EDIT: changed encryption / decryption to signing / veryfing. Thanks for the corrections
Not an expert, those who know more please correct me.
From what I understand, what they post is not a PGP key, but the same content published in clear text signed with their private key. That way anyone can verify it with the author’s public key to check it has been generated with the private one (that only one person should have).
In a digital signature system, a sender can use a private key together with a message to create a signature. Anyone with the corresponding public key can verify whether the signature matches the message, but a forger who does not know the private key cannot find any message/signature pair that will pass verification with the public key
You’re not though. You said encryption occurs with the public key and decryption occurs with the private. That’s the opposite of what happens and what the quoted text says.
From the same source:
In a public-key encryption system, anyone with a public key can encrypt a message, yielding a ciphertext, but only those who know the corresponding private key can decrypt
Funny story: you didn’t change the wrong info. The sad part is that you’re spreading misinformation and unwilling to hear otherwise. This is more dangerous than helpful.
How is Crul wrong in anything other than the terminology? You sign a document with your private key - generating basically a hash of the document entangled with your key information. Anyone holding the public key can then verify that hash with the public key - that the document contents are intact and unchanged (from the hash), and generated by the person holding the private key (entangled key information)
To help you with the terminology, the names for the two operations are “signing” and “verifying”. That’s it.
What can you do with…
public keyprivate keyEncryption:encryptdecryptSignature:verifysign“Signing” is not at all the same as “encrypting” with the keys swapped. It is a separate specific sequence of mathematical operations you perform to combine two numbers (the private key and the message) to produce a third - the signature. Signing is not called “hashing”. A hash may be involved as part of the signature process, but it is not strictly necessary. It makes the “message” number smaller, but the algorithm can sign the full message without hashing it first, will just require computation for longer time. “Hash-verifying” isn’t a thing in this context, you made that name up, just use “verify”.
@dohpaz42 is mad because you messed up your terminology originally, and thought you were trying to say that you “encrypt” a message with the private key, which is totally backwards and wrong. He didn’t know that in your mind you thought you were talking about “signing” the message. Because honestly no one could have known that.
Look at the words you used, encryption is not the same as a signature, with a signature you can prove that a person with access to the private key wrote the message.
What you’re talking about in your message is encryption, and you have it the wrong way around, messages gets encrypted with the public key, and can only be read with the private key.
what they post is not a PGP key, but the same content published in clear text encrypted with their private key.
So they are not excrypting it, but do we agree that with signatures the author uses their private key + the clear message to generate “something”?
That way anyone can decrypt it with the author’s public key to check it has been encrypted with the private one (that only one person should have).
… so then anyone can use the author’s public key to check that “something” against the clear mesage to confirm the author’s identity?
If that’s the case, then my error is that the operation to generate the signature is not an encryption. So, may I ask… what is it? A special type of hash?
Thanks again. I will edit my original comment with the corrections once I understand it correctly.
So they are not excrypting it, but do we agree that with signatures the author uses their private key + the clear message to generate “something”?
Yeah sure, and I think the person you are arguing with is saying as much as well, it’s just that this is not encrypting it, when you encrypt something you obfuscate it in a way that is possible to deobfuscate, think the caesar cipher as a simple encryption, a hash/signature on the other hand is something that is generated from the clear text using your private key, which is not possible to decrypt, think very simplified that the person would just put the amount of each letter of the alphabet used in in the text, then add the length of the thread, and then multiplied by your private key. This way it’s proven that the holder of the private key is the person writing the text, and that the text hasn’t changed since the signature was generated.
… so then anyone can use the author’s public key to check that “something” against the clear mesage to confirm the author’s identity?
They can confirm that the person holding the private key (not identity, just that they have the key) and also that nobody changed it since they signed it (like the person adminning the forum or a moderator or something)
If that’s the case, then my error is that the operation to generate the signature is not an encryption. So, may I ask… what is it? A special type of hash?
For signing, it’s backwards - you encrypt with the private key, and then everyone else can decrypt with the public key. If that doesn’t work, they know that the message wasn’t signed by the private key paired with the public key they have, and therefore is invalid and is not to be trusted.
