Mail Archives: geda-user/2021/02/15/21:15:30
| X-Authentication-Warning: | delorie.com: mail set sender to geda-user-bounces using -f
|
| X-Recipient: | geda-user AT delorie DOT com
|
| X-Original-DKIM-Signature: | v=1; a=rsa-sha256; c=relaxed/relaxed;
|
| d=gmail.com; s=20161025;
|
| h=mime-version:references:in-reply-to:from:date:message-id:subject:to;
|
| bh=w9nOGFL8efd13gURnjNRtNZFf1sFfThhoHmnt9j/vWg=;
|
| b=r2dme4H0cjWyVkslQ7+JX5FPNbb/WJUWgpPKfQ7NAvVAj/nPNLwQ+QmYTmRXo8V+Jw
|
| /O671V77rw4/fP62RmElrmoHvsjUHK5yh+1dNZjyd+9gNDH219RRu1dIHZAuftTM9Jen
|
| Xrx+e2gtBfi/irzMFdUraWURtw8c0p9mMyIQP/RHj/UgLS5cTQG4xeIyEGshRR3Z1GsZ
|
| VY23vQRJM36zRo4cWwKYs2/IE9hdfBoad1i08+MR43qnKqm8khun+GzxDM6YIvHIIdGy
|
| yUB4D9nnmO6C0AJNoaz0aOJWz2+i3ku+lsAJxa9wcT0A38pM4IOPRVgRdVjqUnmPximZ
|
| hS3Q==
|
| X-Google-DKIM-Signature: | v=1; a=rsa-sha256; c=relaxed/relaxed;
|
| d=1e100.net; s=20161025;
|
| h=x-gm-message-state:mime-version:references:in-reply-to:from:date
|
| :message-id:subject:to;
|
| bh=w9nOGFL8efd13gURnjNRtNZFf1sFfThhoHmnt9j/vWg=;
|
| b=traQouaOsL5Z8PJLaAmjU5H7dEHOqNlXhHvFiJTy6L9590NEgEVZkJHRm5R3NpVP5D
|
| MbXPJX8qG3ZGKAmLjfnv4+1WS5HGAwLAVcZKQfL857e8ayD5p7OP9AGIytfHv0Zl1u8L
|
| QvgassJns2zIZ4+drvb/PjZj4z/0dXW4TTuaB4zn1XrzEL5uJjZrp0tUzsBUj9wWn73f
|
| 6ueF0DNWeTWMGdP2GzARDPoUVsAjJ1lELcvoyXyYZ2r2eMJSkHHVLCpmrDSUxZQzOYLo
|
| mRPF0PPYs3D+ciY7Qxcp53Ai0Q3W/XB+PHNjQtRT/wRzAkpdfdy6KUbvBxTHOguT26Jn
|
| dEhg==
|
| X-Gm-Message-State: | AOAM531oP0ipT0vWyyuvAL6RW3GTQRLq7wLemWzAHRDaE1QRcWWnmFFB
|
| xRTOBb8J+V2uRKwATsPRkHtqn/FlI0sbICbiPHM6Nk48oEQ=
|
| X-Google-Smtp-Source: | ABdhPJyTRYdVCgZDNvZJc4ng1ZkMERDQcPJIGsOPMSj3HsNPJ+EoVt5DJZSCXdf37+UryxIG792DPTstG8MJl2h+yl4=
|
| X-Received: | by 2002:a05:6512:131f:: with SMTP id x31mr10665005lfu.552.1613441625292;
|
| Mon, 15 Feb 2021 18:13:45 -0800 (PST)
|
| MIME-Version: | 1.0
|
| References: | <bde96a88-b800-6222-6138-69de5d03f0c2 AT fastmail DOT com>
|
| <20210110065529 DOT A5C7E82966EF AT turkos DOT aspodata DOT se> <63b86b32-75be-dbff-7215-e3c35c484808 AT fastmail DOT com>
|
| In-Reply-To: | <63b86b32-75be-dbff-7215-e3c35c484808@fastmail.com>
|
| From: | "Marvin Dickens (mpdickens AT gmail DOT com) [via geda-user AT delorie DOT com]" <geda-user AT delorie DOT com>
|
| Date: | Mon, 15 Feb 2021 21:13:34 -0500
|
| Message-ID: | <CANEvwqi8u9R5_rQkgcCy=ozuCDQQ0NhjZS2-=QAvBe4V-SGrPQ@mail.gmail.com>
|
| Subject: | Re: [geda-user] No https for pcb-rnd
|
| To: | geda-user <geda-user AT delorie DOT com>
|
| Reply-To: | geda-user AT delorie DOT com
|
--000000000000f1045c05bb6aa62a
Content-Type: text/plain; charset="UTF-8"
When I see stuff like what is in this thread I am embarrassed. This thread
is TOTAL GARBAGE.
