On 02/18/2014 05:52 PM, Randy Bush wrote:
in the last 3-4 days, a *massive* amount of spam is making it past
spamassassin to my users and to me. see appended for example. not
all has dkim.
It's been a while since i've been in this world, but I wonder whether
bayes filters are
using the
On 12/30/2013 08:03 AM, Dobbins, Roland wrote:
On Dec 30, 2013, at 10:44 PM, valdis.kletni...@vt.edu
valdis.kletni...@vt.edu wrote:
What percentage of Cisco gear that supports a CALEA lawful intercept mode is
installed in situations where CALEA doesn't apply, and thus there's a high
On 12/06/2013 05:54 AM, Mark Radabaugh wrote:
I realize most of the NANOG operators are not running end user
networks anymore. Real consumption data:
Monthly_GBCountPercent
100GB 3658 90%
100-149 368 10%
150-199 173 4.7%
200-249 97
On 11/01/2013 07:18 PM, Mike Lyon wrote:
So even if Goog or Yahoo encrypt their data between DCs, what stops
the NSA from decrypting that data? Or would it be done simply to make
their lives a bit more of a PiTA to get the data they want?
My bet is that when the said the were partially
On 10/29/2013 07:51 PM, Jay Ashworth wrote:
The Paley Center for Media reminds us that on this day in 1969 at 2230 PST, the
first link was turned up between UCLAs Sigma 7 and SRIs 940.
OMG: I didn't know that I've actually worked on one of the net's first
machines. Though not at
the time,
Chris Hartley wrote:
Anyone who has access to logs for their email infrastructure ought
probably to check for authentications to user accounts from linkedin's
servers. Likely, people in your organization are entering their
credentials into linkedin to add to their contact list. Is it a
problem
Scott Howard wrote:
Have you actually confirmed it's NOT opt-in? The screenshots on the
Linked-in engineering blog referenced earlier certainly make it look like
it is.
http://engineering.linkedin.com/sites/default/files/intro_installer_0.png
Of course, you could argue there's a difference
On 10/7/13 4:24 PM, Andrew Koch wrote:
Working with onsite personel to upgrade the server with additional
memory failed during the first announced maintenance. Compatible memory
was located and tested leading to the second maintenance when it was
successfully installed.
At this time we have
On 9/8/13 12:58 AM, Randy Bush wrote:
Quite frankly, all this chatter about technical 'calls to arms' and
whatnot is pointless and distracting (thereby calling into question
the motivations behind continued agitation for technical remedies,
which clearly won't have any effect whatsoever).
cool.
On 09/06/2013 12:14 PM, Eugen Leitl wrote:
On Fri, Sep 06, 2013 at 12:03:56PM -0700, Michael Thomas wrote:
On 09/06/2013 11:19 AM, Nicolai wrote:
That's true -- it is far easier to subvert email than most other
services, and in the case of email we probably need a wholly new
protocol.
Uh
On 09/06/2013 12:52 PM, Nicolai wrote:
On Fri, Sep 06, 2013 at 12:03:56PM -0700, Michael Thomas wrote:
On 09/06/2013 11:19 AM, Nicolai wrote:
That's true -- it is far easier to subvert email than most other
services, and in the case of email we probably need a wholly new
protocol.
Uh
On 09/06/2013 11:19 AM, Nicolai wrote:
That's true -- it is far easier to subvert email than most other
services, and in the case of email we probably need a wholly new
protocol.
Uh, a first step might be to just turn on [START]TLS. We're not using the
tools that have been implemented and
On 09/04/2013 09:17 PM, valdis.kletni...@vt.edu wrote:
On Wed, 04 Sep 2013 20:47:40 -0500, Leo Bicknell said:
There's still the much more minor point that when I tried to self
serve I ended up at a blank page on the Yahoo! web site, hopefully they
will figure that out as well.
I'm continually
On 07/28/2013 07:20 AM, jamie rishaw wrote:
http://www.theatlantic.com/technology/archive/13/07/not-even-silicon-valley-escapes-history/277824/
-j
Yeah, that's a fun article. My guess in 20 years the current boom in SF will
revert
to the wildtype and instead of the Twitter on midmarket the
On 7/26/13 9:54 AM, Alex Rubenstein wrote:
Case in point.. And I'm going to name drop, but do not consider this a shame.
