Forgot your password?
typodupeerror

Comment: uh..really? (Score 1) 171

http://news.bbcimg.co.uk/media...

That Venus is not the work of Andy Warhol if I remember correctly. (Well, he might have done the HAM-fisted cut and paste of the third eye in the middle of her forehead..)

I remember seeing it on the cover of one of the Amiga magazines as the full reproduction. I realize that Warhol stole most of what he did from other artists, but surely this has to be a joke.

Comment: Re:Missing the reality of what kids do to insects (Score 1) 512

by synthesizerpatel (#45066435) Attached to: Cyborg Cockroach Sparks Ethics Debate

If I recall correctly, the Donner Party didn't undertake cannibalism because it was entertaining or educational.

And while arguments can be made against the necessity of killing animals for sustenance - there are many mechanisms that we employ to make life better on what ultimately ends up on our dinner table. (Free range whatnot, humane slaughtering, etc)

Comment: Re:Why do we trust SSL? (Score 1) 233

With regards to the question about becoming your own signing authority - it's not that difficult really from a technical standpoint. If you've ever generated a self-signed certificate you've satisfied the most basic mechanics of the operation.

The rub is getting your root certificate onto clients. A good example of this is the process that Microsoft requires - you must have infrastructure that meets certain criteria with regards to security (physical and digital), submit to third party auditing once or twice a year, etc etc. None of which is very difficult as long as you have the money and tick off all the boxes on the checklist.

However, consider for a moment that it's not just Microsoft you have to deal with, but Apple, Firefox, Opera, Chrome/Google, Android, Nokia, WaWei(sp?), etc.

There's no guarantee that an application will utilize an OS-wide keystore, and in some cases they don't - but ship their own list of 'trusted root ca' certs.

So with each vendor that provides an application or operating system you have to then convince them that you're (1) trustworthy (2) a big enough player that they should even bother. And even then, what motivation do they have to do YOU the favor of shipping your cert? There's more than likely for lack of a better term "distribution fees", (rhymes with payola) to get your cert out there into the world.

An alternative to this is that you get an intermediate CA certificate from an existing CA (which negates any security you would bring to the table being a sub-root to someone else who could just create a cert pretending to be you) - but there's very little motivation aside from providing a skeleton key to your certs as a root ca because if you're reselling certs that's less certs for them to sell anyway.. why would they dilute the market like that?)

Long story short - the SSL certificate business is essentially a money printing operation that if you want a slice of, you'd need to grease a lot of palms (some of which are probably ungreasable), spend a lot of money.

This will likely never change because there's no motivation for existing players to change it and plenty of motivation for them to keep it as is.

If you want the security of rolling your own keys and don't have the infrastructure to deploy them to clients through an installer (i.e. you're an online vendor that accepts 'walk-in' internet traffic) - you're screwed.

If you run your own network and want to provide SSL services without using any upstream providers - just make deployment of your cert part of machine imaging / bring-up / maintenance.

Comment: Just wait.. (Score 3, Insightful) 404

by synthesizerpatel (#43285953) Attached to: T-Mobile Ends Contracts and Subsidies

If they really were thinking about customers, the contract would be a no-penalty cancel-anytime-you-want contract that would lock you in for a specific price for a non-trivial amount of time.

I'm skeptical and will stick with AT&T out of laziness for a while. Prove me wrong T-Mobile and I'll switch. But even though cellular has been one-sided customer-screwing contracts since the inception of the service - contracts can actually protect _both_ parties if you do them right. No contract == No guarantee.

Comment: Are you KIDDING me? (Score -1, Flamebait) 121

by synthesizerpatel (#42788733) Attached to: Firefox and Chrome Can Talk To Each Other

Web-browsers being able to both open socket connections to arbitrary remote end-points, and be listening / processing data for incoming connections?

Worst idea ever. If anything ends up being responsible for destroying the internet - this is it. It's just going to be a giant mesh of infected browsers constantly doing battle, like the dust-clouds of dead nanites from the Diamond Age.

You fucking web guys. Take WebRTC, Flash, PHP, JSON, Flash, native browser plugins and all the other half-baked non-standard make-it-up-as-you-go-along "technologies" and go fuck yourselves.

Comment: Ads are for the lazy and ignorant (Score 2) 716

by synthesizerpatel (#41075967) Attached to: Ask Slashdot: To AdBlock Or Not To AdBlock?

Either they're so lazy they don't care or they don't know how to get rid of them.

If you feel bad about circumventing their terrible business model, just wait until they're broadcasting commercials directly into your dreams.

And they laughed at me for wearing the tinfoil hat! Who's laughing now!

Pound for pound, the amoeba is the most vicious animal on earth.

Working...