I highly doubt they can do real time packet inspection of secure traffic unless they are forcing you to accept their cert and then proxying everything.
As far as I am aware, if you don't want to be downgraded by a MITM, you can remove antiquated ciphers from the list advertised by your browser when setting up a secure connection.
However, what they can do is inject garbage or RSTs into the packet stream or just throttle it to encourage you to use unsecured connections.
I discovered long ago that only a fool learns on their own dime. Also, every company has different needs, culture, procedures and technical requirements which need to be learned on the job anyway.
Though, knowing this, it does beg the question, why isn't there more diversity?
It is rare to find a well designed streaming app. Hulu is terrible and has gotten more terrible now that they took away the queue (wtf is with that?!) but it is far from the worst app out there.
I recently looked at the SeeSo app on my Roku... holy crap... that is a poster child of doing it wrong.
So yeah, the user experience is only as good as the weakest app, imo.
Yes, what a wonderful idea. I would love to put all my controls in the same device... oops hold on, I have a phone call... damn, where's the mute button? Oh, gotta launch that app... oh wait, I have to unlock the device first... ah crap! the battery is dying...
That seems so much easier than just having a nice, dumb IR remote.
An IR remote with tactile buttons, on the other hand, is a great design. It just works and needs line of sight to work which means that if I drop it into the couch or sit on it or look at it funny, it won't register... unlike an RF remote or app (looking at your Roku remote control)
Plus, there is something to be said about tactile feedback... all this touch screen stuff is driving me crazy.
The best practice lies somewhere in the middle. Change them too frequently or infrequently and security may be decreased for different reasons.
(This also depends on your definition of "frequently")
I *believe* that a password change policy is necessary. However, I don't think you need to change your password every couple of months. I think once a year is good as long as you are not using that password elsewhere and that it is 12 or more characters (don't worry about the numbers, symbols, etc. Just the length is important... again, with caveats pertaining to how the password is entered, stored, transmitted, etc)
There is one spot in the upper left quadrant where I can taste/smell the bacteria pocket getting disturbed if I haven't flossed for a week or more. This is despite twice a day thorough brushing.
I can also tell that my gums are healthier when I am in the flossing habit.
I just don't see the supposed performance issues with FF.
FF is my daily driver though I have IE, Edge, Opera and Chrome also installed on my computer. I use them all for various purposes (Chrome for chromecast, Opera for side project work, IE and Edge for work and FF for personal/everything else) and I just don't see any performance differences. If there are, they are measured in time increments imperceptible to me.
According to https://wiki.mozilla.org/Addon..., you can use a dev or nightly build which will have the about::config option to disable signing enforcement. This would allow you to keep on a current build.
Otherwise, like you say, submit the extension to Mozilla for signing. There are also automated methods to do this using an API or the jpm util.
I like the idea of using an independently produced browser where I am not the product. Not saying that FF is 100% free of these influences, but it is certainly better than Chrome or IE/Edge.
I suppose the authors of nmap didn't think their tool through correctly because it allows joe-random-employee at $office to portscan the ever loving shit out of every device behind the firewall.
I believe you need to be root or nmap must be suid in order for it to do a full port scan.
Slashdot Mirror
Ha!
Trolls roam in batches.
I think that should be the official term for a group of trolls.
Get a life people....
Also... change.org was neat for a while... but I just don't want to be depressed all day every day so I took myself off the mailing list..
I highly doubt they can do real time packet inspection of secure traffic unless they are forcing you to accept their cert and then proxying everything.
As far as I am aware, if you don't want to be downgraded by a MITM, you can remove antiquated ciphers from the list advertised by your browser when setting up a secure connection.
However, what they can do is inject garbage or RSTs into the packet stream or just throttle it to encourage you to use unsecured connections.
I have come to a similar conclusion.
I discovered long ago that only a fool learns on their own dime. Also, every company has different needs, culture, procedures and technical requirements which need to be learned on the job anyway.
Though, knowing this, it does beg the question, why isn't there more diversity?
