, which Apache can only do with mod_rewrite voodoo; and mod_rewrite is a notoriously difficult module for Apache because it implements basically a full-featured scripting language in a medium that was never designed for it. I basically learned Lua overnight in order to program a quick mod_magnet script to do the exact redirection I wanted. I still don't like Lua, but I can live with Lua.
Meanwhile, Apache does *not* like partial host-awareness: you're supposed to either run virtual hosts or to run a single dedicated host. Well, with the rewrite script, you can see that I don't need host-awareness usually -- the file logic is rewritten manually for that. But, here's the problem: some of my pages (the admin ones) use HTTP-based logins to save some coding effort. This *has* to be host-aware, since the server has no other direct way to distinguish these pages from any other page served by Django. (I could have also hardcoded the authentication credentials into Django, but I originally wanted to use an SSL client certificate to do this process. I'd still like to switch over, whenever lighttpd actually implements client certificate support.)
Now, these subdomains must also direct their django calls to some central django applet, which I decided from the start would be host-aware and would implement certain "Projects" (code, odd, aca). This is *supposed* to be done with Apache's mod_python or mod_wsgi, but this also tends to break with virtual hosting. (When I tried to have WSGI kibbutz on another server's WSGI process, it got angry at me.) The native separation in Lighttpd between the web server and the FastCGI Django server made complete sense to me, in this respect. And I had no real issue setting up the pidfiles or the Unix socket to make it all work nice and smooth.
It's all coming together. "Push, push, push," I keep telling myself. "Do something -- anything -- even if it's typing a meaningless line into the source code. Get your brain moving on the project and progress will just happen."
And it is. |
|
|
| vim sucks. |
[Mar. 22nd, 2009|10:06 am] |
The saga of emacs-vs-vim is legendary, and hearing the passionate rhetoric on both sides, you get the impression that you should at least try both out, and see what the fuss is about. Of course, everybody will admit that neither one is for "just trying": vim takes, by various estimates by vim users, weeks-to-months-to-years to learn to use properly; apparently Emacs requires learning a Lisp dialect and building up configuration files. The goal of vim is that you go to any *nix terminal you want and suddenly can edit source code at a high level. The goal of Emacs is the exact opposite: that the text editor should come to fit you like a well-worn glove, to the point where whatever keys are most intuitive to you are bound to whatever actions you use the most.
My adventures started out with vim, which will be the subject of this post. My test document was a mixture of indented Javascript code between paragraphs, motivating the Y-combinator with actual examples and such. A text file deriving the Y-combinator seemed like a nice quick project to jump into any given language: it's not too long; it involves both coding and writing plain text; and so forth.
Typing "vim ycombinator.text" creates a blank screen with color-coded tildes, which I can immediately understand are "this line is not actually in the file" markers. Good stuff. As I begin to just write out the first word, "function", I quickly notice that absolutely nothing is being written to screen, and the screen spits back some kind of error at me: "E35: No previous regular expression." Wha...?
Okay, so I have to google a tutorial to find out that, in fact, vim doesn't support editing by default. Instead, it dumps you into a command mode, and editing is accomplished by typing the "i" or "a" keys, to get into "insert" mode.
Insert mode is like a very crappy text editor, because it lacks all of the basic amenities you like (which have been moved to the command mode). For example, if you press the left arrow key at a new line, you might have expected to jump to the end of the last line. That doesn't happen. Also, it doesn't auto-indent your text. Word-wrap is enabled, but it's strictly speaking a character wrap: if your word is too long, it gets divided in half across the lines. And the up and down keys don't move within the virtual lines of a word-wrapped line, but instead move to the next physical line up and the next physical line down.
The command mode includes undo commands for anything that happens within command mode. These are vital if you want to waste your time with command mode, which is apparently necessary to be a real Power User of vim. So let's experiment with those. Poring over several web pages, it's a while before I find anything useful. Here's one: I prefer my tabs to be four spaces long. Since vim apparently doesn't grok this by default (i.e. notice that the last line I wrote was tab-indented four spaces, and thus make the next one the same), the command string goes something like this: 0i Esc,j0; ..j0...j0..j0. or so. Since most of these characters are typed with the right hand and they're in wildly different places, this is really inconvenient, but at least you get to see some sort of benefit from the multiple-periods.
