On Fri 10 Jun 2022 at 19:38:22 +, Jonathan Wiebe wrote:
> I need a pointer as to how to file a bug against the Debian website.
File against www.debian.org.
--
Brian.
I need a pointer as to how to file a bug against the Debian website.
The following webpages all contain the text:
The second set of tags indicate what releases a bug applies to: O for oldstable
(jessie), S for stable (stretch), T for testing (buster), U for unstable (sid)
or E for experimental
On Wed 23 Feb 2022 at 19:04:21 +, Tim Woodall wrote:
> On Wed, 23 Feb 2022, lina wrote:
>
> > Hi,
> >
> > Does anybody know what is the cost range to build the website for a lab?
> > including all,
> >
> > basically layout is
> >
> &g
On Wed, Feb 23, 2022 at 01:02:19PM -0600, Nicholas Geovanis wrote:
> On Wed, Feb 23, 2022 at 12:50 PM wrote:
>
> > On Wed, Feb 23, 2022 at 12:27:50PM -0600, Nicholas Geovanis wrote:
> > > On Wed, Feb 23, 2022 at 12:16 PM Nicholas Geovanis <
> > nickgeova...@gmail.com>
> > > wrote:
> >
> > [...]
>
On Wed, 23 Feb 2022, lina wrote:
Hi,
Does anybody know what is the cost range to build the website for a lab?
including all,
basically layout is
research | people | publication
Thanks for your help,
Does anyone know what is the cost range to build a lab?
including all
basically layout
On Wed, Feb 23, 2022 at 12:50 PM wrote:
> On Wed, Feb 23, 2022 at 12:27:50PM -0600, Nicholas Geovanis wrote:
> > On Wed, Feb 23, 2022 at 12:16 PM Nicholas Geovanis <
> nickgeova...@gmail.com>
> > wrote:
>
> [...]
>
> > I should have added:
> > For incremental cost, you can do things in the cloud
On Wed, Feb 23, 2022 at 12:27:50PM -0600, Nicholas Geovanis wrote:
> On Wed, Feb 23, 2022 at 12:16 PM Nicholas Geovanis
> wrote:
[...]
> I should have added:
> For incremental cost, you can do things in the cloud that are basically
> impossible on your own.
> For example, you can have AWS cloud
On Wed, Feb 23, 2022 at 12:16 PM Nicholas Geovanis
wrote:
> On Wed, Feb 23, 2022 at 11:28 AM lina wrote:
>
>> Hi,
>>
>> Does anybody know what is the cost range to build the website for a lab?
>> including all,
>> basically layout is
>> research |
On Wed, Feb 23, 2022 at 11:28 AM lina wrote:
> Hi,
>
> Does anybody know what is the cost range to build the website for a lab?
> including all,
> basically layout is
> research | people | publication
>
Consider using cloud services for a smaller more-static website. If
On Wed, Feb 23, 2022 at 06:28:01PM +0100, lina wrote:
> Hi,
>
> Does anybody know what is the cost range to build the website for a lab?
> including all,
>
> basically layout is
>
> research | people | publication
>
> Thanks for your help,
$0 if you can code HTML
Hi,
Does anybody know what is the cost range to build the website for a lab?
including all,
basically layout is
research | people | publication
Thanks for your help,
> On Wed, Nov 10, 2021 at 07:08:07AM -0500, Jeremy Brown wrote:
>>
>> My computer has had a number of malware incidents, so I am taking extra
>> precautions. This morning I got an update notification about my os. Is
>> there somewhere I can get notices directly from
Hi Jeremy,
On Wed, Nov 10, 2021 at 07:08:07AM -0500, Jeremy Brown wrote:
>
> My computer has had a number of malware incidents, so I am taking extra
> precautions. This morning I got an update notification about my os. Is
> there somewhere I can get notices directly from the debian
On 2021-05-08 at 16:47, Bret Busby wrote:
> I think this goes to the issue of client side processing, as opposed
> to server side processing ( I believe, and, argue, that all
> processing involved with web sites, should be server side, if the web
> sites are competently and benignly written, and t
On 4/20/2021 1:15 PM, IL Ka wrote:
What do I need to do in Apache and in PHP for it to properly render the
language the website is written in?
