Not an idiot :) You make a good point that people don't have their phones on them & alive all the time which is where totp can come in with dongle totp's (like http://www.securemetric.com/secureotp-time.php) agreed it…
> Not everyone has smart phones. > Not everyone that has smart phones keep it on them all the time. > Not everyone that has smart phones that keep it on them all the time have a working (charged) phone all of that time.…
YubiKeys still can cost you up to $50, where as TOTP using something like google authenticator(doesn't have to be google auth) costs you? Nothing?
> This sounds less convenient, harder to implement, and no more secure than OpenID In what way is it less convenient? A standard user has their phone with them...24/7? At least in the sms realm it's more convenient than…
> On both OSX and many Linux distros, Py 2 comes pre-installed but Py 3 does not. Because python 3 was not the most stable at the time of distribution of that operating system. Why would I the developer of said…
How could this security hole be any worse? Passwords, Credit Cards, Personal Information, Private SSL Certificates!??? And without anyone knowing at all. This is just crazy. Bravo to indutny for pulling it off in 3…
Because Apple usually just goes along for the ride...?
If you clicked on the 86446f74 You would have gotten: https://github.com/expressjs/body-parser/commit/86446f74d5c6... Which shows parents 0
Basically the cut down to everything is the laziness of how it is developed and how many people are actually looking over the entire code. ATS allows the developers to know that the can be even more lackadaisical about…
Wow sorry I can't laugh at something jeez. So, you have never in your life just felt like re-posting a quote off something and just added a little something to it to show the spirit in which it was meant to be. Now you…
So rust & ATS & ADA & higher level languages can modify memory space? That I am aware of most higher level languages stray from being able to modify memory space on purpose as it's dangerous but, someone has to do it…
Just because this alternative language would have avoided this bug does not mean a much worse but would not have been created with a higher level language or even ATS.
Ada is a higher language weather or not it has linkage to C or not. The UNIX community cares about performance, performance, performance.
Maybe because most of the code currently out there being use by the biggest companies in the world still use these "unsafe" languages. & tons of the job market still is in these "unsafe" languages.
That's still not my point. At the time of starting openssl I don't believe that ATS was around. In any case my point is that back then C lang was the best choice for performance and still is revered as the "fastest" as…
LOL "* In theory. Rust is a work-in-progress and may do anything it likes up to and including eating your laundry."
I read the article is does not mention speed, performance once, in which it had nothing to do with what I stated. I was simply stating that higher level languages will cause the library to be slower also less easy to be…
Speed or security?... Age old question.
paypal accepts transactions without accounts just cards...
well this could be fixed by using something like bittorrent sync to allow you to keep your "inbox" wherever you want all you need is the code... and storage space... and well at least 1 of your own computers that…
And good point I forget that the web is basically insecure from government intrusion :[
Then I think it's time to look at a mail system that doesn't need servers something built on top of the bit torrent grid or similar system that the government can watch all they want but won't get any information back…
Well it would be nice if google could check the url it was visiting and if there is any sqli in it to not send the request (though this could potentially slow their crawling...)
But the only point in this is to take down a site you won't be able to get into useful information back from this request as the request's response will be heading back to the spoofed address... (though if you are using…
Wouldn't Lavabit be better if all decryption was done on client side, either with javascript or a client side add-on/extension? This way the only thing that is ever on the server is the public key? The only thing left…
Not an idiot :) You make a good point that people don't have their phones on them & alive all the time which is where totp can come in with dongle totp's (like http://www.securemetric.com/secureotp-time.php) agreed it…
> Not everyone has smart phones. > Not everyone that has smart phones keep it on them all the time. > Not everyone that has smart phones that keep it on them all the time have a working (charged) phone all of that time.…
YubiKeys still can cost you up to $50, where as TOTP using something like google authenticator(doesn't have to be google auth) costs you? Nothing?
> This sounds less convenient, harder to implement, and no more secure than OpenID In what way is it less convenient? A standard user has their phone with them...24/7? At least in the sms realm it's more convenient than…
> On both OSX and many Linux distros, Py 2 comes pre-installed but Py 3 does not. Because python 3 was not the most stable at the time of distribution of that operating system. Why would I the developer of said…
How could this security hole be any worse? Passwords, Credit Cards, Personal Information, Private SSL Certificates!??? And without anyone knowing at all. This is just crazy. Bravo to indutny for pulling it off in 3…
Because Apple usually just goes along for the ride...?
If you clicked on the 86446f74 You would have gotten: https://github.com/expressjs/body-parser/commit/86446f74d5c6... Which shows parents 0
Basically the cut down to everything is the laziness of how it is developed and how many people are actually looking over the entire code. ATS allows the developers to know that the can be even more lackadaisical about…
Wow sorry I can't laugh at something jeez. So, you have never in your life just felt like re-posting a quote off something and just added a little something to it to show the spirit in which it was meant to be. Now you…
So rust & ATS & ADA & higher level languages can modify memory space? That I am aware of most higher level languages stray from being able to modify memory space on purpose as it's dangerous but, someone has to do it…
Just because this alternative language would have avoided this bug does not mean a much worse but would not have been created with a higher level language or even ATS.
Ada is a higher language weather or not it has linkage to C or not. The UNIX community cares about performance, performance, performance.
Maybe because most of the code currently out there being use by the biggest companies in the world still use these "unsafe" languages. & tons of the job market still is in these "unsafe" languages.
That's still not my point. At the time of starting openssl I don't believe that ATS was around. In any case my point is that back then C lang was the best choice for performance and still is revered as the "fastest" as…
LOL "* In theory. Rust is a work-in-progress and may do anything it likes up to and including eating your laundry."
I read the article is does not mention speed, performance once, in which it had nothing to do with what I stated. I was simply stating that higher level languages will cause the library to be slower also less easy to be…
Speed or security?... Age old question.
paypal accepts transactions without accounts just cards...
well this could be fixed by using something like bittorrent sync to allow you to keep your "inbox" wherever you want all you need is the code... and storage space... and well at least 1 of your own computers that…
And good point I forget that the web is basically insecure from government intrusion :[
Then I think it's time to look at a mail system that doesn't need servers something built on top of the bit torrent grid or similar system that the government can watch all they want but won't get any information back…
Well it would be nice if google could check the url it was visiting and if there is any sqli in it to not send the request (though this could potentially slow their crawling...)
But the only point in this is to take down a site you won't be able to get into useful information back from this request as the request's response will be heading back to the spoofed address... (though if you are using…
Wouldn't Lavabit be better if all decryption was done on client side, either with javascript or a client side add-on/extension? This way the only thing that is ever on the server is the public key? The only thing left…