Okay, but that doesn't need to be done in command mode. There's a third mode intended for problems just like this, called "Visual Mode" (really meaning "Selection Mode"). You type Ctrl-v, you select a box with your cursor, and then you type I Esc to indent multiple lines by four spaces. And then you have to do it again for the interior code. And then again for the code inside that.
The rest of command mode strikes me as deliberately inconvenient. Yes, there is a backspace function, no, it isn't accessed by hitting the backspace key (bwuh?!), but rather by hitting Shift-X. Without the shift, the "x" is secretly the "Del" key. Some things are exceptions to this rule: Entire line edits can often be done by repeating a command twice, so ">>" indents a line, "dd" deletes a line, "yy" copies a line onto a clipboard. (Not *the* clipboard -- vim is completely oblivious to your system clipboard. It has its own internal clipboard, though, and you can copy things to it with "y".) The find key ("f", thank God) only works on the current line with a one-character input, and *cannot* be repeated by period -- to make it search backwards, you need to use F instead, to make it search for anything more than one character, you need the / key, which can be repeated (i.e., find the "next" result) with "n", even though the "f" key cannot be repeated with n. Incidentally, this is why I got the previous error, "E35: No previous regular expression."
To summarize: vim's actual text-editing component, insert mode, is a crippled and horrible mess, lacking the most basic of text-editing and code-editing idioms. To rectify this problem, vim includes a separate component, command mode, by default. Everything that you would expect to have a non-text-editor mode (e.g. find/replace, saving to a new filename) is jammed uncomfortably into this one modality, along with many things you would expect to have in text-editor mode (e.g. copying the current line, undo/redo, quit the editor, et cetera). One particular idiom which you'd expect to find in text-editor-mode, namely text selection, is in fact given a third mode completely different from the other two. And, as a bonus, all of the things you might like to do in command mode are based on a single-character language which you'll have to become fluent in before command mode becomes at all useful to you. And if you are generating large amounts of new code, command mode is not the idiom du jour -- command mode mostly suffices to help you search around in a document that's already been created and copy text from point A to point B.
Unless I've missed something.
I don't see why vim devotees claim that vim makes their coding much faster; I haven't seen anything in vim to suggest even a possible ~10% coding speedup waiting around the corner. Rather, since it lacks some basic amenities, it looks like vim would slow me down by ~10-20% even when I learn it fully and can use it at top-speed. It has brace highlighting. That's about it.
I've tried to also play around with emacs, which also isn't pretty. Possibly there's a follow-up post to this one coming? |
|
|
| pwext, pwext, pwext... |
[Mar. 2nd, 2009|10:46 pm] |
Yesterday I gave a grocer a 20 for 8 euro worth of goods, and he gave me 42 euro in change. I pointed out the error to him. Today, he wanted to give me something extra for being a good person. I declined, because, to be honest, I had already received the reward. I like impressing people, much more than an extra bottle of soda or a free box of Ben and Jerry's. If he's impressed enough to say, "Listen, you gotta let me pay you back," then that's enough for me. I don't know whether that's enough for him.
Five commitments: Love, Honesty, Charity, Bravado, Humility. I never forget.
Anyways.
I promised myself that my password-derivation-applet, pwext, would be done by the end of January. It's really a fantastic and beautiful bit of code in its present form, I feel. It was, indeed, mostly done at the end of January. I still haven't created the "bookmarklet factory" that would generate a custom pwext bookmarklet based on user input, though.
However, at the end of January, it was clear to me that drostie.org needed a content management system of some form, since I've got dozens upon dozens of little files that I want to go up there. So I decided to work on that. My tentative deadline on that was "the end of February."
This deadline has passed and the framework has only moved partly forward; it's still not deployment-ready. So I've failed to make that deadline. I spent so much time bringing my laptop up to speed that it seems like the beginning of the month was spent on choosing an overall approach (I chose Python + Django, because I'd like to learn more Python and Django had several features I wanted) -- and only at the end of the month did I actually get a database model put together (and I still don't know to what extent I can add or subtract from it later). A large amount of the style and layout of drostie.org was was written about a year ago and is more or less still the system that I want today. The middle of the month feels like something's gone missing.
