Because even if some people are limited in their understanding of the hierarchic DNS, they are still voters and customers. The easily convinced breed, even.
As for saving a certificate and creating an exception, this is exactly what firefox 3 does. As for expired certificates, they contain very clear instructions about when they are valid and the browser is instructed to refuse them otherwise.
Of course there is. I made the certificate myself! I visit far more SSL web servers on my company's private LAN than I visit on the public internet. Most of the HTTPS connections I make in the course of a workday are to internal servers with self-signed certificates.
If you made the certificates yourself, you're supposed to install them on the client machines, compare the fingerprints or have your own inhouse CA with the signing certificate rolled out to all clients.
If you don't do that, you trust your machines and your network for being legitimate in any case, which in fact many people do. But why do you need site verification then?
This way of handling websites with expired or self-signed SSL certificates is bound to scare away a lot of inexperienced users, no matter how legitimate the website is.
Well that's the point. The certificate is not valid and there is no way to tell the website is legitimate.
If one would insist on using TLS/SSL for HTTP with a self-signed certificate, have users install your own CA keys you gave them through another secure channel, or at least let them check the fingerprint. Nobody keeps you from doing that.
It's sad that some of these things are so widely misunderstood that it actually reduces privacy and security:
login forms on http: URI, posted to https: URI. Please, the website should identify first.
Session Cookies which are sent for both secure and unsecure connections.
people asking me to sign their openPGP keys they sent via e-mail wondering why I call them in return to verify the fingerprint. (This guy had a Ph.D. in computer science and after a heated exchange on the phone and e-mail I just gave up. He hates me ever since.)
The new behavior of Firefox 3 is not a problem, it's people failing to security-enable their website the right way.
And you send UDP packets, so there's no indication from the server that the machine is even powered up unless you are successful. Except for the missing dst host unreachable from the last hop before the target. "Stealth"/DROP instead of "Closed"/REJECT add nothing to security. Same with not replying to pings. People listen to Steve Gibson way to often.
OpenNTP for syncing system clocks, yet their local clocks still drift a little over time; sometimes easily up to quarter a minute or more. Okay two things most people don't get when ntp is involved.
1. An ntpd not only syncs time, but adjusts the running speed of the kernel clock. Otherwise it would be nothing more than a ntpdate cronjob.
2. Under GNU/Linux, the local clock may be used to initialize the kernel clock, but those two run independently of each other until shutdown (or manual set). Only then the local clock is set to the kernel time, regardless of what the local clock was doing all the time.
Still they are democratic, you may just as well be the only one disagreeing. Again, how can you claim justification not to follow such laws but ask for criminals to be locked away? I'm sure they disagree with their verdict. Democracy includes accepting other citizens' votes until votes/laws etc have changes by the same democratic means.
(In Europe, the media player is not normally bundled as its seen as an anti-trust issue.)
It was only ruled that -N versions must be available as an alternative for those who want it. Their sales figures, however, are marginal. So in the EU it is normally bundeled.
Well, of course, this is just a personal account. It may as well be just the first few really interesting months, where you learn to appreciate both the time spend together _and_ apart.
I was about to start an open source project, mostly to educate myself as my current IT jobs is custom one-time software only. Well, to make it short, I recently got a girlfriend. No more OSS coding for me.
Everything you said is fine, but...
Run ShieldsUP! from grc.com to make sure that you're invisible. having stealth ports (instead of closed) add nothing on security, and Steve Gibson just talk crap about it. A possible attacker will have the !open and !up information anyway. And that one time you wait for a timeout (instead for "connection refused") costs more than the joy of all ports stealthed.
From a darwinistic point of view, it would seam desirable that stupidity should kill (or sterilize, at least). I, however, have come the the conclusion that I'll need some stupid people around me to take care of some things. So I'll just be fine if stupid people identify themself as such from time to time.