Do I need to generate the locales for the desired languages?
Do I need to also do something in Apache?
Just write your document and save it in utf
>
>
> What do I need to do in Apache and in PHP for it to properly render the
> language the website is written in?
>
> Do I need to generate the locales for the desired languages?
> Do I need to also do something in Apache?
>
Just write your document and save it in u
Hello all,
I'm playing with Apache2 and php.
I'm making a website in an other language than the one Debian Buster is
using.
That is, Buster is in English but the website is written in Duch or any
other language then English.
What do I need to do in Apache and in PHP for it to prope
mapping of
> userids. Tools could help, but I'd rather some of these users had SFTP
> access only, which would prevent them being used.
>
> Any thoughts?
>
I like some of the ideas, mentioned by others, including SELinux issues.
But, for a High Security Website, I prefer Lighttpd over Apache2 and,
especially WordPress.
Am I mostly on the right track?
>
Mostly.
>
> Thanks,
> Richard
>
Kenneth Parker
y allow the web server to make modifications to specific
files or directories. SELinux makes you think about what is important
to you and what you think should be alterable on your website.
Getting back to my staging scenario, you start with default SELinux
rules completely restricting web server
specific
files or directories. SELinux makes you think about what is important
to you and what you think should be alterable on your website.
Getting back to my staging scenario, you start with default SELinux
rules completely restricting web server write access to content. You'd
hav
ooked at AppArmor, but it appears
that it won't work as expected in an LXC container, which is where I run
this. Would SELinux work there? SELinux, from what I can see, seems more
complex to learn than AppArmor.
To accomodate other users I suggest you set up staging areas where
they can uploa
t it won't work as expected in an LXC container, which is where I run
this. Would SELinux work there? SELinux, from what I can see, seems more
complex to learn than AppArmor.
To accomodate other users I suggest you set up staging areas where
they can upload content that you periodically sync to
makes you think about what is important to you
and what you think should be alterable on your website.
Getting back to my staging scenario, you start with default SELinux
rules completely restricting web server write access to content. You'd
have another set of SELinux rules that allow som
work as expected in an LXC container, which is where I run
this. Would SELinux work there? SELinux, from what I can see, seems more
complex to learn than AppArmor.
To accomodate other users I suggest you set up staging areas where they
can upload content that you periodically sync to the website
m I mostly on the right track?
Thanks,
Richard
What you are doing sounds pretty O.K. Though I personally also use
SELinux for web facing services.
To accomodate other users I suggest you set up staging areas where they
can upload content that you periodically sync to the website using a
priv
Hi all,
I'm reviewing how I set up websites (mostly Wordpress at the moment),
and would like other opinions on what I'm planning is sane.
My plan is to have a user eg "mysite" that owns all/most of the standard
files and directories.
The webserver (actually php-fpm) would run as "mysite-run
Hello,
On Sat, Jan 04, 2020 at 10:50:54AM +, shirish शिरीष wrote:
> I am interested to know if there is any other tool besides dig and
> delv, something like perhaps cdnfinder [6] which will make it more
> interesting to find things ?
Can't you just traceroute or mtr to the site in question t
at bottom :-
On 04/01/2020, shirish शिरीष wrote:
> Dear all,
>
> I was trying to download videos of a site where I came across an
> openssl bug on the server side. While I have contacted the maintainers
> of the site and hopefully they will fix it, They use CDN [1] . Which
> turned my attention
On Sat, 2020-01-04 at 10:50 +, shirish शिरीष wrote:
> it seems bind [5] will replace bind9-host at some point
> in the future.
How do you reach the above conclusion after reading the SE article you
linked earlier?
-Jim P.
Dear all,
I was trying to download videos of a site where I came across an
openssl bug on the server side. While I have contacted the maintainers
of the site and hopefully they will fix it, They use CDN [1] . Which
turned my attention to finding about sites and finding about sites
which do use CD
Hello,
I hope you are doing good!