I have been looking at various filtering technologies, and was looking at
Barracudas site. I went on with my day, but noticed that filtering vendors
start showing up on random
On 06/28/2013 09:54 PM, shawn wilson wrote:
On Jun 29, 2013 12:23 AM, Christopher Morrow morrowc.li...@gmail.com
wrote:
On Fri, Jun 28, 2013 at 10:12 PM, Octavio Alvarez
alvar...@alvarezp.ods.org wrote:
On Fri, 28 Jun 2013 17:20:21 -0700, Christopher Morrow
morrowc.li...@gmail.com wrote:
http://arstechnica.com/information-technology/2013/06/google-making-the-web-faster-with-protocol-that-reduces-round-trips/?comments=1
Sorry if this is a little more on the dev side, and less on the ops side but
since
it's Google, it will almost certainly affect the ops side eventually.
My
it.
https://docs.google.com/document/d/1lmL9EF6qKrk7gbazY8bIdvq3Pno2Xj_l_YShP40GLQE/preview?sle=true#heading=h.h3jsxme7rovm
Mike
On Fri, Jun 28, 2013 at 3:09 PM, Michael Thomas m...@mtcc.com wrote:
http://arstechnica.com/information-technology/2013/06/google-making-the-web-faster-with-protocol
On 06/28/2013 02:07 PM, Jay Ashworth wrote:
- Original Message -
From: Michael Thomas m...@mtcc.com
My first reaction to this was why not SCTP, but apparently they think
Simple Computer Telephony Protocol? Did anyone ever actually implement that?
No:
http://en.wikipedia.org
On 06/28/2013 02:28 PM, joel jaeggli wrote:
On 6/28/13 2:15 PM, Michael Thomas wrote:
On 06/28/2013 02:07 PM, Jay Ashworth wrote:
- Original Message -
From: Michael Thomas m...@mtcc.com
My first reaction to this was why not SCTP, but apparently they think
Simple Computer Telephony
On 06/15/2013 05:13 AM, Rich Kulawiec wrote:
First: this is a fascinating discussion. Thank you.
Second:
On Sat, Jun 15, 2013 at 01:56:34AM -0500, Jimmy Hess wrote:
There will be indeed be _plenty_ of ways that a low bit rate channel
can do everything the right adversary needs.
A few bits
On 06/14/2013 10:51 AM, valdis.kletni...@vt.edu wrote:
On Fri, 14 Jun 2013 13:21:09 -0400, Scott Helms said:
How? There is truly not that much room in the IP packet to play games and
if you're modifying all your traffic this would again be pretty easy to
spot. Again, the easiest/cheapest
On 06/14/2013 11:35 AM, Scott Helms wrote:
In $random_deployment they have no idea what the topology is and odd behavior is *always *noticed over time. The amount of time it would take to transmit useful information would nearly guarantees someone noticing and the more successful the exploit was
On 06/14/2013 05:34 PM, Scott Helms wrote:
Is it possible? Yes, but it's not feasible because the data rate would be
too low. That's what I'm trying to get across. There are lots things that
can be done but many of those are not useful.
I could encode communications in fireworks displays,
On 06/13/2013 09:31 AM, Saku Ytti wrote:
On (2013-06-13 12:22 -0400), Patrick W. Gilmore wrote:
Do you think Huawei has a magic ability to transmit data without you noticing?
I always found it dubious that public sector can drop them from tender
citing publicly about spying, when AFAIK Huawei
On 06/13/2013 09:35 AM, Patrick W. Gilmore wrote:
I am assuming a not-Hauwei-only network.
The idea that a router could send things through other routers without someone
who is looking for it noticing is ludicrous.
::cough:: steganography ::cough::
Mike
On 06/13/2013 10:20 AM, Scott Helms wrote:
Not really, no one has claimed it's impossible to hide traffic. What is true
is that it's not feasible to do so at scale without it becoming obvious.
