That means that Google didn't defame this person. A lot of people doing previous searches did.
Not really. "A lot of people" where simply trying to find out whether or not this person was a fraud. A question is not the same thing as an affirmation. Subtle nuance.
It's as if many people inquired at the police whether a given person was a known scam artist, and police would start telling new inquirers "we don't know, but sure as hell, a lot of people before you had the same question about the same guy". Which I'm pretty much sure they can't do. They may warn people about the guy if they have independently assessed that this guy is doing something fishy, but they can't badmouth anybody just on the basis of many people wondering...
And since you didn't bother to check the links or use the software, 5 demerits.
Thanks, I've got better things to do than run random trojans on my PC. O, and for the links: please check out this link which seems to disagree with the feasibility of your "tool".
I'm using a plugin tha shows the AS of the network I'm connecting to
And how exactly would this plugin work?
Is this information even being communicated to leaf nodes? Or do you make it a habit to only surf the web from your BGP router's console? (... and even then, I'm sure a man in the middle could spoof it trivially...)
He has the possibility to passively sniff your traffic, but attempting to change your packets would draw serious attention (because he really has no way of suppressing the original packets from the air, so both the unmodified original and the spoofed packets would end up hitting the Wifi access points, leading to weird errors...)
look at openvpn team, they use self-signed certs together with ca.crt
Yes, but openvpn has the luxury of always working among the same peers, who know each other, and (presumably) have a way of pre-establishing trust in their certs by exchanging them over a known secure channel (CD, USB stick, ssh) during software installation.
A random https usually does not have this possibility. Maybe your bank could do it, but certainly not amazon or computeruniverse.net.
and y also can publish your site ca.crt on your web.
... and how do you make sure that a Man-in-the-middle didn't intercept it, and change it another ca.crt where he has the private key to?
you can show server and cliennt ip/domain on web page, so, you can100% avoid mitm attacks.
...parents left cookies on the table and were shocked to find that their children ate them when they weren't looking.
... and were quite relieved that the kids stopped once the jar was empty (rather than Nabisco coming to "helpfully" refill it, again and again, and billing the parents for this wonderful service...)
I don't necessarily believe in them working but the stress relief when MS Word (yes I have to use it at work) does its own thing and messes up formatting again of having a Steve Ballmer or Bill Gates doll and a long pin or two handy would be worth anyone's money.
Yes, please give me that Steve Ballmer doll. Don't worry about the pins though, I've already got a very nice one. And keep the lube too, his sweat already does the job quite adequately...
Re:And just as important.
on
Happy Pi Day
·
· Score: 4, Informative
This "holiday" [steak & BJ day?], which does not exist on any calendar...seems sexist and homophobic.
Why that? You haven't been very often to a gay bathhouse or to a park at night, have you?
We gays like a good BJ as much (if not more...) than any other man!
Now the ISPs can not read the content, but won't they be able to still see the type of traffic? For example https uses port 443 - you can not encrypt that part,
You can run your Apache on a non-standard port (other than 80 and 443), so that part can indeed be taken care of.
or the destination IP,
This is indeed not feasible, unless you use a proxy, or tor. However, the IP address alone doesn't imply anything about the kind of service, so it is unlikely that any ISPs would base their shaping decision on the IP alone (they'd need to manually maintain a map showing which IPs run which kind of services...)
as otherwise the intermediate servers have no idea what to do with the packets,
The intermediate servers only need to care about the IP, not the port. Routing is (usually) independent of port.
and the destination doesn't know it's theirs.
It does (for the port) , if it is configured appropriately.
The anus is a metaphor. A metaphor for the security (or lack thereof) of the website where it ended up on. Ya know, "big enough to drive a truck through"...
Thank you for sharing it with us.
You're welcome!
What made you first think about posting it on slashdot?
I thought geeks might be interested in seeing that SQL injection still works...
Double-clicking the title bar to change the window is a great shortcut for power users who know it's there because it's a nice big target [asktog.com] and sometimes it's easier to double-click a part of the screen close to where the mouse is, rather than going after a button.
You are right about the idea, of course, but the present example makes me smile... Indeed, double-clicking the titlebar maximizes the window... How many power users do you know who maximize their windows...?
Slashdot Mirror
It's obviously a ban on "sucks", not a ban on "Google is "
That means that Google didn't defame this person. A lot of people doing previous searches did.
Not really. "A lot of people" where simply trying to find out whether or not this person was a fraud. A question is not the same thing as an affirmation. Subtle nuance.
It's as if many people inquired at the police whether a given person was a known scam artist, and police would start telling new inquirers "we don't know, but sure as hell, a lot of people before you had the same question about the same guy". Which I'm pretty much sure they can't do. They may warn people about the guy if they have independently assessed that this guy is doing something fishy, but they can't badmouth anybody just on the basis of many people wondering...
Even in IPv6, inclusion of the MAC address is optional, and very easily spoofable.
