I have to wonder who in their right mind would be represented by the EFF these days. Their track record is like wearing a sign on your back that says "please laugh me out of court."
Consider reading the links in the article. Obfuscation isn't a fix.
Article says, that DJBDNS does not suffer from this attack. It does. Everyone does. With some tweaks it can take longer than BIND, but overall problem is there.
there close to a billion people on the net that wouldnt tell what to do when faced with such a disastrous looking warning as ff 3 prints out when met with a self signed ca.
Then it's a good thing the page tells you what your options are and how to go about them, huh?
also there are equally many people that would rather skip visiting/subscribing to a site when they see the hassle ff3 puts out.
That's the idea. Any "secure" site that can be bothered with the hassle of running legitimately probably isn't worth/shouldn't be visited.
therefore many small service providers, businesses, communities that would not afford a decent certificate will be hurt in all respects, not to mention many users.
Certs are 10 bucks.
that is the EXACT kind of thing slashdot criticizes almost EVERY government, country, organization, corporation for, yet, you people are actually applauding it in this case.
A.) You don't need to buy certs from Mozilla, you can buy them from any number of CA's, for as little as $10. There are some free CA's, as well. B.) This isn't in any way related to network neutrality.
$ dig +short porttest.dns-oarc.net TXT @4.2.2.1 z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. "209.244.7.40 is POOR: 26 queries in 2.0 seconds from 1 ports with std dev 0.00"
$ dig +short porttest.dns-oarc.net TXT @4.2.2.2 z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. "209.244.7.34 is POOR: 26 queries in 1.9 seconds from 1 ports with std dev 0.00"
The problem with an opt-in approach is that you'll only hear from the vocal minority. Most of the time, that's the *worst* demographic to make decisions based on. Blizzard has done an excellent job of not falling into that trap as compared to, say, SOE.
I run an 8 GB Transcend 133x in my Alix board as a router/firewall on FreeBSD, and the BIOS and OS pick it up as UDMA33 without a problem. I get sustained reads of 33 MB/s and writes of about 9.5 MB/s.
Did you read the parent post? Communication from the exit node to the end point remains unencrypted, and exit nodes can't be trusted. SSL between nodes doesn't help, you aren't magically connecting to an unencrypted service with SSL.
nVidia's binary drivers and X.org's Intel drivers have had XvMC support for well over a year. I've been using both card successfully with Xine and accelerated 1080p video. I think the news here is that the nouveau project is catching up, but that's hardly clear from the article.
If you run the math on the 100/100 Mbit (Japanese) connections in question, these caps are equal to only 3% of a user's upload 24/7. In Comcast's area, that would be 324 MB a day for 6/1 service, or 9.7 GB a month.
These caps are much, much worse for the service offered than Comcast's rumored 250 GB cap or the actual 400+ GB cap they currently use to remove excessive users from their network today.
These caps are equal to 3% of a user's upload 24/7. In Comcast's area, that would be 324 MB a day for 6/1 service, or 9.7 GB a month.
These caps are much, much worse for the service offered than Comcast's rumored 250 GB cap or the actual 400+ GB cap they currently use to remove excessive users from their network today.
Any when they return to kill American soldiers, how many can die before it becomes not okay to grant constitutional rights to non-citizens? 5, 50, 100? How many US soldiers being killed is okay by you, cutecub?
No. ISPs in the US stopped referring to unlimited bandwidth or usage 5+ years ago, and it was certainly never written into any contract. Occasionally you might see a reference to unlimited access, but that's just that, access.
Slashdot Mirror
Database, not filesystem. Thanks for almost bothering to read the summary, though.
Like change system files? Nope. How about bind to privileged ports? Nope. So... it can mess up my documents? Darn.
Can you cite which Federal law allows you to mount satellite dishes on property you don't own?
I have to wonder who in their right mind would be represented by the EFF these days. Their track record is like wearing a sign on your back that says "please laugh me out of court."
Consider reading the links in the article. Obfuscation isn't a fix.