I just wanted to check if you have any plans for Website Revamp for (
www.debian.org).
The existing website was created long back and the style (UI/UX), web
technology like responsive structure, CMS platform etc have upgraded.
Please let me know if we can be
On Sat, Oct 12, 2019 at 15:51 Tom Browder wrote:
> Has anyone on this list had any experience with Harp (https://harpjs.com)?
>
> I am having trouble getting it re-installed and not getting much help from
> the developer.
>
SUCESS (sort of)
I found a hack that works and have put the fix in the
On Sat, Oct 12, 2019 at 03:51:30PM -0500, Tom Browder wrote:
Has anyone on this list had any experience with Harp
(https://harpjs.com)? I am having trouble getting it re-installed
and not getting much help from the developer. Alternatively, can
anyone recommend a suitable substitute for it.
T
Tom Browder wrote:
> Has anyone on this list had any experience with Harp (https://harpjs.com)?
>
> I am having trouble getting it re-installed and not getting much help from
> the developer.
>
> Alternatively, can anyone recommend a suitable substitute for it.
I don't know much about harpjs, b
Has anyone on this list had any experience with Harp (https://harpjs.com)?
I am having trouble getting it re-installed and not getting much help from
the developer.
Alternatively, can anyone recommend a suitable substitute for it.
Thanks for any help or suggestions.
Warm regards,
-Tom
Hi kangry.com Team,
It’s my Pleasure to get in touch with you.
Drive sales have become a tough job these days for any organization, when a
website is handled by inexperienced Team. We would like to inform you, the
services provided by us for maintaining and promoting your website are been
On 15/02/19 3:53 PM, David Niklas wrote:
> Hello,
> I heard from 1 of the people that do HW reviews that AMD was considering
> implementing their very own RTX and looking at what people think of RTX.
> I created a poll on LQ:
> https://www.linuxquestions.org/questions/showthread.php?p=5962219
> and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello,
I heard from 1 of the people that do HW reviews that AMD was considering
implementing their very own RTX and looking at what people think of RTX.
I created a poll on LQ:
https://www.linuxquestions.org/questions/showthread.php?p=5962219
and in
Hi,
I am Kalyani, from India. We are a team of 60+ IT professionals with expertise
in: -
Website Designing, Web development, PHP development, E-commerce Solutions,
WordPress, Magento, Joomla Development, Responsive designs, OS Commerce
Solutions, M-Commerce Solutions, and Mobile
On 11/16, Sridhar M A wrote:
Yesterday when I updated my system, I got firefox 57. It does appear
to work faster. But, I noticed that the sites I frequent, do not
display the text: distrocwatch.com, slashdot.org, gmail, etc. Removed
$HOME/.mozilla and checked again. Same problem :-(
The screensh
On Thu, Nov 16, 2017 at 8:44 PM, Vincent Lefevre wrote:
>
> Note that in the interface, the text is visible. So, it doesn't
> seem to be an external font issue. I suggest that you try the
> "Inspect Element" feature. It can give information about the
> fonts.
Checked the font issue. It shows body
On 2017-11-16 10:28:38 +0530, Sridhar M A wrote:
> Yesterday when I updated my system, I got firefox 57. It does appear
> to work faster. But, I noticed that the sites I frequent, do not
> display the text: distrocwatch.com, slashdot.org, gmail, etc. Removed
> $HOME/.mozilla and checked again. Same
On 11/15/2017 08:58 PM, Sridhar M A wrote:
Yesterday when I updated my system, I got firefox 57. It does appear
to work faster. But, I noticed that the sites I frequent, do not
display the text: distrocwatch.com, slashdot.org, gmail, etc. Removed
$HOME/.mozilla and checked again. Same problem :-(
On 16.11.2017 18:03, Greg Wooledge wrote:
> On Thu, Nov 16, 2017 at 03:51:10PM +0500, Alexander V. Makartsev wrote:
>> $ for f in [sans sans-serif serif monospace];do fc-match $f;done
> Just for the record, you do not want those square brackets. Not in
> bash or any other Bourne-family shell,
On Thu, Nov 16, 2017 at 03:51:10PM +0500, Alexander V. Makartsev wrote:
> $ for f in [sans sans-serif serif monospace];do fc-match $f;done
Just for the record, you do not want those square brackets. Not in
bash or any other Bourne-family shell, at least.
