Before you respond to an obvious troll, look at the profile. I only found one post of his not modded -1, and it was 0. Ignore them, and they soon get modded to oblivion. Respond, and he will respond back and have faff material for days.
That is actually a problem with the basis for this, Add Block Plus. http://adblockplus.org/en/ Which is why, while I use it, I do not use the built in lists. Go figure that the feature I am promoting in my shameless ripp off is the one I do not use in the originator.:)
Not SELF SIGNS CERTS! I have seen the warnings in FireFox! SELF SIGNED CERTS will eat my babies, rape my dog, and make my hair fall out! Anything but that!
Yes, this is sarcasm in that FireFox will go apeshit over a self signed cert, but pass all these fraudulent ones for months until people actually run the update.
Time for a new plug in. Cert Blocker Plus. Automatically updates with a list of certs know to be compromised, questionable, run by governments, or members of the opposing party.:) (Actually, I can see this coming out soon, and if someone patents this, I call prior art!)
Too big to fail means too big to give a shit. Failure is the motivator for performance. With no cost for bad performance, there is no incentive for good. Just ask the "big" banks, or better yet, ask the customers...
'Secure' is not a boolean. SSL is 'secure' by some criteria, not by others. SSL can be much more secure than the common implementation today, and my doubt is whether a technical approach exists that would do better than SSL in the face of the same non-technical circumstances watering down SSL security.
This is the heart of my argument. Self signed certs are also secure in a specific set of circumstances. But they set of every alarm in the typical browser. The difference of the behavior in a browser between "official" cirts and self signed cirts is far more than the difference in security. (In many situations)
Not what I am saying. I am saying that self signed cirts are not the evil that modern browsers make them out to be, and official CAs are not the paragon of security.
Has anyone analyzed how many browsers already have updates invalidating DigiNotar authority or discussed if DigiNotar has a functional OSCP that is returning accurately? The system when used *as designed* does stop MITM attacks. This is the first widespread compromise of a CA that I can recall, and I expect already many users are in browsers that already distrust the compromised key. I suspect most people will have updated their CA certs without even being aware of this incident within a few months. So it does stop MITM attacks.
Second big one, but I can't find a link to the first. (Google is flooded with this one...) And it does not matter if you have a condom for every partner but that one with AIDS. http://blog.thoughtcrime.org/ssl-and-the-future-of-authenticity SSL is not secure, and has not been for a while. The fact that it is going public now is a lag behind the lack of security.
I can accept that in many cases. It is when they flip flop later to blaming me for the exact thing I warned them about that I start polishing up the CV.
No, I really am not concerned with MITM attacks on my own LAN, and in the VPN network. To keep the dogs in the yard, a latch really is as good as a key. And it still trivially encrypts the connection. There are many reasons to have some security when you can not justify the $400 for a cirt that still does not stop MITM attacks. That is the fucking point!
Doing it right costs more money than the PHBs want to spend. At every job I have had, I have gone to management with "This is a bad idea, and it will bite us." Most of the time when we get bit, I do not get the blame. Sometimes, even with the repeated and documented warnings, I get the blame anyway. And soon after, a new job with a, hopefully, more sane company.
Well, here are the requirements for a CA's certificate to be included in Mozilla products. In particular, they require an independent audit of the CA's policies and internal operations. Presumably other browser vendors follow similar procedures.
Now I get it! He was not a hacker, or a cracker. He was an independent auditor!
And crap like this is why I don't understand why my browser has to go apeshit over self singed cirts. "Oh My God! You may be at risk because this cirt was MADE BY SOMEONE WITH A CLUE!"
Production servers, and development workstations. Works for me.:) Why spend the $5000-10000 for high availability and high speed drive arrays for development, when a $1500 workstation will do it just as well?
So once you add the new CPU, (Can't fit an i905 into an AMD motherboard) and the more expensive memory to have it at least 24 gig, it is well more than 10 times that $50. And it is a development workstation. VMs at will with no change management, unlike the VM server.
The problem is that most of the motherboards that came with this crappy chip were a lot more than $50. Like mine. It has 6 memory slots so I have (and do) have 24 gig of ram. Also, USB3, eSATA, and a total of 12 SATA ports. And for some people who actually use this (It is a VM development machine) it is actually needed. So can you give me a $50 motherboard with all that? How about for $100. And I would like to reuse my DDR3 ram, and LGA1366 i950, if it is not too much trouble.
Apple is a lot of bad things, but stupid ain't one of them. I can not remember the exact statistic, but something like 75% of people think they are above avarage intelligence. (Really not a joke) And we all know many people who THINK they are technical geniuses. They are the ones with the messed up and infected computers, and bricked phones, routers, and consoles. Apple is doing it to save the support costs.
I hate Apple, but do not think they are stupid. They are fiendishly brilliant, some of the best UI designers in the world, and a marketing juggernaut.
