All support was completely and unconditionally yanked from LibreSSL.
I don't know why you think it 'must' be supported.
UDP is connectionless. No session is required to be setup and managed prior to normal operation.
When making existing UDP protocols work over DTLS there is now a session and associated need for session management Including heartbeat to reason about continued health of the session.
Without heartbeats the only alternative is custom modification of each protocol.
Here is my problem with Apple, Google and Microsoft.
Each vendor is using crowd sourced location / WiFi sniffing / map building excuses to collect location data from everyone. At least one vendor offers no ability to disable crowd sourcing without also preventing GPS from being used.
GPS ASIC's have advanced to the point where standard excuses (uses too much power, takes too long to get a fix, some indoor use) are no longer applicable. This appears to in no way be discouraging vendors from selecting shitty GPS components while propagating excuses which unnecessarily eat into data plans and upload all of your data.
Think of this from the Chinese perspective. Instead of everyone's location data being uploaded to Google or Apple... what if it was all going to Huawei? Would US officials be comfortable with data about everyone's location constantly uploaded "anonymously" to Huawei?
I think we are all better off if vendors used more capable GPS chips in their handsets and location data is not constantly being uploaded to any single vendor for any reason by default.
Unless you are using 15+ year old C compilers, unsupported and dead OSes or want to use insecure ciphers and hash routines, you're not gonna miss the cruft.
Bottom line LibreSSL is useless here as long as it won't run Windows. Need DTLS heartbeat support so they are going to have to find a way to get over that too.
It's illegal to be in possession of stolen goods. This is not grade 3.
Seem to remember quite recently Russians and Kurds grabbing land that doesn't exactly belong to them. They appear to be getting away with it while the whole world sits watches the theft take place.
So, you believe if I can take it from you by force, it's mine?
There are two distinct legal worlds. Confuse them at your peril.
1. Intra-country world where rules are enforced by state having obtained more or less a monopoly on projection of violence within state borders to those who elect to disobey laws of said country.
2. Rouge lawless world of inter-country relationships where no such monopoly exists. International systems like the UN wield no real power. In this world your ability to project violence or develop a coalition of states willing to project violence very much dictates what you can or can not get away with.
To put it in even simpler terms when Ban Ki-moon pleads for the bloodshed in Gaza/Israel to stop he is asking..nicely...... he is not ordering.
When a judge orders you to pay Palimony the judge is not asking he is ordering you to pay under threat of violence.
I liked Dr Sbaitso, talking parrots and realtime voice changing software included with various incarnations of sound blaster. It was all a lot of fun.
Yet my last memories of SB was going thru driver hell as creative was seemingly incapable of producing a driver not constantly subject to crashing and burning on multi-processor systems.
Today sound comes from motherboard to stereo receiver via optical SPDIF. Are bits pushed from sound blaster over SPDIF better in some way than bits pushed from generic audio codecs? Or is it as provably worthless as those $3000 HDMI cables?
Whatever special audio processing SB is doing in that custom ASIC of theirs is it really something a modern CPU/GPU lacks overhead to implement?
In support of sound blaster I could see driving headphones/desktop speakers directly benefit from a high quality sound card... although personally I will never be picky enough to care. ASIO is very awesome and my mobo sucks at microphone input. Even worse line in is not isolated causing noise from computer to feedback into connected radio's and players.
If your memory could be read by doctors using a harmless mind-reading machine, that would be allowed, because it would be physical evidence, not testimony that might have been compelled.
The problem that I see on the issue is that once you hand your computer to the police, it's easy, too easy for them to plant evidence.
No it's not...from a forensics standpoint it's quite difficult to plant evidence on a computer and not have timestamps completely out of sync with the rest of the system.
If you use the OS/file system this may be true especially given most file systems are journaled.
However if you were to simply write something incriminating to an unlinked heap of free space to raw disk using 'dd' then use a recovery tool to discover planted evidence there are no timestamps or any way of knowing what was done.
Rather than spreadsheet they should have shown the same website rendered on each device.
Whenever on screen keyboard is enabled in landscape mode on my phone it consumes most of the screen leaving painfully very little space remaining to view content while tying. Portrait mode is better in this regard yet often difficult to manage panning around.
I still prefer physical keyboards as they tend to take up less space than on screen when activated and those with big hands can actually use them with some degree of accuracy.
So in a way while it might look lame/stupid/odd and suck for passive dinking/gaming/watching videos I could see it being quite useful for those who spend most of their time working the keyboard and getting shit done.