Signing proves authenticity (only the private key holder can sign), encryption provides privacy (only the private key holder can read)
The short answer is no. A bit longer of an answer is that with the public key, anybody can encrypt data. Only the owner(s) of the private key can decrypt the data. That is a key point: encrypted data by itself is meaningless. If you were to attempt to decrypt random data (or change one single character of valid encrypted data), you’d get literal garbage output. But, valid encrypted data and the corresponding private key can always unencrypt back into the original format.
This is why emphasis is always made to never share or expose your private key. Couple the private key with the always-available public key and you’ve got a man-in-the-middle (MitM) attack. This is where an attacker could decrypt the data with the private key, change it, re-encrypt it with the public key, and send it along to the destination without anybody knowing it was altered.
What you are doing is exporting your key. Your public key is indeed something you can (and should) share as it enables others to verify that you are indeed who you claim to be (or more accurately, that you’re in control of the private key that’s linked to that public key). So while you should share your public key, your private key must remain private.
What these people on the dark web are doing is one step further: they sign their messages with their private key. This creates a cryptographic signature that’s different for each message (changing a single character in the message will generate a wildly different signature). Anyone with the public key can simply copy that message including the signature and validate it. If even a single character of the message was changed, the signature will not be valid. Thus ensuring others that the person who posted the message is indeed in control of the private key.
Signing is different from encrypting: while encryption renders your message totally unreadable to anyone without the correct key, signing doesn’t change the message itself. It simply appends a signature allowing others to check that the message wasn’t tampered with.
I am probably at a similar experience level to OP and have wondered the following: is there a commonly used, or agreed upon repository for identity verification with PGP or similar? It would be a useful thing to use, the problem is that if you’re posting something to a public space, not everyone may have access to your public key for verification. Including the key in the message doesn’t seem like it would help much, since someone else could just generate two new keys and still claim to be you without any affiliation. Am I wrong about this? Thanks.
Key signing parties used to be the thing to do at conferences - imagine a line of people, sheets of paper listing all their key fingerprints, and people showing ID to each other.
If this is some kind of messaging board, you’d probably put your public key in your profile (I assume that since OP is talking about the dark web that the posters there would rather not share their actual identity).
Let’s talk about Alice, Bob and Eve. Alice is an active poster on a dark web forum. She puts her public key on her profile and uses the corresponding private key to sign her messages. If Eve wants to pretend to be Alice, Eve can simply put her own public key on her profile and sign messages with her own private key. But Bob is smart. Rather than just looking at the profile of the poster and copying their key every time, Bob saved it in his key store and assigned it to Alice (possibly even marked it as trusted). When Bob sees a post by Eve, he’ll try to validate it. This validation might succeed (if Bob has access to Eve’s public key), but it will be clear that the message wasn’t signed by Alice’s key.
Of course, this all assumes that Bob has quite some knowledge of how this works and is vigilant enough to perform all these validations correctly.
As for the regular internet, there are some services where you can share your public key: keys.openpgp.org is one of these. Of course, as /u/[email protected] says, there’s still the matter of trust. You need to make sure that the public key you’re using is actually from the right person.
That’s exactly my point. The gold standard would be a key signing party, but given that humans don’t tend to talk to each other in meat space much these days, it’s more of a rare occurrence than it used to be. I don’t really know what the ideal solution would be that would be a good mix of trust, privacy, and ease of use though.
This is what I thought - I just wanted to make sure I hadn’t failed to consider something obvious. Am meeting up with some old friends who are science geeks next month and wanted to throw out the line “for all we know, the center of the galaxy exploded 25,999.9 years ago and we could all die tomorrow” and I didn’t want anyone coming back with “well actually…we would have detected that by now thanks to technology xyz that was in ivented in 20XX”.
I totally misread your post as you were meeting up with some old friends who are science geckos and I wanted the story behind all of that, but then I read it again and was disappointed in the lack of geckos.
If the black hole specifically disappeared, it would have no effect on us. The solar system would not even be launched on a 100 million year trajectory out of the galaxy, as galactic rotation is dependent on the masses of stellar and interstellar matter in the disk and dark matter in the halo. The supermassive galactic black holes, despite being supermassive, still only make up a tiny percentage of total galactic mass.
If you want to wow your friends, tell them about false vacuum decay. We could have bubbles of true vacuum expanding out in space from multiple directions towards us at lightspeed, and no way of knowing about them, stopping them, or outrunning them. Any point in space could nucleate a new true vacuum bubble at any time, just like a given uranium atom could decay now or in 5 billion years or never. Even spookier, by principle of quantum immortality, the Earth could have been engulfed by vacuum bubbles many times before, and we are just the one tiny sliver of probability space where by luck alone we survived long enough to talk about it here and now.
