Computer build lists Cisco Comcast FCC Intel Microsoft Network Management Network Neutrality Security Verizon
Written by: George Ou 8/18/2008 9:26 PM
I just spent an hour trouble shooting my mother's computer over the phone. Apparently, all the certificates were throwing up errors and giving the scary message that someone might be hijacking your computer session. One thing I forgot to check was the date on the computer which got reset and the date mismatch was forcing every secure website to report scary messages. This is one of those things I just want to scream at Microsoft developers for in the way they changed Internet Explorer 7. IE6 use to tell you if the certificate was legitimate but it had a bad date which easily tipped you off. Now Microsoft gives you an inline web message that doesn't let you inspect the certificate unless you hit continue anyways accept the certificate. Like many things in Windows Vista, Microsoft has crippled and dumb down the new interface making it far less useful. Windows XP use to have a simple status on the network connection icon which lets you see the IP address and now I have to bark out start-run-cmd-ipconfig orders letter by letter whenever I'm doing troubleshooting. Just wait till we get IPv6 when we get to bark out those long 128-bit addresses instead of the simple 32-bit address and I'm glad I'm not doing helpdesk support. The fundamental problem with the web browser and SSL is that the browser allows the user to ignore the certificates at all an no amount of green-lit extended trust nonsense is going to fix that. The whole certificate expiration thing was a horrible tradeoff that makes the system unfriendly and expensive because you're forced to spend hundreds of dollars a year on certificates. The system is prioritized on making certificate authorities rich and consumer security comes second. It's not that I have a problem with companies making a profit, but the whole certificate business model of forcing you to buy every single certificate rather than delegate a signing authority to your domain like DNSSEC is just too draconian. Anyhow, that's my fuming for the day.
I just spent an hour trouble shooting my mother's computer over the phone. Apparently, all the certificates were throwing up errors and giving the scary message that someone might be hijacking your computer session. One thing I forgot to check was the date on the computer which got reset and the date mismatch was forcing every secure website to report scary messages.
This is one of those things I just want to scream at Microsoft developers for in the way they changed Internet Explorer 7. IE6 use to tell you if the certificate was legitimate but it had a bad date which easily tipped you off. Now Microsoft gives you an inline web message that doesn't let you inspect the certificate unless you hit continue anyways accept the certificate. Like many things in Windows Vista, Microsoft has crippled and dumb down the new interface making it far less useful.
Windows XP use to have a simple status on the network connection icon which lets you see the IP address and now I have to bark out start-run-cmd-ipconfig orders letter by letter whenever I'm doing troubleshooting. Just wait till we get IPv6 when we get to bark out those long 128-bit addresses instead of the simple 32-bit address and I'm glad I'm not doing helpdesk support.
The fundamental problem with the web browser and SSL is that the browser allows the user to ignore the certificates at all an no amount of green-lit extended trust nonsense is going to fix that. The whole certificate expiration thing was a horrible tradeoff that makes the system unfriendly and expensive because you're forced to spend hundreds of dollars a year on certificates. The system is prioritized on making certificate authorities rich and consumer security comes second. It's not that I have a problem with companies making a profit, but the whole certificate business model of forcing you to buy every single certificate rather than delegate a signing authority to your domain like DNSSEC is just too draconian.
Anyhow, that's my fuming for the day.
7 comments so far...
Re: Be sure to check the clock whenever there are many certificate errors Hey, is this like an Adrian Friday Rant, except a different day and a different person? ;)Anyhow your points are well taken, just an FYI to those who care,you can open your command window and click on the window's properties--under Edit Mode, make sure the 'Quick Edit Mode' is checked, then save.That way whenever your cmd window is open and you want to copy anything from the screen, e.g., the ip address, just double-click and it will copy as indicated by the reverse video attribute highlight.You can then right-click your mouse to paste the copied text.Tip of the Day.P.S. I haven't seen your rebuttal over at my website yet George re Protectionism. Reminder use your Gmail account! ;)Have a great day.
Re: Be sure to check the clock whenever there are many certificate errors
Hey, is this like an Adrian Friday Rant, except a different day and a different person? ;)Anyhow your points are well taken, just an FYI to those who care,you can open your command window and click on the window's properties--under Edit Mode, make sure the 'Quick Edit Mode' is checked, then save.That way whenever your cmd window is open and you want to copy anything from the screen, e.g., the ip address, just double-click and it will copy as indicated by the reverse video attribute highlight.You can then right-click your mouse to paste the copied text.Tip of the Day.P.S. I haven't seen your rebuttal over at my website yet George re Protectionism. Reminder use your Gmail account! ;)Have a great day.
