What does "obsolete" mean? If his writing instrument does what he needs it to do and he's happy using it, then more power to him. Who's to tell him he can't use it, or an IBM Selectric, or even a quill pen and vellum? Nothing is obsolete if it still works for your needs.
>If you have a site where an attacker would have bothered with the elaborate process of getting the private key, and then do MITM attacks with it on users, and it >would actually matter, you wouldn't have used StartSSL in the first place, and $25 would be absolutely nothing for you.
>Hint: not you
None of which has any bearing on my original point, which is that we need a better and more secure way of applying security to web servers that isn't reliant on the good graces of a third party (either through their schedule of fees or through their procedures and policies). If you want a more secure internet, you have to make it cheaper and easier for the guys who are just like me. As I mentioned in my top post, the admins I spoke of can't afford to replace their certificates and so their sites remain unsecured.
StartSSL won't revoke a certificate unless you pay the $25 revocation fee and they won't just let you cut a new certificate while the old one is unrevoked. How is that not extortion? The only option is to either pay up or find another provider (and leave your old, unrevoked certificate out there).
>Yup, twenty-five whole dollars. That's the price of several Big Macs, with fries!. Shameless what some CAs will charge.
(Not defending the CA racket here, but $25 isn't really that much when they give the certs out for free. In any case why revoke them, just replace them with a new, free cert. Yes, I know someone can spoof the server using the old cert, but if you want to save the $25...).
That's $25 per certificate. That may sound cheap to you, but it's not cheap to everyone and especially not when you may have several (or dozens) to replace. In any case, revocations should be free. Also, StartSSL won't let you cut a new certificate for a host while an unrevoked certificate exists for that host, so you either pay them to revoke it, wait until it expires, or change the hostname (or move to a different CA, I guess). All three are unacceptable scenarios, IMHO.
What would help is if there were some certificate system that didn't rely on extortion or exorbitant prices. I know several admins that mitigated the hole but couldn't replace their certificates either because the signer charges a ridiculous revocation fee (I'm looking at you, StartSSL), or because the cost of cutting and signing new certificates was too high. We need a better trust system.
Well, no....it won't be a Lamborghini really, but it will look just like one, we promise! Ok, the engine will only be a four-cylinder but it will only cost twice as much as Google's Lamborghini! No, we won't charge you for gas or oil for the first six months, but after that we may have to charge a slight service fee. The speedometer goes up to 200MPH, but most of the time, you won't be able to go over 35. Also, you can only drive to three cities per month before you hit your mileage cap because we don't want you taking unfair advantage of the roads. Speaking of roads, did we mention the slight access fee to help cover the cost of building out new roads (someday, maybe, if someone else threatens to build roads first)?
Users are not administrators by default, but so much poorly-written software out there requires local admin rights to run (let alone install) that it's virtually unavoidable.
So, for the bottle to be edible, it's going to have a removable, non-edible outer wrapping to protect it from contamination during the shipping, handling, and sales process. That means you've just moved the problem one layer out. You're still going to be generating waste.
Someone from the future travels to the past, changes something fundamental and the universe slips into an alternate reality from which it can never return and in which no event can be expected to unfold as it did in the original.
Consider the enormous advantages that say, President Obama's daughters have over say, an Asian girl from a economically disadvantaged family. Yet the check marks that each would mark on a college application would result in the President's daughters getting racial preference.
Or consider two students from the same socioeconomic background (perhaps even attending the same high school), but one is white and one is black. Under affirmative action, the white student would have to perform at an exponentially higher level to receive the same consideration. As long as race is a consideration AT ALL, then the playing field isn't level.
The whole hierarchy of office chairs has always baffled me. You have three general classifications of chairs (and they're usually labelled as such at the store): Executive, Manager, and Secretary. The Secretary chair always sucks. It's the cheapest model, doesn't usually have arms, has thin or no padding, and it's flimsy. The Manager chair is the most comfortable. It's ergonomic, has adjustable armrests, lumber support, etc. The Executive chair, which should be the most luxurious, is almost always the most uncomfortable but it's always covered in slippery leather. Other than that, it's straight-backed, never high enough for the desk, and heavy.
