I'm sorry... is that sarcasm? If it is, I don't really care. I'm proud of having done it in a 10 week course and it's not the point of my sig (which many Mac users hate), anyway. My computer arch. class was one of the things that makes me think school was worth the $50,000 and sleepless nights in the lab.
And if that wasn't sarcasm: thanks for the compliment!:-)
Re:Don't put too much trust in certs
on
PGP & GPG
·
· Score: 1
PGP allows me to trust you without the need for a 3rd party trust.
S/MIME allows this, too. Just open a person's certificate and select to "explicitly trust" the certificate.
Do you trust all the root and trusted CAs in IE? I sure don't.
Well then uninstall them from your system, you dolt! Nobody is forcing you to configure your email client to trust them.
"The right tool for the job" argument would lead to everyone being burried in billions of tools. I think email security is one of those areas where people don't want multiple tools, and will eventually settle on one for the vast majority of uses. Nobody can predict the future, so you can falsely accuse me of having a vested interest and claim that the people really want multiple tools if you want... but I think you'll be proven wrong in the long run.
There is 1 SMTP. There is one SSL. There is one HTTP. There will probably be one "email security" system, too. And it will NOT involve maintaining a "web" if the majority of the Internet will be using it.
Myspace is the networking site for the Facebook rejects. Everyone in college uses facebook, and only a few use Myspace, also. But since you can't get on Facebook without a college email address, the uneducated masses (and the old people) have no option but to use Myspace.
Facebook is the "cool kids' table" at lunch, and is technically superior to Myspace in almost every way.
When people say "X.509" when talking about email security, what they mean is S/MIME. It is pretty clear S/MIME is going to win the battle to be the most common form of email security on the Internet. It has built-in support on Outlook, Thunderbird, hell--even mutt.
If people CHOOSE to trust a PKI, S/MIME works WAY better than PGP because key distribution is much easier. If they don't want to do a PKI, they can still trust individual certificates, just like PGP. They can verify certificates by reading thumbprints over the phone, if they like.
Basically, S/MIME can do everything PGP/MIME can do except the "web of trust." And WoT is just WAY too much work for 99.9% of the population. PGP will eventually vanish.
Buffet is an athiest. This donation is pure alturism, as opposed to the donations of religious people, who are merely trying to buy personal pleasure in their imagined afterlife.
He didn't have all this money for 30 years. The fact that he kept all this money allowed him to make more. And now that he has this much, he could, say, vaccinate the entire world and eliminate many diseases. That would not be possible if he had been constantly giving it away.
The number of lives that will be saved by this tremendous fortune is uncountable. I think what is most interesting about this is that the person responsible is a capitalist and an athiest. Many socialists think capitalists are nothing but greedy, and many religious people think athiests could never be moral people, yet this man just announced the greatest gift to humanity in history!
"Having responsibility and being able to feel empathy are two orthogonal things"
Bullshit. If you have never had the responsibility of building and maintaining a heavily-used server (or doing something similar), you won't realize how hurtful it is to mess it up like this. To a kid, time is FREE, and what he is doing is costing the admin only time. He can empathize in general, but not in this situation because he can't appreciate the cost of an adult's time.
And you were either a really lame kid or you have a terrible memory. I never thought I was being an asshole when I did stuff like this that took up an adult's time. Hell, my quest in life was to find something to do with all the time. I was doing them a favor by wasting their time! Every kid I know did stuff like that sometimes, though it was usually in meatspace. Did you ever play a practical joke? No.. you were perfect when you were a young AC.
Well, in college, I did build a CPU (on paper) at the gate level. But my point is only that a person who is highly aware of every major component of his system is going to be able to wield it more effectively than a person who does not. Building (and selecting components) makes a person more aware of the machine's capabilities and more capable of fixing failures and bottlenecks.
And I don't mean to say it is OK for a kid to do this. I was answering the question "why are you a jackass?" That's why. It's not malice.
Have you ever been 15? Everything is a game. Especially everything on the computer. 0wning this guy's chat server feels about the same as making a slam dunk right over a bigger defender's head, then joking about his mother. Just a game.
At that age, kids have never had responsability, and so are unable to feel empathy for those who they are harming.
