archinal's comments

You bet they do! In the past I have had to manually install my company's certificates as a root CA. The annoying thing was that the certs they use are expired and use SHA-1, so I also had to explicitly tell my browser to trust expired/unsafe certificates as well. All in the name of increased security!

Veracrypt seems to be perfect for me! Thanks for your help

I'd like to be able to encrypt at the journal level so the encrypted "book" could have the potential to be synced to Dropbox or the like. I don't really need anti-NSA level encryption, more just a measure to (for example) stop guests from reading the content if I leave my machine on at home.

That's an interesting point about pen and paper!

That's really helpful, thank you! Is Truecrypt only for Windows machines though? A quick search hasn't turned up anything about Mac/Linux support, but I could be missing something.

This was a funny one to read. I worked at Atlassian for around a year, focussing mainly on this onboarding process.

When I started, the provisioning delay was about 7 minutes and the loading screen was actually first just a 404 error and then just a static page saying something like "please wait while this gets set up" (no progress bar and no redirect on completion).

It's funny knowing that has been one of the biggest onboarding advancements and it's still being seen as a flaw.

The article highlights a great apology made by Amtrak CEO Joe Boardman after the train accident that killed and injured multiple people. Do you feel that he should have resigned following that?

In that case, I feel that although he was the right person to make the apology, it's not necessarily his own personal fault, nor would his resignation help make amends.

The index page load took over 10 seconds for me, which is about 8 seconds too long.

I believe that water temperature is extremely important as well.

Maybe they changed the blog post after you read it, but they link to their github repo (https://github.com/facebook/relay) and the NPM registry (https://www.npmjs.com/package/react-relay/)

Don't you need the z flag as well since filename is gzipped?

The key difference between those two issues though is that the goal of sex education (and "abstinence") is to prevent unsafe sex/unwanted pregnancy. When it comes to guns, however, the goal should be to prevent gun usage in general, not to encourage "safe gun usage".

Although this doesn't explicitly relate to your product, it would be better to have duskjs.com as an Alias of ss15-fliptables.divshot.io rather than just redirecting to it. Getting redirected to such a weird website name feels a bit Phishy.

Semantically, an issue with posting links instead of files is that your users then need to go ahead and upload the file somewhere manually. HipChat takes care of this by adding the file to an S3 bucket when you drag it into the client. Way less hassle, especially for non-technical users.

> The problem with using any standard algorithm like that is that the algorithm becomes your password.

That's not true at all. The press released linked in this thread, for example, is very open that they use 100,000 rounds of PBKDF2-SHA256 to encrypt their passwords. That's a very standard algorithm. The security it provides is not its obscurity, but rather that the only way to check against an output hash is the naive brute force method which takes a long time - impractically long for attackers to try to brute force.

But if your password for foo.com is 10,000 rounds of PBKDF2-SHA256(foo-hunter2-XYZ) and so on, this is extremely effective.

You can certainly use JIRA just for feature tracking if you like - it even lets you let your customers view progress/comment on the issues themselves

An interesting exchange in the comments on this post:

> Sagar Kamat: Mark The aspect of Internet.org that is in conflict with Net Neutrality is that FB chooses which services are offered for free to the users. That's an attractive way of getting new users hooked onto popular services. Why not just sponsor a certain data cap for users instead and let them decide which services they want to use? That will be in line with ur vision of internet for all as well as Neutral

> Mark Zuckerberg: We actually don't choose the services by ourselves. We work with local governments and the mobile operators to identify local services in each country.

> Cheenu Madan: So Mark, can you explain then how internet.org works in India? Did Reliance choose the services? Why then, Bing Search over Google Search (clearly better) for example?

Can I ask why that would be a problem? You can actually host HipChat yourself (behind your own firewall), which seems like a great asset against this kind of breach.