Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment (Score 1) 216

That's not my experience, over the last 15 years where I was required to exchange PKI encrypted emails with both DoD users and other contractors (Fortune 50 company through 1 person security consulting shop). I've had problems setting up/loading certificates, particularly handling root and intermediate certificates (from DoD PKI). When a certificate expires, Mail has real problems with the email. And recently I was sent a short encrypted message where it took order a couple of minutes to decrypt and display.

Those problems, I believe are a combination of flaws in, in the underlying Mac OS X PKI support, and with PKI in general. I had similar problems with Thunderbird, which depended on little or no Mac PKI infrastructure.

Hence my posting elsewhere in this thread that it's the underlying PKI infrastructure at the OS level that is at least partly at fault, and I think the complexity of the PKI design explains much of the reason why PKI infrastructure is so messy. What looked good on paper didn't scale and had real usability problems even for relatively sophisticated users. It's certainly not ready for the casual user!

Comment Re:PKI itself is the culprit (Score 1) 216

Finding, installing, handling revocations/expiration. Loading parent/certificate chains, -particularly when the certificate chains themselves (root and intermediate) change-. In a perfect world, this would all be handled automagically. But when something goes wrong, figuring out what happened, and then trying to fix it, has been At Least One Bridge Too Far.

Comment PKI itself is the culprit (Score 3, Interesting) 216

I've had to mess with PKI encrypted email (as a job requirement) many times over the last 15 years. In my experience, the problem is the underlying PKI support. It's really hard to load & manage certificates, deal with revoked certificates (including preserving emails when a certificate expires), etc. Some of that is, I believe, due to the complexity of PKI itself, and some of it is due to poor (at least from a user experience perspective) support by the OS vendors. Much of my experience is with DoD PKI, including their huge chains of PKI certificate/trust.

If the PKI infrastructure worked well, encrypting/decrypting email should be easy. But if the PKI infrastructure makes it really hard to manage certificates, there's nt a lot the mail user agent can do about that!

Comment Re:"Real-world usage" (Score 1) 246

I didn't assert 'No one develops websites on the Mac', all the websites hosted on my servers are developed on the Mac.

But the number of people who do this is Much Less Than the total Mac user population.

Furthermore, few people who develop websites on any platform get their tech advice from Consumer Reports.

But then, when you can't produce a useful thought, insults work just fine.

Comment Re:1 laptop, not connected to the grid (Score 1) 574

There has to be a vulnerability on the computer to exploit. That's a point most people seem to forget, and the people here have no excuse for that.

Yes, the air gap between the vulnerable laptop and the power grid worked as expected. But that doesn't excuse the vulnerability of the laptop!

Comment Re:1 laptop, not connected to the grid (Score 1) 574

1. There clearly was a penetration of a computer.

2. For this to happen, there had to be a vulnerability on that computer.

We _know_ that some systems are much more vulnerable than others. But there's no penalty for that, either for the makers or for the purchasers/specifiers of that.

My 'grip' is to not run Windows.

Comment Re:1 laptop, not connected to the grid (Score 3, Interesting) 574

There have been substantial penetrations of the US Power Grid, but this was -not- one of them. I remember hearing about vulnerabilities in the electrical grid and other SCADA critical infrastructure in the '90s. The one guy who talked about that worked for the EPRI, and ended up getting fired because he continually pointed out how the utilities were -ignoring- the problem.

(Agree, mod parent up, good link!)

Comment 1 laptop, not connected to the grid (Score 5, Informative) 574

Journalists wonder why people don't trust them, and this story is a good example. Turns out the crap was found on one laptop in the company's possession, which was not connected to their power grid.

(And when will companies/CIOs stop buying computers that contain so many exploitable vulnerabilities? I guess the answer is "Not until there's financial and legal consequence for their failure.")

Comment house cost appreciation (Score 5, Interesting) 504

I heard a piece on NPR (which unfortunately I can't find a link for), that observed if you paid over $500k for your house 20 years ago, your house appreciated more than 100%, and if you paid less than $200k, it only appreciated 25%. Further analysis discussed that the great preponderance of such houses were on the coasts, and that affordability in those communities is a real problem . They also correlated the house price with how the people voted, noting that Trump voters were more likely to have houses in the $100k-$200k range rather than the $500k range, and that was presumed to be part of the dissatisfaction with the state of the economy.

Now putting these stories together, -I- come to the conclusion that high cost areas such as Silicon Valley are much more likely to support abstract notions of income redistribution, with the sense that "I have mine, so now I can feel bad about income inequality."

Slashdot Top Deals

Hokey religions and ancient weapons are no substitute for a good blaster at your side. - Han Solo