Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:So what? (Score 1) 387

This just removes the fig leaf. .. Anyone who's serious about security wouldn't rely on the ISP being on their side-- one would already be using strong encryption etc. for all communication if one were actually concerned about security.

This really is the best way to look at things.

If people want "privacy laws" then those laws shouldn't be about what's not allowed to happen; the laws need to be about what is required to happen (the goal being to encourage common sense practices, because nobody can protect your privacy for you.). Make it so that businesses and people can't access government's network services without going through a darknet, for example. Do not allow any plaintext email communication with the government. Put into "REAL ID" that the issuing authority also has to sign the identified person's key and include the fingerprint on the ID card. Don't allow government money to be spent on computers containing any software which can't be audited and maintained. And so on.

Don't make anyone protect their privacy overall, but do make it so that they have to pay lip service to common sense in any interaction with government (and then let convenience and economy of scale take it from there; lazy people will then do the right thing). Or, just don't have privacy laws since, obviously, we don't really care. Pick one or the other.

Comment Re:Norton (Score 1) 69

Step one: Any browser that cares about security MUST stop regarding https with CA certificates as any more trustworthy that self-signed certificates or plain http.

Why? Plain HTTP can be compromised by anyone on a hop between you and your destination. HTTPS with a self-signed certificate can be compromised by anyone on a hop between you and your destination, but can be detected if you do certificate pinning or certificate transparency. HTTPS with a signed cert can only be compromised with cooperation from a CA. The set of people that can compromise signed HTTPS is significantly lower than the set that can compromise self-signed HTTPS.

I remember in the days of IE 6 and me opening questionable porn in my youth I would get slow or weird responses from HTTP websites. I do an ipconfig of the name of the site. I then disconnect and then reboot and or sometimes do a ipconfig /release and VIOLA now when I do an ipconfig it points to a different IP address.

MITM was quite on occurrence in the old days. Of course if my DNS is pointing to somewhere else it means my PC was probably compromised but my point is changing something and a ipconfig /release fixes it shows it is easy to spoof before MS took security more seriously as it does today.

Comment Re:Conflict of interest (Score 1) 229

But then the police here think they need Tanks, M16A4 fully automatic weapons, drones, bombers, orbital strike platforms......

When in reality, 90% of the police can barely handle a small caliber pistol safely, and they are so poorly trained they are not much better than a roaming gang of thugs.

Comment Re:Conflict of interest (Score 3, Insightful) 229

easy solution, raise the taxes. if your taxes are not high enough to pay for Fire,Police and road maintenance then you should absolutely pay more.
If your taxes are not being used for that but instead, holiday decorations, more pay for someone to choose to buy more decorations then it's time to start voting for officials more wisely.

Yes, Yes, I know the irony of an American saying to vote more wisely to another country.... I'm not happy with our Toddler in Chief, but then he is not much different than the ones we have in congress and local government all over here. Recently in my home town we had one of the commissioners demand that a law be passed so that anyone in government can not be criticized or go to jail.

It seems that we either elect very evil people, or stupid ones that have never read the constitution. From my experience, it's the latter, only the dumb want to be in political office.

Comment Re:The Dying Days of the Certificate industry (Score 1) 69

You have a better solution? You want the US government deciding instead like ICAAN in addition to being a central point of exploit?

If you let others self sign that means you risk having the private keys known and it's game over. Let's encrypt has same problem in which they can screw up and hand out extra certificates. Also if they are hacked and private key is leaked then game over the Internet is done as we know it. This makes me not want lots of players on the CA space

Chrome

Google Reducing Trust In Symantec Certificates Following Numerous Slip-Ups (bleepingcomputer.com) 69

An anonymous Slashdot reader writes from a report via BleepingComputer: Google Chrome engineers announced plans to gradually remove trust in old Symantec SSL certificates and intent to reduce the accepted validity period of newly issued Symantec certificates, following repeated slip-ups on the part of Symantec. Google's decision comes after the conclusion of an investigation that started on January 19, which unearthed several problems with Symantec's certificate issuance process, such as 30,000 misused certificates. In September 2015, Google also discovered that Symantec issued SSL certificates for Google.com without authorization. Symantec blamed the incident on three rogue employees, whom it later fired. This move from Google will force all owners of older Symantec certificates to request a new one. Google hopes that by that point, Symantec would have revamped its infrastructure and will be following the rules agreed upon by all the other CAs and browser makers.

Slashdot Top Deals

"Show me a good loser, and I'll show you a loser." -- Vince Lombardi, football coach

Working...