The things that made this project great are gone. I am opting out of this
disaster.
Marvin Dickens
On Sun, Jan 10, 2021 at 6:19 PM Girvin Herr (gherrl AT fastmail DOT com) [via
geda-user AT delorie DOT com] <geda-user AT delorie DOT com> wrote:
>
> On 1/9/21 10:55 PM, karl AT aspodata DOT se [via geda-user AT delorie DOT com] wrote:
> > Girvin Herr:
> >> In the name of computer security, I am going through all of my browser
> >> bookmarks and rejecting all websites that do not support the https
> >> protocol.
> > ...
> >
> > So would a self signed certificate suffice -- since then you are using
> > "https".
> >
> > And next, what kind of security do you want ?
> > a, the middleman cannot see what you transfer
> > b, the middleman cannot change what you transfer
> > c, the middleman cannot cannot see that you have contact or are
> > transferring (https doesn't solve that)
> > d, to be sure that the site is indeed authentic (use dns-sec for that)
> > e, something else I haven't thought about
> >
> > If you don't trust a self signed certificate, why would you trust
> > some random certificate authority and not some person writing
> > useful code that serves us well. See e.g.
> >
> https://www.theregister.com/2013/12/10/french_gov_dodgy_ssl_cert_reprimand/
> >
> > You know, https isn't the final answer to computer security.
> >
> > And lastly, why don't you do a simple request on the pcb-rnd mailing
> > list, what has geda-user have to do with this.
> >
> > Regards,
> > /Karl Hammar
> >
> Karl,
>
> I don't know why you are so resistant to computer security. The majority
> of websites I visit and I have bookmarks for are already https
> compliant, including many, if not most, open source websites like gEDA.
> I finally got to my gEDA bookmarks and the gEDA websites are not https
> compliant either! It is about time the gEDA websites get on the
> bandwagon and improve their website security. Not having a web server, I
> cannot attest to what is needed to add a https port, but IMHO not doing
> so is risky. https is not the end-all of security. It takes constant
> vigilance to keep up with the bad guys and the tools, such as https,
> help and it should be a minimum.
>
> Why did I post my concern about pcb-rnd on this forum? Good question. I
> thought about it a while and decided that since pcb-rnd was on this
> forum in the past, and that it may be polled by the pcb-rnd devs, and
> that some pcb-rnd users who read the postings on this forum should know
> that the pcb-rnd website may not be as secure as they think, I decided
> to post here. That may be a political mistake and I apologize if it
> offends anyone, but I thought I was doing other users a service and
> maybe a push for the pcb-rnd server maintainer to add a https portal.
> Now that includes gEDA too. I hope the gEDA server maintainers create a
> https portal on the web server(s) asap. We all must be serious about
> computer security because there are a lot of bad guys out there.
>
> HTH.
