you might be able to get zonealarm to do that, but i would NOT trust anything but open source.
Not to mention that if you're running it on Windows, then the operating system and network stack is not open-source, so you can't really trust that Windows isn't hiding the packets from you.
On the one hand, it's nice to see a fundamentalist Linux distribution like Debian standing up on principle against encroachment of commercialization. On the other hand, non-fundamentalists like the rest of us are puzzled at how much time the Debian team wastes in throwing tantrums over license purity instead of shipping their next version.
You're puzzlement is due to your own laziness. If you'd bothered to read the damn mailing list posts, you'd see that the issue has very little to do with the free-ness of the licences, and everything to do with a small group of people putting various groups in one of two positions: either that of indemnifying Sun, or of copyright infringement. This is because the Sun Java licenses just showed up in non-free without anybody bothering to ask about it in debian-legal.
I guess I'm not a target user of their system since I just want Java to work on my system without being strip searched and violated.
-1, Troll. apt-get install java-package has been around for a long time.
Thanks for the clarification. Although I don't necessarily agree that having read access to root@example.com's mail means that you have total control over example.com's computers (reading other people's email is easier that you might think), I agree that it's something that should be secured as well as you can.
Now that we have a new set of DNSSEC RFCs, hopefully secure DNS will actually happen in the next few years. That would make things an awful lot easier (although I suspect that.com will be the *last* domain to support DNSSEC, since DNSSEC could probably hurt Verisign's SSL cert market).
I'm pretty sure Windows has a centralized CA management system, and I think Firefox (at least on Debian) uses Debian's centralized CA management system as well.
You have to be "in control" of the domain you want a cert for, that is you have to be able to receive mail at root@domain or what the username was. This reflects in the cert that you get, i.e. the only field that is going to be filled is the common name, as that is the only piece that CAcert can verify (sans DNS spoofing to take over a domain for a short time to intercept mail to root@domain).
So all I have to do is to poison the DNS MX records, and I can get an SSL cert, apparently.
Not that cacert.org is the only CA that does this.
I'm not opposed to using well-known implementations. Where did you get that idea?
Probably from your sig:
A slashdotter who did not build his own computer is like a jedi who did not build his own lightsaber.
Ok, so I totally misinterpreted what you were saying. I thought you were saying that a every company should hire people to build their own implementations, but I think what you're saying is that *when* they make their own implementations, only security experts should be allowed to do it (or, they should at least be heavily involved). That makes much more sense.
Actually, any company that cared about its own reputation and customers would have a security specialist write ALL code that does authentication or cryptography. It is actually pretty tricky to get right, despite how easy some APIs make it look.
Huh? As opposed to using well-known implementations? How is this more secure?
And then, trying to shift the blame for your arrogance to Linus and RMS? You have GOT to mean that as a joke, man! Would you also try to blame Mother Theresa for the spread of AIDS in Africa?
You didn't read TFA, did you? He's not blaming Linus or RMS.
But that doesn't mean the boss is being stupid. No. He's actually making the decision using a fairly reliable algorithm: repeat what has worked in the past.
I'm unconvinced. I think he's making the decision using a fairly unreliable algorithm, being: make technical decisions you don't understand.
It's a company with less than 10 employees. I've worked at such a company. Chances are, most languages are ones that only 1 or 2 programmers are capable of working with. Heck, the company probably only has one or two programmers.
Slashdot Mirror
Not to mention that if you're running it on Windows, then the operating system and network stack is not open-source, so you can't really trust that Windows isn't hiding the packets from you.
Why the broadcast address?
On the one hand, it's nice to see a fundamentalist Linux distribution like Debian standing up on principle against encroachment of commercialization. On the other hand, non-fundamentalists like the rest of us are puzzled at how much time the Debian team wastes in throwing tantrums over license purity instead of shipping their next version.
You're puzzlement is due to your own laziness. If you'd bothered to read the damn mailing list posts, you'd see that the issue has very little to do with the free-ness of the licences, and everything to do with a small group of people putting various groups in one of two positions: either that of indemnifying Sun, or of copyright infringement. This is because the Sun Java licenses just showed up in non-free without anybody bothering to ask about it in debian-legal.
I guess I'm not a target user of their system since I just want Java to work on my system without being strip searched and violated.
-1, Troll. apt-get install java-package has been around for a long time.
Now that we have a new set of DNSSEC RFCs, hopefully secure DNS will actually happen in the next few years. That would make things an awful lot easier (although I suspect that .com will be the *last* domain to support DNSSEC, since DNSSEC could probably hurt Verisign's SSL cert market).
Try that under IE or Firefox.
I'm pretty sure Windows has a centralized CA management system, and I think Firefox (at least on Debian) uses Debian's centralized CA management system as well.
You have to be "in control" of the domain you want a cert for, that is you have to be able to receive mail at root@domain or what the username was. This reflects in the cert that you get, i.e. the only field that is going to be filled is the common name, as that is the only piece that CAcert can verify (sans DNS spoofing to take over a domain for a short time to intercept mail to root@domain).
So all I have to do is to poison the DNS MX records, and I can get an SSL cert, apparently.
Not that cacert.org is the only CA that does this.
Who actually has mail delivered to the root user, rather than aliased/forwarded to some other address?
I'm not opposed to using well-known implementations. Where did you get that idea?
Probably from your sig:
Ok, so I totally misinterpreted what you were saying. I thought you were saying that a every company should hire people to build their own implementations, but I think what you're saying is that *when* they make their own implementations, only security experts should be allowed to do it (or, they should at least be heavily involved). That makes much more sense.
My guess is it's a trademark issue, although I don't think Adobe really tells you that.
All the lectures (as video), slides, assignments, and the students' final projects are posted.
Heh. I read that without actually running rot13! I must be an uber-cryptanalyst!
Did you watch any of the the videos? It's about crypto.
Huh? As opposed to using well-known implementations? How is this more secure?
WTF? What do you base this opinion on? Movies? "That seems nasty"?
You didn't read TFA, did you? He's not blaming Linus or RMS.
How many of those 49% voted strategically for Bush, rather than actually *wanted* him to become President (because they thought Gore was even worse)?
Or you pie him again and take his suitcase! ;)
Doesn't work.
I'm unconvinced. I think he's making the decision using a fairly unreliable algorithm, being: make technical decisions you don't understand.
It's a company with less than 10 employees. I've worked at such a company. Chances are, most languages are ones that only 1 or 2 programmers are capable of working with. Heck, the company probably only has one or two programmers.
Of course, I can't give a decent example because Slashcode doesn't seem to allow leading spaces on lines.
How many of these jobs were for lawyers who write up new "open source" licenses?
What is the world coming to, when you have to upgrade your operating system to get additional platform features?
WTF? What about "Linux" and "GNU libc"?