Or not.
0, in a suitable color space.
> If this is what EA is doing then they had better have a really good explanation. Or?
The problem with S/MIME is that it is strictly hierarchical. That already hasn't worked well for TLS. The aim of email encryption is in a large part to prevent government-level parties from reading the emails. It…
Here are some problems, from the top of my head, in no particular order: - Subjects can't be encrypted. - Encrypted mailing lists are complicated. Do you reencrypt in the middle? What software do you use? The mailing…
As a German, I feel very much the same.
Because modern configuration management tools like Ansible (or Puppet, or Salt, or whatever) allow you to do more things more easily. Also, because Bash is a particularly horrible language. I have a lot of experience…
HN is a YC marketing tool, it pays for itself quite easily.
The article has nothing to do with Snowden. At all.
Yes, but it's easier to teach admins to never use "PermitRootLogin yes" "because it's bad for security" than to teach them to never use weak passwords.
Automated 0-day attack: fair point. Though direct remote code execution is probably much, much more likely than authentication bypass.
@Passwordless sudo: Because then you have effectively made your user root, and compromising your user account is enough to get root access immediately. If you do that, then why have a seperate user at all?[3]…
tl;dr: "disallow root login entirely, everything else is bad" is cargo culting. I said "impractical", not "impossible". Of course I can use sudo. But it's more work. I require root access a lot. It adds up quickly.[2]…
Did you ever stop and think about this or are you just repeating something you read on "Hacker""news"? Getting by /without/ direct SSH root access is often impractical (think about scp), and without-password is a secure…
Because then root login would be disabled entirely. With "without-password" SSH-key based login is still possible (and no, that's not much of a security risk).
Electrically powered multicopters can carry DSLRs quite easily. If it's supposed to carry expensive equipment, you'll want to use a hexa- or octocopter though. Of course multicopter flight times, especially with…
Wikipedia is an encyclopedia, not a company index.
I don't. So is mine, but resizing it for each individual website is unnecessary work. And some websites have a legitimate need for a wider format, so you can't even say "all websites should be like this".
Anyone want to host their mission critical project with a team so small that individual employees have to be on call 24/7? If the company requires more than what can be done in a 40-hour work week, it should hire more…
That's precisely why you only use subkeys in daily life and only use the root key for keysigning (and ideally store it safely and offline).
That maybe nghst should take a step back from HN and consider that normal people may find the original 2048 fun and may not care about its variants at all. Giving an example is a perfectly valid way to make a point.…
It's you. Linux has followed a bi-monthly schedule for quite a while now. FYI: https://en.wikipedia.org/wiki/Linux_kernel#Maintenance
No, I don't. a) We (my country and the US) are allies. b) I may be less not ok with spying on high-ranking politicians. But any spying on companies and normal citizens is right out.
Unfortunately, I have a huge problem with a foreign country - the USA - spying on my country and me.
And only for domestic spying. People that aren't US citizens still get no protection at all.
Or not.
0, in a suitable color space.
> If this is what EA is doing then they had better have a really good explanation. Or?
The problem with S/MIME is that it is strictly hierarchical. That already hasn't worked well for TLS. The aim of email encryption is in a large part to prevent government-level parties from reading the emails. It…
Here are some problems, from the top of my head, in no particular order: - Subjects can't be encrypted. - Encrypted mailing lists are complicated. Do you reencrypt in the middle? What software do you use? The mailing…
As a German, I feel very much the same.
Because modern configuration management tools like Ansible (or Puppet, or Salt, or whatever) allow you to do more things more easily. Also, because Bash is a particularly horrible language. I have a lot of experience…
HN is a YC marketing tool, it pays for itself quite easily.
The article has nothing to do with Snowden. At all.
Yes, but it's easier to teach admins to never use "PermitRootLogin yes" "because it's bad for security" than to teach them to never use weak passwords.
Automated 0-day attack: fair point. Though direct remote code execution is probably much, much more likely than authentication bypass.
@Passwordless sudo: Because then you have effectively made your user root, and compromising your user account is enough to get root access immediately. If you do that, then why have a seperate user at all?[3]…
tl;dr: "disallow root login entirely, everything else is bad" is cargo culting. I said "impractical", not "impossible". Of course I can use sudo. But it's more work. I require root access a lot. It adds up quickly.[2]…
Did you ever stop and think about this or are you just repeating something you read on "Hacker""news"? Getting by /without/ direct SSH root access is often impractical (think about scp), and without-password is a secure…
Because then root login would be disabled entirely. With "without-password" SSH-key based login is still possible (and no, that's not much of a security risk).
Electrically powered multicopters can carry DSLRs quite easily. If it's supposed to carry expensive equipment, you'll want to use a hexa- or octocopter though. Of course multicopter flight times, especially with…
Wikipedia is an encyclopedia, not a company index.
I don't. So is mine, but resizing it for each individual website is unnecessary work. And some websites have a legitimate need for a wider format, so you can't even say "all websites should be like this".
Anyone want to host their mission critical project with a team so small that individual employees have to be on call 24/7? If the company requires more than what can be done in a 40-hour work week, it should hire more…
That's precisely why you only use subkeys in daily life and only use the root key for keysigning (and ideally store it safely and offline).
That maybe nghst should take a step back from HN and consider that normal people may find the original 2048 fun and may not care about its variants at all. Giving an example is a perfectly valid way to make a point.…
It's you. Linux has followed a bi-monthly schedule for quite a while now. FYI: https://en.wikipedia.org/wiki/Linux_kernel#Maintenance
No, I don't. a) We (my country and the US) are allies. b) I may be less not ok with spying on high-ranking politicians. But any spying on companies and normal citizens is right out.
Unfortunately, I have a huge problem with a foreign country - the USA - spying on my country and me.
And only for domestic spying. People that aren't US citizens still get no protection at all.