Mod parent up! Given that Labour are supposed to be left-wing and for the people while the Conservatives (Tories) are supposed to be the right-wing, it's rather worrying that the right-wing is the one standing up for civil liberties and common sense.
Having said that, I wouldn't be surprised if it was just a "Labour suggested it so we must complain about it" stance as much as anything.
And 100 points to the first person who actually bricks it (i.e. makes it completely and irretrievably unusable), rather than just temporarily disabling it until the next update.
No, he should say "this is a problem, but because of measures we've put in to our systems then our signing process helps alleviate it because our name servers cannot be compromised and anyone using the poisoned domain won't have the correct certificate", which is closer to the truth while still admitting it is a problem and while getting the sales pitch in there.
I definitely think Verisign's comments make the situation worse by making people feel easy about quite a major potential problem.
He believed there had been "some hype" around how the DNS flaw will affect consumers. He added that while it was an interesting way to exploit DNS on weak servers, there were other ways to misdirect people that remained.
Yes, there are ways to redirect people, mainly relying on misdirection or typos. DNS poisoning does it without necessarily revealing itself (depending on what the users are using it for and how diligent their checks are).
Verisign's two root servers may be protected against poisoning, but that doesn't mean that the rest of the Internet and everyone else's ISPs are protected. Calling it "hype" is a bit like saying that the fire alarm is "hype" just because you're in a fire-proof location while the millions of other people in the building slowly burn.
And on top of that the bad guy can also say "oh, and by the way, you might end up looking at these other subdomains of that same domain, so to save you the look-up, here's the extra data".
There used to be a flaw in there that you could send any information in there (so you could respond for example.com and say "oh, and by the way, google.com resolves to [my evil IP address]") but most of those exploits got cleared up. The latest one is believed to take advantage of the fact that subdomains can feed data for main domains.
Paying for my credit card? No I'm not. Not even in interest, since I pay it off every time. If I had to pay for the thing I'd never have one. Who wants to be charged as well as having an interest rate?
Stores probably would prefer debit over credit in terms of direct access to your money and no easy contesting of charges, and they probably do get charged differently, but I've still never had anyone ask about credit or debit in any store.
Exactly what I was thinking - I was sure I'd had a Visa debit card for at least a few years and a Visa credit card for even longer (because I think I had Switch before my debit card became Visa). Unless I was imagining all of these purchase I made over the past few years on the two cards.
But that's why I said "Visa do both and don't make too much differentiation".
Lets see, Sun's list includes Linux, Solaris and Windows as official downloads. Mono has Linux (albeit distro-specific versions on the site), Solaris, Windows and Mac OS X. Mono also has an unofficial *BSD port, while Java has unofficial ports for Mac OS X (or at least "not listed by Sun but listed by Mac, and a bit behind") and BSD. I'd say that's pretty even.
As for build-once, run-anywhere, yes it is but you end up with either an ugly old and clunky GUI (AWT/Swing) or you end up with OS dependencies (SWT). System.Windows.Forms isn't fantastic on other OSes, but at least it doesn't stand out in a terrible way, just in a neutral way.
There's a difference? In the UK we just insert the card and type our PIN. Before that we handed over our card, signed the receipt and watched as the cashier didn't compare signatures. No-one seems to care between credit and debit because Visa do both and don't make too much differentiation.
Given the amount of OSes that Mono is available on, would that be two universal runtime environments with true cross-platform deployment - Mono/.Net and Java?
TBH I always get the impression that.Net is more platform independant. SWT and Eclipse need OS specific libraries and you can't export an Eclipse app to run on any OS..Net has been (in my experience) build once, run anywhere (unless you purposefully do something OS specific like P/Invoke).
I use.Net and in some situations I prefer it over Java. I use Linux as well. I severely doubt I'll be using Silverlight any time soon, though, as I try to avoid using Flash where possible.
The only reasons.Net exists are because Microsoft needed an up-to-date language for developers who use Visual Studio, because Java was old and someone needed to give it a clean start, because Java takes a slightly different approach to C++ in some places (so C# can get migrating C++ developers) and because they wanted a real "write lots of languages to a single base and port anywhere" language.
So instead of beer they're going for personal sexual gratification?
21. toss off, a. to accomplish quickly or easily. b. to consume rapidly, esp. to drink something up in one swallow: He tossed off a cocktail before dinner. c. British Slang. to masturbate.
