* Posts by LDS

1745 posts • joined 28 Feb 2010

Hey, Microsoft, we can call Windows 10 apps anything we like – you're NOT OUR REAL MOM

LDS
Silver badge

Re: Its only UNIVERSAL if it runs on ALL Devices.

When "HTML" apps will get rid of the concept of "page", "previous page", "next page" they will get the right to be called "applications" or "programs". Until then they are just a bunch of document definition tags and scripts cobbled together to try to do something useful.

5
0
LDS
Silver badge

Re: The Win 32 API has huge significance.

Sadly, many of those "flaws" are exactly what makes Windows applications usable. The clipboard needs to be shared, or how do you exchange data across applications?

Sending messages and input to different processes is subject to User Interface Privilege Isolation since Vista.

Processes that "syntehtize" keyboard and mouse inputs are useful 1) to assist people with disabilities 2) virtual keyboards 3) automated testing applications (even X has support for that). Anyway you need the proper rights to achieve it.

Desktops *are* "securable objects" (see https://msdn.microsoft.com/en-us/library/windows/desktop/aa379557(v=vs.85).aspx) just most application would stop working properly if secure desktops were used, because a lot of "Windows" developers learned coding for 3.1/95 and have no clue about Windows security. Even most password input boxes could be eliminated if developers had learned to use Windows AD and how to integrate their applications in its security model.

Raw access to the "desktop" happens in browsers as well - where injecting code you can easily overlay what you like over the "real" site - clickjacking & C, anyone? Sure, get rid of the GUI and you're much safer, restrict system to only one application running like in DOS and you're even safer...

2
0
LDS
Silver badge

Re: Self Contained Package vs Loose Files or MSI

Large programs take advantage of not being monolithic for several reasons:

1) Better distributed development/testing efforts, and code reuse among *your* applications

2) Only required modules can be sold/deployed, added/removed anytime, loaded in memory only when needed, and unloaded (i.e. to be replaced without stopping the whole application).

3) Patching doesn't require to redeploy a whole very large application

"Apps", whatever they are named, can be monolithic because right now they are often simpler, and with reduced functionalities compared to "desktop" ones. As soon as they get more complex, the need to "modularize" them will arise again.

4
0
LDS
Silver badge

Re: And it's just funny that a lot of "desktop" apps...

If you didn't notice, there's some good and powerful sever versions of Windows available... unless the last version you used was 3.1 or 95 and never cared to upgrade your knowledge in the past twenty years.

1
0
LDS
Silver badge

And it's just funny that a lot of "desktop" apps...

... are and will be "server" ones...

2
0

EXPOSED: Google, Obama caught doing it once a week

LDS
Silver badge

Re: Stupid Question

Just wait some foreign country declares illegal Google practices, and, even worse, ask Google to actually pay taxes...

2
1

Hawk like an Egyptian: Google is HOPPING MAD over fake SSL certs

LDS
Silver badge

Re: Odd?

The big issue is that the intermediate CA had no right to emit those certificates. The biggest hole in the whole PKI cert affair is that as long as selling certificates is just a business, someone will try to make more money selling certificates to anyone without proper diligence. It happened with domains, where spammers and crooks can buy them by the sackful, and will happen with certificates as more and more sites move to https.

Certificates should be like passports - guess no one in his mind would ever allow business to emit passports. But with certificates is OK, it's a business, just look to increase sales...

10
0
LDS
Silver badge

Depends on your local legislation, and your company policies of allowed uses of company equipment. Some searches could violate both. Also, using personal accounts and web mails for company material is one of the biggest security holes in many companies - and yet you can't easily disable wholly access to those account and sites.

Just, in any company where you can deploy your own CAs, there's really no need to obtain a certificate from an external one to intercept SSL traffic. Most proxies can now do it easily.

2
0

Apple boots Windows 7 out of Boot Camp

LDS
Silver badge

Looks stupid from an enterprise perspective...

... those who just migrated to 7 won't jump to 10 soon, and will skip 8. But it looks Apple is more and more consumer oriented only - just look how it's dropping professional applications like Aperture for consumer oriented ones like Photos.

17
2

Mono Magic: Photography, Breaking Bad style

LDS
Silver badge

Re: "Knowing you only have 36 exposures at a time can impose discipline."

