therefore many small service providers, businesses, communities that would not afford a decent certificate will be hurt in all respects, not to mention many users.
If your service provider, business or community can't afford 2000 / year for an EV SSL Certificate, you've got a lot of other problems to worry about.
Our school uses a self-signed certificate for the courseware.
Than tell the admins to fix it. School environments are hard to do, because you have a lot of non-standard clients. So a public cert would probably be better for a school than an internal CA (which would make sense for a company).
Again: Firefox and IE both give a very stern warning that what you're going to do is potentially risky. This is the *RIGHT* thing to do - if that wasn't the case, with the recent DNS issues it would be easily possible to spoof https://www.yourbank.com./
Basically, don't blame Firefox if your cost-cutting measures break on you - it's your own fault.
I disagree, IMO one warning should be enough, if you're too stupid to figure out your computer then you should get rid of it.
Yeah, and i would like it if everyone who disagress with me would be shot. Sadly, this hasn't happened yet, nor will it ever.
It's the same thing that you want - you don't want idiots that are almost to stupid to breathe use a computer. This isn't going to stop either - heck, driving a car requires a license, yet i encounter many stupid drivers daily.
It's not like Firefox makes it impossible to access a web site with a self signed certificate. It just makes it very obvious that something is wrong with the certificate, and tells the user that he shouldn't trust it to much.
Now, who uses self signed certificates or certificates signed by an internal CA?
* Test environments (not an end user scenario) * Unprofessional webhosters (good riddance) * Companies with their own CA (they can preload the certificate) * Hobbyist systems (they can reconfigure their browser)
In the end, the only ones hurt by this are unprofessional webhosters - and i don't think anyone should care about them.
I have no idea if there was a genocide or not, because i wasn't there.
What i do know is from history books, and there it looks like the indians simply lost because they didn't have modern enough weapons nor the organization to put a strong unified defense.
I'm sure that both sides committed many atrocities, like it happens in every war.
But i don't think that a rightful winner of a war should be punished just because he won because he was "better".
They lost the war. This story is now long over, and they should be thankful that the Victor allowed them to keep their lifestyle - not add additional demands.
Now, this is entirely US politics, but this whole mess looks rather stupid from my outsider POV.
So you have some independent nation that is in the US - they get reperations in a variety of formms, in this case for internet access.
Now, their corrupt government has conspired with some satellite ISP to get more money into their pockets - the grant money is now cut off.
Why the fuck should this be the USs problems? Heck, they should be thankful that they are allowed to live on their own. If they want Internet, they should start paying for it on their own. Or get some shovels and start digging.
Yeah, that's because the article is stupid and lacking on details. Which isn't exactly news.
BitLocker in TPM Mode (which is not mandatory - you can use a USB Key and a PIN, or TPM+PIN) will require a validated bootchain to boot automatically, without having to enter the recovery password (which is usually stored in Active Directory).
but doing 100% anonymous file sharing is a whole different thing. Outside totalitarian regimes like China and Iran, why would you want to do that if not to break the law?
The point is that this doesn't matter. I don't Freenet for anything, but thanks for the allegation.
The point that Freenet itself doesn't hurt anyone and doesn't commit any crimes - it's the people that use it. As such, trying to forbid a technology just because it COULD be used to commit a crime is wrong.
If you want your nanny state where everything is controlled - fine. This is what a democracy is about: freedom - even the freedom to give up that freedom and change your democracy into a totalitarian nanny state without any child molesters (well, at least not in the lower ranks).
However, as soon as people start acting on bullshit like "kill all infidels" they should be countered with the full force of the law.
I have no idea how it is with the muslims in the US, but here in Europe they can do their honor killings and get away with them with little punishment because it's part of their religion.
IMHO, this is exactly the wrong approach. While everyone should be able to believe in whatever the fuck they want, killing people is WAY outside of freedom of religion or freedom of speech.
What about your browsers that are provided by your IT department of your company?
As you said, these can be managed automatically. There are even no-cost tools to do this (WSUS), and they work pretty well.
That said, for many companies that use a large amount of shitty internal software (built by the lowest bidder) just can't upgrade to IE7.
I work for an ISV, and we're pretty aggressive to stay current on the software we use internally, mostly to make sure that all our products work on the newest technology.
We've upgraded to IE7 a long time ago, when we we're still using Windows XP, and it worked fine for the most part. However, several software components (e.G. Backup Exec, ProtectionPilot, Exchange) required hotfixes to support IE7.
That said, i think IE7 was worth the effort. It finally became a decently usable Browser, and most of the users were happy with it.
However, not every company may see the productivity improvement a new browser brings, especially if the people don't really need to use a web browser.
Slashdot Mirror
therefore many small service providers, businesses, communities that would not afford a decent certificate will be hurt in all respects, not to mention many users.
If your service provider, business or community can't afford 2000 / year for an EV SSL Certificate, you've got a lot of other problems to worry about.
Our school uses a self-signed certificate for the courseware.
Than tell the admins to fix it. School environments are hard to do, because you have a lot of non-standard clients. So a public cert would probably be better for a school than an internal CA (which would make sense for a company).
Again: Firefox and IE both give a very stern warning that what you're going to do is potentially risky. This is the *RIGHT* thing to do - if that wasn't the case, with the recent DNS issues it would be easily possible to spoof https://www.yourbank.com./
Basically, don't blame Firefox if your cost-cutting measures break on you - it's your own fault.
I disagree, IMO one warning should be enough, if you're too stupid to figure out your computer then you should get rid of it.
