Slashdot Mirror


User: SanityInAnarchy

SanityInAnarchy's activity in the archive.

Stories
0
Comments
12,413
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,413

  1. Re:I see some issues here... on Researchers Test BitTorrent Live Streaming · · Score: 1

    You could always have the torrent client compensate for that, too -- the indexes aren't that big. Just have the client fetch the end of the file first.

  2. Re:Sorry on Listen Online To Last HOPE Conference · · Score: 1

    Apparently stands for "Hackers On Planet Earth."

  3. Re:https://gmail.com on What Would It Take To Have Open CA Authorities? · · Score: 1

    It could well be that they can't do anything about it. SSL doesn't allow for name-based virtual hosts, in most browsers, so if gmail.com points to the same physical server as mail.google.com, they have to pick one or the other.

    Simple fix, though: Just use https://mail.google.com/. Or bookmark your inbox, after logging in that way.

  4. Re:No on What Would It Take To Have Open CA Authorities? · · Score: 1

    What SSL is not telling them, and can never tell them, is that the owner of usbamk.com put up a page to look like usbank.com in order to scam the user out of their money.

    Actually, it can. Extended Validation -- much more expensive, but possible -- turns the address bar green in Firefox. What this means is that the CA has actually gone to considerably more lengths to make sure that you are actually who you claim to be.

    So, if usbank.com has an EV certificate -- and if the users are trained to look for a green bar -- then usbamk.com would only have a yellow bar, and the user would notice their typo.

  5. Re:No on What Would It Take To Have Open CA Authorities? · · Score: 1

    I don't really care about trust, since I'm 99% percent certain that I'm really connecting to my box. I do want encryption, though, so as to avoid random snoopers from seeing my username/password combo, or reading my mail.

    Do you understand what a man-in-the-middle attack is? Especially on public wifi, those "random snoopers" would just as easily be able to give you a fake cert, and catch your username/password.

    Or is it worse? Are you using a public terminal? Do you know what a keylogger is? 'Nough said.

    I realize you can make the argument that an encrypted tunnel to an unverified host isn't really security (and I agree), but I don't need 100% security.

    In this case, it's a bit like being a "little bit pregnant." Either your tunnel is secure, or it's not.

    I'd like it

    Write down the fingerprint on the cert, if you must use a public terminal -- that way, it's at least unlikely that there's a MITM outside of the box you're on.

    Better, always use your own hardware -- a laptop, even an iPhone -- and pre-load your cert on that.

    given the cost for certificates

    Can you really not afford $15/year?

  6. Re:I've expirienced this myself. on What Would It Take To Have Open CA Authorities? · · Score: 1

    However, how can one explain that there is no security risk involved in creating an exception when the browser so fiercly states that it is a huge security risk?

    By knowingly lying, or being sadly misinformed.

    Now, it's true, there's considerably less security risk to use a self-signed certificate than to use none. And it's very likely not the end of the world. But the risk is not zero.

    More importantly, your users would have to be savvy enough to understand that your own forum uses a self-signed certificate, whereas www.paypal.com doesn't -- and that they should only have to accept it once per computer. It would be a pretty fucking huge security risk if they started simply ignoring that dialog, so that the next time they're on public wireless, they get their PayPal account stolen.

    A properly signed certificate costs $15 or so a year, and it's for the entire domain.

  7. Where you could have a Man-in-the-Middle attack... on What Would It Take To Have Open CA Authorities? · · Score: 1

    Your ISP could do it.

    Or their ISP.

    Or any one of the dozen hops between you and www.somebank.com.

    Or anyone who happens to be in a non-switched-network (on a hub) between you and www.somebank.com -- in some cases, this means anyone else on your ISP.

    Or anyone on the same wireless access point as you. (A guest over at your house, or someone in the same coffee shop.)

    To anyone who thinks SSL isn't required, or that man-in-the-middle attacks on certificates aren't feasible, look at the above list and ask yourself if you trust all of these people.

    Not only if you trust them not to pwn you, but if you trust them to keep their own machines secure enough so that no one pwns them first. (Maybe it'll be your friend's spyware-laden Vista laptop on your otherwise-secure wifi?)

    What a properly-signed certificate means is that you have a much shorter list of people you're required to trust with your bank information -- that is, yourself, your own software, and VeriSign. Sucks that it's so centralized, but it is much better than being owned the next time you're on public wireless.

    By the way, for those who don't know: GMail sessions can be hijacked if you don't use SSL. But to use SSL, it's trivial -- all you need to do is use https://mail.google.com/ to login.

  8. Re:Not the first one... on What Would It Take To Have Open CA Authorities? · · Score: 1

    For me, the decision not to use FireFox 3 came when FireFox 3 was released, and the Ubuntu package manager didn't let me update to the release version.

    The guy whose job it is to build the Ubuntu packages was away -- on vacation, at a conference, something like that.

    Why does FireFox even come with Ubuntu if it's not open source?

    WTF? In what way is Firefox not open source?

    The Firefox logo and the Firefox trademark -- these are what's not open source. If it bothers you so much, you can always use IceWeasel -- which is pretty much the Firefox source, plus a few Debian-specific patches, and rebranded so Mozilla doesn't sue them.

  9. Re:Emacs on Fast-Booting OS for Usually-Off Appliance PCs? · · Score: 1

    Which boots so much slower than Grub -- or even more modern OSes, like Vista.

  10. Re:Then we'd need to train a bunch of people... on You, Too, Could Be Batman In 10 To 12 Years · · Score: 1

    Maybe he BatComes BatBack... And he can't be BatKilled... Holy Bat-Language, Batman!

