In message <201712150610.vbf6ail0073...@donotpassgo.dyslexicfish.net>,
Jamie La
ndeg-Jones writes:
> Gordon Tetlow wrote:
>
> > I want to move the default for svn to be HTTPS. This would mean setting
> > up a redirect on http://svn.freebsd.org -> https://svn.freebsd.org. For
>
> Blimey! You're ei
In message <20171215050430.gt9...@gmail.com>, Gordon Tetlow writes:
>Running a Root CA brings a huge amount of baggage and we are not mature
>enough in policy to build in a manner that would align with established
>practice for running a Root CA.
Since we would not be protecting People W
Gordon Tetlow wrote:
> I want to move the default for svn to be HTTPS. This would mean setting
> up a redirect on http://svn.freebsd.org -> https://svn.freebsd.org. For
Blimey! You're either very brave, or haven't read the thread fully! :-)
___
freebsd
On Wed, Dec 13, 2017 at 01:29:26PM -0800, Peter Wemm wrote:
> On 12/12/17 5:38 PM, Yuri wrote:
> > On 12/12/17 16:37, Peter Wemm wrote:
> >> I think you're missing the point. It is a sad reality that SSL/TLS
> >> corporate
> >> (and ISP) MITM exists and is enforced on a larger scale than we'd lik
On 12/12/17 5:38 PM, Yuri wrote:
On 12/12/17 16:37, Peter Wemm wrote:
I think you're missing the point. It is a sad reality that SSL/TLS
corporate
(and ISP) MITM exists and is enforced on a larger scale than we'd like. But
it is there, and when mandated/enforced you have to go through the MIT
13.12.2017 7:13, Yuri пишет:
> On 12/12/17 11:56, Eugene Grosbein wrote:
>> https://wiki.squid-cache.org/Features/SslPeekAndSplice
>>
>> You either ignore MITM and proceed with connection anyway or have no
>> connectivity via this channel at all.
>
>
> When the user sees that SSL/TLS is stripped
Dag-Erling Smørgrav wrote:
Michelle Sullivan writes:
Dag-Erling Smørgrav writes:
Banks and financial institutions have whole teams working 24/7 [...]
No.
I was describing a fact, not opining or speculating.
So was I.
I know these
people, I talk to them regularly and meet with them at
Michelle Sullivan writes:
> Dag-Erling Smørgrav writes:
> > Banks and financial institutions have whole teams working 24/7 [...]
> No.
I was describing a fact, not opining or speculating. I know these
people, I talk to them regularly and meet with them at industry events.
Sorry to hear you're n
On 12/12/17 16:37, Peter Wemm wrote:
I think you're missing the point. It is a sad reality that SSL/TLS corporate
(and ISP) MITM exists and is enforced on a larger scale than we'd like. But
it is there, and when mandated/enforced you have to go through the MITM
appliance, or not connect at all.
On Tuesday, December 12, 2017 04:13:48 PM Yuri wrote:
> On 12/12/17 11:56, Eugene Grosbein wrote:
> > https://wiki.squid-cache.org/Features/SslPeekAndSplice
> >
> > You either ignore MITM and proceed with connection anyway or have no
> > connectivity via this channel at all.
> When the user sees t
On 12/12/17 11:56, Eugene Grosbein wrote:
https://wiki.squid-cache.org/Features/SslPeekAndSplice
You either ignore MITM and proceed with connection anyway or have no
connectivity via this channel at all.
When the user sees that SSL/TLS is stripped, this isn't a vulnerability
of the protocol
On 13.12.2017 01:52, Yuri wrote:
> On 12/10/17 12:45, Eugene Grosbein wrote:
>> No, they don't. You get into MITM and then you have a choice: ignore and run
>> your connection anyway
>> or have no connectivity at all (using this channel). Both are bad, so don't
>> use such a channel from the begi
Dag-Erling Smørgrav wrote:
Michelle Sullivan writes:
User gets an email saying his banking details are compromised, and to
update them now. User clicks the link and gives banking details to
phishing site as well as having a keylogger and rootkit installed
during the process. User has bank acc
On 12/10/17 12:45, Eugene Grosbein wrote:
No, they don't. You get into MITM and then you have a choice: ignore and run
your connection anyway
or have no connectivity at all (using this channel). Both are bad, so don't use
such a channel from the beginning.
