Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Re:islamist radical? (Score 1) 297

Would he have had the means without thier support, there are loads of nutters roaming around raging at the world, most of it is just impotent rage. However if you stand them up, pander to thier psychosis, give them a box with bomb written on the side and point them at a bunch of picket fence citizens, dont be suprised if they dont go for it.

Comment: Re:Misleading summary (Score 2) 52

by tshawkins (#49450723) Attached to: How Flight Tracking Works: a Global Network of Volunteers

They are however required to keep the realtime databases that the websites mentioned in the article use. The reciever is basicaly a usb DVB-T terrestial digital tv receiver working as a software defined radio and a bunch of code to pickup the ADS transmissions. The results are streamed to the tracking sites databases.


Comment: Re:Kind of ironic (Score 2) 116

by tshawkins (#49447981) Attached to: 'Let's Encrypt' Project Strives To Make Encryption Simple

They dont need to, the packages are signed, they are not trying to keep the contents of the packages secret, or hide thier contents during transfer, they are only trying to ensure that they are distributed unmodified. To perform a MITM attack on the packages pulled down from a repo, you would need the private signing keys To creat new packages.

Looking through most of the .repo files in /etc/yum.repos.d on my fedora install, all the dl links are already https.

I suspect that ubuntu is the same.

Its probaly full of holes, i dont think i have seen a decent, analysis of the package managers from a security standpoint, but they seem to have most of the basics.

I dont know if the private keys are distributed to the packagers, if they are then that could be an issue.

Comment: Re:Only web servers? (Score 1) 116

by tshawkins (#49447843) Attached to: 'Let's Encrypt' Project Strives To Make Encryption Simple

I suspect its for anywhere you want to provide TLS protected connections, SSL on webservers is just the biggest use case, so its going to get the attention initialy, but i dont see any reason why agents cant be built to handle the maintenance and signup protocol on other transports than http. SSL and HTTP are not co dependant.

Its also going to be a big help in the migration to HTTP 2.0, which mandates SSL. I have a bunch of domains that i would like to move to HTTP 2.0 once it settles down, but im not up to paying $30-40 a pop for a cert.

Im hoping that they will roll HTTP 2.0 migration into thier easy setup software.

Nothing will ever be attempted if all possible objections must be first overcome. -- Dr. Johnson