I can't understand what's different between what Google is doing and what supermarkets regularly do. At the supermarket checkout, they have these little coupon printers which spit out a coupon or two based on your purchases. Invariably, whenever I buy Tropicana orange juice, the coupon printer hands me a coupon for Minute Maid. There's obviously some database attached to these coupon printers with an entry for a Minute Maid coupon attached to the (trademarked) product name "Tropicana". Should Tropicana go and sue Coca-Cola (Minute Maid's owner) for infringement? Certainly not -- they'd be laughed out of court.
Yes, SSLv3/TLSv1 does have a NULL cipher suite, which is authentication only, and there is also support for Anonymous Diffie-Hellman key exchange (which doesn't require authentication). (See RFC 2246) But browsers don't use it. No browser, even going back to Netscape 2.0 supported NULL or ADH by default. If you wanted these cipher suites, you have to explicitly turn them on.
Go ahead, try it. Take a test Apache/mod_ssl server and change the SSLCipherSuite config line to:
SSLCipherSuite ADH:NULL
and restart the server. Now try to connect to it.
In IE, you'll get the generic "The page cannot be displayed" error. In Mozilla/Firefox, you'll get "Firefox and cannot communicate securely because they have no common encryption algorithms."
I welcome a real-world example of this "attack" that will actually work on a default-configured web browser.
Even worse than time compressing the show to squeeze an extra 30 seconds out -- TNN picture squeezing every Star Trek: TNG episode to put in some goddamned ad-bar at the bottom of the screen!
The bar takes up the bottom 5-10% of the screen, and as a result, the rest of the picture is vertically compressed to fit in the remaining space. Right now the bottom bar shows nothing but the show title, but rumor has it they're going to make it a banner ad in the future. Sheesh.
Slashdot Mirror
I can't understand what's different between what Google is doing and what supermarkets regularly do. At the supermarket checkout, they have these little coupon printers which spit out a coupon or two based on your purchases. Invariably, whenever I buy Tropicana orange juice, the coupon printer hands me a coupon for Minute Maid. There's obviously some database attached to these coupon printers with an entry for a Minute Maid coupon attached to the (trademarked) product name "Tropicana". Should Tropicana go and sue Coca-Cola (Minute Maid's owner) for infringement? Certainly not -- they'd be laughed out of court.
Yes, SSLv3/TLSv1 does have a NULL cipher suite, which is authentication only, and there is also support for Anonymous Diffie-Hellman key exchange (which doesn't require authentication). (See RFC 2246) But browsers don't use it. No browser, even going back to Netscape 2.0 supported NULL or ADH by default. If you wanted these cipher suites, you have to explicitly turn them on.
Go ahead, try it. Take a test Apache/mod_ssl server and change the SSLCipherSuite config line to:
SSLCipherSuite ADH:NULL
and restart the server. Now try to connect to it.
In IE, you'll get the generic "The page cannot be displayed" error. In Mozilla/Firefox, you'll get "Firefox and cannot communicate securely because they have no common encryption algorithms."
I welcome a real-world example of this "attack" that will actually work on a default-configured web browser.
Bishop (UT)
Ryan (OH)
Terry
Flake
Strickland
Paul
Tancredo
They're one of the 7 who voted no on the bill. Better give them a piece of your mind.
source:0 03&rollnumber=26
http://clerkweb.house.gov/cgi-bin/vote.exe?year=2
Vipul's Razor: http://razor.sourceforge.net/
http://www.interhack.net/people/cmcurtin/snake-oil -faq.html
Even worse than time compressing the show to squeeze an extra 30 seconds out -- TNN picture squeezing every Star Trek: TNG episode to put in some goddamned ad-bar at the bottom of the screen!
The bar takes up the bottom 5-10% of the screen, and as a result, the rest of the picture is vertically compressed to fit in the remaining space. Right now the bottom bar shows nothing but the show title, but rumor has it they're going to make it a banner ad in the future. Sheesh.
I did -- I bought a TiVo. Haven't watched a commercial I didn't want to in months.
Except the commercials are for MasterCard.
Read the press release:
"An add-on board providing Ethernet and USB connections will be available for use in homes or offices wired with a dedicated network."