On Wed, Apr 2, 2014 at 1:26 PM, Paul Wise wrote:
> I think they are constrained by the browser market; if they add
> annoying popups and other browser vendors don't then they will
> probably lose market share. This is the fundamental problem with web
> security; the wider user population wants thi
On 04/02/2014 06:14 AM, Ben Finney wrote:
> The deity team writes:
>
>> Everyone else will find in this beta^Wbinary release the fulfilment of
>> a longstanding dream: /usr/bin/apt provided by apt rather than java.
>
> I don't know, this all seems a bit hasty. What about all my shell
> scripts t
On Wed, Apr 2, 2014 at 4:22 AM, Bas Wijnen wrote:
> It's not at all equivalent. When using (good) encryption, the only
> thing left to worry about is man in the middle attacks. Even when
> someone is actively performing a man in the middle attack on you, your
> data is _still_ more secure than a
Hi Debian,
We are a venture capital-backed, California-based tech company.
We are in the process of recruiting websites such as debianhelp.co.uk for our
beta program.
Based on data collected from over 600 participating sites, our scientifically
optimized websites earn 2-3x more revenue and u
Kevin Chadwick writes:
> I guess you missed all the exploits in JAVA over the years and
> especially last year where it was banned for long periods from all
> browsers. To the point that the pressure is building on web hosts to
> drop JAVA KVM clients completely.
Most of the exploits in Java (I
The deity team writes:
> Everyone else will find in this beta^Wbinary release the fulfilment of
> a longstanding dream: /usr/bin/apt provided by apt rather than java.
I don't know, this all seems a bit hasty. What about all my shell
scripts to work with the Java “apt” to turn it into my package
On Tue, Apr 01, 2014 at 05:39:04PM +0200, The deity team wrote:
> After much discussion, the deity team has now picked an official
> stanza on what a version number says about the stability and quality
> of a software product:
>
> 16 years after the initial announcement[0] we are pleased to announ
On Tue, Apr 01, 2014 at 10:49:15PM +0100, Kevin Chadwick wrote:
> > I think at Debian we all agree that it would be a good
> > thing if everything would be encrypted, so this is a very bad outcome.
>
> I beg to differ I'm afraid. SSL should be used where it is required
> otherwise you are opening
previously on this list Bas Wijnen contributed:
> I see the problem of all the bloat that comes with Java, but it is
> minor. The main problem is still
> https://www.gnu.org/philosophy/java-trap.html
I guess you missed all the exploits in JAVA over the years and
especially last year where it was
previously on this list Bas Wijnen contributed:
> From: Bas Wijnen
> To: debian-devel@lists.debian.org
> Subject: Re: ca-certificates: no more cacert.org certificates?!?
> Date: Tue, 1 Apr 2014 22:22:12 +0200
> User-Agent: Mutt/1.5.21 (2010-09-15)
>
> On Tue, Apr 01, 2014 at 11:04:43AM +0100, Ph
Bas Wijnen writes:
> I see the problem of all the bloat that comes with Java, but it is
> minor. The main problem is still
> https://www.gnu.org/philosophy/java-trap.html
> In particular
>> To reliably ensure your Java programs run fine in a free environment,
>> you need to develop them using
On Tue, 01 Apr 2014 11:04:43 +0100, Philip Hands
wrote:
>Marc Haber writes:
>> On Mon, 31 Mar 2014 16:03:30 -0700, Russ Allbery
>> wrote:
>>>Of course, I'm one of those people who believes that web site certificate
>>>signatures as currently implemented, with the level of vetting that's
>>>actua
First of all, I agree that we should provide a system that is as usable
as possible. If a desktop environment such as Gnome chooses to use an
inferior product, we don't have to let _our_ users suffer from that
choice. Having a client which integrates well with the system is nice,
but what's more
On Tue, Apr 01, 2014 at 11:04:43AM +0100, Philip Hands wrote:
> I think the real problem here is the user interface asking one to trust
> a site (forever, unless you're concentrating) at a point where you
> really don't care because all you're interested in is seeing the cute
> picture of an otter
previously on this list people contributed:
> I still don't see why we penalize Debian users for the fact that _other_
> operating systems don't include the cacert certificate
Seems illogical to me we need more free CAs not less and I do agree
about the extortionism especially on EV.
