No, if the ISP is doing MITM, they won't be MITM all those 50 too. So all you have to do is check those cert fingerprints to check the first connect for them.
Or they don't even care to listen.
Oh, and one CA is compromised then all HTTPS sites are compromised, not just those the CA is payed to sign, I'll let you ponder that one.
convergence/perspectives use multiple servers around the internet called notaries, when you connect to a site you also connect to these notaries and ask what they see for the site (this is in perspectives mode, notaries can do other things in convergence), now if they don't match with what you got then either you or they are being MITM attacked and therefore the connection is dropped with an error (in convergence the user can control just how much of a match is needed, 1, majority, consensus). The idea is that the attacker would have to MITM you and the notary (depending on match mode, 1 or more of them) at the same time. Not easy especially with multiple notaries placed around the world.
Multiple path is done over SSL with certs to match against pinned in the browser. This is more a trust on first use, as is an exception for self signed. The only possible compromise time with this is that first connection to the notary (server for doing validation) or the self signed server.
yes and no, no predictably different it will be within the variance of the random number generator, XOR stream encryption with a truly random pad is provably secure and this is one of the reasons.
well, I hope the Pakistan military isn't connected to the internet then. On another note I actually hope it is and I'm no-longer having any dealings in Pakistan if I can avoid it.
well, technically, they are making a client to do just that, in practice they are making it for android tablets specifically along with ipad client. Add to that the UK release next month and I guess they are already quite busy.
Adding a bonus item as some kind of promotion is fine, although most shops would just tape it to the box, or have the checkout staff hand it over when putting it through. No need to open the packaging, here they are removing an item. Best to ban selling of items in a different condition to how it comes from the manufacturer then one wouldn't need separate laws for things like if selling food or medicine and I opened the boxes and added say cyanide.
That's because the courts (IIRC in several separate countries) banned the by opening the shrink wrap you agree to the EULA you can't have read yet quite a few years ago. Some of the early ones were that bad. It's also why one has phrases like "except where permitted by local laws" dotted throughout such text.
The PC Retail version is activated against a steam account just as if one went and bought half-life 2, counterstrike source, portal, cod: mw2... in a shop. So, all they've done is limited the use of one of 2 digital distribution methods included. This also begs the question though, why don't they give onlive codes to those of us who bought it on steam directly, or steam codes to those that bought it on onlive directly?
Well the square enix news release here: http://release.square-enix.com/na/2011/08/23_02.html mentions the free onlive coupons and I quote "Purchasers of the PC retail packaged version of DEUS EX: HUMAN REVOLUTION will be entitled to a free OnLive digital copy of the game..."
OnLive allows one to stream and play a game running on there servers. This way you don't need high powered hardware and can play on virtually any device (as long s there is a client).
Slashdot Mirror
EFF's SSL Observatory already has spiders crawling and collecting SSL certs.
No, if the ISP is doing MITM, they won't be MITM all those 50 too. So all you have to do is check those cert fingerprints to check the first connect for them.
Or they don't even care to listen. Oh, and one CA is compromised then all HTTPS sites are compromised, not just those the CA is payed to sign, I'll let you ponder that one.
convergence/perspectives use multiple servers around the internet called notaries, when you connect to a site you also connect to these notaries and ask what they see for the site (this is in perspectives mode, notaries can do other things in convergence), now if they don't match with what you got then either you or they are being MITM attacked and therefore the connection is dropped with an error (in convergence the user can control just how much of a match is needed, 1, majority, consensus). The idea is that the attacker would have to MITM you and the notary (depending on match mode, 1 or more of them) at the same time. Not easy especially with multiple notaries placed around the world.
Multiple path is done over SSL with certs to match against pinned in the browser. This is more a trust on first use, as is an exception for self signed. The only possible compromise time with this is that first connection to the notary (server for doing validation) or the self signed server.
I point out that Comodo are compromised twice recently, and not revoked by any browser. As Moxie pointed out in his blackhat talk.
yes, you could construct a pad to get any message you want out of it easy enough.
yes and no, no predictably different it will be within the variance of the random number generator, XOR stream encryption with a truly random pad is provably secure and this is one of the reasons.
no, that only works with a pseudo random number generator. Not a true random number generator.
please distinguish a truly random one time truly pad (XOR stream encryption) with just the data from the random number generator alone.
well, I hope the Pakistan military isn't connected to the internet then. On another note I actually hope it is and I'm no-longer having any dealings in Pakistan if I can avoid it.
Yes, I never said they didn't. But like iron man, he would not even be alive without part of it. Not just a blind paraplegic.
Without the life support functions of his augmentations, he wouldn't have woken up at all.
well, technically, they are making a client to do just that, in practice they are making it for android tablets specifically along with ipad client. Add to that the UK release next month and I guess they are already quite busy.
It was promised on Square Enix' press release on their website.
no, but it does say it clearly on some other advertising material like the press release for the games release on the square enix website.
Adding a bonus item as some kind of promotion is fine, although most shops would just tape it to the box, or have the checkout staff hand it over when putting it through. No need to open the packaging, here they are removing an item. Best to ban selling of items in a different condition to how it comes from the manufacturer then one wouldn't need separate laws for things like if selling food or medicine and I opened the boxes and added say cyanide.
Or the disc itself
Square Enix should have printed the code on the manuals!
That's because the courts (IIRC in several separate countries) banned the by opening the shrink wrap you agree to the EULA you can't have read yet quite a few years ago. Some of the early ones were that bad. It's also why one has phrases like "except where permitted by local laws" dotted throughout such text.
Well, not necessarily, pro-bono or cheap for someone like the EFF on a nice high profile case is a great way to increase ones own profile.
The PC Retail version is activated against a steam account just as if one went and bought half-life 2, counterstrike source, portal, cod: mw2... in a shop. So, all they've done is limited the use of one of 2 digital distribution methods included. This also begs the question though, why don't they give onlive codes to those of us who bought it on steam directly, or steam codes to those that bought it on onlive directly?
Well the square enix news release here: http://release.square-enix.com/na/2011/08/23_02.html mentions the free onlive coupons and I quote "Purchasers of the PC retail packaged version of DEUS EX: HUMAN REVOLUTION will be entitled to a free OnLive digital copy of the game..."
I think that's against the EULA, they are contracted to sell licenses of the game as specified by the publisher.
OnLive allows one to stream and play a game running on there servers. This way you don't need high powered hardware and can play on virtually any device (as long s there is a client).