Neither of these terms really mean much in modern designs. It's more precise to refer to ARM, PPC, SPARC, etc. as load-store architectures as this is what differentiates them from x86 most.
Re:OP should be shot; N800 idle time
on
Ubuntu Ports To ARM
·
· Score: 2, Informative
I've left mine in a drawer for several days connected to WiFi with occasional RSS feed synchronization during that time. I have no idea what WiFi chip is in the N800/N810, but it is possible for many of these parts to power down completely while still associated.
... in that election, Obama's district was the entire state of Illinois. You know, the one whose senior senator is Dick Durbin.
But you're right about how Obama got elected: the main candidate self-destructed, they skipped the runner-up in the primaries because the state party didn't like him, and went shopping for a black candidate, who they got in the form of the incredibly nutso Alan Keyes.
... is to separate out wire encryption from identity validation, and encourage users only to trust web sites which have an EV certificate for secure purposes, while allowing any site to use wire encryption via a self signed certificate.
Most uses of self signed certificates are in situations where no identity validation is required at all. For these purposes, putting up Big Scary Warning Dialogs only serves to discourage people from using encryption where it would be useful. For purposes of verifying identity, only an EV certificate should be trusted. Most users will not thoroughly check the domain name of the site they're visiting to establish that they haven't been redirected to another site via a man-in-the-middle attack and are now viewing a phishing page hosted with a stolen certificate. Having the name of the organization that was issued the certificate in the URL bar is the only way to ensure that users actually check that the certificate belongs to the organization they're trying to interact with.
Needless to say, Safari also needs to get on the EV bandwagon.
It doesn't need to be an especially sophisticated attack if the government's doing it. Most uses of SSL just check that the other side has a properly signed certificate by a trusted authority. No doubt the government can generate trusted certificates at any time.
I can refute it. Everyone who is working for a profit motive is a selfish evil bastard who wants the gays and the druggies to get what's coming to them. Everyone working for a non-profit is doing it out of a selfless desire to do good and improve the world, even if it means they eliminate the condition for their employment. Duh.
Or you can take the first step like you always should, and not visit sites you don't trust.
Ever use an open 802.11 access point? Ever been redirected to a legalese page before being allowed onto the internet? Now what if that page had the exploit in it? For added fun, imagine the hotspot isn't malicious but there's an attacker on the network using a rogue DHCP server to feed you a bogus set of DNS servers.
People assume that their web browser is a trusted execution environment. Vulnerabilities which affect the browser are worth caring about for that reason.
But, but, if vaccines are widely available in developing countries, next thing you know we'll be facing an epidemic of healthy, autistic Indian and Chinese children. We'll never be able to compete in engineering talent again!
I suspect that were some company to realise that it was responsible for this then there would be a lot of pressure to cover it up, such a cover-up may even be seen as right and proper according to capitalist ethics (preserve the stock price, protect the shareholders).
The problem with this reasoning is the same as the problem with the moon landing conspiracy theories. All these people in on it and not a single reputable whistleblower with hard evidence? Really? All it takes is one.
Yes, they should be verified with the person who owns the key. (The signature is just a hash of the key.)
I think perhaps you're using "public key" in a nonstandard way. It refers to any asymmetric cryptosystem, and "shared key" refers to any symmetric cryptosystem. Key distribution and verification is not encompassed in these terms.
I think you should read up more on the concept of the web of trust. It is secure unless the mathematical assumptions behind the public key systems used are broken.
The Congress shall have power . . . To regulate commerce with foreign nations, and among the several states, and with the Indian tribes
Since the 1930s, the Supreme Court has taken the broadest possible interpretation of the commerce clause. If your actions cause a butterfly to sneeze in the next state, and said butterfly sneeze could in some incredibly complicated and subtle fashion affect commerce in that state, it's capable of being regulated by Congress. This is why Congress can tell you not to grow wheat above some national limit on your own land, even if you don't sell it: by growing the wheat on your land, you're not buying it from someone else, nevermind whether you would have bought it had you not grown it yourself. From this convoluted logic, anything follows, especially the drug war. This doesn't apply to abortion, mind you. Somehow paying a doctor to perform an abortion is protected as an emanation from a penumbra, but paying a doctor to obtain medical marijuana which eases the crippling pain from chemotherapy is not.
