How exactly could that happen unless they put their face right over the thing? that's probably the same people who look in the barrel of a gun to see why it didn't shoot, or who look in the radiator just after removing the cap.
You're missing the point. It's not about privacy, it's about opening the door to actual MITM attacks. I just used the gmail password as an example.
The purpose of SSL is to secure the connection between a client and a server. When you start injecting gateways that decrypt/scan/reencrypt the traffic, you break the system. You no longer can rely on actual issuers and certificates; you're basically trusting blindly a single source.
It's like having your ISP hijack DNS queries to show you ads when a domain is not found, it's "great" as long as the ISP itself is not vulnerable to attacks. Otherwise they just become a top tier vector for malware and whatnot.
Also there's the question of priorities. Decrypting SSL traffic doesn't "protect" the network, it just gives snooping power to the security team. And I have yet to see an organization where all the basic aspects of security are handled so well that scanning SSL traffic is a worthy concern. That's like installing a biometric lock on the bathroom door in a gas station that has no alarm system or cctv; maybe efforts are not spent on the real issues.
I buy Comodo certs from a reseller for $6/year (no volume required). They are a bit clunky to setup at first because there's a few certs in the chain that are easy to miss if you're not careful, but they do work on all the browsers and devices I've tested.
And then there is BlueCoat, the certificate they issued them to let BlueCoat fake practically any certificate... but hey, it was for "security" right? So that BlueCoat could run anti-virus checks on encrypted data for companies, while somehow the company couldn't simply add BlueCoat to the trusted authorities list? And in no way was that cover for TLS interception by men in uniforms?
At work they use a Bluecoat proxy. They configured that magnificent product to decrypt outgoing SSL on-the-fly and reencrypt it on the inside with fake SSL certificates. That way the "security" team can spy on encrypted traffic (such as my gmail password).
In case you suspect your employer of doing the same thing, here's something I noticed. They apparently can't spoof issuers on the fly and there's too many of them to prepare in advance, so they use the same fake issuer for every single certificate. Corporate browsers are easy to tweak with stuff like GPO so they can't be relied on to inspect a certificate, but low-level tools like curl or wget can prove useful to show what's going on.
Corporations who do this kind of thing are weakenig SSL as a whole and they are creating a false sense of security. This is really bad.
Any alternatives out there that are free and provide server *and* client certificates which are valid for at least 12 months (letsencrypt fanboys, don't bother)...?
I can get you as many certificates as you want that work as long as you want. Do you need a specific issuer? What about "Certificates For Cheapskates Inc.".
I don't know how they do it because they don't spend tons on marketing to promote their "engineering" like Apple, but Thinkpads (and other business-class Lenovos) are very, very quiet.
You mean they don't pay you well to claim that?
Who? Apple or Lenovo? Please make your accusations and/or jokes more clear in the future.
If you want your message to be clear, don't pepper it with "alleged" qualifications for rape accusations. This here is an internet forum, not law school, and double quotes are an established way of communicating disapproval.
As to what you allege to be your point: can you explain why you insist that women specifically should not support a candidate that they believe guilty of sexual misconduct? What about men? See, that's the most insidious form of sexism there is; it reeks of double standards so deeply engrained that even in the context of a gender-sensitive topic you fail to recognize your own bias.
The real question should be: is it acceptable for people (of all genders) to support a candidate that they believe guilty of sexual misconduct? And my answer ro that is a resounding YES because that's what democracy and freedom is all about. Support whoever the fuck you want for whatever reason you want. Just like people who are badly misinformed are still entitled to vote, and just like pedophiles deserve to be defended by the ACLU when their freedom of speech is attacked, there's no reason to look down on people who support a flawed candidate.
