Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Comment You could write your own ACME client (Score 1) 231

even "free" things like Let's Encrypt are not free. They will not give me a cert. What they will do is let me run their software which will magically do the cert shit for me.

Or you could read the published specification for Automatic Certificate Management Environment (ACME) and write your own such software.

Comment Re:In a groundbreaking statement now (Score 1) 231

Yes I know your ISP could inject crap before serving it to someone, but you remind the ISP that is illegal.

ISP's reply: "So what? We'll continue the illegal practice."

So who has standing to sue an ISP that deliberately flouts this law? The subscriber or the operator of the site that was modified?

Answer: Nobody does. It was a trick question. Mandatory arbitration clauses are a standard practice nowadays.

Comment Re:Lies, damn lies, & first lie wasn't exactly (Score 1) 231

On my non-technical site (content doesn't have a bias toward users having any particular software) Safari measures (for whatever that's worth; see 1st paragraph) at 34%.

Safari is currently Mac-only among desktop platforms. I'd be surprised if over 34 percent of visitors to your site use a Mac. Or are you counting Safari for iOS in your 34 percent? Rick Schumann doesn't appear to be.

Comment RIP Vidme (Score 1) 129

only until a competing service provider (or several) takes chunks of the uploaders they refuse to pay

I don't see "a competing service provider" taking away YouTube's usage share as likely to happen soon, seeing as Vidme has recently gone out of business.

Comment $45 signup fee (Score 1) 129

DTube relies on the Steem blockchain for authentication, and according to that blockchain's FAQ: "To create an account on the blockchain, it costs STEEM tokens. When you create an account through, Steemit Inc. is supplying the tokens to pay the account creation fee. [...] The only way to have an account created via is to supply your email and phone number." If the previous holder of your email address or phone number was a Steem user, or if your phone is in an unsupported country or on an unsupported carrier, you will end up having to pay to create an account: "There is a third-party tool called SteemCreate that accepts credit cards, or BTC to create a Steem account. You do not need to have an existing Steem blockchain account to use the service, but there is a charge on top of the blockchain account creation fee for using the service." In turn, from that service's description: "Account creation cost is $45"

Comment Re:Router, printer, NAS, and other FQDNless device (Score 1) 231

Let's Encrypt will issue a certificate to the domain owner even if the hostname in the certificate is not the hostname of a server reachable through the Internet. For unreachable hosts, Let's Encrypt verifies domain control through the ACME dns-01 challenge, which requires putting a temporary TXT record in your domain's DNS zone.

Comment Re:In a groundbreaking statement now (Score 1) 231

Not every site is about having personal information transmitted or is personal in nature on the queries it responds to.

Nor does every server operator always agree with its viewership on whether the site "is personal in nature on the queries it responds to." For example, some people find Wikipedia not "personal in nature" because they don't regularly read articles about (say) reproductive rights in a socially conservative jurisdiction.

Maybe I just run a site for my bathroom design business with my phone number on it.

How do viewers of your site know that your competitor didn't pay the ISP to change your phone number appearing on its subscribers' view of your site to that of your competitor?

Comment Re:Cleartext HTTP vulnerable to script injection (Score 2) 231

with Let's Encrypt issuing out certificates so sites can phish, it seems like a good way to avoid all the Paypal and other phishing is to block the Let's Encrypt certificate. (they issued like 14,000 phishing certificates)

Why not go a step further to block the domain registrars that issue out domains so sites can phish?

Slashdot Top Deals

Life would be so much easier if we could just look at the source code. -- Dave Olson