Friends get the URL, archive.org has a backup of mp3s... It's sad to have them duplicate the disk space, but that's why I have movies/etc robotsed off. The music I listen to is rare old Black Metal, quite hard to find. But no, I won't post the URL on slashdot.
The bands are mostly already gone -- so it's a pure win for the society.
Be a man(/woman), symlink your ~/mp3 from Apache today!
Eh, retaining access to a copy of the document after the original author revoked permission is certainly not a security issue -- at least, not unless you believe in DRM.
Being able to read future versions, like a reverse of the first bug of the article, would be bad, but the article doesn't suggest this is the case.
The last time I checked, pthreads weren't exactly non-standard. Every reasonable system has it built-in for over a decade, and there's only one system where you need to get that as an add-on. Guess which...
Sure, if you run a spam server, please mail me at aaron@angband.pl (or, if you sort it the other way, zeke@angband.pl). Don't use these addresses otherwise. Thanks.
Except, it was Sun's guys who designed CDDL, and on the DebConf, said they specifically wanted it to be incompatible with GPL. So it's not GPL's fault, it's a conscious decision of Sun's executives.
Getting rid of CDDL would be AWESOME!. Just think of ZFS and other goodies compatible with GPL -- Sun's folks created a GPL-incompatible license specifically to have some pieces that Linux doesn't have.
Of course, that will make Solaris die so much faster, but somehow I'm not going to shed a tear.
I always kept saying that every developer should be forced to use a slow machine, at least where compilation and automated tests are not involved. If you sit your butt at a fast box, you simply never notice anything is unacceptable slow.
I've personally caught myself ignoring complaints that a piece of my code is slow and noticing it only after seeing it crawl on a slow machine myself.
How do you even dare to call them "pro-lifers"? They are murderers guilty of effectively killing anyone who could be saved by methods derived from this kind of research. Stopping fertility clinics isn't "pro-life" either, it's about nothing but banning person A from doing things disliked by person B's religion.
A console list of RECENT stuff only. A list of "best" console games without SMB3 at one of the top positions and "influential" ones without SMB1 is so biased it's uselessness.
SSL also protects against other threats, such as route poisoning and eavesdropping, neither of which are DNS-related threats.
No one is talking about replacing SSL. It's about replacing the way you receive the server's public key.
Currently, the key is provided by the very server you're connecting to, with the only assurance the key is kosher being a signature of a CA on the key. The CAs will happily sign any key if they are paid. In theory, they are supposed to verify the name attached to the key, but that theory has nothing to do with practice.
If you think that the commercial CAs are running a racket, you don't need to take part.
Ok, then try using a self-signed certificate. That would be strictly better than plain http... Too bad, suddenly everyone starts getting big scary warnings from web browsers / mail clients / etc.
FWIW, I use SSL with a custom CA just fine across some of the servers I look after; we can just distribute the CA certificate manually just fine
After doing this with the company's mail server, I would say this is really an option only for machines you use yourself. Even older programmers needed some handholding for installing the cert. I don't even imagine doing this for accountants or other non-technical folks.
You only need the CAs when you are communicating with people who don't already know you
Or, say, your mail or SVN server. You do need to distribute the certs somehow.
What I want to know about DNSSEC (and haven't yet found by googling) is whether it is possible to constrain the amount that the root declarations actually have to be trusted. Can they only be limited to stating who the authorities for particular TLDs are?
That's how DNSSEC works. The root cert is used only to validate the keys for.com,.gov,.pl,.uk... Then, the key for.org will sign slashdot.org, without the root cert having anything to say.
To the contrary, DNSSEC could possibly kill the goldmine that is the SSL cert racket. That is, unless having your DNS entry signed somehow becomes a "value added" service you need to pay for extra.
I'm a layman here, but glancing at how DNSSEC works, I see no obvious way selectively signing some but not the rest of entries could work. This means, DNSSEC would provide a more secure way to give the public key to a viewer.
Instead of proving that the server's owner paid a sum to the CA, it would prove that the server's owner has control over the DNS entry.
If the above is correct, that's a good explanation why we don't have DNSSEC yet -- it would have a potential to kill the CA's income. But if there is a way to selectively skip signing certain DNS entries, all your fears would be true.
Except, the implementation of UAC is so bad it would be better if it never saw the light of day.
Want to copy a file? Three prompts. The destination is in use? Two prompts then an error message about "insufficient permissions" -- even though it's the file's owner doing the copy. On XP, the latter would give you a proper message. For such a basic operation, this is simply unexcusable.
Comparing that with the 1970s design I have outside the virtual machine, I wonder whether that's pride, incompetence or spite.
Slashdot Mirror
and that suits in general cause brain atrophy
Why not? I just don't do the "advertise" part.
Friends get the URL, archive.org has a backup of mp3s... It's sad to have them duplicate the disk space, but that's why I have movies/etc robotsed off. The music I listen to is rare old Black Metal, quite hard to find. But no, I won't post the URL on slashdot.
The bands are mostly already gone -- so it's a pure win for the society.
Be a man(/woman), symlink your ~/mp3 from Apache today!
These are right in the Unicode database.
apt-get install unicode-data /usr/share/unicode/Unihan.txt.bz2 /usr/share/unicode/Unihan.txt.bz2
zgrep 'kDefinition.*blonde'
zgrep 'kDefinition.*slut'
The fun thing is, it's easier to search by meaning than by pronouciation or by how the character looks...
