Music file corruption without a change in checksum

[Paul R]

Talk about bizarre, you know nothing about software development. Assembler? Low-level code? For what? Insertion into a Voyager probe? No - Voyager has left the planet, never to return. From your first replies to me you've made snide remarks about things you have little or no knowledge of. Now when you get back on topic, I will resume informing readers here, and hopefully not have to respond to this "stuff". BTW, yes the music players are using a lot of compounded code that's built up in complexity over the years, which is exactly their problem. While VB etc. do use lots of O/S services, intelligent developers know how to eliminate or minimize exposure to things that cause problems. My suggestions aren't directed to telling developers to switch from high-level code to lower level code - my intent is merely to inform about the issues.

 

I have more than 35 years of experience as a Software and Systems Engineer, and am quickly forming the opinion that you do not know much about software development, compiler construction and development, or indeed what constitutes high level vs low level coding.

 

Intelligent developers, if they wish to write programs where speed or access to low level services is an overriding requirement, use an appropriate tool. Often that tool is assembler. And yes, a good example of that would be space rated processors and data buss coding. An even better example are the millions of different terrestrial devices running critical systems.

 

The example I gave you about an IV stick sending out SPAM is real. And it was running an outdated copy of Microsoft XP embedded. The software was written in C however, which is a far lower level language than any version of VB.

 

In regard to music players, the "intelligent" developers taking advantage of undocumented behaviors are the same developers who cry foul when an OS update breaks their code. That's purely dumb from more than one level - more than a "developer" not testing their code until GA is out, but also thinking they are "outsmarting" the world by using these undocumented "features." Oh horrors! Apple charges $99 a year for a developer to get both support and access to pre-release software. Microsoft doesn't charge anything anymore, I think.

 

Far better to write the GUI part in a high level language like VB, and link in time critical or otherwise special code written in a language that doesn't need to take advantage of errors or bad programming practices in a compiler.

 

On topic, it is just this kind of misinformed arrogance that audiophiles, particularly computer audiophiles, seem to be confronted with time and time again these days. Of course everyone knows that to have a really good music server, you have to get rid of the computer... and other nonsensical related things.

 

 

-Paul

[dalethorn]

"I can't be a racist because some of my friends are black/Jewish/whatever."

 

"I can't be a racist because I'm black/Jewish/whatever."

 

Yay, more ad hominem.

 

I'm not a racist because I'm not. But you do have a serious paranoia problem. I can't help you with that problem BTW.

[dalethorn]

I have more than 35 years of experience as a Software and Systems Engineer, and am quickly forming the opinion that you do not know much about software development, compiler construction and development, or indeed what constitutes high level vs low level coding.

 

Intelligent developers, if they wish to write programs were speed or access to low level services is an overriding requirement, use an appropriate tool, as in assembler. And yes, a good example of that would be space rated processors and data buss coding. An even better example are the millions of different devices running critical systems.

 

The example I gave you about an IV stick sending out SPAM is real. And it was running an outdated copy of Microsoft XP embedded. The software was written in C however, which is a far lower level language than any version of VB.

 

In regard to music players, the "intelligent" developers taking advantage of undocumented behaviors are the same developers who cry foul when an OS update breaks their code. That's purely dumb from more than one level - more than a "developer" not testing their code until GA is out, but also thinking they are "outsmarting" the world by using these undocumented "features." Oh horrors! Apple charges $99 a year for a developer to get both support and access to pre-release software. Microsoft doesn't charge anything anymore, I think.

 

Far better to write the GUI part in a high level language like VB, and link in time critical or otherwise special code written in a language that doesn't need to take advantage of errors or bad programming practices in a compiler.

 

On topic, it is just this kind of misinformed arrogance that audiophiles, particularly computer audiophiles, seem to be confronted with time and time again these days. Of course everyone knows that to have a really good music server, you have to get rid of the computer... and other nonsensical related things.

 

-Paul

 

Your theories here are the direct cause of failed software projects. Anyone here can look at my open source code at my website. How about you?

[mansr]

Your theories here are the direct cause of failed software projects. Anyone here can look at my open source code at my website. How about you?

 

From your website:

CCRP does not compromise security with the usual mathematical randomizations

 

That sounds like someone who doesn't understand cryptography.

[Paul R]

Your theories here are the direct cause of failed software projects. Anyone here can look at my open source code at my website. How about you?

 

Your idea and statements are pretty much pure nonsense.

 

Most of the code I have personally written is owned by the company I worked for when it was written, and the same applies to large and small software teams I have managed or worked on. (shrug)

 

I have had a lot of people like you working for me before, and often their ideas are good, when properly channeled. When not, yeah, I have seen more than one project start to fail, and had to step in and change things about.

 

Again, this is a very good analogy to what some audiophiles face these days. Oh? You don't want to accept I am THE expert on this subject based solely upon what I tell you? Then get nasty and personal and abuse the audiophile.