No, MITM of https with the private
On Tue, Dec 12, 2017 at 06:22:19PM +0100, Jan Bramkamp wrote:
>
> On 12.12.17 15:28, Poul-Henning Kamp wrote:
> > For the FreeBSD SVN tree, this could almost be as simple as posting
> > an email, maybe once a week, with the exact revision checked out
> > and the PGP signed output of:
> >
> >
On Tue, 12 Dec 2017 14:28:08 + "Poul-Henning Kamp"
wrote:
>
> For the FreeBSD SVN tree, this could almost be as simple as posting
> an email, maybe once a week, with the exact revision checked out
> and the PGP signed output of:
>
> svn co ... && find ... -print | sort | xargs cat | s
On 12.12.17 15:28, Poul-Henning Kamp wrote:
For the FreeBSD SVN tree, this could almost be as simple as posting
an email, maybe once a week, with the exact revision checked out
and the PGP signed output of:
svn co ... && find ... -print | sort | xargs cat | sha256
Such an archive would
In message <864lovhpvr@desk.des.no>, =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= w
rites:
>Let me rephrase: it's not just the source of the key or certificate, but
>the path from that source to you. There is *always* some level of blind
>trust, and all your suggestion does is move it from o
"Poul-Henning Kamp" writes:
> "Dag-Erling Smørgrav" writes:
> > Your suggestion does not remove implicit and possibly misplaced
> > trust, it just moves it from one place to another. Instead of
> > trusting a certificate authority and DNS, you trust the source of
> > the public key, and probably
In message <6fff232c-65c0-34bc-a950-0e79eda02...@denninger.net>, Karl Denninger
writes:
>> As I mentioned humoursly to you in private email, I don't think
>> this particular problem will reach consensus any sooner if you
>> also tangling it in the SVN vs GIT political issue.
>
>Fair eno
On 12/12/2017 08:28, Poul-Henning Kamp wrote:
>
> In message , Karl
> Denninger
> writes:
>
>> Now the question becomes this -- is the proper means to handle this via
>> TLS (using that root cert) OR should the *transport* be fixed so that
>> https doesn't need to be used?
> I certainly
In message , Karl Denninger
writes:
>Now the question becomes this -- is the proper means to handle this via
>TLS (using that root cert) OR should the *transport* be fixed so that
>https doesn't need to be used?
I certainly would caution against inventing more encrypted transports
than
On 12/12/2017 06:59, Poul-Henning Kamp wrote:
>
> In message <86d13kgnfh@desk.des.no>, =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?=
> w
> rites:
>> "Poul-Henning Kamp" writes:
>>> The only realistic way for the FreeBSD project to implement end-to-end
>>> trust, is HTTPS with a self-signed ce
In message <86d13kgnfh@desk.des.no>, =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= w
rites:
>"Poul-Henning Kamp" writes:
>> The only realistic way for the FreeBSD project to implement end-to-end
>> trust, is HTTPS with a self-signed cert, distributed and verified
>> using the projects PGP-trus
"Poul-Henning Kamp" writes:
> The only realistic way for the FreeBSD project to implement end-to-end
> trust, is HTTPS with a self-signed cert, distributed and verified
> using the projects PGP-trust-mesh and strong social network.
Your suggestion does not remove implicit and possibly misplaced t
Michelle Sullivan writes:
> User gets an email saying his banking details are compromised, and to
> update them now. User clicks the link and gives banking details to
> phishing site as well as having a keylogger and rootkit installed
> during the process. User has bank account hacked. Where di
On Mon, Dec 11, 2017 at 12:18:27PM -0600, Karl Denninger wrote:
>
> On 12/11/2017 12:08, Matthew Finkel wrote:
> > On Mon, Dec 11, 2017 at 05:34:48PM +0100, WhiteWinterWolf wrote:
> >
> >> This is a reason why I personally like software and system updates to be
> >> served through HTTP instead of
On Mon, Dec 11, 2017 at 09:05:58PM +, Poul-Henning Kamp wrote:
>
> In message <20171211182031.jhgansyyw7xrk4il@localhost>, Matthew Finkel writes:
>
> >Most of the relays are in Europe now [...]
>
> Thank goodness nobody shady can rent cloud servers in Europe!
I'm glad you have a sen
On 12/11/17 14:40, Yonas Yanfa wrote:
I prefer HTTPS over HTTP as well, but wouldn't switching over to git
and using signed commits be even more secure than using HTTPS?
