If I had a cat like this I'd install the blacklights in my light fixtures and keep the normal lights off all the time.
Or at least install some little strip blacklights under all the cabinet and cupboard kicks to keep the floor areas lit. I must admit having a green glowing cat would be a novel thing. I assume this is a genetic trait and I bet you could get big bucks for glowing kittens.
I didn't see any mention of side-effects or other health issues in the article - you've got to wonder if there are any side-effects created such as blindness etc?
It's fluorescing. Yes, technically that is a "glow" but glow is a lot more general term. All fluorescing items glow, but not all glowing items fluoresce. Most people that read "glow" will expect to turn out the lights and see a green cat without needing to shine an invisible special lighting on it.
My competence and essential position as the only guy with any product knowledge meant they weren't about to fire me.
Assuming the local PHB won't react with a suicidal business decision on impulse and without forethought is a pretty dangerous gamble.
And if things are already bad enough there to put you in those waters to begin with, (i.e. managers already making dumb and reckless business decisions) it just increases the likelyhood of such an event.
And all Macs have had Gigabit Ethernet since the turn of the century
I was just getting a little bit of a twitch when I read in the headline "Most computers today can't support gigabit connections". That certainly isn't my observation, as every computer in this building (all macs) has gigabit.
But I think at this particular time it's not as important in the desktops as it is in the switches, at least for LANs. Obviously gigabit internet connections aren't commonplace yet, and really, most desktop computers very rarely will benefit from that kind of speed in the home. It's more in the small businesses and offices right now that I see importance. The places that can use it, and are only just now deciding to upgrade their cables and their switches. Any respectable server will have gigabit already. Gigabit switches are still a tad too expensive in my opinion, I'd have expected the price to have dropped to 60% of where it is now, by this point in time. I've only got a 5 port gigabit at home, tied to the 16 port 10/100, and the servers and my two main machines are the only ones on it, for fast file transfers and moving data around. I'd like to have gigabit at every jack in the house, but it's just not worth the cost yet.
If it can be done cheaper, someone will do it, and will sell more units
Until they get suedinto a stain on the floor for patent infringement by the squadron of lawyers a 30:1 profit margin can buy the big companies that make the $3k hearing aids.
The problem isn't the fundamental government type (none of them are foolproof), and it's not the big companies either (greed is universal and unstoppable) the problem is the legal system is going to the highest bidder, and that makes problems like this unsolvable by the little guy.
So, it took them 1 week to come out with an update to patch their browser?
They didn't patch their browser. That's not the way to fix the problem. The certificates Safari trusts are in the system keychain. Security Update 2011-005 addresses the problem.
Certificate Trust Policy
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.1, Lion Server v10.7.1
Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information
Description: Fraudulent certificates were issued by multiple certificate authorities operated by DigiNotar. This issue is addressed by removing DigiNotar from the list of trusted root certificates, from the list of Extended Validation (EV) certificate authorities, and by configuring default system trust settings so that DigiNotar's certificates, including those issued by other authorities, are not trusted.
So (1) it pulls DigiNotar from the chain of trust, and (2) sends all browsers (and email apps, and anything else that cares to validate certs) accurate information for EV certificates that chain off an untrusted root. Patching the browser shouldn't be necessary and wouldn't address the actual problem, although considering it took Apple an unusually long time to get this update out the door, I can see why some other browser vendors hardcoded out DigiNotar.
But for Apple this wasn't merely a matter of pulling a cert, they also had to fix a bug. Rushing a security bug fix out the door without testing it is arguably a worse security respopnse than taking a few days longer to test before pushing. (it's not like it took months like a few other big names I could toss in the ring to ignite a flame war)
if they happen to visit a site that uses the more-secure Extended Validation Certificates, the Mac will accept the EV certificate even if it's been issued by a certificate authority marked as untrusted in Keychain.
It's troubling that such a basic component of Internet security could have such an obvious flaw on the Mac, several security experts said Wednesday.