I want pwext out -- the complete package finished, with Django running on the server, and the bookmarklet-maker ready and working -- by the end of March. However, my laptop has just started acting up *again* (kubuntu no longer recognizes that it has a wireless connection). We'll see how well I do. I'm not exactly enthusiastic, since I've just missed a deadline and now I'm speculating on a new one. But I'm working on it.
My cash supply dwindles ever-lower. I want to get a CMS deployed so that I can show a potential employer, "*THIS* is what I do. Beautiful code, solving the real problems that I see around me, etc." But I also want people to use my inventions. That seems to require marketing, etc. -- I don't know.
Real artists ship, and I'm tired of not shipping. |
|
|
| Food and Linux. |
[Feb. 22nd, 2009|08:51 pm] |
"We're opening our oldest wine bottles," she said, "and I want something for the occasion. I've bought beef, and we have potatoes, and I'd like something French for the occasion, if you please."
So I did. Or, at least, I tried.
My first demi-glace went perfectly, and formed a mushroom-based sauce for the steaks -- which were seared and then oven-roasted, since my benefactors have no grill. Almonds were crushed, roasted, and tossed in with green beans in a spectacular-if-minimalist vegetable dish.
The gratin that I tried to produce didn't come out so good. The flavors were *perfect*: just the exact amount of rosemary, just the exact amount of garlic, no hiding the beautiful potato flavor -- but for some reason the slagroom did not suddenly turn into a beautiful creamy inside. Instead of a perfectly-seasoned potato gratin, I got perfectly seasoned potato slices, in milk. Willemien told me that she thought she knew why: she usually buys very fast-cooking potatoes, and they're probably also very low-starch, so that there was no residual starch filling the cream and making it even creamier. I'm not so sure -- the slagroom seemed a bit watery to start with, in my opinion. But maybe you're supposed to add an egg or two, or something to that effect.
Dessert: creme fraiche, with some blackberries, my Oma's homemade jam, and ground chocolate shavings. Absolutely delightful in presentation and flavor.
My new laptop now boots into a completely-encrypted Kubuntu Linux install, as well as its Win XP install. The Kubuntu Jaunty alpha is treating me wonderfully; it's everything that I was hoping out of Vista before I had to downgrade and go back to Win XP. The only thing I wish, is that the Toshiba Portege M750 could boot out of its memory card reader. It would be a little more convenient for my intended setup. But it can boot from USB, so I just have the GRUB MBR code in the boot records for all of my USB drives. This loads a local /boot partition on my hard drive, which decrypts the root partition if I give it the right password. |
|
|
| Bits! |
[Feb. 11th, 2009|08:05 pm] |
Several of the algorithms in the SHA-3 competition are 512 bits or more.
That doesn't sound like much, does it? But it's a tremendous amount, really.
The smallest unit of time that a modern physicist is concerned with is called the Planck time -- 5.3124×10-44 seconds. This is a time scale which, if you zoomed in close enough, something wildly different from anything familiar must be happening. (We know that something weird must be happening because we have two completely different theories -- general relativity, which we apply at the scale of galaxies, and the standard model, which we apply at the scale of the atomic nucleus. They're totally different, and as far as we can tell, completely incompatible with each other; but we can use both of them, because they don't overlap much in their respective domains. They don't overlap anywhere in the middle, either: at the scale of you or me, we neither have to calculate spacetime curvature, nor solve the Schödinger equation. But they do overlap at this miniscule time scale -- and at a similarly small length scale.)
This number, we might express as 2-143.75547 seconds or so. If you were going to count once every Planck second, you would only need 144 bits to count out one full second.
At the other end of the scale, the universe is 13.7 billion years old, give or take about 0.1-0.2 billion. This, we might express as 258.6 seconds or so. A modern 64-bit computer could count out the universe in seconds rather handily in one register.
