Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment: Re: What's wrong with a scroll wheel? (Score 1) 420

by ArsenneLupin (#48897677) Attached to: Ask Slashdot: Where Can You Get a Good 3-Button Mouse Today?

He has basically invented a scenario I've never seen anyone have trouble with.

I did take getting used to it. I remember, I had the same issue (accidental scrolling when trying to middle click) the first couple of days that I used a scroll-wheel mouse.

Ok, so for me this was only an issue while getting used to it, but I can imagine that other people might indeed have some (longer lasting...) motor skill issues with this. However, theoretically, it should be possible to configure X to ignore scroll events, solving this issue?

Comment: Re:This could be fun.... (Score 1, Informative) 164

by ArsenneLupin (#48813941) Attached to: Man Saves Wife's Sight By 3D Printing Her Tumor
Wouldn't it be easier to just bring a knife along, and turn this into a mere two step process:

1. Apply knife to throat. As our Muslim brethren have shown us, even a small knife will do. You just need to make sure he's soundly asleep...
2. Bring your new swag home, and finish the work with a spoon, then let it dry and polish

Comment: Re:I'm Charlie (Score 1) 331

by ArsenneLupin (#48791033) Attached to: Would You Rent Out Your Unused Drive Space?
You know, Muslims are feeling that their prophet is as real as your cartoon children. And the prophet didn't give consent either. Rather he gave explicit dissent. Islam has strict rules about any depiction of the prophet, whether unflattering or not.

No, anytime we criminalize possession of mere pictures, and attach disproportionate punishment to it, democracy suffers.

Comment: Re:Nope (Score 1) 331

by ArsenneLupin (#48789153) Attached to: Would You Rent Out Your Unused Drive Space?

Even if it turns out that you are not legally responsible for the content

  1. In many jurisdictions, posession is enough to make you guilty, knowing posession is not a requirement
  2. Even in those jurisdictions that only criminalize knowing posession, the judge may strike the word knowing on a whim, an book you anyways. Yes, it's a bad bad world out there, and judges don't necessarily uphold the law as written. And they get away with it. Indeed, who is going to condemn them for it? Another judge, a work colleague who they've a good chance of knowing personally... This is an area where "innocent until proven guilty" doesn't mean squat.

Comment: Re:Stupid (Score 1) 396

by ArsenneLupin (#48634549) Attached to: Google Proposes To Warn People About Non-SSL Web Sites

Huh. I didn't know that, as I only have ever done the individual verification. It's not uncommon for someone to wear many hats (i.e., to be affiliated with several organizations). It'd certainly be nice if their system allowed for a single individual account to switch between different "identities", so that one could issue certs for themselves or any number of organizations with which they're affiliated and which they've validated with StartSSL.

Indeed...

Have you suggested such an improvement to them?

Yes, of course. They wouldn't budge. Their suggestion: just use the "free" plan instead, there you can wear as many hats as you like (which I did... after this incident they never saw another cent from me). Weird way of promoting your business...

And that's another issue: they don't take any suggestions! For example: some (all?) of their automated mails are formatted as a single long line. I suggested to them that general usage is to stay below 78 characters per line. Should be easy to fix, as they probably use some kind of .txt template, where they could just insert a couple of breaks. Answer: well, at least our mails don't contain a virus (or something equally silly). Hey that's great! But it would be even nicer if the lines were shorter as well. A year afterwards, the issue was still not fixed.

Technically, yes, but policy-wise, no: Class 1 certs are not intended for commercial use.

Well, it's not commercial use, it's for several non-profits and one political party.

As you suspected, the $9 offering from PositiveSSL is for a single, non-wildcard, non-SAN certificate.

Yeah, that's the kind of certificate that you can for free from StartSSL (class 1)

NameCheap also sells Comodo PositiveSSL multi-domain certs [namecheap.com] for $30/year for up to 100 domains, which is quite a reasonable price.

Yeah, that would be reasonable. Can these domains be wildcard, or does each domain only have a single host?

Wildcard certs are also available [namecheap.com], with Comodo wildcards costing $94/year.

Interesting...

Comment: Re:Home of the brave? (Score 1) 589

by ArsenneLupin (#48623959) Attached to: Top Five Theaters Won't Show "The Interview" Sony Cancels Release
... or maybe the theater owners (and Sony) do not actually believe the threats, but instead fear that many spectators might believe those threats, and performance on opening might be very lackluster... Better cancel it all along, and do it 2 weeks later when there are (hopefully...) no new threats.

Comment: Re:Malware (Score 1) 396

by ArsenneLupin (#48623889) Attached to: Google Proposes To Warn People About Non-SSL Web Sites

I see the value of the proposal: it is easy to inject malware inside a HTTP stream.

Only when the attacker is sitting on the path from the browser to the server. Not when listening in on the side-lines.

... and sitting on the path is the exact definition of man-in-the-middle, which allows to take advantage of poor certificates. And how many people properly understand certificates?

However, with only 33% of the sites that are SSL enabled, they are just going to show warnings everywhere, and users will quickly learn to ignore them.

Exactly. And once users are trained to ignore warnings, they will ignore them too if they are about bad certificates, so nothing is gained (see above).

Comment: Re:Stupid (Score 1) 396

by ArsenneLupin (#48623873) Attached to: Google Proposes To Warn People About Non-SSL Web Sites

StartSSL offers completely free-of-cost certificates that are widely recognized by browsers to individuals and non-commercial sites. $60/year gets you an ID-verified account and the ability to offer unlimited certificates (they only charge for the validation, certificates are free). A second $60 ($120 total) gets your organization verified, again with the ability to issue unlimited certs.

And if you do pay the $60, you can only manage a single legal entity. Which means, if you are the certificate manager of some organization, you can either get certificates in the name of that organizationation (after completing the paperwork and paying the additional $60), or for your own private sites, but not for both at once. Yes, after completing the paperwork for getting certificates for your organization, you lose the right to get certificates for yourself. Crazy, but true!

Oddly enough, if you don't pay anything at all ("class 1 certificates"), you can get certificates for several associations and yourself at once. Of course, then you can't get wildcards or SAN certificates, so you are forced to use SNI (more hassle to set up, and might not work with exotic browsers).

If, for some reason, that's not satisfactory, Comodo resellers like NameCheap offer PositiveSSL certs for less than $9/year. That's less than a beer at the local bar.

Wow, a place where beer is even more expensive than here in Luxembourg! But seriously, I guess the $9/year is for plain certificates, no wildcard and non SAN? In that case it would compete with StartSSL's free offering, rather than their $60 plan. If it actually does include wildcard certificates, I would be interested in details.

SCCS, the source motel! Programs check in and never check out! -- Ken Thompson

Working...