On Thu, Nov 16, 2017 at 4:21 PM, Alexander V. Makartsev
wrote:
> Have you checked font settings in Firefox?
I started with a clean $HOME/.mozilla so that system-wide defaults
would be used. Problem exists.
Checked the font list and set fonts specifically. Same problem.
> $ for f in [sans s
On Thu, Nov 16, 2017 at 1:36 PM, Jeroen Mathon
wrote:
> Does the same problem appear when using an older version of firefox?
>
As I had written, it was working fine with the old version.
--
Sridhar M. A.
On 16.11.2017 09:58, Sridhar M A wrote:
> Yesterday when I updated my system, I got firefox 57. It does appear
> to work faster. But, I noticed that the sites I frequent, do not
> display the text: distrocwatch.com, slashdot.org, gmail, etc. Removed
> $HOME/.mozilla and checked again. Same problem
Does the same problem appear when using an older version of firefox?
On 11/16/2017 05:58 AM, Sridhar M A wrote:
> Yesterday when I updated my system, I got firefox 57. It does appear
> to work faster. But, I noticed that the sites I frequent, do not
> display the text: distrocwatch.com, slashdot.
Yesterday when I updated my system, I got firefox 57. It does appear
to work faster. But, I noticed that the sites I frequent, do not
display the text: distrocwatch.com, slashdot.org, gmail, etc. Removed
$HOME/.mozilla and checked again. Same problem :-(
The screenshots can be seen here:
https://
Dear Sir/Ma’am,
Greetings for the Day!!
We are a Website Design/Development & Online Marketing Firm located in
INDIA; we provide fast, high quality Website Design & Development services
as well as Full Custom Design and Development solutions for a variety of
CMS and E-Commerce platforms
Hello,
I am Rajendra bsending you a proposal regarding the optimization of your
business website in Google.
Hence I would like to offer my strategy and plan of action designed to
rank your website on 1st page when ever searched by someone from your area..
1. Keywords Analysis & Resear
Chào listn, mình nhận thấy website của bạn có nội dung rất tốt so với các
website khác. Nhưng người ta liên hệ với bạn khá ít... Nên mình muốn hỏi bạn có
muốn gắn một hộp chát vào trang web của bạn ko ???
Hộp chát là cửa sổ nhỏ sẽ hiện ở góc của trang web giống như trang uhChat .net
vậy, giúp
On Wed 24 Feb 2016 at 10:58:56 (+0100), Nicolas George wrote:
> Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit :
> > Well, md5 beats md4
>
> There is something wrong in your library.
Thanks for your misplaced confidence in me. It was my timing
that wasn't rigorous enough.
Cheers,
David.
Hi,
Henrique de Moraes Holschuh wrote:
> MD5 alone can be somewhat dangerous even in benevolent environments: if the
> data sets are large enough or you are just unlucky,
The size of the data set does not matter much.
As already stated, there is the Pidgeon Hole Principle, which tells
us that a 1
On 02/25/2016 03:07 PM, Stefan Monnier wrote:
>> MD5 alone can be somewhat dangerous even in benevolent environments: if the
>> data sets are large enough or you are just unlucky, you are going to hit a
>> colision and corrupt-or-lose-data-on-dedup sooner or later.
>
> [G]it doesn't seem worried a
>> MD5 alone can be somewhat dangerous even in benevolent environments: if the
>> data sets are large enough or you are just unlucky, you are going to hit a
>> colision and corrupt-or-lose-data-on-dedup sooner or later.
