A claim and "is believed" is not a fact. A fact is that many years prior introduction of that missile (no evidence of being mid-range), the US blocked all discussions about their heavy attack drones which effectively serve the same tasks as mid-range missiles. And the very ridiculous explanation about their mid-range missiles they claimed were built for training purposes, a.k.a "target-missiles". Then it came the question about MK-41 launcher of otherwise air or naval borne Tomahawks, which turned it immediately into a subject of INF (and thus forbidden). The fact that the Russians openly introduced the named missile (9M729), which nobody has seen or have proven has a range more than 500km, AND invited US to a demonstration and inspection of that missile, which US declined, because of course they had other plans ongoing and have already stated they want to leave INF.
More can be added, but please stand the high-ground of a real research on that topic, before repeating the hollow US narrative. A dangerous one as always.
There's more interesting stuff on Wikipedia; this gives the impression that both Russia and USA wanted to exit the treaty because China wasn't bound by it or any similar treaty and thus has been stockpiling exactly these kind of missiles for a long time now, so the treaty puts both Russia and USA at a disadvantage. Then follows some theatrics where Russia and USA point finger at each other while never talking about their true motivation.
Well, that may be true. I've heard that when a dog sees its master loving it, feeding it, caring for it (minus the vet visits, I guess), the dog thinks "My master must be god." When the cat sees its humans treating it well, the cat thinks "I must be god."
As one that have been quite certain my toaster is evil - throwing toast into the sink over an absurd distance, I recommend treating your toaster well. Besides it is an electrical device you put stuff into with your bare hands.
If we define a god as having magical powers, and there would be scientific, testable proofs for this. Those proofs had to be really good and numerous independent verifications. So probably a long time.
But the comparison isn't fair, relevant. Proving and accepting that gods exist is not the same thing as an AI possible have consciousness. That is not a magic superpower and the AI being a deity. It is placing the AI in the same category as... us.
A machine that performs observable miracles or magic would have at least one of the attributes of a god.
A machine that performs actions that mimic emotionality is not the same as a machine that experiences emotions.
Both could still be automatons. We have no way of knowing if those machines have subjectivity.
Unless someone invents a consciousness measurement device, we never will.
My take on it is that this is the next big frontier for science. Our consciousness is clearly having serious issues understanding physics, and it's not great at understanding our own psychology in a useful way.
But literally everything we experience and believe - and possibly even can experience - is filtered through it.
So that is a little bit of a problem for our science. So far we've done our best to ignore it. AI is one of a number reasons we're going to have to stop doing that.
There is an important distinction (more than one, but this is what is relevant here) between the powers of God and magic. God is a being who decides whether to do anything, so is intrinsically not testable.
That a god exists outside of the universe - are we talking about a multi universe interpretation? My understanding is that many of the gods humans have invented are really thought to be within the universe, at least temporarily. Tor, Oden certainly are. And in other beliefs they are part of nature itself.
The comment you're replying to confuses "Abrahamic God" for "God", and with an implied omnipotence which many religions may not imbue on their figures of worship. American bias, I assume.
The biggest group of people that believe in any God believe in an Abrahamic. The next biggest group are pantheists which is a different concept of God but still distinct from magic.
Man: “We measure that the mountain is gone, its mass-loss has measurably changed Earth’s orbit, weather patterns have changed, visually it’s not there anymore, we can walk though the space where it used to be.”
God: “Where is the mass of the mountain, and how did I make it disappear?”
Man: “God only knows! Pardon me; If I saw you do magic and can measure and test it, then that means it wasn’t magic. Internet people said so.”
God: “that doesn’t sound like a satisfying explanation”
Man: “it didn’t sound like a satisfying claim when it was just words on the internet either, but what can you do?”
God: “I’m God I can do anything”
Man: “can you make a boulder so heavy you can’t lift it?”
God: “yes”
Man: “how?”
God: “haven’t we just gone over showing you that I can do ‘impossible’ things, and you seeing them happen with your own eyes, and still refusing to accept?”
Any documented examples of these disappearing mountains?
We do have examples of billions upon billions of tonnes of iron being moved that have altered (slightly) the spin axis, also examples of ground water pumping at scales that have done the same .. but I'm unaware of any mountain sized objects that have vanished overnight.
No, none. The point is not to claim that magic exists, but to to show the illogic in the claim “if magic exists then that makes it science”.
“Nothing happens unless it has an explanation within the laws of physics” is an assumption; if it was broken then it would be broken. The mountain would be inexplicably gone, not explicably gone.
I think what the comment tries to express is the well-trodden "if we can control magic then that makes it science", while the original conversation really was "what if God controls magic".
In that hypothetical, there could be testable proof of "a magic event occurred" without magic becoming part of science.
Sure, and I appreciate the science behind your blank nom de guerre.
That said, in the cut and thrust of conversation and or debate the example by dialogue isn't perhaps as clear cut a device as it may have seemed from your keyboard.