If a web de
- "Thomas Goirand" wrote:
> And yes, Java sux! :/ And it's going to take *a lot* of space on the
> CD1. This should therefore be discussed on the debian-cd list as well.
> I don't think that only the argument "it's better because of this or
> that feature" would be the only one (unfortunately
Hi,
best wishes fron my side and a "sweet 16". I salute to you.
LEVEL UP! You are strong enough to gain supercow powers.
But remind yourself: "With great power comes great responsibility"
Can we add something to the supercow powers verbosity comments like:
"Supercow power +1. More style and stabi
After much discussion, the deity team has now picked an official
stanza on what a version number says about the stability and quality
of a software product:
16 years after the initial announcement[0] we are pleased to announce
apt in version "1.0.0.0b" as a birthday present to everyone caring
deep
Hi,
On Dienstag, 1. April 2014, Marc Haber wrote:
> I have to agree on that. But a Startcom Certificate on a personal web
> site is one web site more that doesn't train users to blindly click
> away certificate warnings. A cacert certificate or a self-signed
> certificate on a personal web site is
Mike Gabriel schrieb am Dienstag, dem 01. April 2014:
> When using debian testing, it is not trivial to get the previous version of a
> package after it is upgraded. snapshot.debian.org is the source to go for
> these
> cases, but it has only a web interface. apt-get-snapshot navigates that we
Hi,
On 01.04.2014 12:38, Mike Gabriel wrote:
> When using debian testing, it is not trivial to get the previous version of a
> package after it is upgraded. [..]
debsnap (in devscripts) is your friend.
--
with kind regards,
Arno Töll
IRC: daemonkeeper on Freenode/OFTC
GnuPG Key-ID: 0x9D80F
Hi James, hi Arno,
On Di 01 Apr 2014 13:07:47 CEST, James McCoy wrote:
On Apr 1, 2014 6:39 AM, "Mike Gabriel"
wrote:
* Package name: apt-get-snapshot
Version : 1.1
Upstream Author : Leandro Lisboa Penz
* URL : https://github.com/lpenz/apt-get-snapshot
* License
On Apr 1, 2014 6:39 AM, "Mike Gabriel"
wrote:
> * Package name: apt-get-snapshot
> Version : 1.1
> Upstream Author : Leandro Lisboa Penz
> * URL : https://github.com/lpenz/apt-get-snapshot
> * License : BSD
> Programming Lang: Python
> Description : Dow
Package: wnpp
Severity: wishlist
Owner: Mike Gabriel
* Package name: apt-get-snapshot
Version : 1.1
Upstream Author : Leandro Lisboa Penz
* URL : https://github.com/lpenz/apt-get-snapshot
* License : BSD
Programming Lang: Python
Description : Download
On Tue, Apr 1, 2014 at 6:04 PM, Philip Hands wrote:
> I think the real problem here is the user interface asking one to trust
> a site (forever, unless you're concentrating) at a point where you
> really don't care because all you're interested in is seeing the cute
> picture of an otter on someon
Marc Haber writes:
> On Mon, 31 Mar 2014 16:03:30 -0700, Russ Allbery
> wrote:
>>Of course, I'm one of those people who believes that web site certificate
>>signatures as currently implemented, with the level of vetting that's
>>actually done by commercial CAs in practice, are more of an extorti
On 03/31/2014 08:27 PM, Jean-Michel Nirgal Vourgère wrote:
> Empathy was lacking OTR encryption for text, last time I checked.
>
> Jitsi does support it ok, so I can continue to do secure chat with my
> existing contacts from pidgin (previously known as gaim).
BTW, it'd be nice to have a backport
Ondrej Riha dixit:
>linux-headers-2.6-* and linux-image-2.6-* and linux-doc-2.6-*
These packages no longer exist, they have been removed from unstable.
Debian-Ports mini-dak does not generally follow this sort¹ of removals
automatically, so they will eventually be cleaned up manually.
The packa
On Mon, 31 Mar 2014 16:03:30 -0700, Russ Allbery
wrote:
>Of course, I'm one of those people who believes that web site certificate
>signatures as currently implemented, with the level of vetting that's
>actually done by commercial CAs in practice, are more of an extortion
>racket than a security m
29 matches
Mail list logo