While I agree in concept, I dispute the specifics. Out of an office of 100 people, I could not find 5 that did not need computers. And only 10 that could use Open/Libre Office over MS Office. Also, no more Taxes online. No QuickBooks. No Real Estate Brokers, or mortgage brokers. Also, forget graphic design, or audio / video work. Administrative assistants are right out. Most call centers too. Also, writers, and any business consultant, project managers...All this without mentioning geeks, be they IT guys, medical, or scientists.
In short, the only place that it can have near total penetration, is the unemployed. Which, while growing far to fast, is not 90%.
Admittedly, my sample has less blithering idiots than the public at large...
In other words, "People who don't think the way I want them to are just blithering idiots". This may come as a surprise to you, but someone that is not technically inclined or just plain doesn't need or want a super-customizable gadget doesn't make them an idiot.
No, read what I said again. Perhaps a few times, but I am sure you will eventually get it. I simply don't like to hang out with people who can not reason things out. I have a lot of non-technical friends and family. But they have other skills. What I do not have is a lot of layabouts sucking on disability or the government teat. And we know there are a lot of those, so my sample is probably skewed.
No, it is a mindset. Either you want freedom and accept responsibility for maintaining it, or not. For many people it is not, both in hardware and in society. For others, freedom is something worth working for. And I am not the only gun owning, personal responsibility, free choice FOSS advocate. http://esr.ibiblio.org/http://blogsofwar.com/About/ Are some examples. I am sure there are more.
I was wondering if anyone else would notice this. It can only "replace" a desktop or laptop for a very limited subset of users. It it can augment them very well! Just not at $500.
Very vocal minority are making noise that they want hackable widgets. How about some statistics showing just how many widgets are actually hacked? Is it even 5%?
And that is assuming your 5% is correct, which I disagree with. Cynaogen is almost mainstream. http://www.theregister.co.uk/2011/08/22/android_on_touchpad_project/ Almost everyone I know with an Android, has it. Admittedly, my sample has less blithering idiots than the public at large...
Slashdot Mirror
Before you respond to an obvious troll, look at the profile. I only found one post of his not modded -1, and it was 0. Ignore them, and they soon get modded to oblivion. Respond, and he will respond back and have faff material for days.
That is actually a problem with the basis for this, Add Block Plus. http://adblockplus.org/en/ Which is why, while I use it, I do not use the built in lists. Go figure that the feature I am promoting in my shameless ripp off is the one I do not use in the originator. :)
Not SELF SIGNS CERTS! I have seen the warnings in FireFox! SELF SIGNED CERTS will eat my babies, rape my dog, and make my hair fall out! Anything but that!
Yes, this is sarcasm in that FireFox will go apeshit over a self signed cert, but pass all these fraudulent ones for months until people actually run the update.
Time for a new plug in. Cert Blocker Plus. Automatically updates with a list of certs know to be compromised, questionable, run by governments, or members of the opposing party. :) (Actually, I can see this coming out soon, and if someone patents this, I call prior art!)
Too big to fail means too big to give a shit. Failure is the motivator for performance. With no cost for bad performance, there is no incentive for good. Just ask the "big" banks, or better yet, ask the customers...
Never said home. I said "My own LAN" and it is on all the network web config pages.
SSL is not secure, and has not been for a while.
'Secure' is not a boolean. SSL is 'secure' by some criteria, not by others. SSL can be much more secure than the common implementation today, and my doubt is whether a technical approach exists that would do better than SSL in the face of the same non-technical circumstances watering down SSL security.
This is the heart of my argument. Self signed certs are also secure in a specific set of circumstances. But they set of every alarm in the typical browser. The difference of the behavior in a browser between "official" cirts and self signed cirts is far more than the difference in security. (In many situations)
Not what I am saying. I am saying that self signed cirts are not the evil that modern browsers make them out to be, and official CAs are not the paragon of security.
Has anyone analyzed how many browsers already have updates invalidating DigiNotar authority or discussed if DigiNotar has a functional OSCP that is returning accurately? The system when used *as designed* does stop MITM attacks. This is the first widespread compromise of a CA that I can recall, and I expect already many users are in browsers that already distrust the compromised key. I suspect most people will have updated their CA certs without even being aware of this incident within a few months. So it does stop MITM attacks.
Second big one, but I can't find a link to the first. (Google is flooded with this one...) And it does not matter if you have a condom for every partner but that one with AIDS. http://blog.thoughtcrime.org/ssl-and-the-future-of-authenticity SSL is not secure, and has not been for a while. The fact that it is going public now is a lag behind the lack of security.
I can accept that in many cases. It is when they flip flop later to blaming me for the exact thing I warned them about that I start polishing up the CV.
