"Therefore, the only certificates that are problems are ones where someone has already launched this attack. We know it's happened once, but that list is probably pretty small. And, there's a good shot that the bad guys haven't done it at all."
He's wrong, and has completely failed to understand the significance of this. He seems to think that it requires the CA to sign these certificates or something.
As long as there are *any* MD5 CA certificates in the browser then the bad guys can duplicate it and generate valid certificates for *any site on the internet* - including your bank. Man in the middle attacks just got a hell of a lot easier. Phishing attacks just got a hell of a lot easier.
Vulnerable CAs include Thawte and RSA, which means this is pretty damned big.
*No* certificate issued by these providers is secure. If your bank uses them, then tough.. your bank has a problem and they should have bought their certificate from a competent provider.
Because they're horribly oversubscribed. Because they have no decent support. Because they have the audacity to actually charge *per month* for IP addresses so to replicate my current 16 IPs would jack the price up to £42 per month (making them simultaneously the most expensive and cheapest ISP.. a neat trick).
And your £18 a month contract is a minimum 12 months. Costly when you want to change, or even just move house. Many, like myself, won't even consider such a contract.
To get decent, reliable broadband costs money.. Or you can go cheap and get an ISP that slows down to 1/10th of their maximum speed at what they laughingly call 'off-peak'.
You do need a license for live broadcasts... the watch live pages (eg. http://www.bbc.co.uk/bbctwo/watchlive/) state clearly "Don't forget - to watch TV online as it's being broadcast, you still need a TV Licence.".
2008 is nice because it's done right.. nothing is running and you get a bare OS which runs fast and does what you want it to do. If you want dekstop eye candy or (shudder) multiple 'indexing' services scanning your hard drive constantly you can add those if you want to, but it's not there by default.
I'd say 2008 is a even better than 2003 as a dev environment.
Vista, however, I just can't get on with. I ran it for several months and it self destructed so badly it needed reinstalling 3 time during that time... if I never see it again it'll be too soon.
So it's not the core of Vista that's the issue (same kernel), it's the rest of the crap.
In the UK at least the camera is the start of an automated process an no human is involved in the ticket generation (or indeed the entire process if you just admit guilt and send them the money).
We have a bizarre legal situation with the cameras..
1. The camera is pretty much always taken as absolute proof 2. It's illegal to refuse to divulge who was driving, or if it was you, admit it. 3. The information in (2) is a legal admission of guilt.
So you have a legal (and potentially criminal) process where it's illegal not to admit guilt.
..and switch wifi off (which is even more power hungry, btw.). 3G is only more power hungry in weak areas (since it'll try to find the weak 3g antenna rather than the more powerful 2g one).. in an area of good reception it makes no difference.
But cellphone antennas are already pretty power efficient compared to driving the display, backlight etc... and let's not even get started on the GPS. You aren't going to get multiples of battery life just from this invention.
Anything that requires a control panel - they need a rewrite because of UAC (control panel applets can't elevate). Anything that uses the system registry. Microsoft 'helpfully' redirect it. Ditto Program Files. Several APIs no longer behave as they were documented in XP. This is a real git as it introduces hard to find bugs.
The one thing about porting projects is you quickly realize how buggy vista is.. You could't pay me to install it again (it's banned on the network anyway because it did something stupid to the routers).
Slashdot Mirror
"Therefore, the only certificates that are problems are ones where someone has already launched this attack. We know it's happened once, but that list is probably pretty small. And, there's a good shot that the bad guys haven't done it at all."
He's wrong, and has completely failed to understand the significance of this. He seems to think that it requires the CA to sign these certificates or something.
As long as there are *any* MD5 CA certificates in the browser then the bad guys can duplicate it and generate valid certificates for *any site on the internet* - including your bank. Man in the middle attacks just got a hell of a lot easier. Phishing attacks just got a hell of a lot easier.
Vulnerable CAs include Thawte and RSA, which means this is pretty damned big.
Find these in the browser and delete them.
*No* certificate issued by these providers is secure. If your bank uses them, then tough.. your bank has a problem and they should have bought their certificate from a competent provider.
Any CA that still uses MD5 should be removed from the list of trusted CAs in all browsers, with immediate effect.