It's entertaining to watch the armchair quarterbacks at it, even the ones calling themselves "security experts". This isn't an "obvious" issue, root CAs aren't getting EV certs revoked all the time - it's incredibly rare. (when's the last time you can remember a root CA getting untrusted? I can count them on one hand) How can anyone consider a bug in an extremely rarely visited fork of code to be "obvious"? They're just making a lot of noise to get some attention. And sucker some readers. And you fell for it.
But I do agre that Apple needs to get their can in gear and issue a security update that removes the CAs from the system keychain, and fix the Do Not Trust status of EV certs. At least some of that may have already happened, I'm looking at my system and roots keychains and both of them show notar as untrusted. Interesting that the article didn't provide even one single link to test... can anyone provide a link? Talk about obvious things being overlooked, they need to do an Obvious Check on their own articles methinks!
so how do I revoke the public key if I lose control of the private key? guaranteeing authenticity when the key is initially exchanged is only half the fight - you have to be able to revoke it if something bad happens, otherwise you have a much bigger security problem develop. I suppose if you're only handing it out to one or two people it's not so big of a deal though.
if they removed explorer? that was a big part of their browser fight several years ago. Now that they totally lost that fight they're going to just give us the option to quit the desktop? They made it sound like Jesus himself couldn't remove IE from Windows.
While that does give you a key pair, it's not signed, (yes self-signed, I know, you know what I mean) and cannot easily be revoked because it can't be verified by any central signing authority.
The recipient may not find a self-generated key an acceptable way of signing something either, because there's no way to tie it to a specific identity or even name.
I'd call eating starch-filled plants and converting the starch into a different form of energy is no different than say eating meat or raw sugar for that matter.
Really the only thing that produces energy from outside the environment are plants, that produce energy from the sun.
Why do you need to get your email pgp keys from *anybody* except yourself? There are very few transactions where someone needs to know your actual identity.
Actually, I had to get a key pair from verisign for a previous employer who required my mileage forms to be submitted via signed email. But then verisign dropped their free basic email keys so I had to move to comodo. (are there any better/other free options?)
yup. The whole point of stenography is to hide the fact that you're hiding something in the first place. Most stenography methods are very poor at actually preventing the data from being confirmed as present (or even being collected) once discovered.
But I suppose steno'ing your encrypted data would be a worthwhile endeavor. Lower the odds of them realizing you're hiding something, and then if they discover you're hiding something, make that something difficult to figure out.
The SCOTUS doesn't have to hear your case, they only take on cases with merit. Even if they do request this case to be heard, it has zero chance of actually happening. So they're done now. At least in the courtroom.
If anyone has them, I'd love to see some actual statistics of how many cases are presented and how many are heard, giving a percentage. (on the average, over the last few years, or even to see how the numbers change over the years) I bet they have a fairly low percentage of cases heard. (10%?)
The sucky part of that is that's who I get my email pgp keys from. But really there needs to be a tiered CA system, where a CA is providing certs to anyone that asks, to people that have to prove themselves, and to government and other trusted sources. The way things are now, pulling the plug on an entire CA is the nuclear option.
"With a masterful nail in the optical disc coffin, Microsoft has announced that its new operating system will natively mount ISO disc images.
"Masterful"? That'd be like Ford waiting till 2012 to add a reverse gear to their transmissions? I don't think "masterful" is the word I'd pick. "slow cluestick" maybe.
it's also worth noting that the LDAP database, though encrypted, can have its password reset if you know which bits to twiddle. the server has to be able to access it, after all.
But that's true of any system that doesn't require a password during boot
or free energy. Why do people keep looking for ways to power stuff by (inefficiently) robbing it from other places? The last two posted here were shirts that flexed to power gadgets, and roads that had bumps in them to run road lighting.
However you do this, (1) you're going to make something else require more energy, and (2) introducing additional energy loss due to conversion. In this case, if you put some material in the soles to gather mechanical energy it's just going to make your feet a little more tired.
I see something of a relation between this and sales tax... sales taxes are applied to when you're already spending money and it just shaves a little off that doesn't look like it mattered too much. Same thing here, just making your commute a little more tiring with the idea that you won't really notice. Shoe power doesn't create energy any more than sales taxes create money.
I think you accidentally copied your argument from the fully automatic weapons discussion?