 

You honestly don't see the way you are behaving? Guess not - well, I just won't answer your posts anymore until you get off your hobby horse and start speaking sense.

 

-Paul

[dalethorn]

From your website:

That sounds like someone who doesn't understand cryptography.

 

It sounds that way to you because you don't know anything. My tour on Cypherpumks taught me things you'll never know. For example, Shamir breaking the 4096-bit AES with a laptop and a microphone. You're in way over your head. Stop now.

[mansr]

It sounds that way to you because you don't know anything.

 

Are you sure you don't have me confused with someone else?

[Jud]

It sounds that way to you because you don't know anything. My tour on Cypherpumks taught me things you'll never know. For example, Shamir breaking the 4096-bit AES with a laptop and a microphone. You're in way over your head. Stop now.

 

Just your last sentence - sounds like great advice.

[dalethorn]

Your idea and statements are pretty much pure nonsense.

Most of the code I have personally written is owned by the company I worked for when it was written, and the same applies to large and small software teams I have managed or worked on. (shrug) I have had a lot of people like you working for me before, and often their ideas are good, when properly channeled. When not, yeah, I have seen more than one project start to fail, and had to step in and change things about.

Again, this is a very good analogy to what some audiophiles face these days. Oh? You don't want to accept I am THE expert on this subject based solely upon what I tell you? Then get nasty and personal and abuse the audiophile.

You honestly don't see the way you are behaving? Guess not - well, I just won't answer your posts anymore until you get off your hobby horse and start speaking sense.

-Paul

 

It's you Paul. Your disrespect is exceeded by your ignorance. I can tell stories about failed software projects, caused by proud, vain people like, umm, figure it out. "Gurus" who know the buzzwords but don't walk the walk.

 

I pointed to my software because it's a perfect example of democratic action. Bringing the code to the people. Demystifying it, taking it out of the hands of the poseurs and making it available to everyone. Among the hundreds of examples are clear lessons in portability. That's democratic, not elitist.

[Jud]

It's you Paul. Your disrespect is exceeded by your ignorance. I can tell stories about failed software projects, caused by proud, vain people like, umm, figure it out. "Gurus" who know the buzzwords but don't walk the walk.

 

I pointed to my software because it's a perfect example of democratic action. Bringing the code to the people. Demystifying it, taking it out of the hands of the poseurs and making it available to everyone. Among the hundreds of examples are clear lessons in portability. That's democratic, not elitist.

 

Let us suppose for the sake of this thread that you are completely right about everything you've said. Will that be sufficient to get you to leave off and allow the rest of us to get back to chatting about audio (or even more pleasant off-topic stuff like the bad pun contest that was happening around here a while ago)? Please?

[dalethorn]

I see that we have a few long-time posters whose pride is being injured when their theories are challenged. If you can't back up your claims, then don't make yourself look foolish.

[dalethorn]

Let us suppose for the sake of this thread that you are completely right about everything you've said. Will that be sufficient to get you to leave off and allow the rest of us to get back to chatting about audio (or even more pleasant off-topic stuff like the bad pun contest that was happening around here a while ago)? Please?

 

Audio is exactly what I was discussing umtil one or more of the other guys derailed it. For example, file data corruption is easily measured and understood. CRC'd bytes are what they are. But corruption in real-time audio is different - people live with it because perfection is unattainable. Is that what you meant? That I should desist and allow just you to pontificate here?

[mansr]

Audio is exactly what I was discussing umtil one or more of the other guys derailed it. For example, file data corruption is easily measured and understood. CRC'd bytes are what they are. But corruption in real-time audio is different - people live with it because perfection is unattainable. Is that what you meant? That I should desist and allow just you to pontificate here?

 

Can you back up that claim?

[dalethorn]

Can you back up that claim?

 

Yes. Perfection is unattainable. Except in theory. 12 inches is defined scientifically, but never measured exactly on real-world objects. The cesium beam is exact if you accept the definition, but the brick and mortar being measured is not. In audio, the DAC syncs the bits, almost perfectly in some cases, but the real-time music player buffers are limited, and non-music data still creeps along the wires. Maybe when the data is on light beams end-to-end, and corrected in real time more or less, then we'll be closer to perfection. But for now, the sound is veiled, albeit many self-described audiophiles say they can't hear it. Of course they can't - it's veiled.

[Paul R]

Can you back up that claim?

 

I think this is the guy that published some rather clever encryption scheme back in the mid 1990s. if memory serves, it was based upon randomizing a table and not using clever mathematics, like for example, RSA. I remember reading it in some magazine from the time, vaguely remember it being associated with phone hacking, back when there still such things as payphone. RSA was clearly superior for what I was looking at it for at the time.

