You are aware that certificates have very little to do with encryption and are mostly about proving that you're actually talking with who you want to talk to, yes?
Because we're now teaching the mantra of "encryption makes you secure", and people will swallow it. Unfortunately, it's not true. It is absolutely possible that you connect to hxtps://onlinebanking.bankofmurrica.com, log in and be surprised that suddenly your money is gone. Because encryption only means that traffic is secure between you and the target, and a certificate only says that the other side is who they claim to be.
What a certificate cannot ensure is that you're really connected to who you think you're connected to. So the next step, or even the step before, should be to teach people to read the fucking URL they communicate with instead of just going "oh browser says 'secure' so it's all right, let me just enter all my passwords".
Yup, if I could attach a keyboard to a smartphone so I can type... and a 17" screen so I can see something... we'd have the perfect laptop replacement.
Until then, keep your toy with the stamp-sized screen.
Could we do a poll on that? Because I do think that if you offer performance/battery life/screen size vs. fashion statement and design, I kinda have a hunch which side will be the "outlier" one...
Actually, in my experience newer games, especially if not AAA-titles from big studios, play lovely with Linux and more often than not even have a (more or less) official Linux port due to the spread of game development tools like Unity that make cross-development easy.
My biggest issue is still the lack of drivers for gaming hardware, it's still far from a given that you find working drivers for multi-button mice and programmable keyboards, let alone flight sticks/pedals or head tracking devices.
You know, most European countries calculate their fines based on your wealth rather than a "flat" fee. The idea is that you don't just get to flaunt your contempt for the law if you're rich because a fine of 500 bucks that would be crippling for someone who makes 1000 a month is pennies for someone who makes millions in bonus payments alone.
So you might want to be careful where you speed, thinking that you can easily pay any fine since you're rich...
You fail to understand that they most likely thought they wouldn't get caught. Also, don't forget that this isn't "pay 130m and you can continue your spiel". This is "pay 130m and if we catch you again breaking our law, it gets expensive".
Who said that it stays that way? It's 130m now. We'll be back in a couple months. You're still fixing prices? It's 260m. And we'll be back in a couple of months. With 520m.
If no one is digging into your code but your market share is big enough, me digging into your code will produce some exploits easily because nobody found them before me.
You can't compare bubble salaries to normal times. In 2000 we made like half a million for a three month project, and this was us 3 students with barely any experience and zero reputation. You think you could land something like that today?
That is the second part of the problem. We're looking at engineers whose experience so far never included security. Someone who designs TV until very recently had no reason to know the first thing about network security. Let alone people who design refrigerators, stoves or washing machines. Suddenly these things "must" connect to the internet. What happens now is that some kind of internet connectivity kit is somehow haphazardly attached to the machine (or to paraphrase Homer Simpson, they take an existing product and put a clock in it), without knowing the first thing about the kit or its security.
And often not even that security is an issue in the first place.
Why does security have to consume a fair amount of processing power?
Because it's easier to just ACCEPT all connection attempts instead of piping them through multiple layers of filters. Even the most basic authentication scheme is more complicated and time consuming than allowing total access to everyone. Even if the gadget only connects actively and does not allow others to establish a connection, you have to sanitize input from your peer.
Slashdot Mirror
You are aware that certificates have very little to do with encryption and are mostly about proving that you're actually talking with who you want to talk to, yes?
Because we're now teaching the mantra of "encryption makes you secure", and people will swallow it. Unfortunately, it's not true. It is absolutely possible that you connect to hxtps://onlinebanking.bankofmurrica.com, log in and be surprised that suddenly your money is gone. Because encryption only means that traffic is secure between you and the target, and a certificate only says that the other side is who they claim to be.
What a certificate cannot ensure is that you're really connected to who you think you're connected to. So the next step, or even the step before, should be to teach people to read the fucking URL they communicate with instead of just going "oh browser says 'secure' so it's all right, let me just enter all my passwords".
