Re: Security
By: Michiel van der Vlist to Alan Ianson on Sun May 03 2020 03:52 pm
> Hello Alan,
>
> On Sunday May 03 2020 02:43, you wrote to me:
>
> MV>> Even more: I say binkds is an overkill.
>
> AI> Binkp over TLS is secure and provides privacy in a new and robust way.
>
> Security against what threats and privacy against which snooping eyes?
If the threats/snooping-eyes announced their presence and intentions, they
wouldn't be very effective, now would they?
> The biggest potential invasion of privacy in Fidonet are sysops snooping om
> in transit mail. TLS does not protect against that.
The second sentence is true.
> The best strategy
> against snooping governments is to not be of interest.
False. You're *already* being snooped on by governments and you're not
interesting at all. You seem to be a very trusting person.
> I doubt TLS is safe against the resources of governments.
It seems to be effective enough for data in-flight that they (resources of
governments) usually go after the persistent data on either end of the
transport instead.
> AI> It's a natural movement forward.
>
> Binkd already has build in encryption.
... which is terrible.
> I do not think the added value of TL is worth the effort and overhead.
It was very little effort and unnoticeable overhead.
> Not for Fidonet...
For Fidonet proper, possibly true (though that depends on the content of your
netmail messages). For FTN, likely false.
> AI> It's not easy to do in all mailers, but if it was and it was supported
> AI> and available by your links and your own mailer would you use it?
>
> I don't know. If I'd have to go through the hassle of getting a certificate
> and pay for it and renew it every tweo years, probably not.
Free certs are available.
> And I do not trust LetsEncrypt.
Now you don't sound like a very trusting person. That was a quick turn around.
digital man
Synchronet "Real Fact" #56:
Synchronet Terminal Server introduced SecureShell (SSH) support w/v3.14a
(2006).
Norco, CA WX: 74.9øF, 50.0% humidity, 11 mph ESE wind, 0.00 inches rain/24hrs
--- SBBSecho 3.11-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
|