tion/octet-stream]
>>> Salvataggio in: «KinectSDK-v1.0-beta2-x86.msi»
>>>
>>> KinectSDK-v1.0-beta2-x86 100%[==>]
>>> 20,81M 8,57MB/sin 2,4s
>>>
>>> 2023-04-04 14:10:25 (8,57 MB/s) - «KinectSDK-v1.0-beta2-x86
t;> Error : Non Download File
>> Please Remove & Re-install hark-kinect
>> Remove Command : sudo apt-get remove hark-kinect
>> Insatll Command : sudo apt-get hark-kinect
>> ==
>>
stato di errore 1
> Elaborazione dei trigger per man-db (2.9.4-2)...
> Si sono verificati degli errori nell'elaborazione:
> hark-kinect
>
> On Tue, Apr 4, 2023 at 1:33 PM Mario Marietto
> wrote:
>
>> Hello to everyone,
>>
>> I would like to ena
.0.4440_amd64.deb
That repository is for a version of Ubuntu, not Debian.
You probably want to talk to the author, and try compiling it
yourself.
-dsr-
Hello to everyone,
>
> I would like to enable the audio on my old kinect 1 so that I can talk
> without having the microphone attached to my mouth. I see that in the past
> this could be done installing the package called "hark-kinect",as explained
> here :
>
>
> https
Hello to everyone,
I would like to enable the audio on my old kinect 1 so that I can talk
without having the microphone attached to my mouth. I see that in the past
this could be done installing the package called "hark-kinect",as explained
here :
https://gist.github.com/aw
On Mon, Jun 21, 2021 at 11:57:13AM +0530, Susmita/Rajib wrote:
> This post is to check if I am Blocked from the List.
Nobody ever suggested "blocking" you. Who could even do that? You'd
have to violate the list's policy in some egregious way, such as
sending commercial spam, to get the attention
From: Andrei POPESCU
To: debian-user@lists.debian.org
Date: Sun, 20 Jun 2021 09:52:50 +0300
Message-id: <[🔎] 20210620065250.qdmrs6vgg3jnkx4g@acr13.nuvreauspam>
In-reply-to:
References:
<[🔎] CAEG4cZXE5g_nxaEZLLF7ecHPf+gL81n=6rcazpy57ug3pa4...@mail.gmail.com>
[...]
> ... Agreed, except for the .
On Vi, 18 iun 21, 17:40:34, Michael Grant wrote:
>
> It's a little odd for Debian to host a documentation wiki for upstream
> tools. The package maintainers would need to look after the wiki page
> that corresponds to the package they are maintaining. Not everyone is
> going to be happy with mor
On Sb, 19 iun 21, 05:23:04, The Wanderer wrote:
> On 2021-06-19 at 02:51, Richard Hector wrote:
>
> > On 19/06/21 2:28 pm, Susmita/Rajib wrote:
> >
> >> Aren't the ML members aware that Debian already has a Man Wiki
> >> pages repository? Debian Man Wiki Pages are available at:
> >> https://manp
The file: "ls_proposal_man_debian.html", in the Drive folder:
https://bit.ly/Apt_readingManPages, contains the example on how I
would have wanted all the man pages to be, for Newcomers to learn
coding and systems handling with minimum / optimal help when in need.
I desire that GNU FSF and Debian,
Greg Wooledge wrote:
> Now, I will also note that this poster has sent me private email telling
> me in flowery language to shut up and stay out of their threads.
> Screw you. I will respond when I feel there's a reason to respond.
> I also mention this primarily for informational purposes, to le
On 2021-06-19, Greg Wooledge wrote:
>
> Now, I will also note that this poster has sent me private email telling
> me in flowery language to shut up and stay out of their threads.
> Screw you. I will respond when I feel there's a reason to respond.
> I also mention this primarily for informationa
On Sat, Jun 19, 2021 at 07:58:58AM +0530, Susmita/Rajib wrote:
> The Drive Folder for a sample Man file and an attempt at pictorial
> analysis along with visual explanations of a sample command:
> https://bit.ly/Apt_readingManPages
OK, I finally took the bait and clicked on this link. For informa
On 2021-06-19 at 02:51, Richard Hector wrote:
> On 19/06/21 2:28 pm, Susmita/Rajib wrote:
>
>> Aren't the ML members aware that Debian already has a Man Wiki
>> pages repository? Debian Man Wiki Pages are available at:
>> https://manpages.debian.org/
>
> I'm pretty sure that's not a wiki.
