Storing authentication credentials in a retrievable form anywhere is stupid, even in memory. Kerberos has been around for decades, and it eliminates the need for a password to exist in memory as soon as it is hashed.

If Kerberos is not practical for a particular application, the same principles can be used in proprietary authentication mechanisms.

A plaintext password should never persist. Period. It is the result of a stupid decision somewhere, and we have known better for a long, long time.

Your theoretically sound system is not practical to implement. Plus, we already have a better solution.

The only problem you've clearly identified with the CA system is already addressed by certificate pinning. Your solution offers nothing of value beyond what I can accomplish with pinning---and your idea brings a whole lot of administrative overhead.

While certificate pinning does require local administration, it is significantly less burdensome than your approach. Even Microsoft supports it now, so it is not some niche security option anymore.

Certificate pinning takes ultimate trust back from the CAs yet works easily with the existing infrastructure for applications that you don't need to control as tightly. I have no idea why you are promoting a system that is more complicated and less compatible with no concrete advantages.

Yes, the lack of a theoretically sound system is a problem. Your "solution" was to disband the existing system without any sort of meaningful replacement.

We can always use PGP/PKI internally and with close associates. But we need some form of identity verification for everyone else in the world too.

The CA system is flawed---but better than nothing at all. Your "solution" returns us to having nothing for the rest of the world. I.e., it is not a solution or an improvement in any meaningful way to what we already have.

I never said that, but thanks for throwing an asinine straw man up there.

They can probably lock things down better than they did, but I don't work at Sony and I haven't seen their network diagrams so I can't really say. But the idea of air-gapping financial systems for a company of Sony's size is mind-boggling stupid.

Even something as simple as warranty work breaks down without automation. Every authorized repair depot needs some way to order parts, submit claims, and receive payment at an absolute minimum. If you air-gap the systems for that, guess what happens to time and cost of warranty repairs? And this is just one facet of the business.

So right there, you have network-accessible procurement, payment, and personally-identifiable information (customer name/address and product serial number are typically included in warranty documentation). Waving the magical air-gap wand as a security fix means nothing if it fundamentally breaks the way the business operates.

So yes, Sony probably fucked up somewhere. If they're like most businesses, there are probably multiple problems with their infrastructure. But pretending there's a simple answer is just ignorant and does absolutely nothing to advance the discussion or solve any real-world problems.

If you air gap email and financial systems, you're stepping right back into the mid-1900s. Back when it took an entire office of secretaries to process correspondence, and another office full of accountants to handle billing and ledgers. Because if those systems are disconnected, someone will have to transfer reams of data in and out of them. That is no longer feasible.

Your suggestion is so completely impractical, I wonder why you joined slashdog in the first place. You clearly have no understanding of modern IT.

And your solution only works for entities with which you have a pre-established relationship and a shared secret (in this case, your personal information).

This does not solve the general problem of identifying an entity on the internet with whom you have no shared secrets.

This suggestion is nowhere near being a replacement for existing CAs as they are currently used.

If you actually read the article, you would see that they had administrative access to the zone files. Which means they could have changed whatever they wanted. They also had access to usernames and passwords, so hopefully no one used the same credentials elsewhere.

Get back to us when you pull that off with whois.

Pretty sure he's going off what was disclosed on the "Have you ever been convicted... ?" section of the job application.

Since non-disparagement clauses are almost exclusively used in severance agreements, there is a disparity in power that makes them practically coercive. I have no problem condemning them in that context.

You seem to be confusing a few things here, though. True statements can be disparaging in nature. Google it if you're inclined to argue because it's rather cut-and-dried---and not worth arguing over.

And no, they do not have to specify what you cannot speak about. If the severance agreement prohibits disparaging statements, it's pretty much carte blanche for legal action if you say anything bad about them. They may not choose to file suit for something as simple as saying, "XYZ Company sucks!"---but they could. You're free to walk away without a severance package if you don't like their terms. Most companies are not willing to negotiate the matter with someone they are in the process of terminating.

Should you happen to disparage the company after signing a typical severance agreement, they can sue for the severance pay and possibly even the cost of benefits during the severance period (if they continued your benefits, of course). They may also be able to recoup their legal fees.

I have seen a lot of people in that situation, and a cavalier attitude never ended well. Unless the employer actually breaks a law, the asymmetry of power is simply too great.

None of that stuff has any value on a gaming PC.

Not to mention the price bump, assuming this is acquired legally.

The Standard editions of Microsoft Server are no longer economical for home use. And using a cracked OS is borderline moronic---if they can crack the activation, they can certainly insert a root kit and other goodies.

You should be able to dual boot and decide for yourself. Given the lack of security updates for Windows XP, I wouldn't touch it personally.

That stuff they patch every month usually includes at least one or two really bad things.

Stupid article. Making a mountain out of a mole hill.

How hard is it to push a certificate to your clients so they trust your proxy? How hard is it to setup a cache there? And monitoring/filtering? Not very hard.

We do this at work, and it is dead simple for halfway competent admins to implement.

What this really does is stop telecoms from monkeying with their users' traffic. By default, anyway.

Most ISPs provide Windows installers/optimizers to their users, which their users dutifully click through without understanding. So they could just install their certificates and continue business as usual---with very little effort, all things considered. They might need beefier proxies to handle encryption, but CPU time is cheaper than ever.

Doing this on 2-3 workstations will take longer than creating and linking a GPO, nevermind a change that needs to go network-wide. Granted, the GPO may take an hour or two to propagate and you could finish quite a few machines by hand in that time, but the actual admin time required to implement it is much lower.

Windows wins for enterprise. Yes, Linux is technically better at the things its developers focus on---no question there. But kernel development hasn't provided the same level of enterprise management tools that Microsoft does, nor does any free distro. Puppet and RedHat Satellite are good, but they are also paid-for extras.

You're arguing when you don't understand the basic proposition. First off, he's not "purchasing a product from Windows specifically for group policy"---that is part of the OS. Second, his primary point seems to be total cost of ownership rather whether or not certain functionality is available.

He's saying those things are more expensive to implement on Linux---either you have to buy them or pay more in labor to get them. He's not wrong.

From your own examples, OpenLDAP takes considerably more time and effort to setup.

MS Active Directory is one command, five minutes of installation, and a reboot. The defaults work---as in, nothing else to configure manually---it even opens the necessary ports in the Windows firewall. It includes the group policy functionality he indicated, and it works out of the box with every version of Windows anyone has any business running anymore. Yes, the OS license costs money, but intelligent deployment really makes this a minor per-server expense (i.e., buying Datacenter licensing with decent virtualization density).

Nagios and SCOM both cost money---it's either licensing fees for the packaged version of Nagios or labor for the source/DIY version. Puppet costs money to do for Linux what Group Policy does for Windows. The labor to sustain the Linux solutions will probably cost more even if it is as simple as SCOM/GP because MS has a huge pool of labor to support their product. I can probably find dozens of competent AD admins within a reasonable commute distance---the number of competent OpenLDAP, Nagios, and/or Puppet admins is going to be significantly lower.

Microsoft is actually very good at catering to small businesses and enterprises---this is where known costs, straightforward deployment, quick and effective configuration management, and simple sustainment are important.

This is where Apple can provide value to their customers by managing the ecosystem.

They should be more than capable of issuing refunds to anyone who was scammed, remotely nuking the app, and punishing the publisher in an appropriate manner.

If they do all of those things, it justifies some of their policies, at least for mainstream users.