USENIX used to be one of my favorite conferences. Important work was presented there. Or at least work that, at the time, seemed like it had the potential to be important, although no program committee has yet been perfect at foreseeing the future...
This just seems like a silly joke taken too far.
Good grief, we know this is Slashdot so reading TFA is generally scoffed at, but at least read past the first sentence of a summary. The Subject of my post says it all. It is trivial to set up a proxy so that customer => Cloud service which can't be blocked => TOR.
You wrote that a proxies "aren't really necessary". I was responding to that. Good grief, indeed.
If you'd like to move the goalposts by claiming that the summary isn't want you wrote, that's fine. I'll respond to your claim that proxies are easy to set up. Yes, they are. And they're really easy to block too, if someone is motivated to do so. If they weren't difficult to block, there would be laws in place that would make them harder to set up.
The TLS handshake passes the name of the host being connected to (for the purpose of fetching its certificate) in plaintext. So if a site isn't being blocked, it's just a matter of time before the ISPs close this trivial loophole.
The next step is to ask for a different certificate that is being used on the same IP, by hacking the TLS handshake to specify a different hostname in the handshake than it uses in the HTTP request it sends later. This will probably just annoy whoever ends up paying for the bandwidth, and the loophole will get closed eventually.
This isn't a call for a boycott.
Well, let's see what TFA says:
Not only REFUSE to see the movie, but spread the word to as many men as possible.
What part of the word "boycott" do you not understand?
I tested HWE on a few test systems before rolling it out across the rest of my systems. Long story short, several of the test systems had intermittent networking problems after the upgrade, which caused the systems to hang until power-cycled.
In my environment, stability is more important than having the latest gee-whiz features, and due to slashed budgets, supporting new hardware is a problem I don't have, so it's not worth the trouble to try to use the Trusty kernel right now.
Yeah, if that's what happened. But that's not what the article says.
It says that on March 21st, Google had already fixed the flaw and rolled out the patches internally. Fine; they get to cover their own asses first. No argument.
Then a week went by.
They haven't been in the press enough recently...
Sometimes, too long is too long. - Joe Crowe