>
>
To: debian-user@lists.debian.org
From: Richard Hector
Date: Sat, 19 Jun 2021 18:51:04 +1200
[...]
> I'm pretty sure that's not a wiki.
> It looks like a set of automatically generated static pages.
> Richard
Okay, thank you Mr. Hector, for correcting my notion.
The proposal remains the same with
On 19/06/21 2:28 pm, Susmita/Rajib wrote:
Aren't the ML members aware that Debian already has a Man Wiki pages
repository? Debian Man Wiki Pages are available at:
https://manpages.debian.org/
I'm pretty sure that's not a wiki.
It looks like a set of automatically generated static pages.
Richa
On 19/06/2021, Michael Grant wrote:
[...]
Thank you, Mr. Grant, for posting to my thread. The link to address
your queries may please be referred to:
https://lists.debian.org/debian-user/2021/06/msg00454.html,
The Drive Folder for a sample Man file and an attempt at pictorial
analysis along with
On Fri, Jun 18, 2021 at 09:20:56PM +0530, Susmita/Rajib wrote:
> The subject line is being amended to add the word "Online " before
> "... Debian Man pages ..." for the thread at:
> https://lists.debian.org/debian-user/2021/06/msg00432.html, continued
> till https://lists.debian.org/debian-user/20
The subject line is being amended to add the word "Online " before
"... Debian Man pages ..." for the thread at:
https://lists.debian.org/debian-user/2021/06/msg00432.html, continued
till https://lists.debian.org/debian-user/2021/06/msg00438.html, to
further clarify confusion of rhkramer , who pri
On Thu 17 Jun 2021 at 18:01:55 (+0530), Susmita/Rajib wrote:
> On Thu, 17 Jun 2021 10:37:43 +0100, Jonathan Dowland
> > However, as with all things in Debian, things are best achieved by doing
> > them yourself; or at least, beginning to, so that there's a concrete
> > example to explore.
> >
> >
On Thu, 17 Jun 2021 10:37:43 +0100, Jonathan Dowland
wrote:
[...]
> Message-id: <[🔎] 20210617093743.v3t2nyw2si2luoif@coil>
> In-reply-to: <[🔎]
> caeg4czw1-rwjvf2hmacwigqu4juqfm66r5xwkkz7ftmrfzh...@mail.gmail.com>
> References: <[🔎]
> caeg4czw1-rwjvf2hmacwigqu4juqfm66r5xwkkz7ftmrfzh...@
On Thu, Jun 17, 2021 at 11:37:07AM +0530, Susmita/Rajib wrote:
... for most complex combinations of codes, with a single line or two of
explanations, if at all necessary.
I think there's a lot of potential for tying together documentation
shipped inside Debian (including manpages) better with d
... for most complex combinations of codes, with a single line or two of
explanations, if at all necessary.
A talk page requesting explanations, or for recording innovative code lines.
Infrastructure and resource already exist. Just minor alterations
required. Community work could help.
A
ver like Google's
> 8.8.8.8 as a sort of "proxy" that the Japanese name server is willing
> to talk to. But short of that, he is completely cut off by the
> router on the Japanese end.
Yep. So much for the Internet being a peer-to-peer network :-(
So in the end I configur
86400 IN NS ns.maibokun.com.
;; ADDITIONAL SECTION:
ns.maibokun.com.163881 IN A 210.143.111.171
ns3.fas.jp. 77481 IN A 210.143.111.241
[...]
As a *workaround*, sure, he could use a public resolver like Google's
8.8.8.8 as a so
On Fri, Apr 20, 2018 at 10:50 AM, Francois Gouget wrote:
> Indeed I cannot ping their DNS server (210.143.111.171) but I just
> thought they blocked ICMP. However I noticed I can in fact ping it from
> another host so I did a traceroute and the packets get blocked at the
> penultimate hop:
>
> $
On Fri, Apr 20, 2018 at 12:50:16PM +0200, Francois Gouget wrote:
> Indeed I cannot ping their DNS server (210.143.111.171) but I just
> thought they blocked ICMP. However I noticed I can in fact ping it from
> another host so I did a traceroute and the packets get blocked at the
> penultimate ho
On Fri, 20 Apr 2018, Glenn English wrote:
> On Thu, Apr 19, 2018 at 11:44 PM, Francois Gouget wrote:
>
> > Are DNS servers banning queries from some residential addresses or
> > something like this?