 

RSA 1024bit encryption has probably been factored by now, but so far as I know, 2048bit is still beyond any reasonable effort right. (Just factoring the 768 bits took two real-time years.) I don't remember how many years of computer time, but it took a bunch, and that was circa 2010. While RSA encryption has several attack vectors, I do not think the table based encryption he proposed has ever caught on or been publicly subjected to a really rigorous attempt to break it. (shrug)

 

On the other hand, if we are back to mysterious fairy dust "between the bytes" - I don't really buy it at all. Media corruption, yes. Undetectable data corruption? No.

 

-Paul

[dalethorn]

I think this is the guy that published some rather clever encryption scheme back in the mid 1990s. if memory serves, it was based upon randomizing a table and not using clever mathematics, like for example, RSA. I remember reading it in some magazine from the time, vaguely remember it being associated with phone hacking, back when there still such things as payphone. RSA was clearly superior for what I was looking at it for at the time.

 

RSA 1024bit encryption has probably been factored by now, but so far as I know, 2048bit is still beyond any reasonable effort right. (Just factoring the 768 bits took two real-time years.) I don't remember how many years of computer time, but it took a bunch, and that was circa 2010. While RSA encryption has several attack vectors, I do not think the table based encryption he proposed has ever caught on or been publicly subjected to a really rigorous attempt to break it. (shrug)

 

On the other hand, if we are back to mysterious fairy dust "between the bytes" - I don't really buy it at all. Media corruption, yes. Undetectable data corruption? No.

 

-Paul

 

I try to make this simple, but the disinformation continues. Get a clue: Shamir broke that mega-secure encryption with a laptop and mic. My proposal (which has survived two chosen plaintext attacks with real money offered) is to shift the randomizing away from the algorithm to a large extent and put it into the user's hands. Simple enough? Know anyone who wants to mount an attack with a significant reward?

[dalethorn]

One more on encryption: The "experts" will dazzle you with their claims of "virtually unbreakable" schemes etc. yadda yadda. But think about those "unbreakable" diplomatic cables of 30 years ago - do you think they're still unbreakable? If the gurus aren't lying, they should give you an honest assessment of how long your secrets are good for. Probably not as long as they say. I do something different.

[Jud]

That I should desist and allow just you to pontificate here?

 

Oh no, please do pontificate yourself - it's so fascinating.

 

Sufficiently fascinating that I'm going to welcome you as only the third person in the entire world on my very exclusive ignore list.

[dalethorn]

Oh no, please do pontificate yourself - it's so fascinating.

Sufficiently fascinating that I'm going to welcome you as only the third person in the entire world on my very exclusive ignore list.

 

My wife read it and summarized it thusly: "Dale, you walked into a buddies discussion and you weren't a buddy."

[dalethorn]

Given the subtle animosity here, I'd like to introduce myself. I've done 150 headphone reviews now, at my own expense without monetizing any of it. I've followed up on all of those on the different sites, answering questions, doing additional research et al. My goal is to be able to put each new headphone into a proper high fidelity perspective against all of the others, so readers will have a fairly accurate reading of at least the headphone's general signature. I consider myself more the servant of the budget-conscious audiophile than any sort of master or guru.

[mansr]

Given the subtle animosity here, I'd like to introduce myself. I've done 150 headphone reviews now, at my own expense without monetizing any of it. I've followed up on all of those on the different sites, answering questions, doing additional research et al. My goal is to be able to put each new headphone into a proper high fidelity perspective against all of the others, so readers will have a fairly accurate reading of at least the headphone's general signature. I consider myself more the servant of the budget-conscious audiophile than any sort of master or guru.

 

Maybe if you stuck to reviewing headphones, rather than insulting others and spouting nonsense about things you clearly don't understand, you'd be met with a little more respect.

[dalethorn]

Maybe if you stuck to reviewing headphones, rather than insulting others and spouting nonsense about things you clearly don't understand, you'd be met with a little more respect.

 

Personal attack - the desperation of the person who has nothing to say so he attacks. That's you, and I'm the guy I described. Deal with it.

[Paul R]

Whoops

 

-Paul

[wgscott]

My checksum threads really always do bring out the very best in everyone.

[dalethorn]

My checksum threads really always do bring out the very best in everyone.

 

One post is missing - disappeared after I got the email. I'll address it since others no doubt read it too. Shamir didn't factor anything - he broke the govt.'s strongest encryption with a laptop, sound card, and an analog microphone. Such things are possible because of the inherent nature of encryption. That's why banks and other sites have to pay attention to the *implementation*, so they don't get stung by things like Differential Fault Analysis, or by Shamir's latest brainchild.

 

BTW, he didn't break just one message or transaction - he was able to grab the passcodes so he could access the day's cache.

 

BTW #2 - my own code has to implement a form of transaction serializing, to guard against clever plaintext or ciphertext attacks. That's something every installation has to deal with.