Forgot your password?
typodupeerror

Comment: Re:Appre (Score 1) 138

by Phroggy (#47520429) Attached to: VP Biden Briefs US Governors On H-1B Visas, IT, and Coding

"Highly skilled" does not necessarily mean "highly in demand". Given that there are highly skilled Americans that can't find work, yes I will argue they're bad for America.

This hasn't been my experience. It's hard to find qualified people - they've all got decent jobs already. It's the unskilled workers that are struggling with unemployment (and underemployment).

Comment: On fundamentalists (Score 1) 11

by insanecarbonbasedlif (#47508967) Attached to: Chronicle: New girl on the block oddity.

There are all different flavors of fundamentalists, and while many hold to "conservative dress" as a doctrine, it's definitely not universal. The same goes for the idea of not associating with "non-believers" (bucket group, everyone that does not adhere to the set of beliefs the particular brand of fundamentalism says are required for salvation), some preach that, while others will explicitly preach evangelical immersion (go meet "non-believers" and make them want to convert by being the best friend ever!).

Always nice to hear that social mores around what "racial" couplings are allowed are loosening.

Comment: Re:New SSL root certificate authority (Score 1) 129

by Sloppy (#47508375) Attached to: Snowden Seeks To Develop Anti-Surveillance Technologies

Thanks for the insult. It hardly stung.

Unless you worked at Netscape in the mid-1990s, no insult was intended.

All I meant is that by the very early 1990s, we (and by "we" I mean people smarter than me; I was clueless at the time) had a pretty good idea that CAs wouldn't work well outside of real power hierarchies (e.g. corporate intranets). But then a few years later the web browser people came along and adopted X.509's crap, blowing off the more recent PKI improvements, in spite of the fact that it looked like it wouldn't work well for situations like the WWW.

Unsurprisingly, it didn't work well. Organizing certificate trust differently than how real people handle trust, 1) allows bad CAs to do real damage, and 2) undermines peoples' confidence in the system.

A very nice way of saying this, is that in hindsight, the predicted problems are turning out to be more important than we thought most people would care about. ;-) It's almost as though now (no fair! you changed the requirements!!) people want SSL to be secure.

Keeping the same organization but with new faceless unaccountable trust-em-completely-or-not-at-all root CAs won't fix the problem. Having "root CAs" is the problem, and PRZ solved it, over 20 years ago.

I expect you to start the project shortly.

It's a little late to start, but I do happen to still be running an awful lot of applications (web browser being the most important one) which aren't using it yet.

Comment: Re:Secure pairing is hard (Score 1) 131

by Sloppy (#47507817) Attached to: The "Rickmote Controller" Can Hijack Any Google Chromecast

How does Diffie-Hellman key exchange provide identification of the other party? .. It is not possible to determine who the other party is

It's possible. It requires an extra piece beyond the DH, but that extra piece isn't PKI. The user is the trusted introducer. The user looks around and says "Yep, these are the only two devices physically here that I have ordered to peer, right now." They are identified by being in the right place at the right time, triggered by the user saying "Now." That's a pretty good way to do things unless you're just totally surrounded by spies.

Comment: Re:aaargh! pinheads in the IT. (Score 1) 229

by jawtheshark (#47506759) Attached to: Verizon Boosts FiOS Uploads To Match Downloads
Why would you think that? I use it here for internal web apps, I don't care about their youporn visits and I don't want that on my network. So, if they're at home, let them connect to the VPN, access the internal apps and do their work and wank on the side using their own Internet connection.

You have mail.

Working...