Kvm

[Russell Coker via luv-main]

Is there interest in a kvm tutorial at the beginners sig? The idea would be to 
have most people running it on their laptops but it's theoretically possible to 
run kvm within qemu so we might be able to get it running in VMs.
-- 
Sent from my Samsung Galaxy Note 3 with K-9 Mail.
___
luv-main mailing list
luv-main@luv.asn.au
https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main

Re: Impending Crypto Monoculture

[Robin Humble via luv-main]

On Sat, Apr 16, 2016 at 02:35:20AM +1000, Andrew McGlashan via luv-main wrote:
>How about having fingerprints saved in DNS records, self-signed or
>"official" CA signed certs ?

Certs for the domain in DNSSEC for the domain. sounds good.
I've heard folks who know a lot more than me about protocols and
security discuss it favourably.
is it an RFC?

cheers,
robin
___
luv-main mailing list
luv-main@luv.asn.au
https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main

Re: Impending Crypto Monoculture

[Andrew McGlashan via luv-main]

On 15/04/2016 4:51 PM, Rick Moen via luv-main wrote:
> Quoting Andrew McGlashan (andrew.mcglas...@affinityvision.com.au):
> 
>> letsencrypt perhaps?  It works very well.
> 
> It (https://letsencrypt.org/, a recently invented, automated, no-charge
> CA) solves the one specific problem it set out to solve, well.  And it's
> commendably well intended & benevolent.

So many wise words, Marian flu or not.

Still, I've used self-signed certs too over the years and only
occasionally tried out other options  for me, right now, letsencrypt
is better due to how the main browsers are setting up users to distrust
anything that doesn't come from a CA (however untrustworthy CAs might be).

GPG signed certs, not likely; there are plenty of other considerations,
but GPG signing /may/ be part of a greater solution.

How about having fingerprints saved in DNS records, self-signed or
"official" CA signed certs ?

I wish trust in computers (not just CAs) wasn't so broken.  :(

Cheers
AndrewM





signature.asc
Description: OpenPGP digital signature
___
luv-main mailing list
luv-main@luv.asn.au
https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main

Re: mjg59 | Skylake's power management under Linux is dreadful and you shouldn't buy one until it's fixed

[Chris Samuel via luv-main]

On Friday, 15 April 2016 5:08:15 PM AEST Trent W. Buck via luv-main wrote:

> I think that part matters even for mains-powered Skylake systems.

Apparently not, the article says:

# (Edit to add: this issue is restricted to the mobile SKUs.
# Desktop parts have very different power management behaviour)

Which is good to hear!

-- 
 Chris Samuel  :  http://www.csamuel.org/  :  Melbourne, VIC

___
luv-main mailing list
luv-main@luv.asn.au
https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main

Re: mjg59 | Skylake's power management under Linux is dreadful and you shouldn't buy one until it's fixed

[Trent W. Buck via luv-main]

Andrew McGlashan via luv-main
 writes:

> This looks like a very big OUCH for latest generation of Intel based
> laptops!
>   -- desktops might be okay though.
>
> http://mjg59.dreamwidth.org/41713.html

Note the second part,
which says unless you implement power saving,
Intel thinks your CPU might overheat and melt.

I think that part matters even for mains-powered Skylake systems.

___
luv-main mailing list
luv-main@luv.asn.au
https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main

Re: Impending Crypto Monoculture

[Rick Moen via luv-main]

Quoting Andrew McGlashan (andrew.mcglas...@affinityvision.com.au):

> letsencrypt perhaps?  It works very well.

It (https://letsencrypt.org/, a recently invented, automated, no-charge
CA) solves the one specific problem it set out to solve, well.  And it's
commendably well intended & benevolent.

But, IMO, the entire CA model is unfixably broken, _so_ Let's Encrypt is a
benign attempt to prop up a hopelessly bad CA framework that needs to just die.
For details, rather than my recapping the conversation I had about
Let's Encrypt just this past month, please see:

http://linuxmafia.com/pipermail/conspire/2016-March/008389.html

Further downthread discussion:
http://linuxmafia.com/pipermail/conspire/2016-March/008390.html
http://linuxmafia.com/pipermail/conspire/2016-March/008391.html
http://linuxmafia.com/pipermail/conspire/2016-March/008392.html

-- 
Cheers,  "My life has a superb cast,
Rick Moenbut I cannot figure out the plot."
r...@linuxmafia.com   -- Ashleigh Brilliant
McQ! (4x80)  
___
luv-main mailing list
luv-main@luv.asn.au
https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main

Re: Impending Crypto Monoculture

[Andrew McGlashan via luv-main]

On 15/04/2016 4:15 PM, Rick Moen via luv-main wrote:
> https://linuxmafia.com/~rick/faq/dan-brandishing-legal-threats

letsencrypt perhaps?  It works very well.

Cheers
A.



signature.asc
Description: OpenPGP digital signature
___
luv-main mailing list
luv-main@luv.asn.au
https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main

Re: Impending Crypto Monoculture

[Rick Moen via luv-main]

Quoting Chris Samuel (ch...@csamuel.org):

> It's an interesting situation, though I think I'd trust Dan a bit more than I 
> trust the USG now. :-)

I trust Dan a _great_ deal more than I do the USG, and that's after he
sort-of-almost-threatened a bogus lawsuit against me 2001 for committing
'libel' [sic] against his software on my Web page (and acting 'against
the law' on it), the Web page I'd pointed people to from 1999 onwards,
rather than continually repeating why I had disliked adminstering qmail
for a living during 1999 (back when qmail was still relevant).
https://linuxmafia.com/~rick/faq/dan-brandishing-legal-threats

That being said, Guttman's point is extremely well taken that we need
more than just djbware.  Personally, I'm all for being a patent
scofflaw, if necessary.

-- 
Cheers,   "My opinions may have changed, 
Rick Moen but not the fact that I'm right."
r...@linuxmafia.com   -- Ashleigh Brilliant
McQ! (4x80)  
___
luv-main mailing list
luv-main@luv.asn.au
https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main