Those backs were not so widely used - check old images of sport events or the like and tell me how many are in use. it's not difficult, they were large and bulky -, and could hold *one* hundred frames or so, not "hundreds", but very special versions made for some scientific tasks, and even more bulkier.

Anyway, at 5 fps - the average max speed but for very special versions again - , they would last 20 seconds. Motors were usually separate from the film holder, you could still use them with standard film rolls, even if at max speed they would burn one in less than eight second. But an expert photographer could load a new roll in less time some now takes to change CF card ;-)

0
0

Google and Obama: You’re too close for comfort

LDS
Silver badge

Re: What horror

Read the article correctly: Google made money helping selling fake medicines breaking the rules honest sellers have to follow, used SOPA to silence a state attorney, supported net neutrality only in ways useful to it, and ripped other sites contents menacing them to remove them from search where users would like to see them shown if they dared to complain.

Please remove your pink Google Glasses....

9
5
LDS
Silver badge

"Apple, meanwhile, is more interested in software "

Correction: Apple is interested in selling you very expensive hardware, and it has to ensure its software works only on that expensive hardware to be the differentiating factor to sell you such an hardware. Look at how Apple killed pro software like Aperture when it was clear now its consumer market is the biggest one.

Anyway you're right - Apple and MS are hardware/software companies and historically made money selling it. MS monopoly was on software and tools, and MS wanted to make money selling them. Google monopoly is about contents - and controlling contents is much more dangerous because you don't control what people use - you control what people think. That's why politicians are so tender with Google, and why a lot of people are unable to see while the Google monopoly (at least in the Western world) is much, much more dangerous than the MS one or the Apple walled garden.

6
1

Firefox, Chrome, IE, Safari EXPLOITED to OWN Mac, PCs at Pwn2Own 2015

LDS
Silver badge

Because it's much easier to exploit a single bug than to design and implement a whole, complex system bug free. What those hackers are doing is very valuable, but being able to exploit vulnerabilities requires different skills than designing and implementing sound systems.

Sure, many of the techniques they use can be also used to spot issues before deliver, but not always, and often it's the "human tool" which is not up to the task, for several reasons.

7
0

Hackers prove security still a myth on Windows PCs, bag $320,000

LDS
Silver badge

Re: Windows kernel "features"

It's not a 'legacy' feature. Graphic performance dictates it. Linux too brought more and more graphic code in the kernel for the same very reason. True Type and Open Type fonts are not just something that is parsed, is something that needs to be rendered with some complex features - antialiasing, kerning, etc. It's no longer the ugly bitmap fonts of years ago. For the matter, ask where a lot of 3D rendering happens...

0
0

Apple orders white box servers from Taiwan for data centre refresh

LDS
Silver badge

Re: Nobody cares about the logos displayed in your data centre...

That's just server varnish over OSX (which being a *BSD is not that diffcult) - bu where's the hardware? Once it made a couple of very entry level servers, but they are no longer available. Just installing some somewhat "server" OS on a computer doesn't make it a real "server", server hw is today something designed from groud up for that task.

1
0
LDS
Silver badge

Nobody cares about the logos displayed in your data centre...

... that's why Apple doesn't make servers. You can only sell overpriced items if they can be shown off.

But it's anyway a bit funny that the most brand-conscious company in the world buys unbranded items... don't get me wrong, from a financial and technical perspective may make senses, especially when you have the skill needed to build, configure and maintain less supported systems, but it's funny anyway.

1
3

Noobs can pwn world's most popular BIOSes in two minutes

LDS
Silver badge

You severly understimate the amount of x86 servers out there... and the more your server is "outsourced" somewhere else, the more someone outside your control can physically access it...

And most servers can now even upgrade the BIOS remotely from their management interfaces, for example Dell iDRAC can do it (and several other firmware also, given even PSUs have firmware today)

2
0

Health & Safety is the responsibility of Connor's long-suffering girlfriend

LDS
Silver badge

Re: H&S.

Sorry, it's not training - especially that kind of silly training, mostly designed to ensure a stream of consultants are paid for it.

It's just common sense as you said. Something even the "lowest denominator" should know in 2015 (I don't work in an environment with people just arrived from the tropical forests of New Guinea), but the appalling number of people who put themselves into troubles they should know how to avoid tells too many people are simply negligent idiots. Still an appalling number of fatalities could be avoided - even after training - if people connected the brain before using the hands.

