ALL web pages I have to sign in to (or sometimes just visit) say this and I have to manually add the certificate by: 1. Clicking on the blue wording at the bottom 2. clicking on the add exception button 3. click get certificate 4. confirm the certificate
Once I do this, it does not pop back up for that specific page, but it is quite annoying! I am using the firefox 3.1, but it did this with 3.0 and before. I am using wireless internet (over an unsecured wireless network - basically bumming). I am also using Windows XP and I formatted my hard drive last night because I got a bug. So it's like I'm using a brand new computer. It did this for facebook, myspace, hotmail, my college's network, and more.
What's so perfect about the attack listed? It clearly shows up that the certificate is not trusted. With the new and improved, (and for me, irritating) screens of Firefox, where you are clearly warned, this should not be such a big problem.
What I don't get is that they do not try and locate the idiot trying to do this. Because that is one of the problems with these kind of man in the middle attacks - a single person that does actively goes after you can do some damage. This makes such attacks harder to perform, even if they are technically feasible.
Maybe they should make it even clearer that you should not use self signed certificates for banks and such, but this is far away from the IE bug that let leaf certificates (with some missing key usages) sign other certificates with any URL.
I've created one of those attacks on a corporate LAN (just for show, using a proxy) ages ago. Guess that made me a script kiddie:)
Replying on myself here, but any algorithm that starts with encoding the hash size is bad as well, IMHO, and there are some examples of that in the SHA-3 zoo. If you have e.g. XML base 64 encoding you may not know the full length before decoding, so you cannot hash at the same time.
MD6 is definitely a serious contender. Its very conservative and well researched. It's main contender is probably Skein at the moment, although there are a few others to consider. MD6 is however not as fast as some contenders, not as flexible as some and its internal state is, as I believe, larger, which makes it more of a pain on embedded and smart card processors. In all this, Skein beats MD6. It's parallel design is using a typical hash tree, which can be used for many other hash methods as well, although MD6 uses it in its main operation.
Yes, that's the way to go. Somehow, at my university, we had people saying: "yes, but this simpler scheme is more efficient at N smaller than X". WTF? Who cares for the performance for N X? It will be fast enough, won't it? OK, if X is 10.000.000, I'll take another look, but that's just in those extreme rare cases.
Things like saying for small sizes direct compares can be faster than a hash table. Well? So?
If you do this with my monitors, the viewing angles and colors are all screwed up (with some others, they aren't). How many IT departments do you know that will recognize this? And how many will react on this after you've just gotten dual monitors while the other staff hasn't?
Besides, I keep the project outline or project explorer on the left hand sides most of the time.
Until you can fold a screen, you will probably never use a larger than 15 inch screen. Maybe if you have a tablet design you may opt for 17 inch (I think these separate tablets are nice, but having a good touch screen in the future is probably easier to use).
You'll probably better off asking the client or whoever you travel to to put a nice big screen ready. The current laptops can drive quite high res external screens.
This new laptop from Lenovo is what I call a "luggable". It's not a laptop at all since you don't want ever to place it there. It's just a computer you can put in your car to work at multiple places. The maximum distance to lug this thing around should be around 20m. I don't even see this one being used on the couch.
Good thing is, you can put it next to you in the car, since thieves will probably not be able to steal it due to the size and weight:)
I just bought an SL300 and it's great, if not for the screen and the touch-pad (which is a bit of a drag, because they are very important parts of a laptop I suppose). It also has some problems with the WiFi software and Vista (maybe I'll install the XP software that came with it, or Linux).
The keyboard however is fine by me. The only complaint I have about it is that it is slightly too loud, and the Fn key is completely to the left, where I expect to find the key. Otherwise it is a brilliant thing, with easy to reach enter, backspace and cursor keys and two large shift keys. It seems that this 700 thing has got the same keyboard, and a numpad as well, which my 13.3" wide screen laptop obviously misses.
I haven't got too much experience with stinkeypads, but it surely feels and stinks like one:). This message was typed on the wonderful keyboard.
A Thinkpad is a Thinkpad, so they are designed to look like Thinkpads. I've just bought one that has the same timeless design. Never mind, the laptop (an SL300) is great, save the 13.3 inch screen, which is rather worthless. I hope for Lenovo's sake the screens of this new thing fare better.
Rather late reply, but I do think that an SSD as a main drive is a good option. You may use the HDD as a backup drive, and maybe as a drive for your home folder if you are paranoid about it. If you use it for your home drive though, you may not get the redundancy of the backup I just described.