I was an ornry teenager once, too. I recall sending ATH0 pings, sending OOB packets, mounting unprotected file shares, and feeling a thrill every time I one-upped these older, smarter people. The internet was just a Nintendo game to me.
This kid, like the others, is no more of a jackass than any other kid his age. He will just grow out of it with time, like everyone else.
"carde blanche?" "nip this in the butt?" Are you intentionally botching expressions to be funny, or are you new to the English language?
Perhaps you would get an edge on the H1B workers if you learned to read and write, instead of just sounding out all your spelling phonetically (based on poor hearing, at that).
No, I'm not being a grammar nazi--maybe a "completely wrong word nazi," but this is an extreme case!
We seem to have different definitions of the word "purpose." If life doesn't spread and reproduce, it doesn't live. The whole reason life is life is because it makes more of itself--hence the word "purpose."
We also have differing definitions of "responsible." I use it in the moral sense. To me, morality doesn't require someone else "holding" me responsible.
And you say we shouldn't care about the future, only about right "NOW." Well, we have all our eggs in one basket NOW. And by eggs, I mean life as we know it.
If you think tremendous sacrifices are not called for, you must not value life very much. However small the risk, the chance of us all being wiped out is beyond my risk tolerance. You also seem to be forgetting that these "tremendous sacrifices" tend to have real ROI. There is lots of good technology in use today that was invented for space travel.
In the next billion years, who knows? A meteor impact could happen at any time. That is urgent. Avoiding heat-death is a problem we have plenty of time to look at.
No! The long term solution is to STOP USING SSNs AS PASSWORDS.
We just need to spend the tax money to develop a secure means of authentication. This would likely involve issuing smart cards to citizens and credit-card style reader/verifiers to businesses and agencies who need to authenticate people.
Once this is done, make it illegal to use SSN to verify identity. Then everyone is free to key their databases off of SSNs, and if they are lost there is no harm done.
Could we just think of this as the "Indiana Jones and the Last Crusade" approach?
A caged source can't sing?
I'm sorry... is that sarcasm? If it is, I don't really care. I'm proud of having done it in a 10 week course and it's not the point of my sig (which many Mac users hate), anyway. My computer arch. class was one of the things that makes me think school was worth the $50,000 and sleepless nights in the lab.
:-)
And if that wasn't sarcasm: thanks for the compliment!
Well then uninstall them from your system, you dolt! Nobody is forcing you to configure your email client to trust them.
Actually, yes it can. But this is not widely implemented yet.
"The right tool for the job" argument would lead to everyone being burried in billions of tools. I think email security is one of those areas where people don't want multiple tools, and will eventually settle on one for the vast majority of uses. Nobody can predict the future, so you can falsely accuse me of having a vested interest and claim that the people really want multiple tools if you want... but I think you'll be proven wrong in the long run.
There is 1 SMTP. There is one SSL. There is one HTTP. There will probably be one "email security" system, too. And it will NOT involve maintaining a "web" if the majority of the Internet will be using it.
That is not a flaw in S/MIME.
And as I said, everyone has a choice as to which PKIs they trust. Nobody is forcing you to trust the Thawte Freemail CA.
Myspace is the networking site for the Facebook rejects. Everyone in college uses facebook, and only a few use Myspace, also. But since you can't get on Facebook without a college email address, the uneducated masses (and the old people) have no option but to use Myspace.
Facebook is the "cool kids' table" at lunch, and is technically superior to Myspace in almost every way.
When people say "X.509" when talking about email security, what they mean is S/MIME. It is pretty clear S/MIME is going to win the battle to be the most common form of email security on the Internet. It has built-in support on Outlook, Thunderbird, hell--even mutt.
If people CHOOSE to trust a PKI, S/MIME works WAY better than PGP because key distribution is much easier. If they don't want to do a PKI, they can still trust individual certificates, just like PGP. They can verify certificates by reading thumbprints over the phone, if they like.
Basically, S/MIME can do everything PGP/MIME can do except the "web of trust." And WoT is just WAY too much work for 99.9% of the population. PGP will eventually vanish.
Buffet is an athiest. This donation is pure alturism, as opposed to the donations of religious people, who are merely trying to buy personal pleasure in their imagined afterlife.