(http://dictionary.reference.com/browse/toss)
Given that most complaining parents are quite happy for violence but not sexual content (e.g. no "soul-corrupting nipples" or it's an 18, but major violence only needs a 15) how can they remove alcohol and replace it with sex?
I'd be surprised if the Army and Marines didn't let you drink. After all, what group of squadies is complete without some big drinking sessions? I just hope for the sake of the Americans that they don't make them drink American beer. If they're posted in Germany (or even Europe) at least let them drink some proper stuff!
Not so much a retraction, more a correction. The company were still a victim of the cache poisoning, it has just been made clear that they were a victim along with everyone else in Austin.
Which was kind of my point - if there was a misunderstanding as to where the problem occurred and what its cause might be then checking the database for errors there might be entirely understandable.
In general you should have an expectation that a host won't read your data unless you request them to or unless they need to for legal reasons. Asking for support and having them accidentally look at the wrong data if there was a misunderstanding is just one of the potential problems of having someone else manage your server.
But surely by saying "I have a problem with this box and you do some of the management, please investigate to fix it" then you're giving permission? Okay, so in this situation they were looking in the wrong place, but the summary implies it was a misunderstanding as to what issue the poster wanted fixing, rather than malicious or other intent.
When I read the headline I thought they meant Dell was re-branding it and removing the orange/brown!
On a slightly more serious note, it's good to see that they're doing what the consumer needs and making things like MP3/DVD playback easier. Yes, it might upset some purists, but they can just buy the machine and wipe back to a default, or go for a machine from another company that can't afford to bundle the codecs.
I still use one by choice - I use Sky (although I hadn't realised they were one of the "big six" as I thought their broadband arm wouldn't have had the up-take of their TV).
Well, I say "choice". It was a choice of four fuzzy channels or get everything from Sky (TV, phone and Internet) for £1 per month more than we were previously getting just the Internet access for.
Slashdot Mirror
Mod parent up! Given that Labour are supposed to be left-wing and for the people while the Conservatives (Tories) are supposed to be the right-wing, it's rather worrying that the right-wing is the one standing up for civil liberties and common sense.
Having said that, I wouldn't be surprised if it was just a "Labour suggested it so we must complain about it" stance as much as anything.
And 100 points to the first person who actually bricks it (i.e. makes it completely and irretrievably unusable), rather than just temporarily disabling it until the next update.
No, he should say "this is a problem, but because of measures we've put in to our systems then our signing process helps alleviate it because our name servers cannot be compromised and anyone using the poisoned domain won't have the correct certificate", which is closer to the truth while still admitting it is a problem and while getting the sales pitch in there.
I definitely think Verisign's comments make the situation worse by making people feel easy about quite a major potential problem.
Yes, there are ways to redirect people, mainly relying on misdirection or typos. DNS poisoning does it without necessarily revealing itself (depending on what the users are using it for and how diligent their checks are).
Verisign's two root servers may be protected against poisoning, but that doesn't mean that the rest of the Internet and everyone else's ISPs are protected. Calling it "hype" is a bit like saying that the fire alarm is "hype" just because you're in a fire-proof location while the millions of other people in the building slowly burn.
And on top of that the bad guy can also say "oh, and by the way, you might end up looking at these other subdomains of that same domain, so to save you the look-up, here's the extra data".
There used to be a flaw in there that you could send any information in there (so you could respond for example.com and say "oh, and by the way, google.com resolves to [my evil IP address]") but most of those exploits got cleared up. The latest one is believed to take advantage of the fact that subdomains can feed data for main domains.
Paying for my credit card? No I'm not. Not even in interest, since I pay it off every time. If I had to pay for the thing I'd never have one. Who wants to be charged as well as having an interest rate?
Stores probably would prefer debit over credit in terms of direct access to your money and no easy contesting of charges, and they probably do get charged differently, but I've still never had anyone ask about credit or debit in any store.
Exactly what I was thinking - I was sure I'd had a Visa debit card for at least a few years and a Visa credit card for even longer (because I think I had Switch before my debit card became Visa). Unless I was imagining all of these purchase I made over the past few years on the two cards.
But that's why I said "Visa do both and don't make too much differentiation".