"second, if the Netherlands wants a skating surface (I'll assume you meant rink) outside, it wouldn't take any electricity, unless they used electricity to clean the snow and smooth the surface. The Netherlands is quite far north you know. More north than all of the Great Lakes. (assuming a seasonal rink, which is only logical)"
Jezus, telling me what weather we are having, you cannot get much more stupid than that. Yes, we are well North, but winds are normally from the south west. And we are living in a soft sea climate.
The last time we had a good winter was years and years ago. Most skating groups have already stopped. Yes, we're rather far north, so this says a lot. We've had some wet snow this year, but Christmas is likely to have a 10 degree Celsius rating during the day.
But if you think that getting water hot in Dubai is a problem, well, I'm already arguing with a total and complete twat, aren't I? Think desalination plant. Check your brain and your sources before arguing.
Whoops, that's what you get when you use this new interface. That was the wrong thread entirely, don't know what happened. Anyway, it has already been said in the "I was surprised" thread.
I'm sorry, but if this is true, this is definitely something to get aroused over. How can we expect any leading entity to take global warming and the (upcoming, in 30 years time) oil crises a priority unless we make it one. These idiots are ruining the world on their friggin' Alice in Wonderland trip. And it is not over there. In the Netherlands, there was this idea to put down a skating round *outside*. I don't know how much electricity would go into that but it must be horrible.
How can you expect a third world country to take the energy crisis seriously if we nutcases keep spending more and more energy on more and more idiotic ventures? All just to please the ultra-rich? In 30 years, when life as we know it goes down the drain, can we please put these idiots against the wall and shoot them? It won't solve anything, but it would at least put things right again, morally speaking.
Loosing my mod points here, but was the nuke-proof building still nuke-proof after retrofitting it to be a data center? Lots of cables and stuff going out of the bunker won't do it much good I suppose.
No, I don't think that that is the right way. You should either use no bounds at all (many scripting languages) or use a language where the bounds are clear. Java exactly does this by specifying the number of bits in an int/long. Otherwise you get code that cannot be maintained. Saying that developers should do something doesn't work. This can be because of deadlines, laziness or stupidity; it doesn't matter. You'll end up with something that doesn't compile or run on another platform. Let the JVM or other virtual machines care about the optimization and stick with byte/short/int/long depending on your actual *needs*.
"C++ suffers from a rather poor reputation because most people don't really know it"
As I've seen about 15 serious bugs in an array class generated by a very experienced C++ developer, I would say that it has a rather poor reputation because only Bjarne and possibly a few others really know it.
Of course, with generics followed up by closures in Java, it might be the case that we need another language that *really* cleans up the C/C++ mess, without introducing too much complexity itself (the downfall of almost all the scripting languages that came after Java).
Depends. If you are struck awesome by a video of a slow nerv gas working, I would presume you have some problems to cope with. If you like the high tech stuff and explosions; well, people are naturally drawn to that. And of course also to the thin line between living and death as occurs on the battlefield.
Of course, watching some horribly wounded people on battlefields should quickly quench anybody's blood thirst. Maybe that's why we see so little of that on TV, save on terrorist attacks (where most pictures are pretty grotesk). Body counts and unseen people in coffins are much less difficult to look at and probably are responsible for a short adrenaline rush. Films like Saw (to recall another poster) actually show that even wounded people can do this, probably to a smaller percentage of people.
As well thinking humans though, if we look at war critically, we should notice that war should only be the very last option (as it wasn't during Iraq, or even Afghanistan, IMHO). Too many people still live on emotions and then try to fit in reality instead of trying to do it the other way around. You seem to have mastered this, so congratulations to you and don't feel too bad about your slight obsession.
Yeah, I'll start teaching application developers right away. If history has learned us anything, it is that you cannot learn things to people that way.
The reason that you want a well performing file system is that this is the layer where you can most easily address this issue. These people care about the performance. You'll just have to figure in some dopey application programmers while you are at it.
Of course, you may sway one or two developers with your comments here, so keep at it. As long as you don't expect the same from file system developers.
Slashdot Mirror
From the link (firefox bug report):
ALL web pages I have to sign in to (or sometimes just visit) say this and I
have to manually add the certificate by:
1. Clicking on the blue wording at the bottom
2. clicking on the add exception button
3. click get certificate
4. confirm the certificate
Once I do this, it does not pop back up for that specific page, but it is quite
annoying! I am using the firefox 3.1, but it did this with 3.0 and before. I am
using wireless internet (over an unsecured wireless network - basically
bumming). I am also using Windows XP and I formatted my hard drive last night
because I got a bug. So it's like I'm using a brand new computer.