Eh, retaining access to a copy of the document after the original author revoked permission is certainly not a security issue -- at least, not unless you believe in DRM.
Being able to read future versions, like a reverse of the first bug of the article, would be bad, but the article doesn't suggest this is the case.
Unlike the guy in TFA (who blocks the sender for 24 hours), I only assign some points in SpamAssassin.
The last time I checked, pthreads weren't exactly non-standard. Every reasonable system has it built-in for over a decade, and there's only one system where you need to get that as an add-on. Guess which...
Sure, if you run a spam server, please mail me at aaron@angband.pl (or, if you sort it the other way, zeke@angband.pl). Don't use these addresses otherwise. Thanks.
Except, it was Sun's guys who designed CDDL, and on the DebConf, said they specifically wanted it to be incompatible with GPL. So it's not GPL's fault, it's a conscious decision of Sun's executives.
Getting rid of CDDL would be AWESOME!. Just think of ZFS and other goodies compatible with GPL -- Sun's folks created a GPL-incompatible license specifically to have some pieces that Linux doesn't have.
Of course, that will make Solaris die so much faster, but somehow I'm not going to shed a tear.
Eh, what?? A $11k fine for breaking a secret law? How are you supposed to stay clear of it if you can't read the list of things you can't do?
With mere 400 users, there's no need for a cluster. A single squid will handle all of them just fine.
Since when a program viewing the contents of a link, or even merely prefetching it, would be click fraud?
It's only the faulty assumption of advertisers that a http request is same as a human click.
I always kept saying that every developer should be forced to use a slow machine, at least where compilation and automated tests are not involved. If you sit your butt at a fast box, you simply never notice anything is unacceptable slow.
I've personally caught myself ignoring complaints that a piece of my code is slow and noticing it only after seeing it crawl on a slow machine myself.
How do you even dare to call them "pro-lifers"? They are murderers guilty of effectively killing anyone who could be saved by methods derived from this kind of research. Stopping fertility clinics isn't "pro-life" either, it's about nothing but banning person A from doing things disliked by person B's religion.
And if my anut had a moustache, she would be my uncle.
O rly?
It's kind of hard to say "continue, please" louder than by slapping such an enormous fine.
A console list of RECENT stuff only. A list of "best" console games without SMB3 at one of the top positions and "influential" ones without SMB1 is so biased it's uselessness.
SSL also protects against other threats, such as route poisoning and eavesdropping, neither of which are DNS-related threats.
No one is talking about replacing SSL. It's about replacing the way you receive the server's public key.
Currently, the key is provided by the very server you're connecting to, with the only assurance the key is kosher being a signature of a CA on the key. The CAs will happily sign any key if they are paid. In theory, they are supposed to verify the name attached to the key, but that theory has nothing to do with practice.
If you think that the commercial CAs are running a racket, you don't need to take part.
Ok, then try using a self-signed certificate. That would be strictly better than plain http... Too bad, suddenly everyone starts getting big scary warnings from web browsers / mail clients / etc.
FWIW, I use SSL with a custom CA just fine across some of the servers I look after; we can just distribute the CA certificate manually just fine
After doing this with the company's mail server, I would say this is really an option only for machines you use yourself. Even older programmers needed some handholding for installing the cert. I don't even imagine doing this for accountants or other non-technical folks.
You only need the CAs when you are communicating with people who don't already know you
Or, say, your mail or SVN server. You do need to distribute the certs somehow.
What I want to know about DNSSEC (and haven't yet found by googling) is whether it is possible to constrain the amount that the root declarations actually have to be trusted. Can they only be limited to stating who the authorities for particular TLDs are?
That's how DNSSEC works. The root cert is used only to validate the keys for .com, .gov, .pl, .uk ... Then, the key for .org will sign slashdot.org, without the root cert having anything to say.
To the contrary, DNSSEC could possibly kill the goldmine that is the SSL cert racket. That is, unless having your DNS entry signed somehow becomes a "value added" service you need to pay for extra.
I'm a layman here, but glancing at how DNSSEC works, I see no obvious way selectively signing some but not the rest of entries could work. This means, DNSSEC would provide a more secure way to give the public key to a viewer.
Instead of proving that the server's owner paid a sum to the CA, it would prove that the server's owner has control over the DNS entry.
If the above is correct, that's a good explanation why we don't have DNSSEC yet -- it would have a potential to kill the CA's income.
But if there is a way to selectively skip signing certain DNS entries, all your fears would be true.
Alas, you linked to some domain squatter. goatse.cz is no more.
It preloads all the bloatness of Java, every single time, even if you installed it just for a single page you visited half a year ago.
Except, the implementation of UAC is so bad it would be better if it never saw the light of day.
Want to copy a file? Three prompts. The destination is in use? Two prompts then an error message about "insufficient permissions" -- even though it's the file's owner doing the copy. On XP, the latter would give you a proper message. For such a basic operation, this is simply unexcusable.
Comparing that with the 1970s design I have outside the virtual machine, I wonder whether that's pride, incompetence or spite.
Retard: not always. Villain is the correct word.
It happened once already. Microsoft didn't wait for the patch Tuesday and released a patch under 24 hours.
a) it had the same price
That's because Windows Media Player is free.
In a grocery store close by, I can buy a box of juice, the label says 1 liter and there's another liter free!!!
Oh, wait... what's the catch?