Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment: Re:So what will happen in practice? (Score 1) 687 687

Having the private key and sniffing is (simetimes!) insufficient for breaking TLS. The concept is "perfect forward secrecy."

I wouldn't say that, "SSL isn't all that secure when someone has complete control over your traffic." An adversary with control over your trust store is a problem, particularly because all of the CAs in your trust store can issue certs for any domain.

Comment: Re:Easily Fixed! (There's a business idea in this. (Score 1) 98 98

I don't think such a thing would be popular. Most people don't care, but those few that do would find it easier to use a service with a better privacy policy. Perhaps Bing or Yahoo! could profit from the backlash in the unlikely event that one should materialize.

Comment: It's a GUIDE (Score 2, Informative) 450 450

"Working in partnership with Microsoft and elements of the Department of Defense, NSA leveraged our unique expertise and operational knowledge of system threats and vulnerabilities to enhance Microsoft's operating system security guide without constraining the user to perform their everyday tasks, whether those tasks are being performed in the public or private sector,"

DISA and the NSA produce guides.

http://iase.disa.mil/stigs/stig/index.html
http://www.nsa.gov/ia/guidance/security_configuration_guides/index.shtml

They're patting one another on the back because they worked on the guide before Windows 7 was released.

Comment: Windows Steady State (Score 3, Informative) 695 695

Here is a real answer:

http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx

This is software from Microsoft which helps prevent unpriveleged users from altering your computer in any way. Install this, enable the guest account, and switch users when people ask to borrow your machine. You'll need a password on your account, of course.

Comment: Re:Let's be civil and reasonable in disagreement. (Score 1) 140 140

I don't think nutter is a particularly harsh term. Have you heard him sing?

Java is not a trap. Never was. Something like Java could have contributed to a world in which Linux on the desktop might have been more useful to more people. Java pre-installs on Windows fizzled because of legal issues, and on Linux fizzled because of unfounded fears.

Now the only de-facto universal platform is web+flash. Stallman will tell you that's a trap too.

He who steps on others to reach the top has good balance.

Working...