It makes no sense that the degree of comfortableness that you are allowed to have is actually a class system in a modern office. I get that a business owner wants to control costs and expensive chairs are expensive. But wouldn't you want your employees to be as comfortable and healthy as your budget will allow? Why is a secretary less deserving of arm rests or lumber support than a manager?
Pretty much every retail employee on the planet already has to deal with this, but without the ability to have a mysterious hardware failure at (in)convenient times.
Exactly. I'm not sure why it needs to jump directly to contacts. Why not just regular sunglasses? The article even says "...that makes infrared goggles so cumbersome." So, great! Now you can pack all of that down into a standard pair of glasses that you can easily put on and take off, even when your fingers are filthy from crawling in the dirt during combat.
The article pretty much just says that the flower pots were merely a symptom of a much larger problem - that the developers spent far too much time on graphics and not nearly enough time on fun, story, stability, playability. They were not blaming the failure on the flower pots.
My bank just implemented a new password policy. "Between 6-10 characters, the first two should be 'XX' and the rest must be letters and numbers, with at least one of each type". I just finished sending them an e-mail in which I included a helpful link to some rainbow tables.
That's not a solution, that's a workaround. The author is clearly trying to define the actual problem and make a supposition as to the cause, not just find a way to make the symptoms stop happening.
The "race to zero" has done nothing but create a wasteland of crappy "freemium" games. Dungeon Keeper is the culmination of developers' efforts to move the pricing model away from initial purchase and into in-app purchases. The practice has absolutely decimated gaming. I don't necessarily see Steam's move as a good thing.
This may be overkill for your needs, but I have a Synology NAS that does this. It's got a Dropbox-like app called Cloud Sync to sync all your devices with your NAS (and will sync WiFi-only for your Android if you want). It also has a separate photo app that will auto-upload your photos to your NAS. It includes many other apps that might interest you as well.
Slashdot Mirror
It's useful, I don't know if it's convenient. Most sites won't even load anymore if you have Javascript turned off.
What does "obsolete" mean? If his writing instrument does what he needs it to do and he's happy using it, then more power to him. Who's to tell him he can't use it, or an IBM Selectric, or even a quill pen and vellum? Nothing is obsolete if it still works for your needs.
If they're not a NASA astronaut, why would they?
>If you have a site where an attacker would have bothered with the elaborate process of getting the private key, and then do MITM attacks with it on users, and it >would actually matter, you wouldn't have used StartSSL in the first place, and $25 would be absolutely nothing for you.
>Hint: not you
None of which has any bearing on my original point, which is that we need a better and more secure way of applying security to web servers that isn't reliant on the good graces of a third party (either through their schedule of fees or through their procedures and policies). If you want a more secure internet, you have to make it cheaper and easier for the guys who are just like me. As I mentioned in my top post, the admins I spoke of can't afford to replace their certificates and so their sites remain unsecured.
StartSSL won't revoke a certificate unless you pay the $25 revocation fee and they won't just let you cut a new certificate while the old one is unrevoked. How is that not extortion? The only option is to either pay up or find another provider (and leave your old, unrevoked certificate out there).
>Yup, twenty-five whole dollars. That's the price of several Big Macs, with fries!. Shameless what some CAs will charge.
(Not defending the CA racket here, but $25 isn't really that much when they give the certs out for free. In any case why revoke them, just replace them with a new, free cert. Yes, I know someone can spoof the server using the old cert, but if you want to save the $25...).
That's $25 per certificate. That may sound cheap to you, but it's not cheap to everyone and especially not when you may have several (or dozens) to replace. In any case, revocations should be free. Also, StartSSL won't let you cut a new certificate for a host while an unrevoked certificate exists for that host, so you either pay them to revoke it, wait until it expires, or change the hostname (or move to a different CA, I guess). All three are unacceptable scenarios, IMHO.
What would help is if there were some certificate system that didn't rely on extortion or exorbitant prices. I know several admins that mitigated the hole but couldn't replace their certificates either because the signer charges a ridiculous revocation fee (I'm looking at you, StartSSL), or because the cost of cutting and signing new certificates was too high. We need a better trust system.