I'm afraid you do not understand how public key crypto works. If Alice has Bob's key and has personally verified that the signature of the key, communication between Alice and Bob is secure so long as the "hard problem" that the cryptosystem depends on (e.g. discrete log for RSA) is not broken. There is no proxying which can take place; Alice encrypts her traffic with Bob's public key before sending it to him.
Is it possible you've confused public key cryptosystems in general with systems based on Diffie-Hellman key exchange that provide protection against eavesdroppers but not man-in-the-middle attacks?
I may be confused, but isn't this actually a way of complying with the GPL3? Using a hypervisor allows users to upgrade the kernel of their device without running into the (theoretical) security problems that companies who lock down their devices are afraid of.
Oh my God! ls -laF is looking at my.mozilla directory! In fact, it's looking at every file in my home directory! GNU binutils is teh spywarez!... what do you mean, it's supposed to do that?
I can't speak to the Firefox profile access, but if an application wants to look at the GECOS field to find your real user name, the only way to do that on a non-NIS (or other network authentication scheme) system is to look at/etc/passwd. This is also why shadow passwords should always be used, because/etc/passwd can't be locked down.
Paranoia without understanding how UNIX works is inappropriate.
Did you read TFA? They're providing "assistance" to the Moonlight developers. Moonlight is open source.
If Microsoft stops providing such "assistance" and breaks backwards compatibility in Silverlight, I suppose the Moonlight developers will have to adapt. I don't have much hope that they'll be more successful than the Samba developers, though.
Slashdot Mirror
Neither of these terms really mean much in modern designs. It's more precise to refer to ARM, PPC, SPARC, etc. as load-store architectures as this is what differentiates them from x86 most.
I've left mine in a drawer for several days connected to WiFi with occasional RSS feed synchronization during that time. I have no idea what WiFi chip is in the N800/N810, but it is possible for many of these parts to power down completely while still associated.
"Thieves respect property. They merely wish the property to become their property that they may more perfectly respect it." -- G.K. Chesterton
If Barr is a notorious bigot, it shouldn't trouble you too much to pull up some supporting evidence for that. Care to provide it?
... in that election, Obama's district was the entire state of Illinois. You know, the one whose senior senator is Dick Durbin.
But you're right about how Obama got elected: the main candidate self-destructed, they skipped the runner-up in the primaries because the state party didn't like him, and went shopping for a black candidate, who they got in the form of the incredibly nutso Alan Keyes.
Don't blame me, though. I voted for the LP guy.
... is to separate out wire encryption from identity validation, and encourage users only to trust web sites which have an EV certificate for secure purposes, while allowing any site to use wire encryption via a self signed certificate.
Most uses of self signed certificates are in situations where no identity validation is required at all. For these purposes, putting up Big Scary Warning Dialogs only serves to discourage people from using encryption where it would be useful. For purposes of verifying identity, only an EV certificate should be trusted. Most users will not thoroughly check the domain name of the site they're visiting to establish that they haven't been redirected to another site via a man-in-the-middle attack and are now viewing a phishing page hosted with a stolen certificate. Having the name of the organization that was issued the certificate in the URL bar is the only way to ensure that users actually check that the certificate belongs to the organization they're trying to interact with.
Needless to say, Safari also needs to get on the EV bandwagon.
It doesn't need to be an especially sophisticated attack if the government's doing it. Most uses of SSL just check that the other side has a properly signed certificate by a trusted authority. No doubt the government can generate trusted certificates at any time.
I can refute it. Everyone who is working for a profit motive is a selfish evil bastard who wants the gays and the druggies to get what's coming to them. Everyone working for a non-profit is doing it out of a selfless desire to do good and improve the world, even if it means they eliminate the condition for their employment. Duh.