Steganography is great for hiding traffic inside of legitimate traffic between
two hosts but if
On 06/13/2013 05:28 PM, Scott Helms wrote:
Bill,
Certainly everything you said is correct and at the same time is not useful
for the kinds traffic interception that's been implied. 20 packets of
random traffic capture is extraordinarily unlikely to contain anything of
interest and eve if you
On 06/13/2013 06:11 PM, Scott Helms wrote:
Not at all Michael, but that is a targeted piece of data and that means a command and
control system. I challenge your imagination to come up with a common scenario where a
non targeted I'm/they're here that's useful to either the company or the
On 06/13/2013 06:57 PM, Scott Helms wrote:
What you're describing is a command and control channel unless you're
suggesting that the router itself had the capacity to somehow discern that.
That's the problem with all the pixie dust theories. The router can't, it
doesn't know who the
On 04/29/2013 11:00 AM, Jack Bates wrote:
If the existing cards handle CGN without additional licensing, then the only
real cost is personal, my sanity, and the company need/will not factor that in.
One thing to consider is what the new support load will be from issues dealing
with CGN
So here is the question I have: when we run out, is there *anything* that
will reasonably allow an ISP to *not* deploy carrier grade NAT? Assuming
that it's death for the ISP to just say no to the long tail of legacy v4-only
sites?
One thing that occurs to me though is that it's sort of in an
On 04/25/2013 10:10 AM, Brandon Ross wrote:
On Thu, 25 Apr 2013, Michael Thomas wrote:
So here is the question I have: when we run out, is there *anything* that
will reasonably allow an ISP to *not* deploy carrier grade NAT?
Do you count NAT64 or MAP as carrier grade NAT?
I suppose
On 04/25/2013 11:09 AM, Owen DeLong wrote:
On Apr 25, 2013, at 11:24 AM, Michael Thomas m...@mtcc.com wrote:
So here is the question I have: when we run out, is there *anything* that
will reasonably allow an ISP to *not* deploy carrier grade NAT? Assuming
that it's death for the ISP to just
On 04/25/2013 07:27 PM, Owen DeLong wrote:
At some level, I wonder how much the feedback loop of providers
won't deploy ipv6 because everybody says they won't deploy ipv6
has caused this self-fulfilling prophecy :/
It's a definite issue. The bigger issue is the financial incentives are all in
On 04/24/2013 03:26 PM, Fred Baker (fred) wrote:
Frankly, the ISPs likely to be tracking this list aren't the people holding
back there. To pick on one that is fairly public, Verizon Wireline is running
dual stack for at least its FIOS customers, and also deploying CGN, and being
pretty up
On 04/24/2013 05:34 PM, Fred Baker (fred) wrote:
On Apr 24, 2013, at 4:50 PM, Michael Thomas m...@mtcc.com
wrote:
On 04/24/2013 03:26 PM, Fred Baker (fred) wrote:
Frankly, the ISPs likely to be tracking this list aren't the people holding
back there. To pick on one that is fairly public
On 02/12/2013 04:46 PM, Joel Maslak wrote:
Large buffers have broken the average home internet. I can't tell you how
many people are astonished when I say one of your family members
downloading a huge Microsoft ISO image (via TCP or other congestion-aware
algorithm) shouldn't even be noticed by
O oracle of nanog: unlike things like rogue processes eating tons of CPU,
it seems to me that network monitoring is essentially a black art for the
average schmuck home network operator (of which I count myself). That
is: if the network is slow, it's really hard to tell why that might be and
who
On 02/12/2013 02:07 PM, Warren Bailey wrote:
Someone created an application for uverse users that goes into the gateway and pulls relevant
information. The information (link retrain, for example) is then color coded for caution and
out of range. The application is called up real time, not
On 01/30/2013 01:51 PM, Cutler James R wrote:
On Jan 30, 2013, at 12:43 PM, joel jaeggli joe...@bogus.com wrote:
As a product of having a motorola sb6121 and a netgear wndr3700 both of which I
bought at frys I have ipv6 in my house with dhcp pd curtesy of commcast. If it
was any simpler
Rich Kulawiec wrote:
On Thu, Jan 24, 2013 at 09:50:15AM -0600, Joe Greco wrote:
However, as part of a defense in depth strategy, it can still make
sense.
Brother, you're preaching to the choir. I've argued for defense in depth
for longer than I can remember. Still am.