> it takes 8 minutes to send a signal as far as mars and 4 years to send one to Alpha Centuri, which Voyager 1 is predicted to reach in later 2009
Voyager I has a speed of about 17 km/s. At that speed it takes 114440 years to fly the 4,4ly to Alpha Centauri.
It occurs to me that the power consumed for this kind of calculations is quite high. Back when I was doing seti@home, the classic one, they explicitly told people not to let computers running for the sole purpose of calculation, even asking them to turn them of when you guys in the US had a power crisis. There are people running farms of computers just for the fun of it. *sigh*
seti, primes and stuff might be important, but I'd like to still have some power left to radio a reply to E.T.
I once had the idea to do just this - using the tube/pipe metaphor to help non-tech users to share files. Wanted to do it more screen-visual, though: two computers next to each other would have NES Mario kind of green tubes to drag and drop files through that would just pop up on the other side. Including sound effects;-) I dumped the project because tar -czv files... | netcat -v target port and netcat -lv port | tar -xzv is cooler by order of magnitude.
I think your points are valid, for some applications. And specifically for those where MS Office is also used.
Personally, I tend to favour the methodology of merging. If it's about a plain text source like code or LaTeX because I have experiences forgotten locks. The rare merging conficts are easily managed. One must keep in mind that the versioning system does not replace team communication. It's just a tool.
I would like to call it "Live cooperative editing". A document could be saved in a way that multiple persons could open it simulatanously.
Well, there is Synchroedit. But I don't think people do their work that way. Social software has it's applications, but word processing isn't one of them. If you'd limit it to brainstorming, mindmapping, whiteboarding and stuff, I'd agree. But if the output is intended for further use, the "live" aspect is not as good as it may sound. I've tried it, didn't work out good.
The idea in writing is that you put your thoughts to paper. You don't want to watch others wile doing it. If you need to do this collaboratively, a versioning system or a wiki can be use.
I'd fancy a virus overwriting common software such as MS Word, Excel or Powerpoint.
Jokes aside. A colleague wrote to the department to look out for the virus, backup all documents, bla bla.. I replyed, being the one who installed the av software, that updates are run hourly and that everybody is safe if they apply the same precautions which they usually (should) do.
So who is right? Me or the colleague who eventually said that my reply to all was conterproductive?
Slashdot Mirror
Because even if some people are limited in their understanding of the hierarchic DNS, they are still voters and customers. The easily convinced breed, even.
As for saving a certificate and creating an exception, this is exactly what firefox 3 does. As for expired certificates, they contain very clear instructions about when they are valid and the browser is instructed to refuse them otherwise.
Of course there is. I made the certificate myself! I visit far more SSL web servers on my company's private LAN than I visit on the public internet. Most of the HTTPS connections I make in the course of a workday are to internal servers with self-signed certificates.
If you made the certificates yourself, you're supposed to install them on the client machines, compare the fingerprints or have your own inhouse CA with the signing certificate rolled out to all clients. If you don't do that, you trust your machines and your network for being legitimate in any case, which in fact many people do. But why do you need site verification then?
This way of handling websites with expired or self-signed SSL certificates is bound to scare away a lot of inexperienced users, no matter how legitimate the website is.
Well that's the point. The certificate is not valid and there is no way to tell the website is legitimate. If one would insist on using TLS/SSL for HTTP with a self-signed certificate, have users install your own CA keys you gave them through another secure channel, or at least let them check the fingerprint. Nobody keeps you from doing that. It's sad that some of these things are so widely misunderstood that it actually reduces privacy and security:
The new behavior of Firefox 3 is not a problem, it's people failing to security-enable their website the right way.
1. An ntpd not only syncs time, but adjusts the running speed of the kernel clock. Otherwise it would be nothing more than a ntpdate cronjob.
2. Under GNU/Linux, the local clock may be used to initialize the kernel clock, but those two run independently of each other until shutdown (or manual set). Only then the local clock is set to the kernel time, regardless of what the local clock was doing all the time.
speed of sound... wait a minute? In which medium? I don't think there is much atmosphere up there...