Not just the television device manufacturers.
Streaming app creators are much worse.
It is rare to find a well designed streaming app. Hulu is terrible and has gotten more terrible now that they took away the queue (wtf is with that?!) but it is far from the worst app out there.
I recently looked at the SeeSo app on my Roku... holy crap... that is a poster child of doing it wrong.
So yeah, the user experience is only as good as the weakest app, imo.
Yes, what a wonderful idea. I would love to put all my controls in the same device... oops hold on, I have a phone call... damn, where's the mute button? Oh, gotta launch that app... oh wait, I have to unlock the device first... ah crap! the battery is dying...
That seems so much easier than just having a nice, dumb IR remote.
An IR remote with tactile buttons, on the other hand, is a great design. It just works and needs line of sight to work which means that if I drop it into the couch or sit on it or look at it funny, it won't register... unlike an RF remote or app (looking at your Roku remote control)
Plus, there is something to be said about tactile feedback... all this touch screen stuff is driving me crazy.
But it has to do with domains....
As in, installing Windows after installing Linux will mess with the boot loader.
Everyone running a dual boot system should already be aware of this since the recommendation is always to install Linux second.
New major updates to Windows 10 are basically entirely new operating systems. They just make the process more transparent these days.
I think you have your Rush albums confused...
The best practice lies somewhere in the middle. Change them too frequently or infrequently and security may be decreased for different reasons.
(This also depends on your definition of "frequently")
I *believe* that a password change policy is necessary. However, I don't think you need to change your password every couple of months. I think once a year is good as long as you are not using that password elsewhere and that it is 12 or more characters (don't worry about the numbers, symbols, etc. Just the length is important... again, with caveats pertaining to how the password is entered, stored, transmitted, etc)
absolutely this.
There is one spot in the upper left quadrant where I can taste/smell the bacteria pocket getting disturbed if I haven't flossed for a week or more. This is despite twice a day thorough brushing.
I can also tell that my gums are healthier when I am in the flossing habit.
I have a high tech solution to this:
Use a 3d printer to create a sign that says "turn off your cell phones or your battery will suffer. You have been warned."
It's better to burn out than to fade away
-- The Kurgan
Funny, I remember the name and knew he was an olympic swimmer who did some bong hits but didn't know he won anything...
Workaround is to use a dev or nightly build.
I just don't see the supposed performance issues with FF.
FF is my daily driver though I have IE, Edge, Opera and Chrome also installed on my computer. I use them all for various purposes (Chrome for chromecast, Opera for side project work, IE and Edge for work and FF for personal/everything else) and I just don't see any performance differences. If there are, they are measured in time increments imperceptible to me.
Sounds like there are a few options for you.
According to https://wiki.mozilla.org/Addon..., you can use a dev or nightly build which will have the about::config option to disable signing enforcement. This would allow you to keep on a current build.
Otherwise, like you say, submit the extension to Mozilla for signing. There are also automated methods to do this using an API or the jpm util.
I can see how this is one of those "it's not a bug, it's a feature" arguments.
Probably "unpatched" because some big customer of MS is using this "feature".
Though, why they wouldn't just determine the internal vs. external links by using site-and-services and/or IE zone profiles... I don't know.
It has always been on top for me.
I like the idea of using an independently produced browser where I am not the product. Not saying that FF is 100% free of these influences, but it is certainly better than Chrome or IE/Edge.
I suppose the authors of nmap didn't think their tool through correctly because it allows joe-random-employee at $office to portscan the ever loving shit out of every device behind the firewall.
I believe you need to be root or nmap must be suid in order for it to do a full port scan.
If I block outbound CIFS/SMB connections at the firewall, this should solve the issue, correct?
Ask anyone to name a silver medal winner from years past
I couldn't name a single gold medal winner...
I thought that all Google properties redirected to HTTPS now....
Or used as a DoS by people on the bus with you or your annoying children...
Peace and quiet? Not for you!
This is exactly what I was thinking.
People sure do have a lot of trust to give when they want something...