Slashdot Mirror


User: Richard_at_work

Richard_at_work's activity in the archive.

Stories
0
Comments
7,308
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,308

  1. Re:Wheres the data coming from? on Thousands of SSL Certs Issued To Unqualified Names · · Score: 1

    That wouldn't give them certs signed for unqualified domains however, would it? They wouldn't be able to crawl the web for "localhost"...

  2. Re:Easy fix on Thousands of SSL Certs Issued To Unqualified Names · · Score: 1

    A browser can already tell the difference between qualified and unqualified - it has nothing to do with DNS itself, and everything to do with the presented domain. "myhost" is unqualified, and "myhost.example.com" is qualified - it doesn't matter if "example.com" exists in the wider DNS system, thats not even checked.

    Because you cannot advertise unqualified domains on the wider DNS system, its typically called the intranet zone, and IE in particular uses it to raise the trust level (for example IE may present NTLM credentials to an unqualified domain but not a qualified one, because unqualified domains are internal).

  3. Re:Easy fix on Thousands of SSL Certs Issued To Unqualified Names · · Score: 1

    Read the post I replied to - his argument was that software, i.e. browsers, should reject properly signed certificates if the domain signed for is unqualified. Thats different to your argument, which I agree with, as running an internal CA would not negate the original suggested remedy.

  4. Re:Wheres the data coming from? on Thousands of SSL Certs Issued To Unqualified Names · · Score: 1

    Uhm, yeah, thats the EFFs dataset and I saw that while writing my original post (yeah, I rtfa'd - someone does do it!)...

    I'm talking about the origins of that data, where did it originally come from, how can they compile datasets of SSL certificates (which have no centralised point other than the CAs themselves - so are the CAs giving out information on cert signings?)

  5. Re:Easy fix on Thousands of SSL Certs Issued To Unqualified Names · · Score: 1

    That has the potential for ruining plenty of intranet applications, which can also be SSL protected.

  6. Wheres the data coming from? on Thousands of SSL Certs Issued To Unqualified Names · · Score: 2

    Where are the EFFs SSL Observatory getting their data from, how well has it been validated? Their website only says "We have downloaded datasets of all of the publicly-visible SSL certificates on the IPv4 Internet" which doesn't say anything really - who is compiling this data and how are they doing it?

  7. Re:Acrobat on Inducement To Piracy, Adobe Style · · Score: 1

    I stopped using PDFCreator when their SourceForge downloads started coming with shitty browser toolbars and background processes that you couldn't say no to - no idea if they've stopped that abysmal activity, but I will never use them again.

    Instead, I install the Microsoft-supplied extension for Office which allows me to save as a PDF - the same extension that Adobe threatened to sue MS over when they were going to include it as a saveable file format.

  8. Re:This is why I have given up on Adobe on Inducement To Piracy, Adobe Style · · Score: 1

    Just as a note, I'm using Fireworks purely for web image creation.

  9. Re:This is why I have given up on Adobe on Inducement To Piracy, Adobe Style · · Score: 1

    Can you recommend a good opensource or cheap replacement for Fireworks that will run fine on Windows? I've tried several options but they were all disappointing against Fireworks.

  10. Re:Only a week on Robots Find Wreckage of AF447 · · Score: 1

    I'm certainly not saying its never>/i> the manufacturers fault, and I don't think its circular logic at all - its a simple attempt to say "sometimes no one is at fault", and thats entirely true no matter what is at stake.

    The manufacturer can do everything correct, and parts or materials can still fail - why they failed can sometimes never be determined, they are just the one-in-a-million chance that doesn't play by the rules. This is why I disagree with your assertion that "sometimes you mess up even if you follow the rules" - this isn't about messing up, sometimes there is no screw up anywhere along the chain.

    You seem to be pushing for the manufacturer to always be at fault in situations where the airline or environment isn't (or rather thats the way your last post is coming across) - that simply isn't the case. Sometimes shit happens, and when shit happens blame doesn't have to be attributed to anyone - yes, there are situations where there is no blame to portion out, where no one is to blame.

