I could fit if I didn't have these damned arms!
This is a textbook example of the "establishment of religion" prohibited by the First Amendment.
You Linux users sure are a contentious people.
SSL/TLS, the "S" in HTTPS, and other network encryption protocols such as SSH, use a technique called a Diffie-Hellman key exchange. This is a mode of cryptography where each side generates two keys: a public half and a private half. Anything encrypted with the public half is only decryptable by the associated private half (and vice versa).
You and Youtube only ever exchange the public halves of your respective key pairs. If someone snoops on the key exchange all they can do is insert spoofed messages, not decrypt real ones.
Moreover, the keypairs are generated on the fly for each new session rather than reused. This means that even a future compromise of youtube won't unlock old sessions. This is a concept called forward secrecy.
Message spoofing is prevented by digital signatures. These also use the Diffie-Hellman principle of pairs of public/private keys, but use separate longer-term key pairs than those used with encryption. The public half of youtube's signing key, as presented by the server when you connect to it, has to be digitally signed by a well-known public authority whose public signing key was shipped with your web browser.
Why is he not sitting in a cell for contempt of court?
The judge is setting a bad precedent that is going to be used every single time he tries to hold anyone else in contempt ever again.
And their Christofascist fans don't even realize it's a sin to consult a psychic.
Even the researcher who reported this doesn't go as far as this headline.
"I am an admin, should I drop everything and fix this?"
Probably not.
The attack requires an active Man-in-the-Middle attacker that can intercept and modify the connection's traffic at the TCP/IP layer. Additionally, we require the negotiation of either ChaCha20-Poly1305, or any CBC cipher in combination with Encrypt-then-MAC as the connection's encryption mode.
[...]
"So how practical is the attack?"
The Terrapin attack requires an active Man-in-the-Middle attacker, that means some way for an attacker to intercept and modify the data sent from the client or server to the remote peer. This is difficult on the Internet, but can be a plausible attacker model on the local network.
Now, there's one thing you might have noticed I don't complain about: politicians. Everybody complains about politicians. Everybody says they suck.
Well, where do people think these politicians come from? They don't fall out of the sky. They don't pass through a membrane from another reality. They come from American parents and American families, American homes, American schools, American churches, American businesses and American universities, and they are elected by American citizens.
This is the best we can do, folks. This is what we have to offer. It's what our system produces: Garbage in, garbage out. If you have selfish, ignorant citizens, you're going to get selfish, ignorant leaders.
Term limits ain't going to do any good; you're just going to end up with a brand new bunch of selfish, ignorant Americans. So, maybe, maybe, maybe... it's not the politicians who suck. Maybe something else sucks around here... like... the public. Yeah, the public sucks. There's a nice campaign slogan for somebody: 'The Public Sucks. Fuck Hope.'
-George Carlin
Respect is for people, not ideas or beliefs.
In the early 2000's Commodo was actually a reputable consumer-grade firewall vendor. Like all security software vendors, they eventually became that which they fought against.
charonn0
joined 2 years ago
You fart continuously while using it.