If a deity appears and by hand waving divide the red sea we could measure, observe it happen. And we can test, observe what fields, forces being used. But how the heck she project these forces may take a while to understand - be magical.
But my argument was more about comparing gods to AIs, that it is an incorrect comparison. What AI perform are not magical, and we can always figure out what the AI do.
No, very much no. If store now decrypt later is the problem, then we basically have no problem (Just like what Peter Gutmann argues [2]). The vast, basically all communication over for example TLS need confidentiality in minutes, hours. Not 30-100 years. My bank statement right now, the plans we discuss for the project next year etc.
But what is very important crucial, what makes our digital world including secure communication, web commerce possible is the web of trust - identification and authentication. I'd claim that the important part of TLS including certs is this part. We could by and large not need the confidentiality. But since it costs so comparatively little we can just as well always encrypt too.
You seem to think that changing a certificate is something we can fix in minutes. Globally. The reality is far from that. Esp in things that are not just your browser. Things like network equipment, FW for basically every embedded system, cars, busses. And crucially for critical entities.
These things have long lifespans (decades), often need manual intervention to change certificates (connect a JTAG, serial intercace), possible even replacement. But replacing root certs in all our normal devices - phones, laptops etc are also far from easy and done in minutes. Then you have all digital identification solutions - from ID cards, car fobs, 2FA tokens, passports, credit cards. You may have to replace millions of physical things, even distribute to whole populations.
And back to the web. If we can crack an RSA-2048 key in 24 hours (which is the measure used when guessing we have QC capable enough [1]). We really don't have that many CAs. The times they have had problems have caused problems that have taken days, weeks to trickle down. Having CA issue new rootcerts several times a day isn't viable. So I'd wager that transitioning to PQC safe certificates, authentication isn't something we can wait with. It will take years and huge efforts - not minutes and when the problem hits us.
If you look at time plans for transitioning to PQC from CNSA, EU, UK and others, the area they all list as most critical to complete transition as soon as possible for is SW, FW-signing for infrastructure, embedded systems [1].
So, in reality unless you have a legal responsibility for keeping state secrets then store now, decrypt later is not really your main reason for PQC transitioning. Authentication very much is. Unfortunately most cryptographers by large seems to miss this. And people in uniform have a large saying, influence in the debate. My guess is that this is because gov to a large degree finance a lot of the QC research and they have a different threat model that most of the world. But that is just my guess.
As Gutmann argues, we don't even really know that there even is a viable store now, decrypt later threat. Unless you can pinpoint the exact TLS session that is interesting, you can't store or decrypt all traffic that may be the interesting ones (if we assume that the cost of breaking a single RSA is not zero and takes minutes, seconds. Not 24 hours). And if indeed if TLS and normal key exchange mechanisms, are really used for those juicy messages.
The open source project I'm working on aims to authenticate artifact downloads (project name is asfaload, in short it is a sigstore alternative).
My understanding is that in a post-quantum world, the private key can be derived from an ed25519 pub key. That means that an attacker can generate new signatures. But I don't think an attacker would be able to generate a malicious artifact that matches an existing signature. It would seem that once we are nearing PQC, Asfaload would need to support PQC signatures, and its uses would need to migrate to new keys, but that existing signatures would still be safe to use for validation. Is that right?
That is how I understand it yes. I can create a new FW and sign it with the vendors key I cracked and it will be trusted to come from the vendor. But generating a malicious FW that has the same signature is still a hash collision problem.
Sigh, that argument again. I may have used the wrong example, sorry.
How about the current temperature in my bedroom? The battery status of my robomower, Or the vat/tax and total sum I paid at a cash register for the Plopp candy bar earlier today? I could share all this with you if you want.
Depending on where you live, all these systems may, quite possibly talk over TLS and other protocols that include encryption. In some cases unfortunately encryption is the only security mechanism used, when instead device identity, authentication and message authentication is needed. And all are examples where the secrecy requirement is zero or zero after a very short time.
I did not know about Ternary Decision Diagrams, sorry for the name clash. I had a look. You can always reencode Ternary Decision Diagrams into Binary ones by just encoding variable x with two bits x^1 and x^2, so Ordered Ternary Decision Diagrams are the same (modulo encoding) as OBDD, hence less succinct that our Tree Decision Diagrams. If you consider Read-Once Ternary Decision Diagrams, then you get something roughly equivalent to FBDD (modulo encoding). So this is incomparable with our TreeDD (that is, some functions are easy for TreeDD and hard for RO-TernaryDD like a low treewidth/high pathwidth CNF formula and some functions are easy for RO-TernaryDD and hard for TreeDD ; take anything separating FBDD from OBDD for example).
Everything. They have done for decades, and will do for decades. And what IBM focus on is probably worth looking into.
IBM (imho) is in the absolute frontline in quantum computers. One could argue if the number of startups in QC means that there is an actual market or not. Companies that lives on VC or the valuation of their stock.