>
> I'm banning some, off and on, (I see massive hits from all over the
> globe on my DNS server
On Thu, Apr 19, 2018 at 11:44 PM, Francois Gouget wrote:
> Are DNS servers banning queries from some residential addresses or
> something like this?
I'm banning some, off and on, (I see massive hits from all over the
globe on my DNS server -- ~100K hits a day above my rate limit). Have
you tried
On 4/19/18 7:44 PM, Francois Gouget wrote:
So I'm running a bind server and while it works I ran into a domain name
that it refuses to resolve: maibokun.com.
Digging into it, it looks like one DNS server is refusing to talk to me:
On my box:
$ host maibokun.com
;; connection timed ou
So I'm running a bind server and while it works I ran into a domain name
that it refuses to resolve: maibokun.com.
Digging into it, it looks like one DNS server is refusing to talk to me:
On my box:
$ host maibokun.com
;; connection timed out; no servers could be reached
$ host maiboku
If you're looking for something interesting for cowsay to say or have
an affinity for the motivational quotes provided on wrappers of Halls
cough drops, I put together a fortune quote-file this morning here:
https://github.com/garysweaver/pep-talk
Had a bad cold this week and was going thro
>> >> Thanks Travis & Jesus. :) >
- Original message -
From: "giovanni_re"
To: BTG
Subject: Fwd: [Noisebridge-discuss] Fwd: [CQ] Fwd: [TehLUG-General] Fwd:
[BALUG-Talk] Fwd: [UUASC] Fwd: [OCLUG] Fwd: [BAD] Fwd: [mdlug] Fwd:
[ale] Fwd: [LUAU] Fwd: [CLUG-tech
Aldyth Maharsha wrote:
>Hi list,
>i'm using debian squeeze with 2.6.32-5-686 kernel
>i have problem to using pidgin, if i'm create google talk account it is
>automatic change to XMPP protocol and cannot using gtalk protocol, any idea?
>
>root@testing:~# dpkg
Hi list,
i'm using debian squeeze with 2.6.32-5-686 kernel
i have problem to using pidgin, if i'm create google talk account it is
automatic change to XMPP protocol and cannot using gtalk protocol, any idea?
root@testing:~# dpkg -l | grep pidgin
ii pidgin
On Wed, 26 Jan 2011 14:31:55 +0100
Jochen Schulz wrote:
> Celejar:
> > On Tue, 25 Jan 2011 07:58:28 +0100
> >>
> >> A single core get's used 100% by the kworker thread. But actually it's
> >> not 20MB/s, but 25MB/s while reading (decrypting) and 35MB/s while
> >> writing (encrypting). I just tes
Celejar:
> On Tue, 25 Jan 2011 07:58:28 +0100
>>
>> A single core get's used 100% by the kworker thread. But actually it's
>> not 20MB/s, but 25MB/s while reading (decrypting) and 35MB/s while
>> writing (encrypting). I just tested it again.
>
> So does that mean that your wireless throughput wit
On Tue, 25 Jan 2011 07:58:28 +0100
Jochen Schulz wrote:
> Celejar:
> > On Mon, 24 Jan 2011 22:33:28 +0100
> > Jochen Schulz wrote:
> >
> >> Celejar:
> >>>
> >>> I understand that you're technically adding traffic and processor
> >>> overhead; the question is how much?
> >>
> >> My 1.66GHz ato
On Mon, 24 Jan 2011 16:01:14 -0500, Celejar wrote:
> On Mon, 24 Jan 2011 12:50:34 -0700 david wildgoose wrote:
>
>> On Mon, Jan 24, 2011 at 12:43 PM, Camaleón wrote:
>> > Last time I had to make a "fine-grained" debugging operation over my
>> > network using wireshark I had to "restore-to-life"
Celejar:
> On Mon, 24 Jan 2011 22:33:28 +0100
> Jochen Schulz wrote:
>
>> Celejar:
>>>
>>> I understand that you're technically adding traffic and processor
>>> overhead; the question is how much?
