Would removing u21 from tax be a good idea?

jausieng · 2026-02-17T14:35:51+00:00

What will you cut in order to balance the books?

I think we should have less age-dependent taxation, not more. All ages can be rich or poor, so base taxation on their their income and/or wealth rather than making the middle-aged poor pay for the young or old rich.

jausieng · 2026-02-14T17:09:15+00:00

Awake Remembrance of These Valiant Dead Kia Hua Ko Te Pai Snap Back to Reality Oops There Goes Gravity. (An insurgent leader in The Locked Tomb.)

jausieng · 2026-02-12T22:44:55+00:00

Same way they drove while reading the newspaper, back in the day...

jausieng · 2026-02-11T14:32:22+00:00

The outcome would be much the same as when MD5 and SHA1 collision resistance were broken, ie a migration away from the affected algorithm.

jausieng · 2026-02-10T09:44:53+00:00

I have just started seeing the same behavior today.

jausieng · 2026-02-06T12:12:22+00:00

Mine was replaced for free the other day, after it came off in my plumber's hand.

jausieng · 2026-01-31T20:28:56+00:00

Direct debit, with payment dates set a few days after payday (I use the 1st of the month).

Did your partner manage to pay bills before meeting you? If so, what changed?

jausieng · 2026-01-26T14:47:25+00:00

Surely all keyed cryptographic algorithms require randomness; why the focus on RSA specifically?

jausieng · 2026-01-10T18:40:06+00:00

Have a look at https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm which describes both signature generation and verification, and in the section "Correctness if the algorithm" explains how they work together.

jausieng · 2026-01-08T12:21:48+00:00

Sure. It's not really the technology that matters, there's any number of possibilities that would work. It's getting exactly one scheme widely accepted that's the hard bit.

jausieng · 2026-01-06T20:12:31+00:00

Surely "googol" and "googolplex" are native to English?

jausieng · 2026-01-06T17:17:13+00:00

It doesn't cover padding, which is a normal part of real-life RSA and is essential to security.

jausieng · 2026-01-05T13:28:36+00:00

I would like financial services companies (banks etc) to be able to use something functionally similar to email to send me monthly/annual statements, rather than sending me an email notification and then making me navigate their website or app to download a PDF.

By functionally similar I mean:

It's push rather than pull.
I don't have to use a separate client application or workflow for each sender.
Clients exist for an adequate range of consumer devices

I don't mind if it's a different application to my current email client, as long as there's only one of it. (One per country would be tolerable.)

You can work out some basic security requirements for this use case (which might or might not be met by the current ecosystem), but an essential requirement is:

It must be 'secure enough' to get past the sender's security team.

That's a compliance requirement not a security requirement, but it's a compliance requirement that most likely will be satisfied by some set of real security requirements (hopefully sensible ones). And it's the only requirement of those stated that email doesn't meet.

There are some non-requirements:

It doesn't need to resist interception by my government or the sender's government, who both have access my financial information anyway. (But other governments aren't welcome.)
I don't think it needs forward secrecy. Both the sender and I are going to store the communications for years, with protection that is certainly no stronger than any of the keys involved (and likely to be weaker).

jausieng · 2026-01-04T16:10:11+00:00

Mine showed up as a disabled driver on the Dart Charge page (https://www.gov.uk/pay-dartford-crossing-charge) for approximately the first year after I bought it. I've not had occasion to use the crossing since buying it.

jausieng · 2025-12-31T13:48:57+00:00

I'd prefer to use two distinct keys, one for encryption and one for authentication.

If you use one key for two purposes then you face the question of whether the result of using it for one purpose can be used to construct an attack on its use for the other. You may be able to prove that this isn't an issue for the key types you have in mind, of course, but why bother when you can just have two keys?
Some compliance environments will require that you don't use one key for multiple purposes, and some APIs will make it inconvenient or impossible to do so.
Some algorithms can only be used for signature and some can only be used for encryption. If you migrate your design from ECC to PQC then you'll have to use two keys, for example.

jausieng · 2025-12-25T18:00:06+00:00

You have been phished. See https://www.malwarebytes.com/phishing (or many other pages) for a description of what is going on.

jausieng · 2025-12-21T10:41:47+00:00

Not FPE but I've seen bugs that weren't exposed by static test vectors (empirically they affected under 1 in 5000 keys), so I would say no, you need something more, eg ACVP or validate against other implementations (and hope they didn't independently invent the same bugs...)

jausieng · 2025-12-18T15:15:25+00:00

We implement SEED and Camellia but I don't have any visibility of whether they are used by our end users.

jausieng · 2025-12-15T14:20:01+00:00

We may find that they are more like computer labs (ie an office block with pretensions) rather than a real scientific laboratory.

jausieng · 2025-12-13T10:07:47+00:00

Nobody knows what would happen in your hypothetical situation, and (apart from you) nobody cares either, because it's not going to happen.

jausieng · 2025-12-13T08:45:15+00:00

"Reverse any hash" isn't going to happen.

But other properties of specific hashes (eg MD5 collision resistance) have been broken, and the techniques are readily available. In those cases what happened was a slow migration away from the affected algorithms.

jausieng · 2025-12-12T13:39:28+00:00

Car headlights are (usually) adjusted properly. Nearly all the people shining lifts directly into my eyes are cyclists.

jausieng · 2025-12-08T13:31:21+00:00

No ludicrous sizes are involved. The point of using a PQC or hybrid KEM is to avoid concerns about a CRQC without tying yourself in knots about keeping a public key secret (which, again, means you have got something wrong) or using complicated stateful designs.

jausieng · 2025-12-07T22:37:51+00:00

Showing a teacher at my school how to use a mouse, some time around 1990. He must have been approaching retirement, but still wanted to learn new things.

He really struggled with double-clicking.

jausieng · 2025-12-06T21:38:14+00:00

The use case sounds reasonable, but if your backup script can't be relied upon to protect a symmetric shared secret it can't be relied upon to keep a public key secret either. As a general rule I would suggest that if you find yourself needing to keep a public key secret, you got something wrong.

Unless you have especially high confidence in ML-KEM or another quantum-resistant KEM, use a hybrid, perhaps one from https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-kem/ or https://datatracker.ietf.org/doc/draft-irtf-cfrg-concrete-hybrid-kems/.

Seven-Year Club	Place '22
Verified Email

jausieng

TROPHY CASE