Forgot your password?
typodupeerror

Comment: Re:SSL? (Score 1) 89

by complete loony (#48454093) Attached to: Book Review: Bulletproof SSL and TLS

POODLE, BREACH, CRIME etc all require the attacker to control some bytes in the ssl stream in order to deduce other bytes that they shouldn't be able to see. POODLE requires the attacker to change the http url & form post body in order to force the alignment of bytes, BREACH and CRIME are gzip length attacks. Both require the attacker to control bytes in a http request in order to guess the contents of other bytes in the request that they wish to know, like a session cookie.

All of these are attacks on HTTP & SSL, not on SSL alone.

Comment: Re:My two cents... (Score 1) 516

by complete loony (#48415503) Attached to: Rooftop Solar Could Reach Price Parity In the US By 2016

In Australia we forced the utility companies to buy any solar power you sent to the grid using a separate meter, at a fairly high rate to encourage adoption.

Those higher tariffs are now over. So now we pay around 30-40c kWh (AUD, from memory) for mains, and they only pay about 5c kWh for any solar power you provide. But at least you're better off if you can use that power yourself.

Comment: Re:TWC are (surprise, surprise) crooks and thieves (Score 1) 223

by complete loony (#48381675) Attached to: Overbilled Customer Sues Time Warner Cable For False Advertising

In Australia Telstra maintain the copper line, if there's a problem you log the fault and they fix it within 2 days or they have to pay you. Unless they file a claim for a natural disaster, which can give them an extra couple days to fix it.

At the other end of the copper, your wire may be patched directly into your ISP's equipment. Though in practice I think there are only 2 or 3 companies running the DSLAM's. Smaller ISP's then lease them per line.

Comment: Re:Linux desktop never happened (Score 1) 265

by complete loony (#48358475) Attached to: Worrying Aspects of Linux Gaming

Weston has the potential to clean up the UI quirks, I hope they're headed in the right direction. It's way past time we got rid of X11, it's been holding us back for far too long. If they can't do it, I doubt anyone else will bother.

For 20-ish years windows games have been optimised for windows proprietary drivers, and vice versa. That's a lot of invested effort from both sides, that the linux eco-system hasn't had. Frankly I'm surprised at the recent rate of improvements, but linux is still a long way from parity.

Comment: Re:Not smart (Score 1) 219

Just because you can prove that there are *some* programs that can't be proven to halt, doesn't mean that there isn't a subset of programs that *can* be proven to halt.

We can build a language / compiler that rejects all programs that aren't provably correct. It might be difficult to get any useful work done, but it's not impossible.

Something like the rust programming language might be more useful in practice. You can still write completely unsafe code, while being careful to limit the impact of doing so.

Comment: Re:Does it check for MITM? (Score 1) 36

Which should highlight if the application you're using can detect the attack or not. If the software you are testing can't detect the MITM, then it's broken. If google could write a better MITM detector, then it should be implemented in the libraries used by every application. Not in a separate tool.

Comment: Re:Old saying (Score 1) 249

by complete loony (#48307009) Attached to: New Atomic Clock Reaches the Boundaries of Timekeeping

This is not a new problem, suddenly created by this clock. It already exists with our standard definition of time.

So now we'll be averaging due to relativity differences as well as precision errors.

Comment: Re:Another stupid viewpoint from slate that is (Score 1) 287

by complete loony (#48210513) Attached to: Will the Google Car Turn Out To Be the Apple Newton of Automobiles?

It's quite trivial to adapt them for robot visibility as well (perhaps even incorporating stuff like specialized radio signals).

Or blink a bright IR diode... In the short term the cars will need to learn how humans do it. In the longer term the cars may have their own information channel to augment how we currently do it.

Comment: Re:Why git? (Score 1) 245

by complete loony (#48199867) Attached to: Help ESR Stamp Out CVS and SVN In Our Lifetime

That's not what I'm talking about, and I can and have done that with git using only a single copy of the history of the repository.

I mean that I can make a whole bunch of changes to one file, then tease those changes apart into multiple patches and commit them in the order I want. And if I'm not happy with how things ended up, I can re-order or re-write those patches before I push them upstream. To do the same in a single branch with SVN, I'd have to copy the file, revert it, then manually apply each change one at a time. Hoping that I get everything right the first time.

If I want to run a suite of tests against every patch one at a time, I can script that in a couple of minutes. Or if I notice that something is broken, I can do a binary(-ish) search of everything I've done to find it.

Mastery of git makes almost any workflow possible.

Comment: Re:Why git? (Score 1) 245

by complete loony (#48192731) Attached to: Help ESR Stamp Out CVS and SVN In Our Lifetime
Every time I'm forced to use SVN or TFS, I'm annoyed by how difficult it is to work on multiple patches for multiple features at the same time. With git I can create my own local feature branches, and create as many versions of each patch series as I want, until I'm happy to push them for review. And I never feel like I'm at risk of losing any half finished work I've already completed.

Comment: Re:UNIX Philosophy (Score 1) 555

by complete loony (#48191167) Attached to: Debian's Systemd Adoption Inspires Threat of Fork

And then there's the launchd / inetd way of launching services that systemd also copies. The service config file can list a set of sockets that the service binds in order to service requests. For example Apache binds to port 80 and 443. So long as all services (including mounting filesystems...) describe *all* of their external interfaces, dependencies no longer matter at all.

The init system can bind all of the sockets that every service needs all at once, and either start the real service the first time the socket is used, or start them all at once. If one service connects to another, the first request will block until the other service is ready to handle it. Then all you have to worry about is the potential for deadlocking, which you'd have to consider anyway.

Suburbia is where the developer bulldozes out the trees, then names the streets after them. -- Bill Vaughn

Working...