Article says, that DJBDNS does not suffer from this attack. It does. Everyone does. With some tweaks it can take longer than BIND, but overall problem is there.
theyblackhatsstupid
I think the best protest is really just not to fly, but unfortunately this isn't always an option.
It certainly seems to work well for Slashdot posters. Doesn't stop many of them from posting their "expert" opinions on the topic, either.
It sounds like Mozilla did you a favor by highlighting your egregiously broken firewall.
there close to a billion people on the net that wouldnt tell what to do when faced with such a disastrous looking warning as ff 3 prints out when met with a self signed ca.
Then it's a good thing the page tells you what your options are and how to go about them, huh?
also there are equally many people that would rather skip visiting/subscribing to a site when they see the hassle ff3 puts out.
That's the idea. Any "secure" site that can be bothered with the hassle of running legitimately probably isn't worth/shouldn't be visited.
therefore many small service providers, businesses, communities that would not afford a decent certificate will be hurt in all respects, not to mention many users.
Certs are 10 bucks.
that is the EXACT kind of thing slashdot criticizes almost EVERY government, country, organization, corporation for, yet, you people are actually applauding it in this case.
Are you done yet?
A.) You don't need to buy certs from Mozilla, you can buy them from any number of CA's, for as little as $10. There are some free CA's, as well.
B.) This isn't in any way related to network neutrality.
Perhaps they could pay for their own Internet access. Like, ya know, everyone else.
Use the -threads switch.
Worse.
$ dig +short porttest.dns-oarc.net TXT @4.2.2.1
z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
"209.244.7.40 is POOR: 26 queries in 2.0 seconds from 1 ports with std dev 0.00"
$ dig +short porttest.dns-oarc.net TXT @4.2.2.2
z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
"209.244.7.34 is POOR: 26 queries in 1.9 seconds from 1 ports with std dev 0.00"
FUD. Dual_EC-DRBG is optional and off by default.
Actually, it's a .0.1 release. Firefox 3.1 (alpha due this summer) has a lot of new features that didn't make it in time for 3.0.
The problem with an opt-in approach is that you'll only hear from the vocal minority. Most of the time, that's the *worst* demographic to make decisions based on. Blizzard has done an excellent job of not falling into that trap as compared to, say, SOE.
I run an 8 GB Transcend 133x in my Alix board as a router/firewall on FreeBSD, and the BIOS and OS pick it up as UDMA33 without a problem. I get sustained reads of 33 MB/s and writes of about 9.5 MB/s.
Did you read the parent post? Communication from the exit node to the end point remains unencrypted, and exit nodes can't be trusted. SSL between nodes doesn't help, you aren't magically connecting to an unencrypted service with SSL.
nVidia's binary drivers and X.org's Intel drivers have had XvMC support for well over a year. I've been using both card successfully with Xine and accelerated 1080p video. I think the news here is that the nouveau project is catching up, but that's hardly clear from the article.
You'll be able to take your mind off it with the time you invest in learning Spanish with all our kids. You didn't need your laws in English, right?
If you run the math on the 100/100 Mbit (Japanese) connections in question, these caps are equal to only 3% of a user's upload 24/7. In Comcast's area, that would be 324 MB a day for 6/1 service, or 9.7 GB a month.
These caps are much, much worse for the service offered than Comcast's rumored 250 GB cap or the actual 400+ GB cap they currently use to remove excessive users from their network today.
These caps are equal to 3% of a user's upload 24/7. In Comcast's area, that would be 324 MB a day for 6/1 service, or 9.7 GB a month.
These caps are much, much worse for the service offered than Comcast's rumored 250 GB cap or the actual 400+ GB cap they currently use to remove excessive users from their network today.
Any when they return to kill American soldiers, how many can die before it becomes not okay to grant constitutional rights to non-citizens? 5, 50, 100? How many US soldiers being killed is okay by you, cutecub?
No. ISPs in the US stopped referring to unlimited bandwidth or usage 5+ years ago, and it was certainly never written into any contract. Occasionally you might see a reference to unlimited access, but that's just that, access.
I wasn't aware that Facebook operated in Canada.