>>
>> My 1.66GHz atom D510 can encrypt/decrypt AES with ~20MByte/s on a single
>> core. Typically,
On Mon, 24 Jan 2011 15:44:47 -0800
GaRaGeD Style wrote:
> yes there is some, that's why load balancers use hardware chips for
> SSL protocol.
a) WPA[2] != SSL
b) We're discussing wireless networking, where there are usually (at
least at the consumer level) only a few clients connected to an A
On Mon, 24 Jan 2011 22:33:28 +0100
Jochen Schulz wrote:
> Celejar:
> >
> > I understand that you're technically adding traffic and processor
> > overhead; the question is how much?
>
> My 1.66GHz atom D510 can encrypt/decrypt AES with ~20MByte/s on a single
> core. Typically, my wifi reaches on
yes there is some, that's why load balancers use hardware chips for
SSL protocol.
On Sun, Jan 23, 2011 at 8:23 PM, Celejar wrote:
> On Sat, 22 Jan 2011 21:00:12 + (UTC)
> Camaleón wrote:
>
> ...
>
>> And WPA2 with AES encryption is considerably slow. There are also
>> drawbacks when you enfo
Celejar:
>
> I understand that you're technically adding traffic and processor
> overhead; the question is how much?
My 1.66GHz atom D510 can encrypt/decrypt AES with ~20MByte/s on a single
core. Typically, my wifi reaches only 10% of that throughput.
Additionally, encryption is usually done by t
On Mon, 24 Jan 2011 19:53:47 + (UTC)
Camaleón wrote:
> On Sun, 23 Jan 2011 23:23:06 -0500, Celejar wrote:
>
> > On Sat, 22 Jan 2011 21:00:12 + (UTC) Camaleón
> > wrote:
> >
> > ...
> >
> >> And WPA2 with AES encryption is considerably slow. There are also
> >> drawbacks when you enfor
On Mon, 24 Jan 2011 12:50:34 -0700
david wildgoose wrote:
> On Mon, Jan 24, 2011 at 12:43 PM, Camaleón wrote:
>
> > On Sun, 23 Jan 2011 23:21:20 -0500, Celejar wrote:
> >
> > > On Sat, 22 Jan 2011 13:37:20 -0600 "Boyd Stephen Smith Jr." wrote:
> > >
> > >> In , Camaleón wrote:
> >
> > >> >I agr
On Sun, 23 Jan 2011 23:23:06 -0500, Celejar wrote:
> On Sat, 22 Jan 2011 21:00:12 + (UTC) Camaleón
> wrote:
>
> ...
>
>> And WPA2 with AES encryption is considerably slow. There are also
>> drawbacks when you enforce to use of the best encryption method.
>
> It is? Do you have either docu
On Mon, Jan 24, 2011 at 12:43 PM, Camaleón wrote:
> On Sun, 23 Jan 2011 23:21:20 -0500, Celejar wrote:
>
> > On Sat, 22 Jan 2011 13:37:20 -0600 "Boyd Stephen Smith Jr." wrote:
> >
> >> In , Camaleón wrote:
>
> >> >I agree. Wired networks are not that exposed to these attacks.
> >>
> >> Not entire
On Sun, 23 Jan 2011 23:21:20 -0500, Celejar wrote:
> On Sat, 22 Jan 2011 13:37:20 -0600 "Boyd Stephen Smith Jr." wrote:
>
>> In , Camaleón wrote:
>> >I agree. Wired networks are not that exposed to these attacks.
>>
>> Not entirely true. On a hubbed network, putting your network card into
>> p
On Mon, 24 Jan 2011 06:16:01 -0600
Nate Bargmann wrote:
> * On 2011 23 Jan 22:24 -0600, Celejar wrote:
> > I know very little about enterprise networking, but are hubs still in
> > actual use today?
>
> Not in the company I work for, We've been very proactive getting rid of
> hubs and putting s
* On 2011 23 Jan 22:24 -0600, Celejar wrote:
> I know very little about enterprise networking, but are hubs still in
> actual use today?
