Since it is a voluntary pledge made by your president as representative for the USA, you are still part of it, no congress approval needed... As it is voluntary, you can still ignore it, but the treaty was signed anyway!
And as the current president only announced that they would exist it, but only in 2020, that pledge is still in effect (but again, you can ignore it without any problem other than destroying the planet where you and your family and friends live!!)
what biind?! it was not a binding threaty, it was a "we pledge to try" treaty, that smart people understand that is required for our future... sadly dumb people think they are smart than everyone else and refuse to listen to people that understand what they are talking about.
If there is no mention in the "Good Book" for global warming, for sure everyone else is lying... but i'm sure that it have some hidden reference that communists Russians, Chinese and European are all trying to deceive the holy american people
>We won't even need a wall, it will be so bad that the Mexicans won't even want to come here.
the US will not need a wall, but Mexico will, with all the Americans trying to go to mexico trying to find a good job and a working healthcare system!:D
This was the plan since the beginning, to make Mexico pay the wall!!;-)
who is talking about system accounts? to "login" to a account is not only login to a system account, it is also login to any web site.:) i know no password shadowing in web systems, as protection of SQL injections attacks or hacked machines dumping the database
let me check, i found a SQL injection in some random site, i dump the user emails and passwords, i crack then, i find some good auth pairs and now i will login to other totally different places.
I do not care if linkedin or adobe was hacked... but i do care about the info stolen, that can open million of accounts in millions of other sites to hackers and god knows what that may open (vpns, private files, auth data, inject trojans, send phishing attacks from known contacts)
so no, hacking a forum server will not give you all that, but hacking passwords could do it
open a bug... either someone found a workaround or a bug, either way you should tell mozilla on the correct place (bugzilla.mozilla.org), not on a random site in the internet
1 - not all accounts on yahoo were hacked... and i do not know if the list of hacked users was even public at any time 2 - just because you do know some sites it doesn't mean that you were not there... some user DBs are simply stolen (like spam) or acquired when one company buys another, so you data may end in a totally different company/site that may have been hacked at sometime. 3 - just because you were drunk when you created that myspace account and do not remember, does not mean that you had no account!:D
more seriously, probably someone refereed your email and you got a invite... the account was half created, waiting for you to click to enable it. Even if you didn't accept the invite and have no password, there is some info about you there. EU GDPR may help you here in the future, as keeping data without user concent is a big no-no and most sites must expire and remove those temporary accounts 4 - adobe is strange, either they got you contact via macromedia or other acquired company or you sometime entered your email to download something (even for a friend or parent)
notice that this is not a Firefox DB, this is a DB made by a security guy that parsed all public hacked lists with users and password and created a public DB and API... if the site says he got your email from those hacks, unless there is a big bug, for sure your data was posted in some public (darknet or not) site... if you search well, you may even find yourself. Firefox is just making easier for normal people to understand that their "reused" password is not safe anymore
fine, you are one of the few that really create good passwords... yet almost everyone i know that are not tech pros use stupid simple passwords, reuse passwords all over the place and do not understand security. This tool is for then, to help then understand that sites get hacked, passwords stolen and they should change passwords and not reuse passwords
it is not secure as it may be possible to create hash collisions with some time... but to hash a passwords is still perfectly save, you can't reverse a hash to get the password and bruteforce it is still a huge amount of combinations
If the password is in the list of known passwords, do not matter if it is yours or not, those are the passwords that bruteforce tools will try first... you know, testing one million passwords is way lot quicker than testing several trillion of passwords
>KDE is barely open source. That's a major problem.
?!?! are you from 1997? KDE is open source, in fact almost everything is GPL or GPL compatible... even QT today is GPL... so yes, you might have time-travel !!
If your job require windows, that is OK... now most people do not really need windows anymore, but most still use it because they really do not know how to switch or want to learn new tools... and yes, some tools are better than other, you will miss some features but you can also learn new ones... but you should know that, you use several CAD/3D software, you already know that one tool is good for one task, but bad for another.
But it is possible to do 3D work in linux, many people already do it and with 3D printers, that field should improve even more. From a quick search freecad, Qcad, maya, blender, brl-cad, k-3d, Archimedes. I did work with people that used Maya and Blender on linux and they made amazing jobs
Finally, you can also require your software makers a linux version... in the past all of then would ignore then, but slowly they start to listen... and with opengl, vulkan,.NET, C#, QT all working on all systems, it is easier to add the support.
> in that Windows has every Linux feature, plus AAA games.
Can i recompile windows kernel? Can i replace the window manager? Can i remove closed source programs? Even, can i really disable MS tracking? Will never again those options show up again as enabled? Can i just trust MS to update all my software, like in linux with their package manager? Can i choose what installs i do want to install? will windows really obey to that? Can i setup complex network setups (hint: MS used linux to setup the network in their azure)? Can I run play games many games with vulkan (hint: all new feral ports are using vulkan, while the windows version is still in direct3D)? Can i run big servers, with lot of services with little performance lost? Can i... you got the idea...
