Now consider most people can't touch type and so don't look at the screen when they're typing in 'www.bbc.co.uk' or whatever. When they look up and realise what's happened they may as well just press return and get the results back, the only one of which is the site they want, then click on that. Otherwise they have to click in the location/address bar and re-type it, or cut and paste it up there (which many of the same people won't realise you can do from the search box.)
Point taken. If they've lost focus and are typing steadily into the search box without knowing, then fine. I was referring to (though I didn't say this) the people who focus the search box and type in the full address (well, with or without the http:/// since it's assumed for most URLs anyways). They don't understand how it works...I forget what my original point was, but either way....doing that isn't necessary and adds an extra step (potentially an incorrect one depending on the search engine).
Well, the idiots exclamation was an exaggeration, but it still doesn't make sense to do it. It just adds an extra step and the potential for screw ups.
It just makes more sense to type the address in the location bar. I mean, if you don't KNOW the address but just know part of the name, then yea...but if you're typing www.slashdot.org into Google's search box to get to www.slashdot.org then something is wrong.
Funny, I regularly get 500kbps+ download speeds on well seeded files. On a file with 60 seeds (and 30 leechers) earlier today I was getting 120kbps. This is on a corp. network with no ports forwarded to my machine.
Yea...it's not like you can't use Western Union to transfer money essentially anonymously or anything like that....I mean...all those 419 scammers take paypal, right?
Sure this could be done on a large scale without key recovery. Using public/private keys. You'd have to have a different key for each copy of the virus that is sent out...but that isn't too hard. Have the virus contact a specified list of compromised hosts that will return an unused public key (not the private key of course) which the virus will then use to encrypt the files.
Two good points. There may be no real way to stay/get safe.
I wonder....is there any satellite broadband available from China (any sats that they can reach at least). That would be viable I think if it was a foreign ISP.
SSL is only vulnerable to MIM attacks if the user is ignorant of how SSL works. If you see a 'untrusted cert' message then you know something is wrong and you can stop what you're doing before you send anything sensitive.
Slashdot Mirror
Point taken. If they've lost focus and are typing steadily into the search box without knowing, then fine. I was referring to (though I didn't say this) the people who focus the search box and type in the full address (well, with or without the http:/// since it's assumed for most URLs anyways). They don't understand how it works...I forget what my original point was, but either way....doing that isn't necessary and adds an extra step (potentially an incorrect one depending on the search engine).
No argument there.
Well, the idiots exclamation was an exaggeration, but it still doesn't make sense to do it. It just adds an extra step and the potential for screw ups.
It just makes more sense to type the address in the location bar. I mean, if you don't KNOW the address but just know part of the name, then yea...but if you're typing www.slashdot.org into Google's search box to get to www.slashdot.org then something is wrong.
What are you talking about? You haven't ever seen (I see this DAILY almost) someone type a URL into the MSN/Yahoo/AOL search box?? ::SMACK::
Idiots!
What features are they sacrificing? All the crap about not being able to merge the webkit changes into Konqueror are over....they already did it.
Uhh...try export.
Microsoft employs enough developers to be able to focus on both, I believe.
Much more than most (any?) of their competitors.
You're telling me! I almost considered switching back to Windows because my Gentoo system is just getting too boring!
I think you posted that to the wrong site. That was much too eloquent for a Slashdot post.
Brand new trolling account?
Don't you hate when someone replies like that?
No.
Long answer.
Absolutely not.
Funny, I regularly get 500kbps+ download speeds on well seeded files. On a file with 60 seeds (and 30 leechers) earlier today I was getting 120kbps. This is on a corp. network with no ports forwarded to my machine.
For the love of God.
How is this in any way a Windows specific thing? The same virus could be written to run on any OS.
I stand by my earlier statement.
You're an idiot.
You're an idiot.
See comment - http://it.slashdot.org/comments.pl?sid=150538&cid= 12623278
Yea...it's not like you can't use Western Union to transfer money essentially anonymously or anything like that....I mean...all those 419 scammers take paypal, right?
Sure this could be done on a large scale without key recovery. Using public/private keys. You'd have to have a different key for each copy of the virus that is sent out...but that isn't too hard. Have the virus contact a specified list of compromised hosts that will return an unused public key (not the private key of course) which the virus will then use to encrypt the files.
http://securityresponse.symantec.com/avcenter/venc /data/trojan.pgpcoder.html
What would be the difference? More hair?
Two good points. There may be no real way to stay/get safe.
I wonder....is there any satellite broadband available from China (any sats that they can reach at least). That would be viable I think if it was a foreign ISP.
SSL is only vulnerable to MIM attacks if the user is ignorant of how SSL works. If you see a 'untrusted cert' message then you know something is wrong and you can stop what you're doing before you send anything sensitive.
Are they going to assume that ALL SSL traffic is fishy? PGP it then transmit it via an innocent SSL website.
My wife wouldn't approve.