But where's the money for Google in that?
I watched the whole world cup recently on streams. Legally. Welcome to the 21st century.
Yup, if I could attach a keyboard to a smartphone so I can type ... and a 17" screen so I can see something ... we'd have the perfect laptop replacement.
Until then, keep your toy with the stamp-sized screen.
Could we do a poll on that? Because I do think that if you offer performance/battery life/screen size vs. fashion statement and design, I kinda have a hunch which side will be the "outlier" one...
Could someone with mod points hand that guy some? This sums up the situation pretty accurately.
I'm pretty sure that happens about the same time the red guy downstairs opens the ice skating rink.
You might want to avoid reading the article, so you don't realize just how silly that sounds now that you can't take the comment back anymore...
Actually, in my experience newer games, especially if not AAA-titles from big studios, play lovely with Linux and more often than not even have a (more or less) official Linux port due to the spread of game development tools like Unity that make cross-development easy.
My biggest issue is still the lack of drivers for gaming hardware, it's still far from a given that you find working drivers for multi-button mice and programmable keyboards, let alone flight sticks/pedals or head tracking devices.
You know, most European countries calculate their fines based on your wealth rather than a "flat" fee. The idea is that you don't just get to flaunt your contempt for the law if you're rich because a fine of 500 bucks that would be crippling for someone who makes 1000 a month is pennies for someone who makes millions in bonus payments alone.
So you might want to be careful where you speed, thinking that you can easily pay any fine since you're rich...
You fail to understand that they most likely thought they wouldn't get caught. Also, don't forget that this isn't "pay 130m and you can continue your spiel". This is "pay 130m and if we catch you again breaking our law, it gets expensive".
You don't get it, do you? If I lock you up, I have to spend money on you. If I fine you, you have to spend money on me.
Corporations have been great at dodging taxes. Dodging this one is rather easy, even: Just don't break the law.
Who said that it stays that way? It's 130m now. We'll be back in a couple months. You're still fixing prices? It's 260m. And we'll be back in a couple of months. With 520m.
If no one is digging into your code but your market share is big enough, me digging into your code will produce some exploits easily because nobody found them before me.
"Fat Girls Taking Dumps" would also be a great band name
--- Trevor Moore
That's what your government wants you to want, so they can more easily control what you can and what you cannot see!
(No matter your conspiracy theory, I can always field one that's more insane!)
Just because I can bring down the internet doesn't mean I do it right away. Timing is everything when you're doing a hack.
If they DID do it then we wouldn't have the problem we're having. The exact problem is that they're not sanitizing their input.
You can't compare bubble salaries to normal times. In 2000 we made like half a million for a three month project, and this was us 3 students with barely any experience and zero reputation. You think you could land something like that today?
I pay my gardener 5 bucks an hour. But his name is Jose, Jesus is his brother, he's a car mechanic.
Heavy metal is still less dangerous to your mental health than Country&Western!
That is the second part of the problem. We're looking at engineers whose experience so far never included security. Someone who designs TV until very recently had no reason to know the first thing about network security. Let alone people who design refrigerators, stoves or washing machines. Suddenly these things "must" connect to the internet. What happens now is that some kind of internet connectivity kit is somehow haphazardly attached to the machine (or to paraphrase Homer Simpson, they take an existing product and put a clock in it), without knowing the first thing about the kit or its security.
And often not even that security is an issue in the first place.
Why does security have to consume a fair amount of processing power?
Because it's easier to just ACCEPT all connection attempts instead of piping them through multiple layers of filters. Even the most basic authentication scheme is more complicated and time consuming than allowing total access to everyone. Even if the gadget only connects actively and does not allow others to establish a connection, you have to sanitize input from your peer.
These "majestic" birds are mostly carrion eaters, stink accordingly, and aren't particularly intelligent or interesting.
So ... perfect as the bird to represent the US?