The iphone is so tiny and it appears to be about the same width as the s5..I don't see a problem with comfortably pocketing this thing.
The final end result of mass mechanized production is that the available workers will far outnumber the available jobs, and this is the problem that communism was intended to solve.
People have been spouting this nonsense for centuries and it keeps not coming true.
Surplus labor dissipates into increasingly bushy tech trees and middle-men ultimately resulting in whole new categories of garbage on store shelves for everyone to waste their money on.
Unfortunately, communism has earned a fatally bad reputation after being misused by so many dictators during the 20th century.
No one ideology be it capitalism or communism has ever been worth a hill of beans by itself. Lack of evolutionary pressure is central reason too much communism turns everything it touches to shit.
Problems stemming from globalization, over-aggregation of wealth and instabilities in reserve labor market are real and important challenges for the world yet simply Invoking communism as solution is a cop out.
Content and Eyeball networks operate under different legal environments. For example CALEA does not apply to "information services" and serving content carries significantly different legal exposure vs. merely forwarding packets.
Google acting as an eyeball network for a chosen few has no bearing. Eyeball and content are different. In the context of parents remarks google was acting entirely as a content network.
Parent tried to use content network examples to make a point about eyeball networks which is apples/oranges.
A number of companies have taken to monitoring *ALL* BT traffic of consequence on a *GLOBAL* basis. They know with high degree of coverage what everyone using bit torrent is trading.
This desperately needs to change. I'm no fan of piracy yet detailed metrics are being used to justify all manner of legislative craziness affecting everyone.
I don't claim to have any good solutions the market would be likely to embrace... we all need to find one soon.
I can't fathom why any ISPs in their right mind would go along with this crap.
Acting against your customer base in this way is a good way to lose customers and ruin your brand. I can only assume not all 140 ISPs have the luxury of not having to give a shit about their customers.
Most importantly taking punitive action against someone you *suspect* of breaking the law is itself illegal. By taking matters into your own hands you open yourself up to lawsuits from effected customers. SOPA/PIPA crashing and burning means no enabling legal cover.
Finally whenever you as an ISP give in to these demands and just do whatever is asked without taking necessary time to understand law you might as well be announcing you are an easy target via front page ad on the New York times... expect to be flooded with requests accordingly.
Massive privacy breach....e-mailed a report...containing sensitive details...e-mailed...
The problem here isn't that it was sent to the wrong account. It's that it was e-mailed AT ALL.
I don't know particulars of systems involved. From description it is plausible message was to be routed and delivered exclusively intra-domain rather than inter-domain so it would never involve SMTP to external systems not managed and controlled by Goldman.
For all I know they could have a reasonably secure internal e-mail system for communicating sensitive information WITHIN their organization.
For years politicians chiseled away at regulations and lending requirements in the name of increasing home ownership and making bankers happy while leveraging "meltdown" as cover to escape any responsibility for the environment they helped create.
Likewise telephone billing problems were created by politicians thru legal requirements mandating passing charges on to customers by default. If the law was opt-in vs opt-out none of this shit would be happening.
In the real world you can't create this kind of permissive environment full of conflicts of interest and seriously not expect it to be abused to the hilt. What FTC is doing amounts to whack-a-mole.
Slashdot Mirror
The source is open. If you're a Windows user and would like to use the library, then fork and add the capability yourself.
Unacceptable if LibreSSL is to be a viable alternative to OpenSSL. Last thing we want to do is take responsibility for maintaining an SSL stack.
Bottom line LibreSSL is useless here as long as it won't run Windows.
The sad part is that you actually believe it.
Real world runs Windows. If we don't support Windows we go out of business.
Heartbeat support is optional and negotiated.
All support was completely and unconditionally yanked from LibreSSL.
I don't know why you think it 'must' be supported.
UDP is connectionless. No session is required to be setup and managed prior to normal operation.
When making existing UDP protocols work over DTLS there is now a session and associated need for session management Including heartbeat to reason about continued health of the session.
Without heartbeats the only alternative is custom modification of each protocol.
And for the record, from a security and privavy standpoint at least, I'll take an iPhone any day over an Android.
I'll take Android ASOP/custom rom over carrier shitware infested Android + Google play services or the iPhone any day.
Amazing how much longer battery lasts when your phone is not constantly violating your privacy and wracking up data usage for stupid reasons.