No, I really am not concerned with MITM attacks on my own LAN, and in the VPN network. To keep the dogs in the yard, a latch really is as good as a key. And it still trivially encrypts the connection. There are many reasons to have some security when you can not justify the $400 for a cirt that still does not stop MITM attacks. That is the fucking point!
Doing it right costs more money than the PHBs want to spend. At every job I have had, I have gone to management with "This is a bad idea, and it will bite us." Most of the time when we get bit, I do not get the blame. Sometimes, even with the repeated and documented warnings, I get the blame anyway. And soon after, a new job with a, hopefully, more sane company.
Well, here are the requirements for a CA's certificate to be included in Mozilla products. In particular, they require an independent audit of the CA's policies and internal operations. Presumably other browser vendors follow similar procedures.
Now I get it! He was not a hacker, or a cracker. He was an independent auditor!
Can you find me 5 people that have never broken the "cup holder" that believe our current system is a "good security system?"
And crap like this is why I don't understand why my browser has to go apeshit over self singed cirts. "Oh My God! You may be at risk because this cirt was MADE BY SOMEONE WITH A CLUE!"
Personally I think emulators should be legal, but I have no idea how a lawyer would argue this in court
The same way the after-market industry argued for car parts. Saying the oil filter is for a Ford V8 is descriptive, not infringement.
Production servers, and development workstations. Works for me. :) Why spend the $5000-10000 for high availability and high speed drive arrays for development, when a $1500 workstation will do it just as well?
So once you add the new CPU, (Can't fit an i905 into an AMD motherboard) and the more expensive memory to have it at least 24 gig, it is well more than 10 times that $50. And it is a development workstation. VMs at will with no change management, unlike the VM server.
The problem is that most of the motherboards that came with this crappy chip were a lot more than $50. Like mine. It has 6 memory slots so I have (and do) have 24 gig of ram. Also, USB3, eSATA, and a total of 12 SATA ports. And for some people who actually use this (It is a VM development machine) it is actually needed. So can you give me a $50 motherboard with all that? How about for $100. And I would like to reuse my DDR3 ram, and LGA1366 i950, if it is not too much trouble.
Apple is stupid, is my point
Apple is a lot of bad things, but stupid ain't one of them. I can not remember the exact statistic, but something like 75% of people think they are above avarage intelligence. (Really not a joke) And we all know many people who THINK they are technical geniuses. They are the ones with the messed up and infected computers, and bricked phones, routers, and consoles. Apple is doing it to save the support costs.
I hate Apple, but do not think they are stupid. They are fiendishly brilliant, some of the best UI designers in the world, and a marketing juggernaut.
While I agree in concept, I dispute the specifics. Out of an office of 100 people, I could not find 5 that did not need computers. And only 10 that could use Open/Libre Office over MS Office. Also, no more Taxes online. No QuickBooks. No Real Estate Brokers, or mortgage brokers. Also, forget graphic design, or audio / video work. Administrative assistants are right out. Most call centers too. Also, writers, and any business consultant, project managers...All this without mentioning geeks, be they IT guys, medical, or scientists.
In short, the only place that it can have near total penetration, is the unemployed. Which, while growing far to fast, is not 90%.
Admittedly, my sample has less blithering idiots than the public at large...
In other words, "People who don't think the way I want them to are just blithering idiots". This may come as a surprise to you, but someone that is not technically inclined or just plain doesn't need or want a super-customizable gadget doesn't make them an idiot.
No, read what I said again. Perhaps a few times, but I am sure you will eventually get it. I simply don't like to hang out with people who can not reason things out. I have a lot of non-technical friends and family. But they have other skills. What I do not have is a lot of layabouts sucking on disability or the government teat. And we know there are a lot of those, so my sample is probably skewed.
No, it is a mindset. Either you want freedom and accept responsibility for maintaining it, or not. For many people it is not, both in hardware and in society. For others, freedom is something worth working for. And I am not the only gun owning, personal responsibility, free choice FOSS advocate. http://esr.ibiblio.org/ http://blogsofwar.com/About/ Are some examples. I am sure there are more.
I was wondering if anyone else would notice this. It can only "replace" a desktop or laptop for a very limited subset of users. It it can augment them very well! Just not at $500.
Very vocal minority are making noise that they want hackable widgets. How about some statistics showing just how many widgets are actually hacked? Is it even 5%?
OK. 5% of 65million phones is 3.25 million phones. (Probably more as I only found old data with a quick google) In 2009, Palm, Symbian and "Others" was only 3.7 million phones. So I guess that 5% is enough. http://seekingalpha.com/article/194442-predicting-2010-north-american-smartphone-market-share
And that is assuming your 5% is correct, which I disagree with. Cynaogen is almost mainstream. http://www.theregister.co.uk/2011/08/22/android_on_touchpad_project/ Almost everyone I know with an Android, has it. Admittedly, my sample has less blithering idiots than the public at large...