Fatalities are decreasing more because technology improved than idiots decreased. There are far more reliable and automatic safety devices today, than forty years ago.

BTW: nothing happened in that room because *I* removed the cables... even if it was not my duty. The safety officer didn't check anything - he made training, it was enough, paper security, instead of real one.

Meanwhile, I still see most IT offices designed with lighting that violates basic health rules, but nobody cares - it's expensive to light offices properly, thereby who cares about health when it's more expensive that some silly training once every two years?

2
0
LDS
Silver badge

Re: H&S.

The issue is no amount of training will stop idiots to act like idiots. I see lot of people - many with a university degree - do very silly things like leaving plugged PC power cables on the floor, because they disconnected a PC and are too lazy to disconnect the other end of the cable too.

Once I told one of them "hey, do you know what happens in case of a flood - or even someone washig the floor??" - the answer was "this room is in the center of the building, floor and walls of concrete, it can't be flooded, don't be silly!". Some months later he discovered there was a rainwater pipe running along the ceiling.... it got blocked and flooded that room.... I didn't need safety training to know electricity + water = danger... but others - even after training - are simply too lazy and too negligent to avoid risks.

2
3
LDS
Silver badge

Re: Another option...

You don't know how many developers:

1) Don't know about profilers and other analysis tools

2) If they know they exist, never tried to use one - even if free (or purchased).

3) If they tried to use one, they found it requires learning. Too much learning.

4) printf() and syslog() calls are easier to use - that what was taught at programming 101, and many never went beyond. Or they learn to code when profilers & C. were a new and very expensive tools, and never bothered to upgrade their skills later.

It's exactly like safety risks - too many are too lazy and too used to risky practices to avoid them. Until it's too late...

1
0

Microsoft RE-BORKS Windows 7 patch after reboot loop horror

LDS
Silver badge

Re: Wailing and gnashing of some teeth

Me too, but a patch should not cause trouble to *any* user - but it wold be interesting to understand why a patch designed to add a new hash is able to create boot troubles.

16
0

Ban Minecraft? That's jive, Turkey!

LDS
Silver badge

Re: Huh?

Exactly. *WAS*. Before the neosultan Edogan reached power...

4
0
LDS
Silver badge
Joke

Change it to beat and collect women to cook for you...

.... and Turkey will accept it gladly and make it compulsory in schools.

4
1

Hackers' delight? New Apple wrist-puter gives securobods the FEAR

LDS
Silver badge

Re: Productivity

For example, your watch can display you a message along the lines "how much more time are you going to spend at the coffee machine?", or "it's fifteen minutes you're in the bathroom, any health issue?", or "it looks you've been not typing on the keyboard for the last half an hour" - while ringing the alarm in case you're asleep. Also it could check if your wereable and someone else are a little too close...

But here in Italy the DIY chain OBI is already "buzzing" wristbands for employee, if a customer needs help the wristband starts to buzz and doesn't stop until you reach the customer...

8
0

A gold MacBook with just ONE USB port? Apple, you're DRUNK

LDS
Silver badge

Re: Not a universal view

Probably you miss the moment when they need to plug their external disks holding terabytes pirated movies and music to play or exchange them.... and I don't believe the target demographic is really students. This looks like mostly as a glorified tablet, for those user with basic computing needs only but wanting a fashionable device to show off.

9
4

HAPPY 20th Birthday MICROSOFT BOB

LDS
Silver badge

Re: It looks like you're writing a letter.

Today, the forced display of XP tour is used as an example of bad UI design in MS very own interface design guidelines. Just, it looks many Windows developers never read them....

2
0
LDS
Silver badge

Microsoft didn't understand the appeal of Program Manager...

... after all every smartphone, with the exception of Windows Phone, still employs a Program Manager like interface - screens full only of icons and icons to launch applications, but the occasional gadget. You also see the same 'interface' when users litter any Windows desktop with as much icons as they can because using Start, folders and search is still too complex for them.

What MS didn't understand was the need of candy-like colorful and hi-res icons to make the candy collector user happy. He or she feels obliged to fill the screen with candies, even if they run applications he or she will never use.

No need for Bob, they should have designed Candy.

2
0

US air traffic control 'vulnerable to hackers' says watchdog

LDS
Silver badge

Re: Sigh.

