And my point was that there are commercial certificates (RapidSSL springs to mind) accepted by IE and Firefox that doesn't require any authentication besides having control over the domain. You won't get a meaningful name in the cert, except OU=Domain Validated, but you will get an SSL connection without browser warnings
I have bought a few "commercial" certificates from vendors in a capacity as consultant, and I use cacert certificates for my private work and their verification of domain is very similiar. You need to have access to the email sent to at least one official looking email address associated with the domain in question (you may choose from a short list of names like root@domain, hostmaster@domain, postmaster@domain etc.)
In other words, you couldn't get a cacert certificate for a domain you can't read the email for. The security of the process is not perfect, but it is no worse with cacert than it is with the other certification authorities.
The organization actually exists, and is a corporation here in Sweden, which means that when founded it had at least ~$17k in capital. Other than that the company doesn't seem to have made any marks in official records here in sweden.
The CEO, Leif Arnold seems to have the habit of lying (easily provable) to discredit conventional fission energy on blogs here and there.
The point put forward in TFA is that the risk of being on camera is a preventive measure. The 3% figure is a meaningless figure when it comes to measuring the preventive effect in my opinion. When measuring efficiency, one would like to know the relative frequency of street robberies before and after a CCTV introduction.
I'm skeptical that the system brings benefits to outweigh the cost, but we should at least argue honestly about the system's alleged efficiency.
I get through to the tracker about 5% of the time. However it is available from thepiratebay.com also and that one seems quite fast, at least from over here in Sweden.
It took some time to find an online version of the debate with better quality than c-span. Finally I sat down with the moronic javascript on foxnews.com that doesn't work because of an undefined variable and extracted the url to the actual real media files. They are distributed over http, so you can pull them with wget before watching
http://66.230.216.3/093004/yd_debate1_093004_300 .r m http://66.230.216.3/093004/yd_debate2_093004_30 0.r m http://66.230.216.3/093004/yd_debate3_093004_30 0.r m http://66.230.216.3/093004/yd_debate4_093004_30 0.r m http://66.230.216.3/093004/yd_debate5_093004_30 0.r m http://66.230.216.3/093004/yd_debate6_093004_30 0.r m
We operate the service from sweden, where lawyers don't have nearly as much power as in the US, so hopefully we won't run into trouble, but if we do we'll deal with it then.
Thanks for all the interest!
The new box (an K7 600) had only 64megs (not my fault!) of memory and thus got into a grinding halt in about 15 minutes, swapping as hell. I've just rebooted it with 256megs. And once through
fsck we'll se how it works. Another 128meg is coming up in the afternoon. Then we'll see how it works. I will also be looking at upgrading the kernel and doing some FastCGI or mod_perl (havent looked into the script at all, i'm just the sysadmin). Then we'll se how far our 2 mbit's of
bandwidth will take us *smile*
Ok, i'm moving it to a new server now. The thing
is that we (dejavu.org) got sponsored with a
very nice (8 years old or so) hardware from digital. Very nice, but doesn't handle load
very well. I'm moving over the site to a (somewhat
faster) linuxbox that should be able to handle
the slashdotters somewhat better. For those
of you who doesn't want to await the dns synching
the address is http://finnegan.metamatrix.se/dejavu/
I can not understand why redhat doesn't include any of the two available free (speech) SECSH (ssh2) implementations in their standard distribution. This would be a very simple step towards a much more secure out-of-the-box product. The crypto-regulations in the US shouldnt be a problem since OpenSSH and others are distributed by default.
Slashdot Mirror
And my point was that there are commercial certificates (RapidSSL springs to mind) accepted by IE and Firefox that doesn't require any authentication besides having control over the domain. You won't get a meaningful name in the cert, except OU=Domain Validated, but you will get an SSL connection without browser warnings
No.
