I looked at the membership list for my country (NL) and except for some big companies such as Microsoft, Apple and Adobe, I saw a handful of very small local companies. I had never heard of them anyway. One of these companies even had its own domain registration expired and it had been scooped up by a domain squatter...
Is the European Parliament known for large numbers of MEPs not bothering to show up to vote?
I'm afraid so. I don't know if it has changed (the current MEPs are relatively new) but there was a TV documentary about MEPs showing up, signing the presentation list for the (considerable) travel expenses and leaving immediately.
The second reading will require a 2/3 majority. I.e. all hands on deck for a topic that is not likely to attract votes from ordinary EU citizens. The Dutch minister for instance seemed to be quite confident that this will not happen.
The Christian Democrats' votes will be crucial.
Interesting point though: would the proposed European Constitution make things better or worse in this respect? Who will gain more power, the European Parliament or the European Council / Commission?
Hey, at least somebody has been listening to Marc Lucovsky!
Consider the.NET framework for a second. Suppose you wrote something innocent like a screen saver, written in C# based on the.NET framework. How would you as an ISV "ship your software"? You can't. Not unless you sign up to ship Microsoft's software as well. You see, the.NET Framework isn't widely deployed. It is present on a small fraction of machines in the world. Microsoft built the software, tested it, released it to manufacturing. They "shipped it", but it will take years for it to be deployed widely enough for you, the ISV to be able to take advantage of it. If you want to use.NET, you need to ship Microsoft's software for them.
Who said Microsoft does not know how to ship software anymore?! Let the trojan authors take care of that!
Microsoft owes this Viola guy an Xbox, a Tablet PC, an MSDN subscription for life, some Microsoft Press books, an all expenses paid trip to the Redmond campus, an audience with Sir Bill, etc. etc.!
Certificates are public information so anyone can make a copy. The corresponding private keys on the other hand are not supposed to be copied.
A copy of your certificate cannot be used to impersonate your server because the certificate is linked to the hostname of your server. Clients will see a warning that the name in the certificate does not agree with the hostname of the server (unless the attacker has also control over the client's DNS).
Are there any good docs about VPN support on Mac OS X Server at all?
Presumably PPTP works but what if you want something stronger? Plain IPsec does not seem to be supported and L2TP/IPsec is only supported for Preshared Keys. Which means that clients must either share the same Preshared Key (not terribly secure) or use fixed IP addresses (excludes Road Warriors).
... the pirates will just grab the patches and circulate them on the pirate sites anyway.
In most cases Microsoft signs its executables so this will come around and bite them. If the patches are signed you can easily verify that they are genuine, regardless from where you got them.
My problem with it was that you have to trust the client machine to report its health status correctly, while such information could be easily mangled by virii or spyware.
Exactly. Sure, it works great but effectively this is security through obscurity. Currently there is little incentive to reverse engineer the NAP / Network Quarantine protocol. The zillions of unpatched Windows boxes are easier targets. But if the pay-off is there (remember the Xbox hack?) it can and will be done. If only by some CS Phd to prove his point.
And, as someone else noted, this scheme does not work on all operating systems.
So the whole idea is that files cannot be played anymore after a certain time and date, right? How does Microsoft think this will work? Obviously the media player will have to have some kind of internal clock but how will it be protected against tampering?
Perhaps they were already scrubbing PNG pictures on the MSN server (assuming you cannot send pictures directly from one Messenger client to another) so there was no particular hurry?
I agree the software works very well but their detection is lacking. I submitted several samples and never received any response. Weeks later these sample are still not detected.
Oh, come on! Even I saw the differences between those two a's!
Move your pointer to the padlock and you'll see that the certificate was signed by the UserTrust Network instead of the usual suspects (Verisign, Thawte etc.).
Certificates from the UserTrust Network are not to be trusted anyway. They don't check anything and you cannot trace back the owner of the domain.
CAs should rejects CSRs with these characters.
The CA should revoke those certificates. (You did enable OCSP, didn't you?)
Slashdot Mirror
Naaah.
Can't be.