Divide the second time by the first, and you get the total number of Planck times that have happened in the life of the universe. By exponent rules, you just add the numbers of bits: 58.6 + 143.8 = 202.4 bits.
An ideal 512-bit hash function is so secure that even if someone had one quadrillion of the fastest computers that a modern physicist can imagine, and worked on finding a single collision for the entire lifetime of the universe, their chance of success would only be about 8%. We would have to make a significant advance in physics before we could conjecture what sorts of sub-Planck computing could be possible. (We're not even completely sure what we can and can't do with quantum computing, and we're relatively solid on the fundamental rules of quantum mechanics.) |
|
|
| National Condom Day |
[Feb. 10th, 2009|04:01 pm] |
The Dutch have a National Condom Day. It is February 14th -- one day after the day when it really mattered. (I suppose good Hollandse sex happens after midnight?)
I have a laptop again! Finally. It's a Toshiba Portege (not a typo!), and it's a tablet PC. You cannot imagine the delight of dragging windows around Minority Report style. However, I must recommend against Toshiba as a brand: too much bloatware, and you must wait for all of it to install on the computer when it first arrives -- the operating system doesn't exactly come preinstalled.
It came with Vista. I tried to give it a fighting chance, I really did. They messed up the Start menu pretty bad, though, and the minor chrome adjustments that I saw were not really worth the extra wait at boot time. Toshiba kindly sent me Windows XP Tablet Edition restore disks instead of Vista restore disks, so I'm now running XP again.
(But I will install Kubuntu Linux on it sometime soon -- once I can wrap my head around what this guy did.)
pwext is almost finished as a bookmarklet. There is a delay because I don't yet have a framework that I can use to publish applications. I'm working on learning Django so that I can create something nice on drostie.org -- possibly with an eventual comment system. Also, I still need to create a setup script that will generate your pwext seed from random keypresses, et cetera. It's a bit of work, but it's going.
With a tablet PC, One Dark Dream (a webcomic/webdrama story that has been kicking around in my head for about a year now) can possibly start up. I'll have to see how long it takes for me to write the first few comics, draw them out, assemble them, and publish. One thing I don't like: in Windows, the cursor has this nasty tendency to lag behind the tablet pen, which might smooth the curves but it might also be annoying. I don't know yet. |
|
|
| MD5-based SSL: totally, completely broken. |
[Jan. 10th, 2009|11:00 pm] |
I think I'm going to keep teaching Crypto-in-plain-English on this blog for a while yet, so let's talk current events.
To welcome in the new year, a group at the TU Eindhoven in the Netherlands successfully attacked SSL in a rather serious way: they created a certificate authority which every browser trusts, which could make anyone claim to be, for example, HSBC or the Bank of America -- or whoever you want. SSL is theoretically supposed to protect against that, but it has completely failed to do so.
SSL is that technology that, among other things, puts the padlock icon on your browser. Browsers try to present these visual cues to tell you that there is encryption going on "under the hood," so that someone can't just overhear your credit card number. The TUE group's live demo at the hacking conference was an open wireless router that could overhear anything you tried to transmit through it over SSL -- but all of the padlocks and browser notifications were still there.
It's called a man-in-the-middle attack. Suppose Alice wants to securely contact Bob. A malicious attacker named Mallory says "Hi, I'm Bob," and presents valid IDs and credentials to Alice. They begin a secure communication with each other. Then, Mallory impersonates Alice in a similar way when he opens a secure communication line to Bob. By sitting between these two secure communication lines, Mallory gets the entire communication recorded in his logs.
The TUE group falsified the identification of SSL: they devised a way to say "Hi, I'm HSBC" or "Hi, I'm Bank of America" and get completely trusted by the browser. They did it by breaking a hash function called MD5.
( Read more... )
- - -
Your moment of Zen? The people who are now switching away from MD5 are switching to another function named SHA-1. SHA-1 is much stronger than MD5, but it also has some serious flaws, and a couple of years of time will probably break that, too. They could solve this by using a newer, better generation called SHA-2. Every even-vaguely-modern browser supports it, as far as I know. And, in fact, right now there's a contest for developing the next generation after that, called SHA-3. (I'm rooting for Skein in that competition. Tweakable block ciphers are very pretty.) |
|
|
| More delays, more delays. |
[Jan. 3rd, 2009|04:41 am] |
So here's where I am right now.