So far, nobody pointed out even one security flaw of using https
combined with the private CA. So no, they appear to be eq
On 12/11/2017 16:29, Jamie Landeg-Jones wrote:
Matthew Finkel wrote:
Why doesn't everyone have that option? Why is broadcasting a users information
across the internet forced upon them? Shouldn't they have a choice?
They do! HTTPS already exists!
This thread is about removing HTTP and forcin
Matthew Finkel wrote:
> Why doesn't everyone have that option? Why is broadcasting a users information
> across the internet forced upon them? Shouldn't they have a choice?
They do! HTTPS already exists!
This thread is about removing HTTP and forcing HTTPS - "Why should
HTTPS be forced upon the
John-Mark Gurney wrote:
> So you're fine w/ all the Comcast users having to switch ISPs? Because
> Comcast modifies traffic. So you're now saying that if you use FreeBSD
> you can't use Comcast as your ISP?
... or they could use HTTPS, which exists.
This thread started with the proposal to re
In message <20171211182031.jhgansyyw7xrk4il@localhost>, Matthew Finkel writes:
>Most of the relays are in Europe now [...]
Thank goodness nobody shady can rent cloud servers in Europe!
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
p...@freebsd.org | TCP/IP since RFC 9
Karl Denninger wrote:
Advocating the FORCING of https is IMHO utterly ridiculous for the
reasons I pointed out.
This is an important point. Given the differences of opinion noted here
there is no good reason not to allow sites to sync over the protocol of
their choosing. Of course signed data
On Sun, Dec 10, 2017 at 07:57:14PM +, Poul-Henning Kamp wrote:
>
> In message <898df78d-c0b1-9e9f-0630-2665c3939...@rawbw.com>, Yuri writes:
>
> >3. The user updated the sources through Tor and got hacked.
> >
> >Where did this user go wrong, or where has he been irresponsible?
>
> H
On 12/11/2017 12:08, Matthew Finkel wrote:
> On Mon, Dec 11, 2017 at 05:34:48PM +0100, WhiteWinterWolf wrote:
>
>> This is a reason why I personally like software and system updates to be
>> served through HTTP instead of HTTPS. You don't need to fetch the same
>> update for each environment each
On Mon, Dec 11, 2017 at 05:34:48PM +0100, WhiteWinterWolf wrote:
> Hi,
>
> Le 11/12/2017 à 16:08, Christian Weisgerber a écrit :
> > Do users actually exist who have access to http but not to https?
>
> I don't know about users, but caching is not possible anymore as soon
> you use end-to-end HTT
Hi,
Le 11/12/2017 à 16:08, Christian Weisgerber a écrit :
> Do users actually exist who have access to http but not to https?
I don't know about users, but caching is not possible anymore as soon
you use end-to-end HTTPS.
This is a reason why I personally like software and system updates to be
s
On 11 December 2017 at 16:06, Karl Denninger wrote:
SVN's shortcoming is that it does nothing for [integrity] on an inherent
> basis
> and this debate is thus about trying to use a tool that allegedly does
> three things when we really only need one of them.
>
This is precisely why I suggest
On 12/11/2017 09:16, Shawn Webb wrote:
> On Mon, Dec 11, 2017 at 03:08:37PM -, Christian Weisgerber wrote:
>> On 2017-12-08, Luke Crooks wrote:
>>
>>> The pull request was rejected for a valid reason, offering http allows
>>> users with limited network access chance to clone or download freebs
On Mon, Dec 11, 2017 at 03:08:37PM -, Christian Weisgerber wrote:
> On 2017-12-08, Luke Crooks wrote:
>
> > The pull request was rejected for a valid reason, offering http allows
> > users with limited network access chance to clone or download freebsd where
> > https is not possible.
>
> Do
On 2017-12-08, Luke Crooks wrote:
> The pull request was rejected for a valid reason, offering http allows
> users with limited network access chance to clone or download freebsd where
> https is not possible.
Do users actually exist who have access to http but not to https?
Or is this a myth?
John-Mark Gurney wrote:
Michelle Sullivan wrote this message on Fri, Dec 08, 2017 at 21:29 +1100:
Sorry you want to ensure a secure (trusted) connection you do it
yourself. You go through other nodes (switches and routers of the
So you're fine w/ all the Comcast users having to switch ISPs? B
In message <20171210225326.gk5...@funkthat.com>, John-Mark Gurney writes:
>IMO, all security needs to be node-to-node.
