Posts by PyLETS

Re: Bank Vault locks - cardboard doors

"The problem is that those who hold the high value secrets might know this but their bosses have a timeline of the next prime ministers questions."

This is probably why those in the know seem unlikely to want to include politicians within their inner circle.

What's wrong with https://8.8.8.8/

I don't think CA's trusted by any browser currently issue certificates per IP address. I'd also guess it would be insecure for them to do so unless they only issued these for addresses known to be static for the future lifetime of the certificate anyway, and I guess also that the PTR reverse mapping pointed back to a domain which also participates in the same ownership establishment protocol. Could possibly be done in the IN-ADDR.ARPA domain using DNSSEC.

@Androgynous Cupboard - Re: Pot calls Kettle black

"That we should hold Wikipedia to a lower standard because many of the pages are wrong?"

Not at all. Wikipedia consistently achieves a very high standard in relation to the articles most people read, just as the Linux kernel achieves a much higher standard than proprietary alternatives in connection with the code paths most people use. There are still plenty of zero day vulnerability bugs in Linux device drivers hardly anyone ever uses or checks the source code of. If I find an error in Wikipedia I correct it, and if I find a bug in Linux I report it to the appropriate maintainer.

Re: Isn't it about time...

"national CAs were only authorized to sign certificates for their own national TLD" . That's called DNSSEC. See also RFC7671, otherwise known as DNS Authentication of Named Entities (DANE).

"People who pay more than than an average yearly income for a bottle of rotten grain DESERVE to get cheated!!!"

It's the emperor's clothing - the oldest scam in the book. And the psychology is all to do with the presentation. Once the mark who is parting with the cash has been sufficiently flattered, their vanity will override their sense of taste anyway. And frankly I don't see anyone parting with that much cash for a blend of organic substances and residues preserved in spirits aged beyond where it can still have very much flavour wanting to waste a drop by putting it into a reagent testing machine anyway. Yes it's true - all beverages will lose their flavour if aged beyond what's best for them, which in the case of fine whisky can be up to 20 years.

Change the distro ?

Given the modularity of different Linux desktop flavours and different Linux distros, this particular choice no longer needs to be conflated. I thought the underlying package management systems had pretty much fixed that problem years ago. You choose a distribution for its package management style and the package repositories and their management nowadays - not the desktop flavour.

Re: Property is theft

@Doctor Syntax: If I make or grow something by my own efforts you should be entitled to it for free because somehow I've stolen it from you?"

No form of property is absolute. It always confers _limited_ legal monopoly rights and can come with reciprocal social obligations. This is because the law which enforces legitimate property rights is a balance of public interest exercised at cost to the public through the expense of the taxpayer funded legislature and court systems. There used to be only one informed side to this discussion concerning copyright: i.e. your side, because that's the only side the man who bought ink by the barrel considered fit to print. That's no longer the case.

There is a wider public interest in the creation of new intellectual property. But no-one is incentivised to create original new work based on speculation of what they might earn 20 or more years after it's published. Those so engaged have better incentive if they are not going to be contested by every stale idea or meme from the past which someone else may have thought of generations before and which new creative work can't avoid accidentally infringing upon, or legitimate reference to. The public benefits from new copyright being established to the extent outdated copyright enters the public domain, but not when copyright durations are extended beyond their original legitimate purpose by one sided terms of discussion and political lobbying.

If you ever purchase a plot of land, you'll find your rights are also limited. You probably won't be allowed to turn a domestic dwelling into an industrial unit by planning restrictions. You'll have to pay taxes to the local authority. You won't be able to stop aircraft overflying, or miners from undermining. Your house and land ownership is defended by the public purse, to the extent it's in the public interest that you enjoy your ownership for the purpose for which the wider public intended, through planning and other environmental regulations and the local taxation due.

Re: Why?

Squirrelmail has been around for years, and trouble free in my case, and this vulnerability doesn't affect me as I use SMTP/IMAP as the front/back ends for it. As with others, I try to keep personal and family communications away from corporate data mining and branding. I've heard of Roundcube, but as I've been successful with Squirrelmail/Postfix/Mailman and others, which have been relatively straightforward to setup , configure and maintain compared to Sendmail which I used in the past. So I've had no reason to try Roundcube as Squirrelmail just works. Can you provide one ? It's Dovecote and trying to get proper email clients working sensibly on all sorts of tablet/phone platforms that have me tearing my hair out, so maintaining webmail for this kind of application (other than on proper desktops which have proper email clients) makes more sense as I only need to do it once for many client platforms.

An IPV6 address that's really hard to remember.

How many IPV4 addresses (or phone numbers for that matter) do you remember ? That's what DNS was invented for - so you don't have to remember IP addresses.

Re: Shurely...

Screwtops are much less useful after their first use than ones you pull corks out of which take new standard sized corks with standard tools readily available to the home brewer.

Re: Doesn't a proxy defeat the purpose?

No particular reasons not to run the proxy on the same host for low traffic multiple domain name sites, allowing more modular webserver configuration. Then no part of the link between the proxy and the back end web server becomes any less secure than the host OS. In most cases the threat model being defended against with HTTPS in preference to HTTP isn't likely to concern the link between the proxy host and the backend host if these are running on different hardware within the same secured LAN anyway.

Welcome our cheese bearing overlords ?

Only when their gouda is very well matured. The young stuff is too rubbery.

Re: I've figured it out...

If it's all a simulation we're living in, then presumably there is no need to simulate what exists at a distance from observation to a finer resolution than it can be observed. Perhaps an experiment for this will detect pixellation (or a coarser quantum grain) of more distant galaxies than closer ones. You may laugh at this idea, but setting up experiments to detect or disprove it is similar to the problem of writing a program to detect that it's running inside a virtual machine setup as a honeypot. If the honeypot is clever enough, it will know about all means of testing it's nature. This fails in the real world when the abilities of the test program outrun the capabilities of the defensive one.

Cheaper storage than pushing water uphill

P2G (Power to Gas) will almost certainly become a much cheaper form of storage, though won't ever be as efficient as pumped storage. Given spot price ratios between expensive electricity at more than 2.0, the efficiency loss inherent in P2G at a say 50% efficiency ratio doesn't matter very much, though best available designs look closer to 70%. The problem with the pumped storage is that the cost gets higher once the best sites have been developed, while the cost of P2G, like that of wind electricity, will improve with scale.

Interestingly, the best places to locate P2G plants are more likely to be adjacent to biomass renewable electricity generators than wind generators, due to the continuous availablity of electricity and renewable CO2 feedstock at the same location.

https://en.wikipedia.org/wiki/Power_to_gas

Re: How new is this idea?

"Every typical modern computer is connected to the Internet. Plenty of randomness available, including web services that will return supposedly good random data. e.g. random.org"

That makes securing the connection between your source of randomness and your use of it in passwords and key materials a whole lot more complex and difficult than it already was. In the sixties IBM consultants told mainframe managers to generate master passwords using dice in a closed office, as this was the one thing they had full control over and could restrict external observation of.

Re: UnUnified

" I am fully aware that I could install Mate on vanilla Ubuntu or any other spin off, I just don't like having to go to that much effort immediately after install to get to a GUI I feel is usable."

While it's true that a simple package install from a fully configured desktop gives you a new desktop manager option on the login screen, you could also simply download and install from a choice of Xubuntu, Lubuntu, Kubuntu images etc. to get a fully working XFCE or LXDE etc. desktop by installing one of these images from scratch.