By the way, we do have AAA games in linux... not as many as windows, but we do have then and they work fine... Yes, windows can run many linux apps, but performance sometimes shitty... if i want to run a docker linux, why would i do it inside a windows? even linux instances/vm are cheaper and faster in linux... So If linux do everything that windows do, faster, cheaper, cleaner and with more freedom, why would i switch over to windows, just because some AAA games? with 1300 linux games i have in my steam account, i really do not care about those games
No one said that software stop working, it is just insecure to use it on the internet. if you use it on a disconnected network, fine for you, on connected networks it is dangerous not only for you, but also for others
>>And as for an "os which doesn't run anything" - steam and heaps of fun and modern games run just fine on my Gentoo box >LOL, sure they do. Enjoy your dozen half-finished open source games and a handful of indie games.
Check by yourself: https://steamdb.info/linux/ now i will play some Total War, Thrones of Britannia, Mad Max or Rise of the Thomb Raider in vulkan (where windows version can only use directx)
So no, firefox 52 ESR still is still supported in XP, until August 2018... you have 2 months of support, that's it!
>>are you getting updated? >Who gives a shit? Updates aren't important when the software is made correctly the first time.
LOL, you are new to computers, right? all software have bugs... anything that connects to the internet is important to keep updated, any new bug found may be abuse.
>>did they updated for spectre attack? >Spectre isn't an attack, it's a potential vulnerability that isn't a threat to anyone but servers operators hosting multiple users who don't have permissions set up properly. yes, spectre is a vulnerability, not a attack, you are right there, but you did understand what i want... Lets read mozilla post about it: https://www.mozilla.org/en-US/...
>>i bet you are using a insecure browser one way or another >Define "insecure browser". Because I bet I can find a shitload of vulnerabilities in whatever browser you are using that you think is safe.
insecure browser: with known security problems... if you find zero day problems, great, report then to the browser devs so they can fix then
Find me a shitload of vulnerabilities in netcat, please!:P
>>and just because you do not know that your XP is owned, it doesn't mean it isn't... many XP out there are already hacked and owners do not know about it >Sorry, but no. You would have to be a complete noob to not notice something like that. I think perhaps what you meant to say is that *YOU* would not be able to tell if your system was owned because *YOU* are a noob. Don't project your failings on to others.
you check the signature of all your drivers and dlls, they are all legit, all your windows services are monitored and check as valid... Do you really do know know what are rootkits, right?
>>many of the malware today cleanup the machine so they are the only one controlling the machine and avoiding detection and instability >It is impossible for malware to avoid detection.
>>and by the way, my linux is not spying on me, thank you! >Nobody wants to spy on an operating system that can run shit or do shit, so that's not surprising.
yes, you are right, linux don't run on most servers you use online, that doesn't run in almost all smartphones, it is not the base OS for chromeOS, can't run browsers, office apps, music, video and games... looks you are a huge tech expert!
Reduce: Fix any problem or replace only the broken parts... this case, switch OS
Reuse: Reinstall a different OS and give another use for the computer, resell the used computer or give it to ones that may reuse it. You can also reuse components
recycle: instead of trowing away, send it to recycle... even by just melting the CPU and board, you can get gold, platinum, and other value materials... if the recyclers are competent, they can make a good profit from used computers
Most windows applications use the windows system dll to provide the TLS. XP dll version are old and do not support any of secure TLS options. ALL apps that use the system dll will be limited to insecure TLS. Most apps do this.
Only a few apps do include their own TLS stack, mostly firefox and friends (that use their own TLS stack, NSS), open source apps that rely on gnutls, libressl or openssl (and a few smaller ones), java.... Chrome uses nss in linux, openssl in android, but use SChannel (the windows TLS dll) in windows
again, most apps uses the windows dll and in XP it is totally broken by now
what browser still supports XP? are you getting updated? did they updated for spectre attack?
i bet you are using a insecure browser one way or another... and just because you do not know that your XP is owned, it doesn't mean it isn't... many XP out there are already hacked and owners do not know about it... many of the malware today cleanup the machine so they are the only one controlling the machine and avoiding detection and instability
and by the way, my linux is not spying on me, thank you!
Slashdot Mirror
Since it is a voluntary pledge made by your president as representative for the USA, you are still part of it, no congress approval needed...
As it is voluntary, you can still ignore it, but the treaty was signed anyway!
And as the current president only announced that they would exist it, but only in 2020, that pledge is still in effect (but again, you can ignore it without any problem other than destroying the planet where you and your family and friends live!!)
what biind?! it was not a binding threaty, it was a "we pledge to try" treaty, that smart people understand that is required for our future... sadly dumb people think they are smart than everyone else and refuse to listen to people that understand what they are talking about.