And since you didn't bother to check the links or use the software, 5 demerits.
Thanks, I've got better things to do than run random trojans on my PC. O, and for the links: please check out this link which seems to disagree with the feasibility of your "tool".
The information is indeed communicated to leaf nodes.
Are you sure about this?
Maybe you think you can also see your peer's MAC address? (which you don't, unless you are on a same local network)
I'm using a plugin tha shows the AS of the network I'm connecting to
And how exactly would this plugin work?
Is this information even being communicated to leaf nodes? Or do you make it a habit to only surf the web from your BGP router's console? (... and even then, I'm sure a man in the middle could spoof it trivially...)
I for one do not wish to have bananas, pineapples, or any other fruit be classified as a schedule I controlled substance.
Hey, didn't you know, you can get high from smoking banana peals...
here is a plaintext link.
The UI let's me delete "Built-in tokens", but if I then leave and re-enter the list, there they are again!
Other than inertia, is there any reason to give these guys a second chance
You mean, a third chance?
Yes, they are too big to fail. Hey, it worked for the banks...
Maybe CaCert only needs to get 120.000 subscribers on board, and they shouldn't have to bother with that pesky audit either?
Does that mean that this thread is officially over now?
4) the guy at the table next to yours in a cybercafé
He has the possibility to passively sniff your traffic, but attempting to change your packets would draw serious attention (because he really has no way of suppressing the original packets from the air, so both the unmodified original and the spoofed packets would end up hitting the Wifi access points, leading to weird errors...)
look at openvpn team, they use self-signed certs together with ca.crt
Yes, but openvpn has the luxury of always working among the same peers, who know each other, and (presumably) have a way of pre-establishing trust in their certs by exchanging them over a known secure channel (CD, USB stick, ssh) during software installation.
A random https usually does not have this possibility. Maybe your bank could do it, but certainly not amazon or computeruniverse.net.
and y also can publish your site ca.crt on your web.
... and how do you make sure that a Man-in-the-middle didn't intercept it, and change it another ca.crt where he has the private key to?
you can show server and cliennt ip/domain on web page, so, you can100% avoid mitm attacks.
huh? say again?
I'd say it was more of an unauthorized bombing
Yeah, he should have removed the battery before dropping it... [O sorry, I forgot, it's an iPhone]
And there he was, peacefully sunbathing naked on his belly, and then this!
...parents left cookies on the table and were shocked to find that their children ate them when they weren't looking.
... and were quite relieved that the kids stopped once the jar was empty (rather than Nabisco coming to "helpfully" refill it, again and again, and billing the parents for this wonderful service...)
I don't necessarily believe in them working but the stress relief when MS Word (yes I have to use it at work) does its own thing and messes up formatting again of having a Steve Ballmer or Bill Gates doll and a long pin or two handy would be worth anyone's money.
Yes, please give me that Steve Ballmer doll. Don't worry about the pins though, I've already got a very nice one. And keep the lube too, his sweat already does the job quite adequately...
This "holiday" [steak & BJ day?], which does not exist on any calendar...seems sexist and homophobic.
Why that? You haven't been very often to a gay bathhouse or to a park at night, have you?
We gays like a good BJ as much (if not more...) than any other man!
Seriously people - don't you have windows in your homes?
As a matter of fact... no, I don't. Too much security hassle, and too expensive too!
Does it just mean someone you're fucking?
De"fuck"to / married...
Want a nice & hard banana? Just get stung by our patent pending banana spider!
Also safe with poppers, for those of you who prefer your banana brown...
That's what links are for...
Now the ISPs can not read the content, but won't they be able to still see the type of traffic? For example https uses port 443 - you can not encrypt that part,
You can run your Apache on a non-standard port (other than 80 and 443), so that part can indeed be taken care of.
or the destination IP,
This is indeed not feasible, unless you use a proxy, or tor. However, the IP address alone doesn't imply anything about the kind of service, so it is unlikely that any ISPs would base their shaping decision on the IP alone (they'd need to manually maintain a map showing which IPs run which kind of services ...)
as otherwise the intermediate servers have no idea what to do with the packets,
The intermediate servers only need to care about the IP, not the port. Routing is (usually) independent of port.
and the destination doesn't know it's theirs.
It does (for the port) , if it is configured appropriately.
That anus is impressively enlarged.
The anus is a metaphor. A metaphor for the security (or lack thereof) of the website where it ended up on. Ya know, "big enough to drive a truck through"...
Thank you for sharing it with us.
You're welcome!
What made you first think about posting it on slashdot?
I thought geeks might be interested in seeing that SQL injection still works...
Double-clicking the title bar to change the window is a great shortcut for power users who know it's there because it's a nice big target [asktog.com] and sometimes it's easier to double-click a part of the screen close to where the mouse is, rather than going after a button.
You are right about the idea, of course, but the present example makes me smile... Indeed, double-clicking the titlebar maximizes the window... How many power users do you know who maximize their windows...?