Yes, I think Hilary Clinton is a heartless sociopath that should not be allowed to control the US nuclear stockpile, and I am disgusted by the hypocrisy of people who turn a blind eye on her obvious lack of morals because she happens to be the candidate that represents their political affiliation. But I don't think the gender of those individuals (like you) who are paving the way for that corrupt witch to become leader of the free world matters.
you safe space was invaded, and you were triggered, the world is sorry for your feelings being hurt
Don't do that. Don't shoehorn the "safe space / trigger" thing in discussions that don't warrant it, you're just diluting its meaning, like a Starbucks barista that replies "awesome!" when you ask for 2% milk in your americano.
There's ample ammunition you can use in a Clinton/Trump discussion, surely you can find something more pertinent if you're trying to be dismissive or patronizing.
Right now it's a bit like a bad tattoo, but there's a flip side; after a while his username will look ironic, like someone wearing an Experts Exchange t-shirt.
I don't know how they do it because they don't spend tons on marketing to promote their "engineering" like Apple, but Thinkpads (and other business-class Lenovos) are very, very quiet. A lot more than Macbooks.
I used to work in a quiet open-plan floor and the guy two seats over had a Mac and I could hear his fan more than mine.
Oh I didn't bring anything up... and you can fully explore the "alleged" Clinton role in suppressing the "alleged" victims of Bill Clinton all on your own.
And you know what, with your insistance on "alleged" you remind of those fuckers who let college athletes get away with rape because the team needs them for the champinship. This is repugnant. One day I hope you get to meet a rape victim that hasn't been taken seriously, maybe then you'll stop defending that witch.
Here's what Juanita Broaddrick, 73 years old, has to say:
I was 35 years old when Bill Clinton, Ark. Attorney General raped me and Hillary tried to silence me. I am now 73...it never goes away.
Anyone who supports Clinton is backing the enabler of a serial rapist. Of course you'll say she's been bribed by Trump, as well as Paula Jones, decades before his run for office. That's always the same bullshit with the Clintonazis.
Don't bring the "female supporter" angle into this unless you're ready to fully explore the role of Clinton in silencing and threatening the women who made rape accusations against her husband.
Here's what Wikipedia has to say about totalitarianism.
Totalitarian regimes stay in political power through an all-encompassing propaganda campaign that is disseminated through the state-controlled mass media, a single party that is often marked by political repression, personality cultism, control over the economy, regulation and restriction of speech, mass surveillance, and widespread use of terror.
When Twitter, Facebook or "Project Include" embark on a mission to quiet Trump supporters, when they collude to create an anti-Trump narrative, when they support the sabotage of Trump conferences, they're not liberal heroes working for the greater good of America. They're the vanguard of an intolerant movement that threatens democracy. Those people are far more dangerous than Trump.
Macs have shit specs and always have. This one is no different.
You clearly didn't read the summary. This new Macbook is an incredible machine. This quote comes straight from Apple, and since Apple is the manufacturer of that machine, they're the ones who know it best, so you can rely on their assessment.
The average sexual intercourse consists of just over 100 "roundtrips". There is no stats available for solitary sex, as far as I know, but it is unlikely to be immensely higher. The bulk of porn nowadays is delivered in small doses. Lots of them.
Your condo contract doesn't include a rule that you, as the owner, are held responsible for all problems your potential renters cause? Odd. Mine does.
This problem has a very easy solution.
In many markets, every single unit in the building is owned by small landlords and/or corporations and rented out to "normal" tenants. Those don't get a seat at the HOA table. When some of the tenants "sublease" their condo a few nights at a time to Airbnb guests and things get noisy, there's many parties involved and problems last forever. This is not as straightforward as what you describe.
sure - but then you can very easily take the beef up with THEM - and then the association - and finally the police.
which is what happens with Airbnb rentals, and so the association just bans them.
And then your association get sued - like it happened with Ellen Pao's husband who sued them for not allowing him to buy a fourth unit in the building and accused them of racism.
Slashdot Mirror
How exactly could that happen unless they put their face right over the thing? that's probably the same people who look in the barrel of a gun to see why it didn't shoot, or who look in the radiator just after removing the cap.
with any washing machine but especially with front loaders, when it's not in use you should leave the door open.
With what? Food stamps?
You're missing the point. It's not about privacy, it's about opening the door to actual MITM attacks. I just used the gmail password as an example.
