The login form might be located on an HTTP page, but as long as the form submits to an HTTPS page, your login credentials are still SSL-encrypted.

In general, yes, but one of the 'tricks' of sslstrip is that it changes the content of the HTTP-served page so that the (formerly) HTTPS submission page is no longer HTTPS, but HTTP.

There's nothing "grey" about the DVD solution. Using libdvdcss in the USA is a violation of the DMCA, and consequently is illegal at a federal level.

So why not release Debian with all the nice goodies included, but have the final stage of the installer ask "Are you in the US?" ... and if you answer "Yes", then it removes anything that cannot be distributed there.

My 3 year old monkey(who obviously can't read/write) uses the computer all the time and I'm amazed at what she gets up to (ok she's not posting on slashdot, but give her time). She can switch on, start up the web browser, (her home page is the BBC kids page CBeebies) and she just looks around, finds the games to play, works out what to do and plays them. When she gets bored she goes back and chooses something else - painting a picture, watching a video etc. She only ever asks for help when she gets stuck in a dead end (like when she needs to download an add-on). I imagine the Monkey v4.5 is considerably more advanced.

Speaking as the parent process for an instance of Monkey v4.5, you're not wrong. She has the same setup as above, including CBeebies as the home page. The phrase "The Flash plugin has broken again, Dad" was part of her vocabulary for a while, until I sorted it out.

Aw, no "Windows 7 DVD-Personally-Autographed-By-Bill-Gates and Thrown Across The Room By Steve Ballmer" Ultimate Edition, then?

Just to throw what I use into the mix, on a network of ~100 WinXP desktops:

- Samba - acts as domain controller, triggers login scripts, maps drives etc. System Policy controlled using NTConfig.pol files in the 'netlogon' share, prepared using poledit.exe

- OpenLDAP - authentication backend for Samba, groups/users for the Samba server (plus many other tasks which are unrelated to desktop usage);

- WPKG - for software deployment, runs at each boot-up - really nice.

The example cited is "RESOLVED INVALID"

That's because the behaviour reported in the bug (the actual MITM attack) is *not* a problem with Firefox as suspected by the reporter: Firefox was behaving correctly by identifying the SSL certificates as invalid. It is however an interesting report of a MITM attack.

Put me in a room with a bear, repeat a hundred times and see who comes out on top. Doesn't mean the bear is smarter.

I think it might mean that, actually. You just said "Put me in a room with a bear". Well, duh... you're clearly not that smart.

A review already? Nah, not possible. The book only was only published in September. That's nowhere near long enough to read A Neal Stephenson.

Article summary: use 'make -j', 'distcc' and 'ccache' or something combination of these. These utilities are well known and widely used already, no?

The most important part of the installer that has changed for the better is you can easily start the installation by selecting from gui and text options from a menu. The Etch installer you had to type something to start the installer.

Thank goodness for that. Now I can install Debian on all my systems which don't have a keyboard. Phew!