Yeah, and i would like it if everyone who disagress with me would be shot. Sadly, this hasn't happened yet, nor will it ever.
It's the same thing that you want - you don't want idiots that are almost to stupid to breathe use a computer. This isn't going to stop either - heck, driving a car requires a license, yet i encounter many stupid drivers daily.
It's how the world is right now - deal with it.
No, it wouldn't. Users need to be protected from themselves, and the Firefox/IE approach is the right way to do this.
Why don't you just deploy the self signed certificate to all your users?
Or, if your users vary that much, just buy a certificate für 29$ a year?
Besides, IE gives ugly error messages too when accessing a site without a validated trust chain.
This is bullshit.
It's not like Firefox makes it impossible to access a web site with a self signed certificate. It just makes it very obvious that something is wrong with the certificate, and tells the user that he shouldn't trust it to much.
Now, who uses self signed certificates or certificates signed by an internal CA?
* Test environments (not an end user scenario)
* Unprofessional webhosters (good riddance)
* Companies with their own CA (they can preload the certificate)
* Hobbyist systems (they can reconfigure their browser)
In the end, the only ones hurt by this are unprofessional webhosters - and i don't think anyone should care about them.
there are dozens of legitimate reasons that someone could be saddled with this kind of web host.
No, sorry. Not a single one.
The market for high end "enterprise" drives is almost dead. When was the last time you saw a SCSI (FC,SAS) drive?
What? Maybe on your planet. 2.5" SAS Drives in Servers are common - even in middle class servers.
What kind of servers are you buying that are using SATA instead of SAS?
As i understood it, one user can fuck up another users account, without the need for administrative privileges.
This *is* an issue.
I have no idea if there was a genocide or not, because i wasn't there.
What i do know is from history books, and there it looks like the indians simply lost because they didn't have modern enough weapons nor the organization to put a strong unified defense.
I'm sure that both sides committed many atrocities, like it happens in every war.
But i don't think that a rightful winner of a war should be punished just because he won because he was "better".
A nation and a person are different things.
They lost the war. This story is now long over, and they should be thankful that the Victor allowed them to keep their lifestyle - not add additional demands.
Now, this is entirely US politics, but this whole mess looks rather stupid from my outsider POV.
So you have some independent nation that is in the US - they get reperations in a variety of formms, in this case for internet access.
Now, their corrupt government has conspired with some satellite ISP to get more money into their pockets - the grant money is now cut off.
Why the fuck should this be the USs problems? Heck, they should be thankful that they are allowed to live on their own. If they want Internet, they should start paying for it on their own. Or get some shovels and start digging.
Yeah, that's because the article is stupid and lacking on details. Which isn't exactly news.
BitLocker in TPM Mode (which is not mandatory - you can use a USB Key and a PIN, or TPM+PIN) will require a validated bootchain to boot automatically, without having to enter the recovery password (which is usually stored in Active Directory).
There's nothing wrong with that.
The point is that this doesn't matter. I don't Freenet for anything, but thanks for the allegation.
The point that Freenet itself doesn't hurt anyone and doesn't commit any crimes - it's the people that use it. As such, trying to forbid a technology just because it COULD be used to commit a crime is wrong.
If you want your nanny state where everything is controlled - fine. This is what a democracy is about: freedom - even the freedom to give up that freedom and change your democracy into a totalitarian nanny state without any child molesters (well, at least not in the lower ranks).
Oh yeah, please think of the children.
Freedom comes at a price.
We saw how that worked out for Debian.
The SonicWALL Appliances we use do exactly that - unless you choose the option "Enable consistent NAT" (which can be necessary to run certain apps).
I'd guess that iptables and pf offer the same functionality.
Rerun the query until you get results.
Everyone can have whatever religion they want.
However, as soon as people start acting on bullshit like "kill all infidels" they should be countered with the full force of the law.
I have no idea how it is with the muslims in the US, but here in Europe they can do their honor killings and get away with them with little punishment because it's part of their religion.
IMHO, this is exactly the wrong approach. While everyone should be able to believe in whatever the fuck they want, killing people is WAY outside of freedom of religion or freedom of speech.
I just damn well hope that Wikipedia link isn't needed for anyone to get the joke.
As you said, these can be managed automatically. There are even no-cost tools to do this (WSUS), and they work pretty well.
That said, for many companies that use a large amount of shitty internal software (built by the lowest bidder) just can't upgrade to IE7.
I work for an ISV, and we're pretty aggressive to stay current on the software we use internally, mostly to make sure that all our products work on the newest technology.
We've upgraded to IE7 a long time ago, when we we're still using Windows XP, and it worked fine for the most part. However, several software components (e.G. Backup Exec, ProtectionPilot, Exchange) required hotfixes to support IE7.
That said, i think IE7 was worth the effort. It finally became a decently usable Browser, and most of the users were happy with it.
However, not every company may see the productivity improvement a new browser brings, especially if the people don't really need to use a web browser.
I only know about a Progenitor Virus. Maybe i should stop playing video games.
I don't think so.
Self signed certificates should never be used in anything that is meant to be accessed by normal users.
For a internal company use, have an internal CA.
For something accessible over the internet, get a signed cert. Can be had for as low as 10-30$ / year.
Firefox is doing the right thing not accepting cacert and similar institutions.
So that "Dreamhost" you're talking about is obviously not a trustworthy company.
Heck, we even use an official cert for our company internal Webmail - for security and for convenience.