Not in the company I work for, We've been very proactive getting rid of
hubs and putting switches in their place. Interestingly, ten years ago
our network was
On Sat, 22 Jan 2011 21:00:12 + (UTC)
Camaleón wrote:
...
> And WPA2 with AES encryption is considerably slow. There are also
> drawbacks when you enforce to use of the best encryption method.
It is? Do you have either documentation, or personal experience, to
back this up, and to quantify
On Sat, 22 Jan 2011 13:37:20 -0600
"Boyd Stephen Smith Jr." wrote:
> In , Camaleón wrote:
> >On Sat, 22 Jan 2011 15:31:10 -0200, Eduardo M KALINOWSKI wrote:
> >> That's the same reason I was advocating that people should not leave
> >> Wi-Fi (even if public) unencrypted. If traffic is unencrypted
On Fri, 21 Jan 2011 13:20:47 + (UTC)
Camaleón wrote:
...
> Let me put a simple and illustrative example with the Googe search
> engine. To avoid using their "instant" search facility, you can:
>
> - Accept a cookie
> - Use this URI: http://www.google.com/webhp?complete=0&hl=en
Or, of cour
S Mathias:
>
> [7z]
>
> real 6m43.608s
> user 10m1.092s
> sys 0m3.957s
>
> [xz]
> real 10m40.788s
> user 10m33.363s
> sys 0m2.106s
Apparently, 7z uses multiple cores, while xz doesn't. Otherwise,
performance is mostly the same.
J.
--
I wish I could do more to put the sparkle back into
"Even on a switched network, there may be a way to fool
> the switch into giving you enough data from the HTTP traffic to preform
> a "sidejack"."
http://hakipedia.com/index.php/CAM_Table_Overflow#Description
--- On Sat, 1/22/11, Camaleón wrote:
> From: Camale
On Sat, 22 Jan 2011 13:37:20 -0600, Boyd Stephen Smith Jr. wrote:
> In , Camaleón wrote:
>>On Sat, 22 Jan 2011 15:31:10 -0200, Eduardo M KALINOWSKI wrote:
>>> That's the same reason I was advocating that people should not leave
>>> Wi-Fi (even if public) unencrypted. If traffic is unencrypted, it
In , Camaleón wrote:
>On Sat, 22 Jan 2011 15:31:10 -0200, Eduardo M KALINOWSKI wrote:
>> That's the same reason I was advocating that people should not leave
>> Wi-Fi (even if public) unencrypted. If traffic is unencrypted, it is
>> trivial for anyone to capture session IDs flying in plain text thr
In , Camaleón wrote:
>On Sat, 22 Jan 2011 11:13:31 -0600, Boyd Stephen Smith Jr. wrote:
>> In , Camaleón wrote:
Physical access to the same hardware in a roughly 5 minute window also
allows one to impersonate another user on a Kerberos network; that's
not generally considered insecur
On Sat, 22 Jan 2011 15:31:10 -0200, Eduardo M KALINOWSKI wrote:
> On 01/22/2011 01:39 PM, Camaleón wrote:
>> I wish I had.. sessions carried at server side, hidden fields in forms
>> or variable uri encoding were the common methods used in the past.
>
> I don't think you've fully understood the p
On Sat, 22 Jan 2011 11:13:31 -0600, Boyd Stephen Smith Jr. wrote:
> In , Camaleón wrote:
>>> Physical access to the same hardware in a roughly 5 minute window also
>>> allows one to impersonate another user on a Kerberos network; that's
>>> not generally considered insecure.
>>
>>(...)
>>
>>Not "
On 01/22/2011 01:39 PM, Camaleón wrote:
I wish I had.. sessions carried at server side, hidden fields in forms or
variable uri encoding were the common methods used in the past.
I don't think you've fully understood the problem. The problem is not
that cookies contain sensitive data (well, som
On Sat, Jan 22, 2011 at 4:44 AM, S Mathias wrote:
> I presume kernel.org knows this. Why doesn't people use e.g.: XZ?
>
> This is the same as in PDF's. DJVU files could be amazing too. They could
> compress [convert] a 400 MByte PDF to a 20 MByte DJVU. Amazing.
