It's a 2-step process: How likely is this cert to be real? (i.e. how diligent is the CA in making sure the entity is who they claim to be), and how trustworthy is the entity?
Personally I don't like the fact that my browser is pre-configred with a bunch of big commercial CAs. What business is it of someone else to decide who I should trust or not?
This mob will run into the same problems as CaCERT: convincing browser distributeers to include their root certificate.
(Hello Microsoft, We're a communist OpenSource project trying to educate
netizens that they don't have to fork out gazzillions of dollars to big corporations use the Web.
Would you mind helping us by including our root certificate with IE? Hello? Did we get cut off?)
Without that, the cert is not much better than a self-signed one.
no, the point of a cert is that you can verify that you're talking to the entity that the cert was issued to.
The idea is that you can then make trust decisions based on the entity, knowing that that's who you are actually taliking to. You're trusting the certificate rathern than ths DNS, router, ISP and about a squillion ohter points of attack for a man-in-the-middle.
You can also go bejond simply looking for the pretty padlock icon, I called my bank and got them to read the cert fingerprint over the phone before I used their web-banking site.
The REAL problem with certs is the amount of money to be made issuing them, and the total lack of care CA's take in doing so. A fake microsoft cert was issued. Certs are issued for blatently evil names (like "virus-free, click OK to continue").
There will then be a great debate over whether or not Microsoft should do this and put traditional suppliers of firewalls at risk.
In the end, those in the know will use thrid-party firewalls due to their superior features, like egress filtering.
What platforms are going to be supported? Are they going to mandate which OS I can run on my ISP?
What about the security implications of having someone elses code running on you server? What's the MPAA going to do if a bug in their filtering software
is used to compromise a server?
What about performance? Privacy? How is this going to affect ISPs customers?
This is getting more and more ridiculous. I agree that 'piracy' (your definition may vary) is a Bad Thing and should be stopped,
but there should be a line bejond which an indistry can't expect protections for it's business model.
Technology makes new industries, but it also destroys old ones.
For a long time proto-processing labs have had steady income processing 35mm film.
Now that digital cameras are becoming common-place, there is less need for them. Some are adapting, some are closing.
They are not, however, passing a law that mandates people make hardcopies of digital photos so that they can stay in business!
If 'piracy' is such a problem, maybe stop releasing movies and restrict customers to theaters.
The only reason piracy is a problem is because they want to use the available technology to make more money,
but then they complain when others use the same technology to save money!
HP48SX
I bought one, 12 or so years ago.
It cost a mint at the time, but it is the _BEST_ most _BRILLIANT_ calculator I have _EVER_ seen or used! It absolutley craps over everything else!
No, it doesn't have a calendar, colour screen or polyphonic sound, but it does everything I need.
At a seminar it outperformed 20 laptops with Excel: a few lines of RPN and I got the answers faster than the custom spreadsheet that took days to prepare.
Bring out a worthy successor and I'll buy it!
(and yes, this is happening to Microsoft - Linux market share is growing, and since all market shares must add up to exactly 100%, someone else must be declining)
The party line here has always been that LINUX is taking over from other UNIXes rather than Windows.
This has been the party line for so long I wonder just how much UNIX there could possibly have been to start with....
The interesting thing is that no-one ever seems to mention that Windows-${latest_and_greatest}
growth seems to be mostly at the expense of older Windows', and mostly through attrition rather than choice.
On a Microfsoft Bulleting board I saw a question about installing 2 bootable partitons of Windows XP.
The answer concluded with "but remember that, under the EULA, you have to buy an additional license".
I had a similar situation, being advised that installing Office on a 98/NT dual-boot system would require two licenses.
How do you defend the requirement to buy 2 licenses when, obviously, only one can be used at a time?
There's nothing wrong with the Pinto either, provide you know how to handle tuck-in.
I think what you meant to say it:
"Provided you know what you're doing, which most 'bought-this-PC-thingy-at-Wallmart' users don't, you can safely use whatever softwre you want".
... unless you have dial-up (believe it or not, some people still do!) in which case you have to stay on long enough for the patches to download (mid-march should do)
we should take the valuable organs of these heinous criminals, and donate them to people who are waiting for a replacement organ
now we're talking!
If you could keep them alive while harvesting their organs we'd finally negate the standard "killing them that was is not slow/painfull enough" objection.
