Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 23 Dec 2000 02:16:51 -0800 (PST)
From:      opentrax@email.com
To:        kris@FreeBSD.ORG
Cc:        davep@afterswish.com, freebsd-hackers@FreeBSD.ORG
Subject:   Re: ssh - are you nuts?!?
Message-ID:  <200012231016.CAA21468@spammie.svbug.com>
In-Reply-To: <20001222232807.A8092@citusc.usc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 


On 22 Dec, Kris Kennaway wrote:
> On Sat, Dec 23, 2000 at 01:25:11PM +1300, David Preece wrote:
>> At 15:37 22/12/00 -0800, you wrote:
>> 
>> >The question asked is: why you believe ssh is beter
>> >than say telnet. Or what advantages SSH has in general.
>> 
>> Sorry, don't have time to reply to this properly.
>> 
>> The main evil of ssh is that server authentication is not enforced, making 
>> mounting a man-in-the-middle attack basically trivial.
> 
> Incorrect..the problems with SSH come down to flaws in the human
> operator who ignore the warnings SSH gives them, and tell it
> explicitly to do insecure things like connect to a server which is
> suddenly not the one you're used to connecting to.
> 
Are you stateing that one of the issues with SSH is
a social issue and not a technical?

> These flaws can be all but eliminated by telling SSH to not even give
> the poor weak confused human the choice of answering yes to the
> question, by setting of a simple configuration option.
> 
> JMJr, a good place to start your talk on "The Evils of SSH" might be
> the Pavlovian conditioning of humans to answer "Yes" to every question
> a computer gives them..focus on the real problem here.
> 
I'm giving your comments some consideration. 
Is there any other evidence that might help this type of
arugement out?  I've consider it, but it is a weak arguement
and it really needs a solid foundation for presentation.

Can you site(sp?) and specific studies or experiments
that might aide in this area?

				Jessem.





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200012231016.CAA21468>