Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment A lot of sites use Google services (Score 1) 47

the sites they are visiting independently use Google services in some sort of hosting capacity

This is in fact the case. One possible reason for this is that Google's AdSense was the one of the first major ad networks (if not the first) to support HTTPS, beginning in September 2013. Other sites are hosted on Blogspot or Google App Engine, or they include YouTube embeds, Google "+1" buttons, jQuery from Google's CDN, Google Fonts, reCAPTCHA, or Google Analytics.

Comment Let's Encrypt is for domain owners (Score 1) 47

The one weakness of Let's Encrypt is sites on a home LAN that don't have a fully qualified domain. To pass the DNS challenge of Let's Encrypt, you first have to buy a domain. Or is every head of household who owns a router, printer, or NAS supposed to spend $15 per year on a domain?

Comment SNI (TLS virtual hosting) works in all browsers (Score 2) 47

ISPs will often charge dedicated IP and/or certificate maintenance fees

That hasn't been the case since April 2014, when extended support for Internet Explorer on Windows XP ended. Since then, all supported web browsers in wide use have supported Server Name Indication (SNI), which allows the TLS client to specify for which hostname the server should try to present a certificate. WebFaction, for instance, has offered TLS+SNI hosting at no additional charge.

"But I want to support 3-year-old unpatched IE/XP!"
I don't recommend this, because a browser that neither receives security updates nor has been formally proven secure is presumed vulnerable to man-in-the-browser attacks.

Comment No problem (Score 2) 45

You can have that however you have to accept a few things:

1) Costs are going to go way up. You aren't going to pay $50 or $100 for a software package, it'll be 5 or 6 figures. You'll be paying for all the additional testing, certification, and risk.

2) You won't get new stuff. Everything you use will be old tech. You'll be 5-10 years out of date because of the additional time needed to test and prove things. When a new chip or whatever comes on the market it'll be a good bit of time before it has undergone all the validation it needs to be ready for such a critical use.

3) You will not be permitted to modify anything. You will sign a contract (a real paper one) up front that will specify what you can do with the solution, and what environment it must be run in. Every component will have to be certified, all software on the system, the system itself, any systems it connects to, etc. No changes on your part will be permitted, everything will have to be regression tested and verified before any change is made.

If you are ok with that, then off you go! The way I know this is how it goes is that we have shit like this, we have critical systems out there and this is the kind of shit they go through. They are expensive, inflexible, and out of date compared to the latest mass market shit. If you look at the computers that control a fighter plane or the like you'll be amazed at how "dated" they are. Well they are that way because development took a long time and once they are developed, they continue to be used, they aren't changed often.

Now if that's not ok, if you want the free wheeling environment we have now where you can buy new tech when you like, put things together in any configuration, and run whatever you want that's cool, but accept that means problems will happen. You cannot have it both ways.

Oh and also with that critical stuff:

4) There will be no FOSS. If there's liability for losses, nobody will be willing to freely distribute their work. They aren't going to accept liability for no payment, and aren't going to accept that if their code was used by someone else they might be liable.

Comment This is why we can't have nice things (Score 4, Interesting) 223

Like mastodons.

If human beings, or our earlier ancestors, were killing mastodons 130,000 year ago without eating the meat, then it seems awfully likely that human/hominid hunting was an important factor in the eventual extinction of mastodons and other North American megafauna. Killing a big mammal like that for the bones/marrow implies a very effective predation capability and possible big environmental impact.

Slashdot Top Deals

Your good nature will bring unbounded happiness.

Working...