> it doesn't seem worried about this. Admittedly, they use sha1 rather
^
G
> MD5 alone can be somewhat dangerous even in benevolent environments: if the
> data sets are large enough or you are just unlucky, you are going to hit a
> colision and corrupt-or-lose-data-on-dedup sooner or later.
it doesn't seem worried about this. Admittedly, they use sha1 rather
than md5, s
On Tue, 23 Feb 2016, David Wright wrote:
> 1) I do what fdupes does, ie identify files (in a benevolent
>environment) using the MD5 signature to detect duplicate
>contents.
MD5 alone can be somewhat dangerous even in benevolent environments: if the
data sets are large enough or you are jus
On 23/02/16 05:50, Thomas Schmitt wrote:
> But my curiosity is about whether i indirectly helped the hackers.
Technology is just that, technology. With the exception of land mines,
it mostly is neither good nor bad itself, it's how it's used, and many
tools can be used for both.
Software is no d
On 02/24/2016 01:48 PM, Nicolas George wrote:
> Le sextidi 6 ventôse, an CCXXIV, Christian Seiler a écrit :
>> Yes, I know what an HMAC is. But an HMAC is _utterly_ useless for a
>> digital signature.
>
> Please stop commenting the finger when I try to show you the moon.
The problem is that you w
On Thu, Feb 25, 2016 at 12:18:40AM +1100, Andrew McGlashan wrote:
> https://en.wikipedia.org/wiki/Mega_%28service%29
>
> "In July 2015, Dotcom said he doesn't trust Mega service in a Q&A
> session with tech website Slashdot, claims the company had "suffered
> fr
e to current ownership
>
> Now is this what his public relations adviser told him to say ?
https://en.wikipedia.org/wiki/Mega_%28service%29
"In July 2015, Dotcom said he doesn't trust Mega service in a Q&A
session with tech website Slashdot, claims the company had "suf
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Feb 24, 2016 at 01:47:57PM +0100, Thomas Schmitt wrote:
> Hi,
[...]
> A large file emerges in ~/Desktop. (I am wearing my garlic necklace now,
> spraying holy water, and looking up witch signs in the Malleus Maleficarum.)
A nice and entertain
Le sextidi 6 ventôse, an CCXXIV, Christian Seiler a écrit :
> Yes, I know what an HMAC is. But an HMAC is _utterly_ useless for a
> digital signature.
Please stop commenting the finger when I try to show you the moon.
I was not saying that HMAC are useful for digital signatures, I was giving
anot
Hi,
an interesting detail in advance:
It does not boot from USB stick. Too dumb for that.
>From DVD it boots only via BIOS or EFI BIOS emulation, not via
generic EFI.
I wrote:
> > ... google ... Kim Schmitz ... rofl ... i am not that curious.
Andrew McGlashan wrote:
> Actually he doesn't run m
>> So a valid way to construct an OpenPGP v4 signature would be to
>> use
>>
>> H(contents || 0x04 0x00 0x01 0x08 0x00 0x00)
>>
>> as the input for the RSA algorithm (and then pack that up in a
>> nice OpenPGP packet).
>
> I did not have the reference of what OpenPGP does near at hand, I was more
On 24/02/16 22:50, Nicolas George wrote:
> Le sextidi 6 ventôse, an CCXXIV, Richard Hector a écrit :
>> Fair enough. Got a link to someone else's explanation?
>
> Sorry, I do not. But I gave a rather lengthy explanation myself in
> the part you trimmed.
Oh, ok. I assumed from your comment about n
Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit :
> Well, md5 beats md4
There is something wrong in your library.
Regards,
--
Nicolas George
signature.asc
Description: Digital signature
Le quintidi 5 ventôse, an CCXXIV, Christian Seiler a écrit :
> But if you say what Debian is doing is a mistake, then this _is_ what
> you are talking about.
I am quite sure of what I am talking about and what I am not talking about.
> This is decisively not true when we are talking about signing
Le sextidi 6 ventôse, an CCXXIV, Richard Hector a écrit :
> Fair enough. Got a link to someone else's explanation?