>
> Girvin
>
>
>
--000000000000f1045c05bb6aa62a
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">When I see stuff like what is in this thread I am embarras=
sed. This thread is TOTAL GARBAGE.<div>The things that made this project gr=
eat are gone. I am opting out of this disaster.</div><div><br></div><div>Ma=
rvin Dickens</div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" cla=
ss=3D"gmail_attr">On Sun, Jan 10, 2021 at 6:19 PM Girvin Herr (<a href=3D"m=
ailto:gherrl AT fastmail DOT com">gherrl AT fastmail DOT com</a>) [via <a href=3D"mailto:=
geda-user AT delorie DOT com">geda-user AT delorie DOT com</a>] <<a href=3D"mailto:ged=
a-user AT delorie DOT com">geda-user AT delorie DOT com</a>> wrote:<br></div><blockquo=
te class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left-widt=
h:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-le=
ft:1ex"><br>
On 1/9/21 10:55 PM, <a href=3D"mailto:karl AT aspodata DOT se" target=3D"_blank">k=
arl AT aspodata DOT se</a> [via <a href=3D"mailto:geda-user AT delorie DOT com" target=3D=
"_blank">geda-user AT delorie DOT com</a>] wrote:<br>
> Girvin Herr:<br>
>> In the name of computer security, I am going through all of my bro=
wser<br>
>> bookmarks and rejecting all websites that do not support the https=
<br>
>> protocol.<br>
> ...<br>
><br>
> So would a self signed certificate suffice -- since then you are using=
<br>
> "https".<br>
><br>
> And next, what kind of security do you want ?<br>
> a, the middleman cannot see what you transfer<br>
> b, the middleman cannot change what you transfer<br>
> c, the middleman cannot cannot see that you have contact or are<br>
>=C2=A0 =C2=A0 =C2=A0transferring (https doesn't solve that)<br>
> d, to be sure that the site is indeed authentic (use dns-sec for that)=
<br>
> e, something else I haven't thought about<br>
><br>
> If you don't trust a self signed certificate, why would you trust<=
br>
> some random certificate authority and not some person writing<br>
> useful code that serves us well. See e.g.<br>
>=C2=A0 =C2=A0<a href=3D"https://www.theregister.com/2013/12/10/french_g=
ov_dodgy_ssl_cert_reprimand/" rel=3D"noreferrer" target=3D"_blank">https://=
www.theregister.com/2013/12/10/french_gov_dodgy_ssl_cert_reprimand/</a><br>
><br>
> You know, https isn't the final answer to computer security.<br>
><br>
> And lastly, why don't you do a simple request on the pcb-rnd maili=
ng<br>
> list, what has geda-user have to do with this.<br>
><br>
> Regards,<br>
> /Karl Hammar<br>
><br>
Karl,<br>
<br>
I don't know why you are so resistant to computer security. The majorit=
y <br>
of websites I visit and I have bookmarks for are already https <br>
compliant, including many, if not most, open source websites like gEDA. <br=
>
I finally got to my gEDA bookmarks and the gEDA websites are not https <br>
compliant either! It is about time the gEDA websites get on the <br>
bandwagon and improve their website security. Not having a web server, I <b=
r>
cannot attest to what is needed to add a https port, but IMHO not doing <br=
>
so is risky. https is not the end-all of security. It takes constant <br>
vigilance to keep up with the bad guys and the tools, such as https, <br>
help and it should be a minimum.<br>
<br>
Why did I post my concern about pcb-rnd on this forum? Good question. I <br=
>
thought about it a while and decided that since pcb-rnd was on this <br>
forum in the past, and that it may be polled by the pcb-rnd devs, and <br>
that some pcb-rnd users who read the postings on this forum should know <br=
>
that the pcb-rnd website may not be as secure as they think, I decided <br>
to post here. That may be a political mistake and I apologize if it <br>
offends anyone, but I thought I was doing other users a service and <br>
maybe a push for the pcb-rnd server maintainer to add a https portal. <br>
Now that includes gEDA too. I hope the gEDA server maintainers create a <br=
>
https portal on the web server(s) asap. We all must be serious about <br>
computer security because there are a lot of bad guys out there.<br>
<br>
HTH.<br>
<br>
Girvin<br>
<br>
<br>
</blockquote></div>
--000000000000f1045c05bb6aa62a--
- Raw text -