Forgot your password?
typodupeerror

Comment: Re:RHEL is for servers not desktops (Score 1) 231

by KidSock (#42865967) Attached to: RHEL 6 No Longer Supported By Google Chrome

Last I checked a RedHat subscription was not priced for the non-corporate user.

And I have tried those "long term support" distros more than once (although not RH) and my experience was that a) nobody actually uses them so the support isn't that great (you can't find a lot of answers in forums, blogs and such) and bugs take a long time to get fixed and more likely b) they only support new hardware for a little while so they don't really work unless you buy a laptop at the same time the distro was released. As soon as the kernel is remotely dated, you can't get wireless or suspend or whatever to work properly because there's some new chip the kernel doesn't understand.

Comment: RHEL is for servers not desktops (Score 2) 231

by KidSock (#42859867) Attached to: RHEL 6 No Longer Supported By Google Chrome

I don't think I've ever installed RHEL or CentOS with X Windows. Frankly it annoys me that there are no desktop distros that are maintained for longer than a year or two. Are we really expected to reinstall Linux on a workstation ever year? That scares me because it makes me think the people who are using Linux are just screwing around and not doing real work. Anyone doing real work doesn't have time to reinstall Linux every year.

Comment: It's CNN's fault (Score 1) 2987

by KidSock (#42296559) Attached to: 27 Reported Killed In Connecticut Elementary School Shooting

Seriously. I think the media coverage of these events inspires these guys. They have to stop reciting every little detail over and over. These shooters are not just raging against something, they want to become infamous. And CNN is making these guys infamous. The media should just report some basic facts and then change the topic. Don't show video, don't show pics, don't play 911 calls and most important stop leading witnesses through each moment of the crime. The shooter's fantasy is people reciting the horror over and over on prime time TV. Please stop!

Comment: NTLMv2 is much stronger and the default as of 2008 (Score 1) 615

by KidSock (#36347418) Attached to: Cheap GPUs Rendering Strong Passwords Useless

Note that the article is referring to NTLMv1 which uses 56 bit DES and, as illustrated by the article, that is easily broken. However, the article conveniently fails to mention that as of Vista and Windows 2008, default security policy requires NTLMv2 which uses 128 bit RC4. That is a totally different crypto scheme. Despite the fact that the protocol for exchanging authentication tokens (NTLMSSP) has been around since early Windows NT days, it doesn't matter - cryptographically 128 bit RC4 is fairly secure. At least the difference between 128 bit RC4 and the 256 bit AES used by Kerberos is not the weak link (and as of today Windows domains still default to allowing 128 bit AES to be negotiated anyway).

Also, note that NTLM authentication is absolutely not obsolete. Kerberos clients require access to domain controllers. Kerberos is very sensitive about the name a client uses to authenticate with a service and it is very sensitive about DNS. It requires a lot of manipulation of principal names and key files. Time must be synchronized on all three machines involved in a Kerberos authentication. Stale tickets may need to be purged. If any of these things are not right, it can be non-trivial to track down the problem. NTLM does not have any of these issues. NTLM is much more robust than Kerberos. It's just less efficient and it lacks features like delegation. A "pass through Kerberos" mechanism is being developed to replace NTLM that would resolve some of these issues (the main one being that clients would not be required to access domain controllers), but I suspect it will still be quite a while before it actually does and it's not clear that it will solve all of the aforementioned issues anyway.

If you would know the value of money, go try to borrow some. -- Ben Franklin

Working...