|
Suspicious Dish posted:With a targeted MITM, yes, I can. Also lol at relying on the authenticity of DNS records. That's going to work real well. the eff and their partners are smart enough to try and make a targeted mitm quite difficult. (they have to be, or else this effort is pointless) as for dns records, if those are broken globally, certs don't matter. if i can control the A record for citibank.com, i can just serve http plaintext and not bother with any ssl fuckery lastly, the eff also runs the ssl observatory. i assume they will blacklist automatic issue for a shitload of domains that have verisign or whatever reputable certs they see in the wild
|
#
?
Nov 19, 2014 03:24
|
|
|
|
| # ? May 14, 2024 01:09 |
|
|
Notorious b.s.d. posted:change is intrinsically bad
|
|
#
?
Nov 19, 2014 03:25
|
|
|
Salt Fish posted:"Some youtube guy" okay, you're really showing off your credentials with that one. slef signed certs are poo poo. im a famous computer man, so now u can believe me.
|
|
#
?
Nov 19, 2014 03:38
|
|
|
keep loving that chicken self-signed ssl stymie
|
|
#
?
Nov 19, 2014 03:41
|
|
|
Keep loving cleartext guys, I just donated 250 dollars to the EFF so I could get one of their sweet hoodies (choose between 2XL and 3XL lol) so gently caress ya'll and gently caress the NSA bring back LF I'm out
|
|
#
?
Nov 19, 2014 03:52
|
|
|
pram posted:youre moving the loving goal posts and pretending everyone said 'SSL IS BAD'
|
|
#
?
Nov 19, 2014 03:53
|
|
|
Salt Fish posted:Keep loving cleartext guys, I just donated 250 dollars to the EFF so I could get one of their sweet hoodies (choose between 2XL and 3XL lol) so gently caress ya'll and gently caress the NSA bring back LF I'm out The real world threat model solved by TLS is "I just gave my user name and password to my bank over this random unsecured WiFi I found." and the idiocy you're advocating makes everything worse. oh, and reminder: EFF examined them on seven factors, like whether the message is encrypted both in-transit and at the provider level, and if the code is audited and open to independent review. Six of these tools scored all seven stars, including ChatSecure, CryptoCat, Signal/Redphone, Silent Phone, Silent Text, and TextSecure pseudorandom name fucked around with this message at 03:57 on Nov 19, 2014 |
|
#
?
Nov 19, 2014 03:55
|
|
|
Notorious b.s.d. posted:yeah, i am inflexible so you really think there's absolutely no market for a free, user-friendly desktop? its beards or nothing? Notorious b.s.d. posted:ok how do i turn on focus follows mouse in gnome 3? lollll Notorious b.s.d. posted:lol you couldn't teach it to wash itsefl, so you just chucked out the baby with the bathwater again, not before everyone else did. again, it sucked, its design sucked, and it never worked well. nobody misses it. Notorious b.s.d. posted:i was going to bitch but i just opened nautilus 3.14 and it is less broken now. not having a treeview still sucks but at least it is not fundamentally unusable actually its fine i haven't ever thought "boy i wish i had a treeview" Notorious b.s.d. posted:you made it non-discoverable AND hid all the features AND you're proud of it do your applications all look like those ham radio UIs where every possible thing you could ever do in the world is a button on the main window
|
|
#
?
Nov 19, 2014 03:59
|
|
|
Salt Fish posted:Keep loving cleartext guys, I just donated 250 dollars to the EFF so I could get one of their sweet hoodies (choose between 2XL and 3XL lol) so gently caress ya'll and gently caress the NSA bring back LF I'm out What's the use case for a self-signed cert? I'm curious here.
|
|
#
?
Nov 19, 2014 04:00
|
|
|
Salt Fish posted:Keep loving cleartext guys, I just donated 250 dollars to the EFF so I could get one of their sweet hoodies (choose between 2XL and 3XL lol) so gently caress ya'll and gently caress the NSA bring back LF I'm out im the complete lack of comprehension
|
|
#
?
Nov 19, 2014 04:01
|
|
|
oval office AND PASTE posted:so you really think there's absolutely no market for a free, user-friendly desktop? its beards or nothing? yes and yes (especially if we mean a literal market, as in dollars changing hands. it's only beardlords and scientists buying red hat licenses) edit for clarity:
oval office AND PASTE posted:again, not before everyone else did. again, it sucked, its design sucked, and it never worked well. nobody misses it. it did not suck and i do miss it btw expose-clones are the worst, because all of my windows are editors full of text, web browsers full of text, or command lines full of text. there is no way to usefully distinguish them using a thumbnail Notorious b.s.d. fucked around with this message at 04:04 on Nov 19, 2014 |
|
#
?
Nov 19, 2014 04:01
|
|
|
oval office AND PASTE posted:so you really think there's absolutely no market for a free, user-friendly desktop? its beards or nothing? all computers come with a free, user-friendly desktop, and tablets are killing laptops like laptops killed desktops
|
|
#
?
Nov 19, 2014 04:02
|
|
|
christ can we keep the thread on topic guys and not derail it with this desktop poo poo
|
|
#
?