Sorry, I do not. But I gave a rather lengthy explanation myself in the part
you trimmed.
Regards,
--
Nicolas George
signature.asc
Description: Digital signature
On 24/02/16 07:52, Nicolas George wrote:
> Le quintidi 5 ventôse, an CCXXIV, Christian Seiler a écrit :
>> > You have _emphasized_ it, but you haven't _explained_ it, nor provided
>> > any search term one could use to look up an explanation for it.
> Explaining takes time, I do not want to do it if
heck trust are
described fairly well at the Tails website (of the Tor project).
They have sigs from Debian devs and others, if you trust those devs,
then you are a long way towards trusting the fingerprint and then you
should be able to trust the signature.
https://tails.boum.org/doc/get/trusting_
On 23/02/2016 9:50 AM, Thomas Schmitt wrote:
> Hi,
>
> Sven Hartge wrote:
>> You cannot wget a mega.nz URL. You have to use a Javascript-enabled
>> Browser to get the file.
>
> Shall i really enable insecure Javascript to download a malicious ISO ?
>
> ... google ... Kim Schmitz ... rofl ... i
On Tue 23 Feb 2016 at 16:58:38 (+0100), Nicolas George wrote:
> Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit :
> > 1) I do what fdupes does, ie identify files (in a benevolent
> >environment) using the MD5 signature to detect duplicate
> >contents.
>
> You did not specify the ave
On 02/23/2016 07:52 PM, Nicolas George wrote:
> What you quote is about signing a summary of files at once versus signing
> each file individually. This is not what I was talking about. What I was
> talking about was signing the file contents itself versus signing the hash
> of the file.
But if yo
Le quintidi 5 ventôse, an CCXXIV, Christian Seiler a écrit :
> You have _emphasized_ it, but you haven't _explained_ it, nor provided
> any search term one could use to look up an explanation for it.
Explaining takes time, I do not want to do it if nobody will read it.
> Why is what Debian does a
On 02/23/2016 04:49 PM, Nicolas George wrote:
> Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
>> If the SHA512SUMS.sign
>
> Stop right there. Signing a bunch of hashes is a beginner's mistake, I have
> already emphasized that in this thread.
You have _emphasized_ it, but you haven't
Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> You have unsurpassable objections against variants which might not
> much weaken the strength of PGP ?
> Not even willing to consider the constraints of such variants ?
I have no idea what you are trying to express.
> Despite leading de
> The collisions are not known, and very unlikely, but "absolute" means
> absolute, not "very likely".
from the way you stated:
> These are all cryptographic hash functions: too strong for a preliminary
> test, insufficient for absolute certainty.
I understood you suggest there is a relevant leve
Le quintidi 5 ventôse, an CCXXIV, arian a écrit :
> where do you get that these are "insufficient for absolute certainty"?
> (beside maybe md4)
> there are no known collisions in sha1 and better, and even md4's preimage
> attack has complexity 2^102. [1,2]
There are collisions for SHA1 as soon as
Hi,
Nicolas George wrote:
> Signing a bunch of hashes is a beginner's mistake,
You have unsurpassable objections against variants which might not
much weaken the strength of PGP ?
Not even willing to consider the constraints of such variants ?
I assume this was discussed among DDs and they weigh
> and even md4's preimage attack has complexity 2^102. [1,2]
sorry, forgot the quotes:
[1] https://en.wikipedia.org/wiki/Preimage_attack
[2] https://en.wikipedia.org/wiki/MD4#Security
signature.asc
Description: OpenPGP digital signature
> These are all cryptographic hash functions: too strong for a preliminary
> test, insufficient for absolute certainty.
where do you get that these are "insufficient for absolute certainty"? (beside
maybe md4)
there are no known collisions in sha1 and better, and even md4's preimage
attack has
Le quintidi 5 ventôse, an CCXXIV, Seeker a écrit :
> If you take security out of the equation, simple true or false.
>
> 1. A corrupted download is better able to be detected when using MD5 than it
> is with CRC32.
