Comments for http://www.infosentry.org Mon, 18 Apr 2011 23:00:19 +0000 hourly 1 http://wordpress.org/?v= Comment on Let’s stop fear mongering and non-sense about Comodo Compromise and import the CRL by Farshad Abasi http://www.infosentry.org/archives/39/comment-page-1#comment-8 Farshad Abasi Mon, 18 Apr 2011 23:00:19 +0000 http://infosentry.org/archives/39#comment-8 You bring up an interesting issue: should these things be preconfigured in the application or be dynamically configured via updates from a central server? Each has pros and cons... You bring up an interesting issue: should these things be preconfigured in the application or be dynamically configured via updates from a central server? Each has pros and cons…

]]> Comment on Security: Sometimes less is more by Farshad Abasi http://www.infosentry.org/archives/71/comment-page-1#comment-7 Farshad Abasi Mon, 18 Apr 2011 22:39:36 +0000 http://www.infosentry.org/archives/71#comment-7 This morning, my Windows PC at work asked me to reset my password or it will expire (again) in 19 days! I THOUGHT I JUST CHANGED THAT! And I am running out of passwords I can easily remember that have upper case + lower case + numbers + characters at the same time! Not to mention that I use different system that use separate passwords, and they also require similarly complex passwords, and they want me to REMEMBER then AND change them all the time :) Yes, there are tools to help people in my situation, but I completely agree with you in that security should be a balance between risk, cost and usability. Most techies get too caught up in the (fun) technical stuff. This morning, my Windows PC at work asked me to reset my password or it will expire (again) in 19 days! I THOUGHT I JUST CHANGED THAT! And I am running out of passwords I can easily remember that have upper case + lower case + numbers + characters at the same time! Not to mention that I use different system that use separate passwords, and they also require similarly complex passwords, and they want me to REMEMBER then AND change them all the time :) Yes, there are tools to help people in my situation, but I completely agree with you in that security should be a balance between risk, cost and usability. Most techies get too caught up in the (fun) technical stuff.

]]> Comment on Let’s stop fear mongering and non-sense about Comodo Compromise and import the CRL by Mian Khurrum http://www.infosentry.org/archives/39/comment-page-1#comment-6 Mian Khurrum Mon, 04 Apr 2011 01:35:07 +0000 http://infosentry.org/archives/39#comment-6 Firefox 4 will allow you to import a CRL. You can also enable OSCP and set the browswer to fail if OSCP status of a cert cannot be verified. There are also reports that Firefox has hard coded a number of certs as being fradulent. I'll be posting some details on this tonight. You are right, both Chrome and IE are showing these certs as being revoked in the configuration, which is the best thing to do as it does not required checking a CRL or contact OSCP server. Mian Khurrum Firefox 4 will allow you to import a CRL. You can also enable OSCP and set the browswer to fail if OSCP status of a cert cannot be verified. There are also reports that Firefox has hard coded a number of certs as being fradulent. I’ll be posting some details on this tonight. You are right, both Chrome and IE are showing these certs as being revoked in the configuration, which is the best thing to do as it does not required checking a CRL or contact OSCP server.

Mian Khurrum

]]> Comment on Let’s stop fear mongering and non-sense about Comodo Compromise and import the CRL by BBGT http://www.infosentry.org/archives/39/comment-page-1#comment-5 BBGT Sun, 03 Apr 2011 05:45:21 +0000 http://infosentry.org/archives/39#comment-5 O.K., but I find it a bit odd that I can see the revoked certificates in Google Chrome but not in Firefox (both updated to latest versions). Would you happen to know why the difference between these two browsers? O.K., but I find it a bit odd that I can see the revoked certificates in Google Chrome but not in Firefox (both updated to latest versions).

Would you happen to know why the difference between these two browsers?

]]>