Where I keep my spare cats.

Whisky-dave
Tue, 23
May 2017 09:12:58 GMT in rec.photo.digital, wrote:

On Monday, 22 May 2017 17:41:21 UTC+1, Diesel wrote:
Whisky-dave
Mon,
22 May 2017 09:49:19 GMT in rec.photo.digital, wrote:

It wasn't
written for your mac. So, your example, is a bad one.

Unless my mac was running gone of the emulators I have run in
the past.

It would affect the virtual environment your emulator provided
for it, then...It wouldn't be able to do much of anything with
your mac file system, or mac specific files within it.

Yea I know, been there done that, but I wouldfnlt worry as I'd
just unstuff the previous image and I;d be up and running again in
an hour or so.

Why would it take an hour or so?

But most people want their computers to do useful things for tehn
not just run an OS and marvel at it.

My linux based computers do useful things for me on a daily basis...



The poster of the link isn't the one who creates the
scripts dropbox uses, so what does trusting the poster have
to do with my question?

everything. Just like lending someone yuor car, computer or
anything else.

I fail to see the comparison.

That's obvious.

So the comparison I'm missing is?

Trust. Something that has no SI unit .

Again, how can you invoke trust if the user doesn't have any control
over the scripts dropbox uses? Trusting the user is fine and dandy,
but since they have no control over the scripts or their
programming, what good does it do you?

So again, I'll ask, since the user you
trust has no control over any of the scripts dropbox uses,
what difference does it make if you know the person or not?

same way I'd decide whether or not to lend someone money or a
car or camera or computer.

Are you having trouble understanding what I wrote? As, your
response to my question makes no sense.

your question is nosense.

No, it's not. I'm asking why you feel trust has any bearing on this
when the user you know has no control over the scripts dropbox uses
anymore so than the stranger you don't know, and, thus, don't trust.

So, how exactly does trust play an active role in your decision? If
one or more scripts are compromised, it doesn't matter who you trust
or don't trust at that point. The stranger and someone you know have
the same problem; they have no control over the scripts in use.



My site does NOT interact with you, offers a program that was
always free and has been discontinued for years now. there's
no incentive or reason otherwise to deal with paying for a
cert and encrypting the data. So again, you might want to
review the HTTPS link I provided you previously from slashdot
if you actually want the technical specifics on it. I suspect,
though, you could care less. As, it's likely beyond your
limited understanding. After all, you think a .zip file by
itself, is dangerous.

I don't trust such files from unkown sources.

As I told you, My domain has no secure areas for you to visit.
There's no valid reason for me to use HTTPS. Do you need to
research what a 'secure area' is?

couldn't care less not interersted.

But! You thought HTTPS made the site 'safe', now you don't want
to know why your comment wasn't accurate?

Safer than a site that doesn't.

If the site has no sensitive or secure areas, it makes little
difference. What you're actually experiencing is known as a false
sense of security. You're assuming that because such and such site
has HTTPS enabled, that it's automatically safer/more secure than
one that doesn't use it. Which is not the case. HTTPS enabled sites
have been hacked. They have been used to spread malware. HTTPS has
no control over that. Which isn't the fault of HTTPS, since it was
never designed for controlling that in the first place.

Like people that dont want to leant ho to aviod getting virus
scammed spammed and possibly be watched via insecure connections.
Rahter than thos ethat think they are clever by running old and
outdated software that is vunerable.

Can you cite any examples of a virus being able to infect you simply
by downloading and unzipping a .zip file, while doing nothing else?
Short of using a vulnerable archiving tool? Even one?

Although it's true that your ISP, etc, cannot view the contents of
your HTTPS established session, they can see that you connected to
such and such site. They just can't view the communications that
followed, directly. Which makes it useful if the site interacts with
you in a sensitive manner, such as online banking.

HTTPS hasn't always been as 'secure' as you seem to think though. It
has been exploited due to vulnerabilities discovered a decade prior
to the first proof of concept code:

http://www.infoworld.com/article/262...en-hacked.html

Certificate forgery/unauthorized copying has been an issue (and to
some extent, still is) too:

https://news.netcraft.com/archives/2...-internet.html

As I wrote, previously, you're enjoying a false sense of security
because you think if a site is HTTPS enabled, it's somehow 'secure'
and that's not always the case.

https://www.sslsupportdesk.com/tag/f...vulnerability/

The site itself could be using HTTPS and still contain malware
unknown to your defenses. Further, an HTTPS enabled site could be
'hacked' and still have HTTPS enabled. This isn't the fault of HTTPS
itself though, as it wasn't designed to prevent or detect such
unwanted changes to the site itself.

As I said, it provides a false sense of security if you blindly
trust the site simply because it's HTTPS enabled.


--
I would like to apologize for not having offended you yet.
Please be patient. I will get to you shortly.