  11. Re:Then we'd need to train a bunch of people... on You, Too, Could Be Batman In 10 To 12 Years · · Score: 2, Funny

    Close...

    That would be an insane morale buster for the bad guys. Say you knife the Batman -- actually see your knife tear into his BatGuts -- but he shoots his BatRope and BatDisappears for ten minutes. When he comes back he's BatReplaced and as BatStrong as ever, but you don't know that. All you know is that the Batman can't be killed....

  12. Re:What will they be used for? on Fast-Booting OS for Usually-Off Appliance PCs? · · Score: 3, Funny

    In that case, can't get much faster than Grub. People will tell you it's a bootloader, but it has cat, so it must be an OS!

  13. Re:Apple particularly doesn't like things like thi on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 1

    While I'm at it, I noticed you didn't list the dimensions... I've seen a Qosimo laptop, though not this generation. The one I saw was huge. Not a laptop so much as a slightly more portable desktop.

    This is part of what I meant by "execution"... I had a Powerbook. The weight and the form factor was such that I could comfortably carry it around, to and from work. The curved corners helped it slide into and out of my bag, without catching.

    It's that kind of subtle attention to detail that makes Apple more than just a brand and a marketing team. ...And, in the places they don't care about, it's that lack of attention (at all!) that makes OS X such a pain, if you start doing things they didn't expect. I found some bugs in their keyboard mapping that, to my knowledge, are still not fixed. (I don't use OS X anymore, so I don't know...)

  14. Re:Apple particularly doesn't like things like thi on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 1

    Also, Toshiba makes good laptops

    You had me until here, then I couldn't stop laughing.

    You see, I have a Toshiba laptop. Hardware specs are nice, and it is a beast, but it has a rather long list of things that are wrong with it -- not least of which is the complete lack of XP drivers.

    Apple's success is not tech or the quality of its products, it is a success built up on branding and marketing.

    You're thinking of MySpace.

    I'll grant that Apple has always relied heavily on branding and marketing, but they have the tech and the execution to follow through.

  15. Not quite "grid"... on Multiple Experts Try Defining "Cloud Computing" · · Score: 2, Interesting

    I don't remember "grid computing" being quite the on-demand system that, say, Amazon EC2 is. What makes it cool is the ability to scale it up and down on demand, rather than in months or years.

    Or maybe it's some combination of grid computing with virtualization.

    And yes, it's pretty much a buzzword. Just like Web 2.0 or AJAX or all the rest. It's a useful abstraction, but not a world-changing "paradigm shift".

  16. Re:And this is exactly why.. on Schneier, UW Team Show Flaw In TrueCrypt Deniability · · Score: 1

    It would be tricky, but should be possible to mount a hidden volume as root -- or, failing that, a loopback file in that hidden volume.

    It wouldn't encrypt the entire disk, and it might be tricky to maintain a dummy root or two, but it could be done.

  17. Re:Invite-Only on Spammers Choose GMail · · Score: 1

    Even the presentation logic is "compiled" -- Java translated into JavaScript.

  18. Re:Fun fact... on NASA Contractor Needs Urine · · Score: 1

    Hmm. Maybe it was Voyager?

  19. Fun fact... on NASA Contractor Needs Urine · · Score: 1

    Actually, there were no bathrooms shown in Star Trek, unless you count a Sonic Shower in Enterprise -- and most Trekkies would like to forget Enterprise ever existed.

  20. Re:Grammar Nazi on Inside Steve's Brain · · Score: 1

    Well, to be honest, you'd probably have $10, but who's counting?

  21. Re:Are we this jaded? on McCain Campaign Uses Spider/Diff Against Obama · · Score: 1

    Obama's a politician, not the messiah that everyone's pretending he is.

    I didn't ask for a messiah, just a decent human being.

    Of course, the type of person I think would be good at the job is the kind of person who wouldn't run anyway.

    Well, hey, I'm considering writing in John Stewart. But it is worth mentioning that Washington didn't want the job.

  22. Re:Apple particularly doesn't like things like thi on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 5, Insightful

    Has the price changed that much? Last I looked, Apple was actually competitive (within $100, sometimes cheaper) with commodity hardware. The only difference is, you can't get a Mac without the bells and whistles.

    In other words, you get exactly what you pay for, which includes $1k of hardware you don't actually need.

  23. Re:Seriously? on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 1

    I'm more surprised it took this long.

  24. Re:Oh Yeah! on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 2, Insightful

    It's also portable. This joke now works without context, for people who know what a Pystar is.

  25. Are we this jaded? on McCain Campaign Uses Spider/Diff Against Obama · · Score: 1

    I'm amazed -- how many posts, how many blogs on this issue so far, yet no one ever seems to point out the worst part, in black and white:

    Obama said, clearly and unambiguously, that he would filibuster any legislation which provides retroactive immunity to telecoms. He not only didn't filibuster, he voted for it -- and I have yet to hear anything from him or his campaign to justify this.

    Please correct me if I'm wrong about any of this.

    I like someone who can change their mind. That's a good thing. But this is blatant dishonesty -- he said one thing, and then did another.

    Are we so jaded to corrupt politicians that no one cares? Or that it's assumed that this is just how it works, and that we must choose the lesser of two evils?

    Obama asked us to hope... I suppose that's the most disappointing part. I allowed myself a bit of naive hope, and he's already let me down. Not as a leader, but as a human being.