Physically, I'm in Ithaca for another week, before I return to finals in Delft.
December 17th, my web host (crissic.com) went down. Like, in a serious way: data was unrecoverable, the main site was down, eventually even the DNS records for crissic.com started to fail. And nobody heard from the webmaster for the entire weekend thereafter, with a bunch of people worried on the WebHostingTalk.com forums.
I tried my best to keep people sane there -- a lot of them seemed to believe that the Crissic guy was maliciously absconding with our money and data; and just a moment's reflection suffices to reveal that this couldn't be the case. Part of it was other web hosts stirring the pot quite a bit.
But when the webmaster finally got back online, the damage was done and everyone was leaving the ship.
After long attempts by me to get my domain name -- drostie.org -- back again, only today did I manage to get through to the webmaster, to get my domain name transfered to a godaddy.com account in my name. It's not actually back quite yet; I still need to wait 5 days or so. Then I need to start my server from scratch.
Meanwhile, I'm looking for a tablet PC. I only have $1000 in bank money right now, but dividends may soon change that; we'll see. I need about $1500 to get the laptop, and then I need a week or so to polish it up to my standards. And then I have exams, and maybe then I can return to LJ.
Time is wasting, but the weekend is upon me. Quite possibly, I'll just need to take the computer on credit, then repay the fines when the dividend cash comes in -- otherwise, there's no guarantee that I get it in my hands before next weekend. It's all very :-/ right now. But we'll see, we'll see, we'll see. |
|
|
| drostie's kickass fajitas. |
[Dec. 7th, 2008|12:25 am] |
My moratorium on livejournal due to my lack of a laptop had to end tonight, though it will continue in a little while again. I'm sorry, but without a laptop, I have no internet efficiency, so each moment I spend on the internet is spent somewhat carefully.
The big project right now is setting up drostie.org for email, since cornell.edu is kicking me off in a week or so. I almost had the damn thing running, but then I thought, "Oh, Ubuntu has upgraded from 'hardy' to 'intrepid' and there's some new packages in intrepid that I'd like." Big mistake. My VPS server did not like the ubuntu upgrade, and I had to reset everything and start from scratch.
On the plus note, I now have an opportunity to create a server tutorial to be hosted on drostie.org. I had promised one to the WebHostingTalk forums, but then I had forgotten to copy-and-paste my setup steps after browsing through other tutorials.
Anyway. The point of this post, as the subject says above, is to introduce you to my kickass fajitas. They're probably not really fajitas, but they look generally similar.
Prep work is relatively easy. You need fillets of a bird (I used turkey and enjoyed it); you need a red and a green bell pepper, sliced into half-centimeter wide slivers, some shredded iceberg lettuce and grated cheese, and you need pico de gallo
. I am a heretic with my pico de gallo
. I use minced, uncooked garlic, instead of chiles, to give it its punch -- and I flavor it with oregano, a little olive oil, salt, pepper, and basil. Just think, "What would an Italian do to make pico de gallo?" and you have my recipe for it.
Take a spash of sweet white wine, a splash of olive oil, and a splash of water, salt and pepper to taste, and some small chopped pieces of bacon, and stir them around in a pan under low-ish heat. You're going to poach a bird product (in this case, I used 1cm-ish thick turkey filets) within their marinade. The amount of marinade is somewhat crucial -- you want it to be mostly-oil by the time you add the mushrooms, so that they don't boil so much; but you want to steam the peppers.
Slice a green and a red bell pepper into small slivers, coating them with a little olive oil and a splash of the same wine, and some salt. Then, once the bird has been lightly poached, start to take out the filets and slice them into something more linear, resembling the peppers in length, if wider. Return them to the marinade and turn up the heat, with the bell peppers going in with them.
As the marinade steams the peppers, keep the mixture tossed and moving. Add sliced mushrooms when it gets to be more like a thin layer of olive oil than a marinade.