>
> 2. A corrupted download is better able to be detected when using SHA than it
>
On 2/23/2016 3:08 AM, Nicolas George wrote:
Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
The ISO checksums are provided more for transport verification than
for the fight against intentional mainpulation.
If that were true, CRC32 would be enough.
Is that a 'Law of averages' t
Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit :
> 1) I do what fdupes does, ie identify files (in a benevolent
>environment) using the MD5 signature to detect duplicate
>contents.
You did not specify the average size of files nor how sure you want to be.
If the files are large, I
On Tue 23 Feb 2016 at 16:04:37 (+0100), Nicolas George wrote:
> Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit :
> > Any faster ones that you recommend from the lists below? (I've rolled
> > my own implementation of fdupes (which uses MD5) in python.)
>
> Nobody can recommend anything with
Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> Only as far as use cases for Debian ISO image hashs are concerned.
> No hash collisions among all Debian ISOs (or better all ISOs in the
> world) is a valuable property.
??? I have no idea what you are talking about.
> If the SHA512SUMS
Hi,
Nicolas George wrote:
> > You are changing the terms of the problem at each messages,
Only as far as use cases for Debian ISO image hashs are concerned.
No hash collisions among all Debian ISOs (or better all ISOs in the
world) is a valuable property.
i wrote:
> > > I could imagine that PGP
Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit :
> Any faster ones that you recommend from the lists below? (I've rolled
> my own implementation of fdupes (which uses MD5) in python.)
Nobody can recommend anything without knowing the intended use.
Regards,
--
Nicolas George
signatur
On Tue 23 Feb 2016 at 13:15:38 (+0100), Nicolas George wrote:
> Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> > i wrote:
> > > > The ISO checksums are provided more for transport verification than
> > > > for the fight against intentional mainpulation.
>
> > Nicolas George wrote:
>
Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> i have to revoke some of my criticism towards Debian's signed
> hash value lists.
> Together, MD5, SHA1, SHA256, and SHA512 provide up to 132 bytes of
> uniqueness (assumed that they have no systematic correlations).
This is irrelevant.
Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> i wrote:
> > > The ISO checksums are provided more for transport verification than
> > > for the fight against intentional mainpulation.
> Nicolas George wrote:
> > If that were true, CRC32 would be enough.
> For detecting most glitches
Hi,
i wrote:
> > The ISO checksums are provided more for transport verification than
> > for the fight against intentional mainpulation.
Nicolas George wrote:
> If that were true, CRC32 would be enough.
For detecting most glitches, yes.
But not if we want to use it for identifying files in benev
On Tue, Feb 23, 2016 at 12:02:50PM +0100, Thomas Schmitt wrote:
> Hi,
>
> Nicolas George wrote:
> > Of course, that does not mean MD5 and SHA-1 should be used nowadays. New
> > theoretical attacks are found, keeping using hashes with known weaknesses is
> > stupid.
>
> The ISO checksums are provi
Hi,
i have to revoke some of my criticism towards Debian's signed
hash value lists.
Together, MD5, SHA1, SHA256, and SHA512 provide up to 132 bytes of
uniqueness (assumed that they have no systematic correlations).
I could imagine that PGP is easier to surpass than that.
Well, according to wikipe
Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> The ISO checksums are provided more for transport verification than
> for the fight against intentional mainpulation.
If that were true, CRC32 would be enough.
> Signing the hash lists by PGP still seems a bit weak as protection.
Signi
Le 23/02/2016 12:02, Thomas Schmitt a écrit :
Most important seems a permanent supervision of the web site content
from not publicly known client machines.
if I followed right this, there was a redirect to an external site. How
can this be possible?
html links is the first thing spam uses
Hi,
Nicolas George wrote:
> Of course, that does not mean MD5 and SHA-1 should be used nowadays. New
> theoretical attacks are found, keeping using hashes with known weaknesses is
> stupid.
The ISO checksums are provided more for transport verification than
for the fight against intentional mainp
1 - 100 of 607 matches
Mail list logo
