Slashdot Mirror


User: jbolden

jbolden's activity in the archive.

Stories
0
Comments
13,627
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,627

  1. Re:Dump SSL / Certificate-based Security on Silent Circle, Lavabit Unite For 'Dark Mail' Encrypted Email Project · · Score: 1

    That sort of MiTM is fairly common in web transactions. It is often how people's bank accounts get stolen for example. Person goes to the wrong website, has what looks to them like a normal session with their bank and now their account information is stolen. A few days later....

    So I think it is a realistic issue.

  2. Re:Dump SSL / Certificate-based Security on Silent Circle, Lavabit Unite For 'Dark Mail' Encrypted Email Project · · Score: 1

    I agree with what you wrote. You'll see something similar one layer below. I don't even think you need A, B and C; A and B are fine as long as you trust A and B. You are right about spam though. The intermediaries could easily block spam at the same time.

    My point is the companies with volume capable of handling huge volumes of email are likely susceptible to pressure to hand over keys.

  3. Re:MitM is a tolerable default on Silent Circle, Lavabit Unite For 'Dark Mail' Encrypted Email Project · · Score: 1

    MiTM responds with his key when you request the key.

    The downside is you can't do this over and over again. You want to think through carefully key management and verification so that the system doesn't have to change again once people shift they shift for decades.

  4. Re:Dump SSL / Certificate-based Security on Silent Circle, Lavabit Unite For 'Dark Mail' Encrypted Email Project · · Score: 1

    You request the public key from the email address, the MiTM responds with his key...

  5. Re:Dump SSL / Certificate-based Security on Silent Circle, Lavabit Unite For 'Dark Mail' Encrypted Email Project · · Score: 2

    I replied above. You can avoid this. Here is how.

    A routes to B with an envelope that C can read.
    B sends to C who reads the envelope and forwards to D.

    B doesn't know where the message was going.
    C doesn't know where the message came from.

  6. Re:Dump SSL / Certificate-based Security on Silent Circle, Lavabit Unite For 'Dark Mail' Encrypted Email Project · · Score: 1

    To avoid envelope in the clear that you need to do something like Tor where you have intermediaries and those intermediaries need to be trusted. They also have to be willing to do 2x the current volume of email traffic. Who plays that role?

  7. Re:Dump SSL / Certificate-based Security on Silent Circle, Lavabit Unite For 'Dark Mail' Encrypted Email Project · · Score: 1

    Replay you scenario and assume that there was a man in the middle attack.

  8. Re:Dump SSL / Certificate-based Security on Silent Circle, Lavabit Unite For 'Dark Mail' Encrypted Email Project · · Score: 3, Insightful

    The problem with PGP is it makes the end user responsible for key management. End users don't understand encryption. Their needs to be a key management services around PGP to make it viable for mass usage.

  9. Re:Did the NSA just kill SMTP? on Silent Circle, Lavabit Unite For 'Dark Mail' Encrypted Email Project · · Score: 1

    When the internet was built everyone used their real names tied to a work address and they were military or academic associated with the military. There was no privacy so no particular reason to spy.

  10. Re:permissions on Edward Snowden's New Job: Tech Support · · Score: 3, Informative

    Who exactly gets the absolute right to decide what's ultimately "wrongdoing" as opposed to just "secret"?

    For the USA, the people of the United States who elected a president that made campaign promises not to do many of the things that Snowden proved they were doing. For corporations the government which they are chartered or acting.

  11. Re:iGoogle Disaster on The Case Against Gmail · · Score: 1

    Not really. There is a trend towards removing legacy interface elements whose use cases evolved from ANSI terminals and dual floppies and instead rethinking them completely for today's hardware.

  12. Re:Isn't this what the Taiwanese believe as well? on Taiwan Protests Apple Maps That Show Island As Province of China · · Score: 2

    Invaded? China doesn't own troop transport ships of meaningful size. They use cruise liners for simulation which couldn't possibly function against hostiles. What would they invade them with?

  13. Re:Province or nation? on Taiwan Protests Apple Maps That Show Island As Province of China · · Score: 1

    It would help if Taiwan declared itself an independent state. The rest of the world can't treat Taiwan as one until Taiwan stops farting around on this issue.

  14. Re: Another day, another anti-Apple story on Apple Blocks Lawrence Lessig's Comment On iOS 7 Wi-Fi Glitch · · Score: 1

    In early 2011 BlackBerry was fine. Though they had been forced downmarket since about 2006. That being said, jad they released a product the quality of the Z10 then they would have been fine. Their problems in terms of releases came after with failure and delay.

  15. Re:Pretty common support forums policies on Apple Blocks Lawrence Lessig's Comment On iOS 7 Wi-Fi Glitch · · Score: 1

    I'd agree. If you meant the installer that's reasonable. I'm not sure I'd call it shite code, and not just code that doesn't handle a use case that Apple hadn't encountered before. So I still think the proper response is a support call.

  16. Re:Pretty common support forums policies on Apple Blocks Lawrence Lessig's Comment On iOS 7 Wi-Fi Glitch · · Score: 1

    Yes, it should have checksummed and never allowed it to be installed.

