Forgot your password?

Comment: Re:THIS JUST IN... (Score 2, Interesting) 145

by ls671 (#48191447) Attached to: GNU Emacs 24.4 Released Today

joe - Joe's Own Editor

              JOE is a powerful ASCII-text screen editor. It has a "mode-less" user interface which is similar to
              many user-friendly PC editors. Users of Micro-Pro's WordStar or Borland's "Turbo" languages will
              feel at home. JOE is a full featured UNIX screen-editor though, and has many features for editing
              programs and text.

              JOE also emulates several other editors. JSTAR is a close imitation of WordStar with many "JOE"
              extensions. JPICO is a close imitation of the Pine mailing system's PICO editor, but with many
              extensions and improvements. JMACS is a GNU-EMACS imitation. RJOE is a restricted version of JOE,
              which allows you to edit only the files specified on the command line.

              Although JOE is actually five different editors, it still requires only one executable, but one with
              five different names. The name of the editor with an "rc" appended gives the name of JOE's initial-
              ization file, which determines the personality of the editor.

              JOE is free software; you can distribute it and/or modify it under the terms of the GNU General Pub-
              lic License as published by the Free Software Foundation. I have no plans for turning JOE into a
              commercial or share-ware product. JOE is available over the Internet from www.source-

Comment: Re:ET Phone home (Score 1) 308

by ls671 (#48183893) Attached to: If You're Connected, Apple Collects Your Data

UPNP is disallowed on my router. It could very well be a UPNP attempt but it would just make my point about iphone devices phoning home and trying to tell apple servers that they are listening for mother ship commands on a specific port. UPNP is typically used so internal LAN devices can tell the router to listen on the router public port and redirect the packets to the device.

Not such a great idea, I just redirect ports manually if I need to run a game server or what not.

Note that I support UDP conntracking so if the iphone device was just trying to communicate with apples servers. I wouldn't see what I see and the devices could communicate freely.

In my case it looks like the device and apple servers assume it used PNP with success on the router but those packets just get dropped.

Comment: Re:Great! (Score 1) 546

by ls671 (#48136309) Attached to: Password Security: Why the Horse Battery Staple Is Not Correct

And yes, a cert is just a public key bundled with other data like signing authorities and certificate chains. You still have to keep your private key apart in order for a cert to work. Anyways, this is basic PKI. It didn't fly back then for end users so I would be puzzled if password managers did now;-) Marketing approach ?

Comment: Re:Great! (Score 1) 546

by ls671 (#48135227) Attached to: Password Security: Why the Horse Battery Staple Is Not Correct

Gitlab web interface kind of work like that. It allows you to paste multiple public keys to access git through ssh although users don't have shell access, only git access through ssh. Next step would be to reuse those keys for web based authentication.

One problem I can see is that although browsers have been supporting cert auth for years, I don't think that public key auth is supported in a standard way yet between clients and http servers.

Oh well, going with self signed certs would achieve basically the same results I guess.

With the correct tools, the whole process could be as transparent as using a password manager for end users. For some reason, we ain't there yet apparently.

Comment: Great! (Score 1) 546

by ls671 (#48134349) Attached to: Password Security: Why the Horse Battery Staple Is Not Correct

Reading TFA, this guy just reinvented public/private key infrastructure where your password manager acts as your keystore.

In any case where a so called "password manager" could be used, we would be better off using a keystore. You loose ease of logging in from different devices in either case. One needs to carry around its password/key database in both scenario or store it in a centralized database.

Comment: Re:Hoax (Score 1) 975

Of course, everything is a hoax and scientifically impossible until the day it is proven to actually work.


Most real inventions go the other direction...

Most claimed inventions ....

Most everything that is real is known to be real before it works, and most everything that is a hoax actually is a hoax.

Most people have the same reasoning has you do.

Most innovations come from people who think differently than the mass.

Most people have a resistance to change and that slows down progress. What is the hurry to call it an hoax?

I would say wait until it is proven to be a fraud before declaring the would be inventor guilty.

Don't sweat it -- it's only ones and zeros. -- P. Skelly