But defenses have
On 01/10/2013 07:02 AM, Jared Mauch wrote:
On Jan 10, 2013, at 9:51 AM, Mikael Abrahamsson swm...@swm.pp.se wrote:
I certainly want to use something more modern, having run Xmodem to load images
into devices or net-booted systems with very large images in the past…
I've seen all sorts of
On 01/02/2013 09:14 PM, Damian Menscher wrote:
Back on topic: encryption without knowing who you're talking to is worse
than useless (hence no self-signed certs which provide a false sense of
security),
In fact, it's very useful -- what do you think the initial diffie-hellman
exchanges are
On 12/21/2012 04:08 AM, Aled Morris wrote:
Good luck with that! :-) Referring back to the original question and the reference to Raspberry Pi... The latest HDMI has Ethernet capability and the connector is already on the Pi, so there's a possible (future) solution that would work for all manner
On 12/21/2012 09:29 AM, Tony Finch wrote:
Michael Thomas m...@mtcc.com wrote:
I'd turn this back the other way though: in this day and age, why do we
have any interconnection/bus that isn't just ethernet/IP?
The need for isochronous transmission and more bandwidth.
That's why G*d invented
On 12/21/2012 12:00 PM, Aled Morris wrote:
On 21 December 2012 18:22, Chris Adams cmad...@hiwaay.net wrote:
I will say that one nice thing about having different connectors for
different protocols (on consumer devices anyway) is that you don't have
to worry about somebody plugging the Internet
I was looking at a Raspberry Pi board and was struck with how large the ethernet
connector is in comparison to the board as a whole. It strikes me: ethernet
connectors haven't changed that I'm aware in pretty much 25 years. Every other
cable has changed several times in that time frame. I imaging
On 12/20/2012 10:28 AM, Michael Loftis wrote:
It's not all about density. You *Must* have positive retention and alignment.
None of the USB nor firewire standards provide for positive retention. eSATA
does sort of in some variants but the connectors for USB are especially
delicate and easy
On 12/20/2012 11:43 AM, William Herrin wrote:
Also, RJ45 is around the minimum size where you can hand-terminate a
cable. How would you go about quickly making a 36.5 foot 8 conductor
cable with, say, micro USB ends?
You're assuming that that's a universal requirement. Most people
in retail
On 12/20/2012 12:01 PM, William Herrin wrote:
On the other hand, I wonder if it would be worth asking the 802.3 committee look at defining a single-pair ethernet standard that would interoperate with a normal 4-pair switch. So, you'd have two conductors into some kind of 2P2C micro-RJ connector
Matthew Newton wrote:
On Fri, Dec 14, 2012 at 04:42:46PM +, Nick Hilliard wrote:
On 13/12/2012 22:54, Jason Castonguay wrote:
Advisory — D-root is changing its IPv4 address on the 3rd of January.
You've just given 3 weeks notice for a component change in one of the few
critical part of
On 12/01/2012 11:55 PM, Owen DeLong wrote:
ps. I work for a division of my employer that does not yet have IPv6 support in
its rather popular consumer software product. Demand for IPv6 from our rather
large customer base is, at present, essentially nonexistent, and other things
would be way
On 11/28/2012 09:40 PM, Jeroen Massar wrote:
On 2012-11-28 18:26, Michael Thomas wrote:
It's very presumptuous for you to tell me what my development/test
priorities ought to be, and I can tell you for absolute certain that any
such badgering will be met with rolled eyes and quick dismissal
On 11/29/2012 10:36 AM, Cameron Byrne wrote:
Got some bad data here. Let me help.
Sent from ipv6-only Android
On Nov 29, 2012 8:22 AM, Michael Thomas m...@mtcc.com
mailto:m...@mtcc.com wrote:
Phone apps, by and large, are designed by people in homes or
small companies. They do not have v6
On 11/28/2012 09:00 AM, Jeroen Massar wrote:
And still, if you as a proper engineer where not able to test/add IPv6
code in the last 10++ years, then you did something very very wrong in
your job, the least of which is to file a ticket for IPv6 support in the
ticket tracking system so that one
On 11/28/2012 10:30 AM, david peahi wrote:
On the practical side: Have all programmers created a 128 bit field to
store the IPv6 address, where IPv4 programs use a 32 bit field to store the
IP address? This would seem to be similar to the year 2000 case where
almost all programs required
On 11/27/2012 11:58 AM, Cameron Byrne wrote:
On Tue, Nov 27, 2012 at 11:28 AM, mike m...@mtcc.com wrote:
Is this the app's fault? What are they doing wrong?