    There is ample scope for manufacturers to be blamed for incidents, and this has happened in the past - McDonnel Douglas's DC-10 had several major design flaws which led to a number of deaths, and they were rectified and the company paid fines and damages. Airbus has had incidents requiring compensation and remedial action. Boeing has also had its fair share.

    Aircraft are complicated - if blame were to be attributed in the manner in which you seem to be suggesting then no commercial entity would be building aircraft - it simply wouldn't be in their financial interests to take the blame for everything that went wrong with the aircraft, regardless of whether they followed best practice, rules and regulations and certfication requirements to the letter. It would be too costly to build them, no one would insure their business due to the risk.

  11. Re:Only a week on Robots Find Wreckage of AF447 · · Score: 1

    Only if the manufacturer was proven to have been negligent in providing the initial maintenance requirements in the first place.

    Aircraft design and manufacture is a hugely complicated job, the manufacturers know that and the aviation authorities know that - and they tend to agree on a stragety that is designed to minimise risk to the customer (airline and passenger) but also is loose enough that it also allows the manufacturer to deliver the aircraft on a reasonable schedule (for example, two years from first flight of a brand new aircraft type, and not 25 years from first flight).

    The manufacturers put their aircraft through a lot both during flight testing and even after the type has entered into service - one of the things that manufacturers are always looking to do is improve the economics of their aircraft, and one seriously big way to do that is to extend the periods between maintenance. The initial maintenance periods are set under agreement with the aviation authorities, and the manufacturer has to prove that the aircraft can exceed those fairly conservative boundaries safely.

    What this means is that Airbus, Boeing, Bombardier, Embraer et al are always testing parts. They don't just get an initial test and thats it for the rest of their lives...

    The aircraft involved in the crash you are questioning was 14 years old at the time it met its fate - that means that those engines would have been off their pylons several times, the entire pylons would have been removed several times - and each time the pins in question would have been inspected and replaced if necessary.

    Everyone learns from a crash - its impossible to design an airliner with a 100% safety margin, they would be too costly to operate. In this case, Boeing discovered that under particular circumstances the pins can suffer from metal fatigue which leads to an unsafe failure mode - they still don't know what led to the metal fatigue in this particular case, but its not complacent in other Boeing 747 engine loss incidents (there have been several) and the FAA did not mandate an overly burdenous remedy - that indicates that Boeings initial approach was fine, shit happens. Check for shit periodically.

    And sometimes it simply is a case of shit happens - these machines have millions of moving parts, millions of materials made to different tolerances, and fly continuously through very different climates. Someday, something that has always been within its operating parameters will fail for no apparent reason, and that may bring an aircraft down, while its sister part sat next to it or on the other wing is fine for another 30 years.

  12. Re:Only a week on Robots Find Wreckage of AF447 · · Score: 1

    They would have been checked at a C or D check, but just because they failed and Boeing issued an AD doesn't mean that Boeing was in the wrong - note that the remedial action recommended was "inspect and replace if necessary", it wasn't "replace component with new component of specification X".

    Those sort of issues happen quite often - undue wear and tear on the part, an unknown manufacturing defect in a single part or small series of parts, abnormal usage etc etc. The engine mounting could have been banged accidentally during an engine swap and not reported.

    The fact that the AD issued was not a demanding one is telling.

  13. Re:Only a week on Robots Find Wreckage of AF447 · · Score: 3, Funny

    The main reason being you are an ignorant, biased little shit stirrer?

    Airbus have sold over 10,000 aircraft and have delivered over 6,500. The airlines have every confidence in what they are buying, they wouldn't buy anything they considered dangerous because people will avoid the type once the crashes start happening.

    Not one of you crap throwers have ever come up with any statistical evidence that Airbus aircraft are more dangerous or risky than Boeing.

