Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment: Re:and everyone copied microsoft (Score 1) 251 251

Personally I think it looks more like a 1993 Apple Newton. In form and function that is, not so much in style. Got to remember it was released in 93, it wasn't possible to make tech as skinny and sleek as an ipad. The 2002 microsoft tablet has a flip screen and keyboard. In form and function it is far closer to a laptop then an ipad.

Comment: Re:public key (Score 2) 164 164

Cross referencing would be done on name and the public key's finger print, not the key itself.

Anyone can generate a public/private key, so we don't need an organization to manage (collect fees) the handing out of numbers. Or deciding who is a scientist and who deserves to get a number.

Attribution would be a nice bonus.

Comment: Re:MS and Linux (Score 2) 396 396

It just shows that Microsoft doesn't take the hard approach of FOSS fanatics but uses what suits the purpose best.

Most open source projects run on windows. Linux usually comes first, but 90% of the time there is a windows port. What % of Microsoft apps run on something other then windows? It looks to me that the "FOSS fanatics" are very good about allowing people to pick what suits them the best while Microsoft isn't.

Comment: Re:So how is Silverlight different (Score 1) 107 107

most developers want to get out of the hell produced by these kinds frameworks.

Sadly not the ones I work with. We sent a developer to asp.net training and he came back saying he was being left behind. He was talking about how silverlight was the future. The trainer brain washed him good.

Comment: Re:Pooling Opinions... (Score 0) 189 189

So I hijack the router that website is using to access the internet. I install some software on the router to return a fake cert. I see the fake cert. All of the other notaries see the fake cert. It this is popular site the notaries might notice a cert change, but if its a low volume site that the notaries never go to. We all agree the fake cert is valid. How is this more secure? Or I hack the router you use to access the internet... all of the notaries you try to talk to I redirect to me. I say every site is valid regardless if it is or not. How is this more secure?

Comment: Re:Two problems here (Score 1) 249 249

a) How do you distribute the fingerprint? The MITM controls the network access, they can give you fingerprints that matches the fake cert that they are serving up. (rewriting web pages on the fly is easy, simple search for old fingerprint, replace with fake fingerprint) You're left with "out of band communications" like the phone network or snail mail. Something the MITM can't control. I don't really want to make a phone call to make a secure web connection. b) How do you get the user to make this verification? You tell most users to verify the finger prints they will look at their own hands. SSL is sound... the problem is the implementation of SSL. We have way too mean certificate authorities. We should have no more then 5. If they screw up, ie getting hacked, issuing a cert to someone who isn't who they say they are, etc... they get massively fined and on the second offense the lose their status as a CA.

Comment: Re:Two problems here (Score 1) 249 249

1. Prevent MITM attacks. Query several notaries and make sure that they fetch and deliver the same certificate you got. OK, I'll buy this. But:

How do you know your talking to the notaries and not the MITM pretending to be the site you want and the notaries? Maybe we should have notaries to check the notaries. But then how do you prevent those notaries from... we'll do it once more and everything will be ok. If the MITM controls the router/DNS/firewall/network/proxy/etc you used to access the internet the MITM might be the only one you can talk to. You could distribute the notaries certs with the browser so that they can't be MITMed... aka SSL.

Comment: Re:Google v. Oracle - Solved (Score 5, Insightful) 229 229

C# is very portable, IF you pick your libraries right, IF you don't use any standard features that are windows centric, IF you don't call any native libraries, IF you want to wait for the advanced feature to get ported to your platforms implementation... etc. You have to do a lot of work to keep from falling into lock in. The thing about Java is, its very hard to make an app not cross platform. You have to do a lot of work to lock yourself into a platform using Java.

Why did the Roman Empire collapse? What is the Latin for office automation?

Working...