The purpose of SSL is to secure the connection between a client and a server. When you start injecting gateways that decrypt/scan/reencrypt the traffic, you break the system. You no longer can rely on actual issuers and certificates; you're basically trusting blindly a single source.
It's like having your ISP hijack DNS queries to show you ads when a domain is not found, it's "great" as long as the ISP itself is not vulnerable to attacks. Otherwise they just become a top tier vector for malware and whatnot.
Also there's the question of priorities. Decrypting SSL traffic doesn't "protect" the network, it just gives snooping power to the security team. And I have yet to see an organization where all the basic aspects of security are handled so well that scanning SSL traffic is a worthy concern. That's like installing a biometric lock on the bathroom door in a gas station that has no alarm system or cctv; maybe efforts are not spent on the real issues.
That's because he's rooting for Apple.
I buy Comodo certs from a reseller for $6/year (no volume required). They are a bit clunky to setup at first because there's a few certs in the chain that are easy to miss if you're not careful, but they do work on all the browsers and devices I've tested.
And then there is BlueCoat, the certificate they issued them to let BlueCoat fake practically any certificate... but hey, it was for "security" right? So that BlueCoat could run anti-virus checks on encrypted data for companies, while somehow the company couldn't simply add BlueCoat to the trusted authorities list? And in no way was that cover for TLS interception by men in uniforms?
At work they use a Bluecoat proxy. They configured that magnificent product to decrypt outgoing SSL on-the-fly and reencrypt it on the inside with fake SSL certificates. That way the "security" team can spy on encrypted traffic (such as my gmail password).
In case you suspect your employer of doing the same thing, here's something I noticed. They apparently can't spoof issuers on the fly and there's too many of them to prepare in advance, so they use the same fake issuer for every single certificate. Corporate browsers are easy to tweak with stuff like GPO so they can't be relied on to inspect a certificate, but low-level tools like curl or wget can prove useful to show what's going on.
Corporations who do this kind of thing are weakenig SSL as a whole and they are creating a false sense of security. This is really bad.
Any alternatives out there that are free and provide server *and* client certificates which are valid for at least 12 months (letsencrypt fanboys, don't bother)...?
I can get you as many certificates as you want that work as long as you want. Do you need a specific issuer? What about "Certificates For Cheapskates Inc.".
I don't know how they do it because they don't spend tons on marketing to promote their "engineering" like Apple, but Thinkpads (and other business-class Lenovos) are very, very quiet.
You mean they don't pay you well to claim that?
Who? Apple or Lenovo? Please make your accusations and/or jokes more clear in the future.
and the guy two seats over had a Mac and I could hear his fan more than mine.
Then he was not working but playing a game.
(*facepalm*)
A game on a Mac? Like what, Tetris? Farmville?
If you want your message to be clear, don't pepper it with "alleged" qualifications for rape accusations. This here is an internet forum, not law school, and double quotes are an established way of communicating disapproval.
As to what you allege to be your point: can you explain why you insist that women specifically should not support a candidate that they believe guilty of sexual misconduct? What about men? See, that's the most insidious form of sexism there is; it reeks of double standards so deeply engrained that even in the context of a gender-sensitive topic you fail to recognize your own bias.
The real question should be: is it acceptable for people (of all genders) to support a candidate that they believe guilty of sexual misconduct? And my answer ro that is a resounding YES because that's what democracy and freedom is all about. Support whoever the fuck you want for whatever reason you want. Just like people who are badly misinformed are still entitled to vote, and just like pedophiles deserve to be defended by the ACLU when their freedom of speech is attacked, there's no reason to look down on people who support a flawed candidate.
Yes, I think Hilary Clinton is a heartless sociopath that should not be allowed to control the US nuclear stockpile, and I am disgusted by the hypocrisy of people who turn a blind eye on her obvious lack of morals because she happens to be the candidate that represents their political affiliation. But I don't think the gender of those individuals (like you) who are paving the way for that corrupt witch to become leader of the free world matters.
you safe space was invaded, and you were triggered, the world is sorry for your feelings being hurt
Don't do that. Don't shoehorn the "safe space / trigger" thing in discussions that don't warrant it, you're just diluting its meaning, like a Starbucks barista that replies "awesome!" when you ask for 2% milk in your americano.