>
> Why don't these technologies sp
On Sat, 22 Jan 2011 07:57:21 -0800, S Mathias wrote:
> $ time 7z a -mx=9 linux-2.6.37.tar.7z linux-2.6.37.tar; echo; time xz -9
> -z linux-2.6.37.tar; echo; ls -lS
was the linux-2.6.37.tar already in cache memory? If not, and you do xz
first, you will see more dramatic results.
--
Tong (remov
In , Camaleón wrote:
>On Sat, 22 Jan 2011 10:11:39 -0600, Boyd Stephen Smith Jr. wrote:
>> In , Camaleón wrote:
>(...)
>
>>>Or just think about removable flash drive devices with portable versions
>>>of the browsers; the owner logins into his online account (facebook,
>>>gmail, whatever...), check
On Sat, 22 Jan 2011 10:11:39 -0600, Boyd Stephen Smith Jr. wrote:
> In , Camaleón wrote:
(...)
>>Or just think about removable flash drive devices with portable versions
>>of the browsers; the owner logins into his online account (facebook,
>>gmail, whatever...), check the "remember me" option a
On Sat, Jan 22, 2011 at 4:44 AM, S Mathias wrote:
> ...
>
> I presume kernel.org knows this. Why doesn't people use e.g.: XZ?
> ...
FYI, archlinux is already using xz by default on their packaging
system, and for kernel lzma, which at least improves compression ratio
a bit.
--
Javier.
--
To
In , Camaleón wrote:
>On Fri, 21 Jan 2011 16:14:31 -0600, Boyd Stephen Smith Jr. wrote:
>> In , Camaleón wrote:
>>>Using cookies for tracking/
>>>identifying the user's session can be replaced with another methods or
>>>can require additional security measures for verifying the authenticity
>>>of t
wow...
http://pastebin.com/raw.php?i=ihLLHyiT
$ time 7z a -mx=9 linux-2.6.37.tar.7z linux-2.6.37.tar; echo; time xz -9 -z
linux-2.6.37.tar; echo; ls -lS
7-Zip 9.13 beta Copyright (c) 1999-2010 Igor Pavlov 2010-04-15
p7zip Version 9.13 (locale=en_US.utf8,Utf16=on,HugeFiles=on,2 CPUs)
Scanning
On Fri, 21 Jan 2011 16:14:31 -0600, Boyd Stephen Smith Jr. wrote:
> In , Camaleón wrote:
>>Using cookies for tracking/
>>identifying the user's session can be replaced with another methods or
>>can require additional security measures for verifying the authenticity
>>of the client.
>
> Do you hav
On 2011-01-22 11:44 +0100, S Mathias wrote:
> $ ls -Sl
> total 461252
> -rw-rw-r--. 1 g g 111709730 Jan 22 11:06 linux-2.6.37.zip
> -rw-rw-r--. 1 g g 93174605 Jan 22 11:03 linux-2.6.37.tar.gz
> -rw-rw-r--. 1 g g 73552510 Jan 22 11:10 linux-2.6.37.tar.bz2
> -rw-rw-r--. 1 g g 66333786 Jan 22 11:1
On 22/01/11 18:44, S Mathias wrote:
http://pastebin.com/raw.php?i=MwDnhknf
$ ls -Sl
total 461252
-rw-rw-r--. 1 g g 111709730 Jan 22 11:06 linux-2.6.37.zip
-rw-rw-r--. 1 g g 93174605 Jan 22 11:03 linux-2.6.37.tar.gz
-rw-rw-r--. 1 g g 73552510 Jan 22 11:10 linux-2.6.37.tar.bz2
-rw-rw-r--. 1 g
http://pastebin.com/raw.php?i=MwDnhknf
$ ls -Sl
total 461252
-rw-rw-r--. 1 g g 111709730 Jan 22 11:06 linux-2.6.37.zip
-rw-rw-r--. 1 g g 93174605 Jan 22 11:03 linux-2.6.37.tar.gz
-rw-rw-r--. 1 g g 73552510 Jan 22 11:10 linux-2.6.37.tar.bz2
-rw-rw-r--. 1 g g 66333786 Jan 22 11:16 linux-2.6.37.7z
In , Camaleón wrote:
>Using cookies for tracking/
>identifying the user's session can be replaced with another methods or
>can require additional security measures for verifying the authenticity
>of the client.
Do you have a concrete proposal that is simpler than using HTTPS?