There's nothing "IMO" about that.
The end-to-end principle became a bed-rock foundation of all rational
networking with "End to End Arguments in System Design" in 1981
John-Mark Gurney wrote:
Igor Mozolevsky wrote this message on Sun, Dec 10, 2017 at 19:17 +:
On 10 December 2017 at 19:02, John-Mark Gurney wrote:
So, you require an exploit in the wild before you'll patch?
No, I'm saying it's not a realistic threat model! If the threat is the
integrity
Michelle Sullivan wrote this message on Mon, Dec 11, 2017 at 09:41 +1100:
> Yuri wrote:
> > On 12/10/17 10:15, Igor Mozolevsky wrote:
> >> They are not "hypothetical characters," they are invented characters
> >> that
> >> are used in a threat model. But that's reframing the problem- a
> >> hypoth
Yuri wrote:
On 12/10/17 11:36, Igor Mozolevsky wrote:
If I give my bank card and PIN to someone who I don't trust, I can't
complain that my bank doesn't take adequate precautions if that person
drains my bank account! You choose to go down a route that*you* know is
compromised!
1. The user ha
Yuri wrote:
On 12/10/17 10:15, Igor Mozolevsky wrote:
They are not "hypothetical characters," they are invented characters
that
are used in a threat model. But that's reframing the problem- a
hypothetical threat model is very different to a real threat model.
This is a very real threat model
11.12.2017 3:54, Yuri wrote:
>>> Modern encryption protocols allow you to send traffic over insecure
>>> networks and still maintain your security and privacy, so why not?
>> No, they don't. You get into MITM and then you have a choice: ignore and run
>> your connection anyway
>> or have no conn
11.12.2017 3:52, Franco Fichtner wrote:
>> On 10. Dec 2017, at 9:45 PM, Eugene Grosbein wrote:
>>
>> 11.12.2017 3:37, Yuri wrote:
>>
>>> On 12/10/17 11:37, Eugene Grosbein wrote:
Hmm, you should not pass your traffic through the network operated
by lots of malicious operators in first p
On 12/10/17 12:45, Eugene Grosbein wrote:
11.12.2017 3:37, Yuri wrote:
On 12/10/17 11:37, Eugene Grosbein wrote:
Hmm, you should not pass your traffic through the network operated
by lots of malicious operators in first place. No matter encrypted or not.
There are plenty of alternative ways.
> On 10. Dec 2017, at 9:45 PM, Eugene Grosbein wrote:
>
> 11.12.2017 3:37, Yuri wrote:
>
>> On 12/10/17 11:37, Eugene Grosbein wrote:
>>> Hmm, you should not pass your traffic through the network operated
>>> by lots of malicious operators in first place. No matter encrypted or not.
>>> There a
11.12.2017 3:37, Yuri wrote:
> On 12/10/17 11:37, Eugene Grosbein wrote:
>> Hmm, you should not pass your traffic through the network operated
>> by lots of malicious operators in first place. No matter encrypted or not.
>> There are plenty of alternative ways.
>
>
> Modern encryption protocols
On 12/10/17 11:37, Eugene Grosbein wrote:
Hmm, you should not pass your traffic through the network operated
by lots of malicious operators in first place. No matter encrypted or not.
There are plenty of alternative ways.
Modern encryption protocols allow you to send traffic over insecure
net
11.12.2017 2:23, Yuri wrote:
> On 12/10/17 10:15, Igor Mozolevsky wrote:
>> They are not "hypothetical characters," they are invented characters that
>> are used in a threat model. But that's reframing the problem- a
>> hypothetical threat model is very different to a real threat model.
>
>
> Th
In message <898df78d-c0b1-9e9f-0630-2665c3939...@rawbw.com>, Yuri writes:
>3. The user updated the sources through Tor and got hacked.
>
>Where did this user go wrong, or where has he been irresponsible?
He trusted Tor?
In 2006 Steven Murdochs "Hot or Not" work in TCP timers revealed
th
On 10 December 2017 at 19:47, Yuri wrote:
> On 12/10/17 11:36, Igor Mozolevsky wrote:
>
> If I give my bank card and PIN to someone who I don't trust, I can't
> complain that my bank doesn't take adequate precautions if that person
> drains my bank account! You choose to go down a route that **yo
On 10 December 2017 at 19:42, John-Mark Gurney wrote:
> Igor Mozolevsky wrote this message on Sun, Dec 10, 2017 at 19:17 +:
> No, I'm saying it's not a realistic threat model! If the threat is the
> > integrity of the source code in transit, then it'd be way cheaper and way
> > more rea
On 12/10/17 11:36, Igor Mozolevsky wrote:
If I give my bank card and PIN to someone who I don't trust, I can't
complain that my bank doesn't take adequate precautions if that person
drains my bank account! You choose to go down a route that*you* know is
compromised!