Welcome to Live Search, NSA Edition
[_______________] [search]
( ) the web
(o) all computers running Windows
[X] force update
[X] slow down computers
[ ] obey law / constitution
[X] forward trade secrets to us corps
Still they are democratic, you may just as well be the only one disagreeing. Again, how can you claim justification not to follow such laws but ask for criminals to be locked away? I'm sure they disagree with their verdict. Democracy includes accepting other citizens' votes until votes/laws etc have changes by the same democratic means.
I think you got that wrong. Who is to judge on which laws to abide? Keep the democratic principles, even if they sometime bother you.
The other direction is right. Not everything that is allowed by law is ethically justified.
It was only ruled that -N versions must be available as an alternative for those who want it. Their sales figures, however, are marginal. So in the EU it is normally bundeled.
Well, of course, this is just a personal account. It may as well be just the first few really interesting months, where you learn to appreciate both the time spend together _and_ apart.
I was about to start an open source project, mostly to educate myself as my current IT jobs is custom one-time software only. Well, to make it short, I recently got a girlfriend. No more OSS coding for me.
They better not have any F-22 Raptor flying until those patches have been rolled out...
From a darwinistic point of view, it would seam desirable that stupidity should kill (or sterilize, at least). I, however, have come the the conclusion that I'll need some stupid people around me to take care of some things. So I'll just be fine if stupid people identify themself as such from time to time.
> it takes 8 minutes to send a signal as far as mars and 4 years to send one to Alpha Centuri, which Voyager 1 is predicted to reach in later 2009 Voyager I has a speed of about 17 km/s. At that speed it takes 114440 years to fly the 4,4ly to Alpha Centauri.
It occurs to me that the power consumed for this kind of calculations is quite high. Back when I was doing seti@home, the classic one, they explicitly told people not to let computers running for the sole purpose of calculation, even asking them to turn them of when you guys in the US had a power crisis. There are people running farms of computers just for the fun of it. *sigh*
seti, primes and stuff might be important, but I'd like to still have some power left to radio a reply to E.T.
I once had the idea to do just this - using the tube/pipe metaphor to help non-tech users to share files. Wanted to do it more screen-visual, though: two computers next to each other would have NES Mario kind of green tubes to drag and drop files through that would just pop up on the other side. Including sound effects ;-) I dumped the project because tar -czv files... | netcat -v target port and netcat -lv port | tar -xzv is cooler by order of magnitude.
Is that Fahrenheit, Celsius or Kelvin? Since even NASA is metric now, can I have that in some SI unit?
Now that is the old dispute between "lock, modify, unlock" and "copy, modify, merge" as outlined in the subversion book.
I think your points are valid, for some applications. And specifically for those where MS Office is also used.
Personally, I tend to favour the methodology of merging. If it's about a plain text source like code or LaTeX because I have experiences forgotten locks. The rare merging conficts are easily managed. One must keep in mind that the versioning system does not replace team communication. It's just a tool.
I would like to call it "Live cooperative editing". A document could be saved in a way that multiple persons could open it simulatanously.
Well, there is Synchroedit. But I don't think people do their work that way. Social software has it's applications, but word processing isn't one of them. If you'd limit it to brainstorming, mindmapping, whiteboarding and stuff, I'd agree. But if the output is intended for further use, the "live" aspect is not as good as it may sound. I've tried it, didn't work out good.
The idea in writing is that you put your thoughts to paper. You don't want to watch others wile doing it. If you need to do this collaboratively, a versioning system or a wiki can be use.
I'd fancy a virus overwriting common software such as MS Word, Excel or Powerpoint.
Jokes aside. A colleague wrote to the department to look out for the virus, backup all documents, bla bla.. I replyed, being the one who installed the av software, that updates are run hourly and that everybody is safe if they apply the same precautions which they usually (should) do.
So who is right? Me or the colleague who eventually said that my reply to all was conterproductive?