* Posts by HaroldR

4 posts • joined 17 Nov 2010

Superfish: Lenovo? More like Lolnono – until they get real on privacy

HaroldR
Flame

Self-signed certificates are the root of this insanity

The root of the problem is that the whole SSL Certificate Authority system is rotten to the core. A self-signed certificate is worth precisely nothing. "Believe me when I say who I am," yeah right! Users have become conditioned by lazy and/or cheap sites to just click through meaningless (to them) SSL CA warnings to get to their content. Comodo exploited this huge loophole to create a parental content filtering tool that also worked with SSL-encrypted content. A laudable goal with a horrendous side-effect that Superfish and Lenovo handily exploited. BTW, uninstalling Superfish doesn't uninstall the self-signed certificate. The Man-In-The-Middle is still lurking in your PC, inviting criminals in to steal your data. Secure http and the little padlock are helpless to stop him.

1
0

Preserve the concinnity of English, caterwauls American university

HaroldR

Re: Past "tence?"

Obviously the plural of "tennie", a common abbreviation for "tennis shoe"

0
0

OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts

HaroldR

The problem is testing, not coding

A static code analyzer would have found this problem easily. The real problem is TESTING, not coding. Commercial vendors can afford high quality software testing tools. Open source developers usually don't have these resources, so they're reduced to error-prone manual code review. Good software ain't cheap. Open source software is worth every penny you pay for it.

0
0

Calxeda gears up for server ARM race

HaroldR

Tilera's architecture isn't MIPS-based

Just a minor correction. Tilera's 64-core system-on-chip design isn't based on the MIPS architecture, it's their own. It has a VLIW 3-pipeline instruction set with DSP-like extensions. It comes with a gcc-based toolchain, and a port of SMP Linux supported by kernel 2.6.36.

0
0

Forums