But IBM is not showy, not on the front pages, does not live on VC or stock valuation. IBM makes tons of money decade after decade from customers that are also not showy but makes tons of money. Banks, financial institutions, energy, logistics, health care etc etc. If IBM thinks these companies will benefit from using QC from IBM (and pay tons of money for it), there is quite probably some truth in QC becoming useful in the near future. Years rather than decades.
IBM have run the numbers and have decided that spending the money for engineering, research required is outweighs the money possible to earn on QC services. QCs powerful enough to run the QC-supported algorithms these companies need to make more tons of money. And it's probably not breaking RSA or ECC.
Evidence for this is in the number of articles that talk about simulated annealing/quantum annealing (or other optimization problems) w/r/t QC rather than crypto. Sure attention seeking headlines always focus on prime factoring, and the security aspect has a lot more enthusiast interest, but when you look past that into deeper stuff, a lot of the focus is on the optimization.
And many industries can dramatically benefit from better optimization - think about how many companies are at their core bin-packers or traveling salesmen.... off the top of my head anything in logistics, airlines, many aspects of the energy sector, and on and on.
The flash is in reading secrets, the money is in quantum annealing.
The question for me is, where do I catch, describe the physical reality the model describes? A simulation model can be very elegant. But does it represent how physical things really behave? Can we even expect to do that at RTL, or further down the design flow? As the name suggest, we are talking about transferring data between registers. In the RTL that is what I can expect to describe.
At the end of the day, what I write will become an electrical circuit - in a FPGA or an ASIC (or both), having the complex exact modelling with wire delays, capacitance, cross talk, cell behavior too early makes it impossibly to simulate fast enough to iterate. So then we need to have a more idealized world, but keeping in mind that (1) it is an idealized world and (2) sooner or later the model will be the rubber on the road.
To me, Verilog and SystemVerilog allow me to do this efficiently. Warts and all.
Oh, and also, where in my toolchain is my VHDL model translated/transformed into Verilog? How good is that translation? How much does the dual licensing cost.
Things like mixed language simulation, formal verification between a verilog netlist and RTL in Verilog, mapping to cell libraries in Verilog. Integration of IP cores written in SystemVerilog with your model?
Are the tools for VHDL as well tested as with code in Verilog? How big is the VHDL team at the tool vendor, library vendor, IP vendor, fab vendor compared to the Verilog, SV team? Can I expect the same support as a VHDL user as for Verilog? How much money does a vendor earn from VHDL customers compared to Verilog, SV? How easy is it to find employees with VHDL experience?
VHDL may be a very nice language for simulation. But the engineering, business side is messy. And dev time, money can't be ignored. Getting things as fast and cheap as possibly still meeting a lot of functional, business requirements is what we as engineers are responsible for. Does VHDL make that easier or not?
> where in my toolchain is my VHDL model translated/transformed into Verilog?
It's not? Why would it?
As much as I like Verilog, VHDL is a first class RTL language just like Verilog. I've done plenty of chips that contain both VHDL and Verilog. They both translate directly to gate level.
These days, most EDA tools use Verific parser and elaborator front-ends. The specific tool magic happens after that and that API is language agnostic.
> How easy is it to find employees with VHDL experience?
On the East Coast and in Europe: much easier than finding employees with Verilog experience. (At least that was the case 20 years ago, I have no clue how it is today.)
One thing that has changed a lot is that SystemVerilog is now the general language of choice for verification, which helps give (System)Verilog an edge for RTL design too.
Involved in FPGA and ASIC projects since 1997. Predominantly in Europe, nowadays more Asia and some in the US. Since ~2010 I have only seen VHDL in small chops targeting only FPGAs, and in government-heavy projects like defence and space. Nowadays these are also by and large SV. The ratio is something like one in VHDL for 20 Verilog, SV projects. They teach VHDL at universities, and then ppl get to experience SV as soon as they enter the market.
Typical issues are still as given before. Many small IP vendors, esp for communication, networking are using and understand, support only SV. I agree on SV for verification is a big driver.
the geographic constraint is probably the real answer to "which is better" for most people. you learn what your team uses, what your local jobs demand. theoretical elegance matters less than "can i get hired next month"
Over the years I have run Altera, Lattice, and Xilinx... and almost all reasonably complex projects were always done in Verilog. If I recall Xilinx fully integrated its Synopsys export workflow a few years back, but not sure where that went after the mergers.
I've for a long time visioned AGI as something emergent from advertising agents competing about trying to extract as much "money" from the resource called "humans" as possible. Luring, coercing the resource by feeding it info, forcing it to follow instructions, threatening it, stealing info etc. The agent doesn't need to understand what money is, what a human is or that there really is a physical world.
The Dark Forest idea and the original post resonates well with this.
I few days ago I created a new repo for a new block cipher explicitly not to be used. And directly got several mails from bots promising that they (claiming to be humans) had looked at my repo and they could include it into their portfolio of especially good projects they also had vetted. Being part of this portfolio would almost guarantee that my repo and project would be used. If I only paid them some money first.
Creating the public repo meant sending a signal out into the digital world where agents are hunting for the human prey/resorce to extract value from.
reply