Yes, it is the app's fault.
They are either doing IPv4 literals or IPv4-only sockets
The IPv4 literal issues is when they do wget
On 11/27/2012 12:41 PM, Mark Andrews wrote:
In message 50b512b6.1010...@mtcc.com, mike writes:
On 11/26/12 9:32 PM, Mikael Abrahamsson wrote:
The main problem with IPv6 only is that most app developers (most programme
rs totally) do not really have access to this, so no testing is being done.
On 11/27/2012 01:07 PM, Jeroen Massar wrote:
On 2012-11-27 20:21, mike wrote:
This is a point that is probably more significant than is
appreciated. If the app, IT, and networking ecosystem don't even have
access to ipv6 to play around with, you can be guaranteed that they
are going to be
On 11/27/2012 03:44 PM, Owen DeLong wrote:
I would think that a developer of corporate network-based applications that is
worth his salt would be one of the people pushing the IT/Neteng group to give
him the tools to do his job. If he waits until they are implementing IPv6 on
corporate
On 11/27/2012 09:00 PM, Mark Andrews wrote:
In message 20121128041816.gf1...@dyn.com, Andrew Sullivan writes:
On Wed, Nov 28, 2012 at 08:41:13AM +1100, Mark Andrews wrote:
If they are writing network based code a tunnel broker should not
be a issue. Tunnel brokers are not that hard to use.
On 11/26/2012 03:18 PM, Dobbins, Roland wrote:
Apple and Microsoft are application developers as well as OS vendors. How much
of a priority do you think IPv6 capabilities are to their application
development organizations? How much of a priority do you think IPv6
capabilities are to their
On 11/26/2012 04:24 PM, Dobbins, Roland wrote:
On Nov 27, 2012, at 6:56 AM, Michael Thomas wrote:
Er, uh, huh? v6 has been available forever on the usual suspect host operating
systems, and most server side apps don't need to do much to support lighting
v6 support up that I can think
On 11/26/2012 04:38 PM, Dobbins, Roland wrote:
On Nov 27, 2012, at 7:35 AM, Michael Thomas wrote:
Not on the server side that I can see. It's a network problem first and
foremost, and starts by having the excuse that they can't get v6 upstream from
their ISP's.
It's hugely problematic
On 10/05/2012 05:25 PM, Barry Shein wrote:
5. Bits is bits.
I don't know how to say that more clearly.
An ipv6 address is a string of 128 bits with some segmentation
implications (net part, host part.)
A host name is a string of bits of varying length. But it's still just
ones and zeros, an
On 09/18/2012 08:08 AM, Jared Mauch wrote:
We've been doing this for years on both Juniper IOS/IOS-XR devices. Must be
someone else.
We do run into this whole feature parity thing often. The vendors seem to be
challenged in this space. I suspect a significant part of it is they don't
On 09/16/2012 08:23 PM, Randy Bush wrote:
and don't bs me with how humongous the v6 address space is. we once though 32 bits was humongous. randy
No we didn't .
Mike
On 09/05/2012 05:56 AM, Daniel Taylor wrote:
On 09/04/2012 03:52 PM, Michael Thomas wrote:
On 09/04/2012 09:34 AM, Daniel Taylor wrote:
If you are sending direct SMTP on behalf of your domain from essentially random
locations, how are we supposed to pick you out from spammers that do
On 09/05/2012 07:50 AM, Henry Stryker wrote:
Not only that, but a majority of spam I receive lately has a valid DKIM signature. They are adaptive, like cockroaches.
The I part of DKIM is Identified. That's all it promises. It's a
feature, not a bug, that spammers use it.
Mike
On 09/05/2012 08:49 AM, Sean Harlow wrote:
2. The reason port 25 blocks remain effective is that there really isn't a
bypass.
In the Maginot Line sense, manifestly.
