I shoulda used grep(1). Funny thing is, there was a thread in the discussion about the treaty, which give me the impression that Canada wasn't going along with it (the treaty). Something about pirating DirectTV signal, if I remember. Anyways, a good point was also made that, as long as the private key is encrypted, it's maybe ok to upload. But then you gotta trust SSL and the server-side actions. Better to keep your keys in your pocket, imho.
It doesn't matter who is 'correct' in these matters--the majority will rule.
I submit that yours is mob-mentality.
The rights guaranteed by the Constitution, including the right to practice religion, view porn, own guns, and say what we like, are specifically not controlled by the majority.
There is nothing wrong with morality as a concept, and as a goal for life, but it cannot be enforced by the majority. Not in my country.
It has all of the facilities to do "access from anywhere" computing, except to do that, you have to store your private key on the server (or at least be able to get access to it from anywhere).
I dont think so. The key is created on the client side using Java crypto. Uploading the private key to the server is optional. The only thing you need to access the service thereafter is the jarfiles which make the UI, and a JDK 1.3 RT. You can carry your key around with you on a self-destructable (10 seconds, Jim...) floppy, if you're really concerned about access from anywhere.
The service and the product seem to be located and developed in Canada. I note that Canada is not a party to the CyberCrime Treaty which was discussed earlier.
Perhaps this is worth further investigation...
The user interface is written in Java, and requires a 1.3 or higher runtime installed. The Windows installer has an optional 1.3 runtime included. By virtue of the Java client-side implementation, your private key is never sent, or seen by the server unless you choose to upload it in encrypted form. If you do decide to upload your private key, thereafter you rely only on SSL, presumably, to protect the password for your encrypted private key stored remotely.
It's been awhile since I looked at Java's crypto. The 1.2 stuff was pretty lame, especially the keystore. But this implementation does at least seem to use RSA keys for Java, which means that the container may be better too.
I dunno if I'd ever advise anyone to allow their keys to be stored on the server, no matter how many reassurances they get. However, for someone who simply wishes to share private mail with someone else, it might be nice.
Things that remain unclear to me are:
1. Can encrypted mail be sent to someone who does not have an account, using a ordinary PGP public key, for example?
2. What protocol does the service use? Is it standard SMTP? (possibly with verification)
3. Where does the encryption/signing of the delivered email actually occur? Presumably always on the client.
4. The
Service Agreement seems pretty, uh, tight. If you displease them in any way, all your rights, including access to your existing mail, is cutoff.
I had no idea. I'm gonna look at some of the stuff mentioned in other articles for the baby next year, and get right on the case with the 3yr old. Sheesh, now I almost feel guilty.
Wow. Thanks dudes. Maybe I'll get my karma point back now. heh. I was thinking maybe that splinter could be something like a piece of hay in a tornado, but then I figured, ah hell, the darn thing probably just melts into a ball of redhot sludge, anyways.
A great topic on it's own, in fact. It's some scary shit to think about how much red mud is backed up behind the Glen Canyon and other major dams that hold back the Colorado river, for example.
Me, I think they look cool. I might even be persuaded to live in one like they used to do in Holland. I guess the rent would have to be adjusted, tho, for the constant noise and EMF.
This (repetition) has happened a number of times since I started reading slashdot.
I don't get the meaning. I know the faq says that this can happen, but sometimes I just wonder if d'man wants us to read and give more feedback, perhaps? What seems worse, is that then the moderators waste a bunch of points punishing people who complain.
Perhaps we are being "herded" towards a goal? While that's cool, I mean, you are d'man, after all, I wish you'd just say, "Hey, could y'all take another look at HERE and give some additional feedback? We need more profile data on some of you."
And then you are at the mercy of ridiculous temp-file and text database schemes. I've never deployed a credit-card web, but I get enough spam from people trying to sell me their own implementation for my server, that this is not surprising at all.
Maybe we need to demand "approved" server-side implementation of credit-card webservers, besides SSL. How could this be verified? I don't have a clue.
"If the development does take place it will put a major spoke into the wheel of nuclear power."
Perhaps this has a different meaning in UK english...
Sounds like a great project, tho. Perhaps if it is a success, they can consider seriously shutting down the N-plant on their east coast that the norwegians keep complaining about.
Some of the very, very first Mom and Pop providers (~1990) got feeds from.edu. And this is part of what put internet in the hands of the individual in our country. (at least outside of The Well and Netcom crowd and elite bands of graduates)
The move was afoot long before Bill and Al came in.