If there is no mention in the "Good Book" for global warming, for sure everyone else is lying... but i'm sure that it have some hidden reference that communists Russians, Chinese and European are all trying to deceive the holy american people
>We won't even need a wall, it will be so bad that the Mexicans won't even want to come here.
the US will not need a wall, but Mexico will, with all the Americans trying to go to mexico trying to find a good job and a working healthcare system! :D
This was the plan since the beginning, to make Mexico pay the wall!! ;-)
who is talking about system accounts? to "login" to a account is not only login to a system account, it is also login to any web site. :)
i know no password shadowing in web systems, as protection of SQL injections attacks or hacked machines dumping the database
a password that match a sha1 hash may not be the password that generated that hash ... but yes, they should improve that
let me check, i found a SQL injection in some random site, i dump the user emails and passwords, i crack then, i find some good auth pairs and now i will login to other totally different places.
I do not care if linkedin or adobe was hacked... but i do care about the info stolen, that can open million of accounts in millions of other sites to hackers and god knows what that may open (vpns, private files, auth data, inject trojans, send phishing attacks from known contacts)
so no, hacking a forum server will not give you all that, but hacking passwords could do it
bingo!
open a bug... either someone found a workaround or a bug, either way you should tell mozilla on the correct place (bugzilla.mozilla.org), not on a random site in the internet
1 - not all accounts on yahoo were hacked... and i do not know if the list of hacked users was even public at any time :D
2 - just because you do know some sites it doesn't mean that you were not there... some user DBs are simply stolen (like spam) or acquired when one company buys another, so you data may end in a totally different company/site that may have been hacked at sometime.
3 - just because you were drunk when you created that myspace account and do not remember, does not mean that you had no account!
more seriously, probably someone refereed your email and you got a invite... the account was half created, waiting for you to click to enable it. Even if you didn't accept the invite and have no password, there is some info about you there. EU GDPR may help you here in the future, as keeping data without user concent is a big no-no and most sites must expire and remove those temporary accounts
4 - adobe is strange, either they got you contact via macromedia or other acquired company or you sometime entered your email to download something (even for a friend or parent)
notice that this is not a Firefox DB, this is a DB made by a security guy that parsed all public hacked lists with users and password and created a public DB and API... if the site says he got your email from those hacks, unless there is a big bug, for sure your data was posted in some public (darknet or not) site ... if you search well, you may even find yourself. Firefox is just making easier for normal people to understand that their "reused" password is not safe anymore
right, because you audit and configure all the sites you use, to make sure they aren't also hacked and your data stolen...
if you were really security-conscious guy, you would never said something like that
https://github.com/simu/passwo...
store a key, memorize a password and that is mostly it, a different password for all sites that you don't even need to store
fine, you are one of the few that really create good passwords... yet almost everyone i know that are not tech pros use stupid simple passwords, reuse passwords all over the place and do not understand security. This tool is for then, to help then understand that sites get hacked, passwords stolen and they should change passwords and not reuse passwords
it is not secure as it may be possible to create hash collisions with some time... but to hash a passwords is still perfectly save, you can't reverse a hash to get the password and bruteforce it is still a huge amount of combinations
If the password is in the list of known passwords, do not matter if it is yours or not, those are the passwords that bruteforce tools will try first... you know, testing one million passwords is way lot quicker than testing several trillion of passwords
>KDE is barely open source. That's a major problem.
?!?! ... so yes, you might have time-travel !!
are you from 1997?
KDE is open source, in fact almost everything is GPL or GPL compatible... even QT today is GPL
Hey, the right tool to the right job!
If your job require windows, that is OK... now most people do not really need windows anymore, but most still use it because they really do not know how to switch or want to learn new tools... and yes, some tools are better than other, you will miss some features but you can also learn new ones... but you should know that, you use several CAD/3D software, you already know that one tool is good for one task, but bad for another.
But it is possible to do 3D work in linux, many people already do it and with 3D printers, that field should improve even more. From a quick search freecad, Qcad, maya, blender, brl-cad, k-3d, Archimedes. I did work with people that used Maya and Blender on linux and they made amazing jobs
Finally, you can also require your software makers a linux version... in the past all of then would ignore then, but slowly they start to listen... and with opengl, vulkan, .NET, C#, QT all working on all systems, it is easier to add the support.
> in that Windows has every Linux feature, plus AAA games.
Can i recompile windows kernel? ... you got the idea...
Can i replace the window manager?
Can i remove closed source programs? Even, can i really disable MS tracking? Will never again those options show up again as enabled?
Can i just trust MS to update all my software, like in linux with their package manager?
Can i choose what installs i do want to install? will windows really obey to that?
Can i setup complex network setups (hint: MS used linux to setup the network in their azure)?