Because they're horribly oversubscribed. Because they have no decent support. Because they have the audacity to actually charge *per month* for IP addresses so to replicate my current 16 IPs would jack the price up to £42 per month (making them simultaneously the most expensive and cheapest ISP.. a neat trick).
And your £18 a month contract is a minimum 12 months. Costly when you want to change, or even just move house. Many, like myself, won't even consider such a contract.
To get decent, reliable broadband costs money.. Or you can go cheap and get an ISP that slows down to 1/10th of their maximum speed at what they laughingly call 'off-peak'.
BT are rolling out ADSL2+ slowly and it's already in major cities. These things take time.
If you think virgin media is actually fiber I've got a bridge to sell you.
They now use a flash based client that does all the above on multiple platforms, and have no dependency on Windows.
You do need a license for live broadcasts... the watch live pages (eg. http://www.bbc.co.uk/bbctwo/watchlive/) state clearly "Don't forget - to watch TV online as it's being broadcast, you still need a TV Licence.".
Yeah at no point do they say USB - which would be a more complex project (although I guess USB serial controllers are fairly cheap these days).
Limiting access to any virus or bacteria that's in the environment is rather hard. The results of a fuckup could be rather fatal...
Laptop optical drives are pretty standard and can be swapped out easily enough.
2008 is nice because it's done right.. nothing is running and you get a bare OS which runs fast and does what you want it to do. If you want dekstop eye candy or (shudder) multiple 'indexing' services scanning your hard drive constantly you can add those if you want to, but it's not there by default.
I'd say 2008 is a even better than 2003 as a dev environment.
Vista, however, I just can't get on with. I ran it for several months and it self destructed so badly it needed reinstalling 3 time during that time... if I never see it again it'll be too soon.
So it's not the core of Vista that's the issue (same kernel), it's the rest of the crap.
I bet the filter isn't ipv6 capable... I just can't see the lawmakers being that tech savvy.
That could be just the boost the protocol needs, in Australia at least.
In the UK at least the camera is the start of an automated process an no human is involved in the ticket generation (or indeed the entire process if you just admit guilt and send them the money).
We have a bizarre legal situation with the cameras..
1. The camera is pretty much always taken as absolute proof
2. It's illegal to refuse to divulge who was driving, or if it was you, admit it.
3. The information in (2) is a legal admission of guilt.
So you have a legal (and potentially criminal) process where it's illegal not to admit guilt.
What is the point if they only got one submission for the Hash contest? Doesn't that make it the automatic winner?
Not if it isn't shown to be secure. If needs to be tested first.. it may be they have no winner.
http://www.wired.com/techbiz/media/news/2003/11/61165
And that's 2003... it's got worse since.
Quite aside from the fact that in 90% of hospitals it's not permitted to use mobile phones anyway.
I don't know.. "Life without walls"?
If there are no walls, who needs Windows?
Great catchphrase...
For the linux guy it would be hey presto, a box of seeds and a baby chicken appear, and he has to get farming.
Llamas?
By conflating the issues it also omits the fact that spore is only released on the US store, as the press release makes absolutely clear.
European users are still forced to use securerom.
..and switch wifi off (which is even more power hungry, btw.). 3G is only more power hungry in weak areas (since it'll try to find the weak 3g antenna rather than the more powerful 2g one).. in an area of good reception it makes no difference.
But cellphone antennas are already pretty power efficient compared to driving the display, backlight etc... and let's not even get started on the GPS. You aren't going to get multiples of battery life just from this invention.
Name a one thing british ever made right.
Australia.
Melting glaciers won't cause a sea level rise unless they're sitting on land.. think archimedes.
Confess! Or I'll shine this Maglite in your face again!
Anything that requires a control panel - they need a rewrite because of UAC (control panel applets can't elevate).
Anything that uses the system registry. Microsoft 'helpfully' redirect it. Ditto Program Files.
Several APIs no longer behave as they were documented in XP. This is a real git as it introduces hard to find bugs.
The one thing about porting projects is you quickly realize how buggy vista is.. You could't pay me to install it again (it's banned on the network anyway because it did something stupid to the routers).