Slashdot Mirror


User: Lennie

Lennie's activity in the archive.

Stories
0
Comments
3,689
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 3,689

  1. Re:Seconded. on Mozilla SSL Policy Considered Bad For the Web · · Score: 1

    I don't agree, they have a SSL-policy to only include CA root-certificates of organisations that have had their procedures, hardware, software and organisation properly audited.

    That's not really very strange. Because the browser vendor has to trust the CA to do the right thing.

    If you look at CA-cert for example, they are working on making this situation better for everyone else by getting them selfs audited.

    These things take time, lots of time.
    _

    If on the other hand you want to create your own certs, create your own organisation-root-CA. So you can import the public-key of that CA all over your organisation.

  2. Re:yeah, use rsync. on Online Website Backup Options? · · Score: 5, Informative

    There is also the --backup --backup-dir options (you'll need both). It keeps a copy of the files that have been deleted or changed, if you use a script to keep it in seperate directories you'll have a pretty good history of all the changes.

  3. Re:Biggest boom for Open DNS's busineess on OpenDNS As Quick-Fix To DNS Patch Dilemma · · Score: 1

    No I'm talking about someone trying to spoof answers for your questions to OpenDNS. If your NAT messes up your source-port-randomisation, you'll still be in trouble.

  4. Re:How is this news? on Dual Boot Not Trusted, Rejected By Vista SP1 · · Score: 1

    Microsoft isn't about giving people choice, it's about lock-in.

  5. Re:How is this news? on Dual Boot Not Trusted, Rejected By Vista SP1 · · Score: 1

    You don't understand, Microsoft does not want to give people choice. They want to create a situation of lock-in. If you understand that, you might understand why these features exist in the first place.

  6. Re:Not trusted for a reason on Dual Boot Not Trusted, Rejected By Vista SP1 · · Score: 1

    It's thinking ahead with an other reason, they are not interrested in securing your data.

  7. Re:It has a bootloader update. on Dual Boot Not Trusted, Rejected By Vista SP1 · · Score: 1

    That's what you think.

  8. Re:Except that... on Dual Boot Not Trusted, Rejected By Vista SP1 · · Score: 1

    Why work around them, when you just can stop using it ?

  9. Re:You can use the Vista boot loader on Dual Boot Not Trusted, Rejected By Vista SP1 · · Score: 1

    Not it means there is an entry in boot.ini that says Linux, Ubuntu or Grub. And grub was installed on the partition, not in the MBR.

  10. Re:You can use the Vista boot loader on Dual Boot Not Trusted, Rejected By Vista SP1 · · Score: 1

    You go to the HP-site, you goto drivers, choose the model number of the PC or laptop, you choose download. And you get one page with all the drivers you need. It does take hours to download and the network- and wireless-card or modem didn't work in XP, so you can't actually get online with the XP-install. But 6 hours to find the drivers ?

  11. Re:You can use the Vista boot loader on Dual Boot Not Trusted, Rejected By Vista SP1 · · Score: 1

    Because it also came with the PC/laptop. I've NOT seen any machine that had Vista on it that did not include an XP CD.

  12. Re:Only a problem if you have TPM? on Dual Boot Not Trusted, Rejected By Vista SP1 · · Score: 1

    Surprising isn't it ? Not.

  13. Re:But what if... on Dual Boot Not Trusted, Rejected By Vista SP1 · · Score: 1

    I hope you don't install any corporate services on Vista, it's meant for the desktop. Not the server.

  14. Re:The big deal is ... on Dual Boot Not Trusted, Rejected By Vista SP1 · · Score: 1

    DRM actually exists to give the user less control of their computer, adding trust is thus definitly not part of there plan. Because you might add something that invalidated the whole point.

  15. Re:Biggest boom for Open DNS's busineess on OpenDNS As Quick-Fix To DNS Patch Dilemma · · Score: 1

    Unless you hace a shitty NAT-firewall in between. And if a lot of people use OpenDNS, you'll all be an easy target.

  16. Re:Apple codestandards on Apple Still Has Not Patched the DNS Hole · · Score: 1

    You didn't have be a genius to know bind could have had it's security improved by adding source port randomisation, just like djbdns and PowerDNS were already doing years ago. Even the creator(s) of bind knew this. That's why I didn't use bind, they are not pro-active enough by my standard.

  17. Re:Apple meet real world on Apple Still Has Not Patched the DNS Hole · · Score: 1

    What I don't understand is, why don't they release security fixes.

    I think they use bind, there are atleast some patched out (although they are slower than the original bind).

    This also happends with a lot of other parts of the system. There is a patch out there but Apple doesn't apply and release it.

    I don't know their policy, but this is a really odd way of doing things.

  18. Re:Don't we? on Patch DNS Servers Faster · · Score: 1

    I said _may_ default any randomisation and I said simple DSL-router, Linux is not such a thing.

  19. Re:Poor guys.. on Oyster Card Hack To Be Released, In Good Time · · Score: 1

    I wouldn't put it like that, the government first poured a lot of money into it, then some students broke the encryption on this chip from the previous century that already had many known problems. Now the government doesn't seem to want to stop with the project, because it was almost ready. Although it maybe have been postponed.

  20. Re:Easier Said Than Done on Patch DNS Servers Faster · · Score: 2, Informative

    It's a perfect time to start using PowerDNS, djbdns or Unbound/NSD as well. :-)

  21. Re:how do I check? on Patch DNS Servers Faster · · Score: 1

    Easiest is to temporarily put it in /etc/hosts.

  22. Re:DNS became slower on Patch DNS Servers Faster · · Score: 2, Interesting

    If it has become slower, they are probably using bind9, because it's quick fix. After they've known for 6 months, all they could release was a quick fix. Even though the author/organsation that created/maintainces bind knew about possible problems somewhere in the preview century. I'm sorry, but I've stopped using their software as much as possible.

  23. Re:Don't we? on Patch DNS Servers Faster · · Score: 1

    Don't trust them if yours is behind a simple DSL-router with NAT. The NAT may defeat any randomisation you might have.

  24. Re:Am I safe? on Patch DNS Servers Faster · · Score: 4, Informative

    dig +short porttest.dns-oarc.net TXT

  25. Re:The Book Of Internets, Chapter Three, Verse Twe on Attack Code Published For DNS Vulnerability · · Score: 1

    Ohh, sorry, I misread the parent post.

    I guess there is only one solution, pay for your bandwidth double or tripple, by getting an account on a server somewhere.