You are in a minority. The ports are not as fragile as you claim, or there would be far more outcry.

While something better could be made standard, it isn't and should not be a priority.

You really shouldn't repost articles from other websites in their entirety. You've just taken advertising dollars away from information week, and indirectly from the authors pocket, and given them to Dice, and indirectly, idiots like Timothy lord.

That's lose - lose all the way around.

Yes, and yes.

You can turn off parallax in the settings, which makes it pretty much like previous versions of iOS.

You can also set the wallpaper to any image you want.

This story is just some douchebags blog, using iOS to get people's attention and page views

You can never downgrade, it's always been upgrade only with jail breaking and hacks.

Putting Wall Street on Wall Street is the first example of STUPID in that equation, the rest follows quickly from there.

Every company I've ever worked with that has datacenter in manhattan JUST so they can say 'We have a datacenter in XXX' as a bragging right. (Note, never worked with financial traders)

Yes, SOME companies want the shortest length of transit to the markets, MOST of those data centers are marketing fluff for ignorant companies who think showing how wasteful you can be with money is impressive.

Pfft. A single checkbox is all that's needed:

"Reduce effectiveness to comply with US Government standards."

No, not even a little fucking bit.

The corporate version of 'open' is ENTIRELY different than 'Free Software' be pretty much any definition you can find. Stallman and cult of GNU like to warp open source into something it isn't. They try to co-opt the term into meaning something it isn't and then bitch about people not doing it their way.

Open source means you can see the source. Period. It does NOT mean you can do anything with the source. It does not mean the software is 'free', in fact it could be under the most restrictive license terms on the planet and still be open source. For the right fee, Windows is open source. And yes, open source has not a god damn thing to do with what it takes to gain access to the source, such as paying for it.

Open in the real world doesn't have anything at all to do with Stallman, GNU or the FSFs view of copyleft.

H264 is open for example, as are the mpeg standards, my every definition that matters to a company trying to get something done, they are open standards. According to Stallman and the FSF they are evil bastards that need to die a horrible death because OMG NOT REQUIRES LICENSE FEES.

Do not taint open source by even associating it with 'free' software, it is no such thing.

No, he didn't.

He took years to write emacs and help from others.

Oh, you didn't mean emacs... you meant hurd ... again, he didn't do it alone and I'd argue he didn't pull it off any better than my half assed OS I cobbled together during my more bored years, which also depends on the work of others to be usable.

Stallman did not invent open source, nor start 'the revolution'. It was there before him. It wasn't his idea. While he has contributed much to open source, he has also personally harmed it more than just about anyone I can think of. His religion may appear great at first glance, but it is, just like pretty much every religion, warped into his personal agenda and crusade against everyone who doesn't agree with him in entirety.

His behavior in public forums and disrespect for others around him is a good example of you should ignore him.

I suspect, the same sort of vigor will be unleashed against this comment. -5 disagree after all.

Barracuda has no worries for 99% of its customers. You have no expectation of privacy when using your employers computer or email system, most of their systems go here.

Google is a little different as a provider of emails to end users.

No, lets not.

This is a horrible model to try and use on a global scale. Crowdsourcing is not an authentication solution, its a stupid idea. Theres a reason PGP has never taken off outside geeks validating their linux binaries ... because someone cares about the linux machine running in your basement.

When will you guys get it through your heads that 'distributed everything' doesn't work. Central authorities are needed to mediate and ensure everyone is on the same page. Central authorities also come with the risk that they can be compromised, but its far easier to deal with one compromised CA than several billion.

PGP has all the disadvantages of using CAs, none of the advantages, and additional disadvantages, mostly in that it requires users to make decisions they aren't qualified to make, which they could do currently IF THEY WANTED TO. They don't.

What CA doesn't sell wildcard certs now? They cost a lot more, but not that much more. Lease than the price of 5 regular certs on Thawte.

SSL has absolutely nothing at all to do with authorization. It carries no authorization information.

You are confused and clearly don't understand how SSL works and what it does.

SSL works by generating a new password for a symmetrical encryption algorithm on each session. Neither end knows the password before that point, they actually generate it together based on a communication method that ensures only the end points know the password.

Because both sides generate a password for each session, if you did not do authentication, anyone could jump in the middle and generate a password with you, and then create a new session to the destination you thought you were connecting to.

Authentication uses asymmetric encryption and public key infrastructure to verify that the system you are connecting to is who you think they are and not someone else, thus preventing a man in the middle attack. No authentication, your encryption is as good as useless as it can easily be intercepted and broken over the wire without you noticing.

There is no other way to work on 'web scale' authentication of connections other than PKI. Its simply a distributed automated OFFLINE CAPABLE way of verifying authentication information. If the CA cache in your browser hasn't been compromised, the CRL url can actually disable invalid signatures as well if they've been leaked or compromised in some way.

The only 'flaw' is that you trust 3rd parties. Because you trust 3rd parties to do the verification for you, it is possible they might validate the authentication information of someone who is not who they claim (for any number of reasons ranging from hacked servers, malicious intent to court order for the NSA).

Show me a method of distributing authentication information to the entire world that works better. And no, you're silly manually verified web of trust is a stupid fucking idea, which is why no one, including firefox has implemented such a feature. Just because you're idea is stupid, doesn't mean Firefox is stupid for not implementing it.

Everytime someone says something like you, they talk about some retarded way of doing exactly what we're already doing, but requiring individual users to do 1000's of times more work.

Hell, I have at least 6 SSL certificates IN MY HOUSE accessed by probably 20 different devices. Fuck you if you think I'm going to manually input 20 digit (or longer) finger prints for all those certs on all those devices, then twice as many at work, and I haven't even started talking to Amazon and iTunes to buy shit yet.

The reason we're still using 1990s 'tech' (which it was old in the 90s btw) is because theres nothing better, contrary to what you think. Please to be shutting up until you actually understand what you're talking about. You really made it clear that you have no idea whats going on.

Its done because software encryption on intel/amd CPUs sucks in general, though new processors with the AES instruction will start to make SSL processing easier closer to the web server itself.

You off load the encryption and reverse proxy to dedicated hardware that has ASICs to handle the encryption/decryption process because its cheaper to buy one expensive custom bit of hardware than to buy the extra 300 web servers if you try to get them to handle 10GB of encrypted traffic without hardware encryption support.

Forge the CA so you can forge the certificates to do a man in the middle, its trivial. I've done it on multiple occasions at work in order to facilitate sniffing passwords to migrate users to different a new service (say from office365 to gmail without getting everyones passwords by asking).

You only know the thumbprint doesn't match if you check it and manually record it. Your browser's checks are being processed correctly via the forged certs.

I sign our MITM certs with our domain CA, its clear that we're doing it ... if you bother to look. I'm not trying to hide it, just accomplish part of my job. Being that we're on an ActiveDirectory domain with a certificate authority, the domain cert is automatically deployed to all the windows domain PCs, all I have to do is have the domain CA sign certs for my use, and all the PCs trust it.

It requires nothing special to accomplish and is working as designed. When you're using someone else's computer, you should assume they can see and hear everything you are doing at a minimum.

And no, you have no right to privacy on your companies computers or network at work, thats what you have your own home computer and network for.