It did this for facebook, myspace, hotmail, my college's network, and more.
Am I missing something here?
This is a very old, already solved IE bug, sorry if that's confused anyone.
What's so perfect about the attack listed? It clearly shows up that the certificate is not trusted. With the new and improved, (and for me, irritating) screens of Firefox, where you are clearly warned, this should not be such a big problem.
What I don't get is that they do not try and locate the idiot trying to do this. Because that is one of the problems with these kind of man in the middle attacks - a single person that does actively goes after you can do some damage. This makes such attacks harder to perform, even if they are technically feasible.
Maybe they should make it even clearer that you should not use self signed certificates for banks and such, but this is far away from the IE bug that let leaf certificates (with some missing key usages) sign other certificates with any URL.
I've created one of those attacks on a corporate LAN (just for show, using a proxy) ages ago. Guess that made me a script kiddie :)
Page 4 line 10 says differently.
Replying on myself here, but any algorithm that starts with encoding the hash size is bad as well, IMHO, and there are some examples of that in the SHA-3 zoo. If you have e.g. XML base 64 encoding you may not know the full length before decoding, so you cannot hash at the same time.
It is very doubtful that this is more secure, and it certainly more of a hassle. I would not want to hash a stream with a method like that.
MD6 is definitely a serious contender. Its very conservative and well researched. It's main contender is probably Skein at the moment, although there are a few others to consider. MD6 is however not as fast as some contenders, not as flexible as some and its internal state is, as I believe, larger, which makes it more of a pain on embedded and smart card processors. In all this, Skein beats MD6. It's parallel design is using a typical hash tree, which can be used for many other hash methods as well, although MD6 uses it in its main operation.
Yes, that's the way to go. Somehow, at my university, we had people saying: "yes, but this simpler scheme is more efficient at N smaller than X". WTF? Who cares for the performance for N X? It will be fast enough, won't it? OK, if X is 10.000.000, I'll take another look, but that's just in those extreme rare cases.
Things like saying for small sizes direct compares can be faster than a hash table. Well? So?
Sorry, had to spit out some anger here.
If you do this with my monitors, the viewing angles and colors are all screwed up (with some others, they aren't). How many IT departments do you know that will recognize this? And how many will react on this after you've just gotten dual monitors while the other staff hasn't?
Besides, I keep the project outline or project explorer on the left hand sides most of the time.
Mind you, the SL300 has a "piano" finish. I could have done without *that*. Especially the combination with a fingerprint reader is rather stupid :)
Until you can fold a screen, you will probably never use a larger than 15 inch screen. Maybe if you have a tablet design you may opt for 17 inch (I think these separate tablets are nice, but having a good touch screen in the future is probably easier to use).
You'll probably better off asking the client or whoever you travel to to put a nice big screen ready. The current laptops can drive quite high res external screens.
This new laptop from Lenovo is what I call a "luggable". It's not a laptop at all since you don't want ever to place it there. It's just a computer you can put in your car to work at multiple places. The maximum distance to lug this thing around should be around 20m. I don't even see this one being used on the couch.
Good thing is, you can put it next to you in the car, since thieves will probably not be able to steal it due to the size and weight :)
I just bought an SL300 and it's great, if not for the screen and the touch-pad (which is a bit of a drag, because they are very important parts of a laptop I suppose). It also has some problems with the WiFi software and Vista (maybe I'll install the XP software that came with it, or Linux).
The keyboard however is fine by me. The only complaint I have about it is that it is slightly too loud, and the Fn key is completely to the left, where I expect to find the key. Otherwise it is a brilliant thing, with easy to reach enter, backspace and cursor keys and two large shift keys. It seems that this 700 thing has got the same keyboard, and a numpad as well, which my 13.3" wide screen laptop obviously misses.
I haven't got too much experience with stinkeypads, but it surely feels and stinks like one :). This message was typed on the wonderful keyboard.
A Thinkpad is a Thinkpad, so they are designed to look like Thinkpads. I've just bought one that has the same timeless design. Never mind, the laptop (an SL300) is great, save the 13.3 inch screen, which is rather worthless. I hope for Lenovo's sake the screens of this new thing fare better.
