Yes, techonology will change, but the IT guy will still do what the IT guy does, fix all the problems that nobody else can. People will still get virus's and trojans and need new hardware. Yes, I believe that we may get to the point that we might be able to have cloud data, but to keep that data secure and encrypted (or just secure) is going to require VPNs and other tech. I don't really want to put my company's source code out there for the cloud to see (I'm sure all the cloud is secure and nobody could possibly mount my drives or make a clone of my machine). I can't tell you how many times I've had to help the same people over and over again with the same task, e.g. set up email, provide a link and/or password, print to a printer that doesn't work, set up a mobile device, backup or restore a computer.

In the 18 years I've been doing IT, the day-to-day tasks haven't really changed all that much.

Does your domain-validated cert use the same cert that one of the big companies that gave a signing cert to the U.A.E.?

Linux, no matter how secure you think it is...

My Mozilla comment was that if the opensource community starts, MS may follow suit. MS's caching DNS server accepts DNSSEC keys (though I'm not sure if it validates).

It is happening. .gov has been signed. .com has been signed. .org has been signed. Many ccTLDs are signed. It'll just take a bit more time, like IPv6.

Since I still work for a DNSSEC company, there is a lot of interest. It's just taking the time for the investment. Do you buy proprietary or opensource? If you opensource, are you doing it right?

Since there are not enough .com domains signed, there's really no need to put it in the browser yet. Though I'm sure Mozilla will figure it out (or at least Chrome will).

IA64 is not x86 (though it can do x86). That seems to be the problem people have with it, i.e. ignorance of what it is.

We have computers that can, for all intents and purposes, replace the TV and stereo. We have phones that can, in some instances replace a computer. We have cameras that keep getting more megapixels but the noise issue is back-burnered. We have cars that, while styling has changed, haven't really changed. We have TV's that only seem to be able to play "reality" programs and sports. We lock into a game console that hasn't been updated in years. We have kitchen gadgets that sit there as we go out to eat. How much more do we need?

The problem is is that we've overbought and if we take a moment to look at it all, how much of it is important? The answer, my smartphone.

I haven't paid my account for a few months now and I'm really debating to spend the money on Cataclysm. When I got my first dread steed at level 40 and then amount of money and time I had to spend and never got to get the level 60 dread steed, I was a bit torqued regarding the ability to get it after taking a few months off at that point.

If anything, Blizzard should have 2 modes, stupid-easy mode with all the new "wonderments" and regular mode with all the original requirements.

Of course, that presumes a purely random one-time pad.

The problem there is that if you take a lot of pictures at your location you want blacked out, eventually, a scattered plot of image locations would show up and the more you take, the more exact you could get on locating the location.

Why not just have a camera setting that says "Do not record geotag data within 1 minute of my selected location(s)"? Seems that would be the easiest fix. No extra processing needed.

Probably wouldn't switch over to TCP for that response. If the signature were larger though.

dig @x.x.x.x www.dol.gov

Results size, 115 bytes

dig +dnssec @x.x.x.x www.dol.gov

Results size 293 bytes.

That's why there could be a perceived slow-down, particularly over a 2400 baud modem.

Under the flags section, a signed and validated record will have the ad bit set.

Don't know what happened to the nice formatting above.

Here are a couple results. As you can see, when you request the signed dol.gov, you get a bigger response, i.e. not UDP, but TCP.

dig @x.x.x.x www.dol.gov

; > DiG 9.7.0-P1 > @x.x.x.x www.dol.gov
; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER> DiG 9.7.0-P1 > +dnssec @x.x.x.x www.dol.gov
; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER- opcode: QUERY, status: NOERROR, id: 46373 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1452 ;; QUESTION SECTION: ;www.dol.gov. IN A ;; ANSWER SECTION:
www.dol.gov. 889 IN CNAME www.dol.gov.edgekey.net.
www.dol.gov. 889 IN RRSIG CNAME 7 3 900 20100816030022 20100717030022 50870 dol.gov. l725oDYX1Hyn8KlBxARPtDfB/U4sbuGI/vCF5E23Iy4tANYpU/MY0vZU XgRDpqoVziXSqVw4v9bPGxifzK6e8Sz3Vb3Y0NddidI709YvvblSIKlk cYgvuEcefavrb9oxHfCpy2wewC6m0XDB4sQkaOpbNv6OSxX+ScEhTPrI CZM=
www.dol.gov.edgekey.net. 21589 IN CNAME e1617.b.akamaiedge.net.
e1617.b.akamaiedge.net. 9 IN A 96.7.22.185 ;; Query time: 71 msec ;; SERVER: x.x.x.x#53(x.x.x.x) ;; WHEN: Sat Jul 17 08:20:18 2010 ;; MSG SIZE rcvd: 293

Since you are dealing with public-key cryptography, your private keys have to be maintained as private. That's not so difficult if you have a machine that's not connected to the Internet. If your private key-signing key got out, your signatures could easily be compromised. Then you sneeker-net the zone-signing keys over and sign your zones. Not too difficult if you follow the NIST 140 page manual.

Of course, a machine that could do all the work for you would be what's best.

Actually, iTunes is as expensive and probably more expensive for music then buying CDs. Granted, you're given the privilege of not having to buy a whole CD. If iTunes pricing were fair, music would cost about $0.10/minute, i.e. 80 minute CD = $8.00, i.e. about half the price of the physical media. Movies and TV shows that are delivered on DVD after the fact should be less expensive, overall, then the price of the physical media package. Since I can rent a movie at RedBox for $1.00, shouldn't I be able to get the same copy from some company server for a lesser price.

The problem is, the idea of giant profit just because it's convenient and over that new fangled thing called the Intertubeswebnet, is the wrong business model. The Internet is on par with CD technology and should be rather inexpensive to utilize it by now.

Copyright that last forever is the problem here.

Current U.S. copyright for an individual is life plus 70 years and for a corporation 95 years. Since both of those are longer then the U.S. life expectancy, copyright is now infinite. I guess Jack Valenti got his wish.

If the roots signed and then .com signed, there would be some benefits over time as more and more domains sign their zones. If there was some policy as to getting the signing key from the parent, exammple.com may not be able to validate with DNSSEC and the ignorant might be a little more secure. The more that sign, the less spam you might get from a botnet or some spam house.

There are benefits and when only a few people have