1. The user has set up the
Igor Mozolevsky wrote this message on Sun, Dec 10, 2017 at 19:17 +:
> On 10 December 2017 at 19:02, John-Mark Gurney wrote:
>
> > Igor Mozolevsky wrote this message on Sun, Dec 10, 2017 at 17:39 +:
> > > On 10 December 2017 at 17:32, John-Mark Gurney wrote:
> > >
> > >
> > >
> > > > The
On 10 December 2017 at 19:31, Yuri wrote:
> On 12/10/17 11:24, Igor Mozolevsky wrote:
>
> It seems the problem is **not** FreeBSD but Tor in your case!
>
>
> This is the problem of the weakest link in the system which is FreeBSD.
>
If I give my bank card and PIN to someone who I don't trust, I c
On 12/10/17 11:24, Igor Mozolevsky wrote:
It seems the problem is*not* FreeBSD but Tor in your case!
This is the problem of the weakest link in the system which is FreeBSD.
Yuri
___
freebsd-security@freebsd.org mailing list
https://lists.freebsd.
On 10 December 2017 at 19:23, Yuri wrote:
> On 12/10/17 10:15, Igor Mozolevsky wrote:
>
>> They are not "hypothetical characters," they are invented characters that
>> are used in a threat model. But that's reframing the problem- a
>> hypothetical threat model is very different to a real threat m
On 12/10/17 10:15, Igor Mozolevsky wrote:
They are not "hypothetical characters," they are invented characters that
are used in a threat model. But that's reframing the problem- a
hypothetical threat model is very different to a real threat model.
This is a very real threat model. There are a
On 10 December 2017 at 19:02, John-Mark Gurney wrote:
> Igor Mozolevsky wrote this message on Sun, Dec 10, 2017 at 17:39 +:
> > On 10 December 2017 at 17:32, John-Mark Gurney wrote:
> >
> >
> >
> > > The discussion has been for svn updates over http, not for
> freebsd-update
> > > updates w
Igor Mozolevsky wrote this message on Sun, Dec 10, 2017 at 17:39 +:
> On 10 December 2017 at 17:32, John-Mark Gurney wrote:
>
>
>
> > The discussion has been for svn updates over http, not for freebsd-update
> > updates which are independantly signed and verified.. There is currently
> > n
On 10 December 2017 at 18:01, Yuri wrote:
> On 12/10/17 09:51, Igor Mozolevsky wrote:
>
>> Hypothetical MITM-bogeyman and "suits not knowing that I use FreeBSD"
>> doesn't make SVN over HTTP insecure.
>>
>
>
> Read here about Alice and Bob: https://en.wikipedia.org/wiki/Alice_and_Bob
>
> Hypothet
On 12/10/17 09:51, Igor Mozolevsky wrote:
Hypothetical MITM-bogeyman and "suits not knowing that I use FreeBSD"
doesn't make SVN over HTTP insecure.
Read here about Alice and Bob: https://en.wikipedia.org/wiki/Alice_and_Bob
Hypothetical characters are commonplace in security discussions.
Yu
On 10 December 2017 at 17:46, Yuri wrote:
> On 12/10/17 09:39, Igor Mozolevsky wrote:
>
> There has been no instance of in-transit compromise reported since SVN was
> introduced.
>
> Even when the back-end was compromised, there was not detectable compromise
> of the codebase [1]. So even if the
In message <20171210174117.gg5...@funkthat.com>, John-Mark Gurney writes:
>> Comcast modifying traffic is a political problem.
>
>Please come the the US and solve this problem for us, since you appare
>to think that it's easy for people like me to solve.
I didn't use the word "easy".
--
On 10 December 2017 at 17:41, John-Mark Gurney wrote:
> Poul-Henning Kamp wrote this message on Sun, Dec 10, 2017 at 17:36 +:
> > >So you're fine w/ all the Comcast users having to switch ISPs? Because
> > >Comcast modifies traffic. So you're now saying that if you use FreeBSD
> > >you
On 12/10/17 09:39, Igor Mozolevsky wrote:
There has been no instance of in-transit compromise reported since SVN was
introduced.