Put them all together in a tortilla, optionally with sour cream -- but the cheese, lettuce, and pico de gallo are part of the soul of the dish, and shouldn´t be omitted for anything. It should end up sweet, savory, a little messy from what's left of the marinade/sauce, and, in addition, absolutely delicious.
I have no idea what to call them. They aren't, strictly speaking, grilled -- more like poached, steamed, then lightly fried. So "fajita" is the wrong word. But US folk would be misled if I just called them "tacos."
I thought about adding corn to the mix as well, but I have the feeling you wouldn´t taste it in the end product. There's already a huge amount going on. |
|
|
| Hiatus |
[Nov. 20th, 2008|09:22 pm] |
Hey guys. I am unfortunately going to have to stop updating this journal. My laptop of two years (named "Basilisk") has died, and I really don't have the financial resources right now to buy a new one. I might be able to return shortly if I receive dividends and/or can sell back stock to my Dad's company; or he might arrange for me to be able to sell shares to him. (It's privately traded and escaped the worst of the current Wall Street crisis.) But for now, I have no regular computer that I can turn to. Ç'est la vie. |
|
|
| Hash functions, pwext, password lengths |
[Nov. 7th, 2008|08:36 pm] |
There was recently a deadline, at Halloween, for hash function submissions to the US government, for the sake of producing the next Secure Hash Algorithm (SHA3). And there were a lot of submissions made just recently. The winners will gain the applause of the cryptographic world and international fame, in about four years time or so, as finalists are selected and the crypto community weeds out the bad.
Confused? A hash function, in the broad sense, takes a file and gives you back a number. And since a file is just a string of 1's and 0's, just about anything can go into a hash function, to get back a relatively small, manageable, number.
Have you ever sorted files by file size, before? Congrats, you've used a hash function -- in this case, a "naive" hash function, one that's easy for a malicious person to duplicate. A secure or cryptographic hash function is just a hash function which is hard for a malicious person to duplicate. They're used, for example, to guarantee that a downloaded file is the same as the source file: if the numbers match, then there's only a very small probability -- that the files are different. (For a 128-bit hash, it's three billionths of one billionth of one billionth of one billionth of a percent.) And this is a small number (16 bytes) which can be posted on the internet or otherwise transferred rather easily. If you use BitTorrent, the bulk of the .torrent file is hash values for each little "piece" of the file, to make sure that you've downloaded it all correctly.
Now, you know me -- if a deadline for this sort of contest arises, then I'm off having a codegasm. In particular, I've got an ongoing project called pwext, a password extension for Firefox.
( Read on... ) |
|
|
| Dream job? |
[Nov. 2nd, 2008|12:59 pm] |
In my dream, last night, I was in the Amsterdam streets, just outside of Station Amsterdam Centraal, where all of the tourists walk out into the city for the first time ever.
"One euro, and I'll explain anything!" I pitched in front of my stand. "Why is the sky blue? What do women want? Why are vegetable oils liquid and animal oils solid? How many angels can dance on the head of a pin? Is there a God? Any question, answered for one euro!"
Call it the Drostie version of busking, I suppose.
(This was probably influenced by the fact that I went to sleep after playing air guitar to a whole slew of my favorite songs. When I'm playing air guitar, there's always some sort of implicit busking/performance element to it, somewhere in my head.) |
|
|
| "Acceptable" superpowers |
[Nov. 1st, 2008|08:53 pm] |
A while back, I read Steven Gould's Jumper novels. You may recall the movie-with-no-plot of the same name, which was "based on" the book in the sense that absolutely nothing that happens in the book happens in the movie, and vice versa. I blogged about it in ![[info]](http://l-stat.livejournal.com/img/userinfo.gif) kentox roughly when the movie came out or so.
Anyway, in the novels, the protagonist has the ability to teleport. The NSA and CIA do not like the prospects for this, since it means that he can be Terrorist Threat Number One if he so chooses.
Now, this has recently become a subject of my musings. I love to think through superpowers, in particular because I've seen and read about lots of superpowers which aren't well-thought-through. (I'm looking at you, Hiro Nakamura.) The idea proposed by Jumper -- that some superpowers are a political threat and will land you in pre-emptive jail of some sort -- is something in this vein.