Keep in mind that IP
replace it with a protocol based on persistent connections
> so that you don't have to fake persistence by using cookies to
> re-identify yourself every time you talk to the server, but there's no
> way that's happening any time soon.)
Which reminds me the current state of the old
On Thu, 20 Jan 2011 16:57:52 -0500, Celejar wrote:
> On Thu, 20 Jan 2011 15:26:31 + (UTC) Camaleón wrote:
>
>> In regards to "http cookie hijacking" the first and foremost a
>> programmer would ask himself is "do we really need to *constantly*
>> generate a write/ read operations of the cooki
ged in at all, making any "login" or "logout"
links within the "/public" space problematic, at best).
(Well, OK, there is one other way around it: Discard the stateless HTTP
protocol and replace it with a protocol based on persistent connections
so that you don't ha
On Thu, 20 Jan 2011 15:26:31 + (UTC)
Camaleón wrote:
> On Wed, 19 Jan 2011 16:09:30 -0500, Celejar wrote:
>
> > On Wed, 19 Jan 2011 17:50:58 + (UTC) Camaleón wrote:
> >
> >> On Wed, 19 Jan 2011 18:07:36 +0100, tv.deb...@googlemail.com wrote:
> >
> > ...
> >
> >> > It is not only the d
On Jan 20, 2011 2:50 PM, "Celejar" wrote:
>
> On Thu, 20 Jan 2011 03:36:03 -0600
> Dave Sherohman wrote:
>
> ...
>
> > Some sites do associate the originating IP address with the session data
> > to help protect against session hijacking, but this is not overly
> > widespread and, even when it is
On Thu, 20 Jan 2011 03:36:03 -0600
Dave Sherohman wrote:
...
> Some sites do associate the originating IP address with the session data
> to help protect against session hijacking, but this is not overly
> widespread and, even when it is employed, it has issues with proxies
> (which can cause mu
On Thu, 20 Jan 2011 03:36:03 -0600, Dave Sherohman wrote:
> On Wed, Jan 19, 2011 at 02:47:11PM +, Camaleón wrote:
>> On Wed, 19 Jan 2011 07:17:58 -0600, Dave Sherohman wrote:
>> > When dealing with sites which use session cookies, "public
>> > navigation" *is* "sensitive data", as every reques
On Wed, 19 Jan 2011 16:09:30 -0500, Celejar wrote:
> On Wed, 19 Jan 2011 17:50:58 + (UTC) Camaleón wrote:
>
>> On Wed, 19 Jan 2011 18:07:36 +0100, tv.deb...@googlemail.com wrote:
>
> ...
>
>> > It is not only the data enclosed inside the cookie which are at risk
>> > here, but the entire se
On Wed, Jan 19, 2011 at 02:47:11PM +, Camaleón wrote:
> On Wed, 19 Jan 2011 07:17:58 -0600, Dave Sherohman wrote:
> > When dealing with sites which use session cookies, "public navigation"
> > *is* "sensitive data", as every request sent will include the cookie(s)
> > which identify you and an
>
> I'm curious - how can one completely guard against a MITM attack
> without using encryption?
>
AFAIK, you don't. I mean, you could setup some type of data checksum with a
seed. But how do you tell bob without eve knowing without encrypting the
seed. BTW, ipsec has a feature like this.
The net
Eduardo M KALINOWSKI:
>
> However, SSL has the added benefit that no one will be spying on
> your traffic, even if it's basically public information that is
> available via other means.
ACK. And additionally, it becomes harder to distinguish "public" from
"private" communication. Why should anyon
On Wed, 19 Jan 2011 17:50:58 + (UTC)
Camaleón wrote:
> On Wed, 19 Jan 2011 18:07:36 +0100, tv.deb...@googlemail.com wrote:
...
> > It is not only the data enclosed inside the cookie which are at risk
> > here, but the entire session on the website you are logged in. Say you
> > log into you
On Qua, 19 Jan 2011, Camaleón wrote:
That sounds like bad programming or a buggy site.
True
There are methods to
prevent such attacks on the server side that involves no encrypted
sessions,
True
but sometimes it is easier (and cheaper) for companies to rely
on completely encrypted session
On Wed, 19 Jan 2011 18:07:36 +0100, tv.deb...@googlemail.com wrote:
> On the 19/01/2011 17:46, Camaleón wrote:
(...)