Clock and Licensing Errors I myself have run into the clock problems at my work place. We had a licensing server which kept claiming that there was no valid license for the application even though the application ran on the network and the application had a site license. Some one had adjusted the calendar a year in advance. Though George griped about Vista while he normally praises it, I will praise it instead of gripe about it. I am glad that they have the calendar widget as it saves many users from using the system clock as a calendar tool. Now only if it tied in with Lotus Notes and Outlook, (It may, I don't know, because I have used Vista all of 8 times had loathed it each time as I was usually trying to find the cursed network settings much like George had exclaimed here. There will be another day, a new Windows Operating System and a learning curve that takes about 4 years.
Clock and Licensing Errors
I myself have run into the clock problems at my work place. We had a licensing server which kept claiming that there was no valid license for the application even though the application ran on the network and the application had a site license. Some one had adjusted the calendar a year in advance. Though George griped about Vista while he normally praises it, I will praise it instead of gripe about it. I am glad that they have the calendar widget as it saves many users from using the system clock as a calendar tool. Now only if it tied in with Lotus Notes and Outlook, (It may, I don't know, because I have used Vista all of 8 times had loathed it each time as I was usually trying to find the cursed network settings much like George had exclaimed here. There will be another day, a new Windows Operating System and a learning curve that takes about 4 years.
Re: Be sure to check the clock whenever there are many certificate errors you know george, all during the vista beta i used this term, "crippled and dumb down the new interface " and they didn't listen. i also told them that removing this was stupid (Windows XP use to have a simple status on the network connection icon which lets you see the IP address), and they didn't listen.and it takes more clicks to change the time in vista than it did it xp. they made some really ill-advised decisions in vista, these are only 3 of them, and they're now getting ripped over them.
you know george, all during the vista beta i used this term, "crippled and dumb down the new interface " and they didn't listen. i also told them that removing this was stupid (Windows XP use to have a simple status on the network connection icon which lets you see the IP address), and they didn't listen.and it takes more clicks to change the time in vista than it did it xp. they made some really ill-advised decisions in vista, these are only 3 of them, and they're now getting ripped over them.
Re: Be sure to check the clock whenever there are many certificate errors Thanks Dietrich. I might add changing the CMD buffer to 1000 lines long is very helpful too, but you really should be using SSH (your favorite) to console in to routers or servers for security reasons. I think they got rid of Telnet on the default Vista install which is actually a good thing since Telnet should die.Nucrash, I think it's more than just a learning curve issue. The new interface has more clicks to go through and some useful things like Network Status is simply gone.Gary, I agree with you.
Thanks Dietrich. I might add changing the CMD buffer to 1000 lines long is very helpful too, but you really should be using SSH (your favorite) to console in to routers or servers for security reasons. I think they got rid of Telnet on the default Vista install which is actually a good thing since Telnet should die.Nucrash, I think it's more than just a learning curve issue. The new interface has more clicks to go through and some useful things like Network Status is simply gone.Gary, I agree with you.
GUI Updates to Vista While I don't much care for the new GUI of Vista, I do remember a time when I thought the changes to the start menu were annoying. The difference between the two however, is that I could see the usefulness of the menu changes in XP. I have yet to think of why the interface in Vista has been dumbed down.
GUI Updates to Vista
While I don't much care for the new GUI of Vista, I do remember a time when I thought the changes to the start menu were annoying. The difference between the two however, is that I could see the usefulness of the menu changes in XP. I have yet to think of why the interface in Vista has been dumbed down.
Re: Be sure to check the clock whenever there are many certificate errors I do like the new Vista start menu and the fact that you can type a few letters to find the app you're looking for.
I do like the new Vista start menu and the fact that you can type a few letters to find the app you're looking for.
Re: Be sure to check the clock whenever there are many certificate errors "I do like the new Vista start menu and the fact that you can type a few letters to find the app you're looking for." I've been enjoying that functionality in some form or another for over a decade. But then I'd don't use Windows. Also why would you be complaining about changes to IE when everyone from Consumer Reports to that kid down the street says you should not be using it all?
"I do like the new Vista start menu and the fact that you can type a few letters to find the app you're looking for." I've been enjoying that functionality in some form or another for over a decade. But then I'd don't use Windows. Also why would you be complaining about changes to IE when everyone from Consumer Reports to that kid down the street says you should not be using it all?
Adrian's PC Doctor blog Deb Shinder's blog Deb Shinder on Vista Dietrich T. Schmit on Linux Erratasec blog - Security Ed Bott on Microsoft Jason Hiner's blog John Carroll Justin James' developer blog Matt Sherman's blog Martin McKeay Paul Mah, Tech at play Richard Bennett's blog Sunbelt Blog - Security Tom Shinder on ISA Tom Shinder on security ZDNet - Zero day Rich Tehrani - VoIP