Here is my problem with Apple, Google and Microsoft.
Each vendor is using crowd sourced location / WiFi sniffing / map building excuses to collect location data from everyone. At least one vendor offers no ability to disable crowd sourcing without also preventing GPS from being used.
GPS ASIC's have advanced to the point where standard excuses (uses too much power, takes too long to get a fix, some indoor use) are no longer applicable. This appears to in no way be discouraging vendors from selecting shitty GPS components while propagating excuses which unnecessarily eat into data plans and upload all of your data.
Think of this from the Chinese perspective. Instead of everyone's location data being uploaded to Google or Apple ... what if it was all going to Huawei? Would US officials be comfortable with data about everyone's location constantly uploaded "anonymously" to Huawei?
I think we are all better off if vendors used more capable GPS chips in their handsets and location data is not constantly being uploaded to any single vendor for any reason by default.
Unless you are using 15+ year old C compilers, unsupported and dead OSes or want to use insecure ciphers and hash routines, you're not gonna miss the cruft.
Bottom line LibreSSL is useless here as long as it won't run Windows. Need DTLS heartbeat support so they are going to have to find a way to get over that too.
Possession is 90% of the law, defense is the other 10%
Show us, exactly, where the law says this.
LOL
http://en.wikipedia.org/wiki/P...
It's illegal to be in possession of stolen goods. This is not grade 3.
Seem to remember quite recently Russians and Kurds grabbing land that doesn't exactly belong to them. They appear to be getting away with it while the whole world sits watches the theft take place.
So, you believe if I can take it from you by force, it's mine?
There are two distinct legal worlds. Confuse them at your peril.
1. Intra-country world where rules are enforced by state having obtained more or less a monopoly on projection of violence within state borders to those who elect to disobey laws of said country.
2. Rouge lawless world of inter-country relationships where no such monopoly exists. International systems like the UN wield no real power. In this world your ability to project violence or develop a coalition of states willing to project violence very much dictates what you can or can not get away with.
To put it in even simpler terms when Ban Ki-moon pleads for the bloodshed in Gaza/Israel to stop he is asking ..nicely...... he is not ordering.
When a judge orders you to pay Palimony the judge is not asking he is ordering you to pay under threat of violence.
I liked Dr Sbaitso, talking parrots and realtime voice changing software included with various incarnations of sound blaster. It was all a lot of fun.
Yet my last memories of SB was going thru driver hell as creative was seemingly incapable of producing a driver not constantly subject to crashing and burning on multi-processor systems.
Today sound comes from motherboard to stereo receiver via optical SPDIF. Are bits pushed from sound blaster over SPDIF better in some way than bits pushed from generic audio codecs? Or is it as provably worthless as those $3000 HDMI cables?
Whatever special audio processing SB is doing in that custom ASIC of theirs is it really something a modern CPU/GPU lacks overhead to implement?
In support of sound blaster I could see driving headphones/desktop speakers directly benefit from a high quality sound card... although personally I will never be picky enough to care.
ASIO is very awesome and my mobo sucks at microphone input. Even worse line in is not isolated causing noise from computer to feedback into connected radio's and players.
If your memory could be read by doctors using a harmless mind-reading machine, that would be allowed, because it would be physical evidence, not testimony that might have been compelled.
Typical lawyer doublespeak bullshit.
same asshattery that gives
The problem that I see on the issue is that once you hand your computer to the police, it's easy, too easy for them to plant evidence.
No it's not...from a forensics standpoint it's quite difficult to plant evidence on a computer and not have timestamps completely out of sync with the rest of the system.
If you use the OS/file system this may be true especially given most file systems are journaled.
However if you were to simply write something incriminating to an unlinked heap of free space to raw disk using 'dd' then use a recovery tool to discover planted evidence there are no timestamps or any way of knowing what was done.
Rather than spreadsheet they should have shown the same website rendered on each device.
Whenever on screen keyboard is enabled in landscape mode on my phone it consumes most of the screen leaving painfully very little space remaining to view content while tying. Portrait mode is better in this regard yet often difficult to manage panning around.
I still prefer physical keyboards as they tend to take up less space than on screen when activated and those with big hands can actually use them with some degree of accuracy.
So in a way while it might look lame/stupid/odd and suck for passive dinking/gaming/watching videos I could see it being quite useful for those who spend most of their time working the keyboard and getting shit done.
The iphone is so tiny and it appears to be about the same width as the s5 ..I don't see a problem with comfortably pocketing this thing.
