×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Google Proposes To Warn People About Non-SSL Web Sites

tom17 Re:Sly (391 comments)

StartSSL *does* have a pre-installed CA cert on any browser I have tried. I'll be curious to know which browsers do not have it.

2 days ago
top

Google Proposes To Warn People About Non-SSL Web Sites

tom17 Re:Sly (391 comments)

You know they actually do, right?
(On any browser I have tried in the last few years)

3 days ago
top

Google Proposes To Warn People About Non-SSL Web Sites

tom17 Annoying to Self Hosters (391 comments)

Just use a free TLS cert from StartSSL

3 days ago
top

Google Proposes To Warn People About Non-SSL Web Sites

tom17 Sly (391 comments)

You know you can get free SSL certificates, right?

3 days ago
top

Apparent Islamic Terrorism Strikes Sydney

tom17 Re:Wrong... (876 comments)

Or Jibbers!

about a week ago
top

$35 Quad-core Hacker SBC Offers Raspberry Pi-like Size and I/O

tom17 Re:Can it run Flash? (140 comments)

It's the only place I can get decent reception. Relocate your router and I'll gladly get off your lawn.

In the meantime, can you please give it a quick mow? It's getting long and tickly.

about two weeks ago
top

POODLE Flaw Returns, This Time Hitting TLS Protocol

tom17 Re:A question I hope someone can answer (54 comments)

Unless your company/vendor forces you to use it externally, or will not provide said VM for internal sites.

I'm not agreeing that it's OK to use such a browser, just saying that it's not necessarily the users own fault. Companies can be idiots too when it comes to IT security.

about two weeks ago
top

POODLE Flaw Returns, This Time Hitting TLS Protocol

tom17 Re:A question I hope someone can answer (54 comments)

I don't know his exact situation, but it's possible that the company he works at has an app that only works with IE6. There used to be many apps like this.

If this is such a case, the fuckwad is the company (for not hiring developers to upgrade the app) or the vendor that supplies the app without upgrading it (Maybe the company is still to blame for not moving to a more current product, or maybe there isn't one). Either way, the user that is forced to stick with the crappy browser is not necessarily the problem.

Though he might be! :) - Rather than assuming and bashing, we should answer the question... Oh wait. Slashdot :)

about two weeks ago
top

The Cost of the "S" In HTTPS

tom17 Re:Sounds good to me (238 comments)

You are correct in your understanding.

You can also check your privacy just by looking at the certificate for any site you are visiting over HTTPS. Check the certificate authority and make sure it looks legitimate. If you are unsure, you could look the cert up using an online service and compare the online version and your local version.

They should match but there always caveats - Maybe the site is using different certs on different parts of a CDN that has its own server cert installed in browsers. CloudFare is a good example of this - they can create valid certs as they please since they partnered with GlobalSign.

But your VM method should be just fine, yeah :)

about two weeks ago
top

The Cost of the "S" In HTTPS

tom17 Re:Cost of certificates (238 comments)

Free ones (at least StartSSL) are recognized by most browsers that I have tried. That's an anecdotal, non-exhaustive list, of course. I'd be curious to find out what mainstream browsers do not recognise them though.

about two weeks ago
top

The Cost of the "S" In HTTPS

tom17 Re:Cost of certificates (238 comments)

With StartSSL the actual cert generation is easier than that as they create the key on their server first and they ask for the forms on the site. No CSR is needed, though you can do it that way if you wish.

What is a tiny bit annoying is their authentication - you need a client authentication cert installed on your browser. Not hard in itself, but annoying if you have let the old one expire as they then need to review your request for a new one.

One other thing is verification that you own the domain, through various methods. Not hard to do, but automated and very necessary.

about two weeks ago
top

The Cost of the "S" In HTTPS

tom17 Re:Sounds good to me (238 comments)

What? I think this thread is going off track somewhat. I don't think Dave420 was talking about Client Auth certs. He was talking about root certs installed on the clients. Without the standard set of root and intermediate certs installed on the client (Installed by default on web browsers and some other clients such as Java virtual machines etc), TLS will not work (Well it will, but there will be warnings).

What Dave420 meant was that for the appliances and software solutions that cache/inspect the TLS traffic can only do so if a new root cert is installed on the client. This root cert enables the MITM device to create its own cert for any website without the client throwing up a warning.

Nothing to do with client auth.

about two weeks ago
top

The Cost of the "S" In HTTPS

tom17 Re:Yes (238 comments)

Except modern browsers and servers support SNI, so the hostname is now sent as plaintext on the network.

about two weeks ago
top

The Cost of the "S" In HTTPS

tom17 Re:Yes (238 comments)

Even for lower use images, caching them closer to the poster could be helpful given that their circle of friends is likely, statistically, to be in the same region. One image alone would not make much difference in this case, but millions of low use images mostly coming from caches closer to most of the people viewing them would make a huge difference.

about two weeks ago
top

Practical Magnetic Levitating Transmission Gear System Loses Its Teeth

tom17 Re:PBS had a documentary... (103 comments)

The Corolla has CVT now too. It's getting pretty common out there in some mass-market cars.

Also, on his other comment about Wankel engines, I believe that Mazda are re-introducing one. Just rumours now, but it's not necessarily dead yet.

about three weeks ago
top

Two Google Engineers Say Renewables Can't Cure Climate Change

tom17 Re:We need a *social* change (652 comments)

Who will build and maintain the infrastructure needed to accommodate said leisure society?

about a month ago
top

Android Co-Founder Andy Rubin Leaving Google

tom17 Re:Did he leave or was he invited to leave? (82 comments)

He's probably thinking of when it switched to MTP. There were a few glitches when that happened, some linux boxes could not mount it without fiddling, but it's pretty universally supported now. Except on OSX, I think?

about 2 months ago
top

Pope Francis Declares Evolution and Big Bang Theory Are Right

tom17 Re:Tip of the iceberg (669 comments)

"All lifeforms use DNA and protein synthesis using almost identical mechanisms. It is extremely unlikely that these mechanisms evolved in parallel, so *it's extremely likely that* they have shared a common ancestor."

FTFY

about 2 months ago

Submissions

top

Microsoft trying to poach Websphere clients

tom17 tom17 writes  |  more than 5 years ago

Tom (659054) writes "So someone from the business dept forwarded this on to our IT managers for perusal. It seems that Microsoft Marketing have come up with some benchmarks that nicely show that an .NET/Intel/Windows solution is drastically cheaper than a Websphere/POWER6/AIX solution, and much better performing to boot.

http://www.internetnews.com/software/article.php/3818056/Microsoft+Claims+WebSphere+Best+on+Windows.htm

Their "Informational website" is http://www.websphereloveswindows.com/ (Requires Silverlight, way to get to the non-MS audience there!)

Tidbits of information that they are touting include:
"The IBM configuration cost $260,128, while the HP-Microsoft-based set up cost $87,161 — about a third the cost of the IBM system. Beyond cost, however, Martin claims that the HP system also outperformed the IBM — with 11,000 transactions per second (tps) versus 8,000 tps on the Power"

Now we need to try to convince the business that this is just marketing buzz. How do we defend ourselves from these rather appealing MS numbers?"

Link to Original Source

Journals

tom17 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?