  14. Re:will there be data? on Robots Find Wreckage of AF447 · · Score: 5, Informative

    The Civil Aviation Authority, which will have the same requirements as EASA who will be the ones regulating the Airbus A330 as its an European aircraft, only requires the FDR (Flight Data Recorder) to withstand sea water immersion for 30 days, and says nothing about pressure at the depths we are talking about here other than the FDR will withstand crushing forces of 5,000 LBF (22.25 kN) for 5 continuous minutes.

    http://www.caa.co.uk/application.aspx?catid=33&pagetype=65&appid=11&mode=detail&id=1229

    The Cockpit Voice Recorder has similar requirements.

    Its unlikely that after this time the FDR nor the CVR are still sealed.

  15. Re:Meh ... on Firefox 5 Details: Sharing, Home Tab, PDF Viewer · · Score: 1

    So, basically do to Firefox what Firefox (as Phoenix) did to Mozilla? Fork to go back to basics?

  16. Re:Non-identifiable? on AP Adopts Firefox's 'Do Not Track'; Others On the Way · · Score: 1

    Until you can come up with a magical way for the browser and server to be in contact but for the server to never know anything about the client, then you are going to have to trust the server to some extent.

  17. Re:Non-identifiable? on AP Adopts Firefox's 'Do Not Track'; Others On the Way · · Score: 3, Informative

    They would store "someone visited page X at date Y and time Z" and they may also be able to store "and they were referred in from page ABC", but they would have no way of seeing where you went from that page, even if it was to another page on the site, because all that page is going to store is the same non-identifiable information.

    A cookie allows them to give you a unique identifier, which works for differentiation down to individual browsers on the same machine, and that allows them to get a good picture of your travel around their site (and their affiliate sites etc) - the DNT flag would remove that, only allowing them to track the number of hits on a page and where the visitor came from.

    They don't know its "you" each time, because the DNT flag contains no identifiable information - to them, this is the equivilent of you clearing out your cookies after each individual page visit. No cookie, no ID, no tracking beyond the current page. Same deal.

  18. Re:I don't get it on Google Is Introducing the +1 Button · · Score: 1

    What happens when the NAACP Facebook page has 30,000 dislikes?

  19. Re:The *real* shame in all of this on Things Get Worse at Fukushima · · Score: 1

    And the Chernobyl disaster was directly caused by human intervention, and by that I don't mean the building or design of the plant - the explosion was the cause of an unauthorised test plan to see if the reactor alone could power the cooling pumps during a power-out shutdown. The test had been scheduled twice before, and cancelled twice before - the third time was not authorised by the Soviet nuclear regulator committee but was authorised on-site by the site controller. The test was delayed beyond the test workers designated shifts end time, and the responsibility for the test was handed over to the night team - who had not trained for the test, but instead were working off of a point by point test sheet.

    That is why Chernobyl happened - if the test had been cancelled again, we wouldn't even know the name of the place today.

  20. Re:Isn't this contradictory? on Microsoft Sniffs Out Unused Wireless Spectrum · · Score: 2

    In quite a few places you can use a licensed spectrum legally without a license if your use is low powered and does not cause issue with a licensed device - if it does, the licensed device or user has the onus and can shut you down.

  21. Re:Bunch of luddites on UK ISPs Hatch Plan To Block the Pirate Bay and Other File Sharing Sites · · Score: 1

    I'm not switching analogies at all, you just want it to seem that way - competing shops have their own cost structures in that they both have to source stock to sell or give away, but in the scenario we are discussing, only the movie studios or the music companies have the cost structure because they have to actually produce the product while the copyright infringer is just taking their production and giving it away.

    The internet allows for easy distibution, but creation is still difficult - yes, there may be amusing 30 second clips on YouTube, but I don't see many independently produced movies, TV shows, music albums etc and certainly not many that are actually any good. If creation is so easy, why isn't The Pirate Bay et al primarily pushing independent, alternative movies, music and shows? Why is it so hard to find an independent production high up on the list of most downloaded?