MS will win this in the medium term, they have the most $$ to throw at it, and they can skew the field by making MSN the mandatory default.
Searchengine technology will then suck for a while.
Eventually, a community-based project will come along and challenge MS (maybe a firefox plugin to feed a distributed page ranking system using bittorrent to sync the databases)
Been there, done that (web-browsers, mail client, OS, word-processor etc)
So in the meantime, keep producing MORE unsecure documents?
I'd prefer to have the problem fixed ASAP so that the number of vulnerable documents is minimized if/when a tool becomes available.
You're right about one thing though, the way Microsoft assigns priorities is according to their own needs/wants, not mine.
The cost to Microsoft of isuing a high-priority fix (bad publicity, cost of developing patch) is higher than the cost of rolling it out quietly later. That the risk to me is higher does not factor into their equation.
(and no, this is not intended as MS bashing, but just as a "this is how things work in the real world" example. All corporations exist to make money, satisfied customers are sometimes a byproduct).
tracking is not always a technical thing.
"So, what sports did you do on the weekend?, How did your home-team do?"
"How's the weather?"
"Our school/sports uniform is ugly, what does your look like?"
Nothing technical about these, nothing encryption will solve, but innocent answers to these questions will allow a predator to 'track' a victim.
prices aren't the only barrier to entry in a market.
The word-processor market should be competition-friendly given the price of word, but it's not, given the lock-in achieved by the.doc format.
Once you have a monopoly you can keep competition out using 'dirty tricks'. That's why monopolies are bad for consumers (after all, competition is suppsoed to be the cure-all for consumer satisfaction in capitalism), and that's why there are laws to curb monopolies.
Slashdot Mirror
yeah... probably SUS servers to support the desktops :-)
"Free spyware programs are available at www.download.com"
:-)
you forgot the drop-bears.
Good thing the 'real' CA's don't make mistakes.
It's a 2-step process: How likely is this cert to be real? (i.e. how diligent is the CA in making sure the entity is who they claim to be), and how trustworthy is the entity?
Personally I don't like the fact that my browser is pre-configred with a bunch of big commercial CAs. What business is it of someone else to decide who I should trust or not?
This mob will run into the same problems as CaCERT: convincing browser distributeers to include their root certificate.
(Hello Microsoft, We're a communist OpenSource project trying to educate netizens that they don't have to fork out gazzillions of dollars to big corporations use the Web. Would you mind helping us by including our root certificate with IE? Hello? Did we get cut off?)
Without that, the cert is not much better than a self-signed one.
no, the point of a cert is that you can verify that you're talking to the entity that the cert was issued to.
The idea is that you can then make trust decisions based on the entity, knowing that that's who you are actually taliking to. You're trusting the certificate rathern than ths DNS, router, ISP and about a squillion ohter points of attack for a man-in-the-middle.
You can also go bejond simply looking for the pretty padlock icon, I called my bank and got them to read the cert fingerprint over the phone before I used their web-banking site.
The REAL problem with certs is the amount of money to be made issuing them, and the total lack of care CA's take in doing so. A fake microsoft cert was issued. Certs are issued for blatently evil names (like "virus-free, click OK to continue").
Obviously: if the specs of the cord had been available to everyone, then someone could have spotted the design flaw and corrected it.
Apparently you can download patch-cable from xboxupdate.microsoft.com to alleviate the problem.
A firewall will be included in XBox-SP2.
There will then be a great debate over whether or not Microsoft should do this and put traditional suppliers of firewalls at risk.
In the end, those in the know will use thrid-party firewalls due to their superior features, like egress filtering.
Seriously, haven't people leanr that you need a firewall yet, especially if you're running Microsoft products?
... the cats to?
OH... it provides food FOR the cats. Silly me.
along with related tools from other companies
What platforms are going to be supported? Are they going to mandate which OS I can run on my ISP?
What about the security implications of having someone elses code running on you server? What's the MPAA going to do if a bug in their filtering software is used to compromise a server?
What about performance? Privacy? How is this going to affect ISPs customers?
This is getting more and more ridiculous. I agree that 'piracy' (your definition may vary) is a Bad Thing and should be stopped, but there should be a line bejond which an indistry can't expect protections for it's business model.
Technology makes new industries, but it also destroys old ones.
For a long time proto-processing labs have had steady income processing 35mm film.