I wonder what a SABDFL was (South-African B*st*rd Director From L....??? :-). Apparently it's:
"Self-Appointed Benevolent Dictator For Life".
"Lichens are symbiotic organisms made up by the association of microscopic green algae or cyanobacteria and filamentous fungi."
I looked at the membership list for my country (NL) and except for some big companies such as Microsoft, Apple and Adobe, I saw a handful of very small local companies. I had never heard of them anyway. One of these companies even had its own domain registration expired and it had been scooped up by a domain squatter...
Simple: they will outsource their webservers to the Airforce... :-)
The telecom operators are already filtering these infected MMS messages.
The only problem is indeed the cost of sending these messages. I do hope that operators are not charging customers for these undelivered messages.
I'm afraid so. I don't know if it has changed (the current MEPs are relatively new) but there was a TV documentary about MEPs showing up, signing the presentation list for the (considerable) travel expenses and leaving immediately.
The second reading will require a 2/3 majority. I.e. all hands on deck for a topic that is not likely to attract votes from ordinary EU citizens. The Dutch minister for instance seemed to be quite confident that this will not happen. The Christian Democrats' votes will be crucial.
You're from Spain then, eh?
Interesting point though: would the proposed European Constitution make things better or worse in this respect? Who will gain more power, the European Parliament or the European Council / Commission?
Consider the .NET framework for a second. Suppose you wrote something innocent like a screen saver, written in C# based on the .NET framework. How would you as an ISV "ship your software"? You can't. Not unless you sign up to ship Microsoft's software as well. You see, the .NET Framework isn't widely deployed. It is present on a small fraction of machines in the world. Microsoft built the software, tested it, released it to manufacturing. They "shipped it", but it will take years for it to be deployed widely enough for you, the ISV to be able to take advantage of it. If you want to use .NET, you need to ship Microsoft's software for them.
Who said Microsoft does not know how to ship software anymore?! Let the trojan authors take care of that!
Microsoft owes this Viola guy an Xbox, a Tablet PC, an MSDN subscription for life, some Microsoft Press books, an all expenses paid trip to the Redmond campus, an audience with Sir Bill, etc. etc.!
Version 2.2 contains a cheap unmanaged Broadcom ethernet bridge
I assume you mean "versions prior to 2.2" in the first sentence?
Certificates are public information so anyone can make a copy. The corresponding private keys on the other hand are not supposed to be copied.
A copy of your certificate cannot be used to impersonate your server because the certificate is linked to the hostname of your server. Clients will see a warning that the name in the certificate does not agree with the hostname of the server (unless the attacker has also control over the client's DNS).
I'M AS MAD AS HELL, AND I'M NOT GOING TO TAKE THIS ANYMORE!
Are there any good docs about VPN support on Mac OS X Server at all?
Presumably PPTP works but what if you want something stronger? Plain IPsec does not seem to be supported and L2TP/IPsec is only supported for Preshared Keys. Which means that clients must either share the same Preshared Key (not terribly secure) or use fixed IP addresses (excludes Road Warriors).
In most cases Microsoft signs its executables so this will come around and bite them. If the patches are signed you can easily verify that they are genuine, regardless from where you got them.
Exactly. Sure, it works great but effectively this is security through obscurity. Currently there is little incentive to reverse engineer the NAP / Network Quarantine protocol. The zillions of unpatched Windows boxes are easier targets. But if the pay-off is there (remember the Xbox hack?) it can and will be done. If only by some CS Phd to prove his point.
And, as someone else noted, this scheme does not work on all operating systems.
So the whole idea is that files cannot be played anymore after a certain time and date, right? How does Microsoft think this will work? Obviously the media player will have to have some kind of internal clock but how will it be protected against tampering?
Perhaps they were already scrubbing PNG pictures on the MSN server (assuming you cannot send pictures directly from one Messenger client to another) so there was no particular hurry?
I agree the software works very well but their detection is lacking. I submitted several samples and never received any response. Weeks later these sample are still not detected.
Well, perhaps "cool!" is not the correct response...
(From this website).
I hope virus writers won't find out about this!
Don't know about the security. There is no keyboard on the thing so a (hardware) keylogger on the host PC would be disastrous.