So, define a PC-power as a "politically correct" power, by which I mean that the NSA and CIA will not be worried about your existence in the world. What sorts of powers are PC? What sorts of powers are "politically incorrect" by this standard?
Actually, most superpowers are politically incorrect. Some are a little surprising: if you had the superpower of being able to factor large numbers and do discrete logarithm problems, the NSA might be very worried about your cryptanalytic potential.
Here are some PC-powers:
1. Super-linguistics. (That is, the ability to understand any given language.)
2. Flight, probably.
3. Super-strength, maybe, but probably not super-speed. After all, someone with super-strength can still be tasered.
4. Super wit. (It's on bestthing.info. It counts.)
5. Possibly mind-reading. Probably not mind-control.
6. Basic telekinesis.
7. Omen-reading -- that is, basic predictions about the future.
Any others you guys can think of? |
|
|
| Ethics, check. But being a good person? I still need to work on that. |
[Oct. 28th, 2008|07:23 am] |
I breezed through the mandatory ethics course, with the sixth highest exam grade out of the 96 people who took the course. (An 8.0 -- highest was 8.5.) That's, needless to say, an "A" in ECTS terms.
My exam in basic statistical mechanics is today. Here's hoping.
[Edit: I destroyed that exam. There was only a smoking crater remaining behind to remind posterity of the sheer power that I brought to bear against that test's meek and puny frame.] |
|
|
| Xenophobic Cat |
[Oct. 24th, 2008|11:23 pm] |
Uncle Guus has a cat.
A boy cat with a stubby tail, who is terrified of people. I mean, he comes into our garden to dine every night, but he hates to approach if you're too close, and runs off. Xenophobic cat. Maybe I should just call him Xeno.
I have a long history both of loving cats and being allergic to them. At Amy's bridal shower, for example, I had to wash my hands every five minutes, because Amelia's cats would ambush me for love and attention, and I could tell that I was pretty damn allergic to them. I kept petting them, but each time that my nose or eyes itched, I had to get up and wash my hands before I could scratch said itch.
It's a formula that works pretty well.
Anyways, Xenophobic Cat has been my personal project. I've been feeding him personally, even eating my meals alongside when I'm not serving other guests. Xeno wasn't comfortable with coming indoors until just recently, and today I made one major point of headway: today Xeno came inside and let me pet him for the sake of being pet. No bribing him with dinner; just me scratching at a purring cat's face and neck.
I don't know why people and animals inherently trust me. Admittedly, my baby nephew didn't automatically take a shine to me, but I think that's because I was the first person he'd ever seen with a beard. And he got used to me relatively quickly. Maybe everyone secretly inherently trusts everyone. Regardless, I like having that property, as a personal asset. |
|
|
| Blum Blum Shub |
[Oct. 23rd, 2008|10:42 am] |
Ugh. I just found out that my Basic Stat Mech class is, in fact, only a half-semester class, and so I've got an exam next week to study for. So maybe my coding has to be put on hold. Blech.
Blum Blum Shub is a simple pseudorandom number generator: given two prime numbers p and q, and some random number x between, say, sqrt(pq) and pq, you just start squaring x, modulo pq. You usually just take one or two bits from the result, so that it's hard to find out subsequent numbers. And it has one magical property: *any* statistical attack on Blum Blum Shub is also a statistical attack on integer factorization. So if you can statistically predict Blum Blum Shub, you can also statistically predict how to factor N = pq. (Unfortunately, the proof of this fact is asymptotic, and so we don't even know what "small" means when we say, 'for small N, this proof might fail.')
In any case, I've implemented Whirlpool in Javascript, and am now turning to Blum Blum Shub. Javascript doesn't have a good long-integer type. In fact, Javascript doesn't have integers at all: numbers are always secretly stored as double-precision floating point numbers (52 bits of precision). To do Blum Blum Shub at its maximum speed, then, we would need x^2 to be less than 2^52. Hence x must be less than 2^26, hence pq must be less than 2^26, so we're looking at factoring a number that's around 64 million.