Slashdot Mirror
Can someone tell me what this means? Is having a technical effect different from having a technical affect, for example? ;)
I shoulda used grep(1). Funny thing is, there was a thread in the discussion about the treaty, which give me the impression that Canada wasn't going along with it (the treaty). Something about pirating DirectTV signal, if I remember. Anyways, a good point was also made that, as long as the private key is encrypted, it's maybe ok to upload. But then you gotta trust SSL and the server-side actions. Better to keep your keys in your pocket, imho.
I submit that yours is mob-mentality.
The rights guaranteed by the Constitution, including the right to practice religion, view porn, own guns, and say what we like, are specifically not controlled by the majority.
There is nothing wrong with morality as a concept, and as a goal for life, but it cannot be enforced by the majority. Not in my country.
I dont think so. The key is created on the client side using Java crypto. Uploading the private key to the server is optional. The only thing you need to access the service thereafter is the jarfiles which make the UI, and a JDK 1.3 RT. You can carry your key around with you on a self-destructable (10 seconds, Jim...) floppy, if you're really concerned about access from anywhere.
Perhaps this is worth further investigation...
The user interface is written in Java, and requires a 1.3 or higher runtime installed. The Windows installer has an optional 1.3 runtime included. By virtue of the Java client-side implementation, your private key is never sent, or seen by the server unless you choose to upload it in encrypted form. If you do decide to upload your private key, thereafter you rely only on SSL, presumably, to protect the password for your encrypted private key stored remotely.
It's been awhile since I looked at Java's crypto. The 1.2 stuff was pretty lame, especially the keystore. But this implementation does at least seem to use RSA keys for Java, which means that the container may be better too.
I dunno if I'd ever advise anyone to allow their keys to be stored on the server, no matter how many reassurances they get. However, for someone who simply wishes to share private mail with someone else, it might be nice.
Things that remain unclear to me are:
1. Can encrypted mail be sent to someone who does not have an account, using a ordinary PGP public key, for example?
2. What protocol does the service use? Is it standard SMTP? (possibly with verification)
3. Where does the encryption/signing of the delivered email actually occur? Presumably always on the client. 4. The Service Agreement seems pretty, uh, tight. If you displease them in any way, all your rights, including access to your existing mail, is cutoff.
Anyone actually using this service?
I can say what is not fair, but I think we may just agree on that definition.
A fair trial is our greatest and most powerful weapon against hatred and fear. How about that?
And proceed right out the back of his head, it seems. A micro-lobotomy, if you will.
I had no idea. I'm gonna look at some of the stuff mentioned in other articles for the baby next year, and get right on the case with the 3yr old. Sheesh, now I almost feel guilty.
Wow. Thanks dudes. Maybe I'll get my karma point back now. heh. I was thinking maybe that splinter could be something like a piece of hay in a tornado, but then I figured, ah hell, the darn thing probably just melts into a ball of redhot sludge, anyways.
I am finished debating with shadows about my sig. Come out and talk to me, or go jump in the lake with the rest.
Dont be around when one of these babies throws a rod, I guess.
Time-telling, or basic english word skills software recommendations would be great. Bonus if it's free software, as always. :-)
A great topic on it's own, in fact. It's some scary shit to think about how much red mud is backed up behind the Glen Canyon and other major dams that hold back the Colorado river, for example.
Me, I think they look cool. I might even be persuaded to live in one like they used to do in Holland. I guess the rent would have to be adjusted, tho, for the constant noise and EMF.
I don't get the meaning. I know the faq says that this can happen, but sometimes I just wonder if d'man wants us to read and give more feedback, perhaps? What seems worse, is that then the moderators waste a bunch of points punishing people who complain.
Perhaps we are being "herded" towards a goal? While that's cool, I mean, you are d'man, after all, I wish you'd just say, "Hey, could y'all take another look at HERE and give some additional feedback? We need more profile data on some of you."
What kind of fringe benefits are they offering?
"Look in that place where you dare not look. You'll find me staring back at you!"
They usually don't question my release plan anymore after that. :{)
From (old) Star Trek and (by reference) Dune equates easily to my cube at work.
Maybe we need to demand "approved" server-side implementation of credit-card webservers, besides SSL. How could this be verified? I don't have a clue.
Perhaps this has a different meaning in UK english...
Sounds like a great project, tho. Perhaps if it is a success, they can consider seriously shutting down the N-plant on their east coast that the norwegians keep complaining about.
Is this a result of the GPL?
The move was afoot long before Bill and Al came in.
Please try a different name, or press Here for help.
I would like to wash the feet of the parent post.
Squatters.r.us