From owner-freebsd-hackers Sat Dec 23 2:15:31 2000 From owner-freebsd-hackers@FreeBSD.ORG Sat Dec 23 02:15:28 2000 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from spammie.svbug.com (unknown [198.79.110.2]) by hub.freebsd.org (Postfix) with ESMTP id 1388B37B402; Sat, 23 Dec 2000 02:15:28 -0800 (PST) Received: from spammie.svbug.com (localhost.mozie.org [127.0.0.1]) by spammie.svbug.com (8.9.3/8.9.3) with ESMTP id CAA21468; Sat, 23 Dec 2000 02:16:53 -0800 (PST) (envelope-from jessem@spammie.svbug.com) Message-Id: <200012231016.CAA21468@spammie.svbug.com> Date: Sat, 23 Dec 2000 02:16:51 -0800 (PST) From: opentrax@email.com Reply-To: opentrax@email.com Subject: Re: ssh - are you nuts?!? To: kris@FreeBSD.ORG Cc: davep@afterswish.com, freebsd-hackers@FreeBSD.ORG In-Reply-To: <20001222232807.A8092@citusc.usc.edu> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Sender: jessem@spammie.svbug.com Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 22 Dec, Kris Kennaway wrote: > On Sat, Dec 23, 2000 at 01:25:11PM +1300, David Preece wrote: >> At 15:37 22/12/00 -0800, you wrote: >> >> >The question asked is: why you believe ssh is beter >> >than say telnet. Or what advantages SSH has in general. >> >> Sorry, don't have time to reply to this properly. >> >> The main evil of ssh is that server authentication is not enforced, making >> mounting a man-in-the-middle attack basically trivial. > > Incorrect..the problems with SSH come down to flaws in the human > operator who ignore the warnings SSH gives them, and tell it > explicitly to do insecure things like connect to a server which is > suddenly not the one you're used to connecting to. > Are you stateing that one of the issues with SSH is a social issue and not a technical? > These flaws can be all but eliminated by telling SSH to not even give > the poor weak confused human the choice of answering yes to the > question, by setting of a simple configuration option. > > JMJr, a good place to start your talk on "The Evils of SSH" might be > the Pavlovian conditioning of humans to answer "Yes" to every question > a computer gives them..focus on the real problem here. > I'm giving your comments some consideration. Is there any other evidence that might help this type of arugement out? I've consider it, but it is a weak arguement and it really needs a solid foundation for presentation. Can you site(sp?) and specific studies or experiments that might aide in this area? Jessem. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message