Zocalo - Slashdot User

Slashdot

●Stories

●Firehose

●All

●Popular

●Polls

●Software

●Thought Leadership

Submit

Search Slashdot

● Login

●or

● Sign up

●Topics:

●Devices

●Build

●Entertainment

●Technology

●Open Source

●Science

●YRO

●Follow us:

●RSS

●Facebook

●LinkedIn

●Twitter

● Youtube

● Mastodon

●Bluesky

Catch up on stories from the past week (and beyond) at the Slashdot story archive

Nickname:

Password:

Public Terminal

Forgot your password?
Close

binspam dupe notthebest offtopic slownewsday stale stupid fresh funny insightful interesting maybe offtopic flamebait troll redundant overrated insightful interesting informative funny underrated descriptive typo dupe error

Submission Summary: 0 pending, 26 declined, 9 accepted (35 total, 25.71% accepted)

MongoDB Atlas: Multi-cloud, modern database on AWS, Azure, and Google Cloud. Get access to our most high performance version ever, with faster and easier scaling at lower cost.

×

86366783 submission

Submission + - Game over for WoSign and Startcom? (google.com) 1

Submitted by Zocalo on Monday September 26, 2016 @02:55PM

Zocalo writes: Over the last several months Mozilla has been investigating a large number of breaches of what Mozilla deems to be acceptable CA protocols by the Chinese root CA WoSign and their perhaps better known subsidiary StartCom, whose acquisition by WoSign is one of the issues in question. Mozilla has now published their proposed solution (GoogleDocs link), and it's not looking good for WoSign and Startcom. Mozilla's position is that they have lost trust in WoSign and, by association StartCom, with a proposed action to give WoSign and StartCom a "timeout" by distrusting any certificates issued after a date to be determined in the near future for a period of one year, essentially preventing them issuing any certificates that will be trusted by Mozilla. Attempts to circumvent this by back-dating the valid-from date will result in an immediate and permanent revocation of trust, and there are some major actions required to re-establish that trust at the end of the time out as well.

This seems like a rather elegant, if somewhat draconian, solution to the issue of what to do when a CA steps out of line. Revoking trust for certificates issued after a given date does not invalidate existing certificates and thereby inconvenience their owners, but it does put a severe — and potentially business ending — penalty on the CA in question. Basically, WoSign and StartCom will have a year where they cannot issue any new certificates that Mozilla will trust, and will also have to inform any existing customers that have certificate renewals due within that period they cannot do so and they will need to go else where — hardly good PR!

What does Slashdot think? Is Mozilla going too far here, or is their proposal justified and reasonable given WoSign's actions, making a good template for potential future breaches of trust by root CAs, particularly in the wake of other CA trust breaches by the likes of CNNIC, DigiNotar, and Symantec?

accepted

40092935 submission

Submission + - Star Citizen takes the crowdfunding crown, reboots the Space Sim genre? (robertsspaceindustries.com)

Submitted by Zocalo on Saturday November 17, 2012 @10:40AM

Zocalo writes: Star Citizen, Chris Robert's attempt to reboot the Space Sim genre, hit a major funding milestone earlier today, exceeding the previous record of $4,163,208 secured by the game Project Eternity and more than doubling the initial funding target set by the producer of the Wing Commander series. With Stretch Goals now being passed every few hours bringing new features to the planned game, and David Brabham annoucing a new installment of the classic Elite using a similar funding model at Kickstarter could this be a wake up call for the big game publishers to take another look at the genre?

There's still two days left of Star Citizen funding as well, so if you feel like being a part you can chip in either at the main RSI site or on Kickstarter.

accepted

37648401 submission

Submission + - A glimpse at piracy in the UK and beyond (bbc.co.uk) 1

Submitted by Zocalo on Monday September 17, 2012 @03:36AM

Zocalo writes: The BBC has a fascinating look into the music download habits of the UK population based on stats compiled by Musicmetric. The stats, gathered through the monitoring of BitTorrent swarms and geo-locating the IPs, shows the hotspots for music copyright infringement across the UK and regional preferences for certain types of music. Some of the outliers are somewhat unusual though, suggesting some problems with the methodology or sample size, unless people on the Isle of Wight really do prefer trumpet-playing crooner Louis Armstrong to the likes of Rihanna and Ed Sheeran who top the lists nationwide.

Not in the UK? There are some global stats on the "Most pirated near you?" tab of the story. Better yet, if you want to crunch the numbers for yourself all of the data has been made available at the Musicmatch website under a Creative Commons license and a RESTful API to access the data (free for non-commercial use!) is also available.

accepted

26726600 submission

Submission + - CNet / download.com trojaning OSS tools (seclists.org)

Submitted by Zocalo on Monday December 05, 2011 @06:02PM

Zocalo writes: In a post to the Nmap Hackers list Nmap author, Fyodor, accuses C|Net / download.com of wrapping a trojan installer (as detected by various AV applications when submitted to VirusTotal) around software including Nmap and VLC Media Player. The C|Net installer bundles a toolbar, changes browser settings and, potentially, performs other shenanigans — all under the logo of the application the user thought they might have been downloading. Apparently, this isn't the first time they have done this, either.

Fyodor's on the lookout for a good copyright lawyer, if anyone has one to spare.

17788732 submission

Submission + - Free IPv4 pool now down to seven /8s (iana.org)

Submitted by Zocalo on Tuesday November 30, 2010 @04:06PM

Zocalo writes: For those of you keeping score, ICANN just allocated another four /8 IPv4 blocks; 23/8 and 100/8 to ARIN, 5/8 and 37/8 to RIPE, leaving just seven /8s unassigned. In effect however, this means that there are now just two /8s available before the entire pool will be assigned due to an arrangement whereby the five Regional Internet Registries would each automatically receive one of the final five /8s once that threshold was met. The IPv4 Address Report counter at Potaroo.net is pending an update and still saying 96 days, but it's now starting to look doubtful that we're going to even make it to January.

accepted

« Newer Older »

Slashdot Top Deals

Zocalo
Firehose
Comments
Submissions
Friends
Tags
Achievements

Nickname:

Password:

Public Terminal

Forgot your password?

Close

Zocalo (252965)

●(email not shown publicly)
http://www.zocalo.uk.com/

Zocalo's Achievements

● Got a Score:5 Comment

● Member of the 10010 Digit (binary) UID Club

● Submitted a Story That Was Posted

Zocalo's Comments

● Re:STFU

● Re:Scary? (Score:3, Informative)

● Re:What "notorious" sites are they going after?

● Re:Surprised the market is still as large as it is (Score:4, Interesting)

● Re:easily validated?

Zocalo's Friends

● PopeRatzo

● whipslash

● fiziko

● DNS-and-BIND

● eldavojohn

Zocalo's Tags

● slownewsday (submissions)

● offtopic (submissions)

● notthebest (submissions)

● binspam (submissions)

● interesting (submissions)

Zocalo's Submissions

● Game over for WoSign and Startcom?

● Star Citizen takes the crowdfunding crown, reboots the Space Sim genre?

● A glimpse at piracy in the UK and beyond

● CNet / download.com trojaning OSS tools

● Free IPv4 pool now down to seven /8s

Slashdot

● Submit Story

Ya'll hear about the geometer who went to the beach to catch some rays and became a tangent ?

●FAQ

●Story Archive

●Hall of Fame

●Advertising

●Terms

●Privacy Statement

●About

●Feedback

●Mobile View

●Blog

Icon

Do Not Sell or Share My Personal Information

Copyright © 2026 Slashdot Media. All Rights Reserved.

×

Close

Close

Slashdot

Working...