Can I run play games many games with vulkan (hint: all new feral ports are using vulkan, while the windows version is still in direct3D)?
Can i run big servers, with lot of services with little performance lost?
Can i
By the way, we do have AAA games in linux... not as many as windows, but we do have then and they work fine...
Yes, windows can run many linux apps, but performance sometimes shitty... if i want to run a docker linux, why would i do it inside a windows? even linux instances/vm are cheaper and faster in linux... So If linux do everything that windows do, faster, cheaper, cleaner and with more freedom, why would i switch over to windows, just because some AAA games? with 1300 linux games i have in my steam account, i really do not care about those games
mozilla extended the firefox support until august 2018 ... 2 months!
About other browsers, check again my post:
https://slashdot.org/comments....
No one said that software stop working, it is just insecure to use it on the internet. if you use it on a disconnected network, fine for you, on connected networks it is dangerous not only for you, but also for others
>>And as for an "os which doesn't run anything" - steam and heaps of fun and modern games run just fine on my Gentoo box
>LOL, sure they do. Enjoy your dozen half-finished open source games and a handful of indie games.
Check by yourself: https://steamdb.info/linux/
now i will play some Total War, Thrones of Britannia, Mad Max or Rise of the Thomb Raider in vulkan (where windows version can only use directx)
>>what browser still supports XP?
>Uhh Firefox.
https://support.mozilla.org/en...
So no, firefox 52 ESR still is still supported in XP, until August 2018 ... you have 2 months of support, that's it!
>>are you getting updated?
>Who gives a shit? Updates aren't important when the software is made correctly the first time.
LOL, you are new to computers, right? all software have bugs... anything that connects to the internet is important to keep updated, any new bug found may be abuse.
>>did they updated for spectre attack?
>Spectre isn't an attack, it's a potential vulnerability that isn't a threat to anyone but servers operators hosting multiple users who don't have permissions set up properly.
yes, spectre is a vulnerability, not a attack, you are right there, but you did understand what i want...
Lets read mozilla post about it: https://www.mozilla.org/en-US/...
>>i bet you are using a insecure browser one way or another
>Define "insecure browser". Because I bet I can find a shitload of vulnerabilities in whatever browser you are using that you think is safe.
insecure browser: with known security problems ... if you find zero day problems, great, report then to the browser devs so they can fix then
Find me a shitload of vulnerabilities in netcat, please! :P
>>and just because you do not know that your XP is owned, it doesn't mean it isn't... many XP out there are already hacked and owners do not know about it
>Sorry, but no. You would have to be a complete noob to not notice something like that. I think perhaps what you meant to say is that *YOU* would not be able to tell if your system was owned because *YOU* are a noob. Don't project your failings on to others.
you check the signature of all your drivers and dlls, they are all legit, all your windows services are monitored and check as valid...
Do you really do know know what are rootkits, right?
>>many of the malware today cleanup the machine so they are the only one controlling the machine and avoiding detection and instability
>It is impossible for malware to avoid detection.
https://heimdalsecurity.com/bl...
https://en.wikipedia.org/wiki/...
>>and by the way, my linux is not spying on me, thank you!
>Nobody wants to spy on an operating system that can run shit or do shit, so that's not surprising.
yes, you are right, linux don't run on most servers you use online, that doesn't run in almost all smartphones, it is not the base OS for chromeOS, can't run browsers, office apps, music, video and games ... looks you are a huge tech expert!
say that to my 1200 linux games
Reduce,Reuse, Recycle
Reduce: Fix any problem or replace only the broken parts... this case, switch OS
Reuse: Reinstall a different OS and give another use for the computer, resell the used computer or give it to ones that may reuse it. You can also reuse components
recycle: instead of trowing away, send it to recycle... even by just melting the CPU and board, you can get gold, platinum, and other value materials... if the recyclers are competent, they can make a good profit from used computers
because most modern games do run on linux, but not on windows 98SE !! :)
let me try again.
Most windows applications use the windows system dll to provide the TLS. XP dll version are old and do not support any of secure TLS options. ALL apps that use the system dll will be limited to insecure TLS. Most apps do this.
Only a few apps do include their own TLS stack, mostly firefox and friends (that use their own TLS stack, NSS), open source apps that rely on gnutls, libressl or openssl (and a few smaller ones), java....
Chrome uses nss in linux, openssl in android, but use SChannel (the windows TLS dll) in windows
again, most apps uses the windows dll and in XP it is totally broken by now
what browser still supports XP? are you getting updated? did they updated for spectre attack?
i bet you are using a insecure browser one way or another... and just because you do not know that your XP is owned, it doesn't mean it isn't... many XP out there are already hacked and owners do not know about it... many of the malware today cleanup the machine so they are the only one controlling the machine and avoiding detection and instability
and by the way, my linux is not spying on me, thank you!