Thankfully false vacuum is just an idea and there is currently no evidence that it is real.
Many worlds is a fun idea, too. But also being regarded as not real for a while now. The cat in a poison box living or dying doesn’t mean it lives and dies.
I never heard about the false vacuum before, that’d be some good sci-fi
I can not answer this question, but I suspect, that actual answer is yes and no. Due to the swpc they relay solar storm info to earth before it hits due to sensors.
Webwoupd need yo send probes out further yo.grab that data first
Any data is sent at or below the speed of light. Solar storms are charged particles (mostly protons) being ejected from the sun and eventually hitting the earth’s magnetic field, causing disruptions in the field (and potentially cool auroras).
Since these storms are just particles traveling from the sun to the earth, they travel slower than light speed, so our distant sensors can warn us in advance at/near the speed of light. This won’t work if the sun were to instantly disappear or change color though, that information would travel at light speed and the probe signals would arrive at the same time.
No, as both gravitational and em waves travel at the speed of light, the “we’re all screwed” things we could ever observe would only ever be slowed-down/distorted (by things that could even do such a thing like a black hole) as they approach us.
So it’d be a happy little surprise (short of worm-holes or tachyons existing), on year 26,000.
That’s not too say life as we know it would end immediately. We might make it generations before the real chaos affected us on earth. On a smaller scale, if the sun blipped out of existence, sure, we’re 💯 doomed and we’d know it after 8.3 minutes, but some of us might make it a solid week before all life on earth was expunged 😅.
i guess if you had some super crazy distant probe observing the black home and it’s memory bits were quantum entangled with a receiver device near us, we might know instantly-ish? but would need to wait millions of years for that probe to be placed to begin with and hope the systems don’t corrode or corrupt or fail in those millions of years. and what would you do with the info? tell everyone?
I thought FTL communication is just a fun typical science fiction understanding of quantum entanglement.
I thought we would still have to know what is going on at the probe via another means to know or decode the message sent by the entangled particles to their counterparts on Earth.
Kind of like putting two letters in two envelopes but we don’t know what colour they are, just that they will always be opposite colours. Even the person arranging them doesn’t know which colour they are. We don’t know if a red letter is sent to London or a green one is sent to LA or what colour they’ll be at all. But when we open the letter in London and see that it’s the red one we know the other one in LA is green.
So no matter where or when the person with the red letter is, they’ll always know the other person has the green one once they open the letter. But no information has been mysteriously transported across space and time, just the correlation between the two has been discovered.
This is correct. FTL communication using any form of quantum entanglement is provably mathematically impossible by the no-communication theorem. Most common sci-fi trope though.
You need to socialize the isotopes with other atoms when they’re young. Otherwise they don’t learn to behave normally. Like dogs. Trust me, I’m a scientician.
The short answer is that it’s ultimately down to the number 43 (the number of protons technetium has) and the number of neutrons that could potentially form stable isotopes being atomically weird numbers.
The picture below shows relative stabilities of isotopes of different elements. N represents the number of neutrons, Z represents the number of protons. As a starting rule, moving above or below the N=Z line (creating an excess of protons or an excess of neutrons) tends to decrease overall stability.
You can see for lower atomic numbers, the most stable isotopes closely follow N=Z because protons and neutrons “balance” each other in the nucleus. But as you increase the atomic number (and therefore the number of protons), the protons begin to repel each other more strongly, which means additional neutrons are needed to make the nucleus stable. This is why the “line of stability” (the line of dark red “stable” elements) increases above the N=Z line as you increase the atomic number. Deviation from this line means an atom is less “beta stable” (and therefore more likely to beta-decay).
There are certain “magic” numbers of protons and neutrons that are more stable than others because they comprise a full shell. These occur at 2, 8, 20, 28, 50, 82, and 126. This means nuclei that have (or are very close to) one of these numbers of protons, or neutrons, or protons + neutrons, are inherently more stable. If you look at the other stable isotopes on the graph, you would expect a stable isotope of technetium would need around 55 neutrons to follow the line of stability.
As it turns out, the combinations of 43 protons and 55 (± a few) neutrons just can’t form a stable enough configuration to not beta-decay.