>> In brief:
>>
>> - Does the cookie contain sensitive/private information? → set/get the
>> cookie using ssl
>>
>> - Does the cookie contain standard/publicly available informa
this might be interesting reading for anyone wondering about https (ssl/tls)
overhead / speed:
http://www.cs.ucr.edu/~bhuyan/papers/ssl.pdf
>> In brief:
>>
>> - Does the cookie contain sensitive/private information? → set/get the
>> cookie using ssl
that depends on the web site.
>>
>> - Does the
On the 19/01/2011 17:46, Camaleón wrote:
> On Wed, 19 Jan 2011 10:53:50 -0500, Curt Howland wrote:
>
>> On Wednesday 19 January 2011, Camaleón was heard to
>> say:
>
>>> Data stored in cookies is not what I understand for "sensitive". What
>>> kind of information do you think are cookies managing
On Wed, 19 Jan 2011 10:53:50 -0500, Curt Howland wrote:
> On Wednesday 19 January 2011, Camaleón was heard to
> say:
>> Data stored in cookies is not what I understand for "sensitive". What
>> kind of information do you think are cookies managing?
>
> Maybe this would be enlightening:
>
> http:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 19 January 2011, Camaleón was heard
to say:
> Data stored in cookies is not what I understand for "sensitive".
> What kind of information do you think are cookies managing?
Maybe this would be enlightening:
http://codebutler.com/firesh
On Wed, 19 Jan 2011 05:52:47 -0800, Kelly Clowers wrote:
> On Wed, Jan 19, 2011 at 04:57, Camaleón wrote:
>> On Wed, 19 Jan 2011 03:29:15 -0800, S Mathias wrote:
>>
>>> 3) Can someone trust this Add-on? Is it safe to install/use?
>>
>> I don't like/trust anoymous (even encrypted) proxy sites.
>
>
On Wed, 19 Jan 2011 07:17:58 -0600, Dave Sherohman wrote:
> On Wed, Jan 19, 2011 at 12:57:48PM +, Camaleón wrote:
>> On Wed, 19 Jan 2011 03:29:15 -0800, S Mathias wrote:
>> > 3) Can someone trust this Add-on? Is it safe to install/use?
>>
>> I don't like/trust anoymous (even encrypted) proxy
On Wed, Jan 19, 2011 at 04:57, Camaleón wrote:
> On Wed, 19 Jan 2011 03:29:15 -0800, S Mathias wrote:
>
>> 3) Can someone trust this Add-on? Is it safe to install/use?
>
> I don't like/trust anoymous (even encrypted) proxy sites.
Why don't you like them (I get not trusting them), and what does th
On Wed, Jan 19, 2011 at 12:57:48PM +, Camaleón wrote:
> On Wed, 19 Jan 2011 03:29:15 -0800, S Mathias wrote:
> > 3) Can someone trust this Add-on? Is it safe to install/use?
>
> I don't like/trust anoymous (even encrypted) proxy sites.
HTTPS Everywhere is not a proxy site, encrypted, anonymou
On Wed, 19 Jan 2011 03:29:15 -0800, S Mathias wrote:
> Ok. It's a Firefox Add-on:
>
> https://www.eff.org/https-everywhere
>
> Questions:
>
> 1) But: Why can't i find it on the offical Firefox Add-ons site?:
> https://addons.mozilla.org/en-US/firefox/
It was there:
http://webcache.googleuserc
On 01/19/2011 07:39 AM, George wrote:
> > Ok. It's a Firefox Add-on:
> > >
> > > https://www.eff.org/https-everywhere
> > >
> > > Questions:
> > >
> > > 2) Did anyone audited the "HTTPS Everywhere" code?
> > > 3) Can someone trust this Add-on? Is it safe to install/use?
and a chrome add-on:
https:
On Wed, Jan 19, 2011 at 1:29 PM, S Mathias wrote:
> Ok. It's a Firefox Add-on:
>
> https://www.eff.org/https-everywhere
>
> Questions:
>
> 2) Did anyone audited the "HTTPS Everywhere" code?
> 3) Can someone trust this Add-on? Is it safe to install/use?
I don't think there's anything to worry abo
1 - 100 of 395 matches
Mail list logo