Mike
On 09/05/2012 12:50 PM, Daniel Taylor wrote:
On 09/05/2012 10:19 AM, Michael Thomas wrote:
On 09/05/2012 05:56 AM, Daniel Taylor wrote:
On 09/04/2012 03:52 PM, Michael Thomas wrote:
On 09/04/2012 09:34 AM, Daniel Taylor wrote:
If you are sending direct SMTP on behalf of your domain from
On 09/04/2012 05:05 AM, William Herrin wrote:
There are no good subscribers trying to send email direct to a
remote port 25 from behind a NAT. The good subscribers are either
using your local smart host or they're using TCP port 587 on their
remote mail server. You may safely block outbound TCP
On 09/04/2012 11:55 AM, William Herrin wrote:
On Tue, Sep 4, 2012 at 12:59 PM, Michael Thomas m...@mtcc.com wrote:
On 09/04/2012 05:05 AM, William Herrin wrote:
There are no good subscribers trying to send email direct to a
remote port 25 from behind a NAT. The good subscribers are either
On 09/04/2012 01:07 PM, David Miller wrote:
There is no requirement that all endpoints be *permitted* to connect to
and use any service of any other endpoint. The end-to-end design
principle does not require a complete lack of authentication or
authorization.
I can refuse connections to port
On 09/04/2012 09:34 AM, Daniel Taylor wrote:
If you are sending direct SMTP on behalf of your domain from essentially random
locations, how are we supposed to pick you out from spammers that do the same?
Use DKIM.
Mike
On 08/17/2012 01:32 PM, valdis.kletni...@vt.edu wrote:
On Fri, 17 Aug 2012 15:32:11 -0400, Andrew Sullivan said:
On Fri, Aug 17, 2012 at 04:13:09PM -, John Levine wrote:
The application I have in mind is to see if it helps to keep DNSBL
traffic, which caches poorly, from pushing other
On 07/18/2012 06:10 AM, valdis.kletni...@vt.edu wrote:
On Wed, 18 Jul 2012 10:04:05 +0300, Saku Ytti said:
However I'm not sure what would be good seed? ISO3166 alpha2 +
domestic_business_id + 0..n (for nth block you needed)
You want to roll in at some entropy by adding in the current date or
On 07/10/2012 03:56 AM, Bret Clark wrote:
On 07/10/2012 03:32 AM, goe...@anime.net wrote:
On Mon, 9 Jul 2012, Jeroen van Aart wrote:
William Herrin wrote:
This is, incidentally, is a detail I'd love for one of the candidates
to offer in response to that question. Bonus points if you discuss
On 07/02/2012 09:04 AM, Jay Ashworth wrote:
- Original Message -
From: Alex Harrowell a.harrow...@gmail.com
On 02/07/12 16:47, AP NANOG wrote:
Do you happen to know all the kernels and versions affected by this?
2.6.26 to 3.3 inclusive per news.ycombinator.com/item?id=4183122
Well,
On 06/23/2012 05:52 PM, Keith Medcalf wrote:
Leo,
This will never work. The vested profiteers will all get together and make it a condition that
in order to use this method the user has to have purchased a verified key from them.
Every site will use different profiteers (probably whoever
On 06/10/2012 11:22 AM, John T. Yocum wrote:
A merchant can offer a cash discount.
I believe that the law just recently changed on that account. I believe
that what Barry says was the old reality.
Mike
--John
On 6/10/2012 11:16 AM, Barry Shein wrote:
I was under the impression (I should
On 06/10/2012 11:33 AM, Jay Ashworth wrote:
- Original Message -
From: Michael Thomasm...@mtcc.com
On 06/10/2012 11:22 AM, John T. Yocum wrote:
A merchant can offer a cash discount.
I believe that the law just recently changed on that account. I
believe that what Barry says was the
Linkedin has a blog post that ends with this sage advice:
* Make sure you update your password on LinkedIn (and any site that you visit
on the Web) at least once every few months.
I have accounts at probably 100's of sites. Am I to understand that I am
supposed to remember
each one of them
On 06/08/2012 12:56 PM, Paul Graydon wrote:
Use a password safe. Simple. Most of them even include secure password
generators. That way you only have one password to remember stored in a
location you have control over (and is encrypted), and you get to adopt secure
practices with websites.
