asnare - Slashdot User

Sign up for the Slashdot newsletter! OR check out the new Slashdot job board to browse remote jobs or jobs in your area

Do you develop on GitHub? You can keep using GitHub but automatically sync your GitHub releases to SourceForge quickly and easily with this tool so your projects have a backup location, and get your project in front of SourceForge's nearly 20 million monthly users. It takes less than a minute. Get new users downloading your project releases today!

2384201 comment

Comment Re:no it does. (Score 2, Insightful) 897

by asnare on Monday August 04, 2008 @10:55AM (#24466881) Attached to: Mozilla SSL Policy Considered Bad For the Web

SSL isn't meant just for encrypting pages, it's meant for verifying identity also.

As the article says. SSL does both. FF3 in particular makes the first completely unusable for no good reason. The web would unquestionably be more secure if all http servers switched to using self-signed SSL certificates in place of unencrypted connections.

And this is where you're wrong. There's no point to encryption, unless you know who you're talking to.

Anyone sophisticated enough to sniff your traffic can also hijack it without much trouble. If they can hijack it, then you don't know if you're talking to the intended recipient or a hijacker (who in turn is talking to the intended recipient). This is the definition of a man-in-the-middle (MITM) attack.

The very design of SSL and its use of certificates with a chain-of-trust assumes this. Without this assumption, Diffie-Hellman key-exchange is simpler and sufficient. None of the RSA/DSA stuff with certificates would be necessary.

94306 submission

Submission + - Chinese Cyber Attacks on DOD Networks

Submitted by

Anonymous Coward

on Saturday February 17, 2007 @08:38AM

Anonymous Coward writes: "As seen in: SANS NewsBites Vol. 9 Num. 14 The Naval Network Warfare Command says Chinese hackers are relentlessly targeting Defense Department networks with cyber attacks. The "volume, proficiency and sophistication" of the attacks supports the theory that the attacks are government supported. The "motives [of the attacks emanating from China] ... include technology theft, intelligence gathering, exfiltration, research on DOD operations and the creation of dormant presences in DOD network for future action." http://www.fcw.com/article97658-02-13-07-Web&print Layout"

94278 submission

Submission + - Scientists Expose Weak DNA in HIV

Submitted by

Ace905

on Saturday February 17, 2007 @05:24AM

Ace905 writes: "The National Institute of Allergy and Infectious Diseases announced Thursday that they had discovered a very promising, "weak spot" in the HIV Virus. The HIV virus, a progenitor to full blown "Auto-Immune Deficiency Syndrome" or AIDS has eluded all attempts at a vaccine since it was discovered sometime in the 1970's. The major problem with developing a vaccine initially was isolating the virus. Conventional viruses are often defeated with existing drugs, or after being tested against new compounds. HIV has been unique, and staggering in it's ability to resist all attempts at treatment by mutating its' own genetic code. HIV is able to resist, with great effectiveness, any drug or combination drug-therapy that is used against it.

So far, our best efforts have been slowing down progression of the disease — but the number of people infected every year is rising and victims are estimated at 1.4 Million in North American alone, last year. Discovering a chain of vulnerable DNA on the HIV virus gives researchers a very exact target that can not resist damage."

94268 submission

Submission + - Comparison of Working at the 3 Big Software Giants

Submitted by

castironwok

on Saturday February 17, 2007 @04:35AM

castironwok writes: "Finally, everything you've ever wanted to know about being an employee at Google, Microsoft, and Yahoo. Tastyresearch describes his (or her) past few years interning and working at the three companies. Things I didn't know from before: Bill Gates wears old shoes, Google's internal security watches you like a hawk, the office styles of each company, and how to fill your suitcase with Google T-shirts. He calls the few select companies the 'prestigious internship circle', noting "once you have worked at one, it's a lot easier to get into another". But what *I* really want to know now, is who has a more equal male-female ratio?"

1480085 story

Automating Future Aircraft Carriers 571

Posted by ScuttleMonkey on Monday March 27, 2006 @12:23AM from the sign-em-up-for-a-skynet-subscription dept.

Roland Piquepaille writes "Britain and France will jointly build three new huge aircraft carriers which will be delivered between 2012 and 2014. With their 60,000 tonnes, these 275-meter-long carriers will be the largest warships outside of the U.S. Navy. They're going to cost about $4 billion each, but with their reduced crews due to automation, they'll save lots of money to taxpayers during their 50 years of use. StrategyPage tells us that these ships will need at most a crew of 800 sailors instead of 2,000 for ships of that size today. At a cost of $100K per sailor per year, this represents savings of more than $6 billion. Impressive -- if it works."

Slashdot Top Deals