The final end result of mass mechanized production is that the available workers will far outnumber the available jobs, and this is the problem that communism was intended to solve.
People have been spouting this nonsense for centuries and it keeps not coming true.
Surplus labor dissipates into increasingly bushy tech trees and middle-men ultimately resulting in whole new categories of garbage on store shelves for everyone to waste their money on.
Unfortunately, communism has earned a fatally bad reputation after being misused by so many dictators during the 20th century.
No one ideology be it capitalism or communism has ever been worth a hill of beans by itself. Lack of evolutionary pressure is central reason too much communism turns everything it touches to shit.
Problems stemming from globalization, over-aggregation of wealth and instabilities in reserve labor market are real and important challenges for the world yet simply Invoking communism as solution is a cop out.
Then what is Google Fiber?
Content and Eyeball networks operate under different legal environments. For example CALEA does not apply to "information services" and serving content carries significantly different legal exposure vs. merely forwarding packets.
Google acting as an eyeball network for a chosen few has no bearing. Eyeball and content are different. In the context of parents remarks google was acting entirely as a content network.
Parent tried to use content network examples to make a point about eyeball networks which is apples/oranges.
I call BS on that. The Pirate Bay alone has 46 million peers active. Nobody short of the NSA, and maybe not even them, can monitor that much traffic.
You don't need to "monitor traffic" or collect contents. You need only collect signals of peers announcing what they have.
http://www.cs.bham.ac.uk/~tpc/...
Yeah, and building your own data center is so much cheaper than paying someone to use theirs.
You don't need a "data center" to host long tail of most websites.
I assume you must have meant to colocate a server in a data center or rent a server from one
You assume incorrectly.
and will be the ones getting the DMCA takedown in all likelyhood because the people sending those know that the data center can unplug you.
No datacenter no problem.
I work at a data center.
Hence the hammer mentality.
Google play required to use android wear. No chance in hell.
Being square was like so 60's. I want round watches which don't resemble 80's Timex wrist calculators.
A number of companies have taken to monitoring *ALL* BT traffic of consequence on a *GLOBAL* basis. They know with high degree of coverage what everyone using bit torrent is trading.
This desperately needs to change. I'm no fan of piracy yet detailed metrics are being used to justify all manner of legislative craziness affecting everyone.
I don't claim to have any good solutions the market would be likely to embrace... we all need to find one soon.
I can't fathom why any ISPs in their right mind would go along with this crap.
Acting against your customer base in this way is a good way to lose customers and ruin your brand. I can only assume not all 140 ISPs have the luxury of not having to give a shit about their customers.
Most importantly taking punitive action against someone you *suspect* of breaking the law is itself illegal. By taking matters into your own hands you open yourself up to lawsuits from effected customers. SOPA/PIPA crashing and burning means no enabling legal cover.
Finally whenever you as an ISP give in to these demands and just do whatever is asked without taking necessary time to understand law you might as well be announcing you are an easy target via front page ad on the New York times... expect to be flooded with requests accordingly.
They tried it against google for videos on youtube
Google is not an ISP.
My whole card's filled out!
Now go outside and hold it up high to claim your prize.
Host the sites yourself. CPUs and bandwidth has never been cheaper.
Massive privacy breach....e-mailed a report...containing sensitive details...e-mailed...
The problem here isn't that it was sent to the wrong account. It's that it was e-mailed AT ALL.
I don't know particulars of systems involved. From description it is plausible message was to be routed and delivered exclusively intra-domain rather than inter-domain so it would never involve SMTP to external systems not managed and controlled by Goldman.
For all I know they could have a reasonably secure internal e-mail system for communicating sensitive information WITHIN their organization.
For years politicians chiseled away at regulations and lending requirements in the name of increasing home ownership and making bankers happy while leveraging "meltdown" as cover to escape any responsibility for the environment they helped create.
Likewise telephone billing problems were created by politicians thru legal requirements mandating passing charges on to customers by default. If the law was opt-in vs opt-out none of this shit would be happening.
In the real world you can't create this kind of permissive environment full of conflicts of interest
and seriously not expect it to be abused to the hilt. What FTC is doing amounts to whack-a-mole.
I think that people are just being babies and looking for something to complain about.
Expecting people to screw with something "new" without any expectation of value in return is a foolish and childish proposition.
Markets are generally willing to accept change, even disruptive change but only where coupled to provision of additional value.