Rather late reply, but I do think that an SSD as a main drive is a good option. You may use the HDD as a backup drive, and maybe as a drive for your home folder if you are paranoid about it. If you use it for your home drive though, you may not get the redundancy of the backup I just described.
"second, if the Netherlands wants a skating surface (I'll assume you meant rink) outside, it wouldn't take any electricity, unless they used electricity to clean the snow and smooth the surface. The Netherlands is quite far north you know. More north than all of the Great Lakes. (assuming a seasonal rink, which is only logical)"
Jezus, telling me what weather we are having, you cannot get much more stupid than that. Yes, we are well North, but winds are normally from the south west. And we are living in a soft sea climate.
The last time we had a good winter was years and years ago. Most skating groups have already stopped. Yes, we're rather far north, so this says a lot. We've had some wet snow this year, but Christmas is likely to have a 10 degree Celsius rating during the day.
But if you think that getting water hot in Dubai is a problem, well, I'm already arguing with a total and complete twat, aren't I? Think desalination plant. Check your brain and your sources before arguing.
Whoops, that's what you get when you use this new interface. That was the wrong thread entirely, don't know what happened. Anyway, it has already been said in the "I was surprised" thread.
I'm sorry, but if this is true, this is definitely something to get aroused over. How can we expect any leading entity to take global warming and the (upcoming, in 30 years time) oil crises a priority unless we make it one. These idiots are ruining the world on their friggin' Alice in Wonderland trip. And it is not over there. In the Netherlands, there was this idea to put down a skating round *outside*. I don't know how much electricity would go into that but it must be horrible.
How can you expect a third world country to take the energy crisis seriously if we nutcases keep spending more and more energy on more and more idiotic ventures? All just to please the ultra-rich? In 30 years, when life as we know it goes down the drain, can we please put these idiots against the wall and shoot them? It won't solve anything, but it would at least put things right again, morally speaking.
And Solaris. But I would guess that Solaris is pretty much like Linux in many expects (or Linux like Solaris, if you will).
The volume slide of the audio player on the BBC site goes to 11! Powerpuff girls rule!
It's a certified partner of Mickeysoft alright. I don't get their list at all, actually, this is truly FUD.
Loosing my mod points here, but was the nuke-proof building still nuke-proof after retrofitting it to be a data center? Lots of cables and stuff going out of the bunker won't do it much good I suppose.
No, I don't think that that is the right way. You should either use no bounds at all (many scripting languages) or use a language where the bounds are clear. Java exactly does this by specifying the number of bits in an int/long. Otherwise you get code that cannot be maintained. Saying that developers should do something doesn't work. This can be because of deadlines, laziness or stupidity; it doesn't matter. You'll end up with something that doesn't compile or run on another platform. Let the JVM or other virtual machines care about the optimization and stick with byte/short/int/long depending on your actual *needs*.
"C++ suffers from a rather poor reputation because most people don't really know it"
As I've seen about 15 serious bugs in an array class generated by a very experienced C++ developer, I would say that it has a rather poor reputation because only Bjarne and possibly a few others really know it.
Of course, with generics followed up by closures in Java, it might be the case that we need another language that *really* cleans up the C/C++ mess, without introducing too much complexity itself (the downfall of almost all the scripting languages that came after Java).
Depends. If you are struck awesome by a video of a slow nerv gas working, I would presume you have some problems to cope with. If you like the high tech stuff and explosions; well, people are naturally drawn to that. And of course also to the thin line between living and death as occurs on the battlefield.
Of course, watching some horribly wounded people on battlefields should quickly quench anybody's blood thirst. Maybe that's why we see so little of that on TV, save on terrorist attacks (where most pictures are pretty grotesk). Body counts and unseen people in coffins are much less difficult to look at and probably are responsible for a short adrenaline rush. Films like Saw (to recall another poster) actually show that even wounded people can do this, probably to a smaller percentage of people.
As well thinking humans though, if we look at war critically, we should notice that war should only be the very last option (as it wasn't during Iraq, or even Afghanistan, IMHO). Too many people still live on emotions and then try to fit in reality instead of trying to do it the other way around. You seem to have mastered this, so congratulations to you and don't feel too bad about your slight obsession.
Yeah, I'll start teaching application developers right away. If history has learned us anything, it is that you cannot learn things to people that way.
The reason that you want a well performing file system is that this is the layer where you can most easily address this issue. These people care about the performance. You'll just have to figure in some dopey application programmers while you are at it.
Of course, you may sway one or two developers with your comments here, so keep at it. As long as you don't expect the same from file system developers.