maradydd: (Default)
maradydd ([personal profile] maradydd) wrote2008-01-02 07:52 pm

Small world

There's a post up on BoingBoing today (ok, yesterday for me) about open vs. closed search algorithms, suggesting that the search algorithms used by Google, Yahoo et al are bad because of their lack of transparency. It invokes a comparison to an important concept in computer security: "security through obscurity" is dangerous because an effective encryption scheme should be equally hard to break whether you know the internals of the algorithm that generated the ciphertext or whether you don't.

I think comparing this to search is a bad (or at best misleading) idea, and expounded on this in the comments. But I'm far more entertained by the fact that the two best comments on the post so far come from two sources with whom I am tangentially familiar, albeit from totally different directions: [livejournal.com profile] jrtom and [livejournal.com profile] radtea. Small damn world!

[identity profile] maradydd.livejournal.com 2008-01-04 07:02 pm (UTC)(link)
Not necessarily an uninterrupted sequence of outputs; ISTR that polynomial interpolation is a common first step in figuring out a PRNG's seeds. In any case, any attack that works on a stream cipher will frequently be useful against a PRNG as well (maybe not in the general case, but there are equivalences between certain stream ciphers and certain PRNGs).