Remember Valentine’s day 2004, when San Francisco county started issuing marriage licenses to same-sex couples?
Thousands of couples showed up. Some from the other side of the planet, some from the other side of town. The County Clerk was overwhelmed and there weren’t nearly enough wedding officiants to keep up. So they put out a call for volunteers to be deputized by the Clerk as county marriage commissioners. I volunteered and officiated at dozens of ceremonies at city hall.
Still have my official commission hanging on my wall.
SSL/TLS, the “S” in HTTPS, and other network encryption protocols such as SSH, use a technique called a Diffie-Hellman key exchange. This is a mode of cryptography where each side generates two keys: a public half and a private half. Anything encrypted with the public half is only decryptable by the associated private half (and vice versa).
You and Youtube only ever exchange the public halves of your respective key pairs. If someone snoops on the key exchange all they can do is insert spoofed messages, not decrypt real ones.
Moreover, the keypairs are generated on the fly for each new session rather than reused. This means that even a future compromise of youtube won’t unlock old sessions. This is a concept called forward secrecy.
Message spoofing is prevented by digital signatures. These also use the Diffie-Hellman principle of pairs of public/private keys, but use separate longer-term key pairs than those used with encryption. The public half of youtube’s signing key, as presented by the server when you connect to it, has to be digitally signed by a well-known public authority whose public signing key was shipped with your web browser.
I refuse to use the Brave browser, and I was prepared to abandon Firefox, over then-CEO Brendan Eich’s $1000 donation in support of California’s proposition 8 (banning same-sex marriage). I will never forgive the supporters of that proposition. I will not knowingly support their businesses.
I’ve lost all respect for Scott Adams (of the Dilbert comic strip) and Kelsey Grammar (Frasier actor). Their continued support for Donald Trump is damning.
Part of my job is to review security footage for reported incidents.
If there is a long-lasting visual cue that the event has or has not happened yet (e.g. a window is either broken or not), then a binary search is very useful.
If the event lasts only a moment and leaves no visual cue (e.g. an assault), then binary search is practically useless.
The fact that he didn’t realize he’s not addicted until stranded suggests that few Jem’hadar ever personally experience withdrawal. They receive regular doses and then die in combat, so it rarely comes up. Almost everything they know about the effect of white withdrawal is received knowledge.
If it weren’t canon that they need white to survive, then my headcanon would be that that they could totally survive without it and they’ve just been lied to all along. Like that episode of TNG.
Even the researcher who reported this doesn’t go as far as this headline.
“I am an admin, should I drop everything and fix this?”
Probably not.
The attack requires an active Man-in-the-Middle attacker that can intercept and modify the connection’s traffic at the TCP/IP layer. Additionally, we require the negotiation of either ChaCha20-Poly1305, or any CBC cipher in combination with Encrypt-then-MAC as the connection’s encryption mode.
[…]
“So how practical is the attack?”
The Terrapin attack requires an active Man-in-the-Middle attacker, that means some way for an attacker to intercept and modify the data sent from the client or server to the remote peer. This is difficult on the Internet, but can be a plausible attacker model on the local network.