Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Comment Re:Test your site with this (Score 3, Insightful) 54

The SSL Labs are a fantastic reference.

Turns out when I was using their guides and aiming for an A+ rating in October (not long after I took over the current post) I accidentally mitigated TLS POODLE before it even became publicly known. So.. whoops? Better not follow the best practices guides next time, better just patch the vulnerabilities as they come ;)

Comment Re:You'll get a princess if you raise a princess (Score 4, Insightful) 584

Ahh shit man. My daughter calls herself a princess. She can also put up shelves, throw a ball, and is top of her grade in the martial arts she elected to do (although this is probably because she saw me head off to do them, so my bad there yes?). We have always spoken to her like she is a human being, and part of our family - and you know what? She's pretty damned independent and capable. You can call her princess without applying the don't do anything to them. Also, fuck it. If she wants to find a prince and marry the man, why the fuck would I stop her.

I don't know why we can't just let kids be kids. If a boy wants to call himself princess, nothing wrong with that, but as soon as a girl calls herself princess we're all up in arms.

Comment Re:Evolution (Score 5, Insightful) 178

Reads like bullshit anyway. Something went wrong, he throws up the "it wasn't me it must be those evil hackers" defence rather than accepting the blame for putting his device together poorly or letting it go out of range. There would be no way of knowing for sure if another device took control during the incident (because who would build that in to a home made UAV), so he *may* be telling the truth, but if it happened twice in one day either someone is out there deliberately hashing the channels to mess with everybody, or he just went out of range/did something wrong/etc.

Comment Re:sneaky but..... (Score 1) 417

Not me, no. I mixed two threads into one comment.

One of the states particularly in my mind intercepts SSL, ostensibly purely for DPI/content Filtering. Knowing their internal structure moderately well, I'd say this is about all their capable of - using McAfee's gateway to do it. A large number of private schools do it, particularly the more wealthy ones, and I've even seen it in a few government departments.

The other comment was more of a fall-over from my days as an exchange admin. Controlling the EXSRV means I can, if I choose, attach a mailbox anywhere I please. Got better things to do than read peoples email though..

Comment Re:sneaky but..... (Score 5, Informative) 417

The entire department of education out here (.AU) installs a root CA with the express purpose of intercepting HTTPS to "protect the children". There are secondary certs installed at every school so that 802.1x doesn't crap out when you try to sign in (in point of fact, pretty sure windows installs the profile by default when you bind a machine).

There is the potential for creepy, but pretty sure 99% of the techs at schools aren't actually smart enough to intercept traffic. Being one of the 1% who can (actually not a school tech, a consultant, but anyway) I can say in all honesty that there is better porn available for free on the Internet. I'm only going to look if you kick up a fuss about my ability to look ;)

Comment Re:Not freeloaders (Score 1, Informative) 120

The ability for pretty much anybody to learn Excel, to interface it with a database (with, admittedly, a little help from their local friendly IT guy), to build An entire damned RPG inside a spreadsheet is a pretty good case for defining the most popular, user extensible, spreadsheeting application on the market as Microsoft's Excel. There are a number of reasons Microsoft is big in corporate - Excel is right up there with Active Directory and the OS GUI.

Comment Re:It depends on your environment. (Score 1) 159

There are two options available to you - 1. Apple's caching server works perfectly (so long as your external IP doesn't change and everyone is on iOS 7 and Mountain Lion or Mavericks) - you download once (on demand rather than syncing the whole repo "WSUS" style) and distribute to many. This saves heaps of space without screwing with the end user, and it doesn't need to be managed via GP or anything like that. 2. SCCM on demand packages. Not an SCCM guy, but if you can replicate the caching server from Apple in SCCM, you're on the way.

Neither of these options gives a flying crap about HTTPS or Authentication.

The world is coming to an end--save your buffers!

Working...