Posts by Henry

CAs using MD5

Actually, the list of CAs still using some MD5-signed certificates is easily found in the pdf of the talk on the CCC website: RapidSSL (who issued 97% of the MD5-using certificates the team found), FreeSSL, TrustCenter, RSA Data Security, Thawte, verisign.co.jp

http://events.ccc.de/congress/2008/Fahrplan/attachments/1251_md5-collisions-1.0.pdf

A matter of degrees

If you read the article (rather than just looking at the picture) it's pretty obvious that they've just replaced all the degree symbols with zeroes.

Flaws

1) Used to work fine on my mobile phone (IE on Windows Mobile); now looks rubbish - after every group of 3 stories there's a huge amount of white space, to start with, and the horizontal alignment on the main page jumps about (some things appear left-aligned, some things right-aligned).

2) Comments box: using Firefox 3.0.2 under Ubuntu I have to click on the left half of the "title" box - at the left half I get the normal text caret cursor, but when the cursor is over the right half it doesn't think it's a text box!

3) Fixed width = epic fail. It's bad enough on my laptop at the moment, but I shudder to think how it'll look on my widescreen monitor tomorrow. The whole point of good web design is that your website should look good regardless of resolution/screen size, font size etc etc.

4) The new comment icons are horrible. Where are Paris and Steve?

I actually quite like the new appearance. I just wish you'd tested it a bit more before pushing it out.

@AC

Well, quite. Which is why the bottom line is: don't have a single point of failure, and make sure that even if someone does crack the wireless bit of the network then they'll have to do lots more work to do anything once they're in.