* Posts by daftdave

7 posts • joined 26 Aug 2011

To members of Pizza Hut's loyalty scheme: You really knead to stop reusing your passwords


Re: Today I learned

Both Pizza Hut and Dominos have expensive "standard" menu but also always have "offers" on.

Buying from the standard menu would be like buying a sofa from DFS when there isn't a sale on.

BTW this isn't the first time the Hut Rewards thing has a problems - recently some bright spark figured out you could build up points by placing bogus orders and not paying for them. Reminds me of Moonpig's epic security blunder where you just logged in and changed the user id in url...

Portal to 'HELL' cracks open in street – oh sorry, it's just another pothole


Well know we know...

"Mr Parker, who lives off Haxby Road, said he was visiting Nortons Heating off James Street when his car was damaged."

Mozilla, EFF, Cisco back free-as-in-FREE-BEER SSL cert authority


Re: Do I understand this?

No the green padlock appears on any https connection provided that the browser recognises the CA and everything else is OK with the certificate.

EV sites have the green padlock plus some green text with the name of the validated organisation (see mozilla.org for instance)

Just because someone is having an encrypted with you doesn't mean that you can trust them, but for years the masses have been educated into "green padlock == safety"

French gov used fake Google certificate to read its workers' traffic


Re: Why can't they use their own, internal certificates?

Sure they can use their own, Internal certificates. But, regardless of the arguments about data protection / snooping whatever: issuing a certificate in the name of Google when you have no authority to do so is plain fraud.

Website: www.google.com

Verified by: your boss.

It's a joke, and a lie.

What's worrying here is that it wasn't internal certificates, it was much worse. It was a certificate vendor who's certificates are trusted by the majority of browsers worldwide.

Nuke plants to rely on PDP-11 code UNTIL 2050!


Re: DL0: 167300 g (Air traffic control)

UK Air traffic control retired their (last) PDP11 in 2006. It is on display at the National Museum of Computing at Bletchly Park.

ICO fines council £120,000 for crypto email fail


Crypto wouldn't have helped

Alice has her e-mail client set up to send encrypted messages to Bob, and Stoke city council. She writes a message to Stoke City council, but sends it to Bob by mistake.

So her mail client, being clever, encrypts it for Bob. So, Bob can decrypt it (because Bob is allowed to decrypt mail that's been encrypted for him right?), and sees a confidential message that should have been sent to Stoke.

To put this in the context of PGP encryption. Alice would have a public key for Bob and a public key for Stoke. If she sends a message to Bob using, say, Thunderbird, then Thunderbird will select Bob's key, because it will naturally be unaware that Bob isn't the intended recipient.

Microsoft unveils file-move changes in Windows 8


Video doesn't work in Firefox...

Indeed I can confirm this, doesn't work on my Firefox 6 on 64-bit Linux.

Works with Chrome though.

Biting the hand that feeds IT © 1998–2019