The other Reg article is about hacking an airplane, and not the ATC system, but IMHO if a large airport ATC system is compromised, enough havoc can be created to put lives at risk. The likely outcome is that once controllers understand the system is not reliable, they have to switch to backup procedures, which usually can't sustain the traffic. If the hacking is performed on a larger area, even diverting planes could become difficult.

Another scenario could be hiding some smaller plane from secondary radars, or creating fake ones. Not every piece of airspace is under a primary radar beam - MH 370 shows it well.

3
0

Paul Allen hunts down sunken Japanese WWII super-battleship

LDS
Silver badge

Re: Who trained the Japanese to torpedo bomb?

Sure, but even the British feared the submarines after losing the Eagle, IIRC, and tried to keep "valuable" ships outside dangerous areas. I agree it would have been more in Italian interest to get the RN into a battle - maybe while trying to conquer Malta to clear once for all the supply routes to North Africa, while cutting Gibraltar - Alexandria routes.

For the same reason, destroying the Italian fleet would have given British forces a great advantage in North Africa, cutting the supply lines. But unlike in the Pacific, where Japan and USA put their largest ships in combat, most of the Mediterranean battles were among cruisers and destroyers. Both high commands were reluctant to engage a "definitive" battle.

0
0
LDS
Silver badge

Re: Not so vulnerable...

I did a perfect comparison between a vulnerable ship - although heavily armed, and one that wasn't. The British did a big mistake trying to match the Bismarck - a proper battleship, although with some fatal flaws as well - and the Hood, which was by design much more vulnerable. They were victims of their own propaganda.

As I said already, it would have been interesting to see the Iowa-class ships against the Yamato ones. But in the Surigao battle, the old - although some were rebuilt after being sunk at Pearl Harbor - US battleship with radar controlled fire - like the West Virginia, launched in 1921 - easily hit and destroyed the Japanese battleship before these ones were even able to obtain a firing solution. Even if your guns have a long range and heavy shells (but power doesn't depend on caliber only, as the Bismarck, again, shown), you still need to be able to get a firing solution on a moving target, and that requires some technology beyond the pure guns one. Would have the Iowa class been able to engage and hit the Yamatos before the latter could fire? Nobody will know...

2
0
LDS
Silver badge

Re: Who trained the Japanese to torpedo bomb?

Tallboys were not the bombs and average carrier bomber could lift and put on a ship far away....

1
0
LDS
Silver badge

Re: Last gasps of the battleship

Iowa-class ships were used in the First Gulf war, and IIRC one Iraqi unit on one of the islands in the Persian Gulf surrendered to the "drone" used to guide fire after being mauled by the ship fire. Also, those ships were retrofitted to launch cruise missiles, IIRC. In some ways, those ship would be useful today, suicidal terrorists attacks against those armor won't likely succeed. Long range heavy cruise missiles like the Silkworm would be a different matter, though.

Anyway, Cheney did his best to neuter the US Navy, and remove its long range weapons. Probably because it wasn't a good Halliburton customer.

1
0
LDS
Silver badge

Re: Who trained the Japanese to torpedo bomb?

The Royal Navy could have made much more damages if it had dive bombers also. Often ships torpedoed in a harbor can be made afloat and repaired - heavy bombs can do much more damage.

The Japanese fleet used both at Pearl Harbor. Anyway, Swordfish would have survived even less than the Devastator and Vindicator against the Zero...

But it's interesting to note that both the Italian and British fleet avoided at all cost a battleship battle in the Mediterranean. Both got battleship sunk while in harbor, by canvas biplanes or converted torpedoes to carry special forces...

0
0
LDS
Silver badge

Re: The guns aren't (just) for firing at other ships

Landings in the Pacific shown that even heavy artillery was often unable to create much damage to well designed bunkers. Especially at low angle, the shell could bounce and did little damage.

Those guns *were* designed to counter the enemy battleship, and caliber increased to be able to penetrate heavier and heavier protections. Usually a battleship carried different types of shells (at least two), with the heavier ones created to perforate enemy ships armors, while high explosive ones could be used for different targets. Anyway, each gun can't fire for too long. It gets hot, and also, it wears out. After a given number of shells, it needs a new interior.

The old "doctrine", was all about battleship firing at each other with heavy guns until one fleet destroyed or made the other retreat. Carries changed that doctrine.