Well, no....it won't be a Lamborghini really, but it will look just like one, we promise! Ok, the engine will only be a four-cylinder but it will only cost twice as much as Google's Lamborghini! No, we won't charge you for gas or oil for the first six months, but after that we may have to charge a slight service fee. The speedometer goes up to 200MPH, but most of the time, you won't be able to go over 35. Also, you can only drive to three cities per month before you hit your mileage cap because we don't want you taking unfair advantage of the roads. Speaking of roads, did we mention the slight access fee to help cover the cost of building out new roads (someday, maybe, if someone else threatens to build roads first)?
They don't have sarcasm where you're from?
Users are not administrators by default, but so much poorly-written software out there requires local admin rights to run (let alone install) that it's virtually unavoidable.
So, for the bottle to be edible, it's going to have a removable, non-edible outer wrapping to protect it from contamination during the shipping, handling, and sales process. That means you've just moved the problem one layer out. You're still going to be generating waste.
Someone from the future travels to the past, changes something fundamental and the universe slips into an alternate reality from which it can never return and in which no event can be expected to unfold as it did in the original.
What do you think this is, Star Trek?
Consider the enormous advantages that say, President Obama's daughters have over say, an Asian girl from a economically disadvantaged family. Yet the check marks that each would mark on a college application would result in the President's daughters getting racial preference.
Or consider two students from the same socioeconomic background (perhaps even attending the same high school), but one is white and one is black. Under affirmative action, the white student would have to perform at an exponentially higher level to receive the same consideration. As long as race is a consideration AT ALL, then the playing field isn't level.
The whole hierarchy of office chairs has always baffled me. You have three general classifications of chairs (and they're usually labelled as such at the store): Executive, Manager, and Secretary. The Secretary chair always sucks. It's the cheapest model, doesn't usually have arms, has thin or no padding, and it's flimsy. The Manager chair is the most comfortable. It's ergonomic, has adjustable armrests, lumber support, etc. The Executive chair, which should be the most luxurious, is almost always the most uncomfortable but it's always covered in slippery leather. Other than that, it's straight-backed, never high enough for the desk, and heavy.
It makes no sense that the degree of comfortableness that you are allowed to have is actually a class system in a modern office. I get that a business owner wants to control costs and expensive chairs are expensive. But wouldn't you want your employees to be as comfortable and healthy as your budget will allow? Why is a secretary less deserving of arm rests or lumber support than a manager?
Pretty much every retail employee on the planet already has to deal with this, but without the ability to have a mysterious hardware failure at (in)convenient times.
You have no idea what you're talking about.
Exactly. I'm not sure why it needs to jump directly to contacts. Why not just regular sunglasses? The article even says "...that makes infrared goggles so cumbersome." So, great! Now you can pack all of that down into a standard pair of glasses that you can easily put on and take off, even when your fingers are filthy from crawling in the dirt during combat.
The article pretty much just says that the flower pots were merely a symptom of a much larger problem - that the developers spent far too much time on graphics and not nearly enough time on fun, story, stability, playability. They were not blaming the failure on the flower pots.
If you're going to let a little piss get in the way of your fun, you're in for a boring life.
My bank just implemented a new password policy. "Between 6-10 characters, the first two should be 'XX' and the rest must be letters and numbers, with at least one of each type". I just finished sending them an e-mail in which I included a helpful link to some rainbow tables.
You can set any DNS you want on your computer. You don't have to use the one handed out by the ISP's modem or router.
That's not a solution, that's a workaround. The author is clearly trying to define the actual problem and make a supposition as to the cause, not just find a way to make the symptoms stop happening.
The "race to zero" has done nothing but create a wasteland of crappy "freemium" games. Dungeon Keeper is the culmination of developers' efforts to move the pricing model away from initial purchase and into in-app purchases. The practice has absolutely decimated gaming. I don't necessarily see Steam's move as a good thing.
This may be overkill for your needs, but I have a Synology NAS that does this. It's got a Dropbox-like app called Cloud Sync to sync all your devices with your NAS (and will sync WiFi-only for your Android if you want). It also has a separate photo app that will auto-upload your photos to your NAS. It includes many other apps that might interest you as well.
Because only a tiny percentage of PC users want to use (or have even heard of) Linux. Like it or not, we are in the minority.