El Reg reached out ...
El Reg "reached out" to Microsoft ...
In supplication, or did you mean "contacted for comment"?
10 posts • joined 14 Jun 2007
Wow, I had forgotten about the wildcard RR. So the fact that Let's Encrypt was the CA is really nothing to do with it; it could have happened to Verisign or any other CA given that the redirector for the RR was the compromised server.
There seems to be a lesson here that wildcards can be dangerous. If there was no wildcard RR then even though the server was hacked, the fake certificate would not be possible. Yes?
"the attackers compromised an unnamed web server, created their own subdomain for the server's website"
For them to create a sub-domain they would need to also compromise the authoritative name server, unless the DNS was hosted on that same web server that they rooted - which is a bad idea anyway. The DNS should be separate and independent.
That big graphic at the top of each article is annoying and demeaning. It's a waste of space and bandwidth. When you first introduced it with your other changes a few months ago I felt sure there would be a strong negative reaction and waited for it to go away - or at least reduce in size.
Now I just use Firefox "Block Images".
Hans, lift your knuckles off the ground, pick up a dictionary and learn to spell 'country', 'beetroot' and 'opinion'. The president of South Africa is Thabo Mbeki (unfortunately); I think you're confusing him with Jacob Zuma. In fact, judging from the rest of your mumble I think you're just confused, period.
Surely everyone's missing the the obvious? The crux is that Gears is a piece of software that runs inside a browser, at the browser's discretion and under the browser's supervision. The user ought to be able to look at the browser logo and think "I know I'm safe with anything running inside this".
It shouldn't matter whether Gears is a product of Google, USA or Giggle, Sidcup, the security buck should stop with the browser, which should isolate Gears' data (whether SQL DB or exe or HTML or whatever) within the browser's execution context, and cache it within a private disk area.
And what's so special about Gears when we're talking about access to local disk resources? The browser should provide a caching facility to any other app wanting to preserve state.
It all boils down to the ever increasing prominence and functionality of the browser and the net and it's encroachment into the arena formerly dominated by OS-dependent applications. Microsoft has finally cottoned on to this and is scrambling to play catch-up.
Yes, yes, yes Ian, and here's another one:
"IMAP compliments webmail..."
Unless Paul's implying IMAP praises webmail, the word is *complement*.
Incidentally, I've been running mail servers for about 8 years now and we support pop3/imap/webmail, but my biggest problem with imap/webmail is not the disk space I have to provide, it's the difficulty with load-balancing across multiple, geographically dispersed servers. Because of its "now you host it now you don't" nature, pop3's a breeze, but the synchronisation issues with the other two are a pain.
Biting the hand that feeds IT © 1998–2019