Posts by Tomato42

Re: @skelband

thing is, no other government spends even a tenth as much money on spies as the US does

also, very few governments are as jingoistic as the US one (it's a single developed country like that) and as such are more interested in spying on their own citizens and foreign diplomats, not the whole world and the dog

I can at least pretend that I can do something about it in my own country, I can do jack shit about what the US does

finally, a defence in form "but he's also been hitting me" is applicable in a sandbox, when you're a 6 years old, not a nation aspiring to the label of "superpower"

Re: This is does not compute

if you had severe latex allergy you'd be singing to a different tune

Re: Password [algorithim] strength

Putty is almost certainly not vulnerable - the bug is a feature that was implemented just on client side and never implemented on server side - dead code essentially. There was no reason for PuTTY to ever implement it.

It is also mentioned in RFC 2246, but who cares!

TLS is pixie dust that you just sprinkle over your servers and magically everything becomes secure. /s

@BinkyTheMagicPaperclip: not to mention that the depreciation of SHA-1 impacts only Windows XP SP2 and older. Windows XP SP3 is just fine. So that's the problem not to people that run old software. It's a problem for people that run old software and never updated it.

Kill SHA-1, lets show that the industry can learn from its mistakes.

"If you don't want features and use CVS in 21st century, just run OpenBSD and have done with it."

TFTFY

Re: end users still tend to get the software handed to them in one fat bundle

@sabroni: yes, but users also expect to be able to change spark plugs and exhaust if it breaks in any garage, and not be required to buy a new car from the same manufacturer to make their trailer still be useful.

I suggest looking up video game Broforce - it's basically US foreign policy simulator

Re: Why are these systems even on the internet?

@phil dude: ask Iran how their airgapped systems are working

by making the network larger you're only making it easier to find the idiot that sticks a pendrive he found on the street into the work computer and infects the whole network

browsers should show a big fat warning when accessing a site over HTTP, irrespective of cause

chopper icon because we all know they listen

Re: re: Are you listening Window's users?

if they key is derived from current time and the cipher is used in ECB mode, not even AES-256 will make it unbreakable

Re: Eh?

Canadians, it's up to you. Please, don't fuck it up!

Re: Transparency

Stealthy Dopant-Level Hardware Trojans

http://sharps.org/wp-content/uploads/BECKER-CHES.pdf

that's all

Re: "Maybe that is scientifically and mathematically not possible."

and crooks would still encrypt the copy-for-the-man of the current communication key using bad key and no one could stop them (or even test if they did it)

Re: Maybe time to move distro

>Your job as an IT Professional is to help the customer,

> sure, and that means to avoid proprietary BS.

and which part of the announcement exactly says that you won't be able to run Red Hat Enterprise Linux on anything but Azure?

Re: Re:

That's because Skype for Business and Skype have nothing to do with each other, except the name.

Skype for Business is just Lync server while Skype is the old pre-acquisition Skype

and Americans have completely different ideas about human rights (privacy especially) and rights of corporations than continental Europe

Re: Supporting legacy clients, customers, colleagues

Protip: Windows XP SP2 is out of support for years now. (even XP SP3 does support SHA256) They are not secure, and them unable to connect to www sites is least of a problem. We also shouldn't compromise security of the whole internet for few slackers.

Re: Hard coded primes?

most cryptographers say that DH and RSA key sizes are equivalent. So if 1024 bit RSA is breakable, 1024 bit DH is breakable.

You can't get 1024 bit RSA keys signed for a reason.

Re: Is it a FOSS development leader requirement?

And that's what makes him "full of crap."

https://lwn.net/Articles/658231/

Linus does his outbursts to people he knows, Theo does that to everybody.

Re: Time for MSFT to step-in

you may be trolling, but actually I'd see Microsoft takover in a better light than LogMeIn one

Re: so...

Windows vulns are not as common as nobody cares about it

Re: As an American

Sure, Americans are people, and as with any large number of people there are both the worst scum and angels in the list.

Problem is, that https://en.wikipedia.org/wiki/American_exceptionalism is a thing. And it results in exactly the stuff we see: citizens of other developed, western democracies (Italy) getting kidnapped, ah, sorry "extraordinarily renditioned"; US drones killing innocents just by association in half of middle-east; and US as a country simply being a dick to everybody else (see the article in question, Ireland/Microsoft data request and the Kim Dotcom saga for fresh examples).

I'm not happy with what US does, and I don't even live in a country with US drones flying over my head. Guess what people that live there feel about it. But of course people hate America "For our freedoms!"...

Re: Level Playing Field

and so, we shouldn't speak up when people exploit other people?

Boo, hoo, poor plods need to do some leg work.

See me crying a river... not

Re: DAT EXCEPTIONALISM!

https://en.wikipedia.org/wiki/List_of_treaties_unsigned_or_unratified_by_the_United_States

that's all

few excerpts:

Convention on Consent to Marriage, Minimum Age for Marriage and Registration of Marriages

Convention on the Non-Applicability of Statutory Limitations to War Crimes and Crimes Against Humanity

Convention on the Rights of the Child

icon because the above

Re: I have had exactly this.

you were buying a computer and pretending to yourself you were buying "just a TV"

lack of updateability would have been obvious otherwise

Re: Good luck, with some devices embedded management servers...

just use stunnel to proxy connections to it

and start complaining to manufacturers that their firmware is shit

Re: Hmmm

worst part is that it's an inkjet, so the cartridges will cost more than their weight in gold

Re: The historical irony of two major obssesions and the law of unintended consequences.

It's a common theme in CIA activities.

See "where do cocaine drug lords get guns from?", "who put Saddam Hussein into power?" and "who trained Osama Bin'Laden"

they really are insane, they keep doing the same thing over and over and expect different results