But that's ok, once the semis have been completely wiped you can reuse your argument once more for guns that use cartridge bullets, so we all have to go back to carrying powder and musket balls, just to keep the children safe.
I suppose my point is they're going to have to figure out where to draw the line. All the religious zealots have plenty of "proof" too y'know. Relics, visions, shrouds, and lots of books. Yes yes I know, but I'm not the one you're going to have to argue with. Consider your debate partners before you decide if you want to play that game...
Slashdot Mirror
Or at least install some little strip blacklights under all the cabinet and cupboard kicks to keep the floor areas lit. I must admit having a green glowing cat would be a novel thing. I assume this is a genetic trait and I bet you could get big bucks for glowing kittens.
I didn't see any mention of side-effects or other health issues in the article - you've got to wonder if there are any side-effects created such as blindness etc?
It's fluorescing. Yes, technically that is a "glow" but glow is a lot more general term. All fluorescing items glow, but not all glowing items fluoresce. Most people that read "glow" will expect to turn out the lights and see a green cat without needing to shine an invisible special lighting on it.
Assuming the local PHB won't react with a suicidal business decision on impulse and without forethought is a pretty dangerous gamble.
And if things are already bad enough there to put you in those waters to begin with, (i.e. managers already making dumb and reckless business decisions) it just increases the likelyhood of such an event.
I was just getting a little bit of a twitch when I read in the headline "Most computers today can't support gigabit connections". That certainly isn't my observation, as every computer in this building (all macs) has gigabit.
But I think at this particular time it's not as important in the desktops as it is in the switches, at least for LANs. Obviously gigabit internet connections aren't commonplace yet, and really, most desktop computers very rarely will benefit from that kind of speed in the home. It's more in the small businesses and offices right now that I see importance. The places that can use it, and are only just now deciding to upgrade their cables and their switches. Any respectable server will have gigabit already. Gigabit switches are still a tad too expensive in my opinion, I'd have expected the price to have dropped to 60% of where it is now, by this point in time. I've only got a 5 port gigabit at home, tied to the 16 port 10/100, and the servers and my two main machines are the only ones on it, for fast file transfers and moving data around. I'd like to have gigabit at every jack in the house, but it's just not worth the cost yet.
Until they get suedinto a stain on the floor for patent infringement by the squadron of lawyers a 30:1 profit margin can buy the big companies that make the $3k hearing aids.
The problem isn't the fundamental government type (none of them are foolproof), and it's not the big companies either (greed is universal and unstoppable) the problem is the legal system is going to the highest bidder, and that makes problems like this unsolvable by the little guy.
They didn't patch their browser. That's not the way to fix the problem. The certificates Safari trusts are in the system keychain. Security Update 2011-005 addresses the problem.
So (1) it pulls DigiNotar from the chain of trust, and (2) sends all browsers (and email apps, and anything else that cares to validate certs) accurate information for EV certificates that chain off an untrusted root. Patching the browser shouldn't be necessary and wouldn't address the actual problem, although considering it took Apple an unusually long time to get this update out the door, I can see why some other browser vendors hardcoded out DigiNotar.
But for Apple this wasn't merely a matter of pulling a cert, they also had to fix a bug. Rushing a security bug fix out the door without testing it is arguably a worse security respopnse than taking a few days longer to test before pushing. (it's not like it took months like a few other big names I could toss in the ring to ignite a flame war)
It's entertaining to watch the armchair quarterbacks at it, even the ones calling themselves "security experts". This isn't an "obvious" issue, root CAs aren't getting EV certs revoked all the time - it's incredibly rare. (when's the last time you can remember a root CA getting untrusted? I can count them on one hand) How can anyone consider a bug in an extremely rarely visited fork of code to be "obvious"? They're just making a lot of noise to get some attention. And sucker some readers. And you fell for it.
But I do agre that Apple needs to get their can in gear and issue a security update that removes the CAs from the system keychain, and fix the Do Not Trust status of EV certs. At least some of that may have already happened, I'm looking at my system and roots keychains and both of them show notar as untrusted. Interesting that the article didn't provide even one single link to test... can anyone provide a link? Talk about obvious things being overlooked, they need to do an Obvious Check on their own articles methinks!
