David-Sarah Hopwood david-sa...@jacaranda.org writes:
Huh? I don't understand the argument being made here.
It's a bogus argument, the text says:
He took a legitimate software package and removed the signature of the
digital certificate it contained, then installed the package on his
On Jul 30, 2010, at 4:58 AM, Peter Gutmann wrote:
[0] I've never understood why this is a comedy of errors, it seems more like
a tragedy of errors to me.
That is because a tragedy involves someone dying. Strictly speaking, a tragedy
involves a Great Person who is brought to their undoing
Jon Callas j...@callas.org writes:
But S.J. Perleman's Three Shares in a Boat
Uhh. minor nitpick, it was Jerome K.Jerome who wrote Three Shares in a Boat.
He followed it up with Three Certificates on the Bummel, a reference to the
sharing of commercial vendors' code-signing keys with malware
On Aug 4, 2010, at 11:29 PM, Peter Gutmann wrote:
Jon Callas j...@callas.org writes:
But S.J. Perleman's Three Shares in a Boat
Uhh. minor nitpick, it was Jerome K.Jerome who wrote Three Shares in a
Boat.
He followed it up with Three Certificates on the Bummel, a reference to the
I've been having an off-list discussion with someone about how you'd prevent
the recent Realtek/JMicron certificate fiasco. My thoughts on this:
Since many development shops see the signing process as nothing more than an
annoying speed-bump that stands in the way of application deployment,
https://media.blackhat.com/bh-us-10/whitepapers/Kamkar/BlackHat-USA-2010-Kamkar-How-I-Met-Your-Girlfriend-wp.pdf
Hey, another PRNG is broken. Raise your hand if you're surprised.
--
A Weapon of Mass Construction
My emails do not have attachments; it's a digital signature that your mail
program
travis+ml-cryptogra...@subspacefield.org writes:
https://media.blackhat.com/bh-us-10/whitepapers/Kamkar/BlackHat-USA-2010-Kamkar-How-I-Met-Your-Girlfriend-wp.pdf
He doesn't mention the php.ini variables session.entropy_length and
session.entropy_file. Last I checked, their default settings were
We discussed the question of why IE6 is still out there. Well ... http://arstechnica.com/microsoft/news/2010/08/despite-petition-uk-government-to-keep-ie6.ars
reports that the UK government has officially decided not to replace
IE6, feeling the costs outweigh the benefits. Quoting from the