I have bought a few "commercial" certificates from vendors in a capacity as consultant, and I use cacert certificates for my private work and their verification of domain is very similiar. You need to have access to the email sent to at least one official looking email address associated with the domain in question (you may choose from a short list of names like root@domain, hostmaster@domain, postmaster@domain etc.)
In other words, you couldn't get a cacert certificate for a domain you can't read the email for. The security of the process is not perfect, but it is no worse with cacert than it is with the other certification authorities.
The organization actually exists, and is a corporation here in Sweden, which means that when founded it had at least ~$17k in capital. Other than that the company doesn't seem to have made any marks in official records here in sweden.
The CEO, Leif Arnold seems to have the habit of lying (easily provable) to discredit conventional fission energy on blogs here and there.
Not terribly credible
The point put forward in TFA is that the risk of being on camera is a preventive measure. The 3% figure is a meaningless figure when it comes to measuring the preventive effect in my opinion. When measuring efficiency, one would like to know the relative frequency of street robberies before and after a CCTV introduction.
I'm skeptical that the system brings benefits to outweigh the cost, but we should at least argue honestly about the system's alleged efficiency.
I get through to the tracker about 5% of the time. However it is available from thepiratebay.com also and that one seems quite fast, at least from over here in Sweden.
Direct link to the torrent
It took some time to find an online version of the debate with better quality than c-span. Finally I sat down with the moronic javascript on foxnews.com that doesn't work because of an undefined variable and extracted the url to the actual real media files. They are distributed over http, so you can pull them with wget before watching
0 .r m0 0.r m0 0.r m0 0.r m0 0.r m0 0.r m
http://66.230.216.3/093004/yd_debate1_093004_30
http://66.230.216.3/093004/yd_debate2_093004_3
http://66.230.216.3/093004/yd_debate3_093004_3
http://66.230.216.3/093004/yd_debate4_093004_3
http://66.230.216.3/093004/yd_debate5_093004_3
http://66.230.216.3/093004/yd_debate6_093004_3
Here is a brand new torrent file for the 19,927,973 bytes large rotk_trailer_480x280_fixed.mov with md5sum
2 80_fixed.mov.torrent
http://people.metamatrix.se/noa/rotk_trailer_480x
The tracker is on a 10mbit connection, so hopefully it will hold.
Wee, I work at metamatrix. a consulting company in sweden and the supporter of http://dejavu.org/.
Have a look at http://reternity.com/
The technology used i probably old, but nevertheless it looks really good.
/d
We operate the service from sweden, where lawyers don't have nearly as much power as in the US, so hopefully we won't run into trouble, but if we do we'll deal with it then.
if your dns doesn't cache the old ip-address, dejavu.org should lead you to the new machine.
the dejavu.org domain should be redirected to this
machine now.
Thanks for all the interest!
The new box (an K7 600) had only 64megs (not my fault!) of memory and thus got into a grinding halt in about 15 minutes, swapping as hell. I've just rebooted it with 256megs. And once through
fsck we'll se how it works. Another 128meg is coming up in the afternoon. Then we'll see how it works. I will also be looking at upgrading the kernel and doing some FastCGI or mod_perl (havent looked into the script at all, i'm just the sysadmin). Then we'll se how far our 2 mbit's of
bandwidth will take us *smile*
oops, borken link. it should be here
Ok, i'm moving it to a new server now. The thing
is that we (dejavu.org) got sponsored with a
very nice (8 years old or so) hardware from digital. Very nice, but doesn't handle load
very well. I'm moving over the site to a (somewhat
faster) linuxbox that should be able to handle
the slashdotters somewhat better. For those
of you who doesn't want to await the dns synching
the address is http://finnegan.metamatrix.se/dejavu/
I can not understand why redhat doesn't include any of the two available free (speech) SECSH (ssh2) implementations in their standard distribution. This would be a very simple step towards a much more secure out-of-the-box product. The crypto-regulations in the US shouldnt be a problem since OpenSSH and others are distributed by default.