There's ample ammunition you can use in a Clinton/Trump discussion, surely you can find something more pertinent if you're trying to be dismissive or patronizing.
Right now it's a bit like a bad tattoo, but there's a flip side; after a while his username will look ironic, like someone wearing an Experts Exchange t-shirt.
I don't know how they do it because they don't spend tons on marketing to promote their "engineering" like Apple, but Thinkpads (and other business-class Lenovos) are very, very quiet. A lot more than Macbooks.
I used to work in a quiet open-plan floor and the guy two seats over had a Mac and I could hear his fan more than mine.
Oh I didn't bring anything up... and you can fully explore the "alleged" Clinton role in suppressing the "alleged" victims of Bill Clinton all on your own.
And you know what, with your insistance on "alleged" you remind of those fuckers who let college athletes get away with rape because the team needs them for the champinship. This is repugnant. One day I hope you get to meet a rape victim that hasn't been taken seriously, maybe then you'll stop defending that witch.
Here's what Juanita Broaddrick, 73 years old, has to say:
I was 35 years old when Bill Clinton, Ark. Attorney General raped me and Hillary tried to silence me. I am now 73...it never goes away.
Anyone who supports Clinton is backing the enabler of a serial rapist. Of course you'll say she's been bribed by Trump, as well as Paula Jones, decades before his run for office. That's always the same bullshit with the Clintonazis.
Don't bring the "female supporter" angle into this unless you're ready to fully explore the role of Clinton in silencing and threatening the women who made rape accusations against her husband.
Here's what Wikipedia has to say about totalitarianism.
Totalitarian regimes stay in political power through an all-encompassing propaganda campaign that is disseminated through the state-controlled mass media, a single party that is often marked by political repression, personality cultism, control over the economy, regulation and restriction of speech, mass surveillance, and widespread use of terror.
When Twitter, Facebook or "Project Include" embark on a mission to quiet Trump supporters, when they collude to create an anti-Trump narrative, when they support the sabotage of Trump conferences, they're not liberal heroes working for the greater good of America. They're the vanguard of an intolerant movement that threatens democracy. Those people are far more dangerous than Trump.
I manage a network of 150 Ubuntu desktops.
Out of curiosity, what are you using for centralized management?
SystemD?
People who can fit in your Geek Squad uniforms probably have an edge too.
Macs have shit specs and always have. This one is no different.
You clearly didn't read the summary. This new Macbook is an incredible machine. This quote comes straight from Apple, and since Apple is the manufacturer of that machine, they're the ones who know it best, so you can rely on their assessment.
The average sexual intercourse consists of just over 100 "roundtrips". There is no stats available for solitary sex, as far as I know, but it is unlikely to be immensely higher. The bulk of porn nowadays is delivered in small doses. Lots of them.
In the episode Turnabout Intruder it's stated that women can't become captains for some unspecified reason.
Everyone knows the reason. It's because one of the duties of the captain is to handle parallel parking on crowded space docks.
Your condo contract doesn't include a rule that you, as the owner, are held responsible for all problems your potential renters cause? Odd. Mine does.
This problem has a very easy solution.
In many markets, every single unit in the building is owned by small landlords and/or corporations and rented out to "normal" tenants. Those don't get a seat at the HOA table. When some of the tenants "sublease" their condo a few nights at a time to Airbnb guests and things get noisy, there's many parties involved and problems last forever. This is not as straightforward as what you describe.
sure - but then you can very easily take the beef up with THEM - and then the association - and finally the police.
which is what happens with Airbnb rentals, and so the association just bans them.
And then your association get sued - like it happened with Ellen Pao's husband who sued them for not allowing him to buy a fourth unit in the building and accused them of racism.