He didn't have all this money for 30 years. The fact that he kept all this money allowed him to make more. And now that he has this much, he could, say, vaccinate the entire world and eliminate many diseases. That would not be possible if he had been constantly giving it away.
The number of lives that will be saved by this tremendous fortune is uncountable. I think what is most interesting about this is that the person responsible is a capitalist and an athiest. Many socialists think capitalists are nothing but greedy, and many religious people think athiests could never be moral people, yet this man just announced the greatest gift to humanity in history!
"Having responsibility and being able to feel empathy are two orthogonal things"
Bullshit. If you have never had the responsibility of building and maintaining a heavily-used server (or doing something similar), you won't realize how hurtful it is to mess it up like this. To a kid, time is FREE, and what he is doing is costing the admin only time. He can empathize in general, but not in this situation because he can't appreciate the cost of an adult's time.
And you were either a really lame kid or you have a terrible memory. I never thought I was being an asshole when I did stuff like this that took up an adult's time. Hell, my quest in life was to find something to do with all the time. I was doing them a favor by wasting their time! Every kid I know did stuff like that sometimes, though it was usually in meatspace. Did you ever play a practical joke? No.. you were perfect when you were a young AC.
Well, in college, I did build a CPU (on paper) at the gate level. But my point is only that a person who is highly aware of every major component of his system is going to be able to wield it more effectively than a person who does not. Building (and selecting components) makes a person more aware of the machine's capabilities and more capable of fixing failures and bottlenecks.
And I don't mean to say it is OK for a kid to do this. I was answering the question "why are you a jackass?" That's why. It's not malice.
The super user always could have captured any passwords of active users.
But, if what you are saying is right, the software engineers who wrote this failed Secure Authentication 101.
Have you ever been 15? Everything is a game. Especially everything on the computer. 0wning this guy's chat server feels about the same as making a slam dunk right over a bigger defender's head, then joking about his mother. Just a game.
At that age, kids have never had responsability, and so are unable to feel empathy for those who they are harming.
I was an ornry teenager once, too. I recall sending ATH0 pings, sending OOB packets, mounting unprotected file shares, and feeling a thrill every time I one-upped these older, smarter people. The internet was just a Nintendo game to me.
This kid, like the others, is no more of a jackass than any other kid his age. He will just grow out of it with time, like everyone else.
Is there such a thing as non-energetic particle bombardment?
Loot the treasury? There's nothing in there but IOUs.
Please... you're hurting my feelings. But thank you for that well-reasoned and informative argument.
"carde blanche?" "nip this in the butt?" Are you intentionally botching expressions to be funny, or are you new to the English language?
Perhaps you would get an edge on the H1B workers if you learned to read and write, instead of just sounding out all your spelling phonetically (based on poor hearing, at that).
No, I'm not being a grammar nazi--maybe a "completely wrong word nazi," but this is an extreme case!
what software do you use to MITM SSL?
We can send life to other planets. In fact, we go to great pains to make sure we don't mistakenly send microbes out on our spacecraft.
We seem to have different definitions of the word "purpose." If life doesn't spread and reproduce, it doesn't live. The whole reason life is life is because it makes more of itself--hence the word "purpose."
We also have differing definitions of "responsible." I use it in the moral sense. To me, morality doesn't require someone else "holding" me responsible.
And you say we shouldn't care about the future, only about right "NOW." Well, we have all our eggs in one basket NOW. And by eggs, I mean life as we know it.
If you think tremendous sacrifices are not called for, you must not value life very much. However small the risk, the chance of us all being wiped out is beyond my risk tolerance. You also seem to be forgetting that these "tremendous sacrifices" tend to have real ROI. There is lots of good technology in use today that was invented for space travel.
In the next billion years, who knows? A meteor impact could happen at any time. That is urgent. Avoiding heat-death is a problem we have plenty of time to look at.
No! The long term solution is to STOP USING SSNs AS PASSWORDS.
We just need to spend the tax money to develop a secure means of authentication. This would likely involve issuing smart cards to citizens and credit-card style reader/verifiers to businesses and agencies who need to authenticate people.
Once this is done, make it illegal to use SSN to verify identity. Then everyone is free to key their databases off of SSNs, and if they are lost there is no harm done.
It would nearly end identity theft.