I think by "economics journal" something like the Wall Street Journal or Financial Times was meant.
Yeah, I saw that episode of SG: Atlantis. It never ends well.
Ever use an open 802.11 access point? Ever been redirected to a legalese page before being allowed onto the internet? Now what if that page had the exploit in it? For added fun, imagine the hotspot isn't malicious but there's an attacker on the network using a rogue DHCP server to feed you a bogus set of DNS servers.
People assume that their web browser is a trusted execution environment. Vulnerabilities which affect the browser are worth caring about for that reason.
But, but, if vaccines are widely available in developing countries, next thing you know we'll be facing an epidemic of healthy, autistic Indian and Chinese children. We'll never be able to compete in engineering talent again!
The problem with this reasoning is the same as the problem with the moon landing conspiracy theories. All these people in on it and not a single reputable whistleblower with hard evidence? Really? All it takes is one.
Will I be able to wear the device as a prosthesis?
Because, you know, everybody wants prosthetic foreheads on their real heads.
Oops. You're completely right. Must have had a crossed wire somewhere, probably with DSA.
Right, sorry for the confusion. "Personally" there meant "in person", and preferably not even over the phone.
Yes, they should be verified with the person who owns the key. (The signature is just a hash of the key.)
I think perhaps you're using "public key" in a nonstandard way. It refers to any asymmetric cryptosystem, and "shared key" refers to any symmetric cryptosystem. Key distribution and verification is not encompassed in these terms.
I think you should read up more on the concept of the web of trust. It is secure unless the mathematical assumptions behind the public key systems used are broken.
Since the 1930s, the Supreme Court has taken the broadest possible interpretation of the commerce clause. If your actions cause a butterfly to sneeze in the next state, and said butterfly sneeze could in some incredibly complicated and subtle fashion affect commerce in that state, it's capable of being regulated by Congress. This is why Congress can tell you not to grow wheat above some national limit on your own land, even if you don't sell it: by growing the wheat on your land, you're not buying it from someone else, nevermind whether you would have bought it had you not grown it yourself. From this convoluted logic, anything follows, especially the drug war. This doesn't apply to abortion, mind you. Somehow paying a doctor to perform an abortion is protected as an emanation from a penumbra, but paying a doctor to obtain medical marijuana which eases the crippling pain from chemotherapy is not.
I'm afraid you do not understand how public key crypto works. If Alice has Bob's key and has personally verified that the signature of the key, communication between Alice and Bob is secure so long as the "hard problem" that the cryptosystem depends on (e.g. discrete log for RSA) is not broken. There is no proxying which can take place; Alice encrypts her traffic with Bob's public key before sending it to him.
Is it possible you've confused public key cryptosystems in general with systems based on Diffie-Hellman key exchange that provide protection against eavesdroppers but not man-in-the-middle attacks?
That's not a Z-machine. This is a Z-machine.
John McCarthy, the father of Lisp and thus the granddaddy of dynamically typed programming languages, is a Reaganite conservative.
I may be confused, but isn't this actually a way of complying with the GPL3? Using a hypervisor allows users to upgrade the kernel of their device without running into the (theoretical) security problems that companies who lock down their devices are afraid of.
Oh my God! ls -laF is looking at my .mozilla directory! In fact, it's looking at every file in my home directory! GNU binutils is teh spywarez! ... what do you mean, it's supposed to do that?
I can't speak to the Firefox profile access, but if an application wants to look at the GECOS field to find your real user name, the only way to do that on a non-NIS (or other network authentication scheme) system is to look at /etc/passwd. This is also why shadow passwords should always be used, because /etc/passwd can't be locked down.
Paranoia without understanding how UNIX works is inappropriate.
Did you read TFA? They're providing "assistance" to the Moonlight developers. Moonlight is open source.
If Microsoft stops providing such "assistance" and breaks backwards compatibility in Silverlight, I suppose the Moonlight developers will have to adapt. I don't have much hope that they'll be more successful than the Samba developers, though.