Comment Re:longest...summary...EVAR (Score 1) 48
It's all done with computers now.
PATENT THAT!!!
The Most Detailed Images of Uranus' Atmosphere Ever 105
New submitter monkeyhybrid writes "The Planetary Society's Emily Lakdawalla reports on the most detailed images of Uranus ever taken. The infrared sensitivity of the ground based Keck II telescope's NIRC2 instrument enabled astronomers to see below the high level methane based atmosphere that has hampered previous observations, and with unprecedented clarity. If you ever thought Uranus was a dull blue looking sphere then look again; you could easily mistake these images for being of Jupiter!"
System Admins Should Know How To Code 298
snydeq writes "You don't need to be a programmer, but you'll solve harder problems faster if you can write your own code, writes Paul Venezia. 'The fact is, while we may know several programming languages to varying degrees, most IT ninjas aren't developers, per se. I've put in weeks and months of work on various large coding projects, but that's certainly not how I spend most of my time. Frankly, I don't think I could just write code day in and day out, but when I need to develop a tool to deal with a random problem, I dive right in. ... It's not a vocation, and it's not a clear focus of the job, but it's a substantial weapon when tackling many problems. I'm fairly certain that if all I did was write Perl, I'd go insane.'"
Comment Re:Micro-ISVs (Score 1) 141
I can't answer that right now, I don't have a tinfoil hat handy. Sorry.
Comment Re:A lot of apps use SSL (Score 1) 141
Good answer. To be fair to the parent post, the certificate authorities *do* have some work to do in cleaning their own houses. Stolen or compromised certificates do exist, and while we can revoke the ones we know about, there's the ones we don't know about, and there's the clients that don't handle revocation properly. It's not clear that the CA houses are doing their jobs well enough.
Comment Re:A lot of apps use SSL (Score 1) 141
Next time say, "I'm sorry, I'm a professional software developer, and I have to follow certain principles, same as a doctor or lawyer must follow their respective professional codes. Please contact me when your server side is properly configured and I will be able to complete the work."
Comment Re:A lot of apps use SSL (Score 1) 141
Probably no shock that it's a PHP developer:
$opts[CURLOPT_SSL_VERIFYPEER] = false;
$opts[CURLOPT_SSL_VERIFYHOST] = 2;
Comment Re:A lot of apps use SSL (Score 1) 141
That's not wrong, but it still doesn't explain to me why I, as a user, should trust both application A and site B that have agreed to trust each other with a self-signed certificate. The reason was have the CA model is to introduce a trusted third-party* that can verify for us that everything is on the up-and-up. The user should not be in the position of having to trust unknown parties.
*Yes I know the CA companies have problems. Maybe the model is so broken by nature that it doesn't matter, but it's still true that the self-signed model bypasses it.
Comment Re:A lot of apps use SSL (Score 1) 141
Defrauding unsuspecting third parties and exposing them to identity theft is still a crime, or at least a civil liability, even if you have a family. Participating in that kind of thing is unethical at best.
Comment Re:Micro-ISVs (Score 2) 141
Well said. If the company doesn't start out with enough money to purchase the things necessary, it's not doing it right. To attempt a real-world analogy, would you put your money in a bank that delayed purchasing a vault until it had enough of the customer's money to afford one?
Comment Re:I have now read the article and it is apps misu (Score 1) 141
Do they actually check or are you saying they could or should?
Comment Re:Micro-ISVs (Score 1) 141
They might be, but then who in their right mind would trust that kind of party with their money and PII? In choosing how to spend their limited cash, they forgo proper security precautions, and they want users to trust them not to misuse or misplace sensitive information?
Comment Re:A lot of apps use SSL (Score 1) 141
it does not delegate trust to some 3rd party that might screw up and cause things to have be changed, or risk compromise
Instead, the company that issues the self-signed certificate is to be trusted not to screw up? "Just take our certificate, it's fine, trust us".
If Alice and Bob trust each other, this is OK, but what if Bob is bumbling idiot? What about when Alice and Bob, who trust each other, tell Mallory to trust them to trust each other, and Carol mistakenly trusts Mallory?
Comment Re:A lot of apps use SSL (Score 1) 141
Translation: I just wanted to take the money and run. Making money, that was the important thing. Yeah, money. Did I mention I needed the money?
Comment Re:A lot of apps use SSL (Score 1) 141
Let me tell you the story about the guy who wanted to use oauth2 bearer tokens over an unsecured connection.