UK tried to build cruisers with large guns for coastal bombardment in mind in WWI. They were the Courageous-class ones. So little useful they were converted into carriers.

Torpedoes could be effective (but battleship had heavy underwater protection as well) were slower, and visible on approach. Hood was not sunk by a torpedo. Some well places shell destroyed it in a while. A torpedo disabled the Bismarck, but didn't sunk it. Usually, torpedoes were much more effective against less protected targets, like cruisers, and especially carriers.

0
0
LDS
Silver badge

Not so vulnerable...

... if it took 20 bombs and 17 torpedoes to sink it. Just check what was needed to sink HMS Hood in a far shorter time.

It was clear that the disparity of firepower was so large that a single ship had no chance against waves and waves of airplanes - no matter how powerful it was. Maybe with more AA firepower and in a group protected by something alike British Dido class cruisers and destroyers with enough AA weapons, it could have been a far more difficult target to sink even without air coverage.

From a pure technical point of view, it's a "pity" the Yamato-class battleship never faced the Iowa-class ones in a pure artillery fight. If Halsey didn't fall fully in Ozawa trap, and had at least left Lee group to protect the landing, it could had happened... but maybe it would have caused even more casualties.

9
0

Broadband routers: SOHOpeless and vendors don't care

LDS
Silver badge
Joke

Re: What I Use

If Facebook *is working*, it really means your firewall is not configured properly...

13
0
LDS
Silver badge

Re: Actually, a router is a router, and "modems" no longer really exists...

Sure, even your wifi access point is modem... did you know? Why don't yo call it the "wireless modem"?

Even Ethernet signal, when it gets to the wire, needs to be "modulated" (it uses some form of PAM), because until you can't control each single electron moving through the cable you have to deal with "waves" - why don't you call your Ethernet card a "modem"? (Oh, the old Ethernet MAU....)

Even data written on your magnetic spinning hard disks needs modulation/demodulation, is your hard disk a "modem"?

Each bridge/router designed to interconnect two different network using different transport layers embedds the necessary hardware to communicate over them in the proper format - including "modem" circuitry, if necessary.

"Modem" is just a part of any devices requiring it, the part that turns one signal into another signal and back for the required underlyng medium. But from a networking point of view what you call a "modem" is actually a "media converter" - transforming one signal format into another (which may require modulation/demodulation, if the transport layer needs so).

1
7
LDS
Silver badge

Re: Advice?

Can you get Cisco updates without paying for support?

2
1
LDS
Silver badge

Re: "having a modem and a router as separate devices"

I guess you need at least two real Ethernet interfaces to run a good router/fw at a decent speed. Check Soekris boards or something alike, they are more expensive than a Pi, but are designed for such kind of tasks. You can easily build a fanless system using a CF or a small SSD disk, quiet and unobtrusive, although it can be not very cheap.

1
1
LDS
Silver badge

Re: OpenWRT?

Ok, and how much did it cost you? Something like a Soekris board or the like is more expensive than a off-the-shelf device. You have also no warranty but on the pieces themselves.

Sure, if you're a "nerd" (I'm too) you can easily assemble your router yourself, even if it costs you some money, but those companies are trying to sell lots of very cheap devices, even at larger volumes, your setup would cost more - and it's exctly the kind of hardware you find in more professional/enterprise devices.

2
1
LDS
Silver badge

Actually, a router is a router, and "modems" no longer really exists...

The very concept of "modem" is outdated. What your router does it's all every router has always did - interconnect two different networks and unserstand what packets should be routed to and from, performing transport layer translation if and when needed.

Those network can also use different physical transport technologies (and even logical), and the translation functionality is not exactly to be a "modem" - lots of router always converted Ethernet to FDDI or ATM or whatever you needed. What you call a "modem", one with a "WAN" port (ADSL, whatever) and a LAN port (Ethernet) is actually a "simple" router.

But SOHO "routers" are far more than that. They are also switches, access points, DNS servers, DHCP servers, VPN servers, firewalls, etc. etc., all with their managment interfaces. And here often lies the problem, not in the routing functionality itself.

You can easily disable amd/or not use all of the above functionalities and greatly reduce the attack surface, and move them on devices beyond the router - of course it comes at a price - complexity, noise, power consumption, etc. etc.

But what you really meant is "having a router and all other functionalies as separate devices".