On 06/08/2012 01:24 PM, Paul Graydon wrote:
On 06/08/2012 10:22 AM, Michael Thomas wrote:
On 06/08/2012 12:56 PM, Paul Graydon wrote:
Use a password safe. Simple. Most of them even include secure password
generators. That way you only have one password to remember stored in a
location you
On 06/08/2012 01:24 PM, Paul Graydon wrote:
Oh come on.. now you're just being ridiculous, even bordering on childish.
LinkedIn are offering solid advice, routed in safe practices. If you don't
want to do it that's your problem. Stop bitching just because security is hard.
PS: when security
On 06/08/2012 01:35 PM, Lyndon Nerenberg wrote:
On 2012-06-08, at 1:22 PM, Michael Thomas wrote:
Does your password safe know how to change the password on each
website every several months?
Yes.
I run a website. If it can change it on mine, I'd like to understand
how it manages to do
On 06/08/2012 01:41 PM, Alec Muffett wrote:
PS: when security is hard, people simply don't do it. Blaming the victim
of poor engineering that leads people to not be able to perform best
practices is not the answer.
Passwords suck, but they are the best that we have at the moment in terms of
On 06/08/2012 02:01 PM, Lyndon Nerenberg wrote:
On 2012-06-08, at 1:41 PM, Michael Thomas wrote:
I run a website. If it can change it on mine, I'd like to understand
how it manages to do that.
I log in to your website, change my password, and the software picks up that
I've changed
On 06/08/2012 05:59 PM, Ted Cooper wrote:
They have some things correct in this and some are complete hogwash.
Changing your password does not provide any additional security. It is
meant to give protection against your credentials having being
discovered, but if they have been compromised in
On 05/31/2012 05:43 PM, Grant Ridder wrote:
I think this is an interesting concept, but i don't know how well it will
hold up in the long run. All the initial verification and continuous
scanning will no doubtingly give the .secure TLD a high cost relative to
other TLD's.
Countries would
On 05/31/2012 06:16 PM, Fred Baker wrote:
not necessarily. It can be done with a laptop that does dig and sends email
to the place.
What will drive the price up is the lawsuits that come out of the woodwork when they
start trying to enforce their provisions. What? I have already printed my
On 04/06/2012 09:17 AM, Brielle Bruns wrote:
On 4/6/12 10:02 AM, Michael Thomas wrote:
I wonder how long a popularish blacklist operator would last if they,
oh say, blacklisted all of google or microsoft before they got some
very threatening letters from their legal staff. An hour? A day
On 03/28/2012 09:16 AM, Leo Bicknell wrote:
In a message written on Wed, Mar 28, 2012 at 08:45:12AM -0700, David Conrad
wrote:
An interesting assertion. I haven't looked at how end-user networks are built
recently. I had assumed there continue to be customer aggregation points
within ISP
On 03/28/2012 12:03 PM, Leo Bicknell wrote:
None of the routers are trusted if your perspective is right.
It's easy to find a path like:
Tier 1 ISP - Regional ISP - Local Provider - Subscriber - User
Techologically it may look like:
Tier 1 T640 core network with 10GE handoff
Regional
On 03/21/2012 11:58 AM, Jay Ashworth wrote:
- Original Message -
From: Eric Wielingewiel...@nyigc.com
Verizon, the copper wireline company, is removing service from
locations EVERY TIME VZ fiber is installed in a building. This
prevents other companies from providing service by leasing
On 03/21/2012 12:28 PM, John T. Yocum wrote:
On 3/21/2012 12:16 PM, Michael Thomas wrote:
On 03/21/2012 11:58 AM, Jay Ashworth wrote:
- Original Message -
From: Eric Wielingewiel...@nyigc.com
Verizon, the copper wireline company, is removing service from
locations EVERY TIME VZ
On 03/12/2012 02:32 PM, Owen DeLong wrote:
Whenever I've built code to check someone's email address on a form, I always just looked for the following: 1. matches ^[^@]+@[A-Za-z0-0\-\.]+[A-Za-z]$ 2. The component to the right of the @ sign returns at least one A, , or MX record. If it passed
On 03/05/2012 03:46 PM, Owen DeLong wrote:
However, the bigger problem (from my experience-driven POV) is that it is not
so intuitively obvious that developing a network-based product using a team
consisting entirely of developers who view the network as an unnecessarily
complicated serial
601 - 700 of 787 matches
Mail list logo