Some lackey recently wrote a quick post for Mobile Orchard discussing the combination of retain/release and protocol inheritance in Objective-C. If such things float your boat, check it out.
Some lackey recently wrote a quick post for Mobile Orchard discussing the combination of retain/release and protocol inheritance in Objective-C. If such things float your boat, check it out.
One of the inventors on SSL was interviewed on CNET recently and threw out this gem of a quote:
We had this fight early on in the Internet days: What do we tell the user to do when there is an expired certificate? Security professionals always struggle with the general public because usability always wins. When you get an expired certificate, the site owner or organization would always prefer to allow the user to do things rather than disallow. This is just an unfortunate fact.
Ok, look, this problem has nothing to do with user interface and what you call “usability.” Security and usability are not mutually opposed as long as the security has a reasonable signal-to-noise ratio.
Consider this: what percentage of web sites with bad certs are in fact malicious? Now, what percentage of sites with good certs turn out to be malicious? As it turns out, the trustworthiness of a site has almost nothing to do with the validity of it’s SSL cert! That’s your usability problem. I want software that tells me something is a security risk, not that it could be a security risk.