  17. Re:Pretty common support forums policies on Apple Blocks Lawrence Lessig's Comment On iOS 7 Wi-Fi Glitch · · Score: 2

    Since when do we consider partially installed applications "shite code". All software, except some viruses, breaks when only parts of the executable are installed.

  18. Re: Another day, another anti-Apple story on Apple Blocks Lawrence Lessig's Comment On iOS 7 Wi-Fi Glitch · · Score: 1

    Apple is upset about people losing their cool and advising people to return products over a minor software issue. Their forums contain valuable information about "blemishes" from years back, advice and fixes on thousands of issues.

  19. Re: Another day, another anti-Apple story on Apple Blocks Lawrence Lessig's Comment On iOS 7 Wi-Fi Glitch · · Score: 1

    This quarter $37.5b in revenues and $7.5b in profits. That's circling the drain?

  20. Re: Another day, another anti-Apple story on Apple Blocks Lawrence Lessig's Comment On iOS 7 Wi-Fi Glitch · · Score: 0

    I don't know about "perceived quality". I just had a fan go bad and slight flaws in my retina screen. I brought the laptop to the Apple store. Overnight the laptop was open, the screen replaced the fan cleaned for me and the system works perfectly. No hassling for hours having to reboot again and again on the phone with a tech support person who was trying to avoid doing anything. That's not perceived quality, that's real customer service.

    I also have a 12" G4 laptop that I bought during the 10.3 days (about a decade ago) that I use as a spare. Still works perfectly. My in laws are using a powermac which was updated from OS9 to OSX 10.2 which is almost 13 years old. No one has had to bother with it for a decade in terms of maintenance.

  21. Re:The motivation is to support Windows Server 200 on Chrome Will End XP Support in 2015; Firefox Has No Plans To Stop · · Score: 1

    Of course it is stable compared to Apple. Apple's attitude is that all apps should patch annually to keep up with OS changes. That have no intention nor desire for stability, they like rapid progress and encourage this attitude in their developer base and user community. Apple brags about how quickly they retire old versions of their operating systems to investors.

  22. It might not have gotten a single vote on Why Can't Big Government Launch a Website? · · Score: 1

    Yes let's imagine that President Obama had said, 'I believe the nation should commit itself to the goal of enabling all Americans to access affordable health insurance so i propose we create a committee of unelected experts in healthcare and grant them the authority to rewrite huge sections of federal and state law, override company policies for the insurance, medical and pharmaceutical industries and thus shift around about two trillion a year to where they think it is best'. Do you think it would have gotten a single vote in congress?

  23. Re:Hangings on US Executions Threaten Supply of Anaesthetic Used For Surgical Procedures · · Score: 1

    I understand your position. The problem is that the public is generally fed false information from their leadership about every issue. Propaganda is part of our system of government. Moreover in the case of Iraq we know that the information wasn't the issue because the public did become aware of the misinformation and that did not induce huge changes in opinion.

    For example when Joe Wilson wrote the "What I didn't find in Africa essay" the general person's opinion became aware that the Bush administration most likely tampered with the intelligence reports that had been fed to Congress. If this was an information then you would have expected huge shifts in opinion. At best Wilson was a statistical blip. There has been a major motion picture about that essay (Fair Game) and still most Americans don't care. Republicans who were involved in the cover up win elections today in 2013.

    I would to have a public that shared your attitude that false information subverts democracy and reacted appropriately to that view. But that would require a public whose views on issues mainly depended on information, and we don't have that. In general the public's opinions on a wide range of issues comes from whom they culturally identify with and their opinions. Which BTW is not an unreasonable system. Essentially what they are asserting is they don't have the time to properly weigh the evidence so they are finding people who think like they do and do have the time and just agreeing to defer to them. Since Republicans continued to support the war even after the misinformation became clear I don't excuse the public. Republicans didn't care that they were lied to. I wish they did. But they don't.

  24. Re:Hangings on US Executions Threaten Supply of Anaesthetic Used For Surgical Procedures · · Score: 1

    How is that different than public opinion on most issues. The public is continually subjected to disinformation / propaganda and has a poor handle on most issues of public policy. This is a democracy we consider public opinion a valid measure despite all that otherwise I'm not sure how we know what the public believes about anything.

  25. Re:Hangings on US Executions Threaten Supply of Anaesthetic Used For Surgical Procedures · · Score: 1

    That gets very tricky. Clearly the press sucked in the lead up to Iraq. But the press sucks on many issues. We don't discount public opinion because the press was bad.

    At the time of the Iraq war there most certainly were good quality counter cases being made and readably available. A person choosing to be informed would easily be exposed to the counter arguments. The evidence for the Intelligence tampering wasn't known prior to Iraq but it certainly was prior to Bush being reelected. For example from July of 2003: What I didn't find in Africa

    The public was at least as well informed as they were on most issues. Absolutely there was disinformation as well, but I'm not sure how we can even talk about democratic consent if disinformation in the presence of correct information is seen as nullifying the validity of public opinion.