Now that digital cameras are becoming common-place, there is less need for them. Some are adapting, some are closing.
They are not, however, passing a law that mandates people make hardcopies of digital photos so that they can stay in business!
If 'piracy' is such a problem, maybe stop releasing movies and restrict customers to theaters. The only reason piracy is a problem is because they want to use the available technology to make more money, but then they complain when others use the same technology to save money!
[/rant]
HP48SX
I bought one, 12 or so years ago.
It cost a mint at the time, but it is the _BEST_ most _BRILLIANT_ calculator I have _EVER_ seen or used! It absolutley craps over everything else!
No, it doesn't have a calendar, colour screen or polyphonic sound, but it does everything I need.
At a seminar it outperformed 20 laptops with Excel: a few lines of RPN and I got the answers faster than the custom spreadsheet that took days to prepare.
Bring out a worthy successor and I'll buy it!
(and yes, this is happening to Microsoft - Linux market share is growing, and since all market shares must add up to exactly 100%, someone else must be declining)
The party line here has always been that LINUX is taking over from other UNIXes rather than Windows. This has been the party line for so long I wonder just how much UNIX there could possibly have been to start with....
The interesting thing is that no-one ever seems to mention that Windows-${latest_and_greatest} growth seems to be mostly at the expense of older Windows', and mostly through attrition rather than choice.
On a Microfsoft Bulleting board I saw a question about installing 2 bootable partitons of Windows XP.
The answer concluded with "but remember that, under the EULA, you have to buy an additional license".
I had a similar situation, being advised that installing Office on a 98/NT dual-boot system would require two licenses.
How do you defend the requirement to buy 2 licenses when, obviously, only one can be used at a time?
I've just learned to reset the stupid code myself and ignore it.
Dude, you just voided your warranty......
So driving (low-tech) would have been cheaper, faster and gotten you where you actually wanted to go.
This sounds like the definition of high-tech to me.......
There's nothing wrong with the Pinto either, provide you know how to handle tuck-in.
I think what you meant to say it:
"Provided you know what you're doing, which most 'bought-this-PC-thingy-at-Wallmart' users don't, you can safely use whatever softwre you want".
... unless you have dial-up (believe it or not, some people still do!) in which case you have to stay on long enough for the patches to download (mid-march should do)
we should take the valuable organs of these heinous criminals, and donate them to people who are waiting for a replacement organ
now we're talking!
If you could keep them alive while harvesting their organs we'd finally negate the standard "killing them that was is not slow/painfull enough" objection.
MS will win this in the medium term, they have the most $$ to throw at it, and they can skew the field by making MSN the mandatory default.
Searchengine technology will then suck for a while.
Eventually, a community-based project will come along and challenge MS (maybe a firefox plugin to feed a distributed page ranking system using bittorrent to sync the databases)
Been there, done that (web-browsers, mail client, OS, word-processor etc)
So in the meantime, keep producing MORE unsecure documents?
I'd prefer to have the problem fixed ASAP so that the number of vulnerable documents is minimized if/when a tool becomes available.
You're right about one thing though, the way Microsoft assigns priorities is according to their own needs/wants, not mine.
The cost to Microsoft of isuing a high-priority fix (bad publicity, cost of developing patch) is higher than the cost of rolling it out quietly later. That the risk to me is higher does not factor into their equation.
(and no, this is not intended as MS bashing, but just as a "this is how things work in the real world" example. All corporations exist to make money, satisfied customers are sometimes a byproduct).
Damn! :-)
and I though you could get this thing to watch cricket and explain the rules to me
tracking is not always a technical thing.
"So, what sports did you do on the weekend?, How did your home-team do?"
"How's the weather?"
"Our school/sports uniform is ugly, what does your look like?"
Nothing technical about these, nothing encryption will solve, but innocent answers to these questions will allow a predator to 'track' a victim.
prices aren't the only barrier to entry in a market. .doc format.
The word-processor market should be competition-friendly given the price of word, but it's not, given the lock-in achieved by the
Once you have a monopoly you can keep competition out using 'dirty tricks'. That's why monopolies are bad for consumers (after all, competition is suppsoed to be the cure-all for consumer satisfaction in capitalism), and that's why there are laws to curb monopolies.
Maybe MS will stop selling Windows until its problems are fixed :-)