matthew9219
No user record in our sample, but matthew9219 has activity below (stories or comments). Likely we have partial data — the full bulk-load will fill profiles in.
No user record in our sample, but matthew9219 has activity below (stories or comments). Likely we have partial data — the full bulk-load will fill profiles in.
[dead]
Do you think these statues are hate speech or obscenity?
Not sure this is the technology at play here, but ATL Server, a C++ based Microsoft web technology discontinued in 2008 basically supported two files extensions - .srf and .dll. See e.g.…
How would it hurt you? The American Heritage Dictionary gives three definitions of hurt: > 1. To cause physical damage or pain to (an individual or a body part); injure. > 2. To experience injury or pain to or in (an…
They do. The problem is drug addiction. If you give drug addicts free houses, eventually the word gets out, and then even more drug addicts move to your state. Eventually you find yourself like California - spending an…
People addicted to heroin don't achieve their potential or their aspirations. The compassionate thing to do for drug addicts is to help them stop being addicted to drugs, not give them an apartment where they can do…
It's a bit more complex than that. At the surface, it's true - only 15% of homeless people in Seattle lived out of county before becoming homeless. But a deeper look shows as many as 30% more never really could afford…
I didn't quite speak clearly and so let me try to clarify. It's the opinion presented as opinion containing opinion presented as fact :). In examples: - "summer is the best season" is an opinion - "summer has the…
Seems specious. Democratically elected representatives said it was to encourage the investment of capital as they wrote the laws, and then got reelected by the voters. You can say the representatives were lying and the…
It's an understandable position yes. It's not quite so understandable to me that somebody would believe that position to be an inherent truth ("truly owe") rather than just a position. Capital gains taxes have…
Fwiw (tangent), I don't necessarily believe either of those instances were cosmic-ray induced bit-flips. I'd have to dig up the study, but I read a study once that more or less concluded "cosmic-rays are more common in…
You are looking for a debate, I think. It's the whole thread. You're nerd sniping. It's classic. You're not a fan of DNSSEC and prefer CT. When faced with examples where CT doesn't cut it, you refuse to discuss the big…
Of course it does. CT trust relies on root programs removing bad CAs and root programs and security researchers sharing information about bad CAs with root programs. The root programs, CA, and security researchers are…
Do you believe CT protects set-top boxes against surveillance from nation state actors who compromise your router? Yes or no, if you don't answer, you're not engaging in good faith.
> Meanwhile if DNSSEC's vision is ever fully realized, you will lose that control entirely. There is no CT there, and even if it was build somehow it will be useless as it has no "teeth" This is a false dichotomy.…
Web PKI so strong that we recommend not using it for critical scenarios.. /s It's late and I maybe haven't been super constructive here, but I think when you try to write out the actual assumptions behind CT as the…
The example I gave was a router or gaming system updating itself (e.g. using CUrl) not a full browser. Don't strawman please - if my argument is as weak as you say, you shouldn't need to. I want a version of Web PKI…
It's the argument I made at the top: > The fundamental difference is that with TLS you have to trust ALL certificate issuers, but with DNSSec you only have to trust your TLD and your certificate issuer. It's probably…
That's just not what's happening. Reread the conversation. I started from here: > Certificate transparency is cool, but it's not clear it really works for many classes of devices Smart TVs aren't some gotcha I'm…
The crucial difference is who decides which cryptographic entities to trust. With TLS and CT, the browser defines the list of entities and if 3 or more of those entities live in a hostile country, you can be…
Admittedly, the US is a bit of a special case because of ICANN. Better examples are probably Saudi Arabia, Israel, Australia, Russia, etc.
That page explains that Chrome (which is best in class here - most IOT devices don't do any of this stuff) fails open: > If the installed version of Chrome has not applied security updates and has been unable to obtain…
> you can't fake the SCT entries without having access to the CT private keys. So... Governments like the US and China can fake the entries by using their police forces to seize the private keys? SCT has the same set of…
Clients get pre certificates (which are portions of the log) as claims in certificates. It's correct that they never download the whole log - I'm simplifying for clarity, not out of lack of understanding. The fact…
The client has to get the CT log from somewhere, like an update channel (typically TLS). An attacker would compromise both the target and the process by which the client gets CT log updates. Such an attack would be…