    Anyone can "create" a pile of dogshit, it takes actual talent to create something worth watching - and that talent doesnt mean big name stars, it also means writing, scoring, set design and build, locations, art, makeup, post production, marketing etc etc etc. Unless you are asking people to accept a significant drop in the standard of any of the above for the sake of "independence", and thats a big ask, you have to match what the studios are putting out - because thats what people want.

    You can claim all you want that top stars or bands are idols manufactured by the "top down business model", but that business model is not preventing you or I from producing alternatives - as you say, the internet gives us the ultimate in distribution channels, but whats being produced at the moment severely struggles to compete with the mainstream - and that only validates the mainstream.

    You can also go on the attack about how I "seem to be content to suck at the teat that is offered to you, for a price" all you want, it doesn't bother me. I also don't wonder why Angelina Jolie has a lot of money while I sit here infront of a dreary desk for an entire day for a pittance - well done Angelina, I don't envy you, the money is out there to be made if I want to work for it, I'm not entitled to it.

    Go ahead with your peer-to-peer creativity - thats precisely what I have been saying is missing in all of this, the alternative to the mainstream. Stop the hypocritical approach of expecting the mainstream producers to produce but not to expect to be paid - it doesn't work like that no matter how you try to justify it to yourself.

  22. Re:Bunch of luddites on UK ISPs Hatch Plan To Block the Pirate Bay and Other File Sharing Sites · · Score: 2

    There is significantly more to it than just the "original product". No matter how much you like to tell yourself otherwise, creativity is not easy, and production is not cheap and most of the things you enjoy require significant investment of time and money - but those get conveniently ignored when discussions such as these come up, and apparently copyright infringement is no threat at all to these things.

    Because certainly, people will still invest time and money into epics such as the Lord of the Rings movies when the chances of them recouping costs are minimal due to unfettered and legal availability of the easiest part of the process - the distribution of the .avi file...

  23. Re:Bunch of luddites on UK ISPs Hatch Plan To Block the Pirate Bay and Other File Sharing Sites · · Score: 1

    Its not like a competing business at all - because the competition isn't distributing their products, its distributing *yours*. Thats the funny thing in all of this - the internet allows for independent creation and distribution, trivial distribution, but rather than take advantage of that to create an alternative to the mainstream media industry, people are using it to distribute that industries products. Why? Because the creation part is hard, so why bother creating at all when you can just have what you want, when you want and screw the creators.

  24. Re:Bunch of luddites on UK ISPs Hatch Plan To Block the Pirate Bay and Other File Sharing Sites · · Score: 2

    You do realise that you do not have to buy anything of theirs, don't you? You can seek out alternatives that better fit your moral or ethical position, or business model requirement, or were you not aware of that?

    Just because your opinion of them is negative does not mean that their business model isn't worthy of protection, there are always alternatives.

    But the irony is that you don't want alternatives, you want their products - but you want them on *your* terms. So you are infact the one propagating the current situation, by giving them the opportunity to say "our product is wanted".

  25. Re:Bunch of luddites on UK ISPs Hatch Plan To Block the Pirate Bay and Other File Sharing Sites · · Score: 3, Insightful

    Ooh ooh ooh look, someone jumped on the "copyright infringement isnt stealing!!!" bandwagon, as I well and truly knew they would.

    I never said it was, I compared two aspects (the original posters and mine) of how actions can undermine various business models - and yes, copyright violation does indeed undermine a business model just as shoplifting does.

    As I said in my original post, a copyright holder has every right to try and make money off their creation - they don't have the right to make money, but they have the right to try. You, The Pirate Bay, ISOHunt or anyone else does not have the right to deny them that attempt to make money OFF OF THEIR PROPERTY.

    There is no guarantee they will make any money, there is no guarantee that the people downloading it for free would have bought it, but there is also no guarantee that they wouldn't have - its the opportunity to sell to these people that the copyright holder has a right to, and that is the right that you are violating.

    But go ahead, jump on the obvious bandwagon for some mod points, works every time. You can sit up there on your throne content in the knowledge that copyright infringement has no negative effect at all.

    By the way, who are you expecting to produce the content when your view wins through and everything is available on torrent sites for free?