We could know about it in only 26,000 years due to the speed of light and gravity waves. However I’m not sure how it would affect us at all …
Perhaps there’s a burst of particles going less than the speed of light. We would know about it before those particles got here.
Perhaps you mean the disappearance of the strong gravity well at the center might affect us: I imagine any changes to the structure of the galaxy or it’s movement would take much much much longer to affect us
Just like there are “islands” of relative stability predicted, there are also some islands of instability where the geometry just won’t line up correctly no matter how you arrange it. Think of an atomic nucleus like a soccer ball – A soccer ball has a specific number of pentagons and hexagons that fit together (almost) perfectly. You can’t make any such shape with hexagons alone. If you have even one too many or one too few, it might still make a mostly spherical shape, but no matter what you do it will have a weird wrinkle, flap, or gap somewhere, and that’s the kind of thing that will cause instability, it won’t balance correctly, it won’t fly true, and if the flaw is big enough eventually the inconsistency will tear it apart.
The patterns of various numbers of two dimensional shapes that can form a seamless sphere is not intuitive or obvious at a glance and the math required to compute it is reasonably complex, but the result is straightforward. Some combinations of shapes work easily for this. Others only work in very specific arrangements. And some simply won’t work at all. The same sort of idea seems to apply to atoms, although we can’t say we completely understand all the nuances of the forces at play, the principles and outcomes are easy to measure. This is of course still an area of significant research and study, because it is important and has implications and potentially applications ranging from deeply obscure astrophysics and cosmology questions to very potent energy technologies that could change our society. But no matter what we discover, our observations of the outcomes are quite consistent and very repeatable, and the atomic patterns that we call Technetium simply don’t stay together very long.
Lots of stuff about patterns that tile or do not tile into regular shapes does not make much intuitive sense, just like prime numbers and irrational numbers do not follow any obvious pattern we can predict, and indeed modern cryptography is dependent on the fact that prime numbers do not follow any particular pattern. Patterns that look like they should be trivial to fit together do not, like intuition might suggest that the square root of 2 should be at least a rational number if not a natural one. And things that look impossible to tile can snap together seamlessly when placed with some careful attention and planning. Technetium is like one of those mathematical or geometrical patterns that looks like it should be trivial but no matter what you do the pieces just will not fit together into any useful shape. At least not for very long.
Some further reading on patterns like Aperiodic Tiling might also be of interest. Lots of fun stuff down such rabbit holes.
Adding lead to gasoline didn’t reduce carbon emissions. Why do you think some other toxin would? You’re just poisoning the atmosphere for funsies. Skip the convoluted steps and just detonate bombs in the atmosphere. Inject it right into gothams water main, ya genocidal supervillain.
Is your proposal basically to burn away nuclear waste? Why is the gasoline important?
Few issues I see:
I don’t think such waste can be disposed safety by incineration. Because if it could, we’ve have done so already. It’s probably the go to solution when it comes to waste disposal, apart from just burying it or dumping it in the ocean.
The main problem is the safety and handling of such radioactive waste. You do not want it anywhere near people and that’s why it’s isolated. They are highly dangerous. Do you want such a substance sitting in your vehicle, garage, gas station with high traffic, etc? The radioactive substance doesn’t just go away when you add gasoline to it.
Even assuming we can get past the safety issues, the said mixture will likely not work in vehicles at all, or would destroy your engine.
How would this reduce carbon emissions? You are still burning gasoline except it’s radioactive gasoline.
Well it’s serious in that I would like to know how radioactive 2 million kilograms of nuclear waste mixed into 500 billion liters of gasoline would be.
I guess it’s 4 milligrams per liter. So a grain of sand per liter. My car is in the garage with a 40 liter gas tank. So 40 gains of sand worth of nuclear waste. How dangerous is that? Is it like evacuate the neighborhood, or is it don’t plan any long road trips.
I’m not sure why you think dispersing nuclear waste into our environment instead of isolating it is a good idea.
If it’s just a thought experiment from a mathematical / chemical perspective, maybe someone else would like to take on the question and do the math.
From a sociological and logistical perspective, it’s just not gonna happen. Pretty sure people’s tolerance for radioactive materials anywhere near them is zero. There isn’t any amount of radioactivity / danger that is considered socially acceptable.
Ask Science
Oldest