Comment Re:NSA put the bug there, of course they exploited (Score 1) 149
The bug seems quite obvious. I would expect they could be a little more clever if they were to write the bug itself. This is failure of the OpenSSL project, period.
The bug seems quite obvious. I would expect they could be a little more clever if they were to write the bug itself. This is failure of the OpenSSL project, period.
Uh, I am pretty sure they do much of this already.
I was able to make $2,000 off dogecoin in the first 24 hours, it was amazing. Talk about the right place at the right time, I don't even own a decent video card.
I agree mostly, but just wanted to note that having a unique publicly routable IP address does necessarily mean the device is open to the internet.
People here can't see the implications beyond tweeting toasters, don't mind them. The future is a scary place for those people involved in technology of the past.
Go back to your 640x480 crt
I love how you can dismiss a theory based on your preconceived notions of how terrorists must act. I am sure that they have a playbook and would never consider deviating from what it says.
You should be a detective!
"Ma'am, I am sorry but we have no reason to believe your child was kidnapped from the park. You see, we conducted a thorough investigation and did not find any hotel rooms booked under your missing daughters name."
Because SSL on Open WiFi is fool proof....
He was correct. While you are also correct, you failed to see the attack vector. If the network is not secure, your SSL may not be effective, at least not for all users.
Yes, because it is impossible to create a new address.
This is widely practiced in the US, I don't see where you are going with this. It is their network, they can do as they please. You installed the software, it's not like they hacked you and installed their CA.
I have no way of knowing, but I can imagine they disclosed it in the agreement that no one ever reads.
I think it depends on where you are from. Here in the US this is widely practiced by all sorts of places like work, school, etc.
Installing the CA's is sketchy, but the users probably didn't read the fine print. Intercepting the traffic is business as usual.
Do you know what a CA is? Once they leave the network, the school isn't able to decrypt SSL traffic.
Not you per se. I just mean that if a customer is being that much of an asshole that the employee is going to walk out on his job, he should punch the person in the face because it would make the situation better.
I tell them to turn to the study of mathematics, for it is only there that they might escape the lusts of the flesh. -- Thomas Mann, "The Magic Mountain"