Forgot your password?
typodupeerror

Comment: Re:So SSL is nothing more than an honor system? (Score 1) 88

by jandrese (#47425445) Attached to: India's National Informatics Centre Forged Google SSL Certificates
Originally it was supposed to be a cash cow for Verisign, but they screwed up and didn't assign a "trustworthiness level" to each CA so there's no reason to spend the big bucks on a Verisign cert over Joe Blow's Free Cert Shop now. Browsers treat both the same.

Comment: Re:Good news (Score 2) 74

by Maxo-Texas (#47425091) Attached to: Single European Copyright Title On the Horizon

So we really need a new name for when a company regularly avoids so much tax that it makes a profit off the tax system and another one for when it regularly pays zero taxes and shifts all of it's profits to another country while also consuming resources in the host company.

I kinda like parasiticorp for the second one.

The first is probably more "Evil scum back leeching bastards" but that seems too mild.

Comment: Re:Cry Me A River (Score 1) 537

by Marxist Hacker 42 (#47425047) Attached to: Normal Humans Effectively Excluded From Developing Software

I wish I could mod this up.

I recently learned Microsoft MVC, being an old application programmer. Once I grasped the concept, I ended up with three competing database models to the same bloody schema in SQL Server, because some controls use AJAX/Entity Framework, others JSON/SQLDataObject, still others a SQLClient loaded on page load.

I got it to work, but what a rube goldberg machine it is, complete with the maintenance headache that implies.

Comment: Re:So SSL is nothing more than an honor system? (Score 1) 88

by jandrese (#47424937) Attached to: India's National Informatics Centre Forged Google SSL Certificates
x509 is as strong as the weakest signing authority, and there are many many signing authorities now.

It's a shame that browsers have such freakouts over self signed certs, because there is really little difference between them and officially signed certs. IMHO SSH did a better job of this by simply having you inspect the certs the first time you log on to a site and storing the result, only freaking out if the cert changes. It eliminates the complex chain of trust that in the end comes down to just trusting people you don't know anyway and hoping that none of the thousands of people involved are corruptible or incompetent.

Comment: Re:Red notice (Score 3, Interesting) 71

They're not always effective; governments seem to be free to ignore these things if it appears to be politically motivated.

INTERPOL itself has no teeth. It's left to the nations themselves to decide if they care what it has to say on a case-by-case basis. It permits information sharing (etc) but does not require it. Their goal is "To ensure and promote the widest possible mutual assistance between all criminal police authorities within the limits of the laws existing in the different countries and in the spirit of the Universal Declaration of Human Rights" and not to enforce laws themselves.

Never underestimate the bandwidth of a station wagon full of tapes. -- Dr. Warren Jackson, Director, UTCS

Working...