5/14    debian people, recompile:
        http://metasploit.com/users//hdm/tools/debian-openssl
        \- and ubuntu
           \_ Which is derived from debian.
        \_ Argh. What are some inexpensive certificate authorities?
	...

9/9     Is there a gzip-like unix command that will encrypt a file?
        I'm looking for something that's widely available. Thanks
        crypt (not very secure - DES).  Or failing that, openssl or gnupg
        \_ openssl or gnupg... what are you looking for?  Those will work fine..
           \_ Thanks for the recommendations. I'm basically experimenting
              with a way of using my friend's computer to backup my
	...

3/2     LDAP help: I am trying to dump the userPassword from an ldap database
        with ldapsearch but it is coming out base64 encoded:
        userPassword:: e2NyeXB0fWhhKllueGJrSXhrR2M=
        Is there a shell tool to decode this ... I want to avoid re-writing
        the whole thing in perl (I'm not that familar with LDAP or encodings
        and this isn't important enough to spend a lot of time on ... but I've
	...

2/13    Do I really have to point my cisco pix at some cert. authority
        if I want to use keys (instead of "pre-shared secrets") ?
        I can't just self sign?? wtf?
        \_ Actually, why not just create a CA signing cert with OpenSSL
           (it's not that hard), sign a cert with that, and then import the
           CA public key into pix?  Or use a static passphrase for phase I
	...

4/30    In Outlook Express I get an error message everytime I check my
        CSUA account, although I still get my mail.  I am using POP port 995
        with SSL.  Is there a way I can prevent this message, it's annoying:
        "The server you are connected to is using a security certificate that
        could not be verified.  A certificate chain processed, but terminated
        in a root certificate which is not trusted by the trust provider.  Do
	...

3/19    Is there a way to get Mozilla under Windows to use mystore to manage
        certificates rather than its own internal cert manager?  I have a
        DER-encoded client cert that's usable by IE, but I'd like to see
        it used by Mozilla (which requires PKCS#12 certs for its own store,
        rather than DER or p7b.)  -John
        \_ It is possible to conver between DER and PKCS#12 (I believe that
	...

6/5     I can't reach some sites from my company, including sameer's
        anonymizer. What are some good anonymizing sites I can use? Thanks.
        \_ I recommend setting up nph-proxy or something similar on your
           home machine.  For added yuks, run it over OpenSSL and password
           protect it.  -John
	...

5/27    In what ways are FreeBSD superior to a good Linux distro?
        \_ Why do you hate Windows?
           \_ Why do you hate Linus?
        \_ *BSD has a better IP stack.
           \_ In what way?
           \_ Aren't they the same now?
	...

5/27    MacOS X Mail complains about soda's certificate when connecting over
        SSL.  Is there a way to silence it?  Is there a public x509 certificate
        around here?  The stuff in /etc/ssl/certs isn't readable by anyone but
        root.   -jeffwong
        \_ There's a way to get Mail to suppress the warning... sorry, but I
           don't remember what it is off the top of my head.
	...

5/6     Installed lynx with openssl and now I have the following msg:
        "unable to get local issuer certificate"
        What's going on?
	...

3/25    as of today i can't get my imaps mail off of csua port 993. anyone
        else have this problem?
        \_ I have this problem not, with openssl as the connector.
           * OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS AUTH=PLAIN AUTH=LOGIN]
             http://soda.CSUA.Berkeley.EDU IMAP4rev1 2002.332 at Thu, 25 Mar 2004
             19:23:26 -0800 (PST)
	...

2/3     Do I have to purchase an SSL cert from Verisign or one of those
        places inorder to allow my webserver to accept https requests?
        \_ yes.
        \_ You can set this up nicely with OpenSSL.  Make sure that the
           server's DN in the cert matches your hostname so that the only
           message the browser pops up is something along the lines of
	...

9/19    "No, A Severed Finger Will Not Be Able to Access a Stolen iPhone 5S"
        http://mashable.com/2013/09/15/severed-finger-iphone-5s
        I'm sure the Apple QA department has tested extensively that a severed
        finger will not be able to access a stolen iPhone 5S.
        \_ It doesn't matter whether or not a severed finger can be used.  It
           matters whether or not a robber thinks that a severed finger can be
	...

6/6     Wow, NSA rocks. Who would have thought they had access to major
        data exchangers? I have much more respect for government workers,
        crypto experts, mathematicans now than ever.
        \_ flea to Hong Kong --> best dim-sum in the world
           \_ "flee"
        \_ The dumb ones work for DMV, the smart ones for the NSA. If you
	...

8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
	...

8/29    There was once a CSUA web page which runs an SSH client for logging
        on to soda.  Does that page still exist?  Can someone remind me of the
        URL please?  Thx.
        \_ what do you mean? instruction on how to ssh into soda?
           \_ No I think he means the ssh applet, which, iirc, was an applet
              that implemented an ssh v1 client.  I think this page went away
	...

8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...

7/13    Why would Yahoo store passwords unencrypted?  I recall that even 20+
        years ago the passwords stored in /etc/passwd on instructional
        machines here at Cal were one-way encrypted.  (I think those were
        Ultrix machines.)
        \_ Doesn't this say anything already?
           http://finance.yahoo.com/echarts?s=YHOO+Interactive#symbol=yhoo;range=5y
	...

7/18    "Largest penis record holder arouses security suspicions at airport"
        http://www.csua.org/u/x2f (in.news.yahoo.com)
        \_ I often have that same problem.
        \_ I think the headline writer had some fun with that one.
           \_ One time when I glanced over a Yahoo News headline "U.S. busts
              largest-ever identity theft ring" all I saw was "U.S. busts
	...