Nov 19, 2014 04:03
|
|
|
Suspicious Dish posted:What's the use case for a self-signed cert? I'm curious here. The youtube video that crypto stymie keeps referencing is basically "gently caress the NSA", and it completely ignores the possibility that people might impersonate your bank using self-signed certs to steal your credentials.
|
|
#
?
Nov 19, 2014 04:03
|
|
|
Notorious b.s.d. posted:btw expose-clones are the worst, because all of my windows are editors full of text, web browsers full of text, or command lines full of text. there is no way to usefully distinguish them using a thumbnail "i don't actually use graphical environments but let me tell you why your graphical environment is terrible" why are you even talking
|
|
#
?
Nov 19, 2014 04:11
|
|
|
Notorious b.s.d. posted:yes and yes lol if u think scientists have any loving idea how to use a computer
|
|
#
?
Nov 19, 2014 04:21
|
|
|
pram posted:my imac (running apple macintosh operating system 10.10 yosemite) came with two hard drives sane but retinal imac and 10.10.1 and one ssd only
|
|
#
?
Nov 19, 2014 04:36
|
|
|
oval office AND PASTE posted:so you really think there's absolut hes right no one else will ever use desktop lunix
|
|
#
?
Nov 19, 2014 04:36
|
|
|
you know someone is a cool guy when they tell you how much they donated
|
|
#
?
Nov 19, 2014 04:45
|
|
|
oval office AND PASTE posted:"i don't actually use graphical environments but let me tell you why your graphical environment is terrible" windows, icons, menus, pointers it's all there, chief
|
|
#
?
Nov 19, 2014 05:07
|
|
|
unstoppable sperg meets immovable sperg
|
|
#
?
Nov 19, 2014 05:09
|
|
|
Not reading thread. I'm guessing there was serious discussion. It would have to be off topic because desktop Linux is a joke.
|
|
#
?
Nov 19, 2014 06:30
|
|
|
we were discussing osx 10.10.1
|
|
#
?
Nov 19, 2014 06:31
|
|
|
the most advanced operating system
|
|
#
?
Nov 19, 2014 06:32
|
|
|
pram posted:the most advanced operating system for clowns to use at the mach circus
|
|
#
?
Nov 19, 2014 06:33
|
|
|
 truly, a perfect consumer desktop environment
|
|
#
?
Nov 19, 2014 06:37
|
|
|
detroit posted:
nice 1 Gazza
|
|
#
?
Nov 19, 2014 06:59
|
|
|
Exposé is really cool and good and readable on my 13" MacBook Pro with Retina Display. Well that's my story hope you liked it.
|
|
#
?
Nov 19, 2014 07:07
|
|
|
agreed sulk
|
|
#
?
Nov 19, 2014 07:07
|
|
|
theadder posted:sane but retinal imac and 10.10.1 and one ssd only i have a thing that would be called a retina macbook air if it had a huge glowing apple logo on the back it suits my needs very well
|
|
#
?
Nov 19, 2014 15:14
|
|
|
lmfao ian jackson bailed
|
|
#
?
Nov 19, 2014 15:20
|
|
|
detroit posted:
Buttt Moooommmmm, I'm re-theming ubuntu right now.
|
|
#
?
Nov 19, 2014 15:21
|
|
|
Captain Foo posted:lmfao ian jackson bailed RIP
|
|
#
?
Nov 19, 2014 15:29
|
|
|
ian jackson's the sperglord of sysV mountain, a terrifying choose your own adventure book
|
|
#
?
Nov 19, 2014 15:33
|
|
|
Sniep posted:well, a good use of self signed in the wild is intranet/corp poo poo where they run a CA and push the root to alt heir machines like i said earlier. but that's about it. that's not self signed tho. self signed is a certificate with no signer (other than itself). the only somewhat legitimate use of a self signed cert is out of the box/unprovisioned device configurations. even if ur testing you should be able to request a legit cert from your internal ca instead of generating your own. theres no reason you should have self signed certs.
|
|
#
?
Nov 19, 2014 15:34
|
|
|
also dnssec seems really stupid, but maybe I don't understand it.
|
|
#
?
Nov 19, 2014 15:39
|
|
|
Shaggar posted:also dnssec seems really stupid, but maybe I don't understand it. shocker
|
|
#
?
Nov 19, 2014 15:43
|
|
|
Shaggar posted:even if ur testing you should be able to request a legit cert from your internal ca instead of generating your own. theres no reason you should have self signed certs. this is right, and if you don't have an internal ca, make one and secure your job
|
|
#
?
Nov 19, 2014 15:44
|
|
|
who owns the signing keys in dnssec and how is trust established + how are domain owners validated?
|
|
#
?
Nov 19, 2014 15:51
|
|
|
|
| # ? May 14, 2024 01:09 |
|
|
Shaggar posted:who owns the signing keys in dnssec and how is trust established + how are domain owners validated? dns is hierarchical. you have to trust the dns roots' keys. roots sign the records below them you don't validate domain owners. dnssec exists to make sure your dns isn't being spoofed by a malicious AP or something
|
|
#
?
Nov 19, 2014 16:33
|
|