2
8
LDS
Silver badge

Some of the issues are due to the bad use of open source code as well

I've found many devices built on open source code, but still using old, buggy one even when updates and fixed were available - but sometimes they use "abandoned" ones and never spent the time to change the code to use a different one.

It looks developers never mined to updated it, probably because the old "it works, don't touch it" rule is still in use. Often, the same handful of libraries are used across a wide range of devices even of different vendors, meaning a flaw will have a large impact.

1
1

FREAK show: Apple and Android SSL WIDE OPEN to snoopers

LDS
Silver badge

Re: Stuck on old Android

iOS 6 is three years old.

And someone complained - and still complains - MS stopped supporting a fourteen year old OS....

12
1

Microsoft opens kimono on Windows 10 Universal App Platform

LDS
Silver badge

Re: Does not look like a good proposition for desktop app developers

Actually, the HTML+JS+CSS model is a truly nightmare created by marketing/graphics people without a clue about program design. HTML was designed to code "pages" to be read, not applications to be run, JavaScript was glued over it because HTML was too static, and CSS was added (but of course using a third syntax) to fill HTML lack of proper formatting options outside what a browser thought a tag should have been displayed. Browser too were (and mostly still are) designed to "display" pages and "navigate" them. Sure, they can also host something resembling an applications, but they are not still designed like applications containers.

ActiveX and Java Applets (you can also add Flash, if you like...) were an attempt to have *real* application running into a browser and communicating via HTTP with a server, but with all the features of an *application* and not those of a *page* that also responds some way to some commands due to some live elements - where you can also press "back" and get back to some unknown state...

All of them ended up in issues that made them a bad choice - but just wait JavaScript becomes more and more integrate with the browser and through it to the underlying OS, and the same security issues will arise as well. As long as you have foreign code running on your machine, or it is completely sandboxed (and thereby can do almost nothing useful), or if it can access your machine, it will lead to some vulnerability.

6
0
LDS
Silver badge

Does anyone send you to Guantanamo if you don't use MS products? In some sectors Apple is as much "enforced" as MS is in others.

2
0
LDS
Silver badge

Re: Does not look like a good proposition for desktop app developers

Probably you're not old enough too :)

Actually, ActiveX predates the Internet/browser frenzy. They were designed as UI elements embeddable in any application able to host them, and driven via COM. The whole Visual Basic was designed around ActiveX - ActiveX was the natural evolution of VBX - with standard COM interfaces and not designed to be used by a single tool.

When web pages attempted to go beyond simply static contents and some CGI script, and Sun attempted to put Java applets inside your browser, MS answered supporting ActiveX controls inside Internet Explorer (which rendering engines, is in turn, it's an ActiveX itself and can be hosted by other applications...) - but actually you can host them in any ActiveX container.

Back then JavaScript was still in its infancy, and there were no ways to deliver complex GUIs in a web page. Sure, it was a portable solution, and like Java, the implementation was too much unsecure to be really useful.

Universal Applications are a totally different thing.

3
2
LDS
Silver badge

It worked so well for Apple - and only a few complained - that now MS wants its share as well. Luckily old Win apps are not yet to go away....

2
0
LDS
Silver badge

Re: MS Java?

For the matter, even the GPL tries to lock developers into its own ecosystem. After all, it's just a matter of what ecosystem you prefer...

6
3

Sick of Chrome vs Firefox? Check out these 3 NEW browsers

LDS
Silver badge

Yandex? Putin's browser?

No, thank you. Probably that's what Snowden is workin' on actually, if he wants to stay in Moscow. It's a bit dangerous to live there if Putins makes the wrong gesture in the wrong direction...

0
3

Google open-sources HTTP/2-based RPC framework

LDS
Silver badge

Re: A critique of HTTP2.

That's why also his rant about self-signed certificate management is wrong. Browsers are correct to signal a self-signed certificate as dangerous. You have no simple way (but perusing very technical details of them, and matching them against the expected ones) to ensure they're really the same self-signed certificates you expect. Performing MITM against a self-signed cert is pretty straightforward, and then you have really no security - sure, you're protected from casual eavesdropping, but just that.

I do use my one certificates for example to protect my mail server and web mail, but I actually don't use a simple self-signed cert. I use certs issued by my own CAs. This way I can check they are actually valid.

0
1

Forums