In other words, an efficient Blum-Blum-Shub generator in Javascript *must* break up its numbers into arrays, because I can probably easily factor a 26-bit number. I mean, the largest that my lookup table needs to be is sqrt( 226 ) = 213 = 8192, and there's only on the order of a thousand or so entries for that. I can create a script that does a thousand % operations. No problem.
Probably, my best bet is to break them up into 24-bit blocks, for some N. Why? Well, you probably know this trick for calculating whether a number is divisible by 3 or 9: add up all of the digits individually, then see if the result is divisible by 9. It turns out that this works because 9 is the number-system base (10) minus 1 -- and all factors of B-1 will have that property in base B arithmetic.
In particular, in 3-bit octal arithmetic, 8-1 = 7 has that property; and in 4-bit hexadecimal, 3 and 5 (factors of 16-1 = 15) has that property. In 12-bit arithmetic, both of these conditions coincide. For example, the factors of 212 - 1 are: = 212 - 1 = 4095 = 3*3*5*7*13. (Just divide by 5 first, 9 second, and 7 third. Easy peasy.)
Since 224 - 1 = (212+1)(212-1) = 4095 * 4097, and no prime factor of 4095 could divide 4097 (they're just too close together), we can quickly search for prime factors of 4097: we check 2 (easy no) and then 11 (another easy no) and finally 17 (harder, but 4097 = 17*241). And 241 is less than 172, so because it's not divisible by 2, 3, 5, 7, 11, or 13, it must also be prime. (You don't need to actually divide by any of those to see that, because, again, 4097 is too close to 4095.)
So 224-1 = 3*3*5*7*13*17*241. If I divide my numbers into 24-bit blocks, I can rapidly test for divisibility by 2 by checking the last bit, and I can sum the blocks together to test for divisibility by 3,5,7,13,17, and 241. That reduces my search space for primes to around 1/5 of its former size with almost no real effort.
And the native data type of Javascript is large enough that I should be able to carry out the long multiplication algorithm in-place, since b1*b2 is never more than 48 bits, and I have 52 to work with. I don't know whether peculiarities occur when it transfers from integer mode to float mode, but I'll find that out when I implement it. |
|
|
| Gnocchi in Red Bell Pepper Sauce |
[Oct. 21st, 2008|05:19 pm] |
Hey look~! My first post in this journal. Here's hoping that it works out well.
I'm back living on my own, which means more fun cooking. I figured a foodie post was always a good start to this blog. Anyways, I managed to get my hands on fresh gnocchi yesterday; so I was in for a treat. (I can make it myself, but it takes about an hour and I've been doing other things recently.)
I built a wonderful sauce as follows:
(1) I blanched and then peeled three Roma tomatoes, dicing the soft flesh over a large cutting board.
(2) I very lightly roasted a red pepper over the gas grill flame, to peel it. It got diced.
(3) I sauteed the pepper with a little olive oil in a side pan while building up a roux in my main saucepan.
(4) The tomato paste and red bell peppers went in with the roux and some extra water. The mixture was kept uncovered, just under a boil.
(5) Seasonings were added: parsley, salt, pepper, oregano, and basil, to taste. Also, two cloves of minced garlic or so -- I would later wish that I had added a third.
(6) Finally, two chicken fillets were cut widthwise into slices around half an inch to a quarter of an inch thick, and poached in the sauce.
Just as the fillets were finishing, I started the gnocchi, so that they could both get plated right as they finished.
It was incredibly good. I thought I would be making enough for today as well, but I couldn't get enough of the flavor for dinner last night, and ate it all then. There is something about that mixture of tomato, red pepper, garlic, olives, and parsley that just... sings.
Sorry, no photos. My battery charger for my camera can't plug into my converter-plug for the outlets here, so I'll have to make the dish again, after I buy a new battery charger. Maybe I'll make it the next time I have guests over. These sorts of dishes rarely work so well on their first try, but this one worked beautifully. |
|
|
| navigation |
| [ |
viewing |
| |
most recent entries |
] |
| |
|
|