Even when the back-end was compromised, there was not detectable compromise
of the codebase [1]. So even if the codebase was compromised, unless people
*really knew*
On 12/10/17 09:39, Igor Mozolevsky wrote:
There has been no instance of in-transit compromise reported since SVN was
introduced.
Even when the back-end was compromised, there was not detectable compromise
of the codebase [1]. So even if the codebase was compromised, unless people
*really knew*
Poul-Henning Kamp wrote this message on Sun, Dec 10, 2017 at 17:36 +:
>
> In message <20171210172127.gd5...@funkthat.com>, John-Mark Gurney writes:
> >Michelle Sullivan wrote this message on Fri, Dec 08, 2017 at 21:29 +1100:
> >> Sorry you want to ensure a secure (trusted) connection y
On 10 December 2017 at 17:32, John-Mark Gurney wrote:
>
> The discussion has been for svn updates over http, not for freebsd-update
> updates which are independantly signed and verified.. There is currently
> no signatures provided via SVN to validate any source received via http.
>
>
There
In message <20171210172127.gd5...@funkthat.com>, John-Mark Gurney writes:
>Michelle Sullivan wrote this message on Fri, Dec 08, 2017 at 21:29 +1100:
>> Sorry you want to ensure a secure (trusted) connection you do it
>> yourself. You go through other nodes (switches and routers of the
>
Igor Mozolevsky wrote this message on Wed, Dec 06, 2017 at 15:04 +:
> On 5 December 2017 at 23:18, RW via freebsd-security <
> freebsd-security@freebsd.org> wrote:
>
> > On Tue, 5 Dec 2017 14:08:49 -0800
> > Gordon Tetlow wrote:
> >
> >
> > > Using this as a reason to not move to HTTPS is a fa
Michelle Sullivan wrote this message on Fri, Dec 08, 2017 at 21:29 +1100:
> Sorry you want to ensure a secure (trusted) connection you do it
> yourself. You go through other nodes (switches and routers of the
So you're fine w/ all the Comcast users having to switch ISPs? Because
Comcast modifi
Eugene Grosbein wrote this message on Wed, Dec 06, 2017 at 04:04 +0700:
> 06.12.2017 3:59, Yuri wrote:
>
> > It's understood that a lot of arguments can be made for and against this,
> > like with any other issue, but security argument should outweigh most or
> > all other arguments.
>
> It is i
In message <20171208142616.u56ntsf4zx5ns2ey@mutt-hbsd>, Shawn Webb writes:
>It really is a sad state that governments feel they must subvert
>secure communications channels used by citizens. I agree with you
>there.
And it really is a sad state when rabid IT-liberalists don't see
any pro
On 8 December 2017 at 14:26, Shawn Webb wrote:
Please note that this is likely to be my only contribution to this
> thread.
>
> What if FreeBSD generated its own CA for use with critical
> infrastructure, like the svn repo.
Nobody has yet offered a concrete threat model that requires such
On Fri, Dec 08, 2017 at 02:07:13PM +, Poul-Henning Kamp wrote:
>
> In message <2a8d9a0a-7a64-2dde-4e53-77ee52632...@tjvarghese.com>, TJ Varghese
> w
> rites:
>
> >I'm curious as to your take on electronic banking.
>
> Good security is not "all or nothing", it is a carefully calibrat
In message <2a8d9a0a-7a64-2dde-4e53-77ee52632...@tjvarghese.com>, TJ Varghese w
rites:
>I'm curious as to your take on electronic banking.
Good security is not "all or nothing", it is a carefully calibrated
application of security measures to the problem at hand.
By forcing all web-traf
The pull request was rejected for a valid reason, offering http allows
users with limited network access chance to clone or download freebsd where
https is not possible. We all have differences of option on the matter and
having a flame war on a mailing list just gives the project a bad
reputation.
Yuri wrote:
On 12/07/17 15:16, Jason Hellenthal wrote:
The truly paranoid types that don’t want anyone to know they are
using FreeBSD apparently.
Honestly if they are that worried about http then get a private vpn
tunnel and run through that instead !
Some people aren't aware that they use
On 12/07/2017 10:50 PM, Poul-Henning Kamp wrote:
You can't have the latter without the former. Assertion of identity is
the only protection against MITM eavesdropping or tampering.