Actually they usually go with hired private security for things like this.
"FBI style raids"? seriously, lose the drama.
so how do I revoke the public key if I lose control of the private key? guaranteeing authenticity when the key is initially exchanged is only half the fight - you have to be able to revoke it if something bad happens, otherwise you have a much bigger security problem develop. I suppose if you're only handing it out to one or two people it's not so big of a deal though.
if they removed explorer? that was a big part of their browser fight several years ago. Now that they totally lost that fight they're going to just give us the option to quit the desktop? They made it sound like Jesus himself couldn't remove IE from Windows.
quitting the Finder on a Mac, since Finder runs as a (rather persistent) application.
While that does give you a key pair, it's not signed, (yes self-signed, I know, you know what I mean) and cannot easily be revoked because it can't be verified by any central signing authority.
The recipient may not find a self-generated key an acceptable way of signing something either, because there's no way to tie it to a specific identity or even name.
I'd call eating starch-filled plants and converting the starch into a different form of energy is no different than say eating meat or raw sugar for that matter.
Really the only thing that produces energy from outside the environment are plants, that produce energy from the sun.
Thank you for the clarifications, I'm poor at doing that sort of research :)
Actually, I had to get a key pair from verisign for a previous employer who required my mileage forms to be submitted via signed email. But then verisign dropped their free basic email keys so I had to move to comodo. (are there any better/other free options?)
yup. The whole point of stenography is to hide the fact that you're hiding something in the first place. Most stenography methods are very poor at actually preventing the data from being confirmed as present (or even being collected) once discovered.
But I suppose steno'ing your encrypted data would be a worthwhile endeavor. Lower the odds of them realizing you're hiding something, and then if they discover you're hiding something, make that something difficult to figure out.
The SCOTUS doesn't have to hear your case, they only take on cases with merit. Even if they do request this case to be heard, it has zero chance of actually happening. So they're done now. At least in the courtroom.
If anyone has them, I'd love to see some actual statistics of how many cases are presented and how many are heard, giving a percentage. (on the average, over the last few years, or even to see how the numbers change over the years) I bet they have a fairly low percentage of cases heard. (10%?)
The sucky part of that is that's who I get my email pgp keys from. But really there needs to be a tiered CA system, where a CA is providing certs to anyone that asks, to people that have to prove themselves, and to government and other trusted sources. The way things are now, pulling the plug on an entire CA is the nuclear option.
"Masterful"? That'd be like Ford waiting till 2012 to add a reverse gear to their transmissions? I don't think "masterful" is the word I'd pick. "slow cluestick" maybe.
it's also worth noting that the LDAP database, though encrypted, can have its password reset if you know which bits to twiddle. the server has to be able to access it, after all.
But that's true of any system that doesn't require a password during boot
I'd like to see the "What the hell is wrong with you?" comments made by the circuit judges...
this
or free energy. Why do people keep looking for ways to power stuff by (inefficiently) robbing it from other places? The last two posted here were shirts that flexed to power gadgets, and roads that had bumps in them to run road lighting.
However you do this, (1) you're going to make something else require more energy, and (2) introducing additional energy loss due to conversion. In this case, if you put some material in the soles to gather mechanical energy it's just going to make your feet a little more tired.
I see something of a relation between this and sales tax... sales taxes are applied to when you're already spending money and it just shaves a little off that doesn't look like it mattered too much. Same thing here, just making your commute a little more tiring with the idea that you won't really notice. Shoe power doesn't create energy any more than sales taxes create money.
I think you accidentally copied your argument from the fully automatic weapons discussion?
But that's ok, once the semis have been completely wiped you can reuse your argument once more for guns that use cartridge bullets, so we all have to go back to carrying powder and musket balls, just to keep the children safe.
I suppose my point is they're going to have to figure out where to draw the line. All the religious zealots have plenty of "proof" too y'know. Relics, visions, shrouds, and lots of books. Yes yes I know, but I'm not the one you're going to have to argue with. Consider your debate partners before you decide if you want to play that game...