Lets see, Sun's list includes Linux, Solaris and Windows as official downloads. Mono has Linux (albeit distro-specific versions on the site), Solaris, Windows and Mac OS X. Mono also has an unofficial *BSD port, while Java has unofficial ports for Mac OS X (or at least "not listed by Sun but listed by Mac, and a bit behind") and BSD. I'd say that's pretty even.
As for build-once, run-anywhere, yes it is but you end up with either an ugly old and clunky GUI (AWT/Swing) or you end up with OS dependencies (SWT). System.Windows.Forms isn't fantastic on other OSes, but at least it doesn't stand out in a terrible way, just in a neutral way.
There's a difference? In the UK we just insert the card and type our PIN. Before that we handed over our card, signed the receipt and watched as the cashier didn't compare signatures. No-one seems to care between credit and debit because Visa do both and don't make too much differentiation.
Given the amount of OSes that Mono is available on, would that be two universal runtime environments with true cross-platform deployment - Mono/.Net and Java?
TBH I always get the impression that .Net is more platform independant. SWT and Eclipse need OS specific libraries and you can't export an Eclipse app to run on any OS. .Net has been (in my experience) build once, run anywhere (unless you purposefully do something OS specific like P/Invoke).
Because Wine lets people play games, while Mono is a programming framework. Anything software related from Microsoft has to be instantly hated ;)
I use .Net and in some situations I prefer it over Java. I use Linux as well. I severely doubt I'll be using Silverlight any time soon, though, as I try to avoid using Flash where possible.
The only reasons .Net exists are because Microsoft needed an up-to-date language for developers who use Visual Studio, because Java was old and someone needed to give it a clean start, because Java takes a slightly different approach to C++ in some places (so C# can get migrating C++ developers) and because they wanted a real "write lots of languages to a single base and port anywhere" language.
So instead of beer they're going for personal sexual gratification?
(http://dictionary.reference.com/browse/toss)
Given that most complaining parents are quite happy for violence but not sexual content (e.g. no "soul-corrupting nipples" or it's an 18, but major violence only needs a 15) how can they remove alcohol and replace it with sex?
I'd be surprised if the Army and Marines didn't let you drink. After all, what group of squadies is complete without some big drinking sessions? I just hope for the sake of the Americans that they don't make them drink American beer. If they're posted in Germany (or even Europe) at least let them drink some proper stuff!
Then they'll just do it on the US base and claim it as US soil, enforcing US laws ;)
Not so much a retraction, more a correction. The company were still a victim of the cache poisoning, it has just been made clear that they were a victim along with everyone else in Austin.
Surely that'd be "you're it" since it isn't his "it".
Really? You mean £45 (~$90) for a text book of a few hundred pages, sometimes even only a paperback, is cheap?!?
Lets see:
Petrol - cheaper in the US ...
Food - cheaper in the US
Consumer electronics - cheaper in the US
Yep, definitely a trend there ;)
GB£ are in lockstep with Euros? Not at any point I've seen and we try to keep it that way.
Also, we may still need translations of the software in the UK. After all we need American replaced with proper English!
Which was kind of my point - if there was a misunderstanding as to where the problem occurred and what its cause might be then checking the database for errors there might be entirely understandable.
In general you should have an expectation that a host won't read your data unless you request them to or unless they need to for legal reasons. Asking for support and having them accidentally look at the wrong data if there was a misunderstanding is just one of the potential problems of having someone else manage your server.
I'm guessing that doesn't include the gold miners, etc, in World of Warcraft et al.!
But surely by saying "I have a problem with this box and you do some of the management, please investigate to fix it" then you're giving permission? Okay, so in this situation they were looking in the wrong place, but the summary implies it was a misunderstanding as to what issue the poster wanted fixing, rather than malicious or other intent.
When I read the headline I thought they meant Dell was re-branding it and removing the orange/brown!
On a slightly more serious note, it's good to see that they're doing what the consumer needs and making things like MP3/DVD playback easier. Yes, it might upset some purists, but they can just buy the machine and wipe back to a default, or go for a machine from another company that can't afford to bundle the codecs.
I still use one by choice - I use Sky (although I hadn't realised they were one of the "big six" as I thought their broadband arm wouldn't have had the up-take of their TV).
Well, I say "choice". It was a choice of four fuzzy channels or get everything from Sky (TV, phone and Internet) for £1 per month more than we were previously getting just the Internet access for.