Re: Keys
"Why won't you provide a reference about the 13th Century Chinese rockets?"
I assumed you knew how to use Google. My apologies.
https://web.archive.org/web/20090709042712/http://history.msfc.nasa.gov/rocketry/tl1.html
408 publicly visible posts • joined 27 Oct 2015
"Did you try repainting it ? This offers increased protection since most of the computers are grey, silver or black."
I'm sure those targetted by this are now kicking themselves for leaving their computers the standard colour.
MAC addresses are potentially traceable, in case you didn't know.
"OpenBSD has the infamous Theo who lords it over his small team of trusted coders ? Or Linus on Linux ?"
"unless you speak fluent C++ (with a security specialisation to boot), you're still trusting "someone else" to deliver secure and reliable code"
My C++ reading skills aren't what I'd call fluent, but that doesn't stop me reading OpenBSD or Linux source code when I have to. Did you mean C?
"My point is that we actually have reached the point where insecure devices can cause harm and destruction and we need to start thinking about that because there are billions of them out there."
Exactly. Allowing consumers to replace crap firmware is a way of dealing with that. Preventing them allows the problem to continue.
"Or you get a lecturer like we had in Uxbridge College in the 90s that knew all the old skool stuff but not the new. So was teaching us obsolete shit."
How much fundamental computer science is actually obsolete (as opposed to superficial stuff like the latest programming fad)? Much of it was formulated well before the 90s and is still relevant.
"The defendant does not become a prisoner until convicted."
That's not strictly true. A suspect may be held in prison on remand while awaiting a trial. In serious cases this can be for months. The present debacle could cause a trial to be rescheduled, meaning further time spent in prison by a potentially innocent person.
"I just know they work, somehow, and make everything secure."
They don't make everything secure. They just make things a bit more secure than not having them. If you're going through a company proxy or public access point equipped with MITM software (eg. Bluecoat) the security is broken. This seems to get swept under the carpet in the current "HTTPS everywhere" craze. HTTPS is good, but don't be lulled into a false sense of security.
"the idea that client-side javascript is some form of easy way of doing exactly the same as server side javascript is ridiculous."
I'd say the idea of using server side javascript is ridiculous. If you're doing server side processing you'd presumably use a better language (because you can, unlike in a web browser).