Or more generally:
If you dont/cant trust the other end, why would you trust them to
keep the communication sec
On Thu, Dec 07, 2017 at 10:26:06PM +, Poul-Henning Kamp wrote:
>
> In message <2a6d123c-8ee5-8e1e-d99b-4bce02345...@rawbw.com>, Yuri writes:
>
> >The unfortunate FreeBSD user who updated his source tree through
> >Tor [...]
>
> Why would anybody do that in the first place ?
Why doe
In message <83e44188-6e0d-13cc-4b80-d191ac010...@rawbw.com>, Yuri writes:
>On 12/07/17 15:16, Jason Hellenthal wrote:
>> The truly paranoid types that don’t want anyone to know they are using
>> FreeBSD apparently.
>>
>> Honestly if they are that worried about http then get a private vpn
On 12/07/17 15:16, Jason Hellenthal wrote:
The truly paranoid types that don’t want anyone to know they are using FreeBSD
apparently.
Honestly if they are that worried about http then get a private vpn tunnel and
run through that instead !
Some people aren't aware that they use http, and en
The truly paranoid types that don’t want anyone to know they are using FreeBSD
apparently.
Honestly if they are that worried about http then get a private vpn tunnel and
run through that instead !
> On Dec 7, 2017, at 16:27, Poul-Henning Kamp wrote:
>
>
> In message <2a6d123c-8ee5-8e
In message <2a6d123c-8ee5-8e1e-d99b-4bce02345...@rawbw.com>, Yuri writes:
>The unfortunate FreeBSD user who updated his source tree through
>Tor [...]
Why would anybody do that in the first place ?
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
p...@freebsd.org | TCP/
On 12/05/17 12:59, Yuri wrote:
I suggested this PR, but it got rejected:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=224097
http is insecure in its nature, and is an easy target for MITM. This
is why https should be preferred. http needs to be discontinued and
shut down because as long
In message <867etyzlad@desk.des.no>, =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= w
rites:
>Gordon Tetlow writes:
>> Assertion of identity and encryption in transit are separate issues. [...]
>
>You can't have the latter without the former. Assertion of identity is
>the only protection again
Gordon Tetlow writes:
> Assertion of identity and encryption in transit are separate issues. I
> do agree that identity is fundamentally broken with the existing CA
> system. I’m more interested in preventing tampering of data in
> transit. HTTPS is an easy way to do that.
You can't have the latt
On 5 December 2017 at 23:18, RW via freebsd-security <
freebsd-security@freebsd.org> wrote:
> On Tue, 5 Dec 2017 14:08:49 -0800
> Gordon Tetlow wrote:
>
>
> > Using this as a reason to not move to HTTPS is a fallacy. We should do
> > everything we can to help our end-users get FreeBSD in the most
On 12/6/2017 08:17, Cy Schubert wrote:
>
>> It can be illusory. My last job was as Sec Mgr for a large bank. They
>> disabled cert checking on client devices, placed a wildcard cert at the
>> internet boundary and captured all https unencrypted. An alternative
>> approach to advocate is dnssec.
Sent: 06/12/2017 03:29
To: Dewayne Geraghty
Cc: freebsd-security@freebsd.org
Subject: Re: http subversion URLs should be discontinued in favor of https URLs
* On Wed, Dec 06, 2017 at 08:55:00AM +1100, Dewayne Geraghty
wrote:
> On 6/12/2017 8:13 AM, Yuri wrote:
> > On 12/05/17 13:0
On 06.12.2017 05:08, Gordon Tetlow wrote:
> Using this as a reason to not move to HTTPS is a fallacy. We should do
> everything we can to help our end-users get FreeBSD in the most secure
> way.
Please do not mix opportunity with enforcement.
___
free
On Tue, Dec 05, 2017 at 01:13:25PM -0800, Yuri wrote:
> On 12/05/17 13:04, Eugene Grosbein wrote:
> > It is illusion that https is more secure than unencrypted http in a sense
> > of MITM
> > just because of encryption, it is not.
>
>
> It *is* more secure.
https don't work frequent than http
It is illusion
As a security person you do have responsibilities
Lets calm down, guys. Anyone can claim "I'm skilled security officer".
But true professional will define the risk to mitigate *first*.
We can discuss possible solutions *then*.
Flamewars "https will save our souls" v.s. "https i
1 - 100 of 117 matches
Mail list logo
