Forgot your password?
typodupeerror
Security

Man-In-the-Middle Vulnerability For SSL and TLS 170

Posted by Soulskill
from the alphabet-soup dept.
imbaczek writes "The SSL 3.0+ and TLS 1.0+ protocols are vulnerable to a set of related attacks which allow a man-in-the-middle (MITM) operating at or below the TCP layer to inject a chosen plaintext prefix into the encrypted data stream, often without detection by either end of the connection. This is possible because an 'authentication gap' exists during the renegotiation process, at which the MitM may splice together disparate TLS connections in a completely standards-compliant way. This represents a serious security defect for many or all protocols which run on top of TLS, including HTTPS."

Comment: Re:Stupid license. No thanks. (Score 1) 419

by TMacPhail (#29120365) Attached to: Behind Menuet, an OS Written Entirely In Assembly

The prohibition has no effect on being able to verify the claim. If you were allowed to disassemble, what would you expect to get out of that? Assembly. You will always get assembly from a disassembler so doing that neither proves nor disproves anything. You would need the original assembly source to compare against. And if you had that, you may as well simply examine it to see that it is all assembly and assemble it to verify that it works.

Having the 32 bit sources available is enough for me to believe their claims about the 64 bit sources also being entirely assembly. Their decision to license 64 bit differently from 32 is a different question altogether though.

Comment: Re:Depressing, but not uncommon (Score 1) 1251

by TMacPhail (#28944607) Attached to: Student Sues University Because She's Unemployable

100 is the average of the population as a whole. But if you consider any subset of that population, ie. university/college graduates, the average of that subset may be significantly different from the average of the entire population.

That said, I find the claim that US college grads have an average IQ of 95 to be very unlikely. That would be saying that college grads are less intelligent than the general population.

The Internet

Wikimedia Simplifies By Moving To Ubuntu 215

Posted by kdawson
from the all-eggs-one-basket dept.
David Gerard writes "Wikimedia, the organization that runs Wikipedia and associated sites, has moved its server infrastructure entirely to Ubuntu 8.04 from a hodge-podge of Ubuntu, Red Hat, and various Fedora versions. 400 servers were involved and the project has been going on for 2 years. (There's also a small amount of OpenSolaris on the backend. All open source!)"
Space

One of the Coolest Places In the Universe 338

Posted by timothy
from the you'll-need-thicker-gloves dept.
phantomflanflinger writes "The Cern Laboratory, home of the Large Hadron Collider, is fast becoming one of the coolest places in the Universe. According to news.bbc.co.uk, the Large Hadron Collider is entering the final stages of being lowered to a temperature of 1.9 Kelvin (-271C; -456F) — colder than deep space. The LHC aims to re-create the conditions just after the Big Bang and continue the search for the Higgs boson."

Comment: Re:In the US no one wants to buy light cars (Score 1) 1320

by TMacPhail (#23729819) Attached to: Efficiency? Think Racing Cars, Not Hybrids

I'm a cyclist and admitedly bend the traffic laws a bit. Less than some, more than others perhaps. I'm not going to attempt to justify doing that. However, on the whole, I believe that I have a better awareness of the traffic around me than drivers do. Knowing that I'm in a vulnerable position relative to those in the cars is incentive to pay attention.

Just the other day I was approaching an intersection in which I had the right of way (no stop sign) and saw a vehicle slow down, the driver looked the other direction, and then continued through his stop sign without looking my direction. I slammed on my brakes and we nearly hit in the intersection. I was travelling downhill roughly at the speed limit and would still look at each intersection I passed to check for bad drivers. I think that would be an uncommon thing for drivers to do.

Communications

+ - Canadian Class-action Cellphone Suit Is Approved-> 2

Submitted by BeanBunny
BeanBunny (936648) writes "A Saskatchewan, Canada court has ruled that a $12 billion class-action suit can proceed. The suit alleges that "system access fees" that the cellphone companies have charged ($7-9 per month) are unfair and constitute price gouging. From the article: "It is described as the largest class-action in Canadian history, potentially affecting every cellphone user in the country. Currently, there are 7,500 complainants signed onto the suit.""
Link to Original Source

"Whoever undertakes to set himself up as a judge of Truth and Knowledge is shipwrecked by the laughter of the gods." -- Albert Einstein

Working...